[Snyk] Upgrade react-redux from 6.0.1 to 8.0.5

[Manny27nyc]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade react-redux from 6.0.1 to 8.0.5.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

Warning: This is a major version upgrade, and may be a breaking change.

• The recommended version is 43 versions ahead of your current version.
• The recommended version was released 7 months ago, on 2022-11-04.

Release notes

Package name: react-redux

• 8.0.5 - 2022-11-04
  

  This release fixes a few minor TS issues.

  What's Changed

  • Provider: pass state (S) generic through to ProviderProps by @ OliverJAsh in #1960
  • wrap equalityFn type in NoInfer by @ phryneas in #1965
  • Fix wrapped component prop types when passing nullish mapDispatchToProps by @ marconi1992 in #1928

  Full Changelog: v8.0.4...v8.0.5

• 8.0.4 - 2022-09-23
  

  This patch release fixes some minor TS types issues, and updates the rarely-used areStatesEqual option for connect to now pass through ownProps for additional use in determining which pieces of state to compare if desired.

  Note: 8.0.3 was accidentally published without one of these fixes. Use 8.0.4 instead.

  Changelog

  TS Fixes

  We've fixed an import of React that caused issues with the allowSyntheticDefaultImports TS compiler flag in user projects.

  connect already accepted a custom context instance as props.context, and had runtime checks in case users were passing through a real value with app data as props.context instead. However, the TS types did not handle that case, and this would fail to compile. If your own component expects props.context with actual data, connect's types now use that type instead.

  The ConnectedProps<T> type had a mismatch with React's built-in React.ComponentProps<Component> type, and that should now work correctly.

  Other Changes

  The areStatesEqual option to connect now receives ownProps as well, in case you need to make a more specific comparison with certain sections of state.

  The new signature is:

  {
    areStatesEqual?: (
      nextState: State,
      prevState: State,
      nextOwnProps: TOwnProps,
      prevOwnProps: TOwnProps
    ) => boolean
  }

  What's Changed

  • Don't require allowSyntheticDefaultImports: true by @ apepper in #1924
  • Fixed type issue with ComponentProps from older @ types/react by @ Andarist in #1956
  • connect: pass ownProps to areStatesEqual by @ jspurlin in #1951
  • Omit built-in context prop if user component props include context by @ markerikson in #1958

  Full Changelog: v8.0.2...v8.0.4

• 8.0.3 - 2022-09-23
  

  This release was accidentally published without an intended fix - please use v8.0.4 instead

• 8.0.2 - 2022-05-22
  

  This patch release tweaks the behavior of connect to print a one-time warning when the obsolete pure option is passed in, rather than throwing an error. This fixes crashes caused by libraries such as react-beautiful-dnd continuing to pass in that option (unnecessarily) to React-Redux v8.

  What's Changed

  • Show warning instead of throwing error that pure option has been removed by @ ApacheEx in #1922

  Full Changelog: v8.0.1...v8.0.2

• 8.0.1 - 2022-04-20
  

  This release fixes an incorrect internal import of our Subscription type, which was causing TS compilation errors in some user projects. We've also listed @ types/react-dom as an optional peerDep. There are no runtime changes in this release.

  What's Changed

  • Add optional peer dependency on @ types/react-dom by @ Methuselah96 in #1904
  • fix(ts): incorrect import of Subscription causes noImplicitAny error by @ vicrep in #1910

  Full Changelog: v8.0.0...v8.0.1

• 8.0.0 - 2022-04-16
  Read more
• 8.0.0-rc.1 - 2022-04-13
  

  This release candidate updates our peer deps to accept all React versions with hooks (16.8+, 17+, and 18+), as well as React Native (0.59+). (The code already worked, but the peer deps needed to be updated to match behavior and install correctly.)

  At this point, React-Redux v8 is feature-complete and stable. We still really want users to try this out and give us feedback before the final release! Barring any reported issues, we plan to release 8.0 as final within the next few days.

  What's Changed

  • Remove ts-ignore for initMergeProps by @ Methuselah96 in #1891
  • fix(deps): add optional peer deps into peerDependencies by @ kyletsang in #1893
  • Update peer deps for v8 by @ markerikson in #1895

  Full Changelog: v8.0.0-rc.0...v8.0.0-rc.1

• 8.0.0-rc.0 - 2022-04-10
  

  This release candidate removes the DefaultRootState type left over from the @ types/react-redux package. Additionally, we now have tests that exercise the serverState SSR behavior added in a previous beta.

  At this point, React-Redux v8 is feature-complete and stable. We still really want users to try this out and give us feedback before the final release! Barring any reported issues, we plan to release 8.0 as final within the next few days.

  Changelog

  Removal of the DefaultRootState type

  The @ types/react-redux package, which has always been maintained by the community, included a DefaultRootState interface that was intended for use with TS's "module augmentation" capability. Both connect and useSelector used this as a fallback if no state generic was provided. When we migrated React-Redux to TS, we copied over all of the types from that package as a starting point.

  However, the Redux team specifically considers use of a globally augmented state type to be an anti-pattern. Instead, we direct users to extract the RootState and AppDispatch types from the store setup, and create pre-typed versions of the React-Redux hooks for use in the app.

  Now that React-Redux itself is written in TS, we've opted to remove the DefaultRootState type entirely. State generics now default to unknown instead.

  Technically the module augmentation approach can still be done in userland, but we discourage this practice.

  SSR Tests

  We added a serverState prop to <Provider> in beta.2 to resolve hydration mismatch issues, but had only done some quick hands-on testing locally. We now have tests that cover that use case.

  What's Changed

  • Remove DefaultRootState type by @ markerikson in #1887
  • Add SSR test for serverState behavior by @ markerikson in #1888
  • Cleanup internal types in selectorFactory.ts by @ Methuselah96 in #1889

  Full Changelog: v8.0.0-beta.4...v8.0.0-rc.0

• 8.0.0-beta.4 - 2022-04-02
  

  This beta release switches the default entry point to use the useSyncExternalStore shim for compatibility with React 16.8+, and switches to a "/next" alternate entry point without the shim.

  At this point, React-Redux v8 is feature-complete and stable. We still really want users to try this out and give us feedback before the final release! We'd also like to add some additional tests around SSR behavior.

  We would like to release v8 as final within the next couple weeks now that React 18 is available.

  Changelog

  useSyncExternalStore Shim Usage

  React 18 adds the new useSyncExternalStore API. In previous betas, the plan was that React-Redux v8 would have a hard requirement on React 18. As a fallback, the betas provided a "/compat" entry point that included the uSES "shim", a userland implementation from the React team that provided compatibility with earlier React versions back to 16.8. That adds a few hundred bytes to the bundle size, so we wanted to keep the default size smaller.

  However, React Native will not support React 18 until the "New Architecture" is done. So, release React-Redux v8 with a hard React 18 requirement would immediately start breaking RN usage.

  After discussion with the React team, we've flipped the default behavior in v8. Now, the default entry point does rely on the uSES shim. This increases final bundle size slightly (about 600b minified compared to v7.x). However, this ensures that React-Redux v8 is compatible with React 16.8+/17 out of the box, enabling users to upgrade to v8 right away even if they aren't using React 18. It also ensures continued RN compatibility.

  For users who would like to strip out the shim, this release switches to having a "/next" entry point that directly imports useSyncExternalStore from React, with no shim. You can alias "react-redux": "react-redux/next" in your bundler to use that instead.

  What's Changed

  • Remove unused useCallback import by @ bobaekang in #1883
  • Swap useSyncExternalStore shim behavior and update React deps by @ markerikson in #1884

  Full Changelog: v8.0.0-beta.3...v8.0.0-beta.4

• 8.0.0-beta.3 - 2022-02-06
• 8.0.0-beta.2 - 2021-12-22
• 8.0.0-beta.1 - 2021-11-20
• 8.0.0-beta.0 - 2021-11-19
• 8.0.0-alpha.1 - 2021-11-02
• 8.0.0-alpha.0 - 2021-10-03
• 7.2.9 - 2022-09-23
  

  This patch release updates the rarely-used areStatesEqual option for connect to now pass through ownProps for additional use in determining which pieces of state to compare if desired.

  The new signature is:

  {
    areStatesEqual?: (
      nextState: State,
      prevState: State,
      nextOwnProps: TOwnProps,
      prevOwnProps: TOwnProps
    ) => boolean
  }

  What's Changed

  • connect: pass ownProps to areStatesEqual by @ jspurlin in #1952

  Full Changelog: v7.2.8...v7.2.9

• 7.2.8 - 2022-04-01
• 7.2.7 - 2022-03-31
• 7.2.6 - 2021-10-25
• 7.2.5 - 2021-09-04
• 7.2.4 - 2021-04-24
• 7.2.3 - 2021-03-23
• 7.2.2 - 2020-10-26
• 7.2.1 - 2020-07-25
• 7.2.0 - 2020-02-18
• 7.1.3 - 2019-11-06
• 7.1.2 - 2019-11-06
• 7.1.2-alpha.0 - 2019-11-05
• 7.1.1 - 2019-08-26
• 7.1.0 - 2019-06-11
• 7.1.0-rc.1 - 2019-05-30
• 7.1.0-alpha.5 - 2019-05-20
• 7.1.0-alpha.4 - 2019-05-01
• 7.1.0-alpha.3 - 2019-04-28
• 7.1.0-alpha.2 - 2019-04-28
• 7.1.0-alpha.1 - 2019-04-22
• 7.1.0-alpha.0 - 2019-04-22
• 7.0.3 - 2019-04-28
• 7.0.2 - 2019-04-12
• 7.0.1 - 2019-04-09
• 7.0.0 - 2019-04-09
• 7.0.0-beta.1 - 2019-04-04
• 7.0.0-beta.0 - 2019-03-22
• 6.0.1 - 2019-02-20

from react-redux GitHub release notes

Commit messages

Package name: react-redux

• 32e40e4 Merge pull request #1928 from marconi1992/fix/1927
• ff7d96b fix: type when passing nullish mapDispathToProps
• 5082af7 Merge pull request #1965 from reduxjs/draft/amazing-rosalind
• bafe55e Add typetests
• fc3954a Update test matrix to Node 16 and TS 4.9
• 401250e also update TypedUseSelectorHook
• 3b06061 wrap type in
• ad40b97 Merge pull request #1960 from OliverJAsh/patch-1
• 8cf538c Merge pull request #1966 from ethen001/chores/custom-equality-fn-docs
• 54d8096 chore(docs): added custom equalityFn example
• 9e09869 `any` -> `unknown`
• e7017ed Add type test
• b50f392 `Provider`: pass state (`S`) generic through to `ProviderProps`
• 70a167e Release 8.0.4
• 3c9766e Merge pull request #1958 from reduxjs/bugfix/connect-context-prop
• 4fcd42c Release 8.0.3
• 69413ff Merge pull request #1951 from jspurlin/jspurlin/passOwnPropsToASE
• 1236861 Use a `Mapped` type to simplify the final displayed types for components
• f40d82d Omit built-in `context` prop if user component props include `context`
• bbc546e Fixed type issue with `ComponentProps` from older `@ types/react` (#1956)
• 527eb36 update type of actualChildProps to be more accurate
• 4122b1c Merge branch 'jspurlin/passOwnPropsToASE' of https://github.com/jspurlin/react-redux into jspurlin/passOwnPropsToASE
• 405d39b Update connect.md
• 0846e26 update connect docs

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs