Bump react-redux@7.2.8
and run npm audit fix
#4230
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Changelog Entry
Changed
react-redux@7.2.8
Description
Recently release of
react@18
brokereact-redux@7.2.6
due to the way NPM handle peer dependencies, documented at reduxjs/react-redux#1881. We need to bump toreact-redux@>=7.2.7
.Also, we run
npm audit fix
manually for a couple of dependabot asks. This is because dependabot cannot handlelerna
properly and dropped some of our local deps in the PR. This is forminimalist
andnode-forge
.Design
The new peer deps feature in npm is designed to only look at immediately peer deps.
Web Chat requires peer deps of
react@>=16.8.6
. When npm evaluates, it considersreact@18
as the base version.Then, npm tries to install
react-redux@7.2.6
. Asreact-redux
requiresreact@16.8 || 17
andreact@18
is not a peer deps, npm consider Web Chat failed the deps.As npm only look at immediate
package.json
for peer deps and do not negotiate, it could not figure out other possible candidates, such as,react@16.8.6
. Thus,react-redux
needs to do an emergency patch@7.2.7
to mitigate the "side effect of release ofreact@18
".Specific Changes
react-redux@7.2.8
npm audit fix
on all packages, including samplesI have added tests and executed them locallyCHANGELOG.md
I have updated documentationReview Checklist
Accessibility reviewed (tab order, content readability, alt text, color contrast)Browser and platform compatibilities reviewedCSS styles reviewed (minimal rules, noz-index
)Documents reviewed (docs, samples, live demo)Internationalization reviewed (strings, unit formatting)package.json
andpackage-lock.json
reviewedSecurity reviewed (no data URIs, check for nonce leak)Tests reviewed (coverage, legitimacy)