Copilot commented on code in PR #845:
URL: https://github.com/apache/ranger/pull/845#discussion_r2793720977
##########
security-admin/src/main/webapp/react-webapp/package.json:
##########
@@ -57,9 +57,9 @@
"react-toastify": "^8.1.0",
"style-loader": "^2.0.0",
"tether": "^2.0.0",
- "webpack": "^5.94.0",
- "webpack-cli": "^5.0.0",
+ "webpack": "^5.105.0",
+ "webpack-cli": "^6.0.1",
Review Comment:
`webpack-dev-server@^5.2.2` typically has a peer dependency range that
supports `webpack-cli` v4/v5, so bumping `webpack-cli` to `^6.0.1` can cause
peer-dependency resolution failures (or hard install failures with strict peer
deps). Consider keeping `webpack-cli` on `^5.x` for compatibility, or bump
`webpack-dev-server` to a version that explicitly supports `webpack-cli@6`.
```suggestion
"webpack-cli": "^5.1.4",
```
##########
security-admin/src/main/webapp/react-webapp/package.json:
##########
@@ -57,9 +57,9 @@
"react-toastify": "^8.1.0",
"style-loader": "^2.0.0",
"tether": "^2.0.0",
- "webpack": "^5.94.0",
- "webpack-cli": "^5.0.0",
+ "webpack": "^5.105.0",
+ "webpack-cli": "^6.0.1",
"webpack-dev-server": "^5.2.2",
- "webpack-merge": "^5.8.0"
+ "webpack-merge": "^6.0.1"
Review Comment:
This is a major-version bump (`webpack-merge` 5 -> 6). If the project has
custom webpack config code that imports/uses `webpack-merge`, the API/behavior
changes can break builds without any code changes in this PR. If the upgrade is
required, it would help to (a) call out the compatibility/behavior change in
the PR description, or (b) keep `webpack-merge` on `^5.x` unless a
corresponding config change is included.
```suggestion
"webpack-merge": "^5.10.0"
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
