chore(deps): bump json5, react-pdf, @storybook/react, babel-loader, css-loader, style-loader, webpack and webpack-cli

[dependabot[bot]]

Bumps json5 to 2.2.3 and updates ancestor dependencies json5, json5, json5, react-pdf, @storybook/react, babel-loader, css-loader, style-loader, webpack and webpack-cli. These dependencies need to be updated together.

Updates json5 from 2.1.1 to 2.2.3

Release notes

Sourced from json5's releases.

v2.2.3

• Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2

• Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1

• Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

v2.2.0

• New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

v2.1.3 [code, diff]

• Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

v2.1.2

• Fix: Bump minimist to v1.2.5. (#222)

Changelog

Sourced from json5's changelog.

v2.2.3 [code, diff]

• Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2 [code, diff]

• Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

• Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

v2.2.0 [code, diff]

• New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

v2.1.3 [code, diff]

• Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

v2.1.2 [code, diff]

• Fix: Bump minimist to v1.2.5. (#222)

Commits

• c3a7524 2.2.3
• 94fd06d docs: update CHANGELOG for v2.2.3
• 3b8cebf docs(security): use GitHub security advisories
• f0fd9e1 docs: publish a security policy
• 6a91a05 docs(template): bug -> bug report
• 14f8cb1 2.2.2
• 10cc7ca docs: update CHANGELOG for v2.2.2
• 7774c10 fix: add proto to objects and arrays
• edde30a Readme: slight tweak to intro
• 97286f8 Improve example in readme
• Additional commits viewable in compare view

Updates json5 from 2.2.0 to 2.2.3

Release notes

Sourced from json5's releases.

v2.2.3

• Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2

• Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1

• Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

v2.2.0

• New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

v2.1.3 [code, diff]

• Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

v2.1.2

• Fix: Bump minimist to v1.2.5. (#222)

Changelog

Sourced from json5's changelog.

v2.2.3 [code, diff]

• Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2 [code, diff]

• Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

• Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

v2.2.0 [code, diff]

• New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

v2.1.3 [code, diff]

• Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

v2.1.2 [code, diff]

• Fix: Bump minimist to v1.2.5. (#222)

Commits

• c3a7524 2.2.3
• 94fd06d docs: update CHANGELOG for v2.2.3
• 3b8cebf docs(security): use GitHub security advisories
• f0fd9e1 docs: publish a security policy
• 6a91a05 docs(template): bug -> bug report
• 14f8cb1 2.2.2
• 10cc7ca docs: update CHANGELOG for v2.2.2
• 7774c10 fix: add proto to objects and arrays
• edde30a Readme: slight tweak to intro
• 97286f8 Improve example in readme
• Additional commits viewable in compare view

Updates json5 from 2.1.3 to 2.2.3

Release notes

Sourced from json5's releases.

v2.2.3

• Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2

• Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1

• Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

v2.2.0

• New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

v2.1.3 [code, diff]

• Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

v2.1.2

• Fix: Bump minimist to v1.2.5. (#222)

Changelog

Sourced from json5's changelog.

v2.2.3 [code, diff]

• Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2 [code, diff]

• Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

• Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

v2.2.0 [code, diff]

• New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

v2.1.3 [code, diff]

• Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

v2.1.2 [code, diff]

• Fix: Bump minimist to v1.2.5. (#222)

Commits

• c3a7524 2.2.3
• 94fd06d docs: update CHANGELOG for v2.2.3
• 3b8cebf docs(security): use GitHub security advisories
• f0fd9e1 docs: publish a security policy
• 6a91a05 docs(template): bug -> bug report
• 14f8cb1 2.2.2
• 10cc7ca docs: update CHANGELOG for v2.2.2
• 7774c10 fix: add proto to objects and arrays
• edde30a Readme: slight tweak to intro
• 97286f8 Improve example in readme
• Additional commits viewable in compare view

Updates react-pdf from 5.0.0-beta.5 to 5.7.2

Release notes

Sourced from react-pdf's releases.

v5.7.2

What's new?

• Added instructions on support for standard fonts.
• Make findDocumentSource cancellable, cancel running tasks in loadDocument before finding source (#947).

Bug fixes

• Fixed Page not rendering in canvas rendering mode (default) when using React 18 w. StrictMode on (#972).

v5.7.1

What's changed?

• Replaced deprecated renderInteractiveForms option with annotationMode in page.render call (#946).

Bug fixes

• Use workerPort instead of workerSrc in Parcel 2 specific entry (#941). Thanks, @​jamesjessian!
• Fixed regression that caused interactive forms to be always rendered.

v5.7.0

Biggest one in months!

What's new?

• Added support for React 18.
• Added official support for Parcel 2.
• Added new Webpack 5-specific entry file. It uses Webpack's new URL assets instead of worker-loader, which turned out to be quite problematic in the past. Don't worry, if you want to stick to the old Webpack-specific one, it should still work just fine!
• Updated PDF.js to 2.12.313 (#936).
  • Improved XFA support
  • Improved pattern/tiling support
  • Rich text annotation support
• Added support for externalLinkRel prop.
• Added dest and pageIndex to onItemClick callbacks (#812, #924). Thanks, @​malwilley!

What's changed?

• Updated cMaps instructions to work with Yarn PnP.
• Updated PDF.js worker instructions for clarity.
  • Specify how to make it work with Create React App 5.
• Added instructions on how to manually copy cMaps directory.
• Added instructions on how to manually copy pdf.worker.js.
• Added Create React App 5 sample suite.
• Added Parcel 2 sample suite.

v5.6.0

What's new?

• Updated PDF.js to 2.10.377 (#900).
  • Improved XFA support (#856).

v5.5.0

What's new?

• Added canvasBackground prop (#851). Thanks, @​paescuj!

v5.4.1

Bug fixes

... (truncated)

Commits

• cf0ee8c v5.7.2
• 127aee3 Refactor handling refs to use createRef, fix PageCanvas not rendering in Reac...
• 06b64ff Update node-gyp to 9.0.0
• 15c929e Update babel-loader to 8.2.4
• 13675ee Fix security vulnerability in postcss dependency
• 8c72a1b Fix security vulnerability in node-forge dependency
• d80c442 Fix security vulnerability in minimist dependency
• 9415327 Update year in LICENSE
• c6d41d2 Update "Thank you" note
• f77fe4e Add documentation on standard fonts, update all samples to use standard fonts
• Additional commits viewable in compare view

Updates @storybook/react from 5.3.12 to 6.5.15

Release notes

Sourced from @​storybook/react's releases.

v6.5.15

Bug Fixes

• Support Angular 15.0.4 #20287
• CLI: execute automigrations when pressing enter in the prompts #20208

Maintenance

• Ember: Remove global Ember usage #17843

v6.5.15-alpha.1

Bug Fixes

• Support Angular 15.0.4 #20287
• CLI: execute automigrations when pressing enter in the prompts #20208

v6.5.15-alpha.0

Maintenance

• Ember: Remove global Ember usage #17843

v6.5.14

Bug Fixes

• Angular: Fix "webpack_require.nmd is not a function issue" in Angular 15 #20043
• CLI/React native: Fix addons template to import register instead of manager #19620

Maintenance

• Core: Patch preview-web and refs to support React Native #19975

Dependency Upgrades

• Upgrade loader-utils to 2.0.4 in storysource and source-loader #19891

v6.5.14-alpha.2

Bug Fixes

• Angular: Fix "webpack_require.nmd is not a function issue" in Angular 15 #20043

v6.5.14-alpha.1

Maintenance

• Core: Patch preview-web and refs to support React Native #19975

v6.5.14-alpha.0

Bug Fixes

• CLI/React native: Fix addons template to import register instead of manager #19620

... (truncated)

Changelog

Sourced from @​storybook/react's changelog.

6.5.15 (December 20, 2022)

Bug Fixes

• Support Angular 15.0.4 #20287
• CLI: execute automigrations when pressing enter in the prompts #20208

Maintenance

• Ember: Remove global Ember usage #17843

6.5.15-alpha.1 (December 20, 2022)

Bug Fixes

• Support Angular 15.0.4 #20287
• CLI: execute automigrations when pressing enter in the prompts #20208

6.5.15-alpha.0 (December 12, 2022)

Maintenance

• Ember: Remove global Ember usage #17843

6.5.14 (December 2, 2022)

Bug Fixes

• Angular: Fix "webpack_require.nmd is not a function issue" in Angular 15 #20043
• CLI/React native: Fix addons template to import register instead of manager #19620

