Skip to content

Bump webpack-dev-server and @symfony/webpack-encore#3739

Open
dependabot[bot] wants to merge 1 commit into
6.1from
dependabot/npm_and_yarn/multi-2b412b4fb8
Open

Bump webpack-dev-server and @symfony/webpack-encore#3739
dependabot[bot] wants to merge 1 commit into
6.1from
dependabot/npm_and_yarn/multi-2b412b4fb8

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 22, 2026

Copy link
Copy Markdown
Contributor

Removes webpack-dev-server. It's no longer used after updating ancestor dependency @symfony/webpack-encore. These dependencies need to be updated together.

Removes webpack-dev-server

Updates @symfony/webpack-encore from 1.8.2 to 7.1.0

Release notes

Sourced from @​symfony/webpack-encore's releases.

7.1.0 - The "Wait, We Forgot Some Things" Release

[!NOTE] A small follow-up to 7.0.0: a few dependency updates didn't make it into that release, so 7.1.0 ships them now. You get support for sass-loader v17 (v16 still works), @vue/babel-plugin-jsx bumped to v3, webpack-manifest-plugin requiring at least v6.0.1, and JS/CSS minifier peer dependencies relaxed to optional with no version constraint. No upgrade steps needed for most projects, just bump and go.

What's Changed

Full Changelog: symfony/webpack-encore@v7.0.0...v7.1.0


Thanks to everyone who contributed to this release! 🙌

Update Encore in your project:

npm install @symfony/webpack-encore@latest --save-dev
pnpm add --save-dev @symfony/webpack-encore@latest
yarn add --dev @symfony/webpack-encore@latest

7.0.0 - The ESM-Only & Async-first Release

[!IMPORTANT] Webpack Encore 7.0 is a big one: the config format moves to ESM (and Encore.getWebpackConfig() is now async), Babel 8 is required, and JS/CSS minification are unified under a single plugin.

Under the hood, the project itself got a proper refresh too, with Vitest replacing Mocha/Sinon/Chai, PNPM as the package manager, and Oxfmt handling formatting.

It's a breaking change release, but the end result is a cleaner, more modern Encore that's much better aligned with today's JS ecosystem.

See the upgrade guide before upgrading.

What's Changed

... (truncated)

Changelog

Sourced from @​symfony/webpack-encore's changelog.

7.1.0

  • Add support for sass-loader ^17.0.0
  • Add support for @vue/babel-plugin-jsx to ^3.0.0, remove support for @vue/babel-plugin-jsx to ^1.0.0
  • Update the minimum version of webpack-manifest-plugin to ^6.0.1
  • Declare the JS/CSS minifiers as optional peer dependencies without a version constraint, matching minimizer-webpack-plugin behavior

7.0.0

This is a new major version that contains several backwards-compatibility breaks.

BC Breaks

  • Migrate from CJS (CommonJS) to ESM (ES Modules)
  • Migrate synchronous API to asynchronous API
  • Drop support of Babel 7 in favor of Babel 8
  • Remove Encore.configureTerserPlugin() in favor of Encore.configureJsMinimizerPlugin()

Features

  • Add support for webpack-cli ^7.0.0
  • Add support for typescript ^6.0.0
  • Add support for Node.js` ^26.0.0
  • Add support of Babel 8
  • Use ESM exports in Encore.copyFiles() for better webpack optimizations
  • Use peerDependencies instead of devDependencies for optional dependencies checking
  • Replace css-minimizer-webpack-plugin and terser-webpack-plugin by minimizer-webpack-plugin to unify the minification process

See the upgrade guide for the full list of breaking changes and upgrade steps.

6.0.0

This is a new major version that contains several backwards-compatibility breaks, but for the best!

BC Breaks

  • Remove support of Node.js <22.13.0
  • Remove support of babel-loader@^9.1.3, see possible BC breaks in 10.0.0 release notes
  • Remove support of style-loader@^3.3.0, see possible BC breaks in 4.0.0 release notes
  • Remove support of less-loader@^11.0.0, see possible BC breaks in 12.0.0 release notes
  • Remove support of postcss-loader@^7.0.0, see possible BC breaks in 8.0.0 release notes
  • Remove support of stylus-loader@^7.0.0, see possible BC breaks in 8.0.0 release notes
  • Remove support of webpack-cli@^5.0.0, see possible BC breaks in 6.0.0 release notes
  • Remove unmaintained file-loader dependency The [N] placeholder (regex capture groups in filename patterns) is no longer supported. If you were using patterns like [1] or [2] in your Encore.copyFiles() filename option, you will need to restructure your file organization or use a different naming strategy.
  • Remove deprecated --https flag and devServerConfig.https option for webpack-dev-server, use --server-type https or configureDevServerOptions() with server: 'https' instead

Features

... (truncated)

Upgrade guide

Sourced from @​symfony/webpack-encore's upgrade guide.

Upgrading

7.0.0

[!IMPORTANT] v7.0.0 is ESM-only, Encore.getWebpackConfig() is now async, Babel 8 is required, and CSS minification is no longer enabled by default. These are real breaking changes, so please follow the steps below.

The Node.js ecosystem has largely moved to ESM as the standard module format. Most actively maintained packages now ship ESM-only, and since Encore already requires Node.js ^22.13.0 || >=24.0 (which has full ESM support), continuing to publish as CJS would mean fighting the ecosystem: pinning to older dependencies, adding workarounds, and missing out on tree-shaking and static analysis.

Moving to ESM also unlocks async/await in Encore's internals. Now that getWebpackConfig() is natively async, Encore can adopt modern async APIs from the ecosystem without hacks.

  • Migrate from CommonJS to ESM: the package now requires "type": "module" in your project or the use of .mjs file extensions. Update your webpack.config.js:

    // Before (CJS)
    const Encore = require('@symfony/webpack-encore');
    // ...
    module.exports = Encore.getWebpackConfig();
    // After (ESM)
    import Encore from '@​symfony/webpack-encore';
    // ...
    export default await Encore.getWebpackConfig();

    Note: Encore.getWebpackConfig() is now async and returns a Promise. Use await at the top level of your webpack config (webpack supports async config files natively).

  • If you prefer not to add "type": "module", rename your webpack config to webpack.config.mjs instead; webpack detects the .mjs extension and treats it as ESM automatically.

  • Replace __dirname and __filename with their ESM equivalents in your webpack config:

    // Before (CJS)
    path.resolve(__dirname, 'src/utilities/');
    config: [__filename];
    // After (ESM)
    path.resolve(import.meta.dirname, 'src/utilities/');
    config: [import.meta.filename];

... (truncated)

Commits
  • c1850cc Tagging 7.1.0
  • 6b47b11 Name release
  • bc9a789 minor #1500 Tweak CHANGELOG.md for StimulusBundle & ESM (Kocal)
  • 5f9268d Tweak CHANGELOG.md for StimulusBundle & ESM
  • 5ff162f feature #1499 Add support for sass-loader ^17.0.0 (Kocal)
  • 93b97aa Add support for sass-loader ^17.0.0
  • d58ed97 feature #1498 Relax the peerDependencies of the JS/CSS minifiers (Kocal)
  • 0ab1c5f Relax the peerDependencies of the JS/CSS minifiers
  • 3026e9a feature #1495 Update webpack-manifest-plugin to 6.0.1 (Kocal)
  • 289cee3 Update webpack-manifest-plugin to 6.0.1
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by kocal, a new releaser for @​symfony/webpack-encore since your current version.


@dependabot dependabot Bot added dependencies Pull requests that update a dependency file 🧹 Chore labels Jun 22, 2026
@dependabot dependabot Bot changed the base branch from 6.2 to 6.1 June 28, 2026 08:11
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/multi-2b412b4fb8 branch 3 times, most recently from 1e02e71 to 9c0beba Compare June 28, 2026 10:48
Removes [webpack-dev-server](https://github.com/webpack/webpack-dev-server). It's no longer used after updating ancestor dependency [@symfony/webpack-encore](https://github.com/symfony/webpack-encore). These dependencies need to be updated together.


Removes `webpack-dev-server`

Updates `@symfony/webpack-encore` from 1.8.2 to 7.1.0
- [Release notes](https://github.com/symfony/webpack-encore/releases)
- [Changelog](https://github.com/symfony/webpack-encore/blob/main/CHANGELOG.md)
- [Upgrade guide](https://github.com/symfony/webpack-encore/blob/main/UPGRADE.md)
- [Commits](symfony/webpack-encore@v1.8.2...v7.1.0)

---
updated-dependencies:
- dependency-name: "@symfony/webpack-encore"
  dependency-version: 7.0.0
  dependency-type: direct:development
- dependency-name: webpack-dev-server
  dependency-version:
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/multi-2b412b4fb8 branch from 9c0beba to f3af889 Compare June 28, 2026 10:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

🧹 Chore dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants