[Snyk] Upgrade formik from 2.2.9 to 2.4.2 #696

tristanrobert · 2023-07-27T05:46:46Z

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade formik from 2.2.9 to 2.4.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 7 versions ahead of your current version.
The recommended version was released a month ago, on 2023-06-14.

The recommended version fixes:

Issue	PriorityScore (*)	Exploit Maturity
Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
Prototype Pollution SNYK-JS-LOADERUTILS-3043105	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
Sandbox Bypass SNYK-JS-WEBPACK-3358798	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
Prototype Pollution SNYK-JS-JSON5-3182856	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
Prototype Pollution SNYK-JS-JSON5-3182856	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3042992	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3105943	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3042992	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3105943	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
Prototype Pollution SNYK-JS-TOUGHCOOKIE-5672873	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-3244450	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-WORDWRAP-3149973	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: formik

2.4.2 - 2023-06-14
Patch Changes
- 96280d3 #3817 Thanks @ probablyup! - Updated internal types to support React 18.
2.4.1 - 2023-05-31
Patch Changes
- 2b194c2 #3808 Thanks @ NagaiKoki! - fix type of setFieldValue function
- 708bcb2 #3813 Thanks @ probablyup! - Revert FieldArray "shouldComponentUpdate" performance optimization. As it turns out, it's a common use case to have JSX controlled via non-Formik state/props inside of FieldArray, so it's not safe to cancel re-renders here.
- 187e47d #3815 Thanks @ probablyup! - Revert Yup transform support for the time being, this may be re-introduced in a future release under an opt-in prop.
2.4.0 - 2023-05-27
Minor Changes
- 2f53b70 #3796 Thanks @ probablyup! - Add support for Yup "transforms".
2.3.3 - 2023-05-27
Patch Changes
- f075a0c #3798 Thanks @ probablyup! - Fixed the use of generics for the ArrayHelpers type such that any[] is the default array type and for each individual method the array item type can be overridden if necessary.
2.3.2 - 2023-05-26
2.3.0 - 2023-05-26
2.2.10 - 2023-05-26
2.2.9 - 2021-06-02