[Security] Bump webpack from 5.73.0 to 5.76.1 in /webapp

Bumps webpack from 5.73.0 to 5.76.1. This update includes a security fix.

Vulnerabilities fixed

Cross-realm object access in Webpack 5 Webpack 5 before 5.76.0 does not avoid cross-realm object access. ImportParserPlugin.js mishandles the magic comment feature. An attacker who controls a property of an untrusted object can obtain access to the real global object.

Patched versions: 5.76.0 Affected versions: >= 5.0.0, < 5.76.0

Release notes

Sourced from webpack's releases.

v5.76.1

Fixed

• Added assert/strict built-in to NodeTargetPlugin

Revert

• Improve performance of hashRegExp lookup by @​ryanwilsonperkin in webpack/webpack#16759

v5.76.0

Bugfixes

• Avoid cross-realm object access by @​Jack-Works in webpack/webpack#16500
• Improve hash performance via conditional initialization by @​lvivski in webpack/webpack#16491
• Serialize generatedCode info to fix bug in asset module cache restoration by @​ryanwilsonperkin in webpack/webpack#16703
• Improve performance of hashRegExp lookup by @​ryanwilsonperkin in webpack/webpack#16759

Features

• add target to LoaderContext type by @​askoufis in webpack/webpack#16781

Security

• CVE-2022-37603 fixed by @​akhilgkrishnan in webpack/webpack#16446

Repo Changes

• Fix HTML5 logo in README by @​jakebailey in webpack/webpack#16614
• Replace TypeScript logo in README by @​jakebailey in webpack/webpack#16613
• Update actions/cache dependencies by @​piwysocki in webpack/webpack#16493

New Contributors

• @​Jack-Works made their first contribution in webpack/webpack#16500
• @​lvivski made their first contribution in webpack/webpack#16491
• @​jakebailey made their first contribution in webpack/webpack#16614
• @​akhilgkrishnan made their first contribution in webpack/webpack#16446
• @​ryanwilsonperkin made their first contribution in webpack/webpack#16703
• @​piwysocki made their first contribution in webpack/webpack#16493
• @​askoufis made their first contribution in webpack/webpack#16781

Full Changelog: https://github.com/webpack/webpack/compare/v5.75.0...v5.76.0

v5.75.0

Bugfixes

• experiments.* normalize to false when opt-out
• avoid NaN%
• show the correct error when using a conflicting chunk name in code
• HMR code tests existance of window before trying to access it
• fix eval-nosources-* actually exclude sources
• fix race condition where no module is returned from processing module
• fix position of standalong semicolon in runtime code

Features

• add support for @import to extenal CSS when using experimental CSS in node

... (truncated)

Commits

• 21be52b Merge pull request #16804 from webpack/chore-patch-release
• 1cce945 chore(release): 5.76.1
• e76ad9e Merge pull request #16803 from ryanwilsonperkin/revert-16759-real-content-has...
• 52b1b0e Revert "Improve performance of hashRegExp lookup"
• c989143 Merge pull request #16766 from piranna/patch-1
• 710eaf4 Merge pull request #16789 from dmichon-msft/contenthash-hashsalt
• 5d64468 Merge pull request #16792 from webpack/update-version
• 67af5ec chore(release): 5.76.0
• 97b1718 Merge pull request #16781 from askoufis/loader-context-target-type
• b84efe6 Merge pull request #16759 from ryanwilsonperkin/real-content-hash-regex-perf
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for webpack since your current version.

---

Dependabot commands

You can trigger Dependabot actions by commenting on this MR

• $dependabot rebase will rebase this MR
• $dependabot recreate will recreate this MR rewriting all the manual changes and resolving conflicts