Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update dependency esm to v3.1.0 #78

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Update dependency esm to v3.1.0 #78

wants to merge 1 commit into from

Conversation

dev-mend-for-jackfan.us.kg[bot]
Copy link

@dev-mend-for-jackfan.us.kg dev-mend-for-jackfan.us.kg bot commented Jan 20, 2025
edited
Loading

This PR contains the following updates:

Package Type Update Change
esm dependencies minor 3.0.80 -> 3.1.0

By merging this PR, the issue #79 will be automatically resolved and closed:

Severity CVSS Score CVE Reachability
Medium Medium 6.5 WS-2018-0591

Release Notes

standard-things/esm (esm)

v3.1.0

Compare Source

  • Added support for export-ns-from syntax
  • Added support for options.wasm
  • Avoided “__global__ has already been declared” errors (#​671)
  • Ensured esm passes all applicable test262 compliance tests
  • Ensured esm works with globally installed tink (#​702)
  • Ensured esm works with lit-node (#​679)
  • Ensured esm works with Node --use-strict and avoids CSP errors in Electron (#​607)
  • Ensured the module.id of esm is string before using it (#​681)
  • Ensured preloaded modules are reloaded when using Node -p or -e flags
  • Fixed detection of shadowed identifiers (#​622)
  • Fixed dynamic import support in Electron (#​692)
  • Fixed fs.realpathSync.native detection (#​646)
  • Fixed options.mainFields support (#​693)
  • Fixed Puppeteer support (#​654)
  • Fixed re-export test case (#​629)
  • Fixed regexp DoS issue (#​694)
  • Raised minimum Node support for options.await to Node 10+
  • Reduced instrumentation of console and Reflect (#​675)

v3.0.84

Compare Source

  • Ensured esm paths aren’t reloaded when preloading modules
  • Fixed regression translating empty export-from lists

v3.0.83

Compare Source

  • Added support for the ESM_DISABLE_CACHE environment variable (#​595)
  • Ensured any CLI modules preloaded before esm are reloaded
  • Ensured esm doesn’t trigger unsafe-eval CSP errors (#​601)
  • Ensured .js files are found before .mjs files with options.cjs.paths
  • Fixed regression introduced by standard-things/esm@6ce0385

v3.0.82

Compare Source

  • Ensured inspector doesn’t throw initialization errors in workers (#​591)
  • Ensured read-only CJS exports don’t throw proxy trap errors (#​589)
  • Fixed regression resolving real paths (#​588)
  • Made esm cache more portable (#​586)

v3.0.81

Compare Source

  • Ensured shebang is stripped for side effect only ES modules (#​583)
  • Ensured yield insertions are not stored in cache files (#​585)
  • If you want to rebase/retry this PR, check this box

@dev-mend-for-jackfan.us.kg dev-mend-for-jackfan.us.kg bot added the security fix Security fix generated by Mend label Jan 20, 2025
@dev-mend-for-jackfan.us.kg dev-mend-for-jackfan.us.kg bot force-pushed the whitesource-remediate/esm-3.x-lockfile branch from bbfc67c to edcc958 Compare January 23, 2025 20:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
security fix Security fix generated by Mend
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants