Bump the npm_and_yarn group group with 6 updates #5

dependabot · 2024-01-18T18:01:00Z

Bumps the npm_and_yarn group group with 6 updates:

Package	From	To
babel-loader	`6.4.1`	`9.1.3`
css-loader	`0.23.1`	`6.9.0`
file-loader	`0.8.5`	`6.2.0`
markdown-loader	`0.1.7`	`8.0.0`
webpack	`1.15.0`	`5.89.0`
loader-utils	`1.4.0`	`1.4.2`

Updates babel-loader from 6.4.1 to 9.1.3

Release notes

Sourced from babel-loader's releases.

v9.1.3

Security dependency updates

Bump http-cache-semantics from 4.1.0 to 4.1.1 by @dependabot in babel/babel-loader#982

Bump semver from 7.3.2 to 7.5.2 by @dependabot in babel/babel-loader#993

bump find-cache-dir to v4 by @JLHwung in babel/babel-loader#995

New Contributors

@piwysocki made their first contribution in babel/babel-loader#981

@comoser made their first contribution in babel/babel-loader#897

Full Changelog: babel/babel-loader@v9.1.2...v9.1.3

v9.1.2

9.1.1 was a broken release, it didn't include all the commits.

Dependencies updates

Bump qs from 6.5.2 to 6.5.3 by @dependabot in babel/babel-loader#977

Bump json5 from 2.2.1 to 2.2.3 by @dependabot in babel/babel-loader#980

Misc

GitHub Workflows security hardening by @sashashura in babel/babel-loader#976

New Contributors

@sashashura made their first contribution in babel/babel-loader#976

Full Changelog: babel/babel-loader@v9.1.0...v9.1.2

v9.1.0

New features

Pass external dependencies from Babel to Webpack by @nicolo-ribaudo in babel/babel-loader#971

Full Changelog: babel/babel-loader@v9.0.1...v9.1.0

v9.0.1

Bug Fixes

remove "node:" builtin prefix by @JLHwung in babel/babel-loader#970

Full Changelog: babel/babel-loader@v9.0.0...v9.0.1

v9.0.0

What's Changed

update hash method mechanism so it doesn't fail on a fips enabled machine by @darmbrust in babel/babel-loader#939

Require babel ^7.12.0 and Node.js >= 14.15.0 versions by @JLHwung in babel/babel-loader#956

Remove dependency on loader-utils and drop webpack 4 support by @nied in babel/babel-loader#942

New Contributors

@darmbrust made their first contribution in babel/babel-loader#939

@nied made their first contribution in babel/babel-loader#942

... (truncated)

Changelog

Sourced from babel-loader's changelog.

Changelog

For changes in version v7.0.0 and up please go to release

Old Changelog

Commits

b89dfbd 9.1.3
54fb781 Update caniuse
6f300f3 bump find-cache-dir to v4 (#995)
2fd1c0a Bump semver from 7.3.2 to 7.5.2 (#993)
b3682fd Add more exhaustive example on customized-loader (#897)
a797c3b ci: bump actions/checkout (#981)
170350e Bump http-cache-semantics from 4.1.0 to 4.1.1 (#982)
78bd0a1 Update README.md (#987)
c049187 Bump webpack from 5.74.0 to 5.76.0 (#986)
0406d16 9.1.2
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by nicolo-ribaudo, a new releaser for babel-loader since your current version.

Updates css-loader from 0.23.1 to 6.9.0

Release notes

Sourced from css-loader's releases.

v6.9.0

6.9.0 (2024-01-09)

Features

updated generateExportEntry to expose node details (#1556) (05002f3)

Bug Fixes

css experiment detection (#1559) (f2cfe30)

v6.8.1

6.8.1 (2023-05-28)

Bug Fixes

use cause for original errors and warnings (#1526) (ae3d8ae)

v6.8.0

6.8.0 (2023-05-27)

Features

use template literal when it possible to prevent Maximum call stack size exceeded (#1525) (6eb5661)

Bug Fixes

warning and error serialization (#1523) (3e52969)

v6.7.4

6.7.4 (2023-05-19)

Bug Fixes

bugs in css modules (c3099fb)

output warning when built-in CSS support enabled (#1520) (0700ce8)

v6.7.3

6.7.3 (2022-12-14)

Bug Fixes

remove sourceURL from emitted CSS (#1487) (962924c)

... (truncated)

Changelog

Sourced from css-loader's changelog.

6.9.0 (2024-01-09)

Features

updated generateExportEntry to expose node details (#1556) (05002f3)

Bug Fixes

css experiment detection (#1559) (f2cfe30)

6.8.1 (2023-05-28)

Bug Fixes

use cause for original errors and warnings (#1526) (ae3d8ae)

6.8.0 (2023-05-27)

Features

use template literal when it possible to prevent Maximum call stack size exceeded (#1525) (6eb5661)

Bug Fixes

warning and error serialization (#1523) (3e52969)

6.7.4 (2023-05-19)

Bug Fixes

bugs in css modules (c3099fb)

output warning when built-in CSS support enabled (#1520) (0700ce8)

6.7.3 (2022-12-14)

Bug Fixes

remove sourceURL from emitted CSS (#1487) (962924c)

6.7.2 (2022-11-13)

Bug Fixes

... (truncated)

Commits

2d17551 chore(release): 6.9.0
e38116f chore: update dependencies to latest version (#1561)
d09ff73 test: getLocalIdent and node type (#1560)
f2cfe30 fix: css experiment detection (#1559)
1ad3f9f chore: deps update (#1558)
8d32b7f docs: rename esModules -> esModule to match the code (#1548)
05002f3 feat: updated generateExportEntry to expose node details (#1556)
797042c chore: update package dependencies (#1544)
12b7d98 chore(deps-dev): bump @adobe/css-tools from 4.3.1 to 4.3.2 (#1554)
ec9c669 chore: update github action/setup-node (#1552)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for css-loader since your current version.

Updates file-loader from 0.8.5 to 6.2.0

Release notes

Sourced from file-loader's releases.

v6.2.0

6.2.0 (2020-10-27)

Features

added the sourceFilename property to asset info with original filename (#393) (654e0d6)

Bug Fixes

immutable flag when the name option have hash in query string (#392) (381d8bd)

v6.1.1

6.1.1 (2020-10-09)

Chore

update schema-utils

v6.1.0

6.1.0 (2020-08-31)

Features

pass immutable flag to asset info (#383) (40fcde8)

v6.0.0

6.0.0 (2020-03-17)

⚠ BREAKING CHANGES

use md4 by default for hashing (#369) (ad39022)

v5.1.0

5.1.0 (2020-02-19)

Features

support the query template for the name option (#366) (cd8698b)

v5.0.2

5.0.2 (2019-11-25)

Chore

... (truncated)

Changelog

Sourced from file-loader's changelog.

6.2.0 (2020-10-27)

Features

added the sourceFilename property to asset info with original filename (#393) (654e0d6)

Bug Fixes

immutable flag when the name option have hash in query string (#392) (381d8bd)

6.1.1 (2020-10-09)

Chore

update schema-utils

6.1.0 (2020-08-31)

Features

pass immutable flag to asset info (#383) (40fcde8)

6.0.0 (2020-03-17)

⚠ BREAKING CHANGES

use md4 by default for hashing (#369) (ad39022)

5.1.0 (2020-02-19)

Features

support the query template for the name option (#366) (cd8698b)

5.0.2 (2019-11-25)

Chore

add the funding field in package.json

5.0.1 (2019-11-25)

... (truncated)

Commits

c423008 chore(release): 6.2.0
654e0d6 feat: added the sourceFilename property to asset info with original filenam...
381d8bd fix: immutable flag when the name option have hash in query string (#392)
14ed4c9 ci: updated webpack versions (#389)
6fadfbe chore(release): 6.1.1
60508cf chore(deps): update
25e2668 chore(release): 6.1.0
6e22f6e test: fix
40fcde8 feat: pass immutable flag to asset info (#383)
718aef5 chore(deps): update (#375)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for file-loader since your current version.

