Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update webpack, webpack-cli and associated plugins and loaders to latest webpack-v4-supporting versions #16317

Closed
wants to merge 2 commits into from
Closed

Update webpack, webpack-cli and associated plugins and loaders to latest webpack-v4-supporting versions #16317

wants to merge 2 commits into from

Conversation

petemill
Copy link
Member

@petemill petemill commented Dec 9, 2022
edited
Loading

Had to change a couple of ways that webpack config was built.

First step in to journey for updating to webpack v5 brave/brave-browser#22351

Resolves brave/brave-browser#27282

Submitter Checklist:

  • I confirm that no security/privacy review is needed, or that I have requested one
  • There is a ticket for my issue
  • Used Github auto-closing keywords in the PR description above
  • Wrote a good PR/commit description
  • Squashed any review feedback or "fixup" commits before merge, so that history is a record of what happened in the repo, not your PR
  • Added appropriate labels (QA/Yes or QA/No; release-notes/include or release-notes/exclude; OS/...) to the associated issue
  • Checked the PR locally:
    • npm run test -- brave_browser_tests, npm run test -- brave_unit_tests wiki
    • npm run lint, npm run presubmit wiki, npm run gn_check, npm run tslint
  • Ran git rebase master (if needed)

Reviewer Checklist:

  • A security review is not needed, or a link to one is included in the PR description
  • New files have MPL-2.0 license header
  • Adequate test coverage exists to prevent regressions
  • Major classes, functions and non-trivial code blocks are well-commented
  • Changes in component dependencies are properly reflected in gn
  • Code follows the style guide
  • Test plan is specified in PR before merging

After-merge Checklist:

Test Plan:

@petemill petemill requested a review from a team as a code owner December 9, 2022 20:33
@petemill petemill self-assigned this Dec 9, 2022
@github-actions github-actions bot added the CI/run-audit-deps Check for known npm/cargo vulnerabilities (audit_deps) label Dec 9, 2022
diracdeltas
diracdeltas approved these changes Dec 9, 2022
View reviewed changes
Copy link
Member

@diracdeltas diracdeltas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yay for less deps! g2g from me assuming audit-deps passes

@github-actions
Copy link
Contributor

github-actions bot commented Dec 9, 2022

⚠️ PR head is an unsigned commit
commit: d739b49ea4f0b02d4f97f00342aca29f6f917d52
reason: unsigned
Please follow the handbook to configure commit signing
cc: @petemill

evenstensberg
evenstensberg reviewed Dec 11, 2022
View reviewed changes
Copy link

@evenstensberg evenstensberg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let me know if I can be of any help :)

fallaciousreasoning
fallaciousreasoning approved these changes Dec 11, 2022
View reviewed changes
Copy link
Contributor

@fallaciousreasoning fallaciousreasoning left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Thanks for doing this @petemill (looks like audit-deps is failing though)

@petemill
Copy link
Member Author

Yep I've got audit-deps in a position where only 1 dep is causing it to fail failing due to the following chain

├─┬ typescript-plugin-css-modules@4.1.1
│ └─┬ postcss-icss-selectors@2.0.3
│   └─┬ generic-names@1.0.3
│     └── loader-utils@0.2.17

I'm struggling with an override that works on first install and then reverts to a bad version 🤷

  "overrides": {
    "typescript-plugin-css-modules": {
      "loader-utils": "1.4.1"
    },

@petemill petemill force-pushed the webpack-4-latest branch 2 times, most recently from 5fa07ad to b8374de Compare December 13, 2022 01:27
@petemill
Copy link
Member Author

Removed the typescript-plugin-css-modules plugin for now since it doesn't affect the build. It was only used as an editor nicety and isn't used very much

@mihaiplesa
Copy link
Collaborator

Related #20369

@mihaiplesa mihaiplesa mentioned this pull request Oct 4, 2023
Closed
evenstensberg
evenstensberg reviewed Nov 15, 2023
View reviewed changes
Copy link

@evenstensberg evenstensberg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

would it be useful to upgrade to webpack 5 instead of v4?

@fallaciousreasoning
Copy link
Contributor

Yup, I'm having a play around with Webpack5 at the moment, but there's a bunch of funky stuff going on (brave-ui isn't playing nice). The changes here are a prerequisite for it anyway and @petemill has already done the work

github-actions[bot]
github-actions bot reviewed Nov 15, 2023
View reviewed changes
package-lock.json
"dev": true
},
"node_modules/trim-newlines": {
"version": "1.0.0",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

reported by reviewdog 🐶
[npm-audit] Uncontrolled Resource Consumption in trim-newlines

See GHSA-7p7h-4mm5-852v
Cc @fmarier @thypon

@socket-security Socket Security
Copy link

New, updated, and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Packages Version New capabilities Transitives Size Publisher
css-loader 5.2.7 None +5 245 kB evilebottnawi
@storybook/addons 6.4.13...6.5.14 None +16/-24 2.69 MB shilman
webpack-cli 3.3.12...4.10.0 None +13/-20 692 kB evilebottnawi
@storybook/react 6.4.13...6.5.14 filesystem +274/-251 41.1 MB shilman
@storybook/addon-essentials 6.4.13...6.5.14 None +165/-265 29.6 MB shilman
sass-loader 10.2.1...10.4.1 None +1/-1 131 kB evilebottnawi
style-loader 0.23.1...2.0.0 None +1/-0 143 kB evilebottnawi
babel-loader 8.2.3...8.3.0 None +10/-10 2.67 MB nicolo-ribaudo

🚮 Removed packages: file-loader@1.1.11, url-loader@1.0.0

@fallaciousreasoning
Copy link
Contributor

Bump to Webpack5: #21003

@fallaciousreasoning fallaciousreasoning mentioned this pull request Nov 27, 2023
Merged
25 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@github-actions github-actions[bot] github-actions[bot] left review comments

@evenstensberg evenstensberg evenstensberg left review comments

@fallaciousreasoning fallaciousreasoning fallaciousreasoning approved these changes

@diracdeltas diracdeltas diracdeltas approved these changes

Assignees

@fmarier fmarier

@thypon thypon

@petemill petemill

Labels
CI/run-audit-deps Check for known npm/cargo vulnerabilities (audit_deps) needs-security-review
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Update webpack, all webpack plugins, and webpack-cli to latest v4-compatible versions
7 participants
@petemill @mihaiplesa @fallaciousreasoning @diracdeltas @evenstensberg @fmarier @thypon