Skip to content
This repository was archived by the owner on Mar 4, 2025. It is now read-only.

build(deps-dev): bump style-loader from 3.3.4 to 4.0.0 #351

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

build(deps-dev): bump style-loader from 3.3.4 to 4.0.0 #351

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Apr 15, 2024
edited
Loading

Bumps style-loader from 3.3.4 to 4.0.0.

Release notes

Sourced from style-loader's releases.

v4.0.0

4.0.0 (2024-04-08)

⚠ BREAKING CHANGES

  • minimum supported webpack version is 5.27.0
  • minimum support Node.js version is 18.12.0
  • the insert option can only be a selector or the path to the module

Migration:

Before:

webpack.config.js

module.exports = {
  module: {
    rules: [
      {
        test: /\.css$/i,
        use: [
          {
            loader: "style-loader",
            options: {
              injectType: "styleTag",
              styleTagTransform: function (css, style) {
                // Do something ...
                style.innerHTML = `${css}.modify{}\n`;
            document.head.appendChild(style);
          },
        },
      },
      "css-loader",
    ],
  },
],

},
};

After:

insert-function.js

function insert(css, style) {
  var parent = options.target || document.head;
</tr></table>

... (truncated)

Changelog

Sourced from style-loader's changelog.

4.0.0 (2024-04-08)

⚠ BREAKING CHANGES

  • minimum supported webpack version is 5.27.0
  • minimum support Node.js version is 18.12.0
  • the insert option can only be a selector or the path to the module

Migration:

Before:

webpack.config.js

module.exports = {
  module: {
    rules: [
      {
        test: /\.css$/i,
        use: [
          {
            loader: "style-loader",
            options: {
              injectType: "styleTag",
              styleTagTransform: function (css, style) {
                // Do something ...
                style.innerHTML = `${css}.modify{}\n`;
            document.head.appendChild(style);
          },
        },
      },
      &quot;css-loader&quot;,
    ],
  },
],

},
};

After:

insert-function.js

function insert(css, style) {
  var parent = options.target || document.head;
</tr></table>

... (truncated)

Commits
  • 091d37d chore(release): 4.0.0
  • abc0b5f docs: improve more
  • 565362c docs: update
  • 7122cde refactor!: the insert option can only be a selector or the path to the mo...
  • 11b8639 refactor!: the styleTagTransform option can only be the path to the module
  • 7ec1120 test: fix
  • 977bb71 refactor!: minimum supported webpack version is 5.27.0
  • a70555a test: update
  • dc6e368 refactor!: minimum support Node.js version is 18.12.0
  • b7cdc6c chore: update codecov-action to v4 (#623)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Apr 15, 2024
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/style-loader-4.0.0 branch 2 times, most recently from 37e28dc to fd5804e Compare April 15, 2024 16:57
justinclift
justinclift suggested changes Apr 15, 2024
View reviewed changes
Copy link
Member

@justinclift justinclift left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The release notes for style-loader 4.0.0 says there are breaking changes in this.

So we'd need to manually verify this works - or adjust our source to suit - before merging it.

@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/style-loader-4.0.0 branch from fd5804e to 149388b Compare April 15, 2024 23:26
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/style-loader-4.0.0 branch from 149388b to 6da5b31 Compare April 23, 2024 00:41
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/style-loader-4.0.0 branch from 6da5b31 to bef5242 Compare May 6, 2024 12:23
@dependabot
build(deps-dev): bump style-loader from 3.3.4 to 4.0.0
5977e77 
Bumps [style-loader](https://github.com/webpack-contrib/style-loader) from 3.3.4 to 4.0.0.
- [Release notes](https://github.com/webpack-contrib/style-loader/releases)
- [Changelog](https://github.com/webpack-contrib/style-loader/blob/master/CHANGELOG.md)
- [Commits](webpack-contrib/style-loader@v3.3.4...v4.0.0)

---
updated-dependencies:
- dependency-name: style-loader
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/style-loader-4.0.0 branch from bef5242 to 5977e77 Compare May 6, 2024 12:23
@justinclift
Copy link
Member

@lucydodo How do we stop these automated dependency updates each week? They're not useful for this repo any more, and take up time processing them. 😄

@lucydodo
Copy link
Member

lucydodo commented May 6, 2024
edited
Loading

You can disable Dependabot by deleteting the \.github\dependabot.yml file.
Additionally, you can disable updates that address security vulnerabilities too by in Settings, but this is not recommended. It's better to just disable update alerts for all versions (exclude security issue) by deleting dependabot.yml file.

Since there is only one commit to that file, it should be easy to revert it. :)

$ git revert 83e6ab0bd119bdeb19f49e5e686a83402545e857

@justinclift
Copy link
Member

Cool, thanks @lucydodo. 😄

@justinclift
Copy link
Member

Done. 😄

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@justinclift justinclift justinclift requested changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@justinclift @lucydodo