[Snyk] Upgrade redux from 4.1.0 to 4.1.2 #641

snyk-bot · 2021-11-23T06:19:59Z

Snyk has created this PR to upgrade redux from 4.1.0 to 4.1.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 2 versions ahead of your current version.
The recommended version was released a month ago, on 2021-10-28.

Release notes

Package name: redux

4.1.2 - 2021-10-28
This release fixes a small specific TS types issue where state types that had a nested unknown field inside would cause compilation failures when used as the preloadedState argument.

What's Changed
- Fix preloaded state type by @ phryneas in #4078
Full Changelog: v4.1.1...v4.1.2
4.1.1 - 2021-08-03
Just a small fix for Safari users in development mode.

Changes
- Move miniKindOf out of if scope to fix ES5 compatibility issue (#4090 by @ embeddedt)
4.1.0 - 2021-04-24
This release shrinks our bundle size via error message extraction, updates several error messages for clarity, and optimizes our list of runtime dependencies.

Overall, version 4.1 shrinks from 2.6K min+gz to 1.6K min+gz thanks to these changes.

Be sure to check out the Redux Toolkit 1.6 alpha containing our new "RTK Query" data fetching APIs! It also includes Redux 4.1 as a dependency.

Changelog

Error Message Extraction and Improvements

We now extract all of our error messages from production builds in order to save on bundle size, using a technique inspired from React's error code extraction. The error messages will still show as normal in development, but in production they will reference a specific numeric error code and provide a link to a Redux docs page that has the full error message.

An example of this is: https://redux.js.org/errors?code=5 , which shows the "can't subscribe while reducers are executing" error.

The error code extraction saves about 800 bytes out of a production build.

Thanks to @ andrewmcgivery for doing all the hard work on implementing the error extraction!

We've also updated many of our error messages to provide additional details at runtime about what happened, especially runtime type checks such as "actions must be plain objects". They now provide a more specific type for the unexpected value, such as indicating promise or function:
expect(() => store.dispatch(() => {})).toThrow(
/the actual type was: 'function'/
)
```
expect(() =&gt; store.dispatch(new Date())).toThrow(
 /the actual type was: 'date'/
)</pre></div>
```
Dependency Updates

We've updated the list of runtime dependencies for Redux:
- We inlined the symbol-observable polyfill. This shrinks bundle size by a few bytes,
- We've removed the legacy loose-envify dependency, which was only ever needed by Browserify users. If you still happen to be using Browserify, please review your build settings and see if you need to make any updates.
- We now explicitly depend on @ babel/runtime to extract some additional helpers out of our bundle. It's likely that your app already is pulling in those helpers anyway, so that removes some potential duplication.
Typing Tweaks

We've merged fixes for a couple edge cases in the 4.x TS typings related to state types.

Changes
- Remove symbol-observable and loose-envify deps (#4058 - @ markerikson)
- Port error extraction setup from master (#4057 - @ markerikson)
- Port build dependencies from master into 4.x (#4056 - @ markerikson)
- Rewrite Redux core error messages (#4055 - @ markerikson)
- feat: mangle error codes to error indexes (#3920 - @ andrewmcgivery)
- fix: Declare "EmptyObject" interface to wrap $CombinedState (#4031 - @ JacobLey)
- Only apply mapped types to un-branded types (#3805 - @ invliD)