React-dom versions 15.6.1 and 15.6.0 represent incremental improvements to the robust React package designed for manipulating the Document Object Model (DOM) in web applications. Version 15.6.1, released on June 15, 2017, follows closely on the heels of version 15.6.0, which was made available on June 13, 2017.
A key distinction lies in the peerDependencies. Version 15.6.1 requires React version ^15.6.1, whereas version 15.6.0 has a peerDependencies entry that specifies ^15.6.0-rc.1, indicating a dependency on a release candidate of React 15.6.0. This subtle shift signals a move towards greater stability and compatibility with the final 15.6.1 release of React.
Another notable change involves the prop-types dependency. Version 15.6.1 utilizes prop-types":"^15.5.10", while version 15.6.0 used prop-types":"~15.5.7". This indicates update to prop-types in latest version, potentially incorporating bug fixes or minor feature enhancements related to property validation.
Both versions share core dependencies like fbjs, loose-envify, and object-assign, reflecting a consistent foundation for DOM manipulation. They're licensed under the BSD-3-Clause license, promoting open-source use. Developers should opt for version 15.6.1 for better realibility due to its refined peer dependency on stable React version and update prop-types.
All the vulnerabilities related to the version 15.6.1 of the package
node-fetch forwards secure headers to untrusted sites
node-fetch forwards secure headers such as authorization, www-authenticate, cookie, & cookie2 when redirecting to a untrusted site.
