Bump terser-webpack-plugin from 5.5.0 to 5.6.0 in /webapp

[dependabot]

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

---

Bumps terser-webpack-plugin from 5.5.0 to 5.6.0.

Release notes

Sourced from terser-webpack-plugin's releases.

v5.6.0

Minor Changes

• support array of minimizers for minify and terserOptions (by @​alexander-akait in #674)

• add built-in CSS minimizers from css-minimizer-webpack-plugin (by @​alexander-akait in #674)

• add built-in HTML minimizers from html-minimizer-webpack-plugin (by @​alexander-akait in #674)

• add filter method to minimizers, allowing a single plugin instance to handle multiple asset types (by @​alexander-akait in #674)

• terser-webpack-plugin has been renamed to minimizer-webpack-plugin, merging other minimizers from css-minimizer-webpack-plugin and html-minimizer-webpack-plugin. We will continue to publish new releases under the old name, but we recommend switching to the new package - minimizer-webpack-plugin. It is now a single plugin for minification. We also added the ability to specify different minifier types using only one plugin instance, which will improve performance. (by @​alexander-akait in #677)

• rename terserOptions to minimizerOptions; terserOptions is kept as a deprecated alias (by @​alexander-akait in #674)

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

Changelog

Sourced from terser-webpack-plugin's changelog.

5.6.0

Minor Changes

• support array of minimizers for minify and terserOptions (by @​alexander-akait in #674)

• add built-in CSS minimizers from css-minimizer-webpack-plugin (by @​alexander-akait in #674)

• add built-in HTML minimizers from html-minimizer-webpack-plugin (by @​alexander-akait in #674)

• add filter method to minimizers, allowing a single plugin instance to handle multiple asset types (by @​alexander-akait in #674)

• terser-webpack-plugin has been renamed to minimizer-webpack-plugin, merging other minimizers from css-minimizer-webpack-plugin and html-minimizer-webpack-plugin. We will continue to publish new releases under the old name, but we recommend switching to the new package - minimizer-webpack-plugin. It is now a single plugin for minification. We also added the ability to specify different minifier types using only one plugin instance, which will improve performance. (by @​alexander-akait in #677)

• rename terserOptions to minimizerOptions; terserOptions is kept as a deprecated alias (by @​alexander-akait in #674)

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

Commits

• 57bdcfc chore(release): new release (#675)
• 6feeda0 chore: add changelog entry (#677)
• dd360be chore: rename other things
• d78b6bd ci: dual-publish release as minimizer-webpack-plugin and terser-webpack-plugi...
• e06c526 docs: add changesets for changes since v5.5.0 (#674)
• a875994 chore: update codebase
• 2bfd4f8 ci: add changesets-driven release workflow (#672)
• 9b82a77 test: cover multi-asset minify and js-only minimizer fallback (#671)
• 34610d9 feat: added the filter method to minimizers and allow to handle different a...
• 1a34e62 feat: add built-in CSS minimizers from css-minimizer-webpack-plugin (#669)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for terser-webpack-plugin since your current version.

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	webpack@​5.106.2
	workbox-webpack-plugin@​7.4.1
	react-refresh@​0.18.0
	postcss-flexbugs-fixes@​5.0.2
	prompts@​2.4.2
	resolve-url-loader@​5.0.0
	ts-node@​10.9.2
	postcss@​8.5.14
	postcss-normalize@​13.0.1
	source-map-loader@​5.0.0
	webpack-manifest-plugin@​6.0.1
	tailwindcss@​4.3.0
	resolve@​1.22.12
	react@​19.2.6
	react-app-polyfill@​3.0.0
	react-dev-utils@​12.0.1
	style-loader@​4.0.0
	postcss-loader@​8.2.1
	mini-css-extract-plugin@​2.10.2
	typescript@​5.9.3
	semver@​7.8.0
	sass-loader@​16.0.8
	webpack-dev-server@​5.2.4
	react-dom@​19.2.6
	postcss-preset-env@​11.2.1
	terser-webpack-plugin@​5.6.0

View full report

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Warn		Obfuscated code: npm string.prototype.trimend is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: ? → npm/eslint-config-react-app@7.0.1 → npm/string.prototype.trimend@1.0.9 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/string.prototype.trimend@1.0.9. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm svgo is 91.0% likely obfuscated Confidence: 0.91 Location: Package overview From: ? → npm/@svgr/webpack@8.1.0 → npm/svgo@3.3.3 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/svgo@3.3.3. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm webpack is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: webapp/package.json → npm/webpack@5.106.2 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/webpack@5.106.2. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report