Bump the build group across 1 directory with 9 updates

[dependabot]

Bumps the build group with 8 updates in the / directory:

Package	From	To
@babel/core	7.28.6	7.29.0
@babel/preset-env	7.28.6	7.29.0
autoprefixer	10.4.23	10.4.27
copy-webpack-plugin	13.0.1	14.0.0
postcss-loader	8.2.0	8.2.1
sass-embedded	1.97.2	1.97.3
sass-loader	16.0.6	16.0.7
webpack	5.104.1	5.105.3

Updates @babel/core from 7.28.6 to 7.29.0

Release notes

Sourced from @​babel/core's releases.

v7.29.0 (2026-01-31)

Thanks @​simbahax for your first PR!

🚀 New Feature

• babel-types
  • #17750 [7.x backport] Add attributes import declaration builder (@​JLHwung)
• babel-standalone
  • #17663 [7.x backport] feat(standalone): export async transform (@​JLHwung)
  • #17725 [7.x backport] feat: read standalone targets from data-targets (@​JLHwung)

🐛 Bug Fix

• babel-parser
  • #17765 fix(parser): correctly parse type assertions in extends clause (@​nicolo-ribaudo)
  • #17723 [7.x backport] fix(parser): improve super type argument parsing (@​JLHwung)
• babel-traverse
  • #17708 fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (@​simbahax)
• babel-plugin-transform-block-scoping, babel-traverse
  • #17737 [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (@​magic-akari)

🏃‍♀️ Performance

• babel-generator, babel-runtime-corejs3
  • #17642 [Babel 7] Improve generator performance (@​liuxingbaoyu)

Committers: 6

• David (@​simbahax)
• Huáng Jùnliàng (@​JLHwung)
• Nicolò Ribaudo (@​nicolo-ribaudo)
• @​liuxingbaoyu
• @​magic-akari

Commits

• aa8394e v7.29.0
• ad0d03f [7.x backport] feat: Allow specifying startLine in code frame (#17739)
• See full diff in compare view

Updates @babel/preset-env from 7.28.6 to 7.29.0

Release notes

Sourced from @​babel/preset-env's releases.

v7.29.0 (2026-01-31)

Thanks @​simbahax for your first PR!

🚀 New Feature

• babel-types
  • #17750 [7.x backport] Add attributes import declaration builder (@​JLHwung)
• babel-standalone
  • #17663 [7.x backport] feat(standalone): export async transform (@​JLHwung)
  • #17725 [7.x backport] feat: read standalone targets from data-targets (@​JLHwung)

🐛 Bug Fix

• babel-parser
  • #17765 fix(parser): correctly parse type assertions in extends clause (@​nicolo-ribaudo)
  • #17723 [7.x backport] fix(parser): improve super type argument parsing (@​JLHwung)
• babel-traverse
  • #17708 fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (@​simbahax)
• babel-plugin-transform-block-scoping, babel-traverse
  • #17737 [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (@​magic-akari)

🏃‍♀️ Performance

• babel-generator, babel-runtime-corejs3
  • #17642 [Babel 7] Improve generator performance (@​liuxingbaoyu)

Committers: 6

• David (@​simbahax)
• Huáng Jùnliàng (@​JLHwung)
• Nicolò Ribaudo (@​nicolo-ribaudo)
• @​liuxingbaoyu
• @​magic-akari

Commits

• aa8394e v7.29.0
• 0053db6 Update polyfill packages (#17727)
• f3a2226 [babel 7] Delete Babel 8 fixtures (#17729)
• See full diff in compare view

Updates autoprefixer from 10.4.23 to 10.4.27

Release notes

Sourced from autoprefixer's releases.

10.4.27

• Removed development key from package.json.

10.4.26

• Reduced package size.

10.4.25

• Fixed broken gradients on CSS Custom Properties (by @​serger777).

10.4.24

• Made Autoprefixer a little faster (by @​Cherry).

Changelog

Sourced from autoprefixer's changelog.

10.4.27

• Removed development key from package.json.

10.4.26

• Reduced package size.

10.4.25

• Fixed broken gradients on CSS Custom Properties (by @​serger777).

10.4.24

• Made Autoprefixer a little faster (by @​Cherry).

Commits

• 360f2d9 Release 10.4.27 version
• ab5260c Update clean-publish
• 09e9dd1 Release 10.4.26 version
• ec75540 Ignore local patches
• 59601b8 Update c8 and clean-publish
• 06ea988 Release 10.4.25 version
• 47d8a5b Update dependencies and fix Node.js 25
• 51c596e Add Node.js 25 and 24 to CI
• 5239823 Fix CSS variables in gradients (#1515) (#1544)
• 36692c2 Release 10.4.24 version
• Additional commits viewable in compare view

Updates copy-webpack-plugin from 13.0.1 to 14.0.0

Release notes

Sourced from copy-webpack-plugin's releases.

v14.0.0

14.0.0 (2026-03-02)

⚠ BREAKING CHANGES

• minimum supported Node.js version is 20.9.0 (#819) (2881203)

Bug Fixes

• update serialize-javascript to fix security problems

Changelog

Sourced from copy-webpack-plugin's changelog.

14.0.0 (2026-03-02)

⚠ BREAKING CHANGES

• minimum supported Node.js version is 20.9.0 (#819) (2881203)

Bug Fixes

• update serialize-javascript to fix security problems

Commits

• 18eb9d9 chore(release): 14.0.0
• 2881203 refactor!: minimum supported Node.js version is 20.9.0 (#819)
• 9dc3d31 chore(deps-dev): bump ajv from 6.12.6 to 6.14.0 (#815)
• 5cf5a1d chore(deps): update (#814)
• 3dd5b6e chore(deps): bump js-yaml (#813)
• 9ac38bb chore(deps-dev): bump lodash from 4.17.21 to 4.17.23 (#812)
• 6a16bac Update link to contributing guidelines in README
• a1625f9 chore: migrate from contrib (#810)
• 9f6f204 chore: update github actions/checkout from v4 to v5 (#809)
• See full diff in compare view

Updates postcss-loader from 8.2.0 to 8.2.1

Release notes

Sourced from postcss-loader's releases.

v8.2.1

8.2.1 (2026-02-15)

Bug Fixes

• update peer dependency for @​rspack/core v2 (#717) (a3ed7e2)

Changelog

Sourced from postcss-loader's changelog.

8.2.1 (2026-02-15)

Bug Fixes

• update peer dependency for @​rspack/core v2 (#717) (a3ed7e2)

Commits

• 583677e chore(release): 8.2.1
• a3ed7e2 fix: update peer dependency for @​rspack/core v2 (#717)
• c984ff4 test: fix (#715)
• cc01d2b ci: fix
• d4faa34 docs: update contributing
• b1e4fa5 chore: correct link (#713)
• d990168 chore: migration to main org and branch (#712)
• See full diff in compare view

Updates sass-embedded from 1.97.2 to 1.97.3

Changelog

Sourced from sass-embedded's changelog.

1.97.3

• Fix a bug where nesting an at-rule within multiple style rules in plain CSS could cause outer style rules to be omitted.

Commits

• a9fe912 Update Dart Sass version and release
• 5b3fcd1 Remove buffer-builder dependency (#416)
• a0172ee Bump gts from 6.0.2 to 7.0.0 (#407)
• 8bce3b9 Bump @​types/node from 24.10.4 to 25.0.3 (#410)
• See full diff in compare view

Updates sass-loader from 16.0.6 to 16.0.7

Release notes

Sourced from sass-loader's releases.

v16.0.7

16.0.7 (2026-02-05)

Bug Fixes

• update peer dependency for @​rspack/core v2 (#1291) (24d12ec)

Changelog

Sourced from sass-loader's changelog.

16.0.7 (2026-02-05)

Bug Fixes

• update peer dependency for @​rspack/core v2 (#1291) (24d12ec)

Commits

• 694c8d9 chore(release): 16.0.7
• 147d6ab ci: lint fix (#1294)
• 24d12ec fix: update peer dependency for @​rspack/core v2 (#1291)
• 068201f docs: fix link (#1287)
• See full diff in compare view

Updates webpack from 5.104.1 to 5.105.3

Release notes

Sourced from webpack's releases.

v5.105.3

Patch Changes

• Context modules now handle rejections correctly. (by @​alexander-akait in #20455)

• Only mark asset modules as side-effect-free when experimental.futureDefaults is set to true, so asset-copying use cases (e.g. import "./x.png") won’t break unless the option is enabled. (by @​hai-x in #20535)

• Add the missing webpack_exports declaration in certain cases when bundling a JS entry together with non-JS entries (e.g., CSS entry or asset module entry). (by @​hai-x in #20463)

• Fixed HMR failure for CSS modules with @​import when exportType !== "link". When exportType is not "link", CSS modules now behave like JavaScript modules and don't require special HMR handling, allowing @​import CSS to work correctly during hot module replacement. (by @​xiaoxiaojx in #20514)

• Fixed an issue where empty JavaScript files were generated for CSS-only entry points. The code now correctly checks if entry modules have JavaScript source types before determining whether to generate a JS file. (by @​xiaoxiaojx in #20454)

• Do not crash when a referenced chunk is not a runtime chunk. (by @​alexander-akait in #20461)

• Fix some types. (by @​alexander-akait in #20412)

• Ensure that missing module error are thrown after the interception handler (if present), allowing module interception to customize the module factory. (by @​hai-x in #20510)

• Added createRequire support for ECMA modules. (by @​stefanbinoj in #20497)

• Added category for CJS reexport dependency to fix issues with ECMA modules. (by @​hai-x in #20444)

• Implement immutable bytes for bytes import attribute to match tc39 spec. (by @​alexander-akait in #20481)

• Fixed deterministic search for graph roots regardless of edge order. (by @​veeceey in #20452)

v5.105.2

Patch Changes

• Fixed WebpackPluginInstance type regression. (by @​alexander-akait in #20440)

v5.105.1

Patch Changes

• Fix VirtualUrlPlugin Windows compatibility by sanitizing cache keys and filenames. Cache keys now use toSafePath to replace colons (:) with double underscores (__) and sanitize other invalid characters, ensuring compatibility with Windows filesystem restrictions. (by @​xiaoxiaojx in #20424)

• Revert part of the createRequire generation behavior for require("node:...") to keep compatibility with those modules exports, e.g. const EventEmitter = require("node:events");. (by @​hai-x in #20433)

• Skip guard collection when exports-presence mode is disabled to improve parsing performance. (by @​hai-x in #20433)

v5.105.0

Minor Changes

• Allow resolving worker module by export condition name when using new Worker() (by @​hai-x in #20353)

• Detect conditional imports to avoid compile-time linking errors for non-existent exports. (by @​hai-x in #20320)

• Added the tsconfig option for the resolver options (replacement for tsconfig-paths-webpack-plugin). Can be false (disabled), true (use the default tsconfig.json file to search for it), a string path to tsconfig.json, or an object with configFile and references options. (by @​alexander-akait in #20400)

... (truncated)

Changelog

Sourced from webpack's changelog.

5.105.3

Patch Changes

• Context modules now handle rejections correctly. (by @​alexander-akait in #20455)

• Only mark asset modules as side-effect-free when experimental.futureDefaults is set to true, so asset-copying use cases (e.g. import "./x.png") won’t break unless the option is enabled. (by @​hai-x in #20535)

• Add the missing webpack_exports declaration in certain cases when bundling a JS entry together with non-JS entries (e.g., CSS entry or asset module entry). (by @​hai-x in #20463)

• Fixed HMR failure for CSS modules with @​import when exportType !== "link". When exportType is not "link", CSS modules now behave like JavaScript modules and don't require special HMR handling, allowing @​import CSS to work correctly during hot module replacement. (by @​xiaoxiaojx in #20514)

• Fixed an issue where empty JavaScript files were generated for CSS-only entry points. The code now correctly checks if entry modules have JavaScript source types before determining whether to generate a JS file. (by @​xiaoxiaojx in #20454)

• Do not crash when a referenced chunk is not a runtime chunk. (by @​alexander-akait in #20461)

• Fix some types. (by @​alexander-akait in #20412)

• Ensure that missing module error are thrown after the interception handler (if present), allowing module interception to customize the module factory. (by @​hai-x in #20510)

• Added createRequire support for ECMA modules. (by @​stefanbinoj in #20497)

• Added category for CJS reexport dependency to fix issues with ECMA modules. (by @​hai-x in #20444)

• Implement immutable bytes for bytes import attribute to match tc39 spec. (by @​alexander-akait in #20481)

• Fixed deterministic search for graph roots regardless of edge order. (by @​veeceey in #20452)

5.105.2

Patch Changes

• Fixed WebpackPluginInstance type regression. (by @​alexander-akait in #20440)

5.105.1

Patch Changes

• Fix VirtualUrlPlugin Windows compatibility by sanitizing cache keys and filenames. Cache keys now use toSafePath to replace colons (:) with double underscores (__) and sanitize other invalid characters, ensuring compatibility with Windows filesystem restrictions. (by @​xiaoxiaojx in #20424)

• Revert part of the createRequire generation behavior for require("node:...") to keep compatibility with those modules exports, e.g. const EventEmitter = require("node:events");. (by @​hai-x in #20433)

• Skip guard collection when exports-presence mode is disabled to improve parsing performance. (by @​hai-x in #20433)

5.105.0

Minor Changes

• Allow resolving worker module by export condition name when using new Worker() (by @​hai-x in #20353)

... (truncated)

Commits

• 714a0e3 chore(release): new release (#20448)
• c323b39 chore(deps-dev): bump nyc from 17.1.0 to 18.0.0 (#20539)
• 8a01dfe refactor: deduplicate export presence logic in Harmony dependency classes (#2...
• b9fc7b3 chore(deps): bump test/test262-cases in the dependencies group (#20541)
• f8a5ac3 test: add coverage for nwjs exports condition and CSS modules with webworker ...
• 59bf024 test: add coverage for external script in EnvironmentNotSupportAsyncWarning (...
• 4c79ac2 test: add missing coverage for formatLocation and formatSize (#20534)
• 4f5c0a8 fix: mark asset module as side-effect-free when futureDefaults (#20535)
• 87987ca test: add test
• 67c5aae test: add configCase for ESM prefetch/preload under neutral target (#20524)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for webpack since your current version.

Updates caniuse-lite from 1.0.30001764 to 1.0.30001775

Commits

• 575206f Update caniuse-db 1.0.30001775
• 69eb4c5 Update caniuse-db 1.0.30001774
• 7d2a807 Update caniuse-db 1.0.30001772
• e4b5da2 Update caniuse-db 1.0.30001770
• fc9cfa6 Update caniuse-db 1.0.30001769
• 2885f43 Update caniuse-db 1.0.30001768
• 2b8513a Update caniuse-db 1.0.30001767
• db00262 Update caniuse-db 1.0.30001766
• 14a4372 Update caniuse-db 1.0.30001765
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.