[PR #242] [CLOSED] fix(deps): bump core-js from 3.20.2 to 3.22.0 #252

New Issue

Closed

opened 2025-12-01 17:06:30 +01:00 by arthur · 0 comments

arthur commented 2025-12-01 17:06:30 +01:00

Owner

Copy Link

📋 Pull Request Information

Original PR: https://github.com/ArthurDanjou/website-old/pull/242
Author: @dependabot[bot]
Created: 4/18/2022
Status: ❌ Closed

Base: master ← Head: dependabot/npm_and_yarn/core-js-3.22.0

---

📝 Commits (1)

• 74144ad fix(deps): bump core-js from 3.20.2 to 3.22.0

📊 Changes

2 files changed (+5 additions, -5 deletions)

View changed files

📝 package.json (+1 -1)
📝 yarn.lock (+4 -4)

📄 Description

Bumps core-js from 3.20.2 to 3.22.0.

Changelog

Sourced from core-js's changelog.

3.22.0 - 2022.04.15

• Change Array by copy proposal:
  • Moved to Stage 3, March TC39 meeting
  • Disabled forced replacement and added /actual/ entry points for methods from this proposal
  • Array.prototype.toSpliced throws a TypeError instead of RangeError if the result length is more than MAX_SAFE_INTEGER, proposal-change-array-by-copy/70
• Added some more atob / btoa fixes:
  • NodeJS <17.9 atob does not ignore spaces, node/42530
  • Actual NodeJS atob does not validate encoding, node/42646
  • FF26- implementation does not properly convert argument to string
  • IE / Edge <16 implementation have wrong arity
• Added /full/ namespace as the replacement for /features/ since it's more descriptive in context of the rest namespaces (/es/ ⊆ /stable/ ⊆ /actual/ ⊆ /full/)
• Avoided propagation of removed parts of proposals to upper stages. For example, %TypedArray%.prototype.groupBy was removed from the Array grouping proposal a long time ago. We can't completely remove this method since it's a breaking change. But this proposal has been promoted to stage 3 - so the proposal should be promoted without this method, this method should not be available in /actual/ entries - but it should be available in early-stage entries to avoid breakage.
• Significant internal refactoring and splitting of modules (but without exposing to public API since it will be a breaking change - it will be exposed in the next major version)
• Bug fixes:
  • Fixed work of non-standard V8 Error features with wrapped Error constructors, #1061
  • null and undefined allowed as the second argument of structuredClone, #1056
• Tooling:
  • Stabilized proposals are filtered out from the core-js-compat -> core-js-builder -> core-js-bundle output. That mean that if the output contains, for example, es.object.has-own, the legacy reference to it, esnext.object.has-own, no longer added.
  • Aligned modules filters of core-js-builder and core-js-compat, now it's modules and exclude options
  • Added support of entry points, modules, regexes, and arrays of them to those filters
  • Missed targets option of core-js-compat means that the targets filter just will not be applied, so the result will contain modules required for all possible engines
• Compat data:
  • .stack property on DOMException marked as supported from Deno 1.15
  • Added Deno 1.21 compat data mapping
  • Added Electron 19.0 and updated 18.0 compat data mapping
  • Added Samsung Internet 17.0 compat data mapping
  • Added Opera Android 68 compat data mapping

3.21.1 - 2022.02.17

• Added a bugfix for the WebKit Array.prototype.{ groupBy, groupByToMap } implementation
• core-js-compat targets parser transforms engine names to lower case
• atob / btoa marked as fixed in NodeJS 17.5
• Added Electron 18.0 compat data mapping
• Added Deno 1.20 compat data mapping

3.21.0 - 2022.02.02

• Added Base64 utility methods:
  • atob
  • btoa
• Added the proper validation of arguments to some methods from web standards
• Forced replacement of all features from early-stage proposals for avoiding possible web compatibility issues in the future
• Added Rhino 1.7.14 compat data
• Added Deno 1.19 compat data mapping
• Added Opera Android 66 and 67 compat data mapping
• Added iOS Safari 15.3 and 15.4 compat data mapping

3.20.3 - 2022.01.15

• Detects and replaces broken third-party Function#bind polyfills, uses only native Function#bind in the internals
• structuredClone should throw an error if no arguments passed
• Changed the structure of notes in __core-js_shared__

Commits

• c5e56b6 3.22.0
• 01b057c update entries in the readme
• 06c6a56 use import in some examples
• 0f3c603 avoid propagation of removed parts of proposals to upper stages
• 24d2e5d drop splitted / renamed modules from modules-by-versions
• 8c91bab update dependencies
• 1e07b0c addget-modules-list-for-target-version tests
• eff765f disable forced replacement for methods from "Change Array by copy" proposal
• a7aab7f use import instead of require
• 7717637 add some tests
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

---

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/ArthurDanjou/website-old/pull/242 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 4/18/2022 **Status:** ❌ Closed **Base:** `master` ← **Head:** `dependabot/npm_and_yarn/core-js-3.22.0` --- ### 📝 Commits (1) - [`74144ad`](https://github.com/ArthurDanjou/website-old/commit/74144ad91cccc162563d9c168a5860adf5b45f0f) fix(deps): bump core-js from 3.20.2 to 3.22.0 ### 📊 Changes **2 files changed** (+5 additions, -5 deletions) <details> <summary>View changed files</summary> 📝 `package.json` (+1 -1) 📝 `yarn.lock` (+4 -4) </details> ### 📄 Description Bumps [core-js](https://github.com/zloirock/core-js) from 3.20.2 to 3.22.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/zloirock/core-js/blob/master/CHANGELOG.md">core-js's changelog</a>.</em></p> <blockquote> <h5>3.22.0 - 2022.04.15</h5> <ul> <li><a href="https://github.com/tc39/proposal-change-array-by-copy">Change <code>Array</code> by copy proposal</a>: <ul> <li>Moved to Stage 3, <a href="https://github-redirect.dependabot.com/babel/proposals/issues/81#issuecomment-1083449843">March TC39 meeting</a></li> <li>Disabled forced replacement and added <code>/actual/</code> entry points for methods from this proposal</li> <li><code>Array.prototype.toSpliced</code> throws a <code>TypeError</code> instead of <code>RangeError</code> if the result length is more than <code>MAX_SAFE_INTEGER</code>, <a href="https://github-redirect.dependabot.com/tc39/proposal-change-array-by-copy/pull/70">proposal-change-array-by-copy/70</a></li> </ul> </li> <li>Added some more <code>atob</code> / <code>btoa</code> fixes: <ul> <li>NodeJS &lt;17.9 <code>atob</code> does not ignore spaces, <a href="https://github-redirect.dependabot.com/nodejs/node/issues/42530">node/42530</a></li> <li>Actual NodeJS <code>atob</code> does not validate encoding, <a href="https://github-redirect.dependabot.com/nodejs/node/issues/42646">node/42646</a></li> <li>FF26- implementation does not properly convert argument to string</li> <li>IE / Edge &lt;16 implementation have wrong arity</li> </ul> </li> <li>Added <code>/full/</code> namespace as the replacement for <code>/features/</code> since it's more descriptive in context of the rest namespaces (<code>/es/</code> ⊆ <code>/stable/</code> ⊆ <code>/actual/</code> ⊆ <code>/full/</code>)</li> <li>Avoided propagation of removed parts of proposals to upper stages. For example, <code>%TypedArray%.prototype.groupBy</code> was removed from the <code>Array</code> grouping proposal a long time ago. We can't completely remove this method since it's a breaking change. But this proposal has been promoted to stage 3 - so the proposal should be promoted without this method, this method should not be available in <code>/actual/</code> entries - but it should be available in early-stage entries to avoid breakage.</li> <li>Significant internal refactoring and splitting of modules (but without exposing to public API since it will be a breaking change - it will be exposed in the next major version)</li> <li>Bug fixes: <ul> <li>Fixed work of non-standard V8 <code>Error</code> features with wrapped <code>Error</code> constructors, <a href="https://github-redirect.dependabot.com/zloirock/core-js/issues/1061">#1061</a></li> <li><code>null</code> and <code>undefined</code> allowed as the second argument of <code>structuredClone</code>, <a href="https://github-redirect.dependabot.com/zloirock/core-js/issues/1056">#1056</a></li> </ul> </li> <li>Tooling: <ul> <li>Stabilized proposals are filtered out from the <code>core-js-compat</code> -&gt; <code>core-js-builder</code> -&gt; <code>core-js-bundle</code> output. That mean that if the output contains, for example, <code>es.object.has-own</code>, the legacy reference to it, <code>esnext.object.has-own</code>, no longer added.</li> <li>Aligned modules filters of <a href="https://github.com/zloirock/core-js/tree/master/packages/core-js-builder"><code>core-js-builder</code></a> and <a href="https://github.com/zloirock/core-js/tree/master/packages/core-js-compat"><code>core-js-compat</code></a>, now it's <code>modules</code> and <code>exclude</code> options</li> <li>Added support of entry points, modules, regexes, and arrays of them to those filters</li> <li>Missed <code>targets</code> option of <code>core-js-compat</code> means that the <code>targets</code> filter just will not be applied, so the result will contain modules required for all possible engines</li> </ul> </li> <li>Compat data: <ul> <li><code>.stack</code> property on <code>DOMException</code> marked as supported from Deno <a href="https://github.com/denoland/deno/releases/tag/v1.15.0">1.15</a></li> <li>Added Deno 1.21 compat data mapping</li> <li>Added Electron 19.0 and updated 18.0 compat data mapping</li> <li>Added Samsung Internet 17.0 compat data mapping</li> <li>Added Opera Android 68 compat data mapping</li> </ul> </li> </ul> <h5>3.21.1 - 2022.02.17</h5> <ul> <li>Added a <a href="https://bugs.webkit.org/show_bug.cgi?id=236541">bug</a>fix for the WebKit <code>Array.prototype.{ groupBy, groupByToMap }</code> implementation</li> <li><code>core-js-compat</code> targets parser transforms engine names to lower case</li> <li><code>atob</code> / <code>btoa</code> marked as <a href="https://github-redirect.dependabot.com/nodejs/node/pull/41478">fixed</a> in NodeJS 17.5</li> <li>Added Electron 18.0 compat data mapping</li> <li>Added Deno 1.20 compat data mapping</li> </ul> <h5>3.21.0 - 2022.02.02</h5> <ul> <li>Added <a href="https://developer.mozilla.org/en-US/docs/Glossary/Base64">Base64 utility methods</a>: <ul> <li><code>atob</code></li> <li><code>btoa</code></li> </ul> </li> <li>Added the proper validation of arguments to some methods from web standards</li> <li>Forced replacement of all features from early-stage proposals for avoiding possible web compatibility issues in the future</li> <li>Added Rhino 1.7.14 compat data</li> <li>Added Deno 1.19 compat data mapping</li> <li>Added Opera Android 66 and 67 compat data mapping</li> <li>Added iOS Safari 15.3 and 15.4 compat data mapping</li> </ul> <h5>3.20.3 - 2022.01.15</h5> <ul> <li>Detects and replaces broken third-party <code>Function#bind</code> polyfills, uses only native <code>Function#bind</code> in the internals</li> <li><code>structuredClone</code> should throw an error if no arguments passed</li> <li>Changed the structure of notes in <code>__core-js_shared__</code></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/zloirock/core-js/commit/c5e56b664756455f9715481eca92f4a3a421f475"><code>c5e56b6</code></a> 3.22.0</li> <li><a href="https://github.com/zloirock/core-js/commit/01b057cd217415a8dc26ab6c3fb3319fc403cc45"><code>01b057c</code></a> update entries in the readme</li> <li><a href="https://github.com/zloirock/core-js/commit/06c6a566c7f07420fbd78553bc273eb5834d0597"><code>06c6a56</code></a> use <code>import</code> in some examples</li> <li><a href="https://github.com/zloirock/core-js/commit/0f3c6031ed9de3ade3078f57883a68c4300bf9e7"><code>0f3c603</code></a> avoid propagation of removed parts of proposals to upper stages</li> <li><a href="https://github.com/zloirock/core-js/commit/24d2e5dde76418094df5d9a8799c58104caf093a"><code>24d2e5d</code></a> drop splitted / renamed modules from <code>modules-by-versions</code></li> <li><a href="https://github.com/zloirock/core-js/commit/8c91babc67e269a6fbb19325446dea9a0cfc3aef"><code>8c91bab</code></a> update dependencies</li> <li><a href="https://github.com/zloirock/core-js/commit/1e07b0c00b5a92037c2c309205842701f428983c"><code>1e07b0c</code></a> add<code>get-modules-list-for-target-version</code> tests</li> <li><a href="https://github.com/zloirock/core-js/commit/eff765f2198cecc07bfe34bce10ef32b94dc8b50"><code>eff765f</code></a> disable forced replacement for methods from &quot;Change <code>Array</code> by copy&quot; proposal</li> <li><a href="https://github.com/zloirock/core-js/commit/a7aab7f10ba7fc84e6d7f817b0dad71de9b84dc3"><code>a7aab7f</code></a> use <code>import</code> instead of <code>require</code></li> <li><a href="https://github.com/zloirock/core-js/commit/7717637d66fdf2870a1aabb3b4a84459f5b48ed1"><code>7717637</code></a> add some tests</li> <li>Additional commits viewable in <a href="https://github.com/zloirock/core-js/compare/v3.20.2...v3.22.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --- _{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

arthur added the pull-request label 2025-12-01 17:06:30 +01:00

arthur closed this issue 2025-12-01 17:06:31 +01:00

arthur referenced this issue 2025-12-01 17:06:32 +01:00

[PR #252] [CLOSED] fix(deps): bump axios from 0.24.0 to 0.27.1 #265

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

master

dependabot/npm_and_yarn/nuxtjs/sentry-7.1.4

dependabot/npm_and_yarn/core-js-3.29.0

dependabot/npm_and_yarn/sass-1.58.3

dependabot/npm_and_yarn/nuxt/content-2.4.3

dependabot/npm_and_yarn/nuxtjs/i18n-7.3.1

dependabot/npm_and_yarn/nuxt-windicss-2.6.0

dependabot/npm_and_yarn/nuxtjs/color-mode-3.2.0

dependabot/npm_and_yarn/sass-loader-13.2.0

dependabot/npm_and_yarn/markdown-it-prism-2.3.0

dependabot/npm_and_yarn/nuxtjs/composition-api-0.33.1

v3

dev

No results found.

Labels

Clear labels

pull-request

Mirrored from GitHub Pull Request

No Label pull-request

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

arthur

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: arthur/website-old#252