Bump @symfony/webpack-encore from 4.7.0 to 5.0.1

[dependabot[bot]]

Bumps @symfony/webpack-encore from 4.7.0 to 5.0.1.

Release notes

Sourced from @​symfony/webpack-encore's releases.

v5.0.1

Bug fixes

• #1349 Fix issue between Encore.enableIntegrityHashes() and filenames with a query-string (@​Kocal)

Upgrading

npm install "@symfony/webpack-encore@^5.0.1" --save-dev
Or:
yarn upgrade "@​symfony/webpack-encore@^5.0.1"

Changes: https://github.com/symfony/webpack-encore/compare/v5.0.0...v5.0.1

Happy Packing!

5.0: Major dependency upgrades and deprecated features deletion, less dependencies: Encore on a diet!

Hey packagers!

Exactly one month after the last release, this new major release is now ready to be used! 🎉

This new version contains many changes, in a nutshell:

• removal of support for Node.js 19 and 21
• deletion of deprecated features, such as support for Vue 2 and ESLint.
• removal of support for webpack-cli@4 and webpack-dev-server@4,
• update to sass-loader@16, css-loader@7 and css-minimizer-webpack-plugin@7
• makes Webpack dev-server optional
• and much more... see the full changelog below!

With all these modifications, we were able to lighten @symfony/webpack-encore by removing ~220 dependencies comparing to the version 4.7.0, thus reducing installation times and disk writing, but also reducing the possibility of installing a dependency containing a vulnerability:

Package info for "@symfony/[email protected]": 61 MB
  Released: 2024-08-29 16:26:01.762 +0000 UTC (4w3d ago)
  Downloads last week: 27,421 (16.14%)
  Estimated traffic last week: 1.7 TB
  Subdependencies: 628
Package info for "@​symfony/webpack-encore@​5.0.0": 53 MB

Released: 2024-09-29 20:08:45.238 +0000 UTC (1m20s ago)

Downloads last week: N/A (N/A%)

Estimated traffic last week: N/A

Subdependencies: 408
Estimated new statistics:

Package size: 61 MB → 53 MB (86.01%)

Subdependencies: 628 → 408 (-220)

Traffic with last week's downloads:

</tr></table>

... (truncated)

Changelog

Sourced from @​symfony/webpack-encore's changelog.

5.0.1

• #1349 Fix issue between Encore.enableIntegrityHashes() and filenames with a query-string (@​Kocal)

5.0.0

This is a new major version that contains several backwards-compatibility breaks.

Features

• #1344 Add options configuration callback to Encore.enableReactPreset() (@​Kocal)

• #1345 Add support for integrity hashes when asset names contain a query string (@​Kocal)

BC Breaks

• #1321 Drop support of Node.js 19 and 21 (@​Kocal)

• #1307 Drop webpack-cli 4 support, only webpack-cli ^5.1.4 is supported (@​Kocal)

• #1318 Drop webpack-dev-server 4 support, only webpack-dev-server 5 is supported (@​Kocal)

The dev-server options have changed between versions 4 and 5, see the official migration guide to v5. For example:

// With webpack-dev-server 4:
Encore.configureDevServerOptions((options) => {
   options.https = {
     ca: "./path/to/server.pem",
     pfx: "./path/to/server.pfx",
     key: "./path/to/server.key",
     cert: "./path/to/server.crt",
     passphrase: "webpack-dev-server",
     requestCert: true,
   };
});
// With webpack-dev-server 5 (now):

Encore.configureDevServerOptions((options) => {

options.server = {

type: 'https',

options: {

ca: "./path/to/server.pem",

pfx: "./path/to/server.pfx",

key: "./path/to/server.key",

cert: "./path/to/server.crt",

passphrase: "webpack-dev-server",

requestCert: true,

}

};

</tr></table>

... (truncated)

Commits

• 2a3afce Tagging 5.0.1
• 61459d6 bug #1349 Fix issue between Encore.enableIntegrityHashes() and filenames wi...
• c965684 Fix integrity hashes with query string, use the original assets name in "inte...
• ce54d41 Tagging 5.0.0
• d7166c6 minor #1348 chore: Rewrite changelog for 5.0.0 (Kocal)
• dc91cf8 chore: Rewrite changelog for 5.0.0
• 15ad6a9 feature #1345 Add support for integrity hashes when asset names contain a que...
• 060a6e9 minor #1346 Fix method name (Kocal)
• 93dee6f Fix method name
• 23d32e5 Add support for integrity hashes when asset names contain a query string
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)