[Snyk] Upgrade react-redux from 7.0.3 to 7.2.9

[dmh34]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade react-redux from 7.0.3 to 7.2.9.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 22 versions ahead of your current version.
• The recommended version was released 2 years ago, on 2022-09-23.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Server-side Request Forgery (SSRF) SNYK-JS-IP-6240864	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Prototype Pollution SNYK-JS-JSONSCHEMA-1920922	537/1000 Why? Proof of Concept exploit, CVSS 8.6	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579155	537/1000 Why? Proof of Concept exploit, CVSS 8.6	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TMPL-1583443	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Command Injection SNYK-JS-LODASH-1040724	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Use of Weak Hash SNYK-JS-CRYPTOJS-6028119	537/1000 Why? Proof of Concept exploit, CVSS 8.6	No Known Exploit
	Denial of Service (DoS) SNYK-JS-DECODEURICOMPONENT-3149970	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Remote Memory Exposure SNYK-JS-DNSPACKET-1293563	537/1000 Why? Proof of Concept exploit, CVSS 8.6	No Known Exploit
	Prototype Pollution SNYK-JS-MIXINDEEP-450212	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ACORN-559469	537/1000 Why? Proof of Concept exploit, CVSS 8.6	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ACORN-559469	537/1000 Why? Proof of Concept exploit, CVSS 8.6	No Known Exploit
	Prototype Pollution SNYK-JS-AJV-584908	537/1000 Why? Proof of Concept exploit, CVSS 8.6	No Known Exploit
	Prototype Pollution SNYK-JS-LODASHES-2434290	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Prototype Pollution SNYK-JS-MERGEDEEP-1070277	537/1000 Why? Proof of Concept exploit, CVSS 8.6	No Known Exploit
	Prototype Poisoning SNYK-JS-QS-3153490	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Prototype Poisoning SNYK-JS-QS-3153490	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Improper Verification of Cryptographic Signature SNYK-JS-BROWSERIFYSIGN-6037026	537/1000 Why? Proof of Concept exploit, CVSS 8.6	No Known Exploit
	Prototype Pollution SNYK-JS-LODASH-450202	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-567746	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-608086	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Prototype Pollution SNYK-JS-LODASHES-2434283	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ISSVG-1085627	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ISSVG-1243891	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Prototype Pollution SNYK-JS-JSON5-3182856	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Prototype Pollution SNYK-JS-JSON5-3182856	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Uncontrolled Resource Consumption ('Resource Exhaustion') SNYK-JS-TAR-6476909	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Denial of Service (DoS) SNYK-JS-AXIOS-174505	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Prototype Pollution SNYK-JS-DOTPROP-543489	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Prototype Pollution SNYK-JS-HANDLEBARS-567742	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Prototype Pollution SNYK-JS-HAPIHOEK-548452	537/1000 Why? Proof of Concept exploit, CVSS 8.6	No Known Exploit
	Prototype Pollution SNYK-JS-MINIMIST-559764	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Denial of Service (DoS) SNYK-JS-NWSAPI-2841516	537/1000 Why? Proof of Concept exploit, CVSS 8.6	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1255640	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PROMPTS-1729737	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-COLORSTRING-1082939	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Validation Bypass SNYK-JS-KINDOF-537849	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Prototype Pollution SNYK-JS-HANDLEBARS-534988	537/1000 Why? Proof of Concept exploit, CVSS 8.6	No Known Exploit
	Insufficiently Protected Credentials SNYK-JS-AUTH0JS-565004	537/1000 Why? Proof of Concept exploit, CVSS 8.6	No Known Exploit
	Prototype Pollution SNYK-JS-MINIMIST-559764	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-559764	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1090595	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-2429795	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-2429795	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-2429795	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962462	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Command Injection SNYK-JS-LODASHES-2434284	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Prototype Pollution SNYK-JS-LODASHES-2434285	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Prototype Pollution SNYK-JS-NODEFORGE-598677	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Cryptographic Issues SNYK-JS-ELLIPTIC-571484	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Arbitrary Code Execution SNYK-JS-ESLINTUTILS-460220	537/1000 Why? Proof of Concept exploit, CVSS 8.6	No Known Exploit
	Prototype Pollution SNYK-JS-INI-1048974	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Remote Code Execution (RCE) SNYK-JS-HANDLEBARS-1056767	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Prototype Pollution SNYK-JS-HANDLEBARS-469063	537/1000 Why? Proof of Concept exploit, CVSS 8.6	No Known Exploit
	Denial of Service (DoS) SNYK-JS-HANDLEBARS-480388	537/1000 Why? Proof of Concept exploit, CVSS 8.6	No Known Exploit
	Arbitrary Code Execution SNYK-JS-HANDLEBARS-534478	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Prototype Pollution SNYK-JS-SETVALUE-1540541	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Prototype Pollution SNYK-JS-SETVALUE-450213	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SSRI-1246392	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Arbitrary File Overwrite SNYK-JS-TAR-1536528	537/1000 Why? Proof of Concept exploit, CVSS 8.6	No Known Exploit
	Arbitrary File Overwrite SNYK-JS-TAR-1536531	537/1000 Why? Proof of Concept exploit, CVSS 8.6	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579147	537/1000 Why? Proof of Concept exploit, CVSS 8.6	No Known Exploit
	Prototype Pollution SNYK-JS-SETVALUE-1540541	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Prototype Pollution SNYK-JS-SETVALUE-450213	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-1023599	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-610226	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Arbitrary File Write SNYK-JS-TAR-1579152	537/1000 Why? Proof of Concept exploit, CVSS 8.6	No Known Exploit
	Improper Input Validation SNYK-JS-URLPARSE-2407770	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WEBSOCKETEXTENSIONS-570623	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Prototype Pollution SNYK-JS-Y18N-1021887	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASHES-2434289	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-COOKIEJAR-3149984	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Information Exposure SNYK-JS-NODEFETCH-2342118	537/1000 Why? Proof of Concept exploit, CVSS 8.6	No Known Exploit
	Denial of Service SNYK-JS-NODEFETCH-674311	537/1000 Why? Proof of Concept exploit, CVSS 8.6	No Known Exploit
	Command Injection SNYK-JS-NODENOTIFIER-1035794	537/1000 Why? Proof of Concept exploit, CVSS 8.6	No Known Exploit
	Cryptographic Issues SNYK-JS-ELLIPTIC-1064899	537/1000 Why? Proof of Concept exploit, CVSS 8.6	No Known Exploit
	Timing Attack SNYK-JS-ELLIPTIC-511941	537/1000 Why? Proof of Concept exploit, CVSS 8.6	No Known Exploit
	Information Exposure SNYK-JS-EVENTSOURCE-2823375	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Open Redirect SNYK-JS-EXPRESS-6474509	537/1000 Why? Proof of Concept exploit, CVSS 8.6	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Denial of Service (DoS) SNYK-JS-HTTPPROXY-569139	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Prototype Pollution SNYK-JS-HANDLEBARS-1279029	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-1072471	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Improper Input Validation SNYK-JS-URLPARSE-1078283	537/1000 Why? Proof of Concept exploit, CVSS 8.6	No Known Exploit
	Open Redirect SNYK-JS-URLPARSE-1533425	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Access Restriction Bypass SNYK-JS-URLPARSE-2401205	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Authorization Bypass SNYK-JS-URLPARSE-2407759	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Authorization Bypass Through User-Controlled Key SNYK-JS-URLPARSE-2412697	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TAR-1536758	537/1000 Why? Proof of Concept exploit, CVSS 8.6	No Known Exploit
	Regular Expression Denial of Service (ReDoS) npm:debug:20170905	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Regular Expression Denial of Service (ReDoS) npm:debug:20170905	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: react-redux

• 7.2.9 - 2022-09-23
  

  This patch release updates the rarely-used areStatesEqual option for connect to now pass through ownProps for additional use in determining which pieces of state to compare if desired.

  The new signature is:

  {
    areStatesEqual?: (
      nextState: State,
      prevState: State,
      nextOwnProps: TOwnProps,
      prevOwnProps: TOwnProps
    ) => boolean
  }

  What's Changed

  • connect: pass ownProps to areStatesEqual by @ jspurlin in #1952

  Full Changelog: v7.2.8...v7.2.9

• 7.2.8 - 2022-04-01
  

  This release fixes a bug in the 7.x branch that caused <Provider> to unsubscribe and stop updating completely when used inside of React 18's <StrictMode>. The new "strict effects" behavior double-mounts components, and the subscription needed to be set up inside of a useLayoutEffect instead of a useMemo. This was previously fixed as part of v8 development, and we've backported it.

  Note: If you are now using React 18, we strongly recommend using the React-Redux v8 beta instead of v7.x!. v8 has been rewritten internally to work correctly with React 18's Concurrent Rendering capabilities. React-Redux v7 will run and generally work okay with existing code, but may have rendering issues if you start using Concurrent Rendering capabilities in your code.

  Now that React 18 is out, we plan to finalize React-Redux v8 and release it live within the next couple weeks. Per an update yesterday in the "v8 roadmap" thread, React-Redux v8 will be updated in the next couple days to ensure support for React 16.8+ as part of the next beta release. We would really appreciate final feedback on using React-Redux v8 beta with React 18 before we publish the final version.

  Full Changelog: v7.2.7...v7.2.8

• 7.2.7 - 2022-03-31
  

  This release updates React-Redux v7's peer dependencies to accept React 18 as a valid version, only to avoid installation errors caused by NPM's "install all the peer deps and error if they don't match" behavior.

  Note: If you are now using React 18, we strongly recommend using the React-Redux v8 beta instead of v7.x!. v8 has been rewritten internally to work correctly with React 18's Concurrent Rendering capabilities. React-Redux v7 will run and generally work okay with existing code, but may have rendering issues if you start using Concurrent Rendering capabilities in your code.

  Now that React 18 is out, we plan to finalize React-Redux v8 and release it live within the next couple weeks. We would really appreciate final feedback on using React-Redux v8 beta with React 18 before we publish the final version.

• 7.2.6 - 2021-10-25
• 7.2.5 - 2021-09-04
• 7.2.4 - 2021-04-24
• 7.2.3 - 2021-03-23
• 7.2.2 - 2020-10-26
• 7.2.1 - 2020-07-25
• 7.2.0 - 2020-02-18
• 7.1.3 - 2019-11-06
• 7.1.2 - 2019-11-06
• 7.1.2-alpha.0 - 2019-11-05
• 7.1.1 - 2019-08-26
• 7.1.0 - 2019-06-11
• 7.1.0-rc.1 - 2019-05-30
• 7.1.0-alpha.5 - 2019-05-20
• 7.1.0-alpha.4 - 2019-05-01
• 7.1.0-alpha.3 - 2019-04-28
• 7.1.0-alpha.2 - 2019-04-28
• 7.1.0-alpha.1 - 2019-04-22
• 7.1.0-alpha.0 - 2019-04-22
• 7.0.3 - 2019-04-28

from react-redux GitHub release notes

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs