chore(deps): bump ejs and webpack-bundle-analyzer in /web #573
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Removes ejs. It's no longer used after updating ancestor dependency webpack-bundle-analyzer. These dependencies need to be updated together.
Removes
ejs
Updates
webpack-bundle-analyzer
from 3.7.0 to 4.6.1Changelog
Sourced from [webpack-bundle-analyzer's changelog](https://github.com/webpack-contrib/webpack-bundle-analyzer/blob/master/CHANGELOG.md).
... (truncated)
Commits
f902f10
v4.6.150a0eca
fix: can't setup with cli mode ([chore(deps): bump actions/setup-node from 2.3.0 to 3.4.1 #524](https://github-redirect.dependabot.com/fix: can't setup with cli mode webpack-contrib/webpack-bundle-analyzer#524))fe7e9e4
v4.6.07f9972c
Update package-lock.json integrity fields3ce0d21
stable color rendering ([chore(deps): bump postcss from 7.0.27 to 7.0.39 in /web #501](https://github-redirect.dependabot.com/stable color rendering webpack-contrib/webpack-bundle-analyzer#501))16d8e07
feat: support custom loginfo with server mode ([chore(deps): bump actions/setup-node from 2.3.0 to 3.4.0 #520](https://github-redirect.dependabot.com/feat: support custom loginfo with server mode webpack-contrib/webpack-bundle-analyzer#520))7d6039e
Bump minimist from 1.2.5 to 1.2.6 in /test/webpack-versions/4.44.2 ([chore(deps): bump actions/setup-node from 2.3.0 to 3.2.0 #502](https://github-redirect.dependabot.com/Bump minimist from 1.2.5 to 1.2.6 in /test/webpack-versions/4.44.2 webpack-contrib/webpack-bundle-analyzer#502))caa59fe
Bump url-parse from 1.5.7 to 1.5.10 ([chore(deps): bump docker/build-push-action from 2.5.0 to 3.0.0 #496](https://github-redirect.dependabot.com/Bump url-parse from 1.5.7 to 1.5.10 webpack-contrib/webpack-bundle-analyzer#496))f7cfc36
Bump url-parse from 1.5.4 to 1.5.7 ([chore(deps): update dependency @braintree/sanitize-url to 6.0.0 [security] - autoclosed #494](https://github-redirect.dependabot.com/Bump url-parse from 1.5.4 to 1.5.7 webpack-contrib/webpack-bundle-analyzer#494))7c18063
Bump follow-redirects from 1.14.7 to 1.14.8 ([chore(deps): bump node from 10 to 18 #493](https://github-redirect.dependabot.com/Bump follow-redirects from 1.14.7 to 1.14.8 webpack-contrib/webpack-bundle-analyzer#493))Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.
┆Issue is synchronized with this Trello card