Puzzlepart / spfx-solutions

Free SharePoint Framework solutions by Puzzlepart
MIT License
87 stars 40 forks source link

Bump terser, @microsoft/sp-build-web and @microsoft/sp-webpart-workbench in /Pzl.Part.Tiles #63

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 2 years ago

Bumps terser to 5.15.1 and updates ancestor dependencies terser, @microsoft/sp-build-web and @microsoft/sp-webpart-workbench. These dependencies need to be updated together.

Updates terser from 3.17.0 to 5.15.1

Changelog

Sourced from terser's changelog.

v5.15.1

  • Fixed missing parentheses around optional chains
  • Avoid bare let or const as the bodies of if statements (#1253)
  • Small internal fixes (#1271)
  • Avoid inlining a class twice and creating two equivalent but !== classes.

v5.15.0

  • Basic support for ES2022 class static initializer blocks.
  • Add AudioWorkletNode constructor options to domprops list (#1230)
  • Make identity function inliner not inline id(...expandedArgs)

v5.14.2

  • Security fix for RegExps that should not be evaluated (regexp DDOS)
  • Source maps improvements (#1211)
  • Performance improvements in long property access evaluation (#1213)

v5.14.1

  • keep_numbers option added to TypeScript defs (#1208)
  • Fixed parsing of nested template strings (#1204)

v5.14.0

  • Switched to @​jridgewell/source-map for sourcemap generation (#1190, #1181)
  • Fixed source maps with non-terminated segments (#1106)
  • Enabled typescript types to be imported from the package (#1194)
  • Extra DOM props have been added (#1191)
  • Delete the AST while generating code, as a means to save RAM

v5.13.1

  • Removed self-assignments (varname=varname) (closes #1081)
  • Separated inlining code (for inlining things into references, or removing IIFEs)
  • Allow multiple identifiers with the same name in var destructuring (eg var { a, a } = x) (#1176)

v5.13.0

  • All calls to eval() were removed (#1171, #1184)
  • source-map was updated to 0.8.0-beta.0 (#1164)
  • NavigatorUAData was added to domprops to avoid property mangling (#1166)

v5.12.1

  • Fixed an issue with function definitions inside blocks (#1155)
  • Fixed parens of new in some situations (closes #1159)

v5.12.0

  • TERSER_DEBUG_DIR environment variable
  • @​copyright comments are now preserved with the comments="some" option (#1153)

... (truncated)

Commits
  • 4255fb3 5.15.1
  • d31c829 update changelog
  • bb2e20f take optional chains into account when locating the left-most item in an expr...
  • 350f965 some cleanups
  • 5fc3925 Update actions/setup-node action to v3 (#1156)
  • be73559 Update actions/upload-artifact action to v3 (#1161)
  • 666f79e chore(deps): update actions/checkout action to v3 (#1158)
  • 3652dce fix: incorrect to_simple_statement (#1253)
  • 34e8262 chore: fixed a couple of typos (#1271)
  • 089e32a avoid a class being inlined twice when identity can be compared. (close #1267)
  • Additional commits viewable in compare view


Updates @microsoft/sp-build-web from 1.10.0 to 1.15.2

Updates @microsoft/sp-webpart-workbench from 1.10.0 to 1.12.1

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Puzzlepart/spfx-solutions/network/alerts).
dependabot[bot] commented 1 year ago

Superseded by #79.