Bump terser from 4.8.0 to 5.0.0 (!31416) · Merge requests · Bootstrap / bootstrap

Merged Administrator requested to merge dependabot/npm_and_yarn/terser-5.0.0 into main Aug 04, 2020

Created by: dependabot[bot]

Bumps terser from 4.8.0 to 5.0.0.

Changelog

v5.0.0

in operator now taken into account during property mangle.

Fixed infinite loop in face of a reference loop in some situations.

Kept exports and imports around even if there's something which will throw before them.

The main exported bundle for commonjs, dist/bundle.min.js is no longer minified.

v5.0.0-beta.0

BREAKING: minify() is now async and rejects a promise instead of returning an error.

BREAKING: Internal AST is no longer exposed, so that it can be improved without releasing breaking changes.

BREAKING: Lowest supported node version is 10

Module is now distributed as a dual package - You can import and require() too.

Inline improvements were made

Commits

aacd577 5.0.0
262a813 update changelog
9dab78c npm audit fix
c1fc7c4 fix yield tests
9254d2c check for source-map option before reading it in CLI
5f7b4a1 take in operator into account in property mangling. Closes #748
3178c3b fix bug with eval and reference loop. Closes #741
e997c10 leave import/export around in unreachable code. Closes #718
05261a0 add missing main file
9b3f851 update typings
Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)