[Snyk] Upgrade: @babel/core, @babel/preset-env

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade multiple dependencies.

👯‍♂ The following dependencies are linked and will therefore be updated together.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name | Versions | Released on :-------------|:-------------|:------------- **@babel/core**
from 7.22.9 to 7.24.4 | **18 versions** ahead of your current version | **a month ago**
on 2024-04-03 **@babel/preset-env**
from 7.22.9 to 7.24.4 | **15 versions** ahead of your current version | **a month ago**
on 2024-04-03 The recommended version fixes: Severity | Issue | PriorityScore (*) | Exploit Maturity | :-------------------------:|:-------------------------|-------------------------|:-------------------------

| Incomplete List of Disallowed Inputs
[SNYK-JS-BABELTRAVERSE-5962462](https://snyk.io/vuln/SNYK-JS-BABELTRAVERSE-5962462) | **572/1000**
**Why?** Proof of Concept exploit, CVSS 9.3 | Proof of Concept (*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: @babel/core

7.24.4 - 2024-04-03
v7.24.4 (2024-04-03)

Thanks @ Dunqing, @ luiscubal, and @ samualtnorman for your first PRs!

👓 Spec Compliance
- babel-parser
  - #16403 Forbid initializerless using (@ JLHwung)
- babel-helpers, babel-plugin-proposal-decorators, babel-runtime-corejs3
  - #16388 Ensure decorators are callable (@ JLHwung)
🐛 Bug Fix
- babel-generator
  - #16402 fix: Correctly prints { [key in Bar]? } (@ liuxingbaoyu)
  - #16394 fix: Correctly generate TSMappedType (@ liuxingbaoyu)
- babel-compat-data, babel-plugin-bugfix-firefox-class-in-computed-class-key, babel-preset-env
  - #16390 Create bugfix plugin for classes in computed keys in Firefox (@ nicolo-ribaudo)
- babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
  - #16387 fix: support mutated outer decorated class binding (@ JLHwung)
  - #16385 fix: Decorators when super() exists and protoInit is not needed (@ liuxingbaoyu)
- babel-plugin-transform-block-scoping
  - #16384 fix: Transform scoping for for X in loop (@ liuxingbaoyu)
  - #16368 fix: Capture let when the for body is not a block (@ liuxingbaoyu)
- babel-core, babel-plugin-transform-block-scoped-functions, babel-plugin-transform-block-scoping
  - #16363 Fix incorrect function hoisting in some case statements (@ luiscubal)
Committers: 7
- Babel Bot (@ babel-bot)
- Dunqing (@ Dunqing)
- Huáng Jùnliàng (@ JLHwung)
- Luís Reis (@ luiscubal)
- Nicolò Ribaudo (@ nicolo-ribaudo)
- Samual Norman (@ samualtnorman)
- @ liuxingbaoyu
7.24.3 - 2024-03-20
v7.24.3 (2024-03-20)

Thanks @ ota-meshi for your first PR!

🐛 Bug Fix
- babel-helper-module-imports
  - #16370 fix: do not inject the same imported identifier multiple times (@ ota-meshi)
Committers: 2
- Nicolò Ribaudo (@ nicolo-ribaudo)
- Yosuke Ota (@ ota-meshi)
7.24.1 - 2024-03-19
v7.24.1 (2024-03-19)

🐛 Bug Fix
- babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
  - #16350 Fix decorated class computed keys ordering (@ JLHwung)
  - #16344 Fix decorated class static field private access (@ JLHwung)
- babel-plugin-proposal-decorators, babel-plugin-proposal-json-modules, babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env
  - #16329 Respect moduleName for @ babel/runtime/regenerator imports (@ nicolo-ribaudo)
- babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties
  - #16331 Fix decorator memoiser binding kind (@ JLHwung)
- babel-helper-create-class-features-plugin, babel-helper-replace-supers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties
  - #16325 Fix decorator evaluation private environment (@ JLHwung)
📝 Documentation
- #16319 Update SECURITY.md (@ nicolo-ribaudo)
🏠 Internal
- babel-code-frame, babel-highlight
  - #16359 Replace chalk with picocolors (@ nicolo-ribaudo)
- babel-helper-fixtures, babel-helpers, babel-plugin-bugfix-safari-id-destructuring-collision-in-function-expression, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-unicode-sets-regex, babel-preset-env, babel-preset-flow
  - #16352 Run Babel transform tests on old node if possible (@ JLHwung)
- babel-helper-module-imports, babel-plugin-proposal-import-wasm-source, babel-plugin-proposal-json-modules, babel-plugin-proposal-record-and-tuple, babel-plugin-transform-react-jsx-development, babel-plugin-transform-react-jsx
  - #16349 Support merging imports in import injector (@ nicolo-ribaudo)
- Other
  - #16332 Test Babel 7 plugins compatibility with Babel 8 core (@ nicolo-ribaudo)
🔬 Output optimization
- babel-helper-replace-supers, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-parameters, babel-plugin-transform-runtime
  - #16345 Optimize the use of assertThisInitialized after super() (@ liuxingbaoyu)
- babel-plugin-transform-class-properties, babel-plugin-transform-classes
  - #16343 Use simpler assertThisInitialized more often (@ liuxingbaoyu)
- babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-object-rest-spread, babel-traverse
  - #16342 Consider well-known and registered symbols as literals (@ nicolo-ribaudo)
- babel-core, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-proposal-function-bind, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-flow-comments, babel-plugin-transform-flow-strip-types, babel-plugin-transform-function-name, babel-plugin-transform-modules-systemjs, babel-plugin-transform-parameters, babel-plugin-transform-private-property-in-object, babel-plugin-transform-react-jsx, babel-plugin-transform-runtime, babel-plugin-transform-spread, babel-plugin-transform-typescript, babel-preset-env
  - #16326 Reduce the use of class names (@ liuxingbaoyu)
Committers: 4
- Babel Bot (@ babel-bot)
- Huáng Jùnliàng (@ JLHwung)
- Nicolò Ribaudo (@ nicolo-ribaudo)
- @ liuxingbaoyu
7.24.0 - 2024-02-28
Read more
7.23.9 - 2024-01-25
v7.23.9 (2024-01-25)

🐛 Bug Fix
- babel-helper-transform-fixture-test-runner, babel-plugin-transform-function-name, babel-plugin-transform-modules-systemjs, babel-preset-env
  - #16225 fix: systemjs re-traverses helpers (@ liuxingbaoyu)
- babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
  - #16226 Improve decorated private method check (@ JLHwung)
- babel-plugin-proposal-decorators, babel-plugin-transform-async-generator-functions, babel-plugin-transform-runtime, babel-preset-env
  - #16224 Properly sort core-js@3 imports (@ nicolo-ribaudo)
- babel-traverse
  - #15383 fix: Don't throw in getTypeAnnotation when using TS+inference (@ liuxingbaoyu)
- Other
  - #16210 [eslint] Fix no-use-before-define for class ref in fields (@ nicolo-ribaudo)
🏠 Internal
- babel-core, babel-parser, babel-template
  - #16222 Migrate eslint-parser to cts (@ liuxingbaoyu)
- babel-types
  - #16213 Remove @ babel/types props that are not produced by the parser (@ liuxingbaoyu)
🏃‍♀️ Performance
- babel-parser
  - #16072 perf: Improve parser performance for typescript (@ liuxingbaoyu)
🔬 Output optimization
- babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties, babel-plugin-transform-class-static-block, babel-plugin-transform-new-target, babel-plugin-transform-parameters, babel-plugin-transform-private-methods, babel-preset-env
  - #16218 Improve temporary variables for decorators (@ liuxingbaoyu)
- babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  - #15959 Improve output of using (@ liuxingbaoyu)
Committers: 4
- Babel Bot (@ babel-bot)
- Huáng Jùnliàng (@ JLHwung)
- Nicolò Ribaudo (@ nicolo-ribaudo)
- @ liuxingbaoyu
7.23.7 - 2023-12-29
7.23.6 - 2023-12-11
7.23.5 - 2023-11-29
7.23.3 - 2023-11-09
7.23.2 - 2023-10-12
7.23.0 - 2023-09-25
7.22.20 - 2023-09-16
7.22.19 - 2023-09-14
7.22.18 - 2023-09-14
7.22.17 - 2023-09-08
7.22.15 - 2023-09-04
7.22.11 - 2023-08-24
7.22.10 - 2023-08-07
7.22.9 - 2023-07-12

from @babel/core GitHub release notes

Package name: @babel/preset-env

7.24.4 - 2024-04-03
v7.24.4 (2024-04-03)

Thanks @ Dunqing, @ luiscubal, and @ samualtnorman for your first PRs!

👓 Spec Compliance
- babel-parser
  - #16403 Forbid initializerless using (@ JLHwung)
- babel-helpers, babel-plugin-proposal-decorators, babel-runtime-corejs3
  - #16388 Ensure decorators are callable (@ JLHwung)
🐛 Bug Fix
- babel-generator
  - #16402 fix: Correctly prints { [key in Bar]? } (@ liuxingbaoyu)
  - #16394 fix: Correctly generate TSMappedType (@ liuxingbaoyu)
- babel-compat-data, babel-plugin-bugfix-firefox-class-in-computed-class-key, babel-preset-env
  - #16390 Create bugfix plugin for classes in computed keys in Firefox (@ nicolo-ribaudo)
- babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
  - #16387 fix: support mutated outer decorated class binding (@ JLHwung)
  - #16385 fix: Decorators when super() exists and protoInit is not needed (@ liuxingbaoyu)
- babel-plugin-transform-block-scoping
  - #16384 fix: Transform scoping for for X in loop (@ liuxingbaoyu)
  - #16368 fix: Capture let when the for body is not a block (@ liuxingbaoyu)
- babel-core, babel-plugin-transform-block-scoped-functions, babel-plugin-transform-block-scoping
  - #16363 Fix incorrect function hoisting in some case statements (@ luiscubal)
Committers: 7
- Babel Bot (@ babel-bot)
- Dunqing (@ Dunqing)
- Huáng Jùnliàng (@ JLHwung)
- Luís Reis (@ luiscubal)
- Nicolò Ribaudo (@ nicolo-ribaudo)
- Samual Norman (@ samualtnorman)
- @ liuxingbaoyu
7.24.3 - 2024-03-20
v7.24.3 (2024-03-20)

Thanks @ ota-meshi for your first PR!

🐛 Bug Fix
- babel-helper-module-imports
  - #16370 fix: do not inject the same imported identifier multiple times (@ ota-meshi)
Committers: 2
- Nicolò Ribaudo (@ nicolo-ribaudo)
- Yosuke Ota (@ ota-meshi)
7.24.1 - 2024-03-19
Read more
7.24.0 - 2024-02-28
Read more
7.23.9 - 2024-01-25
Read more
7.23.8 - 2024-01-08
Read more
7.23.7 - 2023-12-29
7.23.6 - 2023-12-11
7.23.5 - 2023-11-29
7.23.3 - 2023-11-09
7.23.2 - 2023-10-11
7.22.20 - 2023-09-16
7.22.15 - 2023-09-04
7.22.14 - 2023-08-30
7.22.10 - 2023-08-07
7.22.9 - 2023-07-12

from @babel/preset-env GitHub release notes

**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/nodeshift-agg/project/cc7f2029-67ef-4484-8942-8996e596ae23?utm_source=github&utm_medium=referral&page=upgrade-pr) 🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/nodeshift-agg/project/cc7f2029-67ef-4484-8942-8996e596ae23/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr) 🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/nodeshift-agg/project/cc7f2029-67ef-4484-8942-8996e596ae23/settings/integration?pkg=@babel/core&pkg=@babel/preset-env&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)

Totals
Change from base Build 8894784791:	0.0%
Covered Lines:	374
Relevant Lines:	375

nodeshift / opossum

[Snyk] Upgrade: @babel/core, @babel/preset-env #855

Snyk has created this PR to upgrade multiple dependencies.

v7.24.4 (2024-04-03)

👓 Spec Compliance

🐛 Bug Fix

Committers: 7

v7.24.3 (2024-03-20)

🐛 Bug Fix

Committers: 2

v7.24.1 (2024-03-19)

🐛 Bug Fix

📝 Documentation

🏠 Internal

🔬 Output optimization

Committers: 4

v7.23.9 (2024-01-25)

🐛 Bug Fix

🏠 Internal

🏃‍♀️ Performance

🔬 Output optimization

Committers: 4

v7.24.4 (2024-04-03)

👓 Spec Compliance

🐛 Bug Fix

Committers: 7

v7.24.3 (2024-03-20)

🐛 Bug Fix

Committers: 2

Pull Request Test Coverage Report for Build 8904749370

Details

💛 - Coveralls