Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade zustand from 5.0.0-rc.2 to 5.0.0 #79

Open
wants to merge 1 commit into
base: dev
Choose a base branch
from
Open

[Snyk] Upgrade zustand from 5.0.0-rc.2 to 5.0.0 #79

wants to merge 1 commit into from
+1 −1

Conversation

welllucky
Copy link
Owner

snyk-top-banner

Snyk has created this PR to upgrade zustand from 5.0.0-rc.2 to 5.0.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 1 version ahead of your current version.

  • The recommended version was released on a month ago.

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
medium severity Cross-site Scripting (XSS)
SNYK-JS-ROLLUP-8073097		 108 Proof of Concept
Release notes
Package name: zustand
  • 5.0.0 - 2024-10-14

    🎉🎉🎉 Zustand v5 🐻🐻🐻

    TL;DR

    • No new features
    • Drop many old things
    • Migration from v4 should be smooth.

    Changes in v5

    • Drop default exports
    • Drop deprecated features
    • Make React 18 the minimum required version
    • Make use-sync-external-store a peer dependency (required for createWithEqualityFn and useStoreWithEqualityFn in zustand/traditional)
    • Make TypeScript 4.5 the minimum required version
    • Drop UMD/SystemJS support
    • Organize entry points in the package.json
    • Drop ES5 support
    • Stricter types when setState's replace flag is set
    • Persist middleware behavioral change
    • Other small improvements (technically breaking changes)

    Migration Guide

    Read the migration guide carefully:
    https://github.com/pmndrs/zustand/blob/main/docs/migrations/migrating-to-v5.md

    Frequently Reported Issue

    During the RC period, some users encountered the following infinite loop error:

    Uncaught Error: Maximum update depth exceeded. This can happen when a component repeatedly calls setState inside componentWillUpdate or componentDidUpdate. React limits the number of nested updates to prevent infinite loops.

    This case was already a non-ideal behavior in v4 but appears more explicitly as an error in v5. While there are several ways to resolve this, using useShallow often fixes the problem.

    What's Changed

    New Contributors

    Full Changelog: v4.5.5...v5.0.0

  • 5.0.0-rc.2 - 2024-09-15

    Hopefully, this will be the last RC, unless we have serious bug reports in #2741.

    What's Changed

    New Contributors

    Full Changelog: v5.0.0-rc.1...v5.0.0-rc.2

from zustand GitHub release notes

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

@snyk-bot
fix: upgrade zustand from 5.0.0-rc.2 to 5.0.0
cb46295 
Snyk has created this PR to upgrade zustand from 5.0.0-rc.2 to 5.0.0.

See this package in npm:
zustand

See this project in Snyk:
https://app.snyk.io/org/welllucky/project/2e202115-f34e-4c6e-8f6d-ce7ecac5cd1d?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@welllucky @snyk-bot