Bump json5, babel-loader, css-loader, exports-loader, file-loader, imports-loader, url-loader and webpack

[dependabot]

Bumps json5 to 2.2.2 and updates ancestor dependencies json5, babel-loader, css-loader, exports-loader, file-loader, imports-loader, url-loader and webpack. These dependencies need to be updated together.

Updates json5 from 2.1.0 to 2.2.2

Release notes

Sourced from json5's releases.

v2.2.2

• Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1

• Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

v2.2.0

• New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

v2.1.3 [code, diff]

• Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

v2.1.2

• Fix: Bump minimist to v1.2.5. (#222)

v2.1.1

• New: package.json and package.json5 include a module property so bundlers like webpack, rollup and parcel can take advantage of the ES Module build. (#208)
• Fix: stringify outputs \0 as \\x00 when followed by a digit. (#210)
• Fix: Spelling mistakes have been fixed. (#196)

Changelog

Sourced from json5's changelog.

v2.2.2 [code, diff]

• Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

• Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

v2.2.0 [code, diff]

• New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

v2.1.3 [code, diff]

• Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

v2.1.2 [code, diff]

• Fix: Bump minimist to v1.2.5. (#222)

v2.1.1 [code, diff]

• New: package.json and package.json5 include a module property so bundlers like webpack, rollup and parcel can take advantage of the ES Module build. (#208)
• Fix: stringify outputs \0 as \\x00 when followed by a digit. (#210)
• Fix: Spelling mistakes have been fixed. (#196)

Commits

• 14f8cb1 2.2.2
• 10cc7ca docs: update CHANGELOG for v2.2.2
• 7774c10 fix: add proto to objects and arrays
• edde30a Readme: slight tweak to intro
• 97286f8 Improve example in readme
• d720b4f Improve readme (e.g. explain JSON5 better!) (#291)
• 910ce25 docs: fix spelling of Aseem
• 2aab4dd test: require tap as t in cli tests
• 6d42686 test: remove mocha syntax from tests
• 4798b9d docs: update installation and usage for modules
• Additional commits viewable in compare view

Updates babel-loader from 7.1.4 to 9.1.0

Release notes

Sourced from babel-loader's releases.

v9.1.0

New features

• Pass external dependencies from Babel to Webpack by @​nicolo-ribaudo in babel/babel-loader#971

Full Changelog: babel/babel-loader@v9.0.1...v9.1.0

v9.0.1

Bug Fixes

• remove "node:" builtin prefix by @​JLHwung in babel/babel-loader#970

Full Changelog: babel/babel-loader@v9.0.0...v9.0.1

v9.0.0

What's Changed

• update hash method mechanism so it doesn't fail on a fips enabled machine by @​darmbrust in babel/babel-loader#939
• Require babel ^7.12.0 and Node.js >= 14.15.0 versions by @​JLHwung in babel/babel-loader#956
• Remove dependency on loader-utils and drop webpack 4 support by @​nied in babel/babel-loader#942

New Contributors

• @​darmbrust made their first contribution in babel/babel-loader#939
• @​nied made their first contribution in babel/babel-loader#942

Full Changelog: babel/babel-loader@v8.2.5...v9.0.0

v8.3.0

New features

• Pass external dependencies from Babel to Webpack by @​nicolo-ribaudo in babel/babel-loader#971

Full Changelog: babel/babel-loader@v8.2.5...v8.3.0

v8.2.5

What's Changed

• fix: respect inputSourceMap loader option by @​alan-agius4 in babel/babel-loader#896

New Contributors

• @​alan-agius4 made their first contribution in babel/babel-loader#896

Full Changelog: babel/babel-loader@v8.2.4...v8.2.5

v8.2.4

What's Changed

• doc(README.md): fix a broken markdown link by @​loveDstyle in babel/babel-loader#919
• Bump loader-utils to 2.x by @​stianjensen in babel/babel-loader#931
• Use md5 hashing for OpenSSL 3 by @​pathmapper in babel/babel-loader#924

Thanks @​loveDstyle, @​stianjensen and @​pathmapper for your first PRs!

