[Snyk] Upgrade rollup from 2.79.1 to 4.18.0

[snyk-io]

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade rollup from 2.79.1 to 4.18.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

• The recommended version is 182 versions ahead of your current version.

• The recommended version was released on 2 months ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Improper Handling of Exceptional Conditions SNYK-JS-OCTOKITWEBHOOKS-6129527	145	No Known Exploit
	Uncaught Exception SNYK-JS-SOCKETIO-7278048	145	No Known Exploit
	Improper Input Validation SNYK-JS-FOLLOWREDIRECTS-6141137	145	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ES5EXT-6095076	145	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	145	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	145	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-6444610	145	Proof of Concept
	Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962462	145	Proof of Concept
	Improper Control of Generation of Code ('Code Injection') SNYK-JS-PUGCODEGEN-7086056	145	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	145	Proof of Concept
	Improper Control of Dynamically-Managed Code Resources SNYK-JS-EJS-6689533	145	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WORDWRAP-3149973	145	Proof of Concept

Release notes

Package name: rollup

• 4.18.0 - 2024-05-22
  

  4.18.0

  2024-05-22

  Features

  • Resolve import.meta.filename and .dirname in transpiled plugins (#5520)

  Pull Requests

  • #5504: Auto generate node index (@ lukastaegert)
  • #5507: chore(deps): lock file maintenance minor/patch updates (@ renovate[bot])
  • #5508: chore(deps): lock file maintenance (@ renovate[bot])
  • #5510: Split up converter.rs into AST nodes (@ lukastaegert)
  • #5512: chore(deps): update dependency builtin-modules to v4 (@ renovate[bot], @ lukastaegert)
  • #5514: chore(deps): lock file maintenance minor/patch updates (@ renovate[bot])
  • #5518: chore(deps): update dependency eslint-plugin-unicorn to v53 (@ renovate[bot], @ lukastaegert)
  • #5519: chore(deps): lock file maintenance minor/patch updates (@ renovate[bot], @ lukastaegert)
  • #5520: Resolve import.meta.{filename,dirname} in files imported from config (@ BPScott)
  • #5521: docs: correct base32 to base36 in documentation (@ highcastlee)
• 4.17.2 - 2024-04-30
  

  4.17.2

  2024-04-30

  Bug Fixes

  • Fix tree-shaking problems when using spread arguments (#5503)

  Pull Requests

  • #5501: Slightly improve perf report (@ lukastaegert)
  • #5503: fix: rest element should deoptimize parameter values (@ liuly0322)
• 4.17.1 - 2024-04-29
  

  4.17.1

  2024-04-29

  Bug Fixes

  • Prevent infinite recursions for certain constructor invocations (#5500)

  Pull Requests

  • #5500: fix: parameter variable infinite recursion error (@ liuly0322)
• 4.17.0 - 2024-04-27
  

  4.17.0

  2024-04-27

  Features

  • Track function call arguments to optimize functions only called once or with the same literal values (re-release from 4.16.0) (#5483)

  Bug Fixes

  • Reduce browser WASM size to a fraction by changing optimization settings (#5494)

  Pull Requests

  • #5483: feature(fix): function parameter tracking (@ liuly0322)
  • #5488: Report performance in CI (@ TrickyPi)
  • #5489: Create FUNDING.json (@ BenJam)
  • #5492: chore(deps): lock file maintenance minor/patch updates (@ renovate[bot])
  • #5493: chore(deps): lock file maintenance minor/patch updates (@ renovate[bot])
  • #5494: Use opt-level=z for browser wasm (@ sapphi-red)
• 4.16.4 - 2024-04-23
  

  4.16.4

  2024-04-23

  Bug Fixes

  • Revert function parameter tracking logic introduced in 4.16.0 to work on some remaining issues (#5487)

  Pull Requests

  • #5487: Revert function parameter tracking logic for now (@ lukastaegert)
• 4.16.3 - 2024-04-23
  

  4.16.3

  2024-04-23

  Bug Fixes

  • Do not optimize IIFEs that have a name and are again referenced inside their definition (#5486)

  Pull Requests

  • #5486: fix: only optimize annoymous iife (@ liuly0322)
• 4.16.2 - 2024-04-22
  

  4.16.2

  2024-04-22

  Bug Fixes

  • Resolve a situation condition where reassignments of function parameters were not tracked properly (#5482)
  • Make sure that for armv7 packages, only one package is downloaded for the user (musl or gnu) (#5479)

  Pull Requests

  • #5479: Add libc field to armv7 packages (@ sapphi-red)
  • #5482: fix: function parameter reassigned update (@ liuly0322)
• 4.16.1 - 2024-04-21
  

  4.16.1

  2024-04-21

  Bug Fixes

  • Fix crash when rendering logical or conditional expressions (#5481)

  Pull Requests

  • #5481: fix: conditional/logical expression should request a new tree-shaking (@ liuly0322)
• 4.16.0 - 2024-04-21
  

  4.16.0

  2024-04-21

  Features

  • Track function call arguments to optimize functions only called once or with the same literal values (#5443)

  Pull Requests

  • #5443: feat: improve tree-shaking by propagate const parameter (@ liuly0322, @ lukastaegert)
• 4.15.0 - 2024-04-20
  

  4.15.0

  2024-04-20

  Features

  • Add output.importAttributesKey option to select whether to use "with" or "assert" for import attributes (#5474)

  Pull Requests

  • #5474: Add ImportAttributesKey to choose keyword ("with" | "assert") (@ doubleaa93, @ lukastaegert)
  • #5475: chore(deps): lock file maintenance minor/patch updates (@ renovate[bot])
  • #5477: Try to run emulated smoke tests for Linux environments (@ lukastaegert)
• 4.14.3 - 2024-04-15
• 4.14.2 - 2024-04-12
• 4.14.1 - 2024-04-07
• 4.14.0 - 2024-04-03
• 4.13.2 - 2024-03-28
• 4.13.1 - 2024-03-27
• 4.13.1-1 - 2024-03-24
• 4.13.0 - 2024-03-12
• 4.12.1 - 2024-03-06
• 4.12.0 - 2024-02-16
• 4.11.0 - 2024-02-15
• 4.10.0 - 2024-02-10
• 4.9.6 - 2024-01-21
• 4.9.5 - 2024-01-12
• 4.9.4 - 2024-01-06
• 4.9.3 - 2024-01-05
• 4.9.2 - 2023-12-30
• 4.9.1 - 2023-12-17
• 4.9.0 - 2023-12-13
• 4.8.0 - 2023-12-11
• 4.7.0 - 2023-12-08
• 4.6.1 - 2023-11-30
• 4.6.0 - 2023-11-26
• 4.5.2 - 2023-11-24
• 4.5.1 - 2023-11-21
• 4.5.0 - 2023-11-18
• 4.4.1 - 2023-11-14
• 4.4.0 - 2023-11-12
• 4.3.1 - 2023-11-11
• 4.3.0 - 2023-11-03
• 4.2.0 - 2023-10-31
• 4.1.6 - 2023-10-31
• 4.1.5 - 2023-10-28
• 4.1.4 - 2023-10-16
• 4.1.3 - 2023-10-15
• 4.1.1 - 2023-10-15
• 4.1.0 - 2023-10-14
• 4.0.2 - 2023-10-06
• 4.0.1 - 2023-10-06
• 4.0.0 - 2023-10-05
• 4.0.0-25 - 2023-10-05
• 4.0.0-24 - 2023-10-03
• 4.0.0-23 - 2023-09-26
• 4.0.0-22 - 2023-09-26
• 4.0.0-21 - 2023-09-24
• 4.0.0-20 - 2023-09-24
• 4.0.0-19 - 2023-09-15
• 4.0.0-18 - 2023-09-15
• 4.0.0-17 - 2023-09-15
• 4.0.0-16 - 2023-09-15
• 4.0.0-15 - 2023-09-15
• 4.0.0-14 - 2023-09-15
• 4.0.0-13 - 2023-08-24
• 4.0.0-12 - 2023-08-23
• 4.0.0-10 - 2023-08-21
• 4.0.0-9 - 2023-08-20
• 4.0.0-8 - 2023-08-20
• 4.0.0-7 - 2023-08-20
• 4.0.0-6 - 2023-08-20
• 4.0.0-5 - 2023-08-20
• 4.0.0-4 - 2023-08-04
• 4.0.0-3 - 2023-08-04
• 4.0.0-2 - 2023-08-01
• 4.0.0-1 - 2023-08-01
• 3.29.4 - 2023-09-28
• 3.29.3 - 2023-09-24
• 3.29.2 - 2023-09-15
• 3.29.1 - 2023-09-10
• 3.29.0 - 2023-09-06
• 3.28.1 - 2023-08-22
• 3.28.0 - 2023-08-09
• 3.27.2 - 2023-08-04
• 3.27.1 - 2023-08-03
• 3.27.0 - 2023-07-28
• 3.26.3 - 2023-07-17
• 3.26.2 - 2023-07-06
• 3.26.1 - 2023-07-05
• 3.26.0 - 2023-06-30
• 3.25.3 - 2023-06-26
• 3.25.2 - 2023-06-24
• 3.25.1 - 2023-06-12
• 3.25.0 - 2023-06-11
• 3.24.1 - 2023-06-10
• 3.24.0 - 2023-06-07
• 3.23.1 - 2023-06-04
• 3.23.0 - 2023-05-22
• 3.22.1 - 2023-05-21
• 3.22.0 - 2023-05-17
• 3.22.0-0 - 2023-05-13
• 3.21.8 - 2023-05-16
• 3.21.7 - 2023-05-13
• 3.21.6 - 2023-05-09
• 3.21.5 - 2023-05-05
• 3.21.4 - 2023-05-03
• 3.21.3 - 2023-05-02
• 3.21.2 - 2023-04-30
• 3.21.1 - 2023-04-29
• 3.21.0 - 2023-04-23
• 3.20.7 - 2023-04-21
• 3.20.6 - 2023-04-18
• 3.20.5 - 2023-04-18
• 3.20.4 - 2023-04-17
• 3.20.3 - 2023-04-16
• 3.20.3-0 - 2023-04-14
• 3.20.2 - 2023-03-24
• 3.20.1 - 2023-03-23
• 3.20.0 - 2023-03-20
• 3.19.1 - 2023-03-10
• 3.19.0 - 2023-03-09
• 3.18.0 - 2023-03-01
• 3.18.0-0 - 2023-02-27
• 3.17.3 - 2023-02-25
• 3.17.3-1 - 2023-02-23
• 3.17.3-0 - 2023-02-22
• 3.17.2 - 2023-02-20
• 3.17.1 - 2023-02-18
• 3.17.0 - 2023-02-18
• 3.16.0 - 2023-02-17
• 3.15.1-1 - 2023-02-14
• 3.15.1-0 - 2023-02-13
• 3.15.0 - 2023-02-10
• 3.14.0 - 2023-02-05
• 3.13.0 - 2023-02-03
• 3.12.1 - 2023-02-01
• 3.12.0 - 2023-01-28
• 3.11.0 - 2023-01-26
• 3.10.1 - 2023-01-20
• 3.10.0 - 2023-01-12
• 3.9.1 - 2023-01-02
• 3.9.0 - 2022-12-28
• 3.8.1 - 2022-12-23
• 3.8.0 - 2022-12-22
• 3.7.6-0 - 2022-12-18
• 3.7.5 - 2022-12-17
• 3.7.5-0 - 2022-12-16
• 3.7.4 - 2022-12-13
• 3.7.3 - 2022-12-11
• 3.7.3-0 - 2022-12-10
• 3.7.2 - 2022-12-10
• 3.7.1 - 2022-12-09
• 3.7.1-0 - 2022-12-08
• 3.7.0 - 2022-12-08
• 3.6.1-0 - 2022-12-06
• 3.6.0 - 2022-12-05
• 3.6.0-1 - 2022-12-05
• 3.6.0-0 - 2022-11-27
• 3.5.1 - 2022-12-01
• 3.5.0 - 2022-11-27
• 3.5.0-0 - 2022-11-25
• 3.4.0 - 2022-11-22
• 3.4.0-1 - 2022-11-21
• 3.4.0-0 - 2022-11-18
• 3.3.0 - 2022-11-12
• 3.3.0-0 - 2022-11-08
• 3.2.5 - 2022-11-01
• 3.2.4 - 2022-10-31
• 3.2.3 - 2022-10-18
• 3.2.2 - 2022-10-16
• 3.2.1 - 2022-10-16
• 3.2.0 - 2022-10-15
• 3.1.0 - 2022-10-12
• 3.0.1 - 2022-10-12
• 3.0.0 - 2022-10-11
• 3.0.0-8 - 2022-10-11
• 3.0.0-7 - 2022-09-23
• 3.0.0-6 - 2022-09-06
• 3.0.0-5 - 2022-08-31
• 3.0.0-4 - 2022-08-15
• 3.0.0-3 - 2022-07-30
• 3.0.0-2 - 2022-07-15
• 3.0.0-1 - 2022-07-08
• 3.0.0-0 - 2022-07-05
• 2.79.1 - 2022-09-22

from rollup GitHub release notes

---

Important

• Warning: This PR contains a major version upgrade, and may be a breaking change.
• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[google-cla]

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.