[Snyk] Upgrade acorn from 2.7.0 to 8.7.0

[snyk-bot]

Snyk has created this PR to upgrade acorn from 2.7.0 to 8.7.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

Warning: This is a major version upgrade, and may be a breaking change.

• The recommended version is 86 versions ahead of your current version.
• The recommended version was released a month ago, on 2021-12-27.

Release notes

Package name: acorn

• 8.7.0 - 2021-12-27
  

  New features

  Support quoted export names.

  Upgrade to Unicode 14.

  Add support for Unicode 13 properties in regular expressions.

  Bug fixes

  Use a loop to find line breaks, because the existing regexp search would overrun the end of the searched range and waste a lot of time in minified code.

• 8.6.0 - 2021-11-18
  

  Bug fixes

  Fix a bug where an object literal with multiple __proto__ properties would incorrectly be accepted if a later property value held an assigment.

  New features

  Support class private fields with the in operator.

• 8.5.0 - 2021-09-06
  

  Bug fixes

  Improve context-dependent tokenization in a number of corner cases.

  Fix location tracking after a 0x2028 or 0x2029 character in a string literal (which before did not increase the line number).

  Fix an issue where arrow function bodies in for loop context would inappropriately consume in operators.

  Fix wrong end locations stored on SequenceExpression nodes.

  Implement restriction that for/of loop LHS can't start with let.

  New features

  Add support for ES2022 class static blocks.

  Allow multiple input files to be passed to the CLI tool.

• 8.4.1 - 2021-06-24
  

  Bug fixes

  Fix a bug where allowAwaitOutsideFunction would allow await in class field initializers, and setting ecmaVersion to 13 or higher would allow top-level await in non-module sources.

• 8.4.0 - 2021-06-11
  

  New features

  A new option, allowSuperOutsideMethod, can be used to suppress the error when super is used in the wrong context.

• 8.3.0 - 2021-05-31
  

  New features

  Default allowAwaitOutsideFunction to true for ECMAScript 2022 an higher.

  Add support for the p (indices) regexp flag.

• 8.2.4 - 2021-05-04
  

  Bug fixes

  Fix spec conformity in corner case 'for await (async of ...)'.

• 8.2.3 - 2021-05-04
  

  Bug fixes

  Fix an issue where the library couldn't parse 'for (async of ...)'.

  Fix a bug in UTF-16 decoding that would read characters incorrectly in some circumstances.

• 8.2.2 - 2021-04-29
  

  Bug fixes

  Fix a bug where a class field initialized to an async arrow function wouldn't allow await inside it. Same issue existed for generator arrow functions with yield.

• 8.2.1 - 2021-04-24
  

  Bug fixes

  Fix a regression introduced in 8.2.0 where static or async class methods with keyword names fail to parse.

• 8.2.0 - 2021-04-24
• 8.1.1 - 2021-04-12
• 8.1.0 - 2021-03-09
• 8.0.5 - 2021-01-25
• 8.0.4 - 2020-10-05
• 8.0.3 - 2020-10-02
• 8.0.2 - 2020-09-30
• 8.0.1 - 2020-08-12
• 8.0.0 - 2020-08-12
• 7.4.1 - 2020-10-05
• 7.4.0 - 2020-08-03
• 7.3.1 - 2020-06-11
• 7.3.0 - 2020-06-11
• 7.2.0 - 2020-05-09
• 7.1.1 - 2020-03-01
• 7.1.0 - 2019-09-24
• 7.0.0 - 2019-08-13
• 6.4.2 - 2020-10-05
• 6.4.1 - 2020-03-09
• 6.4.0 - 2019-11-26
• 6.3.0 - 2019-08-12
• 6.2.1 - 2019-07-20
• 6.2.0 - 2019-07-04
• 6.1.1 - 2019-02-27
• 6.1.0 - 2019-02-08
• 6.0.7 - 2019-02-04
• 6.0.6 - 2019-01-30
• 6.0.5 - 2019-01-02
• 6.0.4 - 2018-11-05
• 6.0.3 - 2018-11-04
• 6.0.2 - 2018-09-26
• 6.0.1 - 2018-09-14
• 6.0.0 - 2018-09-14
• 5.7.4 - 2020-03-09
• 5.7.3 - 2018-09-10
• 5.7.2 - 2018-08-24
• 5.7.1 - 2018-06-15
• 5.7.0 - 2018-06-15
• 5.6.2 - 2018-06-05
• 5.6.1 - 2018-06-01
• 5.6.0 - 2018-05-31
• 5.5.3 - 2018-03-08
• 5.5.2 - 2018-03-08
• 5.5.1 - 2018-03-06
• 5.5.0 - 2018-02-27
• 5.4.1 - 2018-02-02
• 5.4.0 - 2018-02-01
• 5.3.0 - 2017-12-28
• 5.2.1 - 2017-10-29
• 5.2.0 - 2017-10-29
• 5.1.2 - 2017-09-04
• 5.1.1 - 2017-07-06
• 5.1.0 - 2017-07-05
• 5.0.3 - 2017-04-01
• 5.0.2 - 2017-03-30
• 5.0.1 - 2017-03-30
• 5.0.0 - 2017-03-28
• 4.0.13 - 2017-05-24
• 4.0.11 - 2017-02-07
• 4.0.10 - 2017-02-07
• 4.0.9 - 2017-02-06
• 4.0.8 - 2017-02-03
• 4.0.7 - 2017-02-02
• 4.0.6 - 2017-02-02
• 4.0.5 - 2017-02-02
• 4.0.4 - 2016-12-19
• 4.0.3 - 2016-09-16
• 4.0.2 - 2016-09-11
• 4.0.1 - 2016-09-08
• 4.0.0 - 2016-09-07
• 3.3.0 - 2016-07-25
• 3.2.0 - 2016-06-07
• 3.1.0 - 2016-04-18
• 3.0.4 - 2016-02-25
• 3.0.2 - 2016-02-10
• 3.0.0 - 2016-02-10
• 2.7.0 - 2016-01-04

from acorn GitHub release notes

Commit messages

Package name: acorn

• 2c40002 Fix prepare script in acorn/package.json
• 05d560a Mark version 8.7.0
• 101dd04 Support acorn-loose
• 78909d0 Add tests for duplicated imports
• 0b2af5e Error for lone surrogate
• 9afb272 Error for export binding without from
• 4ad6145 Add tests
• 97b1030 add tests
• 366bae3 parse module export names for no loose mode
• 948309d fix: usage description
• e3f89e2 use Object.hasOwn and fallback
• b876624 Consolidate rollup configs for `acorn` and `acorn-bin`
• be04cf6 Use file for test262 unsupported features
• b7a56bd Add Unicode 13 properties
• c528c79 Use a manual loop to scan for line ends
• 47928a4 [loose parser] Consume semicolons after export-all statements
• 25b99ba Bump deps, pin test262 to latest, remove test262-stream
• 461975d feat: upgrade to unicode 14 (#1081)
• 932591b Mark version 8.6.0
• 567c8e9 Fix of Fix: Propagation of forInit down to arrow functions
• 6dfc931 Fix bug in double-__proto__ reporting
• 89e5e31 Remove outdated comment
• 8668505 Use official actions/setup-node@v2 in CI
• d451c2a Bump test262 dependency to latest

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs