Bump json5, @storybook/svelte, babel-loader, sass-loader, svelte-loader and webpack

[dependabot[bot]]

Bumps json5 to 2.2.3 and updates ancestor dependencies json5, @storybook/svelte, babel-loader, sass-loader, svelte-loader and webpack. These dependencies need to be updated together.

Updates json5 from 2.1.3 to 2.2.3

Release notes

Sourced from json5's releases.

v2.2.3

• Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2

• Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1

• Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

v2.2.0

• New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

Changelog

Sourced from json5's changelog.

v2.2.3 [code, diff]

• Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2 [code, diff]

• Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

• Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

v2.2.0 [code, diff]

• New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

Commits

• c3a7524 2.2.3
• 94fd06d docs: update CHANGELOG for v2.2.3
• 3b8cebf docs(security): use GitHub security advisories
• f0fd9e1 docs: publish a security policy
• 6a91a05 docs(template): bug -> bug report
• 14f8cb1 2.2.2
• 10cc7ca docs: update CHANGELOG for v2.2.2
• 7774c10 fix: add proto to objects and arrays
• edde30a Readme: slight tweak to intro
• 97286f8 Improve example in readme
• Additional commits viewable in compare view

Updates @storybook/svelte from 5.3.18 to 6.5.15

Release notes

Sourced from @​storybook/svelte's releases.

v6.5.15

Bug Fixes

• Support Angular 15.0.4 #20287
• CLI: execute automigrations when pressing enter in the prompts #20208

Maintenance

• Ember: Remove global Ember usage #17843

v6.5.15-alpha.1

Bug Fixes

• Support Angular 15.0.4 #20287
• CLI: execute automigrations when pressing enter in the prompts #20208

v6.5.15-alpha.0

Maintenance

• Ember: Remove global Ember usage #17843

v6.5.14

Bug Fixes

• Angular: Fix "webpack_require.nmd is not a function issue" in Angular 15 #20043
• CLI/React native: Fix addons template to import register instead of manager #19620

Maintenance

• Core: Patch preview-web and refs to support React Native #19975

Dependency Upgrades

• Upgrade loader-utils to 2.0.4 in storysource and source-loader #19891

v6.5.14-alpha.2

Bug Fixes

• Angular: Fix "webpack_require.nmd is not a function issue" in Angular 15 #20043

v6.5.14-alpha.1

Maintenance

• Core: Patch preview-web and refs to support React Native #19975

v6.5.14-alpha.0

Bug Fixes

• CLI/React native: Fix addons template to import register instead of manager #19620

... (truncated)

Changelog

Sourced from @​storybook/svelte's changelog.

6.5.15 (December 20, 2022)

Bug Fixes

• Support Angular 15.0.4 #20287
• CLI: execute automigrations when pressing enter in the prompts #20208

Maintenance

• Ember: Remove global Ember usage #17843

6.5.15-alpha.1 (December 20, 2022)

Bug Fixes

• Support Angular 15.0.4 #20287
• CLI: execute automigrations when pressing enter in the prompts #20208

6.5.15-alpha.0 (December 12, 2022)

Maintenance

• Ember: Remove global Ember usage #17843

6.5.14 (December 2, 2022)

Bug Fixes

• Angular: Fix "webpack_require.nmd is not a function issue" in Angular 15 #20043
• CLI/React native: Fix addons template to import register instead of manager #19620

Maintenance

• Core: Patch preview-web and refs to support React Native #19975

Dependency Upgrades

• Upgrade loader-utils to 2.0.4 in storysource and source-loader #19891

6.5.14-alpha.2 (December 2, 2022)

Bug Fixes

• Angular: Fix "webpack_require.nmd is not a function issue" in Angular 15 #20043

6.5.14-alpha.1 (November 27, 2022)

Maintenance

• Core: Patch preview-web and refs to support React Native #19975

... (truncated)

Commits

• feab19d v6.5.15
• 075a8dd Update git head to 6.5.15-alpha.1, update yarn.lock [ci skip]
• cfd775b v6.5.15-alpha.1
• 9c19ef0 Update git head to 6.5.15-alpha.0, update yarn.lock [ci skip]
• 095d6ad v6.5.15-alpha.0
• ae06ca9 Update git head to 6.5.14, update yarn.lock [ci skip]
• cf65eb7 v6.5.14
• 6e1e6dd Update git head to 6.5.14-alpha.2, update yarn.lock [ci skip]
• 71f07c4 v6.5.14-alpha.2
• 885e7ac Update git head to 6.5.14-alpha.1, update yarn.lock [ci skip]
• Additional commits viewable in compare view

Updates babel-loader from 8.1.0 to 8.3.0

Release notes

Sourced from babel-loader's releases.

v8.3.0

New features

• Pass external dependencies from Babel to Webpack by @​nicolo-ribaudo in babel/babel-loader#971

Full Changelog: https://github.com/babel/babel-loader/compare/v8.2.5...v8.3.0

v8.2.5

What's Changed

• fix: respect inputSourceMap loader option by @​alan-agius4 in babel/babel-loader#896

New Contributors

• @​alan-agius4 made their first contribution in babel/babel-loader#896

Full Changelog: https://github.com/babel/babel-loader/compare/v8.2.4...v8.2.5

v8.2.4

What's Changed

• doc(README.md): fix a broken markdown link by @​loveDstyle in babel/babel-loader#919
• Bump loader-utils to 2.x by @​stianjensen in babel/babel-loader#931
• Use md5 hashing for OpenSSL 3 by @​pathmapper in babel/babel-loader#924

Thanks @​loveDstyle, @​stianjensen and @​pathmapper for your first PRs!

8.2.3

This release fixes compatibility with Node.js 17

• Use md5 hash for caching on node v17 (babel/babel-loader#918)

Thanks @​Reptarsrage!

8.2.1

• Move @ava/babel to devDependencies #881 (@​jvasseur)

8.2.0

• Replace mkdirp with make-dir 47958ca3857e489e450b27c6f3266375015cba82 (@​JLHwung)
• Use async config loading when available d8cff97ff387ded0fc9b5cbc489228c96c5ab14a (@​the-spyke)

Commits

• 9bf5652 8.3.0
• 80ab7d0 Update @babel/ dependencies
• 493ac6c Pass external dependencies from Babel to Webpack (#971)
• df28fe3 Fix broken main test (#950)
• 0b338e4 update hash method so it doesn't fail on a fips enabled machine (#939)
• 1f98d3c 8.2.5
• c622868 fix: respect inputSourceMap loader option (#896)
• f7982c1 8.2.4
• 4bb9e21 Use md5 hashing for OpenSSL 3 (#924)
• 247c94b Bump loader-utils to 2.x (#931)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by nicolo-ribaudo, a new releaser for babel-loader since your current version.

Updates sass-loader from 8.0.2 to 13.2.0

Release notes

Sourced from sass-loader's releases.

v13.2.0

13.2.0 (2022-11-09)

Features

• add support for node-sass v8 (#1100) (e5581b7)

v13.1.0

13.1.0 (2022-10-06)

Features

• allow to extend conditionNames (#1092) (6e02c64)

v13.0.2

13.0.2 (2022-06-27)

Bug Fixes

• hide error stacktrace on Sass errors (#1069) (5e6a61b)

v13.0.1

13.0.1 (2022-06-24)

Bug Fixes

• optimize debug message formatting, #1065 (#1066) (49a578a)

v13.0.0

13.0.0 (2022-05-18)

⚠ BREAKING CHANGES

• minimum supported Node.js version is 14.15.0 (#1048)
• emit @warn at-rules as webpack warnings by default, if you want to revert behavior please use the warnRuleAsWarning option (#1054) (58ffb68)

Bug Fixes

• do not crash on importers for modern API (#1052) (095814e)
• do not store original sass error in webpack error(#1053) (06d7533)

v12.6.0

12.6.0 (2022-02-15)

... (truncated)

Changelog

Sourced from sass-loader's changelog.

13.2.0 (2022-11-09)

Features

• add support for node-sass v8 (#1100) (e5581b7)

13.1.0 (2022-10-06)

Features

• allow to extend conditionNames (#1092) (6e02c64)

13.0.2 (2022-06-27)

Bug Fixes

• hide error stacktrace on Sass errors (#1069) (5e6a61b)

13.0.1 (2022-06-24)

Bug Fixes

• optimize debug message formatting, #1065 (#1066) (49a578a)

13.0.0 (2022-05-18)

⚠ BREAKING CHANGES

• minimum supported Node.js version is 14.15.0 (#1048)
• emit @warn at-rules as webpack warnings by default, if you want to revert behavior please use the warnRuleAsWarning option (#1054) (58ffb68)

Bug Fixes

• do not crash on importers for modern API (#1052) (095814e)
• do not store original sass error in webpack error(#1053) (06d7533)

12.6.0 (2022-02-15)

Features

• added support for automatic loading of sass-embedded (#1025) (c8dae87)

12.5.0 (2022-02-14)

... (truncated)

Commits

• e8fbc79 chore(release): 13.2.0
• e5581b7 feat: add support for node-sass v8 (#1100)
• acb3ce0 chore(deps): bump loader-utils from 2.0.2 to 2.0.3 (#1099)
• 1cdea4e chore: update dependencies to the latest version (#1098)
• 094a303 docs: update cla link (#1096)
• c32f63a ci: add dependency review action (#1094)
• b31751d chore(release): 13.1.0
• 6e02c64 feat: allow to extend conditionNames (#1092)
• edab08f chore: update dependencies to the latest version (#1093)
• 3a34fef chore: update commitlint action (#1091)
• Additional commits viewable in compare view

Updates svelte-loader from 2.13.6 to 3.1.4

Changelog

Sourced from svelte-loader's changelog.

3.1.4

• Bump loader-utils dependency

3.1.3

• Prevent webpack process crashing on undefined dependencies (#197)

3.1.2

• Update to latest svelte-hmr package fixing Webpack 4 support
• Fix sourcemap breakpoints (#183)

3.1.1

• Fix empty sourcesContent (#177)

3.1.0

• Pass preprocessor source maps to compiler (#172)
• Recompile style imports after an error (#173)

3.0.0

• Breaking: compiler options must now be specified under compilerOptions (#159)
• Breaking: removed support for deprecated style, script, and markup options, which are now located under the preprocess configuration (#158)
• Breaking: dropped Svelte 2 support (#150)
• Breaking: dropped Node 8 support (#157)
• Add Webpack 5 support (#151)
  • Webpack 5 requires an additional rule in webpack.config.js to load the Svelte runtime correctly
• Replace broken Svelte 2 HMR with the implementation from rixo/svelte-loader-hot (#156)
• Add Node 14 support and remove virtual modules implementation (fixes #125, #131)

Thanks to @​non25, @​Smittyvb, @​rixo, and the numerous others who contributed to this major release!

Commits

• 705ab1c [chore] release 3.1.4
• 28795f1 Bump loader-utils from 2.0.0 to 2.0.3 (#215)
• bba9acb [chore] Add latest node versions to CI (#207)
• 46fa2e4 [chore] release 3.1.3
• 1c41c98 [fix] Validate error path for addDependency() (#199)
• 201272b [chore] add 'npm' cache for actions/setup-node in .github/workflows (#190)
• fb59705 [chore] Remove outdated example directory
• 9090867 [docs] unarchive
• fe3a0be Update README.md
• c1dbb52 Bump ansi-regex from 3.0.0 to 3.0.1 (#204)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by dummdidumm, a new releaser for svelte-loader since your current version.

Updates webpack from 4.43.0 to 5.75.0

Release notes

Sourced from webpack's releases.

v5.75.0

Bugfixes

• experiments.* normalize to false when opt-out
• avoid NaN%
• show the correct error when using a conflicting chunk name in code
• HMR code tests existance of window before trying to access it
• fix eval-nosources-* actually exclude sources
• fix race condition where no module is returned from processing module
• fix position of standalong semicolon in runtime code

Features

• add support for @import to extenal CSS when using experimental CSS in node
• add i64 support to the deprecated WASM implementation

Developer Experience

• expose EnableWasmLoadingPlugin
• add more typings
• generate getters instead of readonly properties in typings to allow overriding them

v5.74.0

Features

• add resolve.extensionAlias option which allows to alias extensions
  • This is useful when you are forced to add the .js extension to imports when the file really has a .ts extension (typescript + "type": "module")
• add support for ES2022 features like static blocks
• add Tree Shaking support for ProvidePlugin

Bugfixes

• fix persistent cache when some build dependencies are on a different windows drive
• make order of evaluation of side-effect-free modules deterministic between concatenated and non-concatenated modules
• remove left-over from debugging in TLA/async modules runtime code
• remove unneeded extra 1s timestamp offset during watching when files are actually untouched
  • This sometimes caused an additional second build which are not really needed
• fix shareScope option for ModuleFederationPlugin
• set "use-credentials" also for same origin scripts

Performance

• Improve memory usage and performance of aggregating needed files/directories for watching
  • This affects rebuild performance

Extensibility

• export HarmonyImportDependency for plugins

v5.73.0

... (truncated)

Commits

• 8241da7 5.75.0
• a91d923 Merge pull request #16458 from webpack/bugfix/semi
• 4608b11 Merge pull request #16457 from webpack/tooling/update
• dfdd0b0 Merge pull request #16122 from AnmolBansalDEV/bug/compilationCallback
• 23b9a1c Merge pull request #16167 from exposir/fixts
• 6f2c5e8 Merge pull request #16257 from alexzhang1030/calc_deterministic_verbose
• f7f36ad Merge pull request #16339 from Liamolucko/wasm-i64
• 761a542 fix semicolon position
• 2403a36 Merge pull request #16345 from ahabhgk/fix-eval-nosources
• c18203c update tooling
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/svelte-brasil/site/network/alerts).