Version 23.0.0 of @rollup/plugin-commonjs introduces notable updates and dependency changes compared to the previous stable version, 22.0.2. Developers should be aware of these modifications when upgrading. The primary function remains the same: converting CommonJS modules to ES2015 for seamless integration with Rollup bundlers.
Key updates in version 23.0.0 involve dependency upgrades. The glob dependency jumps from ^7.1.6 to ^8.0.3, potentially affecting file matching behavior. Notably, the direct dependency on resolve is removed, streamlining the plugin's internal workings which might influence module resolution strategies. magic-string upgrades to ^0.26.4 from 0.25.7, while estree-walker moves to ^2.0.2 from 2.0.1, suggesting enhancements in source code manipulation and AST traversal respectively. @rollup/pluginutils advances to ^4.2.1 from 3.1.0, indicating improvements in utility functions used within the plugin.
Furthermore, the development dependencies also see significant version bumps. The minimum compatible rollup version is bumped to version 3.x. The typescript dev dependency is upgraded to ^4.8.3 from ^3.9.7.
Developers should carefully evaluate these dependency changes for potential breaking changes in their existing Rollup configurations. Before upgrading it's advisable to test builds thoroughly and examine the plugin's changelog for detailed information on these updates. The package size has decreased significantly too.
The are not vulnerabilities for the version 23.0.0 of the package @rollup/plugin-commonjs
