alfred
alfred copied to clipboard
[Snyk] Upgrade core-js from 3.22.4 to 3.30.2
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade core-js from 3.22.4 to 3.30.2.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is 29 versions ahead of your current version.
- The recommended version was released a month ago, on 2023-05-06.
Release notes
Package name: core-js
-
3.30.2 - 2023-05-06
- Added a fix for a NodeJS 20.0.0 bug with cloning
File
viastructuredClone
- Added protection from Terser unsafe
String
optimization, #1242 - Added a workaround for getting proper global object in Figma plugins, #1231
- Compat data improvements:
- Added NodeJS 20.0 compat data mapping
- Added Deno 1.33 compat data mapping
URL.canParse
marked as supported (fixed) from NodeJS 20.1.0 and Deno 1.33.2
- Added a fix for a NodeJS 20.0.0 bug with cloning
-
3.30.1 - 2023-04-13
- Added a fix for a NodeJS 19.9.0
URL.canParse
bug - Compat data improvements:
JSON.parse
source text access proposal features marked as supported from V8 ~ Chrome 114ArrayBuffer.prototype.transfer
and friends proposal features marked as supported from V8 ~ Chrome 114URLSearchParams.prototype.size
marked as supported from V8 ~ Chrome 113
- Added a fix for a NodeJS 19.9.0
-
3.30.0 - 2023-04-03
- Added
URL.canParse
method, url/763 Set
methods proposal:- Removed sort from
Set.prototype.intersection
, March 2023 TC39 meeting, proposal-set-methods/94
- Removed sort from
- Iterator Helpers proposals (sync, async):
- Validate arguments before opening iterator, March 2023 TC39 meeting, proposal-iterator-helpers/265
- Explicit Resource Management proposals (sync, async):
(Async)DisposableStack.prototype.move
marks the original stack as disposed, #1226- Some simplifications like proposal-explicit-resource-management/150
Iterator.range
proposal:- Moved to Stage 2, March 2023 TC39 meeting
- Decorator Metadata proposal:
- Returned to usage
Symbol.metadata
, March 2023 TC39 meeting, proposal-decorator-metadata/12
- Returned to usage
- Compat data improvements:
URLSearchParams.prototype.size
marked as supported from FF112, NodeJS 19.8 and Deno 1.32- Added Safari 16.4 compat data
- Added Deno 1.32 compat data mapping
- Added Electron 25 and updated 24 compat data mapping
- Added Samsung Internet 21 compat data mapping
- Added Quest Browser 26 compat data mapping
- Updated Opera Android 74 compat data
- Added
-
3.29.1 - 2023-03-13
- Fixed dependencies of some entries
- Fixed
ToString
conversion / built-ins nature of some accessors String.prototype.{ isWellFormed, toWellFormed }
marked as supported from V8 ~ Chrome 111- Added Opera Android 74 compat data mapping
-
3.29.0 - 2023-02-26
- Added
URLSearchParams.prototype.size
getter, url/734 - Allowed cloning resizable
ArrayBuffer
s in thestructuredClone
polyfill - Fixed wrong export in
/(stable|actual|full)/instance/unshift
entries, #1207 - Compat data improvements:
Set
methods proposal marked as supported from Bun 0.5.7String.prototype.toWellFormed
marked as fixed from Bun 0.5.7- Added Deno 1.31 compat data mapping
- Added
-
3.28.0 - 2023-02-13
I highly recommend reading this: So, what's next?
- Change
Array
by copy proposal:- Methods:
Array.prototype.toReversed
Array.prototype.toSorted
Array.prototype.toSpliced
Array.prototype.with
%TypedArray%.prototype.toReversed
%TypedArray%.prototype.toSorted
%TypedArray%.prototype.with
- Moved to stable ES, January 2023 TC39 meeting
- Added
es.
namespace modules,/es/
and/stable/
namespaces entries
- Methods:
- Added
JSON.parse
source text access Stage 3 proposal- Methods:
JSON.parse
patched for supportsource
inreviver
function argumentsJSON.rawJSON
JSON.isRawJSON
JSON.stringify
patched for supportJSON.rawJSON
- Methods:
- Added
ArrayBuffer.prototype.transfer
and friends Stage 3 proposal:- Built-ins:
ArrayBuffer.prototype.detached
ArrayBuffer.prototype.transfer
(only in runtimes with nativestructuredClone
withArrayBuffer
transfer support)ArrayBuffer.prototype.transferToFixedLength
(only in runtimes with nativestructuredClone
withArrayBuffer
transfer support)
- In backwards, in runtimes with native
ArrayBuffer.prototype.transfer
, but without properstructuredClone
, addedArrayBuffer
transfer support tostructuredClone
polyfill
- Built-ins:
- Iterator Helpers proposal:
- Splitted into 2 (sync and async) proposals, async version moved back to Stage 2, January 2023 TC39 meeting
- Allowed interleaved mapping in
AsyncIterator
helpers, proposal-iterator-helpers/262
- Explicit Resource Management Stage 3 and Async Explicit Resource Management Stage 2 proposals:
InstallErrorCause
removed fromSuppressedError
, January 2023 TC39 meeting, proposal-explicit-resource-management/145- Simplified internal behaviour of
{ AsyncDisposableStack, DisposableStack }.prototype.use
, proposal-explicit-resource-management/143
- Added
Symbol
predicates Stage 2 proposal- Methods:
Symbol.isRegistered
Symbol.isWellKnown
- Methods:
Number.range
Stage 1 proposal and method renamed toIterator.range
Function.prototype.unThis
Stage 0 proposal and method renamed toFunction.prototype.demethodize
- Fixed Safari
String.prototype.toWellFormed
ToString
conversion bug - Improved some cases handling of array-replacer in
JSON.stringify
symbols handling fix - Fixed many other old
JSON.{ parse, stringify }
bugs (numbers instead of strings as keys in replacer, handling negative zeroes, spaces, some more handling symbols cases, etc.) - Fixed configurability and
ToString
conversion of some accessors - Added throwing proper errors on an incorrect context in some
ArrayBuffer
andDataView
methods - Some minor
DataView
and%TypedArray%
polyfills optimizations - Added proper error on the excess number of trailing
=
in theatob
polyfill - Fixed theoretically possible ReDoS vulnerabilities in
String.prototype.{ trim, trimEnd, trimRight }
,parse(Int|Float)
,Number
,atob
, andURL
polyfills in some ancient engines - Compat data improvements:
RegExp.prototype.flags
marked as fixed from V8 ~ Chrome 111- Added Opera Android 73 compat data mapping
- Added TypeScript definitions to
core-js-builder
- Change
-
3.27.2 - 2023-01-18
Set
methods proposal updates:- Closing of iterators of
Set
-like objects on early exit, proposal-set-methods/85 - Some other minor internal changes
- Closing of iterators of
- Added one more workaround of a
webpack
dev server bug on IE global methods, #1161 - Fixed possible
String.{ raw, cooked }
error with empty template array - Used non-standard V8
Error.captureStackTrace
instead of stack parsing in new error classes / wrappers where it's possible - Added detection correctness of iteration to
Promise.{ allSettled, any }
feature detection, Hermes issue - Compat data improvements:
- Change
Array
by copy proposal marked as supported from V8 ~ Chrome 110 - Added Samsung Internet 20 compat data mapping
- Added Quest Browser 25 compat data mapping
- Added React Native 0.71 Hermes compat data
- Added Electron 23 and 24 compat data mapping
self
marked as fixed in Deno 1.29.3, deno/17362
- Change
- Minor tweaks of minification settings for
core-js-bundle
- Refactoring, some minor fixes, improvements, optimizations
-
3.27.1 - 2022-12-29
- Fixed a Chakra-based MS Edge (18-) bug that unfreeze (O_o) frozen arrays used as
WeakMap
keys - Fixing of the previous bug also fixes some cases of
String.dedent
in MS Edge - Fixed dependencies of some entries
- Fixed a Chakra-based MS Edge (18-) bug that unfreeze (O_o) frozen arrays used as
- 3.27.0 - 2022-12-25 Read more
-
3.26.1 - 2022-11-13
- Disabled forced replacing of
Array.fromAsync
since it's on Stage 3 - Avoiding a check of the target in the internal
function-uncurry-this
helper where it's not required - minor optimization and preventing problems in some broken environments, a workaround of #1141 - V8 will not ship
Array.prototype.{ group, groupToMap }
in V8 ~ Chromium 108, proposal-array-grouping/44
- Disabled forced replacing of
- 3.26.0 - 2022-10-23
- 3.25.5 - 2022-10-03
- 3.25.4 - 2022-10-02
- 3.25.3 - 2022-09-25
- 3.25.2 - 2022-09-18
- 3.25.1 - 2022-09-07
- 3.25.0 - 2022-08-24
- 3.24.1 - 2022-07-29
- 3.24.0 - 2022-07-25
- 3.23.5 - 2022-07-17
- 3.23.4 - 2022-07-09
- 3.23.3 - 2022-06-25
- 3.23.2 - 2022-06-20
- 3.23.1 - 2022-06-14
- 3.23.0 - 2022-06-13
- 3.22.8 - 2022-06-01
- 3.22.7 - 2022-05-24
- 3.22.6 - 2022-05-22
- 3.22.5 - 2022-05-10
- 3.22.4 - 2022-05-02
Commit messages
Package name: core-js
- a54caa5 3.30.2
- 1b64296 update dependencies
- e6d7f2b update dependencies
- 8ca1838 mark `URL.canParse` as supported (fixed) from Deno 1.33.2
- c2a4945 Merge pull request #1233 from weijianfan/master
- 634f1a9 update the changelog
- f619275 Merge pull request #1242 from laverdet/master
- e840da1 update dependencies
- 1a0dfd4 Lint and "future-proof"
- a3a09f6 mark `URL.canParse` as supported (fixed) from NodeJS 20.1.0
- e587c27 update dependencies
- 9439c1d Fix `Symbol` compatibility detection under Terser
- fa0cf61 update dependencies
- 0d0f205 a little more correct workaround of `File` cloning bug
- 5d18ee0 update dependencies
- 109f538 add a link
- ac3cedd add Deno 1.33 compat data mapping
- 3769239 update dependencies
- 929010a some format change.
- 2af4b42 change the filename in Englist,change link format as original.
- 65ea143 update dependencies
- 3c5394d add a workaround for getting proper global object in Figma plugins, close #1231
- 413ebc2 update dependencies
- 447f57e update dependencies
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🔕 Ignore this dependency or unsubscribe from future upgrade PRs