[Snyk] Upgrade terser from 5.1.0 to 5.7.0

[snyk-bot]

Snyk has created this PR to upgrade terser from 5.1.0 to 5.7.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 18 versions ahead of your current version.
• The recommended version was released 3 months ago, on 2021-04-26.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Denial of Service (DoS) SNYK-JS-TRIMNEWLINES-1298042	375/1000 Why? CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-NORMALIZEURL-1296539	375/1000 Why? CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	375/1000 Why? CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1255640	375/1000 Why? CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1255640	375/1000 Why? CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1090595	375/1000 Why? CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	375/1000 Why? CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	375/1000 Why? CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-CSSWHAT-1298035	375/1000 Why? CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BROWSERSLIST-1090194	375/1000 Why? CVSS 7.5	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: terser

• 5.7.0 - 2021-04-26
  

  5.7.0

• 5.6.1 - 2021-03-17
  

  5.6.1

• 5.6.0 - 2021-02-12
  

  5.6.0

• 5.6.0-beta - 2021-02-04
• 5.5.1 - 2020-11-27
  

  5.5.1

• 5.5.0 - 2020-11-19
  

  5.5.0

• 5.4.0 - 2020-11-16
  

  5.4.0

• 5.3.8 - 2020-10-22
  

  5.3.8

• 5.3.7 - 2020-10-19
  

  5.3.7

• 5.3.6 - 2020-10-19
  

  5.3.6

• 5.3.5 - 2020-10-12
  

  5.3.5

• 5.3.4 - 2020-10-02
• 5.3.3 - 2020-09-28
• 5.3.2 - 2020-09-17
• 5.3.1 - 2020-09-10
• 5.3.0 - 2020-09-03
• 5.2.1 - 2020-08-20
• 5.2.0 - 2020-08-18
• 5.1.0 - 2020-08-14

from terser GitHub release notes

Commit messages

Package name: terser

• 8f69f4a update changelog
• 2b91f64 5.7.0
• 60e04aa Added RegExp property evaluation (2.0 Documentation icon duplicate twbs/bootstrap#964)
• 3250f7e do not flatten computed properties or __proto__. Closes nav's inside carousel twbs/bootstrap#980
• 84c1a31 avoid inlining anything with side effects or which may throw. Closes label inside inline-form should also have display:inline-block twbs/bootstrap#979
• 427f263 rename is_expr_pure
• 80c1848 avoid evaluating function calls when their arguments are other functions. Closes different height of inputs in .inline-inputs  twbs/bootstrap#965
• 55140ec reinstate the reduce_funcs option. (finally) closes Make popover clickable? twbs/bootstrap#696
• f8f9889 Update README.md
• c2151ed Add `spidermonkey` options to `minify` (More fixed-bar menu entries in 2.0-wip docs twbs/bootstrap#974)
• 3218371 update packages
• e2b6308 accept 'get' and 'set' argument names with defaults in destructuring. Closes Icons as font instead of img  twbs/bootstrap#966
• 100bd01 fix: add backwards compatible change for require.resolve ([Question] - Bootstrap v2.0 release date ? twbs/bootstrap#971)
• cc0bac5 update docs about property mangler
• 32dbe02 add more docs about comments=some
• c27b840 fix export default of anonymous classes with extend. closes . twbs/bootstrap#924
• d2927ef 5.6.1
• c3cbe94 update changelog
• 15fd4f5 mark assignments to the prototype of a class as pure. Closes Support for loading remote data (like facebox) in modal window twbs/bootstrap#936
• 06040a8 parenthesise `await` on the left hand side of `**`. Closes Make Twipsys CSS only with JavaScript Fallback twbs/bootstrap#945
• 6b30ff5 avoid outputting NUL bytes when optimizing RegExps. Closes [Question] - 2.0-wip - Is it possible to have "hide-on-phones" class for responsiveness ? twbs/bootstrap#942
• 2105d17 domprops.js: add `exports` (2.0-wip: alert-message looks too much like btn twbs/bootstrap#939)
• c8e49de avoid spreading 'this' into an object
• 4a263ae fix size() of arrow functions, which was counting the fake return statement in them

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs