Fix: Properties with the name __proto__ are added to objects and arrays.
(#199) This also fixes a prototype pollution vulnerability reported by
Jonathan Gregson! (#295).
v2.2.1
Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)
v2.2.0
New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)
New: package.json and package.json5 include a module property so
bundlers like webpack, rollup and parcel can take advantage of the ES Module
build. (#208)
Fix: stringify outputs \0 as \\x00 when followed by a digit. (#210)
Fix: Properties with the name __proto__ are added to objects and arrays.
(#199) This also fixes a prototype pollution vulnerability reported by
Jonathan Gregson! (#295).
New: package.json and package.json5 include a module property so
bundlers like webpack, rollup and parcel can take advantage of the ES Module
build. (#208)
Fix: stringify outputs \0 as \\x00 when followed by a digit. (#210)
minimum supported webpack version is 5 (#58) (9176392)
inline syntax was changed: [] is no longer supported (i.e. exports-loader?exports[]=myVariable&exports[]=myFunction!./file.js), please use , (i.e. exports-loader?exports=myVariable,myFunction!./file.js)
removed filename template support for export names and aliases (i.e. [name]) due unstable behaviour in some cases and very rarely used
minimum supported webpack version is 5 (#58) (9176392)
inline syntax was changed: [] is no longer supported (i.e. exports-loader?exports[]=myVariable&exports[]=myFunction!./file.js), please use , (i.e. exports-loader?exports=myVariable,myFunction!./file.js)
removed filename template support for export names and aliases (i.e. [name]) due unstable behaviour in some cases and very rarely used
Bumps json5 to 2.2.2 and updates ancestor dependencies json5, babel-loader, css-loader, exports-loader, html-loader, html-webpack-plugin, mini-css-extract-plugin, postcss-loader, sass-loader, style-loader, url-loader, webpack, webpack-cli and webpack-serve. These dependencies need to be updated together.
Updates
json5
from 2.1.0 to 2.2.2Release notes
Sourced from json5's releases.
Changelog
Sourced from json5's changelog.
Commits
14f8cb1
2.2.210cc7ca
docs: update CHANGELOG for v2.2.27774c10
fix: add proto to objects and arraysedde30a
Readme: slight tweak to intro97286f8
Improve example in readmed720b4f
Improve readme (e.g. explain JSON5 better!) (#291)910ce25
docs: fix spelling of Aseem2aab4dd
test: require tap as t in cli tests6d42686
test: remove mocha syntax from tests4798b9d
docs: update installation and usage for modulesUpdates
babel-loader
from 8.0.6 to 8.3.0Release notes
Sourced from babel-loader's releases.
Commits
9bf5652
8.3.080ab7d0
Update@babel/
dependencies493ac6c
Pass external dependencies from Babel to Webpack (#971)df28fe3
Fix broken main test (#950)0b338e4
update hash method so it doesn't fail on a fips enabled machine (#939)1f98d3c
8.2.5c622868
fix: respectinputSourceMap
loader option (#896)f7982c1
8.2.44bb9e21
Use md5 hashing for OpenSSL 3 (#924)247c94b
Bump loader-utils to 2.x (#931)Maintainer changes
This version was pushed to npm by nicolo-ribaudo, a new releaser for babel-loader since your current version.
Updates
css-loader
from 3.0.0 to 6.7.3Release notes
Sourced from css-loader's releases.
... (truncated)
Changelog
Sourced from css-loader's changelog.
... (truncated)
Commits
ef749f2
chore(release): 6.7.336fb945
chore: fix cspell962924c
fix: removesourceURL
from emitted CSS (#1487)3f3f302
chore(deps): bump decode-uri-component from 0.2.0 to 0.2.2 (#1486)04ca713
chore: update dependencies to the latest version (#1485)9449827
chore: update styfle/cancel-workflow-action (#1484)6c67af8
chore: add cSpell to check spelling issues (#1482)239b9ac
chore(deps): bump loader-utils from 2.0.3 to 2.0.4 (#1481)394d200
chore(release): 6.7.22f4c273
fix: css modules generation with inline syntax (#1480)Updates
exports-loader
from 0.7.0 to 4.0.0Release notes
Sourced from exports-loader's releases.
... (truncated)
Changelog
Sourced from exports-loader's changelog.
... (truncated)
Commits
3c874f8
chore(release): 4.0.0b29c4e7
chore(deps): update (#92)cbe0f2f
refactor!: minimum supportedNode.js
version is14.15.0
(#90)11d071f
chore: update gitub actions (#91)04593af
chore: upgrade dependencies to the latest version (#87)48d6b59
ci: add node v18 to test workflow (#86)862f3d4
ci: don't install webpack again (#85)96056bd
chore(deps): bump minimist from 1.2.5 to 1.2.6 (#84)f20eb4d
chore: upgrade dependencies to the latest version (#83)8cfd7e7
chore: replace deprecated String.prototype.substr() (#82)Maintainer changes
This version was pushed to npm by evilebottnawi, a new releaser for exports-loader since your current version.
Updates
html-loader
from 0.5.5 to 4.2.0Release notes
Sourced from html-loader's releases.
... (truncated)
Changelog
Sourced from html-loader's changelog.
... (truncated)
Commits
17fbef3
chore(release): 4.2.027a6caf
feat: update html minifier (#462)01905ba
chore: update commitlint action (#461)37d2073
chore: run cancel workflow on pull request (#458)7dd065c
chore: update jest to the latest version (#457)3ddf326
ci: update github workflow security permissions (#456)2457eda
chore: upgrade dependencies to the latest version (#455)3ea5738
ci: add job to cancel previous runs (#454)33cc6d0
chore: update dependencies to the latest version (#453)e81a944
ci: add GitHub token permissions for workflow (#450)Maintainer changes
This version was pushed to npm by evilebottnawi, a new releaser for html-loader since your current version.
Updates
html-webpack-plugin
from 3.2.0 to 5.5.0Changelog
Sourced from html-webpack-plugin's changelog.
... (truncated)
Commits
873d75b
chore(release): 5.5.0ddeb774
chore: update examples1e42625
feat: Support type=module via scriptLoading option7d3645b
Bump pretty-error to 4.0.0 to fix transitive vuln for ansi-regex CVE-2021-380779be779
[chore] changes actions to run on pull_requestsb7e5859
[chore] fixes CI to avoid race conditions48131d3
chore(release): 5.4.016a841a
[chore] rebuild examples3bb7c17
Update index.jse38ac97
Update index.jsMaintainer changes
This version was pushed to npm by jantimon, a new releaser for html-webpack-plugin since your current version.
Updates
mini-css-extract-plugin
from 0.7.0 to 2.7.2Release notes
Sourced from mini-css-extract-plugin's releases.
... (truncated)
Changelog
Sourced from mini-css-extract-plugin's changelog.
... (truncated)
Commits
b616093
chore(release): 2.7.24d98d4b
fix: don't crash in web workers (#1004)5ef989b
chore(deps): bump minimist from 1.2.5 to 1.2.6 (#928)cd7d933
chore(deps): bump loader-utils from 2.0.3 to 2.0.4 (#993)9178a0c
chore: update dependencies to the latest version (#1003)7053ce2
chore(release): 2.7.182ed663
refactor: fix compatibility with old browsers (#1000)7585663
chore(deps): update (#999)6ea0922
fix: preserve order of link tags on HMR (#982)2633446
chore: update styfle/cancel-workflow-action (#996)Updates
postcss-loader
from 3.0.0 to 7.0.2Release notes
Sourced from postcss-loader's releases.
... (truncated)
Changelog
Sourced from postcss-loader's changelog.
... (truncated)
Commits
2129116
chore(release): 7.0.2955085f
fix: support ESM version ofpostcss.config.js
andpostcss.config.mjs
(#614)b0f4749
chore: update styfle/cancel-workflow-action (#612)ab3ff44
chore: add cSpell to check spelling issues (#610)3177135
chore: update dependencies to the latest version (#609)08b19c7
docs: update cla link (#608)49a0943
ci: add node v19 (#607)d274f90
ci: add dependency review action (#606)64af37b
chore: update dependencies to the latest version (#605)548e8aa
chore: update commitlint action (