[PR #314] [CLOSED] fix(deps): bump core-js from 3.23.3 to 3.25.4 #328

New Issue

Closed

opened 2025-12-01 17:06:46 +01:00 by arthur · 0 comments

arthur commented 2025-12-01 17:06:46 +01:00

Owner

Copy Link

📋 Pull Request Information

Original PR: https://github.com/ArthurDanjou/website-old/pull/314
Author: @dependabot[bot]
Created: 10/3/2022
Status: ❌ Closed

Base: master ← Head: dependabot/npm_and_yarn/core-js-3.25.4

---

📝 Commits (1)

• a3c8030 fix(deps): bump core-js from 3.23.3 to 3.25.4

📊 Changes

2 files changed (+5 additions, -5 deletions)

View changed files

📝 package.json (+1 -1)
📝 yarn.lock (+4 -4)

📄 Description

Bumps core-js from 3.23.3 to 3.25.4.

Changelog

Sourced from core-js's changelog.

3.25.4 - 2022.10.03

• Added a workaround of a Nashorn bug with Function.prototype.{ call, apply, bind } on string methods, #1128
• Updated lists of [Serializable] and [Transferable] objects in the structuredClone polyfill. Mainly, for better error messages if polyfilling of cloning such types is impossible
• Array.prototype.{ group, groupToMap } marked as supported from V8 ~ Chromium 108
• Added Electron 22 compat data mapping

3.25.3 - 2022.09.26

• Forced polyfilling of Array.prototype.groupToMap in the pure version for returning wrapped Map instances
• Fixed existence of Array.prototype.{ findLast, findLastIndex } in /stage/4 entry
• Added Opera Android 71 compat data mapping
• Some stylistic changes

3.25.2 - 2022.09.19

• Considering document.all as a callable in some missed cases
• Added Safari 16.0 compat data
• Added iOS Safari 16.0 compat data mapping
• Fixed some ancient iOS Safari versions compat data mapping

3.25.1 - 2022.09.08

• Added some fixes and workarounds of FF30- typed arrays bug that does not properly convert objects to numbers
• Added sideEffects field to core-js-pure package.json for better tree shaking, #1117
• Dropped semver dependency from core-js-compat
  • semver package (ironically) added a breaking change and dropped NodeJS 8 support in the minor 7.1 version, after that semver in core-js-compat was pinned to 7.0 since for avoiding breaking changes it should support NodeJS 8. However, since core-js-compat is usually used with other packages that use semver dependency, it causes multiple duplication of semver in dependencies. So I decided to remove semver dependency and replace it with a couple of simple helpers.
• Added Bun 0.1.6-0.1.11 compat data
• Added Deno 1.25 compat data mapping
• Updated Electron 21 compat data mapping
• Some stylistic changes, minor fixes, and improvements

3.25.0 - 2022.08.25

• Added Object.prototype.__proto__ polyfill
  • It's optional, legacy, and in some cases (mainly because of developers' mistakes) can cause problems, but some libraries depend on it, and most code can't work without the proper libraries' ecosystem
  • Only for modern engines where this feature is missed (like Deno), it's not installed in IE10- since here we have no proper way setting of the prototype
  • Without fixes of early implementations where it's not an accessor since those fixes are impossible
  • Only for the global version
• Considering document.all as an object in some missed cases, see ECMAScript Annex B 3.6
• Avoiding unnecessary promise creation and validation result in %WrapForValid(Async)IteratorPrototype%.return, proposal-iterator-helpers/215
• Fixed omitting the result of proxing .return in %IteratorHelperPrototype%.return, #1116
• Fixed the order creation of properties of iteration result object of some iterators (value should be created before done)
• Fixed some cases of Safari < 13 bug - silent on non-writable array .length setting
• Fixed ArrayBuffer.length in V8 ~ Chrome 27-
• Relaxed condition of re-usage native WeakMap for internal states with multiple core-js copies
• Availability cloning of FileList in the structuredClone polyfill extended to some more old engines versions
• Some stylistic changes and minor fixes
• Throwing a TypeError in core-js-compat / core-js-builder in case of passing invalid module names / filters for avoiding unexpected result, related to #1115
• Added missed NodeJS 13.2 to esmodules core-js-compat / core-js-builder target
• Added Electron 21 compat data mapping
• Added Oculus Browser 23.0 compat data mapping

3.24.1 - 2022.07.30

• NodeJS is ignored in IS_BROWSER detection to avoid a false positive with jsdom, #1110

... (truncated)

Commits

• d59e440 3.25.4
• d76041c update lists of [Serializable] and [Transferable] objects in the `structu...
• fd7812a some stylistic changes, improve a note
• afcc148 update dependencies
• 14364db add Electron 22 compat data mapping
• 3172ef6 Merge pull request #1131 from AprilArcus/april/1130
• 8bd8508 Fix more Nashorn problems
• 44fe613 fix no-unused-vars setting
• 9307fb7 Merge pull request #1129 from AprilArcus/april/1128
• 775f6ba some fixes
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

---

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/ArthurDanjou/website-old/pull/314 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 10/3/2022 **Status:** ❌ Closed **Base:** `master` ← **Head:** `dependabot/npm_and_yarn/core-js-3.25.4` --- ### 📝 Commits (1) - [`a3c8030`](https://github.com/ArthurDanjou/website-old/commit/a3c803004993b6f6eed9a935e249d3ad942498bd) fix(deps): bump core-js from 3.23.3 to 3.25.4 ### 📊 Changes **2 files changed** (+5 additions, -5 deletions) <details> <summary>View changed files</summary> 📝 `package.json` (+1 -1) 📝 `yarn.lock` (+4 -4) </details> ### 📄 Description Bumps [core-js](https://github.com/zloirock/core-js) from 3.23.3 to 3.25.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/zloirock/core-js/blob/master/CHANGELOG.md">core-js's changelog</a>.</em></p> <blockquote> <h5><a href="https://github.com/zloirock/core-js/releases/tag/v3.25.4">3.25.4 - 2022.10.03</a></h5> <ul> <li>Added a workaround of a Nashorn bug with <code>Function.prototype.{ call, apply, bind }</code> on string methods, <a href="https://github-redirect.dependabot.com/zloirock/core-js/issues/1128">#1128</a></li> <li>Updated lists of <code>[Serializable]</code> and <code>[Transferable]</code> objects in the <code>structuredClone</code> polyfill. Mainly, for better error messages if polyfilling of cloning such types is impossible</li> <li><code>Array.prototype.{ group, groupToMap }</code> marked as <a href="https://chromestatus.com/feature/5714791975878656">supported from V8 ~ Chromium 108</a></li> <li>Added Electron 22 compat data mapping</li> </ul> <h5><a href="https://github.com/zloirock/core-js/releases/tag/v3.25.3">3.25.3 - 2022.09.26</a></h5> <ul> <li>Forced polyfilling of <code>Array.prototype.groupToMap</code> in the pure version for returning wrapped <code>Map</code> instances</li> <li>Fixed existence of <code>Array.prototype.{ findLast, findLastIndex }</code> in <code>/stage/4</code> entry</li> <li>Added Opera Android 71 compat data mapping</li> <li>Some stylistic changes</li> </ul> <h5><a href="https://github.com/zloirock/core-js/releases/tag/v3.25.2">3.25.2 - 2022.09.19</a></h5> <ul> <li>Considering <code>document.all</code> as a callable in some missed cases</li> <li>Added Safari 16.0 compat data</li> <li>Added iOS Safari 16.0 compat data mapping</li> <li>Fixed some ancient iOS Safari versions compat data mapping</li> </ul> <h5><a href="https://github.com/zloirock/core-js/releases/tag/v3.25.1">3.25.1 - 2022.09.08</a></h5> <ul> <li>Added some fixes and workarounds of FF30- typed arrays bug that does not properly convert objects to numbers</li> <li>Added <code>sideEffects</code> field to <code>core-js-pure</code> <code>package.json</code> for better tree shaking, <a href="https://github-redirect.dependabot.com/zloirock/core-js/issues/1117">#1117</a></li> <li>Dropped <code>semver</code> dependency from <code>core-js-compat</code> <ul> <li><code>semver</code> package (ironically) added <a href="https://github.com/npm/node-semver/commit/d61f828e64260a0a097f26210f5500">a breaking change and dropped NodeJS 8 support in the minor <code>7.1</code> version</a>, after that <code>semver</code> in <code>core-js-compat</code> was pinned to <code>7.0</code> since for avoiding breaking changes it should support NodeJS 8. However, since <code>core-js-compat</code> is usually used with other packages that use <code>semver</code> dependency, it causes multiple duplication of <code>semver</code> in dependencies. So I decided to remove <code>semver</code> dependency and replace it with a couple of simple helpers.</li> </ul> </li> <li>Added Bun 0.1.6-0.1.11 compat data</li> <li>Added Deno 1.25 compat data mapping</li> <li>Updated Electron 21 compat data mapping</li> <li>Some stylistic changes, minor fixes, and improvements</li> </ul> <h5><a href="https://github.com/zloirock/core-js/releases/tag/v3.25.0">3.25.0 - 2022.08.25</a></h5> <ul> <li>Added <a href="https://tc39.es/ecma262/#sec-object.prototype.__proto__"><code>Object.prototype.__proto__</code></a> polyfill <ul> <li>It's optional, legacy, and in some cases (mainly because of developers' mistakes) can cause problems, but <a href="https://github-redirect.dependabot.com/denoland/deno/issues/13321">some libraries depend on it</a>, and most code can't work without the proper libraries' ecosystem</li> <li>Only for modern engines where this feature is missed (like Deno), it's not installed in IE10- since here we have no proper way setting of the prototype</li> <li>Without fixes of early implementations where it's not an accessor since those fixes are impossible</li> <li>Only for the global version</li> </ul> </li> <li>Considering <code>document.all</code> as an object in some missed cases, see <a href="https://tc39.es/ecma262/#sec-IsHTMLDDA-internal-slot">ECMAScript Annex B 3.6</a></li> <li>Avoiding unnecessary promise creation and validation result in <code>%WrapForValid(Async)IteratorPrototype%.return</code>, <a href="https://github-redirect.dependabot.com/tc39/proposal-iterator-helpers/pull/215">proposal-iterator-helpers/215</a></li> <li>Fixed omitting the result of proxing <code>.return</code> in <code>%IteratorHelperPrototype%.return</code>, <a href="https://github-redirect.dependabot.com/zloirock/core-js/issues/1116">#1116</a></li> <li>Fixed the order creation of properties of iteration result object of some iterators (<code>value</code> should be created before <code>done</code>)</li> <li>Fixed some cases of Safari &lt; 13 bug - silent on non-writable array <code>.length</code> setting</li> <li>Fixed <code>ArrayBuffer.length</code> in V8 ~ Chrome 27-</li> <li>Relaxed condition of re-usage native <code>WeakMap</code> for internal states with multiple <code>core-js</code> copies</li> <li>Availability cloning of <code>FileList</code> in the <code>structuredClone</code> polyfill extended to some more old engines versions</li> <li>Some stylistic changes and minor fixes</li> <li>Throwing a <code>TypeError</code> in <code>core-js-compat</code> / <code>core-js-builder</code> in case of passing invalid module names / filters for avoiding unexpected result, related to <a href="https://github-redirect.dependabot.com/zloirock/core-js/issues/1115">#1115</a></li> <li>Added missed NodeJS 13.2 to <code>esmodules</code> <code>core-js-compat</code> / <code>core-js-builder</code> target</li> <li>Added Electron 21 compat data mapping</li> <li>Added Oculus Browser 23.0 compat data mapping</li> </ul> <h5><a href="https://github.com/zloirock/core-js/releases/tag/v3.24.1">3.24.1 - 2022.07.30</a></h5> <ul> <li>NodeJS is ignored in <code>IS_BROWSER</code> detection to avoid a false positive with <code>jsdom</code>, <a href="https://github-redirect.dependabot.com/zloirock/core-js/issues/1110">#1110</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/zloirock/core-js/commit/d59e440f1472cef63579edd511a8ea1ffa474f69"><code>d59e440</code></a> 3.25.4</li> <li><a href="https://github.com/zloirock/core-js/commit/d76041cfe6d914c13d3bebc1dafb24b2b3b4be45"><code>d76041c</code></a> update lists of <code>[Serializable]</code> and <code>[Transferable]</code> objects in the `structu...</li> <li><a href="https://github.com/zloirock/core-js/commit/fd7812ac33079af134fc3269d236195b7b1bd9e3"><code>fd7812a</code></a> some stylistic changes, improve a note</li> <li><a href="https://github.com/zloirock/core-js/commit/afcc1481cd8418ece936e214a2ebc701ab322ed9"><code>afcc148</code></a> update dependencies</li> <li><a href="https://github.com/zloirock/core-js/commit/14364db45bd297fd45117ddc251ddaec51e089c7"><code>14364db</code></a> add Electron 22 compat data mapping</li> <li><a href="https://github.com/zloirock/core-js/commit/3172ef6ef5de45740559d77a83b9ef809c4f8f82"><code>3172ef6</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/zloirock/core-js/issues/1131">#1131</a> from AprilArcus/april/1130</li> <li><a href="https://github.com/zloirock/core-js/commit/8bd85082d4ba8fb62a1a298d5f3973a7de127ba0"><code>8bd8508</code></a> Fix more Nashorn problems</li> <li><a href="https://github.com/zloirock/core-js/commit/44fe613a92ab263cfe86becc3ca8136c41f6fa60"><code>44fe613</code></a> fix <code>no-unused-vars</code> setting</li> <li><a href="https://github.com/zloirock/core-js/commit/9307fb7d50093c756dc63639c6739cfe96ccaa62"><code>9307fb7</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/zloirock/core-js/issues/1129">#1129</a> from AprilArcus/april/1128</li> <li><a href="https://github.com/zloirock/core-js/commit/775f6bac8d26e2be357f64390fe01990a9b44cc1"><code>775f6ba</code></a> some fixes</li> <li>Additional commits viewable in <a href="https://github.com/zloirock/core-js/compare/v3.23.3...v3.25.4">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --- _{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

arthur added the pull-request label 2025-12-01 17:06:46 +01:00

arthur closed this issue 2025-12-01 17:06:46 +01:00

arthur referenced this issue 2025-12-01 17:06:53 +01:00

[PR #328] chore(deps-dev): bump nuxt-windicss from 2.4.2 to 2.5.4 #347

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

master

dependabot/npm_and_yarn/nuxtjs/sentry-7.1.4

dependabot/npm_and_yarn/core-js-3.29.0

dependabot/npm_and_yarn/sass-1.58.3

dependabot/npm_and_yarn/nuxt/content-2.4.3

dependabot/npm_and_yarn/nuxtjs/i18n-7.3.1

dependabot/npm_and_yarn/nuxt-windicss-2.6.0

dependabot/npm_and_yarn/nuxtjs/color-mode-3.2.0

dependabot/npm_and_yarn/sass-loader-13.2.0

dependabot/npm_and_yarn/markdown-it-prism-2.3.0

dependabot/npm_and_yarn/nuxtjs/composition-api-0.33.1

v3

dev

No results found.

Labels

Clear labels

pull-request

Mirrored from GitHub Pull Request

No Label pull-request

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

arthur

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: arthur/website-old#328