chore(deps-dev): bump esbuild from 0.8.46 to 0.8.47

[dependabot-preview]

Bumps esbuild from 0.8.46 to 0.8.47.

Release notes

Sourced from esbuild's releases.

v0.8.47

• Release native binaries for the Apple M1 chip (#550)

  Previously installing esbuild on a M1 actually installed the x86-64 version, which required the Rosetta 2 translator. This was because Go hadn't yet released support for the M1. Now that Go 1.16.0 has been released, esbuild can support the M1 natively. It's supported by esbuild starting with this release. There are reports of the native version being 1.4x faster than the translated version. This change was contributed by @rtsao.

• Omit warning about require.someProperty when targeting CommonJS (#812)

  The require.cache property allows introspecting the state of the require cache, generally without affecting what is imported/bundled.

  Since esbuild's static analyzer only detects direct calls to require, it currently warns about uses of require in any situation other than a direct call since that means the value is "escaping" the analyzer. This is meant to detect and warn about indirect calls such as ['fs', 'path'].map(require).

  However, this warning is not relevant when accessing a property off of the require object such as require.cache because a property access does not result in capturing the value of require. Now a warning is no longer generated for require.someProperty when the output format is cjs. This allows for the use of features such as require.cache and require.extensions. This fix was contributed by @huonw.

• Support ignored URL parameters at the end of import paths (#826)

  If path resolution fails, ebuild will now try again with the URL query and/or fragment removed. This helps handle ancient CSS code like this that contains hacks for Internet Explorer:

  @font-face {
    src:
      url("./themes/default/assets/fonts/icons.eot?#iefix") format('embedded-opentype'),
      url("./themes/default/assets/fonts/icons.woff2") format('woff2'),
      url("./themes/default/assets/fonts/icons.woff") format('woff'),
      url("./themes/default/assets/fonts/icons.ttf") format('truetype'),
      url("./themes/default/assets/fonts/icons.svg#icons") format('svg');
  }

  Previously path resolution would fail because these files do not end with the .eot?#iefix or .svg#icons extensions. Now path resolution should succeed. The URL query and fragment are not unconditionally stripped because there is apparently code in the wild that uses # as a directory name. So esbuild will still try to resolve the full import path first and only try to reinterpret the path as a URL if that fails.

• Prevent paths starting with / from being used as relative paths on Windows (#822)

  On Windows, absolute paths start with a drive letter such as C:\... instead of with a slash like /.... This means that paths starting with a / can actually be used as relative paths. For example, this means an import of /subfolder/image.png will match the file at the path ./subfolder/image.png. This is problematic for Windows users because they may accidentally make use of these paths and then try to run their code on a non-Windows platform only for it to fail to build.

  Now paths starting with a / are always treated as an absolute path on all platforms. This means you can no longer import files at a relative path that starts with / on Windows. You should be using a ./ prefix instead.

• Warn when importing a path with the wrong case

  Importing a path with the wrong case (e.g. File.js instead of file.js) will work on Windows and sometimes on macOS because they have case-insensitive file systems, but it will never work on Linux because it has a case-sensitive file system. To help you make your code more portable and to avoid cross-platform build failures, esbuild now issues a warning when you do this.

Changelog

Sourced from esbuild's changelog.

0.8.47

• Release native binaries for the Apple M1 chip (#550)

  Previously installing esbuild on a M1 actually installed the x86-64 version, which required the Rosetta 2 translator. This was because Go hadn't yet released support for the M1. Now that Go 1.16.0 has been released, esbuild can support the M1 natively. It's supported by esbuild starting with this release. There are reports of the native version being 1.4x faster than the translated version. This change was contributed by @rtsao.

• Omit warning about require.someProperty when targeting CommonJS (#812)

  The require.cache property allows introspecting the state of the require cache, generally without affecting what is imported/bundled.

  Since esbuild's static analyzer only detects direct calls to require, it currently warns about uses of require in any situation other than a direct call since that means the value is "escaping" the analyzer. This is meant to detect and warn about indirect calls such as ['fs', 'path'].map(require).

  However, this warning is not relevant when accessing a property off of the require object such as require.cache because a property access does not result in capturing the value of require. Now a warning is no longer generated for require.someProperty when the output format is cjs. This allows for the use of features such as require.cache and require.extensions. This fix was contributed by @huonw.

• Support ignored URL parameters at the end of import paths (#826)

  If path resolution fails, ebuild will now try again with the URL query and/or fragment removed. This helps handle ancient CSS code like this that contains hacks for Internet Explorer:

  @font-face {
    src:
      url("./themes/default/assets/fonts/icons.eot?#iefix") format('embedded-opentype'),
      url("./themes/default/assets/fonts/icons.woff2") format('woff2'),
      url("./themes/default/assets/fonts/icons.woff") format('woff'),
      url("./themes/default/assets/fonts/icons.ttf") format('truetype'),
      url("./themes/default/assets/fonts/icons.svg#icons") format('svg');
  }

  Previously path resolution would fail because these files do not end with the .eot?#iefix or .svg#icons extensions. Now path resolution should succeed. The URL query and fragment are not unconditionally stripped because there is apparently code in the wild that uses # as a directory name. So esbuild will still try to resolve the full import path first and only try to reinterpret the path as a URL if that fails.

• Prevent paths starting with / from being used as relative paths on Windows (#822)

  On Windows, absolute paths start with a drive letter such as C:\... instead of with a slash like /.... This means that paths starting with a / can actually be used as relative paths. For example, this means an import of /subfolder/image.png will match the file at the path ./subfolder/image.png. This is problematic for Windows users because they may accidentally make use of these paths and then try to run their code on a non-Windows platform only for it to fail to build.

  Now paths starting with a / are always treated as an absolute path on all platforms. This means you can no longer import files at a relative path that starts with / on Windows. You should be using a ./ prefix instead.

• Warn when importing a path with the wrong case

  Importing a path with the wrong case (e.g. File.js instead of file.js) will work on Windows and sometimes on macOS because they have case-insensitive file systems, but it will never work on Linux because it has a case-sensitive file system. To help you make your code more portable and to avoid cross-platform build failures, esbuild now issues a warning when you do this.

Commits

• 0c78d67 publish 0.8.47 to npm
• cf90b44 fix go version check
• 9f543e1 release notes for #820
• 6a4af08 Add native builds for ARM-based Macs (#820)
• 23f6980 fix another broken link in npm readme
• ab5b1d0 Fix broken link to API docs in npm README (#830)
• 12edc1b omit case warning inside "node_modules"
• 5776b21 warn about issues with case-sensitive paths
• 5b346ca fix #822: "/..." paths are absolute on windows
• 91cf837 fix #826: sometimes ignore path query part
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in the .dependabot/config.yml file in this repo:

• Update frequency
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

[gitpod-io]

[aws-cdk-automation]

AWS CodeBuild CI Report

• CodeBuild project: AutoBuildProject89A8053A-LhjRyN9kxr8o
• Commit ID: 5ee7c39
• Result: SUCCEEDED
• Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

[mergify]

Thanks Dependabot!