[Snyk] Upgrade: , , , react, react-dom, bootstrap, firebase, react-bootstrap, react-redux, react-router, react-router-dom, react-scripts, redux, uuidv4 #3
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Snyk has created this PR to upgrade:
- @fortawesome/fontawesome-svg-core from 1.2.30 to 1.2.36.
See this package in npm: https://www.npmjs.com/package/@fortawesome/fontawesome-svg-core
- @fortawesome/free-solid-svg-icons from 5.14.0 to 5.15.4.
See this package in npm: https://www.npmjs.com/package/@fortawesome/free-solid-svg-icons
- @fortawesome/react-fontawesome from 0.1.11 to 0.2.2.
See this package in npm: https://www.npmjs.com/package/@fortawesome/react-fontawesome
- react from 16.13.1 to 16.14.0.
See this package in npm: https://www.npmjs.com/package/react
- react-dom from 16.13.1 to 16.14.0.
See this package in npm: https://www.npmjs.com/package/react-dom
- bootstrap from 4.5.0 to 4.6.2.
See this package in npm: https://www.npmjs.com/package/bootstrap
- firebase from 7.16.0 to 7.24.0.
See this package in npm: https://www.npmjs.com/package/firebase
- react-bootstrap from 1.2.2 to 1.6.8.
See this package in npm: https://www.npmjs.com/package/react-bootstrap
- react-redux from 7.2.0 to 7.2.9.
See this package in npm: https://www.npmjs.com/package/react-redux
- react-router from 5.2.0 to 5.3.4.
See this package in npm: https://www.npmjs.com/package/react-router
- react-router-dom from 5.2.0 to 5.3.4.
See this package in npm: https://www.npmjs.com/package/react-router-dom
- react-scripts from 3.4.1 to 3.4.4.
See this package in npm: https://www.npmjs.com/package/react-scripts
- redux from 4.0.5 to 4.2.1.
See this package in npm: https://www.npmjs.com/package/redux
- uuidv4 from 6.2.0 to 6.2.13.
See this package in npm: https://www.npmjs.com/package/uuidv4
See this project in Snyk:
https://app.snyk.io/org/junaid51/project/c39db807-a184-4f5b-ab58-05ffc6c3b3c5?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade multiple dependencies.
👯 The following dependencies are linked and will therefore be updated together.ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
@fortawesome/fontawesome-svg-core
from 1.2.30 to 1.2.36 | 5 versions ahead of your current version | 3 years ago
on 2021-08-04
@fortawesome/free-solid-svg-icons
from 5.14.0 to 5.15.4 | 5 versions ahead of your current version | 3 years ago
on 2021-08-04
@fortawesome/react-fontawesome
from 0.1.11 to 0.2.2 | 11 versions ahead of your current version | 4 months ago
on 2024-05-22
react
from 16.13.1 to 16.14.0 | 1 version ahead of your current version | 4 years ago
on 2020-10-14
react-dom
from 16.13.1 to 16.14.0 | 1 version ahead of your current version | 4 years ago
on 2020-10-14
bootstrap
from 4.5.0 to 4.6.2 | 6 versions ahead of your current version | 2 years ago
on 2022-07-19
firebase
from 7.16.0 to 7.24.0 | 250 versions ahead of your current version | 4 years ago
on 2020-10-15
react-bootstrap
from 1.2.2 to 1.6.8 | 17 versions ahead of your current version | 9 months ago
on 2023-12-22
react-redux
from 7.2.0 to 7.2.9 | 9 versions ahead of your current version | 2 years ago
on 2022-09-23
react-router
from 5.2.0 to 5.3.4 | 5 versions ahead of your current version | 2 years ago
on 2022-10-02
react-router-dom
from 5.2.0 to 5.3.4 | 6 versions ahead of your current version | 2 years ago
on 2022-10-02
react-scripts
from 3.4.1 to 3.4.4 | 3 versions ahead of your current version | 4 years ago
on 2020-10-20
redux
from 4.0.5 to 4.2.1 | 7 versions ahead of your current version | 2 years ago
on 2023-01-28
uuidv4
from 6.2.0 to 6.2.13 | 13 versions ahead of your current version | 2 years ago
on 2022-03-25
Issues fixed by the recommended upgrade:
SNYK-JS-NODEFORGE-598677
SNYK-JS-OBJECTPATH-1017036
SNYK-JS-OBJECTPATH-1585658
SNYK-JS-SERIALIZEJAVASCRIPT-570062
SNYK-JS-FOLLOWREDIRECTS-6141137
SNYK-JS-LODASH-1040724
SNYK-JS-LODASH-567746
SNYK-JS-LODASHES-2434283
SNYK-JS-LODASHES-2434284
SNYK-JS-LODASHES-2434285
SNYK-JS-DNSPACKET-1293563
SNYK-JS-ES5EXT-6095076
SNYK-JS-ASYNC-2441827
SNYK-JS-BODYPARSER-7926860
SNYK-JS-GRPCGRPCJS-1038818
SNYK-JS-IP-6240864
SNYK-JS-PROTOBUFJS-5756498
SNYK-JS-URLPARSE-2407770
SNYK-JS-PROTOBUFJS-2441248
SNYK-JS-OBJECTPATH-1569453
SNYK-JS-NODEFETCH-674311
SNYK-JS-LODASH-1018905
SNYK-JS-EVENTSOURCE-2823375
SNYK-JS-EXPRESS-6474509
SNYK-JS-EXPRESS-7926867
SNYK-JS-FOLLOWREDIRECTS-2332181
SNYK-JS-FOLLOWREDIRECTS-6444610
SNYK-JS-GRPCGRPCJS-7242922
SNYK-JS-LODASHES-2434289
SNYK-JS-URLPARSE-1078283
SNYK-JS-URLPARSE-1533425
SNYK-JS-URLPARSE-2401205
SNYK-JS-URLPARSE-2407759
SNYK-JS-URLPARSE-2412697
SNYK-JS-SOCKJS-575261
SNYK-JS-YARGSPARSER-560381
SNYK-JS-SEND-7926862
SNYK-JS-MINIMIST-2429795
SNYK-JS-FOLLOWREDIRECTS-2396346
SNYK-JS-SERVESTATIC-7926865
Release notes
Package name: @fortawesome/fontawesome-svg-core
-
1.2.36 - 2021-08-04
-
1.2.35 - 2021-03-16
-
1.2.34 - 2021-01-13
-
1.2.32 - 2020-10-05
-
1.2.31 - 2020-09-29
-
1.2.30 - 2020-07-15
from @fortawesome/fontawesome-svg-core GitHub release notesPackage name: @fortawesome/free-solid-svg-icons
-
5.15.4 - 2021-08-04
-
5.15.3 - 2021-03-16
-
5.15.2 - 2021-01-13
-
5.15.1 - 2020-10-05
-
5.15.0 - 2020-09-29
-
5.14.0 - 2020-07-15
from @fortawesome/free-solid-svg-icons GitHub release notesPackage name: @fortawesome/react-fontawesome
-
0.2.2 - 2024-05-22
- Props with nullable/undefined values no longer throw an error #562 #560
-
0.2.1 - 2024-05-16
- Remove defaultProps to be compatible with React 19
-
0.2.0 - 2022-06-29
- Support for React forwardRef if using React >= 16.3
-
0.1.19 - 2022-06-29
- Added missing beatFade, spinPulse, and spinReverse animations
-
0.1.18 - 2022-03-16
- Animations bounce, shake, fade, and beat-fade
- Property maskId and titleId to allow consistent rendering on client and server
- Peer dependencies now include major version 6
-
0.1.17 - 2022-01-28
- New v6 sizes and animations
-
0.1.16 - 2021-10-18
- Include 1.3.0-beta versions in peer dependencies
-
0.1.15 - 2021-08-03
- Skip parse.icon if the icon is imported directly from an icon package
-
0.1.14 - 2020-12-22
- Support for the new parse.icon function from the Font Awesome version 6 @ fortawesome/fontawesome-svg-core
-
0.1.13 - 2020-11-23
- Update forwardRef Typescript definition #396
-
0.1.12 - 2020-10-26
-
0.1.11 - 2020-06-16
from @fortawesome/react-fontawesome GitHub release notesFixed
Changed
Added
Fixed
Added
Changed
Added
Fixed
Fixed
Added
Fixed
Package name: react
-
16.14.0 - 2020-10-14
- Add support for the new JSX transform. (@ lunaruan in #18299)
-
16.13.1 - 2020-03-19
- Fix bug in legacy mode Suspense where effect clean-up functions are not fired. This only affects users who use Suspense for data fetching in legacy mode, which is not technically supported. (@ acdlite in #18238)
- Revert warning for cross-component updates that happen inside class render lifecycles (
- react: https://unpkg.com/react@16.13.1/umd/
- react-art: https://unpkg.com/react-art@16.13.1/umd/
- react-dom: https://unpkg.com/react-dom@16.13.1/umd/
- react-is: https://unpkg.com/react-is@16.13.1/umd/
- react-test-renderer: https://unpkg.com/react-test-renderer@16.13.1/umd/
- scheduler: https://unpkg.com/scheduler@0.19.1/umd/
from react GitHub release notesReact
React DOM
componentWillReceiveProps,shouldComponentUpdate, and so on). (@ gaearon in #18330)Artifacts
Package name: react-dom
-
16.14.0 - 2020-10-14
- Add support for the new JSX transform. (@ lunaruan in #18299)
-
16.13.1 - 2020-03-19
- Fix bug in legacy mode Suspense where effect clean-up functions are not fired. This only affects users who use Suspense for data fetching in legacy mode, which is not technically supported. (@ acdlite in #18238)
- Revert warning for cross-component updates that happen inside class render lifecycles (
- react: https://unpkg.com/react@16.13.1/umd/
- react-art: https://unpkg.com/react-art@16.13.1/umd/
- react-dom: https://unpkg.com/react-dom@16.13.1/umd/
- react-is: https://unpkg.com/react-is@16.13.1/umd/
- react-test-renderer: https://unpkg.com/react-test-renderer@16.13.1/umd/
- scheduler: https://unpkg.com/scheduler@0.19.1/umd/
from react-dom GitHub release notesReact
React DOM
componentWillReceiveProps,shouldComponentUpdate, and so on). (@ gaearon in #18330)Artifacts
Package name: bootstrap
-
4.6.2 - 2022-07-19
- Added an example to our Collapse plugin docs to show how to use horizontal collapsing. This has long been possible via our JS, but we never had an official class to utilize it.
- We've replaced the deprecated
- Tweaked the size of
- Improved accessibility around our dropdowns, color contrast, and
- Fixed some broken links to supporting documentation.
- Updated dependencies across the board.
- Removed blurred background reference from the Toast Docs. by @ pricop in #35190
- Update links to CCA, MQ5 prefers-reduced-motion, evergreen WCAG urls, more resources by @ patrickhlauke in #35427
- v4-dev backports and updates by @ XhmikosR in #35482
- Backport #35556 by @ julien-deramond in #35558
- Tweak toast docs by @ patrickhlauke in #35633
- v4-dev backports and updates by @ XhmikosR in #35642
- Doc: Reorder alphabetically lists of components by @ julien-deramond in #36128
- Updated the small-font-size to use a round value by @ pricop in #36172
- v4 dev backports and updates by @ XhmikosR in #35767
- _custom-forms.scss: fix order of attributes by @ twin-elements in #36231
- Replace the deprecated
- [v4] Doc: remove
- Dynamic tabs: use buttons rather than links (backport to v4) by @ patrickhlauke in #33163
- v4 dev updates by @ XhmikosR in #36430
- Fix closing HTML tag in navs docs by @ julien-deramond in #36466
- v4: Horizontal collapse by @ mdo in #36434
- Fixing tabs' tests v4 by @ louismaximepiton in #36485
- Docs: fix some ARIA Authoring Practices Guides broken links by @ julien-deramond in #36490
- v4 - Remove confusing unnecessary id/aria-labelledby for dropdown menus by @ patrickhlauke in #36491
- v4 Docs: outdated ARIA/PF link, expand contrast explanation in
- v4: Improve accessible name of version dropdown in docs navbar by @ patrickhlauke in #36504
- Update devDependencies by @ XhmikosR in #36522
- Docs: update clipboard.js to v2.0.11 by @ julien-deramond in #36631
- Update devDependencies by @ XhmikosR in #36724
- v4: Add Fathom by @ mdo in #36727
- Docs: Capitalize Unicode by @ julien-deramond in #36735
- Release v4.6.2 by @ XhmikosR in #36725
- @ twin-elements made their first contribution in #36231
- @ AdrianCurtin made their first contribution in #36283
-
4.6.1 - 2021-10-28
- Replace Sass division with multiplication and custom
- Update RFS to v8.1.0 by @ XhmikosR in #34571
- fix(forms): input-group and validation icons by @ ffoodd in #32968
- Fix minor visual bug in Firefox caused by
- Adjust
- Add
- Adjust feedback icon position and padding for
- Carousel: use buttons, not links, for prev/next controls by @ patrickhlauke in #33165
- v4: Sass docs for default variables by @ mdo in #33392
- Handle complex expressions in
- More concise improvements for
- Remove
- Dropdown: support
- Update Node versions in JS tests (drop Node 10, add Node 16), update docs JS assets and add variables for
- Replace Freenode with Libera IRC server by @ midzer #34050
- Fix repetition in the Navbar docs description by @ coliff in #34208
- Enable
- Remove print
- Fix prevented
- Input group validation with custom-file input by @ ffoodd in #33239
- Add eslint-plugin-qunit and tighten JS tests by @ XhmikosR in #32270
- Update our tests to Node 16 and npm 8 by @ XhmikosR in #35142
- Disabled link cleanup by @ patrickhlauke in #34924
- Updated our devDependencies including terser; also enabled two passes for terser by @ XhmikosR
-
4.6.0 - 2021-01-19
-
4.5.3 - 2020-10-13
-
4.5.2 - 2020-08-06
-
4.5.1 - 2020-08-04
-
4.5.0 - 2020-05-12
from bootstrap GitHub release notesHighlights
color-adjustwithprint-color-adjustin our Sass files as part of the Autoprefixer v10.4.6 issues. This should quiet the issues folks have seen from that dependency change. If you're using our distribution CSS files, likebootstrap.min.css, you may still see the warning.smalland.smallto compute to a whole pixel value (was12.8pxand now is14px).roleattributes.What's Changed
color-adjustwithprint-color-adjustby @ AdrianCurtin in #36283role="group"from some split drop* buttons by @ julien-deramond in #36254accessibility.mdby @ patrickhlauke in #36492New Contributors
Full Changelog: v4.6.1...v4.6.2
What's changed
divide()function by @ mdo in #34571moz-focusringby @ kremit in #32821SAFE_URL_PATTERNregex for use with test method of regexes by @ nikonthethird in #33153smsin theSAFE_URL_PATTERNfor sanitizer by @ XhmikosR in #35074select.form-controlby @ mdo in #33206add()&subtract()by @ ffoodd in #34047add()andsubtract()by @ ffoodd in #34432aria-haspopupfrom dropdowns by @ patrickhlauke in #33624.dropdown-itemwrapped in<li>tags by @ cpsievert in #33649vertical-alignin spinners by @ XhmikosR in #338070.xwith negative margins in utilities by @ k-utsumi in #33593theadrule by @ coliff in #34426showevent disabling modals with fade class from being displayed again by @ alpadev in #34087Full changelog
v4.6.0...v4.6.1
Package name: firebase