Allowes2024 as a target intsconfig.json (#4004)
TypeScript recentlyaddedes2024 as a compilation target, so esbuild now supports this in thetarget field oftsconfig.json files, such as in the following configuration file:
{"compilerOptions": {"target":"ES2024" }}As a reminder, the only thing that esbuild uses this field for is determining whether or not to use legacy TypeScript behavior for class fields. You can read more inthe documentation.
This fix was contributed by@billyjanitsch.
Allow automatic semicolon insertion afterget/set
This change fixes a grammar bug in the parser that incorrectly treated the following code as a syntax error:
classFoo{get*x(){}set*y(){}}The above code will be considered valid starting with this release. This change to esbuild follows asimilar change to TypeScript which will allow this syntax starting with TypeScript 5.7.
Allow quoted property names in--define and--pure (#4008)
Thedefine andpure API options now accept identifier expressions containing quoted property names. Previously all identifiers in the identifier expression had to be bare identifiers. This change now makes--define and--pure consistent with--global-name, which already supported quoted property names. For example, the following is now possible:
// The following code now transforms to "return true;\n"console.log(esbuild.transformSync(`return process.env['SOME-TEST-VAR']`,{define:{'process.env["SOME-TEST-VAR"]':'true'}},))Note that if you're passing values like this on the command line using esbuild's--define flag, then you'll need to know how to escape quote characters for your shell. You may find esbuild's JavaScript API more ergonomic and portable than writing shell code.
Minify emptytry/catch/finally blocks (#4003)
With this release, esbuild will now attempt to minify emptytry blocks:
// Original codetry{}catch{foo()}finally{bar()}// Old output (with --minify)try{}catch{foo()}finally{bar()}// New output (with --minify)bar();This can sometimes expose additional minification opportunities.
IncludeentryPoint metadata for thecopy loader (#3985)
Almost all entry points already include aentryPoint field in theoutputs map in esbuild's build metadata. However, this wasn't the case for thecopy loader as that loader is a special-case that doesn't behave like other loaders. This release adds theentryPoint field in this case.
Source mappings may now containnull entries (#3310,#3878)
With this change, sources that result in an empty source map may now emit anull source mapping (i.e. one with a generated position but without a source index or original position). This change improves source map accuracy by fixing a problem where minified code from a source without any source mappings could potentially still be associated with a mapping from another source file earlier in the generated output on the same minified line. It manifests as nonsensical files in source mapped stack traces. Now thenull mapping "resets" the source map so that any lookups into the minified code without any mappings resolves tonull (which appears as the output file in stack traces) instead of the incorrect source file.
This change shouldn't affect anything in most situations. I'm only mentioning it in the release notes in case it introduces a bug with source mapping. It's part of a work-in-progress future feature that will let you omit certain unimportant files from the generated source map to reduce source map size.
Avoid using the parent directory name for determinism (#3998)
To make generated code more readable, esbuild includes the name of the source file when generating certain variable names within the file. Specifically bundling a CommonJS file generates a variable to store the lazily-evaluated module initializer. However, if a file is namedindex.js (or with a different extension), esbuild will use the name of the parent directory instead for a better name (since many packages have files all namedindex.js but have unique directory names).
This is problematic when the bundle entry point is namedindex.js and the parent directory name is non-deterministic (e.g. a temporary directory created by a build script). To avoid non-determinism in esbuild's output, esbuild will now useindex instead of the parent directory in this case. Specifically this will happen if the parent directory is equal to esbuild'soutbase API option, which defaults to thelowest common ancestor of all user-specified entry point paths.
Experimental support for esbuild on NetBSD (#3974)
With this release, esbuild now has a published binary executable forNetBSD in the@esbuild/netbsd-arm64 npm package, and esbuild's installer has been modified to attempt to use it when on NetBSD. Hopefully this makes installing esbuild via npm work on NetBSD. This change was contributed by@bsiegert.
