Closed dependabot[bot] closed 11 months ago
All modified lines are covered by tests :white_check_mark:
Comparison is base (
27c1f73
) 92.29% compared to head (554e2c7
) 92.15%.
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
Even though this fixes a critical vulnerability, as far as I can tell the only JavaScript that ever gets executed for memray is in the HTML reporters, and we don't expect babel to be called on any user supplied code at any point.
That being said, even with the test in alpine failing (which is definitely unrelated to this PR), I think we want to merge this, to avoid the critical vulnerability from showing up for memray
. I'm going to merge this now, but @pablogsal and @godlygeek feel free to let me know if you think this is a problem and we can revert this.
Bumps @babel/traverse from 7.17.9 to 7.23.2.
Release notes
Sourced from
@babel/traverse
's releases.... (truncated)
Changelog
Sourced from
@babel/traverse
's changelog.... (truncated)
Commits
b4b9942
v7.23.2b13376b
Only evaluate own String/Number/Math methods (#16033)ca58ec1
v7.23.00f333da
AddcreateImportExpressions
parser option (#15682)3744545
Fix lintingc7e6806
Addt.buildUndefinedNode
(#15893)38ee8b4
Expand evaluation of global built-ins in@babel/traverse
(#15797)9f3dfd9
v7.22.203ed28b2
Fully support||
and&&
inpluginToggleBooleanFlag
(#15961)77b0d73
v7.22.19Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show