Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

Bump webpack from 5.89.0 to 5.103.0

Closed
Number: #223
Type: Pull Request
State: Closed
Author: dependabot[bot] dependabot[bot]
Association: Unknown
Comments: 3
Created: November 19, 2025 at 09:09 AM UTC
(6 days ago)
Updated: November 19, 2025 at 09:09 AM UTC
(6 days ago)
Closed: November 19, 2025 at 09:09 AM UTC
(6 days ago)
Time to Close: less than a minute
Labels:
dependencies javascript
Description:

Bumps webpack from 5.89.0 to 5.103.0.

Release notes

Sourced from webpack's releases.

v5.103.0

Features

  • Added DotenvPlugin and top level dotenv option to enable this plugin
  • Added WebpackManifestPlugin
  • Added support the ignoreList option in devtool plugins
  • Allow to use custom javascript parse function
  • Added import.meta.env support for environment variables
  • Added support for import.meta.dirname and import.meta.filename
  • Added support import.defer() for statistical path
  • Handle import.meta.main
  • Added suport to setup named exports for JSON modules and disable usage named export for import file from "./file.json" with { type: "json" }
  • Added support __dirname/__filename/import.meta.dirname/import.meta.filename for universal target
  • [CSS] Added the exportType option with link (by default), "text" and css-style-sheet values
  • [CSS] Added support for composes properties

Fixes

  • The dependOn chunk must be loaded before the common chunk
  • Return to namespace import when the external request includes a specific export
  • No runtime extra runtime code for module libraries
  • Delay HMR accept dependencies to preserve import attributes
  • Properly handle external presets for universal target
  • Fixed incorrect identifier of import binding for module externals
  • Fixed when defer import and dynamic default export mixed
  • Reduce generated output when globalThis supported
  • Fixed loading async modules in defer import
  • Reexport module for default import when no used exports for systemjs library
  • Rename HarmonyExportDependencyParserPlugin exported id to CompatibilityPlugin tagged id
  • Handle __dirname and __filename for ES modules
  • Rename single nested __webpack_export__ and __webpack_require__ in already bundled code
  • [Types] webpack function type
  • [Types] NormalModule type
  • [Types] Multi compiler configuration type
  • [Types] Fixed regression in custom hashDigest type
  • [CSS] No extra runtime for initial chunk
  • [CSS] Fixed a lot of CSS modules bugs

v5.102.1

Fixes

  • Supported extends with env for browserslist
  • Supported JSONP fragment format for web workers.
  • Fixed dynamic import support in workers using browserslist.
  • Fixed default defer import mangling.
  • Fixed default import of commonjs externals for SystemJS format.
  • Fixed context modules to the same file with different import attributes.
  • Fixed typescript types.
  • Improved import.meta warning messages to be more clear when used directly.
  • [CSS] Fixed CC_UPPER_U parsing (E -> U) in tokenizer.

... (truncated)

Commits
  • e021948 chore(release): 5.103.0
  • 1dc6967 chore(deps): bump actions/checkout from 5.0.0 to 5.0.1 (#20130)
  • 077417f fix(css): many css modules bugs (#20129)
  • 7722518 chore: fix script (#20128)
  • 688a7f9 test: no runtime requirements for module library (#20127)
  • 04fe5a1 refactor: pkg.pr.new publish (#20093)
  • 27c05c7 fix: return to namespace import when the external request includes a specific...
  • 067cc60 refactor: no runtime requirements for module library (#20096)
  • d4208ba fix: delay HMR accept dependencies to preserve import attributes (#20124)
  • 102e1a4 feat(css): added css-style-sheet to exportType for CSSStyleSheet return (#20104)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Package Dependencies
Package:
webpack
Ecosystem:
npm
Version Change:
5.89.0 → 5.103.0
Update Type:
Minor
Actions
View on GitHub View Repository All Dependabot PRs
Technical Details
ID: 11186035
UUID: 3641766255
Node ID: PR_kwDOKrVUDs60TYzU
Host: GitHub
Repository: GleapSDK/JavaScript-AdminHelper-SDK