Bump node-fetch, react and react-dom

[dependabot]

Bumps node-fetch to 2.6.7 and updates ancestor dependencies node-fetch, react and react-dom. These dependencies need to be updated together.

Updates node-fetch from 1.7.3 to 2.6.7

Release notes

Sourced from node-fetch's releases.

v2.6.7

Security patch release

Recommended to upgrade, to not leak sensitive cookie and authentication header information to 3th party host while a redirect occurred

What's Changed

• fix: don't forward secure headers to 3th party by @​jimmywarting in node-fetch/node-fetch#1453

Full Changelog: node-fetch/node-fetch@v2.6.6...v2.6.7

v2.6.6

What's Changed

• fix(URL): prefer built in URL version when available and fallback to whatwg by @​jimmywarting in node-fetch/node-fetch#1352

Full Changelog: node-fetch/node-fetch@v2.6.5...v2.6.6

v2.6.2

fixed main path in package.json

v2.6.1

This is an important security release. It is strongly recommended to update as soon as possible.

See CHANGELOG for details.

v2.6.0

See CHANGELOG.

v2.5.0

See CHANGELOG.

v2.4.1

See CHANGELOG.

v2.4.0

See CHANGELOG.

v2.3.0

See CHANGELOG.

v2.2.1

See CHANGELOG.

Version 2.1.2

• Fix: allow Body methods to work on ArrayBuffer-backed Body` objects
• Fix: reject promise returned by Body methods when the accumulated Buffer exceeds the maximum size
• Fix: support custom Host headers with any casing
• Fix: support importing fetch() from TypeScript in browser.js
• Fix: handle the redirect response body properly

... (truncated)

Commits

• 1ef4b56 backport of #1449 (#1453)
• 8fe5c4e 2.x: Specify encoding as an optional peer dependency in package.json (#1310)
• f56b0c6 fix(URL): prefer built in URL version when available and fallback to whatwg (...
• b5417ae fix: import whatwg-url in a way compatible with ESM Node (#1303)
• 18193c5 fix v2.6.3 that did not sending query params (#1301)
• ace7536 fix: properly encode url with unicode characters (#1291)
• 152214c Fix(package.json): Corrected main file path in package.json (#1274)
• b5e2e41 update version number
• 2358a6c Honor the size option after following a redirect and revert data uri support
• 8c197f8 docs: Fix typos and grammatical errors in README.md (#686)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by endless, a new releaser for node-fetch since your current version.

Updates react from 15.7.0 to 18.2.0

Release notes

Sourced from react's releases.

18.2.0 (June 14, 2022)

React DOM

• Provide a component stack as a second argument to onRecoverableError. (@​gnoff in #24591)
• Fix hydrating into document causing a blank page on mismatch. (@​gnoff in #24523)
• Fix false positive hydration errors with Suspense. (@​gnoff in #24480 and @​acdlite in #24532)
• Fix ignored setState in Safari when adding an iframe. (@​gaearon in #24459)

React DOM Server

• Pass information about server errors to the client. (@​salazarm and @​gnoff in #24551 and #24591)
• Allow to provide a reason when aborting the HTML stream. (@​gnoff in #24680)
• Eliminate extraneous text separators in the HTML where possible. (@​gnoff in #24630)
• Disallow complex children inside <title> elements to match the browser constraints. (@​gnoff in #24679)
• Fix buffering in some worker environments by explicitly setting highWaterMark to 0. (@​jplhomer in #24641)

Server Components (Experimental)

• Add support for useId() inside Server Components. (@​gnoff) in #24172

18.1.0 (April 26, 2022)

React DOM

• Fix the false positive warning about react-dom/client when using UMD bundle. (@​alireza-molaee in #24274)
• Fix suppressHydrationWarning to work in production too. (@​gaearon in #24271)
• Fix componentWillUnmount firing twice inside of Suspense. (@​acdlite in #24308)
• Fix some transition updates being ignored. (@​acdlite in #24353)
• Fix useDeferredValue causing an infinite loop when passed an unmemoized value. (@​acdlite in #24247)
• Fix throttling of revealing Suspense fallbacks. (@​sunderls in #24253)
• Fix an inconsistency in whether the props object is the same between renders. (@​Andarist and @​acdlite in #24421)
• Fix a missing warning about a setState loop in useEffect. (@​gaearon in #24298)
• Fix a spurious hydration error. (@​gnoff in #24404)
• Warn when calling setState in useInsertionEffect. (@​gaearon in #24295)
• Ensure the reason for hydration errors is always displayed. (@​gaearon in #24276)

React DOM Server

• Fix escaping for the bootstrapScriptContent contents. (@​gnoff in #24385)
• Significantly improve performance of renderToPipeableStream. (@​gnoff in #24291)

ESLint Plugin: React Hooks

• Fix false positive errors with a large number of branches. (@​scyron6 in #24287)
• Don't consider a known dependency stable when the variable is reassigned. (@​afzalsayed96 in #24343)

Use Subscription

• Replace the implementation with the use-sync-external-store shim. (@​gaearon in #24289)

18.0.0 (March 29, 2022)

... (truncated)

Changelog

Sourced from react's changelog.

