Update dependency uglifier to v2.7.2 [SECURITY]

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
uglifier	'2.1.1' -> '2.7.2'

GitHub Vulnerability Alerts

CVE-2015-8857

Versions of uglify-js prior to 2.4.24 are affected by a vulnerability which may cause crafted JavaScript to have altered functionality after minification.

Recommendation

Upgrade UglifyJS to version >= 2.4.24.

---

Release Notes

lautis/uglifier (uglifier)

v2.7.2

Compare Source

• update UglifyJS to 2.4.24

v2.7.1

Compare Source

• fix compatibility with experimental Alaska ExecJS runtime

v2.7.0

Compare Source

• copyright comment preservation also includes comments starting with a bang (!)

v2.6.1

Compare Source

• update UglifyJS to 2.4.16

v2.6.0

Compare Source

• allow metadata to be appended to minified code

v2.5.3

Compare Source

• no changes

v2.5.1

Compare Source

• update UglifyJS to 2.4.14

v2.5.0

Compare Source

• update UglifyJS to 2.4.13
• process Angular @​ngInject annotations
• add keep_fargs option
• change ascii_only default to true

v2.4.0

Compare Source

• update UglifyJS to 2.4.8
• add drop_console compress option

v2.3.3

Compare Source

• update UglifyJS to 2.4.7

v2.3.2

Compare Source

• update UglifyJS to 2.4.6
• document missing mangler and output options

v2.3.1

Compare Source

• update UglifyJS to 2.4.3

v2.3.0

Compare Source

• use JSON gem instead of multi_json
  • update UglifyJS to 2.4.1
  • fix issues with some Unicode JS identifiers (#​47, #​58)

v2.2.1

Compare Source

• fix IE8 compatibility

v2.2.0

Compare Source

• update UglifyJS to 2.4.0
  • add negate_iife compressor option
  • escape null characters as \x00, so that null followed by number isn't
    interpreted as octal (#​47)

v2.1.2

Compare Source

• update UglifyJS to 2.3.6

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: Gemfile.lock

[15:54:47.128] INFO (1200): Installing tool ruby@2.1.0...
/usr/local/containerbase/tools/v2/ruby.sh: line 80: /etc/gemrc: Permission denied
[15:54:47.663] ERROR (1200): Command failed with exit code 1: bash /usr/local/containerbase/bin/v2-install-tool.sh install ruby 2.1.0
[15:54:47.664] FATAL (1200): Install tool ruby failed in 545ms.