Ant Design (antd) has released version 3.6.0, building upon the solid foundation of its previous stable release, 3.5.4. Both versions cater to developers seeking an enterprise-class UI solution built on React, providing a comprehensive suite of components adhering to a consistent design language.
A notable difference lies within the dependencies. Version 3.6.0 updates the "warning" dependency to "~4.0.1". While seemingly minor, dependency updates often bring bug fixes, performance improvements, or security patches from the underlying libraries. Furthermore, version 3.6.0 introduces xhr-mock":"^2.4.0" as a dev dependency and also react-dnd-html5-backend":"^3.0.2" instead of react-dnd-html5-backend":"^2.5.4" of the previous version and intersection-observer":"^0.5.0" also as dev dependency. These kind of changes in dev dependencies signal updates in the testing/development and building pipeline.
For developers already using antd, upgrading to 3.6.0 is likely a smooth process, particularly given the compatible peer dependency requirements (React and React DOM >=16.0.0). New adopters will find both versions equipped with a rich set of components, excellent documentation, and a vibrant community, making antd a compelling choice for building modern, scalable React applications. The later version includes some new dev dependencies aimed at futureproofing and improving the build and test pipeline.
All the vulnerabilities related to the version 3.6.0 of the package
node-fetch forwards secure headers to untrusted sites
node-fetch forwards secure headers such as authorization, www-authenticate, cookie, & cookie2 when redirecting to a untrusted site.
