Browserslist is a vital tool for front-end developers, enabling the sharing of target browser specifications across various tools like Autoprefixer, Stylelint, and babel-env-preset, ensuring consistent compatibility. Comparing versions 4.5.3 and 4.5.4, we see subtle but potentially important differences. Both versions share core functionality and dependencies, including the same caniuse-lite and electron-to-chromium versions, crucial for browser compatibility data.
The upgrade from 4.5.3 to 4.5.4 includes an updated node-releases dependency, moving from version 1.1.12 to 1.1.13. This likely incorporates the latest Node.js release information, which can be critical for developers targeting specific Node.js environments in their projects. Furthermore, the unpacked size of version 4.5.4 is slightly larger (69001 bytes) compared to 4.5.3 (68552 bytes), suggesting minor code or data additions. The release date difference indicates a quick follow-up release, potentially addressing a bug fix or minor feature enhancement. Developers should review the changelog for a detailed breakdown of the changes introduced in version 4.5.4 to ensure compatibility and leverage any improvements for their projects. Staying up-to-date with Browserslist ensures optimal targeting of modern browsers and Node.js environments, leading to more efficient and compatible front-end development workflows.
All the vulnerabilities related to the version 4.5.4 of the package
Regular Expression Denial of Service in browserslist
The package browserslist from 4.0.0 and before 4.16.5 are vulnerable to Regular Expression Denial of Service (ReDoS) during parsing of queries.
