[Snyk] Upgrade core-js from 3.12.1 to 3.34.0 #218
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade core-js from 3.12.1 to 3.34.0.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version fixes:
SNYK-JS-TAR-1579155
Why? Has a fix available, CVSS 8.5
SNYK-JS-NORMALIZEURL-1296539
Why? Has a fix available, CVSS 8.5
SNYK-JS-QS-3153490
Why? Has a fix available, CVSS 8.5
SNYK-JS-QS-3153490
Why? Has a fix available, CVSS 8.5
SNYK-JS-LOADERUTILS-3043105
Why? Has a fix available, CVSS 8.5
SNYK-JS-SIMPLEGET-2361683
Why? Has a fix available, CVSS 8.5
SNYK-JS-SIMPLEGET-2361683
Why? Has a fix available, CVSS 8.5
SNYK-JS-SOCKETIOPARSER-5596892
Why? Has a fix available, CVSS 8.5
SNYK-JS-TAR-1536528
Why? Has a fix available, CVSS 8.5
SNYK-JS-JSONSCHEMA-1920922
Why? Has a fix available, CVSS 8.5
SNYK-JS-Y18N-1021887
Why? Has a fix available, CVSS 8.5
SNYK-JS-QS-3153490
Why? Has a fix available, CVSS 8.5
SNYK-JS-SEMVER-3247795
Why? Has a fix available, CVSS 8.5
SNYK-JS-SEMVER-3247795
Why? Has a fix available, CVSS 8.5
SNYK-JS-SEMVER-3247795
Why? Has a fix available, CVSS 8.5
SNYK-JS-SEMVER-3247795
Why? Has a fix available, CVSS 8.5
SNYK-JS-SHELLJS-2332187
Why? Has a fix available, CVSS 8.5
SNYK-JS-SHELLQUOTE-1766506
Why? Has a fix available, CVSS 8.5
SNYK-JS-TAR-1536531
Why? Has a fix available, CVSS 8.5
SNYK-JS-TAR-1579147
Why? Has a fix available, CVSS 8.5
SNYK-JS-TAR-1579152
Why? Has a fix available, CVSS 8.5
SNYK-JS-DECODEURICOMPONENT-3149970
Why? Has a fix available, CVSS 8.5
SNYK-JS-ENGINEIO-3136336
Why? Has a fix available, CVSS 8.5
SNYK-JS-GETFUNCNAME-5923417
Why? Has a fix available, CVSS 8.5
SNYK-JS-AXIOS-1579269
Why? Has a fix available, CVSS 8.5
SNYK-JS-BROWSERIFYSIGN-6037026
Why? Has a fix available, CVSS 8.5
SNYK-JS-TERSER-2806366
Why? Has a fix available, CVSS 8.5
SNYK-JS-NODEFETCH-2342118
Why? Has a fix available, CVSS 8.5
SNYK-JS-CONVENTIONALCOMMITSPARSER-1766960
Why? Has a fix available, CVSS 8.5
SNYK-JS-LOADERUTILS-3042992
Why? Has a fix available, CVSS 8.5
SNYK-JS-LOADERUTILS-3105943
Why? Has a fix available, CVSS 8.5
SNYK-JS-SOCKETIOPARSER-3091012
Why? Has a fix available, CVSS 8.5
SNYK-JS-SOCKETIOPARSER-3091012
Why? Has a fix available, CVSS 8.5
SNYK-JS-CACHEDPATHRELATIVE-2342653
Why? Has a fix available, CVSS 8.5
SNYK-JS-GOT-2932019
Why? Has a fix available, CVSS 8.5
SNYK-JS-GOT-2932019
Why? Has a fix available, CVSS 8.5
SNYK-JS-JSON5-3182856
Why? Has a fix available, CVSS 8.5
SNYK-JS-JSON5-3182856
Why? Has a fix available, CVSS 8.5
SNYK-JS-TRIMOFFNEWLINES-1296850
Why? Has a fix available, CVSS 8.5
SNYK-JS-UGLIFYJS-1727251
Why? Has a fix available, CVSS 8.5
SNYK-JS-PARSEURL-2935944
Why? Has a fix available, CVSS 8.5
SNYK-JS-PARSEURL-2935947
Why? Has a fix available, CVSS 8.5
SNYK-JS-PARSEURL-2936249
Why? Has a fix available, CVSS 8.5
SNYK-JS-PARSEURL-2942134
Why? Has a fix available, CVSS 8.5
SNYK-JS-PATHPARSE-1077067
Why? Has a fix available, CVSS 8.5
SNYK-JS-LOG4JS-2348757
Why? Has a fix available, CVSS 8.5
SNYK-JS-COOKIEJAR-3149984
Why? Has a fix available, CVSS 8.5
SNYK-JS-FOLLOWREDIRECTS-2332181
Why? Has a fix available, CVSS 8.5
SNYK-JS-MINIMIST-2429795
Why? Has a fix available, CVSS 8.5
SNYK-JS-TAR-1536758
Why? Has a fix available, CVSS 8.5
SNYK-JS-FOLLOWREDIRECTS-2396346
Why? Has a fix available, CVSS 8.5
SNYK-JS-BABELTRAVERSE-5962462
Why? Has a fix available, CVSS 8.5
(*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: core-js
Array
grouping proposal:Object.groupBy
Map.groupBy
es.
namespace modules,/es/
and/stable/
namespaces entriesPromise.withResolvers
proposal:Promise.withResolvers
es.
namespace module,/es/
and/stable/
namespaces entriesIterator
helpers proposal, proposal-iterator-helpers/287 and some following changes, November 2023 TC39 meetingUint8Array
to / from base64 and hex stage 2 proposal:Uint8Array.fromBase64
Uint8Array.fromHex
Uint8Array.prototype.toBase64
Uint8Array.prototype.toHex
Number.fromString
validation before clarification of proposal-number-fromstring/24@@ toStringTag
property descriptors on DOM collections, #1312Array
iteration methods, #1313atob
/btoa
improvementsPromise.withResolvers
marked as shipped from FF121[[DedentMap]]
fromString.dedent
proposal betweencore-js
instances before stabilization of the proposalArray.fromAsync
marked as supported from Deno 1.38Symbol.{ dispose, asyncDispose }
marked as supported from Deno 1.38structuredClone
polyfill, avoided second tree pass in cases of transferringSuppressedError
tostructuredClone
polyfillArrayBuffer
andDataView
dependencies ofstructuredClone
lack of which could cause errors in some entries in IE10-Number.fromString
URL.canParse
marked as supported from Chromium 120Symbol
polyfill on global object, #1289type: commonjs
inpackage.json
of all packages to avoid potential breakage in future Node versions, see this issueString.prototype.{ isWellFormed, toWellFormed }
marked as supported from FF119RegExp
escaping stage 2 proposal, September 2023 TC39 meeting:RegExp.escape
method with the new set of symbols for escapingcore-js
, but it was removed after rejecting the old version of this proposalArrayBuffer.prototype.{ transfer, transferToFixedLength }
and support transferring ofArrayBuffer
s viastructuredClone
to engines withMessageChannel
Math.f16round
polyfillMath.f16round
andDataView.prototype.{ getFloat16, setFloat16 }
Observable
proposal because of incompatibility with the new WHATWGObservable
proposalSymbol
polyfill, #1289Iterator
helpers because of some Web compatibility issuesPromise.withResolvers
marked as supported from V8 ~ Chrome 119Array
grouping proposal features marked as supported from FF119value
argument ofURLSearchParams.prototype.{ has, delete }
marked as properly supported from V8 ~ Chrome 118URL.canParse
andURLSearchParams.prototype.size
marked as supported from Bun 1.0.2structuredClone
feature detectioncore-js@3.32.1
bug, #1288eval
bug, #1287process
polyfill tocore-js
via some bundlers oresm.sh
, #1277Promise.withResolvers
marked as supported from Bun 0.7.1Array
grouping proposal, July 2023 TC39 meeting updates:/actual/
namespaces entries, unconditional forced replacement changed to feature detectionPromise.withResolvers
proposal, July 2023 TC39 meeting updates:/actual/
namespaces entries, unconditional forced replacement changed to feature detectionSet
methods stage 3 proposal, July 2023 TC39 meeting updates::Set
sizes, proposal-set-methods/88IsCallable
check inGetKeysIterator
, proposal-set-methods/101String
wrapper objects, July 2023 TC39 meeting update, proposal-iterator-helpers/281Iterator
is not constructible from the active function object (works as an abstract class)/actual/
namespace entries, unconditional forced replacement changed to feature detection[@@ dispose]()
method when hint isasync-dispose
, proposal-explicit-resource-management/180Float16Array
stage 3 proposal:Float16Array
right now, however, make sense to add some methods from this proposal.Math.f16round
DataView.prototype.getFloat16
DataView.prototype.setFloat16
DataView
get / setUint8Clamped
methods stage 1 proposal:DataView.prototype.getUint8Clamped
DataView.prototype.setUint8Clamped
value
argument ofURLSearchParams.prototype.{ has, delete }
Set
methods implementation by the actual specSymbol.{ dispose, asyncDispose }
descriptors from NodeJS 20.4 / transpilers helpers / userland codeAsyncIteratorPrototype
core-js/configurator
option, #1268Iterator
helpers proposal features marked as supported from V8 ~ Chrome 117Array
grouping proposal features marked as supported from V8 ~ Chrome 117Symbol.{ dispose, asyncDispose }
as supported from NodeJS 20.5.0 (as mentioned above, NodeJS 20.4.0 add it, but with incorrect descriptors)structuredClone
bug with cloning views of transferred buffers, #1265DataView
methodsFloat16Array
instructuredClone
Set
methods proposal marked as supported from Safari 17.0URL
features:URL.canParse
,URLSearchParams.prototype.size
andvalue
argument ofURLSearchParams.prototype.{ has, delete }
marked as supported from Safari 17.0value
argument ofURLSearchParams.prototype.{ has, delete }
marked as supported from Deno 1.35AggregateError
and well-formedJSON.stringify
marked as supported React Native 0.72 HermesRead more
Commit messages
Package name: core-js
Compare
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs