[Snyk] Upgrade rollup from 2.32.1 to 2.52.2

[snyk-bot]

Snyk has created this PR to upgrade rollup from 2.32.1 to 2.52.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 59 versions ahead of your current version.
• The recommended version was released 23 days ago, on 2021-06-21.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	265/1000 Why? CVSS 5.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	265/1000 Why? CVSS 5.3	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: rollup

• 2.52.2 - 2021-06-21
  

  2021-06-21

  Bug Fixes

  • Support falsy plugins in types (#4144)
  • Do not require return value in renderChunkHook type (#4144)

  Pull Requests

  • #4144: Use TypeScript config and improve some types (@ lukastaegert)
• 2.52.1 - 2021-06-17
  

  2021-06-17

  Bug Fixes

  • Fix a memory leak in watch mode (#4142)

  Pull Requests

  • #4142: Make array and object prototype singletons immutable for now (@ lukastaegert)
• 2.52.0 - 2021-06-16
  

  2021-06-16

  Features

  • Add --configPlugin CLI option to apply plugins to the config file for e.g. TypeScript configs (#3835)
  • Add "safest" and "smallest" presets to tree-shaking options for easier configuration (#4131)
  • Add treeshake.correctVarValueBeforeDeclaration option to deoptimize var declarations (#4139)

  Pull Requests

  • #3835: Add typescript config support (@ TheRealSyler)
  • #4131: Add presets to the tree-shaking options (@ lukastaegert)
  • #4139: Add option to deoptimize var declarations for tree-shaking (@ lukastaegert)
  • #4141: Update dependencies (@ lukastaegert)
• 2.51.2 - 2021-06-11
  

  2021-06-11

  Bug Fixes

  • Include modules imported from no-treeshake modules even if they would be empty (#4138)

  Pull Requests

  • #4138: Include all dependencies from modules with no-treeshake (@ lukastaegert)
• 2.51.1 - 2021-06-08
  

  2021-06-08

  Bug Fixes

  • Fix error when using defineConfig (#4134)

  Pull Requests

  • #4134: export rollup.defineConfig at runtime (@ mshrtsr)
• 2.51.0 - 2021-06-06
  

  2021-06-06

  Features

  • Add a helper for IntelliSense support in config files (#4127)

  Bug Fixes

  • Improve performance when generating source maps (#4122)

  Pull Requests

  • #4122: User Map to optimize performance (@ izevo)
  • #4127: Export defineConfig defines the auxiliary function of the configuration (@ rxliuli)
• 2.50.6 - 2021-06-03
  

  2021-06-03

  Bug Fixes

  • Do not consider the object spread operator as side effect when propertyReadSideEffects are false (#4119)
  • Detect side effects when returning thenables from async arrow functions (#4120)

  Pull Requests

  • #4119: Respect propertyReadSideEffects in spread elements (@ lukastaegert)
  • #4120: Detect async arrow thenable side effects (@ lukastaegert)
• 2.50.5 - 2021-05-30
  

  2021-05-30

  Bug Fixes

  • Detect side effects when accessing thenables (#4115)

  Pull Requests

  • #4114: use colorette instead of turbocolor (@ ryuever)
  • #4115: Tracks side effects of thenables (@ lukastaegert)
• 2.50.4 - 2021-05-29
  

  2021-05-29

  Bug Fixes

  • Fix a situation where tree-shaking would stop including nodes prematurely (#4111)
  • Track mutations and accessor side effects when using __proto__ in an object literal (#4112)
  • Check for getter effects when spreading an object (#4113)

  Pull Requests

  • #4111: Always request a new tree-shaking pass when deoptimizations of a node are first included (@ lukastaegert)
  • #4112: Actually set the prototype when using a proto property (@ lukastaegert)
  • #4113: Track access side effects when using object spread operator (@ lukastaegert)
• 2.50.3 - 2021-05-28
  

  2021-05-28

  Bug Fixes

  • Wrap parentheses around leading elements in simplified sequence expressions if this would otherwise lead to invalid code (#4110)
  • Do not associate block soped variables in catch clauses with the clause parameter (#4108)
  • Do not associate hoisted variables in catch clauses with outside variables if they match the parameter (#4108)
  • Use correct "this" context for tagged template literal member expressions in simplified sequences (#4110)

  Pull Requests

  • #4108: Correctly handle catch declarations (@ lukastaegert)
  • #4110: Invalid sequence expression simplification (@ lukastaegert)
• 2.50.2 - 2021-05-27
• 2.50.1 - 2021-05-26
• 2.50.0 - 2021-05-25
• 2.49.0 - 2021-05-23
• 2.49.0-1 - 2021-05-20
• 2.49.0-0 - 2021-05-18
• 2.48.0 - 2021-05-15
• 2.47.0 - 2021-05-04
• 2.46.0 - 2021-04-29
• 2.45.2 - 2021-04-13
• 2.45.1 - 2021-04-10
• 2.45.0 - 2021-04-09
• 2.44.0 - 2021-03-29
• 2.43.1 - 2021-03-28
• 2.43.0 - 2021-03-27
• 2.42.4 - 2021-03-24
• 2.42.3 - 2021-03-22
• 2.42.2 - 2021-03-22
• 2.42.1 - 2021-03-20
• 2.42.0 - 2021-03-19
• 2.41.5 - 2021-03-18
• 2.41.4 - 2021-03-16
• 2.41.3 - 2021-03-16
• 2.41.2 - 2021-03-12
• 2.41.1 - 2021-03-11
• 2.41.0 - 2021-03-09
• 2.40.0 - 2021-02-26
• 2.39.1 - 2021-02-23
• 2.39.0 - 2021-02-12
• 2.38.5 - 2021-02-05
• 2.38.4 - 2021-02-02
• 2.38.3 - 2021-02-01
• 2.38.2 - 2021-01-31
• 2.38.1 - 2021-01-28
• 2.38.0 - 2021-01-22
• 2.37.1 - 2021-01-20
• 2.37.0 - 2021-01-19
• 2.36.2 - 2021-01-16
• 2.36.1 - 2021-01-06
• 2.36.0 - 2021-01-05
• 2.35.1 - 2020-12-14
• 2.35.0 - 2020-12-14
• 2.34.2 - 2020-12-06
• 2.34.1 - 2020-12-03
• 2.34.0 - 2020-11-29
• 2.33.3 - 2020-11-18
• 2.33.2 - 2020-11-14
• 2.33.1 - 2020-11-02
• 2.33.0 - 2020-11-01
• 2.32.1 - 2020-10-21

from rollup GitHub release notes

Commit messages

Package name: rollup

• a9346ba 2.52.2
• 5a2e959 Update changelog
• 5b53d28 Use TypeScript config and improve some types (doc: add iarna to collaborators nodejs/node#4144)
• bef5fe8 2.52.1
• 9c033e8 Update changelog
• aa1b227 Make array and object prototype singletons immutable for now (doc: add zkat to collaborators nodejs/node#4142)
• c4f9d13 2.52.0
• 1dc87a1 Update changelog
• 40c1c6c Add option to deoptimize var declarations for tree-shaking (Bug: Can't bind to IPv6 localAddress while using https.request() nodejs/node#4139)
• 86e8510 Add presets to the tree-shaking options (build,src: add Intel Vtune profiling support nodejs/node#4131)
• 7212516 Update dependencies (stream: be less eager with readable flag nodejs/node#4141)
• 9a2775b add typescript config support (repl: allow leading period in multiline input nodejs/node#3835)
• bfae791 2.51.2
• cc58a23 Update changelog
• 01e2162 Includes all dependencies from modules with no-treeshake (doc: improve strictly nodejs/node#4138)
• 76dedd6 2.51.1
• 7739204 Update changelog
• 26fd18c Add clarifying note to PR template (deps: backport 200315c from V8 upstream (v4.x) nodejs/node#4128)
• f46b80a fix: export `rollup.defineConfig` at runtime (Upgrade to opessl-1.0.2e nodejs/node#4134)
• 526b97e Fix broken links
• 592b9fe 2.51.0
• 52d271e Update changelog
• 172c114 perf: User Map to optimize performance (meta: remove use of profanity in source nodejs/node#4122)
• d985955 feat: Export defineConfig defines the auxiliary function of the configuration (OCSP requests received with cert=issuer=null when server started with PFX nodejs/node#4127)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs