Bump glob-parent, webpack and webpack-dev-server

[dependabot[bot]]

Bumps glob-parent to 5.1.2 and updates ancestor dependencies glob-parent, webpack and webpack-dev-server. These dependencies need to be updated together.

Updates glob-parent from 3.1.0 to 5.1.2

Release notes

Sourced from glob-parent's releases.

v5.1.2

Bug Fixes

• eliminate ReDoS (#36) (f923116)

v5.1.1

Bug Fixes

• unescape exclamation mark (#26) (a98874f)

v5.1.0

Features

• add flipBackslashes option to disable auto conversion of slashes (closes #24) (#25) (eecf91d)

v5.0.0

⚠ BREAKING CHANGES

• Drop support for node <6 & bump dependencies

Miscellaneous Chores

• Drop support for node <6 & bump dependencies (896c0c0)

v4.0.0

⚠ BREAKING CHANGES

• question marks are valid path characters on Windows so avoid flagging as a glob when alone
• Update is-glob dependency

Features

• hoist regexps and strings for performance gains (4a80667)
• question marks are valid path characters on Windows so avoid flagging as a glob when alone (2a551dd)
• Update is-glob dependency (e41fcd8)

Changelog

Sourced from glob-parent's changelog.

5.1.2 (2021-03-06)

Bug Fixes

• eliminate ReDoS (#36) (f923116)

6.0.2 (2021-09-29)

Bug Fixes

• Improve performance (#53) (843f8de)

6.0.1 (2021-07-20)

Bug Fixes

• Resolve ReDoS vulnerability from CVE-2021-35065 (#49) (3e9f04a)

6.0.0 (2021-05-03)

⚠ BREAKING CHANGES

• Correct mishandled escaped path separators (#34)
• upgrade scaffold, dropping node <10 support

Bug Fixes

• Correct mishandled escaped path separators (#34) (32f6d52), closes #32

Miscellaneous Chores

• upgrade scaffold, dropping node <10 support (e83d0c5)

5.1.1 (2021-01-27)

Bug Fixes

• unescape exclamation mark (#26) (a98874f)

5.1.0 (2021-01-27)

Features

• add flipBackslashes option to disable auto conversion of slashes (closes #24) (#25) (eecf91d)

5.0.0 (2021-01-27)

⚠ BREAKING CHANGES

• Drop support for node <6 & bump dependencies

... (truncated)

Commits

• eb2c439 chore: update changelog
• 12bcb6c chore: release 5.1.2
• f923116 fix: eliminate ReDoS (#36)
• 0b014a7 chore: add JSDoc returns information (#33)
• 2b24ebd chore: generate initial changelog
• 9b6e874 chore: release 5.1.1
• 749c35e ci: try wrapping the JOB_ID in a string
• 5d39def ci: attempt to switch to published coveralls
• 0b5b37f ci: put the npm step back in for only Windows
• 473f5d8 ci: update azure build images
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by phated, a new releaser for glob-parent since your current version.

Updates webpack from 4.46.0 to 5.75.0

Release notes

Sourced from webpack's releases.

v5.75.0

Bugfixes

• experiments.* normalize to false when opt-out
• avoid NaN%
• show the correct error when using a conflicting chunk name in code
• HMR code tests existance of window before trying to access it
• fix eval-nosources-* actually exclude sources
• fix race condition where no module is returned from processing module
• fix position of standalong semicolon in runtime code

Features

• add support for @import to extenal CSS when using experimental CSS in node
• add i64 support to the deprecated WASM implementation

Developer Experience

• expose EnableWasmLoadingPlugin
• add more typings
• generate getters instead of readonly properties in typings to allow overriding them

v5.74.0

Features

• add resolve.extensionAlias option which allows to alias extensions
  • This is useful when you are forced to add the .js extension to imports when the file really has a .ts extension (typescript + "type": "module")
• add support for ES2022 features like static blocks
• add Tree Shaking support for ProvidePlugin

Bugfixes

• fix persistent cache when some build dependencies are on a different windows drive
• make order of evaluation of side-effect-free modules deterministic between concatenated and non-concatenated modules
• remove left-over from debugging in TLA/async modules runtime code
• remove unneeded extra 1s timestamp offset during watching when files are actually untouched
  • This sometimes caused an additional second build which are not really needed
• fix shareScope option for ModuleFederationPlugin
• set "use-credentials" also for same origin scripts

Performance

• Improve memory usage and performance of aggregating needed files/directories for watching
  • This affects rebuild performance

Extensibility

• export HarmonyImportDependency for plugins

v5.73.0

... (truncated)

Commits

• 8241da7 5.75.0
• a91d923 Merge pull request #16458 from webpack/bugfix/semi
• 4608b11 Merge pull request #16457 from webpack/tooling/update
• dfdd0b0 Merge pull request #16122 from AnmolBansalDEV/bug/compilationCallback
• 23b9a1c Merge pull request #16167 from exposir/fixts
• 6f2c5e8 Merge pull request #16257 from alexzhang1030/calc_deterministic_verbose
• f7f36ad Merge pull request #16339 from Liamolucko/wasm-i64
• 761a542 fix semicolon position
• 2403a36 Merge pull request #16345 from ahabhgk/fix-eval-nosources
• c18203c update tooling
• Additional commits viewable in compare view

Updates webpack-dev-server from 3.11.3 to 4.11.1

Release notes

Sourced from webpack-dev-server's releases.

v4.11.1

4.11.1 (2022-09-19)

Bug Fixes

• respect client.logging option for all logs (#4572) (375835c)

v4.11.0

4.11.0 (2022-09-07)

Features

• make allowedHosts accept localhost subdomains by default (#4357) (0a33e6a)

Bug Fixes

• auto reply to OPTIONS requests only when unhandled (#4559) (984af02), closes #4551

v4.10.1

4.10.1 (2022-08-29)

Bug Fixes

• compatibility with old browsers (#4544) (6a430d4)

v4.10.0

4.10.0 (2022-08-10)

Features

• allow to configure more client options via resource URL (#4274) (216e3cb)

Bug Fixes

• response correctly when receive an OPTIONS request (#4185) (2b3b7e0)

v4.9.3

4.9.3 (2022-06-29)

Bug Fixes

• avoid creation unnecessary stream for static sockjs file (#4482) (049b153)
• history-api-fallback now supports HEAD requests and handles them the same as GET (8936082)

... (truncated)

Changelog

Sourced from webpack-dev-server's changelog.

4.11.1 (2022-09-19)

Bug Fixes

• respect client.logging option for all logs (#4572) (375835c)

4.11.0 (2022-09-07)

Features

• make allowedHosts accept localhost subdomains by default (#4357) (0a33e6a)

Bug Fixes

• auto reply to OPTIONS requests only when unhandled (#4559) (984af02), closes #4551

4.10.1 (2022-08-29)

Bug Fixes

• compatibility with old browsers (#4544) (6a430d4)

4.10.0 (2022-08-10)

Features

• allow to configure more client options via resource URL (#4274) (216e3cb)

Bug Fixes

• response correctly when receive an OPTIONS request (#4185) (2b3b7e0)

4.9.3 (2022-06-29)

Bug Fixes

• avoid creation unnecessary stream for static sockjs file (#4482) (049b153)
• history-api-fallback now supports HEAD requests and handles them the same as GET (8936082)

4.9.2 (2022-06-06)

Bug Fixes

... (truncated)

Commits

• 418e932 chore(release): 4.11.1
• 375835c fix: respect client.logging option for all logs (#4572)
• ef2f9e9 chore: fix examples for open target not working (#4575)
• 7da7336 ci: workflow security
• 5d4b347 chore(deps-dev): bump core-js from 3.25.1 to 3.25.2 (#4574)
• 87072c7 chore(deps-dev): bump @​types/node-forge from 1.0.4 to 1.0.5 (#4571)
• 28f6381 chore(deps-dev): bump @​babel/plugin-transform-runtime (#4567)
• 595003b chore(deps-dev): bump @​babel/core from 7.19.0 to 7.19.1 (#4568)
• 67acc2e chore(deps-dev): bump @​babel/eslint-parser from 7.18.9 to 7.19.1 (#4569)
• ad2dcc5 chore(deps-dev): bump @​babel/preset-env from 7.19.0 to 7.19.1 (#4570)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/mimecorg/webissues/network/alerts).