Skip to content

Bump serialize-javascript, webpack, compression-webpack-plugin and terser-webpack-plugin in /nifi-registry/nifi-registry-core/nifi-registry-web-ui/src/main#11274

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/nifi-registry/nifi-registry-core/nifi-registry-web-ui/src/main/multi-5dc969b5af
Closed

Bump serialize-javascript, webpack, compression-webpack-plugin and terser-webpack-plugin in /nifi-registry/nifi-registry-core/nifi-registry-web-ui/src/main#11274
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/nifi-registry/nifi-registry-core/nifi-registry-web-ui/src/main/multi-5dc969b5af

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 22, 2026

Bumps serialize-javascript to 7.0.5 and updates ancestor dependencies serialize-javascript, webpack, compression-webpack-plugin and terser-webpack-plugin. These dependencies need to be updated together.

Updates serialize-javascript from 5.0.1 to 7.0.5

Release notes

Sourced from serialize-javascript's releases.

v7.0.5

Fixes

  • Improve robustness and validation for array-like object serialization.
  • Fix an issue where certain object structures could lead to excessive CPU usage.

For more details, please see GHSA-qj8w-gfj5-8c6v.

v7.0.4

What's Changed

Full Changelog: yahoo/serialize-javascript@v7.0.3...v7.0.4

v7.0.3

  • fix(CVE-2020-7660): fix for RegExp.flags and Date.prototype.toISOString (#207) 2e609d0
  • build(deps-dev): bump lodash from 4.17.21 to 4.17.23 (#206) 42b7cdb

yahoo/serialize-javascript@v7.0.2...v7.0.3

v7.0.2

What's Changed

Full Changelog: yahoo/serialize-javascript@v7.0.1...v7.0.2

v7.0.1

What's Changed

New Contributors

Full Changelog: yahoo/serialize-javascript@v7.0.0...v7.0.1

v7.0.0

Breaking Changes

  • requires Node.js v20+

What's Changed

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for serialize-javascript since your current version.


Updates webpack from 4.46.0 to 5.107.1

Release notes

Sourced from webpack's releases.

v5.107.1

Patch Changes

  • Align the experimental HTML tokenizer with the WHATWG spec: fix offset-range bugs in the script-data, content-mode end-tag, attribute-value, and EOF states; surface tokenizer parse errors to consumers via a new parseError callback ("warning" when the tokenizer recovers and the emitted token is still well-formed, "error" when the offset range is incomplete — e.g. eof-in-tag); and add the full WHATWG named character references table so decodeHtmlEntities handles all named entities (including legacy bare forms like &AMP and multi-code-point entities like ≂̸) with proper longest-prefix backtracking. (by @​alexander-akait in #21000)

  • Tree-shake CommonJS modules imported through a const NAME = require(LITERAL) binding when only static members of NAME are read. Previously webpack treated every export of such modules as referenced (because the bare require() dependency reports EXPORTS_OBJECT_REFERENCED), so unused exports.x = ... assignments remained in the bundle even with usedExports enabled. The parser now forwards NAME.x / NAME.x() / NAME["x"] accesses to the underlying CommonJsRequireDependency as referenced exports, falling back to the full exports object the moment NAME is read in any other context (passed by value, destructured later, accessed with a dynamic key, …). This brings the binding form to parity with the existing destructuring form (const { x } = require(...)). (by @​alexander-akait in #21003)

  • Fix RangeError: Maximum call stack size exceeded thrown from HarmonyImportSideEffectDependency.getModuleEvaluationSideEffectsState on long linear chains of side-effect-free imports. NormalModule.getSideEffectsConnectionState previously descended through HarmonyImportSideEffectDependency.getModuleEvaluationSideEffectsState recursively, adding two stack frames per module, which overflowed V8's stack at a few thousand modules deep. The traversal is now iterative. (by @​alexander-akait in #20993)

  • Fix NormalModuleFactory parser/generator types: (by @​alexander-akait in #20999)

    • module.generator.html now uses HtmlGeneratorOptions instead of EmptyGeneratorOptions (the extract option was hidden from the createGenerator / generator hook types).
    • WebAssembly (webassembly/async, webassembly/sync) generator hooks now use EmptyGeneratorOptions instead of EmptyParserOptions.
    • NormalModuleFactory#getParser / createParser / getGenerator / createGenerator are now generic over the module-type string, returning the specific parser/generator class for known types (e.g. JavascriptParser for "javascript/auto", CssGenerator for "css", etc.) instead of always returning the base Parser / Generator.
    • NormalModuleCreateData is now generic over the module type so parser, parserOptions, generator, and generatorOptions are narrowed to the specific class / options for the given type.

  • Link import bindings used inside define(...) callbacks in ES modules. Previously, HarmonyDetectionParserPlugin skipped walking the arguments of define calls in harmony modules, so references to imported bindings inside an inline AMD define factory (e.g. define(function () { console.log(foo); })) were not rewritten to their imported references and could cause ReferenceError at runtime. Inner graph usage analysis is also fixed for the related pattern const fn = function () { foo; }; define(fn);. (by @​alexander-akait in #20990)

  • HTML-entry pipeline (experiments.html + experiments.css): emit <link rel="stylesheet"> tags for CSS chunks reachable from a <script src> entry. Previously when the bundled JS imported CSS, the resulting .css file was emitted to disk but never referenced from the extracted HTML (no <link> tag), and when splitChunks extracted CSS into sibling chunks the HTML cloned the originating <script> for each one — producing <script src="style.js"> pointing at non-existent JS filenames instead of <link rel="stylesheet" href="style.css">. CSS chunks are now sorted by the entrypoint's module post-order index so the <link> tags also appear in source import order, fixing the cascade ordering issue documented in html-webpack-plugin#1838 and webpack/mini-css-extract-plugin#959 for HTML-entry builds. nonce/crossorigin/referrerpolicy are copied from the originating tag onto the emitted <link>. (by @​alexander-akait in #21002)

  • Allow devtool and SourceMapDevToolPlugin (or multiple SourceMapDevToolPlugin instances) to coexist on the same asset. Previously the second instance would silently skip any asset whose info.related.sourceMap had already been set by an earlier instance, and even when it ran the asset had been rewrapped as a RawSource so no source map could be recovered — producing an empty .map file. The plugin now keeps a per-compilation stash of pristine source maps, namespaces its persistent cache entries by the options that affect output, and appends additional related.sourceMap entries instead of overwriting them. The classic workaround of pairing devtool: 'hidden-source-map' with a new webpack.SourceMapDevToolPlugin({ filename: '[file].secondary.map', noSources: true }) now produces both maps in a single build. (by @​alexander-akait in #21001)

  • Narrow TemplatePathFn callback types by context. pathData.chunk is now non-optional for chunk filename callbacks (output.filename, chunkFilename, cssFilename, cssChunkFilename, htmlFilename, htmlChunkFilename, optimization.splitChunks.cacheGroups[*].filename), and pathData.module is non-optional for module filename callbacks (output.assetModuleFilename, per-module generator.filename / generator.outputPath, module.parser.css.localIdentName). (by @​alexander-akait in #20987)

  • Tighten the CreateData typedef in NormalModuleFactory. CreateData now represents the fully-populated value passed to the createModule, module, and createModuleClass hooks (NormalModuleCreateData & { settings: ModuleSettings }), while ResolveData.createData is typed as Partial<CreateData> to reflect the empty initial state. Plugins tapping those hooks no longer need to cast individual fields away from optional. (by @​alexander-akait in #20992)

  • Stop webpackPrefetch / webpackPreload magic comments from leaking across import() call sites that share a webpackChunkName. When two imports targeted the same named chunk and only one of them set webpackPrefetch: true, the prefetch directive was applied from every parent chunk that referenced the named chunk. Prefetch and preload orders are now resolved per import() call site instead of from the shared chunk group's accumulated options. (by @​alexander-akait in #20994)

  • Fix [fullhash:N] and [hash:N] (with length suffix) in output.publicPath not being interpolated at runtime. The detection regex in RuntimePlugin only matched [fullhash] / [hash] without a length suffix, so the PublicPathRuntimeModule was not flagged as a full-hash module and __webpack_require__.p was emitted with the placeholder XXXX left in place (e.g. out/XXXX/) instead of the real hash truncated to the requested length. (by @​alexander-akait in #21004)

  • Re-export ModuleNotFoundError from webpack/lib/ModuleNotFoundError for backward compatibility with old plugins that import it from that path. This re-export will be removed in webpack 6. (by @​alexander-akait in #20988)

v5.107.0

Minor Changes

  • Add module.generator.javascript.anonymousDefaultExportName option to control whether webpack sets .name to "default" for anonymous default export functions and classes per ES spec. Defaults to true for applications and false for libraries (when output.library is set) to avoid unnecessary bundle size overhead. Also extract anonymous default export .name fix-up into a shared runtime helper (__webpack_require__.dn), replacing repeated inline Object.defineProperty / Object.getOwnPropertyDescriptor calls with a single short call per module to reduce output size. (by @​xiaoxiaojx in #20894)

  • Support module concatenation (scope hoisting) for CSS modules with text, css-style-sheet, style, and link export types (by @​xiaoxiaojx in #20851)

  • The generator.exportsConvention function form for CSS modules now accepts string[] in addition to string. (by @​alexander-akait in #20914)

  • Add linkInsert hook to CssLoadingRuntimeModule.getCompilationHooks(compilation) so plugin developers can control where stylesheet <link> elements are inserted into the document. (by @​alexander-akait in #20947)

  • Add CssModulesPlugin.getCompilationHooks(compilation).orderModules hook. (by @​alexander-akait in #20978)

  • Add a pure parser option for css/module and css/auto types matching postcss-modules-local-by-default's pure mode: every selector must contain at least one local class or id, otherwise webpack emits a build error. (by @​alexander-akait in #20946)

  • Support CSS Modules @value identifiers as @import URLs and inside url() functions, e.g. @value path: "./other.css"; @import path; and @value bg: "./image.png"; .a { background: url(bg); } (by @​alexander-akait in #20925)

  • Add experimental TypeScript support via experiments.typescript: true (auto-enabled by experiments.futureDefaults). Uses Node.js's built-in module.stripTypeScriptTypes (Node.js >= 22.6 with the stable mode: "strip" API, including Node.js 26) to transform .ts, .cts, .mts, data:text/typescript, and data:application/typescript modules — no type checking, only erasable TypeScript (types, generics, import type, casts). .tsx/JSX and non-erasable syntax (enum, namespace, parameter-property constructors, decorator metadata) are NOT supported; use a TSX-capable loader (e.g. ts-loader, swc-loader) for those. (by @​alexander-akait in #20964)

... (truncated)

Changelog

Sourced from webpack's changelog.

5.107.1

Patch Changes

  • Align the experimental HTML tokenizer with the WHATWG spec: fix offset-range bugs in the script-data, content-mode end-tag, attribute-value, and EOF states; surface tokenizer parse errors to consumers via a new parseError callback ("warning" when the tokenizer recovers and the emitted token is still well-formed, "error" when the offset range is incomplete — e.g. eof-in-tag); and add the full WHATWG named character references table so decodeHtmlEntities handles all named entities (including legacy bare forms like &AMP and multi-code-point entities like &NotEqualTilde;) with proper longest-prefix backtracking. (by @​alexander-akait in #21000)

  • Tree-shake CommonJS modules imported through a const NAME = require(LITERAL) binding when only static members of NAME are read. Previously webpack treated every export of such modules as referenced (because the bare require() dependency reports EXPORTS_OBJECT_REFERENCED), so unused exports.x = ... assignments remained in the bundle even with usedExports enabled. The parser now forwards NAME.x / NAME.x() / NAME["x"] accesses to the underlying CommonJsRequireDependency as referenced exports, falling back to the full exports object the moment NAME is read in any other context (passed by value, destructured later, accessed with a dynamic key, …). This brings the binding form to parity with the existing destructuring form (const { x } = require(...)). (by @​alexander-akait in #21003)

  • Fix RangeError: Maximum call stack size exceeded thrown from HarmonyImportSideEffectDependency.getModuleEvaluationSideEffectsState on long linear chains of side-effect-free imports. NormalModule.getSideEffectsConnectionState previously descended through HarmonyImportSideEffectDependency.getModuleEvaluationSideEffectsState recursively, adding two stack frames per module, which overflowed V8's stack at a few thousand modules deep. The traversal is now iterative. (by @​alexander-akait in #20993)

  • Fix NormalModuleFactory parser/generator types: (by @​alexander-akait in #20999)

    • module.generator.html now uses HtmlGeneratorOptions instead of EmptyGeneratorOptions (the extract option was hidden from the createGenerator / generator hook types).
    • WebAssembly (webassembly/async, webassembly/sync) generator hooks now use EmptyGeneratorOptions instead of EmptyParserOptions.
    • NormalModuleFactory#getParser / createParser / getGenerator / createGenerator are now generic over the module-type string, returning the specific parser/generator class for known types (e.g. JavascriptParser for "javascript/auto", CssGenerator for "css", etc.) instead of always returning the base Parser / Generator.
    • NormalModuleCreateData is now generic over the module type so parser, parserOptions, generator, and generatorOptions are narrowed to the specific class / options for the given type.

  • Link import bindings used inside define(...) callbacks in ES modules. Previously, HarmonyDetectionParserPlugin skipped walking the arguments of define calls in harmony modules, so references to imported bindings inside an inline AMD define factory (e.g. define(function () { console.log(foo); })) were not rewritten to their imported references and could cause ReferenceError at runtime. Inner graph usage analysis is also fixed for the related pattern const fn = function () { foo; }; define(fn);. (by @​alexander-akait in #20990)

  • HTML-entry pipeline (experiments.html + experiments.css): emit <link rel="stylesheet"> tags for CSS chunks reachable from a <script src> entry. Previously when the bundled JS imported CSS, the resulting .css file was emitted to disk but never referenced from the extracted HTML (no <link> tag), and when splitChunks extracted CSS into sibling chunks the HTML cloned the originating <script> for each one — producing <script src="style.js"> pointing at non-existent JS filenames instead of <link rel="stylesheet" href="style.css">. CSS chunks are now sorted by the entrypoint's module post-order index so the <link> tags also appear in source import order, fixing the cascade ordering issue documented in html-webpack-plugin#1838 and webpack/mini-css-extract-plugin#959 for HTML-entry builds. nonce/crossorigin/referrerpolicy are copied from the originating tag onto the emitted <link>. (by @​alexander-akait in #21002)

  • Allow devtool and SourceMapDevToolPlugin (or multiple SourceMapDevToolPlugin instances) to coexist on the same asset. Previously the second instance would silently skip any asset whose info.related.sourceMap had already been set by an earlier instance, and even when it ran the asset had been rewrapped as a RawSource so no source map could be recovered — producing an empty .map file. The plugin now keeps a per-compilation stash of pristine source maps, namespaces its persistent cache entries by the options that affect output, and appends additional related.sourceMap entries instead of overwriting them. The classic workaround of pairing devtool: 'hidden-source-map' with a new webpack.SourceMapDevToolPlugin({ filename: '[file].secondary.map', noSources: true }) now produces both maps in a single build. (by @​alexander-akait in #21001)

  • Narrow TemplatePathFn callback types by context. pathData.chunk is now non-optional for chunk filename callbacks (output.filename, chunkFilename, cssFilename, cssChunkFilename, htmlFilename, htmlChunkFilename, optimization.splitChunks.cacheGroups[*].filename), and pathData.module is non-optional for module filename callbacks (output.assetModuleFilename, per-module generator.filename / generator.outputPath, module.parser.css.localIdentName). (by @​alexander-akait in #20987)

  • Tighten the CreateData typedef in NormalModuleFactory. CreateData now represents the fully-populated value passed to the createModule, module, and createModuleClass hooks (NormalModuleCreateData & { settings: ModuleSettings }), while ResolveData.createData is typed as Partial<CreateData> to reflect the empty initial state. Plugins tapping those hooks no longer need to cast individual fields away from optional. (by @​alexander-akait in #20992)

  • Stop webpackPrefetch / webpackPreload magic comments from leaking across import() call sites that share a webpackChunkName. When two imports targeted the same named chunk and only one of them set webpackPrefetch: true, the prefetch directive was applied from every parent chunk that referenced the named chunk. Prefetch and preload orders are now resolved per import() call site instead of from the shared chunk group's accumulated options. (by @​alexander-akait in #20994)

  • Fix [fullhash:N] and [hash:N] (with length suffix) in output.publicPath not being interpolated at runtime. The detection regex in RuntimePlugin only matched [fullhash] / [hash] without a length suffix, so the PublicPathRuntimeModule was not flagged as a full-hash module and __webpack_require__.p was emitted with the placeholder XXXX left in place (e.g. out/XXXX/) instead of the real hash truncated to the requested length. (by @​alexander-akait in #21004)

  • Re-export ModuleNotFoundError from webpack/lib/ModuleNotFoundError for backward compatibility with old plugins that import it from that path. This re-export will be removed in webpack 6. (by @​alexander-akait in #20988)

5.107.0

Minor Changes

  • Add module.generator.javascript.anonymousDefaultExportName option to control whether webpack sets .name to "default" for anonymous default export functions and classes per ES spec. Defaults to true for applications and false for libraries (when output.library is set) to avoid unnecessary bundle size overhead. Also extract anonymous default export .name fix-up into a shared runtime helper (__webpack_require__.dn), replacing repeated inline Object.defineProperty / Object.getOwnPropertyDescriptor calls with a single short call per module to reduce output size. (by @​xiaoxiaojx in #20894)

  • Support module concatenation (scope hoisting) for CSS modules with text, css-style-sheet, style, and link export types (by @​xiaoxiaojx in #20851)

  • The generator.exportsConvention function form for CSS modules now accepts string[] in addition to string. (by @​alexander-akait in #20914)

  • Add linkInsert hook to CssLoadingRuntimeModule.getCompilationHooks(compilation) so plugin developers can control where stylesheet <link> elements are inserted into the document. (by @​alexander-akait in #20947)

  • Add CssModulesPlugin.getCompilationHooks(compilation).orderModules hook. (by @​alexander-akait in #20978)

  • Add a pure parser option for css/module and css/auto types matching postcss-modules-local-by-default's pure mode: every selector must contain at least one local class or id, otherwise webpack emits a build error. (by @​alexander-akait in #20946)

  • Support CSS Modules @value identifiers as @import URLs and inside url() functions, e.g. @value path: "./other.css"; @import path; and @value bg: "./image.png"; .a { background: url(bg); } (by @​alexander-akait in #20925)

... (truncated)

Commits
  • a1ce7eb chore(release): new release (#20989)
  • 916810e test: lock chunk filenames stay verbatim for scoped names (#21006)
  • 72ef0fb fix: tree-shake CommonJS exports through const NAME = require(LITERAL) bind...
  • 6c5f2f8 docs: tighten AGENTS.md rules for directory listings, branch names, and PR te...
  • 9edcb3d fix: interpolate [fullhash:N] / [hash:N] in output.publicPath at runtime (#21...
  • e3ba2ff fix: emit \<link rel=stylesheet> for CSS chunks reachable from `<script src>...
  • 1097a7f fix(html): align walkHtmlTokens with WHATWG spec (#21000)
  • 67b7419 fix: allow devtool and SourceMapDevToolPlugin to coexist on the same asset (#...
  • 294197c fix: correct createParser/createGenerator hook types in `NormalModuleFact...
  • ec6ad34 chore(deps): bump codecov/codecov-action in the dependencies group (#20995)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for webpack since your current version.

Install script changes

This version adds prepare script that runs during installation. Review the package contents before updating.


Updates compression-webpack-plugin from 6.1.1 to 12.0.0

Release notes

Sourced from compression-webpack-plugin's releases.

v12.0.0

12.0.0 (2026-03-02)

⚠ BREAKING CHANGES

  • minimum supported Node.js version is 20.9.0 (#423) (5d0ab70)

v11.1.0

11.1.0 (2024-02-27)

Features

  • support the deleteOriginalAssets option as a function (#380) (1be8955)

Bug Fixes

v11.0.0

11.0.0 (2024-01-15)

⚠ BREAKING CHANGES

  • minimum supported Node.js version is 18.12.0 (2ef7b37)

v10.0.0

10.0.0 (2022-05-17)

⚠ BREAKING CHANGES

  • default filename is [path][base].br for brotli (#286)
  • minimum supported Node.js version is 14.15.0 (#301)

v9.2.0

9.2.0 (2021-12-16)

Features

  • removed cjs wrapper and generated types in commonjs format (export = and namespaces used in types), now you can directly use exported types (#277) (8664d36)

v9.1.2

9.1.2 (2021-12-13)

... (truncated)

Changelog

Sourced from compression-webpack-plugin's changelog.

12.0.0 (2026-03-02)

⚠ BREAKING CHANGES

  • minimum supported Node.js version is 20.9.0 (#423) (5d0ab70)

11.1.0 (2024-02-27)

Features

  • support the deleteOriginalAssets option as a function (#380) (1be8955)

Bug Fixes

11.0.0 (2024-01-15)

⚠ BREAKING CHANGES

  • minimum supported Node.js version is 18.12.0 (2ef7b37)

10.0.0 (2022-05-17)

⚠ BREAKING CHANGES

  • default filename is [path][base].br for brotli (#286)
  • minimum supported Node.js version is 14.15.0 (#301)

Bug Fixes

  • default filename is [path][base].br for brotli (#286) (db04e14)

  • minimum supported Node.js version is 14.15.0 (#301) (5db3255)

9.2.0 (2021-12-16)

Features

  • removed cjs wrapper and generated types in commonjs format (export = and namespaces used in types), now you can directly use exported types (#277) (8664d36)

9.1.2 (2021-12-13)

... (truncated)

Commits
Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.


Updates terser-webpack-plugin from 1.4.5 to 5.6.0

Release notes

Sourced from terser-webpack-plugin's releases.

v5.6.0

Minor Changes

  • support array of minimizers for minify and terserOptions (by @​alexander-akait in #674)

  • add built-in CSS minimizers from css-minimizer-webpack-plugin (by @​alexander-akait in #674)

  • add built-in HTML minimizers from html-minimizer-webpack-plugin (by @​alexander-akait in #674)

  • add filter method to minimizers, allowing a single plugin instance to handle multiple asset types (by @​alexander-akait in #674)

  • terser-webpack-plugin has been renamed to minimizer-webpack-plugin, merging other minimizers from css-minimizer-webpack-plugin and html-minimizer-webpack-plugin. We will continue to publish new releases under the old name, but we recommend switching to the new package - minimizer-webpack-plugin. It is now a single plugin for minification. We also added the ability to specify different minifier types using only one plugin instance, which will improve performance. (by @​alexander-akait in #677)

  • rename terserOptions to minimizerOptions; terserOptions is kept as a deprecated alias (by @​alexander-akait in #674)

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

v5.5.0

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

5.5.0 (2026-04-23)

Features

  • support extractComments in swcMinify (#665) (03143d3)

v5.4.0

5.4.0 (2026-03-10)

Features

  • added ability to minimize JSON using jsonMinify (#657) (29ac915)

v5.3.17

5.3.17 (2026-03-03)

Bug Fixes

  • update serialize-javascript (37c490c)

v5.3.16

5.3.16 (2025-12-11)

Bug Fixes

... (truncated)

Changelog

Sourced from terser-webpack-plugin's changelog.

5.6.0

Minor Changes

  • support array of minimizers for minify and terserOptions (by @​alexander-akait in #674)

  • add built-in CSS minimizers from css-minimizer-webpack-plugin (by @​alexander-akait in #674)

  • add built-in HTML minimizers from html-minimizer-webpack-plugin (by @​alexander-akait in #674)

  • add filter method to minimizers, allowing a single plugin instance to handle multiple asset types (by @​alexander-akait in #674)

  • terser-webpack-plugin has been renamed to minimizer-webpack-plugin, merging other minimizers from css-minimizer-webpack-plugin and html-minimizer-webpack-plugin. We will continue to publish new releases under the old name, but we recommend switching to the new package - minimizer-webpack-plugin. It is now a single plugin for minification. We also added the ability to specify different minifier types using only one plugin instance, which will improve performance. (by @​alexander-akait in #677)

  • rename terserOptions to minimizerOptions; terserOptions is kept as a deprecated alias (by @​alexander-akait in #674)

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

5.5.0 (2026-04-23)

Features

  • support extractComments in swcMinify (#665) (03143d3)

5.4.0 (2026-03-10)

Features

  • added ability to minimizer JSON using jsonMinify (#657) (29ac915)

5.3.17 (2026-03-03)

Bug Fixes

  • update serialize-javascript (37c490c)

5.3.16 (2025-12-11)

Bug Fixes

5.3.15 (2025-12-05)

Bug Fixes

  • catch error when loading minimizers (#639) (586af0a)
  • respect errors and warnings from minimizer without code (8607f79)

5.3.14 (2025-03-06)

... (truncated)

Commits
  • 57bdcfc chore(release): new release (#675)
  • 6feeda0 chore: add changelog entry (#677)
  • dd360be chore: rename other things
  • d78b6bd ci: dual-publish release as minimizer-webpack-plugin and terser-webpack-plugi...
  • e06c526 docs: add changesets for changes since v5.5.0 (#674)
  • a875994 chore: update codebase
  • 2bfd4f8 ci: add changesets-driven release workflow (#672)
  • 9b82a77 test: cover multi-asset minify and js-only minimizer fallback (#671)
  • 34610d9 feat: added the filter method to minimizers and allow to handle different a...
  • 1a34e62 feat: add built-in CSS minimizers from css-minimizer-webpack-plugin (#669)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for terser-webpack-plugin since your current version.

Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.


Most Recent Ignore Conditions Applied to This Pull Request
Dependency Name Ignore Conditions
webpack [>= 5.a, < 6]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump serialize-javascript, webpack, compression-webpack-plugin and te…
dcfbd44 
…rser-webpack-plugin

Bumps [serialize-javascript](https://github.com/yahoo/serialize-javascript) to 7.0.5 and updates ancestor dependencies [serialize-javascript](https://github.com/yahoo/serialize-javascript), [webpack](https://github.com/webpack/webpack), [compression-webpack-plugin](https://github.com/webpack/compression-webpack-plugin) and [terser-webpack-plugin](https://github.com/webpack/minimizer-webpack-plugin). These dependencies need to be updated together.


Updates `serialize-javascript` from 5.0.1 to 7.0.5
- [Release notes](https://github.com/yahoo/serialize-javascript/releases)
- [Commits](yahoo/serialize-javascript@v5.0.1...v7.0.5)

Updates `webpack` from 4.46.0 to 5.107.1
- [Release notes](https://github.com/webpack/webpack/releases)
- [Changelog](https://github.com/webpack/webpack/blob/main/CHANGELOG.md)
- [Commits](webpack/webpack@v4.46.0...v5.107.1)

Updates `compression-webpack-plugin` from 6.1.1 to 12.0.0
- [Release notes](https://github.com/webpack/compression-webpack-plugin/releases)
- [Changelog](https://github.com/webpack/compression-webpack-plugin/blob/main/CHANGELOG.md)
- [Commits](webpack/compression-webpack-plugin@v6.1.1...v12.0.0)

Updates `terser-webpack-plugin` from 1.4.5 to 5.6.0
- [Release notes](https://github.com/webpack/minimizer-webpack-plugin/releases)
- [Changelog](https://github.com/webpack/minimizer-webpack-plugin/blob/main/CHANGELOG.md)
- [Commits](webpack/minimizer-webpack-plugin@v1.4.5...v5.6.0)

---
updated-dependencies:
- dependency-name: serialize-javascript
  dependency-version: 7.0.5
  dependency-type: indirect
- dependency-name: webpack
  dependency-version: 5.107.1
  dependency-type: direct:development
- dependency-name: compression-webpack-plugin
  dependency-version: 12.0.0
  dependency-type: direct:development
- dependency-name: terser-webpack-plugin
  dependency-version: 5.6.0
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels May 22, 2026
@pvillard31 pvillard31 closed this May 24, 2026
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 24, 2026

OK, I won't notify you again about this release, but will get in touch when a new version is available.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/nifi-registry/nifi-registry-core/nifi-registry-web-ui/src/main/multi-5dc969b5af branch May 24, 2026 10:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@pvillard31