openbudgetoakland icon indicating copy to clipboard operation
openbudgetoakland copied to clipboard

Published 20 hours ago verified publisher icon openoakland

[Snyk] Upgrade core-js from 3.19.0 to 3.21.1

Open nydame opened this issue 2 years ago • 0 comments

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade core-js from 3.19.0 to 3.21.1.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 9 versions ahead of your current version.
  • The recommended version was released 2 months ago, on 2022-02-16.
Release notes
Package name: core-js
  • 3.21.1 - 2022-02-16
    • Added a bugfix for the WebKit Array.prototype.{ groupBy, groupByToMap } implementation
    • core-js-compat targets parser transforms engine names to lower case
    • atob / btoa marked as fixed in NodeJS 17.5
    • Added Electron 18.0 compat data mapping
    • Added Deno 1.20 compat data mapping
  • 3.21.0 - 2022-02-01
    • Added Base64 utility methods:
      • atob
      • btoa
    • Added the proper validation of arguments to some methods from web standards
    • Forced replacement of all features from early-stage proposals for avoiding possible web compatibility issues in the future
    • Added Rhino 1.7.14 compat data
    • Added Deno 1.19 compat data mapping
    • Added Opera Android 66 and 67 compat data mapping
    • Added iOS Safari 15.3 and 15.4 compat data mapping
  • 3.20.3 - 2022-01-15
    • Detects and replaces broken third-party Function#bind polyfills, uses only native Function#bind in the internals
    • structuredClone should throw an error if no arguments passed
    • Changed the structure of notes in __core-js_shared__
  • 3.20.2 - 2022-01-01
  • 3.20.1 - 2021-12-23
    • Fixed the order of calling reactions of already fulfilled / rejected promises in Promise.prototype.then, #1026
    • Fixed possible memory leak in specific promise chains
    • Fixed some missed dependencies of entries
    • Added Deno 1.18 compat data mapping
  • 3.20.0 - 2021-12-15
    • Added structuredClone method from the HTML spec, see MDN
      • Includes all cases of cloning and transferring of required ECMAScript and platform types that can be polyfilled, for the details see the caveats
      • Uses native structured cloning algorithm implementations where it's possible
      • Includes the new semantic of errors cloning from html/5749
    • Added DOMException polyfill, the Web IDL spec, see MDN
      • Includes DOMException and its attributes polyfills with fixes of many different engines bugs
      • Includes DOMException#stack property polyfill in engines that should have it
      • Reuses native DOMException implementations where it's possible (for example, in old NodeJS where it's not exposed as global)
    • Added support of cause on all Error types
    • Added Error.prototype.toString method polyfill with fixes of many different bugs of JS engines
    • Added Number.prototype.toExponential method polyfill with fixes of many different bugs of JS engines
    • Array grouping proposal:
      • Moved to stage 3
      • Added Array.prototype.groupByToMap method
      • Removed @@ species support
    • Added change Array by copy stage 2 proposal:
      • Array.prototype.toReversed
      • Array.prototype.toSorted
      • Array.prototype.toSpliced
      • Array.prototype.with
      • %TypedArray%.prototype.toReversed
      • %TypedArray%.prototype.toSorted
      • %TypedArray%.prototype.toSpliced
      • %TypedArray%.prototype.with
    • Added Iterator.prototype.toAsync method from the iterator helpers stage 2 proposal
    • Array.fromAsync proposal moved to stage 2
    • Added String.cooked stage 1 proposal:
    • Added Function.prototype.unThis stage 0 proposal
    • Added Function.{ isCallable, isConstructor } stage 0 proposal:
      • Function.isCallable
      • Function.isConstructor
    • Added a workaround of most cases breakage modern String#at after loading obsolete String#at proposal module, #1019
    • Fixed Array.prototype.{ values, @@ iterator }.name in V8 ~ Chrome 45-
    • Fixed validation of typed arrays in typed arrays iteration methods in V8 ~ Chrome 50-
    • Extension of the API, #1012
      • Added a new core-js/actual/** namespace
      • Added entry points for each finished post-ES6 proposal
  • 3.19.3 - 2021-12-06
    • Fixed internal slots check in methods of some built-in types, #1017
    • Fixed URLSearchParams iterator .next that should be enumerable by the spec
    • Refactored Subscription
    • Added NodeJS 17.2 compat data mapping
  • 3.19.2 - 2021-11-29
    • Added a workaround for a UC Browser specific version bug with unobservable RegExp#sticky flag, #1008, #1015
    • Added handling of comments and specific spaces to Function#name polyfill, #1010, thanks @ ildar-shaimordanov
    • Prevented some theoretical cases of breaking / observing the internal state by patching Array.prototype[@@ species]
    • Refactored URL and URLSearchParams
    • Added iOS Safari 15.2 compat data mapping
    • Added Electron 17.0 compat data mapping
    • Updated Deno compat data mapping
  • 3.19.1 - 2021-11-02
    • Added a workaround for FF26- bug where ArrayBuffers are non-extensible, but Object.isExtensible does not report it:
      • Fixed in Object.{ isExtensible, isSealed, isFrozen } and Reflect.isExtensible
      • Fixed handling of ArrayBuffers as collections keys
    • Fixed Object#toString on AggregateError in IE10-
    • Fixed possible lack of dependencies of WeakMap in IE8-
    • .findLast methods family marked as supported from Chrome 97
    • Fixed inheritance of Electron compat data web. modules
    • Fixed Safari 15.1 compat data (some features were not added)
    • Added iOS Safari 15.1 compat data mapping
  • 3.19.0 - 2021-10-25
    • Most built-ins are encapsulated in core-js for preventing possible cases of breaking / observing the internal state by patching / deleting of them
      • Avoid .call / .apply prototype methods that could be patched
      • Avoid instanceof operator - implicit .prototype / @@ hasInstance access that could be patched
      • Avoid RegExp#test, String#match and some over methods - implicit .exec and RegExp well-known symbols access that could be patched
    • Clearing of Error stack from extra entries experimentally added to AggregateError, #996, in case lack of problems it will be extended to other cases
    • In engines with native Symbol support, new well-known symbols created with usage Symbol.for for ensuring the same keys in different realms, #998
    • Added a workaround of a BrowserFS NodeJS process polyfill bug that incorrectly reports V8 version that's used in some cases of core-js feature detection
    • Fixed normalization of message AggregateError argument
    • Fixed order of arguments conversion in Math.scale, a spec draft bug
    • Fixed core-js-builder work in NodeJS 17, added a workaround of webpack + NodeJS 17 issue
    • Added NodeJS 17.0 compat data mapping
    • Added Opera Android 65 compat data mapping
    • Updated Electron 16.0 compat data mapping
    • Many other minor fixes and improvements
from core-js GitHub release notes
Commit messages
Package name: core-js
  • eb9229a 3.21.1
  • ea62b2e transform engine names to lower case in `core-js-compat` targets parser
  • 2e532d6 update dependencies
  • 42eea35 update dependencies
  • cf4ba30 add Deno 1.20 compat data mapping
  • 55a5195 pin `npm` since a bug on Windows still is not fixed
  • 3ebe589 add a bugfix for the WebKit `Array.prototype.{ groupBy, groupByToMap }` implementation
  • 94c7055 update dependencies
  • d51b8de update dependencies
  • e507298 take into account `core-js-bundle` in `downloads-by-versions` script
  • 4c4655d move `usage` script to `playwright`
  • b746e19 update dependencies
  • de54899 use the official Alexa Rank data source
  • 77ca4f7 update dependencies
  • a3f5916 update dependencies
  • 2701cea update dependencies
  • ac784d7 update dependencies
  • c5d4e23 mark `atob` / `btoa` as fixed in the next minor NodeJS version
  • 76ab60d update dependencies
  • 6df7c31 add Electron 18.0 compat data mapping
  • 32492dc 3.21.0
  • 248a3ea forced replacement of all methods from early stage proposals for avoiding possible web compatibility issues in the future
  • 985d127 update dependencies
  • 4faa860 [WIP] Add `atob` / `btoa` (#1036)

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

nydame avatar Apr 27 '22 23:04 nydame