Renovate Update Patch & Minor Updates

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence	Type	Update
@ministryofjustice/frontend	1.8.0 -> 1.8.1					dependencies	patch
anothrNick/github-tag-action	1.61.0 -> 1.67.0					action	minor
axe-core (source)	4.7.2 -> 4.8.2					devDependencies	minor
cypress (source)	12.16.0 -> 12.17.4					devDependencies	minor
cypress-axe	^0.13.0 -> ^0.14.0					devDependencies	minor
cypress/included	12.5.1 -> 12.17.4					final	minor
esbuild	^0.15.14 -> ^0.19.0					devDependencies	minor
github.com/gorilla/mux	v1.8.0 -> v1.8.1					require	patch
github.com/stretchr/testify	v1.8.1 -> v1.8.4					require	patch
golang	1.20.1-alpine3.16 -> 1.20.4-alpine3.16					stage	patch
golangci/golangci-lint	v1.53.3 -> v1.55.2						minor
govuk-frontend (source)	4.6.0 -> 4.7.0					dependencies	minor
json-server	0.17.3 -> 0.17.4					dependencies	patch
prettier (source)	2.8.4 -> 2.8.8					devDependencies	patch
sass	1.63.6 -> 1.69.5					devDependencies	minor

---

Release Notes

ministryofjustice/moj-frontend (@​ministryofjustice/frontend)

v1.8.1

Compare Source

Bug Fixes

• help and feedback missing destination: page destination incorrect and causing a broken link (#​536) (3b4b9f7)

anothrNick/github-tag-action (anothrNick/github-tag-action)

v1.67.0: : improvements: tag strategy and tag listing for filtering

Compare Source

Sorting tags by date [https://github.com/anothrNick/github-tag-action/pull/2722 ]
Adding GIT_API_TAGGING false option to switch to cli tagging [https://github.com/anothrNick/github-tag-action/pull/210](https://togithub.com/anothrNick/github-tag-action/pull/210)10 ]

CLI tagging nowdays is more reliable for github actions permissions.

v1.66.0: : fixes: sigpipe 141 scenarios

Compare Source

In some cases if the repo contains hundreds of tags, since we set -e grep combined with git tag reads randomly exits with error 141.

v1.65.0: : fixes pre-release tag exists

Compare Source

Fixes a bug introduced in 1.64 that makes pre-releases error when following a release branch strategy.
More details here https://github.com/anothrNick/github-tag-action/issues/265

v1.64.0: : hotfix: in some cases git rev errors since set -e

Compare Source

v1.63.0: : Improvements: set node to lts and catch actions errors efficiently

Compare Source

v1.62.0: : More tests and outputs when default_bump set to NONE

Compare Source

This is a very minor release, adds outputs to workflows using default_bump none when there are no #comments found that trigger a commit bump.

dequelabs/axe-core (axe-core)

v4.8.2

Compare Source

v4.8.1

Compare Source

v4.8.0

Compare Source

Consistent Rule Impact

This release changes it so that a rule never changes what impact it reports. To facilitate this while without changing the impact on certain issues, some rules have been split. The following changes were involved:

• Deprecate impact on checks; use rules instead (#​4114) (2cc5547)
• add rule aria-deprecated-role (#​4074) (03f2771)
• add rule aria-conditional-attr (#​4094) (d417630)
• aria-input/toggle-field-name: set impact always to serious (#​4095) (e031d68)
• aria-prohibited-attr: add rule aria-prohibited-attr (#​4088) (7b115d3)
• impact: aria-roles / aria-valid-attr-value is always "critical" (#​4112) (5cc8041)
• impact: scope-attr-valid is always "moderate" (#​4113) (131f552)

Other Features

• deprecate & disable duplicate-id / duplicate-id-active (#​4071) (733c45e)
• duplicate-id-aria: set to review on fail and tag as wcag412 (#​4075) (9f1a3e3)
• add EN.301.549 tags to rules (#​4063) (de3da89)
• checks: enable help-same-as-label, but remove from rules (#​4096) (034038a)
• new-rule: aria-braille-equivalent finds incorrect uses of aria-braille attributes (#​4107) (6260a2f)
• page-no-duplicate-banner/contentinfo: deprecate options.nativeScopeFilter, take into ancestors with sectioning roles (#​4105) (c6e07be)

Type Fixes & Improvements

Various improvements were made to the types. Potentially the most impactful of which is that the target and ancestry property now return as UnlabelledFrameSelector instead of as string[], which is incorrect for selectors involving shadow DOM. This may create some issues during migration for any code that has been incorrectly assuming these two properties have the string[] type. For more details and other type changes, see the commit itself:

• d.ts: improve axe.d.ts types (#​4081) (7c5f991), closes #​3966

Bug Fixes

• access-name: get name from header elements (#​4097) (fbe99bf)
• add element semantics (#​4115) (637bf6c)
• aria-allowed-attr: pass aria-expanded on checkbox & switch (#​4110) (fcf76e0), closes #​3339
• aria-allowed-role: Add doc-glossary to allowed roles for aside element (#​4083) (6ca38f6)
• aria-allowed-role: add meter to allowed roles for named img (#​4055) (173f29d), closes #​4054
• aria-required-childen: test visibility of grandchildren (#​4091) (a202b69)
• aria-text: typo in rule description (#​4131) (85a0e9c)
• aria-valid-attr-value: allow empty value on aria-braille* & aria-valuetext (#​4109) (c4c3e65)
• avoid memory issues by doing better cleanup (#​4059) (16c5cfa)
• avoid problems from element IDs that exist on object prototype (#​4060) (8d135dd)
• color-contrast: correctly handle flex and position (#​4086) (9d5f496)
• color-contrast: get text stoke from offset shadows (#​4079) (13acffe)
• color-contrast: ignore format unicode characters (#​4102) (049522e)
• color-contrast: ignore zero width characters (#​4103) (4deb0a0)
• color-contrast: process non-rgb color functions (#​4092) (9634282)
• commons/dom/createGrid: only add the visible, non-overflow areas of an element to the grid (#​4101) (d77f47b)
• ensure reporter errors can propagate (#​4111) (080cc1b)
• ignore stylesheets fetching style tag in jsdom (#​4138) (d7c16a4)
• jsdom: allow axe.setup() without a global window (#​4116) (33b0314)
• target-size: correctly calculate bounding box (#​4125) (1494b4c)
• target-size: update to match new spacing requirements (#​4117) (49eaa0e)
• Use correct copyright year (#​4098) (cab6a2b)
• utils/clone: don't try to clone elements from different window context (#​4072) (55000d0)

4.7.2 (2023-05-25)

Bug Fixes

• aria-allowed-attr: Add 'aria-required' to switch role (#​4029) (cb51be4), closes #​4027
• aria-allowed-attr: allow aria-required on role=slider (#​4035) (bb2bf60)
• aria-required-children: set related nodes for invalid children (#​4033) (377f72b)
• tags: Add / correct several TTv5 tags (#​4031) (25859dd)

4.7.1 (2023-05-15)

Bug Fixes

• aria-allowed-attr: no inconsistent aria-checked on HTML checkboxes (#​3895) (704043e)
• aria-allowed-attrs: add aria-expanded to allowed attrs for menuitemcheckbox and menuitemradio (#​3994) (0f405c6)
• aria-required-children: trigger reviewEmpty with hidden children (#​4012) (a19b6cb)
• color-contrast: support CSS 4 color spaces (#​4020) (65621c3)
• link-in-text-block: set links with pseudo-content for review (#​4005) (949f4f8)

cypress-io/cypress (cypress)

v12.17.4

Compare Source

Changelog: https://docs.cypress.io/guides/references/changelog#12-17-4

v12.17.3

Compare Source

Changelog: https://docs.cypress.io/guides/references/changelog#12-17-3

v12.17.2

Compare Source

Changelog: https://docs.cypress.io/guides/references/changelog#12-17-2

v12.17.1

Compare Source

Changelog: https://docs.cypress.io/guides/references/changelog#12-17-1

v12.17.0

Compare Source

Changelog: https://docs.cypress.io/guides/references/changelog#12-17-0

component-driven/cypress-axe (cypress-axe)

v0.14.0

Compare Source

Bug Fixes

• Update import to not require allowSyntheticDefaultImports=true (#​115) (8d47177)

Features

• Support Cypress 9 (#​112) (1585f5a)

evanw/esbuild (esbuild)

v0.19.8

Compare Source

• Add a treemap chart to esbuild's bundle analyzer (#​2848)

  The bundler analyzer on esbuild's website (https://esbuild.github.io/analyze/) now has a treemap chart type in addition to the two existing chart types (sunburst and flame). This should be more familiar for people coming from other similar tools, as well as make better use of large screens.

• Allow decorators after the export keyword (#​104)

  Previously esbuild's decorator parser followed the original behavior of TypeScript's experimental decorators feature, which only allowed decorators to come before the export keyword. However, the upcoming JavaScript decorators feature also allows decorators to come after the export keyword. And with TypeScript 5.0, TypeScript now also allows experimental decorators to come after the export keyword too. So esbuild now allows this as well:

  // This old syntax has always been permitted:
  @​decorator export class Foo {}
  @​decorator export default class Foo {}
  
  // This new syntax is now permitted too:
  export @​decorator class Foo {}
  export default @​decorator class Foo {}

  In addition, esbuild's decorator parser has been rewritten to fix several subtle and likely unimportant edge cases with esbuild's parsing of exports and decorators in TypeScript (e.g. TypeScript apparently does automatic semicolon insertion after interface and export interface but not after export default interface).

• Pretty-print decorators using the same whitespace as the original

  When printing code containing decorators, esbuild will now try to respect whether the original code contained newlines after the decorator or not. This can make generated code containing many decorators much more compact to read:

  // Original code
  class Foo {
    @​a @​b @​c abc
    @​x @​y @​z xyz
  }
  
  // Old output
  class Foo {
    @​a
    @​b
    @​c
    abc;
    @​x
    @​y
    @​z
    xyz;
  }
  
  // New output
  class Foo {
    @​a @​b @​c abc;
    @​x @​y @​z xyz;
  }

v0.19.7

Compare Source

• Add support for bundling code that uses import attributes (#​3384)

  JavaScript is gaining new syntax for associating a map of string key-value pairs with individual ESM imports. The proposal is still a work in progress and is still undergoing significant changes before being finalized. However, the first iteration has already been shipping in Chromium-based browsers for a while, and the second iteration has landed in V8 and is now shipping in node, so it makes sense for esbuild to support it. Here are the two major iterations of this proposal (so far):

  1. Import assertions (deprecated, will not be standardized)

     • Uses the assert keyword
     • Does not affect module resolution
     • Causes an error if the assertion fails
     • Shipping in Chrome 91+ (and in esbuild 0.11.22+)

  2. Import attributes (currently set to become standardized)

     • Uses the with keyword
     • Affects module resolution
     • Unknown attributes cause an error
     • Shipping in node 21+

  You can already use esbuild to bundle code that uses import assertions (the first iteration). However, this feature is mostly useless for bundlers because import assertions are not allowed to affect module resolution. It's basically only useful as an annotation on external imports, which esbuild will then preserve in the output for use in a browser (which would otherwise refuse to load certain imports).

  With this release, esbuild now supports bundling code that uses import attributes (the second iteration). This is much more useful for bundlers because they are allowed to affect module resolution, which means the key-value pairs can be provided to plugins. Here's an example, which uses esbuild's built-in support for the upcoming JSON module standard:

  // On static imports
  import foo from './package.json' with { type: 'json' }
  console.log(foo)
  
  // On dynamic imports
  const bar = await import('./package.json', { with: { type: 'json' } })
  console.log(bar)

  One important consequence of the change in semantics between import assertions and import attributes is that two imports with identical paths but different import attributes are now considered to be different modules. This is because the import attributes are provided to the loader, which might then use those attributes during loading. For example, you could imagine an image loader that produces an image of a different size depending on the import attributes.

  Import attributes are now reported in the metafile and are now provided to on-load plugins as a map in the with property. For example, here's an esbuild plugin that turns all imports with a type import attribute equal to 'cheese' into a module that exports the cheese emoji:

  const cheesePlugin = {
    name: 'cheese',
    setup(build) {
      build.onLoad({ filter: /.*/ }, args => {
        if (args.with.type === 'cheese') return {
          contents: `export default "🧀"`,
        }
      })
    }
  }
  
  require('esbuild').build({
    bundle: true,
    write: false,
    stdin: {
      contents: `
        import foo from 'data:text/javascript,' with { type: 'cheese' }
        console.log(foo)
      `,
    },
    plugins: [cheesePlugin],
  }).then(result => {
    const code = new Function(result.outputFiles[0].text)
    code()
  })

  Warning: It's possible that the second iteration of this feature may change significantly again even though it's already shipping in real JavaScript VMs (since it has already happened once before). In that case, esbuild may end up adjusting its implementation to match the eventual standard behavior. So keep in mind that by using this, you are using an unstable upcoming JavaScript feature that may undergo breaking changes in the future.

• Adjust TypeScript experimental decorator behavior (#​3230, #​3326, #​3394)

  With this release, esbuild will now allow TypeScript experimental decorators to access both static class properties and #private class names. For example:

  const check =
    <T,>(a: T, b: T): PropertyDecorator =>
      () => console.log(a === b)
  
  async function test() {
    class Foo {
      static #foo = 1
      static bar = 1 + Foo.#foo
      @&#8203;check(Foo.#foo, 1) a: any
      @&#8203;check(Foo.bar, await Promise.resolve(2)) b: any
    }
  }
  
  test().then(() => console.log('pass'))

  This will now print true true pass when compiled by esbuild. Previously esbuild evaluated TypeScript decorators outside of the class body, so it didn't allow decorators to access Foo or #foo. Now esbuild does something different, although it's hard to concisely explain exactly what esbuild is doing now (see the background section below for more information).

  Note that TypeScript's experimental decorator support is currently buggy: TypeScript's compiler passes this test if only the first @check is present or if only the second @check is present, but TypeScript's compiler fails this test if both checks are present together. I haven't changed esbuild to match TypeScript's behavior exactly here because I'm waiting for TypeScript to fix these bugs instead.

  Some background: TypeScript experimental decorators don't have consistent semantics regarding the context that the decorators are evaluated in. For example, TypeScript will let you use await within a decorator, which implies that the decorator runs outside the class body (since await isn't supported inside a class body), but TypeScript will also let you use #private names, which implies that the decorator runs inside the class body (since #private names are only supported inside a class body). The value of this in a decorator is also buggy (the run-time value of this changes if any decorator in the class uses a #private name but the type of this doesn't change, leading to the type checker no longer matching reality). These inconsistent semantics make it hard for esbuild to implement this feature as decorator evaluation happens in some superposition of both inside and outside the class body that is particular to the internal implementation details of the TypeScript compiler.

• Forbid --keep-names when targeting old browsers (#​3477)

  The --keep-names setting needs to be able to assign to the name property on functions and classes. However, before ES6 this property was non-configurable, and attempting to assign to it would throw an error. So with this release, esbuild will no longer allow you to enable this setting while also targeting a really old browser.

v0.19.6

Compare Source

• Fix a constant folding bug with bigint equality

  This release fixes a bug where esbuild incorrectly checked for bigint equality by checking the equality of the bigint literal text. This is correct if the bigint doesn't have a radix because bigint literals without a radix are always in canonical form (since leading zeros are not allowed). However, this is incorrect if the bigint has a radix (e.g. 0x123n) because the canonical form is not enforced when a radix is present.

  // Original code
  console.log(!!0n, !!1n, 123n === 123n)
  console.log(!!0x0n, !!0x1n, 123n === 0x7Bn)
  
  // Old output
  console.log(false, true, true);
  console.log(true, true, false);
  
  // New output
  console.log(false, true, true);
  console.log(!!0x0n, !!0x1n, 123n === 0x7Bn);

• Add some improvements to the JavaScript minifier

  This release adds more cases to the JavaScript minifier, including support for inlining String.fromCharCode and String.prototype.charCodeAt when possible:

  // Original code
  document.onkeydown = e => e.keyCode === 'A'.charCodeAt(0) && console.log(String.fromCharCode(55358, 56768))
  
  // Old output (with --minify)
  document.onkeydown=o=>o.keyCode==="A".charCodeAt(0)&&console.log(String.fromCharCode(55358,56768));
  
  // New output (with --minify)
  document.onkeydown=o=>o.keyCode===65&&console.log("🧀");

  In addition, immediately-invoked function expressions (IIFEs) that return a single expression are now inlined when minifying. This makes it possible to use IIFEs in combination with @__PURE__ annotations to annotate arbitrary expressions as side-effect free without the IIFE wrapper impacting code size. For example:

  // Original code
  const sideEffectFreeOffset = /* @​__PURE__ */ (() => computeSomething())()
  use(sideEffectFreeOffset)
  
  // Old output (with --minify)
  const e=(()=>computeSomething())();use(e);
  
  // New output (with --minify)
  const e=computeSomething();use(e);

• Automatically prefix the mask-composite CSS property for WebKit (#​3493)

  The mask-composite property will now be prefixed as -webkit-mask-composite for older WebKit-based browsers. In addition to prefixing the property name, handling older browsers also requires rewriting the values since WebKit uses non-standard names for the mask composite modes:

  /* Original code */
  div {
    mask-composite: add, subtract, intersect, exclude;
  }
  
  /* New output (with --target=chrome100) */
  div {
    -webkit-mask-composite:
      source-over,
      source-out,
      source-in,
      xor;
    mask-composite:
      add,
      subtract,
      intersect,
      exclude;
  }

• Avoid referencing this from JSX elements in derived class constructors (#​3454)

  When you enable --jsx=automatic and --jsx-dev, the JSX transform is supposed to insert this as the last argument to the jsxDEV function. I'm not sure exactly why this is and I can't find any specification for it, but in any case this causes the generated code to crash when you use a JSX element in a derived class constructor before the call to super() as this is not allowed to be accessed at that point. For example

  // Original code
  class ChildComponent extends ParentComponent {
    constructor() {
      super(<div />)
    }
  }
  
  // Problematic output (with --loader=jsx --jsx=automatic --jsx-dev)
  import { jsxDEV } from "react/jsx-dev-runtime";
  class ChildComponent extends ParentComponent {
    constructor() {
      super(/* @&#8203;__PURE__ */ jsxDEV("div", {}, void 0, false, {
        fileName: "<stdin>",
        lineNumber: 3,
        columnNumber: 15
      }, this)); // The reference to "this" crashes here
    }
  }

  The TypeScript compiler doesn't handle this at all while the Babel compiler just omits this for the entire constructor (even after the call to super()). There seems to be no specification so I can't be sure that this change doesn't break anything important. But given that Babel is pretty loose with this and TypeScript doesn't handle this at all, I'm guessing this value isn't too important. React's blog post seems to indicate that this value was intended to be used for a React-specific migration warning at some point, so it could even be that this value is irrelevant now. Anyway the crash in this case should now be fixed.

• Allow package subpath imports to map to node built-ins (#​3485)

  You are now able to use a subpath import in your package to resolve to a node built-in module. For example, with a package.json file like this:

  {
    "type": "module",
    "imports": {
      "#stream": {
        "node": "stream",
        "default": "./stub.js"
      }
    }
  }

  You can now import from node's stream module like this:

  import * as stream from '#stream';
  console.log(Object.keys(stream));

  This will import from node's stream module when the platform is node and from ./stub.js otherwise.

• No longer throw an error when a Symbol is missing (#​3453)

  Certain JavaScript syntax features use special properties on the global Symbol object. For example, the asynchronous iteration syntax uses Symbol.asyncIterator. Previously esbuild's generated code for older browsers required this symbol to be polyfilled. However, starting with this release esbuild will use Symbol.for() to construct these symbols if they are missing instead of throwing an error about a missing polyfill. This means your code no longer needs to include a polyfill for missing symbols as long as your code also uses Symbol.for() for missing symbols.

• Parse upcoming changes to TypeScript syntax (#​3490, #​3491)

  With this release, you can now use from as the name of a default type-only import in TypeScript code, as well as of as the name of an await using loop iteration variable:

  import type from from 'from'
  for (await using of of of) ;

  This matches similar changes in the TypeScript compiler (#​56376 and #​55555) which will start allowing this syntax in an upcoming version of TypeScript. Please never actually write code like this.

  The type-only import syntax change was contributed by @​magic-akari.

v0.19.5

Compare Source

• Fix a regression in 0.19.0 regarding paths in tsconfig.json (#​3354)

  The fix in esbuild version 0.19.0 to process tsconfig.json aliases before the --packages=external setting unintentionally broke an edge case in esbuild's handling of certain tsconfig.json aliases where there are multiple files with the same name in different directories. This release adjusts esbuild's behavior for this edge case so that it passes while still processing aliases before --packages=external. Please read the linked issue for more details.

• Fix a CSS font property minification bug (#​3452)

  This release fixes a bug where esbuild's CSS minifier didn't insert a space between the font size and the font family in the font CSS shorthand property in the edge case where the original source code didn't already have a space and the leading string token was shortened to an identifier:

  /* Original code */
  .foo { font: 16px"Menlo"; }
  
  /* Old output (with --minify) */
  .foo{font:16pxMenlo}
  
  /* New output (with --minify) */
  .foo{font:16px Menlo}

• Fix bundling CSS with asset names containing spaces (#​3410)

  Assets referenced via CSS url() tokens may cause esbuild to generate invalid output when bundling if the file name contains spaces (e.g. url(image 2.png)). With this release, esbuild will now quote all bundled asset references in url() tokens to avoid this problem. This only affects assets loaded using the file and copy loaders.

• Fix invalid CSS url() tokens in @import rules (#​3426)

  In the future, CSS url() tokens may contain additional stuff after the URL. This is irrelevant today as no CSS specification does this. But esbuild previously had a bug where using these tokens in an @import rule resulted in malformed output. This bug has been fixed.

• Fix browser + false + type: module in package.json (#​3367)

  The browser field in package.json allows you to map a file to false to have it be treated as an empty file when bundling for the browser. However, if package.json contains "type": "module" then all .js files will be considered ESM, not CommonJS. Importing a named import from an empty CommonJS file gives you undefined, but importing a named export from an empty ESM file is a build error. This release changes esbuild's interpretation of these files mapped to false in this situation from ESM to CommonJS to avoid generating build errors for named imports.

• Fix a bug in top-level await error reporting (#​3400)

  Using require() on a file that contains top-level await is not allowed because require() must return synchronously and top-level await makes that impossible. You will get a build error if you try to bundle code that does this with esbuild. This release fixes a bug in esbuild's error reporting code for complex cases of this situation involving multiple levels of imports to get to the module containing the top-level await.

• Update to Unicode 15.1.0

  The character tables that determine which characters form valid JavaScript identifiers have been updated from Unicode version 15.0.0 to the newly-released Unicode version 15.1.0. I'm not putting an example in the release notes because all of the new characters will likely just show up as little squares since fonts haven't been updated yet. But you can read https://www.unicode.org/versions/Unicode15.1.0/#Summary for more information about the changes.

  This upgrade was contributed by @​JLHwung.

v0.19.4

Compare Source

• Fix printing of JavaScript decorators in tricky cases (#​3396)

  This release fixes some bugs where esbuild's pretty-printing of JavaScript decorators could incorrectly produced code with a syntax error. The problem happened because esbuild sometimes substitutes identifiers for other expressions in the pretty-printer itself, but the decision about whether to wrap the expression or not didn't account for this. Here are some examples:

  // Original code
  import { constant } from './constants.js'
  import { imported } from 'external'
  import { undef } from './empty.js'
  class Foo {
    @​constant()
    @​imported()
    @​undef()
    foo
  }
  
  // Old output (with --bundle --format=cjs --packages=external --minify-syntax)
  var import_external = require("external");
  var Foo = class {
    @​123()
    @​(0, import_external.imported)()
    @​(void 0)()
    foo;
  };
  
  // New output (with --bundle --format=cjs --packages=external --minify-syntax)
  var import_external = require("external");
  var Foo = class {
    @​(123())
    @​((0, import_external.imported)())
    @​((void 0)())
    foo;
  };

• Allow pre-release versions to be passed to target (#​3388)

  People want to be able to pass version numbers for unreleased versions of node (which have extra stuff after the version numbers) to esbuild's target setting and have esbuild do something reasonable with them. These version strings are of course not present in esbuild's internal feature compatibility table because an unreleased version has not been released yet (by definition). With this release, esbuild will now attempt to accept these version strings passed to target and do something reasonable with them.

v0.19.3

Compare Source

• Fix list-style-type with the local-css loader (#​3325)

  The local-css loader incorrectly treated all identifiers provided to list-style-type as a custom local identifier. That included identifiers such as none which have special meaning in CSS, and which should not be treated as custom local identifiers. This release fixes this bug:

  /* Original code */
  ul { list-style-type: none }
  
  /* Old output (with --loader=local-css) */
  ul {
    list-style-type: stdin_none;
  }
  
  /* New output (with --loader=local-css) */
  ul {
    list-style-type: none;
  }

  Note that this bug only affected code using the local-css loader. It did not affect code using the css loader.

• Avoid inserting temporary variables before use strict (#​3322)

  This release fixes a bug where esbuild could incorrectly insert automatically-generated temporary variables before use strict directives:

  // Original code
  function foo() {
    'use strict'
    a.b?.c()
  }
  
  // Old output (with --target=es6)
  function foo() {
    var _a;
    "use strict";
    (_a = a.b) == null ? void 0 : _a.c();
  }
  
  // New output (with --target=es6)
  function foo() {
    "use strict";
    var _a;
    (_a = a.b) == null ? void 0 : _a.c();
  }

• Adjust TypeScript enum output to better approximate tsc (#​3329)

  TypeScript enum values can be either number literals or string literals. Numbers create a bidirectional mapping between the name and the value but strings only create a unidirectional mapping from the name to the value. When the enum value is neither a number literal nor a string literal, TypeScript and esbuild both default to treating it as a number:

  // Original TypeScript code
  declare const foo: any
  enum Foo {
    NUMBER = 1,
    STRING = 'a',
    OTHER = foo,
  }
  
  // Compiled JavaScript code (from "tsc")
  var Foo;
  (function (Foo) {
    Foo[Foo["NUMBER"] = 1] = "NUMBER";
    Foo["STRING"] = "a";
    Foo[Foo["OTHER"] = foo] = "OTHER";
  })(Foo || (Foo = {}));

  However, TypeScript does constant folding slightly differently than esbuild. For example, it may consider template literals to be string literals in some cases:

  // Original TypeScript code
  declare const foo = 'foo'
  enum Foo {
    PRESENT = `${foo}`,
    MISSING = `${bar}`,
  }
  
  // Compiled JavaScript code (from "tsc")
  var Foo;
  (function (Foo) {
    Foo["PRESENT"] = "foo";
    Foo[Foo["MISSING"] = `${bar}`] = "MISSING";
  })(Foo || (Foo = {}));

  The template literal initializer for PRESENT is treated as a string while the template literal initializer for MISSING is treated as a number. Previously esbuild treated both of these cases as a number but starting with this release, esbuild will now treat both of these cases as a string. This doesn't exactly match the behavior of tsc but in the case where the behavior diverges tsc reports a compile error, so this seems like acceptible behavior for esbuild. Note that handling these cases completely correctly would require esbuild to parse type declarations (see the declare keyword), which esbuild deliberately doesn't do.

• Ignore case in CSS in more places (#​3316)

  This release makes esbuild's CSS support more case-agnostic, which better matches how browsers work. For example:

  /* Original code */
  @​KeyFrames Foo { From { OpaCity: 0 } To { OpaCity: 1 } }
  body { CoLoR: YeLLoW }
  
  /* Old output (with --minify) */
  @​KeyFrames Foo{From {OpaCity: 0} To {OpaCity: 1}}body{CoLoR:YeLLoW}
  
  /* New output (with --minify) */
  @​KeyFrames Foo{0%{OpaCity:0}To{OpaCity:1}}body{CoLoR:#ff0}

  Please never actually write code like this.

• Improve the error message for null entries in exports (#​3377)

  Package authors can disable package export paths with the exports map in package.json. With this release, esbuild now has a clearer error message that points to the null token in package.json itself instead of to the surrounding context. Here is an example of the new error message:

  ✘ [ERROR] Could not resolve "msw/browser"
  
      lib/msw-config.ts:2:28:
        2 │ import { setupWorker } from 'msw/browser';
          ╵                             ~~~~~~~~~~~~~
  
    The path "./browser" cannot be imported from package "msw" because it was explicitly disabled by
    the package author here:
  
      node_modules/msw/package.json:17:14:
        17 │       "node": null,
           ╵               ~~~~
  
    You can mark the path "msw/browser" as external to exclude it from the bundle, which will remove
    this error and leave the unresolved path in the bundle.
  

• Parse and print the with keyword in import statements

  JavaScript was going to have a feature called "import assertions" that adds an assert keyword to import statements. It looked like this:

  import stuff from './stuff.json' assert { type: 'json' }

  The feature provided a way to assert that the imported file is of a certain type (but was not allowed to affect how the import is interpreted, even though that's how everyone expected it to behave). The feature was fully specified and then actually implemented and shipped in Chrome before the people behind the feature realized that they should allow it to affect how the import is interpreted after all. So import assertions are no longer going to be added to the language.

  Instead, the current proposal is to add a feature called "import attributes" instead that a

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[github-actions]

Unit Test Results

81 tests  ±0   81 ✔️ ±0   0s ⏱️ ±0s
  6 suites ±0     0 💤 ±0 
  1 files   ±0     0 ❌ ±0 

Results for commit b645700. ± Comparison against base commit a378e1e.

♻️ This comment has been updated with latest results.