This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade multiple dependencies.
👯♂ The following dependencies are linked and will therefore be updated together.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
Name | Versions | Released on
:-------------|:-------------|:-------------
**@babel/core**from 7.22.9 to 7.24.4 | **18 versions** ahead of your current version | **a month ago**on 2024-04-03
**@babel/preset-env**from 7.22.9 to 7.24.4 | **15 versions** ahead of your current version | **a month ago**on 2024-04-03
The recommended version fixes:
Severity | Issue | PriorityScore (*) | Exploit Maturity |
:-------------------------:|:-------------------------|-------------------------|:-------------------------
| Incomplete List of Disallowed Inputs [SNYK-JS-BABELTRAVERSE-5962462](https://snyk.io/vuln/SNYK-JS-BABELTRAVERSE-5962462) | **572/1000** **Why?** Proof of Concept exploit, CVSS 9.3 | Proof of Concept
(*) Note that the real score may have changed since the PR was raised.
Release notes Package name: @babel/core
from @babel/preset-env GitHub release notes
**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.*
For more information:
🧐 [View latest project report](https://app.snyk.io/org/nodeshift-agg/project/cc7f2029-67ef-4484-8942-8996e596ae23?utm_source=github&utm_medium=referral&page=upgrade-pr)
🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/nodeshift-agg/project/cc7f2029-67ef-4484-8942-8996e596ae23/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr)
🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/nodeshift-agg/project/cc7f2029-67ef-4484-8942-8996e596ae23/settings/integration?pkg=@babel/core&pkg=@babel/preset-env&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade multiple dependencies.
👯♂ The following dependencies are linked and will therefore be updated together. :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project. Name | Versions | Released on :-------------|:-------------|:------------- **@babel/core**from 7.22.9 to 7.24.4 | **18 versions** ahead of your current version | **a month ago**on 2024-04-03 **@babel/preset-env**from 7.22.9 to 7.24.4 | **15 versions** ahead of your current version | **a month ago**on 2024-04-03 The recommended version fixes: Severity | Issue | PriorityScore (*) | Exploit Maturity | :-------------------------:|:-------------------------|-------------------------|:------------------------- | Incomplete List of Disallowed Inputs[SNYK-JS-BABELTRAVERSE-5962462](https://snyk.io/vuln/SNYK-JS-BABELTRAVERSE-5962462) | **572/1000**
**Why?** Proof of Concept exploit, CVSS 9.3 | Proof of Concept (*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: @babel/core
v7.24.4 (2024-04-03)
Thanks @ Dunqing, @ luiscubal, and @ samualtnorman for your first PRs!
👓 Spec Compliance
babel-parser
babel-helpers
,babel-plugin-proposal-decorators
,babel-runtime-corejs3
🐛 Bug Fix
babel-generator
{ [key in Bar]? }
(@ liuxingbaoyu)TSMappedType
(@ liuxingbaoyu)babel-compat-data
,babel-plugin-bugfix-firefox-class-in-computed-class-key
,babel-preset-env
babel-helper-create-class-features-plugin
,babel-plugin-proposal-decorators
super()
exists andprotoInit
is not needed (@ liuxingbaoyu)babel-plugin-transform-block-scoping
for X
in loop (@ liuxingbaoyu)let
when thefor
body is not a block (@ liuxingbaoyu)babel-core
,babel-plugin-transform-block-scoped-functions
,babel-plugin-transform-block-scoping
Committers: 7
v7.24.3 (2024-03-20)
Thanks @ ota-meshi for your first PR!
🐛 Bug Fix
babel-helper-module-imports
Committers: 2
v7.24.1 (2024-03-19)
🐛 Bug Fix
babel-helper-create-class-features-plugin
,babel-plugin-proposal-decorators
babel-plugin-proposal-decorators
,babel-plugin-proposal-json-modules
,babel-plugin-transform-async-generator-functions
,babel-plugin-transform-regenerator
,babel-plugin-transform-runtime
,babel-preset-env
moduleName
for@ babel/runtime/regenerator
imports (@ nicolo-ribaudo)babel-helper-create-class-features-plugin
,babel-plugin-proposal-decorators
,babel-plugin-proposal-pipeline-operator
,babel-plugin-transform-class-properties
babel-helper-create-class-features-plugin
,babel-helper-replace-supers
,babel-plugin-proposal-decorators
,babel-plugin-transform-class-properties
📝 Documentation
🏠 Internal
babel-code-frame
,babel-highlight
chalk
withpicocolors
(@ nicolo-ribaudo)babel-helper-fixtures
,babel-helpers
,babel-plugin-bugfix-safari-id-destructuring-collision-in-function-expression
,babel-plugin-proposal-pipeline-operator
,babel-plugin-transform-unicode-sets-regex
,babel-preset-env
,babel-preset-flow
babel-helper-module-imports
,babel-plugin-proposal-import-wasm-source
,babel-plugin-proposal-json-modules
,babel-plugin-proposal-record-and-tuple
,babel-plugin-transform-react-jsx-development
,babel-plugin-transform-react-jsx
🔬 Output optimization
babel-helper-replace-supers
,babel-plugin-transform-class-properties
,babel-plugin-transform-classes
,babel-plugin-transform-parameters
,babel-plugin-transform-runtime
assertThisInitialized
aftersuper()
(@ liuxingbaoyu)babel-plugin-transform-class-properties
,babel-plugin-transform-classes
assertThisInitialized
more often (@ liuxingbaoyu)babel-plugin-proposal-decorators
,babel-plugin-transform-class-properties
,babel-plugin-transform-object-rest-spread
,babel-traverse
babel-core
,babel-plugin-external-helpers
,babel-plugin-proposal-decorators
,babel-plugin-proposal-function-bind
,babel-plugin-transform-class-properties
,babel-plugin-transform-classes
,babel-plugin-transform-flow-comments
,babel-plugin-transform-flow-strip-types
,babel-plugin-transform-function-name
,babel-plugin-transform-modules-systemjs
,babel-plugin-transform-parameters
,babel-plugin-transform-private-property-in-object
,babel-plugin-transform-react-jsx
,babel-plugin-transform-runtime
,babel-plugin-transform-spread
,babel-plugin-transform-typescript
,babel-preset-env
Committers: 4
v7.23.9 (2024-01-25)
🐛 Bug Fix
babel-helper-transform-fixture-test-runner
,babel-plugin-transform-function-name
,babel-plugin-transform-modules-systemjs
,babel-preset-env
systemjs
re-traverses helpers (@ liuxingbaoyu)babel-helper-create-class-features-plugin
,babel-plugin-proposal-decorators
babel-plugin-proposal-decorators
,babel-plugin-transform-async-generator-functions
,babel-plugin-transform-runtime
,babel-preset-env
core-js@3
imports (@ nicolo-ribaudo)babel-traverse
getTypeAnnotation
when using TS+inference (@ liuxingbaoyu)no-use-before-define
for class ref in fields (@ nicolo-ribaudo)🏠 Internal
babel-core
,babel-parser
,babel-template
eslint-parser
to cts (@ liuxingbaoyu)babel-types
@ babel/types
props that are not produced by the parser (@ liuxingbaoyu)🏃♀️ Performance
babel-parser
🔬 Output optimization
babel-helper-create-class-features-plugin
,babel-plugin-proposal-decorators
,babel-plugin-proposal-destructuring-private
,babel-plugin-proposal-pipeline-operator
,babel-plugin-transform-class-properties
,babel-plugin-transform-class-static-block
,babel-plugin-transform-new-target
,babel-plugin-transform-parameters
,babel-plugin-transform-private-methods
,babel-preset-env
babel-helpers
,babel-plugin-proposal-explicit-resource-management
,babel-runtime-corejs2
,babel-runtime-corejs3
,babel-runtime
using
(@ liuxingbaoyu)Committers: 4
Package name: @babel/preset-env
v7.24.4 (2024-04-03)
Thanks @ Dunqing, @ luiscubal, and @ samualtnorman for your first PRs!
👓 Spec Compliance
babel-parser
babel-helpers
,babel-plugin-proposal-decorators
,babel-runtime-corejs3
🐛 Bug Fix
babel-generator
{ [key in Bar]? }
(@ liuxingbaoyu)TSMappedType
(@ liuxingbaoyu)babel-compat-data
,babel-plugin-bugfix-firefox-class-in-computed-class-key
,babel-preset-env
babel-helper-create-class-features-plugin
,babel-plugin-proposal-decorators
super()
exists andprotoInit
is not needed (@ liuxingbaoyu)babel-plugin-transform-block-scoping
for X
in loop (@ liuxingbaoyu)let
when thefor
body is not a block (@ liuxingbaoyu)babel-core
,babel-plugin-transform-block-scoped-functions
,babel-plugin-transform-block-scoping
Committers: 7
v7.24.3 (2024-03-20)
Thanks @ ota-meshi for your first PR!
🐛 Bug Fix
babel-helper-module-imports
Committers: 2
**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/nodeshift-agg/project/cc7f2029-67ef-4484-8942-8996e596ae23?utm_source=github&utm_medium=referral&page=upgrade-pr) 🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/nodeshift-agg/project/cc7f2029-67ef-4484-8942-8996e596ae23/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr) 🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/nodeshift-agg/project/cc7f2029-67ef-4484-8942-8996e596ae23/settings/integration?pkg=@babel/core&pkg=@babel/preset-env&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)