[Snyk] Upgrade webpack-dev-server from 3.1.10 to 3.10.3

[snyk-bot]

Snyk has created this PR to upgrade webpack-dev-server from 3.1.10 to 3.10.3.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 24 versions ahead of your current version.
• The recommended version was released a month ago, on 2020-02-05.

The recommended version fixes:

Severity	Issue	Exploit Maturity
	Information Exposure SNYK-JS-WEBPACKDEVSERVER-72405	No Known Exploit
	Improper Input Validation SNYK-JS-URLPARSE-543307	Proof of Concept

Release notes

Package name: webpack-dev-server

• 3.10.3 - 2020-02-05
  

  3.10.3 (2020-02-05)

  Bug Fixes

  • forward error requests to the proxy (#2425) (e291cd4)
• 3.10.2 - 2020-01-31
  

  3.10.2 (2020-01-31)

  Bug Fixes

  • fallthrough non GET and HEAD request to routes (#2374) (ebe8eca)
  • add an optional peer dependency on webpack-cli (#2396) (aa365df)
  • add heartbeat for the websocket server (#2404) (1a7c827)
• 3.10.1 - 2019-12-19
  

  3.10.1 (2019-12-19)

  Bug Fixes

  • ie11 compatibility (1306abe)
• 3.10.0 - 2019-12-18
  

  3.10.0 (2019-12-18)

  Features

  • client: allow sock port to use location's port (sockPort: 'location') (#2341) (dc10d06)
  • server: add contentBasePublicPath option (#2150) (cee700d)

  Bug Fixes

  • client: don't override protocol for socket connection to 127.0.0.1 (#2303) (3a31917), closes #2302
  • server: respect sockPath on transportMode: 'ws' (#2310) (#2311) (e188542)
  • https on chrome linux (#2330) (dc8b475)
  • support webpack@5 (#2359) (8f89c01)
• 3.9.0 - 2019-10-22
  

  3.9.0 (2019-10-22)

  Bug Fixes

  • add hostname and port to bonjour name to prevent name collisions (#2276) (d8af2d9)
  • add extKeyUsage to self-signed cert (#2274) (a4dbc3b)

  Features

  • add multiple openPage support (#2266) (c9e9178)
• 3.8.2 - 2019-10-02
  

  3.8.2 (2019-10-02)

  Security

  • update selfsigned package
• 3.8.1 - 2019-09-16
  

  3.8.1 (2019-09-16)

  Bug Fixes

  • add null check for connection.headers (#2200) (7964997)
  • false positive for an absolute path in the ContentBase option on windows (#2202) (68ecf78)
  • add status in quiet log level (#2235) (7e2224e)
  • scriptHost in client (#2246) (00903f6)
• 3.8.0 - 2019-08-09
  

  3.8.0 (2019-08-09)

  Bug Fixes

  • server: fix setupExitSignals usage (#2181) (bbe410e)
  • server: set port before instantiating server (#2143) (cfbf229)
  • check for name of HotModuleReplacementPlugin to avoid RangeError (#2146) (4579775)
  • server: check for external urls in array (#1980) (fa78347)
  • server: fix header check for socket server (#2077) (7f51859)
  • server: stricter headers security check (#2092) (078ddca)

  Features

  • server: add transportMode (#2116) (b5b9cb4)
  • server/client: made progress option available to API (#1961) (56274e4)

  Potential Breaking Changes

  We have migrated serverMode and clientMode to transportMode as an experimental option. If you want to use this feature, you have to change your settings.

  Related PR: #2116

• 3.7.2 - 2019-06-18
  

  3.7.2 (2019-06-17)

  Bug Fixes

  • client: add default fallback for client (#2015) (d26b444)
  • open: set wait: false to run server.close successfully (#2001) (2b4cb52)
  • test: fixed ProvidePlugin.test.js (#2002) (47453cb)
• 3.7.1 - 2019-06-07
  

  3.7.1 (2019-06-07)

  Bug Fixes

  • retry finding port when port is null and get ports in sequence (#1993) (bc57514)
• 3.7.0 - 2019-06-06
• 3.6.0 - 2019-06-05
• 3.5.1 - 2019-06-01
• 3.5.0 - 2019-05-31
• 3.4.1 - 2019-05-17
• 3.4.0 - 2019-05-17
• 3.3.1 - 2019-04-09
• 3.3.0 - 2019-04-08
• 3.2.1 - 2019-02-25
• 3.2.0 - 2019-02-20
• 3.1.14 - 2018-12-24
• 3.1.13 - 2018-12-22
• 3.1.12 - 2018-12-22
• 3.1.11 - 2018-12-21
• 3.1.10 - 2018-10-23

from webpack-dev-server GitHub release notes

Commit messages

Package name: webpack-dev-server

• f710b7d chore(release): 3.10.3
• e291cd4 fix: forward error requests to the proxy (#2425)
• 7ee8bc0 chore(deps): update dependency eslint-plugin-import to ^2.20.1 (#2422)
• 638103f chore(deps): update dependency lint-staged to ^10.0.7 (#2413)
• 5aa86b5 chore(release): 3.10.2
• 1a7c827 fix: add heartbeat for the websocket server (#2404)
• 0325b01 chore(deps): update all patch dependencies (#2412)
• 7852f05 chore(deps): update dependency lint-staged to v10 (#2397)
• 43e8c24 chore(deps): update all patch dependencies (#2394)
• d7ebf19 chore(deps): update all minor dependencies (#2390)
• aa365df fix: add an optional peer dependency on webpack-cli (#2396)
• f9937f5 chore(deps): update all patch dependencies to ^8.3.4 (#2382)
• a1d28c0 chore(deps): update all patch dependencies (master) (patch) (#2372)
• f671241 chore(deps): update all minor dependencies (master) (minor) (#2375)
• ebe8eca fix(server): fallthrough non `GET` and `HEAD` request to routes… (#2374)
• f4c8f94 chore(deps): update dependency eslint-config-prettier to ^6.8.0… (#2371)
• 453b41e chore(deps): update all minor dependencies (master) (minor) (#2366)
• ff3dfbc chore(deps): update all patch dependencies (#2367)
• 699404b fix: ie11 compatibility (#2364)
• b824124 chore(deps): update all patch dependencies (#2356)
• e330423 chore(release): 3.10.0
• dc8b475 fix: https on chrome linux (#2330)
• 8f89c01 fix: support webpack@5 (#2359)
• 3203688 chore(deps): update dependency url-loader to v3 (master) (#2331)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs