chore(deps-dev): bump webpack from 5.102.1 to 5.103.0

[dependabot]

Bumps webpack from 5.102.1 to 5.103.0.

Release notes

Sourced from webpack's releases.

v5.103.0

Features

• Added DotenvPlugin and top level dotenv option to enable this plugin
• Added WebpackManifestPlugin
• Added support the ignoreList option in devtool plugins
• Allow to use custom javascript parse function
• Added import.meta.env support for environment variables
• Added support for import.meta.dirname and import.meta.filename
• Added support import.defer() for statistical path
• Handle import.meta.main
• Added suport to setup named exports for JSON modules and disable usage named export for import file from "./file.json" with { type: "json" }
• Added support __dirname/__filename/import.meta.dirname/import.meta.filename for universal target
• [CSS] Added the exportType option with link (by default), "text" and css-style-sheet values
• [CSS] Added support for composes properties

Fixes

• The dependOn chunk must be loaded before the common chunk
• Return to namespace import when the external request includes a specific export
• No runtime extra runtime code for module libraries
• Delay HMR accept dependencies to preserve import attributes
• Properly handle external presets for universal target
• Fixed incorrect identifier of import binding for module externals
• Fixed when defer import and dynamic default export mixed
• Reduce generated output when globalThis supported
• Fixed loading async modules in defer import
• Reexport module for default import when no used exports for systemjs library
• Rename HarmonyExportDependencyParserPlugin exported id to CompatibilityPlugin tagged id
• Handle __dirname and __filename for ES modules
• Rename single nested __webpack_export__ and __webpack_require__ in already bundled code
• [Types] webpack function type
• [Types] NormalModule type
• [Types] Multi compiler configuration type
• [Types] Fixed regression in custom hashDigest type
• [CSS] No extra runtime for initial chunk
• [CSS] Fixed a lot of CSS modules bugs

Commits

• e021948 chore(release): 5.103.0
• 1dc6967 chore(deps): bump actions/checkout from 5.0.0 to 5.0.1 (#20130)
• 077417f fix(css): many css modules bugs (#20129)
• 7722518 chore: fix script (#20128)
• 688a7f9 test: no runtime requirements for module library (#20127)
• 04fe5a1 refactor: pkg.pr.new publish (#20093)
• 27c05c7 fix: return to namespace import when the external request includes a specific...
• 067cc60 refactor: no runtime requirements for module library (#20096)
• d4208ba fix: delay HMR accept dependencies to preserve import attributes (#20124)
• 102e1a4 feat(css): added css-style-sheet to exportType for CSSStyleSheet return (#20104)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot will merge this PR once CI passes on it, as requested by @char0n.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[char0n]

@dependabot merge

[dependabot]

Beginning January 27, 2026, Dependabot will no longer support the @dependabot merge command. Please use GitHub's native pull request controls instead. Please see the changelog announcement for additional details.

[dependabot]

One of your CI runs failed on this pull request, so Dependabot won't merge it.

Dependabot will still automatically merge this pull request if you amend it and your tests pass.

[char0n]

@dependabot merge

[dependabot]

Beginning January 27, 2026, Dependabot will no longer support the @dependabot merge command. Please use GitHub's native pull request controls instead. Please see the changelog announcement for additional details.

[char0n]

@dependabot merge

[dependabot]

Beginning January 27, 2026, Dependabot will no longer support the @dependabot merge command. Please use GitHub's native pull request controls instead. Please see the changelog announcement for additional details.

[char0n]

@dependabot merge

[dependabot]

Beginning January 27, 2026, Dependabot will no longer support the @dependabot merge command. Please use GitHub's native pull request controls instead. Please see the changelog announcement for additional details.