[Snyk] Upgrade acorn from 8.0.5 to 8.8.2 #20
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade acorn from 8.0.5 to 8.8.2.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
Release notes
Package name: acorn
Bug fixes
Fix a bug that caused
allowHashBang
to be set to false when not provided, even withecmaVersion >= 14
.Fix an exception when passing no option object to
parse
ornew Parser
.Fix incorrect parse error on
if (0) let\n[astral identifier char]
.Bug fixes
Make type for
Comment
compatible with estree types.Bug fixes
Allow parentheses around spread args in destructuring object assignment.
Fix an issue where the tree contained
directive
properties in when parsing with a language version that doesn't support them.New features
Support hashbang comments by default in ECMAScript 2023 and later.
Bug fixes
Stop handling
"use strict"
directives in ECMAScript versions before 5.Fix an issue where duplicate quoted export names in
export *
syntax were incorrectly checked.Add missing type for
tokTypes
.New features
Support quoted export names.
Upgrade to Unicode 14.
Add support for Unicode 13 properties in regular expressions.
Bug fixes
Use a loop to find line breaks, because the existing regexp search would overrun the end of the searched range and waste a lot of time in minified code.
Bug fixes
Fix a bug where an object literal with multiple
__proto__
properties would incorrectly be accepted if a later property value held an assigment.New features
Support class private fields with the
in
operator.Bug fixes
Improve context-dependent tokenization in a number of corner cases.
Fix location tracking after a 0x2028 or 0x2029 character in a string literal (which before did not increase the line number).
Fix an issue where arrow function bodies in for loop context would inappropriately consume
in
operators.Fix wrong end locations stored on SequenceExpression nodes.
Implement restriction that
for
/of
loop LHS can't start withlet
.New features
Add support for ES2022 class static blocks.
Allow multiple input files to be passed to the CLI tool.
Bug fixes
Fix a bug where
allowAwaitOutsideFunction
would allowawait
in class field initializers, and settingecmaVersion
to 13 or higher would allow top-level await in non-module sources.New features
A new option,
allowSuperOutsideMethod
, can be used to suppress the error whensuper
is used in the wrong context.New features
Default
allowAwaitOutsideFunction
to true for ECMAScript 2022 an higher.Add support for the
p
(indices) regexp flag.Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs