React Test Renderer, designed for snapshot testing of React components, saw a notable update from version 15.4.2 to 15.5.0. This upgrade primarily involves dependency adjustments. Specifically, the newer version, 15.5.0, updates its dependency on fbjs to version "^0.8.9", whereas the older version, 15.4.2, relied on fbjs "^0.8.4". Both versions maintain the same dependency for object-assign at "^4.1.0".
Crucially, the peer dependency on React itself is updated, requiring React version "^15.5.0" for react-test-renderer@15.5.0, aligning the test renderer with the corresponding React version. Version 15.4.2 necessitates React version "^15.4.2". This peer dependency update signals potential API adjustments or behavioral changes in the React core necessitating a corresponding update to the test renderer.
For developers using react-test-renderer, upgrading from 15.4.2 to 15.5.0 mandates ensuring their React project also updates to version 15.5.0 or higher to satisfy the peer dependency. The fbjs update, a Facebook JavaScript library, likely contains bug fixes, performance improvements, or new features beneficial for React's internal workings. Developers should review the changelogs for both React and fbjs to understand the specific impacts of these updates on their testing strategies and component behavior. The release dates clearly show that 15.4.2 was published in January 2017 and 15.5.0 hit the registry in April 2017.
All the vulnerabilities related to the version 15.5.0 of the package
node-fetch forwards secure headers to untrusted sites
node-fetch forwards secure headers such as authorization, www-authenticate, cookie, & cookie2 when redirecting to a untrusted site.
