chore(deps): bump json5 and webpack in /src/web/toSearchMd by dependabot[bot] · Pull Request #415 · linuxdeepin/deepin-manual

dependabot · 2023-01-06T20:33:19Z

Bumps json5 and webpack. These dependencies needed to be updated together.
Updates json5 from 2.1.3 to 2.2.3

Release notes

v2.2.3

Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2

Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1

Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

v2.2.0

New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

Changelog

Sourced from json5's changelog.

v2.2.3 [code, diff]

Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2 [code, diff]

Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

v2.2.0 [code, diff]

New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

Commits

c3a7524 2.2.3
94fd06d docs: update CHANGELOG for v2.2.3
3b8cebf docs(security): use GitHub security advisories
f0fd9e1 docs: publish a security policy
6a91a05 docs(template): bug -> bug report
14f8cb1 2.2.2
10cc7ca docs: update CHANGELOG for v2.2.2
7774c10 fix: add proto to objects and arrays
edde30a Readme: slight tweak to intro
97286f8 Improve example in readme
Additional commits viewable in compare view

Updates webpack from 3.12.0 to 5.75.0

Release notes

Sourced from webpack's releases.

v5.75.0

Bugfixes

experiments.* normalize to false when opt-out

avoid NaN%

show the correct error when using a conflicting chunk name in code

HMR code tests existance of window before trying to access it

fix eval-nosources-* actually exclude sources

fix race condition where no module is returned from processing module

fix position of standalong semicolon in runtime code

Features

add support for @import to extenal CSS when using experimental CSS in node

add i64 support to the deprecated WASM implementation

Developer Experience

expose EnableWasmLoadingPlugin

add more typings

generate getters instead of readonly properties in typings to allow overriding them

v5.74.0

Features

add resolve.extensionAlias option which allows to alias extensions

This is useful when you are forced to add the .js extension to imports when the file really has a .ts extension (typescript + "type": "module")

add support for ES2022 features like static blocks

add Tree Shaking support for ProvidePlugin

Bugfixes

fix persistent cache when some build dependencies are on a different windows drive

make order of evaluation of side-effect-free modules deterministic between concatenated and non-concatenated modules

remove left-over from debugging in TLA/async modules runtime code

remove unneeded extra 1s timestamp offset during watching when files are actually untouched

This sometimes caused an additional second build which are not really needed

fix shareScope option for ModuleFederationPlugin

set "use-credentials" also for same origin scripts

Performance

Improve memory usage and performance of aggregating needed files/directories for watching

This affects rebuild performance

Extensibility

export HarmonyImportDependency for plugins

v5.73.0

... (truncated)

Commits

8241da7 5.75.0
a91d923 Merge pull request #16458 from webpack/bugfix/semi
4608b11 Merge pull request #16457 from webpack/tooling/update
dfdd0b0 Merge pull request #16122 from AnmolBansalDEV/bug/compilationCallback
23b9a1c Merge pull request #16167 from exposir/fixts
6f2c5e8 Merge pull request #16257 from alexzhang1030/calc_deterministic_verbose
f7f36ad Merge pull request #16339 from Liamolucko/wasm-i64
761a542 fix semicolon position
2403a36 Merge pull request #16345 from ahabhgk/fix-eval-nosources
c18203c update tooling
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
@dependabot use these labels will set the current labels as the default for future PRs for this repo and language
@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [json5](https://github.com/json5/json5) and [webpack](https://github.com/webpack/webpack). These dependencies needed to be updated together. Updates `json5` from 2.1.3 to 2.2.3 - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](json5/json5@v2.1.3...v2.2.3) Updates `webpack` from 3.12.0 to 5.75.0 - [Release notes](https://github.com/webpack/webpack/releases) - [Commits](webpack/webpack@v3.12.0...v5.75.0) --- updated-dependencies: - dependency-name: json5 dependency-type: indirect - dependency-name: webpack dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

github-actions · 2023-01-06T20:33:45Z

CLA Assistant Lite bot:
提交邮箱中包含我们的合作伙伴，但您似乎并非合作伙伴的成员或对接人，请联系相关对接人将您添加至组织之中，或由其重新发起 Pull Request。
The commit email domain belongs to one of our partners, but it seems you are not yet a member of the current organization, please contact the contact person to add you to the organization or let them submit the Pull Request.

