[Snyk] Upgrade core-js from 3.43.0 to 3.45.1 #131
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Snyk has created this PR to upgrade core-js from 3.43.0 to 3.45.1. See this package in npm: core-js See this project in Snyk: https://app.snyk.io/org/amadib/project/8a730815-f675-44ec-8705-018fca4ed2ec?utm_source=github&utm_medium=referral&page=upgrade-pr
|
|
1 similar comment
|
|
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade core-js from 3.43.0 to 3.45.1.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 3 versions ahead of your current version.
The recommended version was released 2 months ago.
Issues fixed by the recommended upgrade:
SNYK-JS-SHAJS-12089400
Release notes
Package name: core-js
-
3.45.1 - 2025-08-20
- Changes v3.45.0...v3.45.1 (30 commits)
- Fixed a conflict of native methods from
- Added
- Compat data improvements:
- Added Samsung Internet 29 compat data mapping
- Added Electron 39 compat data mapping
-
3.45.0 - 2025-08-04
- Changes v3.44.0...v3.45.0 (70 commits)
- Built-ins:
- Moved to stable ES, July 2025 TC39 meeting
- Added
- Added detection of a Webkit bug:
- Built-ins:
- Moved to stable ES, July 2025 TC39 meeting
- Added
- Built-ins:
- Moved to stage 3, July 2025 TC39 meeting
- Added
- Built-ins:
- Moved to stage 3, July 2025 TC39 meeting
- Added
- Added missing dependencies to some entries of static
- Fixed Joint Iteration proposal in
- Compat data improvements:
- Updated Electron 38 compat data mapping
- Added Opera Android 91 compat data mapping
-
3.44.0 - 2025-07-07
- Changes v3.43.0...v3.44.0 (87 commits)
- Fixed several V8 bugs in
- Joint iteration stage 2.7 proposal:
- Uses
- Added built-ins:
- Fixed some cases of
- Added missing dependencies to some entries of static
- Added missing
- Some minor stylistic changes
- Compat data improvements:
- Added Electron 38 and 39 compat data mapping
- Added Oculus Quest Browser 38 and 39 compat data mapping
-
3.43.0 - 2025-06-09
- Changes v3.42.0...v3.43.0 (139 commits)
- Explicit Resource Management proposals:
- Built-ins:
- Moved to stable ES, May 2025 TC39 meeting
- Added
- Built-ins:
- Moved to stable ES, May 2025 TC39 meeting
- Added
- Built-ins:
- Moved to stable ES, May 2025 TC39 meeting
- Added
- Added Joint iteration stage 2.7 proposal:
- Added built-ins:
- Added
- Added built-ins:
- Built-ins:
- Moved to stage 2, May 2025 TC39 meeting
- Removed a
- Always check regular expression flags by
- Improved handling of
- Added feature detection for a WebKit bug that occurs when
- Added feature detection for a WebKit bug that occurs when iterator record of a set-like object isn't called before cloning
- Added feature detection for a bug in V8 ~ Chromium < 126. Following methods should throw an error on invalid iterator:
- Added feature detection for a WebKit bug: incorrect exception thrown by
- Added feature detection for a FF bug: incorrect exception thrown by
- Added feature detection for a WebKit bug:
- Worked around a bug of many different tools (example) with incorrect transforming and breaking JS syntax on getting a method from a number literal
- Fixed deoptimization of the
- Added some missed dependencies to
- Some other minor fixes and improvements
- Compat data improvements:
- Added Deno 2.3 and Deno 2.3.2 compat data mapping
- Updated Electron 37 compat data mapping
- Added Opera Android 90 compat data mapping
- Iterators closing on early errors in
from core-js GitHub release notesMapupsert proposal with polyfilled methods in the pure versionbugsfields topackage.jsonof all packagesMapupsert proposal features marked as shipped from Bun 1.2.20Uint8Arrayto / from base64 and hex proposal:Uint8Array.fromBase64Uint8Array.fromHexUint8Array.prototype.setFromBase64Uint8Array.prototype.setFromHexUint8Array.prototype.toBase64Uint8Array.prototype.toHexes.namespace modules,/es/and/stable/namespaces entriesUint8ArrayfromBase64 / setFromBase64 does not throw an error on incorrect length of base64 stringMath.sumPreciseproposal:Math.sumPrecisees.namespace module,/es/and/stable/namespaces entriesIteratorsequencing proposal:Iterator.concat/actual/namespace entries, unconditional forced replacement changed to feature detectionMapupsert proposal:Map.prototype.getOrInsertMap.prototype.getOrInsertComputedWeakMap.prototype.getOrInsertWeakMap.prototype.getOrInsertComputed/actual/namespace entries, unconditional forced replacement changed to feature detectionIteratormethods/stage/entriesUint8Arrayto / from base64 and hex proposal features marked as supported from V8 ~ Chromium 140Uint8Array.