[Snyk] Upgrade: react, react-dom, chalk, codemirror, deep-equal, dompurify, dugite, event-kit, focus-trap-react, fs-admin, fs-extra, keytar, marked, moment, mri, p-limit, primer-support, react-transition-group, react-virtualized, registry-js, source-map-support, textarea-caret, tslib, untildify, uuid, winston #29
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade multiple dependencies.
👯 The following dependencies are linked and will therefore be updated together.ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
react
from 16.8.4 to 16.14.0 | 13 versions ahead of your current version | 4 years ago
on 2020-10-14
react-dom
from 16.8.4 to 16.14.0 | 13 versions ahead of your current version | 4 years ago
on 2020-10-14
chalk
from 2.3.0 to 2.4.2 | 5 versions ahead of your current version | 6 years ago
on 2019-01-05
codemirror
from 5.60.0 to 5.65.17 | 29 versions ahead of your current version | 2 months ago
on 2024-07-20
deep-equal
from 1.0.1 to 1.1.2 | 3 versions ahead of your current version | 10 months ago
on 2023-11-09
dompurify
from 2.3.3 to 2.5.6 | 26 versions ahead of your current version | 2 months ago
on 2024-07-05
dugite
from 1.104.0 to 1.110.0 | 6 versions ahead of your current version | 2 years ago
on 2022-07-12
event-kit
from 2.4.0 to 2.5.3 | 4 versions ahead of your current version | 6 years ago
on 2018-11-14
focus-trap-react
from 8.1.0 to 8.11.3 | 24 versions ahead of your current version | 2 years ago
on 2022-06-09
fs-admin
from 0.19.0 to 0.20.0 | 1 version ahead of your current version | 3 years ago
on 2022-02-10
fs-extra
from 9.0.1 to 9.1.0 | 1 version ahead of your current version | 4 years ago
on 2021-01-19
keytar
from 7.7.0 to 7.9.0 | 2 versions ahead of your current version | 3 years ago
on 2022-02-17
marked
from 3.0.7 to 3.0.8 | 1 version ahead of your current version | 3 years ago
on 2021-10-24
moment
from 2.24.0 to 2.30.1 | 14 versions ahead of your current version | 9 months ago
on 2023-12-27
mri
from 1.1.0 to 1.2.0 | 7 versions ahead of your current version | 3 years ago
on 2021-09-12
p-limit
from 2.2.0 to 2.3.0 | 3 versions ahead of your current version | 4 years ago
on 2020-04-05
primer-support
from 4.3.0 to 4.7.2 | 482 versions ahead of your current version | 6 years ago
on 2019-01-11
react-transition-group
from 4.4.1 to 4.4.5 | 4 versions ahead of your current version | 2 years ago
on 2022-08-01
react-virtualized
from 9.20.0 to 9.22.5 | 10 versions ahead of your current version | a year ago
on 2023-04-17
registry-js
from 1.15.0 to 1.16.0 | 2 versions ahead of your current version | 7 months ago
on 2024-03-01
source-map-support
from 0.4.18 to 0.5.21 | 22 versions ahead of your current version | 3 years ago
on 2021-11-19
textarea-caret
from 3.0.2 to 3.1.0 | 1 version ahead of your current version | 7 years ago
on 2018-02-20
tslib
from 2.0.0 to 2.7.0 | 18 versions ahead of your current version | a month ago
on 2024-08-23
untildify
from 3.0.2 to 3.0.3 | 1 version ahead of your current version | 6 years ago
on 2018-05-19
uuid
from 3.1.0 to 3.4.0 | 6 versions ahead of your current version | 5 years ago
on 2020-01-16
winston
from 2.3.1 to 2.4.7 | 8 versions ahead of your current version | 2 years ago
on 2022-11-15
Issues fixed by the recommended upgrade:
SNYK-JS-DOMPURIFY-7984421
SNYK-JS-MOMENT-2440688
SNYK-JS-MOMENT-2944238
SNYK-JS-DOMPURIFY-6474511
SNYK-JS-NODEFETCH-2342118
SNYK-JS-NODEFETCH-674311
Release notes
Package name: react
React
React DOM
componentWillReceiveProps
,shouldComponentUpdate
, and so on). (@ gaearon in #18330)Artifacts
React
React.createFactory()
(@ trueadm in #17878)React DOM
style
may cause an unexpected collision (@ sophiebits in #14181, #18002)unstable_createPortal
(@ trueadm in #17880)onMouseEnter
being fired on disabled buttons (@ AlfredoGJ in #17675)shouldComponentUpdate
twice when developing inStrictMode
(@ bvaughn in #17942)version
property to ReactDOM (@ ealush in #15780)toString()
ofdangerouslySetInnerHTML
(@ sebmarkbage in #17773)Concurrent Mode (Experimental)
ReactDOM.createRoot()
(@ trueadm in #17937)ReactDOM.createRoot()
callback params and added warnings on usage (@ bvaughn in #17916)SuspenseList
CPU bound heuristic (@ sebmarkbage in #17455)isPending
only being true when transitioning from inside an input event (@ acdlite in #17382)React.memo
components dropping updates when interrupted by a higher priority update (@ acdlite in #18091)Artifacts
React DOM
useEffect
) not being fired in a multi-root app. (@ acdlite in #17347)React Is
lazy
andmemo
