Skip to content
This repository was archived by the owner on Jul 8, 2023. It is now read-only.

Bump webpack and webpack-cli #284

Closed
dependabot-preview wants to merge 1 commit into from
Closed

Bump webpack and webpack-cli #284

dependabot-preview wants to merge 1 commit into from

Conversation

@dependabot-preview
Copy link
Contributor

@dependabot-preview dependabot-preview bot commented Apr 30, 2021
edited
Loading

Bumps webpack and webpack-cli. These dependencies needed to be updated together.
Updates webpack from 4.46.0 to 5.36.1

Release notes

Sourced from webpack's releases.

v5.36.1

Performance

  • add cache.profile (type: "filesystem" only) flag for more info about (de)serialization timings
  • avoid complex "by exports" splitting for splitChunks in development mode
  • faster hashing for the common case
  • improve algorithmic complexity for merging InitFragments to solve performance in an edge case

v5.36.0

Features

  • add support for class fields (stage 4)

Performance

  • improve (de)serialization performance of dependency locations

v5.35.1

Bugfixes

  • fix an __webpack_exports__ is not defined error with some library types

performance

  • improve stats grouping performance
  • improve providedExports analysis performance
  • improve hashing performance
  • lazy merge dependencies from creating context modules
  • improve dependency parents access performance

v5.35.0

Bugfixes

  • fix handling of build dependencies with # in path

Performance

  • improve memory usage when using the filesystem cache

When reading a file into a Buffer and picking smaller slices of the Buffer the small slices still keep a reference to the large original Buffer. The leads to increased memory usage. A fix would be to clone the slice into a smaller Buffer when wasting too much memory, but this has a performance cost. There is now a new option cache.allowCollectingMemory which controls that. For one-off builds you probably want allowCollectingMemory: false and for watch builds you probably want allowCollectingMemory: true. It defaults to false in production mode and true in development mode.

v5.34.0

Features

... (truncated)

Commits
  • e9de77a 5.36.1
  • 24fa101 Merge pull request #13239 from webpack/ci/node-16
  • f199f5d Merge pull request #13200 from webpack/dependabot/npm_and_yarn/browserslist-4...
  • b65f900 Merge pull request #13227 from webpack/dependabot/npm_and_yarn/tooling-v1.18.0
  • 7e5f64d Merge pull request #13216 from webpack/dependabot/npm_and_yarn/eslint-7.25.0
  • 11b5c2e Merge pull request #13251 from webpack/dependabot/npm_and_yarn/types/node-15.0.1
  • c5f8df4 Merge pull request #13255 from webpack/dependabot/npm_and_yarn/eslint-plugin-...
  • d009b13 Merge pull request #13250 from webpack/perf/wip2
  • 2bcf0c2 fix test cases for node 16
  • 91b9c82 chore(deps-dev): bump eslint-plugin-jsdoc from 32.3.0 to 32.3.3
  • Additional commits viewable in compare view

Updates webpack-cli from 3.3.12 to 4.6.0

Release notes

Sourced from webpack-cli's releases.

v4.6.0

4.6.0 (2021-03-27)

Bug Fixes

Features

  • added WEBPACK_PACKAGE env var to use custom webpack package (#2556) (3d1e485)
  • added WEBPACK_CLI_SKIP_IMPORT_LOCAL env var to skip local import (#2546) (e130822)
  • allow string value for the --hot option (#2444) (8656e78)
  • display used config path when logging level=log (#2431) (f8406e1)

v4.5.0

4.5.0 (2021-02-02)

Notes

  • now you can use webpack.config.mjs and webpack.config.js with { "type": "module" } in package.json
  • you can avoid using the cross-env package:

Before:

{
    "scripts": {
        "build": "cross-env NODE_ENV=production webpack --config build/webpack.config.js"
    }
}

Now (you can remove the cross-env if you don't use it somewhere else):

{
    "scripts": {
        "build": "webpack --node-env=production --config build/webpack.config.js"
    }
}
  • the mode option respect the --node-env option if you don't set the mode option explicit using CLI options or in configuration(s), i.e. --node-env production set process.env.NODE_ENV and mode to production

Bug Fixes

  • avoid deprecation message (9d6dbda)
  • error message on invalid plugin options (#2380) (f9ce1d3)

... (truncated)

Changelog

Sourced from webpack-cli's changelog.

4.6.0 (2021-03-27)

Bug Fixes

Features

  • added WEBPACK_PACKAGE env var to use custom webpack package (#2556) (3d1e485)
  • added WEBPACK_CLI_SKIP_IMPORT_LOCAL env var to skip local import (#2546) (e130822)
  • allow string value for the --hot option (#2444) (8656e78)
  • display used config path when logging level=log (#2431) (f8406e1)

4.5.0 (2021-02-02)

Notes

  • now you can use webpack.config.mjs and webpack.config.js with { "type": "module" } in package.json
  • you can avoid using the cross-env package:

Before:

{
    "scripts": {
        "build": "cross-env NODE_ENV=production webpack --config build/webpack.config.js"
    }
}

Now (you can remove the cross-env if you don't use it somewhere else):

{
    "scripts": {
        "build": "webpack --node-env=production --config build/webpack.config.js"
    }
}
  • the mode option respect the --node-env option if you don't set the mode option explicit using CLI options or in configuration(s), i.e. --node-env production set process.env.NODE_ENV and mode to production

Bug Fixes

  • avoid deprecation message (9d6dbda)
  • error message on invalid plugin options (#2380) (f9ce1d3)
  • improve description for 'configtest' command (#2379) (311bae3)

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

@dependabot-preview
Bump webpack and webpack-cli
328cf30 
Bumps [webpack](https://github.com/webpack/webpack) and [webpack-cli](https://github.com/webpack/webpack-cli). These dependencies needed to be updated together.

Updates `webpack` from 4.46.0 to 5.36.1
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](webpack/webpack@v4.46.0...v5.36.1)

Updates `webpack-cli` from 3.3.12 to 4.6.0
- [Release notes](https://github.com/webpack/webpack-cli/releases)
- [Changelog](https://github.com/webpack/webpack-cli/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack/webpack-cli/compare/v3.3.12...webpack-cli@4.6.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
@dependabot-preview dependabot-preview bot added the dependencies Pull requests that update a dependency file label Apr 30, 2021
@dependabot-preview dependabot-preview bot mentioned this pull request Apr 30, 2021
Closed
@dependabot-preview
Copy link
Contributor Author

dependabot-preview bot commented Jun 8, 2021

Superseded by #301.

@dependabot-preview dependabot-preview bot deleted the dependabot/npm_and_yarn/webpack-and-webpack-cli-5.36.1 branch June 8, 2021 11:10
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant