swimmadude66 / YTRadio

Very simple distributed YouTube viewer with the idea of synchronized music listening
MIT License
10 stars 10 forks source link

Bump json5, html-webpack-plugin, source-map-loader and webpack #108

Open dependabot[bot] opened 1 year ago

dependabot[bot] commented 1 year ago

Bumps json5 to 1.0.2 and updates ancestor dependencies json5, html-webpack-plugin, source-map-loader and webpack. These dependencies need to be updated together.

Updates json5 from 1.0.1 to 1.0.2

Release notes

Sourced from json5's releases.

v1.0.2

  • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295). This has been backported to v1. (#298)
Changelog

Sourced from json5's changelog.

Unreleased [code, diff]

v2.2.3 [code, diff]

  • Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2 [code, diff]

  • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

  • Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

v2.2.0 [code, diff]

  • New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

v2.1.3 [code, diff]

  • Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

v2.1.2 [code, diff]

... (truncated)

Commits


Updates html-webpack-plugin from 3.2.0 to 5.5.0

Changelog

Sourced from html-webpack-plugin's changelog.

5.5.0 (2021-10-25)

Features

  • Support type=module via scriptLoading option (1e42625), closes #1663

5.4.0 (2021-10-15)

Features

5.3.2 (2021-06-22)

Bug Fixes

  • update lodash and pretty error (9c7fba0

5.3.1 (2021-03-09)

Bug Fixes

  • remove loader-utils from plugin core (82d0ee8)

5.3.0 (2021-03-07)

Features

  • allow to modify the interpolation options in webpack config (d654f5b)
  • drop loader-utils dependency (41d7a50)

5.2.0 (2021-02-19)

Features

5.1.0 (2021-02-12)

Features

  • omit html tag attribute with null/undefined/false value (aa6e78d), closes #1598

5.0.0 (2021-02-03)

... (truncated)

Commits
  • 873d75b chore(release): 5.5.0
  • ddeb774 chore: update examples
  • 1e42625 feat: Support type=module via scriptLoading option
  • 7d3645b Bump pretty-error to 4.0.0 to fix transitive vuln for ansi-regex CVE-2021-3807
  • 79be779 [chore] changes actions to run on pull_requests
  • b7e5859 [chore] fixes CI to avoid race conditions
  • 48131d3 chore(release): 5.4.0
  • 16a841a [chore] rebuild examples
  • 3bb7c17 Update index.js
  • e38ac97 Update index.js
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by jantimon, a new releaser for html-webpack-plugin since your current version.


Updates source-map-loader from 0.2.3 to 0.2.4

Release notes

Sourced from source-map-loader's releases.

v0.2.4

2018-08-14

Bug Fixes

  • index: handle exception on loading invalid source maps (#67) (78ad469)
  • index: resolve source maps with root-relative paths correctly (#68) (e2fdbfd)
  • package: 5 low severity vulnerabilities (#72) (8262587)
Changelog

Sourced from source-map-loader's changelog.

0.2.4 (2018-08-14)

Bug Fixes

  • index: handle exception on loading invalid source maps (#67) (78ad469)
  • index: resolve source maps with root-relative paths correctly (#68) (e2fdbfd)
  • package: 5 low severity vulnerabilities (#72) (8262587)

Commits
  • 8433ed3 chore(release): 0.2.4
  • 8262587 fix(package): 5 low severity vulnerabilities (#72)
  • 637fde1 chore(package): remove unused source-map dependency (dependencies) (#71)
  • e2fdbfd fix(index): resolve source maps with root-relative paths correctly (#68)
  • 78ad469 fix(index): handle exception on loading invalid source maps (#67)
  • a0b84d4 docs(README): typo fix (#64)
  • 7843bb3 refactor(package): updates dependencies to fix CVE-2015-8315 (#62)
  • 4f3833b docs(CHANGELOG): updates for v0.2.3
  • See full diff in compare view
Maintainer changes

This version was pushed to npm by michael-ciniawsky, a new releaser for source-map-loader since your current version.


Updates webpack from 3.11.0 to 5.75.0

Release notes

Sourced from webpack's releases.

v5.75.0

Bugfixes

  • experiments.* normalize to false when opt-out
  • avoid NaN%
  • show the correct error when using a conflicting chunk name in code
  • HMR code tests existance of window before trying to access it
  • fix eval-nosources-* actually exclude sources
  • fix race condition where no module is returned from processing module
  • fix position of standalong semicolon in runtime code

Features

  • add support for @import to extenal CSS when using experimental CSS in node
  • add i64 support to the deprecated WASM implementation

Developer Experience

  • expose EnableWasmLoadingPlugin
  • add more typings
  • generate getters instead of readonly properties in typings to allow overriding them

v5.74.0

Features

  • add resolve.extensionAlias option which allows to alias extensions
    • This is useful when you are forced to add the .js extension to imports when the file really has a .ts extension (typescript + "type": "module")
  • add support for ES2022 features like static blocks
  • add Tree Shaking support for ProvidePlugin

Bugfixes

  • fix persistent cache when some build dependencies are on a different windows drive
  • make order of evaluation of side-effect-free modules deterministic between concatenated and non-concatenated modules
  • remove left-over from debugging in TLA/async modules runtime code
  • remove unneeded extra 1s timestamp offset during watching when files are actually untouched
    • This sometimes caused an additional second build which are not really needed
  • fix shareScope option for ModuleFederationPlugin
  • set "use-credentials" also for same origin scripts

Performance

  • Improve memory usage and performance of aggregating needed files/directories for watching
    • This affects rebuild performance

Extensibility

  • export HarmonyImportDependency for plugins

v5.73.0

... (truncated)

Commits


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/swimmadude66/YTRadio/network/alerts).