[PR #257] [MERGED] Bump webpack from 4.35.3 to 4.36.1 #335

New issue

Closed

opened 2026-02-26 05:34:37 +03:00 by kerem · 0 comments

kerem commented 2026-02-26 05:34:37 +03:00

Owner

Copy link

📋 Pull Request Information

Original PR: https://github.com/nextcloud/twofactor_gateway/pull/257
Author: @dependabot-preview[bot]
Created: 7/18/2019
Status: ✅ Merged
Merged: 7/18/2019
Merged by: @dependabot-preview[bot]

Base: master ← Head: dependabot/npm_and_yarn/webpack-4.36.1

---

📝 Commits (1)

• e7a8396 Bump webpack from 4.35.3 to 4.36.1

📊 Changes

2 files changed (+4 additions, -4 deletions)

View changed files

📝 package-lock.json (+3 -3)
📝 package.json (+1 -1)

📄 Description

Bumps webpack from 4.35.3 to 4.36.1.

Release notes

Sourced from webpack's releases.

v4.36.1

Bugfixes

• fix regression in 4.36.0 when using happypack

v4.36.0

Features

• SourceMapDevToolPlugin append option now supports the default placeholders in addition to [url]
• Arrays in resolve and parser options (Rule and Loader API) support backreferences with "..." when overriding options.

Commits

• 92caa5d 4.36.1
• 4cac066 Merge pull request #9425 from webpack/bugfix/no-resolve-options
• 1f966eb fix #9424
• 95d21bb 4.36.0
• aa1216c Merge pull request #9422 from webpack/feature/dot-dot-dot-merge
• b3ec775 improve merging of resolve and parsing options
• 53a5ae2 Merge pull request #9419 from vankop/remove-valid-jsdoc-rule
• ab75240 Merge pull request #9413 from webpack/dependabot/npm_and_yarn/ajv-6.10.2
• 0bdabf4 Merge pull request #9418 from webpack/dependabot/npm_and_yarn/eslint-plugin-j...
• f207cdc remove valid jsdoc rule in favour of eslint-plugin-jsdoc
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

If all status checks pass Dependabot will automatically merge this pull request.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it). To ignore the version in this PR you can just close it
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

---

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/nextcloud/twofactor_gateway/pull/257 **Author:** [@dependabot-preview[bot]](https://github.com/apps/dependabot-preview) **Created:** 7/18/2019 **Status:** ✅ Merged **Merged:** 7/18/2019 **Merged by:** [@dependabot-preview[bot]](https://github.com/apps/dependabot-preview) **Base:** `master` ← **Head:** `dependabot/npm_and_yarn/webpack-4.36.1` --- ### 📝 Commits (1) - [`e7a8396`](https://github.com/nextcloud/twofactor_gateway/commit/e7a83969ffc51f6bb748a06828682dcff12808b5) Bump webpack from 4.35.3 to 4.36.1 ### 📊 Changes **2 files changed** (+4 additions, -4 deletions) <details> <summary>View changed files</summary> 📝 `package-lock.json` (+3 -3) 📝 `package.json` (+1 -1) </details> ### 📄 Description Bumps [webpack](https://github.com/webpack/webpack) from 4.35.3 to 4.36.1. <details> <summary>Release notes</summary> *Sourced from [webpack's releases](https://github.com/webpack/webpack/releases).* > ## v4.36.1 > # Bugfixes > > * fix regression in 4.36.0 when using happypack > > ## v4.36.0 > # Features > > * SourceMapDevToolPlugin `append` option now supports the default placeholders in addition to `[url]` > * Arrays in resolve and parser options (Rule and Loader API) support backreferences with `"..."` when overriding options. </details> <details> <summary>Commits</summary> - [`92caa5d`](https://github.com/webpack/webpack/commit/92caa5de066ded4232a119752bd5dde1497606ef) 4.36.1 - [`4cac066`](https://github.com/webpack/webpack/commit/4cac06644bdf122f82f21f89291128296ef004c4) Merge pull request [#9425](https://github-redirect.dependabot.com/webpack/webpack/issues/9425) from webpack/bugfix/no-resolve-options - [`1f966eb`](https://github.com/webpack/webpack/commit/1f966eb9d073b9233ddd6b70fa8673111652a85f) fix [#9424](https://github-redirect.dependabot.com/webpack/webpack/issues/9424) - [`95d21bb`](https://github.com/webpack/webpack/commit/95d21bb39a1e700f28be776b300492c50a169fc7) 4.36.0 - [`aa1216c`](https://github.com/webpack/webpack/commit/aa1216c460b97aa6506803d945e8f5436a7d3147) Merge pull request [#9422](https://github-redirect.dependabot.com/webpack/webpack/issues/9422) from webpack/feature/dot-dot-dot-merge - [`b3ec775`](https://github.com/webpack/webpack/commit/b3ec7754530fa6146dfe0211e014bcbbdacce065) improve merging of resolve and parsing options - [`53a5ae2`](https://github.com/webpack/webpack/commit/53a5ae2143d115739e546a6dbc2be02c8247f3f9) Merge pull request [#9419](https://github-redirect.dependabot.com/webpack/webpack/issues/9419) from vankop/remove-valid-jsdoc-rule - [`ab75240`](https://github.com/webpack/webpack/commit/ab75240295968d425226b84609fcb0b18f889df5) Merge pull request [#9413](https://github-redirect.dependabot.com/webpack/webpack/issues/9413) from webpack/dependabot/npm_and_yarn/ajv-6.10.2 - [`0bdabf4`](https://github.com/webpack/webpack/commit/0bdabf42ad6ea26046d0f4bc7c236bf27df5fbb2) Merge pull request [#9418](https://github-redirect.dependabot.com/webpack/webpack/issues/9418) from webpack/dependabot/npm_and_yarn/eslint-plugin-j... - [`f207cdc`](https://github.com/webpack/webpack/commit/f207cdcb1542e89b3b61eaa21853a8c09842816e) remove valid jsdoc rule in favour of eslint-plugin-jsdoc - Additional commits viewable in [compare view](https://github.com/webpack/webpack/compare/v4.35.3...v4.36.1) </details> <br /> [](https://dependabot.com/compatibility-score.html?dependency-name=webpack&package-manager=npm_and_yarn&previous-version=4.35.3&new-version=4.36.1) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) If all status checks pass Dependabot will automatically merge this pull request. [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it). To ignore the version in this PR you can just close it - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Automerge options (never/patch/minor, and dev/runtime dependencies) - Pull request limits (per update run and/or open at any time) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired) Finally, you can contact us by mentioning @dependabot. </details> --- _{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

kerem 2026-02-26 05:34:37 +03:00

• closed this issue
• added the
  pull-request
  label

kerem referenced this issue 2026-02-26 06:30:35 +03:00

[PR #335] [MERGED] [Security] Bump minimist from 1.2.0 to 1.2.5 #398

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

stable32

stable33

dependabot/npm_and_yarn/vue/test-utils-2.4.8

dependabot/npm_and_yarn/vue-3.5.33

dependabot/npm_and_yarn/vitest-4.1.5

dependabot/npm_and_yarn/nextcloud/axios-2.6.0

dependabot/npm_and_yarn/dompurify-3.4.1

feat/whatsapp-business-driver

stable31

v3.2.0

v2.4.0

v3.1.0

v2.3.0

v2.2.2

v3.0.2

v3.0.1

v2.2.1

v1.2.1

v3.0.0

v1.2.0

v2.2.0

v1.0.0

v2.0.0

v0.20.0

v0.19.0

v0.17.0

v0.16.0

v0.15.1

v0.15.0

v0.14.1

v0.14.0

v0.13.0

v0.13

v0.12.0

v0.11.0

v0.11.0-beta1

v0.10.1

v0.10.1-beta1

v0.10.0

v0.10.0-beta1

v0.9.0

v0.9.0-beta1

v0.8.0

v0.8.0-beta1

v0.7.0

v0.7.0-beta2

v0.7.0-beta1

v0.6.1

v0.6.0

v0.5.0

v0.2.0

v0.2

Labels

Clear labels   

0. to triage

  

1. to develop

  

3. to review

  

blocked

  

bug

  

discussion

  

duplicate

  

enhancement

  

enhancement

  

gateway:signal

  

gateway:signal

  

gateway:signal

  

gateway:sms

  

gateway:telegram

  

hacktoberfest

  

help wanted

  

invalid

  

needs info

  

php

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

technical debt

No labels

0. to triage

1. to develop

3. to review

blocked

bug

discussion

duplicate

enhancement

enhancement

gateway:signal

gateway:signal

gateway:signal

gateway:sms

gateway:telegram

hacktoberfest

help wanted

invalid

needs info

php

pull-request

question

technical debt

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/twofactor_gateway-nextcloud#335

No description provided.