Bump terser from 5.12.0 to 5.14.2 #8719

dependabot · 2022-07-20T23:16:30Z

Bumps terser from 5.12.0 to 5.14.2.

Changelog

v5.14.2

Security fix for RegExps that should not be evaluated (regexp DDOS)

Source maps improvements (#1211)

Performance improvements in long property access evaluation (#1213)

v5.14.1

keep_numbers option added to TypeScript defs (#1208)

Fixed parsing of nested template strings (#1204)

v5.14.0

Switched to @jridgewell/source-map for sourcemap generation (#1190, #1181)

Fixed source maps with non-terminated segments (#1106)

Enabled typescript types to be imported from the package (#1194)

Extra DOM props have been added (#1191)

Delete the AST while generating code, as a means to save RAM

v5.13.1

Removed self-assignments (varname=varname) (closes #1081)

Separated inlining code (for inlining things into references, or removing IIFEs)

Allow multiple identifiers with the same name in var destructuring (eg var { a, a } = x) (#1176)

v5.13.0

All calls to eval() were removed (#1171, #1184)

source-map was updated to 0.8.0-beta.0 (#1164)

NavigatorUAData was added to domprops to avoid property mangling (#1166)

v5.12.1

Fixed an issue with function definitions inside blocks (#1155)

Fixed parens of new in some situations (closes #1159)

Commits

See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

dependabot · 2022-07-21T10:59:52Z

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

Bumps [terser](https://github.com/terser/terser) from 5.12.0 to 5.14.2. - [Release notes](https://github.com/terser/terser/releases) - [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md) - [Commits](https://github.com/terser/terser/commits) --- updated-dependencies: - dependency-name: terser dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [terser](https://github.com/terser/terser) from 5.12.0 to 5.14.2. - [Release notes](https://github.com/terser/terser/releases) - [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md) - [Commits](https://github.com/terser/terser/commits) --- updated-dependencies: - dependency-name: terser dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code minor labels Jul 20, 2022

ChrisHuie removed minor javascript Pull requests that update Javascript code labels Jul 21, 2022

ChrisHuie closed this Jul 21, 2022

dependabot bot deleted the dependabot/npm_and_yarn/terser-5.14.2 branch July 21, 2022 11:00

patmmccann restored the dependabot/npm_and_yarn/terser-5.14.2 branch July 28, 2022 15:35

patmmccann reopened this Jul 28, 2022

dependabot bot force-pushed the dependabot/npm_and_yarn/terser-5.14.2 branch from d81d04a to 99e3037 Compare July 28, 2022 15:36

patmmccann added maintenance and removed dependencies Pull requests that update a dependency file labels Jul 28, 2022

patmmccann self-assigned this Jul 28, 2022

patmmccann self-requested a review July 28, 2022 15:38

patmmccann approved these changes Jul 28, 2022

View reviewed changes

patmmccann merged commit 93fc10b into master Jul 28, 2022

patmmccann deleted the dependabot/npm_and_yarn/terser-5.14.2 branch July 28, 2022 15:41

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump terser from 5.12.0 to 5.14.2 #8719

Bump terser from 5.12.0 to 5.14.2 #8719

dependabot bot commented on behalf of github Jul 20, 2022 •

edited

Loading

dependabot bot commented on behalf of github Jul 21, 2022

Bump terser from 5.12.0 to 5.14.2 #8719

Bump terser from 5.12.0 to 5.14.2 #8719

Conversation

dependabot bot commented on behalf of github Jul 20, 2022 • edited Loading

v5.14.2

v5.14.1

v5.14.0

v5.13.1

v5.13.0

v5.12.1

dependabot bot commented on behalf of github Jul 21, 2022

dependabot bot commented on behalf of github Jul 20, 2022 •

edited

Loading