[Snyk] Upgrade react from 17.0.2 to 18.3.1 #1478
                
     Open
            
            
          
  Add this suggestion to a batch that can be applied as a single commit.
  This suggestion is invalid because no changes were made to the code.
  Suggestions cannot be applied while the pull request is closed.
  Suggestions cannot be applied while viewing a subset of changes.
  Only one suggestion per line can be applied in a batch.
  Add this suggestion to a batch that can be applied as a single commit.
  Applying suggestions on deleted lines is not supported.
  You must change the existing code in this line in order to create a valid suggestion.
  Outdated suggestions cannot be applied.
  This suggestion has been applied or marked resolved.
  Suggestions cannot be applied from pending reviews.
  Suggestions cannot be applied on multi-line comments.
  Suggestions cannot be applied while the pull request is queued to merge.
  Suggestion cannot be applied right now. Please check back later.
  
    
  
    
Snyk has created this PR to upgrade react from 17.0.2 to 18.3.1.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 626 versions ahead of your current version.
The recommended version was released on 6 months ago.
Issues fixed by the recommended upgrade:
SNYK-JS-SEMVER-3247795
Release notes
Package name: react
actfromreactf1338fThis release is identical to 18.2 but adds warnings for deprecated APIs and other changes that are needed for React 19.
Read the React 19 Upgrade Guide for more info.
React
this.refsto support string ref codemod 909071findDOMNodeoutside StrictMode c3b283test-utilsmethods d4ea75defaultPropsfor function components #25699key#25697actfromtest-utilsd4ea75React DOM
unmountComponentAtNode8a015brenderToStaticNodeStream#28874React DOM
onRecoverableError. (@ gnoff in #24591)documentcausing a blank page on mismatch. (@ gnoff in #24523)setStatein Safari when adding an iframe. (@ gaearon in #24459)React DOM Server
<title>elements to match the browser constraints. (@ gnoff in #24679)highWaterMarkto0. (@ jplhomer in #24641)Server Components (Experimental)
useId()inside Server Components. (@ gnoff) in #24172React DOM
react-dom/clientwhen using UMD bundle. (@ alireza-molaee in #24274)suppressHydrationWarningto work in production too. (@ gaearon in #24271)componentWillUnmountfiring twice inside of Suspense. (@ acdlite in #24308)useDeferredValuecausing an infinite loop when passed an unmemoized value. (@ acdlite in #24247)setStateloop inuseEffect. (@ gaearon in #24298)setStateinuseInsertionEffect. (@ gaearon in #24295)React DOM Server
bootstrapScriptContentcontents. (@ gnoff in #24385)renderToPipeableStream. (@ gnoff in #24291)ESLint Plugin: React Hooks
Use Subscription
use-sync-external-storeshim. (@ gaearon in #24289)Below is a list of all new features, APIs, deprecations, and breaking changes.
Read React 18 release post and React 18 upgrade guide for more information.
New Features
React
useIdis a new hook for generating unique IDs on both the client and server, while avoiding hydration mismatches. It is primarily useful for component libraries integrating with accessibility APIs that require unique IDs. This solves an issue that already exists in React 17 and below, but it’s even more important in React 18 because of how the new streaming server renderer delivers HTML out-of-order.startTransitionanduseTransitionlet you mark some state updates as not urgent. Other state updates are considered urgent by default. React will allow urgent state updates (for example, updating a text input) to interrupt non-urgent state updates (for example, rendering a list of search results).useDeferredValuelets you defer re-rendering a non-urgent part of the tree. It is similar to debouncing, but has a few advantages compared to it. There is no fixed time delay, so React will attempt the deferred render right after the first render is reflected on the screen. The deferred render is interruptible and doesn't block user input.useSyncExternalStoreis a new hook that allows external stores to support concurrent reads by forcing updates to the store to be synchronous. It removes the need foruseEffectwhen implementing subscriptions to external data sources, and is recommended for any library that integrates with state external to React.useInsertionEffectis a new hook that allows CSS-in-JS libraries to address performance issues of injecting styles in render. Unless you’ve already built a CSS-in-JS library we don’t expect you to ever use this. This hook will run after the DOM is mutated, but before layout effects read the new layout. This solves an issue that already exists in React 17 and below, but is even more important in React 18 because React yields to the browser during concurrent rendering, giving it a chance to recalculate layout.React DOM Client
These new APIs are now exported from
react-dom/client:createRoot: New method to create a root torenderorunmount. Use it instead ofReactDOM.render. New features in React 18 don't work without it.hydrateRoot: New method to hydrate a server rendered application. Use it instead ofReactDOM.hydratein conjunction with the new React DOM Server APIs. New features in React 18 don't work without it.Both
createRootandhydrateRootaccept a new option calledonRecoverableErrorin case you want to be notified when React recovers from errors during rendering or hydration for logging. By default, React will usereportError, orconsole.errorin the older browsers.React DOM Server
These new APIs are now exported from
react-dom/serverand have full support for streaming Suspense on the server:renderToPipeableStream: for streaming in Node environments.renderToReadableStream: for modern edge runtime environments, such as Deno and Cloudflare workers.The existing
renderToStringmethod keeps working but is discouraged.Deprecations
react-dom:ReactDOM.renderhas been deprecated. Using it will warn and run your app in React 17 mode.react-dom:ReactDOM.hydratehas been deprecated. Using it will warn and run your app in React 17 mode.react-dom:ReactDOM.unmountComponentAtNodehas been deprecated.react-dom:ReactDOM.renderSubtreeIntoContainerhas been deprecated.react-dom/server:ReactDOMServer.renderToNodeStreamhas been deprecated.Breaking Changes
React
flushSync.<Suspense>boundary in the tree. This ensures the hydrated tree is consistent and avoids potential privacy and security holes that can be caused by hydration mismatches.Promise,Symbol, andObject.assign. If you support older browsers and devices such as Internet Explorer which do not provide modern browser features natively or have non-compliant implementations, consider including a global polyfill in your bundled application.Scheduler (Experimental)
scheduler/tracingAPINotable Changes
React
undefined: React no longer throws if you returnundefinedfrom a component. This makes the allowed component return values consistent with values that are allowed in the middle of a component tree. We suggest to use a linter to prevent mistakes like forgetting areturnstatement before JSX.actwarnings are now opt-in: If you're running end-to-end tests, theactwarnings are unnecessary. We've introduced an opt-in mechanism so you can enable them only for unit tests where they are useful and beneficial.setStateon unmounted components: Previously, React warned about memory leaks when you callsetStateon an unmounted component. This warning was added for subscriptions, but people primarily run into it in scenarios where setting state is fine, and workarounds make the code worse. We've removed this warning.React DOM Server
renderToString: Will no longer error when suspending on the server. Instead, it will emit the fallback HTML for the closest<Suspense>boundary and then retry rendering the same content on the client. It is still recommended that you switch to a streaming API likerenderToPipeableStreamorrenderToReadableStreaminstead.renderToStaticMarkup: Will no longer error when suspending on the server. Instead, it will emit the fallback HTML for the closest<Suspense>boundary and retry rendering on the client.All Changes
React
useTransitionanduseDeferredValueto separate urgent updates from transitions. (#10426, #10715, #15593, #15272, #15578, #15769, #17058, #18796, #19121, #19703, #19719, #19724, #20672, #20976 by @ acdlite, @ lunaruan, @ rickhanlonii, and @ sebmarkbage)useIdfor generating unique IDs. (#17322, #18576, #22644, #22672, #21260 by @ acdlite, @ lunaruan, and @ sebmarkbage)useSyncExternalStoreto help external store libraries integrate with React. (#15022, #18000, #18771, #22211, #22292, #22239, #22347, #23150 by @ acdlite, @ bvaughn, and @ drarmstr)startTransitionas a version ofuseTransitionwithout pending feedback. (#19696 by @ rickhanlonii)useInsertionEffectfor CSS-in-JS libraries. (#21913 by @ rickhanlonii)