Upgrade: [dependabot] - bump esbuild from 0.27.1 to 0.27.2 #743

dependabot · 2025-12-17T18:13:30Z

Bumps esbuild from 0.27.1 to 0.27.2.

Release notes

v0.27.2
Allow import path specifiers starting with #/ (#4361)

Previously the specification for package.json disallowed import path specifiers starting with #/, but this restriction has recently been relaxed and support for it is being added across the JavaScript ecosystem. One use case is using it for a wildcard pattern such as mapping #/* to ./src/* (previously you had to use another character such as #_* instead, which was more confusing). There is some more context in nodejs/node#49182.

This change was contributed by @hybrist.
Automatically add the -webkit-mask prefix (#4357, #4358)

This release automatically adds the -webkit- vendor prefix for the mask CSS shorthand property:
/* Original code */
main {
  mask: url(x.png) center/5rem no-repeat
}
/* Old output (with --target=chrome110) */
main {
mask: url(x.png) center/5rem no-repeat;
}
/* New output (with --target=chrome110) */
main {
-webkit-mask: url(x.png) center/5rem no-repeat;
mask: url(x.png) center/5rem no-repeat;
}
This change was contributed by @BPJEnnova.
Additional minification of switch statements (#4176, #4359)

This release contains additional minification patterns for reducing switch statements. Here is an example:
// Original code
switch (x) {
  case 0:
    foo()
    break
  case 1:
  default:
    bar()
}
// Old output (with --minify)
switch(x){case 0:foo();break;case 1:default:bar()}
// New output (with --minify)

... (truncated)

Changelog

Sourced from esbuild's changelog.

0.27.2
Allow import path specifiers starting with #/ (#4361)

Previously the specification for package.json disallowed import path specifiers starting with #/, but this restriction has recently been relaxed and support for it is being added across the JavaScript ecosystem. One use case is using it for a wildcard pattern such as mapping #/* to ./src/* (previously you had to use another character such as #_* instead, which was more confusing). There is some more context in nodejs/node#49182.

This change was contributed by @hybrist.
Automatically add the -webkit-mask prefix (#4357, #4358)

This release automatically adds the -webkit- vendor prefix for the mask CSS shorthand property:
/* Original code */
main {
  mask: url(x.png) center/5rem no-repeat
}
/* Old output (with --target=chrome110) */
main {
mask: url(x.png) center/5rem no-repeat;
}
/* New output (with --target=chrome110) */
main {
-webkit-mask: url(x.png) center/5rem no-repeat;
mask: url(x.png) center/5rem no-repeat;
}
This change was contributed by @BPJEnnova.
Additional minification of switch statements (#4176, #4359)

This release contains additional minification patterns for reducing switch statements. Here is an example:
// Original code
switch (x) {
  case 0:
    foo()
    break
  case 1:
  default:
    bar()
}
// Old output (with --minify)
switch(x){case 0:foo();break;case 1:default:bar()}

... (truncated)

Commits

cd83297 publish 0.27.2 to npm
2759721 additional tests for switch with break
fd2b4b3 update release notes
c8d93a7 fix #4357: -webkit- prefix for mask shorthand (#4358)
92ff12c compat table: update @types/node
a35eceb compat table: fix a type error with the new types
f598984 fix make compat-table to install dependencies
f7f6df0 release notes for #4361
6f8ec15 fix: allow subpath imports that start with #/ (#4361)
f7ae61f minify some switch statements to if-else statement
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

github-actions · 2025-12-17T18:13:40Z

This PR is raised by Dependabot to update a dependency.

eps-autoapprove-dependabot