chore(deps): update dependency webpack to v5.76.0 [security] - autoclosed

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
webpack	5.75.0 -> 5.76.0

GitHub Vulnerability Alerts

CVE-2023-28154

Webpack 5 before 5.76.0 does not avoid cross-realm object access. ImportParserPlugin.js mishandles the magic comment feature. An attacker who controls a property of an untrusted object can obtain access to the real global object.

---

Release Notes

webpack/webpack

v5.76.0

Compare Source

Bugfixes

• Avoid cross-realm object access by @​Jack-Works in https://github.com/webpack/webpack/pull/16500
• Improve hash performance via conditional initialization by @​lvivski in https://github.com/webpack/webpack/pull/16491
• Serialize generatedCode info to fix bug in asset module cache restoration by @​ryanwilsonperkin in https://github.com/webpack/webpack/pull/16703
• Improve performance of hashRegExp lookup by @​ryanwilsonperkin in https://github.com/webpack/webpack/pull/16759

Features

• add target to LoaderContext type by @​askoufis in https://github.com/webpack/webpack/pull/16781

Security

• CVE-2022-37603 fixed by @​akhilgkrishnan in https://github.com/webpack/webpack/pull/16446

Repo Changes

• Fix HTML5 logo in README by @​jakebailey in https://github.com/webpack/webpack/pull/16614
• Replace TypeScript logo in README by @​jakebailey in https://github.com/webpack/webpack/pull/16613
• Update actions/cache dependencies by @​piwysocki in https://github.com/webpack/webpack/pull/16493

New Contributors

• @​Jack-Works made their first contribution in https://github.com/webpack/webpack/pull/16500
• @​lvivski made their first contribution in https://github.com/webpack/webpack/pull/16491
• @​jakebailey made their first contribution in https://github.com/webpack/webpack/pull/16614
• @​akhilgkrishnan made their first contribution in https://github.com/webpack/webpack/pull/16446
• @​ryanwilsonperkin made their first contribution in https://github.com/webpack/webpack/pull/16703
• @​piwysocki made their first contribution in https://github.com/webpack/webpack/pull/16493
• @​askoufis made their first contribution in https://github.com/webpack/webpack/pull/16781

Full Changelog: webpack/webpack@v5.75.0...v5.76.0

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[renovate]

⚠ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: yarn.lock

Error response from daemon: toomanyrequests: You have reached your pull rate limit. You may increase the limit by authenticating and upgrading: https://www.docker.com/increase-rate-limit