build(deps-dev): bump webpack from 4.39.3 to 4.40.2

[dependabot-preview]

Bumps webpack from 4.39.3 to 4.40.2.

Release notes

Sourced from webpack's releases.

v4.40.2

Bugfixes

• fix a bug where asset is undefined

v4.40.1

Bugfixes

• convert "multiple assets emit to the same filename" error into a warning
• compare asset content when multiple assets emit to the same filename

v4.40.0

Features

• adds asset info for emitted assets
  • new methods allow easy emitting/updating of assets compilation.emitAsset/updateAsset (instead of accessing the Object compilation.assets)
  • new getter methods to get assets compilation.getAssets() and compilation.getAsset(name)
  • 3 flags in asset info:
    • immutable: when set an asset can be cache infinitely
    • development: when set an asset is some kind of development tool (i. e. a SourceMap)
    • hotModuleReplacement: when set an asset is generated for an hot update
  • Stats expose info object in assets
  • String version of Stats show flags

Commits

• d1fffd8 4.40.2
• 705a3f5 Merge pull request #9701 from Akryum/patch-1
• b4c7fd5 fix: check for asset nullity before fileFilter
• e4c7d8c 4.40.1
• b69ad20 Merge pull request #9697 from webpack/bugfix/multiple-assets
• e41fab0 make multiple assets to the same filename a warning
• c5450b4 Merge pull request #9696 from sodatea/fix-size-limits
• 025c253 fix: check the asset's existence before running filter
• 9c6b367 4.40.0
• e9e7a85 Merge pull request #9687 from webpack/feature/emit-asset
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

[dependabot-preview]

Superseded by #87.