Browserslist version 4.7.0 represents a minor update to the popular tool for sharing target browsers across various front-end development tools. Compared to the previous stable version, 4.6.6, this release includes updated dependency versions, specifically caniuse-lite, node-releases, and electron-to-chromium. These updates likely bring improvements in browser support data, Node.js version awareness, and Electron compatibility, respectively. For instance, caniuse-lite progresses from ^1.0.30000984 to ^1.0.30000989, indicating updated browser feature support information. Similarly, node-releases moves from ^1.1.25 to ^1.1.29, suggesting enhanced knowledge of supported Node.js versions. Finally, electron-to-chromium jumps from ^1.3.191 to ^1.3.247, implying better alignment with newer Electron releases.
Developers should note these updated dependencies, especially if their projects rely on accurate browser feature detection, support for specific Node.js versions, or seamless integration with Electron applications. Version 4.7.0 provides a slightly fresher snapshot of the web development landscape, ensuring tools like Autoprefixer, Stylelint, and babel-env-preset operate with the latest browser compatibility data. The unpacked size is marginally decreased from 71843 to 71437, although this is unlikely to be a significant factor for most users. The release date of version 4.7.0 is August 31, 2019, while version 4.6.6 was released on July 14, 2019, further highlighting the relatively recent nature of the dependency updates included in the newer version.
All the vulnerabilities related to the version 4.7.0 of the package
Regular Expression Denial of Service in browserslist
The package browserslist from 4.0.0 and before 4.16.5 are vulnerable to Regular Expression Denial of Service (ReDoS) during parsing of queries.
