chore(deps-dev): bump esbuild from 0.8.49 to 0.8.50

[dependabot-preview]

Bumps esbuild from 0.8.49 to 0.8.50.

Release notes

Sourced from esbuild's releases.

v0.8.50

• Using direct eval now pulls in module and exports

  Use of direct eval forces the file to become a CommonJS module and disables dead code elimination in the entire file. The CommonJS closure is necessary to avoid name collisions with other modules, since eval means symbols in the file can no longer be renamed to avoid collisions.

  However, the CommonJS module and exports variables that are arguments to the closure previously weren't considered to be used in this scenario, meaning they may be omitted as dead code for size reasons. This could cause code inside eval to behave incorrectly. Now use of direct eval automatically counts as a use of both module and exports so these variables should now always be present in this case.

• Always remove all "use asm" directives (#856)

  The asm.js subset of JavaScript has complicated validation rules that are triggered by this directive. The parser and code generator in esbuild was not designed with asm.js in mind and round-tripping asm.js code through esbuild will very likely cause it to no longer validate as asm.js. When this happens, V8 prints a warning and people don't like seeing the warning. The warning looks like this:

  (node:58335) V8: example.js:3 Invalid asm.js: Unexpected token
  (Use `node --trace-warnings ...` to show where the warning was created)
  

  I am deliberately not attempting to preserve the validity of asm.js code because it's a complicated legacy format and it's obsolete now that WebAssembly exists. By removing all "use asm" directives, the code will just become normal JavaScript and work fine without generating a warning.

• Fix a variable hoisting edge case (#857)

  It is allowed to use a nested var hoisted declaration with the same name as a top-level function declaration. In that case the two symbols should merge and be treated as the same symbol:

  async function x() {}
  {
    var x;
  }

  The parser previously allowed this for regular functions but not for async or generator functions. Now with this release, this behavior is also allowed for these special kinds of functions too.

• Remove empty CSS rules when minifying (#851)

  Empty rules with no content such as div {} are now removed when CSS is minified. This change was contributed by @susiwen8.

Changelog

Sourced from esbuild's changelog.

0.8.50

• Using direct eval now pulls in module and exports

  Use of direct eval forces the file to become a CommonJS module and disables dead code elimination in the entire file. The CommonJS closure is necessary to avoid name collisions with other modules, since eval means symbols in the file can no longer be renamed to avoid collisions.

  However, the CommonJS module and exports variables that are arguments to the closure previously weren't considered to be used in this scenario, meaning they may be omitted as dead code for size reasons. This could cause code inside eval to behave incorrectly. Now use of direct eval automatically counts as a use of both module and exports so these variables should now always be present in this case.

• Always remove all "use asm" directives (#856)

  The asm.js subset of JavaScript has complicated validation rules that are triggered by this directive. The parser and code generator in esbuild was not designed with asm.js in mind and round-tripping asm.js code through esbuild will very likely cause it to no longer validate as asm.js. When this happens, V8 prints a warning and people don't like seeing the warning. The warning looks like this:

  (node:58335) V8: example.js:3 Invalid asm.js: Unexpected token
  (Use `node --trace-warnings ...` to show where the warning was created)
  

  I am deliberately not attempting to preserve the validity of asm.js code because it's a complicated legacy format and it's obsolete now that WebAssembly exists. By removing all "use asm" directives, the code will just become normal JavaScript and work fine without generating a warning.

• Fix a variable hoisting edge case (#857)

  It is allowed to use a nested var hoisted declaration with the same name as a top-level function declaration. In that case the two symbols should merge and be treated as the same symbol:

  async function x() {}
  {
    var x;
  }

  The parser previously allowed this for regular functions but not for async or generator functions. Now with this release, this behavior is also allowed for these special kinds of functions too.

• Remove empty CSS rules when minifying (#851)

  Empty rules with no content such as div {} are now removed when CSS is minified. This change was contributed by @susiwen8.

Commits

• f05d8a2 publish 0.8.50 to npm
• d496dcf fixes after landing css change
• ba901e0 Fix: css empty rulesets should be removed (#851)
• 6a57230 fix windows ci issue
• c202f4c fix #857: more hoisting edge cases
• 39ac908 fix #856: remove "use asm" directives
• 6d6d306 direct "eval" only does this when bundling
• 36b5727 direct "eval" implies "module" and "exports"
• ce49eac use "ast.Index32" somewhere else too
• b3ff8e9 introduce "ast.Index32"
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in the .dependabot/config.yml file in this repo:

• Update frequency
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

[gitpod-io]

[aws-cdk-automation]

AWS CodeBuild CI Report

• CodeBuild project: AutoBuildProject89A8053A-LhjRyN9kxr8o
• Commit ID: 65e261c
• Result: SUCCEEDED
• Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

[mergify]

Thanks Dependabot!