[Snyk] Upgrade: @babel/core, @babel/plugin-proposal-class-properties, @babel/plugin-transform-runtime, @babel/preset-flow, @babel/preset-react #177
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Snyk has created this PR to upgrade:
- @babel/core from 7.17.10 to 7.23.3.
See this package in npm: https://www.npmjs.com/package/@babel/core
- @babel/plugin-proposal-class-properties from 7.16.7 to 7.18.6.
See this package in npm: https://www.npmjs.com/package/@babel/plugin-proposal-class-properties
- @babel/plugin-transform-runtime from 7.17.10 to 7.23.3.
See this package in npm: https://www.npmjs.com/package/@babel/plugin-transform-runtime
- @babel/preset-flow from 7.16.7 to 7.23.3.
See this package in npm: https://www.npmjs.com/package/@babel/preset-flow
- @babel/preset-react from 7.16.7 to 7.23.3.
See this package in npm: https://www.npmjs.com/package/@babel/preset-react
See this project in Snyk:
https://app.snyk.io/org/expensify/project/35c87b83-0578-438a-9ce5-96d21d712614?utm_source=github&utm_medium=referral&page=upgrade-pr
…5ed273ee1a112c31851e2cbe80' into snyk-upgrade-7f189d5ed273ee1a112c31851e2cbe80
mjasikowski
previously approved these changes
Oct 7, 2024
MelvinBot
dismissed
mjasikowski’s stale review
The merge-base changed after approval.
mjasikowski
approved these changes
Oct 7, 2024
mjasikowski
previously approved these changes
Oct 7, 2024
|
@tgolen not sure why my review is not sufficient here, so passing the ball to you |
MelvinBot
dismissed
mjasikowski’s stale review
The merge-base changed after approval.
|
I think your review is fine as long as you tested the build out to ensure all the transpiling is still working. Did you confirm that it still works? |
|
Yup, I did, it's working fine. |
mjasikowski
previously approved these changes
Oct 7, 2024
MelvinBot
dismissed
mjasikowski’s stale review
The merge-base changed after approval.
tgolen
previously approved these changes
Oct 8, 2024
MelvinBot
dismissed
tgolen’s stale review
The merge-base changed after approval.
|
Approved reviews are getting auto-rejected on this one too. |
mjasikowski
approved these changes
Oct 8, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade multiple dependencies.
👯♂ The following dependencies are linked and will therefore be updated together.ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
from 7.17.10 to 7.23.3
on 2023-11-09
from 7.16.7 to 7.18.6
on 2022-06-27
from 7.17.10 to 7.23.3
on 2023-11-09
from 7.16.7 to 7.23.3
on 2023-11-09
from 7.16.7 to 7.23.3
on 2023-11-09
The recommended version fixes:
SNYK-JS-BABELTRAVERSE-5962462
Why? Proof of Concept exploit, CVSS 9.3
(*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: @babel/core
-
7.23.3 - 2023-11-09
- #16071 Strip type-only TS namespaces (@ colinaaa)
- #16078 Fix indentation when generating comments with
- #14295 Add a bugfix plugin for https://crbug.com/v8/12421 (@ nicolo-ribaudo)
- #15948 fix:
- #16015 fix: handle
- #16044 docs: Update links in @ babel/eslint-parser README (@ aryehb)
- #15988 Refactor handling of modules plugins in
- #16061 perf: Improve
- #16060 Avoid dynamic dispatch when calling wrapCheck (@ yepitschunked)
- #6652 Optimize computed properties output (byte-wise) (@ Andarist)
