Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

chore(deps-dev): bump terser from 5.10.0 to 5.15.1 #988

Closed
wants to merge 1 commit into from
Closed

chore(deps-dev): bump terser from 5.10.0 to 5.15.1 #988

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 17, 2022
edited
Loading

Bumps terser from 5.10.0 to 5.15.1.

Changelog

Sourced from terser's changelog.

v5.15.1

  • Fixed missing parentheses around optional chains
  • Avoid bare let or const as the bodies of if statements (#1253)
  • Small internal fixes (#1271)
  • Avoid inlining a class twice and creating two equivalent but !== classes.

v5.15.0

  • Basic support for ES2022 class static initializer blocks.
  • Add AudioWorkletNode constructor options to domprops list (#1230)
  • Make identity function inliner not inline id(...expandedArgs)

v5.14.2

  • Security fix for RegExps that should not be evaluated (regexp DDOS)
  • Source maps improvements (#1211)
  • Performance improvements in long property access evaluation (#1213)

v5.14.1

  • keep_numbers option added to TypeScript defs (#1208)
  • Fixed parsing of nested template strings (#1204)

v5.14.0

  • Switched to @​jridgewell/source-map for sourcemap generation (#1190, #1181)
  • Fixed source maps with non-terminated segments (#1106)
  • Enabled typescript types to be imported from the package (#1194)
  • Extra DOM props have been added (#1191)
  • Delete the AST while generating code, as a means to save RAM

v5.13.1

  • Removed self-assignments (varname=varname) (closes #1081)
  • Separated inlining code (for inlining things into references, or removing IIFEs)
  • Allow multiple identifiers with the same name in var destructuring (eg var { a, a } = x) (#1176)

v5.13.0

  • All calls to eval() were removed (#1171, #1184)
  • source-map was updated to 0.8.0-beta.0 (#1164)
  • NavigatorUAData was added to domprops to avoid property mangling (#1166)

v5.12.1

  • Fixed an issue with function definitions inside blocks (#1155)
  • Fixed parens of new in some situations (closes #1159)

v5.12.0

  • TERSER_DEBUG_DIR environment variable
  • @​copyright comments are now preserved with the comments="some" option (#1153)

... (truncated)

Commits
  • 4255fb3 5.15.1
  • d31c829 update changelog
  • bb2e20f take optional chains into account when locating the left-most item in an expr...
  • 350f965 some cleanups
  • 5fc3925 Update actions/setup-node action to v3 (#1156)
  • be73559 Update actions/upload-artifact action to v3 (#1161)
  • 666f79e chore(deps): update actions/checkout action to v3 (#1158)
  • 3652dce fix: incorrect to_simple_statement (#1253)
  • 34e8262 chore: fixed a couple of typos (#1271)
  • 089e32a avoid a class being inlined twice when identity can be compared. (close #1267)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot requested review from styfle and Timer as code owners October 17, 2022 17:45
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Oct 17, 2022
@dependabot dependabot bot mentioned this pull request Oct 17, 2022
Closed
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/terser-5.15.1 branch 2 times, most recently from f9ce8c2 to 8fdde16 Compare November 2, 2022 04:40
@dependabot
chore(deps-dev): bump terser from 5.10.0 to 5.15.1
fdbae3a 
Bumps [terser](https://github.com/terser/terser) from 5.10.0 to 5.15.1.
- [Release notes](https://github.com/terser/terser/releases)
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](terser/terser@v5.10.0...v5.15.1)

---
updated-dependencies:
- dependency-name: terser
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/terser-5.15.1 branch from 8fdde16 to fdbae3a Compare November 4, 2022 02:50
@heypiotr heypiotr mentioned this pull request Nov 8, 2022
Merged
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Nov 27, 2022

Superseded by #1004.

@dependabot dependabot bot closed this Nov 27, 2022
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/terser-5.15.1 branch November 27, 2022 02:33
styfle pushed a commit that referenced this pull request Nov 27, 2022
@heypiotr
fix: node 18 by update source-map used by Terser to 0.7.4 (#999)
2f69f83 
Fixes minification failing on Node 18 with:

> You must provide the URL of lib/mappings.wasm by calling
SourceMapConsumer.initialize({ 'lib/mappings.wasm': ... }) before using
SourceMapConsumer

mozilla/source-map#454

There's also an open dependabot PR to bump the Terser version itself, I
confirmed that also fixes the issue:
[chore(deps-dev): bump terser from 5.10.0 to
5.15.1](#988)
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@styfle styfle Awaiting requested review from styfle styfle is a code owner

@Timer Timer Awaiting requested review from Timer Timer is a code owner

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants