create-universal-package
create-universal-package copied to clipboard
rtsao
📦 A toolchain for developing universal (Node.js and browser) JavaScript packages
Bumps [parse-url](https://github.com/IonicaBizau/parse-url) from 6.0.0 to 6.0.2. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. Changelog Sourced from async's changelog. v2.6.4 Fix potential prototype pollution exploit (#1828) Commits c6bdaca Version 2.6.4 8870da9 Update built files 4df6754 update changelog 8f7f903...
Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. Commits 7efb22a 1.2.6 ef88b93 security notice for additional prototype pollution issue c2b9819 isConstructorOrProto adapted from PR bc8ecee test from prototype pollution PR See full...
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...
Bumps [ssri](https://github.com/npm/ssri) from 6.0.1 to 6.0.2. Changelog Sourced from ssri's changelog. 6.0.2 (2021-04-07) Bug Fixes backport regex change from 8.0.1 (b30dfdb), closes #19 Commits b7c8c7c chore(release): 6.0.2 b30dfdb fix: backport...
Bumps [y18n](https://github.com/yargs/y18n) from 3.2.1 to 3.2.2. Commits See full diff in compare view Maintainer changes This version was pushed to npm by oss-bot, a new releaser for y18n since your...
Bumps [mixin-deep](https://github.com/jonschlinkert/mixin-deep) from 1.3.1 to 1.3.2. Commits 754f0c2 1.3.2 90ee1fa ensure keys are valid when mixing in values See full diff in compare view Maintainer changes This version was pushed...
Bumps [acorn](https://github.com/acornjs/acorn) from 5.7.3 to 5.7.4. Commits 6370e90 Mark version 5.7.4 fbc15b1 More rigorously check surrogate pairs in regexp validator See full diff in compare view [](https://help.github.com/articles/configuring-automated-security-fixes) Dependabot...
So the actual `raw` javascript files are not made public/accessible in the distributable unintentionally. cc @lhorie
I found that when I run into this code: ``` {({bar}) => bar ``` I get an error `Unexpected token, expected "," (61:26)` which is where the `.` that splits...
