Skip to content

Bump serialize-javascript and terser-webpack-plugin in /@plotly/dash-component-plugins#3717

Closed
dependabot[bot] wants to merge 1 commit intodevfrom
dependabot/npm_and_yarn/plotly/dash-component-plugins/multi-0d13b2d87f
Closed

Bump serialize-javascript and terser-webpack-plugin in /@plotly/dash-component-plugins#3717
dependabot[bot] wants to merge 1 commit intodevfrom
dependabot/npm_and_yarn/plotly/dash-component-plugins/multi-0d13b2d87f

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 2, 2026

Removes serialize-javascript. It's no longer used after updating ancestor dependency terser-webpack-plugin. These dependencies need to be updated together.

Removes serialize-javascript

Updates terser-webpack-plugin from 5.3.14 to 5.4.0

Release notes

Sourced from terser-webpack-plugin's releases.

v5.4.0

5.4.0 (2026-03-10)

Features

  • added ability to minimize JSON using jsonMinify (#657) (29ac915)

v5.3.17

5.3.17 (2026-03-03)

Bug Fixes

  • update serialize-javascript (37c490c)

v5.3.16

5.3.16 (2025-12-11)

Bug Fixes

v5.3.15

5.3.15 (2025-12-05)

Bug Fixes

  • catch error when loading minimizers (#639) (586af0a)
  • respect errors and warnings from minimizer without code (8607f79)
Changelog

Sourced from terser-webpack-plugin's changelog.

5.4.0 (2026-03-10)

Features

  • added ability to minimizer JSON using jsonMinify (#657) (29ac915)

5.3.17 (2026-03-03)

Bug Fixes

  • update serialize-javascript (37c490c)

5.3.16 (2025-12-11)

Bug Fixes

5.3.15 (2025-12-05)

Bug Fixes

  • catch error when loading minimizers (#639) (586af0a)
  • respect errors and warnings from minimizer without code (8607f79)
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump serialize-javascript and terser-webpack-plugin
260137a 
Removes [serialize-javascript](https://github.com/yahoo/serialize-javascript). It's no longer used after updating ancestor dependency [terser-webpack-plugin](https://github.com/webpack/terser-webpack-plugin). These dependencies need to be updated together.


Removes `serialize-javascript`

Updates `terser-webpack-plugin` from 5.3.14 to 5.4.0
- [Release notes](https://github.com/webpack/terser-webpack-plugin/releases)
- [Changelog](https://github.com/webpack/terser-webpack-plugin/blob/main/CHANGELOG.md)
- [Commits](webpack/terser-webpack-plugin@v5.3.14...v5.4.0)

---
updated-dependencies:
- dependency-name: serialize-javascript
  dependency-version: 
  dependency-type: indirect
- dependency-name: terser-webpack-plugin
  dependency-version: 5.4.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Apr 2, 2026
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Apr 2, 2026
@dependabot dependabot bot requested a review from KoolADE85 as a code owner April 2, 2026 19:24
@dependabot dependabot bot added the javascript Pull requests that update javascript code label Apr 2, 2026
@github-actions
Copy link
Copy Markdown

github-actions bot commented Apr 2, 2026
edited
Loading

Thank you for your contribution to Dash! 🎉

@T4rk1n T4rk1n closed this Apr 2, 2026
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot bot commented on behalf of github Apr 2, 2026

OK, I won't notify you again about this release, but will get in touch when a new version is available. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot bot deleted the dependabot/npm_and_yarn/plotly/dash-component-plugins/multi-0d13b2d87f branch April 2, 2026 20:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@T4rk1n T4rk1n Awaiting requested review from T4rk1n T4rk1n is a code owner

@ndrezn ndrezn Awaiting requested review from ndrezn ndrezn is a code owner

@camdecoster camdecoster Awaiting requested review from camdecoster camdecoster is a code owner

@KoolADE85 KoolADE85 Awaiting requested review from KoolADE85 KoolADE85 is a code owner

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@T4rk1n