Bump the production-dependencies group across 1 directory with 12 updates #923

dependabot · 2024-06-06T11:26:04Z

Bumps the production-dependencies group with 11 updates in the / directory:

Package	From	To
@babel/core	`7.23.9`	`7.24.7`
@babel/preset-env	`7.23.9`	`7.24.7`
@babel/runtime	`7.23.9`	`7.24.7`
@swc/core	`1.3.107`	`1.5.25`
commander	`11.1.0`	`12.1.0`
glob	`10.3.10`	`10.4.1`
swc-loader	`0.2.3`	`0.2.6`
webpack	`5.90.0`	`5.91.0`
webpack-dev-server	`4.15.1`	`5.0.4`
webpackbar	`6.0.0`	`6.0.1`
yaml	`2.3.4`	`2.4.3`

Updates @babel/core from 7.23.9 to 7.24.7

Release notes

Sourced from @babel/core's releases.

v7.24.7 (2024-06-05)

🐛 Bug Fix

babel-node

#16554 Allow extra flags in babel-node (@nicolo-ribaudo)

babel-traverse

#16522 fix: incorrect constantViolations with destructuring (@liuxingbaoyu)

babel-helper-transform-fixture-test-runner, babel-plugin-proposal-explicit-resource-management

#16524 fix: Transform using in switch correctly (@liuxingbaoyu)

🏠 Internal

babel-helpers, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16525 Delete unused array helpers (@blakewilson)

Committers: 7

Amjad Yahia Robeen Hassan (@amjed-98)

Babel Bot (@babel-bot)

Blake Wilson (@blakewilson)

Huáng Jùnliàng (@JLHwung)

Nicolò Ribaudo (@nicolo-ribaudo)

Sukka (@SukkaW)

@liuxingbaoyu

v7.24.6 (2024-05-24)

Thanks @amjed-98, @blakewilson, @coelhucas, and @SukkaW for your first PRs!

🐛 Bug Fix

babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties

#16514 Fix source maps for private member expressions (@nicolo-ribaudo)

babel-core, babel-generator, babel-plugin-transform-modules-commonjs

#16515 Fix source maps for template literals (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators

#16485 Support undecorated static accessor in anonymous classes (@JLHwung)

#16484 Fix decorator bare yield await (@JLHwung)

babel-helpers, babel-plugin-proposal-decorators, babel-runtime-corejs3

#16483 Fix: throw TypeError if addInitializer is called after finished (@JLHwung)

babel-parser, babel-plugin-transform-typescript

#16476 fix: Correctly parse cls.fn<C> = x (@liuxingbaoyu)

🏠 Internal

babel-core, babel-helpers, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16501 Generate helper metadata at build time (@nicolo-ribaudo)

babel-helpers

#16499 Add tsconfig.json for @babel/helpers/src/helpers (@nicolo-ribaudo)

babel-cli, babel-helpers, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16495 Move all runtime helpers to individual files (@nicolo-ribaudo)

babel-parser, babel-traverse

#16482 Statically generate boilerplate for bitfield accessors (@nicolo-ribaudo)

Other

... (truncated)

Changelog

Sourced from @babel/core's changelog.

v7.24.7 (2024-06-05)

🐛 Bug Fix

babel-node

#16554 Allow extra flags in babel-node (@nicolo-ribaudo)

babel-traverse

#16522 fix: incorrect constantViolations with destructuring (@liuxingbaoyu)

babel-helper-transform-fixture-test-runner, babel-plugin-proposal-explicit-resource-management

#16524 fix: Transform using in switch correctly (@liuxingbaoyu)

🏠 Internal

babel-helpers, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16525 Delete unused array helpers (@blakewilson)

v7.24.6 (2024-05-24)

🐛 Bug Fix

babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties

#16514 Fix source maps for private member expressions (@nicolo-ribaudo)

babel-core, babel-generator, babel-plugin-transform-modules-commonjs

#16515 Fix source maps for template literals (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators

#16485 Support undecorated static accessor in anonymous classes (@JLHwung)

#16484 Fix decorator bare yield await (@JLHwung)

babel-helpers, babel-plugin-proposal-decorators, babel-runtime-corejs3

#16483 Fix: throw TypeError if addInitializer is called after finished (@JLHwung)

babel-parser, babel-plugin-transform-typescript

#16476 fix: Correctly parse cls.fn<C> = x (@liuxingbaoyu)

🏠 Internal

babel-core, babel-helpers, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16501 Generate helper metadata at build time (@nicolo-ribaudo)

babel-helpers

#16499 Add tsconfig.json for @babel/helpers/src/helpers (@nicolo-ribaudo)

babel-cli, babel-helpers, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16495 Move all runtime helpers to individual files (@nicolo-ribaudo)

babel-parser, babel-traverse

#16482 Statically generate boilerplate for bitfield accessors (@nicolo-ribaudo)

Other

#16466 Migrate import assertions syntax (@JLHwung)

v7.24.5 (2024-04-29)

🐛 Bug Fix

babel-plugin-transform-classes, babel-traverse

#16377 fix: TypeScript annotation affects output (@liuxingbaoyu)

babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime-corejs3

#16440 Fix suppressed error order (@sossost)

#16408 Await nullish async disposable (@JLHwung)

💅 Polish

babel-parser

... (truncated)

Commits

bf1e9a3 v7.24.7
90fdd7e Only import types from declared dependencies (#16494)
7934963 Use type: module in all package.jsons (#16535)
9630250 v7.24.6
553e433 Generate helper metadata at build time (#16501)
fbfe16c Fix source maps for template literals (#16515)
6e3539b [babel 8] Publish .d.ts files for every package (#16416)
e37e64d Use eslint v9 (#16479)
71c247a [babel 8] Require Node.js ^18.20.0 || ^20.10.0 || >=21.0.0 (#16457)
ddbea7d v7.24.5
Additional commits viewable in compare view

Updates @babel/preset-env from 7.23.9 to 7.24.7

Release notes

Sourced from @babel/preset-env's releases.

v7.24.7 (2024-06-05)

🐛 Bug Fix

babel-node

#16554 Allow extra flags in babel-node (@nicolo-ribaudo)

babel-traverse

#16522 fix: incorrect constantViolations with destructuring (@liuxingbaoyu)

babel-helper-transform-fixture-test-runner, babel-plugin-proposal-explicit-resource-management

#16524 fix: Transform using in switch correctly (@liuxingbaoyu)

🏠 Internal

babel-helpers, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16525 Delete unused array helpers (@blakewilson)

Committers: 7

Amjad Yahia Robeen Hassan (@amjed-98)

Babel Bot (@babel-bot)

Blake Wilson (@blakewilson)

Huáng Jùnliàng (@JLHwung)

Nicolò Ribaudo (@nicolo-ribaudo)

Sukka (@SukkaW)

@liuxingbaoyu

v7.24.6 (2024-05-24)

Thanks @amjed-98, @blakewilson, @coelhucas, and @SukkaW for your first PRs!

🐛 Bug Fix

babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties

#16514 Fix source maps for private member expressions (@nicolo-ribaudo)

babel-core, babel-generator, babel-plugin-transform-modules-commonjs

#16515 Fix source maps for template literals (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators

#16485 Support undecorated static accessor in anonymous classes (@JLHwung)

#16484 Fix decorator bare yield await (@JLHwung)

babel-helpers, babel-plugin-proposal-decorators, babel-runtime-corejs3

#16483 Fix: throw TypeError if addInitializer is called after finished (@JLHwung)

babel-parser, babel-plugin-transform-typescript

#16476 fix: Correctly parse cls.fn<C> = x (@liuxingbaoyu)

🏠 Internal

babel-core, babel-helpers, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16501 Generate helper metadata at build time (@nicolo-ribaudo)

babel-helpers

#16499 Add tsconfig.json for @babel/helpers/src/helpers (@nicolo-ribaudo)

babel-cli, babel-helpers, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16495 Move all runtime helpers to individual files (@nicolo-ribaudo)

babel-parser, babel-traverse

#16482 Statically generate boilerplate for bitfield accessors (@nicolo-ribaudo)

Other

... (truncated)

Changelog

Sourced from @babel/preset-env's changelog.

v7.24.7 (2024-06-05)

🐛 Bug Fix

babel-node

#16554 Allow extra flags in babel-node (@nicolo-ribaudo)

babel-traverse

#16522 fix: incorrect constantViolations with destructuring (@liuxingbaoyu)

babel-helper-transform-fixture-test-runner, babel-plugin-proposal-explicit-resource-management

#16524 fix: Transform using in switch correctly (@liuxingbaoyu)

🏠 Internal

babel-helpers, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16525 Delete unused array helpers (@blakewilson)

v7.24.6 (2024-05-24)

🐛 Bug Fix

babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties

#16514 Fix source maps for private member expressions (@nicolo-ribaudo)

babel-core, babel-generator, babel-plugin-transform-modules-commonjs

#16515 Fix source maps for template literals (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators

#16485 Support undecorated static accessor in anonymous classes (@JLHwung)

#16484 Fix decorator bare yield await (@JLHwung)

babel-helpers, babel-plugin-proposal-decorators, babel-runtime-corejs3

#16483 Fix: throw TypeError if addInitializer is called after finished (@JLHwung)

babel-parser, babel-plugin-transform-typescript

#16476 fix: Correctly parse cls.fn<C> = x (@liuxingbaoyu)

🏠 Internal

babel-core, babel-helpers, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16501 Generate helper metadata at build time (@nicolo-ribaudo)

babel-helpers

#16499 Add tsconfig.json for @babel/helpers/src/helpers (@nicolo-ribaudo)

babel-cli, babel-helpers, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16495 Move all runtime helpers to individual files (@nicolo-ribaudo)

babel-parser, babel-traverse

#16482 Statically generate boilerplate for bitfield accessors (@nicolo-ribaudo)

Other

#16466 Migrate import assertions syntax (@JLHwung)

v7.24.5 (2024-04-29)

🐛 Bug Fix

babel-plugin-transform-classes, babel-traverse

#16377 fix: TypeScript annotation affects output (@liuxingbaoyu)

babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime-corejs3

#16440 Fix suppressed error order (@sossost)

#16408 Await nullish async disposable (@JLHwung)

💅 Polish

babel-parser

... (truncated)

Commits

bf1e9a3 v7.24.7
14a0b08 [helpers TS conversion] async functions/generators (#16510)
1e3be73 Update compat data (#16539)
7934963 Use type: module in all package.jsons (#16535)
9630250 v7.24.6
553e433 Generate helper metadata at build time (#16501)
db3e9a6 Move all runtime helpers to individual files (#16495)
6e3539b [babel 8] Publish .d.ts files for every package (#16416)
1327f1d Bump browserslist and other compat data sources (#16468)
71c247a [babel 8] Require Node.js ^18.20.0 || ^20.10.0 || >=21.0.0 (#16457)
Additional commits viewable in compare view

Updates @babel/runtime from 7.23.9 to 7.24.7

Release notes

Sourced from @babel/runtime's releases.

v7.24.7 (2024-06-05)

🐛 Bug Fix

babel-node

#16554 Allow extra flags in babel-node (@nicolo-ribaudo)

babel-traverse

#16522 fix: incorrect constantViolations with destructuring (@liuxingbaoyu)

babel-helper-transform-fixture-test-runner, babel-plugin-proposal-explicit-resource-management

#16524 fix: Transform using in switch correctly (@liuxingbaoyu)

🏠 Internal

babel-helpers, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16525 Delete unused array helpers (@blakewilson)

Committers: 7

Amjad Yahia Robeen Hassan (@amjed-98)

Babel Bot (@babel-bot)

Blake Wilson (@blakewilson)

Huáng Jùnliàng (@JLHwung)

Nicolò Ribaudo (@nicolo-ribaudo)

Sukka (@SukkaW)

@liuxingbaoyu

v7.24.6 (2024-05-24)

Thanks @amjed-98, @blakewilson, @coelhucas, and @SukkaW for your first PRs!

🐛 Bug Fix

babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties

#16514 Fix source maps for private member expressions (@nicolo-ribaudo)

babel-core, babel-generator, babel-plugin-transform-modules-commonjs

#16515 Fix source maps for template literals (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators

#16485 Support undecorated static accessor in anonymous classes (@JLHwung)

#16484 Fix decorator bare yield await (@JLHwung)

babel-helpers, babel-plugin-proposal-decorators, babel-runtime-corejs3

#16483 Fix: throw TypeError if addInitializer is called after finished (@JLHwung)

babel-parser, babel-plugin-transform-typescript

#16476 fix: Correctly parse cls.fn<C> = x (@liuxingbaoyu)

🏠 Internal

babel-core, babel-helpers, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16501 Generate helper metadata at build time (@nicolo-ribaudo)

babel-helpers

#16499 Add tsconfig.json for @babel/helpers/src/helpers (@nicolo-ribaudo)

babel-cli, babel-helpers, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16495 Move all runtime helpers to individual files (@nicolo-ribaudo)

babel-parser, babel-traverse

#16482 Statically generate boilerplate for bitfield accessors (@nicolo-ribaudo)

Other

... (truncated)

Changelog

Sourced from @babel/runtime's changelog.

v7.24.7 (2024-06-05)

🐛 Bug Fix

babel-node

#16554 Allow extra flags in babel-node (@nicolo-ribaudo)

babel-traverse

#16522 fix: incorrect constantViolations with destructuring (@liuxingbaoyu)

babel-helper-transform-fixture-test-runner, babel-plugin-proposal-explicit-resource-management

#16524 fix: Transform using in switch correctly (@liuxingbaoyu)

🏠 Internal

babel-helpers, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16525 Delete unused array helpers (@blakewilson)

v7.24.6 (2024-05-24)

🐛 Bug Fix

babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties

#16514 Fix source maps for private member expressions (@nicolo-ribaudo)

babel-core, babel-generator, babel-plugin-transform-modules-commonjs

#16515 Fix source maps for template literals (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators

#16485 Support undecorated static accessor in anonymous classes (@JLHwung)

#16484 Fix decorator bare yield await (@JLHwung)

babel-helpers, babel-plugin-proposal-decorators, babel-runtime-corejs3

#16483 Fix: throw TypeError if addInitializer is called after finished (@JLHwung)

babel-parser, babel-plugin-transform-typescript

#16476 fix: Correctly parse cls.fn<C> = x (@liuxingbaoyu)

🏠 Internal

babel-core, babel-helpers, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16501 Generate helper metadata at build time (@nicolo-ribaudo)

babel-helpers

#16499 Add tsconfig.json for @babel/helpers/src/helpers (@nicolo-ribaudo)

babel-cli, babel-helpers, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16495 Move all runtime helpers to individual files (@nicolo-ribaudo)

babel-parser, babel-traverse

#16482 Statically generate boilerplate for bitfield accessors (@nicolo-ribaudo)

Other

#16466 Migrate import assertions syntax (@JLHwung)

v7.24.5 (2024-04-29)

🐛 Bug Fix

babel-plugin-transform-classes, babel-traverse

#16377 fix: TypeScript annotation affects output (@liuxingbaoyu)

babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime-corejs3

#16440 Fix suppressed error order (@sossost)

#16408 Await nullish async disposable (@JLHwung)

💅 Polish

babel-parser

... (truncated)

Commits

bf1e9a3 v7.24.7
14a0b08 [helpers TS conversion] async functions/generators (#16510)
7934963 Use type: module in all package.jsons (#16535)
ab465cc Delete unused array helpers (#16525)
9630250 v7.24.6
553e433 Generate helper metadata at build time (#16501)
db3e9a6 Move all runtime helpers to individual files (#16495)
71c247a [babel 8] Require Node.js ^18.20.0 || ^20.10.0 || >=21.0.0 (#16457)
ddbea7d v7.24.5
5a8c692 v7.24.4
Additional commits viewable in compare view

Updates @swc/core from 1.3.107 to 1.5.25

Changelog

Sourced from @swc/core's changelog.

[1.5.25] - 2024-06-05

Bug Fixes

(es/es2015) Fix injection location of this for getter/setter properties (#8993) (09121a6)

(es/minifier) Preserve unused special properties (#9005) (e764ff6)

(es/minifier) Fix comparison of -0.0 (#9012) (8a29577)

(es/minifier) Do not index a string with a surrogate pair (#9013) (2879a4d)

(es/minifier) Fix evaluation of -0 as a string (#9011) (9f8e24a)

(es/resolver) Fix hoisting of const and let (#8987) (0d9ecf3)

Features

(es/minifier) Detect TypeScript enum initialization pattern (#8986) (cc8c155)

(x) Initialize project (#8999) (da70ebe)

Performance

(es/parser) Add feature named tracing-spans (#9019) (3bf3114)

[1.5.23] - 2024-05-30

Bug Fixes

(bindings/node) Fix regression of JS APIs (#8998) (125ddd2)

(es/jest) Handle @jest/globals (#8994) (a81a01f)

[1.5.9] - 2024-05-28

... (truncated)

Commits

8bb302a chore: Publish 1.5.25 with swc_core v0.92.10
277843e chore: Bump crates
3bf3114 perf(es/parser): Add feature named tracing-spans (#9019)
2fb890c chore: Publish crates
1496ed1 chore: Bump crates
9f8e24a fix(es/minifier): Fix evaluation of -0 as a string (#9011)
1f911f9 chore: Bump crates
2879a4d fix(es/minifier): Do not index a string with a surrogate pair (#9013)
04c1839 chore: Bump crates
8a29577 fix(es/minifier): Fix comparison of -0.0 (#9012)
Additional commits viewable in compare view

Updates browserslist from 4.22.3 to 4.23.0

Release notes

Sourced from browserslist's releases.

4.23.0

Added BROWSERSLIST_ROOT_PATH (by @teleclimber).

Changelog

Sourced from browserslist's changelog.

4.23.0

Added BROWSERSLIST_ROOT_PATH (by @teleclimber).

Commits

a23d971 Release 4.23 version
61e7712 Update dependencies
2c313aa Add Github release workflow
3caf908 Update CI
b58ae05 feat: add BROWSERSLIST_ROOT_PATH (#819)
8ddc4d8 Update grammar definition file (#817)
See full diff in compare view

Updates commander from 11.1.0 to 12.1.0

Release notes

Sourced from commander's releases.

v12.1.0

Added

auto-detect special node flags node --eval and node --print when call .parse() with no arguments (#2164)

Changed

prefix require of Node.js core modules with node: (#2170)

format source files with Prettier (#2180)

switch from StandardJS to directly calling ESLint for linting (#2153)

extend security support for previous major version of Commander (#2150)

Removed

removed unimplemented Option.fullDescription from TypeScript definition (#2191)

v12.0.0

Added

.addHelpOption() as another way of configuring built-in help option (#2006)

.helpCommand() for configuring built-in help command (#2087)

Fixed

Breaking: use non-zero exit code when spawned executable subcommand terminates due to a signal (#2023)

Breaking: check passThroughOptions constraints when using .addCommand and throw if parent command does not have .enablePositionalOptions() enabled (#1937)

Changed

Breaking: Commander 12 requires Node.js v18 or higher (#2027)

Breaking: throw an error if add an option with a flag which is already in use (#2055)

Breaking: throw an error if add a command with name or alias which is already in use (#2059)

Breaking: throw error when calling .storeOptionsAsProperties() after setting an option value (#1928)

replace non-standard JSDoc of @api private with documented @private (#1949)

.addHelpCommand() now takes a Command (passing string or boolean still works as before but deprecated) (#2087)

refactor internal implementation of built-in help option (#2006)

refactor internal implementation of built-in help command (#2087)

Deprecated

.addHelpCommand() passing string or boolean (use .helpCommand() or pass a Command) (#2087)

Removed

Breaking: removed default export of a global Command instance from CommonJS (use the named program export instead) (#2017)

Migration Tips

global program

... (truncated)

Changelog

Sourced from commander's changelog.

[12.1.0] (2024-05-18)

Added

auto-detect special node flags node --eval and node --print when call .parse() with no arguments (#2164)

Changed

prefix require of Node.js core modules with node: (#2170)

format source files with Prettier (#2180)

switch from StandardJS to directly calling ESLint for linting (#2153)

extend security support for previous major version of Commander (#2150)

Removed

removed unimplemented Option.fullDescription from TypeScript definition (#2191)

[12.0.0] (2024-02-03)

Added

.addHelpOption() as another way of configuring built-in help option (#2006)

.helpCommand() for configuring built-in help command (#2087)

Fixed

Breaking: use non-zero exit code when spawned executable subcommand terminates due to a signal (#2023)

Breaking: check passThroughOptions constraints when using .addCommand and throw if parent command does not have .enablePositionalOptions() enabled (#1937)

Changed

Breaking: Commander 12 requires Node.js v18 or higher (#2027)

Breaking: throw an error if add an option with a flag which is already in use (#2055)

Breaking: throw an error if add a command with name or alias which is already in use (#2059)

Breaking: throw error when calling .storeOptionsAsProperties() after setting an option value (#1928)

replace non-standard JSDoc of @api private with documented @private (#1949)

.addHelpCommand() now takes a Command (passing string or boolean still works as before but deprecated) (#2087)

refactor internal implementation of built-in help option (#2006)

refactor internal implementation of built-in help command (#2087)

Deprecated

.addHelpCommand() passing string or boolean (use .helpCommand() or pass a Command) (#2087)

Removed

Breaking: removed default export of a global Command instance from CommonJS (use the named program export instead) (#2017)

Migration Tips

... (truncated)

Commits

970ecae 12.1.0
4a9b211 Prepare CHANGELOG for 12.1.0 (#2193)
0e083f8 ci: add 22.x to node-version (#2192)
d3b48f7 Remove unimplemented fullDescription from TypeScript (#2191)
c749eb8 Bump tsd from 0.30.4 to 0.31.0 (#2172)
f09d0b2 Bump @typescript-eslint/parser from 6.14.0 to 6.21.0 (#2179)
4484e79 Bump @types/node from 20.8.9 to 20.12.7 (#2187)
6c740e9 Bump eslint-plugin-jest from 27.9.0 to 28.3.0 (#2188)
27b1349 Bump typescript from 5.2.2 to 5.4.5 (#2189)
b95ea44 Fix some JSDoc lint issues (#2181)
Additional commits viewable in compare view

Updates glob from 10.3.10 to 10.4.1

Changelog

Sourced from glob's changelog.

changeglob

10.4

Add includeChildMatches: false option

Export the Ignore class

10.3

Add --default -p flag ...
Description has been truncated

…ates Bumps the production-dependencies group with 11 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) | `7.23.9` | `7.24.7` | | [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) | `7.23.9` | `7.24.7` | | [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.23.9` | `7.24.7` | | [@swc/core](https://github.com/swc-project/swc) | `1.3.107` | `1.5.25` | | [commander](https://github.com/tj/commander.js) | `11.1.0` | `12.1.0` | | [glob](https://github.com/isaacs/node-glob) | `10.3.10` | `10.4.1` | | [swc-loader](https://github.com/swc-project/pkgs) | `0.2.3` | `0.2.6` | | [webpack](https://github.com/webpack/webpack) | `5.90.0` | `5.91.0` | | [webpack-dev-server](https://github.com/webpack/webpack-dev-server) | `4.15.1` | `5.0.4` | | [webpackbar](https://github.com/unjs/webpackbar) | `6.0.0` | `6.0.1` | | [yaml](https://github.com/eemeli/yaml) | `2.3.4` | `2.4.3` | Updates `@babel/core` from 7.23.9 to 7.24.7 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.24.7/packages/babel-core) Updates `@babel/preset-env` from 7.23.9 to 7.24.7 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.24.7/packages/babel-preset-env) Updates `@babel/runtime` from 7.23.9 to 7.24.7 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.24.7/packages/babel-runtime) Updates `@swc/core` from 1.3.107 to 1.5.25 - [Release notes](https://github.com/swc-project/swc/releases) - [Changelog](https://github.com/swc-project/swc/blob/main/CHANGELOG.md) - [Commits](swc-project/swc@v1.3.107...v1.5.25) Updates `browserslist` from 4.22.3 to 4.23.0 - [Release notes](https://github.com/browserslist/browserslist/releases) - [Changelog](https://github.com/browserslist/browserslist/blob/main/CHANGELOG.md) - [Commits](browserslist/browserslist@4.22.3...4.23.0) Updates `commander` from 11.1.0 to 12.1.0 - [Release notes](https://github.com/tj/commander.js/releases) - [Changelog](https://github.com/tj/commander.js/blob/master/CHANGELOG.md) - [Commits](tj/commander.js@v11.1.0...v12.1.0) Updates `glob` from 10.3.10 to 10.4.1 - [Changelog](https://github.com/isaacs/node-glob/blob/main/changelog.md) - [Commits](isaacs/node-glob@v10.3.10...v10.4.1) Updates `swc-loader` from 0.2.3 to 0.2.6 - [Commits](https://github.com/swc-project/pkgs/commits) Updates `webpack` from 5.90.0 to 5.91.0 - [Release notes](https://github.com/webpack/webpack/releases) - [Commits](webpack/webpack@v5.90.0...v5.91.0) Updates `webpack-dev-server` from 4.15.1 to 5.0.4 - [Release notes](https://github.com/webpack/webpack-dev-server/releases) - [Changelog](https://github.com/webpack/webpack-dev-server/blob/master/CHANGELOG.md) - [Commits](webpack/webpack-dev-server@v4.15.1...v5.0.4) Updates `webpackbar` from 6.0.0 to 6.0.1 - [Release notes](https://github.com/unjs/webpackbar/releases) - [Changelog](https://github.com/unjs/webpackbar/blob/main/CHANGELOG.md) - [Commits](unjs/webpackbar@v6.0.0...v6.0.1) Updates `yaml` from 2.3.4 to 2.4.3 - [Release notes](https://github.com/eemeli/yaml/releases) - [Commits](eemeli/yaml@v2.3.4...v2.4.3) --- updated-dependencies: - dependency-name: "@babel/core" dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: "@babel/preset-env" dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: "@babel/runtime" dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: "@swc/core" dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: browserslist dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: commander dependency-type: direct:production update-type: version-update:semver-major dependency-group: production-dependencies - dependency-name: glob dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: swc-loader dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: webpack dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: webpack-dev-server dependency-type: direct:production update-type: version-update:semver-major dependency-group: production-dependencies - dependency-name: webpackbar dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: yaml dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

socket-security · 2024-06-06T11:26:29Z

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@babel/core@7.24.7	Transitive: environment	`+46`	1.05 MB
npm/@babel/preset-env@7.24.7	Transitive: environment, filesystem, unsafe	`+148`	3.32 MB
npm/@babel/runtime@7.24.7	None	`+1`	27.9 kB
npm/@swc/core@1.5.25	environment, filesystem, shell	`+12`	431 MB	kdy1
npm/browserslist@4.23.0	environment, filesystem Transitive: shell	`+6`	128 kB	ai
npm/commander@12.1.0	environment	`0`	186 kB	abetomo
npm/glob@10.4.1	Transitive: environment, filesystem, shell	`+29`	2.95 MB	isaacs
npm/swc-loader@0.2.6	None	`+1`	9.1 kB	kdy1
npm/webpack-dev-server@5.0.4	environment, eval, network Transitive: filesystem, shell, unsafe	`+208`	16.6 MB	evilebottnawi
npm/webpack@5.91.0	environment, filesystem, network, unsafe Transitive: eval, shell	`+70`	17.5 MB	evilebottnawi
npm/webpackbar@6.0.1	Transitive: environment	`+13`	514 kB	pi0
npm/yaml@2.4.3	environment	`0`	672 kB	eemeli

