From 53a1c4f85d64188aa20bfc1de5571081c81be5b7 Mon Sep 17 00:00:00 2001 From: "dependabot-preview[bot]" <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Mon, 3 Feb 2020 18:48:53 +0000 Subject: [PATCH] [Security] Bump react-dom from 16.3.1 to 16.3.3 Bumps [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) from 16.3.1 to 16.3.3. **This update includes a security fix.** - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/HEAD/packages/react-dom) Signed-off-by: dependabot-preview[bot] --- package-lock.json | 14 +++++++------- package.json | 2 +- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/package-lock.json b/package-lock.json index 9ad8567a8..458900806 100644 --- a/package-lock.json +++ b/package-lock.json @@ -6521,14 +6521,14 @@ } }, "react-dom": { - "version": "16.3.1", - "resolved": "https://registry.npmjs.org/react-dom/-/react-dom-16.3.1.tgz", - "integrity": "sha512-2Infg89vzahq8nfVi1GkjPqq0vrBvf0f3T0+dTtyjq4f6HKOqKixAK25Vr593O3QTx4kw/vmUtAJwerlevNWOA==", + "version": "16.3.3", + "resolved": "https://registry.npmjs.org/react-dom/-/react-dom-16.3.3.tgz", + "integrity": "sha512-ALCp7ZbSGkqRDtQoZozKVNgwXMxbxf/IGOUMC2A0yF6JHeZrS8e2cOotPT87Vf4b7PKCuUVKU4/RDEXxToA/yA==", "requires": { - "fbjs": "0.8.16", - "loose-envify": "1.3.1", - "object-assign": "4.1.1", - "prop-types": "15.6.1" + "fbjs": "^0.8.16", + "loose-envify": "^1.1.0", + "object-assign": "^4.1.1", + "prop-types": "^15.6.0" } }, "react-is": { diff --git a/package.json b/package.json index c5e06c31a..31dd490e4 100644 --- a/package.json +++ b/package.json @@ -52,7 +52,7 @@ "nconf": "^0.10.0", "pico-router": "^2.1.0", "react": "^16.12.0", - "react-dom": "^16.3.1", + "react-dom": "^16.3.3", "shortid": "^2.2.4", "superagent": "^3.8.2", "vitreum": "^4.10.1"