UglifyJS version 3.16.3 represents a minor update to the popular JavaScript toolkit for parsing, mangling, compressing, and beautifying code, building upon version 3.16.2. While both versions share the same core functionalities, license (BSD-2-Clause), and repository, there are subtle yet potentially impactful differences for developers.
The key change between versions lies in the updated devDependencies. Version 3.16.3 uses acorn version ~8.7.1, while its predecessor relies on acorn ~8.2.1. Acorn is a lightweight JavaScript parser; this update likely incorporates bug fixes, performance improvements, or new ECMAScript feature support within the parsing process. Although semver dependency remains the same, the acorn version update could influence how UglifyJS handles modern JavaScript syntax.
Furthermore, the unpacked size has increased slightly from 1,254,003 bytes in 3.16.2 to 1,267,858 bytes in 3.16.3. This suggests that the new version includes additional code or assets, potentially associated with the acorn update or internal library enhancements. Developers should also bear in mind the release dates since version 3.16.3 was released on 2022-07-24, 20 days after the release of version 3.16.2, potentially meaning one patches an important fix.
For developers using UglifyJS, the upgrade from 3.16.2 to 3.16.3 should be relatively seamless, keeping in mind testing on your target transpiled code is always the best approach when upgrading dependencies. Overall, this update brings refinements to the underlying parsing engine.
The are not vulnerabilities for the version 3.16.3 of the package uglify-js
