Ant Design (antd) saw several updates between version 0.10.5 and 0.11.0, reflecting ongoing development and refinement of this popular UI library. A key area of focus was dependency updates, with several rc-* components (React Components) receiving upgrades. Noteworthy are improvements to rc-menu (4.8.1 to 4.9.0), rc-select (5.1.2 to 5.4.0), rc-slider (3.1.2 to 3.3.0), rc-tooltip (3.2.0 to 3.3.0), rc-calendar (4.0.0 to 5.2.0), and rc-notification (1.3.0 to 1.3.1). These updates likely include bug fixes, performance enhancements, and new features within those specific components, ensuring a more robust and feature-rich experience for developers leveraging Ant Design.
In the development environment, Babel saw a significant upgrade, moving from version 5 in 0.10.5 to version 6 in 0.11.0. This represents a substantial shift to a newer generation of JavaScript compilation tools. Notably, several related packages like babel-cli, babel-core, babel-jest, babel-loader, babel-preset-react, babel-preset-es2015, and babel-preset-stage-0 are introduced or receive similar version bumps, reflecting an alignment with the Babel 6 ecosystem for modern JavaScript development. A newer version of less hint and the introduction of the package babel-plugin-add-module-exports denote a more mature approach to style linting and modularization of the javascript of the antd package. Also, some packages like eslint-plugin-markdown and lesshint changed the url to a git style, meaning that developers should take extra care when upgrading to this new version.
All the vulnerabilities related to the version 0.11.0 of the package
semver vulnerable to Regular Expression Denial of Service
Versions of the package semver before 7.5.2 on the 7.x branch, before 6.3.1 on the 6.x branch, and all other versions before 5.7.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.
