Fix tdz analysis for reassigned captured for bindings #15278
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
nicolo-ribaudo
added
PR: Bug Fix 
|
Build successful! You can test your changes in the REPL here: https://babeljs.io/repl/build/53661/ |
|
I marked this as a regression for a bug introduced recently, but I don't think it should block a release because it's very unlikely that people will stumble upon this bug. |
JLHwung
approved these changes
Dec 15, 2022
liuxingbaoyu
approved these changes
Dec 15, 2022
|
Could it be this PR causes a regression: #15300 @nicolo-ribaudo @JLHwung @liuxingbaoyu ? FYI, That bug is currently happening in Storybook's ecosystem CI |
This comment was marked as outdated.
This comment was marked as outdated.
1 task
cbush
pushed a commit
to mongodb/docs-realm
that referenced
this pull request
Jan 13, 2023
<h3>Snyk has created this PR to upgrade @babel/core from 7.20.5 to 7.20.7.</h3>ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project. <hr/> - The recommended version is **1 version** ahead of your current version. - The recommended version was released **22 days ago**, on 2022-12-22. <details> <summary><b>Release notes</b></summary> <br/> <details> <summary>Package name: <b>@babel/core</b></summary> <ul> <li> <b>7.20.7</b> - <a href="https://snyk.io/redirect/github/babel/babel/releases/tag/v7.20.7">2022-12-22</a></br><h2>v7.20.7 (2022-12-22)</h2> <p>Thanks <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/wsypower/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://snyk.io/redirect/github/wsypower">@ wsypower</a> for your first PR!</p> <h4><g-emoji class="g-emoji" alias="eyeglasses" fallback-src="https://github.githubassets.com/images/icons/emoji/unicode/1f453.png">👓 </g-emoji> Spec Compliance</h4> <ul> <li><code>babel-helper-member-expression-to-functions</code>, <code>babel-helper-replace-supers</code>, <code>babel-plugin-proposal-class-properties</code>, <code>babel-plugin-transform-classes</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15223" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15223/hovercard">#15223</a> fix: Deleting super property should throw (<a href="https://snyk.io/redirect/github/SuperSodaSea">@ SuperSodaSea</a>)</li> </ul> </li> <li><code>babel-helpers</code>, <code>babel-plugin-proposal-class-properties</code>, <code>babel-plugin-transform-classes</code>, <code>babel-plugin-transform-object-super</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15241" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15241/hovercard">#15241</a> fix: Throw correct error types from sed ant class TDZ helpers (<a href="https://snyk.io/redirect/github/SuperSodaSea">@ SuperSodaSea</a>)</li> </ul> </li> </ul> <h4><g-emoji class="g-emoji" alias="bug" fallback-src="https://github.githubassets.com/images/icons/emoji/unicode/1f41b.png">🐛 </g-emoji> Bug Fix</h4> <ul> <li><code>babel-parser</code>, <code>babel-plugin-transform-typescript</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15209" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15209/hovercard">#15209</a> fix: Support auto accessors with TypeScript annotations (<a href="https://snyk.io/redirect/github/liuxingbaoyu">@ liuxingbaoyu</a>)</li> </ul> </li> <li><code>babel-traverse</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15287" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15287/hovercard">#15287</a> Fix <code>.parentPath</code> after rename in <code>SwitchCase</code> (<a href="https://snyk.io/redirect/github/nicolo-ribaudo">@ nicolo-ribaudo</a>)</li> </ul> </li> <li><code>babel-plugin-transform-typescript</code>, <code>babel-traverse</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15284" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15284/hovercard">#15284</a> fix: Ts import type and func with duplicate name (<a href="https://snyk.io/redirect/github/liuxingbaoyu">@ liuxingbaoyu</a>)</li> </ul> </li> <li><code>babel-plugin-transform-block-scoping</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15278" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15278/hovercard">#15278</a> Fix tdz analysis for reassigned captured for bindings (<a href="https://snyk.io/redirect/github/nicolo-ribaudo">@ nicolo-ribaudo</a>)</li> </ul> </li> <li><code>babel-plugin-proposal-async-generator-functions</code>, <code>babel-preset-env</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15235" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15235/hovercard">#15235</a> fix: Transform <code>for await</code> with shadowed variables (<a href="https://snyk.io/redirect/github/liuxingbaoyu">@ liuxingbaoyu</a>)</li> </ul> </li> <li><code>babel-generator</code>, <code>babel-plugin-proposal-optional-chaining</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15258" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15258/hovercard">#15258</a> fix: Correctly generate <code>(a ?? b) as T</code> (<a href="https://snyk.io/redirect/github/liuxingbaoyu">@ liuxingbaoyu</a>)</li> </ul> </li> <li><code>babel-plugin-transform-react-jsx</code>, <code>babel-types</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15233" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15233/hovercard">#15233</a> fix: Emit correct sourcemap ranges for <code>JSXText</code> (<a href="https://snyk.io/redirect/github/liuxingbaoyu">@ liuxingbaoyu</a>)</li> </ul> </li> <li><code>babel-core</code>, <code>babel-helpers</code>, <code>babel-plugin-transform-computed-properties</code>, <code>babel-runtime-corejs2</code>, <code>babel-runtime-corejs3</code>, <code>babel-runtime</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15232" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15232/hovercard">#15232</a> fix: Computed properties should keep original definition order (<a href="https://snyk.io/redirect/github/SuperSodaSea">@ SuperSodaSea</a>)</li> </ul> </li> <li><code>babel-helper-member-expression-to-functions</code>, <code>babel-helper-replace-supers</code>, <code>babel-plugin-proposal-class-properties</code>, <code>babel-plugin-transform-classes</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15223" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15223/hovercard">#15223</a> fix: Deleting super property should throw (<a href="https://snyk.io/redirect/github/SuperSodaSea">@ SuperSodaSea</a>)</li> </ul> </li> <li><code>babel-generator</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15216" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15216/hovercard">#15216</a> fix: Print newlines for leading Comments of <code>TSEnumMember</code> (<a href="https://snyk.io/redirect/github/liuxingbaoyu">@ liuxingbaoyu</a>)</li> </ul> </li> </ul> <h4><g-emoji class="g-emoji" alias="nail_care" fallback-src="https://github.githubassets.com/images/icons/emoji/unicode/1f485.png">💅 </g-emoji> Polish</h4> <ul> <li><code>babel-plugin-transform-block-scoping</code>, <code>babel-traverse</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15275" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15275/hovercard">#15275</a> Improve relative execution tracking in fn exprs (<a href="https://snyk.io/redirect/github/nicolo-ribaudo">@ nicolo-ribaudo</a>)</li> </ul> </li> </ul> <h4><g-emoji class="g-emoji" alias="house" fallback-src="https://github.githubassets.com/images/icons/emoji/unicode/1f3e0.png">🏠 </g-emoji> Internal</h4> <ul> <li><code>babel-helper-define-map</code>, <code>babel-plugin-transform-property-mutators</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15274" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15274/hovercard">#15274</a> Inline & simplify <code>@ babel/helper-define-map</code> (<a href="https://snyk.io/redirect/github/nicolo-ribaudo">@ nicolo-ribaudo</a>)</li> </ul> </li> <li><code>babel-core</code>, <code>babel-plugin-proposal-class-properties</code>, <code>babel-plugin-transform-block-scoping</code>, <code>babel-plugin-transform-classes</code>, <code>babel-plugin-transform-destructuring</code>, <code>babel-plugin-transform-parameters</code>, <code>babel-plugin-transform-regenerator</code>, <code>babel-plugin-transform-runtime</code>, <code>babel-preset-env</code>, <code>babel-traverse</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15200" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15200/hovercard">#15200</a> Rewrite <code>transform-block-scoping</code> plugin (<a href="https://snyk.io/redirect/github/nicolo-ribaudo">@ nicolo-ribaudo</a>)</li> </ul> </li> </ul> <h4><g-emoji class="g-emoji" alias="running_woman" fallback-src="https://github.githubassets.com/images/icons/emoji/unicode/1f3c3-2640.png">🏃♀️ </g-emoji> Performance</h4> <ul> <li><code>babel-helper-compilation-targets</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15228" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15228/hovercard">#15228</a> perf: Speed up <code>getTargets</code> (<a href="https://snyk.io/redirect/github/liuxingbaoyu">@ liuxingbaoyu</a>)</li> </ul> </li> </ul> <h4>Committers: 6</h4> <ul> <li>Babel Bot (<a href="https://snyk.io/redirect/github/babel-bot">@ babel-bot</a>)</li> <li>Huáng Jùnliàng (<a href="https://snyk.io/redirect/github/JLHwung">@ JLHwung</a>)</li> <li>Nicolò Ribaudo (<a href="https://snyk.io/redirect/github/nicolo-ribaudo">@ nicolo-ribaudo</a>)</li> <li>Tianlan Zhou (<a href="https://snyk.io/redirect/github/SuperSodaSea">@ SuperSodaSea</a>)</li> <li><a href="https://snyk.io/redirect/github/liuxingbaoyu">@ liuxingbaoyu</a></li> <li>魏 (<a href="https://snyk.io/redirect/github/wsypower">@ wsypower</a>)</li> </ul> </li> <li> <b>7.20.5</b> - <a href="https://snyk.io/redirect/github/babel/babel/releases/tag/v7.20.5">2022-11-28</a></br><h2>v7.20.5 (2022-11-28)</h2> <p>Thanks <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/davydof/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://snyk.io/redirect/github/davydof">@ davydof</a> and <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/SuperSodaSea/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://snyk.io/redirect/github/SuperSodaSea">@ SuperSodaSea</a> for your first PRs!</p> <h4><g-emoji class="g-emoji" alias="eyeglasses" fallback-src="https://github.githubassets.com/images/icons/emoji/unicode/1f453.png">👓 </g-emoji> Spec Compliance</h4> <ul> <li><code>babel-helpers</code>, <code>babel-plugin-transform-destructuring</code>, <code>babel-plugin-transform-modules-commonjs</code>, <code>babel-preset-env</code>, <code>babel-runtime-corejs2</code>, <code>babel-runtime-corejs3</code>, <code>babel-runtime</code>, <code>babel-traverse</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15183" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15183/hovercard">#15183</a> Improve array destructuring spec compliance (<a href="https://snyk.io/redirect/github/SuperSodaSea">@ SuperSodaSea</a>)</li> </ul> </li> <li><code>babel-cli</code>, <code>babel-helpers</code>, <code>babel-plugin-proposal-class-properties</code>, <code>babel-plugin-proposal-class-static-block</code>, <code>babel-plugin-transform-classes</code>, <code>babel-plugin-transform-runtime</code>, <code>babel-preset-env</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15182" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15182/hovercard">#15182</a> fix: apply toPropertyKey when defining class members (<a href="https://snyk.io/redirect/github/JLHwung">@ JLHwung</a>)</li> </ul> </li> <li><code>babel-helper-create-class-features-plugin</code>, <code>babel-helpers</code>, <code>babel-plugin-proposal-decorators</code>, <code>babel-plugin-proposal-private-property-in-object</code>, <code>babel-preset-env</code>, <code>babel-runtime-corejs2</code>, <code>babel-runtime-corejs3</code>, <code>babel-runtime</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15133" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15133/hovercard">#15133</a> fix: validate rhs of <code>in</code> when transpiling <code>#p in C</code> (<a href="https://snyk.io/redirect/github/JLHwung">@ JLHwung</a>)</li> </ul> </li> </ul> <h4><g-emoji class="g-emoji" alias="bug" fallback-src="https://github.githubassets.com/images/icons/emoji/unicode/1f41b.png">🐛 </g-emoji> Bug Fix</h4> <ul> <li><code>babel-parser</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15225" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15225/hovercard">#15225</a> Parse <code>using[foo]</code> as computed member expression (<a href="https://snyk.io/redirect/github/JLHwung">@ JLHwung</a>)</li> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15207" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15207/hovercard">#15207</a> Export <code>ParseResult</code> type (<a href="https://snyk.io/redirect/github/davydof">@ davydof</a>)</li> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15198" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15198/hovercard">#15198</a> fix: parse <code>import module, ...