search

retorquere / zotero-storage-scanner

A Zotero plugin to remove the broken & duplicate attachment link of the bibliography
519 stars 19 forks source link

[Snyk] Upgrade webpack from 4.26.0 to 4.42.0 #15

Closed snyk-bot closed 3 years ago

snyk-bot commented 4 years ago

Snyk has created this PR to upgrade webpack from 4.26.0 to 4.42.0.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version fixes:

Severity Issue Exploit Maturity
Cross-site Scripting (XSS)
SNYK-JS-SERIALIZEJAVASCRIPT-536840		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-ACORN-559469		 No Known Exploit
Time of Check Time of Use (TOCTOU)
npm:chownr:20180731		 No Known Exploit
Timing Attack
SNYK-JS-ELLIPTIC-511941		 No Known Exploit
Release notes
Package name: webpack
  • 4.42.0 - 2020-03-02

    Bugfixes

    • Disable constant replacements in "use asm" scope
    • Update schema to disallow functions for output.hotUpdateChunkFilename as this doesn't work
    • Hoist exports in concatenated module to handle circular references with non-concatenated modules correctly
    • Flag all modules as used in DLLs to fix missing exports
  • 4.41.6 - 2020-02-11

    Bugfixes

    • Windows network paths are considered as absolute paths
    • fix hanging of FlagDependencyExportsPlugin when using export * in a circular matter
  • 4.41.5 - 2019-12-27

    Bugfixes

    • handle relative paths with webpack:// prefix in SourceMaps correctly
    • fixes a non-determinism about providedExports with export * which caused changing module hashes and unnecessary HMR invalidation
  • 4.41.4 - 2019-12-19

    Bugfixes

    • fix case where __webpack_require__.e is not a function when using module concatenation
    • fix incorrect imported module when using sideEffects in a certain constellation of export names

    Performance

    • lazy-require Webassembly related modules for improved startup performance
  • 4.41.3 - 2019-12-16

    Security

    • force upgrade terser-webpack-plugin dependency for security fix (not affecting webpack)

    Funding

    • add npm funding field to package.json
  • 4.41.2 - 2019-10-15
  • 4.41.1 - 2019-10-11
  • 4.41.0 - 2019-09-24
  • 4.40.3 - 2019-09-24
  • 4.40.2 - 2019-09-13
  • 4.40.1 - 2019-09-13
  • 4.40.0 - 2019-09-12
  • 4.39.3 - 2019-08-27
  • 4.39.2 - 2019-08-13
  • 4.39.1 - 2019-08-02
  • 4.39.0 - 2019-08-01
  • 4.38.0 - 2019-07-26
  • 4.37.0 - 2019-07-23
  • 4.36.1 - 2019-07-17
  • 4.36.0 - 2019-07-17
  • 4.35.3 - 2019-07-08
  • 4.35.2 - 2019-07-01
  • 4.35.1 - 2019-07-01
  • 4.35.0 - 2019-06-20
  • 4.34.0 - 2019-06-12
  • 4.33.0 - 2019-06-04
  • 4.32.2 - 2019-05-22
  • 4.32.1 - 2019-05-22
  • 4.32.0 - 2019-05-20
  • 4.31.0 - 2019-05-09
  • 4.30.0 - 2019-04-12
  • 4.29.6 - 2019-02-28
  • 4.29.5 - 2019-02-18
  • 4.29.4 - 2019-02-15
  • 4.29.3 - 2019-02-07
  • 4.29.2 - 2019-02-06
  • 4.29.1 - 2019-02-04
  • 4.29.0 - 2019-01-20
  • 4.28.4 - 2019-01-10
  • 4.28.3 - 2018-12-29
  • 4.28.2 - 2018-12-22
  • 4.28.1 - 2018-12-20
  • 4.28.0 - 2018-12-19
  • 4.27.1 - 2018-12-05
  • 4.27.0 - 2018-12-04
  • 4.26.1 - 2018-11-25
  • 4.26.0 - 2018-11-19
from webpack GitHub release notes
Commit messages
Package name: webpack
  • 29d851b 4.42.0
  • 07a4b28 Merge pull request #10478 from webpack/bugfix/all-modules-dll
  • c1aa9d4 flag all modules as used for Dll
  • d147689 Merge pull request #10431 from webpack/bugfix/concat-circular-4
  • d76761d hoist exports to the top of a concatenated module
  • 534d78f Merge pull request #10393 from webpack/schema/disallow-function-hotchunkfilename
  • d46ddc2 disallow function for output.hotUpdateChunkFilename
  • 95409bd Merge pull request #10294 from ngg/asmjs-4
  • 71be3bf 4.41.6
  • 7a30012 spacing
  • 284e97f add detectStrictMode method for backward-compat
  • 0b8ef22 Merge pull request #10344 from webpack/bugfix/hang-circular-reexport
  • 614ea54 only retrigger flagging exports in dependencies when exports really changed
  • a7a07bc do not evaluate constants in asm.js, fix IIFE mode detection
  • 627510d Merge pull request #10255 from jeffin143/fix-10247
  • e826575 correct windows paths must use \ and not /
  • 5e9f083 Merge pull request #10240 from jeffin143/fix-10217
  • d8c74b6 fix: better handle absolute paths
  • ef73991 update webpackOption.d.ts
  • 2101892 add chunkid declaration
  • 4bb706f Fix lint issue
  • 2394136 added variable declarations in files where required
  • 148c4be get rid of some hacks in declarations file for webpack-4
  • 45ecebc 4.41.5
Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs