Migrate to browser-sync-v3 fork #235
Open
+89
−176
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #220, #218 (comment)
Replacing:
with updated fork.
Browser-sync in v3.x removed
localtunnel
thusaxios
which points in v2.x to a vulnerable version:/However the webpack plugin while fully compatible with v3.x is not updated to allow for the higher peerDependency version by a trivial condition
@f3e9ead
and the lack of any news about Va1/browser-sync-webpack-plugin#96 makes it look rather abandoned.At the same time dependabot will be trying to upgrade browser-sync to 3.x over and over without checking for failed peerDependency in a devDependency (
watch
fails butbuild
passes so dependabot is happy…) so this PR resolves the issue by using a v3-compatible fork — the only change is allowing the higher peerDependecy version: madbucket/browser-sync-webpack-plugin@46132d8
May be reverted later if the og plugin gets the compatibility fix released.
Also postcss-loader is updated to the highest compatible version (that comes with dropping support for webpack 4, only webpack 5+ is now compatible) — upgrading past the v8.x breaking release would mean Node 18+ only which I'm not sure we want to do right now so left it at the most recent v7.x version that's pretty much on par and keeping the same compatibility.
Works fine (=tested) with Node versions 16, 18, 20 (LTS); might even support Node 14 (where the only limit in lockfile/engines is node-sass 9+ but that should not be needed as it's only optional peer dep and we use sass 1.x instead and that should run just fine even on the latest point releases of Node 14 if needed.)
Supersedes #234, #233, #219, #193