Open gustawdaniel opened 1 year ago
I am rather sad writing this, because I was recommending this library many times, but now to fix this vulnerability I removed this library from my project.
npm remove esbuild-jest
replaced it by esbuild-jest-transform
npm install -D esbuild esbuild-jest-transform
then
removed all imports from @jest/globals
, eg.:
import {describe, expect, it} from '@jest/globals';
finally in jest.config.js
changed
transform: {
'^.+\\.(ts|tsx)$': 'esbuild-jest'
},
to
transform: {
'^.+\\.(ts|tsx)$': 'esbuild-jest-transform'
},
I can confirm, that migration was successful without complications. You can read more about differences between esbuild-jest
and esbuild-jest-transform
in issue:
https://github.com/AkifumiSato/esbuild-jest-transform/issues/8
There is many open issues for dependencies. Eg this one:
https://github.com/aelbore/esbuild-jest/pull/81
@aelbore can you merge them and publish new release? Can I help you with this?