[Snyk] Upgrade webpack from 5.24.2 to 5.77.0

[snyk-bot]

Snyk has created this PR to upgrade webpack from 5.24.2 to 5.77.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 95 versions ahead of your current version.
• The recommended version was released 24 days ago, on 2023-03-29.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Sandbox Bypass SNYK-JS-WEBPACK-3358798	736/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.3	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: webpack

• 5.77.0 - 2023-03-29
  

  New Features

  • Add a new output option, output.workerPublicPath by @ thomastay in #16671

  Developer Experience

  • Improve resolve.extensions error message to suggest when "." is missing before the extension by @ snitin315 in #16807

  Contributor Experience

  • Enable GitHub Copilot for PR's into default Pull Request Template by @ TheLarkInn in #16881

  New Contributors

  • @ thomastay made their first contribution in #16671

  Full Changelog: v5.76.3...v5.77.0

• 5.76.3 - 2023-03-22
  

  Bugfixes

  • Non-javascript files will correctly not be imported when using experiments.outputModule (ES Module Output) by @ snitin315 in #16809
  • Limit console output progress bar length to 40 when no columns provided by @ snitin315 in #16810
  • Add missing NodeJS Builtin Modules support for inspector/promises, readline/promises, and stream/consumers by @ ShenHongFei in #16841
  • webpack bin/cli now properly respects NODE_PATH env variable by @ snitin315 in #16808
  • Improve typos in resolveResourceErrorHints by @ snitin315 in #16806
  • Add missing loaders token support to moduleFilenameTemplate function call by @ pgoldberg in #16756
  • Add gaurd condition for enabledLibraryTypes in internal ContainerPlugin by @ PengBoUESTC in #16635

  New Contributors

  • @ ShenHongFei made their first contribution in #16841
  • @ pgoldberg made their first contribution in #16756
  • @ PengBoUESTC made their first contribution in #16635

  Full Changelog: v5.76.2...v5.76.3

• 5.76.2 - 2023-03-15
  

  Bugfixes

  • Fix bug where a missing semicolon in generated bundle output for publicPathRuntime would cause concatenated runtime errors by @ snitin315 in #16811
  • Remove redundant semicolons generated in bundle runtime code after onScriptComplete function by @ ahaoboy in #16347
  • Fix bug where RealContentHashPlugin was not respecting output.hashSalt's ability to cause a force recalculation of [contenthash] for emitted assets by @ dmichon-msft #16789

  Performance

  • Improve memory and runtime performance of sourcemaps via hoisting Regular Expression literals to stored variables by @ TheLarkInn in #15722
  • Correct v8 deoptimization in ModuleGraph due to instance property declarations occurring outside of constructor by @ snitin315 in #16830

  Developer Experience

  • Improved internal typings to match webpack-sources typings for Source instances by @ snitin315 in #16805
  • Update repo examples to include missing quotation by @ snitin315 in #16812

  New Contributors

  • @ ahaoboy made their first contribution in #16347

  Full Changelog: v5.76.1...v5.76.2

• 5.76.1 - 2023-03-10
  

  Fixed

  • Added assert/strict built-in to NodeTargetPlugin

  Revert

  • Improve performance of hashRegExp lookup by @ ryanwilsonperkin in #16759
• 5.76.0 - 2023-03-08
  Read more
• 5.75.0 - 2022-11-09
  

  Bugfixes

  • experiments.* normalize to false when opt-out
  • avoid NaN%
  • show the correct error when using a conflicting chunk name in code
  • HMR code tests existance of window before trying to access it
  • fix eval-nosources-* actually exclude sources
  • fix race condition where no module is returned from processing module
  • fix position of standalong semicolon in runtime code

  Features

  • add support for @ import to extenal CSS when using experimental CSS in node
  • add i64 support to the deprecated WASM implementation

  Developer Experience

  • expose EnableWasmLoadingPlugin
  • add more typings
  • generate getters instead of readonly properties in typings to allow overriding them
• 5.74.0 - 2022-07-25
  

  Features

  • add resolve.extensionAlias option which allows to alias extensions
    • This is useful when you are forced to add the .js extension to imports when the file really has a .ts extension (typescript + "type": "module")
  • add support for ES2022 features like static blocks
  • add Tree Shaking support for ProvidePlugin

  Bugfixes

  • fix persistent cache when some build dependencies are on a different windows drive
  • make order of evaluation of side-effect-free modules deterministic between concatenated and non-concatenated modules
  • remove left-over from debugging in TLA/async modules runtime code
  • remove unneeded extra 1s timestamp offset during watching when files are actually untouched
    • This sometimes caused an additional second build which are not really needed
  • fix shareScope option for ModuleFederationPlugin
  • set "use-credentials" also for same origin scripts

  Performance

  • Improve memory usage and performance of aggregating needed files/directories for watching
    • This affects rebuild performance

  Extensibility

  • export HarmonyImportDependency for plugins
• 5.73.0 - 2022-06-02
  

  Features

  • add options for default dynamicImportMode and prefetch and preload
  • add support for import { createRequire } from "module" in source code

  Bugfixes

  • fix code generation of e. g. return"field"in Module
  • fix performance of large JSON modules
  • fix performance of async modules evaluation

  Developer Experience

  • export PathData in typings
  • improve error messages with more details
• 5.72.1 - 2022-05-10
  

  Bugfixes

  • fix __webpack_nonce__ with HMR
  • fix in operator in some cases
  • fix json parsing error messages
  • fix module concatenation with using this.importModule
  • upgrade enhanced-resolve
• 5.72.0 - 2022-04-07
  

  Features

  • make cache warnings caused by build errors less verbose
  • Allow banner to be placed as a footer with the BannerPlugin
  • allow to concatenate asset modules

  Bugfixes

  • fix RemoteModules when using HMR (Module Federation + HMR)
  • throw error when using module concatenation and cacheUnaffected
  • fix in operator with nested exports
• 5.71.0 - 2022-04-01
• 5.70.0 - 2022-03-03
• 5.69.1 - 2022-02-17
• 5.69.0 - 2022-02-15
• 5.68.0 - 2022-01-31
• 5.67.0 - 2022-01-21
• 5.66.0 - 2022-01-12
• 5.65.0 - 2021-12-06
• 5.64.4 - 2021-11-25
• 5.64.3 - 2021-11-24
• 5.64.2 - 2021-11-20
• 5.64.1 - 2021-11-15
• 5.64.0 - 2021-11-11
• 5.63.0 - 2021-11-09
• 5.62.2 - 2021-11-09
• 5.62.1 - 2021-11-05
• 5.62.0 - 2021-11-05
• 5.61.0 - 2021-10-29
• 5.60.0 - 2021-10-25
• 5.59.1 - 2021-10-20
• 5.59.0 - 2021-10-19
• 5.58.2 - 2021-10-13
• 5.58.1 - 2021-10-08
• 5.58.0 - 2021-10-07
• 5.57.1 - 2021-10-05
• 5.57.0 - 2021-10-05
• 5.56.1 - 2021-10-04
• 5.56.0 - 2021-10-01
• 5.55.1 - 2021-09-29
• 5.55.0 - 2021-09-28
• 5.54.0 - 2021-09-24
• 5.53.0 - 2021-09-16
• 5.52.1 - 2021-09-10
• 5.52.0 - 2021-09-03
• 5.51.2 - 2021-09-02
• 5.51.1 - 2021-08-19
• 5.51.0 - 2021-08-19
• 5.50.0 - 2021-08-10
• 5.49.0 - 2021-08-06
• 5.48.0 - 2021-08-02
• 5.47.1 - 2021-07-29
• 5.47.0 - 2021-07-27
• 5.46.0 - 2021-07-22
• 5.45.1 - 2021-07-16
• 5.45.0 - 2021-07-16
• 5.44.0 - 2021-07-08
• 5.43.0 - 2021-07-06
• 5.42.1 - 2021-07-05
• 5.42.0 - 2021-07-02
• 5.41.1 - 2021-06-29
• 5.41.0 - 2021-06-28
• 5.40.0 - 2021-06-21
• 5.39.1 - 2021-06-17
• 5.39.0 - 2021-06-14
• 5.38.1 - 2021-05-27
• 5.38.0 - 2021-05-27
• 5.37.1 - 2021-05-19
• 5.37.0 - 2021-05-10
• 5.36.2 - 2021-04-30
• 5.36.1 - 2021-04-28
• 5.36.0 - 2021-04-27
• 5.35.1 - 2021-04-23
• 5.35.0 - 2021-04-21
• 5.34.0 - 2021-04-19
• 5.33.2 - 2021-04-14
• 5.33.1 - 2021-04-14
• 5.33.0 - 2021-04-14
• 5.32.0 - 2021-04-12
• 5.31.2 - 2021-04-09
• 5.31.1 - 2021-04-09
• 5.31.0 - 2021-04-07
• 5.30.0 - 2021-04-01
• 5.29.0 - 2021-04-01
• 5.28.0 - 2021-03-24
• 5.27.2 - 2021-03-22
• 5.27.1 - 2021-03-20
• 5.27.0 - 2021-03-19
• 5.26.3 - 2021-03-17
• 5.26.2 - 2021-03-16
• 5.26.1 - 2021-03-16
• 5.26.0 - 2021-03-15
• 5.25.1 - 2021-03-14
• 5.25.0 - 2021-03-12
• 5.24.4 - 2021-03-08
• 5.24.3 - 2021-03-03
• 5.24.2 - 2021-02-24

from webpack GitHub release notes

Commit messages

Package name: webpack

• 263f291 5.77.0
• ae9f0e0 Merge pull request #16881 from webpack/feature/beta-test-github-template-copilot-for-pr
• fdcdc2d Pilot the Copilot for PR in default PR template, retain original template
• a3ab4e7 Merge pull request #16807 from snitin315/improve-resolve-extention-error
• d9604e9 refactor: move RegExp to a variable and use RegExp.prototype.test()
• eac5d8c Merge pull request #16671 from thomastay/main
• 8ac9616 5.76.3
• 8c6a1a4 revert weird space issues part 2
• f33c2b0 Merge branch 'webpack:main' into main
• 2cad865 change hash
• 628125f revert weird space issues
• a3f49f3 Merge pull request #16635 from PengBoUESTC/chore/enabledLibraryTypes-opt
• 39fbd73 Merge pull request #16756 from pgoldberg/pgoldberg/addLoadersToModuleFilenameTemplateCall
• 7e5fba3 Merge pull request #16806 from snitin315/fix-typo-in-error
• b604d78 Merge pull request #16808 from snitin315/fix-node-path
• 4a4ba2c Merge pull request #16841 from ShenHongFei/complete-node-builtins
• eadbd7d Merge pull request #16810 from snitin315/fix/progress-length
• 66fe018 fix: complete the missing nodejs builtin modules
• 460ed46 asset hash
• 2822ed3 weird case where snapshots have extra spaces
• 4b4c6a1 update snapshots according to CI
• 9e3f5bb update snapshots and more special lint fix
• f58ff9b fix: do not import non javascript chunks
• dbf7bf3 5.76.2

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs