[Snyk] Upgrade react-redux from 7.0.1 to 7.2.3

[snyk-bot]

Snyk has created this PR to upgrade react-redux from 7.0.1 to 7.2.3.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 18 versions ahead of your current version.
• The recommended version was released a month ago, on 2021-03-23.

Release notes

Package name: react-redux

• 7.2.3 - 2021-03-23
  

  This release improves behavior in useSelector by returning the existing reference if the newly returned selector result passes the equality check, and adds a hard dependency on the @ types/react-redux package to ensure TS users always have the typedefs installed.

  Changes

  useSelector Results Reuse

  Issue #1654 reported that useSelector was returning new references from a selector even if the equality comparison function returned true. This is because the equality check was only ever being performed during the action dispatch process.

  We now run the equality comparison against the value calculated by the selector while rendering, and return the existing reference for consistency if the old and new values are considered equal. This should improve some cases where further derived values where being recalculated unnecessarily.

  TS Types Now Included

  React-Redux has always been written in plain JS, and the typedefs maintained by the community in DefinitelyTyped. We plan on eventually rewriting the library in TypeScript in a future React-Redux v8 release, but until then the types can stay in DT.

  However, having to always manually install @ types/react-redux is annoying, and some users have gotten confused by that. This release adds a hard dependency on @ types/react-redux, so that if you install react-redux, you automatically get the types as well. This should simplify the process for TS users.

  Docs Updates

  We've made several docs updates recently:

  • Renamed "Quick Start" to "Getting Started" and "Static Typing" to "Usage with TypeScript"
  • Dropped the docs API versioning setup, as the legacy API version docs pages were rarely viewed and the versioning setup confused docs contributors
  • Moved the old "Intro > Basic Tutorial" to "Tutorials > Connect" and marked it as semi-obsolete

  We are currently working on a new React-Redux tutorial that will teach the React-Redux hooks as the primary approach, based on the "UI and React" page in the Redux docs "Fundamentals" tutorial.

  Changelog

  • Automatically install @ types/react-redux as a dependency (#1699 - @ markerikson )
  • Reuse latest selected state on selector re-run (#1654) (#1660 - @ otakustay)
  • Use useIsomorphicLayoutEffect in Provider for consistency (#1683 - @ speakingcode )

  v7.2.2...v7.2.3

• 7.2.2 - 2020-10-26
  

  This release allows you to use React Redux with React 17 without a warning when installing. That's about it.

  Shameless self-promotion: Check out my new startup, Spaceship 🚀. We're building the Continuous Delivery system of the future.

  Changes

  • Upgrade react peer dependency to v17 (#1647 by @ wachunei)
• 7.2.1 - 2020-07-25
  

  This release improves useSelector value display in the React DevTools, fixes a potential race condition, and fixes a couple additional minor issues.

  useSelector DevTools Display

  The React DevTools normally show custom hooks with their inspected name (such as "Selector" for useSelector), and any calls to core hooks inside. This is not always informative, so React has the useDebugValue hook to allow custom hooks to specify what value should be shown instead.

  useSelector now calls useDebugValue to specifically show the current selected value instead of its internal hooks usage.

  Bug Fixes

  This release has a few different bug fixes:

  • A potential race condition when dispatching actions from child components in the commit phase vs selecting data in a parent
  • Removed an excess new object creation when forcing a re-render
  • Our internal prop name for a forwarded ref is now reactReduxForwardedRef to avoid a rare situation where someone else might be passing down a field named forwardedRef
  • Fixed a typo in a useSelector error message

  Changes

  • Fix error message typo in useSelector ('You must pass a selector...). (@ Pixelwelder - #1581)
  • fix useSelector race condition with memoized selector when dispatching in child components useLayoutEffect as well as cDM/cDU (@ dai-shi - #1536)
  • removed a redundant object creation when using forceUpdate (@ vzaidman - #1567)
  • Rename internal forwardedRef usage (@ dtschust - #1553)
  • Show useSelector result in React DevTools (@ Finesse - #1530)
• 7.2.0 - 2020-02-18
  

  This release fixes two bugs, an algorithmic problem with unsubscribing components and a memory leak with connect. It also has optimizations for production bundle size, and adds a couple small improvements to developer readability while debugging.

  Bug Fixes

  connect in v7 is implemented using hooks, and the hooks usage captures numerous values from the surrounding scope. We received a PR informing us that the way we were capturing these values would likely result in a copy of the first version of its props being kept alive indefinitely.

  This memory leak has been fixed by extracting a custom hook that receives all the necessary values as arguments, so that they're not captured via closure.

  We also received a PR letting us know that the unsubscribe logic had a quadratic algorithm in it, as removing a subscriber would use an indexOf(listener) check to remove that callback. If there were a large number of subscribers, that line's runtime would increase rapidly, causing slowdowns.

  This algorithm has been replaced with tracking subscribers via a linked list, which drastically improves the runtime of this section of the code even with large numbers of subscribers.

  Thanks to @ larrylin28 and @ wurstbonbon for finding these bugs and submitting PRs to fix them!

