coreui / coreui-pro

Other
8 stars 10 forks source link

build(deps-dev): bump terser from 5.16.0 to 5.19.2 #420

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps terser from 5.16.0 to 5.19.2.

Changelog

Sourced from terser's changelog.

v5.19.2

  • fix performance hit from avoiding HTML comments in the output

v5.19.1

  • Better avoid outputting </script> and HTML comments.
  • Fix unused variables in class static blocks not being dropped correctly.
  • Fix sourcemap names of methods that are async or static

v5.19.0

  • Allow /*@__MANGLE_PROP__*/ annotation in object.property, in addition to property declarations.

v5.18.2

  • Stop using recursion in hoisted defuns fix.

v5.18.1

  • Fix major performance issue caused by hoisted defuns' scopes bugfix.

v5.18.0

  • Add new /*@__MANGLE_PROP__*/ annotation, to mark properties that should be mangled.

v5.17.7

  • Update some dependencies
  • Add consistent sorting for v RegExp flag
  • Add inert DOM attribute to domprops

v5.17.6

  • Fixes to mozilla AST input and output, for class properties, private properties and static blocks
  • Fix outputting a shorthand property in quotes when safari10 and ecma=2015 options are enabled
  • configurable and enumerable, used in Object.defineProperty, added to domprops (#1393)

v5.17.5

  • Take into account the non-deferred bits of a class, such as static properties, while dropping unused code.

v5.17.4

  • Fix crash when trying to negate a class (!class{})
  • Avoid outputting comments between yield/await and its argument
  • Fix detection of left-hand-side of assignment, to avoid optimizing it like any other expression in some edge cases

v5.17.3

  • Fix issue with trimming a static class property's contents accessing the class as this.

v5.17.2

  • Be less conservative when detecting use-before-definition of var in hoisted functions.
  • Support unusual (but perfectly valid) initializers of for-in and for-of loops.
  • Fix issue where hoisted function would be dropped if it was after a continue statement

v5.17.1

  • Fix evaluating .length when the source array might've been mutated

... (truncated)

Commits
  • 8f22035 5.19.2
  • d252faa update changelog
  • ad93cce fix performance hit from avoiding HTML comments in the output. Closes #1414
  • 798135e 5.19.1
  • 65aeccf update changelog
  • 5cb3679 update package with vuln
  • 2da58b2 fix source mapping of concise async/static method names. Fixes #1411
  • b6a25ae traverse class definitions while dropping unused variables. Fixes #1412
  • fb48cb1 avoid more cases that result in ouputtting </script> and HTML comments. Close...
  • 2993f2c 5.19.0
  • Additional commits viewable in compare view


Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 1 year ago

The following labels could not be found: v4.

dependabot[bot] commented 1 year ago

Looks like terser is up-to-date now, so this is no longer needed.