search

kcapp / frontend

Dart Scoring application
17 stars 11 forks source link

Bump terser and lasso #131

Open dependabot[bot] opened 1 year ago

dependabot[bot] commented 1 year ago

Bumps terser to 5.15.1 and updates ancestor dependency lasso. These dependencies need to be updated together.

Updates terser from 3.17.0 to 5.15.1

Changelog

Sourced from terser's changelog.

v5.15.1

  • Fixed missing parentheses around optional chains
  • Avoid bare let or const as the bodies of if statements (#1253)
  • Small internal fixes (#1271)
  • Avoid inlining a class twice and creating two equivalent but !== classes.

v5.15.0

  • Basic support for ES2022 class static initializer blocks.
  • Add AudioWorkletNode constructor options to domprops list (#1230)
  • Make identity function inliner not inline id(...expandedArgs)

v5.14.2

  • Security fix for RegExps that should not be evaluated (regexp DDOS)
  • Source maps improvements (#1211)
  • Performance improvements in long property access evaluation (#1213)

v5.14.1

  • keep_numbers option added to TypeScript defs (#1208)
  • Fixed parsing of nested template strings (#1204)

v5.14.0

  • Switched to @​jridgewell/source-map for sourcemap generation (#1190, #1181)
  • Fixed source maps with non-terminated segments (#1106)
  • Enabled typescript types to be imported from the package (#1194)
  • Extra DOM props have been added (#1191)
  • Delete the AST while generating code, as a means to save RAM

v5.13.1

  • Removed self-assignments (varname=varname) (closes #1081)
  • Separated inlining code (for inlining things into references, or removing IIFEs)
  • Allow multiple identifiers with the same name in var destructuring (eg var { a, a } = x) (#1176)

v5.13.0

  • All calls to eval() were removed (#1171, #1184)
  • source-map was updated to 0.8.0-beta.0 (#1164)
  • NavigatorUAData was added to domprops to avoid property mangling (#1166)

v5.12.1

  • Fixed an issue with function definitions inside blocks (#1155)
  • Fixed parens of new in some situations (closes #1159)

v5.12.0

  • TERSER_DEBUG_DIR environment variable
  • @​copyright comments are now preserved with the comments="some" option (#1153)

... (truncated)

Commits
  • 4255fb3 5.15.1
  • d31c829 update changelog
  • bb2e20f take optional chains into account when locating the left-most item in an expr...
  • 350f965 some cleanups
  • 5fc3925 Update actions/setup-node action to v3 (#1156)
  • be73559 Update actions/upload-artifact action to v3 (#1161)
  • 666f79e chore(deps): update actions/checkout action to v3 (#1158)
  • 3652dce fix: incorrect to_simple_statement (#1253)
  • 34e8262 chore: fixed a couple of typos (#1271)
  • 089e32a avoid a class being inlined twice when identity can be compared. (close #1267)
  • Additional commits viewable in compare view


Updates lasso from 3.4.3 to 4.0.2

Changelog

Sourced from lasso's changelog.

4.0.2

  • Fix issue with caching page results in production mode.

4.0.1

  • Fix regression with the getImageInfo api.

4.0.0

  • BREAKING: Requires a minimum of node 16
  • Upgrades internal dependencies (biggest user facing change being JS/CSS parsing and minification of newer features).

3.4.0

  • Switches from esprima to espree to parse JavaScript (supports more modern JavaScript).

3.3.1

  • Adds .webp to the list of browser-refresh extensions.

3.3.0

3.2.8

  • Fix regression with inline scripts with externalScriptAttrs.

3.2.7

  • Improve support for defer and async attributes on inline bundles.

3.0.0

  • BREAKING: Remove support for Node 4
    • Significant refactors. Move to async/await internally.
    • Traspile for Node 4 support using Babel
  • BREAKING: API methods no longer expose callbacks.
    • Plugins should no longer expect a callback
    • Plugins should return promises for async tasks
  • BREAKING: Marko taglib and taglib-v2 removed
    • Use @lasso/marko-taglib instead
  • Support for passing cacheKey property to lasso config
  • Merge lasso-require into Lasso
    • Lasso config lassoConfig.require.resolver property has been split out into its own property lassoConfig.resolver
const lassoConfig: {
    require: {
        transforms: ...
    },
</tr></table>

... (truncated)

Commits
  • 97d34d0 4.0.2
  • 966bc8e fix: issue with caching page results in production mode
  • 19c9c61 4.0.1
  • 03e6601 fix: regression with getImageInfo api
  • 8471096 4.0.0
  • fa0565a chore: upgrade and fix eslint issues
  • 20577b6 chore: update test/dev deps
  • f01e65b chore: upgrade many deps, remove some unneeded ones
  • 470a622 feat: upgrade js and css processing utils
  • a851aa6 fix: ensure data object allways passed when generating html for slot
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/kcapp/frontend/network/alerts).
dependabot[bot] commented 1 year ago

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.