UglifyJS, a popular JavaScript toolkit for parsing, mangling, compressing, and beautifying code, saw a minor version bump from 3.13.7 to 3.13.8. While the core functionality remains consistent, developers should be aware of the subtle changes potentially impacting their workflows. Both versions share the same core dependencies, relying on "acorn" version ~8.2.1 for parsing and "semver" version ~6.3.0 for semantic versioning. The license remains the permissive BSD-2-Clause, and the repository is hosted on GitHub under the mishoo/UglifyJS project. Author information also remains unchanged.
The key difference between versions 3.13.7 and 3.13.8 lies in the release date and the unpacked size of the package. Version 3.13.8 was released on May 26, 2021, whereas version 3.13.7 was released earlier, on May 18, 2021. The unpacked size for 3.13.8 is slightly larger, at 1,149,861 bytes, compared to 1,147,329 bytes for 3.13.7. This increase, although minimal, suggests that some internal changes, bug fixes, or optimizations were implemented in the newer version causing the change in file size.
For developers using UglifyJS, upgrading to version 3.13.8 is generally recommended to benefit from any potential bug fixes or performance improvements. However, given the minor version increment, the changes are likely not breaking, but it's always prudent to test after upgrading to ensure compatibility with existing build processes and codebases. Examine the changelog, or commit history, for specific details of the changesets in version 3.13.8.
The are not vulnerabilities for the version 3.13.8 of the package uglify-js
