[Snyk] Upgrade rollup-plugin-typescript2 from 0.20.1 to 0.34.1 #45

snyk-bot · 2023-06-04T00:19:53Z

Snyk has created this PR to upgrade rollup-plugin-typescript2 from 0.20.1 to 0.34.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 28 versions ahead of your current version.
The recommended version was released 8 months ago, on 2022-10-03.

The recommended version fixes:

Issue	PriorityScore (*)	Exploit Maturity
Denial of Service (DoS) SNYK-JS-DECODEURICOMPONENT-3149970	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
Prototype Pollution SNYK-JS-UNSETVALUE-2400660	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
Validation Bypass SNYK-JS-KINDOF-537849	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: rollup-plugin-typescript2

0.34.1 - 2022-10-03
Bugfixes
- fix: don't error out while catching a buildStart error by @ agilgur5 in #422
  - This fixes an initialization regression in 0.34.0 where users saw TypeError: Cannot read property 'done' of undefined instead of their actual initialization error, such as a tsconfig issue (such as with #421)
- fix: add compatibility checks w/ semver by @ agilgur5 in #424
  - 0.34.0 introduced a type-only fix that relied on Rollup 2.60.0+ and would (accidentally) error out on older versions of Rollup. This fix handles it gracefully with a clear warning message instead and skips that check when using an older version of Rollup (i.e. partly backward-compatible).
  - This also adds an error if peerDependencies minimum versions have not been met
- fix: don't resolve filtered files by @ agilgur5 in #428
  - This fixes a regression from 0.33.0 that could cause rpt2 to (accidentally) resolve files that should have been filtered out by the plugin include/exclude (such as with #427)
Internal (testing, refactors)
- clean(deps): remove unused @ types/resolve by @ agilgur5 in #423
- test: increase no-errors integration timeout to 20s by @ agilgur5 in #425
Full Changelog: 0.34.0...0.34.1
0.34.0 - 2022-09-12
Bugfixes
- fix: handle all type-only imports by piping TS imports by @ agilgur5 in #406
  - If you have ever had issues with some files not being type-checked or not generating declarations, this should conclusively fix all such issues. This type of issue used to occur if you had a type-only / interface-only / emit-less file, i.e. a file with only TS types and interfaces that would produce no JS.
    - For instance: #211, #298, #409, etc
  - NOTE: This requires Rollup version 2.60.0+ as it requires the use of this.load
    - 0.34.0 will (accidentally) error out on older versions of Rollup. 0.34.1 patched this to instead give a warning and skip this check on older versions of Rollup.
More Fixes ...
- fix(dx): remove extra quote in emitDeclarationOnly log statement by @ agilgur5 in #412
Docs
- docs: add a simple CHANGELOG.md that references GH releases by @ agilgur5 in #419
  - i.e. it references this page
Internal (testing, refactors)
- test: ensure declarationMap sources are correct by @ agilgur5 in #403
- test: add print-diagnostics spec by @ agilgur5 in #405
More Internal ...
- refactor(test): heavily simplify the context helper by @ agilgur5 in #404
- refactor: combine check-tsconfig with parse-tsconfig by @ agilgur5 in #413
- clean: remove ConsoleContext entirely by using buildStart by @ agilgur5 in #414
- refactor(cache): simplify creating / using the cache var by @ agilgur5 in #415
- refactor: consolidate diagnostics funcs into single file by @ agilgur5 in #415
Full Changelog: 0.33.0.1...0.34.0
0.33.0 - 2022-08-19
- similar to the other safety checks in clean, this won't be hit during normal usage
0.32.1 - 2022-06-06
Bugfixes
- deps: upgrade @ rollup/plugin-commonjs to v22 to fix try/catch requires by @ agilgur5 in #340
  - This fixes a regression in 0.32.0 that caused users with certain environments to experience ReferenceError: window is not defined when importing rpt2. See #339
Full Changelog: 0.32.0...0.32.1
0.32.0 - 2022-06-01
Read more
0.31.2 - 2022-02-01
What's Changed
- chore: should not lock deps version by @ bluelovers in #293
- Add trace method to the LanguageServiceHost to enable usage with traceResolution by @ Andarist in #296
Full Changelog: 0.31.1...0.31.2
0.31.1 - 2021-11-23
Fix for #291

Full Changelog: 0.31.0...0.31.1
0.31.0 - 2021-11-17
- PR #290 fix for tslib on node 17
- Updated dependencies
0.30.0 - 2021-02-18
#251 Fix duplicate output with multiple entry points
allowing ES2020 module type in tsconfig
0.29.0 - 2020-10-30
0.28.0 - 2020-10-16
0.27.3 - 2020-09-25
0.27.2 - 2020-08-07
0.27.1 - 2020-05-12
0.27.0 - 2020-03-27
0.26.0 - 2020-02-12
0.25.3 - 2019-12-03
0.25.2 - 2019-11-05
0.24.3 - 2019-09-26
0.24.2 - 2019-09-12
0.24.1 - 2019-09-09
0.24.0 - 2019-08-28
0.23.0 - 2019-08-23
0.22.1 - 2019-07-26
0.22.0 - 2019-07-11
0.21.2 - 2019-06-17
0.21.1 - 2019-05-17
0.21.0 - 2019-04-23
0.20.1 - 2019-03-13