dependabot[bot] opened a new pull request, #292: URL: https://github.com/apache/arrow-js/pull/292
Bumps [webpack](https://github.com/webpack/webpack) from 5.101.3 to 5.102.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/webpack/webpack/releases";>webpack's releases</a>.</em></p> <blockquote> <h2>v5.102.0</h2> <h3>Features</h3> <ul> <li>Added static analyze for dynamic imports</li> <li>Added support for <code>import file from "./file.ext" with { type: "bytes" }</code> to get the content as <code>Uint8Array</code> (look at <a href="https://github.com/webpack/webpack/tree/main/examples/asset";>example</a>)</li> <li>Added support for <code>import file from "./file.ext" with { type: "text" }</code> to get the content as text (look at <a href="https://github.com/webpack/webpack/tree/main/examples/asset";>example</a>)</li> <li>Added the <code>snapshot.contextModule</code> to configure snapshots options for context modules</li> <li>Added the <code>extractSourceMap</code> option to implement the capabilities of loading source maps by comment, you don't need <code>source-map-loader</code> (look at <a href="https://github.com/webpack/webpack/tree/main/examples/source-mapping-url";>example</a>)</li> <li>The <code>topLevelAwait</code> experiment is now stable (you can remove <code>experiments.topLevelAwait</code> from your <code>webpack.config.js</code>)</li> <li>The <code>layers</code> experiment is now stable (you can remove <code>experiments.layers</code> from your <code>webpack.config.js</code>)</li> <li>Added function matcher support in rule options</li> </ul> <h3>Fixes</h3> <ul> <li>Fixed conflicts caused by multiple concatenate modules</li> <li>Ignore import failure during HMR update with ES modules output</li> <li>Keep render module order consistent</li> <li>Prevent inlining modules that have <code>this</code> exports</li> <li>Removed unused <code>timeout</code> attribute of script tag</li> <li>Supported UMD chunk format to work in web workers</li> <li>Improved CommonJs bundle to ES module library</li> <li>Use <code>es-lexer</code> for <code>mjs</code> files for build dependencies</li> <li>Fixed support <code>__non_webpack_require__</code> for ES modules</li> <li>Properly handle external modules for CSS</li> <li>AssetsByChunkName included assets from <code>chunk.auxiliaryFiles</code></li> <li>Use <code>createRequire</code> only when output is ES module and target is node</li> <li>Typescript types</li> </ul> <h3>Performance Improvements</h3> <ul> <li>Avoid extra calls for snapshot</li> <li>A avoid extra jobs for build dependencies</li> <li>Move import attributes to own dependencies</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/webpack/webpack/commit/14c813a0b3709e142b3ed03355c6c15fc11b91a1";><code>14c813a</code></a> chore(release): 5.102.0</li> <li><a href="https://github.com/webpack/webpack/commit/761b15306049bb30c52b760e1058e21c0a88698a";><code>761b153</code></a> feat: support function matcher in rule options (<a href="https://redirect.github.com/webpack/webpack/issues/19952";>#19952</a>)</li> <li><a href="https://github.com/webpack/webpack/commit/8c0fa9e9dc62e8211d36e57d2a76011cb094dd44";><code>8c0fa9e</code></a> feat: tree shaking nested exports for destructuring assignment (<a href="https://redirect.github.com/webpack/webpack/issues/19955";>#19955</a>)</li> <li><a href="https://github.com/webpack/webpack/commit/0a58530ef4e6b0eda68db191c17e89406b4430f5";><code>0a58530</code></a> chore(deps): bump actions/dependency-review-action from 4.7.3 to 4.8.0 (<a href="https://redirect.github.com/webpack/webpack/issues/19958";>#19958</a>)</li> <li><a href="https://github.com/webpack/webpack/commit/042bf86cf8b3e86bc58bc9b2e5ea116940259b2f";><code>042bf86</code></a> fix: integrity in http-url test (<a href="https://redirect.github.com/webpack/webpack/issues/19954";>#19954</a>)</li> <li><a href="https://github.com/webpack/webpack/commit/d9121b39a1d76339b7966279f198c2d8d3fdff5c";><code>d9121b3</code></a> docs: use markdown instead html (<a href="https://redirect.github.com/webpack/webpack/issues/19938";>#19938</a>)</li> <li><a href="https://github.com/webpack/webpack/commit/3f00777e678f45b34534fb1eb208bfd926a807c8";><code>3f00777</code></a> docs: remove unused files (<a href="https://redirect.github.com/webpack/webpack/issues/19937";>#19937</a>)</li> <li><a href="https://github.com/webpack/webpack/commit/3cf0d95e86b18173a6d24aed533d39c309dc1f0c";><code>3cf0d95</code></a> chore: add lfx badge (<a href="https://redirect.github.com/webpack/webpack/issues/19934";>#19934</a>)</li> <li><a href="https://github.com/webpack/webpack/commit/84e5c129d12f744df0349fce40365c021d8b0f87";><code>84e5c12</code></a> fix: should analyze correct variable for dynamic import (<a href="https://redirect.github.com/webpack/webpack/issues/19936";>#19936</a>)</li> <li><a href="https://github.com/webpack/webpack/commit/44cf16f2ebd179fae5515892b5198c2dbfa7c8fa";><code>44cf16f</code></a> docs: Revise security policy and reporting guidelines (<a href="https://redirect.github.com/webpack/webpack/issues/19886";>#19886</a>)</li> <li>Additional commits viewable in <a href="https://github.com/webpack/webpack/compare/v5.101.3...v5.102.0";>compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
