search

jaebradley / react-contact-information

Simple React component for contact information
https://jaebradley.github.io/react-contact-information
MIT License
0 stars 0 forks source link

[Snyk] Upgrade bootstrap from 4.0.0 to 4.5.0 #50

Open snyk-bot opened 4 years ago

snyk-bot commented 4 years ago

Snyk has created this PR to upgrade bootstrap from 4.0.0 to 4.5.0.

merge advice

✨What is Merge Advice? We check thousands of dependency upgrade pull requests and CI tests every day to see which upgrades were successfully merged. After crunching this data, we give a recommendation on how safe we think the change is for you to merge without causing issues. Learn more, and share your feedback to help improve this feature. 🙏

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version fixes:

Severity Issue Exploit Maturity
Cross-site Scripting (XSS)
npm:bootstrap:20180529		 No Known Exploit
Cross-site Scripting (XSS)
SNYK-JS-BOOTSTRAP-73560		 No Known Exploit
Cross-site Scripting (XSS)
SNYK-JS-BOOTSTRAP-173700		 No Known Exploit
Release notes
Package name: bootstrap
  • 4.5.0 - 2020-05-12

    Highlights

    • New interaction utilities. Quickly set user-select with the new utilities and Sass map.
    • New Reboot style for pointer cursors. We now include a role="button" selector in Reboot to set cursor: pointer on non-<button> element buttons.
    • Examples are now downloadable. We've added a script to zip up and offer all our Examples as their own download from the docs.
    • Saved ~5% from the compressed minified JS builds.
    • Added guidance to our docs for how to work around our longstanding input group rounded corner bug.
    • Redesigned docs homepage and navbar to increment us towards v5's new docs design.
    • Deprecated bg-gradient-variant mixin as it's being removed in v5.
    • Updated to jQuery v3.5.1, Jekyll v4, and dropped Node.js < 10 for development.

    CSS

    • #29413: Prevent vertical offset on progress bar in IE11
    • #29745: Add display: flex on .breadcrumb-item
    • #29819: Allow percentages in container widths
    • #29857: Escape brackets
    • #29946: Added new variable for padding on dropdown header
    • #30004: Fixes disabled .btn cursor
    • #30036: Added focus state to .btn-link
    • #30043: Fix IE auto-size input-group to column
    • #30049: Prevent grid with default cols from breaking when large pre is present by setting min-width: 0
    • #30074: Use word-wrap in .text-break for IE and Edge compatibility
    • #30166: Avoid border-radius functions returning negative values
    • #30183: Remove unnecessary reduce motion when $enable-transition: false
    • #30244: Fix centered modal scrolling issue
    • #30262: Prevent link underline change from affecting some components
    • #30361: Remove appearance from date inputs
    • #30391: Prevent redundant transition: none in transition()` mixin
    • #30497: Fix card list group borders & radii
    • #30504: Fix spinner-grow animation in Safari
    • #30515: Add .card-footer color
    • #30555, #30512, #30480: Use box-shadow mixin for .form-select, .btn, and other form controls
    • #30562: Added new interaction utilities for user-select and a new - role="button" in Reboot to set cursor: pointer.
    • #30582: Delete unnecessary appearance: none from button.close
    • #30594: Deprecate bg-gradient-variant mixin
    • #30605, #30606: Grid now checks for for $grid-columns > 0
    • #30609: Checks for an empty $grid-breakpoints map list to remove all breakpoints
    • #30660: Prevent list group style leaks
    • #30685: Disable auto-hiding scrollbar in IE and legacy Edge

    JavaScript

    • #29986: Close modal with keyboard=true & backdrop=static
    • #29968: sanitizer.js: Add srcset in the allowed attributes
    • #30381: Updated tab.js to address accessibility issue when using ul/li semantic
    • #30383: ensure totype always return stringified null when null passed
    • #30388: enable button toggle on label when checkbox is inside
    • #30490: Switch to string constants to save ~5% on compressed file size
    • #30510, #30511: Fix event propagation from inactive and disabled dropdowns
    • #30744: ensure build plugins can exit in error
    • #30772: Prevent scrollbar replacement on non-integer width
    • 22f75c: scrollspy: only accept valid Elements as input for target

    Docs

    • Redesigned docs homepage
    • Improved tap target sizing in our navigation
    • Added examples for our input group border-radius workaround
    • Added warning to browser bugs page that it's no longer maintained
    • Added loading="lazy" for images
    • #29782: Improve wrapping and hit area of accordion example titles
    • #29820: move width after make-container() mixin
    • #29937: Add missing Noto Sans font to font stack
    • #29956: Add Microsoft Edge for macOS to supported browsers
    • #30130: Added ability to zip and download our Examples
    • #30175: Add version number in page titles
    • #30180: Changed input group validation examples to reflect issues with input group
    • #30207: Headings hierarchy in theming.md
    • #30325: Updated modal docs to simplify data-target usage and more
    • #30416: Clarify card group behavior
    • #30469: Remove holder.js leftovers
    • #30505: Use existing position utility in navbar example
    • #30695: make the check for URL stricter in our docs search
    • #30755: Removed role="document" from the modal dialog

    Examples

    • #29886: Fix checkout page forms
    • #30573: Improve the responsiveness of our Dashboard example

    Dependencies

    • Updated jQuery to v3.5.1
    • Replaced bundlesize with bundlewatch
    • Updated to Jekyll v4
    • Drop Node.js < 10
    • Misc devDependencies updates
  • 4.4.1 - 2019-11-28
    Read more
  • 4.4.0 - 2019-11-26
    Read more
  • 4.3.1 - 2019-02-13
    Read more
  • 4.3.0 - 2019-02-11
    Read more
  • 4.2.1 - 2018-12-21
    Read more
  • 4.1.3 - 2018-07-24
    Read more
  • 4.1.2 - 2018-07-12
  • 4.1.1 - 2018-04-30
  • 4.1.0 - 2018-04-09
  • 4.0.0 - 2018-01-18
from bootstrap GitHub release notes
Commit messages
Package name: bootstrap
  • 7a6da5e Dist
  • 109ad5d Bump version to 4.5.0.
  • 4a0ddb0 Wording fixes
  • 0f26be5 Move the input groups validation workaround in docs.
  • 842b0d2 Remove mention of build tools
  • 32932d2 Grammar fixes
  • 4a26e51 Include the newly added utilities/interactions.scss file
  • 0f3eda8 Update devDependencies and gems.
  • 30e7df6 Backport d59de33 from #30772
  • f1827ce Avoid bad scrollbar replacement into width values
  • eb1df3e Update codeql.yml (#30777)
  • df91d2c Improve build/zip-examples.js (#30759)
  • d2f9fbd Removed role="document" from the modal dialog (#30755)
  • bad48dc CI: simplify cache
  • 86f2c01 Partially revert "Use regex.test() when we want to check for a Boolean. (#29969)"
  • 955c437 collapse.js: combine classes
  • eb720f2 Minor lint tweaks and rules cleanup
  • 53eace0 build-plugins.js: add missing shebang (#30743)
  • 1c9e203 dropdown.js: switch to a ternary
  • 5f79b75 tests: switch to strictEqual/notStrictEqual
  • 195585f scrollspy.js add more tests
  • fa8a7ec Remove variables used once.
  • 52fdab8 Join/break a few lines, no functional changes
  • b3601aa README.md: change Tests badge to point to v4-dev
Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs