[Snyk] Upgrade rollup from 4.22.4 to 4.49.0 #390
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Snyk has created this PR to upgrade rollup from 4.22.4 to 4.49.0. See this package in npm: rollup See this project in Snyk: https://app.snyk.io/org/nerds-github/project/cff36355-d877-492a-a8fd-40687822fe66?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade rollup from 4.22.4 to 4.49.0.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 77 versions ahead of your current version.
The recommended version was released 24 days ago.
Issues fixed by the recommended upgrade:
SNYK-JS-CROSSSPAWN-8303230
SNYK-JS-BRACEEXPANSION-9789073
Release notes
Package name: rollup
-
4.49.0 - 2025-08-27
- Allow config plugins to resolve imports first before deciding whether to treat them as external (#6038)
- #6038: feat: Run external check in
- #6082: Improve build pipeline performance (@ lukastaegert)
-
4.48.1 - 2025-08-25
- Correctly ignore white-space in JSX strings around line-breaks (#6051)
- #6051: fix: handle whitespace according to JSX common practice (@ cyyynthia)
- #6078: build: optimize pipeline take two (@ cyyynthia)
-
4.48.0 - 2025-08-23
- If configured, also keep unparseable import attributes of external dynamic imports in the output(#6071)
- Ensure variables referenced in non-removed import attributes are included (#6071)
- #6071: Keep attributes for external dynamic imports (@ TrickyPi)
- #6079: fix(deps): update swc monorepo (major) (@ renovate[bot])
- #6080: fix(deps): lock file maintenance minor/patch updates (@ renovate[bot])
-
4.48.0-0 - 2025-08-22
-
4.47.1 - 2025-08-21
- Revert build process changes to investigate issues (#6077)
- #6077: Revert "build: aggressively optimize wasm build, improve pipeline (#6053)" (@ lukastaegert)
-
4.47.0 - 2025-08-21
- Aggressively reduce WASM build size (#6053)
- Fix illegal instruction error on Android ARM platforms (#6072)
- Allow to pass explicit
- #6053: build: aggressively optimize wasm build, improve pipeline (@ cyyynthia)
- #6061: fix(types): add support for exactOptionalPropertyTypes (@ remcohaszing, @ lukastaegert)
- #6072: build(rust): mimalloc-safe/no_opt_arch on aarch64 (@ cyyynthia)
-
4.46.4 - 2025-08-20
- Do not omit synthetic namespaces when only accessed via
- #6052: fix: don't optimize
- #6074: Update transitive dependency to fix audit (@ lukastaegert)
-
4.46.3 - 2025-08-18
- Resolve illegal instruction error on arm64 architectures (#6055)
- Resolve sourcemap generation performance regression (#6057)
- #6043: Avoid
- #6048: chore(deps): update dependency cross-env to v10 (@ renovate[bot], @ lukastaegert)
- #6049: fix(deps): lock file maintenance minor/patch updates (@ renovate[bot])
- #6055: Fix illegal instruction error on arm64 by enabling
- #6057: fix: tweak the fallback logic for tracing segment (@ TrickyPi, @ lukastaegert)
- #6062: docs: update Rust toolchain instructions (@ situ2001, @ lukastaegert)
- #6063: fix(deps): lock file maintenance minor/patch updates (@ renovate[bot], @ lukastaegert)
- #6067: chore(deps): update actions/checkout action to v5 (@ renovate[bot], @ lukastaegert)
- #6068: chore(deps): update actions/download-artifact action to v5 (@ renovate[bot])
- #6069: fix(deps): update rust crate swc_compiler_base to v31 (@ renovate[bot], @ lukastaegert)
-
4.46.2 - 2025-07-29
- Fix in-operator handling for external namespace and when the left side cannot be analyzed (#6041)
- #6041: Correct the logic of include in BinaryExpression and don't optimize external references away (@ TrickyPi, @ cyyynthia, @ lukastaegert)
-
4.46.1 - 2025-07-28
- Do not fail when using the
- #6036: disables optimization for external namespace when using the in operator (@ TrickyPi)
-
4.46.0 - 2025-07-27
-
4.45.3 - 2025-07-26
-
4.45.1 - 2025-07-15
-
4.45.0 - 2025-07-12
-
4.44.2 - 2025-07-04
-
4.44.1 - 2025-06-26
-
4.44.0 - 2025-06-19
-
4.43.0 - 2025-06-11
-
4.42.0 - 2025-06-06
-
4.41.2 - 2025-06-06
-
4.41.1 - 2025-05-24
-
4.41.0 - 2025-05-18
-
4.40.2 - 2025-05-06
-
4.40.1 - 2025-04-28
-
4.40.0 - 2025-04-12
-
4.39.0 - 2025-04-02
-
4.38.0 - 2025-03-29
-
4.37.0 - 2025-03-23
-
4.36.0 - 2025-03-17
-
4.35.0 - 2025-03-08
-
4.34.9 - 2025-03-01
-
4.34.8 - 2025-02-17
-
4.34.7 - 2025-02-14
-
4.34.6 - 2025-02-07
-
4.34.5 - 2025-02-07
-
4.34.4 - 2025-02-05
-
4.34.3 - 2025-02-05
-
4.34.2 - 2025-02-04
-
4.34.1 - 2025-02-03
-
4.34.0 - 2025-02-01
-
4.33.0 - 2025-02-01
-
4.33.0-0 - 2025-01-28
-
4.32.1 - 2025-01-28
-
4.32.0 - 2025-01-24
-
4.31.0 - 2025-01-19
-
4.31.0-0 - 2025-01-14
-
4.30.1 - 2025-01-07
-
4.30.0 - 2025-01-06
-
4.30.0-1 - 2024-12-30
-
4.30.0-0 - 2024-12-21
-
4.29.2 - 2025-01-05
-
4.29.1 - 2024-12-21
-
4.29.0 - 2024-12-20
-
4.29.0-2 - 2024-12-20
-
4.29.0-1 - 2024-12-19
-
4.29.0-0 - 2024-12-16
-
4.28.1 - 2024-12-06
-
4.28.0 - 2024-11-30
-
4.27.4 - 2024-11-23
-
4.27.3 - 2024-11-18
-
4.27.2 - 2024-11-15
-
4.27.1 - 2024-11-15
-
4.27.1-1 - 2024-11-15
-
4.27.1-0 - 2024-11-15
-
4.27.0 - 2024-11-15
-
4.27.0-1 - 2024-11-14
-
4.27.0-0 - 2024-11-13
-
4.26.0 - 2024-11-13
-
4.25.0 - 2024-11-09
-
4.25.0-0 - 2024-10-29
-
4.24.4 - 2024-11-04
-
4.24.3 - 2024-10-29
-
4.24.2 - 2024-10-27
-
4.24.1 - 2024-10-27
-
4.24.0 - 2024-10-02
-
4.23.0 - 2024-10-01
-
4.22.5 - 2024-09-27
-
4.22.4 - 2024-09-21
from rollup GitHub release notes4.49.0
2025-08-27
Features
Pull Requests
cli/run/loadConfigFile.tsas last in order to allow handling of e.g. workspace package imports in TS monorepos correctly (@ stazz, @ TrickyPi)4.48.1
2025-08-25
Bug Fixes
Pull Requests
4.48.0
2025-08-23
Features
Bug Fixes
Pull Requests
4.48.0-0
4.47.1
2025-08-21
Bug Fixes
Pull Requests
4.47.0
2025-08-21
Features
Bug Fixes
undefinedfor optional fields in Rollup types (#6061)Pull Requests
4.46.4
2025-08-20
Bug Fixes
inoperator (#6052)Pull Requests
inwithsyntheticNamedExports(@ hi-ogawa)4.46.3
2025-08-18
Bug Fixes
Pull Requests
generated bycomment diff on Windows (@ sapphi-red)no_opt_archfeature for mimalloc-safe (@ sapphi-red)4.46.2
2025-07-29
Bug Fixes
Pull Requests
4.46.1
2025-07-28
Bug Fixes
inoperator on external namespaces (#6036)Pull Requests
Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information: