chore(deps): update dependency rollup to v4 #281

descope · 2023-11-13T20:28:58Z

This PR contains the following updates:

Package	Type	Update	Change	Pending	OpenSSF
rollup (source)	devDependencies	major	`^2.79.2` -> `^4.0.0`	`4.54.0` (+2)

Release Notes

rollup/rollup (rollup)

`v4.53.3`

Compare Source

2025-11-19

Bug Fixes

Fix an error where too many modules where flagged for having an unused external import (#6182)
Fix an error where an assignment was wrongly tree-shaken when mutating it (#6183)

Pull Requests

#6171: Add test-install CI job to test packaging, installation and importing of rollup package (@antoninkriz, @lukastaegert)
#6174: Re-enable TypeScript test (@lukastaegert)
#6180: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)
#6182: Tracing the importers chain for exported variables in external module (@TrickyPi, @lukastaegert)
#6183: Check if left side is included when checking if assigning to an assignment has side effects (@lukastaegert)

`v4.53.2`

Compare Source

2025-11-10

Bug Fixes

Do not throw when using invalid escape sequences in template literals (#6177)

Pull Requests

#6177: handle TemplateElement with null cooked value (@TrickyPi)

`v4.53.1`

Compare Source

2025-11-07

Bug Fixes

Fix install script (#6172)

Pull Requests

#6172: fix: move patch-package from postinstall to prepare script (@mshima)

`v4.53.0`

Compare Source

2025-11-07

Features

Improve rendering performance by caching generated variable names (#5947)

Pull Requests

#5947: refactor: store safe variable names in cache for subsequent usage (@Aslemammad, @lukastaegert, @Service account user)
#6149: chore(deps): update dependency vite to v7.1.11 [security] (@renovate[bot], @Service account user)
#6151: fix(deps): update swc monorepo (major) (@renovate[bot], @Service account user)
#6152: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @Service account user)
#6153: chore(deps): lock file maintenance minor/patch updates (@renovate[bot], @Service account user)
#6155: Fix tests: Do not swallow warnings for multi-format tests (@lukastaegert, @Service account user)
#6159: chore(deps): update dependency eslint-plugin-unicorn to v62 (@renovate[bot])
#6160: chore(deps): update github artifact actions (major) (@renovate[bot])
#6161: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)
#6164: chore(deps): update dependency @rollup/plugin-alias to v6 (@renovate[bot])
#6165: chore(deps): update dependency @rollup/plugin-commonjs to v29 (@renovate[bot])
#6166: fix(deps): update swc monorepo (major) (@renovate[bot], @lukastaegert)
#6167: chore(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

`v4.52.5`

Compare Source

2025-10-18

Bug Fixes

Always produce valid UUIDs as debugIds in sourcemaps (#6144)

Pull Requests

#6135: chore(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)
#6140: chore(deps): update peter-evans/create-or-update-comment action to v5 (@renovate[bot])
#6141: chore(deps): update peter-evans/find-comment action to v4 (@renovate[bot])
#6142: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)
#6143: chore: eslint enable concurrency option (@btea)
#6144: fix: generation of debugIDs with invalid length (@pablomatiasgomez, @lukastaegert)
#6146: chore(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)
#6147: chore(deps): update actions/setup-node action to v6 (@renovate[bot])

`v4.52.4`

Compare Source

2025-10-03

Bug Fixes

Fix an issue where the wrong branch of nullish coalescing was picked (#6133)

Pull Requests

#6128: Enable npm OIDC publishing (@lukastaegert)
#6133: Correct nullish coalescing branch resolution for symbol left value (@TrickyPi)
#6134: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

`v4.52.3`

Compare Source

2025-09-27

Bug Fixes

Fix check in native loader for environments that do not support reports (#6123)

Pull Requests

#6123: fix(native-loader): safely handle report.getReport() on Termux/Android (@Jobians, @lukastaegert)
#6124: chore(deps): pin msys2/setup-msys2 action to fb197b7 (@renovate[bot])
#6125: fix(deps): lock file maintenance minor/patch updates (@renovate[bot])
#6126: chore(deps): lock file maintenance minor/patch updates (@renovate[bot])

`v4.52.2`

Compare Source

2025-09-23

Bug Fixes

Fix Android build crashing due to failed dlopen (#6109)

Pull Requests

#6109: fix(rust): use prebuilt std when it is available (@cyyynthia)

`v4.52.1`

Compare Source

2025-09-23

Bug Fixes

Opt-out of dynamic import optimization when using top-level await to effectively prevent deadlocks (#6121)

Pull Requests

#6121: Simplify top-level await deadlock prevention (@lukastaegert)

`v4.52.0`

Compare Source

2025-09-19

Features

Add option output.onlyExplicitManualChunks to turn off merging additional dependencies into manual chunks (#6087)
Add support for x86_64-pc-windows-gnu platform (#6110)

Pull Requests

#6087: fix: manualChunks and non manualChunks shared dependencies are merged with the first manualChunk encountered alphabetically (@maiieul)
#6110: Add support x86_64-pc-windows-gnu (@lsq, @lukastaegert)
#6118: Automatically remove REPL artefacts label from PRs (@lukastaegert)

`v4.51.0`

Compare Source

2025-09-19

Features

Support ROLLUP_FILE_URL_OBJ placeholder to inject file URLs into the generated code (#6108)

Bug Fixes

Improve OpenHarmony build to work in more situations (#6115)

Pull Requests

#6108: feat: support ROLLUP_FILE_URL_OBJ for URL object instead of string (@guybedford, @lukastaegert)
#6112: Disable Cargo cache for Android (@lukastaegert)
#6113: fix(deps): update rust crate swc_compiler_base to v35 (@renovate[bot])
#6114: chore(deps): lock file maintenance minor/patch updates (@renovate[bot])
#6115: Disable local_dynamic_tls for OpenHarmony (@hqzing)
#6116: chore(deps): lock file maintenance minor/patch updates (@renovate[bot])
#6117: chore(deps): lock file maintenance (@renovate[bot])

`v4.50.2`

Compare Source

2025-09-15

Bug Fixes

Resolve an issue where unused destructured array pattern declarations would conflict with included variables (#6100)

Pull Requests

#6100: Tree-shake un-included elements in array pattern (@TrickyPi)
#6102: chore(deps): update actions/setup-node action to v5 (@renovate[bot])
#6103: chore(deps): update dependency eslint-plugin-unicorn to v61 (@renovate[bot])
#6104: fix(deps): update swc monorepo (major) (@renovate[bot])
#6105: fix(deps): lock file maintenance minor/patch updates (@renovate[bot])
#6107: Improve CI stability (@lukastaegert)

`v4.50.1`

Compare Source

2025-09-07

Bug Fixes

Resolve a situation where a destructuring default value was removed (#6090)

Pull Requests

#6088: feat(www): shorter repl shareables (@cyyynthia, @lukastaegert)
#6090: Call includeNode for self or children nodes in includeDestructuredIfNecessary (@TrickyPi)
#6091: fix(deps): update rust crate swc_compiler_base to v33 (@renovate[bot])
#6092: chore(deps): lock file maintenance minor/patch updates (@renovate[bot])
#6094: perf: replace startsWith with strict equality (@btea)

`v4.50.0`

Compare Source

2025-08-31

Features

Support openharmony-arm64 platform (#6081)

Bug Fixes

Fix loading of extensionless imports in config files (#6084)

Pull Requests

#6081: Add support for openharmony-arm64 platform (@hqzing, @lukastaegert)
#6084: Return null to defer to the default resolution behavior (@TrickyPi)

`v4.49.0`

Compare Source

2025-08-27

Features

Allow config plugins to resolve imports first before deciding whether to treat them as external (#6038)

