Bump meriyah from 5.0.0 to 6.0.3

[dependabot]

Bumps meriyah from 5.0.0 to 6.0.3.

Release notes

Sourced from meriyah's releases.

v6.0.2

Bug Fixes

• parser: all identifiers can be start of an expression (7f800c5), closes #342

v6.0.1

Bug Fixes

• scanner: proper EOF error for unterminated template (cde6b2f)

v6.0.0

Bug Fixes

• lexer: identifier starts with unicode-escape needs ID_Start check (e1d5534)
• lexer: in non-strict mode, future reserved keyword can be used as identifier (5764ad7)
• lexer: no line break is allowed in regex literal (773208b)
• lexer: private identifier can start with escaped unicode (85a39e7)
• lexer: unicode escaped "let" can not be let keyword (406d72c)
• parser: "arguments" is not allowed in class property initializer or static block (c9857c6)
• parser: "use strict" directive could be after invalid string (527ea97), closes #149
• parser: a newline may not precede the * token in a yield expression (e0eeb89)
• parser: add missing import-attributes support in ExportNamedDeclaration (f7864a6), closes #289
• parser: async function should not skip duplication error (94d41ae), closes #291
• parser: catch block without catch-binding should have lexical scope (db7b3ae)
• parser: class is implicit strict mode, but decorator before class is not (97f4927)
• parser: class static block disallows "await" as identifier (4c7f2c3)
• parser: class static block disllows "yield" as idenfifier (1cb0d65)
• parser: class static block has no return statement (f2b73ee)
• parser: dot property name can be escaped reserved or future reserved (eedce98)
• parser: escaped reserved keyword can be used as class element name (b8e4b3c)
• parser: fix an edge case of invalid escape in tagged template (118fdae)
• parser: fix annexB behaviour (webcompat) of catch param (359dcbe)
• parser: fix destruct pattern check (1e5e394)
• parser: fix duplicated function params check (d0aeda6)
• parser: fix duplicated proto check in async() and async() => {} (66ad497)
• parser: fix early error on escaped oct and \8 \9 (33b68df)
• parser: fix import.meta check, await check and await in static block (b269996)
• parser: fix jsx parsing on '' (ad71155), closes #185
• parser: fix jsx with comments in tag (a2e4767), closes #185
• parser: fix onToken callback for template and jsx (407a2ca), closes #215 #216
• parser: fix scoped analysis for export binding and name (22509b7)
• parser: fix simple params list and strict reserved check on func (635a41b), closes #295 #296
• parser: fix unicode identifier value and check (36a5ef6)
• parser: generator function should not skip duplication error (d3c953b)
• parser: in strict mode, escaped future reserved can be used as identifier but not destructible (762f8c1)
• parser: iteration/switch cannot across class static block boundry (c832eb6)
• parser: new.target is allowed in class static block (2cec2a9)
• parser: object literal ({a b}) is invalid (c069662), closes #73
• parser: oct escape and \8 \9 are not allowed in template string if not tagged (e12d75d)
• parser: only class static non-private property cannot be named 'prototype' (03ef7bc)

... (truncated)

Changelog

Sourced from meriyah's changelog.

6.0.3 (2024-10-28)

Bug Fixes

• parser: fix tagged template parsing when tag has param(s) (b549ed3), closes #350

6.0.2 (2024-10-01)

Bug Fixes

• parser: all identifiers can be start of an expression (7f800c5), closes #342

6.0.1 (2024-09-16)

Bug Fixes

• scanner: proper EOF error for unterminated template (cde6b2f)

6.0.0 (2024-09-16)

Bug Fixes

• lexer: identifier starts with unicode-escape needs ID_Start check (e1d5534)
• lexer: in non-strict mode, future reserved keyword can be used as identifier (5764ad7)
• lexer: no line break is allowed in regex literal (773208b)
• lexer: private identifier can start with escaped unicode (85a39e7)
• lexer: unicode escaped "let" can not be let keyword (406d72c)
• parser: "arguments" is not allowed in class property initializer or static block (c9857c6)
• parser: "use strict" directive could be after invalid string (527ea97), closes #149
• parser: a newline may not precede the * token in a yield expression (e0eeb89)
• parser: add missing import-attributes support in ExportNamedDeclaration (f7864a6), closes #289
• parser: async function should not skip duplication error (94d41ae), closes #291
• parser: catch block without catch-binding should have lexical scope (db7b3ae)
• parser: class is implicit strict mode, but decorator before class is not (97f4927)
• parser: class static block disallows "await" as identifier (4c7f2c3)
• parser: class static block disllows "yield" as idenfifier (1cb0d65)
• parser: class static block has no return statement (f2b73ee)
• parser: dot property name can be escaped reserved or future reserved (eedce98)
• parser: escaped reserved keyword can be used as class element name (b8e4b3c)
• parser: fix an edge case of invalid escape in tagged template (118fdae)
• parser: fix annexB behaviour (webcompat) of catch param (359dcbe)

... (truncated)

Commits

• 9a189d1 6.0.3
• b549ed3 fix(parser): fix tagged template parsing when tag has param(s)
• f056e3d test: update test262
• 88cea85 ci: add automated job to update test2662
• 48554cc style: fix eslint config
• 5042711 generate whitelist.txt
• 2df0af2 chore: update and clean dependencies
• 26de7a2 6.0.2
• 7f800c5 fix(parser): all identifiers can be start of an expression
• e38466b chore: Update README.md
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@eslint/js@9.14.0	None	0	14.6 kB	eslintbot
npm/@loggings/beta@2.4.0	filesystem	0	67.1 kB	drylian
npm/@types/node@22.8.7	None	+1	2.36 MB	types
npm/eslint@9.14.0	environment Transitive: eval, filesystem, shell, unsafe	+84	10.4 MB	eslintbot
npm/meriyah@6.0.3	None	0	1.56 MB	huochunpeng
npm/tsup@8.3.5	eval, filesystem Transitive: environment, network, shell, unsafe	+74	9.8 MB	egoist
npm/typescript-eslint@8.12.2	Transitive: environment, filesystem	+39	8.26 MB	jameshenry

🚮 Removed packages: npm/@eslint/js@9.10.0, npm/@loggings/beta@2.0.0, npm/@types/node@22.5.5, npm/eslint@9.10.0, npm/meriyah@5.0.0, npm/tsup@8.2.4, npm/typescript-eslint@8.5.0

View full report↗︎

[Ashu11-A]

@dependabot rebase

[dependabot]

Looks like meriyah is up-to-date now, so this is no longer needed.