[Snyk] Upgrade react-redux from 7.2.2 to 7.2.4

[snyk-bot]

Snyk has created this PR to upgrade react-redux from 7.2.2 to 7.2.4.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 2 versions ahead of your current version.
• The recommended version was released 4 months ago, on 2021-04-24.

Release notes

Package name: react-redux

• 7.2.4 - 2021-04-24
  

  This release drops our dependency on the core redux package by inlining bindActionCreators, and tweaks useSelector to ensure that selectors aren't run an extra time while re-rendering.

  Changelog

  Redux Dependency Removal

  React-Redux has always imported the bindActionCreators utility from the core redux package for use in connect. However, that meant that we had to have a peer dependency on redux, and this was the only reason we actually required that redux be installed. This became more annoying with the arrival of Redux Toolkit, which has its own dependency on redux internally, and thus users typically saw peer dependency warnings saying that "redux isn't listed as a dependency in your app".

  Code reuse across separate packages is a great thing, but sometimes the right thing to do is duplicate code. So, we've inlined bindActionCreators directly into React-Redux, and we've completely dropped the dependency on Redux. This means that React-Redux will no longer produce a peerDep warning when used with Redux Toolkit, and <Provider> and connect really only need a Redux-store-compatible value to work right.

  useSelector Fixes

  Users reported that useSelector was re-running selector functions again unnecessarily while rendering after a dispatch. We've tweaked the logic to ensure that doesn't happen.

  useSelector also now has checks in development to ensure that selector and equalityFn are functions.

  Changes

  • Remove wrapActionCreators (#1709 - @ xty)
  • Verify that selector and equalityF of useSelector are functions (#1706 - @ gshilin)
  • Import bindActionCreators from redux (#1705 - @ timdorr)
  • Don't re-run the selector after update (#1701 - @ timdorr)

  v7.2.3...v7.2.4

• 7.2.3 - 2021-03-23
  

  This release improves behavior in useSelector by returning the existing reference if the newly returned selector result passes the equality check, and adds a hard dependency on the @ types/react-redux package to ensure TS users always have the typedefs installed.

  Changes

  useSelector Results Reuse

  Issue #1654 reported that useSelector was returning new references from a selector even if the equality comparison function returned true. This is because the equality check was only ever being performed during the action dispatch process.

  We now run the equality comparison against the value calculated by the selector while rendering, and return the existing reference for consistency if the old and new values are considered equal. This should improve some cases where further derived values where being recalculated unnecessarily.

  TS Types Now Included

  React-Redux has always been written in plain JS, and the typedefs maintained by the community in DefinitelyTyped. We plan on eventually rewriting the library in TypeScript in a future React-Redux v8 release, but until then the types can stay in DT.

  However, having to always manually install @ types/react-redux is annoying, and some users have gotten confused by that. This release adds a hard dependency on @ types/react-redux, so that if you install react-redux, you automatically get the types as well. This should simplify the process for TS users.

  Docs Updates

  We've made several docs updates recently:

  • Renamed "Quick Start" to "Getting Started" and "Static Typing" to "Usage with TypeScript"
  • Dropped the docs API versioning setup, as the legacy API version docs pages were rarely viewed and the versioning setup confused docs contributors
  • Moved the old "Intro > Basic Tutorial" to "Tutorials > Connect" and marked it as semi-obsolete

  We are currently working on a new React-Redux tutorial that will teach the React-Redux hooks as the primary approach, based on the "UI and React" page in the Redux docs "Fundamentals" tutorial.

  Changelog

  • Automatically install @ types/react-redux as a dependency (#1699 - @ markerikson )
  • Reuse latest selected state on selector re-run (#1654) (#1660 - @ otakustay)
  • Use useIsomorphicLayoutEffect in Provider for consistency (#1683 - @ speakingcode )

  v7.2.2...v7.2.3

• 7.2.2 - 2020-10-26
  

  This release allows you to use React Redux with React 17 without a warning when installing. That's about it.

  Changes

  • Upgrade react peer dependency to v17 (#1647 by @ wachunei)

from react-redux GitHub release notes

Commit messages

Package name: react-redux

• 86e962e 7.2.4
• b3b4e8b docs: add link to source in getting-started.md (#1713)
• 994b390 Removed Useless Symbol - Docs (#1712)
• 95e3287 fix:displayName error displayed in development tool (#1711)
• 5b4b576 Removed useless semicolon : Docs - Connect.md (#1710)
• 8913607 Remove wrapActionCreators (#1709)
• df36f4e Verify that selector and equalityF of useSelector are functions (#1706)
• f4ea60c Import bindActionCreators from redux (#1705)
• 50b60e4 Bump y18n from 4.0.0 to 4.0.1 (#1703)
• c945868 Remove unused useState call in getting-started.md example (#1702)
• 07365ee Don't re-run the selector after update (#1701)
• 010c3ee Update React-Redux typedef info for 7.2.3
• a87cd5f 7.2.3
• da22052 Automatically install @ types/react-redux as a dependency (#1699)
• 65b4a16 Reuse latest selected state on selector re-run (#1654) (#1660)
• 3aa8993 Use useIsomorphicLayoutEffect in Provider for consistency (#1683)
• 86b6fe0 Additional TS usage updates (#1698)
• 9005c4a Drop versioned docs entirely (#1696)
• 45dfd45 Assorted docs cleanup (#1688)
• a923553 Added translation section to docs version 7.2 (#1676)
• 80f8fe1 added docs translations section in quick start (#1675)
• 96bf941 Link directly to #redux on Reactiflux (#1673)
• 1f07ec1 Bump node-notifier from 8.0.0 to 8.0.1 (#1672)
• 98b6626 Replace uppercase char with lowercase one (#1671)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[codecov[bot]]

Codecov Report

Merging #99 (750d3ff) into master (23ade72) will not change coverage. The diff coverage is n/a.

@@           Coverage Diff           @@
##           master      #99   +/-   ##
=======================================
  Coverage   62.61%   62.61%           
=======================================
  Files         132      132           
  Lines        4917     4917           
=======================================
  Hits         3079     3079           
  Misses       1838     1838           

Flag	Coverage Δ
unittests	62.61% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

---

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update 23ade72...750d3ff. Read the comment docs.