Browserslist version 4.8.6 offers incremental improvements over its predecessor, 4.8.5, focusing primarily on dependency updates that enhance browser compatibility data and tooling support. The key difference lies in the updated dependencies: caniuse-lite jumps from version ^1.0.30001022 to ^1.0.30001023, node-releases moves from ^1.1.46 to ^1.1.47, and electron-to-chromium advances from ^1.3.338 to ^1.3.341.
For developers, these updates translate to more accurate and comprehensive browser support information. caniuse-lite is the backbone providing data on feature support across different browsers, ensuring target browsers are correctly identified. The node-releases update likely brings refinements to Node.js version detection and compatibility. Likewise, newer versions of electron-to-chromium reflects the mapping between Electron versions and underlying Chromium versions that is important for developers targeting both web and Electron environments.
The update also impacts the unpacked size, increasing from 76212 to 76763 which is understandable given the increased data in dependencies. These small changes in dependencies will allow developers to precisely target their front-end code, leading to improved compatibility and a more predictable user experience across various platforms.
All the vulnerabilities related to the version 4.8.6 of the package
Regular Expression Denial of Service in browserslist
The package browserslist from 4.0.0 and before 4.16.5 are vulnerable to Regular Expression Denial of Service (ReDoS) during parsing of queries.