🚮 Removed packages: npm/@babel/core@7.23.9, npm/@babel/preset-env@7.23.9, npm/@babel/runtime@7.23.9, npm/@swc/core@1.3.107, npm/browserslist@4.22.3, npm/commander@11.1.0, npm/glob@10.3.10, npm/swc-loader@0.2.3, npm/webpack-dev-server@4.15.1, npm/webpack@5.90.0, npm/webpackbar@6.0.0, npm/yaml@2.3.4

View full report↗︎

socket-security · 2024-06-06T11:26:32Z

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source
Install scripts	npm/@swc/core@1.5.25	Install script: postinstall Source: `node postinstall.js`	`package-lock.json` `package.json`
Install scripts	npm/@swc/core@1.3.107	Install script: postinstall Source: `node postinstall.js`	Source

View full report↗︎

Next steps

What is an install script?

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/foo@1.0.0 or ignore all packages with @SocketSecurity ignore-all

@SocketSecurity ignore npm/@swc/core@1.5.25
@SocketSecurity ignore npm/@swc/core@1.3.107

dependabot · 2024-06-10T11:32:59Z

Superseded by #925.

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jun 6, 2024

dependabot bot mentioned this pull request Jun 6, 2024

Bump the production-dependencies group across 1 directory with 12 updates #922

Closed

dependabot bot closed this Jun 10, 2024

dependabot bot deleted the dependabot/npm_and_yarn/production-dependencies-918b89bb55 branch June 10, 2024 11:33

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the production-dependencies group across 1 directory with 12 updates #923

Bump the production-dependencies group across 1 directory with 12 updates #923

dependabot bot commented on behalf of github Jun 6, 2024 •

edited

Loading

socket-security bot commented Jun 6, 2024

socket-security bot commented Jun 6, 2024

dependabot bot commented on behalf of github Jun 10, 2024

Bump the production-dependencies group across 1 directory with 12 updates #923

Bump the production-dependencies group across 1 directory with 12 updates #923

Conversation

dependabot bot commented on behalf of github Jun 6, 2024 • edited Loading

v7.24.7 (2024-06-05)

🐛 Bug Fix

🏠 Internal

Committers: 7

v7.24.6 (2024-05-24)

🐛 Bug Fix

🏠 Internal

v7.24.7 (2024-06-05)

🐛 Bug Fix

🏠 Internal

v7.24.6 (2024-05-24)

🐛 Bug Fix

🏠 Internal

v7.24.5 (2024-04-29)

🐛 Bug Fix

💅 Polish

v7.24.7 (2024-06-05)

🐛 Bug Fix

🏠 Internal

Committers: 7

v7.24.6 (2024-05-24)

🐛 Bug Fix

🏠 Internal

v7.24.7 (2024-06-05)

🐛 Bug Fix

🏠 Internal

v7.24.6 (2024-05-24)

🐛 Bug Fix

🏠 Internal

v7.24.5 (2024-04-29)

🐛 Bug Fix

💅 Polish

v7.24.7 (2024-06-05)

🐛 Bug Fix

🏠 Internal

Committers: 7

v7.24.6 (2024-05-24)

🐛 Bug Fix

🏠 Internal

v7.24.7 (2024-06-05)

🐛 Bug Fix

🏠 Internal

v7.24.6 (2024-05-24)

🐛 Bug Fix

🏠 Internal

v7.24.5 (2024-04-29)

🐛 Bug Fix

💅 Polish

[1.5.25] - 2024-06-05

Bug Fixes

Features

Performance

[1.5.23] - 2024-05-30

Bug Fixes

[1.5.9] - 2024-05-28

4.23.0

4.23.0

v12.1.0

Added

Changed

Removed

v12.0.0

Added

Fixed

Changed

Deprecated

Removed

Migration Tips

[12.1.0] (2024-05-18)

Added

Changed

Removed

[12.0.0] (2024-02-03)

Added

Fixed

Changed

dependabot bot commented on behalf of github Jun 6, 2024 •

edited

Loading