Version 7.13.0 of @babel/eslint-parser introduces notable changes compared to its predecessor, version 7.12.17. Primarily, it upgrades the @babel/core dependency to version 7.13.0, aligning the parser with the latest Babel transformations and features. This ensures compatibility with newer JavaScript syntax and proposals processed by Babel. A key difference lies in the semver dependency. Version 7.13.0 utilizes semver version 7.0.0, while version 7.12.17 relies on semver '^6.3.0'. This suggests potential updates and bug fixes in how semantic versioning is handled, possibly enhancing dependency resolution and security.
Developers upgrading to 7.13.0 benefit from enhanced parsing capabilities, particularly for projects leveraging cutting-edge JavaScript features supported by the corresponding @babel/core version. The updated semver dependency contributes to a more robust and reliable dependency management. The package size has slightly increased from 32361 to 32514 unpacked, and the release date difference illustrates the continuous development around the package which is being actively developed in order to provide the developers with the latest syntax compatibility. As before, it maintains peer dependency requirements for ESLint (>=7.5.0) and @babel/core (>=7.11.0), reinforcing its role as a bridge between Babel's transpilation and ESLint's linting capabilities. The fundamental purpose remains consistent: to enable ESLint to accurately lint code containing experimental or non-standard syntax transformed by Babel, making it a crucial tool for modern JavaScript development workflows.
All the vulnerabilities related to the version 7.13.0 of the package
semver vulnerable to Regular Expression Denial of Service
Versions of the package semver before 7.5.2 on the 7.x branch, before 6.3.1 on the 6.x branch, and all other versions before 5.7.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.
