chore: Bump @lavamoat/webpack from 0.9.0-beta.0 to 1.0.0

[dependabot]

Bumps @lavamoat/webpack from 0.9.0-beta.0 to 1.0.0.

Release notes

Sourced from @​lavamoat/webpack's releases.

webpack: v1.0.0

1.0.0 (2025-06-24)

Features

• webpack: add undocumented __unsafeAllowContextModules flag to allow experimenting with contextmodules without leaving them vulnerable by default (8eca7f1)
• webpack: avoid emiting resource assets from packages by default (#1451) (325bf2a)
• webpack: enable syntax checks by default, check prior to concatenation. (e74a55b)
• webpack: policy debugging capabilities and tighter tests (20b12ad)
• webpack: support scuttling (#1298) (9630600)
• webpack: unlockedChunksUnsafe option to refrain from protecting selected chunks (#1375) (1f24683)
• webpack: webpack context modules and chunk lazy loading support (#1553) (3602f65)

Bug Fixes

• add Node.js v24.0.0 to supported engines (ad9cdcd)
• core,webpack: remove deprecated lockdown options (efec539), closes #1578
• core: block circular global object endowments (#1505) (6745a0e)
• deps: update babel monorepo (afc9fe5)
• deps: update babel monorepo (e6f4e70)
• deps: update babel monorepo to v7.25.8 (1dcb35e)
• deps: update babel monorepo to v7.25.9 (6d9d5a3)
• deps: update babel monorepo to v7.26.7 (#1524) (7285fdf)
• deps: update babel monorepo to v7.26.9 (6a9dc73)
• deps: update babel monorepo to v7.27.0 (#1589) (efd83d7)
• deps: update dependency json-stable-stringify to v1.3.0 (#1613) (f9314d1)
• deps: update dependency ses to v1.10.0 (#1422) (b6f0589)
• deps: update dependency ses to v1.12.0 [security] (#1605) (881ae86)
• deps: update dependency ses to v1.9.0 (75cae74)
• make policy ordering consistntly manifest itself in json files produced (a149a7d)
• upgrade ses to v1.11.0 (a12dae1)
• webpack: import types from ses (78aca55)
• webpack: prevent toString manipulation on a specifier (1163085)
• webpack: support regex in scuttling exceptions (#1529) (45c0308)
• webpack: undo the forced overwrite of parent and top references (#1666) (adec627)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​lavamoat/aa bumped from ^4.3.2 to ^4.3.3
    • lavamoat-core bumped from ^16.4.0 to ^16.5.0

webpack: v0.10.0-beta.0

0.10.0-beta.0 (2025-05-01)

... (truncated)

Changelog

Sourced from @​lavamoat/webpack's changelog.

Changelog

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • lavamoat-core bumped from ^15.1.0 to ^15.1.1

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • lavamoat-core bumped from ^15.1.1 to ^15.1.2

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • lavamoat-core bumped from ^15.2.0 to ^15.2.1

1.0.0 (2025-06-24)

Features

• webpack: add undocumented __unsafeAllowContextModules flag to allow experimenting with contextmodules without leaving them vulnerable by default (8eca7f1)
• webpack: avoid emiting resource assets from packages by default (#1451) (325bf2a)
• webpack: enable syntax checks by default, check prior to concatenation. (e74a55b)
• webpack: policy debugging capabilities and tighter tests (20b12ad)
• webpack: support scuttling (#1298) (9630600)
• webpack: unlockedChunksUnsafe option to refrain from protecting selected chunks (#1375) (1f24683)
• webpack: webpack context modules and chunk lazy loading support (#1553) (3602f65)

Bug Fixes

• add Node.js v24.0.0 to supported engines (ad9cdcd)
• core,webpack: remove deprecated lockdown options (efec539), closes #1578
• core: block circular global object endowments (#1505) (6745a0e)
• deps: update babel monorepo (afc9fe5)
• deps: update babel monorepo (e6f4e70)
• deps: update babel monorepo to v7.25.8 (1dcb35e)
• deps: update babel monorepo to v7.25.9 (6d9d5a3)
• deps: update babel monorepo to v7.26.7 (#1524) (7285fdf)
• deps: update babel monorepo to v7.26.9 (6a9dc73)
• deps: update babel monorepo to v7.27.0 (#1589) (efd83d7)
• deps: update dependency json-stable-stringify to v1.3.0 (#1613) (f9314d1)
• deps: update dependency ses to v1.10.0 (#1422) (b6f0589)
• deps: update dependency ses to v1.12.0 [security] (#1605) (881ae86)
• deps: update dependency ses to v1.9.0 (75cae74)

... (truncated)

Commits

• e57b497 chore: release main
• 8a2a93c chore(deps): update dependency esbuild-loader to v4
• 7cc58f2 chore(deps): update dependency webpack to v5.90.0
• aff2329 chore(deps): update dependency css-loader to v6.9.1
• bc99fa0 chore(deps): update dependency typescript to v5.3.3
• 94f9968 chore(deps): update dependency css-loader to v6.9.0
• 24f34cc chore(deps): update dependency html-webpack-plugin to v5.6.0
• cad8986 chore: release main
• 8b05b97 chore: release main
• 1628b55 chore(deps): upgrade SES
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	@​lavamoat/​webpack@​0.9.0-beta.0 ⏵ 1.0.0	+26		+2	+10

View full report

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 98.22%. Comparing base (adf1fa0) to head (18fa4ba).
Report is 3 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #3502   +/-   ##
=======================================
  Coverage   98.22%   98.22%           
=======================================
  Files         405      405           
  Lines       11412    11412           
  Branches     1779     1779           
=======================================
  Hits        11210    11210           
  Misses        202      202           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[dependabot]

Looks like @lavamoat/webpack is up-to-date now, so this is no longer needed.