Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade esbuild from 0.15.18 to 0.19.3 #90

Open
wants to merge 1 commit into
base: gsoltis/libturbo
Choose a base branch
from
Open

[Snyk] Upgrade esbuild from 0.15.18 to 0.19.3 #90

wants to merge 1 commit into from

Conversation

X-oss-byte
Copy link
Owner

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade esbuild from 0.15.18 to 0.19.3.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 63 versions ahead of your current version.
  • The recommended version was released 22 days ago, on 2023-09-14.
Release notes
Package name: esbuild
  • 0.19.3 - 2023-09-14

    • Fix list-style-type with the local-css loader (#3325)

      The local-css loader incorrectly treated all identifiers provided to list-style-type as a custom local identifier. That included identifiers such as none which have special meaning in CSS, and which should not be treated as custom local identifiers. This release fixes this bug:

      / Original code */
      ul { list-style-type: none }

      /* Old output (with --loader=local-css) */
      ul {
      list-style-type: stdin_none;
      }

      /* New output (with --loader=local-css) */
      ul {
      list-style-type: none;
      }

      Note that this bug only affected code using the local-css loader. It did not affect code using the css loader.

    • Avoid inserting temporary variables before use strict (#3322)

      This release fixes a bug where esbuild could incorrectly insert automatically-generated temporary variables before use strict directives:

      // Original code
      function foo() {
      'use strict'
      a.b?.c()
      }

      // Old output (with --target=es6)
      function foo() {
      var _a;
      "use strict";
      (_a = a.b) == null ? void 0 : _a.c();
      }

      // New output (with --target=es6)
      function foo() {
      "use strict";
      var _a;
      (_a = a.b) == null ? void 0 : _a.c();
      }

    • Adjust TypeScript enum output to better approximate tsc (#3329)

      TypeScript enum values can be either number literals or string literals. Numbers create a bidirectional mapping between the name and the value but strings only create a unidirectional mapping from the name to the value. When the enum value is neither a number literal nor a string literal, TypeScript and esbuild both default to treating it as a number:

      // Original TypeScript code
      declare const foo: any
      enum Foo {
      NUMBER = 1,
      STRING = 'a',
      OTHER = foo,
      }

      // Compiled JavaScript code (from "tsc")
      var Foo;
      (function (Foo) {
      Foo[Foo["NUMBER"] = 1] = "NUMBER";
      Foo["STRING"] = "a";
      Foo[Foo["OTHER"] = foo] = "OTHER";
      })(Foo || (Foo = {}));

      However, TypeScript does constant folding slightly differently than esbuild. For example, it may consider template literals to be string literals in some cases:

      // Original TypeScript code
      declare const foo = 'foo'
      enum Foo {
      PRESENT = <span class="pl-s1"><span class="pl-kos">${</span><span class="pl-s1">foo</span><span class="pl-kos">}</span></span>,
      MISSING = <span class="pl-s1"><span class="pl-kos">${</span><span class="pl-s1">bar</span><span class="pl-kos">}</span></span>,
      }

      // Compiled JavaScript code (from "tsc")
      var Foo;
      (function (Foo) {
      Foo["PRESENT"] = "foo";
      Foo[Foo["MISSING"] = <span class="pl-s1"><span class="pl-kos">${</span><span class="pl-s1">bar</span><span class="pl-kos">}</span></span>] = "MISSING";
      })(Foo || (Foo = {}));

      The template literal initializer for PRESENT is treated as a string while the template literal initializer for MISSING is treated as a number. Previously esbuild treated both of these cases as a number but starting with this release, esbuild will now treat both of these cases as a string. This doesn't exactly match the behavior of tsc but in the case where the behavior diverges tsc reports a compile error, so this seems like acceptible behavior for esbuild. Note that handling these cases completely correctly would require esbuild to parse type declarations (see the declare keyword), which esbuild deliberately doesn't do.

    • Ignore case in CSS in more places (#3316)

      This release makes esbuild's CSS support more case-agnostic, which better matches how browsers work. For example:

      / Original code */
      @ KeyFrames Foo { From { OpaCity: 0 } To { OpaCity: 1 } }
      body { CoLoR: YeLLoW }

      /* Old output (with --minify) */
      @ KeyFrames Foo{From {OpaCity: 0} To {OpaCity: 1}}body{CoLoR:YeLLoW}

      /* New output (with --minify) */
      @ KeyFrames Foo{0%{OpaCity:0}To{OpaCity:1}}body{CoLoR:#ff0}

      Please never actually write code like this.

    • Improve the error message for null entries in exports (#3377)

      Package authors can disable package export paths with the exports map in package.json. With this release, esbuild now has a clearer error message that points to the null token in package.json itself instead of to the surrounding context. Here is an example of the new error message:

      ✘ [ERROR] Could not resolve "msw/browser"

      lib/msw-config.ts:2:28:
  2 │ import { setupWorker } from 'msw/browser';
    ╵                             ~~~~~~~~~~~~~

      The path "./browser" cannot be imported from package "msw" because it was explicitly disabled by
      the package author here:

      node_modules/msw/package.json:17:14:
  17 │       "node": null,
     ╵               ~~~~

      You can mark the path "msw/browser" as external to exclude it from the bundle, which will remove
      this error and leave the unresolved path in the bundle.

    • Parse and print the with keyword in import statements

      JavaScript was going to have a feature called "import assertions" that adds an assert keyword to import statements. It looked like this:

      import stuff from './stuff.json' assert { type: 'json' }

      The feature provided a way to assert that the imported file is of a certain type (but was not allowed to affect how the import is interpreted, even though that's how everyone expected it to behave). The feature was fully specified and then actually implemented and shipped in Chrome before the people behind the feature realized that they should allow it to affect how the import is interpreted after all. So import assertions are no longer going to be added to the language.

      Instead, the current proposal is to add a feature called "import attributes" instead that adds a with keyword to import statements. It looks like this:

      import stuff from './stuff.json' with { type: 'json' }

      This feature provides a way to affect how the import is interpreted. With this release, esbuild now has preliminary support for parsing and printing this new with keyword. The with keyword is not yet interpreted by esbuild, however, so bundling code with it will generate a build error. All this release does is allow you to use esbuild to process code containing it (such as removing types from TypeScript code). Note that this syntax is not yet a part of JavaScript and may be removed or altered in the future if the specification changes (which it already has once, as described above). If that happens, esbuild reserves the right to remove or alter its support for this syntax too.

  • 0.19.2 - 2023-08-14
    Read more
  • 0.19.1 - 2023-08-11
    Read more
  • 0.19.0 - 2023-08-08
    Read more
  • 0.18.20 - 2023-08-08

    • Support advanced CSS @ import rules (#953, #3137)

      CSS @ import statements have been extended to allow additional trailing tokens after the import path. These tokens sort of make the imported file behave as if it were wrapped in a @ layer, @ supports, and/or @ media rule. Here are some examples:

      @ import url(foo.css);
@ import url(foo.css) layer;
@ import url(foo.css) layer(bar);
@ import url(foo.css) layer(bar) supports(display: flex);
@ import url(foo.css) layer(bar) supports(display: flex) print;
@ import url(foo.css) layer(bar) print;
@ import url(foo.css) supports(display: flex);
@ import url(foo.css) supports(display: flex) print;
@ import url(foo.css) print;

      You can read more about this advanced syntax here. With this release, esbuild will now bundle @ import rules with these trailing tokens and will wrap the imported files in the corresponding rules. Note that this now means a given imported file can potentially appear in multiple places in the bundle. However, esbuild will still only load it once (e.g. on-load plugins will only run once per file, not once per import).

  • 0.18.19 - 2023-08-07
    Read more
  • 0.18.18 - 2023-08-05
    Read more
  • 0.18.17 - 2023-07-26
    Read more
  • 0.18.16 - 2023-07-23

    • Fix a regression with whitespace inside :is() (#3265)

      The change to parse the contents of :is() in version 0.18.14 introduced a regression that incorrectly flagged the contents as a syntax error if the contents started with a whitespace token (for example div:is( .foo ) {}). This regression has been fixed.

  • 0.18.15 - 2023-07-20
    Read more
  • 0.18.14 - 2023-07-18
  • 0.18.13 - 2023-07-15
  • 0.18.12 - 2023-07-13
  • 0.18.11 - 2023-07-01
  • 0.18.10 - 2023-06-26
  • 0.18.9 - 2023-06-26
  • 0.18.8 - 2023-06-25
  • 0.18.7 - 2023-06-24
  • 0.18.6 - 2023-06-20
  • 0.18.5 - 2023-06-20
  • 0.18.4 - 2023-06-16
  • 0.18.3 - 2023-06-15
  • 0.18.2 - 2023-06-13
  • 0.18.1 - 2023-06-12
  • 0.18.0 - 2023-06-09
  • 0.17.19 - 2023-05-13
  • 0.17.18 - 2023-04-22
  • 0.17.17 - 2023-04-16
  • 0.17.16 - 2023-04-10
  • 0.17.15 - 2023-04-01
  • 0.17.14 - 2023-03-26
  • 0.17.13 - 2023-03-24
  • 0.17.12 - 2023-03-17
  • 0.17.11 - 2023-03-03
  • 0.17.10 - 2023-02-20
  • 0.17.9 - 2023-02-19
  • 0.17.8 - 2023-02-13
  • 0.17.7 - 2023-02-09
  • 0.17.6 - 2023-02-06
  • 0.17.5 - 2023-01-27
  • 0.17.4 - 2023-01-22
  • 0.17.3 - 2023-01-18
  • 0.17.2 - 2023-01-17
  • 0.17.1 - 2023-01-16
  • 0.17.0 - 2023-01-14
  • 0.16.17 - 2023-01-11
  • 0.16.16 - 2023-01-08
  • 0.16.15 - 2023-01-07
  • 0.16.14 - 2023-01-04
  • 0.16.13 - 2023-01-02
  • 0.16.12 - 2022-12-28
  • 0.16.11 - 2022-12-27
  • 0.16.10 - 2022-12-19
  • 0.16.9 - 2022-12-18
  • 0.16.8 - 2022-12-16
  • 0.16.7 - 2022-12-14
  • 0.16.6 - 2022-12-14
  • 0.16.5 - 2022-12-13
  • 0.16.4 - 2022-12-10
  • 0.16.3 - 2022-12-08
  • 0.16.2 - 2022-12-08
  • 0.16.1 - 2022-12-07
  • 0.16.0 - 2022-12-07
  • 0.15.18 - 2022-12-05
from esbuild GitHub release notes
Commit messages
Package name: esbuild

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

@stackblitz
Copy link

stackblitz bot commented Oct 6, 2023

Review PR in StackBlitz Codeflow Run & review this pull request in StackBlitz Codeflow.

@changeset-bot
Copy link

changeset-bot bot commented Oct 6, 2023

⚠️ No Changeset found

Latest commit: 723090f

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@X-oss-byte @snyk-bot