⚠️ Note: NetBSD is not one ofNode's supported platforms, so installing esbuild may or may not work on NetBSD depending on how Node has been patched. This is not a problem with esbuild.⚠️
Uh oh!
There was an error while loading.Please reload this page.
This PR contains the following updates:
^7.26.0->^7.26.3^0.3.5->^0.3.81.1.4->1.1.81.1.4->1.1.8^1.9.3->^1.10.1^4.5.0->^4.5.1^0.3.7->^0.3.11^22.10.0->^22.10.22.1.6->2.1.8^9.8.1->^9.9.1^4.3.7->^4.4.00.24.0->0.24.1^0.24.0->^0.24.1^9.15.0->^9.17.09.14.2->9.15.1^0.14.0->^0.15.1^4.27.4->^4.28.1^1.81.0->^1.83.0^6.0.0->^6.0.5^0.8.8->^0.10.42.1.6->2.1.8^5.96.1->^5.97.1^5.1.0->^5.2.0Release Notes
babel/babel (@babel/types)
v7.26.3Compare Source
🐛 Bug Fix
babel-generator🏠 Internal
babel-helper-builder-binary-assignment-operator-visitor,babel-plugin-transform-exponentiation-operator🏃♀️ Performance
babel-generatorbabel-traversebabel-plugin-transform-modules-commonjssimplifyAccess(@liuxingbaoyu)jridgewell/gen-mapping (@jridgewell/gen-mapping)
v0.3.8Compare Source
v0.3.7Compare Source
v0.3.6Compare Source
web-infra-dev/rspack (@rspack/cli)
v1.1.8Security Vulnerability Report
Overview
This is a re-release version of v1.1.6
On 12/19/2024, 02:01 (UTC), we discovered that our npm packages
@rspack/coreand@rspack/cliwere maliciously attacked. The attacker releasedv1.1.7using a compromised npm token, which contained malicious code. We took immediate action upon discovering the issue.Impact
@rspack/coreand@rspack/cliv1.1.7package.jsonruns malicious code indist/util/support.js. SeeMalicious code analysis for more details.Actions Taken
Upon discovery, we immediately deprecated the affected
v1.1.7, redirected the npm latest tag tov1.1.6, and reset all related tokens.Subsequently, we released a secure new version
v1.1.8.Recommended Actions
If you installed
v1.1.7during the affected period, please:@rspack/coreand@rspack/clito>= 1.1.8Apology and Commitment
We deeply apologize for the risks caused by this incident. To prevent similar incidents from happening again, we will implement stricter token management protocols and enhance our security review processes.
If you have any questions or discover any suspicious activity, please create an issue or send an email to:web-infra-security@bytedance.com
We will continue to follow and respond to community feedback.
v1.1.6Compare Source
What's Changed
Highlights 💡
Reduced memory usage
Rspack's memory usage in large projects has been significantly reduced since v1.1.6:
Related PRs:
RuntimeModuleby@h-a-n-a inhttps://github.com/web-infra-dev/rspack/pull/8620Performance Improvements ⚡
RawSourcewith smallerRawStringSourceandRawBufferSourceby@h-a-n-a inhttps://github.com/web-infra-dev/rspack/pull/8629Exciting New Features 🎉
output.trustedTypes.onPolicyCreationFailureby@LingyuCoder inhttps://github.com/web-infra-dev/rspack/pull/8619getResolvein external function context by@fi3ework inhttps://github.com/web-infra-dev/rspack/pull/8577Bug Fixes 🐞
importModuleby@CPunisher inhttps://github.com/web-infra-dev/rspack/pull/8595Document Updates 📖
CopyRspackPlugindocumentation by@chenjiahan inhttps://github.com/web-infra-dev/rspack/pull/8621Other Changes
New Contributors
Full Changelog:web-infra-dev/rspack@v1.1.5...v1.1.6
v1.1.5Compare Source
What's Changed
Highlights 💡
refactor css loading
Since#7306, we have aligned with webpack's CSS loading strategy, which assumed that CSS finished loading before executing JavaScript, which is not true. Both Rspack and webpack have changed the CSS loading strategy to address this issue.
For more specific details on the original problem, please refer tothis link.
Webpack fixed this inhttps://github.com/webpack/webpack/pull/19021
Rspack fixed this in#8534
Performance Improvements ⚡
Bufferto zero-copyBufferSliceby@h-a-n-a inhttps://github.com/web-infra-dev/rspack/pull/8574Exciting New Features 🎉
asattr support use with dyn trait by@jerrykingxyz inhttps://github.com/web-infra-dev/rspack/pull/8535process.titleby@chenjiahan inhttps://github.com/web-infra-dev/rspack/pull/8576Bug Fixes 🐞
Document Updates 📖
Other Changes
Full Changelog:web-infra-dev/rspack@v1.1.4...v1.1.5
swc-project/swc (@swc/core)
v1.10.1Compare Source
Bug Fixes
Features
module.outFileExtension(#9784) (e04c7b3)v1.10.0Compare Source
Bug Fixes
(es/codegen) Use raw value for emitting JSX text (#9762) (b83c44f)
(es/compat) Fix marker for inlined helpers (#9776) (f54ec2c)
(es/minifier) Drop
consolein optional chainings (#9759) (39271ad)(es/minifier) Do not inline into the exact LHS (#9777) (985977b)
Features
(es/minifier) Support
preserve_annotationsof terser (#9775) (6e1c9fd)(typescript) Align
isolatedDeclarationimplementation with tsc (#9715) (0adad25)Apply Wasm-breaking changes (#9771) (ed65eee)
Miscellaneous Tasks
(deps) Update dependency magic-string to v0.30.13 (#9747) (fa80a1e)
(deps) Update dependency magic-string to v0.30.14 (#9764) (6e46a8b)
Refactor
sxzz/eslint-config (@sxzz/eslint-config)
v4.5.1Compare Source
🐞 Bug Fixes
View changes on GitHub
sxzz/test-utils (@sxzz/test-utils)
v0.3.11Compare Source
🚀 Features
View changes on GitHub
v0.3.10Compare Source
🐞 Bug Fixes
View changes on GitHub
v0.3.9Compare Source
🚀 Features
expectFilesSnapshot- by@sxzz(74f31)View changes on GitHub
v0.3.8Compare Source
🚀 Features
[cwd]in snapshot - by@sxzz(3a2a2)View changes on GitHub
vitest-dev/vitest (@vitest/ui)
v2.1.8Compare Source
🐞 Bug Fixes
View changes on GitHub
v2.1.7Compare Source
🐞 Bug Fixes
pnpm.overridesor yarn resolutions to override theviteversion in thevitestpackage - the APIs are compatible.View changes on GitHub
antfu/bumpp (bumpp)
v9.9.1Compare Source
🐞 Bug Fixes
View changes on GitHub
v9.9.0Compare Source
🚀 Features
tinyexec- by@antfu(780b7)🐞 Bug Fixes
executetype fix. - by@s3xysteak inhttps://github.com/antfu-collective/bumpp/issues/59(bb023)View changes on GitHub
debug-js/debug (debug)
v4.4.0Compare Source
Fixes (hopefully) the inefficient regex warnings in
.enable().Minor version as this is invariably going to break certain users who misuse the
.enable()API and expected it to work with regexes, which was never supported nor documented. That's on you, sorry - that functionality won't be added back.Full Changelog:debug-js/debug@4.3.7...4.4.0
evanw/esbuild (esbuild)
v0.24.1Compare Source
Allow
es2024as a target intsconfig.json(#4004)TypeScript recentlyadded
es2024as a compilation target, so esbuild now supports this in thetargetfield oftsconfig.jsonfiles, such as in the following configuration file:{"compilerOptions": {"target":"ES2024" }}As a reminder, the only thing that esbuild uses this field for is determining whether or not to use legacy TypeScript behavior for class fields. You can read more inthe documentation.
This fix was contributed by@billyjanitsch.
Allow automatic semicolon insertion after
get/setThis change fixes a grammar bug in the parser that incorrectly treated the following code as a syntax error:
The above code will be considered valid starting with this release. This change to esbuild follows asimilar change to TypeScript which will allow this syntax starting with TypeScript 5.7.
Allow quoted property names in
--defineand--pure(#4008)The
defineandpureAPI options now accept identifier expressions containing quoted property names. Previously all identifiers in the identifier expression had to be bare identifiers. This change now makes--defineand--pureconsistent with--global-name, which already supported quoted property names. For example, the following is now possible:Note that if you're passing values like this on the command line using esbuild's
--defineflag, then you'll need to know how to escape quote characters for your shell. You may find esbuild's JavaScript API more ergonomic and portable than writing shell code.Minify empty
try/catch/finallyblocks (#4003)With this release, esbuild will now attempt to minify empty
tryblocks:This can sometimes expose additional minification opportunities.
Include
entryPointmetadata for thecopyloader (#3985)Almost all entry points already include a
entryPointfield in theoutputsmap in esbuild's build metadata. However, this wasn't the case for thecopyloader as that loader is a special-case that doesn't behave like other loaders. This release adds theentryPointfield in this case.Source mappings may now contain
nullentries (#3310,#3878)With this change, sources that result in an empty source map may now emit a
nullsource mapping (i.e. one with a generated position but without a source index or original position). This change improves source map accuracy by fixing a problem where minified code from a source without any source mappings could potentially still be associated with a mapping from another source file earlier in the generated output on the same minified line. It manifests as nonsensical files in source mapped stack traces. Now thenullmapping "resets" the source map so that any lookups into the minified code without any mappings resolves tonull(which appears as the output file in stack traces) instead of the incorrect source file.This change shouldn't affect anything in most situations. I'm only mentioning it in the release notes in case it introduces a bug with source mapping. It's part of a work-in-progress future feature that will let you omit certain unimportant files from the generated source map to reduce source map size.
Avoid using the parent directory name for determinism (#3998)
To make generated code more readable, esbuild includes the name of the source file when generating certain variable names within the file. Specifically bundling a CommonJS file generates a variable to store the lazily-evaluated module initializer. However, if a file is named
index.js(or with a different extension), esbuild will use the name of the parent directory instead for a better name (since many packages have files all namedindex.jsbut have unique directory names).This is problematic when the bundle entry point is named
index.jsand the parent directory name is non-deterministic (e.g. a temporary directory created by a build script). To avoid non-determinism in esbuild's output, esbuild will now useindexinstead of the parent directory in this case. Specifically this will happen if the parent directory is equal to esbuild'soutbaseAPI option, which defaults to thelowest common ancestor of all user-specified entry point paths.Experimental support for esbuild on NetBSD (#3974)
With this release, esbuild now has a published binary executable forNetBSD in the
@esbuild/netbsd-arm64npm package, and esbuild's installer has been modified to attempt to use it when on NetBSD. Hopefully this makes installing esbuild via npm work on NetBSD. This change was contributed by@bsiegert.eslint/eslint (eslint)
v9.17.0Compare Source
v9.16.0Compare Source
Features
8f70eb1feat: AddignoreComputedKeysoption insort-keysrule (#19162) (Milos Djermanovic)Documentation
9eefc8fdocs: fix typos inuse-isnan(#19190) (루밀LuMir)0c8cea8docs: switch the order of words inno-unreachable(#19189) (루밀LuMir)0c19417docs: add missing backtick tono-async-promise-executor([#19188](https://redirect.githuConfiguration
📅Schedule: Branch creation - "* 0-3 * * 1" (UTC), Automerge - At any time (no schedule defined).
🚦Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻Immortal: This PR will be recreated if closed unmerged. Getconfig help if that's undesired.
This PR was generated byMend Renovate. View therepository job log.