  Bundle Size Improvements

  We've made a number of small tweaks to the codebase to improve the ability of bundlers to shake and minimize the final included size in a bundle. The net result is that react-redux@7.2.0 is smaller than 7.1.3, dropping 1.3K min and 0.6K min+gzip. (In fact, it's even smaller than the pre-hooks 7.0.0 when gzipped!)

  Thanks to @ Andarist for doing most of the work on this!

  Debugging Improvements

  The ReactReduxContext instance now has a displayName set, so it should show up in the React DevTools as ReactRedux.Provider.

  Also, when an error is caught in useSelector and re-thrown, we now append the original stack trace.

  Thanks to @ pieplu and @ r3dm1ke for these!

  Changes

  • Fix memory leak issue with UseEffect (@ larrylin28 - #1506)
  • Optimize createListenerCollection (@ wurstbonbon - #1523)
  • Rethrowing original errors thrown in selector functions (@ Andarist - #1474)
  • Remove invariant in favor of doing NODE_ENV checks directly (@ Andarist - #1472)
  • Wrap .propTypes and .displayName assignments with DEV check (@ Andarist - #1471)
  • Add pure annotations to help with DCE (@ timdorr - 5e0c50d)
  • Inline this function. (@ timdorr - 58ae5ed)
  • Add a displayName on ReactReduxContext (@ pieplu - #1462)
• 7.1.3 - 2019-11-06
  

  Forgot to remove a console statement before I published 7.1.2. Oops!

  Lint your source code before publishing, folks.

  Changes

  • Remove leftover console statement (@ markerikson - 30101bb)
• 7.1.2 - 2019-11-06
  Read more
• 7.1.2-alpha.0 - 2019-11-05
  

  7.1.2-alpha.0

• 7.1.1 - 2019-08-26
  

  This release is sponsored by Deft, providing technical teams to high-growth SaaS companies with the processes they need to scale successfully. Please reach out to see how we can help with your software development, systems architecture, and infrastructure design needs.

  ---

  This release includes some new APIs for those that want to use a custom React Context with our Hooks API, a small memory optimization, and has a fix for when the store changes on a Provider with incompatible children.

  Changes

  • Add create*Hook factory APIs (#1309 by @ ryaninvents)
  • Free resources (free detached nodes from memory) (#1380 by @ MosheZemah)
  • Convert Provider into function component with hooks (#1377 by @ mpeyper)

  P.S. On the sponsorship section above, it's a thing we're trying out to see how it feels and if it causes any problems for your workflows. (Don't worry, no ads are coming to your npm installs!) The idea for future releases is to let those that contributed to that release have the opportunity to sponsor that release. We don't need donations, but we definitely do need PRs! Hopefully, it's a fair way to encourage them. Please let us know if it's a problem in any way.

• 7.1.0 - 2019-06-11
  Read more
• 7.1.0-rc.1 - 2019-05-30
• 7.1.0-alpha.5 - 2019-05-20
• 7.1.0-alpha.4 - 2019-05-01
• 7.1.0-alpha.3 - 2019-04-28
• 7.1.0-alpha.2 - 2019-04-28
• 7.1.0-alpha.1 - 2019-04-22
• 7.1.0-alpha.0 - 2019-04-22
• 7.0.3 - 2019-04-28
• 7.0.2 - 2019-04-12
• 7.0.1 - 2019-04-09

from react-redux GitHub release notes

Commit messages

Package name: react-redux

• a87cd5f 7.2.3
• da22052 Automatically install @ types/react-redux as a dependency (#1699)
• 65b4a16 Reuse latest selected state on selector re-run (#1654) (#1660)
• 3aa8993 Use useIsomorphicLayoutEffect in Provider for consistency (#1683)
• 86b6fe0 Additional TS usage updates (#1698)
• 9005c4a Drop versioned docs entirely (#1696)
• 45dfd45 Assorted docs cleanup (#1688)
• a923553 Added translation section to docs version 7.2 (#1676)
• 80f8fe1 added docs translations section in quick start (#1675)
• 96bf941 Link directly to #redux on Reactiflux (#1673)
• 1f07ec1 Bump node-notifier from 8.0.0 to 8.0.1 (#1672)
• 98b6626 Replace uppercase char with lowercase one (#1671)
• 48773fd Replace uppercase char with lowercase one (#1670)
• 2d22c65 Bump ini from 1.3.5 to 1.3.7 in /website (#1669)
• 5abf1be docs: Fix typo in ConnectedProps example (#1668)
• 0e71c05 Docs: Fix capitalization of GitHub (#1667)
• b48d087 Update quick-start.md (#1663)
• 94fcab6 Update hooks.md (#1659)
• 7b0a678 Site: Remove extra chars at main page (#1658)
• 1769d24 Doc : Update ownProps example (#1655)
• 1df5622 7.2.2
• 8010d86 Use a newer node
• 3a3dd04 Stop using Travis
• 52fdba2 Set up the test suite in Actions

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs