[Snyk] Upgrade rollup-plugin-typescript2 from 0.20.1 to 0.35.0 #41
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade rollup-plugin-typescript2 from 0.20.1 to 0.35.0.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version fixes:
SNYK-JS-DECODEURICOMPONENT-3149970
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-UNSETVALUE-2400660
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-KINDOF-537849
Why? Proof of Concept exploit, CVSS 7.5
(*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: rollup-plugin-typescript2
Features
module: "ES2022"
by @ ezolenko in #450Bugfixes
Full Changelog: 0.34.1...0.35.0
Bugfixes
buildStart
error by @ agilgur5 in #4220.34.0
where users sawTypeError: Cannot read property 'done' of undefined
instead of their actual initialization error, such as atsconfig
issue (such as with #421)semver
by @ agilgur5 in #4240.34.0
introduced a type-only fix that relied on Rollup 2.60.0+ and would (accidentally) error out on older versions of Rollup. This fix handles it gracefully with a clear warning message instead and skips that check when using an older version of Rollup (i.e. partly backward-compatible).peerDependencies
minimum versions have not been metfilter
ed files by @ agilgur5 in #4280.33.0
that could cause rpt2 to (accidentally) resolve files that should have been filtered out by the plugininclude
/exclude
(such as with #427)Internal (testing, refactors)
@ types/resolve
by @ agilgur5 in #423no-errors
integration timeout to 20s by @ agilgur5 in #425Full Changelog: 0.34.0...0.34.1
Bugfixes
type
s andinterface
s that would produce no JS.2.60.0
+ as it requires the use ofthis.load
0.34.0
will (accidentally) error out on older versions of Rollup.0.34.1
patched this to instead give a warning and skip this check on older versions of Rollup.More Fixes ...
emitDeclarationOnly
log statement by @ agilgur5 in #412Docs
CHANGELOG.md
that references GH releases by @ agilgur5 in #419Internal (testing, refactors)
declarationMap
sources are correct by @ agilgur5 in #403print-diagnostics
spec by @ agilgur5 in #405More Internal ...
context
helper by @ agilgur5 in #404check-tsconfig
withparse-tsconfig
by @ agilgur5 in #413ConsoleContext
entirely by usingbuildStart
by @ agilgur5 in #414cache
var by @ agilgur5 in #415diagnostics
funcs into single file by @ agilgur5 in #415Full Changelog: 0.33.0.1...0.34.0
clean
, this won't be hit during normal usageBugfixes
@ rollup/plugin-commonjs
to v22 to fix try/catch requires by @ agilgur5 in #3400.32.0
that caused users with certain environments to experienceReferenceError: window is not defined
when importing rpt2. See #339Full Changelog: 0.32.0...0.32.1
Read more
What's Changed
trace
method to theLanguageServiceHost
to enable usage withtraceResolution
by @ Andarist in #296Full Changelog: 0.31.1...0.31.2
Fix for #291
Full Changelog: 0.31.0...0.31.1
tslib
on node 17Commit messages
Package name: rollup-plugin-typescript2
isFlowing
method nodejs/node#451)Compare
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs