Gulp-uglify versions 3.0.1 and 3.0.2 are both designed to minify JavaScript files using UglifyJS within a Gulp workflow. While offering the same core functionality, some key differences might influence a developer's choice. Version 3.0.2, released in March 2019, replaces the lodash dependency with isobject, array-each, and extend-shallow, potentially impacting performance or bundle size depending on how these utilities interact within the specific build process.
Both versions utilize gulplog for logging, through2 for stream transformation, and uglify-js version 3.0.5 for the actual minification. Important dependencies like safe-buffer, make-error-cause, and vinyl-sourcemaps-apply remain consistent, ensuring continued compatibility with common Gulp workflows and source map handling. Development dependencies, employed for testing and linting, are very similar, consisting on libraries like tape, eslint, prettier, and power-assert. Most of the configuration and plugins for eslint was updated. A major difference is the removal of intelli-espower-loader from the devDependencies in version 3.0.2.
For developers using gulp-uglify, understanding these changes can inform decisions on upgrading. If lodash usage was a bottleneck or concern, version 3.0.2 might offer improvements but is always recommended to test thoroughly after an upgrade. Both versions offer a reliable way to integrate JavaScript minification into Gulp build pipelines, ensuring smaller file sizes and optimized web performance.
The are not vulnerabilities for the version 3.0.2 of the package gulp-uglify