</code> (<a href="https://snyk.io/redirect/github/JLHwung">@ JLHwung</a>)</li> </ul> </li> <li><code>babel-helper-wrap-function</code>, <code>babel-preset-env</code>, <code>babel-traverse</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15181" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15181/hovercard">#15181</a> fix: Edge cases for async functions and <code>noNewArrow</code> assumption (<a href="https://snyk.io/redirect/github/liuxingbaoyu">@ liuxingbaoyu</a>)</li> </ul> </li> <li><code>babel-plugin-transform-arrow-functions</code>, <code>babel-plugin-transform-parameters</code>, <code>babel-traverse</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15163" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15163/hovercard">#15163</a> fix: Throw error when compiling <code>super()</code> in arrow functions with default / rest parameters (<a href="https://snyk.io/redirect/github/SuperSodaSea">@ SuperSodaSea</a>)</li> </ul> </li> <li><code>babel-helpers</code>, <code>babel-node</code>, <code>babel-plugin-proposal-async-generator-functions</code>, <code>babel-plugin-transform-regenerator</code>, <code>babel-preset-env</code>, <code>babel-runtime-corejs2</code>, <code>babel-runtime-corejs3</code>, <code>babel-runtime</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15194" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15194/hovercard">#15194</a> fix: Bump <code>regenerator</code> and add tests (<a href="https://snyk.io/redirect/github/SuperSodaSea">@ SuperSodaSea</a>)</li> </ul> </li> <li><code>babel-helper-create-regexp-features-plugin</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15192" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15192/hovercard">#15192</a> fix: Update <code>regjsparser</code> for <code>@ babel/standalone</code> (<a href="https://snyk.io/redirect/github/liuxingbaoyu">@ liuxingbaoyu</a>)</li> </ul> </li> <li><code>babel-parser</code>, <code>babel-types</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15109" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15109/hovercard">#15109</a> fix: Babel 8 types (<a href="https://snyk.io/redirect/github/liuxingbaoyu">@ liuxingbaoyu</a>)</li> </ul> </li> <li><code>babel-generator</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15143" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15143/hovercard">#15143</a> Don't print inner comments as leading when wrapping in <code>(``)</code> (<a href="https://snyk.io/redirect/github/nicolo-ribaudo">@ nicolo-ribaudo</a>)</li> </ul> </li> <li><code>babel-plugin-transform-block-scoping</code>, <code>babel-traverse</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15167" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15167/hovercard">#15167</a> Register <code>switch</code>'s <code>discriminant</code> in the outer scope (<a href="https://snyk.io/redirect/github/nicolo-ribaudo">@ nicolo-ribaudo</a>)</li> </ul> </li> </ul> <h4><g-emoji class="g-emoji" alias="nail_care" fallback-src="https://github.githubassets.com/images/icons/emoji/unicode/1f485.png">💅 </g-emoji> Polish</h4> <ul> <li><code>babel-generator</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15173" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15173/hovercard">#15173</a> Improve generator behavior when <code>comments:false</code> (<a href="https://snyk.io/redirect/github/liuxingbaoyu">@ liuxingbaoyu</a>)</li> </ul> </li> <li><code>babel-plugin-transform-block-scoping</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15164" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15164/hovercard">#15164</a> Only extract IDs for TDZ checks in assign when necessary (<a href="https://snyk.io/redirect/github/nicolo-ribaudo">@ nicolo-ribaudo</a>)</li> </ul> </li> </ul> <h4><g-emoji class="g-emoji" alias="house" fallback-src="https://github.githubassets.com/images/icons/emoji/unicode/1f3e0.png">🏠 </g-emoji> Internal</h4> <ul> <li><code>babel-core</code>, <code>babel-parser</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15202" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15202/hovercard">#15202</a> Bump typescript to 4.9.3 (<a href="https://snyk.io/redirect/github/JLHwung">@ JLHwung</a>)</li> </ul> </li> </ul> <h4>Committers: 