Skip to content

chore(deps): update dependency webpack-dev-server to v5.2.6#47

Open
red-hat-konflux-kflux-prd-rh02[bot] wants to merge 1 commit into
mainfrom
konflux/mintmaker/main/webpack-dev-server-5.x-lockfile
Open

chore(deps): update dependency webpack-dev-server to v5.2.6#47
red-hat-konflux-kflux-prd-rh02[bot] wants to merge 1 commit into
mainfrom
konflux/mintmaker/main/webpack-dev-server-5.x-lockfile

Conversation

@red-hat-konflux-kflux-prd-rh02

@red-hat-konflux-kflux-prd-rh02 red-hat-konflux-kflux-prd-rh02 Bot commented Jun 26, 2026

Copy link
Copy Markdown

This PR contains the following updates:

Package Change Age Confidence
webpack-dev-server 5.2.45.2.6 age confidence

Release Notes

webpack/webpack-dev-server (webpack-dev-server)

v5.2.6

Compare Source

Patch Changes
  • fix: allow undefined as the Server constructor options argument again (by @​bjohansebas in #​5695)

    Restores accepting undefined (defaulting it to {}) for the options
    argument, so passing a webpack config's optional devServer field type-checks and works as before.

  • Protect the built-in state-changing routes (/webpack-dev-server/invalidate and /webpack-dev-server/open-editor) against cross-site request forgery. Requests are now checked with Sec-Fetch-Site (falling back to an Origin/Host comparison when it is absent), so a cross-site page can no longer trigger a rebuild or open a file in the editor. Same-origin requests, user-initiated navigations, and non-browser clients (e.g. curl) are unaffected. (by @​bjohansebas in #​5698)

  • Handle malformed Host and Origin header values gracefully when validating requests. (by @​bjohansebas in #​5699)

v5.2.5

Compare Source

Patch Changes
  • Skip the HMR WebSocket path when forwarding upgrade requests to user-defined proxies, so custom proxy WebSocket upgrades are no longer intercepted by the dev server. (by @​bjohansebas in #​5680)

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

5.2.4 (2026-05-11)
Bug Fixes
  • set Cross-Origin-Resource-Policy header to prevent source code theft over HTTP
5.2.3 (2026-01-12)
Bug Fixes
  • add cause for errorObject (#​5518) (37b033d)
  • compatibility with event target and universal target and lazy compilation (574026c)
  • overlay: add ESC key to dismiss overlay (#​5598) (f91baa8)
  • progress indicator styles (#​5557) (41a53a1)
  • upgrade selfsigned to v5
5.2.2 (2025-06-03)
Bug Fixes

Configuration

📅 Schedule: (UTC)

  • Branch creation
    • At any time (no schedule defined)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

To execute skipped test pipelines write comment /ok-to-test.


Documentation

Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.

@openshift-ci openshift-ci Bot added the needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. label Jun 26, 2026
@openshift-ci

openshift-ci Bot commented Jun 26, 2026

Copy link
Copy Markdown

Hi @red-hat-konflux-kflux-prd-rh02[bot]. Thanks for your PR.

I'm waiting for a openshift member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work.

Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

Signed-off-by: red-hat-konflux-kflux-prd-rh02 <190377777+red-hat-konflux-kflux-prd-rh02[bot]@users.noreply.github.com>
@red-hat-konflux-kflux-prd-rh02 red-hat-konflux-kflux-prd-rh02 Bot force-pushed the konflux/mintmaker/main/webpack-dev-server-5.x-lockfile branch from 8a1a054 to 32fe2e6 Compare July 3, 2026 04:08
@red-hat-konflux-kflux-prd-rh02 red-hat-konflux-kflux-prd-rh02 Bot changed the title chore(deps): update dependency webpack-dev-server to v5.2.5 chore(deps): update dependency webpack-dev-server to v5.2.6 Jul 5, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants