Skip to content
This repository has been archived by the owner on Sep 1, 2023. It is now read-only.

[Snyk] Upgrade core-js from 3.18.0 to 3.20.3 #233

Closed

Conversation

snyk-bot
Copy link

Snyk has created this PR to upgrade core-js from 3.18.0 to 3.20.3.

merge advice
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


  • The recommended version is 11 versions ahead of your current version.
  • The recommended version was released a month ago, on 2022-01-15.
Release notes
Package name: core-js
  • 3.20.3 - 2022-01-15
    • Detects and replaces broken third-party Function#bind polyfills, uses only native Function#bind in the internals
    • structuredClone should throw an error if no arguments passed
    • Changed the structure of notes in __core-js_shared__
  • 3.20.2 - 2022-01-01
  • 3.20.1 - 2021-12-23
    • Fixed the order of calling reactions of already fulfilled / rejected promises in Promise.prototype.then, #1026
    • Fixed possible memory leak in specific promise chains
    • Fixed some missed dependencies of entries
    • Added Deno 1.18 compat data mapping
  • 3.20.0 - 2021-12-15
    • Added structuredClone method from the HTML spec, see MDN
      • Includes all cases of cloning and transferring of required ECMAScript and platform types that can be polyfilled, for the details see the caveats
      • Uses native structured cloning algorithm implementations where it's possible
      • Includes the new semantic of errors cloning from html/5749
    • Added DOMException polyfill, the Web IDL spec, see MDN
      • Includes DOMException and its attributes polyfills with fixes of many different engines bugs
      • Includes DOMException#stack property polyfill in engines that should have it
      • Reuses native DOMException implementations where it's possible (for example, in old NodeJS where it's not exposed as global)
    • Added support of cause on all Error types
    • Added Error.prototype.toString method polyfill with fixes of many different bugs of JS engines
    • Added Number.prototype.toExponential method polyfill with fixes of many different bugs of JS engines
    • Array grouping proposal:
      • Moved to stage 3
      • Added Array.prototype.groupByToMap method
      • Removed @@ species support
    • Added change Array by copy stage 2 proposal:
      • Array.prototype.toReversed
      • Array.prototype.toSorted
      • Array.prototype.toSpliced
      • Array.prototype.with
      • %TypedArray%.prototype.toReversed
      • %TypedArray%.prototype.toSorted
      • %TypedArray%.prototype.toSpliced
      • %TypedArray%.prototype.with
    • Added Iterator.prototype.toAsync method from the iterator helpers stage 2 proposal
    • Array.fromAsync proposal moved to stage 2
    • Added String.cooked stage 1 proposal:
    • Added Function.prototype.unThis stage 0 proposal
    • Added Function.{ isCallable, isConstructor } stage 0 proposal:
      • Function.isCallable
      • Function.isConstructor
    • Added a workaround of most cases breakage modern String#at after loading obsolete String#at proposal module, #1019
    • Fixed Array.prototype.{ values, @@ iterator }.name in V8 ~ Chrome 45-
    • Fixed validation of typed arrays in typed arrays iteration methods in V8 ~ Chrome 50-
    • Extension of the API, #1012
      • Added a new core-js/actual/** namespace
      • Added entry points for each finished post-ES6 proposal
  • 3.19.3 - 2021-12-06
    • Fixed internal slots check in methods of some built-in types, #1017
    • Fixed URLSearchParams iterator .next that should be enumerable by the spec
    • Refactored Subscription
    • Added NodeJS 17.2 compat data mapping
  • 3.19.2 - 2021-11-29
    • Added a workaround for a UC Browser specific version bug with unobservable RegExp#sticky flag, #1008, #1015
    • Added handling of comments and specific spaces to Function#name polyfill, #1010, thanks @ ildar-shaimordanov
    • Prevented some theoretical cases of breaking / observing the internal state by patching Array.prototype[@@ species]
    • Refactored URL and URLSearchParams
    • Added iOS Safari 15.2 compat data mapping
    • Added Electron 17.0 compat data mapping
    • Updated Deno compat data mapping
  • 3.19.1 - 2021-11-02
    • Added a workaround for FF26- bug where ArrayBuffers are non-extensible, but Object.isExtensible does not report it:
      • Fixed in Object.{ isExtensible, isSealed, isFrozen } and Reflect.isExtensible
      • Fixed handling of ArrayBuffers as collections keys
    • Fixed Object#toString on AggregateError in IE10-
    • Fixed possible lack of dependencies of WeakMap in IE8-
    • .findLast methods family marked as supported from Chrome 97
    • Fixed inheritance of Electron compat data web. modules
    • Fixed Safari 15.1 compat data (some features were not added)
    • Added iOS Safari 15.1 compat data mapping
  • 3.19.0 - 2021-10-25
    • Most built-ins are encapsulated in core-js for preventing possible cases of breaking / observing the internal state by patching / deleting of them
      • Avoid .call / .apply prototype methods that could be patched
      • Avoid instanceof operator - implicit .prototype / @@ hasInstance access that could be patched
      • Avoid RegExp#test, String#match and some over methods - implicit .exec and RegExp well-known symbols access that could be patched
    • Clearing of Error stack from extra entries experimentally added to AggregateError, #996, in case lack of problems it will be extended to other cases
    • In engines with native Symbol support, new well-known symbols created with usage Symbol.for for ensuring the same keys in different realms, #998
    • Added a workaround of a BrowserFS NodeJS process polyfill bug that incorrectly reports V8 version that's used in some cases of core-js feature detection
    • Fixed normalization of message AggregateError argument
    • Fixed order of arguments conversion in Math.scale, a spec draft bug
    • Fixed core-js-builder work in NodeJS 17, added a workaround of webpack + NodeJS 17 issue
    • Added NodeJS 17.0 compat data mapping
    • Added Opera Android 65 compat data mapping
    • Updated Electron 16.0 compat data mapping
    • Many other minor fixes and improvements
  • 3.18.3 - 2021-10-12
    • Fixed the prototype chain of AggregateError constructor that should contain Error constructor
    • Fixed incorrect AggregateError.prototype properties descriptors
    • Fixed InstallErrorCause internal operation
    • Added NodeJS 16.11 compat data mapping
    • Added Deno 1.16 compat data mapping
    • Object.hasOwn marked as supported from Safari 15.1
  • 3.18.2 - 2021-10-05
    • Early { Array, %TypedArray% }.fromAsync errors moved to the promise, per the latest changes of the spec draft
    • Internal ToInteger(OrInfinity) operation returns +0 for -0 argument, ES2020+ update
    • Fixed theoretical problems with handling bigint in Number constructor wrapper
    • Fixed String.raw with extra arguments
    • Fixed some missed dependencies in entry points
    • Some other minor fixes and improvements
    • Refactoring
  • 3.18.1 - 2021-09-26
  • 3.18.0 - 2021-09-19
from core-js GitHub release notes
Commit messages
Package name: core-js
  • 4bcdaf8 3.20.3
  • 61d15fd update the changelog
  • 9ef0526 update dependencies
  • d85dd8c update dependencies
  • f00f917 update dependencies, pin `colors`
  • 4f12ebe `structuredClone` should throw an error if no arguments passed
  • 336eae4 update dependencies
  • 18cb22b update the changelog
  • 1a3c1ca avoid internal usage of third-party `.bind` polyfills, close #1034
  • b4534bd detect and replace broken third-party `Function#bind` polyfills
  • cceecb7 improve `CONTRIBUTING.md`
  • ce0392b change a link to the license in the code, add a link to the source
  • ca3cbdc improve `CONTRIBUTING.md`
  • 04a2c8a improve `CONTRIBUTING.md`
  • 328f48a use the same year format in the copyright everywhere
  • 6c6340f Corrections (#1033)
  • da5b543 update dependencies
  • 844d525 fix a typo and rephrase
  • da1bf15 3.20.2
  • fa69b3a clarification
  • 2c3a962 update the year
  • 1ff3a8c update `eslint-plugin-unicorn`
  • 53846c1 update dependencies
  • a4219cb Merge pull request #1030 from zhangenming/patch-2

Compare


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

@jdsmithit jdsmithit closed this Apr 27, 2022
@SEQUOIIA SEQUOIIA deleted the snyk-upgrade-6c4257b987739db4cc7de8c7d73b74a8 branch March 20, 2023 09:49
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants