[Snyk] Upgrade: @babel/parser, @babel/traverse, @babel/types

[snyk-bot]

Snyk has created this PR to upgrade multiple dependencies.

👯‍♂ The following dependencies are linked and will therefore be updated together. :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name	Versions	Released on
@babel/parserfrom 7.12.11 to 7.13.16	14 versions ahead of your current version	25 days agoon 2021-04-20
@babel/traversefrom 7.12.12 to 7.13.17	6 versions ahead of your current version	24 days agoon 2021-04-20
@babel/typesfrom 7.12.12 to 7.13.17	8 versions ahead of your current version	24 days agoon 2021-04-20

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Command Injection SNYK-JS-LODASH-1040724	467/1000 Why? Proof of Concept exploit, CVSS 7.2	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	467/1000 Why? Proof of Concept exploit, CVSS 7.2	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: @babel/parser

• 7.13.16 - 2021-04-20

  v7.13.16 (2021-04-20)

  Thanks @ codyatwork and @ nwalters512 for your first PRs!

  👓 Spec Compliance

  • babel-parser
    • #13143 fix: raise SyntaxError for declare before getter/setter (@ fedeci)

  🐛 Bug Fix

  • babel-helpers, babel-plugin-transform-modules-commonjs, babel-plugin-transform-regenerator, babel-plugin-transform-spread, babel-preset-env, babel-runtime-corejs2, babel-runtime
    • #13129 Support iterating generators in browsers without Symbol (@ nicolo-ribaudo)
  • babel-helper-compilation-targets
    • #13159 fix: add default value for browserslist config path (@ JLHwung)
  • babel-generator
    • #13136 Fix printing of single-param async arrow function with comments (@ nwalters512)

  📝 Documentation

  • Other
    • #13155 Update links in eslint-parser README (@ codyatwork)
  • babel-types
    • #13148 docs: refine babel-types docs generator (@ JLHwung)
  • babel-helper-compilation-targets
    • #13131 docs: add README to helper-compilation-targets (@ JLHwung)

  🏠 Internal

  • babel-helper-bindify-decorators, babel-helper-explode-class
    • #13160 Archive helper-explode-class and helper-bindify-decorators (@ JLHwung)
  • Other
    • #13158 codecov: token not required (@ hzoo)
  • babel-helper-call-delegate
    • #13153 Archive @ babel/helper-call-delegate (@ nicolo-ribaudo)
  • babel-helper-hoist-variables, babel-plugin-transform-block-scoping
    • #13152 refactor: use FunctionParent on visiting var scope (@ JLHwung)
  • babel-cli, babel-core, babel-generator, babel-plugin-transform-function-name, babel-register, babel-types
    • #13139 Remove remaining lodash dependencies (@ nicolo-ribaudo)

  Committers: 7

  • Babel Bot (@ babel-bot)
  • Cody Mims (@ codyatwork)
  • Federico Ciardi (@ fedeci)
  • Henry Zhu (@ hzoo)
  • Huáng Jùnliàng (@ JLHwung)
  • Nathan Walters (@ nwalters512)
  • Nicolò Ribaudo (@ nicolo-ribaudo)
• 7.13.15 - 2021-04-08

  v7.13.15 (2021-04-08)

  👓 Spec Compliance

  • babel-parser
    • #13099 fix: raise SyntaxError for unparenthesized assert and assign (@ fedeci)
    • #13049 fix: the LHS in for-of loop should not start with let (@ JLHwung)

  🐛 Bug Fix

  • babel-parser
    • #13101 fix(ts): allow trailing comma after rest parameter in TSDeclareFunction (@ fedeci)
  • babel-plugin-proposal-do-expressions, babel-traverse
    • #10101 yield for do expression (@ tanhauhau)
    • #13030 Refactor switch support in NodePath#getCompletionRecords (@ JLHwung)
  • Other
    • #13106 fix: do not filter report from functions within class elements (@ JLHwung)
  • babel-compat-data, babel-preset-env
    • #13075 Compile classes when spread is unsupported (@ nicolo-ribaudo)

  💅 Polish

  • babel-preset-env
    • #13115 [preset-env - debug] Print targets that need each plugin (@ nicolo-ribaudo)

  📝 Documentation

  • #13081 Update CoC contacts (@ nicolo-ribaudo)

  🏠 Internal

  • babel-plugin-transform-regenerator, babel-standalone
    • #13086 Align regenerator-transform import with native ESM (@ nicolo-ribaudo)
  • babel-helper-transform-fixture-test-runner
    • #13087 Do not load root babel.config.js in tests (@ nicolo-ribaudo)

  🏃‍♀️ Performance

  • babel-preset-env
    • #13076 perf: lazy load preset-env plugins (@ JLHwung)

  Committers: 5

  • Bogdan Savluk (@ zxbodya)
  • Federico Ciardi (@ fedeci)
  • Huáng Jùnliàng (@ JLHwung)
  • Nicolò Ribaudo (@ nicolo-ribaudo)
  • Tan Li Hau (@ tanhauhau)
• 7.13.13 - 2021-03-26

  v7.13.13 (2021-03-26)

  👓 Spec Compliance

  • babel-parser
    • #12441 Disallow await before exponential (@ JLHwung)

  🐛 Bug Fix

  • babel-core
    • #13031 Correctly handle relative browserslistConfigFile paths (@ nicolo-ribaudo)
  • babel-core, babel-preset-env
    • #13028 Resolve .browserslistrc as a project-wide file (@ nicolo-ribaudo)
  • babel-plugin-transform-react-constant-elements
    • #13054 fix: constant variables only enable constant react elements (@ cgood92)
  • babel-types
    • #13046 fix(types): add missing range for BaseNode (@ JounQin)
  • babel-node
    • #13037 fix: make babel-node spawned process bubble msg (@ lambertkevin)
  • babel-parser
    • #12933 fix(ts): parenthesized assert and assign (@ fedeci)

  💅 Polish

  • babel-cli, babel-core
    • #12954 Do not bail on SHOW_CONFIG_FOR matches (@ JLHwung)

  🏠 Internal

  • babel-core
    • #13021 Remove lodash sortBy use (@ jridgewell)
  • Other
    • #13055 Replace CircleCI badge by GitHub CI (@ JLHwung)
  • babel-traverse
    • #13044 Expand type definitions for path.{get,set}Data to cover symbols (@ addaleax)

  🏃‍♀️ Performance

  • babel-core
    • #13040 Set rootMode: "root" in loadPartialConfig (@ nicolo-ribaudo)

  Committers: 8

  • Anna Henningsen (@ addaleax)
  • Clint Goodman (@ cgood92)
  • Federico Ciardi (@ fedeci)
  • Huáng Jùnliàng (@ JLHwung)
  • JounQin (@ JounQin)
  • Justin Ridgewell (@ jridgewell)
  • Nicolò Ribaudo (@ nicolo-ribaudo)
  • @ lambertkevin
• 7.13.12 - 2021-03-22

  v7.13.12 (2021-03-22)

  Thanks @ hajnalbendeguz for your first PR!

  🐛 Bug Fix

  • babel-standalone
    • #13017 Fix importing polyfill plugins in the Rollup bundle (@ nicolo-ribaudo)
  • babel-plugin-bugfix-v8-spread-parameters-in-optional-chaining, babel-plugin-proposal-optional-chaining, babel-preset-env
    • #13009 Implement @ babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining (@ JLHwung)
  • babel-types
    • #12971 fix: do not throw when creating type annotation based on bigint (@ JLHwung)
  • babel-compat-data, babel-preset-env
    • #13008 Update compat data (@ JLHwung)

  💅 Polish

  • babel-plugin-transform-react-jsx
    • #12983 Improve error message when not providing a value for JSX key (@ hajnalbendeguz)

  🏠 Internal

  • babel-compat-data
    • #13024 Remove lodash from babel-compat-data (@ jridgewell)
  • babel-node
    • #13025 Remove lodash from @ babel/node tests (@ jridgewell)
  • babel-helper-module-transforms
    • #13022 Remove lodash/chunk (@ jridgewell)
  • babel-plugin-transform-proto-to-assign
    • #13026 Remove lodash/pull (@ jridgewell)
  • babel-helper-define-map
    • #13023 Remove lodash/has (@ jridgewell)

  Committers: 6

  • Bogdan Savluk (@ zxbodya)
  • Huáng Jùnliàng (@ JLHwung)
  • Justin Ridgewell (@ jridgewell)
  • Nicolò Ribaudo (@ nicolo-ribaudo)
  • Sosuke Suzuki (@ sosukesuzuki)
  • @ hajnalbendeguz
• 7.13.11 - 2021-03-15

  v7.13.11 (2021-03-15)

  👓 Spec Compliance

  • babel-parser, babel-plugin-proposal-class-static-block
    • #12738 Support multiple static blocks (@ JLHwung)

  🐛 Bug Fix

  • babel-compat-data
    • #13000 Point to CJS files in @ babel/compat-data's exports (@ nicolo-ribaudo)
  • babel-parser
    • #12962 Parse type imports in TSImportEqualsDeclaration (@ JLHwung)
  • babel-compat-data, babel-helper-compilation-targets
    • #12996 Fix esmodule: "intersect" on iOS versions (@ JLHwung)

  🔬 Output optimization

  • babel-helper-create-class-features-plugin, babel-plugin-proposal-async-generator-functions, babel-plugin-proposal-class-properties, babel-plugin-proposal-private-methods, babel-plugin-proposal-private-property-in-object, babel-plugin-transform-typescript, babel-preset-env
    • #12990 Use function rather than var to compile private methods (@ nicolo-ribaudo)

  Committers: 3

  • Babel Bot (@ babel-bot)
  • Huáng Jùnliàng (@ JLHwung)
  • Nicolò Ribaudo (@ nicolo-ribaudo)
• 7.13.10 - 2021-03-08 Read more
• 7.13.9 - 2021-03-01 Read more
• 7.13.4 - 2021-02-23
• 7.13.0 - 2021-02-22
• 7.12.17 - 2021-02-18
• 7.12.16 - 2021-02-11
• 7.12.15 - 2021-02-04
• 7.12.14 - 2021-02-03
• 7.12.13 - 2021-02-03
• 7.12.11 - 2020-12-15

from @babel/parser GitHub release notes

Package name: @babel/traverse

• 7.13.17 - 2021-04-20 Read more
• 7.13.15 - 2021-04-08 Read more
• 7.13.13 - 2021-03-26 Read more
• 7.13.0 - 2021-02-22
• 7.12.17 - 2021-02-18
• 7.12.13 - 2021-02-03
• 7.12.12 - 2020-12-23

from @babel/traverse GitHub release notes

Package name: @babel/types

• 7.13.17 - 2021-04-20 Read more
• 7.13.16 - 2021-04-20 Read more
• 7.13.14 - 2021-03-29 Read more
• 7.13.13 - 2021-03-26 Read more
• 7.13.12 - 2021-03-22 Read more
• 7.13.0 - 2021-02-22
• 7.12.17 - 2021-02-18
• 7.12.13 - 2021-02-03
• 7.12.12 - 2020-12-23

from @babel/types GitHub release notes

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs