Bundt evolved from version 0.0.0 to 0.1.0, introducing enhancements beneficial for developers aiming to streamline JavaScript module bundling. While both versions are marked as "WIP" (Work in Progress), version 0.1.0 showcases significant development. The initial release (0.0.0) established the project's foundation, providing a minimal setup for experimentation. This initial version mainly contained developer dependencies for testing purposes..
The 0.1.0 release marks a substantial leap forward by introducing core dependencies. It incorporates kleur for adding color to terminal output, enhancing the user experience during bundling processes. The mk-dirs dependency ensures the creation of necessary directories, simplifying file management. Crucially, rewrite-imports automates the rewriting of import statements, crucial for flexible module resolution during bundling, and terser handles JavaScript parsing, mangling, and compression.
These included dependencies signal the start of bundt becoming a useful tool for developers. The addition of these packages indicates a deliberate move towards functionality, transforming bundt from a conceptual experiment into a potentially valuable utility for JavaScript bundling.
Furthermore, version 0.1.0 reflects a larger unpacked size (9278 bytes vs 6317 bytes) and a higher file count (4 vs 3), solidifying the addition of functionalities.
All the vulnerabilities related to the version 0.1.0 of the package
Terser insecure use of regular expressions leads to ReDoS
The package terser before 4.8.1, from 5.0.0 and before 5.14.2 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure usage of regular expressions.
