[Snyk] Upgrade tslib from 2.2.0 to 2.6.2

[ReyBan82]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade tslib from 2.2.0 to 2.6.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 11 versions ahead of your current version.
• The recommended version was released a month ago, on 2023-08-18.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Prototype Poisoning SNYK-JS-QS-3153490	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TMPL-1583443	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Sandbox Bypass SNYK-JS-WEBPACK-3358798	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Improper Privilege Management SNYK-JS-SHELLJS-2332187	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Denial of Service (DoS) SNYK-JS-DECODEURICOMPONENT-3149970	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-JSONSCHEMA-1920922	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Denial of Service (DoS) SNYK-JS-NWSAPI-2841516	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PROMPTS-1729737	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TERSER-2806366	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TERSER-2806366	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Reverse Tabnabbing SNYK-JS-ISTANBULREPORTS-2328088	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Prototype Pollution SNYK-JS-JSON5-3182856	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-JSON5-3182856	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WORDWRAP-3149973	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-2429795	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: tslib

• 2.6.2 - 2023-08-18
  

  What's Changed

  • Fix path to exports["module"]["types"] by @ andrewbranch in #217

  Full Changelog: v2.6.1...v2.6.2

• 2.6.1 - 2023-07-24
  

  What's Changed

  • Allow functions as values in __addDisposableResource by @ rbuckton in #215
  • Stop using es6 syntax in the es6 file by @ andrewbranch in #216

  Full Changelog: 2.6.0...v2.6.1

• 2.6.0 - 2023-06-26
  

  What's Changed

  • Add helpers for using and await using by @ rbuckton in #213

  Full Changelog: v2.5.3...2.6.0

• 2.5.3 - 2023-06-02
  

  What's Changed

  • Do not reference tslib.es6.js from package.json exports by @ andrewbranch in #208

  Full Changelog: 2.5.2...v2.5.3

• 2.5.2 - 2023-05-18
  

  This release explicitly re-exports helpers to work around TypeScript's incomplete symbol resolution for tslib.

• 2.5.1 - 2023-05-17
  

  This release of tslib provides fixes for two issues.

  First, it reverses the order of init hooks provided by decorators to correctly reflect proposed behavior.

  Second, it corrects the exports field of tslib's package.json and provides accurate declaration files so that it may be consumed under the node16 and bundler settings for moduleResolution.

• 2.5.0 - 2023-01-26
  

  What's New

  • Fix asyncDelegator reporting done too early by @ apendua in #187
  • Add support for TypeScript 5.0's __esDecorate and related helpers by @ rbuckton in #193

  Full Changelog: 2.4.1...2.5.0

• 2.4.1 - 2022-10-31
  

  This release contains fixes for early returns and throws invoked on generators.

• 2.4.0 - 2022-04-22
  

  This release includes the __classPrivateFieldIn helper as well as an update to __createBinding to reduce indirection between multiple re-exports.

• 2.3.1 - 2021-08-11
  

  This release updates the __spreadArray helper for TypeScript 4.4 to correctly operate on collections that are not "concat-spreadable" such as the DOM's NodeLists and HTMLCollections.

• 2.3.0 - 2021-06-11
• 2.2.0 - 2021-04-05

from tslib GitHub release notes

Commit messages

Package name: tslib

• 49ac8dc 2.6.2
• 3071b51 Merge pull request #217 from microsoft/bug/fix-modules-condition-types-path
• 743045e Fix path to exports["module"]["types"]
• 41c120d 2.6.1
• be55012 Merge pull request #216 from microsoft/bug/205
• 8d4c782 Undo format on save
• 74f91b3 Stop using es6 syntax in the es6 file
• 1d606f6 Allow functions as values in __addDisposableResource (changelog survivejs/webpack-merge#215)
• 7c7f3ae 2.6.0
• f641b05 Add helpers for `using` and `await using` (fix: support object/array-formed condition (#212) survivejs/webpack-merge#213)
• cc5ff03 2.5.3
• a471c51 Merge pull request chore: Switch from Travis to GitHub actions for CI survivejs/webpack-merge#208 from microsoft/moar-modules
• 80deca0 Do not reference tslib.es6.js from package.json exports
• e623061 Bump version to 2.5.2.
• 2b57a92 Use named reexport to satsify incomplete TS symbol resolution (Fiirefox7/merge-webpack survivejs/webpack-merge#204)
• 91fcbd0 Reverse order of decorator-injected initializers (Shell survivejs/webpack-merge#202)
• eab3cff Merge pull request resolve alias survivejs/webpack-merge#200 from Andarist/fix/import-types
• 5ef7d1a Update modules/index.d.ts
• 7def846 Merge pull request 1 survivejs/webpack-merge#201 from microsoft/fix-esm
• 4e79d03 Merge pull request TypeScript: use union types instead of enums survivejs/webpack-merge#179 from guybedford/patch-4
• 033b363 Add default export to modules/index.js
• 897f11e Ensure tslib.es6.js is typed
• a0a67d9 Add Node-specific export condition for ESM entrypoint that re-exports CJS
• 0f84d40 Add propert declaration file for the `import` condition

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs