Ant Design (antd) is a popular, enterprise-class UI design language and React-based component library, streamlined for building consistent and robust web applications. Examining versions 3.4.5 and 3.5.0 reveals subtle but potentially impactful changes for developers. Both versions share a core set of dependencies, including lodash, moment, and rc- components which are basically react common components. A notable difference in dependencies is the update from rc-menu version ~6.2.0 to ~7.0.2 and from rc-select version ~7.7.0 to ~8.0.1 and rc-notification version ~3.0.0 to ~3.1.1.
These updates in React Common (rc) components often bring performance improvements, bug fixes, and potentially new features within their respective components. rc-menu update probably includes enhancements to the menu's rendering and interaction capabilities. rc-select improves the selection component. Also important to mention is the update to rc-cascader version ~0.12.0 to ~0.13.0, which provides improvement to multi level selectors. For developers already using Ant Design, upgrading from 3.4.5 to 3.5.0 should be relatively straightforward, but it's advisable to review the changelogs for the updated rc dependencies to understand any breaking changes or new functionalities. Both versions maintains peer dependencies for react and react-dom at ">=16.0.0" versions.
All the vulnerabilities related to the version 3.5.0 of the package
node-fetch forwards secure headers to untrusted sites
node-fetch forwards secure headers such as authorization, www-authenticate, cookie, & cookie2 when redirecting to a untrusted site.
