Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade webpack from 5.11.0 to 5.11.1 #532

Merged
merged 1 commit into from Jan 19, 2021
Merged

[Snyk] Upgrade webpack from 5.11.0 to 5.11.1 #532

merged 1 commit into from Jan 19, 2021

Conversation

snyk-bot
Copy link
Contributor

Snyk has created this PR to upgrade webpack from 5.11.0 to 5.11.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 1 version ahead of your current version.
  • The recommended version was released 21 days ago, on 2020-12-28.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Prototype Pollution
SNYK-JS-CACHEBASE-1054631		 476/1000
Why? Recently disclosed, CVSS 8.1		 No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: webpack
  • 5.11.1 - 2020-12-28

    Bugfixes

    • ignore cloned ExportInfo during hashing
      • fixes a problem where changing modules affects hashes in some other part of the application during development
    • fixes compileBooleanMatcher when prefix and suffix overlap
    • fixes invalidate code generated when generating properties access
    • fix object types in typings
    • expose more types regarding Stats
  • 5.11.0 - 2020-12-17

    Features

    • update typings to include undefined/null types (for strict type)
    • export WebpackError
    • export Asset and AssetInfo types
    • allow error configuration for validateSchema function

    Bugfixes

    • fix typings for SourceMapSource
    • allow custom properties in AssetInfo
    • handle undefined values for rule conditions like empty strings
from webpack GitHub release notes
Commit messages
Package name: webpack
  • 98bcf44 5.11.1
  • 2fcb50c Merge pull request #12266 from webpack/bugfix/flanky-hash
  • 6ac0aa5 Merge pull request #12256 from izaera/issue-12255
  • 63856cc get only readonly version of ExportInfo when determining module export type
  • 07fc323 ignore cloned ExportInfo during hashing
  • d1bc21b Merge pull request #12247 from webpack/dependabot/npm_and_yarn/enhanced-resolve-5.4.1
  • a46d781 Merge pull request #12249 from webpack/dependabot/npm_and_yarn/node-notifier-8.0.1
  • 8b68563 slice instead of substring
  • 39adecf fix #12255
  • ae6eaea chore(deps): [security] bump node-notifier from 8.0.0 to 8.0.1
  • 5344a37 chore(deps): bump enhanced-resolve from 5.4.0 to 5.4.1
  • eb58387 Merge pull request #12233 from webpack/bugfix/12232
  • 4387e4d fix #12232
  • 066006a Merge pull request #12230 from webpack/types/improve
  • 284eb60 fix typings for `object` arguments
  • b5b1f25 improve typings for stats related hooks and classes

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

@lholmquist lholmquist merged commit 67d850e into master Jan 19, 2021
@lholmquist lholmquist deleted the snyk-upgrade-5cce1031898a8467b8e8973f42c14d58 branch January 19, 2021 15:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@snyk-bot @lholmquist