[PR #184] [MERGED] fix(deps): bump core-js from 3.18.3 to 3.19.1 #189

New Issue

Closed

opened 2025-12-01 17:06:13 +01:00 by arthur · 0 comments

arthur commented 2025-12-01 17:06:13 +01:00

Owner

Copy Link

📋 Pull Request Information

Original PR: https://github.com/ArthurDanjou/website-old/pull/184
Author: @dependabot[bot]
Created: 11/3/2021
Status: ✅ Merged
Merged: 11/3/2021
Merged by: @ArthurDanjou

Base: master ← Head: dependabot/npm_and_yarn/core-js-3.19.1

---

📝 Commits (1)

• 27066d5 fix(deps): bump core-js from 3.18.3 to 3.19.1

📊 Changes

1 file changed (+43 additions, -25 deletions)

View changed files

📝 yarn.lock (+43 -25)

📄 Description

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

---

Bumps core-js from 3.18.3 to 3.19.1.

Changelog

Sourced from core-js's changelog.

3.19.1 - 2021.11.03

• Added a workaround for FF26- bug where ArrayBuffers are non-extensible, but Object.isExtensible does not report it:
  • Fixed in Object.{ isExtensible, isSealed, isFrozen } and Reflect.isExtensible
  • Fixed handling of ArrayBuffers as collections keys
• Fixed Object#toString on AggregateError in IE10-
• Fixed possible lack of dependencies of WeakMap in IE8-
• .findLast methods family marked as supported from Chrome 97
• Fixed inheritance of Electron compat data web. modules
• Fixed Safari 15.1 compat data (some features were not added)
• Added iOS Safari 15.1 compat data mapping

3.19.0 - 2021.10.25

• Most built-ins are encapsulated in core-js for preventing possible cases of breaking / observing the internal state by patching / deleting of them
  • Avoid .call / .apply prototype methods that could be patched
  • Avoid instanceof operator - implicit .prototype / @@hasInstance access that could be patched
  • Avoid RegExp#test, String#match and some over methods - implicit .exec and RegExp well-known symbols access that could be patched
• Clearing of Error stack from extra entries experimentally added to AggregateError, #996, in case lack of problems it will be extended to other cases
• In engines with native Symbol support, new well-known symbols created with usage Symbol.for for ensuring the same keys in different realms, #998
• Added a workaround of a BrowserFS NodeJS process polyfill bug that incorrectly reports V8 version that's used in some cases of core-js feature detection
• Fixed normalization of message AggregateError argument
• Fixed order of arguments conversion in Math.scale, a spec draft bug
• Fixed core-js-builder work in NodeJS 17, added a workaround of webpack + NodeJS 17 issue
• Added NodeJS 17.0 compat data mapping
• Added Opera Android 65 compat data mapping
• Updated Electron 16.0 compat data mapping
• Many other minor fixes and improvements

Commits

• 1f16f36 3.19.1
• 8faf019 update dependencies
• 55b232c add a workaround for FF26- bug where ArrayBuffers are non-extensible, but `...
• 50da74b fix Object#toString on AggregateError in IE10-
• 9dae65f replace a link
• 361b0b4 mark .findLast methods family as supported from Chrome 97
• d6d2f45 update dependencies
• 56cf07d update dependencies
• ddc34d8 update dependencies
• f02b34b update dependencies
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

---

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/ArthurDanjou/website-old/pull/184 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 11/3/2021 **Status:** ✅ Merged **Merged:** 11/3/2021 **Merged by:** [@ArthurDanjou](https://github.com/ArthurDanjou) **Base:** `master` ← **Head:** `dependabot/npm_and_yarn/core-js-3.19.1` --- ### 📝 Commits (1) - [`27066d5`](https://github.com/ArthurDanjou/website-old/commit/27066d5b29d0b1c083eb7f85d2191468a7834ae6) fix(deps): bump core-js from 3.18.3 to 3.19.1 ### 📊 Changes **1 file changed** (+43 additions, -25 deletions) <details> <summary>View changed files</summary> 📝 `yarn.lock` (+43 -25) </details> ### 📄 Description [//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [core-js](https://github.com/zloirock/core-js) from 3.18.3 to 3.19.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/zloirock/core-js/blob/master/CHANGELOG.md">core-js's changelog</a>.</em></p> <blockquote> <h5>3.19.1 - 2021.11.03</h5> <ul> <li>Added a workaround for FF26- bug where <code>ArrayBuffer</code>s are non-extensible, but <code>Object.isExtensible</code> does not report it: <ul> <li>Fixed in <code>Object.{ isExtensible, isSealed, isFrozen }</code> and <code>Reflect.isExtensible</code></li> <li>Fixed handling of <code>ArrayBuffer</code>s as collections keys</li> </ul> </li> <li>Fixed <code>Object#toString</code> on <code>AggregateError</code> in IE10-</li> <li>Fixed possible lack of dependencies of <code>WeakMap</code> in IE8-</li> <li><code>.findLast</code> methods family marked as supported <a href="https://chromestatus.com/features#milestone%3D97">from Chrome 97</a></li> <li>Fixed inheritance of Electron compat data <code>web.</code> modules</li> <li>Fixed Safari 15.1 compat data (some features were not added)</li> <li>Added iOS Safari 15.1 compat data mapping</li> </ul> <h5>3.19.0 - 2021.10.25</h5> <ul> <li>Most built-ins are encapsulated in <code>core-js</code> for preventing possible cases of breaking / observing the internal state by patching / deleting of them <ul> <li>Avoid <code>.call</code> / <code>.apply</code> prototype methods that could be patched</li> <li>Avoid <code>instanceof</code> operator - implicit <code>.prototype</code> / <code>@@hasInstance</code> access that could be patched</li> <li>Avoid <code>RegExp#test</code>, <code>String#match</code> and some over methods - implicit <code>.exec</code> and <code>RegExp</code> well-known symbols access that could be patched</li> </ul> </li> <li>Clearing of <code>Error</code> stack from extra entries experimentally added to <code>AggregateError</code>, <a href="https://github-redirect.dependabot.com/zloirock/core-js/pull/996">#996</a>, in case lack of problems it will be extended to other cases</li> <li>In engines with native <code>Symbol</code> support, new well-known symbols created with usage <code>Symbol.for</code> for ensuring the same keys in different realms, <a href="https://github-redirect.dependabot.com/zloirock/core-js/issues/998">#998</a></li> <li>Added a workaround of <a href="https://github-redirect.dependabot.com/jvilk/bfs-process/issues/5">a BrowserFS NodeJS <code>process</code> polyfill bug</a> that incorrectly reports V8 version that's used in some cases of <code>core-js</code> feature detection</li> <li>Fixed normalization of <code>message</code> <code>AggregateError</code> argument</li> <li>Fixed order of arguments conversion in <code>Math.scale</code>, <a href="https://github-redirect.dependabot.com/rwaldron/proposal-math-extensions/issues/24">a spec draft bug</a></li> <li>Fixed <code>core-js-builder</code> work in NodeJS 17, added a workaround of <a href="https://github-redirect.dependabot.com/webpack/webpack/issues/14532"><code>webpack</code> + NodeJS 17 issue</a></li> <li>Added NodeJS 17.0 compat data mapping</li> <li>Added Opera Android 65 compat data mapping</li> <li>Updated Electron 16.0 compat data mapping</li> <li>Many other minor fixes and improvements</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/zloirock/core-js/commit/1f16f36fa2807bbe793b9da852a110e6c6077693"><code>1f16f36</code></a> 3.19.1</li> <li><a href="https://github.com/zloirock/core-js/commit/8faf0198fd441e4249cb6839a473a34d2779ae19"><code>8faf019</code></a> update dependencies</li> <li><a href="https://github.com/zloirock/core-js/commit/55b232c85f7b7e6e6d70809455fd365404668b74"><code>55b232c</code></a> add a workaround for FF26- bug where <code>ArrayBuffer</code>s are non-extensible, but `...</li> <li><a href="https://github.com/zloirock/core-js/commit/50da74b41983d9639654cf9e0ef16f20aae48fba"><code>50da74b</code></a> fix <code>Object#toString</code> on <code>AggregateError</code> in IE10-</li> <li><a href="https://github.com/zloirock/core-js/commit/9dae65f9a6c1aee4d1e6ee4bb772fd268cd1e06a"><code>9dae65f</code></a> replace a link</li> <li><a href="https://github.com/zloirock/core-js/commit/361b0b4b264df59beb3a481023fd4635b98bd3c7"><code>361b0b4</code></a> mark <code>.findLast</code> methods family as supported from Chrome 97</li> <li><a href="https://github.com/zloirock/core-js/commit/d6d2f451aa8a2e7f5e0688d09e78cc35ab488358"><code>d6d2f45</code></a> update dependencies</li> <li><a href="https://github.com/zloirock/core-js/commit/56cf07d0b71aad6cd775cfcc81feac528e432d42"><code>56cf07d</code></a> update dependencies</li> <li><a href="https://github.com/zloirock/core-js/commit/ddc34d88b3578fe58030718f7e25b226acbe746a"><code>ddc34d8</code></a> update dependencies</li> <li><a href="https://github.com/zloirock/core-js/commit/f02b34b3060ba42bdf56553c22786ac0dc91c81e"><code>f02b34b</code></a> update dependencies</li> <li>Additional commits viewable in <a href="https://github.com/zloirock/core-js/compare/v3.18.3...v3.19.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --- _{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

arthur added the pull-request label 2025-12-01 17:06:13 +01:00

arthur closed this issue 2025-12-01 17:06:13 +01:00

arthur referenced this issue 2025-12-01 17:06:15 +01:00

[PR #189] [CLOSED] chore(deps-dev): bump nuxt-windicss from 2.0.11 to 2.0.12 #196

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

master

dependabot/npm_and_yarn/nuxtjs/sentry-7.1.4

dependabot/npm_and_yarn/core-js-3.29.0

dependabot/npm_and_yarn/sass-1.58.3

dependabot/npm_and_yarn/nuxt/content-2.4.3

dependabot/npm_and_yarn/nuxtjs/i18n-7.3.1

dependabot/npm_and_yarn/nuxt-windicss-2.6.0

dependabot/npm_and_yarn/nuxtjs/color-mode-3.2.0

dependabot/npm_and_yarn/sass-loader-13.2.0

dependabot/npm_and_yarn/markdown-it-prism-2.3.0

dependabot/npm_and_yarn/nuxtjs/composition-api-0.33.1

v3

dev

No results found.

Labels

Clear labels

pull-request

Mirrored from GitHub Pull Request

No Label pull-request

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

arthur

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: arthur/website-old#189