[Snyk] Upgrade core-js from 3.21.0 to 3.30.2

[snyk-bot]

Snyk has created this PR to upgrade core-js from 3.21.0 to 3.30.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 35 versions ahead of your current version.
• The recommended version was released a month ago, on 2023-05-06.

Release notes

Package name: core-js

• 3.30.2 - 2023-05-06
  
  • Added a fix for a NodeJS 20.0.0 bug with cloning File via structuredClone
  • Added protection from Terser unsafe String optimization, #1242
  • Added a workaround for getting proper global object in Figma plugins, #1231
  • Compat data improvements:
    • Added NodeJS 20.0 compat data mapping
    • Added Deno 1.33 compat data mapping
    • URL.canParse marked as supported (fixed) from NodeJS 20.1.0 and Deno 1.33.2
• 3.30.1 - 2023-04-13
  
  • Added a fix for a NodeJS 19.9.0 URL.canParse bug
  • Compat data improvements:
    • JSON.parse source text access proposal features marked as supported from V8 ~ Chrome 114
    • ArrayBuffer.prototype.transfer and friends proposal features marked as supported from V8 ~ Chrome 114
    • URLSearchParams.prototype.size marked as supported from V8 ~ Chrome 113
• 3.30.0 - 2023-04-03
  
  • Added URL.canParse method, url/763
  • Set methods proposal:
    • Removed sort from Set.prototype.intersection, March 2023 TC39 meeting, proposal-set-methods/94
  • Iterator Helpers proposals (sync, async):
    • Validate arguments before opening iterator, March 2023 TC39 meeting, proposal-iterator-helpers/265
  • Explicit Resource Management proposals (sync, async):
    • (Async)DisposableStack.prototype.move marks the original stack as disposed, #1226
    • Some simplifications like proposal-explicit-resource-management/150
  • Iterator.range proposal:
    • Moved to Stage 2, March 2023 TC39 meeting
  • Decorator Metadata proposal:
    • Returned to usage Symbol.metadata, March 2023 TC39 meeting, proposal-decorator-metadata/12
  • Compat data improvements:
    • URLSearchParams.prototype.size marked as supported from FF112, NodeJS 19.8 and Deno 1.32
    • Added Safari 16.4 compat data
    • Added Deno 1.32 compat data mapping
    • Added Electron 25 and updated 24 compat data mapping
    • Added Samsung Internet 21 compat data mapping
    • Added Quest Browser 26 compat data mapping
    • Updated Opera Android 74 compat data
• 3.29.1 - 2023-03-13
  
  • Fixed dependencies of some entries
  • Fixed ToString conversion / built-ins nature of some accessors
  • String.prototype.{ isWellFormed, toWellFormed } marked as supported from V8 ~ Chrome 111
  • Added Opera Android 74 compat data mapping
• 3.29.0 - 2023-02-26
  
  • Added URLSearchParams.prototype.size getter, url/734
  • Allowed cloning resizable ArrayBuffers in the structuredClone polyfill
  • Fixed wrong export in /(stable|actual|full)/instance/unshift entries, #1207
  • Compat data improvements:
    • Set methods proposal marked as supported from Bun 0.5.7
    • String.prototype.toWellFormed marked as fixed from Bun 0.5.7
    • Added Deno 1.31 compat data mapping
• 3.28.0 - 2023-02-13
  

  I highly recommend reading this: So, what's next?

  • Change Array by copy proposal:
    • Methods:
      • Array.prototype.toReversed
      • Array.prototype.toSorted
      • Array.prototype.toSpliced
      • Array.prototype.with
      • %TypedArray%.prototype.toReversed
      • %TypedArray%.prototype.toSorted
      • %TypedArray%.prototype.with
    • Moved to stable ES, January 2023 TC39 meeting
    • Added es. namespace modules, /es/ and /stable/ namespaces entries
  • Added JSON.parse source text access Stage 3 proposal
    • Methods:
      • JSON.parse patched for support source in reviver function arguments
      • JSON.rawJSON
      • JSON.isRawJSON
      • JSON.stringify patched for support JSON.rawJSON
  • Added ArrayBuffer.prototype.transfer and friends Stage 3 proposal:
    • Built-ins:
      • ArrayBuffer.prototype.detached
      • ArrayBuffer.prototype.transfer (only in runtimes with native structuredClone with ArrayBuffer transfer support)
      • ArrayBuffer.prototype.transferToFixedLength (only in runtimes with native structuredClone with ArrayBuffer transfer support)
    • In backwards, in runtimes with native ArrayBuffer.prototype.transfer, but without proper structuredClone, added ArrayBuffer transfer support to structuredClone polyfill
  • Iterator Helpers proposal:
    • Splitted into 2 (sync and async) proposals, async version moved back to Stage 2, January 2023 TC39 meeting
    • Allowed interleaved mapping in AsyncIterator helpers, proposal-iterator-helpers/262
  • Explicit Resource Management Stage 3 and Async Explicit Resource Management Stage 2 proposals:
    • InstallErrorCause removed from SuppressedError, January 2023 TC39 meeting, proposal-explicit-resource-management/145
    • Simplified internal behaviour of { AsyncDisposableStack, DisposableStack }.prototype.use, proposal-explicit-resource-management/143
  • Added Symbol predicates Stage 2 proposal
    • Methods:
      • Symbol.isRegistered
      • Symbol.isWellKnown
  • Number.range Stage 1 proposal and method renamed to Iterator.range
  • Function.prototype.unThis Stage 0 proposal and method renamed to Function.prototype.demethodize
  • Fixed Safari String.prototype.toWellFormed ToString conversion bug
  • Improved some cases handling of array-replacer in JSON.stringify symbols handling fix
  • Fixed many other old JSON.{ parse, stringify } bugs (numbers instead of strings as keys in replacer, handling negative zeroes, spaces, some more handling symbols cases, etc.)
  • Fixed configurability and ToString conversion of some accessors
  • Added throwing proper errors on an incorrect context in some ArrayBuffer and DataView methods
  • Some minor DataView and %TypedArray% polyfills optimizations
  • Added proper error on the excess number of trailing = in the atob polyfill
  • Fixed theoretically possible ReDoS vulnerabilities in String.prototype.{ trim, trimEnd, trimRight }, parse(Int|Float), Number, atob, and URL polyfills in some ancient engines
  • Compat data improvements:
    • RegExp.prototype.flags marked as fixed from V8 ~ Chrome 111
    • Added Opera Android 73 compat data mapping
  • Added TypeScript definitions to core-js-builder
• 3.27.2 - 2023-01-18
  
  • Set methods proposal updates:
    • Closing of iterators of Set-like objects on early exit, proposal-set-methods/85
    • Some other minor internal changes
  • Added one more workaround of a webpack dev server bug on IE global methods, #1161
  • Fixed possible String.{ raw, cooked } error with empty template array
  • Used non-standard V8 Error.captureStackTrace instead of stack parsing in new error classes / wrappers where it's possible
  • Added detection correctness of iteration to Promise.{ allSettled, any } feature detection, Hermes issue
  • Compat data improvements:
    • Change Array by copy proposal marked as supported from V8 ~ Chrome 110
    • Added Samsung Internet 20 compat data mapping
    • Added Quest Browser 25 compat data mapping
    • Added React Native 0.71 Hermes compat data
    • Added Electron 23 and 24 compat data mapping
    • self marked as fixed in Deno 1.29.3, deno/17362
  • Minor tweaks of minification settings for core-js-bundle
  • Refactoring, some minor fixes, improvements, optimizations
• 3.27.1 - 2022-12-29
  
  • Fixed a Chakra-based MS Edge (18-) bug that unfreeze (O_o) frozen arrays used as WeakMap keys
  • Fixing of the previous bug also fixes some cases of String.dedent in MS Edge
  • Fixed dependencies of some entries
• 3.27.0 - 2022-12-25
  Read more
• 3.26.1 - 2022-11-13
  
  • Disabled forced replacing of Array.fromAsync since it's on Stage 3
  • Avoiding a check of the target in the internal function-uncurry-this helper where it's not required - minor optimization and preventing problems in some broken environments, a workaround of #1141
  • V8 will not ship Array.prototype.{ group, groupToMap } in V8 ~ Chromium 108, proposal-array-grouping/44
• 3.26.0 - 2022-10-23
• 3.25.5 - 2022-10-03
• 3.25.4 - 2022-10-02
• 3.25.3 - 2022-09-25
• 3.25.2 - 2022-09-18
• 3.25.1 - 2022-09-07
• 3.25.0 - 2022-08-24
• 3.24.1 - 2022-07-29
• 3.24.0 - 2022-07-25
• 3.23.5 - 2022-07-17
• 3.23.4 - 2022-07-09
• 3.23.3 - 2022-06-25
• 3.23.2 - 2022-06-20
• 3.23.1 - 2022-06-14
• 3.23.0 - 2022-06-13
• 3.22.8 - 2022-06-01
• 3.22.7 - 2022-05-24
• 3.22.6 - 2022-05-22
• 3.22.5 - 2022-05-10
• 3.22.4 - 2022-05-02
• 3.22.3 - 2022-04-28
• 3.22.2 - 2022-04-21
• 3.22.1 - 2022-04-19
• 3.22.0 - 2022-04-15
• 3.21.1 - 2022-02-16
• 3.21.0 - 2022-02-01

from core-js GitHub release notes

Commit messages

Package name: core-js

• a54caa5 3.30.2
• 1b64296 update dependencies
• e6d7f2b update dependencies
• 8ca1838 mark `URL.canParse` as supported (fixed) from Deno 1.33.2
• c2a4945 Merge pull request #1233 from weijianfan/master
• 634f1a9 update the changelog
• f619275 Merge pull request #1242 from laverdet/master
• e840da1 update dependencies
• 1a0dfd4 Lint and "future-proof"
• a3a09f6 mark `URL.canParse` as supported (fixed) from NodeJS 20.1.0
• e587c27 update dependencies
• 9439c1d Fix `Symbol` compatibility detection under Terser
• fa0cf61 update dependencies
• 0d0f205 a little more correct workaround of `File` cloning bug
• 5d18ee0 update dependencies
• 109f538 add a link
• ac3cedd add Deno 1.33 compat data mapping
• 3769239 update dependencies
• 929010a some format change.
• 2af4b42 change the filename in Englist,change link format as original.
• 65ea143 update dependencies
• 3c5394d add a workaround for getting proper global object in Figma plugins, close #1231
• 413ebc2 update dependencies
• 447f57e update dependencies

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs