Update webpack-dev-server to the latest version 🚀

[greenkeeper[bot]]

Version 2.3.0 of webpack-dev-server just got published.

Dependency	webpack-dev-server
Current Version	1.16.2
Type	devDependency

The version 2.3.0 is not covered by your current version range.

Without accepting this pull request your project will work just like it did before. There might be a bunch of new features, fixes and perf improvements that the maintainers worked on for you though.

I recommend you look into these changes and try to get onto the latest version of webpack-dev-server. Given that you have a decent test suite, a passing build is a strong indicator that you can take advantage of these changes by merging the proposed change into your project. Otherwise this branch is a great starting point for you to work on the update.

---

Commits

The new version differs by 232 commits (ahead by 232, behind by 34).

• 04eafa5 2.3.0
• ac1675c Refactor config validation
• d725fd9 Implement error overlay (#764)
• 61e5403 Allow a string to be passed as the port config option (#766)
• 2cf2939 have --open use the options.public path if it exists (#749)
• aa98997 2.2.1
• 686dec4 Fix inline example not working after webpack 2.2.0
• c82c1eb Only run Travis on the master branch [skip ci]
• 54b4b02 update examples to reflect web pack 2.2.0 (#759)
• 3bc7f77 webpack.github.io -> webpack.js.org
• cb98dd9 Change link in readme to webpack.js.org
• 31fb4fd Added example "webworker" (#755)
• 7e18f6a 2.2.0
• e9dd0ed Upgrade webpack dependency
• cae704f Update README to new standard

There are 232 commits in total. See the full diff.

Not sure how things should work exactly?

There is a collection of [frequently asked questions](https://greenkeeper.io/faq.html) and of course you may always [ask my humans](https://github.com/greenkeeperio/greenkeeper/issues/new).

---

Your Greenkeeper Bot :palm_tree:

[codecov-io]

Codecov Report

Merging #234 into master will not impact coverage.

@@          Coverage Diff          @@
##           master   #234   +/-   ##
=====================================
  Coverage     100%   100%           
=====================================
  Files           4      4           
  Lines          76     76           
=====================================
  Hits           76     76

---

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update fd86939...944b19d. Read the comment docs.

[greenkeeper[bot]]

Version 2.4.0 just got published.

Update to this version instead 🚀

Commits

The new version differs by 6 commits .

• 3f7c9f7 2.4.0
• e22317f Setting contentBase to false with historyApiFallback on works properly #791 (#797)
• b85a0ce Extract logic of adding entry points (#782)
• 4991704 feat - Allow overlay to be enabled for warnings (#789) (#790)
• 9d2925c Update dependencies
• 0099613 Handle promise rejection when using --open flag (#780)

See the full diff.

[greenkeeper[bot]]

Version 2.4.1 just got published.

Update to this version instead 🚀

Release Notes

v2.4.1

• After fixing a warning/error, the overlay was not always cleared correctly (3cb79bd).

Commits

The new version differs by 2 commits .

• 50ab2f0 2.4.1
• 3cb79bd Clear overlay properly when receiving ok msg

See the full diff.

[greenkeeper[bot]]

Version 2.4.2 just got published.

Update to this version instead 🚀

Release Notes

v2.4.2

• Properly close CLI when SIGINT or SIGTERM is called. This should fix some Docker issues (#787).
• Fix for entry not working when it was a function (#802).
• Fix for exception when using webpack-dev-server in a webworker (#813).
• Fix refresh loop that could happen on Firefox (#841).
• contentBase as an array did not work when used via CLI (#832).
• Proxy options were mutated, so this could lead to problems when re-using them (#836).

Commits

The new version differs by 15 commits .

• 60e4727 2.4.2
• 32adae3 Added beforeunload check to index.js (#544) (#841)
• d69559a Handle external upgrade for all websocket proxies (#843)
• 35a44d1 Remove Node.js v7 warning
• d2f579c Support for array of contentBase (#832)
• aabeeaa Remove unnecessary logging of closing the dev-server
• 1dc9461 Fix to share proxy option between proxy settings when the proxy option is a same object (#836)
• 42cd23c Explicitely but gracefully handle SIGINT and SIGTERM signals. (#787)
• 85de417 Use arrow function if it possible and get rid of .bind in server part (#835)
• 234294a Add unit tests for proxy options (#834)
• 8d4b826 add codecov
• d081f01 Update webpack-dev-middleware to 0.17.4 (#827)
• ccc8163 Fix exception when client script is used in webworkers (#813)
• f996bd4 fix typo and add --open (#814)
• 690df60 devClient does not work with dynamic entry. (#802)

See the full diff.

[greenkeeper[bot]]

Version 2.4.3 just got published.

Update to this version instead 🚀

Release Notes

v2.4.3

Security fix:

This version contains a security fix, which is also breaking change if you have an insecure configuration.
We are releasing this breaking change as patch version to protect you from attacks.
Sorry if this breaks your setup, but the fix is easy.

We added a check for the correct Host header to the webpack-dev-server.
This allowed evil websites to access your assets.

The Host header of the request have to match the listening adress or the host provided in the public option.
Make sure to provide correct values here.

The response will contain a note when using an incorrect Host header.

For usage behind a Proxy or similar setups we also added a disableHostCheck option to disable this check.
Only use it when you know what you do. Not recommended.

This version also includes this security fix for webpack-dev-middleware: https://github.com/webpack/webpack-dev-middleware/releases/tag/v1.10.2

Note: This only affect the development server and middleware. webpack and built bundles are not affected.

Bugfixes:

• Requests are not blocked when Host doesn't match listening host or public option.
• Requests to localhost or 127.0.0.1 are not blocked.

Features:

• Added disableHostCheck option to disable the host check

Commits

The new version differs by 4 commits0.

• ca93284 2.4.3
• f3a4ac6 Merge branch 'security/host-check'
• 8db5fd5 Require a secure webpack-dev-middleware version
• 2957853 enable Host header check for all requests and sockets

false

See the full diff

[greenkeeper[bot]]

Version 2.4.4 just got published.

Update to this version instead 🚀

Release Notes

v2.4.4

Bugfixes:

• add disableHostCheck to schema

Commits

The new version differs by 2 commits0.

• 7d08d1e 2.4.4
• 988f9c9 fixes #883

false

See the full diff

[greenkeeper[bot]]

Version 2.4.5 just got published.

Update to this version instead 🚀

Commits

The new version differs by 4 commits0.

• 662bc31 2.4.5
• 99b273c Merge pull request #888 from phairoh/fix-incorrect-variable-usage
• f26f985 Added tests for Server.prototype.checkHost
• 9688eea Use idxPublic when extracting hostname from publicHost

false

See the full diff

[greenkeeper[bot]]

Version 2.5.0 just got published.

Update to this version instead 🚀

Release Notes

v2.5.0

Security

Don't provide a SSL cert, but generate one on demand. Unique for each developer.

https://medium.com/@mikenorth/961572624c54 by Mike North

Bugfixes

• allow port 0 again
• add allowedHosts option
• better check for WebWorker
• add openPage option to open a specific page
• add --bonjour
• add lan option, which listen on lan ip by default

Commits

The new version differs by 11 commits.

• bbcdca7 2.5.0
• 7b3a42a Add 'lan' option (modify the option name to ‘useLocalIp’ for more semantic) (#901)
• 8d5f252 replace console.log with internal log function (#856)
• c9fe53d zeroconf dns (bonjour) service publishing (#930)
• 14d77a5 Adding page argument to the Open option (#917)
• 2ca97dd Strongly check client isn't running on WebWorker for sendMsg (#929)
• ab889c3 Add 'allowedHosts' option (#899)
• 1a26ab4 fix #752: allow --port 0 again (#918)
• 9a7693c Merge pull request #942 from webpack/ssl-path
• 25e1098 updating https docs
• 400b289 generate ssl certs per instance

See the full diff

[greenkeeper[bot]]

Version 2.5.1 just got published.

Update to this version instead 🚀

Release Notes

v2.5.1

Bugfixes

Fix peer dependencies to support webpack 3 ( #946 ) ( Fixes #932 )

Commits

The new version differs by 3 commits.

• 7c8b1f6 2.5.1
• 047a595 Merge pull request #946 from lencioni/patch-1
• 8978059 Update to webpack 3

See the full diff

[greenkeeper[bot]]

Version 2.6.0 just got published.

Update to this version instead 🚀

Release Notes

v2.6.0

• Browser console messages now respect clientLogLevel (#921).
• Don't output startup info if quiet is set to true (#970).
• Only load Bonjour when needed (#958).
• Set HMR log level (#926).
• Do not show warnings @ overlay unless explicitly set (#881).
• Add cli option --disable-host-check (#980).

Commits

The new version differs by 10 commits ahead by 10, behind by 1.

• adc9a0d 2.6.0
• 6da2f38 Set HMR log level. (#926)
• 140da45 Don't output startup info if quiet is set to true (#970)
• 9188878 Added cli option --disable-host-check (#980)
• b97dc5e Only load bonjour when needed (#958)
• e5b6202 Do not show warnings @ overlay unless explicitly set (#881)
• a7fdb06 Fix typo in https docs (#952)
• be1af21 Update README.md (#963)
• bd22dce Browser console messages should respect clientLogLevel (#921)
• 2041b11 Updated sockjs-client to 1.1.4 (#975)

See the full diff

[greenkeeper[bot]]

Version 2.6.1 just got published.

Update to this version instead 🚀

Release Notes

v2.6.1

• Move loglevel from devDependencies to dependencies #1001

Commits

The new version differs by 2 commits.

• 09ffe23 2.6.1
• d35c1c4 Move loglevel from devDependencies to dependencies (#1001)

See the full diff