dotcom-page-kit

dotcom-page-kit copied to clipboard

This issue lists Renovate updates and detected dependencies. Read the [Dependency Dashboard](https://docs.renovatebot.com/key-concepts/dashboard/) docs to learn more. ## Repository problems These problems occurred while renovating this repository. [View logs](https://developer.mend.io//github/Financial-Times/dotcom-page-kit). - WARN:...

renovate[bot]

Update dependency webpack-assets-manifest to v5

1

This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [webpack-assets-manifest](https://redirect.github.com/webdeveric/webpack-assets-manifest) | [`^3.1.1` -> `^5.0.0`](https://renovatebot.com/diffs/npm/webpack-assets-manifest/3.1.1/5.2.1) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/)...

renovate[bot]

Update dependency webpack to v5

2

This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [webpack](https://redirect.github.com/webpack/webpack) | [`^4.39.2` -> `^5.0.0`](https://renovatebot.com/diffs/npm/webpack/4.47.0/5.94.0) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/)...

renovate[bot]

Update dependency mini-css-extract-plugin to v2

2

This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [mini-css-extract-plugin](https://redirect.github.com/webpack-contrib/mini-css-extract-plugin) | [`^0.12.0` -> `^2.0.0`](https://renovatebot.com/diffs/npm/mini-css-extract-plugin/0.12.0/2.9.1) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/)...

renovate[bot]

so far this PR just adds the `webpack-subresource-integrity` plugin to `dotcom-build-base`, and configures things to output the integrity hashes in the manifest. we'd still need to have `dotcom-ui-bootstrap` output these...

apaleslimghost

I've identified Cross-Site Scripting (XSS) vulnerabilities in '@financial-times/dotcom-ui-header' and '@financial-times-dotcom-ui-footer' **Vulnerability Details:** - **Severity**: High/Critical - **Description**: There's a risk of malicious script execution when the href of the a...

gtsp233

This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [node-fetch](https://redirect.github.com/node-fetch/node-fetch) | [`^2.2.1` -> `^3.0.0`](https://renovatebot.com/diffs/npm/node-fetch/2.7.0/3.3.2) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/)...

renovate[bot]

This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [get-package-name](https://redirect.github.com/i-like-robots/get-package-name) | [`^1.1.0` -> `^2.0.0`](https://renovatebot.com/diffs/npm/get-package-name/1.1.0/2.2.0) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/)...

renovate[bot]

This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [clean-webpack-plugin](https://redirect.github.com/johnagan/clean-webpack-plugin) | [`^3.0.0` -> `^4.0.0`](https://renovatebot.com/diffs/npm/clean-webpack-plugin/3.0.0/4.0.0) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/)...

renovate[bot]

This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [ajv](https://ajv.js.org) ([source](https://redirect.github.com/ajv-validator/ajv)) | [`^6.10.0` -> `^8.0.0`](https://renovatebot.com/diffs/npm/ajv/6.12.6/8.17.1) | [](https://docs.renovatebot.com/merge-confidence/) |...

renovate[bot]