Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade multiple dependencies.
👯♂ The following dependencies are linked and will therefore be updated together.ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
from 17.0.0 to 17.0.2
on 2021-03-22
from 17.0.0 to 17.0.2
on 2021-03-22
The recommended version fixes:
SNYK-JS-REQUEST-1314897
Why? CVSS 3.7
(*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: react
React DOM
SharedArrayBuffer
cross-origin isolation warning. (@ koba04 and @ bvaughn in #20831, #20832, and #20840)Artifacts
React DOM
Today, we are releasing React 17!
Learn more about React 17 and how to update to it on the official React blog.
React
react/jsx-runtime
andreact/jsx-dev-runtime
for the new JSX transform. (@ lunaruan in #18299)displayName
on context for improved stacks. (@ eps1lon in #18224)'use strict'
from leaking in the UMD bundles. (@ koba04 in #19614)fb.me
for redirects. (@ cylim in #19598)React DOM
document
. (@ trueadm in #18195 and others)useEffect
cleanup functions asynchronously. (@ bvaughn in #17925)focusin
andfocusout
foronFocus
andonBlur
. (@ trueadm in #19186)Capture
events use the browser capture phase. (@ trueadm in #19221)onScroll
event. (@ gaearon in #19464)forwardRef
ormemo
component returnsundefined
. (@ gaearon in #19550)console
in the second render pass of DEV mode double render. (@ sebmarkbage in #18547)ReactTestUtils.SimulateNative
API. (@ gaearon in #13407)ReactDOM.flushSync
during lifecycle methods (but warn). (@ sebmarkbage in #18759)code
property to the keyboard event objects. (@ bl00mber in #18287)disableRemotePlayback
property forvideo
elements. (@ tombrowndev in #18619)enterKeyHint
property forinput
elements. (@ eps1lon in #18634)value
is provided to<Context.Provider>
. (@ charlie1404 in #19054)memo
orforwardRef
components returnundefined
. (@ bvaughn in #19550)onTouchStart
,onTouchMove
, andonWheel
passive. (@ gaearon in #19654)setState
hanging in development inside a closed iframe. (@ gaearon in #19220)defaultProps
. (@ jddxf in #18539)dangerouslySetInnerHTML
isundefined
. (@ eps1lon in #18676)require
implementation. (@ just-boris in #18632)onBeforeInput
reporting an incorrectevent.type
. (@ eps1lon in #19561)event.relatedTarget
reported asundefined
in Firefox. (@ claytercek in #19607)movementX/Y
polyfill with capture events. (@ gaearon in #19672)onSubmit
andonReset
events. (@ gaearon in #19333)React DOM Server
useCallback
behavior consistent withuseMemo
for the server renderer. (@ alexmckenley in #18783)React Test Renderer
findByType
error message. (@ henryqdineen in #17439)Concurrent Mode (Experimental)
unstable_
prefix before the experimental APIs. (@ acdlite in #18825)unstable_discreteUpdates
andunstable_flushDiscreteUpdates
. (@ trueadm in #18825)timeoutMs
argument. (@ acdlite in #19703)<div hidden />
prerendering in favor of a different future API. (@ acdlite in #18917)unstable_expectedLoadTime
to Suspense for CPU-bound trees. (@ acdlite in #19936)unstable_useOpaqueIdentifier
Hook. (@ lunaruan in #17322)unstable_startTransition
API. (@ rickhanlonii in #19696)act
in the test renderer no longer flushes Suspense fallbacks. (@ acdlite in #18596)useMutableSource
that may happen whengetSnapshot
changes. (@ bvaughn in #18297)useMutableSource
. (@ bvaughn in #18912)Artifacts
Package name: react-dom
Read more
React DOM
Read more
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs