Update dependency webpack-dev-server to v4 - autoclosed

[mend-for-github-com]

This PR contains the following updates:

Package	Type	Update	Change
webpack-dev-server	devDependencies	major	^3.1.14 -> ^4.0.0
webpack-dev-server	devDependencies	major	^3.11.0 -> ^4.0.0

By merging this PR, the issue #389 will be automatically resolved and closed:

Severity	CVSS Score	CVE
High	9.8	CVE-2021-23440

By merging this PR, the issue #389 will be automatically resolved and closed:

Severity	CVSS Score	CVE
High	7.5	CVE-2020-28469
High	7.5	CVE-2022-24771
High	7.5	CVE-2022-24772
Medium	6.6	WS-2022-0008
Medium	6.1	CVE-2022-0122
Medium	5.3	CVE-2022-24773

---

Release Notes

webpack/webpack-dev-server

v4.0.0

Compare Source

v3.11.3

Compare Source

3.11.3 (2021-11-08)

Bug Fixes

• replace ansi-html with ansi-html-community (#​4011) (4fef67b)

v3.11.2

Compare Source

3.11.2 (2021-01-13)

Bug Fixes

• cli arguments for serve command (a5fe337)

v3.11.1

Compare Source

3.11.1 (2020-12-29)

Bug Fixes

• the open option works using webpack serve without value (#​2948) (4837dc9)
• vulnerable deps (#​2949) (78dde50)

v3.11.0

Compare Source

Features

• add icons for directory viewer (#​2441) (e953d01)
• allow multiple contentBasePublicPath paths (#​2489) (c6bdfe4)
• emit progress-update (#​2498) (4808abd), closes #​1666
• add invalidate endpoint (#​2493) (89ffb86)
• allow open option to accept an object (#​2492) (adeb92e)

Bug Fixes

• do not swallow errors from server (#​2512) (06583f2)
• security vulnerability in yargs-parser (#​2566) (41d1d0c)
• don't crash on setupExitSignals(undefined) (#​2507) (0d5c681)
• support entry descriptor (closes #​2453) (#​2465) (8bbef6a)
• update jquery (#​2516) (99ccfd8)

3.10.3 (2020-02-05)

Bug Fixes

• forward error requests to the proxy (#​2425) (e291cd4)

3.10.2 (2020-01-31)

Bug Fixes

• fallthrough non GET and HEAD request to routes (#​2374) (ebe8eca)
• add an optional peer dependency on webpack-cli (#​2396) (aa365df)
• add heartbeat for the websocket server (#​2404) (1a7c827)

3.10.1 (2019-12-19)

Bug Fixes

• ie11 compatibility (1306abe)

v3.10.3

Compare Source

v3.10.2

Compare Source

v3.10.1

Compare Source

v3.10.0

Compare Source

Features

• client: allow sock port to use location's port (sockPort: 'location') (#​2341) (dc10d06)
• server: add contentBasePublicPath option (#​2150) (cee700d)

Bug Fixes

• client: don't override protocol for socket connection to 127.0.0.1 (#​2303) (3a31917), closes #​2302
• server: respect sockPath on transportMode: 'ws' (#​2310) (#​2311) (e188542)
• https on chrome linux (#​2330) (dc8b475)
• support webpack@5 (#​2359) (8f89c01)

v3.9.0

Compare Source

Bug Fixes

• add hostname and port to bonjour name to prevent name collisions (#​2276) (d8af2d9)
• add extKeyUsage to self-signed cert (#​2274) (a4dbc3b)

Features

• add multiple openPage support (#​2266) (c9e9178)

3.8.2 (2019-10-02)

Security

• update selfsigned package

3.8.1 (2019-09-16)

Bug Fixes

• add null check for connection.headers (#​2200) (7964997)
• false positive for an absolute path in the ContentBase option on windows (#​2202) (68ecf78)
• add status in quiet log level (#​2235) (7e2224e)
• scriptHost in client (#​2246) (00903f6)

v3.8.2

Compare Source

v3.8.1

Compare Source

v3.8.0

Compare Source

Bug Fixes

• server: fix setupExitSignals usage (#​2181) (bbe410e)
• server: set port before instantiating server (#​2143) (cfbf229)
• check for name of HotModuleReplacementPlugin to avoid RangeError (#​2146) (4579775)
• server: check for external urls in array (#​1980) (fa78347)
• server: fix header check for socket server (#​2077) (7f51859)
• server: stricter headers security check (#​2092) (078ddca)

Features

• server: add transportMode (#​2116) (b5b9cb4)
• server: serverMode 'ws' option (#​2082) (04483f4)
• server/client: made progress option available to API (#​1961) (56274e4)

Potential Breaking changes

We have migrated serverMode and clientMode to transportMode as an experimental option. If you want to use this feature, you have to change your settings.

Related PR: https://github.com/webpack/webpack-dev-server/pull/2116

3.7.2 (2019-06-17)

Bug Fixes

• client: add default fallback for client (#​2015) (d26b444)
• open: set wait: false to run server.close successfully (#​2001) (2b4cb52)
• test: fixed ProvidePlugin.test.js (#​2002) (47453cb)

3.7.1 (2019-06-07)

Bug Fixes

• retry finding port when port is null and get ports in sequence (#​1993) (bc57514)

v3.7.2

Compare Source

v3.7.1

Compare Source

v3.7.0

Compare Source

Bug Fixes

• change clientLogLevel order to be called first (#​1973) (57c8c92)
• es6 syntax in client (#​1982) (802aa30)

v3.6.0

Compare Source

Bug Fixes

• config: enable --overlay (#​1968) (dc81e23)
• server: don't ignore node_modules by default (#​1970) (699f8b4), closes #​1794

Features

• server: add serverMode option (#​1937) (44a8cde)

3.5.1 (2019-06-01)

Bug Fixes

• allow passing promise function of webpack.config.js (#​1947) (8cf1053)

v3.5.1

Compare Source

v3.5.0

Compare Source

Bug Fixes

• add client code for electron-renderer target (#​1935) (9297988)
• add client code for node-webkit target (#​1942) (c6b2b1f)

Features

• server: onListening option (#​1930) (61d0cdf)
• server: add callback support for invalidate (#​1900) (cd218ef)
• server: add WEBPACK_DEV_SERVER env variable (#​1929) (856169e)

3.4.1 (2019-05-17)

Bug Fixes

• add none and warning to clientLogLevel (#​1901) (0ae9be8)
• broken hot reload (#​1903) (6a444cd)

v3.4.1

Compare Source

v3.4.0

Compare Source

Bug Fixes

• don't use self.location.port (#​1838) (6d31984)
• do not include config files in dist (#​1883) (c535bb2)
• only add client entry to web targets (#​1775) (cf4d0d0)
• update clientLogLevel to match docs and error (#​1825) (7f52bbf)
• add errors-warnings preset (#​1895) (2a81ad2)

Features

• added injectClient option (#​1775) (cf4d0d0)
• added injectHot option (#​1775) (cf4d0d0)
• added sockPort option (#​1792) (58d1682)
• added sockHost option (#​1858) (f47dff2)
• support HEAD method (#​1875) (c2360e4)
• added liveReload option (#​1889) (fc4fe32)
• update express to 4.17 version

v3.3.1

Compare Source

Bug Fixes

• regression: always get necessary stats for hmr (#​1780) (66b04a9)
• regression: host and port can be undefined or null (#​1779) (028ceee)
• only add entries after compilers have been created (#​1774) (b31cbaa)

v3.3.0

Compare Source

Bug Fixes

• compatibility with [email protected] (#​1754) (fd7cb0d)
• ignore proxy when bypass return false (#​1696) (aa7de77)
• respect stats option from webpack config (#​1665) (efaa740)
• use location.port when location.hostname is used to infer HMR socket URL (#​1664) (2f7f052)
• don't crash with express.static.mime.types (#​1765) (919ff77)

