[Snyk] Upgrade core-js from 3.8.0 to 3.30.1 #2

snyk-bot · 2023-05-05T16:51:21Z

Snyk has created this PR to upgrade core-js from 3.8.0 to 3.30.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 76 versions ahead of your current version.
The recommended version was released 22 days ago, on 2023-04-13.

Release notes

Package name: core-js

3.30.1 - 2023-04-13
- Added a fix for a NodeJS 19.9.0 URL.canParse bug
- Compat data improvements:
  - JSON.parse source text access proposal features marked as supported from V8 ~ Chrome 114
  - ArrayBuffer.prototype.transfer and friends proposal features marked as supported from V8 ~ Chrome 114
  - URLSearchParams.prototype.size marked as supported from V8 ~ Chrome 113
3.30.0 - 2023-04-03
- Added URL.canParse method, url/763
- Set methods proposal:
  - Removed sort from Set.prototype.intersection, March 2023 TC39 meeting, proposal-set-methods/94
- Iterator Helpers proposals (sync, async):
  - Validate arguments before opening iterator, March 2023 TC39 meeting, proposal-iterator-helpers/265
- Explicit Resource Management proposals (sync, async):
  - (Async)DisposableStack.prototype.move marks the original stack as disposed, #1226
  - Some simplifications like proposal-explicit-resource-management/150
- Iterator.range proposal:
  - Moved to Stage 2, March 2023 TC39 meeting
- Decorator Metadata proposal:
  - Returned to usage Symbol.metadata, March 2023 TC39 meeting, proposal-decorator-metadata/12
- Compat data improvements:
  - URLSearchParams.prototype.size marked as supported from FF112, NodeJS 19.8 and Deno 1.32
  - Added Safari 16.4 compat data
  - Added Deno 1.32 compat data mapping
  - Added Electron 25 and updated 24 compat data mapping
  - Added Samsung Internet 21 compat data mapping
  - Added Quest Browser 26 compat data mapping
  - Updated Opera Android 74 compat data
3.29.1 - 2023-03-13
- Fixed dependencies of some entries
- Fixed ToString conversion / built-ins nature of some accessors
- String.prototype.{ isWellFormed, toWellFormed } marked as supported from V8 ~ Chrome 111
- Added Opera Android 74 compat data mapping
3.29.0 - 2023-02-26
- Added URLSearchParams.prototype.size getter, url/734
- Allowed cloning resizable ArrayBuffers in the structuredClone polyfill
- Fixed wrong export in /(stable|actual|full)/instance/unshift entries, #1207
- Compat data improvements:
  - Set methods proposal marked as supported from Bun 0.5.7
  - String.prototype.toWellFormed marked as fixed from Bun 0.5.7
  - Added Deno 1.31 compat data mapping
3.28.0 - 2023-02-13
I highly recommend reading this: So, what's next?
- Change Array by copy proposal:
  - Methods:
    - Array.prototype.toReversed
    - Array.prototype.toSorted
    - Array.prototype.toSpliced
    - Array.prototype.with
    - %TypedArray%.prototype.toReversed
    - %TypedArray%.prototype.toSorted
    - %TypedArray%.prototype.with
  - Moved to stable ES, January 2023 TC39 meeting
  - Added es. namespace modules, /es/ and /stable/ namespaces entries
- Added JSON.parse source text access Stage 3 proposal
  - Methods:
    - JSON.parse patched for support source in reviver function arguments
    - JSON.rawJSON
    - JSON.isRawJSON
    - JSON.stringify patched for support JSON.rawJSON
- Added ArrayBuffer.prototype.transfer and friends Stage 3 proposal:
  - Built-ins:
    - ArrayBuffer.prototype.detached
    - ArrayBuffer.prototype.transfer (only in runtimes with native structuredClone with ArrayBuffer transfer support)
    - ArrayBuffer.prototype.transferToFixedLength (only in runtimes with native structuredClone with ArrayBuffer transfer support)
  - In backwards, in runtimes with native ArrayBuffer.prototype.transfer, but without proper structuredClone, added ArrayBuffer transfer support to structuredClone polyfill
- Iterator Helpers proposal:
  - Splitted into 2 (sync and async) proposals, async version moved back to Stage 2, January 2023 TC39 meeting
  - Allowed interleaved mapping in AsyncIterator helpers, proposal-iterator-helpers/262
- Explicit Resource Management Stage 3 and Async Explicit Resource Management Stage 2 proposals:
  - InstallErrorCause removed from SuppressedError, January 2023 TC39 meeting, proposal-explicit-resource-management/145
  - Simplified internal behaviour of { AsyncDisposableStack, DisposableStack }.prototype.use, proposal-explicit-resource-management/143
- Added Symbol predicates Stage 2 proposal
  - Methods:
    - Symbol.isRegistered
    - Symbol.isWellKnown
- Number.range Stage 1 proposal and method renamed to Iterator.range
- Function.prototype.unThis Stage 0 proposal and method renamed to Function.prototype.demethodize
- Fixed Safari String.prototype.toWellFormed ToString conversion bug
- Improved some cases handling of array-replacer in JSON.stringify symbols handling fix
- Fixed many other old JSON.{ parse, stringify } bugs (numbers instead of strings as keys in replacer, handling negative zeroes, spaces, some more handling symbols cases, etc.)
- Fixed configurability and ToString conversion of some accessors
- Added throwing proper errors on an incorrect context in some ArrayBuffer and DataView methods
- Some minor DataView and %TypedArray% polyfills optimizations
- Added proper error on the excess number of trailing = in the atob polyfill
- Fixed theoretically possible ReDoS vulnerabilities in String.prototype.{ trim, trimEnd, trimRight }, parse(Int|Float), Number, atob, and URL polyfills in some ancient engines
- Compat data improvements:
  - RegExp.prototype.flags marked as fixed from V8 ~ Chrome 111
  - Added Opera Android 73 compat data mapping
- Added TypeScript definitions to core-js-builder
3.27.2 - 2023-01-18
- Set methods proposal updates:
  - Closing of iterators of Set-like objects on early exit, proposal-set-methods/85
  - Some other minor internal changes
- Added one more workaround of a webpack dev server bug on IE global methods, #1161
- Fixed possible String.{ raw, cooked } error with empty template array
- Used non-standard V8 Error.captureStackTrace instead of stack parsing in new error classes / wrappers where it's possible
- Added detection correctness of iteration to Promise.{ allSettled, any } feature detection, Hermes issue
- Compat data improvements:
  - Change Array by copy proposal marked as supported from V8 ~ Chrome 110
  - Added Samsung Internet 20 compat data mapping
  - Added Quest Browser 25 compat data mapping
  - Added React Native 0.71 Hermes compat data
  - Added Electron 23 and 24 compat data mapping
  - self marked as fixed in Deno 1.29.3, deno/17362
- Minor tweaks of minification settings for core-js-bundle
- Refactoring, some minor fixes, improvements, optimizations
3.27.1 - 2022-12-29
- Fixed a Chakra-based MS Edge (18-) bug that unfreeze (O_o) frozen arrays used as WeakMap keys
- Fixing of the previous bug also fixes some cases of String.dedent in MS Edge
- Fixed dependencies of some entries
3.27.0 - 2022-12-25
Read more
3.26.1 - 2022-11-13
- Disabled forced replacing of Array.fromAsync since it's on Stage 3
- Avoiding a check of the target in the internal function-uncurry-this helper where it's not required - minor optimization and preventing problems in some broken environments, a workaround of #1141
- V8 will not ship Array.prototype.{ group, groupToMap } in V8 ~ Chromium 108, proposal-array-grouping/44
3.26.0 - 2022-10-23
- Array.fromAsync proposal:
  - Moved to Stage 3, September TC39 meeting
  - Avoid observable side effects of %Array.prototype.values% usage in array-like branch, proposal-array-from-async/30
- Added well-formed unicode strings stage 2 proposal:
  - String.prototype.isWellFormed
  - String.prototype.toWellFormed
- Recent updates of the iterator helpers proposal:
  - Added a counter parameter to helpers, proposal-iterator-helpers/211
  - Don't await non-objects returned from functions passed to AsyncIterator helpers, proposal-iterator-helpers/239
  - { Iterator, AsyncIterator }.prototype.flatMap supports returning both - iterables and iterators, proposal-iterator-helpers/233
  - Early exit on broken .next in missed cases of { Iterator, AsyncIterator }.from, proposal-iterator-helpers/232
- Added self polyfill as a part of The Minimum Common Web Platform API, specification, #1118
- Added inverse option to core-js-compat, #1119
- Added format option to core-js-builder, #1120
- Added NodeJS 19.0 compat data
- Added Deno 1.26 and 1.27 compat data
- Added Opera Android 72 compat data mapping
- Updated Electron 22 compat data mapping
3.25.5 - 2022-10-03
3.25.4 - 2022-10-02
3.25.3 - 2022-09-25
3.25.2 - 2022-09-18
3.25.1 - 2022-09-07
3.25.0 - 2022-08-24
3.24.1 - 2022-07-29
3.24.0 - 2022-07-25
3.23.5 - 2022-07-17
3.23.4 - 2022-07-09
3.23.3 - 2022-06-25
3.23.2 - 2022-06-20
3.23.1 - 2022-06-14
3.23.0 - 2022-06-13
3.22.8 - 2022-06-01
3.22.7 - 2022-05-24
3.22.6 - 2022-05-22
3.22.5 - 2022-05-10
3.22.4 - 2022-05-02
3.22.3 - 2022-04-28
3.22.2 - 2022-04-21
3.22.1 - 2022-04-19
3.22.0 - 2022-04-15
3.21.1 - 2022-02-16
3.21.0 - 2022-02-01
3.20.3 - 2022-01-15
3.20.2 - 2022-01-01
3.20.1 - 2021-12-23
3.20.0 - 2021-12-15
3.19.3 - 2021-12-06
3.19.2 - 2021-11-29
3.19.1 - 2021-11-02
3.19.0 - 2021-10-25
3.18.3 - 2021-10-12
3.18.2 - 2021-10-05
3.18.1 - 2021-09-26
3.18.0 - 2021-09-19
3.17.3 - 2021-09-09
3.17.2 - 2021-09-02
3.17.1 - 2021-09-01
3.17.0 - 2021-09-01
3.16.4 - 2021-08-29
3.16.3 - 2021-08-24
3.16.2 - 2021-08-17
3.16.1 - 2021-08-08
3.16.0 - 2021-07-30
3.15.2 - 2021-06-29
3.15.1 - 2021-06-22
3.15.0 - 2021-06-20
3.14.0 - 2021-06-05
3.13.1 - 2021-05-29
3.13.0 - 2021-05-25
3.12.1 - 2021-05-08
3.12.0 - 2021-05-06
3.11.3 - 2021-05-05
3.11.2 - 2021-05-03
3.11.1 - 2021-04-28
3.11.0 - 2021-04-22
3.10.2 - 2021-04-19
3.10.1 - 2021-04-07
3.10.0 - 2021-03-31
3.9.1 - 2021-02-28
3.9.0 - 2021-02-18
3.8.3 - 2021-01-19
3.8.2 - 2021-01-03
3.8.1 - 2020-12-06
3.8.0 - 2020-11-25