- Babel Bot (@ babel-bot)
- Colin (@ colinaaa)
- Huáng Jùnliàng (@ JLHwung)
- Mateusz Burzyński (@ Andarist)
- Nicolò Ribaudo (@ nicolo-ribaudo)
- @ aryehb
- @ liuxingbaoyu
- @ magic-akari
- @ yepitschunked
-
7.23.2 - 2023-10-12
-
7.23.0 - 2023-09-25
- #15870 Support transforming
- #15878 Implement
- #15845 Implement
- #15829 Add parsing support for the "source phase imports" proposal (@ nicolo-ribaudo)
- #15682 Add
- #15671 Pass through nonce to the transformed script element (@ JLHwung)
- #15751 Add support for optional chain in assignments (@ nicolo-ribaudo)
- #15895 Implement the "decorator metadata" proposal (@ nicolo-ribaudo)
- #15893 Add
- #15913 Add
- #15896 Allow TS tuples to have both labeled and unlabeled elements (@ yukukotani)
- #15962 fix:
- #15797 Expand evaluation of global built-ins in
- #15985 Improve source maps for blocks with
- #15984 Inline
- Babel Bot (@ babel-bot)
- Huáng Jùnliàng (@ JLHwung)
- Lorenzo Ferretti (@ lorenzoferre)
- Nicolò Ribaudo (@ nicolo-ribaudo)
- Raj Pawan Shukla (@ RajShukla1)
- Yuku Kotani (@ yukukotani)
- @ liuxingbaoyu
-
7.22.20 - 2023-09-16
- #15973 Remove special-casing of U+200C and U+200D (@ nicolo-ribaudo)
- #15974 Update Unicode test fixtures (@ JLHwung)
- #15979 Revert "Improve output when wrapping functions" (@ jjonescz)
- Huáng Jùnliàng (@ JLHwung)
- Jan Jones (@ jjonescz)
- Nicolò Ribaudo (@ nicolo-ribaudo)
-
7.22.19 - 2023-09-14
-
7.22.18 - 2023-09-14
-
7.22.17 - 2023-09-08
-
7.22.15 - 2023-09-04
-
7.22.11 - 2023-08-24
-
7.22.10 - 2023-08-07
-
7.22.9 - 2023-07-12
-
7.22.8 - 2023-07-06
-
7.22.7 - 2023-07-06
-
7.22.6 - 2023-07-04
-
7.22.5 - 2023-06-08
-
7.22.1 - 2023-05-26
-
7.22.0 - 2023-05-26
-
7.21.8 - 2023-05-02
-
7.21.5 - 2023-04-28
-
7.21.4 - 2023-03-31
-
7.21.4-esm.4 - 2023-04-04
-
7.21.4-esm.3 - 2023-04-04
-
7.21.4-esm.2 - 2023-04-04
-
7.21.4-esm.1 - 2023-04-04
-
7.21.4-esm - 2023-04-04
-
7.21.3 - 2023-03-14
-
7.21.0 - 2023-02-20
-
7.20.12 - 2023-01-04
-
7.20.7 - 2022-12-22
-
7.20.5 - 2022-11-28
-
7.20.2 - 2022-11-04
-
7.19.6 - 2022-10-20
-
7.19.3 - 2022-09-27
-
7.19.1 - 2022-09-14
-
7.19.0 - 2022-09-05
-
7.18.13 - 2022-08-22
-
7.18.10 - 2022-08-01
-
7.18.9 - 2022-07-18
-
7.18.6 - 2022-06-27
-
7.18.5 - 2022-06-13
-
7.18.2 - 2022-05-25
-
7.18.0 - 2022-05-19
-
7.17.12 - 2022-05-16
-
7.17.10 - 2022-04-29
from @babel/core GitHub release notesv7.23.3 (2023-11-09)
🐛 Bug Fix
babel-plugin-transform-typescriptbabel-generatorconcise: true(@ liuxingbaoyu)babel-compat-data,babel-plugin-bugfix-v8-static-class-fields-redefine-readonly,babel-preset-envbabel-plugin-transform-object-supersuper.xin a loop (@ liuxingbaoyu)babel-helper-module-transforms,babel-plugin-transform-modules-amd,babel-plugin-transform-modules-commonjs,babel-plugin-transform-modules-umd__proto__exports name in CJS/AMD/UMD (@ magic-akari)📝 Documentation
🏠 Internal
babel-core,babel-preset-envpreset-env(@ nicolo-ribaudo)🏃♀️ Performance
babel-generator@ babel/generatorperformance (@ liuxingbaoyu)babel-traverse🔬 Output optimization
babel-plugin-transform-computed-propertiesCommitters: 9
v@babel/[email protected]
v7.23.0 (2023-09-25)
Thanks @ lorenzoferre and @ RajShukla1 for your first PRs!
🚀 New Feature
babel-plugin-proposal-import-wasm-source,babel-plugin-syntax-import-source,babel-plugin-transform-dynamic-importimport sourcefor wasm (@ nicolo-ribaudo)babel-helper-module-transforms,babel-helpers,babel-plugin-proposal-import-defer,babel-plugin-syntax-import-defer,babel-plugin-transform-modules-commonjs,babel-runtime-corejs2,babel-runtime-corejs3,babel-runtime,babel-standaloneimport deferproposal transform support (@ nicolo-ribaudo)babel-generator,babel-parser,babel-typesimport deferparsing support (@ nicolo-ribaudo)babel-generator,babel-helper-module-transforms,babel-parser,babel-plugin-transform-dynamic-import,babel-plugin-transform-modules-amd,babel-plugin-transform-modules-commonjs,babel-plugin-transform-modules-systemjs,babel-traverse,babel-typescreateImportExpressionsparser option (@ JLHwung)babel-standalonebabel-helper-function-name,babel-helper-member-expression-to-functions,babel-helpers,babel-parser,babel-plugin-proposal-destructuring-private,babel-plugin-proposal-optional-chaining-assign,babel-plugin-syntax-optional-chaining-assign,babel-plugin-transform-destructuring,babel-plugin-transform-optional-chaining,babel-runtime-corejs2,babel-runtime-corejs3,babel-runtime,babel-standalone,babel-typesbabel-helpers,babel-plugin-proposal-decoratorsbabel-traverse,babel-typest.buildUndefinedNode(@ liuxingbaoyu)babel-preset-typescriptrewriteImportExtensionsoption to TS preset (@ nicolo-ribaudo)babel-parser🐛 Bug Fix
babel-plugin-transform-block-scopingtransform-block-scopingcaptures the variables of the method in the loop (@ liuxingbaoyu)💅 Polish
babel-traverse@ babel/traverse(@ lorenzoferre)babel-plugin-proposal-explicit-resource-managementusingdeclarations (@ nicolo-ribaudo)🔬 Output optimization
babel-core,babel-helper-module-transforms,babel-plugin-transform-async-to-generator,babel-plugin-transform-classes,babel-plugin-transform-dynamic-import,babel-plugin-transform-function-name,babel-plugin-transform-modules-amd,babel-plugin-transform-modules-commonjs,babel-plugin-transform-modules-umd,babel-plugin-transform-parameters,babel-plugin-transform-react-constant-elements,babel-plugin-transform-react-inline-elements,babel-plugin-transform-runtime,babel-plugin-transform-typescript,babel-preset-envexports.XXX =update in simple variable declarations (@ nicolo-ribaudo)Committers: 7
v7.22.20 (2023-09-16)
🏠 Internal
babel-helper-validator-identifierbabel-plugin-transform-dotall-regex↩️ Revert
babel-helper-remap-async-to-generator,babel-helper-wrap-function,babel-plugin-proposal-explicit-resource-management,babel-plugin-proposal-function-sent,babel-plugin-transform-async-generator-functions,babel-plugin-transform-async-to-generator,babel-plugin-transform-block-scoping,babel-plugin-transform-class-properties,babel-plugin-transform-classes,babel-plugin-transform-parameters,babel-plugin-transform-runtime,babel-preset-envCommitters: 3
v7.22.19 (2023-09-14)
Re-published 7.22.18, due to a releasing error.
Package name: @babel/plugin-proposal-class-properties
-
7.18.6 - 2022-06-27
-
7.17.12 - 2022-05-16
-
7.16.7 - 2021-12-31
from @babel/plugin-proposal-class-properties GitHub release notesPackage name: @babel/plugin-transform-runtime
-
7.23.3 - 2023-11-09
- #16071 Strip type-only TS namespaces (@ colinaaa)
- #16078 Fix indentation when generating comments with
- #14295 Add a bugfix plugin for https://crbug.com/v8/12421 (@ nicolo-ribaudo)
- #15948 fix:
- #16015 fix: handle
- #16044 docs: Update links in @ babel/eslint-parser README (@ aryehb)
- #15988 Refactor handling of modules plugins in
- #16061 perf: Improve
- #16060 Avoid dynamic dispatch when calling wrapCheck (@ yepitschunked)
- #6652 Optimize computed properties output (byte-wise) (@ Andarist)
- Babel Bot (@ babel-bot)
- Colin (@ colinaaa)
- Huáng Jùnliàng (@ JLHwung)
- Mateusz Burzyński (@ Andarist)
- Nicolò Ribaudo (@ nicolo-ribaudo)
- @ aryehb
- @ liuxingbaoyu
- @ magic-akari
- @ yepitschunked
-
7.23.2 - 2023-10-11
-
7.22.15 - 2023-09-04
-
7.22.10 - 2023-08-07
-
7.22.9 - 2023-07-12
-
7.22.7 - 2023-07-06
-
7.22.6 - 2023-07-04
-
7.22.5 - 2023-06-08
-
7.22.4 - 2023-05-29
-
7.22.2 - 2023-05-26
-
7.22.0 - 2023-05-26
-
7.21.4 - 2023-03-31
-
7.21.4-esm.4 - 2023-04-04
-
7.21.4-esm.3 - 2023-04-04
-
7.21.4-esm.2 - 2023-04-04
-
7.21.4-esm.1 - 2023-04-04
-
7.21.4-esm - 2023-04-04
-
7.21.0 - 2023-02-20
-
7.19.6 - 2022-10-20
-
7.19.1 - 2022-09-14
-
7.18.10 - 2022-08-01
-
7.18.9 - 2022-07-18
-
7.18.6 - 2022-06-27
-
7.18.5 - 2022-06-13
-
7.18.2 - 2022-05-25
-
7.18.0 - 2022-05-19
-
7.17.12 - 2022-05-16
-
7.17.10 - 2022-04-29
from @babel/plugin-transform-runtime GitHub release notesv7.23.3 (2023-11-09)
🐛 Bug Fix
babel-plugin-transform-typescriptbabel-generatorconcise: true(@ liuxingbaoyu)babel-compat-data,babel-plugin-bugfix-v8-static-class-fields-redefine-readonly,babel-preset-envbabel-plugin-transform-object-supersuper.xin a loop (@ liuxingbaoyu)babel-helper-module-transforms,babel-plugin-transform-modules-amd,babel-plugin-transform-modules-commonjs,babel-plugin-transform-modules-umd__proto__exports name in CJS/AMD/UMD (@ magic-akari)📝 Documentation
🏠 Internal
babel-core,babel-preset-envpreset-env(@ nicolo-ribaudo)🏃♀️ Performance
babel-generator@ babel/generatorperformance (@ liuxingbaoyu)babel-traverse🔬 Output optimization
babel-plugin-transform-computed-propertiesCommitters: 9
v@babel/[email protected]
Package name: @babel/preset-flow
-
7.23.3 - 2023-11-09
- #16071 Strip type-only TS namespaces (@ colinaaa)
- #16078 Fix indentation when generating comments with
- #14295 Add a bugfix plugin for https://crbug.com/v8/12421 (@ nicolo-ribaudo)
- #15948 fix:
- #16015 fix: handle
- #16044 docs: Update links in @ babel/eslint-parser README (@ aryehb)
- #15988 Refactor handling of modules plugins in
- #16061 perf: Improve
- #16060 Avoid dynamic dispatch when calling wrapCheck (@ yepitschunked)
- #6652 Optimize computed properties output (byte-wise) (@ Andarist)
- Babel Bot (@ babel-bot)
- Colin (@ colinaaa)
- Huáng Jùnliàng (@ JLHwung)
- Mateusz Burzyński (@ Andarist)
- Nicolò Ribaudo (@ nicolo-ribaudo)
- @ aryehb
- @ liuxingbaoyu
- @ magic-akari
- @ yepitschunked
-
7.22.15 - 2023-09-04
-
7.22.5 - 2023-06-08
-
7.21.4 - 2023-03-31
-
7.21.4-esm.4 - 2023-04-04
-
7.21.4-esm.3 - 2023-04-04
-
7.21.4-esm.2 - 2023-04-04
-
7.21.4-esm.1 - 2023-04-04
-
7.21.4-esm - 2023-04-04
-
7.18.6 - 2022-06-27
-
7.17.12 - 2022-05-16
-
7.16.7 - 2021-12-31
from @babel/preset-flow GitHub release notesv7.23.3 (2023-11-09)
🐛 Bug Fix
babel-plugin-transform-typescriptbabel-generatorconcise: true(@ liuxingbaoyu)babel-compat-data,babel-plugin-bugfix-v8-static-class-fields-redefine-readonly,babel-preset-envbabel-plugin-transform-object-supersuper.xin a loop (@ liuxingbaoyu)babel-helper-module-transforms,babel-plugin-transform-modules-amd,babel-plugin-transform-modules-commonjs,babel-plugin-transform-modules-umd__proto__exports name in CJS/AMD/UMD (@ magic-akari)📝 Documentation
🏠 Internal
babel-core,babel-preset-envpreset-env(@ nicolo-ribaudo)🏃♀️ Performance
babel-generator@ babel/generatorperformance (@ liuxingbaoyu)babel-traverse🔬 Output optimization
babel-plugin-transform-computed-propertiesCommitters: 9
Package name: @babel/preset-react
-
7.23.3 - 2023-11-09
-
7.22.15 - 2023-09-04
-
7.22.5 - 2023-06-08
-
7.22.3 - 2023-05-27
-
7.22.0 - 2023-05-26
-
7.21.4-esm.4 - 2023-04-04
-
7.21.4-esm.3 - 2023-04-04
-
7.21.4-esm.2 - 2023-04-04
-
7.21.4-esm.1 - 2023-04-04
-
7.21.4-esm - 2023-04-04
-
7.18.6 - 2022-06-27
-
7.17.12 - 2022-05-16
-
7.16.7 - 2021-12-31
from @babel/preset-react GitHub release notesRead more
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs