Bump terser from 5.16.9 to 5.17.1 #681

Merged
dependabot[bot] merged 1 commit from dependabot/npm_and_yarn/develop/terser-5.17.1 into develop 2023-04-19 07:09:57 +02:00
dependabot[bot] commented 2023-04-19 06:57:09 +02:00 (Migrated from github.com)

Bumps terser from 5.16.9 to 5.17.1.

Changelog

Sourced from terser's changelog.

v5.17.1

  • Fix evaluating .length when the source array might've been mutated

v5.17.0

  • Drop vestigial = undefined default argument in IIFE calls (#1366)
  • Evaluate known arrays' .length property when statically determinable
  • Add @__KEY__ annotation to mangle string literals (#1365)
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot will merge this PR once CI passes on it, as requested by @Serraniel.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps [terser](https://github.com/terser/terser) from 5.16.9 to 5.17.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/terser/terser/blob/master/CHANGELOG.md">terser's changelog</a>.</em></p> <blockquote> <h2>v5.17.1</h2> <ul> <li>Fix evaluating <code>.length</code> when the source array might've been mutated</li> </ul> <h2>v5.17.0</h2> <ul> <li>Drop vestigial <code>= undefined</code> default argument in IIFE calls (<a href="https://redirect.github.com/terser/terser/issues/1366">#1366</a>)</li> <li>Evaluate known arrays' <code>.length</code> property when statically determinable</li> <li>Add <code>@__KEY__</code> annotation to mangle string literals (<a href="https://redirect.github.com/terser/terser/issues/1365">#1365</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/terser/terser/commit/374073bf7250aa1f2fa03fe2b9a32f75c25666ea"><code>374073b</code></a> 5.17.1</li> <li><a href="https://github.com/terser/terser/commit/2acb238b6407a3dc00a6db7d7050deaeff826e2c"><code>2acb238</code></a> update changelog</li> <li><a href="https://github.com/terser/terser/commit/dd6ebd33a913a79cb22595c6dd1c5991c93678a1"><code>dd6ebd3</code></a> Avoid computing the .length of referred arrays in case of mutations. Closes #...</li> <li><a href="https://github.com/terser/terser/commit/028514cc402e37c92608c32ad385250aed75aaaa"><code>028514c</code></a> Handle dropping <code>var []</code> in unreachable code. Closes <a href="https://redirect.github.com/terser/terser/issues/1293">#1293</a></li> <li><a href="https://github.com/terser/terser/commit/4e88c3b44e011f49cb514d597bbb108f2f90301f"><code>4e88c3b</code></a> 5.17.0</li> <li><a href="https://github.com/terser/terser/commit/81f0f22f8d33db47b14dbd2f51af5374d668f027"><code>81f0f22</code></a> update changelog</li> <li><a href="https://github.com/terser/terser/commit/0ddf63acb1c8700158f4def2e132bc78652552b8"><code>0ddf63a</code></a> drop <code>undefined</code> default parameter in IIFE. Closes <a href="https://redirect.github.com/terser/terser/issues/1366">#1366</a></li> <li><a href="https://github.com/terser/terser/commit/31753d07053d815f598d9139d7d17a8f2a78345f"><code>31753d0</code></a> safely evaluate .length of arrays and strings</li> <li><a href="https://github.com/terser/terser/commit/94ae068083a94f4e86e10e248f20d1d836611678"><code>94ae068</code></a> fix: Also set annotations in AST_String ctor (<a href="https://redirect.github.com/terser/terser/issues/1375">#1375</a>)</li> <li><a href="https://github.com/terser/terser/commit/3ab7bbf1da57fdfa39607e4acbf27ab3c7962f0b"><code>3ab7bbf</code></a> Add @<strong>KEY</strong> annotation to mangle string literals (<a href="https://redirect.github.com/terser/terser/issues/1365">#1365</a>)</li> <li>See full diff in <a href="https://github.com/terser/terser/compare/v5.16.9...v5.17.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=terser&package-manager=npm_and_yarn&previous-version=5.16.9&new-version=5.17.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) Dependabot will merge this PR once CI passes on it, as requested by @Serraniel. [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
Serraniel (Migrated from github.com) approved these changes 2023-04-19 06:57:30 +02:00
Serraniel (Migrated from github.com) left a comment

@dependabot merge

@dependabot merge
Sign in to join this conversation.
No reviewers
No milestone
No project
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: Serraniel/AniwatchPlus#681
No description provided.