Security News
Introducing the Socket Python SDK
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
core-js-pure
Advanced tools
The core-js-pure package is a version of core-js that doesn't pollute the global namespace. It provides polyfills for ECMAScript features, including promises, symbols, collections, iterators, typed arrays, and many other features that are part of the ECMAScript specification but may not be available in all JavaScript environments.
Polyfilling Promises
This code sample demonstrates how to polyfill Promises using core-js-pure. It allows you to use Promises in environments where they are not natively supported.
import 'core-js-pure/stable/promise';
const promise = Promise.resolve(42);
promise.then(value => console.log(value));
Polyfilling Array methods
This code sample shows how to polyfill Array.prototype.find method. It enables the use of this method in environments where it is not part of the Array prototype.
import 'core-js-pure/stable/array/find';
const array = [1, 2, 3];
const found = array.find(item => item > 1);
console.log(found); // 2
Polyfilling Object static methods
This code sample illustrates how to polyfill Object.assign method. It allows the merging of multiple source objects into a target object in environments that do not support this method natively.
import 'core-js-pure/stable/object/assign';
const target = { a: 1 };
const source = { b: 2 };
const returnedTarget = Object.assign(target, source);
console.log(returnedTarget); // { a: 1, b: 2 }
Polyfilling String methods
This code sample demonstrates how to polyfill String.prototype.includes method. It provides a way to check if one string may be found within another string, returning true or false as appropriate.
import 'core-js-pure/stable/string/includes';
const string = 'hello world';
const includesHello = string.includes('hello');
console.log(includesHello); // true
Babel-polyfill is a package that includes core-js and a custom regenerator runtime to emulate a full ES2015+ environment. It's similar to core-js-pure but is more tightly coupled with Babel's transpilation process.
The es6-shim package provides polyfills for many new JavaScript features introduced in ES5 and ES6. It is similar to core-js-pure but does not offer as modular an approach, and it may include shims for features that are not strictly polyfills.
The polyfill-service (also known as polyfill.io) is a service that provides polyfills based on the user's browser user-agent. Unlike core-js-pure, it is a service rather than a package you include in your code, and it dynamically serves only the polyfills needed by the browser.
Modular standard library for JavaScript. Includes polyfills for ECMAScript up to 2023: promises, symbols, collections, iterators, typed arrays, many other features, ECMAScript proposals, some cross-platform WHATWG / W3C features and proposals like
URL
. You can load only required features or use it without global namespace pollution.
core-js
isn't backed by a company, so the future of this project depends on you. Become a sponsor or a backer if you are interested in core-js
: Open Collective, Patreon, Boosty, Bitcoin ( bc1qlea7544qtsmj2rayg0lthvza9fau63ux0fstcz ), Alipay.
import 'core-js/actual';
Promise.resolve(42).then(it => console.log(it)); // => 42
Array.from(new Set([1, 2, 3]).union(new Set([3, 4, 5]))); // => [1, 2, 3, 4, 5]
[1, 2].flatMap(it => [it, it]); // => [1, 1, 2, 2]
(function * (i) { while (true) yield i++; })(1)
.drop(1).take(5)
.filter(it => it % 2)
.map(it => it ** 2)
.toArray(); // => [9, 25]
structuredClone(new Set([1, 2, 3])); // => new Set([1, 2, 3])
You can load only required features:
import 'core-js/actual/promise';
import 'core-js/actual/set';
import 'core-js/actual/iterator';
import 'core-js/actual/array/from';
import 'core-js/actual/array/flat-map';
import 'core-js/actual/structured-clone';
Promise.resolve(42).then(it => console.log(it)); // => 42
Array.from(new Set([1, 2, 3]).union(new Set([3, 4, 5]))); // => [1, 2, 3, 4, 5]
[1, 2].flatMap(it => [it, it]); // => [1, 1, 2, 2]
(function * (i) { while (true) yield i++; })(1)
.drop(1).take(5)
.filter(it => it % 2)
.map(it => it ** 2)
.toArray(); // => [9, 25]
structuredClone(new Set([1, 2, 3])); // => new Set([1, 2, 3])
Or use it without global namespace pollution:
import Promise from 'core-js-pure/actual/promise';
import Set from 'core-js-pure/actual/set';
import Iterator from 'core-js-pure/actual/iterator';
import from from 'core-js-pure/actual/array/from';
import flatMap from 'core-js-pure/actual/array/flat-map';
import structuredClone from 'core-js-pure/actual/structured-clone';
Promise.resolve(42).then(it => console.log(it)); // => 42
from(new Set([1, 2, 3]).union(new Set([3, 4, 5]))); // => [1, 2, 3, 4, 5]
flatMap([1, 2], it => [it, it]); // => [1, 1, 2, 2]
Iterator.from(function * (i) { while (true) yield i++; }(1))
.drop(1).take(5)
.filter(it => it % 2)
.map(it => it ** 2)
.toArray(); // => [9, 25]
structuredClone(new Set([1, 2, 3])); // => new Set([1, 2, 3])
It's a version without global namespace pollution (the third example), for more info see core-js
documentation.
RegExp.escape
proposal:
RegExp.escape
/actual/
namespace entries, unconditional forced replacement changed to feature detectionPromise.try
proposal:
Promise.try
/actual/
namespace entries, unconditional forced replacement changed to feature detectionUint8Array
to / from base64 and hex stage 3 proposal:
Uint8Array.fromBase64
Uint8Array.fromHex
Uint8Array.prototype.setFromBase64
Uint8Array.prototype.setFromHex
Uint8Array.prototype.toBase64
Uint8Array.prototype.toHex
Uint8Array.prototype.{ setFromBase64, setFromHex }
methodsUint8Array.fromBase64
and Uint8Array.prototype.setFromBase64
lastChunkHandling
option, proposal-arraybuffer-base64/33Uint8Array.prototype.toBase64
omitPadding
option, proposal-arraybuffer-base64/60TypeError
on arrays backed by detached buffersRegExp
named capture groups polyfill in combination with non-capturing groups, #1352, thanks @Ulopprocess.getBuiltinModule
for getting built-in NodeJS modules where it's availablehttps
instead of http
in URL
constructor feature detection to avoid extra notifications from some overly vigilant security scanners, #1345browserslist
in core-js-compat
dependencies that fixes an upstream issue with incorrect interpretation of some browserslist
queries, #1344, browserslist/829, browserslist/836Object.groupBy
and Map.groupBy
to work for non-objectsRangeError
if Set
methods are called on an object with negative size propertySet.prototype.symmetricDifference
to call this.has
in each iterationArray.fromAsync
to not call the Array
constructor twiceURL.parse
Math.f16round
and DataView.prototype.{ getFloat16, setFloat16 }
marked as shipped from FF129Symbol.asyncDispose
added and marked as supported from V8 ~ Chromium 127Promise.try
added and marked as supported from V8 ~ Chromium 128self
descriptor is broken in Deno 1.45.3 (again)FAQs
Standard library
The npm package core-js-pure receives a total of 9,555,484 weekly downloads. As such, core-js-pure popularity was classified as popular.
We found that core-js-pure demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
Security News
Floating dependency ranges in npm can introduce instability and security risks into your project by allowing unverified or incompatible versions to be installed automatically, leading to unpredictable behavior and potential conflicts.
Security News
A new Rust RFC proposes "Trusted Publishing" for Crates.io, introducing short-lived access tokens via OIDC to improve security and reduce risks associated with long-lived API tokens.