search

equinor / fusion-workspace

https://equinor.github.io/fusion-workspace/
MIT License
8 stars 1 forks source link

[Snyk] Upgrade @equinor/eds-core-react from 0.28.0 to 0.36.1 #614

Closed ken-mellem closed 2 months ago

ken-mellem commented 2 months ago

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade @equinor/eds-core-react from 0.28.0 to 0.36.1.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is **25 versions** ahead of your current version. - The recommended version was released **2 months ago**, on 2024-03-01. The recommended version fixes: Severity | Issue | PriorityScore (*) | Exploit Maturity | :-------------------------:|:-------------------------|-------------------------|:------------------------- | Missing Release of Resource after Effective Lifetime
[SNYK-JS-INFLIGHT-6095116](https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116) | **141/1000**
**Why?** Confidentiality impact: None, Integrity impact: None, Availability impact: High, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Local, EPSS: 0.01055, Social Trends: No, Days since published: 151, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 99, Impact: 5.99, Likelihood: 2.35, Score Version: V5 | Proof of Concept (*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: @equinor/eds-core-react
  • 0.36.1 - 2024-03-01

    [0.36.1] - 2024-03-01

    Changed

    Fixed

    • ⬆️ Autocomplete: Updated downshift@8.3.3 to fix focus grabbing on load bug by @ oddvernes in #3336
  • 0.36.0 - 2024-02-09

    [0.36.0] - 2024-02-09

    Added

    • Autocomplete: Implemented "Select all" functionality, enabled with allowSelectAll prop by @ yusijs in #3245
    • 💄 Slider: option to render "value label" below the track with new labelBelow prop by @ oddvernes in #3227

    Fixed

    • 🐛 Slider: onChangeCommitted was not triggered by touch input by @ oddvernes in #3244
    • 🐛 Slider: fixed bug in Firefox where "value label" did not show on hover by @ oddvernes in #3224
    • 🐛 Snackbar: A missing check in the autohide timer caused onClose to be called twice by @ oddvernes and @ yusijs in #3241
    • 🐛 Autocomplete: with multiple, readOnly was still accessible when clicking in the input. readOnly was still accessible in both modes when using keyboard arrow buttons by @ oddvernes in #3216

    Changed

    • 💄Slider: design adjustments to the "value label": changed color, reduced padding, removed "arrow" and moved closer to the "thumb" by @ oddvernes in #3227
    • 💄 TextField/InputWrapper: allow line break character to work in HelperText by @ oddvernes in #3233
    • 🔧 Updated babel browserlist from "defaults" to "last 2 versions of chrome/edge/firefox/safari". This reduces build size significantly and removes all the babel runtime helpers. by @ oddvernes in #3219
    • 🚸 Autocomplete ux-changes: input cleared on blur, added "no options" dropdown and noOptionsText prop by @ oddvernes in #3216
  • 0.35.1 - 2023-12-21

    [0.35.1] - 2023-12-21

    Fixed

    • 🐛 Typography: Bug affecting users of styled-components v6 where line-clamping would be applied to all Typography elements on the page if the lines prop was set on one of them by @ oddvernes in #3193
  • 0.35.0 - 2023-12-13
  • 0.34.0 - 2023-11-17
  • 0.33.1 - 2023-10-20
  • 0.33.0 - 2023-09-26
  • 0.32.4 - 2023-08-15
  • 0.32.3 - 2023-07-14
  • 0.32.3-dev20230714 - 2023-07-14
  • 0.32.2 - 2023-07-13
  • 0.32.2-dev-rollup-test.1 - 2023-07-12
  • 0.32.1 - 2023-07-11
  • 0.32.1-dev20230711 - 2023-07-11
  • 0.32.0 - 2023-07-10
  • 0.32.0-dev07102023 - 2023-07-10
  • 0.32.0-dev07072023 - 2023-07-10
  • 0.31.1 - 2023-04-25
  • 0.31.0 - 2023-04-25
  • 0.30.0 - 2023-03-15
  • 0.29.2-dev14022023 - 2023-02-14
  • 0.29.2-dev09022023 - 2023-02-09
  • 0.29.1 - 2023-02-03
  • 0.29.1-DEV03022023 - 2023-02-03
  • 0.29.0 - 2023-02-03
  • 0.28.0 - 2022-12-21
from @equinor/eds-core-react GitHub release notes
**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/project-portal-agk/project/8d0b7c69-ca5a-4bc2-b716-bb93874e76d8?utm_source=github&utm_medium=referral&page=upgrade-pr) 🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/project-portal-agk/project/8d0b7c69-ca5a-4bc2-b716-bb93874e76d8/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr) 🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/project-portal-agk/project/8d0b7c69-ca5a-4bc2-b716-bb93874e76d8/settings/integration?pkg=@equinor/eds-core-react&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)