6</h4> <ul> <li>Alexander Davydov (<a href="https://snyk.io/redirect/github/davydof">@ davydof</a>)</li> <li>Babel Bot (<a href="https://snyk.io/redirect/github/babel-bot">@ babel-bot</a>)</li> <li>Huáng Jùnliàng (<a href="https://snyk.io/redirect/github/JLHwung">@ JLHwung</a>)</li> <li>Nicolò Ribaudo (<a href="https://snyk.io/redirect/github/nicolo-ribaudo">@ nicolo-ribaudo</a>)</li> <li>Tianlan Zhou (<a href="https://snyk.io/redirect/github/SuperSodaSea">@ SuperSodaSea</a>)</li> <li><a href="https://snyk.io/redirect/github/liuxingbaoyu">@ liuxingbaoyu</a></li> </ul> </li> </ul> from <a href="https://snyk.io/redirect/github/babel/babel/releases">@babel/core GitHub release notes</a> </details> </details> <hr/> **Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: <img src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiJiMmQyZGFlZi1hOTc4LTRkMTMtOWVlNS05ZjQ4MjA3ZDRlNDkiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6ImIyZDJkYWVmLWE5NzgtNGQxMy05ZWU1LTlmNDgyMDdkNGU0OSJ9fQ==" width="0" height="0"/>🧐 [View latest project report](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55?utm_source=github&utm_medium=referral&page=upgrade-pr)🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr)🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55/settings/integration?pkg=@babel/core&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades) <!--- (snyk:metadata:{"prId":"b2d2daef-a978-4d13-9ee5-9f48207d4e49","prPublicId":"b2d2daef-a978-4d13-9ee5-9f48207d4e49","dependencies":[{"name":"@babel/core","from":"7.20.5","to":"7.20.7"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55?utm_source=github&utm_medium=referral&page=upgrade-pr","projectPublicId":"852e6e4f-be96-45c8-b370-1060f5ebee55","env":"prod","prType":"upgrade","vulns":[],"issuesToFix":[],"upgrade":[],"upgradeInfo":{"versionsDiff":1,"publishedDate":"2022-12-22T09:45:37.638Z"},"templateVariants":[],"hasFixes":false,"isMajorUpgrade":false,"isBreakingChange":false,"priorityScoreList":[]}) ---> Co-authored-by: snyk-bot <snyk-bot@snyk.io>
![https://github.githubassets.com/images/icons/emoji/unicode/1f453.png">👓</g-emoji](https://github.githubassets.com/images/icons/emoji/unicode/1f453.png">👓</g-emoji){kind=link}
![https://github.githubassets.com/images/icons/emoji/unicode/1f41b.png">🐛</g-emoji](https://github.githubassets.com/images/icons/emoji/unicode/1f41b.png">🐛</g-emoji){kind=link}
![https://github.githubassets.com/images/icons/emoji/unicode/1f485.png">💅</g-emoji](https://github.githubassets.com/images/icons/emoji/unicode/1f485.png">💅</g-emoji){kind=link}
![https://github.githubassets.com/images/icons/emoji/unicode/1f3e0.png">🏠</g-emoji](https://github.githubassets.com/images/icons/emoji/unicode/1f3e0.png">🏠</g-emoji){kind=link}
![https://github.githubassets.com/images/icons/emoji/unicode/1f3c3-2640.png">🏃♀️</g-emoji](https://github.githubassets.com/images/icons/emoji/unicode/1f3c3-2640.png">🏃♀️</g-emoji){kind=link}
cbush
pushed a commit
to mongodb/docs-realm
that referenced
this pull request
Jan 30, 2023
<h3>Snyk has created this PR to upgrade @babel/core from 7.20.7 to 7.20.12.</h3>ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project. <hr/> - The recommended version is **1 version** ahead of your current version. - The recommended version was released **21 days ago**, on 2023-01-04. The recommended version fixes: Severity | Issue | PriorityScore (*) | Exploit Maturity | :-------------------------:|:-------------------------|-------------------------|:------------------------- <img src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png" width="20" height="20" title="medium severity"/> | Prototype Pollution<br/> [SNYK-JS-JSON5-3182856](https://snyk.io/vuln/SNYK-JS-JSON5-3182856) | **427/1000** <br/> **Why?** Proof of Concept exploit, CVSS 6.4 | Proof of Concept (*) Note that the real score may have changed since the PR was raised. <details> <summary><b>Release notes</b></summary> <br/> <details> <summary>Package name: <b>@babel/core</b></summary> <ul> <li> <b>7.20.12</b> - <a href="https://snyk.io/redirect/github/babel/babel/releases/tag/v7.20.12">2023-01-04</a></br><h2>v7.20.12 (2023-01-04)</h2> <p>Thanks <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/cross19xx/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://snyk.io/redirect/github/cross19xx">@ cross19xx</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/JBYoshi/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://snyk.io/redirect/github/JBYoshi">@ JBYoshi</a> and <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/nmn/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://snyk.io/redirect/github/nmn">@ nmn</a> for your first PRs!</p> <h4><g-emoji class="g-emoji" alias="bug" fallback-src="https://github.githubassets.com/images/icons/emoji/unicode/1f41b.png">🐛 </g-emoji> Bug Fix</h4> <ul> <li><code>babel-traverse</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15224" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15224/hovercard">#15224</a> Fix <code>TaggedTemplateLiteral</code> evaluation (<a href="https://snyk.io/redirect/github/nmn">@ nmn</a>)</li> </ul> </li> <li><code>babel-helper-create-class-features-plugin</code>, <code>babel-plugin-proposal-class-properties</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15312" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15312/hovercard">#15312</a> fix: <code>delete this</code> in static class properties initialization (<a href="https://snyk.io/redirect/github/SuperSodaSea">@ SuperSodaSea</a>)</li> </ul> </li> </ul> <h4><g-emoji class="g-emoji" alias="nail_care" fallback-src="https://github.githubassets.com/images/icons/emoji/unicode/1f485.png">💅 </g-emoji> Polish</h4> <ul> <li><code>babel-traverse</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15313" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15313/hovercard">#15313</a> Implement support for evaluating computed properties. (<a href="https://snyk.io/redirect/github/JBYoshi">@ JBYoshi</a>)</li> </ul> </li> </ul> <h4>Committers: 5</h4> <ul> <li>Jonathan Browne (<a href="https://snyk.io/redirect/github/JBYoshi">@ JBYoshi</a>)</li> <li>Kenneth Kwakye-Gyamfi (<a href="https://snyk.io/redirect/github/cross19xx">@ cross19xx</a>)</li> <li>Naman Goel (<a href="https://snyk.io/redirect/github/nmn">@ nmn</a>)</li> <li>Nicolò Ribaudo (<a href="https://snyk.io/redirect/github/nicolo-ribaudo">@ nicolo-ribaudo</a>)</li> <li>Tianlan Zhou (<a href="https://snyk.io/redirect/github/SuperSodaSea">@ SuperSodaSea</a>)</li> </ul> </li> <li> <b>7.20.7</b> - <a href="https://snyk.io/redirect/github/babel/babel/releases/tag/v7.20.7">2022-12-22</a></br><h2>v7.20.7 (2022-12-22)</h2> <p>Thanks <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/wsypower/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://snyk.io/redirect/github/wsypower">@ wsypower</a> for your first PR!</p> <h4><g-emoji class="g-emoji" alias="eyeglasses" fallback-src="https://github.githubassets.com/images/icons/emoji/unicode/1f453.png">👓 </g-emoji> Spec Compliance</h4> <ul> <li><code>babel-helper-member-expression-to-functions</code>, <code>babel-helper-replace-supers</code>, <code>babel-plugin-proposal-class-properties</code>, <code>babel-plugin-transform-classes</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15223" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15223/hovercard">#15223</a> fix: Deleting super property should throw (<a href="https://snyk.io/redirect/github/SuperSodaSea">@ SuperSodaSea</a>)</li> </ul> </li> <li><code>babel-helpers</code>, <code>babel-plugin-proposal-class-properties</code>, <code>babel-plugin-transform-classes</code>, <code>babel-plugin-transform-object-super</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15241" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15241/hovercard">#15241</a> fix: Throw correct error types from sed ant class TDZ helpers (<a href="https://snyk.io/redirect/github/SuperSodaSea">@ SuperSodaSea</a>)</li> </ul> </li> </ul> <h4><g-emoji class="g-emoji" alias="bug" fallback-src="https://github.githubassets.com/images/icons/emoji/unicode/1f41b.png">🐛 </g-emoji> Bug Fix</h4> <ul> <li><code>babel-parser</code>, <code>babel-plugin-transform-typescript</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15209" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15209/hovercard">#15209</a> fix: Support auto accessors with TypeScript annotations (<a href="https://snyk.io/redirect/github/liuxingbaoyu">@ liuxingbaoyu</a>)</li> </ul> </li> <li><code>babel-traverse</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15287" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15287/hovercard">#15287</a> Fix <code>.parentPath</code> after rename in <code>SwitchCase</code> (<a href="https://snyk.io/redirect/github/nicolo-ribaudo">@ nicolo-ribaudo</a>)</li> </ul> </li> <li><code>babel-plugin-transform-typescript</code>, <code>babel-traverse</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15284" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15284/hovercard">#15284</a> fix: Ts import type and func with duplicate name (<a href="https://snyk.io/redirect/github/liuxingbaoyu">@ liuxingbaoyu</a>)</li> </ul> </li> <li><code>babel-plugin-transform-block-scoping</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15278" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15278/hovercard">#15278</a> Fix tdz analysis for reassigned captured for bindings (<a href="https://snyk.io/redirect/github/nicolo-ribaudo">@ nicolo-ribaudo</a>)</li> </ul> </li> <li><code>babel-plugin-proposal-async-generator-functions</code>, <code>babel-preset-env</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15235" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15235/hovercard">#15235</a> fix: Transform <code>for await</code> with shadowed variables (<a href="https://snyk.io/redirect/github/liuxingbaoyu">@ liuxingbaoyu</a>)</li> </ul> </li> <li><code>babel-generator</code>, <code>babel-plugin-proposal-optional-chaining</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15258" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15258/hovercard">#15258</a> fix: Correctly generate <code>(a ?? b) as T</code> (<a href="https://snyk.io/redirect/github/liuxingbaoyu">@ liuxingbaoyu</a>)</li> </ul> </li> <li><code>babel-plugin-transform-react-jsx</code>, <code>babel-types</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15233" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15233/hovercard">#15233</a> fix: Emit correct sourcemap ranges for <code>JSXText</code> (<a href="https://snyk.io/redirect/github/liuxingbaoyu">@ liuxingbaoyu</a>)</li> </ul> </li> <li><code>babel-core</code>, <code>babel-helpers</code>, <code>babel-plugin-transform-computed-properties</code>, <code>babel-runtime-corejs2</code>, <code>babel-runtime-corejs3</code>, <code>babel-runtime</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15232" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15232/hovercard">#15232</a> fix: Computed properties should keep original definition order (<a href="https://snyk.io/redirect/github/SuperSodaSea">@ SuperSodaSea</a>)</li> </ul> </li> <li><code>babel-helper-member-expression-to-functions</code>, <code>babel-helper-replace-supers</code>, <code>babel-plugin-proposal-class-properties</code>, <code>babel-plugin-transform-classes</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15223" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15223/hovercard">#15223</a> fix: Deleting super property should throw (<a href="https://snyk.io/redirect/github/SuperSodaSea">@ SuperSodaSea</a>)</li> </ul> </li> <li><code>babel-generator</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15216" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15216/hovercard">#15216</a> fix: Print newlines for leading Comments of <code>TSEnumMember</code> (<a href="https://snyk.io/redirect/github/liuxingbaoyu">@ liuxingbaoyu</a>)</li> </ul> </li> </ul> <h4><g-emoji class="g-emoji" alias="nail_care" fallback-src="https://github.githubassets.com/images/icons/emoji/unicode/1f485.png">💅 </g-emoji> Polish</h4> <ul> <li><code>babel-plugin-transform-block-scoping</code>, <code>babel-traverse</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15275" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15275/hovercard">#15275</a> Improve relative execution tracking in fn exprs (<a href="https://snyk.io/redirect/github/nicolo-ribaudo">@ nicolo-ribaudo</a>)</li> </ul> </li> </ul> <h4><g-emoji class="g-emoji" alias="house" fallback-src="https://github.githubassets.com/images/icons/emoji/unicode/1f3e0.png">🏠 </g-emoji> Internal</h4> <ul> <li><code>babel-helper-define-map</code>, <code>babel-plugin-transform-property-mutators</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15274" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15274/hovercard">#15274</a> Inline & simplify <code>@ babel/helper-define-map</code> (<a href="https://snyk.io/redirect/github/nicolo-ribaudo">@ nicolo-ribaudo</a>)</li> </ul> </li> <li><code>babel-core</code>, <code>babel-plugin-proposal-class-properties</code>, <code>babel-plugin-transform-block-scoping</code>, <code>babel-plugin-transform-classes</code>, <code>babel-plugin-transform-destructuring</code>, <code>babel-plugin-transform-parameters</code>, <code>babel-plugin-transform-regenerator</code>, <code>babel-plugin-transform-runtime</code>, <code>babel-preset-env</code>, <code>babel-traverse</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15200" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15200/hovercard">#15200</a> Rewrite <code>transform-block-scoping</code> plugin (<a href="https://snyk.io/redirect/github/nicolo-ribaudo">@ nicolo-ribaudo</a>)</li> </ul> </li> </ul> <h4><g-emoji class="g-emoji" alias="running_woman" fallback-src="https://github.githubassets.com/images/icons/emoji/unicode/1f3c3-2640.png">🏃♀️ </g-emoji> Performance</h4> <ul> <li><code>babel-helper-compilation-targets</code> <ul> <li><a href="https://snyk.io/redirect/github/babel/babel/pull/15228" data-hovercard-type="pull_request" data-hovercard-url="/babel/babel/pull/15228/hovercard">#15228</a> perf: Speed up <code>getTargets</code> (<a href="https://snyk.io/redirect/github/liuxingbaoyu">@ liuxingbaoyu</a>)</li> </ul> </li> </ul> <h4>Committers: 6</h4> <ul> <li>Babel Bot (<a href="https://snyk.io/redirect/github/babel-bot">@ babel-bot</a>)</li> <li>Huáng Jùnliàng (<a href="https://snyk.io/redirect/github/JLHwung">@ JLHwung</a>)</li> <li>Nicolò Ribaudo (<a href="https://snyk.io/redirect/github/nicolo-ribaudo">@ nicolo-ribaudo</a>)</li> <li>Tianlan Zhou (<a href="https://snyk.io/redirect/github/SuperSodaSea">@ SuperSodaSea</a>)</li> <li><a href="https://snyk.io/redirect/github/liuxingbaoyu">@ liuxingbaoyu</a></li> <li>魏 (<a href="https://snyk.io/redirect/github/wsypower">@ wsypower</a>)</li> </ul> </li> </ul> from <a href="https://snyk.io/redirect/github/babel/babel/releases">@babel/core GitHub release notes</a> </details> </details> <hr/> **Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: <img src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiIxYjVhZTY0Yi1lYjQxLTRmOTgtYmRkMC1hOTE2ZTM5NDFkMDQiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjFiNWFlNjRiLWViNDEtNGY5OC1iZGQwLWE5MTZlMzk0MWQwNCJ9fQ==" width="0" height="0"/>🧐 [View latest project report](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55?utm_source=github&utm_medium=referral&page=upgrade-pr)🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr)🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55/settings/integration?pkg=@babel/core&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades) <!--- (snyk:metadata:{"prId":"1b5ae64b-eb41-4f98-bdd0-a916e3941d04","prPublicId":"1b5ae64b-eb41-4f98-bdd0-a916e3941d04","dependencies":[{"name":"@babel/core","from":"7.20.7","to":"7.20.12"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55?utm_source=github&utm_medium=referral&page=upgrade-pr","projectPublicId":"852e6e4f-be96-45c8-b370-1060f5ebee55","env":"prod","prType":"upgrade","vulns":["SNYK-JS-JSON5-3182856"],"issuesToFix":[{"issueId":"SNYK-JS-JSON5-3182856","severity":"medium","title":"Prototype Pollution","exploitMaturity":"proof-of-concept","priorityScore":427,"priorityScoreFactors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"cvssScore","label":"6.4","score":320}]}],"upgrade":["SNYK-JS-JSON5-3182856"],"upgradeInfo":{"versionsDiff":1,"publishedDate":"2023-01-04T16:02:21.147Z"},"templateVariants":["priorityScore"],"hasFixes":true,"isMajorUpgrade":false,"isBreakingChange":false,"priorityScoreList":[427]}) ---> --------- Co-authored-by: snyk-bot <snyk-bot@snyk.io>
github-actions
bot
added
the
outdated
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
When extracting the loop body in the test case to its own function, the scope info is temporarily not correct and the
index/_indexbindings are partially mixed, causing problems for TDZ analysis.Specifically, we have
_indexusages inindex's reference paths, but thenscope.getBinding(_index)returnsundefined. Since the closure param is never in TDZ, it's safe to just return early when it happens.