build(deps): bump core-js from 3.37.1 to 3.38.0

[dependabot]

Bumps core-js from 3.37.1 to 3.38.0.

Changelog

Sourced from core-js's changelog.

3.38.0 - 2024.08.05

• Changes v3.37.1...v3.38.0
• RegExp.escape proposal:
  • Built-ins:
    • RegExp.escape
  • Moved to stage 3, June 2024 and July 2024 TC39 meetings
  • Updated the way of escaping, regex-escaping/77
  • Throw an error on non-strings, regex-escaping/58
  • Added /actual/ namespace entries, unconditional forced replacement changed to feature detection
• Promise.try proposal:
  • Built-ins:
    • Promise.try
  • Moved to stage 3, June 2024 TC39 meeting
  • Added /actual/ namespace entries, unconditional forced replacement changed to feature detection
• Uint8Array to / from base64 and hex stage 3 proposal:
  • Built-ins:
    • Uint8Array.fromBase64
    • Uint8Array.fromHex
    • Uint8Array.prototype.setFromBase64
    • Uint8Array.prototype.setFromHex
    • Uint8Array.prototype.toBase64
    • Uint8Array.prototype.toHex
  • Added Uint8Array.prototype.{ setFromBase64, setFromHex } methods
  • Added Uint8Array.fromBase64 and Uint8Array.prototype.setFromBase64 lastChunkHandling option, proposal-arraybuffer-base64/33
  • Added Uint8Array.prototype.toBase64 omitPadding option, proposal-arraybuffer-base64/60
  • Added throwing a TypeError on arrays backed by detached buffers
  • Unconditional forced replacement changed to feature detection
• Fixed RegExp named capture groups polyfill in combination with non-capturing groups, #1352, thanks @​Ulop
• Improved some cases of environment detection
• Uses process.getBuiltinModule for getting built-in NodeJS modules where it's available
• Uses https instead of http in URL constructor feature detection to avoid extra notifications from some overly vigilant security scanners, #1345
• Some minor optimizations
• Updated browserslist in core-js-compat dependencies that fixes an upstream issue with incorrect interpretation of some browserslist queries, #1344, browserslist/829, browserslist/836
• Compat data improvements:
  • Added Safari 18.0 compat data:
    • Fixed Object.groupBy and Map.groupBy to work for non-objects
    • Fixed throwing a RangeError if Set methods are called on an object with negative size property
    • Fixed Set.prototype.symmetricDifference to call this.has in each iteration
    • Fixed Array.fromAsync to not call the Array constructor twice
    • Added URL.parse
  • Math.f16round and DataView.prototype.{ getFloat16, setFloat16 } marked as shipped from FF129
  • Symbol.asyncDispose added and marked as supported from V8 ~ Chromium 127
  • Promise.try added and marked as supported from V8 ~ Chromium 128
  • Added Deno 1.44 and 1.45 compat data mapping
  • self descriptor is broken in Deno 1.45.3 (again)
  • Added Electron 32 and 33 compat data mapping
  • Added Opera Android 83 compat data mapping
  • Added Samsung Internet 27 compat data mapping
  • Added Oculus Quest Browser 34 compat data mapping

Commits

• 4a322bf v3.38.0
• 9408792 replace a regex with a simple comparison
• 0595aaf simplify a regex
• 269890f replace a regex with conditions
• 4ce7d0c add Uint8Array.prototype.setFromBase64 and lastChunkHandling option
• 8b10ea8 add feature detection to Promise.try
• 19b1a68 add feature detection to RegExp.escape
• 5b2874c move RegExp.escape to stage 3
• 6250ccb rename internals/global -> internals/global-this
• 25b5716 improve some cases of environment detection
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/core-js@3.38.0	None	0	1.24 MB	zloirock

🚮 Removed packages: npm/core-js@3.37.1

View full report↗︎

[relativeci]

#11299 Bundle Size — 366.46KiB (0%).

162930b(current) vs 4604900 master#11285(baseline)

Warning

Bundle contains 2 duplicate packages – View duplicate packages

Bundle metrics  no changes

	Current #11299	Baseline #11285
Initial JS	323.81KiB	323.81KiB
Initial CSS	42.65KiB	42.65KiB
Cache Invalidation	0%	39.01%
Chunks	3	3
Assets	4	4
Modules	668	668
Duplicate Modules	0	0
Duplicate Code	0%	0%
Packages	36	36
Duplicate Packages	1	1

Bundle size by type  no changes

	Current #11299	Baseline #11285
JS	323.81KiB	323.81KiB
CSS	42.65KiB	42.65KiB

---

Bundle analysis report Branch dependabot/npm_and_yarn/master/c... Project dashboard