search

ferreiro / website

🌐 Jorge Ferreiro personal website and blog fully developed in Javascript and Node.Js. It uses Yarn Workspaces to setup the package architecture. Currently migrating the project to ⚛️ React
https://jorgeferreiro.com/
MIT License
60 stars 9 forks source link

Bump webpack from 4.30.0 to 5.10.3 #240

Closed dependabot-preview[bot] closed 3 years ago

dependabot-preview[bot] commented 3 years ago

Bumps webpack from 4.30.0 to 5.10.3.

Release notes

Sourced from webpack's releases.

v5.10.3

Bugfixes

  • errors in initial cache no longer cause build dependencies to be ignored
  • manual side effects flagging should override automatic analysis
  • modules in dlls without entryOnly will no longer be dropped because of no side effects

v5.10.2

Bugfixes

  • add a few missing node.js libraries as externals in target: "node"
  • improve cache (de)serialization to allow larger cache files (>2GB) and increase performance for them

v5.10.1

Bugfixes

  • avoid duplicating chunk info in chunk loading global
  • allow executing chunks before runtime is loaded
  • avoid error when emitting assets with different query string but identical filename and content
  • fix duplicated asset name in processAssets with additionalAssets
  • add missing \ in module info header comment

v5.10.0

Bugfixes

  • Multiple fixes regarding the side effects optimization ("sideEffects": false) when reexports and concatenated modules are combined

Contributing

  • Typescript major 4
    • Improved internal structure of our typings

Performance

  • output.pathinfo: true (default in development) adds less verbose information (and is faster)
  • output.pathinfo: "verbose" adds more verbose information
  • output.pathinfo: true is cached
  • avoid assets and module stats information generation when they are cached and cached assets/modules are not shown

v5.9.0

Features

  • improve side effects analysis to report imported and reexported symbols as side-effect-free

Bugfixes

  • fix problem when HMR and different runtimes (e. g. with Workers)
    • caused crash with ... has no hash info for runtime ...

v5.8.0

Commits
  • 10ad4e9 5.10.3
  • 0f732f3 Merge pull request #12182 from webpack/dependabot/npm_and_yarn/less-3.13.0
  • 04d00fe Merge pull request #12208 from webpack/dependabot/npm_and_yarn/types/node-14....
  • 1286726 Merge pull request #12200 from webpack/dependabot/npm_and_yarn/fork-ts-checke...
  • b6f5803 Merge pull request #12207 from webpack/bugfix/cache-without-build-deps
  • c6582ce Merge pull request #12205 from webpack/bugfix/side-effects
  • f5b8fca chore(deps-dev): bump @types/node from 14.14.13 to 14.14.14
  • c75a9ef errors in initial cache no longer cause build dependencies to be ignored
  • 06fcc0a flag modules in dlls without entryOnly with side-effects to keep them
  • 1e2634f manual side effects flagging should override automatic analysis
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Automerge options (never/patch/minor, and dev/runtime dependencies) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired)
dependabot-preview[bot] commented 3 years ago

Superseded by #242.