H-6326: Update copy-webpack-plugin, terser-webpack-plugin, serialize-javascript

[CiaranMn]

🌟 What is the purpose of this PR?

Update deps to eliminate dependency on vulnerable serialize-javascript version.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
hash	Ready	Preview, Comment	Mar 13, 2026 10:35am
petrinaut	Ready	Preview, Comment	Mar 13, 2026 10:35am

2 Skipped Deployments

Project	Deployment	Actions	Updated (UTC)
hashdotdesign	Ignored		Mar 13, 2026 10:35am
hashdotdesign-tokens	Ignored		Mar 13, 2026 10:35am

[cursor]

PR Summary

Medium Risk
Moderate risk because it upgrades copy-webpack-plugin across major versions and updates terser-webpack-plugin, which can change webpack build behavior/output for the browser extension. No runtime/business-logic changes beyond dependency resolution updates.

Overview
Updates the @apps/plugin-browser build toolchain by bumping copy-webpack-plugin from 11.0.0 to 14.0.0 and terser-webpack-plugin from 5.3.14 to 5.4.0.

Lockfile changes reflect the dependency graph shift that removes the older vulnerable serialize-javascript@6.x and brings in serialize-javascript@7.x via the updated webpack plugins.

^{Written by Cursor Bugbot for commit fc2780f. This will update automatically on new commits. Configure here.}

[augmentcode]

🤖 Augment PR Summary

Summary: Updates webpack build-tooling dependencies for @apps/plugin-browser to remove reliance on a vulnerable transitive serialize-javascript version.

Changes:

• Bumped copy-webpack-plugin from 11.0.0 → 14.0.0.
• Bumped terser-webpack-plugin from 5.3.14 → 5.4.0.
• Updated yarn.lock to reflect the refreshed dependency tree.

Technical Notes: Includes a major version upgrade in the webpack asset-copy pipeline; ensure the extension build output remains unchanged.

_{🤖 Was this summary useful? React with 👍 or 👎}

[augmentcode]

Review completed. 2 suggestions posted.

Comment augment review to trigger a new review at any time.