Babel Preset Env version 7.13.0 introduces several updates and refinements compared to its predecessor, version 7.12.17, particularly impacting developers focused on modern JavaScript compatibility. A core change is the update to various dependency versions. For example, @babel/types advances to ^7.13.0, core-js-compat jumps to ^3.9.0, and @babel/compat-data is now at ^7.13.0, potentially bringing updated ECMAScript feature support and bug fixes.
Several @babel/plugin-transform-* packages saw an increase to ^7.13.0 as well, aligning them with the newest iteration and ensuring compatibility with the latest Babel core. These include transforms for destructuring, arrow functions, modules, and more. Furthermore, @babel/plugin-proposal-* packages also show similar updating, encompassing features like class properties and optional chaining. These changes signify an ongoing effort to keep Babel current with evolving JavaScript standards and proposals.
Interestingly, the older version explicitly listed @babel/helper-module-imports as a dependency, which 7.13.0 omits. Also, the semver dependency updated from ^5.5.0 to 7.0.0. From a developer's perspective, upgrading to 7.13.0 will likely mean access to the most recent language feature support and potential performance improvements within Babel's transformation processes. However, developers should also carefully review the updated dependencies to ensure compatibility with their existing projects.
All the vulnerabilities related to the version 7.13.0 of the package
semver vulnerable to Regular Expression Denial of Service
Versions of the package semver before 7.5.2 on the 7.x branch, before 6.3.1 on the 6.x branch, and all other versions before 5.7.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.
