Showing results for 
Search instead for 
Did you mean: 

Webpack in pcf-scripts out of date



We have a high prioritiy security issue with the specified version of webpack (4.28.4) in the pcf-scripts npm package. Unfortunately it specifies exactly that version in package.json.


Is it ok to resolve to the latest webpack version or would this cause issues to pcf-scripts package?


The soon-to-be-released March refresh for pcf-scripts (ETA mid next week) has already been updated to:

    "webpack": "4.42.1",


It got flagged by our internal compliance/security tracking as well.

To work around until then, yes, you should be able to locally resolve to the latest 4.42.1

While we are in this area, my gitgub repository is complaining about a number of security vulnerabilities with some webpack dependencies (but not yet webpack itself).


Minimist - Upgrade minimist to version 1.2.3 or later. 

acorn - Upgrade acorn to version 5.7.4 or later

kind-of - Upgrade kind-of to version 6.0.3 or later


Will this next release resolve these complaints as well?

If this post has answered your question please consider it for "Accept as Solution" or if it has been helpful give it a "Thumbs Up".

Helpful resources

PA User Group

Welcome to the User Group Public Preview

Check out new user group experience and if you are a leader please create your group


Demo Extravaganza Winner Announcement

Please join us on Wednesday, July 21st at 8a PDT. We will be announcing the Winners of the Demo Extravaganza!

V3_PVA CAmpaign Carousel.png

Community Challenge - Giveaways!

Participate in the Power Virtual Agents Community Challenge

Carousel 2021 Release Wave 2 Plan 768x460.jpg

2021 Release Wave 2 Plan

Power Platform release plan for the 2021 release wave 2 describes all new features releasing from October 2021 through March 2022.

Users online (3,026)