Skip to content

Bump webpack-dev-server from 5.2.2 to 5.2.5 in /components/dash-table in the npm-dependencies-security group across 1 directory#3808

Open
dependabot[bot] wants to merge 1 commit into
devfrom
dependabot/npm_and_yarn/components/dash-table/npm-dependencies-security-b3b66759cf
Open

Bump webpack-dev-server from 5.2.2 to 5.2.5 in /components/dash-table in the npm-dependencies-security group across 1 directory#3808
dependabot[bot] wants to merge 1 commit into
devfrom
dependabot/npm_and_yarn/components/dash-table/npm-dependencies-security-b3b66759cf

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 6, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Bumps the npm-dependencies-security group with 1 update in the /components/dash-table directory: webpack-dev-server.

Updates webpack-dev-server from 5.2.2 to 5.2.5

Release notes

Sourced from webpack-dev-server's releases.

v5.2.5

Patch Changes

  • Skip the HMR WebSocket path when forwarding upgrade requests to user-defined proxies, so custom proxy WebSocket upgrades are no longer intercepted by the dev server. (by @​bjohansebas in #5680)

v5.2.4

5.2.4 (2026-05-11)

Bug Fixes

  • set Cross-Origin-Resource-Policy header to prevent source code theft over HTTP

v5.2.3

5.2.3 (2026-01-12)

Bug Fixes

  • add cause for errorObject (#5518) (37b033d)
  • compatibility with event target and universal target and lazy compilation (574026c)
  • overlay: add ESC key to dismiss overlay (#5598) (f91baa8)
  • progress indicator styles (#5557) (41a53a1)
  • upgrade selfsigned to v5
Changelog

Sourced from webpack-dev-server's changelog.

5.2.5

Patch Changes

  • Skip the HMR WebSocket path when forwarding upgrade requests to user-defined proxies, so custom proxy WebSocket upgrades are no longer intercepted by the dev server. (by @​bjohansebas in #5680)

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

5.2.4 (2026-05-11)

Bug Fixes

  • set Cross-Origin-Resource-Policy header to prevent source code theft over HTTP

5.2.3 (2026-01-12)

Bug Fixes

  • add cause for errorObject (#5518) (37b033d)
  • compatibility with event target and universal target and lazy compilation (574026c)
  • overlay: add ESC key to dismiss overlay (#5598) (f91baa8)
  • progress indicator styles (#5557) (41a53a1)
  • upgrade selfsigned to v5
Commits
  • c3ee325 chore(release): new release (#5682)
  • 60173be feat: add changeset validation and release workflow (#5680)
  • 948d5e6 fix(proxy): match the HMR upgrade path exactly like the ws server (#5678)
  • 93e8996 fix: skip HMR websocket path when forwarding upgrades to user-defined proxies...
  • fd40130 chore(release): 5.2.4
  • ece4f36 chore: update deps (#5661)
  • a216144 ci: fix test (#5658)
  • df073c5 Merge commit from fork
  • b550a70 chore(release): 5.2.3
  • 9704dc5 chore: upgrade selfsigned to v5 and remove node-forge dependency (#5618)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for webpack-dev-server since your current version.

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 6, 2026
@dependabot dependabot Bot changed the title Bump webpack-dev-server from 5.2.2 to 5.2.4 in /components/dash-table in the npm-dependencies-security group across 1 directory Bump webpack-dev-server from 5.2.2 to 5.2.5 in /components/dash-table in the npm-dependencies-security group across 1 directory Jun 18, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/components/dash-table/npm-dependencies-security-b3b66759cf branch from 48bfd7c to 866dc49 Compare June 18, 2026 19:45
@dependabot
Bump webpack-dev-server
368c374 
Bumps the npm-dependencies-security group with 1 update in the /components/dash-table directory: [webpack-dev-server](https://github.com/webpack/webpack-dev-server).


Updates `webpack-dev-server` from 5.2.2 to 5.2.5
- [Release notes](https://github.com/webpack/webpack-dev-server/releases)
- [Changelog](https://github.com/webpack/webpack-dev-server/blob/main/CHANGELOG.md)
- [Commits](webpack/webpack-dev-server@v5.2.2...v5.2.5)

---
updated-dependencies:
- dependency-name: webpack-dev-server
  dependency-version: 5.2.4
  dependency-type: direct:development
  dependency-group: npm-dependencies-security
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/components/dash-table/npm-dependencies-security-b3b66759cf branch from 866dc49 to 368c374 Compare June 18, 2026 21:18
@sonarqubecloud

sonarqubecloud Bot commented Jun 18, 2026

Copy link
Copy Markdown

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@T4rk1n T4rk1n Awaiting requested review from T4rk1n T4rk1n is a code owner

@ndrezn ndrezn Awaiting requested review from ndrezn ndrezn is a code owner

@camdecoster camdecoster Awaiting requested review from camdecoster camdecoster is a code owner

@KoolADE85 KoolADE85 Awaiting requested review from KoolADE85 KoolADE85 is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants