chore(deps): update typescript dependencies #429
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
16.18.8
->16.18.11
2.4.1
->2.4.2
0.16.5
->0.16.14
4.10.2
->4.11.0
Release Notes
cure53/DOMPurify
v2.4.2
: DOMPurify 2.4.2Compare Source
evanw/esbuild
v0.16.14
Compare Source
Preserve some comments in expressions (#2721)
Various tools give semantic meaning to comments embedded inside of expressions. For example, Webpack and Vite have special "magic comments" that can be used to affect code splitting behavior:
Since esbuild can be used as a preprocessor for these tools (e.g. to strip TypeScript types), it can be problematic if esbuild doesn't do additional work to try to retain these comments. Previously esbuild special-cased Webpack comments in these specific locations in the AST. But Vite would now like to use similar comments, and likely other tools as well.
So with this release, esbuild now will attempt to preserve some comments inside of expressions in more situations than before. This behavior is mainly intended to preserve these special "magic comments" that are meant for other tools to consume, although esbuild will no longer only preserve Webpack-specific comments so it should now be tool-agnostic. There is no guarantee that all such comments will be preserved (especially when
--minify-syntax
is enabled). So this change does not mean that esbuild is now usable as a code formatter. In particular comment preservation is more likely to happen with leading comments than with trailing comments. You should put comments that you want to be preserved before the relevant expression instead of after it. Also note that this change does not retain any more statement-level comments than before (i.e. comments not embedded inside of expressions). Comment preservation is not enabled when--minify-whitespace
is enabled (which is automatically enabled when you use--minify
).v0.16.13
Compare Source
Publish a new bundle visualization tool
While esbuild provides bundle metadata via the
--metafile
flag, previously esbuild left analysis of it completely up to third-party tools (well, outside of the rudimentary--analyze
flag). However, the esbuild website now has a built-in bundle visualization tool:You can pass
--metafile
to esbuild to output bundle metadata, then upload that JSON file to this tool to visualize your bundle. This is helpful for answering questions such as:I'm publishing this tool because I think esbuild should provide some answer to "how do I visualize my bundle" without requiring people to reach for third-party tools. At the moment the tool offers two types of visualizations: a radial "sunburst chart" and a linear "flame chart". They serve slightly different but overlapping use cases (e.g. the sunburst chart is more keyboard-accessible while the flame chart is easier with the mouse). This tool may continue to evolve over time.
Fix
--metafile
and--mangle-cache
with--watch
(#1357)The CLI calls the Go API and then also writes out the metafile and/or mangle cache JSON files if those features are enabled. This extra step is necessary because these files are returned by the Go API as in-memory strings. However, this extra step accidentally didn't happen for all builds after the initial build when watch mode was enabled. This behavior used to work but it was broken in version 0.14.18 by the introduction of the mangle cache feature. This release fixes the combination of these features, so the metafile and mangle cache features should now work with watch mode. This behavior was only broken for the CLI, not for the JS or Go APIs.
Add an
original
field to the metafileThe metadata file JSON now has an additional field: each import in an input file now contains the pre-resolved path in the
original
field in addition to the post-resolved path in thepath
field. This means it's now possible to run certain additional analysis over your bundle. For example, you should be able to use this to detect when the same package subpath is represented multiple times in the bundle, either because multiple versions of a package were bundled or because a package is experiencing the dual-package hazard.v0.16.12
Compare Source
Loader defaults to
js
for extensionless files (#2776)Certain packages contain files without an extension. For example, the
yargs
package contains the fileyargs/yargs
which has no extension. Node, Webpack, and Parcel can all understand code that importsyargs/yargs
because they assume that the file is JavaScript. However, esbuild was previously unable to understand this code because it relies on the file extension to tell it how to interpret the file. With this release, esbuild will now assume files without an extension are JavaScript files. This can be customized by setting the loader for""
(the empty string, representing files without an extension) to another loader. For example, if you want files without an extension to be treated as CSS instead, you can do that like this:CLI:
JS:
Go:
In addition, the
"type"
field inpackage.json
files now only applies to files with an explicit.js
,.jsx
,.ts
, or.tsx
extension. Previously it was incorrectly applied by esbuild to all files that had an extension other than.mjs
,.mts
,.cjs
, or.cts
including extensionless files. So for example an extensionless file in a"type": "module"
package is now treated as CommonJS instead of ESM.v0.16.11
Compare Source
Avoid a syntax error in the presence of direct
eval
(#2761)The behavior of nested
function
declarations in JavaScript depends on whether the code is run in strict mode or not. It would be problematic if esbuild preserved nestedfunction
declarations in its output because then the behavior would depend on whether the output was run in strict mode or not instead of respecting the strict mode behavior of the original source code. To avoid this, esbuild transforms nestedfunction
declarations to preserve the intended behavior of the original source code regardless of whether the output is run in strict mode or not:In the above example, the original code should print
true false true
because it's not run in strict mode (it doesn't contain"use strict"
and is not an ES module). The code that esbuild generates has been transformed such that it printstrue false true
regardless of whether it's run in strict mode or not.However, this transformation is impossible if the code contains direct
eval
because directeval
"poisons" all containing scopes by preventing anything in those scopes from being renamed. That prevents esbuild from splitting up accesses tofoo
into two separate variables with different names. Previously esbuild still did this transformation but with two variables both namedfoo
, which is a syntax error. With this release esbuild will now skip doing this transformation when directeval
is present to avoid generating code with a syntax error. This means that the generated code may no longer behave as intended since the behavior depends on the run-time strict mode setting instead of the strict mode setting present in the original source code. To fix this problem, you will need to remove the use of directeval
.Fix a bundling scenario involving multiple symlinks (#2773, #2774)
This release contains a fix for a bundling scenario involving an import path where multiple path segments are symlinks. Previously esbuild was unable to resolve certain import paths in this scenario, but these import paths should now work starting with this release. This fix was contributed by @onebytegone.
v0.16.10
Compare Source
Change the default "legal comment" behavior again (#2745)
The legal comments feature automatically gathers comments containing
@license
or@preserve
and puts the comments somewhere (either in the generated code or in a separate file). This behavior used to be on by default but was disabled by default in version 0.16.0 because automatically inserting comments is potentially confusing and misleading. These comments can appear to be assigning the copyright of your code to another entity. And this behavior can be especially problematic if it happens automatically by default since you may not even be aware of it happening. For example, if you bundle the TypeScript compiler the preserving legal comments means your source code would contain this comment, which appears to be assigning the copyright of all of your code to Microsoft:However, people have asked for this feature to be re-enabled by default. To resolve the confusion about what these comments are applying to, esbuild's default behavior will now be to attempt to describe which package the comments are coming from. So while this feature has been re-enabled by default, the output will now look something like this instead:
Note that you can still customize this behavior with the
--legal-comments=
flag. For example, you can use--legal-comments=none
to turn this off, or you can use--legal-comments=linked
to put these comments in a separate.LEGAL.txt
file instead.Enable
external
legal comments with the transform API (#2390)Previously esbuild's transform API only supported
none
,inline
, oreof
legal comments. With this release,external
legal comments are now also supported with the transform API. This only applies to the JS and Go APIs, not to the CLI, and looks like this:JS:
Go:
Fix duplicate function declaration edge cases (#2757)
The change in the previous release to forbid duplicate function declarations in certain cases accidentally forbid some edge cases that should have been allowed. Specifically duplicate function declarations are forbidden in nested blocks in strict mode and at the top level of modules, but are allowed when they are declared at the top level of function bodies. This release fixes the regression by re-allowing the last case.
Allow package subpaths with
alias
(#2715)Previously the names passed to the
alias
feature had to be the name of a package (with or without a package scope). With this release, you can now also use thealias
feature with package subpaths. So for example you can now create an alias that substitutes@org/pkg/lib
with something else.v0.16.9
Compare Source
Update to Unicode 15.0.0
The character tables that determine which characters form valid JavaScript identifiers have been updated from Unicode version 14.0.0 to the newly-released Unicode version 15.0.0. I'm not putting an example in the release notes because all of the new characters will likely just show up as little squares since fonts haven't been updated yet. But you can read https://www.unicode.org/versions/Unicode15.0.0/#Summary for more information about the changes.
Disallow duplicate lexically-declared names in nested blocks and in strict mode
In strict mode or in a nested block, it's supposed to be a syntax error to declare two symbols with the same name unless all duplicate entries are either
function
declarations or allvar
declarations. However, esbuild was overly permissive and allowed this when duplicate entries were eitherfunction
declarations orvar
declarations (even if they were mixed). This check has now been made more restrictive to match the JavaScript specification:Add a type declaration for the new
empty
loader (#2755)I forgot to add this in the previous release. It has now been added.
This fix was contributed by @fz6m.
Add support for the
v
flag in regular expression literalsPeople are currently working on adding a
v
flag to JavaScript regular expresions. You can read more about this flag here: https://v8.dev/features/regexp-v-flag. This release adds support for parsing this flag, so esbuild will now no longer consider regular expression literals with this flag to be a syntax error. If the target is set to something other thanesnext
, esbuild will transform regular expression literals containing this flag into anew RegExp()
constructor call so the resulting code doesn't have a syntax error. This enables you to provide a polyfill forRegExp
that implements thev
flag to get your code to work at run-time. While esbuild doesn't typically adopt proposals until they're already shipping in a real JavaScript run-time, I'm adding it now because a) esbuild's implementation doesn't need to change as the proposal evolves, b) this isn't really new syntax since regular expression literals already have flags, and c) esbuild's implementation is a trivial pass-through anyway.Avoid keeping the name of classes with static
name
propertiesThe
--keep-names
property attempts to preserve the original value of thename
property for functions and classes even when identifiers are renamed by the minifier or to avoid a name collision. This is currently done by generating code to assign a string to thename
property on the function or class object. However, this should not be done for classes with a staticname
property since in that case the explicitly-definedname
property overwrites the automatically-generated class name. With this release, esbuild will now no longer attempt to preserve thename
property for classes with a staticname
property.v0.16.8
Compare Source
Allow plugins to resolve injected files (#2754)
Previously paths passed to the
inject
feature were always interpreted as file system paths. This meant thatonResolve
plugins would not be run for them and esbuild's default path resolver would always be used. This meant that theinject
feature couldn't be used in the browser since the browser doesn't have access to a file system. This release runs paths passed toinject
through esbuild's full path resolution pipeline so plugins now have a chance to handle them usingonResolve
callbacks. This makes it possible to write a plugin that makes esbuild'sinject
work in the browser.Add the
empty
loader (#1541, #2753)The new
empty
loader tells esbuild to pretend that a file is empty. So for example--loader:.css=empty
effectively skips all imports of.css
files in JavaScript so that they aren't included in the bundle, sinceimport "./some-empty-file"
in JavaScript doesn't bundle anything. You can also use theempty
loader to remove asset references in CSS files. For example--loader:.png=empty
causes esbuild to replace asset references such asurl(image.png)
withurl()
so that they are no longer included in the resulting style sheet.Fix
</script>
and</style>
escaping for non-default targets (#2748)The change in version 0.16.0 to give control over
</script>
escaping via--supported:inline-script=false
or--supported:inline-script=true
accidentally broke automatic escaping of</script>
when an explicittarget
setting is specified. This release restores the correct automatic escaping of</script>
(which should not depend on whattarget
is set to).Enable the
exports
field withNODE_PATHS
(#2752)Node has a rarely-used feature where you can extend the set of directories that node searches for packages using the
NODE_PATHS
environment variable. While esbuild supports this too, previously it only supported the oldmain
field path resolution but did not support the newexports
field package resolution. This release makes the path resolution rules the same again for bothnode_modules
directories andNODE_PATHS
directories.v0.16.7
Compare Source
Include
file
loader strings in metafile imports (#2731)Bundling a file with the
file
loader copies that file to the output directory and imports a module with the path to the copied file in thedefault
export. Previously when bundling with thefile
loader, there was no reference in the metafile from the JavaScript file containing the path string to the copied file. With this release, there will now be a reference in the metafile in theimports
array with the kindfile-loader
:Fix byte counts in metafile regarding references to other output files (#2071)
Previously files that contained references to other output files had slightly incorrect metadata for the byte counts of input files which contributed to that output file. So for example if
app.js
importsimage.png
using the file loader and esbuild generatesout.js
andimage-LSAMBFUD.png
, the metadata for how many bytes ofout.js
are fromapp.js
was slightly off (the metadata for the byte count ofout.js
was still correct). The reason is because esbuild substitutes the final paths for references between output files toward the end of the build to handle cyclic references, and the byte counts needed to be adjusted as well during the path substitution. This release fixes these byte counts (specifically thebytesInOutput
values).The alias feature now strips a trailing slash (#2730)
People sometimes add a trailing slash to the name of one of node's built-in modules to force node to import from the file system instead of importing the built-in module. For example, importing
util
imports node's built-in module calledutil
but importingutil/
tries to find a package calledutil
on the file system. Previously attempting to use esbuild's package alias feature to replace imports toutil
with a specific file would fail because the file path would also gain a trailing slash (e.g. mappingutil
to./file.js
turnedutil/
into./file.js/
). With this release, esbuild will now omit the path suffix if it's a single trailing slash, which should now allow you to successfully apply aliases to these import paths.v0.16.6
Compare Source
Do not mark subpath imports as external with
--packages=external
(#2741)Node has a feature called subpath imports where special import paths that start with
#
are resolved using theimports
field in thepackage.json
file of the enclosing package. The intent of the newly-added--packages=external
setting is to exclude a package's dependencies from the bundle. Since a package's subpath imports are only accessible within that package, it's wrong for them to be affected by--packages=external
. This release changes esbuild so that--packages=external
no longer affects subpath imports.Forbid invalid numbers in JSON files
Previously esbuild parsed numbers in JSON files using the same syntax as JavaScript. But starting from this release, esbuild will now parse them with JSON syntax instead. This means the following numbers are no longer allowed by esbuild in JSON files:
0
)0b
,0o
, and0x
numeric prefixes_
such as1_000
.
such as0.
and.0
-
such as- 1
Add external imports to metafile (#905, #1768, #1933, #1939)
External imports now appear in
imports
arrays in the metafile (which is present when bundling withmetafile: true
) next to normal imports, but additionally haveexternal: true
to set them apart. This applies both to files in theinputs
section and theoutputs
section. Here's an example:One additional useful consequence of this is that the
imports
array is now populated when bundling is disabled. So you can now use esbuild with bundling disabled to inspect a file's imports.fastify/fastify
v4.11.0
Compare Source
What's Changed
setErrorHandler
example by @trim21 in https://github.com/fastify/fastify/pull/4484New Contributors
Full Changelog: fastify/fastify@v4.10.2...v4.11.0
Configuration
📅 Schedule: Branch creation - "before 3am on Monday" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR has been generated by Mend Renovate. View repository job log here.