search

veg / datamonkey-js

Datamonkey - Run state-of-the-art statistical models through the comfort of your browser
http://datamonkey.org
Other
10 stars 9 forks source link

Bump react-scrollchor from 6.0.0 to 7.0.2 #654

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps react-scrollchor from 6.0.0 to 7.0.2.

Release notes

Sourced from react-scrollchor's releases.

7.0.2

Minor security update with the following changes:

  • Updated package-lock.json to avoid vulnerable dependencies reported by npm audit

Thanks to @​SeinopSys, @​bySabi

7.0.1

Minor security update with the following changes:

  • Updated package-lock.json to avoid vulnerable dependencies reported by npm audit

7.0.0

This is a major update to React Scrollchor with the following changes:

  • Written in Typescript that will make the integration easier and safer in your development cycle
  • The implementation of the easing functions has been improved. Now you can choose between: easeOutQuad, swing, linear included in this module or replace it with your own function
  • Internally implemented using React Hooks, the new minimum dependency is React 16.8.0
  • Default export being removed in favor of a named Scrollchor export
  • The documentation, README, on the module site has been improved. Now it is much clearer.

... more details in CHANGELOG.md

All of this would not have been possible without the hard work of @​SeinopSys who, basically, has done it all. THANKS David !!

Changelog

Sourced from react-scrollchor's changelog.

7.0.2

  • Updated package-lock.json to avoid vulnerable dependencies reported by npm audit

7.0.1

  • Updated package-lock.json to avoid vulnerable dependencies reported by npm audit

7.0.0

This new major version contains breaking changes.

  • Everything has been rewritten in TypeScript, which brings with it published type definitions
  • The default export has been removed in favor of a named export; import Scrollchor must be replaced with import { Scrollchor }
  • The simulateClick() API has been removed entirely
  • Scrollchor is now a function component and makes use of hooks introduced in React v16.8, which necessitated a minimum version bump for this peerDependency
  • animation.easing configuration is now documented and compatible with all the easing functions provided by jquery-easing
  • Added two additional built-in easing types for ease of use, borrowed from jQuery (linear, swing)
Commits
  • 3f53773 update rollup-plugin-typescript2 that prevented build
  • 239457b Merge pull request #45 from some-react-components/vuln-fix
  • b8465ac Upgrade vulnerable dependencies
  • 61cb05e Merge pull request #43 from some-react-components/vuln-fix
  • 9729a6c Upgrade vulnerable dependencies
  • 80540c7 Merge pull request #40 from SeinopSys/v7
  • 54d1c76 Fix vulnerable dependencies
  • a6692f8 Rewrite in TypeScript, replace build & lint tooling
  • See full diff in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
stevenweaver commented 1 year ago

@dependabot ignore this dependency -- updated with react

dependabot[bot] commented 1 year ago

OK, I won't notify you about react-scrollchor again, unless you re-open this PR. 😢