search

i18next / i18next-parser

Parse your code to extract translation keys/values and manage your catalog files
MIT License
488 stars 199 forks source link

Build(deps): bump esbuild from 0.17.2 to 0.17.5 #769

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps esbuild from 0.17.2 to 0.17.5.

Release notes

Sourced from esbuild's releases.

v0.17.5

  • Parse const type parameters from TypeScript 5.0

    The TypeScript 5.0 beta announcement adds const type parameters to the language. You can now add the const modifier on a type parameter of a function, method, or class like this:

    type HasNames = { names: readonly string[] };
const getNamesExactly = <const T extends HasNames>(arg: T): T["names"] => arg.names;
const names = getNamesExactly({ names: ["Alice", "Bob", "Eve"] });

    The type of names in the above example is readonly ["Alice", "Bob", "Eve"]. Marking the type parameter as const behaves as if you had written as const at every use instead. The above code is equivalent to the following TypeScript, which was the only option before TypeScript 5.0:

    type HasNames = { names: readonly string[] };
const getNamesExactly = <T extends HasNames>(arg: T): T["names"] => arg.names;
const names = getNamesExactly({ names: ["Alice", "Bob", "Eve"] } as const);

    You can read the announcement for more information.

  • Make parsing generic async arrow functions more strict in .tsx files

    Previously esbuild's TypeScript parser incorrectly accepted the following code as valid:

    let fn = async <T> () => {};

    The official TypeScript parser rejects this code because it thinks it's the identifier async followed by a JSX element starting with <T>. So with this release, esbuild will now reject this syntax in .tsx files too. You'll now have to add a comma after the type parameter to get generic arrow functions like this to parse in .tsx files:

    let fn = async <T,> () => {};

  • Allow the in and out type parameter modifiers on class expressions

    TypeScript 4.7 added the in and out modifiers on the type parameters of classes, interfaces, and type aliases. However, while TypeScript supported them on both class expressions and class statements, previously esbuild only supported them on class statements due to an oversight. This release now allows these modifiers on class expressions too:

    declare let Foo: any;
Foo = class <in T> { };
Foo = class <out T> { };

  • Update enum constant folding for TypeScript 5.0

    TypeScript 5.0 contains an updated definition of what it considers a constant expression:

    An expression is considered a constant expression if it is

... (truncated)

Changelog

Sourced from esbuild's changelog.

0.17.5

  • Parse const type parameters from TypeScript 5.0

    The TypeScript 5.0 beta announcement adds const type parameters to the language. You can now add the const modifier on a type parameter of a function, method, or class like this:

    type HasNames = { names: readonly string[] };
const getNamesExactly = <const T extends HasNames>(arg: T): T["names"] => arg.names;
const names = getNamesExactly({ names: ["Alice", "Bob", "Eve"] });

    The type of names in the above example is readonly ["Alice", "Bob", "Eve"]. Marking the type parameter as const behaves as if you had written as const at every use instead. The above code is equivalent to the following TypeScript, which was the only option before TypeScript 5.0:

    type HasNames = { names: readonly string[] };
const getNamesExactly = <T extends HasNames>(arg: T): T["names"] => arg.names;
const names = getNamesExactly({ names: ["Alice", "Bob", "Eve"] } as const);

    You can read the announcement for more information.

  • Make parsing generic async arrow functions more strict in .tsx files

    Previously esbuild's TypeScript parser incorrectly accepted the following code as valid:

    let fn = async <T> () => {};

    The official TypeScript parser rejects this code because it thinks it's the identifier async followed by a JSX element starting with <T>. So with this release, esbuild will now reject this syntax in .tsx files too. You'll now have to add a comma after the type parameter to get generic arrow functions like this to parse in .tsx files:

    let fn = async <T,> () => {};

  • Allow the in and out type parameter modifiers on class expressions

    TypeScript 4.7 added the in and out modifiers on the type parameters of classes, interfaces, and type aliases. However, while TypeScript supported them on both class expressions and class statements, previously esbuild only supported them on class statements due to an oversight. This release now allows these modifiers on class expressions too:

    declare let Foo: any;
Foo = class <in T> { };
Foo = class <out T> { };

  • Update enum constant folding for TypeScript 5.0

    TypeScript 5.0 contains an updated definition of what it considers a constant expression:

... (truncated)

Commits
  • a8b660d publish 0.17.5 to npm
  • 0c3642e fix constant folding bug with nested operands
  • be94d37 update enum constant folding for TypeScript 5.0
  • 73523d9 parse const type parameters from TypeScript 5.0
  • 3ada8f0 test coverage for async \<A, B> in typescript
  • 8824778 tsx: reject generic arrow functions without a ,
  • 1291b59 forbid definite assignment assertions on methods
  • 71b3ef9 allow in and out with class expression params
  • 3c83a84 publish 0.17.4 to npm
  • 2252232 support replacing dot identifier names with inject
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
socket-security[bot] commented 1 year ago

Socket Security Pull Request Report

Dependency issues detected. If you merge this pull request, you will not be alerted to the instances of these issues again.

πŸ“œ Install scripts

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

Package Script field Source
esbuild@0.17.5 (upgraded) postinstall package.json
Pull request report summary
Issue Status
Install scripts ⚠️ 1 issue
Native code βœ… 0 issues
Bin script confusion βœ… 0 issues
Bin script shell injection βœ… 0 issues
Unresolved require βœ… 0 issues
Invalid package.json βœ… 0 issues
HTTP dependency βœ… 0 issues
Git dependency βœ… 0 issues
Potential typo squat βœ… 0 issues
Known Malware βœ… 0 issues
Telemetry βœ… 0 issues
Protestware/Troll package βœ… 0 issues
Bot Commands

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore foo@1.0.0 bar@2.4.2

  • @SocketSecurity ignore esbuild@0.17.5

Powered by socket.dev

codecov-commenter commented 1 year ago

Codecov Report

Base: 94.09% // Head: 94.09% // No change to project coverage :thumbsup:

Coverage data is based on head (3232def) compared to base (c729ddd). Patch has no changes to coverable lines.

Additional details and impacted files ```diff @@ Coverage Diff @@ ## master #769 +/- ## ======================================= Coverage 94.09% 94.09% ======================================= Files 11 11 Lines 1744 1744 ======================================= Hits 1641 1641 Misses 103 103 ``` Help us with your feedback. Take ten seconds to tell us [how you rate us](https://about.codecov.io/nps?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=i18next). Have a feature suggestion? [Share it here.](https://app.codecov.io/gh/feedback/?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=i18next)

:umbrella: View full report at Codecov.
:loudspeaker: Do you have feedback about the report comment? Let us know in this issue.

dependabot[bot] commented 1 year ago

Superseded by #771.