Security News
Supply Chain Attack Detected in Solana's web3.js Library
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.
@esbuild/linux-mips64el
Advanced tools
The Linux MIPS 64-bit Little Endian binary for esbuild, a JavaScript bundler.
This is the Linux MIPS 64-bit Little Endian binary for esbuild, a JavaScript bundler and minifier. See https://github.com/evanw/esbuild for details.
0.24.0
This release deliberately contains backwards-incompatible changes. To avoid automatically picking up releases like this, you should either be pinning the exact version of esbuild
in your package.json
file (recommended) or be using a version range syntax that only accepts patch upgrades such as ^0.23.0
or ~0.23.0
. See npm's documentation about semver for more information.
Drop support for older platforms (#3902)
This release drops support for the following operating system:
This is because the Go programming language dropped support for this operating system version in Go 1.23, and this release updates esbuild from Go 1.22 to Go 1.23. Go 1.23 now requires macOS 11 Big Sur or later.
Note that this only affects the binary esbuild executables that are published to the esbuild npm package. It's still possible to compile esbuild's source code for these older operating systems. If you need to, you can compile esbuild for yourself using an older version of the Go compiler (before Go version 1.23). That might look something like this:
git clone https://github.com/evanw/esbuild.git
cd esbuild
go build ./cmd/esbuild
./esbuild --version
Fix class field decorators in TypeScript if useDefineForClassFields
is false
(#3913)
Setting the useDefineForClassFields
flag to false
in tsconfig.json
means class fields use the legacy TypeScript behavior instead of the standard JavaScript behavior. Specifically they use assign semantics instead of define semantics (e.g. setters are triggered) and fields without an initializer are not initialized at all. However, when this legacy behavior is combined with standard JavaScript decorators, TypeScript switches to always initializing all fields, even those without initializers. Previously esbuild incorrectly continued to omit field initializers for this edge case. These field initializers in this case should now be emitted starting with this release.
Avoid incorrect cycle warning with tsconfig.json
multiple inheritance (#3898)
TypeScript 5.0 introduced multiple inheritance for tsconfig.json
files where extends
can be an array of file paths. Previously esbuild would incorrectly treat files encountered more than once when processing separate subtrees of the multiple inheritance hierarchy as an inheritance cycle. With this release, tsconfig.json
files containing this edge case should work correctly without generating a warning.
Handle Yarn Plug'n'Play stack overflow with tsconfig.json
(#3915)
Previously a tsconfig.json
file that extends
another file in a package with an exports
map could cause a stack overflow when Yarn's Plug'n'Play resolution was active. This edge case should work now starting with this release.
Work around more issues with Deno 1.31+ (#3917)
This version of Deno broke the stdin
and stdout
properties on command objects for inherited streams, which matters when you run esbuild's Deno module as the entry point (i.e. when import.meta.main
is true
). Previously esbuild would crash in Deno 1.31+ if you ran esbuild like that. This should be fixed starting with this release.
This fix was contributed by @Joshix-1.
FAQs
The Linux MIPS 64-bit Little Endian binary for esbuild, a JavaScript bundler.
The npm package @esbuild/linux-mips64el receives a total of 4,496,635 weekly downloads. As such, @esbuild/linux-mips64el popularity was classified as popular.
We found that @esbuild/linux-mips64el demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.