rubyfunctions
rubyfunctions copied to clipboard
emad-elsaid
Bump @rails/webpacker from 5.4.0 to 5.4.4 in /src
Bumps @rails/webpacker from 5.4.0 to 5.4.4.
Changelog
Sourced from @rails/webpacker's changelog.
[5.4.4] - 2023-01-31
- Fix compatibility with Ruby 3.2. (#3306)
[5.4.3] - 2021-09-14
- Specify webpack-dev-server to be v3, to avoid getting webpack-dev-server v4 (#3121)
[5.4.2] - 2021-08-20
- Fix babel warning about private-methods in
@babel/plugin-proposal-private-property-in-objectas well.[5.4.1] - 2021-08-20
Commits
2a7e298Release 5.4.4be0efe9Merge pull request #3306 from amatsuda/5-x-exists852949d:golf:d3606ffUseexist?instead of deprecatedexists?(#3250)061f33bMerge pull request #3305 from amatsuda/5-x-ci1ec1ab3Remove Travis CI (#2615)004c97aUse latest RubyGems on Ruby >= 2.6dbf25e3Let setup-ruby choose appropriate version of bundler4c5d13aCHANGELOG: Add v5.4.3 release (#3162)e0c998eBump for v5.4.3- Additional commits viewable in compare view
Maintainer changes
This version was pushed to npm by dhh, a new releaser for @rails/webpacker since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
-
@dependabot rebasewill rebase this PR -
@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it -
@dependabot mergewill merge this PR after your CI passes on it -
@dependabot squash and mergewill squash and merge this PR after your CI passes on it -
@dependabot cancel mergewill cancel a previously requested merge and block automerging -
@dependabot reopenwill reopen this PR if it is closed -
@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -
@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "Published by a pub.dev verified publisher"){kind=small}
:warning: We detected 30 security issues in this pull request:
Vulnerable Libraries (30)
| Severity | Details |
|---|---|
| Critical | pkg:npm/[email protected]@1.0.0 (t) - no patch available |
| High | pkg:npm/[email protected]@3.1.0 (t) upgrade to: 5.1.2 |
| High | pkg:npm/[email protected]@3.0.4 (t) upgrade to: 3.0.5 |
| High | pkg:npm/[email protected]@1.0.1 (t) upgrade to: 2.2.2 |
| Critical | pkg:npm/[email protected]@2.0.1 (t) - no patch available |
| Critical | pkg:npm/[email protected]@6.7.0 (t) - no patch available |
| N/A | pkg:npm/[email protected]@2.6.9 (t) upgrade to: 3.1.0 |
| Critical | pkg:npm/[email protected]@2.0.0 (t) upgrade to: 2.0.3 |
| Medium | pkg:npm/[email protected]@5.7.0 (t) upgrade to: 4.8.1,5.14.2 |
| High | pkg:npm/[email protected]@8.0.0 (t) upgrade to: 6.0.2,7.1.1,8.0.1 |
| High | pkg:npm/[email protected]@1.0.2 (t) upgrade to: 2.0.1 |
| N/A | pkg:npm/[email protected]@0.0.7 (t) - no patch available |
| Critical | pkg:npm/[email protected]@1.2.5 (t) upgrade to: 1.2.6 |
| High | pkg:npm/[email protected]@0.2.0 (t) - no patch available |
| Critical | pkg:npm/[email protected]@1.4.0 (t) upgrade to: 2.0.3 |
| Medium | pkg:npm/[email protected]@7.0.36 (t) - no patch available |
| N/A | pkg:npm/[email protected]@0.10.0 (t) upgrade to: 1.0.0 |
| Medium | pkg:npm/[email protected]@4.17.1 (t) - no patch available |
| Medium | pkg:npm/[email protected]@6.12.0 (t) upgrade to: 6.12.3 |
| High | pkg:npm/[email protected]@2.6.3 (t) upgrade to: 3.2.2,2.6.4 |
| High | pkg:npm/[email protected]@1.13.0 (t) upgrade to: 1.14.7 |
| High | pkg:npm/[email protected]@4.1.0 (t) upgrade to: 6.0.1,5.0.1,4.1.1,3.0.1 |
| High | pkg:npm/[email protected]@6.1.4 (t) upgrade to: 4.4.16,5.0.8,6.1.7 |
| Medium | pkg:npm/[email protected]@4.6.7 (t) - no patch available |
| High | pkg:npm/[email protected]@6.0.0 (t) upgrade to: 6.0.1,5.0.1,4.1.1,3.0.1 |
| Critical | pkg:npm/[email protected]@2.1.2 (t) - no patch available |
| High | pkg:npm/[email protected]@2.1.2 (t) upgrade to: 2.2.2 |
| High | pkg:npm/[email protected]@4.5.0 (t) - no patch available |
| High | pkg:npm/[email protected]@3.0.0 (t) upgrade to: 4.2.2 |
| High | pkg:npm/[email protected]@3.2.1 (t) - no patch available |
More info on how to fix Vulnerable Libraries in JavaScript.
👉 Go to the dashboard for detailed results.
📥 Happy? Share your feedback with us.
![guardrails[bot] avatar](https://avatars.githubusercontent.com/in/5512?v=4 "Published by a pub.dev verified publisher"){kind=small}