docs: typo fixes

Feat rewrite wasm

Add fix for normal Function Expression and fix code style for fix #8874

nit webpack#2: eliminate __webpack_external_value__ hardcoded temp var
- Use the module-level localVariable directly instead of a shared temp
- Each external gets its own unique __WEBPACK_EXTERNAL_MODULE_${id}__ var
- Improves naming collision safety when multiple externals share the same scope

nit webpack#1: replace flaky setTimeout in test with deterministic polling
- Add waitForLazyChunk() that polls output directory every 50ms for .chunk. files
- Won't flake on slow CI runners

Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>

…erences

Split initial chunks into two categories: non-entry initial chunks
(e.g. shared split chunks) and entry chunks. Hash them in 4 phases:

1. Async chunks
2. Non-entry initial chunks (shared, vendor, etc.)
3. Runtime chunks (can now read current hashes of #1 and #2)
4. Entry chunks (can now read runtimeChunk.hash)

This ensures all hash dependencies flow in one direction
(async/initial → runtime → entry) with no circular dependencies.

Previously, runtime chunks were hashed before initial chunks, causing
GetChunkFilenameRuntimeModule to read stale cached contentHash values
in watch mode, leading to RealContentHashPlugin errors.

Fixes #20710

Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>

Implements postcss-modules-local-by-default (PCSL) v4.2.0 pure-mode
semantics in webpack's built-in CSS modules parser:

- Every selector must contain at least one local class or id, otherwise
  the rule errors at build. Available on `css/module` and `css/auto`
  parser options; not exposed for `css/global` since pure mode is the
  opposite of the global-by-default semantic of that type.
- `/* cssmodules-pure-ignore */` directly before a rule suppresses
  that rule's check (per-rule only; does NOT propagate to nested rules).
- `/* cssmodules-pure-no-check */` placed among the leading comments
  of the file (before any rule or at-rule) disables the check for the
  whole file.
- Nested rules inside a local-bearing ancestor are treated as pure-
  compliant; `&` resolves to the parent rule's overall purity.
- `@keyframes` / `@counter-style` body contents are exempt; the at-rule
  itself still errors when its identifier is `:global(...)`.
- Rules whose body contains only nested rules don't trigger the check
  (children carry it instead, matching PCSL's `isNodeWithoutDeclarations`).
- At-rules' preludes (e.g. `min-width` inside `@media (...)`) aren't
  mistaken for declarations.

Addresses Copilot review feedback on PR #20946:
- #1: `ancestorHadLocal` now derives from "this rule is fully pure"
  (no impure comma-segment) rather than "last selector had a local",
  so `:global(.a), .b { span { ... } }` correctly throws on `span`.
- #2: `currentRulePreludeStart` now advances on top-level `;` and on
  at-rules that consume their own `;` (e.g. `@import`), so a later
  impure rule's reported selector doesn't include the preceding text.
- #3: `seenTopLevelRule` is set on any non-comment top-level node
  (including `;`-terminated at-rules), matching PCSL's
  `isPureCheckDisabled` leading-comments rule.
- #4: All pure-mode bookkeeping (stack push/pop, `currentSelectorHasLocal`
  writes, etc.) is gated behind `pureMode`, so CSS modules without
  `parser.pure` pay no overhead.

Test coverage: dedicated `test/configCases/css/pure-parser-options/`
plus the existing `postcss-modules-plugins` PCSL fixture enabled with
`parser: { pure: true }` and a full `errors.js` (43 expected throws).

https://claude.ai/code/session_014jWnrU38fbFtCwKGtnnBig

- Fix tsc lint failure: cast the inlined `HTML_ENTITIES` to
  `Readonly<Record<string, string>>` so the two `HTML_ENTITIES[name]`
  call sites type-check (the frozen-literal type was too narrow).

- Copilot #1: replace the `tempBuffer` string in
  `STATE_SCRIPT_DATA_DOUBLE_ESCAPE_START` / `_END` with a small
  `scriptMatch` counter against the literal `"script"`. Worst-case
  inputs with very long ASCII-alpha runs after `</` no longer grow a
  buffer or do quadratic string concatenation. Vestigial
  `tempBuffer = ""` resets in the four content-mode less-than-sign
  states (which never read the buffer) are removed; the
  `tempBuffer` variable is gone.

- Copilot #2: introduce a `MAX_ENTITY_NAME_LEN = 32` constant
  (longest WHATWG entity name including the trailing `;`) and cap
  the named-character-reference alphanumeric run at
  `MAX_ENTITY_NAME_LEN - 1`. Replaces the off-by-one
  `if (runLen > 32) break` with a clearer in-loop bound.

- Copilot #3: cap the `decodeHtmlEntities` longest-prefix backtrack
  at `MAX_ENTITY_NAME_LEN`. Inputs like `&` followed by thousands
  of alphanumerics stay linear-time; anything past the cap is
  appended verbatim.

Adds a regression test that decodes `&` + 1000 chars to confirm the
decoder doesn't go quadratic.

236/236 tests pass, 100% coverage on `walkHtmlTokens.js`,
`yarn lint` (including tsc) clean.

https://claude.ai/code/session_01N4rd8xuv5oRaHWFL8dFpwh