[PR #1337] [MERGED] Bump webpack from 5.93.0 to 5.94.0 in /micromark #1392

New issue

Closed

opened 2026-03-03 02:03:16 +03:00 by kerem · 0 comments

kerem commented

2026-03-03 02:03:16 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/DavidAnson/markdownlint/pull/1337
Author: @dependabot[bot]
Created: 8/23/2024
Status: ✅ Merged
Merged: 8/23/2024
Merged by: @DavidAnson

Base: next ← Head: dependabot/npm_and_yarn/micromark/next/webpack-5.94.0

📝 Commits (1)

95a2ed7 Bump webpack from 5.93.0 to 5.94.0 in /micromark

📊 Changes

1 file changed (+1 additions, -1 deletions)

View changed files

📝 micromark/package.json (+1 -1)

📄 Description

Bumps webpack from 5.93.0 to 5.94.0.

Release notes

Sourced from webpack's releases.

v5.94.0

Bug Fixes

Added runtime condition for harmony reexport checked

Handle properly data/http/https protocols in source maps

Make bigint optimistic when browserslist not found

Move @types/eslint-scope to dev deps

Related in asset stats is now always an array when no related found

Handle ASI for export declarations

Mangle destruction incorrect with export named default properly

Fixed unexpected asi generation with sequence expression

Fixed a lot of types

New Features

Added new external type "module-import"

Support webpackIgnore for new URL() construction

[CSS] @import pathinfo support

Security

Fixed DOM clobbering in auto public path

Commits

eabf85d chore(release): 5.94.0
955e057 security: fix DOM clobbering in auto public path
9822387 test: fix
cbb86ed test: fix
5ac3d7f fix: unexpected asi generation with sequence expression
2411661 security: fix DOM clobbering in auto public path
b8c03d4 fix: unexpected asi generation with sequence expression
f46a03c revert: do not use heuristic fallback for "module-import"
60f1898 fix: do not use heuristic fallback for "module-import"
66306aa Revert "fix: module-import get fallback from externalsPresets"
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/DavidAnson/markdownlint/pull/1337 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 8/23/2024 **Status:** ✅ Merged **Merged:** 8/23/2024 **Merged by:** [@DavidAnson](https://github.com/DavidAnson) **Base:** `next` ← **Head:** `dependabot/npm_and_yarn/micromark/next/webpack-5.94.0` --- ### 📝 Commits (1) - [`95a2ed7`](https://github.com/DavidAnson/markdownlint/commit/95a2ed7d3fcdeae870af51eb815f5c285ab5012f) Bump webpack from 5.93.0 to 5.94.0 in /micromark ### 📊 Changes **1 file changed** (+1 additions, -1 deletions) <details> <summary>View changed files</summary> 📝 `micromark/package.json` (+1 -1) </details> ### 📄 Description Bumps [webpack](https://github.com/webpack/webpack) from 5.93.0 to 5.94.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/webpack/webpack/releases">webpack's releases</a>.</em></p> <blockquote> <h2>v5.94.0</h2> <h2>Bug Fixes</h2> <ul> <li>Added runtime condition for harmony reexport checked</li> <li>Handle properly <code>data</code>/<code>http</code>/<code>https</code> protocols in source maps</li> <li>Make <code>bigint</code> optimistic when browserslist not found</li> <li>Move <code>@types/eslint-scope</code> to dev deps</li> <li>Related in asset stats is now always an array when no related found</li> <li>Handle ASI for export declarations</li> <li>Mangle destruction incorrect with export named default properly</li> <li>Fixed unexpected asi generation with sequence expression</li> <li>Fixed a lot of types</li> </ul> <h2>New Features</h2> <ul> <li>Added new external type "module-import"</li> <li>Support <code>webpackIgnore</code> for <code>new URL()</code> construction</li> <li>[CSS] <code>@import</code> pathinfo support</li> </ul> <h2>Security</h2> <ul> <li>Fixed DOM clobbering in auto public path</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/webpack/webpack/commit/eabf85d8580dfcb876b56957ba5488222a4f7873"><code>eabf85d</code></a> chore(release): 5.94.0</li> <li><a href="https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"><code>955e057</code></a> security: fix DOM clobbering in auto public path</li> <li><a href="https://github.com/webpack/webpack/commit/98223873625a029b9903d5ec6c0235b8f9fb5a66"><code>9822387</code></a> test: fix</li> <li><a href="https://github.com/webpack/webpack/commit/cbb86ede32ab53d8eade6efee30da2463f0082ec"><code>cbb86ed</code></a> test: fix</li> <li><a href="https://github.com/webpack/webpack/commit/5ac3d7f2cdce6da63a8dfb07e9dbbd95756bf7a2"><code>5ac3d7f</code></a> fix: unexpected asi generation with sequence expression</li> <li><a href="https://github.com/webpack/webpack/commit/2411661bd1bedf1b2efc23c76d595c189425d39f"><code>2411661</code></a> security: fix DOM clobbering in auto public path</li> <li><a href="https://github.com/webpack/webpack/commit/b8c03d47726a57e0dc6ba58b4f96f0e81b168268"><code>b8c03d4</code></a> fix: unexpected asi generation with sequence expression</li> <li><a href="https://github.com/webpack/webpack/commit/f46a03ccbc2b96ff3552642fea0d7402f7880865"><code>f46a03c</code></a> revert: do not use heuristic fallback for "module-import"</li> <li><a href="https://github.com/webpack/webpack/commit/60f189871a4cdc5d595663d6babadac74f2f6a7d"><code>60f1898</code></a> fix: do not use heuristic fallback for "module-import"</li> <li><a href="https://github.com/webpack/webpack/commit/66306aa45659ef4e8dac8226798931c228fdb204"><code>66306aa</code></a> Revert "fix: module-import get fallback from externalsPresets"</li> <li>Additional commits viewable in <a href="https://github.com/webpack/webpack/compare/v5.93.0...v5.94.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=webpack&package-manager=npm_and_yarn&previous-version=5.93.0&new-version=5.94.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>