chore(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
cypress	~9.3.1 -> ~9.4.1
esbuild	~0.14.14 -> ~0.14.18
lint-staged	~12.3.2 -> ~12.3.3
pnpm (source)	6.28.0 -> 6.29.1

---

Release Notes

cypress-io/cypress

v9.4.1

Compare Source

Released 1/31/2022

Bugfixes:

• Fixed a regression in 9.4.0 where the
  line endings in the public NPM package prevented some users from running
  Cypress. Fixes #​19986.

v9.4.0

Compare Source

Released 1/31/2022

Features

• Enhancements were made to .selectFile() after receiving feedback after its
  initial release in 9.3.0.
  • The default behavior was updated to automatically infer the mime type of
    files based on their extension to correctly encode file uploads. Addressed
    in #​19751.
  • Added the mimeType property so you can explicitly set the mime type on
    files using the mimeType property. Addressed in
    #​19751.
  • Updated file contents types to allow either a
    TypedArray
    instance or a Cypress.Buffer instance, where previously file contents were
    expected to only be an instance of Cypress.Buffer. Addressed in
    #​19751.
  • Updated .selectFile() to retain the fileName of files read from disk to
    work with aliases. Addressed in
    #​19803.

Bugfixes:

• Fixed a regression in 9.3.0 to correctly
  parse the --spec CLI parameter for glob patterns containing a range. Fixes
  #​19783.
• Fixed regression in 9.2.1 where the
  --openssl-legacy-provider flag was not being passed to the plugins' child
  process when the user's system Node version was Node 17+ built with OpenSSL
  v3+ which resulted in Cypress crashing when trying to run tests. Fixes
  #​19712.
• Update cy.type('{enter}') to align with the W3C standards where a click
  event should be dispatched when the Enter key is pressed and the current focus
  is on astate-changing element with type button, image, submit or
  reset. Fixes #​19541.

evanw/esbuild

v0.14.18

Compare Source

• Add the --mangle-cache= feature (#​1977)

  This release adds a cache API for the newly-released --mangle-props= feature. When enabled, all mangled property renamings are recorded in the cache during the initial build. Subsequent builds reuse the renamings stored in the cache and add additional renamings for any newly-added properties. This has a few consequences:

  • You can customize what mangled properties are renamed to by editing the cache before passing it to esbuild (the cache is a map of the original name to the mangled name).

  • The cache serves as a list of all properties that were mangled. You can easily scan it to see if there are any unexpected property renamings.

  • You can disable mangling for individual properties by setting the renamed value to false instead of to a string. This is similar to the --reserve-props= setting but on a per-property basis.

  • You can ensure consistent renaming between builds (e.g. a main-thread file and a web worker, or a library and a plugin). Without this feature, each build would do an independent renaming operation and the mangled property names likely wouldn't be consistent.

  Here's how to use it:

  • CLI

    $ esbuild example.ts --mangle-props=_$ --mangle-cache=cache.json

  • JS API

    let result = await esbuild.build({
      entryPoints: ['example.ts'],
      mangleProps: /_$/,
      mangleCache: {
        customRenaming_: '__c',
        disabledRenaming_: false,
      },
    })
    let updatedMangleCache = result.mangleCache

  • Go API

    result := api.Build(api.BuildOptions{
      EntryPoints: []string{"example.ts"},
      MangleProps: "_$",
      MangleCache: map[string]interface{}{
        "customRenaming_":   "__c",
        "disabledRenaming_": false,
      },
    })
    updatedMangleCache := result.MangleCache

  The above code would do something like the following:

  // Original code
  x = {
    customRenaming_: 1,
    disabledRenaming_: 2,
    otherProp_: 3,
  }
  
  // Generated code
  x = {
    __c: 1,
    disabledRenaming_: 2,
    a: 3
  };
  
  // Updated mangle cache
  {
    "customRenaming_": "__c",
    "disabledRenaming_": false,
    "otherProp_": "a"
  }

• Add opera and ie as possible target environments

  You can now target Opera and/or Internet Explorer using the --target= setting. For example, --target=opera45,ie9 targets Opera 45 and Internet Explorer 9. This change does not add any additional features to esbuild's code transformation pipeline to transform newer syntax so that it works in Internet Explorer. It just adds information about what features are supported in these browsers to esbuild's internal feature compatibility table.

• Minify typeof x !== 'undefined' to typeof x < 'u'

  This release introduces a small improvement for code that does a lot of typeof checks against undefined:

  // Original code
  y = typeof x !== 'undefined';
  
  // Old output (with --minify)
  y=typeof x!="undefined";
  
  // New output (with --minify)
  y=typeof x<"u";

  This transformation is only active when minification is enabled, and is disabled if the language target is set lower than ES2020 or if Internet Explorer is set as a target environment. Before ES2020, implementations were allowed to return non-standard values from the typeof operator for a few objects. Internet Explorer took advantage of this to sometimes return the string 'unknown' instead of 'undefined'. But this has been removed from the specification and Internet Explorer was the only engine to do this, so this minification is valid for code that does not need to target Internet Explorer.

v0.14.17

Compare Source

• Attempt to fix an install script issue on Ubuntu Linux (#​1711)

  There have been some reports of esbuild failing to install on Ubuntu Linux for a while now. I haven't been able to reproduce this myself due to lack of reproduction instructions until today, when I learned that the issue only happens when you install node from the Snap Store instead of downloading the official version of node.

  The problem appears to be that when node is installed from the Snap Store, install scripts are run with stderr not being writable? This then appears to cause a problem for esbuild's install script when it uses execFileSync to validate that the esbuild binary is working correctly. This throws the error EACCES: permission denied, write even though this particular command never writes to stderr.

  Node's documentation says that stderr for execFileSync defaults to that of the parent process. Forcing it to 'pipe' instead appears to fix the issue, although I still don't fully understand what's happening or why. I'm publishing this small change regardless to see if it fixes this install script edge case.

• Avoid a syntax error due to --mangle-props=. and super() (#​1976)

  This release fixes an issue where passing --mangle-props=. (i.e. telling esbuild to mangle every single property) caused a syntax error with code like this:

  class Foo {}
  class Bar extends Foo {
    constructor() {
      super();
    }
  }

  The problem was that constructor was being renamed to another method, which then made it no longer a constructor, which meant that super() was now a syntax error. I have added a workaround that avoids renaming any property named constructor so that esbuild doesn't generate a syntax error here.

  Despite this fix, I highly recommend not using --mangle-props=. because your code will almost certainly be broken. You will have to manually add every single property that you don't want mangled to --reserve-props= which is an excessive maintenance burden (e.g. reserve parse to use JSON.parse). Instead I recommend using a common pattern for all properties you intend to be mangled that is unlikely to appear in the APIs you use such as "ends in an underscore." This is an opt-in approach instead of an opt-out approach. It also makes it obvious when reading the code which properties will be mangled and which ones won't be.

v0.14.16

Compare Source

• Support property name mangling with some TypeScript syntax features

  The newly-released --mangle-props= feature previously only affected JavaScript syntax features. This release adds support for using mangle props with certain TypeScript syntax features:

  • TypeScript parameter properties

    Parameter properties are a TypeScript-only shorthand way of initializing a class field directly from the constructor argument list. Previously parameter properties were not treated as properties to be mangled. They should now be handled correctly:

    // Original code
    class Foo {
      constructor(public foo_) {}
    }
    new Foo().foo_;
    
    // Old output (with --minify --mangle-props=_)
    class Foo{constructor(c){this.foo_=c}}new Foo().o;
    
    // New output (with --minify --mangle-props=_)
    class Foo{constructor(o){this.c=o}}new Foo().c;

  • TypeScript namespaces

    Namespaces are a TypeScript-only way to add properties to an object. Previously exported namespace members were not treated as properties to be mangled. They should now be handled correctly:

    // Original code
    namespace ns {
      export let foo_ = 1;
      export function bar_(x) {}
    }
    ns.bar_(ns.foo_);
    
    // Old output (with --minify --mangle-props=_)
    var ns;(e=>{e.foo_=1;function t(a){}e.bar_=t})(ns||={}),ns.e(ns.o);
    
    // New output (with --minify --mangle-props=_)
    var ns;(e=>{e.e=1;function o(p){}e.t=o})(ns||={}),ns.t(ns.e);

• Fix property name mangling for lowered class fields

  This release fixes a compiler crash with --mangle-props= and class fields that need to be transformed to older versions of JavaScript. The problem was that doing this is an unusual case where the mangled property name must be represented as a string instead of as a property name, which previously wasn't implemented. This case should now work correctly:

  // Original code
  class Foo {
    static foo_;
  }
  Foo.foo_ = 0;
  
  // New output (with --mangle-props=_ --target=es6)
  class Foo {
  }
  __publicField(Foo, "a");
  Foo.a = 0;

v0.14.15

Compare Source

• Add property name mangling with --mangle-props= (#​218)

  ⚠️ Using this feature can break your code in subtle ways. Do not use this feature unless you know what you are doing, and you know exactly how it will affect both your code and all of your dependencies. ⚠️

  This release introduces property name mangling, which is similar to an existing feature from the popular UglifyJS and Terser JavaScript minifiers. This setting lets you pass a regular expression to esbuild to tell esbuild to automatically rename all properties that match this regular expression. It's useful when you want to minify certain property names in your code either to make the generated code smaller or to somewhat obfuscate your code's intent.

  Here's an example that uses the regular expression _$ to mangle all properties ending in an underscore, such as foo_:

  $ echo 'console.log({ foo_: 0 }.foo_)' | esbuild --mangle-props=_$
  console.log({ a: 0 }.a);
  

  Only mangling properties that end in an underscore is a reasonable heuristic because normal JS code doesn't typically contain identifiers like that. Browser APIs also don't use this naming convention so this also avoids conflicts with browser APIs. If you want to avoid mangling names such as __defineGetter__ you could consider using a more complex regular expression such as [^_]_$ (i.e. must end in a non-underscore followed by an underscore).

  This is a separate setting instead of being part of the minify setting because it's an unsafe transformation that does not work on arbitrary JavaScript code. It only works if the provided regular expression matches all of the properties that you want mangled and does not match any of the properties that you don't want mangled. It also only works if you do not under any circumstances reference a property name to be mangled as a string. For example, it means you can't use Object.defineProperty(obj, 'prop', ...) or obj['prop'] with a mangled property. Specifically the following syntax constructs are the only ones eligible for property mangling:

  Syntax	Example
  Dot property access	x.foo_
  Dot optional chain	x?.foo_
  Object properties	x = { foo_: y }
  Object methods	x = { foo_() {} }
  Class fields	class x { foo_ = y }
  Class methods	class x { foo_() {} }
  Object destructuring binding	let { foo_: x } = y
  Object destructuring assignment	({ foo_: x } = y)
  JSX element names	<X.foo_></X.foo_>
  JSX attribute names	<X foo_={y} />

  You can avoid property mangling for an individual property by quoting it as a string. However, you must consistently use quotes or no quotes for a given property everywhere for this to work. For example, print({ foo_: 0 }.foo_) will be mangled into print({ a: 0 }.a) while print({ 'foo_': 0 }['foo_']) will not be mangled.

  When using this feature, keep in mind that property names are only consistently mangled within a single esbuild API call but not across esbuild API calls. Each esbuild API call does an independent property mangling operation so output files generated by two different API calls may mangle the same property to two different names, which could cause the resulting code to behave incorrectly.

  If you would like to exclude certain properties from mangling, you can reserve them with the --reserve-props= setting. For example, this uses the regular expression ^__.*__$ to reserve all properties that start and end with two underscores, such as __foo__:

  $ echo 'console.log({ __foo__: 0 }.__foo__)' | esbuild --mangle-props=_$
  console.log({ a: 0 }.a);
  
  $ echo 'console.log({ __foo__: 0 }.__foo__)' | esbuild --mangle-props=_$ "--reserve-props=^__.*__$"
  console.log({ __foo__: 0 }.__foo__);
  

• Mark esbuild as supporting node v12+ (#​1970)

  Someone requested that esbuild populate the engines.node field in package.json. This release adds the following to each package.json file that esbuild publishes:

  "engines": {
    "node": ">=12"
  },

  This was chosen because it's the oldest version of node that's currently still receiving support from the node team, and so is the oldest version of node that esbuild supports: https://nodejs.org/en/about/releases/.

• Remove error recovery for invalid // comments in CSS (#​1965)

  Previously esbuild treated // as a comment in CSS and generated a warning, even though comments in CSS use /* ... */ instead. This allowed you to run esbuild on CSS intended for certain CSS preprocessors that support single-line comments.

  However, some people are changing from another build tool to esbuild and have a code base that relies on // being preserved even though it's nonsense CSS and causes the entire surrounding rule to be discarded by the browser. Presumably this nonsense CSS ended up there at some point due to an incorrectly-configured build pipeline and the site now relies on that entire rule being discarded. If esbuild interprets // as a comment, it could cause the rule to no longer be discarded or even cause something else to happen.

  With this release, esbuild no longer treats // as a comment in CSS. It still warns about it but now passes it through unmodified. This means it's no longer possible to run esbuild on CSS code containing single-line comments but it means that esbuild's behavior regarding these nonsensical CSS rules more accurately represents what happens in a browser.

okonet/lint-staged

v12.3.3

Compare Source

Bug Fixes

• use config directory as cwd, when multiple configs present (#​1091) (9a14e92)

pnpm/pnpm

v6.29.1

Compare Source

Patch Changes

• Installation should not hang when there are broken symlinks in node_modules.

v6.29.0

Compare Source

Minor Changes

• Add support of the update-notifier configuration option #​4158.

Patch Changes

• A package should be able to be a dependency of itself.

---

Configuration

📅 Schedule: "before 2am" (UTC).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, click this checkbox.

---

This PR has been generated by WhiteSource Renovate. View repository job log here.