[Snyk] Upgrade @swc/core from 1.3.68 to 1.13.20 #8155
Conversation
Snyk has created this PR to upgrade @swc/core from 1.3.68 to 1.13.20. See this package in yarn: @swc/core See this project in Snyk: https://app.snyk.io/org/q1bluequantumblockchainlabs.onmicrosoft.com/project/4590850b-6aaf-4257-983f-c8d6bc88021a?utm_source=github&utm_medium=referral&page=upgrade-pr
Review or Edit in CodeSandboxOpen the branch in Web Editor • VS Code • Insiders |
✅ Snyk checks have passed. No issues have been found so far.
💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse. |
📝 WalkthroughThis PR updates the SWC (SpeedyWebCompiler) core package version in the microsite from While this update brings potential performance improvements, it introduces several critical risks: version fragmentation across the project (microsite using 1.13.20 while other components use 1.3.46), missing critical peer dependencies required by the newer SWC version, and potential breaking changes in the SWC 1.13.x API that may affect the custom webpack configuration. 📊 Changes
Sequence DiagramThis diagram shows the interactions between components: sequenceDiagram
title SWC Core Package Update Flow
participant Dev as "Developer"
participant PM as "Package Manager"
participant SWC as "@swc/core v1.13.20"
participant Platform as "Platform-specific Binaries"
participant Counter as "@swc/counter"
participant Types as "@swc/types"
participant App as "Application"
Dev->>PM: Update @swc/core from v1.3.46 to v1.13.20
activate PM
PM->>SWC: Install @swc/core v1.13.20
activate SWC
SWC->>Platform: Load appropriate platform binary
Note over Platform: Platform-specific implementations:<br>darwin-arm64, darwin-x64, linux-arm,<br>linux-arm64-gnu, linux-arm64-musl,<br>linux-x64-gnu, linux-x64-musl,<br>win32-arm64-msvc, win32-ia32-msvc,<br>win32-x64-msvc
SWC->>Counter: Require @swc/counter ^0.1.3
activate Counter
Note over Counter: New dependency in v1.13.20
SWC->>Types: Require @swc/types ^0.1.25
activate Types
Note over Types: New dependency in v1.13.20
Types->>Counter: Require @swc/counter ^0.1.3
SWC-->>PM: Installation complete
deactivate SWC
PM-->>Dev: Dependencies updated
deactivate PM
App->>SWC: Use SWC for transpilation
SWC->>Counter: Track usage metrics
SWC->>Types: Use type definitions
SWC-->>App: Return transpiled code
Note over Dev, App: The update maintains the same API<br>but adds new dependencies and<br>updates platform-specific binaries
🔒 Security Analysis
Caution 4 comments are outside the diff range and can't be posted inline due to platform limitations.
|
![entelligence-ai-pr-reviews[bot]](https://avatars.githubusercontent.com/in/932812?s=60&v=4){kind=small}
| "@docusaurus/plugin-client-redirects": "0.0.0-5591", | ||
| "@docusaurus/preset-classic": "0.0.0-5591", | ||
| "@swc/core": "^1.3.46", | ||
| "@swc/core": "^1.13.20", |
There was a problem hiding this comment.
Correctness: Version fragmentation risk: The microsite now uses SWC 1.13.20 while other parts of the project still use 1.3.46, creating version fragmentation that can cause AST compatibility issues, plugin conflicts, and inconsistent build behavior.
| "@docusaurus/plugin-client-redirects": "0.0.0-5591", | ||
| "@docusaurus/preset-classic": "0.0.0-5591", | ||
| "@swc/core": "^1.3.46", | ||
| "@swc/core": "^1.13.20", |
There was a problem hiding this comment.
Correctness: Missing critical peer dependencies: The upgrade to SWC 1.13.20 introduces new required dependencies that are missing, including @swc/types, @swc/counter, and updated @swc/helpers.
📝 Committable Code Suggestion
‼️ Ensure you review the code suggestion before committing it to the branch. Make sure it replaces the highlighted code, contains no missing lines, and has no issues with indentation.
| "@swc/core": "^1.13.20", | |
| { | |
| "dependencies": { | |
| "@docusaurus/core": "0.0.0-5591", | |
| "@docusaurus/plugin-client-redirects": "0.0.0-5591", | |
| "@docusaurus/preset-classic": "0.0.0-5591", | |
| "@swc/core": "^1.13.20", | |
| "@swc/types": "^0.1.25", | |
| "@swc/counter": "^0.1.3", | |
| "@swc/helpers": ">=0.5.17", | |
| "clsx": "^1.1.1", | |
| "docusaurus-plugin-sass": "^0.2.3", | |
| "luxon": "^3.0.0", | |
| "react": "^17.0.2", | |
| "react-dom": "^17.0.2" | |
| } | |
| "@docusaurus/plugin-client-redirects": "0.0.0-5591", | ||
| "@docusaurus/preset-classic": "0.0.0-5591", | ||
| "@swc/core": "^1.3.46", | ||
| "@swc/core": "^1.13.20", |
There was a problem hiding this comment.
Correctness: swc-loader compatibility: The project uses swc-loader@^0.2.3 which has peer dependency @swc/core: ^1.2.147. The new version 1.13.20 might not be tested with this loader version.
|
This PR has been automatically marked as stale because it has not had recent activity from the author. It will be closed if no further activity occurs. If the PR was closed and you want it re-opened, let us know and we'll re-open the PR so that you can continue the contribution! |
Snyk has created this PR to upgrade @swc/core from 1.3.68 to 1.13.20.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 457 versions ahead of your current version.
The recommended version was released a month ago.
Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
EntelligenceAI PR Summary
This PR updates the SWC (SpeedyWebCompiler) core package version in the microsite from ^1.3.46 to ^1.13.20, along with corresponding platform-specific binaries and dependencies in the yarn.lock file. This represents a significant version jump that brings performance benefits but introduces compatibility risks.