[Snyk] Upgrade @babel/cli from 7.6.2 to 7.25.7

[BenjaminHoegh]

Snyk has created this PR to upgrade @babel/cli from 7.6.2 to 7.25.7.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 67 versions ahead of your current version.

• The recommended version was released on a month ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Uncontrolled resource consumption SNYK-JS-BRACES-6838727	601	Proof of Concept
	Denial of Service (DoS) SNYK-JS-DECODEURICOMPONENT-3149970	601	Proof of Concept
	Arbitrary File Overwrite SNYK-JS-TAR-1536528	601	No Known Exploit
	Arbitrary File Overwrite SNYK-JS-TAR-1536531	601	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579147	601	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579152	601	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579155	601	No Known Exploit
	Prototype Pollution SNYK-JS-UNSETVALUE-2400660	601	No Known Exploit
	Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728	601	No Known Exploit
	Prototype Pollution SNYK-JS-INI-1048974	601	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-559764	601	Proof of Concept
	Uncontrolled Resource Consumption ('Resource Exhaustion') SNYK-JS-TAR-6476909	601	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	601	No Known Exploit
	Prototype Pollution SNYK-JS-MINIMIST-559764	601	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	601	Proof of Concept
	Regular Expression Denial of Service (ReDoS) npm:debug:20170905	601	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TAR-1536758	601	No Known Exploit
	Prototype Pollution SNYK-JS-MINIMIST-2429795	601	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-2429795	601	Proof of Concept
	Validation Bypass SNYK-JS-KINDOF-537849	601	Proof of Concept

Release notes

Package name: @babel/cli

• 7.25.7 - 2024-10-02
  

  v7.25.7 (2024-10-02)

  Thanks @ DylanPiercey and @ YuHyeonWook for your first PRs!

  🐛 Bug Fix

  • babel-helper-validator-identifier
    • #16825 fix: update identifier to unicode 16 (@ JLHwung)
  • babel-traverse
    • #16814 fix: issue with node path keys updated on unrelated paths (@ DylanPiercey)
  • babel-plugin-transform-classes
    • #16797 Use an inclusion rather than exclusion list for super() check (@ nicolo-ribaudo)
  • babel-generator
    • #16788 Fix printing of TS infer in compact mode (@ nicolo-ribaudo)
    • #16785 Print TS type annotations for destructuring in assignment pattern (@ nicolo-ribaudo)
    • #16778 Respect [no LineTerminator here] after nodes (@ nicolo-ribaudo)

  💅 Polish

  • babel-types
    • #16852 Add deprecated JSDOC for fields (@ liuxingbaoyu)

  🏠 Internal

  • babel-core
    • #16820 Allow sync loading of ESM when --experimental-require-module (@ nicolo-ribaudo)
  • babel-helper-compilation-targets, babel-helper-plugin-utils, babel-preset-env
    • #16858 Add browserslist config to external dependency (@ JLHwung)
  • babel-plugin-proposal-destructuring-private, babel-plugin-syntax-decimal, babel-plugin-syntax-import-reflection, babel-standalone
    • #16809 Archive syntax-import-reflection and syntax-decimal (@ nicolo-ribaudo)
  • babel-generator
    • #16779 Simplify logic for [no LineTerminator here] before nodes (@ nicolo-ribaudo)

  🏃‍♀️ Performance

  • babel-plugin-transform-typescript
    • #16875 perf: Avoid extra cloning of namespaces (@ liuxingbaoyu)
  • babel-types
    • #16842 perf: Improve @ babel/types builders (@ liuxingbaoyu)
    • #16828 Only access BABEL_TYPES_8_BREAKING at startup (@ nicolo-ribaudo)

  Committers: 8

  • Babel Bot (@ babel-bot)
  • Dylan Piercey (@ DylanPiercey)
  • Huáng Jùnliàng (@ JLHwung)
  • Nicolò Ribaudo (@ nicolo-ribaudo)
  • @ liuxingbaoyu
  • coderaiser (@ coderaiser)
  • fisker Cheung (@ fisker)
  • hwook (@ YuHyeonWook)
• 7.25.6 - 2024-08-29
  

  v7.25.6 (2024-08-29)

  Thanks @ j4k0xb for your first PR!

  🐛 Bug Fix

  • babel-generator
    • #16783 Properly print inner comments in TS array types (@ nicolo-ribaudo)
    • #16775 fix: jsx whitespace is not properly preserved when retainLines (@ liuxingbaoyu)
  • babel-traverse
    • #16727 fix: path.getAssignmentIdentifiers may be undefined (@ liuxingbaoyu)
  • babel-parser
    • #16761 fix: improve static canFollowModifier checks (@ JLHwung)
  • babel-helpers, babel-plugin-transform-optional-chaining, babel-runtime-corejs3
    • #16769 Only wrap functions in superPropertyGet helper (@ nicolo-ribaudo)

  💅 Polish

  • babel-generator, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-duplicate-named-capturing-groups-regex, babel-plugin-transform-named-capturing-groups-regex, babel-plugin-transform-react-jsx-development, babel-plugin-transform-react-jsx, babel-plugin-transform-react-pure-annotations, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env
    • #16780 Do not enforce printing space between ( and comments (@ nicolo-ribaudo)
  • babel-plugin-syntax-import-assertions, babel-plugin-syntax-import-attributes
    • #16781 Don't throw when enabling both syntax-import-{assertions,attributes} (@ nicolo-ribaudo)
  • babel-generator
    • #16782 TS union/intersection nested in union does not need parens (@ nicolo-ribaudo)

  🏠 Internal

  • babel-generator
    • #16777 Remove unused parent params in the generator (@ nicolo-ribaudo)

  Committers: 5

  • Babel Bot (@ babel-bot)
  • Huáng Jùnliàng (@ JLHwung)
  • Nicolò Ribaudo (@ nicolo-ribaudo)
  • @ j4k0xb
  • @ liuxingbaoyu
• 7.24.8 - 2024-07-11
• 7.24.7 - 2024-06-05
• 7.24.6 - 2024-05-24
• 7.24.5 - 2024-04-29
• 7.24.1 - 2024-03-19
• 7.23.9 - 2024-01-25
• 7.23.4 - 2023-11-20
• 7.23.0 - 2023-09-25
• 7.22.15 - 2023-09-04
• 7.22.10 - 2023-08-07
• 7.22.9 - 2023-07-12
• 7.22.6 - 2023-07-04
• 7.22.5 - 2023-06-08
• 7.21.5 - 2023-04-28
• 7.21.4-esm.4 - 2023-04-04
• 7.21.4-esm.3 - 2023-04-04
• 7.21.4-esm.2 - 2023-04-04
• 7.21.4-esm.1 - 2023-04-04
• 7.21.4-esm - 2023-04-04
• 7.21.0 - 2023-02-20
• 7.20.7 - 2022-12-22
• 7.19.3 - 2022-09-27
• 7.18.10 - 2022-08-01
• 7.18.9 - 2022-07-18
• 7.18.6 - 2022-06-27
• 7.17.10 - 2022-04-29
• 7.17.6 - 2022-02-21
• 7.17.3 - 2022-02-15
• 7.17.0 - 2022-02-02
• 7.16.8 - 2022-01-10
• 7.16.7 - 2021-12-31
• 7.16.0 - 2021-10-29
• 7.15.7 - 2021-09-17
• 7.15.4 - 2021-09-02
• 7.14.8 - 2021-07-20
• 7.14.5 - 2021-06-09
• 7.14.3 - 2021-05-17
• 7.13.16 - 2021-04-20
• 7.13.14 - 2021-03-29
• 7.13.10 - 2021-03-08
• 7.13.0 - 2021-02-22
• 7.12.17 - 2021-02-18
• 7.12.16 - 2021-02-11
• 7.12.13 - 2021-02-03
• 7.12.10 - 2020-12-09
• 7.12.8 - 2020-11-23
• 7.12.7 - 2020-11-20
• 7.12.1 - 2020-10-15
• 7.12.0 - 2020-10-14
• 7.11.6 - 2020-09-03
• 7.11.5 - 2020-08-31
• 7.10.5 - 2020-07-14
• 7.10.4 - 2020-06-30
• 7.10.3 - 2020-06-19
• 7.10.1 - 2020-05-27
• 7.10.0 - 2020-05-26
• 7.8.4 - 2020-01-30
• 7.8.3 - 2020-01-13
• 7.8.0 - 2020-01-12
• 7.7.7 - 2019-12-19
• 7.7.5 - 2019-12-06
• 7.7.4 - 2019-11-22
• 7.7.0 - 2019-11-05
• 7.6.4 - 2019-10-10
• 7.6.3 - 2019-10-08
• 7.6.2 - 2019-09-23

from @babel/cli GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[//]: # 'snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"@babel/cli","from":"7.6.2","to":"7.25.7"}],"env":"prod","hasFixes":true,"isBreakingChange":false,"isMajorUpgrade":false,"issuesToFix":[{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-BRACES-6838727","issue_id":"SNYK-JS-BRACES-6838727","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Uncontrolled resource consumption"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-DECODEURICOMPONENT-3149970","issue_id":"SNYK-JS-DECODEURICOMPONENT-3149970","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Denial of Service (DoS)"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-TAR-1536528","issue_id":"SNYK-JS-TAR-1536528","priority_score":624,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.2","score":410},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Arbitrary File Overwrite"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-TAR-1536531","issue_id":"SNYK-JS-TAR-1536531","priority_score":624,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.2","score":410},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Arbitrary File Overwrite"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-TAR-1579147","issue_id":"SNYK-JS-TAR-1579147","priority_score":639,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.5","score":425},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Arbitrary File Write"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-TAR-1579152","issue_id":"SNYK-JS-TAR-1579152","priority_score":639,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.5","score":425},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Arbitrary File Write"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-TAR-1579155","issue_id":"SNYK-JS-TAR-1579155","priority_score":639,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.5","score":425},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Arbitrary File Write"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-UNSETVALUE-2400660","issue_id":"SNYK-JS-UNSETVALUE-2400660","priority_score":589,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-MICROMATCH-6838728","issue_id":"SNYK-JS-MICROMATCH-6838728","priority_score":589,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Inefficient Regular Expression Complexity"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-INI-1048974","issue_id":"SNYK-JS-INI-1048974","priority_score":686,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.3","score":365},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-MINIMIST-559764","issue_id":"SNYK-JS-MINIMIST-559764","priority_score":601,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.6","score":280},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Prototype Pollution"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-TAR-6476909","issue_id":"SNYK-JS-TAR-6476909","priority_score":646,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.5","score":325},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Uncontrolled Resource Consumption ('Resource Exhaustion')"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-MINIMATCH-3050818","issue_id":"SNYK-JS-MINIMATCH-3050818","priority_score":479,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-MINIMIST-559764","issue_id":"SNYK-JS-MINIMIST-559764","priority_score":601,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.6","score":280},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Prototype Pollution"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-GLOBPARENT-1016905","issue_id":"SNYK-JS-GLOBPARENT-1016905","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"npm:debug:20170905","issue_id":"npm:debug:20170905","priority_score":506,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"3.7","score":185},{"type":"scoreVersion","label":"v1","score":1}],"severity":"low","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-TAR-1536758","issue_id":"SNYK-JS-TAR-1536758","priority_score":410,"priority_score_factors":[{"type":"exploit","label":"Unproven","score":11},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"3.7","score":185},{"type":"scoreVersion","label":"v1","score":1}],"severity":"low","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-MINIMIST-2429795","issue_id":"SNYK-JS-MINIMIST-2429795","priority_score":506,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"3.7","score":185},{"type":"scoreVersion","label":"v1","score":1}],"severity":"low","title":"Prototype Pollution"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-MINIMIST-2429795","issue_id":"SNYK-JS-MINIMIST-2429795","priority_score":506,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"3.7","score":185},{"type":"scoreVersion","label":"v1","score":1}],"severity":"low","title":"Prototype Pollution"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-KINDOF-537849","issue_id":"SNYK-JS-KINDOF-537849","priority_score":506,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"3.7","score":185},{"type":"scoreVersion","label":"v1","score":1}],"severity":"low","title":"Validation Bypass"}],"prId":"d24b22a6-c08a-481b-ba9a-b12a654dd2ae","prPublicId":"d24b22a6-c08a-481b-ba9a-b12a654dd2ae","packageManager":"npm","priorityScoreList":[696,696,624,624,639,639,639,589,589,686,601,646,479,586,506,410,506,506],"projectPublicId":"d2814041-3ec9-48bd-931f-3b8475329362","projectUrl":"https://app.snyk.io/org/benjaminhoegh-eEKDhnM5NN69Xv27uuFsF3/project/d2814041-3ec9-48bd-931f-3b8475329362?utm_source=github&utm_medium=referral&page=upgrade-pr","prType":"upgrade","templateFieldSources":{"branchName":"default","commitMessage":"default","description":"default","title":"default"},"templateVariants":["priorityScore"],"type":"auto","upgrade":["SNYK-JS-BRACES-6838727","SNYK-JS-DECODEURICOMPONENT-3149970","SNYK-JS-TAR-1536528","SNYK-JS-TAR-1536531","SNYK-JS-TAR-1579147","SNYK-JS-TAR-1579152","SNYK-JS-TAR-1579155","SNYK-JS-UNSETVALUE-2400660","SNYK-JS-MICROMATCH-6838728","SNYK-JS-INI-1048974","SNYK-JS-MINIMIST-559764","SNYK-JS-TAR-6476909","SNYK-JS-MINIMATCH-3050818","SNYK-JS-MINIMIST-559764","SNYK-JS-GLOBPARENT-1016905","npm:debug:20170905","SNYK-JS-TAR-1536758","SNYK-JS-MINIMIST-2429795","SNYK-JS-MINIMIST-2429795","SNYK-JS-KINDOF-537849"],"upgradeInfo":{"versionsDiff":67,"publishedDate":"2024-10-02T15:14:20.885Z"},"vulns":["SNYK-JS-BRACES-6838727","SNYK-JS-DECODEURICOMPONENT-3149970","SNYK-JS-TAR-1536528","SNYK-JS-TAR-1536531","SNYK-JS-TAR-1579147","SNYK-JS-TAR-1579152","SNYK-JS-TAR-1579155","SNYK-JS-UNSETVALUE-2400660","SNYK-JS-MICROMATCH-6838728","SNYK-JS-INI-1048974","SNYK-JS-MINIMIST-559764","SNYK-JS-TAR-6476909","SNYK-JS-MINIMATCH-3050818","SNYK-JS-MINIMIST-559764","SNYK-JS-GLOBPARENT-1016905","npm:debug:20170905","SNYK-JS-TAR-1536758","SNYK-JS-MINIMIST-2429795","SNYK-JS-MINIMIST-2429795","SNYK-JS-KINDOF-537849"]}'