[PR #303] [CLOSED] fix(deps): bump core-js from 3.23.3 to 3.25.1 #320

New Issue

Closed

opened 2025-12-01 17:06:45 +01:00 by arthur · 0 comments

arthur commented 2025-12-01 17:06:45 +01:00

Owner

Copy Link

📋 Pull Request Information

Original PR: https://github.com/ArthurDanjou/website-old/pull/303
Author: @dependabot[bot]
Created: 9/8/2022
Status: ❌ Closed

Base: master ← Head: dependabot/npm_and_yarn/core-js-3.25.1

---

📝 Commits (1)

• cafc0f4 fix(deps): bump core-js from 3.23.3 to 3.25.1

📊 Changes

2 files changed (+5 additions, -5 deletions)

View changed files

📝 package.json (+1 -1)
📝 yarn.lock (+4 -4)

📄 Description

Bumps core-js from 3.23.3 to 3.25.1.

Changelog

Sourced from core-js's changelog.

3.25.1 - 2022.09.08

• Added some fixes and workarounds of FF30- typed arrays bug that does not properly convert objects to numbers
• Added sideEffects field to core-js-pure package.json for better tree shaking, #1117
• Dropped semver dependency from core-js-compat
  • semver package (ironically) added a breaking change and dropped NodeJS 8 support in the minor 7.1 version, after that semver in core-js-compat was pinned to 7.0 since for avoiding breaking changes it should support NodeJS 8. However, since core-js-compat is usually used with other packages that use semver dependency, it causes multiple duplication of semver in dependencies. So I decided to remove semver dependency and replace it with a couple of simple helpers.
• Added Bun 0.1.6-0.1.11 compat data
• Added Deno 1.25 compat data mapping
• Updated Electron 21 compat data mapping
• Some stylistic changes, minor fixes, and improvements

3.25.0 - 2022.08.25

• Added Object.prototype.__proto__ polyfill
  • It's optional, legacy, and in some cases (mainly because of developers' mistakes) can cause problems, but some libraries depend on it, and most code can't work without the proper libraries' ecosystem
  • Only for modern engines where this feature is missed (like Deno), it's not installed in IE10- since here we have no proper way setting of the prototype
  • Without fixes of early implementations where it's not an accessor since those fixes are impossible
  • Only for the global version
• Considering document.all as an object in some missed cases, see ECMAScript Annex B 3.6
• Avoiding unnecessary promise creation and validation result in %WrapForValid(Async)IteratorPrototype%.return, proposal-iterator-helpers/215
• Fixed omitting the result of proxing .return in %IteratorHelperPrototype%.return, #1116
• Fixed the order creation of properties of iteration result object of some iterators (value should be created before done)
• Fixed some cases of Safari < 13 bug - silent on non-writable array .length setting
• Fixed ArrayBuffer.length in V8 ~ Chrome 27-
• Relaxed condition of re-usage native WeakMap for internal states with multiple core-js copies
• Availability cloning of FileList in the structuredClone polyfill extended to some more old engines versions
• Some stylistic changes and minor fixes
• Throwing a TypeError in core-js-compat / core-js-builder in case of passing invalid module names / filters for avoiding unexpected result, related to #1115
• Added missed NodeJS 13.2 to esmodules core-js-compat / core-js-builder target
• Added Electron 21 compat data mapping
• Added Oculus Browser 23.0 compat data mapping

3.24.1 - 2022.07.30

• NodeJS is ignored in IS_BROWSER detection to avoid a false positive with jsdom, #1110
• Fixed detection of @@species support in Promise in some old engines
• { Array, %TypedArray% }.prototype.{ findLast, findLastIndex } marked as shipped in FF104
• Added iOS Safari 15.6 compat data mapping
• Fixed Opera 15 compat data mapping

3.24.0 - 2022.07.25

• Recent updates of the iterator helpers proposal, #1101:
  • .asIndexedPairs renamed to .indexed, proposal-iterator-helpers/183:
    • Iterator.prototype.asIndexedPairs -> Iterator.prototype.indexed
    • AsyncIterator.prototype.asIndexedPairs -> AsyncIterator.prototype.indexed
  • Avoid exposing spec fiction %AsyncFromSyncIteratorPrototype% in AsyncIterator.from and Iterator.prototype.toAsync, proposal-iterator-helpers/182, proposal-iterator-helpers/202
  • Avoid unnecessary promise creation in %WrapForValidAsyncIteratorPrototype%.next, proposal-iterator-helpers/197
  • Do not validate value in %WrapForValid(Async)IteratorPrototype%.next, proposal-iterator-helpers/197 and proposal-iterator-helpers/205
  • Do not forward the parameter of .next / .return to an underlying iterator by the extended iterator protocol, a part of proposal-iterator-helpers/194
  • .throw methods removed from all wrappers / helpers prototypes, a part of proposal-iterator-helpers/194
  • Close inner iterators of { Iterator, AsyncIterator }.prototype.flatMap proxy iterators on .return, proposal-iterator-helpers/195
  • Throw RangeError on NaN in { Iterator, AsyncIterator }.prototype.{ drop, take }, proposal-iterator-helpers/181
  • Many other updates and fixes of this proposal

... (truncated)

Commits

• 3c2e601 3.25.1
• 60519bc update the changelog
• bb1de0f update dependencies
• 2c1e73e update dependencies
• ce987cb improve some tests
• 6ca3e61 fix some blocks
• eb8ed33 fix a typo
• bacfb3f add "PRs welcome" badge with a link to CONTRIBUTING.md
• b534518 just in case detect correctness of globalThis
• 79ababc add some tests
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

---

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/ArthurDanjou/website-old/pull/303 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 9/8/2022 **Status:** ❌ Closed **Base:** `master` ← **Head:** `dependabot/npm_and_yarn/core-js-3.25.1` --- ### 📝 Commits (1) - [`cafc0f4`](https://github.com/ArthurDanjou/website-old/commit/cafc0f433de652797e6227f7fe75a302fe3c8169) fix(deps): bump core-js from 3.23.3 to 3.25.1 ### 📊 Changes **2 files changed** (+5 additions, -5 deletions) <details> <summary>View changed files</summary> 📝 `package.json` (+1 -1) 📝 `yarn.lock` (+4 -4) </details> ### 📄 Description Bumps [core-js](https://github.com/zloirock/core-js) from 3.23.3 to 3.25.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/zloirock/core-js/blob/master/CHANGELOG.md">core-js's changelog</a>.</em></p> <blockquote> <h5><a href="https://github.com/zloirock/core-js/releases/tag/v3.25.1">3.25.1 - 2022.09.08</a></h5> <ul> <li>Added some fixes and workarounds of FF30- typed arrays bug that does not properly convert objects to numbers</li> <li>Added <code>sideEffects</code> field to <code>core-js-pure</code> <code>package.json</code> for better tree shaking, <a href="https://github-redirect.dependabot.com/zloirock/core-js/issues/1117">#1117</a></li> <li>Dropped <code>semver</code> dependency from <code>core-js-compat</code> <ul> <li><code>semver</code> package (ironically) added <a href="https://github.com/npm/node-semver/commit/d61f828e64260a0a097f26210f5500">a breaking change and dropped NodeJS 8 support in the minor <code>7.1</code> version</a>, after that <code>semver</code> in <code>core-js-compat</code> was pinned to <code>7.0</code> since for avoiding breaking changes it should support NodeJS 8. However, since <code>core-js-compat</code> is usually used with other packages that use <code>semver</code> dependency, it causes multiple duplication of <code>semver</code> in dependencies. So I decided to remove <code>semver</code> dependency and replace it with a couple of simple helpers.</li> </ul> </li> <li>Added Bun 0.1.6-0.1.11 compat data</li> <li>Added Deno 1.25 compat data mapping</li> <li>Updated Electron 21 compat data mapping</li> <li>Some stylistic changes, minor fixes, and improvements</li> </ul> <h5><a href="https://github.com/zloirock/core-js/releases/tag/v3.25.0">3.25.0 - 2022.08.25</a></h5> <ul> <li>Added <a href="https://tc39.es/ecma262/#sec-object.prototype.__proto__"><code>Object.prototype.__proto__</code></a> polyfill <ul> <li>It's optional, legacy, and in some cases (mainly because of developers' mistakes) can cause problems, but <a href="https://github-redirect.dependabot.com/denoland/deno/issues/13321">some libraries depend on it</a>, and most code can't work without the proper libraries' ecosystem</li> <li>Only for modern engines where this feature is missed (like Deno), it's not installed in IE10- since here we have no proper way setting of the prototype</li> <li>Without fixes of early implementations where it's not an accessor since those fixes are impossible</li> <li>Only for the global version</li> </ul> </li> <li>Considering <code>document.all</code> as an object in some missed cases, see <a href="https://tc39.es/ecma262/#sec-IsHTMLDDA-internal-slot">ECMAScript Annex B 3.6</a></li> <li>Avoiding unnecessary promise creation and validation result in <code>%WrapForValid(Async)IteratorPrototype%.return</code>, <a href="https://github-redirect.dependabot.com/tc39/proposal-iterator-helpers/pull/215">proposal-iterator-helpers/215</a></li> <li>Fixed omitting the result of proxing <code>.return</code> in <code>%IteratorHelperPrototype%.return</code>, <a href="https://github-redirect.dependabot.com/zloirock/core-js/issues/1116">#1116</a></li> <li>Fixed the order creation of properties of iteration result object of some iterators (<code>value</code> should be created before <code>done</code>)</li> <li>Fixed some cases of Safari &lt; 13 bug - silent on non-writable array <code>.length</code> setting</li> <li>Fixed <code>ArrayBuffer.length</code> in V8 ~ Chrome 27-</li> <li>Relaxed condition of re-usage native <code>WeakMap</code> for internal states with multiple <code>core-js</code> copies</li> <li>Availability cloning of <code>FileList</code> in the <code>structuredClone</code> polyfill extended to some more old engines versions</li> <li>Some stylistic changes and minor fixes</li> <li>Throwing a <code>TypeError</code> in <code>core-js-compat</code> / <code>core-js-builder</code> in case of passing invalid module names / filters for avoiding unexpected result, related to <a href="https://github-redirect.dependabot.com/zloirock/core-js/issues/1115">#1115</a></li> <li>Added missed NodeJS 13.2 to <code>esmodules</code> <code>core-js-compat</code> / <code>core-js-builder</code> target</li> <li>Added Electron 21 compat data mapping</li> <li>Added Oculus Browser 23.0 compat data mapping</li> </ul> <h5><a href="https://github.com/zloirock/core-js/releases/tag/v3.24.1">3.24.1 - 2022.07.30</a></h5> <ul> <li>NodeJS is ignored in <code>IS_BROWSER</code> detection to avoid a false positive with <code>jsdom</code>, <a href="https://github-redirect.dependabot.com/zloirock/core-js/issues/1110">#1110</a></li> <li>Fixed detection of <code>@@species</code> support in <code>Promise</code> in some old engines</li> <li><code>{ Array, %TypedArray% }.prototype.{ findLast, findLastIndex }</code> marked as shipped <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1775026">in FF104</a></li> <li>Added iOS Safari 15.6 compat data mapping</li> <li>Fixed Opera 15 compat data mapping</li> </ul> <h5><a href="https://github.com/zloirock/core-js/releases/tag/v3.24.0">3.24.0 - 2022.07.25</a></h5> <ul> <li>Recent updates of the <a href="https://github.com/tc39/proposal-iterator-helpers">iterator helpers proposal</a>, <a href="https://github-redirect.dependabot.com/zloirock/core-js/issues/1101">#1101</a>: <ul> <li><code>.asIndexedPairs</code> renamed to <code>.indexed</code>, <a href="https://github-redirect.dependabot.com/tc39/proposal-iterator-helpers/pull/183">proposal-iterator-helpers/183</a>: <ul> <li><code>Iterator.prototype.asIndexedPairs</code> -&gt; <code>Iterator.prototype.indexed</code></li> <li><code>AsyncIterator.prototype.asIndexedPairs</code> -&gt; <code>AsyncIterator.prototype.indexed</code></li> </ul> </li> <li>Avoid exposing spec fiction <code>%AsyncFromSyncIteratorPrototype%</code> in <code>AsyncIterator.from</code> and <code>Iterator.prototype.toAsync</code>, <a href="https://github-redirect.dependabot.com/tc39/proposal-iterator-helpers/pull/182">proposal-iterator-helpers/182</a>, <a href="https://github-redirect.dependabot.com/tc39/proposal-iterator-helpers/pull/202">proposal-iterator-helpers/202</a></li> <li>Avoid unnecessary promise creation in <code>%WrapForValidAsyncIteratorPrototype%.next</code>, <a href="https://github-redirect.dependabot.com/tc39/proposal-iterator-helpers/pull/197">proposal-iterator-helpers/197</a></li> <li>Do not validate value in <code>%WrapForValid(Async)IteratorPrototype%.next</code>, <a href="https://github-redirect.dependabot.com/tc39/proposal-iterator-helpers/pull/197">proposal-iterator-helpers/197</a> and <a href="https://github-redirect.dependabot.com/tc39/proposal-iterator-helpers/pull/205">proposal-iterator-helpers/205</a></li> <li>Do not forward the parameter of <code>.next</code> / <code>.return</code> to an underlying iterator by the extended iterator protocol, a part of <a href="https://github-redirect.dependabot.com/tc39/proposal-iterator-helpers/pull/194">proposal-iterator-helpers/194</a></li> <li><code>.throw</code> methods removed from all wrappers / helpers prototypes, a part of <a href="https://github-redirect.dependabot.com/tc39/proposal-iterator-helpers/pull/194">proposal-iterator-helpers/194</a></li> <li>Close inner iterators of <code>{ Iterator, AsyncIterator }.prototype.flatMap</code> proxy iterators on <code>.return</code>, <a href="https://github-redirect.dependabot.com/tc39/proposal-iterator-helpers/pull/195">proposal-iterator-helpers/195</a></li> <li>Throw <code>RangeError</code> on <code>NaN</code> in <code>{ Iterator, AsyncIterator }.prototype.{ drop, take }</code>, <a href="https://github-redirect.dependabot.com/tc39/proposal-iterator-helpers/pull/181">proposal-iterator-helpers/181</a></li> <li>Many other updates and fixes of this proposal</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/zloirock/core-js/commit/3c2e601b9a58af4dca0cd13aa943ab66b3deb83d"><code>3c2e601</code></a> 3.25.1</li> <li><a href="https://github.com/zloirock/core-js/commit/60519bc872c2a9da99586b3d95f3f580637b30c1"><code>60519bc</code></a> update the changelog</li> <li><a href="https://github.com/zloirock/core-js/commit/bb1de0f85086e944668a1f9050198728d25e5353"><code>bb1de0f</code></a> update dependencies</li> <li><a href="https://github.com/zloirock/core-js/commit/2c1e73e1a20cbbac9f0141bedb8dd9d3ca6a9f3f"><code>2c1e73e</code></a> update dependencies</li> <li><a href="https://github.com/zloirock/core-js/commit/ce987cb28a9f26bf889c663a023c62993ed7e0d0"><code>ce987cb</code></a> improve some tests</li> <li><a href="https://github.com/zloirock/core-js/commit/6ca3e61ab973238285110edc1c5e37e96fbeb906"><code>6ca3e61</code></a> fix some blocks</li> <li><a href="https://github.com/zloirock/core-js/commit/eb8ed332079673b77127b59201dd608cc6e1d329"><code>eb8ed33</code></a> fix a typo</li> <li><a href="https://github.com/zloirock/core-js/commit/bacfb3ffc0f381ef81b8f4e17ef69762888c90b8"><code>bacfb3f</code></a> add &quot;PRs welcome&quot; badge with a link to <code>CONTRIBUTING.md</code></li> <li><a href="https://github.com/zloirock/core-js/commit/b534518abce134c915860c2a4528337f8d041dbf"><code>b534518</code></a> just in case detect correctness of <code>globalThis</code></li> <li><a href="https://github.com/zloirock/core-js/commit/79ababc6afcf6e112cdde081eadc06540bb36c2a"><code>79ababc</code></a> add some tests</li> <li>Additional commits viewable in <a href="https://github.com/zloirock/core-js/compare/v3.23.3...v3.25.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --- _{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

arthur added the pull-request label 2025-12-01 17:06:45 +01:00

arthur closed this issue 2025-12-01 17:06:45 +01:00

arthur referenced this issue 2025-12-01 17:06:48 +01:00

[PR #320] [CLOSED] fix(deps): bump core-js from 3.23.3 to 3.26.0 #335

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

master

dependabot/npm_and_yarn/nuxtjs/sentry-7.1.4

dependabot/npm_and_yarn/core-js-3.29.0

dependabot/npm_and_yarn/sass-1.58.3

dependabot/npm_and_yarn/nuxt/content-2.4.3

dependabot/npm_and_yarn/nuxtjs/i18n-7.3.1

dependabot/npm_and_yarn/nuxt-windicss-2.6.0

dependabot/npm_and_yarn/nuxtjs/color-mode-3.2.0

dependabot/npm_and_yarn/sass-loader-13.2.0

dependabot/npm_and_yarn/markdown-it-prism-2.3.0

dependabot/npm_and_yarn/nuxtjs/composition-api-0.33.1

v3

dev

No results found.

Labels

Clear labels

pull-request

Mirrored from GitHub Pull Request

No Label pull-request

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

arthur

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: arthur/website-old#320