chore(deps): bump braces, webpack and tsdx

[dependabot]

Bumps braces to 3.0.3 and updates ancestor dependencies braces, webpack and tsdx. These dependencies need to be updated together.

Updates braces from 2.3.2 to 3.0.3

Changelog

Sourced from braces's changelog.

Release history

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

• Changelogs are for humans, not machines.
• There should be an entry for every single version.
• The same types of changes should be grouped.
• Versions and sections should be linkable.
• The latest version comes first.
• The release date of each versions is displayed.
• Mention whether you follow Semantic Versioning.

Changelog entries are classified using the following labels (from keep-a-changelog):

• Added for new features.
• Changed for changes in existing functionality.
• Deprecated for soon-to-be removed features.
• Removed for now removed features.
• Fixed for any bug fixes.
• Security in case of vulnerabilities.

[3.0.0] - 2018-04-08

v3.0 is a complete refactor, resulting in a faster, smaller codebase, with fewer deps, and a more accurate parser and compiler.

Breaking Changes

• The undocumented .makeRe method was removed
• Require Node.js >= 8.3

Non-breaking changes

• Caching was removed

Commits

• See full diff in compare view

Updates webpack from 4.47.0 to 5.105.2

Release notes

Sourced from webpack's releases.

v5.105.2

Patch Changes

• Fixed WebpackPluginInstance type regression. (by @​alexander-akait in #20440)

v5.105.1

Patch Changes

• Fix VirtualUrlPlugin Windows compatibility by sanitizing cache keys and filenames. Cache keys now use toSafePath to replace colons (:) with double underscores (__) and sanitize other invalid characters, ensuring compatibility with Windows filesystem restrictions. (by @​xiaoxiaojx in #20424)

• Revert part of the createRequire generation behavior for require("node:...") to keep compatibility with those modules exports, e.g. const EventEmitter = require("node:events");. (by @​hai-x in #20433)

• Skip guard collection when exports-presence mode is disabled to improve parsing performance. (by @​hai-x in #20433)

v5.105.0

Minor Changes

• Allow resolving worker module by export condition name when using new Worker() (by @​hai-x in #20353)

• Detect conditional imports to avoid compile-time linking errors for non-existent exports. (by @​hai-x in #20320)

• Added the tsconfig option for the resolver options (replacement for tsconfig-paths-webpack-plugin). Can be false (disabled), true (use the default tsconfig.json file to search for it), a string path to tsconfig.json, or an object with configFile and references options. (by @​alexander-akait in #20400)

• Support import.defer() for context modules. (by @​ahabhgk in #20399)

• Added support for array values ​​to the devtool option. (by @​hai-x in #20191)

• Improve rendering node built-in modules for ECMA module output. (by @​hai-x in #20255)

• Unknown import.meta properties are now determined at runtime instead of being statically analyzed at compile time. (by @​xiaoxiaojx in #20312)

Patch Changes

• Fixed ESM default export handling for .mjs files in Module Federation (by @​y-okt in #20189)

• Optimized import.meta.env handling in destructuring assignments by using cached stringified environment definitions. (by @​xiaoxiaojx in #20313)

• Respect the stats.errorStack option in stats output. (by @​samarthsinh2660 in #20258)

• Fixed a bug where declaring a module variable in module scope would conflict with the default moduleArgument. (by @​xiaoxiaojx in #20265)

• Fix VirtualUrlPlugin to set resourceData.context for proper module resolution. Previously, when context was not set, it would fallback to the virtual scheme path (e.g., virtual:routes), which is not a valid filesystem path, causing subsequent resolve operations to fail. (by @​xiaoxiaojx in #20390)

• Fixed Worker self-import handling to support various URL patterns (e.g., import.meta.url, new URL(import.meta.url), new URL(import.meta.url, import.meta.url), new URL("./index.js", import.meta.url)). Workers that resolve to the same module are now properly deduplicated, regardless of the URL syntax used. (by @​xiaoxiaojx in #20381)

• Reuse the same async entrypoint for the same Worker URL within a module to avoid circular dependency warnings when multiple Workers reference the same resource. (by @​xiaoxiaojx in #20345)

• Fixed a bug where a self-referencing dependency would have an unused export name when imported inside a web worker. (by @​samarthsinh2660 in #20251)

• Fix missing export generation when concatenated modules in different chunks share the same runtime in module library bundles. (by @​hai-x in #20346)

... (truncated)

Changelog

Sourced from webpack's changelog.

5.105.2

Patch Changes

• Fixed WebpackPluginInstance type regression. (by @​alexander-akait in #20440)

5.105.1

Patch Changes

• Fix VirtualUrlPlugin Windows compatibility by sanitizing cache keys and filenames. Cache keys now use toSafePath to replace colons (:) with double underscores (__) and sanitize other invalid characters, ensuring compatibility with Windows filesystem restrictions. (by @​xiaoxiaojx in #20424)

• Revert part of the createRequire generation behavior for require("node:...") to keep compatibility with those modules exports, e.g. const EventEmitter = require("node:events");. (by @​hai-x in #20433)

• Skip guard collection when exports-presence mode is disabled to improve parsing performance. (by @​hai-x in #20433)

5.105.0

Minor Changes

• Allow resolving worker module by export condition name when using new Worker() (by @​hai-x in #20353)

• Detect conditional imports to avoid compile-time linking errors for non-existent exports. (by @​hai-x in #20320)

• Added the tsconfig option for the resolver options (replacement for tsconfig-paths-webpack-plugin). Can be false (disabled), true (use the default tsconfig.json file to search for it), a string path to tsconfig.json, or an object with configFile and references options. (by @​alexander-akait in #20400)

• Support import.defer() for context modules. (by @​ahabhgk in #20399)

• Added support for array values ​​to the devtool option. (by @​hai-x in #20191)

• Improve rendering node built-in modules for ECMA module output. (by @​hai-x in #20255)

• Unknown import.meta properties are now determined at runtime instead of being statically analyzed at compile time. (by @​xiaoxiaojx in #20312)

Patch Changes

• Fixed ESM default export handling for .mjs files in Module Federation (by @​y-okt in #20189)

• Optimized import.meta.env handling in destructuring assignments by using cached stringified environment definitions. (by @​xiaoxiaojx in #20313)

• Respect the stats.errorStack option in stats output. (by @​samarthsinh2660 in #20258)

• Fixed a bug where declaring a module variable in module scope would conflict with the default moduleArgument. (by @​xiaoxiaojx in #20265)

• Fix VirtualUrlPlugin to set resourceData.context for proper module resolution. Previously, when context was not set, it would fallback to the virtual scheme path (e.g., virtual:routes), which is not a valid filesystem path, causing subsequent resolve operations to fail. (by @​xiaoxiaojx in #20390)

• Fixed Worker self-import handling to support various URL patterns (e.g., import.meta.url, new URL(import.meta.url), new URL(import.meta.url, import.meta.url), new URL("./index.js", import.meta.url)). Workers that resolve to the same module are now properly deduplicated, regardless of the URL syntax used. (by @​xiaoxiaojx in #20381)

• Reuse the same async entrypoint for the same Worker URL within a module to avoid circular dependency warnings when multiple Workers reference the same resource. (by @​xiaoxiaojx in #20345)

... (truncated)

Commits

• 0756c7e chore(release): new release (#20441)
• ff28476 chore(deps): bump CodSpeedHQ/action in the dependencies group (#20442)
• 4d3ed66 ci: discord using curl
• 004550a ci: discord fix
• 44bf97b ci: emulate release for discord using other approach
• 9c71a09 ci: emulate release for discord
• 02d3bc9 ci: allow to run release announcement
• 6c62c28 ci: fix discord
• 900219d fix: type regression (#20440)
• 8e50ef2 chore(release): new release (#20429)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for webpack since your current version.

Install script changes

This version adds prepare script that runs during installation. Review the package contents before updating.

Updates tsdx from 0.14.1 to 2.0.0

Release notes

Sourced from tsdx's releases.

v2.0.0

Major Changes

• #1202 6fcfef1 Thanks @​jaredpalmer! - Initial 2.0.0 release - complete rewrite with modern Rust-based tooling

  • Bundling with bunchee
  • Testing with vitest
  • Linting with oxlint
  • Formatting with oxfmt
  • Project scaffolding with basic and react templates

Changelog

Sourced from tsdx's changelog.

2.0.0

Major Changes

• #1202 6fcfef1 Thanks @​jaredpalmer! - Initial 2.0.0 release - complete rewrite with modern Rust-based tooling

  • Bundling with bunchee
  • Testing with vitest
  • Linting with oxlint
  • Formatting with oxfmt
  • Project scaffolding with basic and react templates

Commits

• 5b1aa0d Add NODE_AUTH_TOKEN to release workflow
• 4b4c674 chore: release package
• 53502d7 docs: update version references from 1.0 to 2.0
• d53b9be Change default branch from 'main' to 'master'
• ae58fcc Update release workflow to remove NPM tokens
• 6fcfef1 chore: add changeset for 1.0.0 release
• 0ec0c16 docs: add release process documentation to CLAUDE.md
• 057c233 Add GitHub Actions workflow for release process
• 125de97 chore: setup changesets for release automation
• f3ebc10 [ImgBot] Optimize images
• Additional commits viewable in compare view

Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[netlify]

❌ Deploy Preview for react-slideshow-image failed.

Name	Link
🔨 Latest commit	dd101c4
🔍 Latest deploy log	https://app.netlify.com/projects/react-slideshow-image/deploys/699c21c2ba6f810008c4f1ce