[security] polyfill.io included via outdated RubixML fork

[tgoeg]

Not posting this secretly as this is already known across the web.

This apps composer.json includes rubixML via https://github.com/nextcloud-deps/RubixML That repo is behind the current master of RubixML which has this already fixed.

Still including it: https://github.com/nextcloud-deps/RubixML/blob/master/mkdocs.yml

Already fixed: https://github.com/RubixML/ML/commit/fef1033456f3b347e05b0a193919120b415f4127

I don't know who's responsible for the nextcloud-deps fork, but please either use another, current source or (make people) update the fork. Thanks!