Skip to content

build: Bump json5, css-loader, extract-text-webpack-plugin, file-loader, sass-loader and webpack #411

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: master
Choose a base branch
from
Open

build: Bump json5, css-loader, extract-text-webpack-plugin, file-loader, sass-loader and webpack #411

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Apr 28, 2023
edited
Loading

Bumps json5 to 1.0.2 and updates ancestor dependencies json5, css-loader, extract-text-webpack-plugin, file-loader, sass-loader and webpack. These dependencies need to be updated together.

Updates json5 from 0.5.1 to 1.0.2

Release notes

Sourced from json5's releases.

v1.0.2

  • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295). This has been backported to v1. (#298)

v1.0.1

This release includes a bug fix and minor change.

  • Fix: parse throws on unclosed objects and arrays.

  • New: package.json5 has been removed until an easier way to keep it in sync with package.json is found.

v1.0.0

This release includes major internal changes and public API enhancements.

  • Major JSON5 officially supports Node.js v4 and later. Support for Node.js v0.10 and v0.12 have been dropped.

  • New: Unicode property names and Unicode escapes in property names are supported. (#1)

  • New: stringify outputs trailing commas in objects and arrays when a space option is provided. (#66)

  • New: JSON5 allows line and paragraph separator characters (U+2028 and U+2029) in strings in order to be compatible with JSON. However, ES5 does not allow these characters in strings, so JSON5 gives a warning when they are parsed and escapes them when they are stringified. (#70)

  • New: stringify accepts an options object as its second argument. The supported options are replacer, space, and a new quote option that specifies the quote character used in strings. (#71)

  • New: The CLI supports STDIN and STDOUT and adds --out-file, --space, and --validate options. See json5 --help for more information. (#72, #84, and #108)

  • New: In addition to the white space characters space \t, \v, \f, \n, \r, and \xA0, the additional white space characters \u2028, \u2029, and all other characters in the Space Separator Unicode category are allowed.

  • New: In addition to the character escapes \', \", \\, \b, \f, \n, \r, and \t, the additional character escapes \v and \0, hexadecimal escapes like \x0F, and unnecessary escapes like \a are allowed in string values and string property names.

  • New: stringify outputs strings with single quotes by default but intelligently uses double quotes if there are more single quotes than double quotes inside the string. (i.e. stringify('Stay here.') outputs 'Stay here.' while stringify('Let\'s go.') outputs "Let's go.")

... (truncated)

Changelog

Sourced from json5's changelog.

Unreleased [code, diff]

v2.2.3 [code, diff]

v2.2.2 [code, diff]

  • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

v2.2.0 [code, diff]

  • New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

v2.1.3 [code, diff]

  • Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

v2.1.2 [code, diff]

... (truncated)

Commits

Updates css-loader from 0.23.1 to 6.7.3

Release notes

Sourced from css-loader's releases.

v6.7.3

6.7.3 (2022-12-14)

Bug Fixes

v6.7.2

6.7.2 (2022-11-13)

Bug Fixes

  • css modules generation with inline syntax (#1480) (2f4c273)

v6.7.1

6.7.1 (2022-03-08)

Bug Fixes

v6.7.0

6.7.0 (2022-03-04)

Features

v6.6.0

6.6.0 (2022-02-02)

Features

  • added the hashStrategy option (ca4abce)

v6.5.1

6.5.1 (2021-11-03)

Bug Fixes

  • regression with unicode characters in locals (b7a8441)
  • runtime path generation (#1393) (feafea8)

v6.5.0

... (truncated)

Changelog

Sourced from css-loader's changelog.