Pull Requests

#6038: feat: Run external check in cli/run/loadConfigFile.ts as last in order to allow handling of e.g. workspace package imports in TS monorepos correctly (@stazz, @TrickyPi)
#6082: Improve build pipeline performance (@lukastaegert)

`v4.48.1`

Compare Source

2025-08-25

Bug Fixes

Correctly ignore white-space in JSX strings around line-breaks (#6051)

Pull Requests

#6051: fix: handle whitespace according to JSX common practice (@cyyynthia)
#6078: build: optimize pipeline take two (@cyyynthia)

`v4.48.0`

Compare Source

2025-08-23

Features

If configured, also keep unparseable import attributes of external dynamic imports in the output(#6071)

Bug Fixes

Ensure variables referenced in non-removed import attributes are included (#6071)

Pull Requests

#6071: Keep attributes for external dynamic imports (@TrickyPi)
#6079: fix(deps): update swc monorepo (major) (@renovate[bot])
#6080: fix(deps): lock file maintenance minor/patch updates (@renovate[bot])

`v4.47.1`

Compare Source

2025-08-21

Bug Fixes

Revert build process changes to investigate issues (#6077)

Pull Requests

#6077: Revert "build: aggressively optimize wasm build, improve pipeline (#6053)" (@lukastaegert)

`v4.47.0`

Compare Source

2025-08-21

Features

Aggressively reduce WASM build size (#6053)

Bug Fixes

Fix illegal instruction error on Android ARM platforms (#6072)
Allow to pass explicit undefined for optional fields in Rollup types (#6061)

Pull Requests

#6053: build: aggressively optimize wasm build, improve pipeline (@cyyynthia)
#6061: fix(types): add support for exactOptionalPropertyTypes (@remcohaszing, @lukastaegert)
#6072: build(rust): mimalloc-safe/no_opt_arch on aarch64 (@cyyynthia)

`v4.46.4`

Compare Source

2025-08-20

Bug Fixes

Do not omit synthetic namespaces when only accessed via in operator (#6052)

Pull Requests

#6052: fix: don't optimize in with syntheticNamedExports (@hi-ogawa)
#6074: Update transitive dependency to fix audit (@lukastaegert)

`v4.46.3`

Compare Source

2025-08-18

Bug Fixes

Resolve illegal instruction error on arm64 architectures (#6055)
Resolve sourcemap generation performance regression (#6057)

Pull Requests

#6043: Avoid generated by comment diff on Windows (@sapphi-red)
#6048: chore(deps): update dependency cross-env to v10 (@renovate[bot], @lukastaegert)
#6049: fix(deps): lock file maintenance minor/patch updates (@renovate[bot])
#6055: Fix illegal instruction error on arm64 by enabling no_opt_arch feature for mimalloc-safe (@sapphi-red)
#6057: fix: tweak the fallback logic for tracing segment (@TrickyPi, @lukastaegert)
#6062: docs: update Rust toolchain instructions (@situ2001, @lukastaegert)
#6063: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)
#6067: chore(deps): update actions/checkout action to v5 (@renovate[bot], @lukastaegert)
#6068: chore(deps): update actions/download-artifact action to v5 (@renovate[bot])
#6069: fix(deps): update rust crate swc_compiler_base to v31 (@renovate[bot], @lukastaegert)

`v4.46.2`

Compare Source

2025-07-29

Bug Fixes

Fix in-operator handling for external namespace and when the left side cannot be analyzed (#6041)

Pull Requests

#6041: Correct the logic of include in BinaryExpression and don't optimize external references away (@TrickyPi, @cyyynthia, @lukastaegert)

`v4.46.1`

Compare Source

2025-07-28

Bug Fixes

Do not fail when using the in operator on external namespaces (#6036)

Pull Requests

#6036: disables optimization for external namespace when using the in operator (@TrickyPi)

`v4.46.0`

Compare Source

2025-07-27

Features

Optimize in checks on namespaces to keep them treeshake-able (#6029)

Pull Requests

#5991: feat: update linux-loongarch64-gnu (@wojiushixiaobai, @lukastaegert)
#6029: feat: optimize in checks on namespaces to keep them treeshake-able (@cyyynthia, @lukastaegert)
#6033: fix(deps): update swc monorepo (major) (@renovate[bot], @lukastaegert)

`v4.45.3`

Compare Source

2025-07-26

Bug Fixes

Do not fail build if a const is reassigned but warn instead (#6020)
Fail with a helpful error message if an exported binding is not defined (#6023)

Pull Requests

#6014: chore(deps): update dependency @vue/language-server to v3 (@renovate[bot])
#6015: chore(deps): update dependency vue-tsc to v3 (@renovate[bot], @lukastaegert)
#6016: fix(deps): update swc monorepo (major) (@renovate[bot], @lukastaegert)
#6017: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)
#6020: Make const reassignments only a warning (@lukastaegert)
#6023: Throw descriptive error message for used export is not defined (@TrickyPi)
#6027: feat: upgrade to NAPI-RS 3 stable (@Brooooooklyn)
#6028: Update eslint-plugin-unicorn to resolve vulnerability (@lukastaegert)
#6034: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

`v4.45.1`

Compare Source

2025-07-15

Bug Fixes

Resolve crash when using certain conditional expressions (#6009)

Pull Requests

#6009: Add hasDeoptimizedCache flag for ConditionalExpression (@TrickyPi)

`v4.45.0`

Compare Source

2025-07-12

Features

Improve tree-shaking when both branches of a conditional expression return the same boolean value (#6000)
In environments that support both CJS and ESM, prefer the ESM build of Rollup (#6005)

Bug Fixes

Ensure static blocks do not prevent tree-shaking if they access this (#6001)

Pull Requests

#6000: feat: improve get literal value for conditional expression (@ahabhgk, @lukastaegert)
#6001: Correct the parent scope for static blocks (@TrickyPi, @lukastaegert)
#6005: fix: export field order prefer esm (@DylanPiercey)

`v4.44.2`

Compare Source

2025-07-04

Bug Fixes

Correctly handle @__PURE__ annotations after new keyword (#5998)
Generate correct source mapping for closing braces of block statements (#5999)

Pull Requests

#5998: Support @__PURE__ when nested after new in constructor invocations (@TrickyPi)
#5999: Add location info for closing brace of block statement (@TrickyPi)
#6002: chore(deps): update dependency vite to v7 (@renovate[bot], @lukastaegert)
#6004: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

`v4.44.1`

Compare Source

2025-06-26

Bug Fixes

Reinstate maxParallelFileOps limit of 1000 to resolve the issue for some (#5992)

Pull Requests

#5988: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)
#5992: Set maxParallelFileOps to 1000 (@lukastaegert)

`v4.44.0`

Compare Source

2025-06-19

Features

Remove limit on maxParallelFileOps as this could break watch mode with the commonjs plugin (#5986)

Bug Fixes

Provide better source mappings when coarse intermediate maps are used (#5985)

Pull Requests

#5984: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)
#5985: Improve approximation of coarse sourcemap segments (@TrickyPi)
#5986: Remove limit on max parallel file ops (@lukastaegert)

`v4.43.0`

Compare Source

2025-06-11

Features

Provide new fs option and this.fs API to replace file system (#5944)

Pull Requests

#5944: feat(options): Add an option for overriding the file system module in the JS API (@EggDice, @lukastaegert)

`v4.42.0`

Compare Source

2025-06-06

Features

Add option to allow the input to be located in the output in watch mode (#5966)

Pull Requests

#5966: feat: watch mode add allowInputInsideOutputPath option (@btea, @lukastaegert)

`v4.41.2`

Compare Source

2025-06-06

Bug Fixes

Detect named export usages in dynamic imports with then and non-arrow function expressions (#5977)
Do not replace usages of constant variables with their values for readability (#5968)

Pull Requests

#5968: fix: preserve constant identifiers in unary expressions instead of magic numbers (@OmkarJ13, @lukastaegert)
#5969: chore(deps): update dependency yargs-parser to v22 (@renovate[bot], @lukastaegert)
#5970: chore(deps): lock file maintenance minor/patch updates (@renovate[bot])
#5971: chore(deps): lock file maintenance (@renovate[bot])
#5976: Update README.md (@ftlno, @lukastaegert)
#5977: fix: consider function expression in thenable when tree-shaking dynamic imports (@TrickyPi)
#5981: fix(deps): lock file maintenance minor/patch updates (@renovate[bot])
#5982: Debug/fix watch pipeline (@lukastaegert)

`v4.41.1`

Compare Source

2025-05-24

Bug Fixes

If a plugin calls this.resolve with skipSelf: true, subsequent calls when handling this by the same plugin with same parameters will return null to avoid infinite recursions (#5945)

Pull Requests

#5945: Avoid recursively calling a plugin's resolveId hook with same id and importer (@younggglcy, @lukastaegert)
#5963: fix(deps): update swc monorepo (major) (@renovate[bot])
#5964: fix(deps): lock file maintenance minor/patch updates (@renovate[bot])

`v4.41.0`

Compare Source

2025-05-18

Features

Detect named exports in more dynamic import scenarios (#5954)

Pull Requests

#5949: ci: use node 24 (@btea, @lukastaegert)
#5951: chore(deps): update dependency pretty-bytes to v7 (@renovate[bot])
#5952: fix(deps): update swc monorepo (major) (@renovate[bot], @lukastaegert)
#5953: chore(deps): lock file maintenance minor/patch updates (@renovate[bot])
#5954: enhance tree-shaking for dynamic imports (@TrickyPi, @renovate[bot], @lukastaegert)
#5957: chore(deps): update dependency lint-staged to v16 (@renovate[bot], @lukastaegert)
#5958: fix(deps): update rust crate swc_compiler_base to v20 (@renovate[bot], @lukastaegert)
#5959: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)
#5960: Use spawn to run CLI tests (@lukastaegert)

`v4.40.2`

Compare Source

2025-05-06

Bug Fixes

Create correct IIFE/AMD/UMD bundles when using a mutable default export (#5934)
Fix execution order when using top-level await for dynamic imports with inlineDynamicImports (#5937)
Throw when the output is watched in watch mode (#5939)

Pull Requests

#5934: fix(exports): avoid "exports is not defined" ReferenceError (@dasa)
#5937: consider TLA imports have higher execution priority (@TrickyPi)
#5939: fix: watch mode input should not be an output subpath (@btea)
#5940: chore(deps): update dependency vite to v6.3.4 [security] (@renovate[bot])
#5941: chore(deps): update dependency eslint-plugin-unicorn to v59 (@renovate[bot])
#5942: fix(deps): lock file maintenance minor/patch updates (@renovate[bot])
#5943: fix(deps): lock file maintenance minor/patch updates (@renovate[bot])

`v4.40.1`

Compare Source

2025-04-28

Bug Fixes

Limit hash size for asset file names to the supported 21 (#5921)
Do not inline user-defined entry chunks or chunks with explicit file name (#5923)
Avoid top-level-await cycles when non-entry chunks use top-level await (#5930)
Expose package.json via exports (#5931)

Pull Requests

#5921: fix(assetFileNames): reduce max hash size to 21 (@shulaoda)
#5923: fix: generate the separate chunk for the entry module with explicated chunk filename or name (@TrickyPi)
#5926: fix(deps): update rust crate swc_compiler_base to v18 (@renovate[bot])
#5927: fix(deps): lock file maintenance minor/patch updates (@renovate[bot])
#5928: fix(deps): lock file maintenance minor/patch updates (@renovate[bot])
#5930: Avoid chunks TLA dynamic import circular when TLA dynamic import used in non-entry modules (@TrickyPi)
#5931: chore: add new ./package.json entry (@JounQin, @lukastaegert)
#5936: fix(deps): lock file maintenance minor/patch updates (@renovate[bot])

`v4.40.0`

Compare Source

2025-04-12

Features

Only show eval warnings on first render and only when the call is not tree-shaken (#5892)
Tree-shake non-included dynamic import members when the handler just maps to one named export (#5898)

Bug Fixes

Consider dynamic imports nested within top-level-awaited dynamic import expressions to be awaited as well (#5900)
Fix namespace rendering when tree-shaking is disabled (#5908)
When using multiple transform hook filters, all of them need to be satisfied together (#5909)

Pull Requests

#5892: Warn when eval or namespace calls are rendered, not when they are parsed (@SunsetFi, @lukastaegert)
#5898: feat: treeshake dynamic import chained member expression (@privatenumber, @lukastaegert)
#5900: consider the dynamic import within a TLA call expression as a TLA import (@TrickyPi)
#5904: fix(deps): update swc monorepo (major) (@renovate[bot])
#5905: chore(deps): lock file maintenance minor/patch updates (@renovate[bot])
#5908: Fix treeshake: false breaking destructured namespace imports (@Skn0tt)
#5909: Correct the behavior when multiple transform filter options are specified (@sapphi-red)
#5915: chore(deps): update dependency @types/picomatch to v4 (@renovate[bot])
#5916: fix(deps): update rust crate swc_compiler_base to v17 (@renovate[bot])
#5917: chore(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)
#5918: chore(deps): update dependency vite to v6.2.6 [security] (@renovate[bot], @lukastaegert)

`v4.39.0`

Compare Source

2025-04-02

Features

Do not create separate facade chunks if a chunk would contain several entry modules that allow export extension if there are no export name conflicts (#5891)

Bug Fixes

Mark the id property as optional in the filter for the resolveId hook (#5896)

Pull Requests

#5891: chunk: merge allow-extension modules (@wmertens, @lukastaegert)
#5893: chore(deps): update dependency vite to v6.2.4 [security] (@renovate[bot])
#5896: fix: resolveId id filter is optional (@sapphi-red)

`v4.38.0`

Compare Source

2025-03-29

Features

Support .filter option in resolveId, load and transform hooks (#5882)

Pull Requests

#5882: Add support for hook filters (@sapphi-red)
#5894: fix(deps): lock file maintenance minor/patch updates (@renovate[bot])
#5895: chore(deps): update dependency eslint-plugin-unicorn to v58 (@renovate[bot])

`v4.37.0`

Compare Source

2025-03-23

Features

Support Musl Linux on Riscv64 architectures (#5726)
Handles class decorators placed before the export keyword (#5871)

Bug Fixes

Log Rust panic messages to the console when using the WASM build (#5875)

Pull Requests

#5726: Add support for linux riscv64 musl (@fossdd, @leso-kn)
#5871: feat: support decorators before or after export (@TrickyPi)
#5875: capture Rust panic messages and output them to the console. (@luyahan, @lukastaegert)
#5883: Pin digest of 3rd party actions (@re-taro)
#5885: fix(deps): lock file maintenance minor/patch updates (@renovate[bot])

`v4.36.0`

Compare Source

2025-03-17

Features

Extend renderDynamicImport hook to provide information about static dependencies of the imported module (#5870)
Export several additional types used by Vite (#5879)

Bug Fixes

Do not merge chunks if that would create a top-level await cycle between chunks (#5843)

Pull Requests

#5843: avoiding top level await circular (@TrickyPi, @lukastaegert)
[#

Configuration

📅 Schedule: Branch creation - "after 10pm every weekday,every weekend,before 5am every weekday" in timezone Asia/Jerusalem, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

descope · 2023-11-13T20:29:02Z

⚠ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

any of the package files in this branch needs updating, or
the branch becomes conflicted, or
you click the rebase/retry checkbox if found above, or
you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below: