[Snyk] Upgrade parcel from 2.10.3 to 2.11.0 #9

gr00nd · 2024-02-06T05:28:03Z

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade parcel from 2.10.3 to 2.11.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 1 version ahead of your current version.
The recommended version was released a month ago, on 2024-01-04.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Denial of Service (DoS) SNYK-JS-MSGPACKR-6140431	111/1000 Why? Confidentiality impact: None, Integrity impact: None, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: High, Attack Vector: Network, EPSS: 0.00043, Social Trends: No, Days since published: 38, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 98, Impact: 5.99, Likelihood: 1.84, Score Version: V5	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: parcel

2.11.0 - 2024-01-04
[2.11.0] - 2023-12-19

Added
- Dev
  - Log build phase times for dev builds Details
  - Progress messages for writing to cache Details
  - VSC Extension JSON schema Details
  - Print phase times on development builds Details
  - Publish bundle-stats-cli and parcel-query Details
Fixed
- Dev
  - Increase threshold for showing progress bar to 500k nodes Details
  - Fix parcel-query Details
  - FIX[dev-server]: Fix html file matching from URL Details
  - Fix parcel query's inspect cache Details
  - Bug fix for exiting early when identifying requestGraph in loadGraphs Details
  - Fix HMR on .localhost domains Details
  - Modify parcel query to not require all graphs on startup Details
  - Bug fix for async Parcel-query Details
  - Remove reliance on requestTracker in loadGraphs Details
- Core
  - Reduce redundancy in the RequestGraph's Request, Env, and Option nodes Details
  - Move registerCoreWithSerializer to its own file Details
  - Filter --expose-gc and --max-semi-space-size execArgv Node args from workers Details
  - Optimize Symbol Propagation (propagateSymbolsUp) Details
  - Convert Request Graph node types + request node requestTypes to numbers Details
  - fsFixture: ignore empty lines in fixtures Details
  - Unstable File Invalidations Details
  - Configurable watch root Details
- Resolver
  - Add ~ and / support to the glob resolver Details
- JavaScript
  - Bump swc Details
  - Bumping lightningcss to 1.22.1 Details
  - Fix CI Details
  - Change inline-requires to only run when optimizing Details
  - Fix tsconfig extends from node_modules Details
  - Bump some deps Details
  - Bump swc and napi-rs Details
  - Fix references to packages.atlassian.com Details
  - Fix build-ts step Details
  - Bump rimraf version to ^5.05 Details
  - Use centos image with newer Node 16 Details
2.10.3 - 2023-11-15
Fixed
- Core
  - Mark previously deferred assets as dirty for symbol prop - Details
  - Write bundle graph to cache if error occurs during bundling - Details
  - Fixing issues when import * as is used with export * - Details
  - Writing cache in chunks - Details
  - Reduce redundancy in the RequestGraph's file nodes - Details
  - Fix dependency retargeting with ambiguous reexports - Details
- JavaScript
  - Fixing behavior for hasOwnProperty in modules exporting member with same name - Details
- WebExtension
  - Don't crash if WebExt has no content_scripts - Details
- PostHTML, Pug, Stylus
  - Simplified calls to invalidateOnFileChange - Details