Maintenance

• Core: Patch preview-web and refs to support React Native #19975

Dependency Upgrades

• Upgrade loader-utils to 2.0.4 in storysource and source-loader #19891

6.5.14-alpha.2 (December 2, 2022)

Bug Fixes

• Angular: Fix "webpack_require.nmd is not a function issue" in Angular 15 #20043

6.5.14-alpha.1 (November 27, 2022)

Maintenance

• Core: Patch preview-web and refs to support React Native #19975

... (truncated)

Commits

• feab19d v6.5.15
• 075a8dd Update git head to 6.5.15-alpha.1, update yarn.lock [ci skip]
• cfd775b v6.5.15-alpha.1
• 9c19ef0 Update git head to 6.5.15-alpha.0, update yarn.lock [ci skip]
• 095d6ad v6.5.15-alpha.0
• ae06ca9 Update git head to 6.5.14, update yarn.lock [ci skip]
• cf65eb7 v6.5.14
• 6e1e6dd Update git head to 6.5.14-alpha.2, update yarn.lock [ci skip]
• 71f07c4 v6.5.14-alpha.2
• 885e7ac Update git head to 6.5.14-alpha.1, update yarn.lock [ci skip]
• Additional commits viewable in compare view

Updates babel-loader from 8.0.6 to 8.3.0

Release notes

Sourced from babel-loader's releases.

v8.3.0

New features

• Pass external dependencies from Babel to Webpack by @​nicolo-ribaudo in babel/babel-loader#971

Full Changelog: https://github.com/babel/babel-loader/compare/v8.2.5...v8.3.0

v8.2.5

What's Changed

• fix: respect inputSourceMap loader option by @​alan-agius4 in babel/babel-loader#896

New Contributors

• @​alan-agius4 made their first contribution in babel/babel-loader#896

Full Changelog: https://github.com/babel/babel-loader/compare/v8.2.4...v8.2.5

v8.2.4

What's Changed

• doc(README.md): fix a broken markdown link by @​loveDstyle in babel/babel-loader#919
• Bump loader-utils to 2.x by @​stianjensen in babel/babel-loader#931
• Use md5 hashing for OpenSSL 3 by @​pathmapper in babel/babel-loader#924

Thanks @​loveDstyle, @​stianjensen and @​pathmapper for your first PRs!

8.2.3

This release fixes compatibility with Node.js 17

• Use md5 hash for caching on node v17 (babel/babel-loader#918)

Thanks @​Reptarsrage!

8.2.1

• Move @ava/babel to devDependencies #881 (@​jvasseur)

8.2.0

• Replace mkdirp with make-dir 47958ca3857e489e450b27c6f3266375015cba82 (@​JLHwung)
• Use async config loading when available d8cff97ff387ded0fc9b5cbc489228c96c5ab14a (@​the-spyke)

8.1.0

• docs(readme): fix typo #818 (@​frederickfogerty)
• docs(contributing): fix typo #821 (@​PatNeedham)
• Add schema validation #822 (@​ogonkov)
• Add supportsTopLevelAwait to caller #814 (@​nicolo-ribaudo)
• feat: expose webpack target via babel caller #826 (@​DylanPiercey)
• Bump deps for audit #834 (@​existentialism)

Commits

• 9bf5652 8.3.0
• 80ab7d0 Update @babel/ dependencies
• 493ac6c Pass external dependencies from Babel to Webpack (#971)
• df28fe3 Fix broken main test (#950)
• 0b338e4 update hash method so it doesn't fail on a fips enabled machine (#939)
• 1f98d3c 8.2.5
• c622868 fix: respect inputSourceMap loader option (#896)
• f7982c1 8.2.4
• 4bb9e21 Use md5 hashing for OpenSSL 3 (#924)
• 247c94b Bump loader-utils to 2.x (#931)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by nicolo-ribaudo, a new releaser for babel-loader since your current version.

