FleetAdmiralJakob / Portfolio

My self-coded personal website builds with ReactJS
https://www.roessner.tech/
Apache License 2.0
19 stars 0 forks source link

fix(deps): update dependency react-pdf to v9 - abandoned #508

Closed renovate[bot] closed 5 months ago

renovate[bot] commented 5 months ago

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
react-pdf (source) ^7.7.1 -> ^9.0.0 age adoption passing confidence

Release Notes

wojtekmaj/react-pdf (react-pdf) ### [`v9.0.0`](https://togithub.com/wojtekmaj/react-pdf/releases/tag/v9.0.0) [Compare Source](https://togithub.com/wojtekmaj/react-pdf/compare/v8.0.2...v9.0.0) See [Upgrade guide from version 8.x to 9.x](https://togithub.com/wojtekmaj/react-pdf/wiki/Upgrade-guide-from-version-8.x-to-9.x). This version updates PDF.js to 4.3.136, fixing GHSA-wgrm-67xf-hhpq for good. React-PDF v8.0.2 and v7.7.3 have already included a mitigation of the issue and thus were not affected by this vulnerability, but caused automatic security alerts due to the outdated PDF.js version. ❗️ = breaking change #### What's new? - Updated PDF.js to 4.3.136. - Optimizations for CPU and memory usage - Performance improvements - Image rendering improvements - Text selection improvements - Accessibility improvements - Font conversion improvements - Handling of corrupted documents - Improved Turbopack compatibility. #### What's changed? - ❗️ Dropped support for older browsers. - ❗️ Removed deprecated `svg` `renderMode`. ### [`v8.0.2`](https://togithub.com/wojtekmaj/react-pdf/releases/tag/v8.0.2) [Compare Source](https://togithub.com/wojtekmaj/react-pdf/compare/v8.0.1...v8.0.2) #### Bug fixes - Force `isEvalSupported` to `false`. Fixes GHSA-87hq-q4gp-9wr4 (caused by GHSA-wgrm-67xf-hhpq). ### [`v8.0.1`](https://togithub.com/wojtekmaj/react-pdf/releases/tag/v8.0.1) [Compare Source](https://togithub.com/wojtekmaj/react-pdf/compare/v8.0.0...v8.0.1) This version shipped an incorrect fix for a security vulnerability and thus has been deprecated. #### ~~Bug fixes~~ - \~~Force `isEvalSupported` to `true`. Fixes GHSA-87hq-q4gp-9wr4 (caused by GHSA-wgrm-67xf-hhpq).~~ ### [`v8.0.0`](https://togithub.com/wojtekmaj/react-pdf/releases/tag/v8.0.0) [Compare Source](https://togithub.com/wojtekmaj/react-pdf/compare/v7.7.3...v8.0.0) ❗️ = breaking change #### What's new? - Added support for React 19. #### What's changed? - ❗️ [New JSX transform](https://legacy.reactjs.org/blog/2020/09/22/introducing-the-new-jsx-transform.html) is now required. Most likely, you’re already using it, but if you’re not, you’ll need to enable it by following the instructions in the linked blog post. - ❗️ `propTypes` were removed. If you’re using `propTypes`, we recommend migrating to TypeScript or another type-checking solution.

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.



This PR has been generated by Mend Renovate. View repository job log here.

vercel[bot] commented 5 months ago

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
portfolio ✅ Ready (Inspect) Visit Preview 💬 Add feedback May 29, 2024 6:39pm
socket-security[bot] commented 5 months ago

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/number-to-words@1.2.4 None 0 46.3 kB marlun78

🚮 Removed packages: npm/prettier@3.2.5, npm/web-vitals@3.5.2

View full report↗︎

renovate[bot] commented 5 months ago

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.

renovate[bot] commented 5 months ago

Autoclosing Skipped

This PR has been flagged for autoclosing. However, it is being skipped due to the branch being already modified. Please close/delete it manually or report a bug if you think this is in error.