search

blacklight / platypush

A versatile and extensible platform for automation with hundreds of supported integrations
https://platypush.tech
MIT License
284 stars 21 forks source link

[Snyk] Upgrade core-js from 3.23.4 to 3.26.1 #352

Closed blacklight closed 1 year ago

blacklight commented 1 year ago

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade core-js from 3.23.4 to 3.26.1.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is **11 versions** ahead of your current version. - The recommended version was released **21 days ago**, on 2022-11-13.
Release notes
Package name: core-js
  • 3.26.1 - 2022-11-13
    • Disabled forced replacing of Array.fromAsync since it's on Stage 3
    • Avoiding a check of the target in the internal function-uncurry-this helper where it's not required - minor optimization and preventing problems in some broken environments, a workaround of #1141
    • V8 will not ship Array.prototype.{ group, groupToMap } in V8 ~ Chromium 108, proposal-array-grouping/44
  • 3.26.0 - 2022-10-23
  • 3.25.5 - 2022-10-03
    • Fixed regression with an error on reuse of some built-in methods from another realm, #1133
  • 3.25.4 - 2022-10-02
    • Added a workaround of a Nashorn bug with Function.prototype.{ call, apply, bind } on string methods, #1128
    • Updated lists of [Serializable] and [Transferable] objects in the structuredClone polyfill. Mainly, for better error messages if polyfilling of cloning such types is impossible
    • Array.prototype.{ group, groupToMap } marked as supported from V8 ~ Chromium 108
    • Added Electron 22 compat data mapping
  • 3.25.3 - 2022-09-25
    • Forced polyfilling of Array.prototype.groupToMap in the pure version for returning wrapped Map instances
    • Fixed existence of Array.prototype.{ findLast, findLastIndex } in /stage/4 entry
    • Added Opera Android 71 compat data mapping
    • Some stylistic changes
  • 3.25.2 - 2022-09-18
    • Considering document.all as a callable in some missed cases
    • Added Safari 16.0 compat data
    • Added iOS Safari 16.0 compat data mapping
    • Fixed some ancient iOS Safari versions compat data mapping
  • 3.25.1 - 2022-09-07
    • Added some fixes and workarounds of FF30- typed arrays bug that does not properly convert objects to numbers
    • Added sideEffects field to core-js-pure package.json for better tree shaking, #1117
    • Dropped semver dependency from core-js-compat
      • semver package (ironically) added a breaking change and dropped NodeJS 8 support in the minor 7.1 version, after that semver in core-js-compat was pinned to 7.0 since for avoiding breaking changes it should support NodeJS 8. However, since core-js-compat is usually used with other packages that use semver dependency, it causes multiple duplications of semver in dependencies. So I decided to remove semver dependency and replace it with a couple of simple helpers.
    • Added Bun 0.1.6-0.1.11 compat data
    • Added Deno 1.25 compat data mapping
    • Updated Electron 21 compat data mapping
    • Some stylistic changes, minor fixes, and improvements
  • 3.25.0 - 2022-08-24
    • Added Object.prototype.__proto__ polyfill
      • It's optional, legacy, and in some cases (mainly because of developers' mistakes) can cause problems, but some libraries depend on it, and most code can't work without the proper libraries' ecosystem
      • Only for modern engines where this feature is missed (like Deno), it's not installed in IE10- since here we have no proper way setting of the prototype
      • Without fixes of early implementations where it's not an accessor since those fixes are impossible
      • Only for the global version
    • Considering document.all as an object in some missed cases, see ECMAScript Annex B 3.6
    • Avoiding unnecessary promise creation and validation result in %WrapForValid(Async)IteratorPrototype%.return, proposal-iterator-helpers/215
    • Fixed omitting the result of proxing .return in %IteratorHelperPrototype%.return, #1116
    • Fixed the order creation of properties of iteration result object of some iterators (value should be created before done)
    • Fixed some cases of Safari < 13 bug - silent on non-writable array .length setting
    • Fixed ArrayBuffer.length in V8 ~ Chrome 27-
    • Relaxed condition of re-usage native WeakMap for internal states with multiple core-js copies
    • Availability cloning of FileList in the structuredClone polyfill extended to some more old engines versions
    • Some stylistic changes and minor fixes
    • Throwing a TypeError in core-js-compat / core-js-builder in case of passing invalid module names / filters for avoiding unexpected result, related to #1115
    • Added missed NodeJS 13.2 to esmodules core-js-compat / core-js-builder target
    • Added Electron 21 compat data mapping
    • Added Oculus Browser 23.0 compat data mapping
  • 3.24.1 - 2022-07-29
    • NodeJS is ignored in IS_BROWSER detection to avoid a false positive with jsdom, #1110
    • Fixed detection of @@ species support in Promise in some old engines
    • { Array, %TypedArray% }.prototype.{ findLast, findLastIndex } marked as shipped in FF104
    • Added iOS Safari 15.6 compat data mapping
    • Fixed Opera 15 compat data mapping
  • 3.24.0 - 2022-07-25
  • 3.23.5 - 2022-07-17
  • 3.23.4 - 2022-07-09
from core-js GitHub release notes
Commit messages
Package name: core-js
  • e47e6ed update `package-lock.json`
  • 727fe23 3.26.1
  • ebf6ee9 update the changelog
  • a9e9609 move browser test runners to `tests/unit-browser/`
  • c9ed000 update subdependencies
  • 7478c1f fix missed `cd` in `test262`
  • e503cc2 because of a npm bug, temporarily revert usage `npm --prefix` instead of `cd`
  • 5de3bef try loglevel verbose for debuging
  • 9e9cacb it seems a npm bug, try to use `--legacy-peer-deps`
  • a28fdab revert prefix path normalization
  • e5c2b2f try to normalize prefix path
  • 95e55f3 `npm i` strangely fails on windows, try to use another args order
  • a0a0719 avoid extra `cd` in `zxi`
  • f6385a3 sometimes `zx` executes scripts with top-level `await` in incorrect order, try to use `await import()` in affected cases
  • c869e2a missed `sh` in markdown
  • a82d507 update `eslint-plugin-regexp`
  • 5e5e468 update dependencies
  • b9006e7 revert previous commit
  • 832521d add zxi to bin again
  • 43e759b temporarily hardcode the current location
  • 9f762c4 oops
  • c9d6e53 don't use absolute script path
  • 407aa18 normalize file path
  • 46b5515 drop `zxi` bin because of a strange `zx` issue on windows
Compare
**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/blacklight/project/96bfd125-5816-4d9e-83c6-94d1569ab0f1?utm_source=github&utm_medium=referral&page=upgrade-pr) 🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/blacklight/project/96bfd125-5816-4d9e-83c6-94d1569ab0f1/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr) 🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/blacklight/project/96bfd125-5816-4d9e-83c6-94d1569ab0f1/settings/integration?pkg=core-js&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)