Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade: jest, react, react-dom, , , , , bootstrap, react-router-dom, ts-jest, typescript #1

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[Snyk] Upgrade: jest, react, react-dom, , , , , bootstrap, react-router-dom, ts-jest, typescript #1

wants to merge 1 commit into from

Conversation

Multifutiy
Copy link
Owner

snyk-top-banner

Snyk has created this PR to upgrade multiple dependencies.

👯 The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name Versions Released on

jest
from 29.4.2 to 29.7.0 | 8 versions ahead of your current version | a year ago
on 2023-09-12
react
from 18.2.0 to 18.3.1 | 385 versions ahead of your current version | 5 months ago
on 2024-04-26
react-dom
from 18.2.0 to 18.3.1 | 385 versions ahead of your current version | 5 months ago
on 2024-04-26
@testing-library/jest-dom
from 5.16.5 to 5.17.0 | 1 version ahead of your current version | a year ago
on 2023-07-18
@types/node
from 16.18.3 to 16.18.106 | 103 versions ahead of your current version | 24 days ago
on 2024-08-26
@types/react
from 18.0.25 to 18.3.4 | 98 versions ahead of your current version | a month ago
on 2024-08-20
@types/react-dom
from 18.0.9 to 18.3.0 | 29 versions ahead of your current version | 5 months ago
on 2024-04-25
bootstrap
from 5.2.3 to 5.3.3 | 7 versions ahead of your current version | 7 months ago
on 2024-02-20
react-router-dom
from 6.4.3 to 6.26.1 | 123 versions ahead of your current version | a month ago
on 2024-08-15
ts-jest
from 29.0.5 to 29.2.5 | 12 versions ahead of your current version | a month ago
on 2024-08-23
typescript
from 4.9.3 to 4.9.5 | 2 versions ahead of your current version | 2 years ago
on 2023-01-30

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
critical severity Incomplete List of Disallowed Inputs
SNYK-JS-BABELTRAVERSE-5962462		 786 Proof of Concept
medium severity Improper Control of Dynamically-Managed Code Resources
SNYK-JS-EJS-6689533		 786 No Known Exploit
Release notes
Package name: jest
  • 29.7.0 - 2023-09-12

    Features

    • [create-jest] Add npm init / yarn create initialiser for Jest projects (#14465)
    • [jest-validate] Allow deprecation warnings for unknown options (#14499)

    Fixes

    • [jest-resolver] Replace unmatched capture groups in moduleNameMapper with empty string instead of undefined (#14507)
    • [jest-snapshot] Allow for strings as well as template literals in inline snapshots (#14465)
    • [@ jest/test-sequencer] Calculate test runtime if perStats.duration is missing (#14473)

    Performance

    • [@ jest/create-cache-key-function] Cache access of NODE_ENV and BABEL_ENV (#14455)

    Chore & Maintenance

    • [jest-cli] Move internal config initialisation logic to the create-jest package (#14465)

    New Contributors

    Full Changelog: v29.6.4...v29.7.0

  • 29.6.4 - 2023-08-24

    Fixes

    • [jest-core] Fix typo in scheduleAndRun performance marker (#14434)
    • [jest-environment-node] Make sure atob and btoa are writeable in Node 20 (#14446)
    • [jest-worker] Additional error wrapper for parentPort.postMessage to fix unhandled DataCloneError. (#14437)

    New Contributors

    Full Changelog: v29.6.3...v29.6.4

  • 29.6.3 - 2023-08-21

    Fixes

    • [expect, @ jest/expect-utils] ObjectContaining support symbol as key (#14414)
    • [expect] Remove @ types/node from dependencies (#14385)
    • [jest-core] Use workers in watch mode by default to avoid crashes (#14059 & #14085).
    • [jest-reporters] Update istanbul-lib-instrument dependency to v6. (#14401)
    • [jest-mock] Revert #13692 as it was a breaking change (#14429)
    • [jest-mock] Revert #13866 as it was a breaking change (#14429)
    • [jest-mock] Revert #13867 as it was a breaking change (#14429)
    • [@ jest/reporters] Marks Reporter's hooks as optional (#14433)
    • [jest-runtime] Fix dynamic ESM import module bug when loaded module through jest.isolateModulesAsync (#14397)

    Chore & Maintenance

    • [jest-changed-files, jest-circus, jest-console, @ jest/core, @ jest/runtime, @ jest/transform] Use invariant and notEmpty from jest-util rather than own internal (#14366)

    New Contributors

    Full Changelog: v29.6.2...v29.6.3

  • 29.6.2 - 2023-07-27

    Fixes

    • [jest-circus] Fix snapshot matchers in concurrent tests when nr of tests exceeds maxConcurrency (#14335)
    • [@ jest/core] When running global setup and teardown, do not try to change the message property of the thrown error object when the message property is unwritable (#14113)
    • [jest-snapshot] Move @ types/prettier from dependencies to devDependencies (#14328)
    • [jest-snapshot] Throw an explicit error if Prettier v3 is used (#14367)
    • [jest-reporters] Add "skipped" and "todo" symbols to Github Actions Reporter (#14309)

    Chore & Maintenance

    • [@ jest/core] Use pluralize from jest-util rather than own internal (#14322)

    New Contributors

    Full Changelog: v29.6.1...v29.6.2

  • 29.6.1 - 2023-07-06

    Fixes

    • [jest-circus] Revert #14110 as it was a breaking change (#14304)

    Full Changelog: v29.6.0...v29.6.1

  • 29.6.0 - 2023-07-04

    Features

    • [jest-circus, jest-snapshot] Add support for snapshot matchers in concurrent tests (#14139)
    • [jest-cli] Include type definitions to generated config files (#14078)
    • [jest-snapshot] Support arrays as property matchers (#14025)
    • [jest-core, jest-circus, jest-reporter, jest-runner] Added support for reporting about start individual test cases using jest-circus (#14174)

    Fixes

    • [jest-circus] Prevent false test failures caused by promise rejections handled asynchronously (#14110)
    • [jest-config] Handle frozen config object (#14054)
    • [jest-config] Allow coverageDirectory and collectCoverageFrom in project config (#14180)
    • [jest-core] Always use workers in watch mode to avoid crashes (#14059).
    • [jest-environment-jsdom, jest-environment-node] Fix assignment of customExportConditions via testEnvironmentOptions when custom env subclass defines a default value (#13989)
    • [jest-matcher-utils] Fix copying value of inherited getters (#14007)
    • [jest-mock] Tweak typings to allow jest.replaceProperty() replace methods (#14008)
    • [jest-mock] Improve user input validation and error messages of spyOn and replaceProperty methods (#14087)
    • [jest-runtime] Bind jest.isolateModulesAsync to this (#14083)
    • [jest-runtime] Forward wrapperLength to the Script constructor as columnOffset for accurate debugging (#14148)
    • [jest-runtime] Guard _isMockFunction access with in (#14188)
    • [jest-snapshot] Fix a potential bug when not using prettier and improve performance (#14036)
    • [@ jest/transform] Do not instrument .json modules (#14048)
    • [jest-worker] Restart a shut down worker before sending it a task (#14015)

    Chore & Maintenance

    • [*] Update semver dependency to get vulnerability fix (#14262)
    • [docs] Updated documentation for the --runTestsByPath CLI command (#14004)
    • [docs] Updated documentation regarding the synchronous fallback when asynchronous code transforms are unavailable (#14056)
    • [docs] Update jest statistics of use and downloads in website Index.

    New Contributors

    Full Changelog: v29.5.0...v29.6.0

  • 29.5.0 - 2023-03-06

    Features

    • [jest-changed-files] Support Sapling (#13941)
    • [jest-circus, @ jest/cli, jest-config] Add feature to randomize order of tests via CLI flag or through the config file(#12922)
    • [jest-cli, jest-config, @ jest/core, jest-haste-map, @ jest/reporters, jest-runner, jest-runtime, @ jest/types] Add workerThreads configuration option to allow using worker threads for parallelization (#13939)
    • [jest-cli] Export yargsOptions (#13970)
    • [jest-config] Add openHandlesTimeout option to configure possible open handles warning. (#13875)
    • [@ jest/create-cache-key-function] Allow passing length argument to createCacheKey() function and set its default value to 16 on Windows (#13827)
    • [jest-message-util] Add support for AggregateError (#13946 & #13947)
    • [jest-message-util] Add support for Error causes in test and it (#13935 & #13966)
    • [jest-reporters] Add summaryThreshold option to summary reporter to allow overriding the internal threshold that is used to print the summary of all failed tests when the number of test suites surpasses it (#13895)
    • [jest-runtime] Expose @ sinonjs/fake-timers async APIs functions advanceTimersByTimeAsync(msToRun) (tickAsync(msToRun)), advanceTimersToNextTimerAsync(steps) (nextAsync), runAllTimersAsync (runAllAsync), and runOnlyPendingTimersAsync (runToLastAsync) (#13981)
    • [jest-runtime, @ jest/transform] Allow V8 coverage provider to collect coverage from files which were not loaded explicitly (#13974)
    • [jest-snapshot] Add support to cts and mts TypeScript files to inline snapshots (#13975)
    • [jest-worker] Add start method to worker farms (#13937)
    • [jest-worker] Support passing a URL as path to worker (#13982)

    Fixes

    • [babel-plugin-jest-hoist] Fix unwanted hoisting of nested jest usages (#13952)
    • [jest-circus] Send test case results for todo tests (#13915)
    • [jest-circus] Update message printed on test timeout (#13830)
    • [jest-circus] Avoid creating the word "testfalse" when takesDoneCallback is false in the message printed on test timeout AND updated timeouts test (#13954)
    • [jest-environment-jsdom] Stop setting document to null on teardown (#13972)
    • [@ jest/expect-utils] Update toStrictEqual() to be able to check jest.fn().mock.calls (#13960)
    • [@ jest/test-result] Allow TestResultsProcessor type to return a Promise (#13950)

    Chore & Maintenance

    • [jest-snapshot] Remove dependency on jest-haste-map (#13977)

    New Contributors

    Full Changelog: v29.4.3...v29.5.0

  • 29.4.3 - 2023-02-15

    Features

    • [expect] Update toThrow() to be able to use error causes (#13606)
    • [jest-core] allow to use workerIdleMemoryLimit with only 1 worker or runInBand option (#13846)
    • [jest-message-util] Add support for error causes (#13868 & #13912)
    • [jest-runtime] Revert import assertions for JSON modules as it's been relegated to Stage 2 (#13911)

    Fixes

    • [@ jest/expect-utils] subsetEquality should consider also an object's inherited string keys (#13824)
    • [jest-mock] Clear mock state when jest.restoreAllMocks() is called (#13867)
    • [jest-mock] Prevent mockImplementationOnce and mockReturnValueOnce bleeding into withImplementation (#13888)
    • [jest-mock] Do not restore mocks when jest.resetAllMocks() is called (#13866)

    New Contributors

    Full Changelog: v29.4.2...v29.4.3

  • 29.4.2 - 2023-02-07

    Features

    Fixes

    • [expect, @ jest/expect] Provide type of actual as a generic argument to Matchers to allow better-typed extensions (#13848)
    • [jest-circus] Added explicit mention of test failing because done() is not being called in error message (#13847)
    • [jest-runtime] Handle CJS re-exports of node core modules from ESM (#13856)
    • [jest-transform] Downgrade write-file-atomic to v4 (#13853)
    • [jest-worker] Ignore IPC messages not intended for Jest (#13543)

    Chore & Maintenance

    • [*] make sure to exclude .eslintcache from published module (#13832)
    • [docs] Cleanup incorrect links in CHANGELOG.md (#13857)

    New Contributors

    Full Changelog: v29.4.1...v29.4.2

from jest GitHub release notes
Package name: react
  • 18.3.1 - 2024-04-26
    • Export act from react f1338f
  • 18.3.0 - 2024-04-25

    This release is identical to 18.2 but adds warnings for deprecated APIs and other changes that are needed for React 19.

    Read the React 19 Upgrade Guide for more info.

    React

    • Allow writing to this.refs to support string ref codemod 909071
    • Warn for deprecated findDOMNode outside StrictMode c3b283
    • Warn for deprecated test-utils methods d4ea75
    • Warn for deprecated Legacy Context outside StrictMode 415ee0
    • Warn for deprecated string refs outside StrictMode #25383
    • Warn for deprecated defaultProps for function components #25699
    • Warn when spreading key #25697
    • Warn when using act from test-utils d4ea75

    React DOM

    • Warn for deprecated unmountComponentAtNode 8a015b
    • Warn for deprecated renderToStaticNodeStream #28874
  • 18.3.0-next-fecc288b7-20221025 - 2022-10-25
  • 18.3.0-next-fccf3a9fb-20230213 - 2023-02-14
  • 18.3.0-next-fabef7a6b-20221215 - 2022-12-16
  • 18.3.0-next-fa4314841-20230502 - 2023-05-03
  • 18.3.0-next-f828bad38-20230313 - 2023-03-13
  • 18.3.0-next-f0efa1164-20220901 - 2022-09-02
  • 18.3.0-next-f0534ae94-20221202 - 2022-12-05
  • 18...

@snyk-bot
fix: upgrade multiple dependencies with Snyk
bf3b79d 
Snyk has created this PR to upgrade:
  - jest from 29.4.2 to 29.7.0.
    See this package in npm: https://www.npmjs.com/package/jest
  - react from 18.2.0 to 18.3.1.
    See this package in npm: https://www.npmjs.com/package/react
  - react-dom from 18.2.0 to 18.3.1.
    See this package in npm: https://www.npmjs.com/package/react-dom
  - @testing-library/jest-dom from 5.16.5 to 5.17.0.
    See this package in npm: https://www.npmjs.com/package/@testing-library/jest-dom
  - @types/node from 16.18.3 to 16.18.106.
    See this package in npm: https://www.npmjs.com/package/@types/node
  - @types/react from 18.0.25 to 18.3.4.
    See this package in npm: https://www.npmjs.com/package/@types/react
  - @types/react-dom from 18.0.9 to 18.3.0.
    See this package in npm: https://www.npmjs.com/package/@types/react-dom
  - bootstrap from 5.2.3 to 5.3.3.
    See this package in npm: https://www.npmjs.com/package/bootstrap
  - react-router-dom from 6.4.3 to 6.26.1.
    See this package in npm: https://www.npmjs.com/package/react-router-dom
  - ts-jest from 29.0.5 to 29.2.5.
    See this package in npm: https://www.npmjs.com/package/ts-jest
  - typescript from 4.9.3 to 4.9.5.
    See this package in npm: https://www.npmjs.com/package/typescript

See this project in Snyk:
https://app.snyk.io/org/multifutiy3/project/6bc0b129-f6fe-4ac5-b45c-90cd04bc83dd?utm_source=github&utm_medium=referral&page=upgrade-pr
@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Sep 19, 2024

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@github-advanced-security
Copy link

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Multifutiy @snyk-bot