Features

• add option "serveIndex" to enable/disable serveIndex middleware (#​1752) (d5d60cb)
• add webpack as argument to before and after options (#​1760) (0984d4b)
• http2 option to enable/disable HTTP/2 with HTTPS (#​1721) (dcd2434)
• random port retry logic (#​1692) (419f02e)
• relax depth limit from chokidar for content base (#​1697) (7ea9ab9)

3.2.1 (2019-02-25)

Bug Fixes

• deprecation message about setup now warning about v4 (#​1684) (523a6ec)
• regression: allow ca, key and cert will be string (#​1676) (b8d5c1e)
• regression: handle key, cert, cacert and pfx in CLI (#​1688) (4b2076c)
• regression: problem with idb-connector after update internal-ip (#​1691) (eb48691)

3.1.14 (2018-12-24)

Bug Fixes

• add workaround for Origin header in sockjs (#​1608) (1dfd4fb)

3.1.13 (2018-12-22)

Bug Fixes

• delete a comma for Node.js <= v7.x (#​1609) (0bab1c0)

3.1.12 (2018-12-22)

Bug Fixes

• regression in checkHost for checking Origin header (#​1606) (8bb3ca8)

3.1.11 (2018-12-21)

Bug Fixes

• bin/options: correct check for color support (options.color) (#​1555) (55398b5)
• package: update spdy v3.4.1...4.0.0 (assertion error) (#​1491) (#​1563) (7a3a257)
• Server: correct node version checks (#​1543) (927a2b3)
• Server: mime type for wasm in contentBase directory (#​1575) (#​1580) (fadae5d)
• add url for compatibility with webpack@5 (#​1598) (#​1599) (68dd49a)
• check origin header for websocket connection (#​1603) (b3217ca)

3.1.10 (2018-10-23)

Bug Fixes

• options: add writeToDisk option to schema (#​1520) (d2f4902)
• package: update sockjs-client v1.1.5...1.3.0 (url-parse vulnerability) (#​1537) (e719959)
• Server: set tls.DEFAULT_ECDH_CURVE to 'auto' (#​1531) (c12def3)

3.1.9 (2018-09-24)

3.1.8 (2018-09-06)

Bug Fixes

• package: yargs security vulnerability (dependencies) (#​1492) (8fb67c9)
• utils/createLogger: ensure quiet always takes precedence (options.quiet) (#​1486) (7a6ca47)

3.1.7 (2018-08-29)

Bug Fixes

• Server: don't use spdy on node >= v10.0.0 (#​1451) (8ab9eb6)

3.1.6 (2018-08-26)

Bug Fixes

• bin: handle process signals correctly when the server isn't ready yet (#​1432) (334c3a5)
• examples/cli: correct template path in open-page example (#​1401) (df30727)
• schema: allow the output filename to be a {Function} (#​1409) (e2220c4)

v3.2.1

Compare Source

Bug Fixes

• deprecation message about setup now warning about v4 (#​1684) (523a6ec)
• regression: allow ca, key and cert will be string (#​1676) (b8d5c1e)
• regression: handle key, cert, cacert and pfx in CLI (#​1688) (4b2076c)
• regression: problem with idb-connector after update internal-ip (#​1691) (eb48691)

v3.2.0

Compare Source

Bug Fixes

• allow single object proxy config (#​1633) (252ea4f)
• SPDY fails in node >= 11.1.0 (#​1660) (b92e5fd)

Features

• add sockPath option (options.sockPath) (#​1553) (4bf1f76)
• allow to use ca, pfx, key and cert as string (#​1542) (0b89fd9)
• automatically add the HMR plugin when hot or hotOnly is enabled (#​1612) (178e6cc)
• set development mode by default when unspecified (#​1653) (5ea376b)

---

• If you want to rebase/retry this PR, check this box