Bump esbuild from 0.16.14 to 0.17.6 #351

Closed

dependabot[bot] wants to merge 1 commit from dependabot/npm_and_yarn/esbuild-0.17.6 into master

dependabot[bot] commented

2023-02-07 11:03:36 +01:00

(Migrated from github.com)

Bumps esbuild from 0.16.14 to 0.17.6.

Release notes

Sourced from esbuild's releases.

v0.17.6
Fix a CSS parser crash on invalid CSS (#2892)

Previously the following invalid CSS caused esbuild's parser to crash:
@media screen
The crash was caused by trying to construct a helpful error message assuming that there was an opening { token, which is not the case here. This release fixes the crash.
Inline TypeScript enums that are referenced before their declaration

Previously esbuild inlined enums within a TypeScript file from top to bottom, which meant that references to TypeScript enum members were only inlined within the same file if they came after the enum declaration. With this release, esbuild will now inline enums even when they are referenced before they are declared:
// Original input
export const foo = () => Foo.FOO
const enum Foo { FOO = 0 }
// Old output (with --tree-shaking=true)
export const foo = () => Foo.FOO;
var Foo = /* @PURE */ ((Foo2) => {
Foo2[Foo2["FOO"] = 0] = "FOO";
return Foo2;
})(Foo || {});
// New output (with --tree-shaking=true)
export const foo = () => 0 /* FOO */;
This makes esbuild's TypeScript output smaller and faster when processing code that does this. I noticed this issue when I ran the TypeScript compiler's source code through esbuild's bundler. Now that the TypeScript compiler is going to be bundled with esbuild in the upcoming TypeScript 5.0 release, improvements like this will also improve the TypeScript compiler itself!
Fix esbuild installation on Arch Linux (#2785, #2812, #2865)

Someone made an unofficial esbuild package for Linux that adds the ESBUILD_BINARY_PATH=/usr/bin/esbuild environment variable to the user's default environment. This breaks all npm installations of esbuild for users with this unofficial Linux package installed, which has affected many people. Most (all?) people who encounter this problem haven't even installed this unofficial package themselves; instead it was installed for them as a dependency of another Linux package. The problematic change to add the ESBUILD_BINARY_PATH environment variable was reverted in the latest version of this unofficial package. However, old versions of this unofficial package are still there and will be around forever. With this release, ESBUILD_BINARY_PATH is now ignored by esbuild's install script when it's set to the value /usr/bin/esbuild. This should unbreak using npm to install esbuild in these problematic Linux environments.

Note: The ESBUILD_BINARY_PATH variable is an undocumented way to override the location of esbuild's binary when esbuild's npm package is installed, which is necessary to substitute your own locally-built esbuild binary when debugging esbuild's npm package. It's only meant for very custom situations and should absolutely not be forced on others by default, especially without their knowledge. I may remove the code in esbuild's installer that reads ESBUILD_BINARY_PATH in the future to prevent these kinds of issues. It will unfortunately make debugging esbuild harder. If ESBUILD_BINARY_PATH is ever removed, it will be done in a "breaking change" release.
v0.17.5
Parse const type parameters from TypeScript 5.0

The TypeScript 5.0 beta announcement adds const type parameters to the language. You can now add the const modifier on a type parameter of a function, method, or class like this:
type HasNames = { names: readonly string[] };
const getNamesExactly = <const T extends HasNames>(arg: T): T["names"] => arg.names;
const names = getNamesExactly({ names: ["Alice", "Bob", "Eve"] });

... (truncated)

Changelog

Sourced from esbuild's changelog.

0.17.6
Fix a CSS parser crash on invalid CSS (#2892)

Previously the following invalid CSS caused esbuild's parser to crash:
@media screen
The crash was caused by trying to construct a helpful error message assuming that there was an opening { token, which is not the case here. This release fixes the crash.
Inline TypeScript enums that are referenced before their declaration

Previously esbuild inlined enums within a TypeScript file from top to bottom, which meant that references to TypeScript enum members were only inlined within the same file if they came after the enum declaration. With this release, esbuild will now inline enums even when they are referenced before they are declared:
// Original input
export const foo = () => Foo.FOO
const enum Foo { FOO = 0 }
// Old output (with --tree-shaking=true)
export const foo = () => Foo.FOO;
var Foo = /* @PURE */ ((Foo2) => {
Foo2[Foo2["FOO"] = 0] = "FOO";
return Foo2;
})(Foo || {});
// New output (with --tree-shaking=true)
export const foo = () => 0 /* FOO */;
This makes esbuild's TypeScript output smaller and faster when processing code that does this. I noticed this issue when I ran the TypeScript compiler's source code through esbuild's bundler. Now that the TypeScript compiler is going to be bundled with esbuild in the upcoming TypeScript 5.0 release, improvements like this will also improve the TypeScript compiler itself!
Fix esbuild installation on Arch Linux (#2785, #2812, #2865)

Someone made an unofficial esbuild package for Linux that adds the ESBUILD_BINARY_PATH=/usr/bin/esbuild environment variable to the user's default environment. This breaks all npm installations of esbuild for users with this unofficial Linux package installed, which has affected many people. Most (all?) people who encounter this problem haven't even installed this unofficial package themselves; instead it was installed for them as a dependency of another Linux package. The problematic change to add the ESBUILD_BINARY_PATH environment variable was reverted in the latest version of this unofficial package. However, old versions of this unofficial package are still there and will be around forever. With this release, ESBUILD_BINARY_PATH is now ignored by esbuild's install script when it's set to the value /usr/bin/esbuild. This should unbreak using npm to install esbuild in these problematic Linux environments.

Note: The ESBUILD_BINARY_PATH variable is an undocumented way to override the location of esbuild's binary when esbuild's npm package is installed, which is necessary to substitute your own locally-built esbuild binary when debugging esbuild's npm package. It's only meant for very custom situations and should absolutely not be forced on others by default, especially without their knowledge. I may remove the code in esbuild's installer that reads ESBUILD_BINARY_PATH in the future to prevent these kinds of issues. It will unfortunately make debugging esbuild harder. If ESBUILD_BINARY_PATH is ever removed, it will be done in a "breaking change" release.
0.17.5
Parse const type parameters from TypeScript 5.0

The TypeScript 5.0 beta announcement adds const type parameters to the language. You can now add the const modifier on a type parameter of a function, method, or class like this:
type HasNames = { names: readonly string[] };
const getNamesExactly = <const T extends HasNames>(arg: T): T["names"] => arg.names;
const names = getNamesExactly({ names: ["Alice", "Bob", "Eve"] });

... (truncated)

Commits

e1143a7 publish 0.17.6 to npm
7b8b0b5 fix esbuild installation on arch linux
0d7c6f1 fix #2892: css parser bug with @-rules without {
d8a86ca work around a flake in node's execFileSync call
4e53c27 avoid a new problem with go clean -testcache
606c425 update test error message for go 1.20
d720969 avoid wasm stack overflow in tests
efd6590 labels don't care about scope
df50e53 update go 1.19.5 => 1.20
362cae8 better JSX unexpected EOF error message
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [esbuild](https://github.com/evanw/esbuild) from 0.16.14 to 0.17.6. <details> <summary>Release notes</summary> Sourced from <a href="https://github.com/evanw/esbuild/releases">esbuild's releases</a>. <blockquote> <h2>v0.17.6</h2> <ul> <li> Fix a CSS parser crash on invalid CSS (<a href="https://github-redirect.dependabot.com/evanw/esbuild/issues/2892">#2892</a>) Previously the following invalid CSS caused esbuild's parser to crash: <pre lang="css"><code>@media screen </code></pre> The crash was caused by trying to construct a helpful error message assuming that there was an opening <code>{</code> token, which is not the case here. This release fixes the crash. </li> <li> Inline TypeScript enums that are referenced before their declaration Previously esbuild inlined enums within a TypeScript file from top to bottom, which meant that references to TypeScript enum members were only inlined within the same file if they came after the enum declaration. With this release, esbuild will now inline enums even when they are referenced before they are declared: <pre lang="ts"><code>// Original input export const foo = () => Foo.FOO const enum Foo { FOO = 0 } // Old output (with --tree-shaking=true) export const foo = () => Foo.FOO; var Foo = /* @PURE */ ((Foo2) => { Foo2[Foo2["FOO"] = 0] = "FOO"; return Foo2; })(Foo || {}); // New output (with --tree-shaking=true) export const foo = () => 0 /* FOO */; </code></pre> This makes esbuild's TypeScript output smaller and faster when processing code that does this. I noticed this issue when I ran the TypeScript compiler's source code through esbuild's bundler. Now that the TypeScript compiler is going to be bundled with esbuild in the upcoming TypeScript 5.0 release, improvements like this will also improve the TypeScript compiler itself! </li> <li> Fix esbuild installation on Arch Linux (<a href="https://github-redirect.dependabot.com/evanw/esbuild/issues/2785">#2785</a>, <a href="https://github-redirect.dependabot.com/evanw/esbuild/issues/2812">#2812</a>, <a href="https://github-redirect.dependabot.com/evanw/esbuild/issues/2865">#2865</a>) Someone made an unofficial <code>esbuild</code> package for Linux that adds the <code>ESBUILD_BINARY_PATH=/usr/bin/esbuild</code> environment variable to the user's default environment. This breaks all npm installations of esbuild for users with this unofficial Linux package installed, which has affected many people. Most (all?) people who encounter this problem haven't even installed this unofficial package themselves; instead it was installed for them as a dependency of another Linux package. The problematic change to add the <code>ESBUILD_BINARY_PATH</code> environment variable was reverted in the latest version of this unofficial package. However, old versions of this unofficial package are still there and will be around forever. With this release, <code>ESBUILD_BINARY_PATH</code> is now ignored by esbuild's install script when it's set to the value <code>/usr/bin/esbuild</code>. This should unbreak using npm to install <code>esbuild</code> in these problematic Linux environments. Note: The <code>ESBUILD_BINARY_PATH</code> variable is an undocumented way to override the location of esbuild's binary when esbuild's npm package is installed, which is necessary to substitute your own locally-built esbuild binary when debugging esbuild's npm package. It's only meant for very custom situations and should absolutely not be forced on others by default, especially without their knowledge. I may remove the code in esbuild's installer that reads <code>ESBUILD_BINARY_PATH</code> in the future to prevent these kinds of issues. It will unfortunately make debugging esbuild harder. If <code>ESBUILD_BINARY_PATH</code> is ever removed, it will be done in a "breaking change" release. </li> </ul> <h2>v0.17.5</h2> <ul> <li> Parse <code>const</code> type parameters from TypeScript 5.0 The TypeScript 5.0 beta announcement adds <a href="https://devblogs.microsoft.com/typescript/announcing-typescript-5-0-beta/#const-type-parameters"><code>const</code> type parameters</a> to the language. You can now add the <code>const</code> modifier on a type parameter of a function, method, or class like this: <pre lang="ts"><code>type HasNames = { names: readonly string[] }; const getNamesExactly = <const T extends HasNames>(arg: T): T["names"] => arg.names; const names = getNamesExactly({ names: ["Alice", "Bob", "Eve"] }); </code></pre> </li> </ul>  </blockquote> ... (truncated) </details> <details> <summary>Changelog</summary> Sourced from <a href="https://github.com/evanw/esbuild/blob/main/CHANGELOG.md">esbuild's changelog</a>. <blockquote> <h2>0.17.6</h2> <ul> <li> Fix a CSS parser crash on invalid CSS (<a href="https://github-redirect.dependabot.com/evanw/esbuild/issues/2892">#2892</a>) Previously the following invalid CSS caused esbuild's parser to crash: <pre lang="css"><code>@media screen </code></pre> The crash was caused by trying to construct a helpful error message assuming that there was an opening <code>{</code> token, which is not the case here. This release fixes the crash. </li> <li> Inline TypeScript enums that are referenced before their declaration Previously esbuild inlined enums within a TypeScript file from top to bottom, which meant that references to TypeScript enum members were only inlined within the same file if they came after the enum declaration. With this release, esbuild will now inline enums even when they are referenced before they are declared: <pre lang="ts"><code>// Original input export const foo = () => Foo.FOO const enum Foo { FOO = 0 } // Old output (with --tree-shaking=true) export const foo = () => Foo.FOO; var Foo = /* @PURE */ ((Foo2) => { Foo2[Foo2["FOO"] = 0] = "FOO"; return Foo2; })(Foo || {}); // New output (with --tree-shaking=true) export const foo = () => 0 /* FOO */; </code></pre> This makes esbuild's TypeScript output smaller and faster when processing code that does this. I noticed this issue when I ran the TypeScript compiler's source code through esbuild's bundler. Now that the TypeScript compiler is going to be bundled with esbuild in the upcoming TypeScript 5.0 release, improvements like this will also improve the TypeScript compiler itself! </li> <li> Fix esbuild installation on Arch Linux (<a href="https://github-redirect.dependabot.com/evanw/esbuild/issues/2785">#2785</a>, <a href="https://github-redirect.dependabot.com/evanw/esbuild/issues/2812">#2812</a>, <a href="https://github-redirect.dependabot.com/evanw/esbuild/issues/2865">#2865</a>) Someone made an unofficial <code>esbuild</code> package for Linux that adds the <code>ESBUILD_BINARY_PATH=/usr/bin/esbuild</code> environment variable to the user's default environment. This breaks all npm installations of esbuild for users with this unofficial Linux package installed, which has affected many people. Most (all?) people who encounter this problem haven't even installed this unofficial package themselves; instead it was installed for them as a dependency of another Linux package. The problematic change to add the <code>ESBUILD_BINARY_PATH</code> environment variable was reverted in the latest version of this unofficial package. However, old versions of this unofficial package are still there and will be around forever. With this release, <code>ESBUILD_BINARY_PATH</code> is now ignored by esbuild's install script when it's set to the value <code>/usr/bin/esbuild</code>. This should unbreak using npm to install <code>esbuild</code> in these problematic Linux environments. Note: The <code>ESBUILD_BINARY_PATH</code> variable is an undocumented way to override the location of esbuild's binary when esbuild's npm package is installed, which is necessary to substitute your own locally-built esbuild binary when debugging esbuild's npm package. It's only meant for very custom situations and should absolutely not be forced on others by default, especially without their knowledge. I may remove the code in esbuild's installer that reads <code>ESBUILD_BINARY_PATH</code> in the future to prevent these kinds of issues. It will unfortunately make debugging esbuild harder. If <code>ESBUILD_BINARY_PATH</code> is ever removed, it will be done in a "breaking change" release. </li> </ul> <h2>0.17.5</h2> <ul> <li> Parse <code>const</code> type parameters from TypeScript 5.0 The TypeScript 5.0 beta announcement adds <a href="https://devblogs.microsoft.com/typescript/announcing-typescript-5-0-beta/#const-type-parameters"><code>const</code> type parameters</a> to the language. You can now add the <code>const</code> modifier on a type parameter of a function, method, or class like this: <pre lang="ts"><code>type HasNames = { names: readonly string[] }; const getNamesExactly = <const T extends HasNames>(arg: T): T["names"] => arg.names; const names = getNamesExactly({ names: ["Alice", "Bob", "Eve"] }); </code></pre> </li> </ul>  </blockquote> ... (truncated) </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/evanw/esbuild/commit/e1143a75dd5e7d9fb8591096edfa123f6eedbe44"><code>e1143a7</code></a> publish 0.17.6 to npm</li> <li><a href="https://github.com/evanw/esbuild/commit/7b8b0b57fbd17f810fb7181f0e8de9c697fe62a3"><code>7b8b0b5</code></a> fix esbuild installation on arch linux</li> <li><a href="https://github.com/evanw/esbuild/commit/0d7c6f1ea50446d140704a6b7089940af87e8eac"><code>0d7c6f1</code></a> fix <a href="https://github-redirect.dependabot.com/evanw/esbuild/issues/2892">#2892</a>: css parser bug with @-rules without <code>{</code></li> <li><a href="https://github.com/evanw/esbuild/commit/d8a86cae1b77555838c94cd9acb77947bcd42606"><code>d8a86ca</code></a> work around a flake in node's <code>execFileSync</code> call</li> <li><a href="https://github.com/evanw/esbuild/commit/4e53c2783b460f79b01e3d7ea9455a97a69eb269"><code>4e53c27</code></a> avoid a new problem with <code>go clean -testcache</code></li> <li><a href="https://github.com/evanw/esbuild/commit/606c4258f03ac851db9a599ddfa4a28cf8f4327a"><code>606c425</code></a> update test error message for go 1.20</li> <li><a href="https://github.com/evanw/esbuild/commit/d7209691887854b6b1f73b00647d3485303c169b"><code>d720969</code></a> avoid wasm stack overflow in tests</li> <li><a href="https://github.com/evanw/esbuild/commit/efd65900830d13d98936d3dd0cc6183f4b2e3eeb"><code>efd6590</code></a> labels don't care about scope</li> <li><a href="https://github.com/evanw/esbuild/commit/df50e53a1b1c884bb49683618fd45b609d9604b9"><code>df50e53</code></a> update go 1.19.5 => 1.20</li> <li><a href="https://github.com/evanw/esbuild/commit/362cae86f435fd9dc823e6f355fcfa4ec92cb5b3"><code>362cae8</code></a> better JSX unexpected EOF error message</li> <li>Additional commits viewable in <a href="https://github.com/evanw/esbuild/compare/v0.16.14...v0.17.6">compare view</a></li> </ul> </details> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=esbuild&package-manager=npm_and_yarn&previous-version=0.16.14&new-version=0.17.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>

dependabot[bot] commented

2023-02-10 11:58:18 +01:00

(Migrated from github.com)

Superseded by #352.

Commenting is not possible because the repository is archived.

No reviewers