[Snyk] Upgrade antd from 5.19.4 to 5.20.0 #83
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Snyk has created this PR to upgrade antd from 5.19.4 to 5.20.0. See this package in npm: antd See this project in Snyk: https://app.snyk.io/org/fantasticmrdavid/project/a17e40dc-2e1a-4af7-8e87-779da9392295?utm_source=github&utm_medium=referral&page=upgrade-pr
fantasticmrdavid
deleted the
snyk-upgrade-33c1f71ffb7704f75f7a7f168e6aee9d
branch
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade antd from 5.19.4 to 5.20.0.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 1 version ahead of your current version.
The recommended version was released on 22 days ago.
Issues fixed by the recommended upgrade:
SNYK-JS-LEGACYSWCHELPERS-7647380
SNYK-JS-SEMVER-3247795
SNYK-JS-BROWSERIFYSIGN-6037026
SNYK-JS-TAR-6476909
SNYK-JS-ELLIPTIC-7577916
SNYK-JS-ELLIPTIC-7577917
SNYK-JS-ELLIPTIC-7577918
SNYK-JS-FASTLOOPS-7417995
Release notes
Package name: antd
-
5.20.0 - 2024-08-03
- 🛠 Replace ColorPicker internal
- 🆕 ConfigProvider support indicator property for Spin. #50183 @ coding-ice
- 🆕 Upload
- 🆕 Tree support custom loading icon for tree nodes with new prop
- 🆕 Slider support
- 🆕 Slider
- 🆕 Support custom status render in QRCode. #49563 @ kiner-tang
- 🆕 Table component supports custom Filter dropdown box empty status. #49613 @ Wxh16144
- 🆕 Allow user to add the Divider style of
- 🆕 InputNumber supports
- 🆕 ColorPicker support gradient color type and fix controlled mode not working. #50050
- 🆕 Input/TextArea/Mentions support
- ⌨️ Optimize Input be changed repeatedly when hold the enter key in multi-mode. rc-input#72 @ crazyair
- 🐞 Fix the issue where line-height is not effective in cssinjs mode for ColorPicker. #50220 @ vagusX
- 🐞 Fix cursor disabled state for ColorPicker. #50217 @ coding-ice
- 🐞 Fix grouping columns does not apply sorting for Table. #50086 @ Zyf665
- 🐞 Fix Popover/PopConfirm/Tooltip with
- 💄 Fix Tree filter node style lost. #49773 @ wanpan11
- 💄 Optimize ColorPicker when selecting a color from the
- TypeScript
- 🤖 Component Token support string and number. #49837 @ thinkasany
- 🤖 Improve Radio export types. #50203 @ baicie
- 🌐 Locales
- 🇪🇸 Improve Spanish translation. #50179 @ sergioalmela
- 🇺🇦 Add missed translation in uk_UA. #50178 @ Andrik264
- 🛠 替换 ColorPicker 内部使用的
- 🆕 ConfigProvider 支持配置 Spin 的 indicator 属性。#50183 @ coding-ice
- 🆕 Upload
- 🆕 Tree 新增
- 🆕 Slider 支持
- 🆕 Slider
- 🆕 在 QRCode 中支持自定义状态渲染。#49563 @ kiner-tang
- 🆕 Table 组件支持自定义过滤器下拉框空状态。 #49613 @ Wxh16144
- 🆕 Divider 支持添加
- 🆕 InputNumber 支持
- 🆕 ColorPicker 支持渐变色选择,并修复受控模式不生效的问题。#50050
- 🆕 Input/TextArea/Mentions 组件支持
- ⌨️ 优化 Input 下长按回车会不断触发变更的问题。rc-input#72 @ crazyair
- 🐞 修复 ColorPicker 在 cssinjs 模式下 line-height 失效的问题。#50220 @ vagusX
- 🐞 修复 ColorPicker 在 disabled 状态下的光标问题. #50217 @ coding-ice
- 🐞 修复 Table 中列存在分组时,排序不生效的问题。#50086 @ Zyf665
- 🐞 修复 Popover/PopConfirm/Tooltip 在目标元素宽度过大时,使用
- 💄 修复 Tree 组件 filter-node 节点高亮样式丢失。#49773 @ wanpan11
- 💄 优化 ColorPicker 当从
- TypeScript
- 🤖 Component Token 支持 string 或 number。#49837 @ thinkasany
- 🤖 改进 Radio 类型导出。#50203 @ baicie
- 🌐 Locales
- 🇪🇸 改进西班牙语本地化文案。#50179 @ sergioalmela
- 🇺🇦 补全
-
5.19.4 - 2024-07-30
- 🐞 Fix the internal elements of Form.Item did not inherit the row height. #50020 @ Wanpan
- 🐞 Fix Overlay is still displayed when both Popover
- 🐞 Fix the Token of Empty setting
- 💄 Fix Tour overflowed the screen on mobile devices. #50082
- 💄 Fix hover style of Checkbox
- 💄 Fix DatePicker selection style is not intuitive under rtl. #50045 @ Layouwen
- 💄 Fix Descriptions overflowing the container in
- 🛠 MISC: Migrate common style tools to
- 🌐 Locales
- 🇵🇱 Add DatePicker locales for pl_PL. #50023 @ ang33l
- 🇧🇪🇫🇷 Add Modal Tour locales for fr_BE fr_FR. #50058 @ JaccoGoris
- 🐞 修复 Form.Item 内部元素没有继承行高的问题。#50020 @ Wanpan
- 🐞 修复 Popover
- 🐞 修复 Empty Token 设置
- 💄 修复 Tour 在移动端下溢出屏幕的问题。#50082
- 💄 修复 Checkbox
- 💄 修复 DatePicker 在 rtl 下选择样式不符直觉。#50045 @ Layouwen
- 💄 修复 Descriptions 在
- 🛠 MISC:将通用样式工具迁移到
- 🌐 国际化
- 🇵🇱 为 pl_PL 补充 DatePicker 国际化。#50023 @ ang33l
- 🇧🇪🇫🇷 为 fr_BE fr_FR 补充 Modal Tour 国际化。#50058 @ JaccoGoris
from antd GitHub release notes@ ctrl/tiny-colorwith@ ant-design/fast-color. #49846showUploadListsupportextrafor additional content. #50098 @ guoyunheswitcherLoadingIcon. #49716 @ coding-icerange.editableto dynamic add/remove handles. #49923range.editablesupportminCountandmaxCount. #49987dashed,dottedorsolid. #49654 @ pinaki-08suffixprop. #49674 @ coding-iceonClearprop. #49905 @ li-jia-nantopLeft,topRight,bottomLeft,bottomRightzoom in transform origin not correct when target element width is too large. #50134transparentstate, it defaults to using a bright color instead of black color to enhance the user interaction experience. #50148@ ctrl/tiny-color为@ ant-design/fast-color。#49846showUploadList添加extra以支持渲染额外信息。#50098 @ guoyunheswitcherLoadingIcon属性以支持自定义树节点的加载图标#49716 @ coding-icerange.editable以动态添加/删除节点。#49923range.editable支持minCount与maxCount以配置可编辑节点树。#49987dashed(虚线)、dotted(点线)或solid(实线)的样式。#49654 @ pinaki-08suffix属性。#49674 @ coding-iceonClear回调,便于区分点击 x 清除和手动清除这两个行为。#49905 @ li-jia-nantopLeft,topRight,bottomLeft,bottomRight的弹出动画起始缩放中心有所偏移的问题。#50134transparent状态进行颜色选取时,默认使用亮色以代替原本的纯黑色以提升用户交互体验。#50148uk_UA本地化文案。#50178 @ Andrik264titleandcontentdo not exist. #50064 @ LLmoskkopacityImagedoes not take effect. #50066 @ thinkasanyindeterminatestate. #50083borderedmode. #49946 @ leefinder@ ant-design/cssinjs-utils. #50030 @ YumoImertitle和content都不存在时 Overlay 仍显示的问题。#50064 @ LLmoskkopacityImage不生效的问题。#50066 @ thinkasanyindeterminate状态的 hover 样式。#50083bordered模式下溢出容器的问题。#49946 @ leefinder@ ant-design/cssinjs-utils。#50030 @ YumoImerImportant
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
[//]: # 'snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"antd","from":"5.19.4","to":"5.20.0"}],"env":"prod","hasFixes":true,"isBreakingChange":false,"isMajorUpgrade":false,"issuesToFix":[{"exploit_maturity":"mature","id":"SNYK-JS-LEGACYSWCHELPERS-7647380","issue_id":"SNYK-JS-LEGACYSWCHELPERS-7647380","priority_score":965,"priority_score_factors":[{"type":"maliciousPackage","label":true,"score":125},{"type":"exploit","label":"High","score":375},{"type":"cvssScore","label":"9.3","score":465},{"type":"scoreVersion","label":"v1","score":1}],"severity":"critical","title":"Malicious Package"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-SEMVER-3247795","issue_id":"SNYK-JS-SEMVER-3247795","priority_score":482,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-BROWSERIFYSIGN-6037026","issue_id":"SNYK-JS-BROWSERIFYSIGN-6037026","priority_score":375,"priority_score_factors":[{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Improper Verification of Cryptographic Signature"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-TAR-6476909","issue_id":"SNYK-JS-TAR-6476909","priority_score":432,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"cvssScore","label":"6.5","score":325},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Uncontrolled Resource Consumption ('Resource Exhaustion')"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-ELLIPTIC-7577916","issue_id":"SNYK-JS-ELLIPTIC-7577916","priority_score":634,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"freshness","label":true,"score":71},{"type":"cvssScore","label":"9.1","score":455},{"type":"scoreVersion","label":"v1","score":1}],"severity":"critical","title":"Improper Verification of Cryptographic Signature"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-ELLIPTIC-7577917","issue_id":"SNYK-JS-ELLIPTIC-7577917","priority_score":634,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"freshness","label":true,"score":71},{"type":"cvssScore","label":"9.1","score":455},{"type":"scoreVersion","label":"v1","score":1}],"severity":"critical","title":"Improper Verification of Cryptographic Signature"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-ELLIPTIC-7577918","issue_id":"SNYK-JS-ELLIPTIC-7577918","priority_score":634,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"freshness","label":true,"score":71},{"type":"cvssScore","label":"9.1","score":455},{"type":"scoreVersion","label":"v1","score":1}],"severity":"critical","title":"Improper Verification of Cryptographic Signature"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-FASTLOOPS-7417995","issue_id":"SNYK-JS-FASTLOOPS-7417995","priority_score":452,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"cvssScore","label":"6.9","score":345},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Prototype Pollution"}],"prId":"d8696cf2-9d87-46cb-9eb5-87c3ec8dcbda","prPublicId":"d8696cf2-9d87-46cb-9eb5-87c3ec8dcbda","packageManager":"npm","priorityScoreList":[965,482,375,432,634,634,634,452],"projectPublicId":"a17e40dc-2e1a-4af7-8e87-779da9392295","projectUrl":"https://app.snyk.io/org/fantasticmrdavid/project/a17e40dc-2e1a-4af7-8e87-779da9392295?utm_source=github&utm_medium=referral&page=upgrade-pr","prType":"upgrade","templateFieldSources":{"branchName":"default","commitMessage":"default","description":"default","title":"default"},"templateVariants":["priorityScore"],"type":"auto","upgrade":["SNYK-JS-LEGACYSWCHELPERS-7647380","SNYK-JS-SEMVER-3247795","SNYK-JS-BROWSERIFYSIGN-6037026","SNYK-JS-TAR-6476909","SNYK-JS-ELLIPTIC-7577916","SNYK-JS-ELLIPTIC-7577917","SNYK-JS-ELLIPTIC-7577918","SNYK-JS-FASTLOOPS-7417995"],"upgradeInfo":{"versionsDiff":1,"publishedDate":"2024-08-03T13:57:04.477Z"},"vulns":["SNYK-JS-LEGACYSWCHELPERS-7647380","SNYK-JS-SEMVER-3247795","SNYK-JS-BROWSERIFYSIGN-6037026","SNYK-JS-TAR-6476909","SNYK-JS-ELLIPTIC-7577916","SNYK-JS-ELLIPTIC-7577917","SNYK-JS-ELLIPTIC-7577918","SNYK-JS-FASTLOOPS-7417995"]}'