Security News
JavaScript Leaders Demand Oracle Release the JavaScript Trademark
In an open letter, JavaScript community leaders urge Oracle to give up the JavaScript trademark, arguing that it has been effectively abandoned through nonuse.
@esbuild/freebsd-x64
Advanced tools
The @esbuild/freebsd-x64 npm package is a binary package for esbuild, an extremely fast JavaScript bundler and minifier. This specific package is tailored for FreeBSD x64 systems. It allows developers to bundle JavaScript files for the browser, transpile TypeScript, and minify code among other functionalities, directly on FreeBSD x64 systems.
JavaScript Bundling
This code sample demonstrates how to bundle a JavaScript file along with its dependencies into a single file. This is useful for optimizing web applications for production.
require('esbuild').build({
entryPoints: ['app.js'],
bundle: true,
outfile: 'out.js'
}).catch(() => process.exit(1))
TypeScript Transpilation
This example shows how to transpile TypeScript files into JavaScript, allowing developers to use TypeScript's features while targeting environments that only support JavaScript.
require('esbuild').build({
entryPoints: ['app.ts'],
bundle: true,
outfile: 'out.js',
loader: { '.ts': 'ts' }
}).catch(() => process.exit(1))
Code Minification
This code snippet demonstrates the minification of JavaScript code to reduce file size, which is beneficial for improving load times on web pages.
require('esbuild').build({
entryPoints: ['app.js'],
minify: true,
outfile: 'out.min.js'
}).catch(() => process.exit(1))
Webpack is a powerful module bundler that can transform, bundle, or package just about any resource or asset. Compared to @esbuild/freebsd-x64, webpack offers a more extensive plugin system and configuration options, but esbuild is known for its speed and simplicity.
Parcel is a web application bundler, differentiated by its developer-friendly zero configuration approach. While Parcel and @esbuild/freebsd-x64 both aim to simplify the bundling process, esbuild typically offers faster build times due to its efficient Go-based architecture.
Rollup is a module bundler for JavaScript which compiles small pieces of code into something larger and more complex, such as a library or application. Rollup focuses on ES modules, making it ideal for libraries. Compared to @esbuild/freebsd-x64, Rollup has a different focus but both provide efficient bundling solutions.
This is the FreeBSD 64-bit binary for esbuild, a JavaScript bundler and minifier. See https://github.com/evanw/esbuild for details.
0.20.1
Fix a bug with the CSS nesting transform (#3648)
This release fixes a bug with the CSS nesting transform for older browsers where the generated CSS could be incorrect if a selector list contained a pseudo element followed by another selector. The bug was caused by incorrectly mutating the parent rule's selector list when filtering out pseudo elements for the child rules:
/* Original code */
.foo {
&:after,
& .bar {
color: red;
}
}
/* Old output (with --supported:nesting=false) */
.foo .bar,
.foo .bar {
color: red;
}
/* New output (with --supported:nesting=false) */
.foo:after,
.foo .bar {
color: red;
}
Constant folding for JavaScript inequality operators (#3645)
This release introduces constant folding for the < > <= >=
operators. The minifier will now replace these operators with true
or false
when both sides are compile-time numeric or string constants:
// Original code
console.log(1 < 2, '🍕' > '🧀')
// Old output (with --minify)
console.log(1<2,"🍕">"🧀");
// New output (with --minify)
console.log(!0,!1);
Better handling of __proto__
edge cases (#3651)
JavaScript object literal syntax contains a special case where a non-computed property with a key of __proto__
sets the prototype of the object. This does not apply to computed properties or to properties that use the shorthand property syntax introduced in ES6. Previously esbuild didn't correctly preserve the "sets the prototype" status of properties inside an object literal, meaning a property that sets the prototype could accidentally be transformed into one that doesn't and vice versa. This has now been fixed:
// Original code
function foo(__proto__) {
return { __proto__: __proto__ } // Note: sets the prototype
}
function bar(__proto__, proto) {
{
let __proto__ = proto
return { __proto__ } // Note: doesn't set the prototype
}
}
// Old output
function foo(__proto__) {
return { __proto__ }; // Note: no longer sets the prototype (WRONG)
}
function bar(__proto__, proto) {
{
let __proto__2 = proto;
return { __proto__: __proto__2 }; // Note: now sets the prototype (WRONG)
}
}
// New output
function foo(__proto__) {
return { __proto__: __proto__ }; // Note: sets the prototype (correct)
}
function bar(__proto__, proto) {
{
let __proto__2 = proto;
return { ["__proto__"]: __proto__2 }; // Note: doesn't set the prototype (correct)
}
}
Fix cross-platform non-determinism with CSS color space transformations (#3650)
The Go compiler takes advantage of "fused multiply and add" (FMA) instructions on certain processors which do the operation x*y + z
without intermediate rounding. This causes esbuild's CSS color space math to differ on different processors (currently ppc64le
and s390x
), which breaks esbuild's guarantee of deterministic output. To avoid this, esbuild's color space math now inserts a float64()
cast around every single math operation. This tells the Go compiler not to use the FMA optimization.
Fix a crash when resolving a path from a directory that doesn't exist (#3634)
This release fixes a regression where esbuild could crash when resolving an absolute path if the source directory for the path resolution operation doesn't exist. While this situation doesn't normally come up, it could come up when running esbuild concurrently with another operation that mutates the file system as esbuild is doing a build (such as using git
to switch branches). The underlying problem was a regression that was introduced in version 0.18.0.
FAQs
The FreeBSD 64-bit binary for esbuild, a JavaScript bundler.
We found that @esbuild/freebsd-x64 demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
In an open letter, JavaScript community leaders urge Oracle to give up the JavaScript trademark, arguing that it has been effectively abandoned through nonuse.
Security News
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
Security News
Floating dependency ranges in npm can introduce instability and security risks into your project by allowing unverified or incompatible versions to be installed automatically, leading to unpredictable behavior and potential conflicts.