Skip to content
This repository has been archived by the owner on Sep 11, 2022. It is now read-only.

chore(deps-dev): bump terser from 5.7.0 to 5.14.2 #95

Closed
wants to merge 1 commit into from
Closed

chore(deps-dev): bump terser from 5.7.0 to 5.14.2 #95

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Jul 14, 2022

Bumps terser from 5.7.0 to 5.14.2.

Changelog

Sourced from terser's changelog.

v5.14.2

  • Security fix for RegExps that should not be evaluated (regexp DDOS)
  • Source maps improvements (#1211)
  • Performance improvements in long property access evaluation (#1213)

v5.14.1

  • keep_numbers option added to TypeScript defs (#1208)
  • Fixed parsing of nested template strings (#1204)

v5.14.0

  • Switched to @​jridgewell/source-map for sourcemap generation (#1190, #1181)
  • Fixed source maps with non-terminated segments (#1106)
  • Enabled typescript types to be imported from the package (#1194)
  • Extra DOM props have been added (#1191)
  • Delete the AST while generating code, as a means to save RAM

v5.13.1

  • Removed self-assignments (varname=varname) (closes #1081)
  • Separated inlining code (for inlining things into references, or removing IIFEs)
  • Allow multiple identifiers with the same name in var destructuring (eg var { a, a } = x) (#1176)

v5.13.0

  • All calls to eval() were removed (#1171, #1184)
  • source-map was updated to 0.8.0-beta.0 (#1164)
  • NavigatorUAData was added to domprops to avoid property mangling (#1166)

v5.12.1

  • Fixed an issue with function definitions inside blocks (#1155)
  • Fixed parens of new in some situations (closes #1159)

v5.12.0

  • TERSER_DEBUG_DIR environment variable
  • @​copyright comments are now preserved with the comments="some" option (#1153)

v5.11.0

  • Unicode code point escapes (\u{abcde}) are not emitted inside RegExp literals anymore (#1147)
  • acorn is now a regular dependency

v5.10.0

  • Massive optimization to max_line_len (#1109)
  • Basic support for import assertions
  • Marked ES2022 Object.hasOwn as a pure function
  • Fix delete optional?.property
  • New CI/CD pipeline with github actions (#1057)

... (truncated)

Commits

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps-dev): bump terser from 5.7.0 to 5.14.2
806e6cc 
Bumps [terser](https://github.com/terser/terser) from 5.7.0 to 5.14.2.
- [Release notes](https://github.com/terser/terser/releases)
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/terser/terser/commits)

---
updated-dependencies:
- dependency-name: terser
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot requested a review from sousuke0422 July 14, 2022 10:42
@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Jul 14, 2022

The following labels could not be found: Type: Dependencies.

@dependabot dependabot bot mentioned this pull request Jul 14, 2022
Closed
@codecov
Copy link

codecov bot commented Jul 14, 2022

Codecov Report

❗ No coverage uploaded for pull request base (dev@3d64938). Click here to learn what that means.
The diff coverage is n/a.

@@           Coverage Diff           @@
##             dev       #95   +/-   ##
=======================================
  Coverage       ?   100.00%           
=======================================
  Files          ?       299           
  Lines          ?     10259           
  Branches       ?      2522           
=======================================
  Hits           ?     10259           
  Misses         ?         0           
  Partials       ?         0
Flag Coverage Δ
unittests 100.00% <0.00%> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 3d64938...806e6cc. Read the comment docs.

@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Aug 24, 2022

Superseded by #106.

@dependabot dependabot bot closed this Aug 24, 2022
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/terser-5.14.2 branch August 24, 2022 10:26
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@sousuke0422 sousuke0422 Awaiting requested review from sousuke0422

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants