Update dependency webpack-bundle-analyzer to v3.3.2 [SECURITY]

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
webpack-bundle-analyzer	3.3.0 → 3.3.2

GitHub Vulnerability Alerts

GHSA-pgr8-jg6h-8gw6

Versions of webpack-bundle-analyzer prior to 3.3.2 are vulnerable to Cross-Site Scripting. The package uses JSON.stringify() without properly escaping input which may lead to Cross-Site Scripting.

Recommendation

Upgrade to version 3.3.2 or later.

---

Release Notes

webpack/webpack-bundle-analyzer (webpack-bundle-analyzer)

v3.3.2

Compare Source

• Bug Fix
  • Fix regression with escaping internal assets (#​264, fixes #​263)

v3.3.1

Compare Source

• Improvements

  • Use relative links for serving internal assets (#​261, fixes #​254)
  • Properly escape embedded JS/JSON (#​262)

• Bug Fix

  • Fix showing help message on -h flag (#​260, fixes #​239)

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

Renovate Ignore Notification

Because you closed this PR without merging, Renovate will ignore this update (^3.0.0). You will get a PR once a newer version is released. To ignore this dependency forever, add it to the ignoreDeps array of your Renovate config.

If you accidentally closed this PR, or if you changed your mind: rename this PR to get a fresh replacement PR.