8.2.3

... (truncated)

Commits

• 15fbacf 9.1.0
• 6348e1c Pass external dependencies from Babel to Webpack (#971)
• 457b9ad Update webpack
• f42ac9b 9.0.1
• 4f9c0bf remove "node:" builtin prefix (#970)
• 9ff288f 9.0.0
• 006a3dc Update README.md
• daed88a Update README.md
• 0ed5fd6 Bump ini from 1.3.5 to 1.3.8 (#968)
• b1749e3 Bump y18n from 4.0.0 to 4.0.3 (#967)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by nicolo-ribaudo, a new releaser for babel-loader since your current version.

Updates css-loader from 0.28.11 to 6.7.3

Release notes

Sourced from css-loader's releases.

v6.7.3

6.7.3 (2022-12-14)

Bug Fixes

• remove sourceURL from emitted CSS (#1487) (962924c)

v6.7.2

6.7.2 (2022-11-13)

Bug Fixes

• css modules generation with inline syntax (#1480) (2f4c273)

v6.7.1

6.7.1 (2022-03-08)

Bug Fixes

• defaultGetLocalIdent export (#1427) (74dac1e)

v6.7.0

6.7.0 (2022-03-04)

Features

• re-export defaultGetLocalIdent (#1423) (207cf36)

v6.6.0

6.6.0 (2022-02-02)

Features

• added the hashStrategy option (ca4abce)

v6.5.1

6.5.1 (2021-11-03)

Bug Fixes

• regression with unicode characters in locals (b7a8441)
• runtime path generation (#1393) (feafea8)

v6.5.0

... (truncated)

Changelog

Sourced from css-loader's changelog.

6.7.3 (2022-12-14)

Bug Fixes

• remove sourceURL from emitted CSS (#1487) (962924c)

6.7.2 (2022-11-13)

Bug Fixes

• css modules generation with inline syntax (#1480) (2f4c273)

6.7.1 (2022-03-08)

Bug Fixes

• defaultGetLocalIdent export (#1427) (74dac1e)

6.7.0 (2022-03-04)

Features

• re-export defaultGetLocalIdent (#1423) (207cf36)

6.6.0 (2022-02-02)

Features

• added the hashStrategy option (ca4abce)

6.5.1 (2021-11-03)

Bug Fixes

• regression with unicode characters in locals (b7a8441)
• runtime path generation (#1393) (feafea8)

6.5.0 (2021-10-26)

Features

• support absolute URL in url() when experiments.buildHttp enabled (#1389) (8946be4)

... (truncated)

Commits

• ef749f2 chore(release): 6.7.3
• 36fb945 chore: fix cspell
• 962924c fix: remove sourceURL from emitted CSS (#1487)
• 3f3f302 chore(deps): bump decode-uri-component from 0.2.0 to 0.2.2 (#1486)
• 04ca713 chore: update dependencies to the latest version (#1485)
• 9449827 chore: update styfle/cancel-workflow-action (#1484)
• 6c67af8 chore: add cSpell to check spelling issues (#1482)
• 239b9ac chore(deps): bump loader-utils from 2.0.3 to 2.0.4 (#1481)
• 394d200 chore(release): 6.7.2
• 2f4c273 fix: css modules generation with inline syntax (#1480)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for css-loader since your current version.

Updates exports-loader from 0.7.0 to 4.0.0

Release notes

Sourced from exports-loader's releases.

v4.0.0

4.0.0 (2022-05-17)

⚠ BREAKING CHANGES

• minimum supported Node.js version is 14.15.0

v3.1.0

3.1.0 (2021-10-21)

Features

• output helpful descriptions and links on errors (#66) (ba96dda)

v3.0.0

3.0.0 (2021-05-17)

⚠ BREAKING CHANGES

• minimum supported Node.js version is 12.13.0

v2.0.0

2.0.0 (2021-01-11)

⚠ BREAKING CHANGES

• minimum supported webpack version is 5 (#58) (9176392)
• inline syntax was changed: [] is no longer supported (i.e. exports-loader?exports[]=myVariable&exports[]=myFunction!./file.js), please use , (i.e. exports-loader?exports=myVariable,myFunction!./file.js)
• removed filename template support for export names and aliases (i.e. [name]) due unstable behaviour in some cases and very rarely used

v1.1.1

1.1.1 (2020-10-09)

Chore

• update schema-utils

v1.1.0

1.1.0 (2020-06-24)

Features

• "|" character can be used as delimiter for inline string syntax (#46) (e0bc930)

v1.0.1

... (truncated)

Changelog

Sourced from exports-loader's changelog.

