chore(deps-dev): bump esbuild from 0.25.1 to 0.25.2 in the npm_and_yarn group across 1 directory (#3279)

Bumps the npm_and_yarn group with 1 update in the / directory:
[esbuild](https://github.com/evanw/esbuild).

Updates `esbuild` from 0.25.1 to 0.25.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/evanw/esbuild/releases">esbuild's
releases</a>.</em></p>
<blockquote>
<h2>v0.25.2</h2>
<ul>
<li>
<p>Support flags in regular expressions for the API (<a
href="https://redirect.github.com/evanw/esbuild/issues/4121">#4121</a>)</p>
<p>The JavaScript plugin API for esbuild takes JavaScript regular
expression objects for the <code>filter</code> option. Internally these
are translated into Go regular expressions. However, this translation
previously ignored the <code>flags</code> property of the regular
expression. With this release, esbuild will now translate JavaScript
regular expression flags into Go regular expression flags. Specifically
the JavaScript regular expression <code>/\.[jt]sx?$/i</code> is turned
into the Go regular expression <code>`(?i)\.[jt]sx?$`</code> internally
inside of esbuild's API. This should make it possible to use JavaScript
regular expressions with the <code>i</code> flag. Note that JavaScript
and Go don't support all of the same regular expression features, so
this mapping is only approximate.</p>
</li>
<li>
<p>Fix node-specific annotations for string literal export names (<a
href="https://redirect.github.com/evanw/esbuild/issues/4100">#4100</a>)</p>
<p>When node instantiates a CommonJS module, it scans the AST to look
for names to expose via ESM named exports. This is a heuristic that
looks for certain patterns such as <code>exports.NAME = ...</code> or
<code>module.exports = { ... }</code>. This behavior is used by esbuild
to &quot;annotate&quot; CommonJS code that was converted from ESM with
the original ESM export names. For example, when converting the file
<code>export let foo, bar</code> from ESM to CommonJS, esbuild appends
this to the end of the file:</p>
<pre lang="js"><code>// Annotate the CommonJS export names for ESM
import in node:
0 &amp;&amp; (module.exports = {
  bar,
  foo
});
</code></pre>
<p>However, this feature previously didn't work correctly for export
names that are not valid identifiers, which can be constructed using
string literal export names. The generated code contained a syntax
error. That problem is fixed in this release:</p>
<pre lang="js"><code>// Original code
let foo
export { foo as &quot;foo!&quot; }
<p>// Old output (with --format=cjs --platform=node)
...
0 &amp;&amp; (module.exports = {
&quot;foo!&quot;
});</p>
<p>// New output (with --format=cjs --platform=node)
...
0 &amp;&amp; (module.exports = {
&quot;foo!&quot;: null
});
</code></pre></p>
</li>
<li>
<p>Basic support for index source maps (<a
href="https://redirect.github.com/evanw/esbuild/issues/3439">#3439</a>,
<a
href="https://redirect.github.com/evanw/esbuild/pull/4109">#4109</a>)</p>
<p>The source map specification has an optional mode called <a
href="https://tc39.es/ecma426/#sec-index-source-map">index source
maps</a> that makes it easier for tools to create an aggregate
JavaScript file by concatenating many smaller JavaScript files with
source maps, and then generate an aggregate source map by simply
providing the original source maps along with some offset information.
My understanding is that this is rarely used in practice. I'm only aware
of two uses of it in the wild: <a
href="https://clojurescript.org/">ClojureScript</a> and <a
href="https://turbo.build/pack/">Turbopack</a>.</p>
<p>This release provides basic support for indexed source maps. However,
the implementation has not been tested on a real app (just on very
simple test input). If you are using index source maps in a real app,
please try this out and report back if anything isn't working for
you.</p>
<p>Note that this is also not a complete implementation. For example,
index source maps technically allows nesting source maps to an arbitrary
depth, while esbuild's implementation in this release only supports a
single level of nesting. It's unclear whether supporting more than one
level of nesting is important or not given the lack of available test
cases.</p>
<p>This feature was contributed by <a
href="https://github.com/clyfish"><code>@​clyfish</code></a>.</p>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/evanw/esbuild/blob/main/CHANGELOG.md">esbuild's
changelog</a>.</em></p>
<blockquote>
<h2>0.25.2</h2>
<ul>
<li>
<p>Support flags in regular expressions for the API (<a
href="https://redirect.github.com/evanw/esbuild/issues/4121">#4121</a>)</p>
<p>The JavaScript plugin API for esbuild takes JavaScript regular
expression objects for the <code>filter</code> option. Internally these
are translated into Go regular expressions. However, this translation
previously ignored the <code>flags</code> property of the regular
expression. With this release, esbuild will now translate JavaScript
regular expression flags into Go regular expression flags. Specifically
the JavaScript regular expression <code>/\.[jt]sx?$/i</code> is turned
into the Go regular expression <code>`(?i)\.[jt]sx?$`</code> internally
inside of esbuild's API. This should make it possible to use JavaScript
regular expressions with the <code>i</code> flag. Note that JavaScript
and Go don't support all of the same regular expression features, so
this mapping is only approximate.</p>
</li>
<li>
<p>Fix node-specific annotations for string literal export names (<a
href="https://redirect.github.com/evanw/esbuild/issues/4100">#4100</a>)</p>
<p>When node instantiates a CommonJS module, it scans the AST to look
for names to expose via ESM named exports. This is a heuristic that
looks for certain patterns such as <code>exports.NAME = ...</code> or
<code>module.exports = { ... }</code>. This behavior is used by esbuild
to &quot;annotate&quot; CommonJS code that was converted from ESM with
the original ESM export names. For example, when converting the file
<code>export let foo, bar</code> from ESM to CommonJS, esbuild appends
this to the end of the file:</p>
<pre lang="js"><code>// Annotate the CommonJS export names for ESM
import in node:
0 &amp;&amp; (module.exports = {
  bar,
  foo
});
</code></pre>
<p>However, this feature previously didn't work correctly for export
names that are not valid identifiers, which can be constructed using
string literal export names. The generated code contained a syntax
error. That problem is fixed in this release:</p>
<pre lang="js"><code>// Original code
let foo
export { foo as &quot;foo!&quot; }
<p>// Old output (with --format=cjs --platform=node)
...
0 &amp;&amp; (module.exports = {
&quot;foo!&quot;
});</p>
<p>// New output (with --format=cjs --platform=node)
...
0 &amp;&amp; (module.exports = {
&quot;foo!&quot;: null
});
</code></pre></p>
</li>
<li>
<p>Basic support for index source maps (<a
href="https://redirect.github.com/evanw/esbuild/issues/3439">#3439</a>,
<a
href="https://redirect.github.com/evanw/esbuild/pull/4109">#4109</a>)</p>
<p>The source map specification has an optional mode called <a
href="https://tc39.es/ecma426/#sec-index-source-map">index source
maps</a> that makes it easier for tools to create an aggregate
JavaScript file by concatenating many smaller JavaScript files with
source maps, and then generate an aggregate source map by simply
providing the original source maps along with some offset information.
My understanding is that this is rarely used in practice. I'm only aware
of two uses of it in the wild: <a
href="https://clojurescript.org/">ClojureScript</a> and <a
href="https://turbo.build/pack/">Turbopack</a>.</p>
<p>This release provides basic support for indexed source maps. However,
the implementation has not been tested on a real app (just on very
simple test input). If you are using index source maps in a real app,
please try this out and report back if anything isn't working for
you.</p>
<p>Note that this is also not a complete implementation. For example,
index source maps technically allows nesting source maps to an arbitrary
depth, while esbuild's implementation in this release only supports a
single level of nesting. It's unclear whether supporting more than one
level of nesting is important or not given the lack of available test
cases.</p>
<p>This feature was contributed by <a
href="https://github.com/clyfish"><code>@​clyfish</code></a>.</p>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/evanw/esbuild/commit/4475787eef4c4923b92b9fa37ebba1c88b9e1d9b"><code>4475787</code></a>
publish 0.25.2 to npm</li>
<li><a
href="https://github.com/evanw/esbuild/commit/8f56771afc37c2b328056a2e6aefdfc2b821c5d7"><code>8f56771</code></a>
fix <a
href="https://redirect.github.com/evanw/esbuild/issues/4121">#4121</a>:
map js regexp flags to go regexp flags</li>
<li><a
href="https://github.com/evanw/esbuild/commit/36b458d144796882a78baaa40baac5f88c7694b1"><code>36b458d</code></a>
follow-up to <a
href="https://redirect.github.com/evanw/esbuild/issues/4109">#4109</a></li>
<li><a
href="https://github.com/evanw/esbuild/commit/8b8437cb0fccd680ef39548fc7bb56ff8f48333d"><code>8b8437c</code></a>
feat: support index source map (<a
href="https://redirect.github.com/evanw/esbuild/issues/4109">#4109</a>)</li>
<li><a
href="https://github.com/evanw/esbuild/commit/75286c1b4fabcf93140b97c3c0488f0253158b47"><code>75286c1</code></a>
unit test for absolute windows paths in source map</li>
<li><a
href="https://github.com/evanw/esbuild/commit/bcc77fbee56ec7c050813c972d8bb1e06a8e57ef"><code>bcc77fb</code></a>
fix <a
href="https://redirect.github.com/evanw/esbuild/issues/4100">#4100</a>:
invalid identifiers in node annotation</li>
<li><a
href="https://github.com/evanw/esbuild/commit/37cb6a2bc3da13e7805a57782ced720fda7eb1f7"><code>37cb6a2</code></a>
fix a warning from <code>npm publish</code></li>
<li>See full diff in <a
href="https://github.com/evanw/esbuild/compare/v0.25.1...v0.25.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=esbuild&package-manager=npm_and_yarn&previous-version=0.25.1&new-version=0.25.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/MetaMask/snaps/network/alerts).

</details>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>

Author: dependabot[bot]

packages/snaps-controllers/package.json

@@ -137,7 +137,7 @@
     "@wdio/static-server-service": "^8.19.0",
     "deepmerge": "^4.2.2",
     "depcheck": "^1.4.7",
-    "esbuild": "^0.25.1",
+    "esbuild": "^0.25.2",
     "eslint": "^9.11.0",
     "expect-webdriverio": "^4.4.1",
     "istanbul-lib-coverage": "^3.2.0",

packages/snaps-execution-environments/package.json

@@ -103,7 +103,7 @@
     "browserify": "^17.0.0",
     "deepmerge": "^4.2.2",
     "depcheck": "^1.4.7",
-    "esbuild": "^0.25.1",
+    "esbuild": "^0.25.2",
     "eslint": "^9.11.0",
     "expect-webdriverio": "^4.4.1",
     "istanbul-lib-coverage": "^3.2.0",

packages/snaps-utils/package.json

@@ -126,7 +126,7 @@
     "@wdio/types": "^8.19.0",
     "deepmerge": "^4.2.2",
     "depcheck": "^1.4.7",
-    "esbuild": "^0.25.1",
+    "esbuild": "^0.25.2",
     "eslint": "^9.11.0",
     "expect-webdriverio": "^4.4.1",
     "istanbul-lib-coverage": "^3.2.0",