ArrayBuffer.prototype.transfer (only in runtimes with native structuredClone with ArrayBuffer transfer support)
ArrayBuffer.prototype.transferToFixedLength (only in runtimes with native structuredClone with ArrayBuffer transfer support)
In backwards, in runtimes with native ArrayBuffer.prototype.transfer, but without proper structuredClone, added ArrayBuffer transfer support to structuredClone polyfill
Improved some cases handling of array-replacer in JSON.stringify symbols handling fix
Fixed many other old JSON.{ parse, stringify } bugs (numbers instead of strings as keys in replacer, handling negative zeroes, spaces, some more handling symbols cases, etc.)
Fixed configurability and ToString conversion of some accessors
Added throwing proper errors on an incorrect context in some ArrayBuffer and DataView methods
Some minor DataView and %TypedArray% polyfills optimizations
Added proper error on the excess number of trailing = in the atob polyfill
Fixed theoretically possible ReDoS vulnerabilities in String.prototype.{ trim, trimEnd, trimRight }, parse(Int|Float), Number, atob, and URL polyfills in some ancient engines
Compat data improvements:
RegExp.prototype.flags marked as fixed from V8 ~ Chrome 111
This version was pushed to npm by zloirock, a new releaser for core-js since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps core-js from 3.20.2 to 3.28.0.
Changelog
Sourced from core-js's changelog.
... (truncated)
Commits
6f721fa
refresh93ad467
3.28.091e0347
so, what's next?39c079b
throw proper errors on an incorrect context in someArrayBuffer
and `DataVi...7e0399d
some fixes139abbf
addArrayBuffer.prototype.transfer
and friends Stage 3 proposal44cf9e8
fix theoretically possible ReDoS vulnerabilities2e44954
fix Safari 9JSON.parse
bug with handling negative zero + some whitespacesbe7ea2c
improve handling of strings wrapped torawJSON
e21fe93
add some testsMaintainer changes
This version was pushed to npm by zloirock, a new releaser for core-js since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)