alfred icon indicating copy to clipboard operation
alfred copied to clipboard

Published 20 hours ago verified publisher icon kaethorn

[Snyk] Upgrade core-js from 3.22.4 to 3.30.2

Open kaethorn opened this issue 1 year ago • 0 comments

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade core-js from 3.22.4 to 3.30.2.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 29 versions ahead of your current version.
  • The recommended version was released a month ago, on 2023-05-06.
Release notes
Package name: core-js
  • 3.30.2 - 2023-05-06
    • Added a fix for a NodeJS 20.0.0 bug with cloning File via structuredClone
    • Added protection from Terser unsafe String optimization, #1242
    • Added a workaround for getting proper global object in Figma plugins, #1231
    • Compat data improvements:
  • 3.30.1 - 2023-04-13
  • 3.30.0 - 2023-04-03
  • 3.29.1 - 2023-03-13
  • 3.29.0 - 2023-02-26
    • Added URLSearchParams.prototype.size getter, url/734
    • Allowed cloning resizable ArrayBuffers in the structuredClone polyfill
    • Fixed wrong export in /(stable|actual|full)/instance/unshift entries, #1207
    • Compat data improvements:
      • Set methods proposal marked as supported from Bun 0.5.7
      • String.prototype.toWellFormed marked as fixed from Bun 0.5.7
      • Added Deno 1.31 compat data mapping
  • 3.28.0 - 2023-02-13

    I highly recommend reading this: So, what's next?

    • Change Array by copy proposal:
      • Methods:
        • Array.prototype.toReversed
        • Array.prototype.toSorted
        • Array.prototype.toSpliced
        • Array.prototype.with
        • %TypedArray%.prototype.toReversed
        • %TypedArray%.prototype.toSorted
        • %TypedArray%.prototype.with
      • Moved to stable ES, January 2023 TC39 meeting
      • Added es. namespace modules, /es/ and /stable/ namespaces entries
    • Added JSON.parse source text access Stage 3 proposal
      • Methods:
        • JSON.parse patched for support source in reviver function arguments
        • JSON.rawJSON
        • JSON.isRawJSON
        • JSON.stringify patched for support JSON.rawJSON
    • Added ArrayBuffer.prototype.transfer and friends Stage 3 proposal:
      • Built-ins:
        • ArrayBuffer.prototype.detached
        • ArrayBuffer.prototype.transfer (only in runtimes with native structuredClone with ArrayBuffer transfer support)
        • ArrayBuffer.prototype.transferToFixedLength (only in runtimes with native structuredClone with ArrayBuffer transfer support)
      • In backwards, in runtimes with native ArrayBuffer.prototype.transfer, but without proper structuredClone, added ArrayBuffer transfer support to structuredClone polyfill
    • Iterator Helpers proposal:
    • Explicit Resource Management Stage 3 and Async Explicit Resource Management Stage 2 proposals:
    • Added Symbol predicates Stage 2 proposal
      • Methods:
        • Symbol.isRegistered
        • Symbol.isWellKnown
    • Number.range Stage 1 proposal and method renamed to Iterator.range
    • Function.prototype.unThis Stage 0 proposal and method renamed to Function.prototype.demethodize
    • Fixed Safari String.prototype.toWellFormed ToString conversion bug
    • Improved some cases handling of array-replacer in JSON.stringify symbols handling fix
    • Fixed many other old JSON.{ parse, stringify } bugs (numbers instead of strings as keys in replacer, handling negative zeroes, spaces, some more handling symbols cases, etc.)
    • Fixed configurability and ToString conversion of some accessors
    • Added throwing proper errors on an incorrect context in some ArrayBuffer and DataView methods
    • Some minor DataView and %TypedArray% polyfills optimizations
    • Added proper error on the excess number of trailing = in the atob polyfill
    • Fixed theoretically possible ReDoS vulnerabilities in String.prototype.{ trim, trimEnd, trimRight }, parse(Int|Float), Number, atob, and URL polyfills in some ancient engines
    • Compat data improvements:
      • RegExp.prototype.flags marked as fixed from V8 ~ Chrome 111
      • Added Opera Android 73 compat data mapping
    • Added TypeScript definitions to core-js-builder
  • 3.27.2 - 2023-01-18
    • Set methods proposal updates:
      • Closing of iterators of Set-like objects on early exit, proposal-set-methods/85
      • Some other minor internal changes
    • Added one more workaround of a webpack dev server bug on IE global methods, #1161
    • Fixed possible String.{ raw, cooked } error with empty template array
    • Used non-standard V8 Error.captureStackTrace instead of stack parsing in new error classes / wrappers where it's possible
    • Added detection correctness of iteration to Promise.{ allSettled, any } feature detection, Hermes issue
    • Compat data improvements:
      • Change Array by copy proposal marked as supported from V8 ~ Chrome 110
      • Added Samsung Internet 20 compat data mapping
      • Added Quest Browser 25 compat data mapping
      • Added React Native 0.71 Hermes compat data
      • Added Electron 23 and 24 compat data mapping
      • self marked as fixed in Deno 1.29.3, deno/17362
    • Minor tweaks of minification settings for core-js-bundle
    • Refactoring, some minor fixes, improvements, optimizations
  • 3.27.1 - 2022-12-29
    • Fixed a Chakra-based MS Edge (18-) bug that unfreeze (O_o) frozen arrays used as WeakMap keys
    • Fixing of the previous bug also fixes some cases of String.dedent in MS Edge
    • Fixed dependencies of some entries
  • 3.27.0 - 2022-12-25 Read more
  • 3.26.1 - 2022-11-13
    • Disabled forced replacing of Array.fromAsync since it's on Stage 3
    • Avoiding a check of the target in the internal function-uncurry-this helper where it's not required - minor optimization and preventing problems in some broken environments, a workaround of #1141
    • V8 will not ship Array.prototype.{ group, groupToMap } in V8 ~ Chromium 108, proposal-array-grouping/44
  • 3.26.0 - 2022-10-23
  • 3.25.5 - 2022-10-03
  • 3.25.4 - 2022-10-02
  • 3.25.3 - 2022-09-25
  • 3.25.2 - 2022-09-18
  • 3.25.1 - 2022-09-07
  • 3.25.0 - 2022-08-24
  • 3.24.1 - 2022-07-29
  • 3.24.0 - 2022-07-25
  • 3.23.5 - 2022-07-17
  • 3.23.4 - 2022-07-09
  • 3.23.3 - 2022-06-25
  • 3.23.2 - 2022-06-20
  • 3.23.1 - 2022-06-14
  • 3.23.0 - 2022-06-13
  • 3.22.8 - 2022-06-01
  • 3.22.7 - 2022-05-24
  • 3.22.6 - 2022-05-22
  • 3.22.5 - 2022-05-10
  • 3.22.4 - 2022-05-02
from core-js GitHub release notes
Commit messages
Package name: core-js
  • a54caa5 3.30.2
  • 1b64296 update dependencies
  • e6d7f2b update dependencies
  • 8ca1838 mark `URL.canParse` as supported (fixed) from Deno 1.33.2
  • c2a4945 Merge pull request #1233 from weijianfan/master
  • 634f1a9 update the changelog
  • f619275 Merge pull request #1242 from laverdet/master
  • e840da1 update dependencies
  • 1a0dfd4 Lint and "future-proof"
  • a3a09f6 mark `URL.canParse` as supported (fixed) from NodeJS 20.1.0
  • e587c27 update dependencies
  • 9439c1d Fix `Symbol` compatibility detection under Terser
  • fa0cf61 update dependencies
  • 0d0f205 a little more correct workaround of `File` cloning bug
  • 5d18ee0 update dependencies
  • 109f538 add a link
  • ac3cedd add Deno 1.33 compat data mapping
  • 3769239 update dependencies
  • 929010a some format change.
  • 2af4b42 change the filename in Englist,change link format as original.
  • 65ea143 update dependencies
  • 3c5394d add a workaround for getting proper global object in Figma plugins, close #1231
  • 413ebc2 update dependencies
  • 447f57e update dependencies

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

kaethorn avatar Jun 05 '23 16:06 kaethorn