webpack · avivkeller · Jan 12, 2026
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -12,3 +12,14 @@ updates:
       dependencies:
         patterns:
           - "*"
+  - package-ecosystem: github-actions
+    directory: "/"
+    schedule:
+      interval: weekly
+      time: "04:00"
+      timezone: Europe/Berlin
+    open-pull-requests-limit: 3
+    groups:
+      dependencies:
+        patterns:
+          - "*"
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -0,0 +1,87 @@
+name: CI
+
+on:
+  push:
+    branches:
+      - main
+      - next
+  pull_request:
+    branches:
+      - main
+      - next
+
+concurrency:
+  group: "${{ github.workflow }} ✨ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}"
+  cancel-in-progress: true
+
+permissions:
+  contents: read
+
+jobs:
+  lint:
+    name: Lint & Check Types
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+
+      - name: Setup Node.js
+        uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0
+        with:
+          node-version: "lts/*"
+          cache: "npm"
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Lint
+        run: npm run lint
+
+      - name: Build types
+        run: npm run build:types
+
+      - name: Check types
+        run: |
+          if [ -n "$(git status types --porcelain)" ]; then
+            echo "Missing types. Update types by running 'npm run build:types'";
+            exit 1;
+          fi
+  test:
+    name: Test - ${{ matrix.os }} (Node.js ${{ matrix.node-version }})
+
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ubuntu-latest, windows-latest, macos-latest]
+        node-version: [18.x, 20.x, 22.x, 24.x]
+
+    runs-on: ${{ matrix.os }}
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+
+      - name: Setup Node.js ${{ matrix.node-version }}
+        uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0
+        with:
+          node-version: ${{ matrix.node-version }}
+          cache: "npm"
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Link webpack-dev-server
+        run: |
+          cp -R client tmp-client
+          npm link --ignore-scripts
+          npm link webpack-dev-server --ignore-scripts
+          rm -r client
+          cp -R tmp-client client
+
+      - name: Run tests
+        run: npm run test:coverage -- --ci
+
+      - name: Upload coverage to Codecov
+        if: always()
+        uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de # v5.5.2
diff --git a/.github/workflows/commitlint.yml b/.github/workflows/commitlint.yml
@@ -0,0 +1,34 @@
+name: Validate PR
+
+on:
+  pull_request:
+    types:
+      - opened
+      - reopened
+      - edited
+
+concurrency:
+  group: "${{ github.workflow }} ✨ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}"
+  cancel-in-progress: true
+
+permissions:
+  contents: read
+
+jobs:
+  commitlint:
+    name: Lint Commit Messages
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        with:
+          fetch-depth: 0
+
+      - uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0
+        with:
+          node-version: "lts/*"
+          cache: "npm"
+
+      - run: npm ci
+
+      - name: Validate PR commits with commitlint
+        run: npx commitlint --from ${{ github.event.pull_request.head.sha }}~${{ github.event.pull_request.commits }} --to ${{ github.event.pull_request.head.sha }} --verbose
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
@@ -1,5 +1,14 @@
-name: "Dependency Review"
-on: [pull_request]
+# Dependency Review Action
+#
+# This Action will scan dependency manifest files that change as part of a Pull Request,
+# surfacing known-vulnerable versions of the packages declared or updated in the PR.
+# Once installed, if the workflow run is marked as required,
+# PRs introducing known-vulnerable packages will be blocked from merging.
+#
+# Source repository: https://github.com/actions/dependency-review-action
+name: Review Dependencies
+
+on: pull_request
 
 permissions:
   contents: read
@@ -8,7 +17,8 @@ jobs:
   dependency-review:
     runs-on: ubuntu-latest
     steps:
-      - name: "Checkout Repository"
-        uses: actions/checkout@v4
-      - name: "Dependency Review"
-        uses: actions/dependency-review-action@v4
+      - name: Git Checkout
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+
+      - name: Review Dependencies
+        uses: actions/dependency-review-action@3c4e3dcb1aa7874d2c16be7d79418e9b7efd6261 # v4.8.2
diff --git a/.github/workflows/nodejs.yml b/.github/workflows/nodejs.yml
diff --git a/scripts/prepare-test-for-old-node.js b/scripts/prepare-test-for-old-node.js
diff --git a/test/server/open-option.test.js b/test/server/open-option.test.js
@@ -9,32 +9,17 @@ const internalIPv4 = Server.internalIPSync("v4");
 
 let open;
 
-const needRequireMock =
-  process.version.startsWith("v18") || process.version.startsWith("v19");
-
-if (needRequireMock) {
-  open = require("open");
-
-  jest.mock("open");
-
-  open.mockImplementation(() => ({
-    catch: jest.fn(),
-  }));
-}
-
 describe('"open" option', () => {
   let compiler;
 
   beforeEach(async () => {
     compiler = webpack(config);
 
-    if (!needRequireMock) {
-      jest.unstable_mockModule("open", () => ({
-        default: jest.fn(() => Promise.resolve()),
-      }));
+    jest.unstable_mockModule("open", () => ({
+      default: jest.fn(() => Promise.resolve()),
+    }));
 
-      open = (await import("open")).default;
-    }
+    open = (await import("open")).default;
   });
 
   afterEach(async () => {