search

blacklight / platypush

A versatile and extensible platform for automation with hundreds of supported integrations
https://platypush.tech
MIT License
292 stars 21 forks source link

[Snyk] Upgrade core-js from 3.15.2 to 3.19.2 #251

Closed snyk-bot closed 2 years ago

snyk-bot commented 2 years ago

Snyk has created this PR to upgrade core-js from 3.15.2 to 3.19.2.

merge advice :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Release notes
Package name: core-js
  • 3.19.2 - 2021-11-29
    • Added a workaround for a UC Browser specific version bug with unobservable RegExp#sticky flag, #1008, #1015
    • Added handling of comments and specific spaces to Function#name polyfill, #1010, thanks @ ildar-shaimordanov
    • Prevented some theoretical cases of breaking / observing the internal state by patching Array.prototype[@@ species]
    • Refactored URL and URLSearchParams
    • Added iOS Safari 15.2 compat data mapping
    • Added Electron 17.0 compat data mapping
    • Updated Deno compat data mapping
  • 3.19.1 - 2021-11-02
    • Added a workaround for FF26- bug where ArrayBuffers are non-extensible, but Object.isExtensible does not report it:
      • Fixed in Object.{ isExtensible, isSealed, isFrozen } and Reflect.isExtensible
      • Fixed handling of ArrayBuffers as collections keys
    • Fixed Object#toString on AggregateError in IE10-
    • Fixed possible lack of dependencies of WeakMap in IE8-
    • .findLast methods family marked as supported from Chrome 97
    • Fixed inheritance of Electron compat data web. modules
    • Fixed Safari 15.1 compat data (some features were not added)
    • Added iOS Safari 15.1 compat data mapping
  • 3.19.0 - 2021-10-25
    • Most built-ins are encapsulated in core-js for preventing possible cases of breaking / observing the internal state by patching / deleting of them
      • Avoid .call / .apply prototype methods that could be patched
      • Avoid instanceof operator - implicit .prototype / @@ hasInstance access that could be patched
      • Avoid RegExp#test, String#match and some over methods - implicit .exec and RegExp well-known symbols access that could be patched
    • Clearing of Error stack from extra entries experimentally added to AggregateError, #996, in case lack of problems it will be extended to other cases
    • In engines with native Symbol support, new well-known symbols created with usage Symbol.for for ensuring the same keys in different realms, #998
    • Added a workaround of a BrowserFS NodeJS process polyfill bug that incorrectly reports V8 version that's used in some cases of core-js feature detection
    • Fixed normalization of message AggregateError argument
    • Fixed order of arguments conversion in Math.scale, a spec draft bug
    • Fixed core-js-builder work in NodeJS 17, added a workaround of webpack + NodeJS 17 issue
    • Added NodeJS 17.0 compat data mapping
    • Added Opera Android 65 compat data mapping
    • Updated Electron 16.0 compat data mapping
    • Many other minor fixes and improvements
  • 3.18.3 - 2021-10-12
    • Fixed the prototype chain of AggregateError constructor that should contain Error constructor
    • Fixed incorrect AggregateError.prototype properties descriptors
    • Fixed InstallErrorCause internal operation
    • Added NodeJS 16.11 compat data mapping
    • Added Deno 1.16 compat data mapping
    • Object.hasOwn marked as supported from Safari 15.1
  • 3.18.2 - 2021-10-05
    • Early { Array, %TypedArray% }.fromAsync errors moved to the promise, per the latest changes of the spec draft
    • Internal ToInteger(OrInfinity) operation returns +0 for -0 argument, ES2020+ update
    • Fixed theoretical problems with handling bigint in Number constructor wrapper
    • Fixed String.raw with extra arguments
    • Fixed some missed dependencies in entry points
    • Some other minor fixes and improvements
    • Refactoring
  • 3.18.1 - 2021-09-26
    • Fixed String.prototype.substr feature detection and compat data
    • Removed mistakenly added .forEach from prototypes of some DOM collections where it shouldn't be, #988, #987, thanks @ moorejs
    • Added cause to AggregateError constructor implementation (still without adding to the feature detection)
    • Families of .at and .findLast methods marked as supported in Safari TP
    • Added Electron 16.0 compat data mapping
  • 3.18.0 - 2021-09-19
    • Added Array.fromAsync stage 1 proposal:
      • Array.fromAsync
      • %TypedArray%.fromAsync
    • .name and .toString() on polyfilled functions improved in many different cases
    • Improved internal IsConstructor and IsCallable checks
    • Fixed some internal cases of GetMethod operation
    • Fixed a bug of MS Edge 18- parseInt / parseFloat with boxed symbols
    • Fixed es.array.{ index-of, last-index-of } compat data
    • Added Deno 1.15 compat data mapping
    • Some other minor fixes and optimizations
  • 3.17.3 - 2021-09-09
    • Fixed some possible problems related to possible extension of %IteratorPrototype% and %AsyncIteratorPrototype% in the future
    • Fixed DOMTokenList.prototype.{ forEach, @@ iterator, keys, values, entries } in old WebKit versions where element.classList is not an instance of global DOMTokenList
    • Added NodeJS 16.9 compat data mapping
    • Added Samsung Internet 16.0 compat data mapping
  • 3.17.2 - 2021-09-02
    • Fixed missed cases of ES3 reserved words usage, related to #980
    • Fixed dependencies in one missed entry point
    • Some other minor fixes and optimizations
  • 3.17.1 - 2021-09-01
    • Fixed missed modules-by-versions data
  • 3.17.0 - 2021-09-01
  • 3.16.4 - 2021-08-29
  • 3.16.3 - 2021-08-24
  • 3.16.2 - 2021-08-17
  • 3.16.1 - 2021-08-08
  • 3.16.0 - 2021-07-30
  • 3.15.2 - 2021-06-29
from core-js GitHub release notes
Commit messages
Package name: core-js
  • e49b7f3 3.19.2
  • 52eea94 move some logic to the prototype of `URL` state
  • c4e8bb3 move some logic to state prototypes
  • 7f6670f prevent some theoretical cases of breaking / observing the internal state by patching `Array.prototype[@@ species]`
  • 48d0b3f update dependencies
  • 28f30d3 add Electron 17.0 compat data mapping
  • 8aaad88 Merge pull request #1015 from zloirock/uc-sticky
  • ab4cc84 update the changelog
  • 1ed2bd1 try to fix broken UC browser `RegExp#sticky`
  • 73804dd update dependencies
  • a4317b7 update dependencies
  • 91938c2 unpin `cli-table` since a bug was fixed
  • ef375b2 update dependencies
  • b68787a simplify `karma.conf`
  • 4d336df improve unit tests linting
  • 69e14b8 refactor tests, fix some asserts
  • 3a05507 fix a typo
  • 50ef716 update the changelog
  • 66b146d add `QUnit.assert.{ true, false }` helpers for `qunit@1`
  • 9943cee add `notSame` qunit helper
  • f1bee9e simplify qunit helpers
  • cbb60c9 Merge pull request #1010 from ildar-shaimordanov/patch-1
  • b307593 add new test asserts for es.function.name.js
  • 48d9401 follow ESLint recommendations
Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs