Bump esbuild from 0.17.14 to 0.19.1

[dependabot[bot]]

Bumps esbuild from 0.17.14 to 0.19.1.

Release notes

Sourced from esbuild's releases.

v0.19.1

• Fix a regression with baseURL in tsconfig.json (#3307)

  The previous release moved tsconfig.json path resolution before --packages=external checks to allow the paths field in tsconfig.json to avoid a package being marked as external. However, that reordering accidentally broke the behavior of the baseURL field from tsconfig.json. This release moves these path resolution rules around again in an attempt to allow both of these cases to work.

• Parse TypeScript type arguments for JavaScript decorators (#3308)

  When parsing JavaScript decorators in TypeScript (i.e. with experimentalDecorators disabled), esbuild previously didn't parse type arguments. Type arguments will now be parsed starting with this release. For example:

  @foo<number>
  @bar<number, string>()
  class Foo {}
  

• Fix glob patterns matching extra stuff at the end (#3306)

  Previously glob patterns such as ./*.js would incorrectly behave like ./*.js* during path matching (also matching .js.map files, for example). This was never intentional behavior, and has now been fixed.

• Change the permissions of esbuild's generated output files (#3285)

  This release changes the permissions of the output files that esbuild generates to align with the default behavior of node's fs.writeFileSync function. Since most tools written in JavaScript use fs.writeFileSync, this should make esbuild more consistent with how other JavaScript build tools behave.

  The full Unix-y details: Unix permissions use three-digit octal notation where the three digits mean "user, group, other" in that order. Within a digit, 4 means "read" and 2 means "write" and 1 means "execute". So 6 == 4 + 2 == read + write. Previously esbuild uses 0644 permissions (the leading 0 means octal notation) but the permissions for fs.writeFileSync defaults to 0666, so esbuild will now use 0666 permissions. This does not necessarily mean that the files esbuild generates will end up having 0666 permissions, however, as there is another Unix feature called "umask" where the operating system masks out some of these bits. If your umask is set to 0022 then the generated files will have 0644 permissions, and if your umask is set to 0002 then the generated files will have 0664 permissions.

• Fix a subtle CSS ordering issue with @import and @layer

  With this release, esbuild may now introduce additional @layer rules when bundling CSS to better preserve the layer ordering of the input code. Here's an example of an edge case where this matters:

  /* entry.css */
  @import "a.css";
  @import "b.css";
  @import "a.css";
  

  /* a.css */
  @layer a {
    body {
      background: red;
    }
  }
  

  /* b.css */
  @layer b {
    body {
      background: green;
  

... (truncated)

Changelog

Sourced from esbuild's changelog.

0.19.1

• Fix a regression with baseURL in tsconfig.json (#3307)

  The previous release moved tsconfig.json path resolution before --packages=external checks to allow the paths field in tsconfig.json to avoid a package being marked as external. However, that reordering accidentally broke the behavior of the baseURL field from tsconfig.json. This release moves these path resolution rules around again in an attempt to allow both of these cases to work.

• Parse TypeScript type arguments for JavaScript decorators (#3308)

  When parsing JavaScript decorators in TypeScript (i.e. with experimentalDecorators disabled), esbuild previously didn't parse type arguments. Type arguments will now be parsed starting with this release. For example:

  @foo<number>
  @bar<number, string>()
  class Foo {}
  

• Fix glob patterns matching extra stuff at the end (#3306)

  Previously glob patterns such as ./*.js would incorrectly behave like ./*.js* during path matching (also matching .js.map files, for example). This was never intentional behavior, and has now been fixed.

• Change the permissions of esbuild's generated output files (#3285)

  This release changes the permissions of the output files that esbuild generates to align with the default behavior of node's fs.writeFileSync function. Since most tools written in JavaScript use fs.writeFileSync, this should make esbuild more consistent with how other JavaScript build tools behave.

  The full Unix-y details: Unix permissions use three-digit octal notation where the three digits mean "user, group, other" in that order. Within a digit, 4 means "read" and 2 means "write" and 1 means "execute". So 6 == 4 + 2 == read + write. Previously esbuild uses 0644 permissions (the leading 0 means octal notation) but the permissions for fs.writeFileSync defaults to 0666, so esbuild will now use 0666 permissions. This does not necessarily mean that the files esbuild generates will end up having 0666 permissions, however, as there is another Unix feature called "umask" where the operating system masks out some of these bits. If your umask is set to 0022 then the generated files will have 0644 permissions, and if your umask is set to 0002 then the generated files will have 0664 permissions.

• Fix a subtle CSS ordering issue with @import and @layer

  With this release, esbuild may now introduce additional @layer rules when bundling CSS to better preserve the layer ordering of the input code. Here's an example of an edge case where this matters:

  /* entry.css */
  @import "a.css";
  @import "b.css";
  @import "a.css";
  

  /* a.css */
  @layer a {
    body {
      background: red;
    }
  }
  

  /* b.css */
  @layer b {
    body {
  

... (truncated)

Commits

• 49801f7 publish 0.19.1 to npm
• 1fca4aa fix #3307: regression with tsconfig baseURL
• a973f87 fix #3308: TS type arguments for JS decorators
• be9e098 fix #3306: handle lack of a trailing glob wildcard
• 83917cf css: handle external @import condition chains
• d81d759 adjust source range for duplicate case warning
• 4b67d82 tsconfig: options outside compilerOptions (#3301)
• 813fb3a api: reduce console output when an error is thrown
• ab9007c fix(TsconfigRaw): baseUrl to be string (#3299)
• 4202ea0 css: fix ordering with @import and @layer
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[changeset-bot[bot]]

⚠️ No Changeset found

Latest commit: 581ba9c33123856d31ca519840feb75a09d083dd

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[dependabot[bot]]

Superseded by #2462.