Closed gaearon closed 6 years ago
Can someone please make a release, so that all modules that depend on prop-types can get the vulnerability fix?
15.6.2
.prop-types
. Even if some transitive dependency of fbjs
had a vulnerability at some point, prop-types
only uses functions in fbjs
that have no transitive dependencies.@gaearon could you push all the git tags up for the releases? It seems that most of them (including the latest) are missing.
Pushed a tag for the latest release.
See reasons in https://github.com/facebook/react/pull/13069. This PR is complementary.
I chose to inline a simplified version of
warning
in two files where we use it, and replacing invariant calls withnew Error
. In case somebody relies onInvariant Violation
being the name (e.g. in tests), I inlined.name
assignments to match theinvariant
logic.Without this PR,
fbjs
would stay a transitive dep of React.