[Snyk] Upgrade core-js from 2.5.7 to 3.33.1

[WontonSam]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade core-js from 2.5.7 to 3.33.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

Warning: This is a major version upgrade, and may be a breaking change.

• The recommended version is 155 versions ahead of your current version.
• The recommended version was released a month ago, on 2023-10-20.

Release notes

Package name: core-js

• 3.33.1 - 2023-10-20
  
  • Added one more workaround of possible error with Symbol polyfill on global object, #1289
  • Directly specified type: commonjs in package.json of all packages to avoid potential breakage in future Node versions, see this issue
  • Prevented potential issue with lack of some dependencies after automatic optimization polyfills of some methods in the pure version
  • Some minor internal fixes and optimizations
  • Compat data improvements:
    • String.prototype.{ isWellFormed, toWellFormed } marked as supported from FF119
    • Added React Native 0.73 Hermes compat data, mainly fixes of some issues
    • Added NodeJS 21.0 compat data mapping
• 3.33.0 - 2023-10-01
  
  • Re-introduced RegExp escaping stage 2 proposal, September 2023 TC39 meeting:
    • Added RegExp.escape method with the new set of symbols for escaping
    • Some years ago, it was presented in core-js, but it was removed after rejecting the old version of this proposal
  • Added ArrayBuffer.prototype.{ transfer, transferToFixedLength } and support transferring of ArrayBuffers via structuredClone to engines with MessageChannel
  • Optimized Math.f16round polyfill
  • Fixed some conversion cases of Math.f16round and DataView.prototype.{ getFloat16, setFloat16 }
  • Fully forced polyfilling of the TC39 Observable proposal because of incompatibility with the new WHATWG Observable proposal
  • Added an extra workaround of errors with exotic environment objects in Symbol polyfill, #1289
  • Some minor fixes and stylistic changes
  • Compat data improvements:
    • V8 unshipped Iterator helpers because of some Web compatibility issues
    • Promise.withResolvers marked as supported from V8 ~ Chrome 119
    • Array grouping proposal features marked as supported from FF119
    • value argument of URLSearchParams.prototype.{ has, delete } marked as properly supported from V8 ~ Chrome 118
    • URL.canParse and URLSearchParams.prototype.size marked as supported from Bun 1.0.2
    • Added Deno 1.37 compat data mapping
    • Added Electron 28 compat data mapping
    • Added Opera Android 78 compat data mapping
• 3.32.2 - 2023-09-07
  
  • Fixed structuredClone feature detection [email protected] bug, #1288
  • Added a workaround of old WebKit + eval bug, #1287
  • Compat data improvements:
    • Added Samsung Internet 23 compat data mapping
    • Added Quest Browser 29 compat data mapping
• 3.32.1 - 2023-08-18
  
  • Fixed some cases of IEEE754 rounding, #1279, thanks @ petamoriken
  • Prevented injection process polyfill to core-js via some bundlers or esm.sh, #1277
  • Some minor fixes and stylistic changes
  • Compat data improvements:
    • Promise.withResolvers marked as supported from Bun 0.7.1
    • Added Opera Android 77 compat data mapping
    • Updated Electron 27 compat data mapping
• 3.32.0 - 2023-07-27
  
  • Array grouping proposal, July 2023 TC39 meeting updates:
    • Moved back to stage 3
    • Added /actual/ namespaces entries, unconditional forced replacement changed to feature detection
  • Promise.withResolvers proposal, July 2023 TC39 meeting updates:
    • Moved to stage 3
    • Added /actual/ namespaces entries, unconditional forced replacement changed to feature detection
  • Set methods stage 3 proposal, July 2023 TC39 meeting updates::
    • Throw on negative Set sizes, proposal-set-methods/88
    • Removed IsCallable check in GetKeysIterator, proposal-set-methods/101
  • Iterator Helpers stage 3 proposal:
    • Avoid creating observable String wrapper objects, July 2023 TC39 meeting update, proposal-iterator-helpers/281
    • Iterator is not constructible from the active function object (works as an abstract class)
  • Async explicit resource management:
    • Moved back into the initial proposal -> moved to stage 3, proposal-explicit-resource-management/154
    • Added /actual/ namespace entries, unconditional forced replacement changed to feature detection
    • Ignore return value of [@@ dispose]() method when hint is async-dispose, proposal-explicit-resource-management/180
    • Added ticks for empty resources, proposal-explicit-resource-management/163
  • Added some methods from Float16Array stage 3 proposal:
    • There are some reason why I don't want to add Float16Array right now, however, make sense to add some methods from this proposal.
    • Methods:
      • Math.f16round
      • DataView.prototype.getFloat16
      • DataView.prototype.setFloat16
  • Added DataView get / set Uint8Clamped methods stage 1 proposal:
    • Methods:
      • DataView.prototype.getUint8Clamped
      • DataView.prototype.setUint8Clamped
  • Used strict mode in some missed cases, #1269
  • Fixed a Chromium 117 bug in value argument of URLSearchParams.prototype.{ has, delete }
  • Fixed early WebKit ~ Safari 17.0 beta Set methods implementation by the actual spec
  • Fixed incorrect Symbol.{ dispose, asyncDispose } descriptors from NodeJS 20.4 / transpilers helpers / userland code
  • Fixed forced polyfilling of some iterator helpers that should return wrapped iterator in the pure version
  • Fixed and exposed AsyncIteratorPrototype core-js/configurator option, #1268
  • Compat data improvements:
    • Sync Iterator helpers proposal features marked as supported from V8 ~ Chrome 117
    • Array grouping proposal features marked as supported from V8 ~ Chrome 117
    • Mark Symbol.{ dispose, asyncDispose } as supported from NodeJS 20.5.0 (as mentioned above, NodeJS 20.4.0 add it, but with incorrect descriptors)
    • Added Electron 27 compat data mapping
• 3.31.1 - 2023-07-06
  
