Skip to content

Comments

chore(deps): update oxc to v0.107.0#7758

Merged
shulaoda merged 1 commit intorolldown:mainfrom
camc314:c/cam-bump-oxc
Jan 5, 2026
Merged

chore(deps): update oxc to v0.107.0#7758
shulaoda merged 1 commit intorolldown:mainfrom
camc314:c/cam-bump-oxc

Conversation

@camc314
Copy link
Contributor

@camc314 camc314 commented Jan 5, 2026

closes #7761

Copilot AI review requested due to automatic review settings January 5, 2026 14:03
@socket-security
Copy link

socket-security bot commented Jan 5, 2026

@socket-security
Copy link

socket-security bot commented Jan 5, 2026

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Warn High
Obfuscated code: npm rolldown-vite is 91.0% likely obfuscated

Confidence: 0.91

Location: Package overview

From: pnpm-lock.yamlnpm/[email protected]

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected].

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR updates the oxc dependency from version 0.106.0 to 0.107.0 across the codebase.

  • Updated oxc-related package versions in pnpm workspace catalog
  • Updated oxc crate versions in Cargo.toml
  • Regenerated runtime helper constants with new version number

Reviewed changes

Copilot reviewed 5 out of 8 changed files in this pull request and generated 1 comment.

Show a summary per file
File Description
pnpm-workspace.yaml Updated all @oxc-project and oxc package versions from 0.106.0 to 0.107.0 in the catalog
crates/rolldown_plugin_oxc_runtime/src/generated/embedded_helpers.rs Updated runtime helper version constant and comment to reflect 0.107.0
crates/rolldown/tests/snapshots/integration_test262__test262_module_code.snap Updated snapshot test expectations for improved error messages about duplicate default exports
crates/rolldown/tests/snapshots/integration_rolldown__filename_with_hash.snap Updated hash value in filename snapshot due to upstream changes
crates/rolldown/tests/esbuild/dce/dce_of_symbol_ctor_call/artifacts.snap Added test coverage for Symbol constructor with new keyword
Cargo.toml Updated oxc and oxc_* crate versions from 0.106.0 to 0.107.0
Files not reviewed (1)
  • pnpm-lock.yaml: Language not supported

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@codspeed-hq
Copy link

codspeed-hq bot commented Jan 5, 2026

CodSpeed Performance Report

Merging #7758 will improve performance by 3.33%

Comparing camc314:c/cam-bump-oxc (4608644) with main (e8e1c20)

Summary

⚡ 1 improvement
✅ 7 untouched

Benchmarks breakdown

Benchmark BASE HEAD Efficiency
scan@threejs 155.6 ms 150.6 ms +3.33%

Copilot AI review requested due to automatic review settings January 5, 2026 14:34
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 6 out of 9 changed files in this pull request and generated no new comments.

Files not reviewed (1)
  • pnpm-lock.yaml: Language not supported

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@shulaoda shulaoda merged commit da592c7 into rolldown:main Jan 5, 2026
38 checks passed
@github-actions github-actions bot mentioned this pull request Jan 7, 2026
sapphi-red added a commit that referenced this pull request Jan 7, 2026
@github-actions github-actions bot mentioned this pull request Jan 7, 2026
shulaoda added a commit that referenced this pull request Jan 7, 2026
## [1.0.0-beta.59] - 2026-01-07

⚡ Inline Dynamic Imports for Statically Imported Modules

- When a module is already statically imported, dynamic imports to that same module are now inlined instead of creating a separate chunk

### 🚀 Features

- plugin_timings: add 3s threshold and doc link to warning message (#7741) by @shulaoda
- improve treeshaking logic to handle empty parameter list in dynamic import .then() callbacks (#7781) by @Copilot
- dev/lazy: don't include already executed modules (#7745) by @hyf0
- dev/lazy: support dynamic `import(..)` (#7726) by @hyf0
- inline dynamic imports that imports statically imported modules (#7742) by @IWANABETHATGUY
- option: add experimental option to control chunk optimization (#7738) by @IWANABETHATGUY

### 🐛 Bug Fixes

- inline dynamic entry to user defined entry with esm wrap kind (#7783) by @IWANABETHATGUY
- use canonical namespace reference for property access (#7777) by @IWANABETHATGUY
- dynamic entry merged into common chunk with cjs and esm wrap kind (#7771) by @IWANABETHATGUY
- tla: should not await non-tla-related modules (#7768) by @hyf0
- dynamic entry captured by common chunk with CJS format (#7757) by @IWANABETHATGUY
- module_loader: mark emitted chunks as user-defined entry when already loaded (#7765) by @shulaoda
- normalize preserveModulesRoot path (#7737) by @IWANABETHATGUY
- linker: resolve race condition in side effects computation for export-star (#7728) by @camc314

### 🚜 Refactor

- plugin_timings: filter out plugins with duration < 1s from timing warnings (#7785) by @shulaoda
- module_loader: remove unnecessary collect before extend (#7769) by @shulaoda
- rename _id suffixes to _idx for oxc_index types (#7767) by @IWANABETHATGUY
- remove duplicate `preserve_entry_signatures` from `AddEntryModuleMsg` (#7762) by @shulaoda
- module_loader: pass `user_defined_entries` by reference (#7756) by @shulaoda
- dev/lazy: get proxy entry's `ResolvedId` correctly (#7746) by @hyf0
- simplify try_rewrite_import_expression control flow (#7753) by @IWANABETHATGUY
- module_loader: remove unnecessary dynamic import handling for runtime module (#7754) by @shulaoda
- inline __toDynamicImportESM  (#7747) by @IWANABETHATGUY
- use From impl for ModuleLoaderOutput conversion (#7732) by @shulaoda
- remove duplicate fields from `ModuleLoader` (#7731) by @shulaoda
- tweak `resolve_user_defined_entries` (#7727) by @shulaoda

### 📚 Documentation

- add rolldown-string reference to native MagicString compatibility section (#7778) by @Copilot
- improve comments for export star side effects handling (#7730) by @IWANABETHATGUY

### 🧪 Testing

- use assertion instead of console.log for some testcase (#7744) by @IWANABETHATGUY

### ⚙️ Miscellaneous Tasks

- tweak some `output.dynamicImportInCjs` related rollup test results (#7776) by @sapphi-red
- mark esbuild/dce/dce_of_symbol_ctor_call as passed (#7775) by @sapphi-red
- deps: update oxc apps (#7772) by @renovate[bot]
- vite-tests: allow running on PRs with `test: vite-tests` label (#7770) by @shulaoda
- deps: update oxc apps (#7760) by @renovate[bot]
- deps: update rollup submodule for tests to v4.55.1 (#7763) by @sapphi-red
- deps: update test262 submodule for tests (#7764) by @sapphi-red
- deps: update oxc to v0.107.0 (#7758) by @camc314
- deps: update taiki-e/install-action action to v2.65.13 (#7751) by @renovate[bot]
- deps: update rust crates (#7750) by @renovate[bot]
- deps: update npm packages (#7749) by @renovate[bot]
- deps: update github-actions (#7748) by @renovate[bot]
- deps: update dependency oxlint-tsgolint to v0.10.1 (#7729) by @renovate[bot]
- deps: update crate-ci/typos action to v1.41.0 (#7725) by @renovate[bot]

Co-authored-by: shulaoda <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants