[Snyk] Upgrade rollup from 1.32.0 to 2.0.0

[snyk-bot]

Snyk has created this PR to upgrade rollup from 1.32.0 to 2.0.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

Warning: This is a major version upgrade, and may be a breaking change.

• The recommended version is 5 versions ahead of your current version.
• The recommended version was released 23 days ago, on 2020-03-06.

Release notes

Package name: rollup

• 2.0.0 - 2020-03-06
  

  2020-03-06

  For the detailed release notes, see below.
  After one year finally a new major:

  🎉🕺💃 Welcome [email protected]! 🎇🎆

  As any major, it is first and foremost about getting rid of old, deprecated, rotting and smelling stuff. But there are some cool things hidden as well…

  Rollup has always been rather small, but we are now back to zero dependencies and 2.5 MB install size! This also means: No hidden TS type dependencies any more that smuggle Node types into your AMD setup. Sorry about this. Fixed.

  Watch mode: Always not quite perfect in Rollup. So we decided to bundle chokidar as the watch option for everyone. This makes it simpler for us, but should bring improvements for everyone. Chokidar IS the gold standard here!

  This is really the hidden gem here if you do code-splitting: Rollup now uses side-effect detection to not only avoid unnecessary empty imports, it will also create much better chunks. Check out the examples here: #3369

  For those living in the future: Rollup can now be imported in Node as an ES-Module—without a bundler: #3391

  And for all those Stencils out there who are rebundling Rollup: Rollup is now shipping ES2018 code and has also been restructured via code-splitting so that watch mode and CLI are nicely separate but reuse shared code so you only pull in what you really need.

  🕵️‍♂️But here the details:

  Breaking Changes

  • Rollup now requires at least Node 10 to run, or a sufficiently modern browser (#3346)

  • The file structure of Rollup's ESM builds has changed:

    • The main ESM entry point is now at rollup/dist/es/rollup.js instead of rollup/dist/rollup.es.js
    • The ESM browser build is at rollup/dist/es/rollup.browser.js instead of rollup/dist/rollup.browser.es.js

    In general, the ESM builds now follow the same naming scheme as the CJS builds but are located in the rollup/dist/es subfolder instead of rollup/dist (#3391)

  • The "watch.chokidar" option no longer accepts a boolean value but only an object of parameters that is passed to the bundled Chokidar instance. Chokidar installations by the user will be ignored in favour of the bundled instance (#3331)

  • Modules that are completely tree-shaken will no longer be listed as part of any chunks in generateBundle

  • The experimentalOptimizeChunks and chunkGroupingSize options have been removed

  • acorn plugins can only be used if they accept a passed-in acorn instance instead of importing it themselves. See acornjs/acorn#870 (comment) for what needs to be done to make plugins compatible that do not support this yet (#3391)

  • Emitted chunks now have the TypeScript type UInt8Array instead of Buffer. A Buffer can still be used, though (#3395)

  • The TypeScript types no longer use ESTree types for AST nodes but a very generic type that does not contain information specific to certain node types (#3395)

  • The signature of the writeBundle plugin hook has been changed to match generateBundle: The bundle object is now passed as second parameter instead of first and the first parameter is the output options (#3361)

  • The following plugin hooks have been removed:

    • ongenerate: use generateBundle instead
    • onwrite: use writeBundle instead
    • transformBundle: use renderChunk instead
    • transformChunk: use renderChunk instead

  • You can no longer access this.watcher on the plugin context.

  • The transform hook can no longer return dependencies.

  • The treeshake.pureExternalModules option will now show a deprecation warning when used: use treeshake.moduleSideEffects: 'no-external' instead

  • Using import.meta.ROLLUP_ASSET_URL_<..> and import.meta.ROLLUP_CHUNK_URL_<..> in code will now show warnings: use import.meta.ROLLUP_FILE_URL_<..> instead

  • The resolveAssetUrl hook will now show a deprecation warning when used: use resolveFileUrl instead

  • The following plugin context functions will show warnings when used:

    • this.emitAsset: use this.emitFile
    • this.emitChunk: use this.emitFile
    • this.getAssetFileName: use this.getFileName
    • this.getChunkFileName: use this.getFileName
    • this.isExternal: use this.resolve
    • this.resolveId: use this.resolve

  • Directly adding properties to the bundle object in the generateBundle is deprecated will show a warning (removing properties is allowed, though): Use this.emitFile

  • Accessing chunk.isAsset on the bundle is deprecated: Use chunk.type === 'asset' instead

  • The error code for a missing name property when targeting UMD has been changed to MISSING_NAME_OPTION_FOR_IIFE_EXPORT to emphasize this is needed for the IIFE part of UMD (#3393)

  Features

  • Rollup now bundles Chokidar for a better watch experience (#3331)
  • Rollup now bundles acorn again, removing its only external dependency (#3391)
  • Do not consider empty imports from side-effect-free modules for chunking and hoist side-effect imports if necessary (#3369)
  • Rollup can now be imported as an ES module in Node via import {rollup} from 'rollup'. Note that this relies on Node's experimental conditional package exports feature and is therefore itself experimental (#3391)
  • systemjs can be used as format alias for system (#3381)

  Bug Fixes

  • Unknown output options now trigger a warning when using the JavaScript API (#3352)
  • Rollup will no longer introduce Node types into TypeScript projects that do not use them (#3395)
  • Generate correct sourcemaps when tree-shaking occurs in a multi-file bundle (#3423)

  Pull Requests

  • #3331: Bundle Chokidar (@lukastaegert)
  • #3343: Remove experimentalOptimizeChunks (@lukastaegert)
  • #3346: Update minimum required Node version to 10 (@lukastaegert)
  • #3352: Remove active deprecations (@lukastaegert)
  • #3361: Change writeBundle signature to match generateBundle (@lukastaegert)
  • #3369: Avoid empty imports from side-effect-free chunks (@lukastaegert)
  • #3381: Rename esm to es everywhere, add systemjs alias (@lukastaegert)
  • #3391: Bundle acorn, allow importing Rollup as Node ES module, update dependencies (@lukastaegert)
  • #3393: Better error code for name-less umd bundle (@rail44)
  • #3395: Remove @types dependencies (@lukastaegert)
  • #3423: Update magic-string and fix sourcemaps (@lukastaegert)
• 2.0.0-2 - 2020-03-06
  

  2.0.0-2

• 2.0.0-1 - 2020-02-26
  

  2.0.0-1

• 2.0.0-0 - 2020-02-19
  

  2.0.0-0

• 1.32.1 - 2020-03-06
  

  2020-03-06

  Bug Fixes

  • Handle default export detection for AMD and IIFE externals that do not have a prototype (#3420)
  • Handle missing whitespace when the else branch of an if-statement is simplified (#3421)
  • Mention the importing module when reporting errors for missing named exports (#3401)
  • Add code to warning for missing output.name of IIFE bundles (#3372)

  Pull Requests

  • #3372: Add warning code for missing output.name of IIFE bundle that has export (@rail44)
  • #3401: Missing exports errors now print the importing module (@timiyay)
  • #3418: Structure lifecycle hooks, add links to build time hooks (@lukastaegert)
  • #3420: Update generated code of getInteropBlock() to work with null prototype objects (@jdalton)
  • #3421: Avoid invalid code when "else" branch is simplified (@lukastaegert)
• 1.32.0 - 2020-02-28
  

  2020-02-28

  Features

  • Allow adding plugins on the command line via --plugin <plugin> (#3379)

  Pull Requests

  • #3379: introduce CLI --plugin support (@kzc)
  • #3390: fix typo: this.addWatchfile (@mistlog)
  • #3392: Bump codecov from 3.6.1 to 3.6.5
  • #3404: Update resolveFileUrl docs (@jakearchibald)

from rollup GitHub release notes

Commit messages

Package name: rollup

• 1e4b9bb 2.0.0
• 0c4a5db Update changelog
• c43c463 Update magic-string and fix sourcemaps (#3423)
• 21a7a3b Update changelog
• f1c7908 2.0.0-2
• b11297f Update changelog
• c19082d more explained error code for name-less umd bundle (#3393)
• bac861d 2.0.0-1
• 0b8af6b Update changelog
• b43dc6c [v2.0.0] Remove @types dependencies (#3395)
• 693f527 2.0.0-0
• 11e512c Update changelog
• 13eb2ec [v2.0.0] Bundle acorn, allow node ESM import fo Rollup, update dependencies (#3391)
• 6295224 [v2.0.0] Remove experimentalOptimizeChunks (#3343)
• baebd7e Rename esm to es everywhere, add systemjs alias (#3381)
• 4a46c95 [v2.0.0] Avoid empty imports from side-effect-free chunks (#3369)
• 453a882 Change writeBundle signature to match generateBundle (#3361)
• 03f3166 [v2.0.0] Remove active deprecations (#3352)
• 47eacc9 [v2.0.0] Bundle chokidar (#3331)
• cecce54 [v2.0.0] Update minimum required Node version to 10 (#3346)
• f458cbf 1.32.1
• 8cbf216 Update changelog
• 97b8c40 warn.code for missing output.name of IIFE bundle that has export (#3372)
• eeda078 Update generated code of getInteropBlock() to work with null prototype objects (#3420)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs