From e5bc4552015b71678102fd922609ef184502410c Mon Sep 17 00:00:00 2001
From: Merlin Beutlberger <m.beutlberger@sap.com>
Date: Thu, 6 Aug 2020 19:38:13 +0200
Subject: [PATCH] [DEPENDENCY] Pin estraverse to v5.1.0

Since the "self-protection" mechanism of our JSModuleAnalyzer [1] is
highly dependent on the set of possible node types provided by
estraverse, we often saw problems in consuming projects after new
releases of estraverse. With estraverse@5.2.0 this is yet again the
case.

This change forces consumers to use a version of estraverse that is
supported by JSModuleAnalyzer (currently 5.1.0). Version updates will
only happen through pull requests created by dependabot.

[1]: https://github.com/SAP/ui5-builder/issues/309#issuecomment-521108883
---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index 10ebb1ce0..c1e007562 100644
--- a/package.json
+++ b/package.json
@@ -105,7 +105,7 @@
 		"escodegen": "^1.14.3",
 		"escope": "^3.6.0",
 		"esprima": "^4.0.1",
-		"estraverse": "^5.1.0",
+		"estraverse": "5.1.0",
 		"globby": "^11.0.1",
 		"graceful-fs": "^4.2.4",
 		"jsdoc": "^3.6.5",