types considered elements instead of components (@ bvaughn in #17278)Artifacts
• react: https://unpkg.com/react@16.12.0/umd/
• react-art: https://unpkg.com/react-art@16.12.0/umd/
• react-dom: https://unpkg.com/react-dom@16.12.0/umd/
• react-is: https://unpkg.com/react-is@16.12.0/umd/
• react-test-renderer: https://unpkg.com/react-test-renderer@16.12.0/umd/
• scheduler: https://unpkg.com/scheduler@0.18.0/umd/
Package name: react-dom
React
React DOM
componentWillReceiveProps
,shouldComponentUpdate
, and so on). (@ gaearon in #18330)Artifacts
React
React.createFactory()
(@ trueadm in #17878)React DOM
style
may cause an unexpected collision (@ sophiebits in #14181, #18002)unstable_createPortal
(@ trueadm in #17880)onMouseEnter
being fired on disabled buttons (@ AlfredoGJ in #17675)shouldComponentUpdate
twice when developing inStrictMode
(@ bvaughn in #17942)version
property to ReactDOM (@ ealush in #15780)toString()
ofdangerouslySetInnerHTML
(@ sebmarkbage in #17773)Concurrent Mode (Experimental)
ReactDOM.createRoot()
(@ trueadm in #17937)ReactDOM.createRoot()
callback params and added warnings on usage (@ bvaughn in #17916)SuspenseList
CPU bound heuristic (@ sebmarkbage in #17455)isPending
only being true when transitioning from inside an input event (@ acdlite in #17382)React.memo
components dropping updates when interrupted by a higher priority update (@ acdlite in #18091)Artifacts
React DOM
useEffect
) not being fired in a multi-root app. (@ acdlite in #17347)React Is
lazy
andmemo
types considered elements instead of components (@ bvaughn in #17278)Artifacts
• react: https://unpkg.com/react@16.12.0/umd/
• react-art: https://unpkg.com/react-art@16.12.0/umd/
• react-dom: https://unpkg.com/react-dom@16.12.0/umd/
• react-is: https://unpkg.com/react-is@16.12.0/umd/
• react-test-renderer: https://unpkg.com/react-test-renderer@16.12.0/umd/
• scheduler: https://unpkg.com/scheduler@0.18.0/umd/
Package name: chalk
This release is done from the
v2-release
branch, asmaster
branch targets the work-in-progress v3 release.v2.4.0...v2.4.1
v2.3.2...v2.4.0
chalk.ansi256
when in a terminal with 256-color level support. chalk/ansi-styles@1ac7472v2.3.1...v2.3.2
level
when forcing color. chalk/supports-color@b16e9a4v2.3.0...v2.3.1
.visible()
method for emitting text only when Chalk is enabled. This can be useful for purely cosmetic content that shouldn't be shown when there are no colors, like when piping the output. dc092b4v2.2.0...v2.3.0
Package name: codemirror
Package name: deep-equal
v1.1.2
Package name: dompurify
bower.js
, thanks @ HakumenNCisNaN
checks affecting MSIE, thanks @ tulachPackage name: dugite
Updates Git to 2.35.4 and G4W to 2.35.4.windows.1.
Also updates the unsafe directory error as it changed with this update and adds error handling for path exists but not in the ref.
Updates Git LFS to 3.1.4
Bumps dugite-native in order to bump Git 2.35.2
This fixes several patterns for errors which have changed subtly in between 2.32 and 2.35 - #469
Bumps dugite-native in order to get Git 2.35.2 and Git LFS 3.1.2 - #468
Bumps dugite-native to 2.32.1 in order to bump git to 2.32.1 and g4w to 2.32.1.windows.1
Package name: event-kit
2.5.3
2.5.2
2.5.1
2.4.0
Package name: focus-trap-react
Patch Changes
Patch Changes
Patch Changes
displayCheck=full
(default) option behavior that caused issues with detached nodes.Minor Changes
Patch Changes
clickOutsideDeactivates
is true or returns true.Minor Changes
focusTrapOptions.tabbableOptions
configuration option.Patch Changes
tabindex
.Patch Changes
Minor Changes
active=false
until you have thefocusTrapOptions
set correctly. #539Patch Changes
focusTrapOptions.document
option. #539Patch Changes
preventScroll
option on deactivation if returning focus.Patch Changes
document
object (#482)Package name: fs-admin
No content.
Infrastructure
dependencies
updatesprebuild-install
from6.0.1
to6.1.1
devDependencies
updatesnode-gyp
from7.1.2
to8.0.0
Package name: fs-extra
9.1.0
9.0.1
Package name: keytar
Infrastructure
devDependencies
updatesprebuild
from11.0.2
to11.0.3
Infrastructure
Fixed
NULL
filter finding credentials on Windows - #426, thanks @ sbatten!dependencies
updatesprebuild-install
from6.0.1
to7.0.1
node-addon-api
from3.1.0
to4.3.0
lodash
from4.17.19
to4.17.21
devDependencies
updatesnode-gyp
from7.1.2
to8.4.1
chai
from4.3.4
to4.3.6
mocha
from8.3.2
to9.2.0
Infrastructure
Package name: marked
3.0.8 (2021-10-24)
Bug Fixes
3.0.7 (2021-10-07)
Bug Fixes
Package name: moment
2.30.1
2.30.0
2.29.4
2.29.3
2.29.2
2.29.1
2....