Bump webpack from 5.72.0 to 5.76.0 in /web#4
Conversation
Bumps [webpack](https://github.com/webpack/webpack) from 5.72.0 to 5.76.0. - [Release notes](https://github.com/webpack/webpack/releases) - [Commits](webpack/webpack@v5.72.0...v5.76.0) --- updated-dependencies: - dependency-name: webpack dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
the
dependencies
|
Hi there 👋, @DryRunSecurity here, below is a summary of our analysis and findings.
Note 🟢 Risk threshold not exceeded. Change Summary (click to expand)The following is a summary of changes in this pull request made by me, your security buddy 🤖. Summary: The code change in this pull request is an update to the From an application security perspective, there are no immediate security concerns with this change. Upgrading dependencies is a common practice to keep the application up-to-date and secure. However, it's always important to review the changelog or release notes for the new version of Overall, this code change appears to be a routine dependency update and does not raise any significant application security concerns. Files Changed:
Powered by DryRun Security |
|
Superseded by #24. |
Bumps webpack from 5.72.0 to 5.76.0.
Release notes
Sourced from webpack's releases.
... (truncated)
Commits
97b1718Merge pull request #16781 from askoufis/loader-context-target-typeb84efe6Merge pull request #16759 from ryanwilsonperkin/real-content-hash-regex-perfc98e9e0Merge pull request #16493 from piwysocki/patch-15f34acffeat: AddtargettoLoaderContexttypeb7fc4d8Merge pull request #16703 from ryanwilsonperkin/ryanwilsonperkin/fix-1616063ea82dMerge branch 'webpack:main' into patch-14ba2252Merge pull request #16446 from akhilgkrishnan/patch-11acd635Merge pull request #16613 from jakebailey/ts-logo302eb37Merge pull request #16614 from jakebailey/html5-logocfdb1dfImprove performance of hashRegExp lookupMaintainer changes
This version was pushed to npm by evilebottnawi, a new releaser for webpack since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.