[go: up one dir, main page]
Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Expand evaluation of global built-ins in @babel/traverse #15797

Merged
merged 15 commits into from
Sep 25, 2023
Merged

Expand evaluation of global built-ins in @babel/traverse #15797

merged 15 commits into from
Sep 25, 2023

Conversation

lorenzoferre
Copy link
Contributor
@lorenzoferre lorenzoferre commented Jul 19, 2023
edited
Loading
Q                       A
Fixed Issues?
Patch: Bug Fix?
Major: Breaking Change?
Minor: New Feature? Yes
Tests Added + Pass? Yes
Documentation PR Link
Any Dependency Changes?
License MIT

Evaluation of global built-ins includes btoa and atob. Before this pull request path.evaluate() of isFinite, isNaN, parseFloat, parseInt, encodeURI, decodeURI, encodeURIComponent and decodeURIComponent were possibile only with keywords String or Number before the method name (Number.parseInt("1");).
An example of this new feature:

const oldTraverse = require("@babel/traverse").default;
const newTraverse = require("../babel/packages/babel-traverse/lib").default;
const babel = require("@babel/core");

const code = "parseInt('1');";

var ast = babel.parse(code);

oldTraverse(ast, {
  CallExpression(path) {
    let evaluated = path.evaluate();
    console.log(`confident old traverse: ${evaluated.confident}`);
  }
});

newTraverse(ast, {
  CallExpression(path) {
    let evaluated = path.evaluate();
    console.log(`confident new traverse: ${evaluated.confident}`);
    console.log(`value new traverse: ${evaluated.value}`);
  }
});

This code produces:

confident old traverse: false
confident new traverse: true
value new traverse: 1

@babel-bot
Copy link
Collaborator
babel-bot commented Jul 20, 2023
edited
Loading

Build successful! You can test your changes in the REPL here: https://babeljs.io/repl/build/54988/

@lorenzoferre
Copy link
Contributor Author

There is no backwards compatibility with older versions of node due to operators like ?., ||= and so on inside the packages/babel-traverse/lib files.

@JLHwung
Copy link
Contributor
JLHwung commented Jul 20, 2023

operators like ?., ||= and so on inside the packages/babel-traverse/lib files.

If you mean you have spotted them on your local environment, we compile src to lib targeting the current node version, i.e. the node version you are using locally, which probably supports these operators. On CI, we will compile src targeting Node.js 6.9, the minimum Node version Babel 7 (still) supports.

@lorenzoferre
Copy link
Contributor Author
lorenzoferre commented Jul 21, 2023
edited
Loading

@JLHwung You are right, I'm a newbie with node.
The problem was that the btoa and atob functions are available from version 16 onwards.

@lorenzoferre
Copy link
Contributor Author
lorenzoferre commented Jul 23, 2023
edited
Loading

@JLHwung this is my first time making a pull request, so do I need to do anything else before someone reviews my code?

@lorenzoferre lorenzoferre marked this pull request as draft July 26, 2023 11:41
@lorenzoferre lorenzoferre marked this pull request as ready for review July 26, 2023 12:24
@lorenzoferre lorenzoferre changed the title evaluation of global built-ins update: evaluation of global built-ins on babel-traverse Jul 26, 2023
@lorenzoferre lorenzoferre changed the title update: evaluation of global built-ins on babel-traverse update: evaluation of global built-ins Jul 26, 2023
@lorenzoferre lorenzoferre changed the title update: evaluation of global built-ins update: evaluation of global built-ins in babel-traverse Jul 26, 2023
@JLHwung
Copy link
Contributor
JLHwung commented Jul 26, 2023

btoa and atob functions are available from version 16 onwards.

You are right. In that case we should postpone the support otherwise path.evaluate() will return different results on different node versions.

@JLHwung JLHwung added PR: Polish 💅 A type of pull request used for our changelog categories pkg: traverse labels Jul 26, 2023
@liuxingbaoyu
Copy link
Member

Can you add a test that might throw an exception? For example atob("a")

@lorenzoferre lorenzoferre marked this pull request as draft July 27, 2023 10:50
@lorenzoferre
Copy link
Contributor Author
lorenzoferre commented Jul 27, 2023
edited
Loading

btoa and atob functions are available from version 16 onwards.

You are right. In that case we should postpone the support otherwise path.evaluate() will return different results on different node versions.

I hadn't thought of doing a version check on node.
I did this check, and if the version is greater than 16, then the btoa and atob functions are added to the VALID_IDENTIFIER_CALLEES array. I also updated the tests.

@lorenzoferre
Copy link
Contributor Author

Can you add a test that might throw an exception? For example atob("a")

path.evaluate() of btoa and atob produces undefined if the node version is lower than 16, so I updated the tests with this undefined check.
If, on the other hand, one tries from the node console to use btoa or atob, it throws an Uncaught ReferenceError exception, but I wouldn't know how to test throwing the exception.

@lorenzoferre lorenzoferre marked this pull request as ready for review July 27, 2023 12:20
@lorenzoferre
Copy link
Contributor Author

@JLHwung I also have updated the btoa and atob tests.
I think they are cleaner than the old version.

@lorenzoferre @JLHwung
Update packages/babel-traverse/test/evaluation.js
27bbd12 
Co-authored-by: Huáng Jùnliàng <jlhwung@gmail.com>
@lorenzoferre
Copy link
Contributor Author

@JLHwung Sorry for my many questions but now this pull request could be merged?
Because I don't know how the flow of these kind of operation works.

nicolo-ribaudo
nicolo-ribaudo approved these changes Aug 3, 2023
View reviewed changes
Copy link
Member
@nicolo-ribaudo nicolo-ribaudo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We have a two-approval policy for merging PRs.

I do not feel strongly in favor of this, but the added maintenance cost is basically zero and it just expands an existing feature 👍

@nicolo-ribaudo nicolo-ribaudo changed the title update: evaluation of global built-ins in babel-traverse Expand evaluation of global built-ins in @babel/traverse Aug 3, 2023
@nicolo-ribaudo nicolo-ribaudo added this to the v7.23.0 milestone Aug 3, 2023
@nicolo-ribaudo
Copy link
Member

Actually, since this is a new feature it should be landed in a minor version (7.23.0). You will have to wait a bit before that this PR is merged (probably ~1 month? maybe less, you can track progress by seeing which PRs in https://github.com/babel/babel/milestone/57 have the two approvals), but there is nothing else that you need to do :)

@nicolo-ribaudo nicolo-ribaudo added the PR: Ready to be Merged A pull request with already two approvals, but waiting for the next minor release label Aug 3, 2023
@lorenzoferre
Copy link
Contributor Author

All right, thank you very very much @JLHwung and @nicolo-ribaudo for everything. As a I said before this is my first pull request so I didn't know if I needed do anything else and I'm sorry for my many questions.
I'm very glad to contribute to a project like this.
I made this pull request because I'm using babel in my thesis project about automating the javascript deobfuscation process via abstract syntaxt trees. In this scenario it's very common to find operations like parseInt, parseFloat etc. in obfuscated code.

@nicolo-ribaudo
Copy link
Member

That's awesome :) If you are graduating in September and you are mentioning this PR in your thesis, we can make sure to release it by then.

@lorenzoferre
Copy link
Contributor Author

That's awesome :) If you are graduating in September and you are mentioning this PR in your thesis, we can make sure to release it by then.

Yeah, I should graduate on 28 or 29 September or 2 October.
Certainly, if there is the possibility of mentioning this pull request I am more than happy and I do it very willingly.

@nicolo-ribaudo nicolo-ribaudo merged commit 38ee8b4 into babel:main Sep 25, 2023
54 checks passed
@nicolo-ribaudo
Copy link
Member

We'll release today, sorry for this being so last-minute :)

@lorenzoferre
Copy link
Contributor Author
lorenzoferre commented Sep 25, 2023
edited
Loading

We'll release today, sorry for this being so last-minute :)

That's fantastic.
You don't sweat it, I'm in time.
I really appreciate that you released this version before my graduation.

@Omrisnyk Omrisnyk mentioned this pull request Oct 16, 2023
Open
Woodpile37 added a commit to Woodpile37/ethers.js that referenced this pull request Oct 17, 2023
@Woodpile37
[Snyk] Upgrade: @babel/parser, @babel/types (#99)
d44c28b 
<p>This PR was automatically created by Snyk using the credentials of a
real user.</p><br /><h3>Snyk has created this PR to upgrade multiple
dependencies.</h3>
👯‍♂ The following dependencies are linked and will therefore be updated
together.
</br></br>
:information_source: Keep your dependencies up-to-date. This makes it
easier to fix existing vulnerabilities and to more quickly identify and
fix newly disclosed vulnerabilities when they affect your project.
</br></br>

 Name         | Versions     | Released on
:-------------|:-------------|:-------------
**@babel/parser**</br>from 7.22.16 to 7.23.0 | **1 version** ahead of
your current version | **22 days ago**</br>on 2023-09-25
**@babel/types**</br>from 7.22.19 to 7.23.0 | **1 version** ahead of
your current version | **22 days ago**</br>on 2023-09-25



<details>
<summary><b>Release notes</b></summary>
<br/>
  <details>
    <summary>Package name: <b>@babel/parser</b></summary>
    <ul>
      <li>
<b>7.23.0</b> - <a
href="https://snyk.io/redirect/github/babel/babel/releases/tag/v7.23.0">2023-09-25</a></br><h2>v7.23.0
(2023-09-25)</h2>
<p>Thanks <a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/lorenzoferre/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/lorenzoferre">@ lorenzoferre</a>
and <a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/RajShukla1/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/RajShukla1">@ RajShukla1</a> for
your first PRs!</p>
<h4>🚀 New Feature</h4>
<ul>
<li><code>babel-plugin-proposal-import-wasm-source</code>,
<code>babel-plugin-syntax-import-source</code>,
<code>babel-plugin-transform-dynamic-import</code>
<ul>
<li><a href="https://snyk.io/redirect/github/babel/babel/pull/15870"
data-hovercard-type="pull_request"
data-hovercard-url="/babel/babel/pull/15870/hovercard">#15870</a>
Support transforming <code>import source</code> for wasm (<a
href="https://snyk.io/redirect/github/nicolo-ribaudo">@
nicolo-ribaudo</a>)</li>
</ul>
</li>
<li><code>babel-helper-module-transforms</code>,
<code>babel-helpers</code>,
<code>babel-plugin-proposal-import-defer</code>,
<code>babel-plugin-syntax-import-defer</code>,
<code>babel-plugin-transform-modules-commonjs</code>,
<code>babel-runtime-corejs2</code>, <code>babel-runtime-corejs3</code>,
<code>babel-runtime</code>, <code>babel-standalone</code>
<ul>
<li><a href="https://snyk.io/redirect/github/babel/babel/pull/15878"
data-hovercard-type="pull_request"
data-hovercard-url="/babel/babel/pull/15878/hovercard">#15878</a>
Implement <code>import defer</code> proposal transform support (<a
href="https://snyk.io/redirect/github/nicolo-ribaudo">@
nicolo-ribaudo</a>)</li>
</ul>
</li>
<li><code>babel-generator</code>, <code>babel-parser</code>,
<code>babel-types</code>
<ul>
<li><a href="https://snyk.io/redirect/github/babel/babel/pull/15845"
data-hovercard-type="pull_request"
data-hovercard-url="/babel/babel/pull/15845/hovercard">#15845</a>
Implement <code>import defer</code> parsing support (<a
href="https://snyk.io/redirect/github/nicolo-ribaudo">@
nicolo-ribaudo</a>)</li>
<li><a href="https://snyk.io/redirect/github/babel/babel/pull/15829"
data-hovercard-type="pull_request"
data-hovercard-url="/babel/babel/pull/15829/hovercard">#15829</a> Add
parsing support for the "source phase imports" proposal (<a
href="https://snyk.io/redirect/github/nicolo-ribaudo">@
nicolo-ribaudo</a>)</li>
</ul>
</li>
<li><code>babel-generator</code>,
<code>babel-helper-module-transforms</code>, <code>babel-parser</code>,
<code>babel-plugin-transform-dynamic-import</code>,
<code>babel-plugin-transform-modules-amd</code>,
<code>babel-plugin-transform-modules-commonjs</code>,
<code>babel-plugin-transform-modules-systemjs</code>,
<code>babel-traverse</code>, <code>babel-types</code>
<ul>
<li><a href="https://snyk.io/redirect/github/babel/babel/pull/15682"
data-hovercard-type="pull_request"
data-hovercard-url="/babel/babel/pull/15682/hovercard">#15682</a> Add
<code>createImportExpressions</code> parser option (<a
href="https://snyk.io/redirect/github/JLHwung">@ JLHwung</a>)</li>
</ul>
</li>
<li><code>babel-standalone</code>
<ul>
<li><a href="https://snyk.io/redirect/github/babel/babel/pull/15671"
data-hovercard-type="pull_request"
data-hovercard-url="/babel/babel/pull/15671/hovercard">#15671</a> Pass
through nonce to the transformed script element (<a
href="https://snyk.io/redirect/github/JLHwung">@ JLHwung</a>)</li>
</ul>
</li>
<li><code>babel-helper-function-name</code>,
<code>babel-helper-member-expression-to-functions</code>,
<code>babel-helpers</code>, <code>babel-parser</code>,
<code>babel-plugin-proposal-destructuring-private</code>,
<code>babel-plugin-proposal-optional-chaining-assign</code>,
<code>babel-plugin-syntax-optional-chaining-assign</code>,
<code>babel-plugin-transform-destructuring</code>,
<code>babel-plugin-transform-optional-chaining</code>,
<code>babel-runtime-corejs2</code>, <code>babel-runtime-corejs3</code>,
<code>babel-runtime</code>, <code>babel-standalone</code>,
<code>babel-types</code>
<ul>
<li><a href="https://snyk.io/redirect/github/babel/babel/pull/15751"
data-hovercard-type="pull_request"
data-hovercard-url="/babel/babel/pull/15751/hovercard">#15751</a> Add
support for optional chain in assignments (<a
href="https://snyk.io/redirect/github/nicolo-ribaudo">@
nicolo-ribaudo</a>)</li>
</ul>
</li>
<li><code>babel-helpers</code>,
<code>babel-plugin-proposal-decorators</code>
<ul>
<li><a href="https://snyk.io/redirect/github/babel/babel/pull/15895"
data-hovercard-type="pull_request"
data-hovercard-url="/babel/babel/pull/15895/hovercard">#15895</a>
Implement the "decorator metadata" proposal (<a
href="https://snyk.io/redirect/github/nicolo-ribaudo">@
nicolo-ribaudo</a>)</li>
</ul>
</li>
<li><code>babel-traverse</code>, <code>babel-types</code>
<ul>
<li><a href="https://snyk.io/redirect/github/babel/babel/pull/15893"
data-hovercard-type="pull_request"
data-hovercard-url="/babel/babel/pull/15893/hovercard">#15893</a> Add
<code>t.buildUndefinedNode</code> (<a
href="https://snyk.io/redirect/github/liuxingbaoyu">@
liuxingbaoyu</a>)</li>
</ul>
</li>
<li><code>babel-preset-typescript</code>
<ul>
<li><a href="https://snyk.io/redirect/github/babel/babel/pull/15913"
data-hovercard-type="pull_request"
data-hovercard-url="/babel/babel/pull/15913/hovercard">#15913</a> Add
<code>rewriteImportExtensions</code> option to TS preset (<a
href="https://snyk.io/redirect/github/nicolo-ribaudo">@
nicolo-ribaudo</a>)</li>
</ul>
</li>
<li><code>babel-parser</code>
<ul>
<li><a href="https://snyk.io/redirect/github/babel/babel/pull/15896"
data-hovercard-type="pull_request"
data-hovercard-url="/babel/babel/pull/15896/hovercard">#15896</a> Allow
TS tuples to have both labeled and unlabeled elements (<a
href="https://snyk.io/redirect/github/yukukotani">@ yukukotani</a>)</li>
</ul>
</li>
</ul>
<h4>🐛 Bug Fix</h4>
<ul>
<li><code>babel-plugin-transform-block-scoping</code>
<ul>
<li><a href="https://snyk.io/redirect/github/babel/babel/pull/15962"
data-hovercard-type="pull_request"
data-hovercard-url="/babel/babel/pull/15962/hovercard">#15962</a> fix:
<code>transform-block-scoping</code> captures the variables of the
method in the loop (<a
href="https://snyk.io/redirect/github/liuxingbaoyu">@
liuxingbaoyu</a>)</li>
</ul>
</li>
</ul>
<h4>💅 Polish</h4>
<ul>
<li><code>babel-traverse</code>
<ul>
<li><a href="https://snyk.io/redirect/github/babel/babel/pull/15797"
data-hovercard-type="pull_request"
data-hovercard-url="/babel/babel/pull/15797/hovercard">#15797</a> Expand
evaluation of global built-ins in <code>@ babel/traverse</code> (<a
href="https://snyk.io/redirect/github/lorenzoferre">@
lorenzoferre</a>)</li>
</ul>
</li>
<li><code>babel-plugin-proposal-explicit-resource-management</code>
<ul>
<li><a href="https://snyk.io/redirect/github/babel/babel/pull/15985"
data-hovercard-type="pull_request"
data-hovercard-url="/babel/babel/pull/15985/hovercard">#15985</a>
Improve source maps for blocks with <code>using</code> declarations (<a
href="https://snyk.io/redirect/github/nicolo-ribaudo">@
nicolo-ribaudo</a>)</li>
</ul>
</li>
</ul>
<h4>🔬 Output optimization</h4>
<ul>
<li><code>babel-core</code>,
<code>babel-helper-module-transforms</code>,
<code>babel-plugin-transform-async-to-generator</code>,
<code>babel-plugin-transform-classes</code>,
<code>babel-plugin-transform-dynamic-import</code>,
<code>babel-plugin-transform-function-name</code>,
<code>babel-plugin-transform-modules-amd</code>,
<code>babel-plugin-transform-modules-commonjs</code>,
<code>babel-plugin-transform-modules-umd</code>,
<code>babel-plugin-transform-parameters</code>,
<code>babel-plugin-transform-react-constant-elements</code>,
<code>babel-plugin-transform-react-inline-elements</code>,
<code>babel-plugin-transform-runtime</code>,
<code>babel-plugin-transform-typescript</code>,
<code>babel-preset-env</code>
<ul>
<li><a href="https://snyk.io/redirect/github/babel/babel/pull/15984"
data-hovercard-type="pull_request"
data-hovercard-url="/babel/babel/pull/15984/hovercard">#15984</a> Inline
<code>exports.XXX =</code> update in simple variable declarations (<a
href="https://snyk.io/redirect/github/nicolo-ribaudo">@
nicolo-ribaudo</a>)</li>
</ul>
</li>
</ul>
<h4>Committers: 7</h4>
<ul>
<li>Babel Bot (<a href="https://snyk.io/redirect/github/babel-bot">@
babel-bot</a>)</li>
<li>Huáng Jùnliàng (<a href="https://snyk.io/redirect/github/JLHwung">@
JLHwung</a>)</li>
<li>Lorenzo Ferretti (<a
href="https://snyk.io/redirect/github/lorenzoferre">@
lorenzoferre</a>)</li>
<li>Nicolò Ribaudo (<a
href="https://snyk.io/redirect/github/nicolo-ribaudo">@
nicolo-ribaudo</a>)</li>
<li>Raj Pawan Shukla (<a
href="https://snyk.io/redirect/github/RajShukla1">@ RajShukla1</a>)</li>
<li>Yuku Kotani (<a href="https://snyk.io/redirect/github/yukukotani">@
yukukotani</a>)</li>
<li><a href="https://snyk.io/redirect/github/liuxingbaoyu">@
liuxingbaoyu</a></li>
</ul>
      </li>
      <li>
<b>7.22.16</b> - <a
href="https://snyk.io/redirect/github/babel/babel/releases/tag/v7.22.16">2023-09-06</a></br><h2>v7.22.16
(2023-09-06)</h2>
<h4>🐛 Bug Fix</h4>
<ul>
<li><code>babel-parser</code>
<ul>
<li><a href="https://snyk.io/redirect/github/babel/babel/pull/15935"
data-hovercard-type="pull_request"
data-hovercard-url="/babel/babel/pull/15935/hovercard">#15935</a> fix:
<code>__esModule</code> is missing from published <code>@
babel/parser</code> (<a
href="https://snyk.io/redirect/github/liuxingbaoyu">@
liuxingbaoyu</a>)</li>
</ul>
</li>
</ul>
<h4>🏠 Internal</h4>
<ul>
<li><code>babel-traverse</code>
<ul>
<li><a href="https://snyk.io/redirect/github/babel/babel/pull/15936"
data-hovercard-type="pull_request"
data-hovercard-url="/babel/babel/pull/15936/hovercard">#15936</a> Skip
deprecation warning tests when in a folder named <code>@ babel</code>
(<a href="https://snyk.io/redirect/github/nicolo-ribaudo">@
nicolo-ribaudo</a>)</li>
</ul>
</li>
</ul>
<h4>Committers: 3</h4>
<ul>
<li>Huáng Jùnliàng (<a href="https://snyk.io/redirect/github/JLHwung">@
JLHwung</a>)</li>
<li>Nicolò Ribaudo (<a
href="https://snyk.io/redirect/github/nicolo-ribaudo">@
nicolo-ribaudo</a>)</li>
<li><a href="https://snyk.io/redirect/github/liuxingbaoyu">@
liuxingbaoyu</a></li>
</ul>
      </li>
    </ul>
from <a
href="https://snyk.io/redirect/github/babel/babel/releases">@babel/parser
GitHub release notes</a>
  </details>
  <details>
    <summary>Package name: <b>@babel/types</b></summary>
    <ul>
      <li>
<b>7.23.0</b> - <a
href="https://snyk.io/redirect/github/babel/babel/releases/tag/v7.23.0">2023-09-25</a></br><h2>v7.23.0
(2023-09-25)</h2>
<p>Thanks <a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/lorenzoferre/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/lorenzoferre">@ lorenzoferre</a>
and <a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/RajShukla1/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/RajShukla1">@ RajShukla1</a> for
your first PRs!</p>
<h4>🚀 New Feature</h4>
<ul>
<li><code>babel-plugin-proposal-import-wasm-source</code>,
<code>babel-plugin-syntax-import-source</code>,
<code>babel-plugin-transform-dynamic-import</code>
<ul>
<li><a href="https://snyk.io/redirect/github/babel/babel/pull/15870"
data-hovercard-type="pull_request"
data-hovercard-url="/babel/babel/pull/15870/hovercard">#15870</a>
Support transforming <code>import source</code> for wasm (<a
href="https://snyk.io/redirect/github/nicolo-ribaudo">@
nicolo-ribaudo</a>)</li>
</ul>
</li>
<li><code>babel-helper-module-transforms</code>,
<code>babel-helpers</code>,
<code>babel-plugin-proposal-import-defer</code>,
<code>babel-plugin-syntax-import-defer</code>,
<code>babel-plugin-transform-modules-commonjs</code>,
<code>babel-runtime-corejs2</code>, <code>babel-runtime-corejs3</code>,
<code>babel-runtime</code>, <code>babel-standalone</code>
<ul>
<li><a href="https://snyk.io/redirect/github/babel/babel/pull/15878"
data-hovercard-type="pull_request"
data-hovercard-url="/babel/babel/pull/15878/hovercard">#15878</a>
Implement <code>import defer</code> proposal transform support (<a
href="https://snyk.io/redirect/github/nicolo-ribaudo">@
nicolo-ribaudo</a>)</li>
</ul>
</li>
<li><code>babel-generator</code>, <code>babel-parser</code>,
<code>babel-types</code>
<ul>
<li><a href="https://snyk.io/redirect/github/babel/babel/pull/15845"
data-hovercard-type="pull_request"
data-hovercard-url="/babel/babel/pull/15845/hovercard">#15845</a>
Implement <code>import defer</code> parsing support (<a
href="https://snyk.io/redirect/github/nicolo-ribaudo">@
nicolo-ribaudo</a>)</li>
<li><a href="https://snyk.io/redirect/github/babel/babel/pull/15829"
data-hovercard-type="pull_request"
data-hovercard-url="/babel/babel/pull/15829/hovercard">#15829</a> Add
parsing support for the "source phase imports" proposal (<a
href="https://snyk.io/redirect/github/nicolo-ribaudo">@
nicolo-ribaudo</a>)</li>
</ul>
</li>
<li><code>babel-generator</code>,
<code>babel-helper-module-transforms</code>, <code>babel-parser</code>,
<code>babel-plugin-transform-dynamic-import</code>,
<code>babel-plugin-transform-modules-amd</code>,
<code>babel-plugin-transform-modules-commonjs</code>,
<code>babel-plugin-transform-modules-systemjs</code>,
<code>babel-traverse</code>, <code>babel-types</code>
<ul>
<li><a href="https://snyk.io/redirect/github/babel/babel/pull/15682"
data-hovercard-type="pull_request"
data-hovercard-url="/babel/babel/pull/15682/hovercard">#15682</a> Add
<code>createImportExpressions</code> parser option (<a
href="https://snyk.io/redirect/github/JLHwung">@ JLHwung</a>)</li>
</ul>
</li>
<li><code>babel-standalone</code>
<ul>
<li><a href="https://snyk.io/redirect/github/babel/babel/pull/15671"
data-hovercard-type="pull_request"
data-hovercard-url="/babel/babel/pull/15671/hovercard">#15671</a> Pass
through nonce to the transformed script element (<a
href="https://snyk.io/redirect/github/JLHwung">@ JLHwung</a>)</li>
</ul>
</li>
<li><code>babel-helper-function-name</code>,
<code>babel-helper-member-expression-to-functions</code>,
<code>babel-helpers</code>, <code>babel-parser</code>,
<code>babel-plugin-proposal-destructuring-private</code>,
<code>babel-plugin-proposal-optional-chaining-assign</code>,
<code>babel-plugin-syntax-optional-chaining-assign</code>,
<code>babel-plugin-transform-destructuring</code>,
<code>babel-plugin-transform-optional-chaining</code>,
<code>babel-runtime-corejs2</code>, <code>babel-runtime-corejs3</code>,
<code>babel-runtime</code>, <code>babel-standalone</code>,
<code>babel-types</code>
<ul>
<li><a href="https://snyk.io/redirect/github/babel/babel/pull/15751"
data-hovercard-type="pull_request"
data-hovercard-url="/babel/babel/pull/15751/hovercard">#15751</a> Add
support for optional chain in assignments (<a
href="https://snyk.io/redirect/github/nicolo-ribaudo">@
nicolo-ribaudo</a>)</li>
</ul>
</li>
<li><code>babel-helpers</code>,
<code>babel-plugin-proposal-decorators</code>
<ul>
<li><a href="https://snyk.io/redirect/github/babel/babel/pull/15895"
data-hovercard-type="pull_request"
data-hovercard-url="/babel/babel/pull/15895/hovercard">#15895</a>
Implement the "decorator metadata" proposal (<a
href="https://snyk.io/redirect/github/nicolo-ribaudo">@
nicolo-ribaudo</a>)</li>
</ul>
</li>
<li><code>babel-traverse</code>, <code>babel-types</code>
<ul>
<li><a href="https://snyk.io/redirect/github/babel/babel/pull/15893"
data-hovercard-type="pull_request"
data-hovercard-url="/babel/babel/pull/15893/hovercard">#15893</a> Add
<code>t.buildUndefinedNode</code> (<a
href="https://snyk.io/redirect/github/liuxingbaoyu">@
liuxingbaoyu</a>)</li>
</ul>
</li>
<li><code>babel-preset-typescript</code>
<ul>
<li><a href="https://snyk.io/redirect/github/babel/babel/pull/15913"
data-hovercard-type="pull_request"
data-hovercard-url="/babel/babel/pull/15913/hovercard">#15913</a> Add
<code>rewriteImportExtensions</code> option to TS preset (<a
href="https://snyk.io/redirect/github/nicolo-ribaudo">@
nicolo-ribaudo</a>)</li>
</ul>
</li>
<li><code>babel-parser</code>
<ul>
<li><a href="https://snyk.io/redirect/github/babel/babel/pull/15896"
data-hovercard-type="pull_request"
data-hovercard-url="/babel/babel/pull/15896/hovercard">#15896</a> Allow
TS tuples to have both labeled and unlabeled elements (<a
href="https://snyk.io/redirect/github/yukukotani">@ yukukotani</a>)</li>
</ul>
</li>
</ul>
<h4>🐛 Bug Fix</h4>
<ul>
<li><code>babel-plugin-transform-block-scoping</code>
<ul>
<li><a href="https://snyk.io/redirect/github/babel/babel/pull/15962"
data-hovercard-type="pull_request"
data-hovercard-url="/babel/babel/pull/15962/hovercard">#15962</a> fix:
<code>transform-block-scoping</code> captures the variables of the
method in the loop (<a
href="https://snyk.io/redirect/github/liuxingbaoyu">@
liuxingbaoyu</a>)</li>
</ul>
</li>
</ul>
<h4>💅 Polish</h4>
<ul>
<li><code>babel-traverse</code>
<ul>
<li><a href="https://snyk.io/redirect/github/babel/babel/pull/15797"
data-hovercard-type="pull_request"
data-hovercard-url="/babel/babel/pull/15797/hovercard">#15797</a> Expand
evaluation of global built-ins in <code>@ babel/traverse</code> (<a
href="https://snyk.io/redirect/github/lorenzoferre">@
lorenzoferre</a>)</li>
</ul>
</li>
<li><code>babel-plugin-proposal-explicit-resource-management</code>
<ul>
<li><a href="https://snyk.io/redirect/github/babel/babel/pull/15985"
data-hovercard-type="pull_request"
data-hovercard-url="/babel/babel/pull/15985/hovercard">#15985</a>
Improve source maps for blocks with <code>using</code> declarations (<a
href="https://snyk.io/redirect/github/nicolo-ribaudo">@
nicolo-ribaudo</a>)</li>
</ul>
</li>
</ul>
<h4>🔬 Output optimization</h4>
<ul>
<li><code>babel-core</code>,
<code>babel-helper-module-transforms</code>,
<code>babel-plugin-transform-async-to-generator</code>,
<code>babel-plugin-transform-classes</code>,
<code>babel-plugin-transform-dynamic-import</code>,
<code>babel-plugin-transform-function-name</code>,
<code>babel-plugin-transform-modules-amd</code>,
<code>babel-plugin-transform-modules-commonjs</code>,
<code>babel-plugin-transform-modules-umd</code>,
<code>babel-plugin-transform-parameters</code>,
<code>babel-plugin-transform-react-constant-elements</code>,
<code>babel-plugin-transform-react-inline-elements</code>,
<code>babel-plugin-transform-runtime</code>,
<code>babel-plugin-transform-typescript</code>,
<code>babel-preset-env</code>
<ul>
<li><a href="https://snyk.io/redirect/github/babel/babel/pull/15984"
data-hovercard-type="pull_request"
data-hovercard-url="/babel/babel/pull/15984/hovercard">#15984</a> Inline
<code>exports.XXX =</code> update in simple variable declarations (<a
href="https://snyk.io/redirect/github/nicolo-ribaudo">@
nicolo-ribaudo</a>)</li>
</ul>
</li>
</ul>
<h4>Committers: 7</h4>
<ul>
<li>Babel Bot (<a href="https://snyk.io/redirect/github/babel-bot">@
babel-bot</a>)</li>
<li>Huáng Jùnliàng (<a href="https://snyk.io/redirect/github/JLHwung">@
JLHwung</a>)</li>
<li>Lorenzo Ferretti (<a
href="https://snyk.io/redirect/github/lorenzoferre">@
lorenzoferre</a>)</li>
<li>Nicolò Ribaudo (<a
href="https://snyk.io/redirect/github/nicolo-ribaudo">@
nicolo-ribaudo</a>)</li>
<li>Raj Pawan Shukla (<a
href="https://snyk.io/redirect/github/RajShukla1">@ RajShukla1</a>)</li>
<li>Yuku Kotani (<a href="https://snyk.io/redirect/github/yukukotani">@
yukukotani</a>)</li>
<li><a href="https://snyk.io/redirect/github/liuxingbaoyu">@
liuxingbaoyu</a></li>
</ul>
      </li>
      <li>
<b>7.22.19</b> - <a
href="https://snyk.io/redirect/github/babel/babel/releases/tag/v7.22.19">2023-09-14</a></br><h2>v7.22.19
(2023-09-14)</h2>
<p>Re-published 7.22.18, due to a releasing error.</p>
      </li>
    </ul>
from <a
href="https://snyk.io/redirect/github/babel/babel/releases">@babel/types
GitHub release notes</a>
  </details>
</details>
<hr/>

**Note:** *You are seeing this because you or someone else with access
to this repository has authorized Snyk to open upgrade PRs.*

For more information: <img
src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiJkYTdkYzgwNS0xMDczLTQxMWEtYWM1OC1mYTZjMTcyNTJjNzgiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6ImRhN2RjODA1LTEwNzMtNDExYS1hYzU4LWZhNmMxNzI1MmM3OCJ9fQ=="
width="0" height="0"/>

🧐 [View latest project
report](https://app.snyk.io/org/woodpile37/project/e5e31077-489f-44c1-b24d-4af9a1a8d603?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🛠 [Adjust upgrade PR
settings](https://app.snyk.io/org/woodpile37/project/e5e31077-489f-44c1-b24d-4af9a1a8d603/settings/integration?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🔕 [Ignore this dependency or unsubscribe from future upgrade
PRs](https://app.snyk.io/org/woodpile37/project/e5e31077-489f-44c1-b24d-4af9a1a8d603/settings/integration?pkg&#x3D;@babel/parser&amp;pkg&#x3D;@babel/types&amp;utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr#auto-dep-upgrades)

<!---
(snyk:metadata:{"prId":"da7dc805-1073-411a-ac58-fa6c17252c78","prPublicId":"da7dc805-1073-411a-ac58-fa6c17252c78","dependencies":[{"name":"@babel/parser","from":"7.22.16","to":"7.23.0"},{"name":"@babel/types","from":"7.22.19","to":"7.23.0"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/woodpile37/project/e5e31077-489f-44c1-b24d-4af9a1a8d603?utm_source=github&utm_medium=referral&page=upgrade-pr","projectPublicId":"e5e31077-489f-44c1-b24d-4af9a1a8d603","env":"prod","prType":"upgrade","vulns":[],"issuesToFix":[],"upgrade":[],"upgradeInfo":{"versionsDiff":1,"publishedDate":"2023-09-25T08:10:31.822Z"},"templateVariants":[],"hasFixes":false,"isMajorUpgrade":false,"isBreakingChange":false,"priorityScoreList":[]})
--->
@github-actions github-actions bot added the outdated A closed issue/PR that is archived due to age. Recommended to make a new issue label Dec 27, 2023
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Dec 27, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@nicolo-ribaudo nicolo-ribaudo nicolo-ribaudo approved these changes

@JLHwung JLHwung JLHwung approved these changes

Assignees
No one assigned
Labels
outdated A closed issue/PR that is archived due to age. Recommended to make a new issue pkg: traverse PR: Polish 💅 A type of pull request used for our changelog categories PR: Ready to be Merged A pull request with already two approvals, but waiting for the next minor release
Projects
None yet
Milestone
v7.23.0
Development

Successfully merging this pull request may close these issues.
5 participants
@lorenzoferre @babel-bot @JLHwung @liuxingbaoyu @nicolo-ribaudo