{ fromBase64, prototype.setFromBase64 }marked as unsupported in Safari and supported only from Bun 1.2.20 because of a bug: it does not throw an error on incorrect length of base64 string%TypedArray%.prototype.withmarked as fixed in Safari 26.0Uint8Arrayto / from base64 and hex stage 3 proposal:Uint8Array.fromHexandUint8Array.prototype.{ setFromBase64, toBase64, toHex }, thanks @ brc-ddGetinIterator.zipKeyed, following tc39/proposal-joint-iteration#43Iteratorsequencing stage 2.7 proposal:Iterator.concatno longer reusesIteratorResultobject of concatenated iterators, following tc39/proposal-iterator-sequencing#26Iteratorchunking stage 2 proposal:Iterator.prototype.slidingNumber.prototype.clampstage 2 proposal:clampno longer throws an error onNaNasminormax, following tc39/proposal-math-clamp#d2387791c265edf66fbe2455eab919016717ce6fSet.prototype.{ symmetricDifference, union }detectionIteratormethods/full/{ instance, number/virtual }/clampentriesIteratorhelpers marked as fixed and updated following the latest spec changes in Safari 26.0Set.prototype.{ difference, symmetricDifference, union }marked as fixed in Safari 26.0SuppressedErrormarked as fixed in FF141Error.isErrormarked as fixed in Node 24.3setImmediateandclearImmediatemarked as available from Deno 2.4Math.sumPrecisemarked as shipped in Bun 1.2.18%TypedArray%.prototype.withmarked as fixed in Bun 1.2.18Symbol.disposeSymbol.asyncDisposeSuppressedErrorDisposableStackDisposableStack.prototype.disposeDisposableStack.prototype.useDisposableStack.prototype.adoptDisposableStack.prototype.deferDisposableStack.prototype.moveDisposableStack.prototype[@@ dispose]AsyncDisposableStackAsyncDisposableStack.prototype.disposeAsyncAsyncDisposableStack.prototype.useAsyncDisposableStack.prototype.adoptAsyncDisposableStack.prototype.deferAsyncDisposableStack.prototype.moveAsyncDisposableStack.prototype[@@ asyncDispose]Iterator.prototype[@@ dispose]AsyncIterator.prototype[@@ asyncDispose]es.namespace module,/es/and/stable/namespaces entriesArray.fromAsyncproposal:Array.fromAsynces.namespace module,/es/and/stable/namespaces entriesError.isErrorproposal:Error.isErrores.namespace module,/es/and/stable/namespaces entriesIterator.zipIterator.zipKeyedIteratorchunking stage 2 proposal:Iterator.prototype.chunksIterator.prototype.windowsNumber.prototype.clampproposal:Number.prototype.clampMath.clampwas replaced withNumber.prototype.clampRangeErrorifmin <= maxor+0min and-0max, tc39/proposal-math-clamp/#22flagsgetter PR. Native methods are not fixed, only own implementation updated for:RegExp.prototype[@@ match]RegExp.prototype[@@ replace]RegExpflags in polyfills of some methods in engines without proper support ofRegExp.prototype.flagsand without polyfill of this getterthisis updated whileSet.prototype.differenceis being executedthisin the following methods:Set.prototype.symmetricDifferenceSet.prototype.unionIterator.prototype.dropIterator.prototype.filterIterator.prototype.flatMapIterator.prototype.mapIterator.fromwhen underlying iterator'sreturnmethod isnullArray.prototype.withwhen index coercion failsTypedArray.prototype.withshould truncate negative fractional index to zero, but instead throws an errorPromisepolyfill in the pure version/iterator/flat-mapentriesError.isErrormarked not supported in Node because of a bugSet.prototype.differencemarked as not supported in Safari and supported only from Bun 1.2.5 because of a bugSet.prototype.{ symmetricDifference, union }marked as not supported in Safari and supported only from Bun 1.2.5 because of a bugIterator.frommarked as not supported in Safari and supported only from Bun 1.2.5 because of a bugIteratorhelpers marked as implemented from FF141Array.prototype.withmarked as supported only from FF140 because it throws an incorrect exception when index coercion failsTypedArray.prototype.withmarked as unsupported in Bun and Safari because it should truncate negative fractional index to zero, but instead throws an errorDisposableStackandAsyncDisposableStackmarked as shipped in FF141 (SuppressedErrorhas a bug)AsyncDisposableStackbugs marked as fixed in Deno 2.3.2SuppressedErrorbugs (extra arguments support and arity) marked as fixed in Bun 1.2.15Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information: