Skip to content

build(deps-dev): bump webpack from 5.107.2 to 5.108.1#7619

Merged
Steve-Mcl merged 3 commits into
mainfrom
dependabot/npm_and_yarn/webpack-5.108.1
Jun 29, 2026
Merged

build(deps-dev): bump webpack from 5.107.2 to 5.108.1#7619
Steve-Mcl merged 3 commits into
mainfrom
dependabot/npm_and_yarn/webpack-5.108.1

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 29, 2026

Copy link
Copy Markdown
Contributor

Bumps webpack from 5.107.2 to 5.108.1.

Release notes

Sourced from webpack's releases.

v5.108.1

Patch Changes

  • Fix invalid property access for escaped namespace imports with multi-character mangled export names. (by @​xiaoxiaojx in #21280)

  • Add frames to ProfilingPlugin TracingStartedInBrowser event so the trace loads in Chrome DevTools. (by @​alexander-akait in #21269)

v5.108.0

Minor Changes

  • Treat top-level await and import.meta as ES module markers, matching Node.js syntax detection so no explicit module type is needed. (by @​alexander-akait in #21218)

  • Add a bun target that emits ESM and externalizes bun:* and node.js built-in modules. (by @​alexander-akait in #21248)

  • Support CommonJS reexports via Object.defineProperty value and getter descriptors. (by @​alexander-akait in #21129)

  • Support JSON Schema const when generating CLI flags from a schema. (by @​alexander-akait in #21087)

  • Support JSON Schema if/then/else when generating CLI flags from a schema. (by @​alexander-akait in #21087)

  • Skip import specifiers, require() and import() calls in dead conditional branches gated by inlined imported constants (isDEV ? A : B), evaluated via getCondition. (by @​hai-x in #21136)

  • CSS localIdentName [hash] now resolves to the local ident hash (matching css-loader); use [modulehash] for the module hash. (by @​alexander-akait in #21259)

  • Add CSS parser as option and resolve url() inside HTML style attributes. (by @​alexander-akait in #21157)

  • Add dedicated module classes for all built-in module types. (by @​alexander-akait in #21164)

  • Support .html/.css for the default ./src entry under the html/css experiments. (by @​alexander-akait in #21039)

  • Add defineConfig helper for typed configuration files. (by @​alexander-akait in #21169)

  • Add a deno target (with versions, e.g. deno, deno2, deno1.40) that emits ESM, resolves node.js built-ins via the required node: specifier, and keeps Deno's own import protocols (npm:, jsr:, node:, http(s)://) external. (by @​alexander-akait in #21247)

  • Use module-import for electron externals when the target supports ESM. (by @​alexander-akait in #21184)

  • Add output.environment.logicalAssignment to emit ||= in runtime code when the target supports logical assignment operators. (by @​bjohansebas in #21219)

  • Resolve and rewrite asset URLs inside <iframe srcdoc> in HTML modules. (by @​bjohansebas in #21226)

  • Add HMR support for HTML modules with body/title DOM patching on update. (by @​alexander-akait in #21011)

  • Add css-url html source type extracting url() references from CSS-valued attributes. (by @​alexander-akait in #21250)

  • Add module.parser.html.sources option to disable or customize URL-attribute extraction for HTML modules, with script / script-module / stylesheet / stylesheet-inline types for custom attributes (by @​alexander-akait in #21022)

  • Add module.parser.html.template option to transform HTML module source before parsing. (by @​alexander-akait in #21055)

  • Extract more source URLs in HTML modules (SVG, legacy and obsolete attributes). (by @​alexander-akait in #21241)

... (truncated)

Changelog

Sourced from webpack's changelog.

5.108.1

Patch Changes

  • Fix invalid property access for escaped namespace imports with multi-character mangled export names. (by @​xiaoxiaojx in #21280)

  • Add frames to ProfilingPlugin TracingStartedInBrowser event so the trace loads in Chrome DevTools. (by @​alexander-akait in #21269)

5.108.0

Minor Changes

  • Treat top-level await and import.meta as ES module markers, matching Node.js syntax detection so no explicit module type is needed. (by @​alexander-akait in #21218)

  • Add a bun target that emits ESM and externalizes bun:* and node.js built-in modules. (by @​alexander-akait in #21248)

  • Support CommonJS reexports via Object.defineProperty value and getter descriptors. (by @​alexander-akait in #21129)

  • Support JSON Schema const when generating CLI flags from a schema. (by @​alexander-akait in #21087)

  • Support JSON Schema if/then/else when generating CLI flags from a schema. (by @​alexander-akait in #21087)

  • Skip import specifiers, require() and import() calls in dead conditional branches gated by inlined imported constants (isDEV ? A : B), evaluated via getCondition. (by @​hai-x in #21136)

  • CSS localIdentName [hash] now resolves to the local ident hash (matching css-loader); use [modulehash] for the module hash. (by @​alexander-akait in #21259)

  • Add CSS parser as option and resolve url() inside HTML style attributes. (by @​alexander-akait in #21157)

  • Add dedicated module classes for all built-in module types. (by @​alexander-akait in #21164)

  • Support .html/.css for the default ./src entry under the html/css experiments. (by @​alexander-akait in #21039)

  • Add defineConfig helper for typed configuration files. (by @​alexander-akait in #21169)

  • Add a deno target (with versions, e.g. deno, deno2, deno1.40) that emits ESM, resolves node.js built-ins via the required node: specifier, and keeps Deno's own import protocols (npm:, jsr:, node:, http(s)://) external. (by @​alexander-akait in #21247)

  • Use module-import for electron externals when the target supports ESM. (by @​alexander-akait in #21184)

  • Add output.environment.logicalAssignment to emit ||= in runtime code when the target supports logical assignment operators. (by @​bjohansebas in #21219)

  • Resolve and rewrite asset URLs inside <iframe srcdoc> in HTML modules. (by @​bjohansebas in #21226)

  • Add HMR support for HTML modules with body/title DOM patching on update. (by @​alexander-akait in #21011)

  • Add css-url html source type extracting url() references from CSS-valued attributes. (by @​alexander-akait in #21250)

  • Add module.parser.html.sources option to disable or customize URL-attribute extraction for HTML modules, with script / script-module / stylesheet / stylesheet-inline types for custom attributes (by @​alexander-akait in #21022)

  • Add module.parser.html.template option to transform HTML module source before parsing. (by @​alexander-akait in #21055)

... (truncated)

Commits
  • da91761 chore(release): new release (#21284)
  • b6c9fcf chore: move members to emeritus (#21281)
  • 062aa20 Fix invalid property access for escaped namespace with mangled exports (#21280)
  • ed9fa71 fix: render ProfilingPlugin trace in Chrome DevTools (#21269)
  • 322b060 chore(release): new release (#21037)
  • 03a0433 test: run AbstractMethodError and parseJson unit tests under Bun (#21273)
  • e7202b4 chore(deps): bump the dependencies group with 3 updates (#21270)
  • 9a51ee1 fix(html): run the any-other-end-tag fallback for a marker-shielded nobr (#21...
  • a040ac1 test: cap Node jest worker memory and fix harness teardown leaks (#21268)
  • 7c81bde Re-encode inline hash digests ([contenthash]/[chunkhash]/[fullhash]/[moduleha...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [webpack](https://github.com/webpack/webpack) from 5.107.2 to 5.108.1.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Changelog](https://github.com/webpack/webpack/blob/main/CHANGELOG.md)
- [Commits](webpack/webpack@v5.107.2...v5.108.1)

---
updated-dependencies:
- dependency-name: webpack
  dependency-version: 5.108.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jun 29, 2026
@Steve-Mcl Steve-Mcl enabled auto-merge (squash) June 29, 2026 16:40
@codecov

codecov Bot commented Jun 29, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 77.15%. Comparing base (7907ab1) to head (85dba1f).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files
@@           Coverage Diff           @@
##             main    #7619   +/-   ##
=======================================
  Coverage   77.15%   77.15%           
=======================================
  Files         413      413           
  Lines       21207    21207           
  Branches     5167     5167           
=======================================
  Hits        16362    16362           
  Misses       4845     4845           
Flag Coverage Δ
backend 77.15% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@Steve-Mcl Steve-Mcl merged commit 3160939 into main Jun 29, 2026
29 checks passed
@Steve-Mcl Steve-Mcl deleted the dependabot/npm_and_yarn/webpack-5.108.1 branch June 29, 2026 17:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants