[Snyk] Security upgrade webpack from 1.15.0 to 2.2.0

[karlhorky]

Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

• package.json
• package-lock.json

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Function Call With Incorrect Argument Type SNYK-JS-SHAJS-12089400	776

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

[netlify]

❌ Deploy Preview for xrespond-upleveled failed.

Name	Link
🔨 Latest commit	787cb38
🔍 Latest deploy log	https://app.netlify.com/projects/xrespond-upleveled/deploys/696ece02c9d1b00008da6bf5

[Copilot]

Pull request overview

This PR upgrades webpack from 1.15.0 to 2.2.0 to address a critical security vulnerability (SNYK-JS-SHAJS-12089400) with a severity score of 776. The upgrade is a major version change (1.x to 2.x) that brings significant dependency updates including enhanced crypto libraries, updated build tools, and newer file system watchers.

Changes:

• Upgrades webpack from ^1.13.2 to ^2.2.0 in package.json
• Updates package-lock.json with all transitive dependencies, including security-related packages like crypto-browserify, browserify-sign, and sha.js

Reviewed changes

Copilot reviewed 1 out of 2 changed files in this pull request and generated 1 comment.

File	Description
package.json	Updates webpack dependency version from ^1.13.2 to ^2.2.0
package-lock.json	Updates webpack and all transitive dependencies; adds new security-focused crypto packages and updates build tooling

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The webpack-dev-server version (^1.15.0) is incompatible with webpack 2.x. Webpack 2.x requires webpack-dev-server 2.x or higher. This version mismatch will likely cause runtime errors when trying to use the development server. The webpack-dev-server should be upgraded to at least version 2.2.0 to be compatible with webpack 2.2.0.

Suggested change

	"webpack-dev-server": "^1.15.0",
	"webpack-dev-server": "^2.2.0",