Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump loader-utils to 2.x #931

Merged
merged 1 commit into from Mar 22, 2022
Merged

Conversation

stianjensen
Copy link
Contributor

@stianjensen stianjensen commented Jan 30, 2022

https://github.com/webpack/loader-utils/blob/master/CHANGELOG.md

New minimum required node version is 8.9.x, which is what babel-loader
already requires.

Please check if the PR fulfills these requirements

  • Tests for the changes have been added (for bug fixes / features)
  • Docs have been added / updated (for bug fixes / features)

What kind of change does this PR introduce? (Bug fix, feature, docs update, ...)

  • Bugfix
  • Feature
  • Code style update (formatting, local variables)
  • Refactoring (no functional changes, no api changes)
  • Build related changes
  • CI related changes
  • Other... Please describe:

Dependency update

Does this PR introduce a breaking change?

  • Yes
  • No

Closes #937

https://github.com/webpack/loader-utils/blob/master/CHANGELOG.md

New minimum required node version is 8.9.x, which is what babel-loader
already requires.
@rsahni
Copy link

rsahni commented Feb 2, 2022

When can we expect this PR to be merged as this will resolve, this security vulnerability as well:
GHSA-vh95-rmgr-6w4m

@JLHwung JLHwung merged commit 247c94b into babel:main Mar 22, 2022
@ins429
Copy link

ins429 commented Mar 22, 2022

Thanks for the fix!

@nicolo-ribaudo
Copy link
Member

Released as 8.2.4!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

CVE-2021-44906
6 participants