  • Fixed a structuredClone bug with cloning views of transferred buffers, #1265
  • Fixed the order of arguments validation in DataView methods
  • Allowed cloning of Float16Array in structuredClone
  • Compat data improvements:
    • Set methods proposal marked as supported from Safari 17.0
    • New URL features: URL.canParse, URLSearchParams.prototype.size and value argument of URLSearchParams.prototype.{ has, delete } marked as supported from Safari 17.0
    • value argument of URLSearchParams.prototype.{ has, delete } marked as supported from Deno 1.35
    • AggregateError and well-formed JSON.stringify marked as supported React Native 0.72 Hermes
    • Added Deno 1.35 compat data mapping
    • Added Quest Browser 28 compat data mapping
    • Added missing NodeJS 12.16-12.22 compat data mapping
    • Updated Opera Android 76 compat data mapping
• 3.31.0 - 2023-06-11
  
  • Well-formed unicode strings proposal:
    • Methods:
      • String.prototype.isWellFormed method
      • String.prototype.toWellFormed method
    • Moved to stable ES, May 2023 TC39 meeting
    • Added es. namespace modules, /es/ and /stable/ namespaces entries
  • Array grouping proposal, May 2023 TC39 meeting updates:
    • Because of the web compat issue, moved from prototype to static methods. Added:
      • Object.groupBy method
      • Map.groupBy method (with the actual semantic - with a minor difference it was present in the collections methods stage 1 proposal)
    • Demoted to stage 2
  • Decorator Metadata proposal, May 2023 TC39 meeting updates:
    • Moved to stage 3
    • Added Function.prototype[Symbol.metadata] (=== null)
    • Added /actual/ entries
  • Iterator Helpers stage 3 proposal:
    • Changed Symbol.iterator fallback from callable check to undefined / null check, May 2023 TC39 meeting, proposal-iterator-helpers/272
    • Removed IsCallable check on NextMethod, deferring errors to Call site, May 2023 TC39 meeting, proposal-iterator-helpers/274
  • Added Promise.withResolvers stage 2 proposal:
    • Promise.withResolvers method
  • Symbol predicates stage 2 proposal:
    • The methods renamed to end with Symbol, May 2023 TC39 meeting:
      • Symbol.isRegistered -> Symbol.isRegisteredSymbol method
      • Symbol.isWellKnown -> Symbol.isWellKnownSymbol method
  • Added value argument of URLSearchParams.prototype.{ has, delete }, url/735
  • Fixed some cases of increasing buffer size in ArrayBuffer.prototype.{ transfer, transferToFixedLength } polyfills
  • Fixed awaiting async AsyncDisposableStack.prototype.adopt callback, #1258
  • Fixed URLSearchParams#size in ES3 engines (IE8-)
  • Added a workaround in Object.{ entries, values } for some IE versions bug with invisible integer keys on null-prototype objects
  • Added TypeScript definitions to core-js-compat, #1235, thanks @ susnux
  • Compat data improvements:
    • Set.prototype.difference that was missed in Bun because of a bug added in 0.6.0
    • Array.prototype.{ group, groupToMap } marked as no longer supported in WebKit runtimes because of the mentioned above web compat issue. For example, it's disabled from Bun 0.6.2
    • Methods from the change Array by copy proposal marked as supported from FF115
    • Array.fromAsync marked as supported from FF115
    • URL.canParse marked as supported from FF115
    • value argument of URLSearchParams.prototype.{ has, delete } marked as supported from NodeJS 20.2.0 and FF115
    • Added Deno 1.34 compat data mapping
    • Added Electron 26 compat data mapping
    • Added Samsung Internet 22 compat data mapping
    • Added Opera Android 75 and 76 compat data mapping
    • Added Quest Browser 27 compat data mapping
• 3.30.2 - 2023-05-06
  
  • Added a fix for a NodeJS 20.0.0 bug with cloning File via structuredClone
  • Added protection from Terser unsafe String optimization, #1242
  • Added a workaround for getting proper global object in Figma plugins, #1231
  • Compat data improvements:
    • Added NodeJS 20.0 compat data mapping
    • Added Deno 1.33 compat data mapping
    • URL.canParse marked as supported (fixed) from NodeJS 20.1.0 and Deno 1.33.2
• 3.30.1 - 2023-04-13
  
  • Added a fix for a NodeJS 19.9.0 URL.canParse bug
  • Compat data improvements:
    • JSON.parse source text access proposal features marked as supported from V8 ~ Chrome 114
    • ArrayBuffer.prototype.transfer and friends proposal features marked as supported from V8 ~ Chrome 114
    • URLSearchParams.prototype.size marked as supported from V8 ~ Chrome 113
• 3.30.0 - 2023-04-03
  Read more
• 3.29.1 - 2023-03-13
• 3.29.0 - 2023-02-26
• 3.28.0 - 2023-02-13
• 3.27.2 - 2023-01-18
• 3.27.1 - 2022-12-29
• 3.27.0 - 2022-12-25
• 3.26.1 - 2022-11-13
• 3.26.0 - 2022-10-23
• 3.25.5 - 2022-10-03
• 3.25.4 - 2022-10-02
• 3.25.3 - 2022-09-25
• 3.25.2 - 2022-09-18
• 3.25.1 - 2022-09-07
• 3.25.0 - 2022-08-24
• 3.24.1 - 2022-07-29
• 3.24.0 - 2022-07-25
• 3.23.5 - 2022-07-17
• 3.23.4 - 2022-07-09
• 3.23.3 - 2022-06-25
• 3.23.2 - 2022-06-20
• 3.23.1 - 2022-06-14
• 3.23.0 - 2022-06-13
• 3.22.8 - 2022-06-01
• 3.22.7 - 2022-05-24
• 3.22.6 - 2022-05-22
• 3.22.5 - 2022-05-10
• 3.22.4 - 2022-05-02
• 3.22.3 - 2022-04-28
• 3.22.2 - 2022-04-21
• 3.22.1 - 2022-04-19
• 3.22.0 - 2022-04-15
• 3.21.1 - 2022-02-16
• 3.21.0 - 2022-02-01
• 3.20.3 - 2022-01-15
• 3.20.2 - 2022-01-01
• 3.20.1 - 2021-12-23
• 3.20.0 - 2021-12-15
• 3.19.3 - 2021-12-06
• 3.19.2 - 2021-11-29
• 3.19.1 - 2021-11-02
• 3.19.0 - 2021-10-25
• 3.18.3 - 2021-10-12
• 3.18.2 - 2021-10-05
• 3.18.1 - 2021-09-26
• 3.18.0 - 2021-09-19
• 3.17.3 - 2021-09-09
• 3.17.2 - 2021-09-02
• 3.17.1 - 2021-09-01
• 3.17.0 - 2021-09-01
• 3.16.4 - 2021-08-29
• 3.16.3 - 2021-08-24
• 3.16.2 - 2021-08-17
• 3.16.1 - 2021-08-08
• 3.16.0 - 2021-07-30
• 3.15.2 - 2021-06-29
• 3.15.1 - 2021-06-22
• 3.15.0 - 2021-06-20
• 3.14.0 - 2021-06-05
• 3.13.1 - 2021-05-29
• 3.13.0 - 2021-05-25
• 3.12.1 - 2021-05-08
• 3.12.0 - 2021-05-06
• 3.11.3 - 2021-05-05
• 3.11.2 - 2021-05-03
• 3.11.1 - 2021-04-28
• 3.11.0 - 2021-04-22
• 3.10.2 - 2021-04-19
• 3.10.1 - 2021-04-07
• 3.10.0 - 2021-03-31
• 3.9.1 - 2021-02-28
• 3.9.0 - 2021-02-18
• 3.8.3 - 2021-01-19
• 3.8.2 - 2021-01-03
• 3.8.1 - 2020-12-06
• 3.8.0 - 2020-11-25
• 3.7.0 - 2020-11-06
• 3.6.5 - 2020-04-09
• 3.6.4 - 2020-01-13
• 3.6.3 - 2020-01-10
• 3.6.2 - 2020-01-06
• 3.6.1 - 2019-12-25
• 3.6.0 - 2019-12-18
• 3.5.0 - 2019-12-12
• 3.4.8 - 2019-12-08
• 3.4.7 - 2019-12-02
• 3.4.6 - 2019-12-02
• 3.4.5 - 2019-11-27
• 3.4.4 - 2019-11-27
• 3.4.3 - 2019-11-26
• 3.4.2 - 2019-11-21
• 3.4.1 - 2019-11-12
• 3.4.0 - 2019-11-06
• 3.3.6 - 2019-10-31
• 3.3.5 - 2019-10-28
• 3.3.4 - 2019-10-25
• 3.3.3 - 2019-10-21
• 3.3.2 - 2019-10-14
• 3.3.1 - 2019-10-13
• 3.3.0 - 2019-10-13
• 3.2.1 - 2019-08-12
• 3.2.0 - 2019-08-08
• 3.1.4 - 2019-06-15
• 3.1.3 - 2019-05-27
• 3.1.2 - 2019-05-21
• 3.1.1 - 2019-05-20
• 3.1.0 - 2019-05-19
• 3.0.1 - 2019-04-06
• 3.0.0 - 2019-03-19
• 3.0.0-beta.20 - 2019-03-17
• 3.0.0-beta.19 - 2019-03-14
• 3.0.0-beta.18 - 2019-03-09
• 3.0.0-beta.17 - 2019-03-09
• 3.0.0-beta.16 - 2019-02-18
• 3.0.0-beta.15 - 2019-02-09
• 3.0.0-beta.14 - 2019-02-07
• 3.0.0-beta.13 - 2019-02-04
• 3.0.0-beta.12 - 2019-02-02
• 3.0.0-beta.11 - 2019-01-27
• 3.0.0-beta.10 - 2019-01-22
• 3.0.0-beta.9 - 2019-01-17
• 3.0.0-beta.8 - 2019-01-10
• 3.0.0-beta.7 - 2018-12-27
• 3.0.0-beta.6 - 2018-12-18
• 3.0.0-beta.5 - 2018-12-11
• 3.0.0-beta.4 - 2018-12-04
• 3.0.0-beta.3 - 2018-06-07
• 3.0.0-beta.2 - 2018-05-26
• 3.0.0-beta.1 - 2018-05-19
• 3.0.0-alpha.4 - 2018-04-09
• 3.0.0-alpha.3 - 2018-03-30
• 3.0.0-alpha.2 - 2018-03-27
• 3.0.0-alpha.1 - 2018-03-26
• 2.6.12 - 2020-11-25
• 2.6.11 - 2019-12-08
• 2.6.10 - 2019-10-13
• 2.6.9 - 2019-05-27
• 2.6.8 - 2019-05-21
• 2.6.7 - 2019-05-20
• 2.6.6 - 2019-05-19
• 2.6.5 - 2019-02-15
• 2.6.4 - 2019-02-07
• 2.6.3 - 2019-01-22
• 2.6.2 - 2019-01-10
• 2.6.1 - 2018-12-18
• 2.6.0 - 2018-12-05
• 2.5.7 - 2018-05-26

from core-js GitHub release notes

Commit messages

Package name: core-js

• 55bec56 use node 21 on ci
• 98ef021 drop node 16 from ci (it's eol and some observables tests deps no longer works on it)
• adc588c 3.33.1
• d47cb73 fix `stable/instance/for-each` dependencies
• 3bba892 reuse `get-built-in-prototype-method` in some entries
• c68c6d7 prevent potential issue with lack of some dependencies after automatic optimization polyfills of some methods in the pure version
• 9a76ac2 add one more workaround of possible error with `Symbol` polyfill on global object
• 74582eb use actual `URLSearchParams` iterator `@@ toStringTag`
• 037fced avoid usage intermediate array iterator in `URLSearchParams` iterators
• 92deeaf add NodeJS 21.0 compat data mapping
• 20302d7 directly specify `type: commonjs` in `package.json` of all packages to avoid potential breakage in future Node versions
• 0ebbbd8 update `eslint-plugin-regexp`
• c2d027d update dependencies
• 177e71d `qunit@2` have some issues with IE9, so leave `qunit@1` fallbacks in helpers
• baf59f6 fix alt text
• 952c669 update links
• 9667846 use maintained fork of `eslint-plugin-eslint-comments`
• 995d223 update dependencies
• 707f4b7 update dependencies
• 606d093 add a note
• da12287 update dependencies
• 7c6b01b update dependencies
• ba6dc77 add React Native 0.73 Hermes compat data
• ec6dc89 cache `redos/no-vulnerable`

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs