This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade @equinor/eds-core-react from 0.28.0 to 0.36.1.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is **25 versions** ahead of your current version.
- The recommended version was released **2 months ago**, on 2024-03-01.
The recommended version fixes:
Severity | Issue | PriorityScore (*) | Exploit Maturity |
:-------------------------:|:-------------------------|-------------------------|:-------------------------
| Missing Release of Resource after Effective Lifetime [SNYK-JS-INFLIGHT-6095116](https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116) | **141/1000** **Why?** Confidentiality impact: None, Integrity impact: None, Availability impact: High, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Local, EPSS: 0.01055, Social Trends: No, Days since published: 151, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 99, Impact: 5.99, Likelihood: 2.35, Score Version: V5 | Proof of Concept
(*) Note that the real score may have changed since the PR was raised.
Release notes Package name: @equinor/eds-core-react
✨ Autocomplete: Implemented "Select all" functionality, enabled with allowSelectAll prop by @ yusijs in #3245
💄 Slider: option to render "value label" below the track with new labelBelow prop by @ oddvernes in #3227
Fixed
🐛 Slider: onChangeCommitted was not triggered by touch input by @ oddvernes in #3244
🐛 Slider: fixed bug in Firefox where "value label" did not show on hover by @ oddvernes in #3224
🐛 Snackbar: A missing check in the autohide timer caused onClose to be called twice by @ oddvernes and @ yusijs in #3241
🐛 Autocomplete: with multiple, readOnly was still accessible when clicking in the input. readOnly was still accessible in both modes when using keyboard arrow buttons by @ oddvernes in #3216
Changed
💄Slider: design adjustments to the "value label": changed color, reduced padding, removed "arrow" and moved closer to the "thumb" by @ oddvernes in #3227
💄 TextField/InputWrapper: allow line break character to work in HelperText by @ oddvernes in #3233
🔧 Updated babel browserlist from "defaults" to "last 2 versions of chrome/edge/firefox/safari". This reduces build size significantly and removes all the babel runtime helpers. by @ oddvernes in #3219
🚸 Autocomplete ux-changes: input cleared on blur, added "no options" dropdown and noOptionsText prop by @ oddvernes in #3216
🐛 Typography: Bug affecting users of styled-components v6 where line-clamping would be applied to all Typography elements on the page if the lines prop was set on one of them by @ oddvernes in #3193
0.35.0 - 2023-12-13
0.34.0 - 2023-11-17
0.33.1 - 2023-10-20
0.33.0 - 2023-09-26
0.32.4 - 2023-08-15
0.32.3 - 2023-07-14
0.32.3-dev20230714 - 2023-07-14
0.32.2 - 2023-07-13
0.32.2-dev-rollup-test.1 - 2023-07-12
0.32.1 - 2023-07-11
0.32.1-dev20230711 - 2023-07-11
0.32.0 - 2023-07-10
0.32.0-dev07102023 - 2023-07-10
0.32.0-dev07072023 - 2023-07-10
0.31.1 - 2023-04-25
0.31.0 - 2023-04-25
0.30.0 - 2023-03-15
0.29.2-dev14022023 - 2023-02-14
0.29.2-dev09022023 - 2023-02-09
0.29.1 - 2023-02-03
0.29.1-DEV03022023 - 2023-02-03
0.29.0 - 2023-02-03
0.28.0 - 2022-12-21
from @equinor/eds-core-react GitHub release notes
**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.*
For more information:
🧐 [View latest project report](https://app.snyk.io/org/project-portal-agk/project/8d0b7c69-ca5a-4bc2-b716-bb93874e76d8?utm_source=github&utm_medium=referral&page=upgrade-pr)
🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/project-portal-agk/project/8d0b7c69-ca5a-4bc2-b716-bb93874e76d8/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr)
🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/project-portal-agk/project/8d0b7c69-ca5a-4bc2-b716-bb93874e76d8/settings/integration?pkg=@equinor/eds-core-react&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade @equinor/eds-core-react from 0.28.0 to 0.36.1.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.- The recommended version is **25 versions** ahead of your current version. - The recommended version was released **2 months ago**, on 2024-03-01. The recommended version fixes: Severity | Issue | PriorityScore (*) | Exploit Maturity | :-------------------------:|:-------------------------|-------------------------|:-------------------------
[SNYK-JS-INFLIGHT-6095116](https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116) | **141/1000**
**Why?** Confidentiality impact: None, Integrity impact: None, Availability impact: High, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Local, EPSS: 0.01055, Social Trends: No, Days since published: 151, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 99, Impact: 5.99, Likelihood: 2.35, Score Version: V5 | Proof of Concept (*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: @equinor/eds-core-react
[0.36.1] - 2024-03-01
Changed
Fixed
Autocomplete
: Updated downshift@8.3.3 to fix focus grabbing on load bug by @ oddvernes in #3336[0.36.0] - 2024-02-09
Added
Autocomplete
: Implemented "Select all" functionality, enabled withallowSelectAll
prop by @ yusijs in #3245Slider
: option to render "value label" below the track with newlabelBelow
prop by @ oddvernes in #3227Fixed
Slider
:onChangeCommitted
was not triggered by touch input by @ oddvernes in #3244Slider
: fixed bug in Firefox where "value label" did not show on hover by @ oddvernes in #3224Snackbar
: A missing check in the autohide timer causedonClose
to be called twice by @ oddvernes and @ yusijs in #3241Autocomplete
: withmultiple
,readOnly
was still accessible when clicking in the input.readOnly
was still accessible in both modes when using keyboard arrow buttons by @ oddvernes in #3216Changed
Slider
: design adjustments to the "value label": changed color, reduced padding, removed "arrow" and moved closer to the "thumb" by @ oddvernes in #3227TextField
/InputWrapper
: allow line break character to work inHelperText
by @ oddvernes in #3233babel
browserlist from "defaults" to "last 2 versions of chrome/edge/firefox/safari". This reduces build size significantly and removes all the babel runtime helpers. by @ oddvernes in #3219Autocomplete
ux-changes: input cleared on blur, added "no options" dropdown andnoOptionsText
prop by @ oddvernes in #3216[0.35.1] - 2023-12-21
Fixed
Typography
: Bug affecting users of styled-components v6 where line-clamping would be applied to allTypography
elements on the page if thelines
prop was set on one of them by @ oddvernes in #3193**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: