search

harrinry / drupal

Verbatim mirror of the git.drupal.org repository for Drupal core. Please see the https://github.com/drupal/drupal#contributing. PRs are not accepted on GitHub.
https://drupal.org/project/drupal
0 stars 0 forks source link

Update dependency terser to v5.14.2 - autoclosed #38

Closed mend-for-github-com[bot] closed 12 months ago

mend-for-github-com[bot] commented 12 months ago

This PR contains the following updates:

Package Type Update Change
terser (source) devDependencies minor 5.9.0 -> 5.14.2

By merging this PR, the issue #14 will be automatically resolved and closed:

Severity CVSS Score CVE
High High 7.5 CVE-2022-25858

Release Notes

terser/terser ### [`v5.14.2`](https://togithub.com/terser/terser/blob/HEAD/CHANGELOG.md#v5142) [Compare Source](https://togithub.com/terser/terser/compare/v5.14.1...v5.14.2) - Security fix for RegExps that should not be evaluated (regexp DDOS) - Source maps improvements ([#​1211](https://togithub.com/terser/terser/issues/1211)) - Performance improvements in long property access evaluation ([#​1213](https://togithub.com/terser/terser/issues/1213)) ### [`v5.14.1`](https://togithub.com/terser/terser/blob/HEAD/CHANGELOG.md#v5141) [Compare Source](https://togithub.com/terser/terser/compare/v5.14.0...v5.14.1) - keep_numbers option added to TypeScript defs ([#​1208](https://togithub.com/terser/terser/issues/1208)) - Fixed parsing of nested template strings ([#​1204](https://togithub.com/terser/terser/issues/1204)) ### [`v5.14.0`](https://togithub.com/terser/terser/blob/HEAD/CHANGELOG.md#v5140) [Compare Source](https://togithub.com/terser/terser/compare/v5.13.1...v5.14.0) - Switched to [@​jridgewell/source-map](https://togithub.com/jridgewell/source-map) for sourcemap generation ([#​1190](https://togithub.com/terser/terser/issues/1190), [#​1181](https://togithub.com/terser/terser/issues/1181)) - Fixed source maps with non-terminated segments ([#​1106](https://togithub.com/terser/terser/issues/1106)) - Enabled typescript types to be imported from the package ([#​1194](https://togithub.com/terser/terser/issues/1194)) - Extra DOM props have been added ([#​1191](https://togithub.com/terser/terser/issues/1191)) - Delete the AST while generating code, as a means to save RAM ### [`v5.13.1`](https://togithub.com/terser/terser/blob/HEAD/CHANGELOG.md#v5131) [Compare Source](https://togithub.com/terser/terser/compare/v5.13.0...v5.13.1) - Removed self-assignments (`varname=varname`) (closes [#​1081](https://togithub.com/terser/terser/issues/1081)) - Separated inlining code (for inlining things into references, or removing IIFEs) - Allow multiple identifiers with the same name in `var` destructuring (eg `var { a, a } = x`) ([#​1176](https://togithub.com/terser/terser/issues/1176)) ### [`v5.13.0`](https://togithub.com/terser/terser/blob/HEAD/CHANGELOG.md#v5130) [Compare Source](https://togithub.com/terser/terser/compare/v5.12.1...v5.13.0) - All calls to eval() were removed ([#​1171](https://togithub.com/terser/terser/issues/1171), [#​1184](https://togithub.com/terser/terser/issues/1184)) - `source-map` was updated to 0.8.0-beta.0 ([#​1164](https://togithub.com/terser/terser/issues/1164)) - NavigatorUAData was added to domprops to avoid property mangling ([#​1166](https://togithub.com/terser/terser/issues/1166)) ### [`v5.12.1`](https://togithub.com/terser/terser/blob/HEAD/CHANGELOG.md#v5121) [Compare Source](https://togithub.com/terser/terser/compare/v5.12.0...v5.12.1) - Fixed an issue with function definitions inside blocks ([#​1155](https://togithub.com/terser/terser/issues/1155)) - Fixed parens of `new` in some situations (closes [#​1159](https://togithub.com/terser/terser/issues/1159)) ### [`v5.12.0`](https://togithub.com/terser/terser/blob/HEAD/CHANGELOG.md#v5120) [Compare Source](https://togithub.com/terser/terser/compare/v5.11.0...v5.12.0) - `TERSER_DEBUG_DIR` environment variable - [@​copyright](https://togithub.com/copyright) comments are now preserved with the comments="some" option ([#​1153](https://togithub.com/terser/terser/issues/1153)) ### [`v5.11.0`](https://togithub.com/terser/terser/blob/HEAD/CHANGELOG.md#v5110) [Compare Source](https://togithub.com/terser/terser/compare/v5.10.0...v5.11.0) - Unicode code point escapes (`\u{abcde}`) are not emitted inside RegExp literals anymore ([#​1147](https://togithub.com/terser/terser/issues/1147)) - acorn is now a regular dependency ### [`v5.10.0`](https://togithub.com/terser/terser/blob/HEAD/CHANGELOG.md#v5100) [Compare Source](https://togithub.com/terser/terser/compare/v5.9.0...v5.10.0) - Massive optimization to max_line_len ([#​1109](https://togithub.com/terser/terser/issues/1109)) - Basic support for import assertions - Marked ES2022 Object.hasOwn as a pure function - Fix `delete optional?.property` - New CI/CD pipeline with github actions ([#​1057](https://togithub.com/terser/terser/issues/1057)) - Fix reordering of switch branches ([#​1092](https://togithub.com/terser/terser/issues/1092)), ([#​1084](https://togithub.com/terser/terser/issues/1084)) - Fix error when creating a class property called `get` - Acorn dependency is now an optional peerDependency - Fix mangling collision with exported variables ([#​1072](https://togithub.com/terser/terser/issues/1072)) - Fix an issue with `return someVariable = (async () => { ... })()` ([#​1073](https://togithub.com/terser/terser/issues/1073))