Updates markdown-loader from 0.1.7 to 8.0.0

Release notes

Sourced from markdown-loader's releases.

v8.0.0

8.0.0 (2022-01-27)

Introduce semantic-release (65e2368)

BREAKING CHANGES

Every call to marked is isolated now. This makes sure that options from the first call won't influence options from the second call. If you've configured the markdown-loader with two different options, you might observe different behavior now. We also removed Node v8 and Node v10 support and support for older webpack versions. Webpack 5 is required now.

v6.0.0

Remove Node v6 support

v5.2.0

Update dependencies

Note: This version is deprecated since it already removed official Node v6 support which should have been published as breaking change

v5.1.0

Update dependencies 3ba52af

Merge pull request #51 from jkinkead/fix_npm_audit b6b35eb

Update dependencies to fix audit breakage. be6e2c2

peerigon/markdown-loader@v5.0.0...v5.1.0

Changelog

Sourced from markdown-loader's changelog.

8.0.0 (2022-01-27)

Introduce semantic-release (65e2368)

BREAKING CHANGES

Every call to marked is isolated now. This makes sure that options from the first call won't influence options from the second call. If you've configured the markdown-loader with two different options, you might observe different behavior now. We also removed Node v8 and Node v10 support and support for older webpack versions. Webpack 5 is required now.

Changelog

7.0.0

Breaking: Update [email protected] to fix security issues (#82)

6.0.0

Remove Node v6 support

5.2.0

Update dependencies

Note: This version is deprecated since it already removed official Node v6 support which should have been published as breaking change

5.1.0

Update dependencies

5.0.0

Update dependencies

Breaking [email protected] @tmorehouse Changelog

switch to snapshot tests @meaku

reduce shipped files via npm @styfle

fix URL to marked repo @styfle

4.0.0

Update dependencies

Breaking [email protected] @robcresswell Changelog

3.0.0

Update dependencies

Breaking [email protected] (@hpohlmeyer) Changelog

use webpack 4.x for tests

update example to use npm version of markdown-loader

2.0.2

... (truncated)

Commits

See full diff in compare view

Maintainer changes

This version was pushed to npm by peeri, a new releaser for markdown-loader since your current version.

Updates webpack from 1.15.0 to 5.89.0

Release notes

Sourced from webpack's releases.

v5.89.0

New Features

Make CommonJS import preserve chained expressions by @bworline in webpack/webpack#17718

Dependencies & Maintenance

chore(deps-dev): bump @types/node from 20.3.1 to 20.4.8 by @dependabot in webpack/webpack#17568

docs: add example for stats detailed output by @ersachin3112 in webpack/webpack#17420

docs: add example for stats normal output by @ersachin3112 in webpack/webpack#17426

chore(deps-dev): bump core-js from 3.31.0 to 3.32.0 by @dependabot in webpack/webpack#17539

chore(deps-dev): bump pretty-format from 29.5.0 to 29.6.2 by @dependabot in webpack/webpack#17536

chore(deps-dev): bump @types/node from 20.4.8 to 20.4.9 by @dependabot in webpack/webpack#17583

chore(deps-dev): bump less from 4.1.3 to 4.2.0 by @dependabot in webpack/webpack#17580

chore(deps): bump semver from 5.7.1 to 5.7.2 by @dependabot in webpack/webpack#17483

chore(deps-dev): bump simple-git from 3.19.0 to 3.19.1 by @dependabot in webpack/webpack#17427

chore(deps-dev): bump @types/node from 20.4.9 to 20.6.0 by @dependabot in webpack/webpack#17666

Full Changelog: webpack/webpack@v5.88.2...v5.89.0

v5.88.2

Bug Fixes

Fixed a bug where unused identifiers should retain names when using css modules by @burhanuday in webpack/webpack#17444

Full Changelog: webpack/webpack@v5.88.1...v5.88.2

v5.88.1

Developer Experience

Significantly improve TypeScript coverage for Library Plugins by @alexander-akait in webpack/webpack#17414

Full Changelog: webpack/webpack@v5.88.0...v5.88.1

v5.88.0

New Features

[CSS] - Use css/auto as the default css mode by @burhanuday in webpack/webpack#17399

Bug Fixes

Fix bugs related to require.context and layer by @alexander-akait in webpack/webpack#17388

Fix bug in runtime for CSS loading by @alexander-akait in webpack/webpack#17400

Correct indirect call for tagged template expressions using correct this context by @alexander-akait in webpack/webpack#17397

Update environment support for KaiOS browser by @steverep in webpack/webpack#17395

Fix async module runtime code for running top-level-await by @ahabhgk in webpack/webpack#17393

Developer Experience

Add example for stats minimal output by @ersachin3112 in webpack/webpack#17406

Significantly improve type coverage for Dependency, Runtime, Template classes by @alexander-akait in webpack/webpack#17394

Dependencies & Maintenance

Bump browserslist from 4.21.8 to 4.21.9 by @dependabot in webpack/webpack#17389

Bump acorn from 8.8.2 to 8.9.0 by @dependabot in webpack/webpack#17402

Bump eslint from 8.42.0 to 8.43.0 by @dependabot in webpack/webpack#17401

... (truncated)

Commits

8766092 5.89.0
21c80e4 Merge pull request #17718 from bworline/require-preserve-chains
b14922c Refactor shared code
dc66572 update types
d36804e update types
d4e8485 initial
1f13ff9 Merge pull request #17666 from webpack/dependabot/npm_and_yarn/types/node-20.6.0
f00e6e2 chore(deps-dev): bump @types/node from 20.4.9 to 20.6.0
853bfda Merge pull request #17427 from webpack/dependabot/npm_and_yarn/simple-git-3.19.1
64707c9 Merge pull request #17483 from webpack/dependabot/npm_and_yarn/semver-5.7.2
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by thelarkinn, a new releaser for webpack since your current version.

Updates loader-utils from 1.4.0 to 1.4.2

Release notes

Sourced from loader-utils's releases.

v1.4.2

1.4.2 (2022-11-11)

Bug Fixes

ReDoS problem (#226) (17cbf8f)

v1.4.1

1.4.1 (2022-11-07)

Bug Fixes

security problem (#220) (4504e34)

Changelog

Sourced from loader-utils's changelog.

1.4.2 (2022-11-11)

Bug Fixes

ReDoS problem (#226) (17cbf8f)

1.4.1 (2022-11-07)

Bug Fixes

security problem (#220) (4504e34)

Commits

331ad50 chore(release): 1.4.2
17cbf8f fix: ReDoS problem (#226)
8f082b3 chore(release): 1.4.1
4504e34 fix: security problem (#220)
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps the npm_and_yarn group group with 6 updates: | Package | From | To | | --- | --- | --- | | [babel-loader](https://github.com/babel/babel-loader) | `6.4.1` | `9.1.3` | | [css-loader](https://github.com/webpack-contrib/css-loader) | `0.23.1` | `6.9.0` | | [file-loader](https://github.com/webpack-contrib/file-loader) | `0.8.5` | `6.2.0` | | [markdown-loader](https://github.com/peerigon/markdown-loader) | `0.1.7` | `8.0.0` | | [webpack](https://github.com/webpack/webpack) | `1.15.0` | `5.89.0` | | [loader-utils](https://github.com/webpack/loader-utils) | `1.4.0` | `1.4.2` | Updates `babel-loader` from 6.4.1 to 9.1.3 - [Release notes](https://github.com/babel/babel-loader/releases) - [Changelog](https://github.com/babel/babel-loader/blob/main/CHANGELOG.md) - [Commits](babel/babel-loader@v6.4.1...v9.1.3) Updates `css-loader` from 0.23.1 to 6.9.0 - [Release notes](https://github.com/webpack-contrib/css-loader/releases) - [Changelog](https://github.com/webpack-contrib/css-loader/blob/master/CHANGELOG.md) - [Commits](webpack/css-loader@v0.23.1...v6.9.0) Updates `file-loader` from 0.8.5 to 6.2.0 - [Release notes](https://github.com/webpack-contrib/file-loader/releases) - [Changelog](https://github.com/webpack-contrib/file-loader/blob/master/CHANGELOG.md) - [Commits](webpack-contrib/file-loader@v0.8.5...v6.2.0) Updates `markdown-loader` from 0.1.7 to 8.0.0 - [Release notes](https://github.com/peerigon/markdown-loader/releases) - [Changelog](https://github.com/peerigon/markdown-loader/blob/main/CHANGELOG.md) - [Commits](https://github.com/peerigon/markdown-loader/commits/v8.0.0) Updates `webpack` from 1.15.0 to 5.89.0 - [Release notes](https://github.com/webpack/webpack/releases) - [Commits](webpack/webpack@v1.15.0...v5.89.0) Updates `loader-utils` from 1.4.0 to 1.4.2 - [Release notes](https://github.com/webpack/loader-utils/releases) - [Changelog](https://github.com/webpack/loader-utils/blob/v1.4.2/CHANGELOG.md) - [Commits](webpack/loader-utils@v1.4.0...v1.4.2) --- updated-dependencies: - dependency-name: babel-loader dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: css-loader dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: file-loader dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: markdown-loader dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: webpack dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: loader-utils dependency-type: indirect dependency-group: npm_and_yarn-security-group ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added the dependencies Pull requests that update a dependency file label Jan 18, 2024

dependabot bot mentioned this pull request Jan 18, 2024

Bump loader-utils, babel-loader, css-loader, file-loader, markdown-loader and webpack #3

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump the npm_and_yarn group group with 6 updates #5

Bump the npm_and_yarn group group with 6 updates #5

Uh oh!

dependabot bot commented on behalf of github Jan 18, 2024

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Bump the npm_and_yarn group group with 6 updates #5

Are you sure you want to change the base?

Bump the npm_and_yarn group group with 6 updates #5

Uh oh!

Conversation

dependabot bot commented on behalf of github Jan 18, 2024

v9.1.3

Security dependency updates

New Contributors

v9.1.2

Dependencies updates

Misc

New Contributors

v9.1.0

New features

v9.0.1

Bug Fixes

v9.0.0

What's Changed

New Contributors

Changelog

Old Changelog

v6.9.0

6.9.0 (2024-01-09)

Features

Bug Fixes

v6.8.1

6.8.1 (2023-05-28)

Bug Fixes

v6.8.0

6.8.0 (2023-05-27)

Features

Bug Fixes

v6.7.4

6.7.4 (2023-05-19)

Bug Fixes

v6.7.3

6.7.3 (2022-12-14)

Bug Fixes

6.9.0 (2024-01-09)

Features

Bug Fixes

6.8.1 (2023-05-28)

Bug Fixes

6.8.0 (2023-05-27)

Features

Bug Fixes

6.7.4 (2023-05-19)

Bug Fixes

6.7.3 (2022-12-14)

Bug Fixes

6.7.2 (2022-11-13)

Bug Fixes

v6.2.0

6.2.0 (2020-10-27)

Features

Bug Fixes

v6.1.1

6.1.1 (2020-10-09)

Chore

v6.1.0

6.1.0 (2020-08-31)

Features

v6.0.0

6.0.0 (2020-03-17)

⚠ BREAKING CHANGES

v5.1.0

5.1.0 (2020-02-19)

Features

v5.0.2

5.0.2 (2019-11-25)

Chore

6.2.0 (2020-10-27)

Features

Bug Fixes

6.1.1 (2020-10-09)

Chore

6.1.0 (2020-08-31)

Features

6.0.0 (2020-03-17)