Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump shell-quote and @humanmade/webpack-helpers #7

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github May 7, 2023

Removes shell-quote. It's no longer used after updating ancestor dependency @humanmade/webpack-helpers. These dependencies need to be updated together.

Removes shell-quote

Updates @humanmade/webpack-helpers from 0.5.2 to 0.11.1

Changelog

Sourced from @​humanmade/webpack-helpers's changelog.

v0.11.1

  • Do not compress output or strip comments in the SASS loader. This fixes an issue where autoprefixer directive comments would be removed by sass-loader, potentially causing compilation errors. #180

v0.11.0

  • Correctly output .rtl.css manifest entries when using the WebpackRTLPlugin. #171
  • Breaking: Require Webpack CLI version 3 to avoid DevServer issues. If your project uses v4, run npm install webpack-cli@3 to downgrade. #168
  • Potentially Breaking: Extend auto-shared seeds for manifest generation to development preset. The upshot of this is that multi-config setups in development don't need custom manifest configurations to use the same manifest--they'll do so automatically. #166
  • Internal: Pin run-parallel subdependency (required by copy-webpack-plugin) to 1.1.9 to guarantee Node v10 compatibility. #167

v0.10.2

  • Correctly infer a default publicPath when using withDynamicPort helper. #161

v0.10.1

  • Update WordPress externals object to match latest bundled scripts. #160

v0.10

New Features

  • Adapt the value of output.path when inferring output.publicPath in DevServer so that all assets are correctly served in multi-config situations. #156
  • Generate a production-asset-manifest.json for all production preset builds. #153 Builds in a multi-configuration setup which target the same output folder will share a manifest. #154

Upgrades & Changes

  • Potentially Breaking: Update mini-css-extract-plugin to v1.3.4. Changelog. #148
  • Potentially Breaking: Update css-loader to v5.0.1. Changelog. #136
  • Potentially Breaking: Update style-loader to v2.0.0. Changelog. #127

All three of the above dependency upgrades include breaking API changes. None of these changes should impact vanilla usage of the presets provided by these helpers, but we recommend reviewing all three libraries' changelogs to identify potential issues if you are customizing presets or loader behavior relating to stylesheets.

  • Potentially Breaking: Update webpack-manifest-plugin to v3.0.0. Changelog. #143

The manifest plugin now exports its constructor as a named export, not a default, so any custom builds which pull in the ManifestPlugin constructor directly from the plugin dependency (as opposed to using the recommended plugins.manifest() factory function) will need to switch to using plugins.constructors.ManifestPlugin. This should not impact un-customized presets.

  • Potentially Breaking: Update postcss-flexbugs-fixes to v5.0.2 and update postcss-loader to v4.1.0. #152

The upgrade to postcss-loader requires nesting PostCSS configuration options within a .postcssOptions key on the object passed to the webpack loader. As with the style loading changes above, if you use the presets without customization this should not impact your project. Otherwise, ensure you have added this level of nesting to any code which customizes the postcss-loader's configuration object. Consult the postcss-loader changelog for more information.

  • Upgrade webpack-fix-style-only-entries plugin to v0.6.0. This may resolve the issue previously documented in #93 where files would be incorrectly deleted when processing an array of webpack configuration objects. #129

  • Include postcss as a direct dependency of this package, rather than a subdependency. #151

  • Update webpack-bundle-analyzer bundled plugin to v4.3.0. #146

  • Internal: Add the generation of a basic development and production bundle, including scss styles, to the CI job. #149

  • Internal: Upgrade local development dependencies to latest versions. #150

v0.9

... (truncated)

Commits
  • c465d6e Tag v0.11.1
  • 05766b6 Merge pull request #180 from humanmade/disable-sass-compression
  • 474d3e5 Disable sass css compression to allow comments
  • 17731e2 Tag v0.11.0
  • 01bfecc Merge pull request #171 from atimmer/fix-handling-of-rtl-files
  • d900e28 Document RTL compatibility fix in changelog
  • 594ab27 Fix lint error and link out to RTL plugin manifest issue
  • cf53ed0 Fix handling of RTL files in the manifest
  • 600a7d7 Merge pull request #168 from humanmade/require-webpack-cli-v3
  • e287216 Merge pull request #167 from humanmade/fix-node-v10-failure
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by alwaysblank, a new releaser for @​humanmade/webpack-helpers since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
Removes [shell-quote](https://github.com/ljharb/shell-quote). It's no longer used after updating ancestor dependency [@humanmade/webpack-helpers](https://github.com/humanmade/webpack-helpers). These dependencies need to be updated together.


Removes `shell-quote`

Updates `@humanmade/webpack-helpers` from 0.5.2 to 0.11.1
- [Changelog](https://github.com/humanmade/webpack-helpers/blob/main/docs/changelog.md)
- [Commits](humanmade/webpack-helpers@v0.5.2...v0.11.1)

---
updated-dependencies:
- dependency-name: shell-quote
  dependency-type: indirect
- dependency-name: "@humanmade/webpack-helpers"
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label May 7, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

0 participants