Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Confidentiality impact: Low, Integrity impact: Low, Availability impact: None, Scope: Changed, Exploit Maturity: Proof of Concept, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.01055, Social Trends: No, Days since published: 0, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 99, Impact: 4.54, Likelihood: 2.39, Score Version: V5
SNYK-JS-SERIALIZEJAVASCRIPT-6147607
(*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: compression-webpack-plugin
8.0.1 (2021-06-25)
Chore
serialize-javascript
8.0.0 (2021-05-21)
⚠ BREAKING CHANGES
Node.js
version is12.13.0
7.1.2 (2021-01-11)
Bug Fixes
filename
andalgorithm
options are functions (#241) (f33424a)7.1.1 (2020-12-25)
Bug Fixes
7.1.0 (2020-12-18)
Features
Bug Fixes
workbox-webpack-plugin
(#234) (5d54128)7.0.0 (2020-12-02)
⚠ BREAKING CHANGES
^5.1.0
cache
option was removed, the plugin respects caching from configurations, please read6.1.1 (2020-11-12)
Bug Fixes
6.1.0 (2020-11-09)
Features
keep-source-maps
value to thedeleteOriginalAssets
option (#216) (bd60650)6.0.5 (2020-11-02)
Bug Fixes
deleteOriginalAssets
option (62d3d0a)6.0.4 (2020-10-26)
Bug Fixes
algorithm
(483f328)Package name: serialize-javascript
v6.0.1...v6.0.2
What's Changed
New Contributors
Full Changelog: v6.0.0...v6.0.1
Changelog
Behavior changes for URL objects
It serializes URL objects as follows since this version. The result of serialization may be changed if you are passing URL object values into the serialize-javascript.
Thank you @ rrdelaney for this release.
Changelog
Changelog
Behavior changes for sparse arrays
It serializes sparse arrays as follows since this version. The result of serialization may be changed if you are passing sparse arrays values into the serialize-javascript.
var a = [1, 2, 3, 4, 5, 6, 7, 8, 9, 10];
delete a[0];
a.length = 3;
a[5] = 'wat';
serialize(a) // 'Array.prototype.slice.call({"1":2,"2":3,"5":"wat","length":6})'
Thank you @ victorporof for this release.
Changelog
Behavior changes for BigInt
It serializes
BigInt
values as follows since this version. The result of serialization may be changed if you are passingBigInt
values into the serialize-javascript.v4.x:
serialize({big: BigInt('10')}); // '{"big":BigInt("10")}'
v3.x:
serialize({big: BigInt('10')}); // throws error
Thank you @ mum-never-proud for this release.
Note: the
randombytes
has been added to the dependency package to improve the generation of UIDs. Check the #22 for more information. Thanks to @ JordanMilne and @ Siebes for this change.Package name: webpack
Features
Note: While they are officially backward-compatible, it can still happen that a new bugs occurs with terser, which break your production builds. Make sure to validate your production builds after upgrading to this version. (Note that it's always a good idea to test your output assets before deploying.)
If you want to report bugs to terser (https://github.com/terser-js/terser), please provide a minimal repro case with minimized and non-minimized code. You can configure webpack to generate non-minimized code in production mode by setting
optimization.minimize: false
. When reporting a bug to terser, best report a repro case which doesn't require running webpack and is reproducible with only the terser command line.See
optimization.minimizers
configuration option to switch back to uglify-es or provide additional minimize options for terser.Bugfixes
Features
format
option toDllPlugin
to allow generating formated manifest jsonProgressPlugin
to add and remove informationBugfixes
.mjs
Features
DefinePlugin.runtimeValue(() => {...}, true)
is always evaluatedmodule
argument toDefinePlugin.runtimeValue
Bugfixes
Bugfixes
return'development'===process.env.NODE_ENV&&'foo'
Features
watchMode
flag to Compiler to be able to detect watch mode in pluginsremovedFiles
property to Compiler to detect removed filesBugfixes
@ webassemblyjs/*
for bugfixInternal changes
Features
&&
and||
expressionsBugfixes
Performance
Features
output.libraryTarget: "amd-require"
which generates a AMDrequire([], ...)
wrapper instead of adefine([], ...)
wrapperoutput.library
, which exposes the library to a subpropertyBugfixes
__webpack_require__.e
is used at runtime but is not defined in the bundleglobal
typePerformance
Bugfixes
export default
in concatenated modulesBugfixes
libraryTarget: "amd"
without library nameCommit messages
Package name: compression-webpack-plugin
The new version differs by 62 commits.See the full diff
Package name: serialize-javascript
The new version differs by 61 commits.