4.0.0 (2022-05-17)

⚠ BREAKING CHANGES

• minimum supported Node.js version is 14.15.0

3.1.0 (2021-10-21)

Features

• output helpful descriptions and links on errors (#66) (ba96dda)

3.0.0 (2021-05-17)

⚠ BREAKING CHANGES

• minimum supported Node.js version is 12.13.0

2.0.0 (2021-01-11)

⚠ BREAKING CHANGES

• minimum supported webpack version is 5 (#58) (9176392)
• inline syntax was changed: [] is no longer supported (i.e. exports-loader?exports[]=myVariable&exports[]=myFunction!./file.js), please use , (i.e. exports-loader?exports=myVariable,myFunction!./file.js)
• removed filename template support for export names and aliases (i.e. [name]) due unstable behaviour in some cases and very rarely used

1.1.1 (2020-10-09)

Chore

• update schema-utils

1.1.0 (2020-06-24)

Features

• "|" character can be used as delimiter for inline string syntax (#46) (e0bc930)

1.0.1 (2020-06-17)

Bug Fixes

• better error reporting (#44) (0397393)

... (truncated)

Commits

• 3c874f8 chore(release): 4.0.0
• b29c4e7 chore(deps): update (#92)
• cbe0f2f refactor!: minimum supported Node.js version is 14.15.0 (#90)
• 11d071f chore: update gitub actions (#91)
• 04593af chore: upgrade dependencies to the latest version (#87)
• 48d6b59 ci: add node v18 to test workflow (#86)
• 862f3d4 ci: don't install webpack again (#85)
• 96056bd chore(deps): bump minimist from 1.2.5 to 1.2.6 (#84)
• f20eb4d chore: upgrade dependencies to the latest version (#83)
• 8cfd7e7 chore: replace deprecated String.prototype.substr() (#82)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for exports-loader since your current version.

Updates file-loader from 1.1.11 to 6.2.0

Release notes

Sourced from file-loader's releases.

v6.2.0

6.2.0 (2020-10-27)

Features

• added the sourceFilename property to asset info with original filename (#393) (654e0d6)

Bug Fixes

• immutable flag when the name option have hash in query string (#392) (381d8bd)

v6.1.1

6.1.1 (2020-10-09)

Chore

• update schema-utils

v6.1.0

6.1.0 (2020-08-31)

Features

• pass immutable flag to asset info (#383) (40fcde8)

v6.0.0

6.0.0 (2020-03-17)

⚠ BREAKING CHANGES

• use md4 by default for hashing (#369) (ad39022)

v5.1.0

5.1.0 (2020-02-19)

Features

• support the query template for the name option (#366) (cd8698b)

v5.0.2

5.0.2 (2019-11-25)

Chore

... (truncated)

Changelog

Sourced from file-loader's changelog.

6.2.0 (2020-10-27)

Features

• added the sourceFilename property to asset info with original filename (#393) (654e0d6)

Bug Fixes

• immutable flag when the name option have hash in query string (#392) (381d8bd)

6.1.1 (2020-10-09)

Chore

• update schema-utils

6.1.0 (2020-08-31)

Features

• pass immutable flag to asset info (#383) (40fcde8)

6.0.0 (2020-03-17)

⚠ BREAKING CHANGES

• use md4 by default for hashing (#369) (ad39022)

5.1.0 (2020-02-19)

Features

• support the query template for the name option (#366) (cd8698b)

5.0.2 (2019-11-25)

Chore

• add the funding field in package.json

5.0.1 (2019-11-25)

... (truncated)

Commits

• c423008 chore(release): 6.2.0
• 654e0d6 feat: added the sourceFilename property to asset info with original filenam...
• 381d8bd fix: immutable flag when the name option have hash in query string (#392)
• 14ed4c9 ci: updated webpack versions (#389)
• 6fadfbe chore(release): 6.1.1
• 60508cf chore(deps): update
• 25e2668 chore(release): 6.1.0
• 6e22f6e test: fix
• 40fcde8 feat: pass immutable flag to asset info (#383)
• 718aef5 chore(deps): update (#375)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for file-loader since your current version.

Updates imports-loader from 0.8.0 to 4.0.1

Release notes

Sourced from imports-loader's releases.

v4.0.1

4.0.1 (2022-08-12)

Bug Fixes

• source map for other loaders (#146) (5a1f866)

v4.0.0

4.0.0 (2022-05-17)

⚠ BREAKING CHANGES

• minimum supported Node.js version is 14.15.0

v3.1.1

3.1.1 (2021-11-01)

Bug Fixes

• sourcemaps generation (#113) (6f948c2)

v3.1.0

3.1.0 (2021-10-22)

Features

• output links and descriptions on errors (#110) (b86cb8b)

v3.0.1

3.0.1 (2021-10-21)

Bug Fixes

• small perf improvement (#860) (7fabfab)

v3.0.0

3.0.0 (2021-05-18)

⚠ BREAKING CHANGES

• minimum supported Node.js version is 12.13.0

v2.0.0

2.0.0 (2021-02-01)

... (truncated)

Changelog

Sourced from imports-loader's changelog.

4.0.1 (2022-08-12)

Bug Fixes

• source map for other loaders (#146) (5a1f866)

4.0.0 (2022-05-17)

⚠ BREAKING CHANGES

• minimum supported Node.js version is 14.15.0

3.1.1 (2021-11-01)

Bug Fixes

• sourcemaps generation (#113) (6f948c2)

3.1.0 (2021-10-22)

Features

• output links and descriptions on errors (#110) (b86cb8b)

3.0.1 (2021-10-21)

Bug Fixes

• small perf improvement (#860) (7fabfab)

3.0.0 (2021-05-18)

⚠ BREAKING CHANGES

• minimum supported Node.js version is 12.13.0

2.0.0 (2021-02-01)

⚠ BREAKING CHANGES

• minimum supported webpack version is 5
• inline syntax was changed: [] is no longer supported (i.e. imports-loader?imports[]=default|jquery|$&imports[]=angular!./example.js), please use , comma separator (i.e. imports-loader?imports=default|jquery|$,angular!./example.js)

1.2.0 (2020-10-07)

... (truncated)

Commits

• 1ff803f chore(release): 4.0.1
• 5a1f866 fix: source map for other loaders (#146)
• b90be51 chore: update dependencies to the latest version (#145)
• 249666e ci: add GitHub token permissions for workflow (#144)
• 44c5031 chore(deps): bump terser from 5.13.1 to 5.14.2 (#143)
• 1d8f8c3 chore: update dependencies to the latest version (#140)
• adbbb1d docs: update note in README.md (#138)
• 8c4ad54 chore: disable commit message length check (#137)
• 7c35d20 chore: update dependencies to the latest version (#136)
• 8242b29 docs: remove old badge (#135)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for imports-loader since your current version.

Updates url-loader from 1.0.1 to 4.1.1

Release notes

Sourced from url-loader's releases.

v4.1.1

4.1.1 (2020-10-09)

Chore

• update schema-utils

v4.1.0

4.1.0 (2020-04-08)

Features

• the mimetype option can be Boolean
• added the encoding option
• added the generator option

v4.0.0

4.0.0 (2020-03-17)

⚠ BREAKING CHANGES

• deps: migrate on mime-types package, some rare types may have other mimetype

v3.0.0

3.0.0 (2019-11-26)

BREAKING CHANGES

• minimum required nodejs version is 10.13.0
• rename the esModules option to esModule
• switch to ES modules by default (the option esModule is true by default)

v2.3.0

2.3.0 (2019-11-21)

Features

• new esModules option to output ES modules (0ee2b99)

v2.2.0

2.2.0 (2019-10-04)

Features

• limit allow using Infinity and Number (#192) (2bffcfd)

... (truncated)

Changelog

Sourced from url-loader's changelog.

4.1.1 (2020-10-09)

Chore

• update schema-utils

4.1.0 (2020-04-08)

Features

• the mimetype option can be Boolean
• added the encoding option
• added the generator option

4.0.0 (2020-03-17)

⚠ BREAKING CHANGES

• deps: migrate on mime-types package, some rare types may have other mimetype

Bug Fixes

• description on the esModule option (#204) (a2f127d)

• deps: migrate on mime-types package (#209) (fc8721f)

3.0.0 (2019-11-26)

BREAKING CHANGES

• minimum required nodejs version is 10.13.0
• rename the esModules option to esModule
• switch to ES modules by default (the option esModule is true by default)

2.3.0 (2019-11-21)

Features

• new esModules option to output ES modules (0ee2b99)

2.2.0 (2019-10-04)

Features

... (truncated)

Commits

• acf4eb1 chore(release): 4.1.1
• 20c744b chore(deps): update (#220)
• 1811901 chore: remove unnecessary deps
• 35eeed1 ci: migrate on github actions (#213)
• 06d270a chore(release): 4.1.0
• 488b6ec refactor: code (#212)
• 36f1354 feat: add encoding & generator options (#210)
• 8828d64 chore(release): 4.0.0
• fc8721f chore(deps): migrate on mime-types package (#209)
• f13757a chore(deps): update (#208)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for url-loader since your current version.

Updates webpack from 4.6.0 to 5.75.0

Release notes

Sourced from webpack's releases.

v5.75.0

Bugfixes

• experiments.* normalize to false when opt-out
• avoid NaN%
• show the correct error when using a conflicting chunk name in code
• HMR code tests existance of window before trying to access it
• fix eval-nosources-* actually exclude sources
• fix race condition where no module is returned from processing module
• fix position of standalong semicolon in runtime code

Features

• add support for @import to extenal CSS when using experimental CSS in node
• add i64 support to the deprecated WASM implementation

Developer Experience

• expose EnableWasmLoadingPlugin
• add more typings
• generate getters instead of readonly properties in typings to allow overriding them

v5.74.0

Features

• add resolve.extensionAlias option which allows to alias extensions
  • This is useful when you are forced to add the .js extension to imports when the file really has a .ts extension (typescript + "type": "module")
• add support for ES2022 features like static blocks
• add Tree Shaking support for ProvidePlugin

Bugfixes

• fix persistent cache when some build dependencies are on a different windows drive
• make order of evaluation of side-effect-free modules deterministic between concatenated and non-concatenated modules
• remove left-over from debugging in TLA/async modules runtime code
• remove unneeded extra 1s timestamp offset during watching when files are actually untouched
  • This sometimes caused an additional second build which are not really needed
• fix shareScope option for ModuleFederationPlugin
• set "use-credentials" also for same origin scripts

Performance

• Improve memory usage and performance of aggregating needed files/directories for watching
  • This affects rebuild performance

Extensibility

• export HarmonyImportDependency for plugins

v5.73.0

... (truncated)

Commits

• 8241da7 5.75.0
• a91d923 Merge pull request #16458 from webpack/bugfix/semi
• 4608b11 Merge pull request #16457 from webpack/tooling/update
• dfdd0b0 Merge pull request #16122 from AnmolBansalDEV/bug/compilationCallback
• 23b9a1c Merge pull request #16167 from exposir/fixts
• 6f2c5e8 Merge pull request #16257 from alexzhang1030/calc_deterministic_verbose
• f7f36ad Merge pull request #16339 from Liamolucko/wasm-i64
• 761a542 fix semicolon position
• 2403a36 Merge pull request #16345 from ahabhgk/fix-eval-nosources
• c18203c update tooling
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

[netlify]

❌ Deploy Preview for goofy-clarke-07fcdf failed.

Name	Link
🔨 Latest commit	7f0aa34
🔍 Latest deploy log	https://app.netlify.com/sites/goofy-clarke-07fcdf/deploys/63ada9a07deb150008d3a754