Bump webpack-dev-server and @symfony/webpack-encore by dependabot[bot] · Pull Request #3724 · bolt/core

dependabot · 2026-05-18T13:39:58Z

Removes webpack-dev-server. It's no longer used after updating ancestor dependency @symfony/webpack-encore. These dependencies need to be updated together.

Removes webpack-dev-server

Updates @symfony/webpack-encore from 4.7.0 to 6.0.0

Release notes

Sourced from @symfony/webpack-encore's releases.

v5.3.1

What's Changed

Declare svelte and svelte-loader as optional dependencies by @stof in symfony/webpack-encore#1387

Full Changelog: symfony/webpack-encore@v5.3.0...v5.3.1

v5.3.0

What's Changed

Pin tmp dependency version to ^0.2.5 (CVE) by @orbeji in symfony/webpack-encore#1383

Add support for Svelte 5 by @Kocal in symfony/webpack-encore#1385

New Contributors

@orbeji made their first contribution in symfony/webpack-encore#1383

Full Changelog: symfony/webpack-encore@v5.2.0...v5.3.0

Peer dependencies update!

Features

Remove warning for usage of configureLoaderRule by @Tofandel in symfony/webpack-encore#1368

Add support for webpack-cli ^6 by @Kocal in symfony/webpack-encore#1367

Add support for babel-loader ^10.0.0 by @Kocal in symfony/webpack-encore#1379

Add support for style-loader ^4.0.0 by @Kocal in symfony/webpack-encore#1380

Re-add webpack-manifest-plugin dependency, which was previously embedded in #921 by @Kocal in symfony/webpack-encore#1382

Internals

[CI][Puppeteer] Add timeout, use new headless mode, and disable sandbox by @Kocal in symfony/webpack-encore#1369

[CI] Upgrade deprecated os windows-2019 to windows-latest by @Kocal in symfony/webpack-encore#1376

Upgrade ESLint to ^9, migrate some plugins and configuration by @Kocal in symfony/webpack-encore#1377

[CI] Fix tests in lowest and highest jobs by @Kocal in symfony/webpack-encore#1378

New Contributors

@Tofandel made their first contribution in symfony/webpack-encore#1368

Full Changelog: symfony/webpack-encore@v5.1.0...v5.2.0

5.1: Stimulus Bridge 4

What's Changed

Features

Add support for @symfony/stimulus-bridge@^4.0.0 by @Kocal in symfony/webpack-encore#1361

Full Changelog: symfony/webpack-encore@v5.0.1...v5.1.0

v5.0.1

Bug fixes

... (truncated)

Changelog

Sourced from @symfony/webpack-encore's changelog.

6.0.0

This is a new major version that contains several backwards-compatibility breaks, but for the best!

BC Breaks

Remove support of Node.js <22.13.0

Remove support of babel-loader@^9.1.3, see possible BC breaks in 10.0.0 release notes

Remove support of style-loader@^3.3.0, see possible BC breaks in 4.0.0 release notes

Remove support of less-loader@^11.0.0, see possible BC breaks in 12.0.0 release notes

Remove support of postcss-loader@^7.0.0, see possible BC breaks in 8.0.0 release notes

Remove support of stylus-loader@^7.0.0, see possible BC breaks in 8.0.0 release notes

Remove support of webpack-cli@^5.0.0, see possible BC breaks in 6.0.0 release notes

Remove unmaintained file-loader dependency The [N] placeholder (regex capture groups in filename patterns) is no longer supported. If you were using patterns like [1] or [2] in your Encore.copyFiles() filename option, you will need to restructure your file organization or use a different naming strategy.

Remove deprecated --https flag and devServerConfig.https option for webpack-dev-server, use --server-type https or configureDevServerOptions() with server: 'https' instead

Features

Update @nuxt/friendly-errors-webpack-plugin to @kocal/friendly-errors-webpack-plugin, a maintained fork of the original plugin

Update webpack from ^5.74.0 to ^5.82.0

Update css-minimizer-webpack-plugin to ^8.0.0, see release notes

Finish removing Vue 2 support leftovers (JSX code path, vue-jsx feature, version: 2 option, Vue 2 peer dependencies), which was forgotten during v5.0.0

5.3.0

Add support for Svelte 5

5.2.0

Add support for Webpack CLI ^6.0.0

Add support for babel-loader ^10.0.0

Add support for style-loader ^4.0.0

If you manually specified the option insert, now it can only be a selector or the path to the module. Follow the style-loader migration guide to upgrade!

Re-add webpack-manifest-plugin dependency, which was previously embedded in symfony/webpack-encore#921

5.1.0

Features

Add support for @symfony/stimulus-bridge@^4.0.0 by @Kocal in symfony/webpack-encore#1361

5.0.1

... (truncated)

Commits

93016b8 Tagging 6.0.0
fb434b5 bug #1401 Follow-up #1400 (fix URLs generation) (Kocal)
3e149b9 Follow-up #1400 (fix URLs generation)
5557f89 feature #1400 Remove deprecated --https flag and devServerConfig.https op...
c5d7afa Remove deprecated --https flag and devServerConfig.https option
0c706d2 feature #1399 Remove Vue 2 support leftovers (Kocal)
94619b0 Remove Vue 2 support leftovers
b8c997b feature #1398 Remove unmaintained file-loader dependency (Kocal)
1200947 Remove unmaintained file-loader dependency
b0542cf minor #1397 Add AGENTS.md (Kocal)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

Removes [webpack-dev-server](https://github.com/webpack/webpack-dev-server). It's no longer used after updating ancestor dependency [@symfony/webpack-encore](https://github.com/symfony/webpack-encore). These dependencies need to be updated together. Removes `webpack-dev-server` Updates `@symfony/webpack-encore` from 4.7.0 to 6.0.0 - [Release notes](https://github.com/symfony/webpack-encore/releases) - [Changelog](https://github.com/symfony/webpack-encore/blob/main/CHANGELOG.md) - [Commits](symfony/webpack-encore@v4.7.0...v6.0.0) --- updated-dependencies: - dependency-name: webpack-dev-server dependency-version: dependency-type: indirect - dependency-name: "@symfony/webpack-encore" dependency-version: 6.0.0 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file 🧹 Chore labels May 18, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump webpack-dev-server and @symfony/webpack-encore#3724

Bump webpack-dev-server and @symfony/webpack-encore#3724
dependabot[bot] wants to merge 1 commit into
6.2from
dependabot/npm_and_yarn/multi-b40ea20c9a

dependabot Bot commented on behalf of github May 18, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Uh oh!

Conversation

dependabot Bot commented on behalf of github May 18, 2026

v5.3.1

What's Changed

v5.3.0

What's Changed

New Contributors

Peer dependencies update!

Features

Internals

New Contributors

5.1: Stimulus Bridge 4

What's Changed

Features

v5.0.1

Bug fixes

6.0.0

BC Breaks

Features

5.3.0

5.2.0

5.1.0

Features

5.0.1

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants