[Snyk] Upgrade rollup from 3.29.4 to 4.0.0 by Woodpile37 · Pull Request #104 · Woodpile37/ethers.js

Woodpile37 · 2023-10-27T02:08:49Z

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade rollup from 3.29.4 to 4.0.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Warning: This is a major version upgrade, and may be a breaking change.

The recommended version is 25 versions ahead of your current version.
The recommended version was released 21 days ago, on 2023-10-05.

Release notes

Package name: rollup

4.0.0 - 2023-10-05
4.0.0

2023-10-05

BREAKING CHANGES

General Changes
- The minimal required Node version is now 18.0.0 (#5142)
- The browser build now relies on a WASM artifact that needs to be provided as well (#5073)
- The NodeJS build now relies on an optional native binary; for unsupported platforms, users can use the @ rollup/wasm-node package that has the same interface as Rollup but relies on WASM artifacts (#5073)
- The "with" syntax for import attributes is not yet supported, awaiting support in SWC (#5073)
- The INVALID_IMPORT_ASSERTION error code has been replaced with INVALID_IMPORT_ATTRIBUTE (#5073)
- Rollup will now warn for @ __PURE__ and @ __NO_SIDE_EFFECTS__ annotations in invalid locations (#5165)
- If an entry module starts with a shebang comment #!..., this comment will be prepended to the output for es and cjs formats (#5163)
- File hashes will now use url-safe base64 encoded hashes (#5155)
- The maximum hash length has been reduced to 22 characters (#5155)
- The RollupWarning type has been removed in favor of the RollupLog type (#5147)
Changes to Rollup Options
- Acorn plugins are no longer supported, the acornInjectPlugins option has been removed (#5073)
- The acorn option has been removed (#5073)
- output.externalImportAssertions has been deprecated in favor of output.externalImportAttributes (#5073)
- inlineDynamicImports, manualChunks and preserveModules have been removed on input option level: Please use the corresponding output options of the same names (#5143)
- Removed output options (#5143):
  - output.experimentalDeepDynamicChunkOptimization: This option is no longer needed as Rollup now always runs the full chunking algorithm
  - output.dynamicImportFunction: Use the renderDynamicImport plugin hook instead
  - output.namespaceToStringTag: Use output.generatedCode.symbols instead
  - output.preferConst: Use output.generatedCode.constBindings instead
Plugin API Changes
- For this.resolve, the default of the skipSelf option is now true (#5142)
- this.parse now only supports the allowReturnOutsideFunction option for now (#5073)
- Import assertions now use the new import attribute AST structure (#5073)
- "assertions" have been replaced with "attributes" in various places of the plugin interface (#5073)
- If the import of a module id is handled by the load hook of a plugin, rollup.watch no longer watches the actual file if the module id corresponds to a real path; if this is intended, then the plugin is responsible for calling this.addWatchFile for any dependency files (#5150)
- The normalized input options provided by buildStart and other hooks no longer contain an onwarn handler; plugins should use onLog instead (#5147)
- this.moduleIds has been removed from the plugin context: Use this.getModuleIds() instead (#5143)
- The hasModuleSideEffects flag has been removed from the ModuleInfo returned by thi s.getModuleInfo(): Use moduleSideEffects on the ModuleInfo instead (#5143)
Features
- Improve parsing speed by switching to a native SWC-based parser (#5073)
- Rollup will now warn for @ __PURE__ and @ __NO_SIDE_EFFECTS__ annotations in invalid locations (#5165)
- The parser is now exposed as a separate export parseAst (#5169)
Bug Fixes
- Rollup no longer tries to watch virtual files if their name corresponds to an actual file name; instead, plugins handle watching via this.addWatchFile() (#5150)
Pull Requests
- #5073: [v4.0] Switch parser to SWC and introduce native/WASM code (@ lukastaegert)
- #5142: [v4.0] Set the default of skipSelf to true (@ TrickyPi)
- #5143: [v4.0] Remove deprecated features (@ lukastaegert)
- #5144: [v4.0] Imporve the performance of generating ast and rollup ast nodes (@ TrickyPi)
- #5147: [v4.0] Remove onwarn from normalized input options (@ lukastaegert)
- #5150: [v4.0] feat: Do not watch files anymore if their content is returned by the load hook (@ TrickyPi)
- #5154: [v4.0] Add parse option to allow return outside function (@ lukastaegert)
- #5155: [v4.0] feat: implement hashing content in Rust (@ TrickyPi)
- #5157: [v4.0] Handle empty exports (@ lukastaegert)
- #5160: chore(deps): lock file maintenance minor/patch updates (@ renovate[bot])
- #5163: [v4.0] feat: preserve shebang in entry module for CJS and ESM outputs (@ TrickyPi)
- #5164: [v4.0] fix: also strip BOM from code strings in JS (@ TrickyPi)
- #5165: [v4.0] warn for invalid annotations (@ lukastaegert)
- #5168: [v4.0] Ensure we support new import attribute "with" syntax (@ lukastaegert)
- #5169: [v4.0] Expose parser (@ lukastaegert)
4.0.0-25 - 2023-10-05
4.0.0-25
4.0.0-24 - 2023-10-03
4.0.0-23 - 2023-09-26
4.0.0-22 - 2023-09-26
4.0.0-21 - 2023-09-24
4.0.0-20 - 2023-09-24
4.0.0-19 - 2023-09-15
4.0.0-18 - 2023-09-15
4.0.0-17 - 2023-09-15
4.0.0-16 - 2023-09-15
4.0.0-15 - 2023-09-15
4.0.0-14 - 2023-09-15
4.0.0-13 - 2023-08-24
4.0.0-12 - 2023-08-23
4.0.0-10 - 2023-08-21
4.0.0-9 - 2023-08-20
4.0.0-8 - 2023-08-20
4.0.0-7 - 2023-08-20
4.0.0-6 - 2023-08-20
Check publish
4.0.0-5 - 2023-08-20
4.0.0-4 - 2023-08-04
4.0.0-3 - 2023-08-04
4.0.0-2 - 2023-08-01
4.0.0-1 - 2023-08-01
3.29.4 - 2023-09-28
3.29.4

2023-09-28

Bug Fixes
- Fix static analysis when an exported function uses callbacks (#5158)
Pull Requests
- #5158: Deoptimize all parameters when losing track of a function (@ lukastaegert)

from rollup GitHub release notes

Commit messages

Package name: rollup

2f26135 4.0.0
4e8e5b4 [v4.0] Expose parser (#5169)
cade24f [v4.0] Ensure we support new import attribute "with" syntax (#5168)
dd709c3 [v4.0] warn for invalid annotations (#5165)
bfbea66 [v4.0] feat: preserve shebang in entry module for CJS and ESM outputs (#5163)
4e562e5 [v4.0] fix: also strip BOM from code strings in JS (#5164)
fbc25af [v4.0] feat: implement hashing content in Rust (#5155)
0b0eabd [v4.0] Handle empty exports (#5157)
fda977b [v4.0] Add parse option to allow return outside function (#5154)
7325320 [v4.0] Remove onwarn from normalized input options (#5147)
accd66a [v4.0] feat: Do not watch files anymore if their content is returned by the load hook (#5150)
55abe0f [v4.0] Remove deprecated features (#5143)
62cbff4 [v4.0] Imporve the performance of generating ast and rollup ast nodes (#5144)
92864d4 [v4.0] Set the default of skipSelf to true (#5142)
643272e [v4.0] Switch parser to SWC and introduce native/WASM code (Please add the ability to use eth_getBlockReceipts ethers-io/ethers.js#5073)
4576ef3 [v4.0] Set minimum Node version to 18
fac5f1c chore(deps): lock file maintenance minor/patch updates (#5160)