React Router DOM version 5.0.0 represents a significant update from version 4.3.1, bringing several notable changes that impact developers. One key difference is the updated dependencies. Version 5.0.0 utilizes newer versions of core packages like history and react-router itself, aligning with the latest features and improvements within those libraries. The introduction of @babel/runtime as a dependency in version 5.0.0 suggests a shift towards more efficient handling of Babel transformations, potentially reducing bundle sizes and improving runtime performance.
Furthermore, the development dependencies showcase a modernization of the tooling ecosystem. Version 5.0.0 adopts more recent versions of tools like eslint, rollup, and Babel-related packages, indicating a commitment to staying current with best practices in JavaScript development. Notably, version 5.0.0 replaces specific Babel presets and plugins like babel-preset-es2015 and babel-plugin-external-helpers from version 4.3.1 with more modern counterparts like @babel/preset-env and @babel/plugin-transform-runtime, This shift reflects a focus on streamlining the build process and leveraging the latest features of the Babel ecosystem. Developers upgrading should pay attention to these dependency changes, ensuring their projects are compatible with the updated tooling and APIs. Overall, the update focuses on performance improvements by taking advantage of the latest upgrades from dependencies and integrating the latest tooling ecosystem.
All the vulnerabilities related to the version 5.0.0 of the package
node-fetch forwards secure headers to untrusted sites
node-fetch forwards secure headers such as authorization, www-authenticate, cookie, & cookie2 when redirecting to a untrusted site.