deepin-admin-bot seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account.
_{You can retrigger this bot by commenting recheck in this Pull Request}

sync by github workflow Log: none Influence: none

deepin-bot · 2024-01-17T06:02:03Z

TAG Bot

New tag: 6.0.7
DISTRIBUTION: stable
Suggest: synchronizing this PR through rebase #448

deepin-bot · 2024-01-26T05:46:33Z

TAG Bot

New tag: 6.0.8
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #453

deepin-bot · 2024-02-01T07:36:36Z

TAG Bot

New tag: 6.0.9
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #456

deepin-bot · 2024-02-01T10:06:53Z

TAG Bot

New tag: 6.0.10
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #458

deepin-bot · 2024-02-05T09:05:53Z

TAG Bot

New tag: 6.0.11
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #461

deepin-bot · 2024-02-21T09:13:45Z

TAG Bot

New tag: 6.0.12
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #464

deepin-bot · 2024-03-13T08:25:18Z

TAG Bot

New tag: 6.0.13
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #471

deepin-bot · 2024-04-10T07:55:28Z

TAG Bot

New tag: 6.0.14
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #473

deepin-bot · 2024-08-21T07:25:46Z

TAG Bot

New tag: 6.5.0
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #489

deepin-bot · 2024-09-05T02:58:42Z

TAG Bot

New tag: 6.5.1
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #491

deepin-bot · 2024-09-13T09:31:13Z

TAG Bot

New tag: 6.5.2
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #497

deepin-bot · 2024-10-19T08:36:04Z

TAG Bot

New tag: 6.5.3
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #500

deepin-bot · 2024-10-24T11:05:07Z

TAG Bot

New tag: 6.5.4
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #502

deepin-bot · 2024-11-07T00:48:49Z

TAG Bot

New tag: 6.5.5
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #503

deepin-bot · 2024-11-08T07:08:12Z

TAG Bot

New tag: 6.5.6
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #505

deepin-bot · 2024-11-18T12:54:40Z

TAG Bot

New tag: 6.5.7
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #507

deepin-bot · 2024-11-30T06:16:16Z

TAG Bot

New tag: 6.5.8
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #508

deepin-bot · 2024-12-02T06:53:58Z

TAG Bot

New tag: 6.5.9
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #509

deepin-bot · 2024-12-14T07:36:42Z

TAG Bot

New tag: 6.5.10
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #516

deepin-bot · 2024-12-20T05:37:59Z

TAG Bot

New tag: 6.5.11
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #518

deepin-bot · 2024-12-27T03:53:30Z

TAG Bot

New tag: 6.5.12
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #520

deepin-bot · 2025-01-20T09:50:15Z

TAG Bot

New tag: 6.5.13
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #523

deepin-bot · 2025-02-06T08:41:20Z

TAG Bot

New tag: 6.5.14
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #524

deepin-bot · 2025-02-18T12:20:54Z

TAG Bot

New tag: 6.5.15
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #525

deepin-bot · 2025-02-27T12:22:25Z

TAG Bot

New tag: 6.5.16
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #527

deepin-bot · 2025-03-28T02:35:07Z

TAG Bot

New tag: 6.5.17
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #532

deepin-bot · 2025-04-02T07:24:23Z

TAG Bot

New tag: 6.5.18
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #534

deepin-bot · 2025-04-10T12:19:19Z

TAG Bot

New tag: 6.5.19
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #537

deepin-bot · 2025-04-17T04:38:11Z

TAG Bot

New tag: 6.5.20
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #538

deepin-bot · 2025-04-29T11:59:25Z

TAG Bot

New tag: 6.5.21
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #540

deepin-bot · 2025-05-08T10:44:29Z

TAG Bot

New tag: 6.5.22
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #541

deepin-bot · 2025-05-09T03:19:22Z

TAG Bot

New tag: 6.5.23
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #544

deepin-bot · 2025-05-14T06:16:26Z

TAG Bot

New tag: 6.5.24
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #545

deepin-bot · 2025-05-20T06:03:32Z

TAG Bot

New tag: 6.5.25
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #546

deepin-bot · 2025-05-23T10:09:02Z

TAG Bot

New tag: 6.5.26
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #548

deepin-bot · 2025-06-05T11:07:57Z

TAG Bot

New tag: 6.5.26+nmu1
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #552

deepin-bot · 2025-06-05T12:40:35Z

TAG Bot

New tag: 6.5.27
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #553

deepin-bot · 2025-06-21T10:36:36Z

TAG Bot

New tag: 6.5.28
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #559

deepin-bot · 2025-06-23T05:57:07Z

TAG Bot

New tag: 6.5.30
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #560

deepin-bot · 2025-06-26T06:26:36Z

TAG Bot

New tag: 6.5.31
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #561

deepin-bot · 2025-06-27T09:44:12Z

TAG Bot

New tag: 6.5.32
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #562

deepin-bot · 2025-07-02T03:07:20Z

TAG Bot

New tag: 6.5.33
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #564

deepin-bot · 2025-07-10T10:47:09Z

TAG Bot

New tag: 6.5.34
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #565

deepin-bot · 2025-07-16T07:26:22Z

TAG Bot

New tag: 6.5.35
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #566

deepin-bot · 2025-07-31T08:07:11Z

TAG Bot

New tag: 6.5.36
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #567

deepin-bot · 2025-08-07T11:54:36Z

TAG Bot

New tag: 6.5.37
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #569

deepin-bot · 2025-08-14T01:26:22Z

TAG Bot

New tag: 6.5.38
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #570

deepin-bot · 2025-09-17T03:21:00Z

TAG Bot

New tag: 6.5.39
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #571

deepin-bot · 2025-09-25T13:41:41Z

TAG Bot

New tag: 6.5.40
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #572

deepin-bot · 2025-11-26T08:52:19Z

TAG Bot

New tag: 6.5.41
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #576

deepin-bot · 2025-12-18T07:28:18Z

TAG Bot

New tag: 6.5.42
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #578

dependabot · 2025-12-18T07:49:20Z

OK, I won't notify you again about this release, but will get in touch when a new version is available.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

dependabot bot added the dependencies Pull requests that update a dependency file label Jan 6, 2023

deepin-admin-bot added 2 commits May 10, 2023 02:15

chore: Sync by linuxdeepin/.github@2e5e092

d0ee439

sync by github workflow Log: none Influence: none

chore: Sync by linuxdeepin/.github@559e911

25f17c3

sync by github workflow Log: none Influence: none

lzwind closed this Dec 18, 2025

dependabot bot deleted the dependabot/npm_and_yarn/src/web/toSearchMd/json5-and-webpack-2.2.3 branch December 18, 2025 07:49

Conversation

dependabot bot commented on behalf of github Jan 6, 2023

v2.2.3

v2.2.2

v2.2.1

v2.2.0

v2.2.3 [code, diff]

v2.2.2 [code, diff]

v2.2.1 [code, diff]

v2.2.0 [code, diff]

v5.75.0

Bugfixes

Features

Developer Experience

v5.74.0

Features

Bugfixes

Performance

Extensibility

v5.73.0

Uh oh!

github-actions bot commented Jan 6, 2023 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

deepin-bot bot commented Jan 17, 2024

Uh oh!

deepin-bot bot commented Jan 26, 2024

Uh oh!

deepin-bot bot commented Feb 1, 2024

Uh oh!

deepin-bot bot commented Feb 1, 2024

Uh oh!

deepin-bot bot commented Feb 5, 2024

Uh oh!

deepin-bot bot commented Feb 21, 2024

Uh oh!

deepin-bot bot commented Mar 13, 2024

Uh oh!

deepin-bot bot commented Apr 10, 2024

Uh oh!

deepin-bot bot commented Aug 21, 2024

Uh oh!

deepin-bot bot commented Sep 5, 2024

Uh oh!

deepin-bot bot commented Sep 13, 2024

Uh oh!

deepin-bot bot commented Oct 19, 2024

Uh oh!

deepin-bot bot commented Oct 24, 2024

Uh oh!

deepin-bot bot commented Nov 7, 2024

Uh oh!

deepin-bot bot commented Nov 8, 2024

Uh oh!

deepin-bot bot commented Nov 18, 2024

Uh oh!

deepin-bot bot commented Nov 30, 2024

Uh oh!

deepin-bot bot commented Dec 2, 2024

Uh oh!

deepin-bot bot commented Dec 14, 2024

Uh oh!

deepin-bot bot commented Dec 20, 2024

Uh oh!

deepin-bot bot commented Dec 27, 2024

Uh oh!

deepin-bot bot commented Jan 20, 2025

Uh oh!

deepin-bot bot commented Feb 6, 2025

Uh oh!

deepin-bot bot commented Feb 18, 2025

Uh oh!

deepin-bot bot commented Feb 27, 2025

Uh oh!

deepin-bot bot commented Mar 28, 2025

Uh oh!

deepin-bot bot commented Apr 2, 2025

Uh oh!

deepin-bot bot commented Apr 10, 2025

Uh oh!

github-actions bot commented Jan 6, 2023 •

edited

Loading