From 21bdb35a078d1e73c78fd35e6a98921c67aee779 Mon Sep 17 00:00:00 2001
From: Tyler Hendrickson <6372535+hendrickson-tyler@users.noreply.github.com>
Date: Wed, 14 May 2025 10:00:34 -0600
Subject: [PATCH] fix(esbuild): update peerDep range (#30402)

## Current Behavior
`esbuild` has a [security
advisory](https://github.com/advisories/GHSA-67mh-4wv8-2f99) for
versions older than 0.25.0. `@nx/esbuild` does not allow versions
greater than 0.19.2 due to the range specified in peer dependencies.

A fix for this was attempted in #30167, but it still does not allow any
versions greater than 0.19.x due to the way [0.x.x releases are
handled](https://github.com/npm/node-semver#caret-ranges-123-025-004).

## Expected Behavior
`@nx/esbuild` allows any version from the current 0.19.2 onwards, not
including a future 1.x.x version. This will allow non-vulnerable
versions of `esbuild` to be used.

## Related Issue(s)
Fixes #30009
Fixes #30370
---
 packages/esbuild/package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/esbuild/package.json b/packages/esbuild/package.json
index 221949a57f..4acb3a38e5 100644
--- a/packages/esbuild/package.json
+++ b/packages/esbuild/package.json
@@ -39,7 +39,7 @@
     "tslib": "^2.3.0"
   },
   "peerDependencies": {
-    "esbuild": "^0.19.2"
+    "esbuild": ">=0.19.2 <1.0.0"
   },
   "peerDependenciesMeta": {
     "esbuild": {