Unplugin-auto-import, a popular tool for automatically registering global imports in Vite and Webpack projects, has a new version, 0.11.4, released on October 26, 2022. Compared to the prior version, 0.11.3, released just two days earlier on October 24, 2022, this incremental update brings subtle but potentially important changes.
The most significant difference lies in the dependencies. Version 0.11.4 upgrades the core dependency unimport from version ^0.6.8 to ^0.7.0. This could introduce new features, bug fixes, or performance enhancements related to import resolution and management handled by unimport. Additionally, the new version has more files in the package and a slightly bigger unpackedSize.
Developers considering upgrading should carefully review the changelog for unimport@0.7.0 to understand the specific changes and ensure compatibility with their existing code. Also upgrading from @vueuse/metadata@9.3.1 to @vueuse/metadata@9.4.0 and @types/node@18.11.4 to @types/node@18.11.5. While this version bump provides the latest features and improvements, it's crucial to test the upgrade thoroughly in a development environment. The package continues to offer a streamlined development experience by automatically importing frequently used functions and modules, reducing boilerplate code and improving code readability across both Vite and Webpack projects.
All the vulnerabilities related to the version 0.11.4 of the package
antfu/utils vulnerable to prototype pollution
Prototype Pollution in GitHub repository antfu/utils prior to 0.7.3.