18.2.0 (June 14, 2022)

React DOM

• Provide a component stack as a second argument to onRecoverableError. (@​gnoff in #24591)
• Fix hydrating into document causing a blank page on mismatch. (@​gnoff in #24523)
• Fix false positive hydration errors with Suspense. (@​gnoff in #24480 and @​acdlite in #24532)
• Fix ignored setState in Safari when adding an iframe. (@​gaearon in #24459)

React DOM Server

• Pass information about server errors to the client. (@​salazarm and @​gnoff in #24551 and #24591)
• Allow to provide a reason when aborting the HTML stream. (@​gnoff in #24680)
• Eliminate extraneous text separators in the HTML where possible. (@​gnoff in #24630)
• Disallow complex children inside <title> elements to match the browser constraints. (@​gnoff in #24679)
• Fix buffering in some worker environments by explicitly setting highWaterMark to 0. (@​jplhomer in #24641)

Server Components (Experimental)

• Add support for useId() inside Server Components. (@​gnoff) in #24172

18.1.0 (April 26, 2022)

React DOM

• Fix the false positive warning about react-dom/client when using UMD bundle. (@​alireza-molaee in #24274)
• Fix suppressHydrationWarning to work in production too. (@​gaearon in #24271)
• Fix componentWillUnmount firing twice inside of Suspense. (@​acdlite in #24308)
• Fix some transition updates being ignored. (@​acdlite in #24353)
• Fix useDeferredValue causing an infinite loop when passed an unmemoized value. (@​acdlite in #24247)
• Fix throttling of revealing Suspense fallbacks. (@​sunderls in #24253)
• Fix an inconsistency in whether the props object is the same between renders. (@​Andarist and @​acdlite in #24421)
• Fix a missing warning about a setState loop in useEffect. (@​gaearon in #24298)
• Fix a spurious hydration error. (@​gnoff in #24404)
• Warn when calling setState in useInsertionEffect. (@​gaearon in #24295)
• Ensure the reason for hydration errors is always displayed. (@​gaearon in #24276)

React DOM Server

• Fix escaping for the bootstrapScriptContent contents. (@​gnoff in #24385)
• Significantly improve performance of renderToPipeableStream. (@​gnoff in #24291)

ESLint Plugin: React Hooks

• Fix false positive errors with a large number of branches. (@​scyron6 in #24287)
• Don't consider a known dependency stable when the variable is reassigned. (@​afzalsayed96 in #24343)

Use Subscription

• Replace the implementation with the use-sync-external-store shim. (@​gaearon in #24289)

... (truncated)

Commits

• 72b7462 Bump local package.json versions for 18.1 release (#24447)
• 22edb9f React version field should match package.json (#24445)
• 4175f05 Temporarily feature flag numeric fallback for symbols (#24401)
• e8f4a66 Fix import in example
• bb49abe Update some READMEs (#24290)
• 7e3121e Remove unstable_createMutableSource from experimental build (#24209)
• 34aa5cf Update local package.jsons for 18
• 72a933d Gate legacy hidden (#24047)
• d5f1b06 [ServerContext] Flight support for ServerContext (#23244)
• 1780659 Move createRoot/hydrateRoot to react-dom/client (#23385)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by gnoff, a new releaser for react since your current version.

Updates react-dom from 15.7.0 to 18.2.0

Release notes

Sourced from react-dom's releases.

18.2.0 (June 14, 2022)

React DOM

• Provide a component stack as a second argument to onRecoverableError. (@​gnoff in #24591)
• Fix hydrating into document causing a blank page on mismatch. (@​gnoff in #24523)
• Fix false positive hydration errors with Suspense. (@​gnoff in #24480 and @​acdlite in #24532)
• Fix ignored setState in Safari when adding an iframe. (@​gaearon in #24459)

React DOM Server

• Pass information about server errors to the client. (@​salazarm and @​gnoff in #24551 and #24591)
• Allow to provide a reason when aborting the HTML stream. (@​gnoff in #24680)
• Eliminate extraneous text separators in the HTML where possible. (@​gnoff in #24630)
• Disallow complex children inside <title> elements to match the browser constraints. (@​gnoff in #24679)
• Fix buffering in some worker environments by explicitly setting highWaterMark to 0. (@​jplhomer in #24641)

Server Components (Experimental)

• Add support for useId() inside Server Components. (@​gnoff) in #24172

18.1.0 (April 26, 2022)

React DOM

• Fix the false positive warning about react-dom/client when using UMD bundle. (@​alireza-molaee in #24274)
• Fix suppressHydrationWarning to work in production too. (@​gaearon in #24271)
• Fix componentWillUnmount firing twice inside of Suspense. (@​acdlite in #24308)
• Fix some transition updates being ignored. (@​acdlite in #24353)
• Fix useDeferredValue causing an infinite loop when passed an unmemoized value. (@​acdlite in #24247)
• Fix throttling of revealing Suspense fallbacks. (@​sunderls in #24253)
• Fix an inconsistency in whether the props object is the same between renders. (@​Andarist and @​acdlite in #24421)
• Fix a missing warning about a setState loop in useEffect. (@​gaearon in #24298)
• Fix a spurious hydration error. (@​gnoff in #24404)
• Warn when calling setState in useInsertionEffect. (@​gaearon in #24295)
• Ensure the reason for hydration errors is always displayed. (@​gaearon in #24276)

React DOM Server

• Fix escaping for the bootstrapScriptContent contents. (@​gnoff in #24385)
• Significantly improve performance of renderToPipeableStream. (@​gnoff in #24291)

ESLint Plugin: React Hooks

• Fix false positive errors with a large number of branches. (@​scyron6 in #24287)
• Don't consider a known dependency stable when the variable is reassigned. (@​afzalsayed96 in #24343)

Use Subscription

• Replace the implementation with the use-sync-external-store shim. (@​gaearon in #24289)

18.0.0 (March 29, 2022)

... (truncated)

Changelog

Sourced from react-dom's changelog.

18.2.0 (June 14, 2022)

React DOM

• Provide a component stack as a second argument to onRecoverableError. (@​gnoff in #24591)
• Fix hydrating into document causing a blank page on mismatch. (@​gnoff in #24523)
• Fix false positive hydration errors with Suspense. (@​gnoff in #24480 and @​acdlite in #24532)
• Fix ignored setState in Safari when adding an iframe. (@​gaearon in #24459)

React DOM Server

• Pass information about server errors to the client. (@​salazarm and @​gnoff in #24551 and #24591)
• Allow to provide a reason when aborting the HTML stream. (@​gnoff in #24680)
• Eliminate extraneous text separators in the HTML where possible. (@​gnoff in #24630)
• Disallow complex children inside <title> elements to match the browser constraints. (@​gnoff in #24679)
• Fix buffering in some worker environments by explicitly setting highWaterMark to 0. (@​jplhomer in #24641)

Server Components (Experimental)

• Add support for useId() inside Server Components. (@​gnoff) in #24172

18.1.0 (April 26, 2022)

React DOM

• Fix the false positive warning about react-dom/client when using UMD bundle. (@​alireza-molaee in #24274)
• Fix suppressHydrationWarning to work in production too. (@​gaearon in #24271)
• Fix componentWillUnmount firing twice inside of Suspense. (@​acdlite in #24308)
• Fix some transition updates being ignored. (@​acdlite in #24353)
• Fix useDeferredValue causing an infinite loop when passed an unmemoized value. (@​acdlite in #24247)
• Fix throttling of revealing Suspense fallbacks. (@​sunderls in #24253)
• Fix an inconsistency in whether the props object is the same between renders. (@​Andarist and @​acdlite in #24421)
• Fix a missing warning about a setState loop in useEffect. (@​gaearon in #24298)
• Fix a spurious hydration error. (@​gnoff in #24404)
• Warn when calling setState in useInsertionEffect. (@​gaearon in #24295)
• Ensure the reason for hydration errors is always displayed. (@​gaearon in #24276)

React DOM Server

• Fix escaping for the bootstrapScriptContent contents. (@​gnoff in #24385)
• Significantly improve performance of renderToPipeableStream. (@​gnoff in #24291)

ESLint Plugin: React Hooks

• Fix false positive errors with a large number of branches. (@​scyron6 in #24287)
• Don't consider a known dependency stable when the variable is reassigned. (@​afzalsayed96 in #24343)

Use Subscription

• Replace the implementation with the use-sync-external-store shim. (@​gaearon in #24289)

... (truncated)

Commits

• b345523 [Fizz] Support abort reasons (#24680)
• bcbeb52 [Fizz] Disallow complex children in <title> elements (#24679)
• 4f29ba1 support errorInfo in onRecoverableError (#24591)
• 26a5b3c Explicitly set highWaterMark to 0 for ReadableStream (#24641)
• aec5759 [Fizz] Send errors down to client (#24551)
• a276638 [Fizz] Improve text separator byte efficiency (#24630)
• 05c34de [Test] Outer boundary should not report errors from an inner boundary (#24618)
• 82c64e1 Match Preact behavior for boolean props on custom elements (#24541)
• 2c8a145 Fix ignored setState in Safari when iframe is touched (#24459)
• 8197c73 Support document rendering (#24523)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by gnoff, a new releaser for react-dom since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.