build(deps): bump core-js from 3.32.1 to 3.39.0

[dependabot[bot]]

Bumps core-js from 3.32.1 to 3.39.0.

Changelog

Sourced from core-js's changelog.

3.39.0 - 2024.10.31

• Changes v3.38.1...v3.39.0
• Iterator helpers proposal:
  • Built-ins:
    • Iterator
      • Iterator.from
      • Iterator.prototype.drop
      • Iterator.prototype.every
      • Iterator.prototype.filter
      • Iterator.prototype.find
      • Iterator.prototype.flatMap
      • Iterator.prototype.forEach
      • Iterator.prototype.map
      • Iterator.prototype.reduce
      • Iterator.prototype.some
      • Iterator.prototype.take
      • Iterator.prototype.toArray
      • Iterator.prototype[@@toStringTag]
  • Moved to stable ES, October 2024 TC39 meeting
  • Added es. namespace modules, /es/ and /stable/ namespaces entries
• Promise.try:
  • Built-ins:
    • Promise.try
  • Moved to stable ES, October 2024 TC39 meeting
  • Added es. namespace module, /es/ and /stable/ namespaces entries
  • Fixed /actual|full/promise/try entries for the callback arguments support
• Math.sumPrecise proposal:
  • Built-ins:
    • Math.sumPrecise
  • Moved to stage 3, October 2024 TC39 meeting
  • Added /actual/ namespace entries, unconditional forced replacement changed to feature detection
• Added Iterator sequencing stage 2.7 proposal:
  • Added built-ins:
    • Iterator.concat
• Map upsert stage 2 proposal:
  • Updated to the new API following the October 2024 TC39 meeting
  • Added built-ins:
    • Map.prototype.getOrInsert
    • Map.prototype.getOrInsertComputed
    • WeakMap.prototype.getOrInsert
    • WeakMap.prototype.getOrInsertComputed
• Extractors proposal moved to stage 2, October 2024 TC39 meeting
• Usage of @@species pattern removed from %TypedArray% and ArrayBuffer methods, tc39/ecma262/3450:
  • Built-ins:
    • %TypedArray%.prototype.filter
    • %TypedArray%.prototype.filterReject
    • %TypedArray%.prototype.map
    • %TypedArray%.prototype.slice
    • %TypedArray%.prototype.subarray
    • ArrayBuffer.prototype.slice

... (truncated)

Commits

• fe6d2d6 v3.39.0
• 751bbae add Iterator sequencing stage 2.7 proposal
• 227a758 update some links, add some missed links
• 4bdfd91 normalize key in Map.prototype.getOrInsertComputed
• 2b189d3 validate WeakMap key before callbackfn call in `WeakMap.prototype.getOrIn...
• e3e9f37 update Map upsert proposal to the new API
• fa5b026 update transferable objects list instructuredClone implementation
• fbc4e4f remove usage of @@species pattern from %TypedArray% and ArrayBuffer met...
• ce0402d move extractors proposa to stage 2
• 71d37cb move Promise.try to stable ES
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions[bot]]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
npm/core-js	3.39.0	:green_circle: 5.3	Details Check Score Reason Code-Review :warning: 0 Found 0/30 approved changesets -- score normalized to 0 Maintained :green_circle: 10 30 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :green_circle: 10 GitHub workflow tokens follow principle of least privilege Security-Policy :green_circle: 10 security policy file detected Branch-Protection :warning: 0 branch protection not enabled on development/release branches SAST :warning: 0 no SAST tool detected Pinned-Dependencies :green_circle: 5 dependency not pinned by hash detected -- score normalized to 5 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :warning: 0 17 existing vulnerabilities detected
npm/core-js	^3.39.0	:green_circle: 5.3	Details Check Score Reason Code-Review :warning: 0 Found 0/30 approved changesets -- score normalized to 0 Maintained :green_circle: 10 30 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :green_circle: 10 GitHub workflow tokens follow principle of least privilege Security-Policy :green_circle: 10 security policy file detected Branch-Protection :warning: 0 branch protection not enabled on development/release branches SAST :warning: 0 no SAST tool detected Pinned-Dependencies :green_circle: 5 dependency not pinned by hash detected -- score normalized to 5 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :warning: 0 17 existing vulnerabilities detected

Scanned Files

• package-lock.json
• package.json