Bump parcel from 1.12.4 to 2.3.2

[dependabot[bot]]

Bumps parcel from 1.12.4 to 2.3.2.

Release notes

Sourced from parcel's releases.

v2.3.2

This fixes an issue with auto installing node builtins where the npm package has the same name as the node builtin itself. See #7697.

v2.3.1

Followup release to v2.3.0 to improve the error message shown when auto install is disabled (e.g. in CI environments) and a node polyfill is needed. This may occur for example when using automated dependency upgrade bots like renovate/dependabot.

This also fixes a bug where auto install did not work correctly in some cases, and pins all parcel dependency versions so that it is easier to pin parcel to a specific version in your project.

v2.3.0

This release reduces the number of npm dependencies needed by Parcel by over 60%. This builds upon previous work in 2.2.0, so combined Parcel now installs over 70% fewer dependencies! This is accomplished by:

• Pre-bundling some dependencies with Parcel itself rather than loading them from npm. This is done for packages that are small and internal to Parcel (i.e. you don't interact with them directly in your project). This reduces maintenance burden for users of Parcel.
• Auto installing node builtin polyfills on demand (e.g. buffer, stream, etc.). These are rarely used but account for a large number of installed dependencies. Now, when you use one of these, or a dependency in your project does, it'll be installed into your project on demand.
• Removing built-in Babel and PostCSS modules dependencies, and installing them into projects on demand, only when actually used.

We will continue reducing Parcel's footprint in future releases by further reducing our use of dependency-heavy ecosystems such as PostCSS as we replace them with Rust-based equivalents.

Other changes

• Support React 18 prereleases and experimental versions with automatic JSX runtime - Details
• Fix @swc/helpers in non-module scripts - Details
• Fix auto installing dependencies in PNPM monorepos - Details

v2.2.1

Fixed

• Fix background image data urls missing quotes - Details
• Fix development builds not downleveling nested selectors with @parcel/css. Now Parcel has default modern browser targets. - Details
• Upgrades htmlnano to v2 to remove uncss which had a dependency on a vulnerable old version of PostCSS - Details
• Upgrades postcss-modules and removes css-module-loader-core with old PostCSS dependencies - Details
• Upgrade Vue compiler - Details
• Upgrade SVGR to v6 - Details
• Upgade JSON5 to v2 - Details
• Don't discard invalidations when transformer throws an error - Details

v2.2.0

Added

• New @parcel/transformer-css-experimental plugin, which is powered by @​parcel/css - Details

Fixed

• Updated node-forge to 1.0.0 to fix security vulnerability

v2.1.1

Changelog

v2.1.0

Changelog

... (truncated)

Commits

• 47379bf v2.3.2
• 6d250d7 Fix autoinstalling node builtins (#7735)
• 5530a6e Fix lint
• 699f0b2 Use pinned versions
• 60bf88e Don't build native packages again during publish step
• 3232f60 Fix build
• e07b5ca Fix autoinstall
• a7e7ecf v2.3.1
• d098468 Add diagnostic for failed autoinstall of node polyfill (#7682)
• 65ffb58 v2.3.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot[bot]]

The following labels could not be found: ⬆️ dependencies.

[dependabot[bot]]

Superseded by #163.