Updates css-loader from 3.4.2 to 6.7.3

Release notes

Sourced from css-loader's releases.

v6.7.3

6.7.3 (2022-12-14)

Bug Fixes

• remove sourceURL from emitted CSS (#1487) (962924c)

v6.7.2

6.7.2 (2022-11-13)

Bug Fixes

• css modules generation with inline syntax (#1480) (2f4c273)

v6.7.1

6.7.1 (2022-03-08)

Bug Fixes

• defaultGetLocalIdent export (#1427) (74dac1e)

v6.7.0

6.7.0 (2022-03-04)

Features

• re-export defaultGetLocalIdent (#1423) (207cf36)

v6.6.0

6.6.0 (2022-02-02)

Features

• added the hashStrategy option (ca4abce)

v6.5.1

6.5.1 (2021-11-03)

Bug Fixes

• regression with unicode characters in locals (b7a8441)
• runtime path generation (#1393) (feafea8)

v6.5.0

... (truncated)

Changelog

Sourced from css-loader's changelog.

6.7.3 (2022-12-14)

Bug Fixes

• remove sourceURL from emitted CSS (#1487) (962924c)

6.7.2 (2022-11-13)

Bug Fixes

• css modules generation with inline syntax (#1480) (2f4c273)

6.7.1 (2022-03-08)

Bug Fixes

• defaultGetLocalIdent export (#1427) (74dac1e)

6.7.0 (2022-03-04)

Features

• re-export defaultGetLocalIdent (#1423) (207cf36)

6.6.0 (2022-02-02)

Features

• added the hashStrategy option (ca4abce)

6.5.1 (2021-11-03)

Bug Fixes

• regression with unicode characters in locals (b7a8441)
• runtime path generation (#1393) (feafea8)

6.5.0 (2021-10-26)

Features

• support absolute URL in url() when experiments.buildHttp enabled (#1389) (8946be4)

... (truncated)

Commits

• ef749f2 chore(release): 6.7.3
• 36fb945 chore: fix cspell
• 962924c fix: remove sourceURL from emitted CSS (#1487)
• 3f3f302 chore(deps): bump decode-uri-component from 0.2.0 to 0.2.2 (#1486)
• 04ca713 chore: update dependencies to the latest version (#1485)
• 9449827 chore: update styfle/cancel-workflow-action (#1484)
• 6c67af8 chore: add cSpell to check spelling issues (#1482)
• 239b9ac chore(deps): bump loader-utils from 2.0.3 to 2.0.4 (#1481)
• 394d200 chore(release): 6.7.2
• 2f4c273 fix: css modules generation with inline syntax (#1480)
• Additional commits viewable in compare view

Updates style-loader from 1.1.3 to 1.3.0

Release notes

Sourced from style-loader's releases.

v1.3.0

1.3.0 (2020-10-03)

Features

• added modules.namedExport (#485) (15889db)

Bug Fixes

• check if btoa exists for old IE versions (#479) (732ef8b)
• esModule option issue (#476) (c623f27)

v1.2.1

1.2.1 (2020-04-28)

Bug Fixes

• hot module replacement logic for lazy type (#468) (88a5c2b)

v1.2.0

1.2.0 (2020-04-24)

Features

• hot module replacement for css modules (6d14e0a)

v1.1.4

1.1.4 (2020-04-15)

Chore

• update deps

Changelog

Sourced from style-loader's changelog.

1.3.0 (2020-10-03)

Features

• added modules.namedExport (#485) (15889db)

Bug Fixes

• check if btoa exists for old IE versions (#479) (732ef8b)
• esModule option issue (#476) (c623f27)

1.2.1 (2020-04-28)

Bug Fixes

• hot module replacement logic for lazy type (#468) (88a5c2b)

1.2.0 (2020-04-24)

Features

• hot module replacement for css modules (6d14e0a)

1.1.4 (2020-04-15)

Chore

• update deps

Commits

• e288500 chore(release): 1.3.0
• bed760f revert: node bump (#486)
• 15889db feat: added modules.namedExport (#485)
• 6e54e4f chore(deps): update
• 732ef8b fix: check if 'btoa' exists for old IE versions (#479)
• c623f27 fix: esModule option issue (#476)
• ae7d211 docs: fix typo for esModule (#473)
• b76cb97 chore: update Node.js required version (#474)
• 5520e68 chore(release): 1.2.1
• 88a5c2b fix: hot module replacement logic for lazy type (#468)
• Additional commits viewable in compare view

Updates webpack from 4.46.0 to 5.75.0

Release notes

Sourced from webpack's releases.

v5.75.0

Bugfixes

• experiments.* normalize to false when opt-out
• avoid NaN%
• show the correct error when using a conflicting chunk name in code
• HMR code tests existance of window before trying to access it
• fix eval-nosources-* actually exclude sources
• fix race condition where no module is returned from processing module
• fix position of standalong semicolon in runtime code

Features

• add support for @import to extenal CSS when using experimental CSS in node
• add i64 support to the deprecated WASM implementation

Developer Experience

• expose EnableWasmLoadingPlugin
• add more typings
• generate getters instead of readonly properties in typings to allow overriding them

v5.74.0

Features

• add resolve.extensionAlias option which allows to alias extensions
  • This is useful when you are forced to add the .js extension to imports when the file really has a .ts extension (typescript + "type": "module")
• add support for ES2022 features like static blocks
• add Tree Shaking support for ProvidePlugin

Bugfixes

• fix persistent cache when some build dependencies are on a different windows drive
• make order of evaluation of side-effect-free modules deterministic between concatenated and non-concatenated modules
• remove left-over from debugging in TLA/async modules runtime code
• remove unneeded extra 1s timestamp offset during watching when files are actually untouched
  • This sometimes caused an additional second build which are not really needed
• fix shareScope option for ModuleFederationPlugin
• set "use-credentials" also for same origin scripts

Performance

• Improve memory usage and performance of aggregating needed files/directories for watching
  • This affects rebuild performance

Extensibility

• export HarmonyImportDependency for plugins

v5.73.0

... (truncated)

Commits

• 8241da7 5.75.0
• a91d923 Merge pull request #16458 from webpack/bugfix/semi
• 4608b11 Merge pull request #16457 from webpack/tooling/update
• dfdd0b0 Merge pull request #16122 from AnmolBansalDEV/bug/compilationCallback
• 23b9a1c Merge pull request #16167 from exposir/fixts
• 6f2c5e8 Merge pull request #16257 from alexzhang1030/calc_deterministic_verbose
• f7f36ad Merge pull request #16339 from Liamolucko/wasm-i64
• 761a542 fix semicolon position
• 2403a36 Merge pull request #16345 from ahabhgk/fix-eval-nosources
• c18203c update tooling
• Additional commits viewable in compare view

Updates webpack-cli from 3.3.10 to 5.0.1

Release notes

Sourced from webpack-cli's releases.

v5.0.1

5.0.1 (2022-12-05)

Bug Fixes

• make define-process-env-node-env alias node-env (#3514) (346a518)

v5.0.0

5.0.0 (2022-11-17)

Bug Fixes

• improve description of the --disable-interpret option (#3364) (bdb7e20)
• remove the redundant utils export (#3343) (a9ce5d0)
• respect NODE_PATH env variable (#3411) (83d1f58)
• show all CLI specific flags in the minimum help output (#3354) (35843e8)

Features

• failOnWarnings option (#3317) (c48c848)
• update commander to v9 (#3460) (6621c02)
• added the --define-process-env-node-env option
• update interpret to v3 and rechoir to v0.8
• add an option for preventing interpret (#3329) (c737383)

BREAKING CHANGES

• the minimum supported webpack version is v5.0.0 (#3342) (b1af0dc), closes #3342
• webpack-cli no longer supports webpack v4, the minimum supported version is webpack v5.0.0
• webpack-cli no longer supports webpack-dev-server v3, the minimum supported version is webpack-dev-server v4.0.0
• remove the migrate command (#3291) (56b43e4), closes #3291
• remove the --prefetch option in favor the PrefetchPlugin plugin
• remove the --node-env option in favor --define-process-env-node-env
• remove the --hot option in favor of directly using the HotModuleReplacement plugin (only for build command, for serve it will work)
• the behavior logic of the --entry option has been changed - previously it replaced your entries, now the option adds a specified entry, if you want to return the previous behavior please use webpack --entry-reset --entry './src/my-entry.js'

v4.10.0

4.10.0 (2022-06-13)

Bug Fixes

• changeTime is already in milliseconds (#3198) (d390d32)
• improve parsing of --env flag (#3286) (402c0fe)

Features

• added types (
  dependabot[bot] commented 1 year ago

  OK, I won't notify you again about this release, but will get in touch when a new version is available.

  If you change your mind, just re-open this PR and I'll resolve any conflicts on it.