Closed dependabot[bot] closed 9 months ago
Marked this as draft since dependabot thinks we should upgrade to version 18.x.x because of the way we have specified React in our package.json
. Upgrading a major version could introduce a breaking change. Discussing this with @nutjob4life on slack:
Would you agree that instead of specifying "react": "^17.0.2",, we should be specifying "react": ">=17.0.0 <18.0.0", that way we can make an informed choice of when to upgrade major versions? Should this apply to all of the packages we specify?
17 → 18? Come on, Dependabot! No way!
@nutjob4life I modified the package.json file and rebuilt the package-lock.json file after updating the react version information to be >=17.0.2 <18.0.0
so that it won't recommend major version upgrade which could introduce breaking changes.
@anilnatha woot woot! 🎉
Bumps react from 17.0.2 to 18.2.0.
Release notes
Sourced from react's releases.
... (truncated)
Changelog
Sourced from react's changelog.
... (truncated)
Commits
72b7462
Bump local package.json versions for 18.1 release (#24447)22edb9f
Reactversion
field should match package.json (#24445)4175f05
Temporarily feature flag numeric fallback for symbols (#24401)e8f4a66
Fix import in examplebb49abe
Update some READMEs (#24290)7e3121e
Remove unstable_createMutableSource from experimental build (#24209)34aa5cf
Update local package.jsons for 1872a933d
Gate legacy hidden (#24047)d5f1b06
[ServerContext] Flight support for ServerContext (#23244)1780659
Move createRoot/hydrateRoot to react-dom/client (#23385)Maintainer changes
This version was pushed to npm by gnoff, a new releaser for react since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show