6.7.3 (2022-12-14)

Bug Fixes

6.7.2 (2022-11-13)

Bug Fixes

  • css modules generation with inline syntax (#1480) (2f4c273)

6.7.1 (2022-03-08)

Bug Fixes

6.7.0 (2022-03-04)

Features

6.6.0 (2022-02-02)

Features

  • added the hashStrategy option (ca4abce)

6.5.1 (2021-11-03)

Bug Fixes

  • regression with unicode characters in locals (b7a8441)
  • runtime path generation (#1393) (feafea8)

6.5.0 (2021-10-26)

Features

  • support absolute URL in url() when experiments.buildHttp enabled (#1389) (8946be4)

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for css-loader since your current version.


Updates extract-text-webpack-plugin from 1.0.1 to 3.0.2

Release notes

Sourced from extract-text-webpack-plugin's releases.

v3.0.2

2017-10-25

Bug Fixes

  • refer to the entrypoint instead of the first module (module.identifier) (#601) (d5a1de2)

v3.0.1

2017-10-03

Bug Fixes

  • index: stricter check for shouldExtract !== wasExtracted (#605) (510704f)
  • get real path from __filename instead of __dirname (NS) (8de6558)

v3.0.0

2017-07-10

Bug Fixes

Code Refactoring

  • Apply webpack-defaults & webpack 3.x support (#540) (7ae32d9)

  • refactor: DeprecationWarning: Chunk.modules 543

BREAKING CHANGES

  • Enforces engines of "node": ">=4.3.0 < 5.0.0 || >= 5.10

  • Updates to Chunk.mapModules. This release is not backwards compatible with Webpack 2.x due to breaking changes in webpack/webpack#4764

  • Enforces peerDependencies of "webpack": "^3.1.0".

Release v3.0.0-rc.2

3.0.0-rc.2 (2017-07-10)

Bug Fixes

... (truncated)

Changelog

Sourced from extract-text-webpack-plugin's changelog.

3.0.2 (2017-10-25)

Bug Fixes

  • refer to the entrypoint instead of the first module (module.identifier) (#601) (d5a1de2)

3.0.1 (2017-10-03)

Bug Fixes

  • index: stricter check for shouldExtract !== wasExtracted (#605) (510704f)
  • get real path from __filename instead of __dirname (NS) (8de6558)

3.0.0 (2017-07-10)

Bug Fixes

  • add missing options.ignoreOrder details in Error message (#539) (dd43832)

Code Refactoring

  • Apply webpack-defaults & webpack 3.x support (#540) (7ae32d9)

BREAKING CHANGES

  • Enforces engines of "node": ">=4.3.0 < 5.0.0 || >= 5.10
  • refactor: DeprecationWarning: Chunk.modules 543
  • Updates to Chunk.mapModules. This release is not backwards compatible with Webpack 2.x due to breaking changes in webpack/webpack#4764
  • Enforces peerDependencies of "webpack": "^3.1.0".

3.0.0-rc.2 (2017-07-10)

... (truncated)

Commits
  • cc3ba94 chore(release): 3.0.2
  • d5a1de2 fix: refer to the entrypoint instead of the first module (`module.identif...
  • 5286ab2 build(defaults): update to v1.6.0 (#652)
  • 4cfde50 chore(release): 3.0.1
  • 8de6558 fix: get real path from __filename instead of __dirname (NS)
  • 510704f fix(index): stricter check for shouldExtract !== wasExtracted (#605)
  • 6a660f3 docs(README): update install instructions (#570)
  • 083a6c8 docs(README): add custom [contenthash] formats (#566)
  • d7a75fc chore(release): 3.0.0
  • 7ae32d9 refactor: Apply webpack-defaults & webpack 3.x support (#540)
  • Additional commits viewable in compare view

Updates file-loader from 0.9.0 to 6.2.0

Release notes

Sourced from file-loader's releases.

v6.2.0

6.2.0 (2020-10-27)

Features

  • added the sourceFilename property to asset info with original filename (#393) (654e0d6)

Bug Fixes

  • immutable flag when the name option have hash in query string (#392) (381d8bd)

v6.1.1

6.1.1 (2020-10-09)

Chore

  • update schema-utils

v6.1.0

6.1.0 (2020-08-31)

Features

v6.0.0

6.0.0 (2020-03-17)

⚠ BREAKING CHANGES

v5.1.0

5.1.0 (2020-02-19)

Features

  • support the query template for the name option (#366) (cd8698b)

v5.0.2

5.0.2 (2019-11-25)

Chore

... (truncated)

Changelog

Sourced from file-loader's changelog.

6.2.0 (2020-10-27)

Features

  • added the sourceFilename property to asset info with original filename (#393) (654e0d6)

Bug Fixes

  • immutable flag when the name option have hash in query string (#392) (381d8bd)

6.1.1 (2020-10-09)

Chore

  • update schema-utils

6.1.0 (2020-08-31)

Features

6.0.0 (2020-03-17)

⚠ BREAKING CHANGES

5.1.0 (2020-02-19)

Features

  • support the query template for the name option (#366) (cd8698b)

5.0.2 (2019-11-25)

Chore

  • add the funding field in package.json

5.0.1 (2019-11-25)

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for file-loader since your current version.


Updates sass-loader from 4.0.2 to 13.2.2

Release notes

Sourced from sass-loader's releases.

v13.2.2

13.2.2 (2023-03-27)

Bug Fixes

v13.2.1

13.2.1 (2023-03-18)

Bug Fixes

  • do not crash on a custom scheme in @import/@use for the modern API (21966ee)

v13.2.0

13.2.0 (2022-11-09)

Features

v13.1.0

13.1.0 (2022-10-06)

Features

v13.0.2

13.0.2 (2022-06-27)

Bug Fixes

v13.0.1

13.0.1 (2022-06-24)

Bug Fixes

v13.0.0

13.0.0 (2022-05-18)

... (truncated)

Changelog

Sourced from sass-loader's changelog.

13.2.2 (2023-03-27)

Bug Fixes

13.2.1 (2023-03-18)

Bug Fixes

  • do not crash on a custom scheme in @import/@use for the modern API (21966ee)

13.2.0 (2022-11-09)

Features

13.1.0 (2022-10-06)

Features

13.0.2 (2022-06-27)

Bug Fixes

13.0.1 (2022-06-24)

Bug Fixes

13.0.0 (2022-05-18)

⚠ BREAKING CHANGES

  • minimum supported Node.js version is 14.15.0 (#1048)
  • emit @warn at-rules as webpack warnings by default, if you want to revert behavior please use the warnRuleAsWarning option (#1054) (58ffb68)

... (truncated)

Commits
  • 19e8bdb chore(release): 13.2.2
  • 0adeb0c chore: update dependencies (#1126)
  • 50987bc fix: typo in fix of modern api depedencies (#1125)
  • 4dd92db chore(release): 13.2.1
  • 21966ee fix: do not crash on a custom scheme in @import/@use for the modern API
  • de29518 chore(deps-dev): bump webpack from 5.75.0 to 5.76.0 (#1121)
  • 75dcfde ci: use LTS node version in lint job (#1119)
  • 83db4d0 chore(deps): bump http-cache-semantics from 4.1.0 to 4.1.1 (#1118)
  • 4b70594 chore: update dependencies to the latest version (#1117)
  • 449f5ac ci: use concurrency in github workflows (#1115)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for sass-loader since your current version.


Updates webpack from 1.15.0 to 5.81.0

Release notes

Sourced from webpack's releases.

v5.81.0

New Features

Bug Fixes

Tests & Contributor Experience

Developer Experience

Dependencies & Maintenance

New Contributors

Full Changelog: webpack/webpack@v5.80.0...v5.81.0

v5.80.0

New Features

Bug Fixes

... (truncated)

Commits
  • 5c016a8 5.81.0
  • 5b20c9a Merge pull request #17057 from webpack/import-support
  • f429ac7 Merge pull request #17066 from webpack/dependabot/npm_and_yarn/simple-git-3.18.0
  • 2c6dc77 Merge pull request #16388 from indeediansbrett/feat/issue-16374
  • 7398dbd Merge pull request #17033 from webpack/chore-deps-avoud-using-legacy-loader-u...
  • 9234620 Merge pull request #17020 from webpack/ci-deps-main
  • 2552028 Merge pull request #17062 from webpack/test-stabilization-for-define
  • a7551fa chore(deps-dev): bump simple-git from 3.17.0 to 3.18.0
  • ed0738d test: stability for define
  • f3cf014 test: stability
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by thelarkinn, a new releaser for webpack since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Apr 28, 2023
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/json5-and-css-loader-and-extract-text-webpack-plugin-and-file-loader-and-sass-loader-and-webpack-1.0.2 branch 5 times, most recently from 30db4d8 to e58f5ce Compare May 4, 2023 09:31
@dependabot
build: Bump json5, css-loader, extract-text-webpack-plugin, file-load…
d4e2364 
…er, sass-loader and webpack

Bumps [json5](https://github.com/json5/json5) to 1.0.2 and updates ancestor dependencies [json5](https://github.com/json5/json5), [css-loader](https://github.com/webpack-contrib/css-loader), [extract-text-webpack-plugin](https://github.com/webpack-contrib/extract-text-webpack-plugin), [file-loader](https://github.com/webpack-contrib/file-loader), [sass-loader](https://github.com/webpack-contrib/sass-loader) and [webpack](https://github.com/webpack/webpack). These dependencies need to be updated together.


Updates `json5` from 0.5.1 to 1.0.2
- [Release notes](https://github.com/json5/json5/releases)
- [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md)
- [Commits](json5/json5@v0.5.1...v1.0.2)

Updates `css-loader` from 0.23.1 to 6.7.3
- [Release notes](https://github.com/webpack-contrib/css-loader/releases)
- [Changelog](https://github.com/webpack-contrib/css-loader/blob/master/CHANGELOG.md)
- [Commits](webpack/css-loader@v0.23.1...v6.7.3)

Updates `extract-text-webpack-plugin` from 1.0.1 to 3.0.2
- [Release notes](https://github.com/webpack-contrib/extract-text-webpack-plugin/releases)
- [Changelog](https://github.com/webpack-contrib/extract-text-webpack-plugin/blob/master/CHANGELOG.md)
- [Commits](webpack-contrib/extract-text-webpack-plugin@v1.0.1...v3.0.2)

Updates `file-loader` from 0.9.0 to 6.2.0
- [Release notes](https://github.com/webpack-contrib/file-loader/releases)
- [Changelog](https://github.com/webpack-contrib/file-loader/blob/master/CHANGELOG.md)
- [Commits](webpack-contrib/file-loader@v0.9.0...v6.2.0)

Updates `sass-loader` from 4.0.2 to 13.2.2
- [Release notes](https://github.com/webpack-contrib/sass-loader/releases)
- [Changelog](https://github.com/webpack-contrib/sass-loader/blob/master/CHANGELOG.md)
- [Commits](webpack/sass-loader@v4.0.2...v13.2.2)

Updates `webpack` from 1.15.0 to 5.81.0
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](webpack/webpack@v1.15.0...v5.81.0)

---
updated-dependencies:
- dependency-name: json5
  dependency-type: indirect
- dependency-name: css-loader
  dependency-type: direct:development
- dependency-name: extract-text-webpack-plugin
  dependency-type: direct:development
- dependency-name: file-loader
  dependency-type: direct:development
- dependency-name: sass-loader
  dependency-type: direct:development
- dependency-name: webpack
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/json5-and-css-loader-and-extract-text-webpack-plugin-and-file-loader-and-sass-loader-and-webpack-1.0.2 branch from e58f5ce to d4e2364 Compare May 5, 2023 13:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant