[Snyk] Upgrade uglify-js from 3.15.0 to 3.17.4

[Laurry-gee]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade uglify-js from 3.15.0 to 3.17.4.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 14 versions ahead of your current version.
• The recommended version was released 10 months ago, on 2022-10-23.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Denial of Service (DoS) SNYK-JS-NWSAPI-2841516	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Prototype Pollution SNYK-JS-TOUGHCOOKIE-5672873	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WORDWRAP-3149973	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: uglify-js

• 3.17.4 - 2022-10-23
  

  Features

  • simplify chained boolean & string expressions (a391897, ed7051b)

  Bug Fixes

  • async generator function (5411360)
  • compound assignment operator (19c471c)
  • generator function (7edd10e)
  • immediately invoked function expression (8319bad)
  • logical operator (5a5200d)
  • rest parameter (bccb1c3)
  • unary arithmetic operator (19c471c)
• 3.17.3 - 2022-10-05
  

  Features

  • improve heuristics for mangle.properties (3fa2086)
  • enable domprops to be used under minify() (bd5fc4c)
  • improve compression of boolean & conditional expressions (80fc862, dabcc39, 58d997a)

  Bug Fixes

  • async generator function (8e65413, a570c00)
  • class field (e1e3516)
  • for await...of loop (140e4e0)
  • lexical declaration (be8ccc3)
  • switch statement (6cdc035)
• 3.17.2 - 2022-09-25
  

  Bug Fixes

  • assignment operator (9efa02a, 63b04a6)
  • if statement (9ac3879)
  • return statement (37d3e4f)
  • ternary expression (43ec350)
• 3.17.1 - 2022-09-19
  

  Features

  • improve precision of escape analysis (d6d2f5c, 10bc86b)
  • improve usability of --mangle-props (9eea3a6, 4653e8a, 5ac6ec5)
  • extend glob patterns for --in-situ (535212c)
  • support Adobe ExtendScipt on best-effort basis (32bd65a)
  • inline immediately invoked arrow function expressions (9dec612)
  • improve elimination of lexical declarations (edf1bf1)

  Bug Fixes

  • arguments object (5b5f6e3)
  • arrow function (02d966d)
  • assignment operator (1d42e9a)
  • async function (15b608f)
  • class method (001f6f9)
  • compound assignment operator (f63b7b0)
  • destructuring syntax (eb22f01)
  • export statement (9cdc1ef)
  • lexical declaration (88dfc49, e0b302d)
  • logical operator (78f354b)
  • return statement (887e086)
  • ternary expression (78f354b, e4bff31)
  • throw statement (4e4a2f8)
  • unary arithmetic operator (ac002b6, f63b7b0)
  • var statement (887e086, 4db8106)
• 3.17.0 - 2022-08-16
  

  Features

  • merge common tail of if statements (996836b)
  • eliminate superfluous Object() wrappers (db6fd6d)
  • improve elimination of return statements (08c386f, ab5c7e6, 6667440, e39f33e, 64e3cee, 8076d66, 884842c, a9d9af5)
  • improve compression of ternary expressions (672cdfa)
  • exclude latest ECMAScript runtime properties from builtin mangling (8a07f12)
  • introduce --expression for ease of handling bookmarklets or JSON expressions (f451a7a)
  • improve resolution and accuracy of source-maps (2c3c4ec)
  • inline function calls with simple assignments (5a4cd09)

  Bug Fixes

  • async generator function (da930af)
  • class property (41b65af, dd90135)
  • class static block (41b65af)
  • default parameter (c32fe26)
  • destructuring syntax (c32fe26)
  • function literal (513995f)
  • lexical declaration (937a672)
• 3.16.3 - 2022-07-24
  Read more
• 3.16.2 - 2022-07-04
  Read more
• 3.16.1 - 2022-06-17
  Read more
• 3.16.0 - 2022-06-06
  Read more
• 3.15.5 - 2022-05-10
  Read more
• 3.15.4 - 2022-04-09
• 3.15.3 - 2022-03-10
• 3.15.2 - 2022-02-26
• 3.15.1 - 2022-02-07
• 3.15.0 - 2022-01-25

from uglify-js GitHub release notes

Commit messages

Package name: uglify-js

• fb1bff2 v3.17.4
• 19c471c fix corner cases in `reduce_vars` (#5717)
• 8319bad fix corner case in `merge_vars` (#5715)
• 5a5200d fix corner case in `conditionals` (#5713)
• 5411360 fix corner case in `if_return` (#5711)
• 7edd10e fix corner case in `unused` (#5708)
• bccb1c3 fix corner case in `unused` (#5706)
• ed7051b enhance `side_effects` & `strings` (#5704)
• a391897 enhance `conditionals` (#5703)
• 4a1da49 v3.17.3
• 94a954c minor clean-ups (#5701)
• be8ccc3 fix corner case in `varify` (#5698)
• 58d997a fix corner case in `booleans` & `conditionals` (#5696)
• dabcc39 fix corner cases in `booleans` & `conditionals` (#5695)
• 140e4e0 fix corner case in `inline` (#5693)
• 80fc862 enhance `assignments`, `booleans` & `conditionals` (#5691)
• 6cdc035 fix corner case in `if_return` (#5689)
• e1e3516 fix corner case in `reduce_vars` (#5687)
• bd5fc4c implement `mangle.properties.domprops` (#5686)
• a570c00 fix corner case in `conditionals` & `if_return` (#5685)
• 3fa2086 improve usability of `mangle.properties` (#5683)
• 8e65413 fix corner cases in `conditionals` & `if_return` (#5680)
• 8ca4007 workaround GitHub Actions quirks (#5678)
• f9b811c v3.17.2

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs