[Snyk] Upgrade immer from 9.0.16 to 10.1.1

[FengShangWuQi]

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade immer from 9.0.16 to 10.1.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

• The recommended version is 20 versions ahead of your current version.

• The recommended version was released on a month ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Prototype Pollution SNYK-JS-AXIOS-6144788	375	No Known Exploit
	Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728	375	No Known Exploit
	Uncontrolled resource consumption SNYK-JS-BRACES-6838727	375	No Known Exploit

Release notes

Package name: immer

• 10.1.1 - 2024-04-27
  

  10.1.1 (2024-04-27)

  Bug Fixes

  • export lost types (#1116) (5a8f6e7)
  • Make applyPatches to accept readonly Patch[] (#1094) (4da2e0d)
• 10.1.0 - 2024-04-27
  

  10.1.0 (2024-04-27)

  Features

  • performance: Make non-strict mode faster for classes. Addresses #1071 (53e3203). Immer 10.x solved slow iteration for plain JS objects. This update applies the same handling to class instances. In cases this makes class instance handling 3 times faster. Note that this slightly modifies the behavior of Immer with classes in obscure corner cases, in ways that match current documentation, but do not match previous behavior. If you run into issues with this release icmw. class instances, use setUseStrictShallowCopy("class_only") to revert to the old behavior. For more details see https://immerjs.github.io/immer/complex-objects#semantics-in-detail
• 10.0.4 - 2024-03-09
  

  10.0.4 (2024-03-09)

  Bug Fixes

  • Fix handling of Symbol and non-enumerable properties in finalization / freeze. Fixes #1096, #1087, #1091 (#1105)) (8949a3e)
• 10.0.4-beta - 2024-03-11
• 10.0.3 - 2023-10-02
  

  10.0.3 (2023-10-02)

  Bug Fixes

  • don't use .mjs file for react-native, which isn't supported by default. Fixes #1058 #1065 (#1075) (f6736a4)
• 10.0.3-beta - 2023-09-23
• 10.0.2 - 2023-05-09
  

  10.0.2 (2023-05-09)

  Bug Fixes

  • export Objectish type (#1043) (75e004d)
  • Move index.js.flow from dist/ -> dist/cjs/ to match index.js (#1038) (a3b5603)
• 10.0.1 - 2023-04-17
  

  10.0.1 (2023-04-17)

  Bug Fixes

  • production bundle was loaded incorrectly, fixes #1037 (707e72b)
• 10.0.0 - 2023-04-17
  

  10.0.0 (2023-04-17)

  Release notes

  • [breaking change] Immer 10 only supports modern browsers, that have support for Proxy, Reflect, Symbol and Map and Set.
  • [breaking change] There is no longer a UMD build exposed (thanks Mark Erikson for modernizing the build setup in #1032!
  • [breaking change] getters and setters are ignored by default on plain object, as this is a very uncommon case and provides a significant performance boost (ca 33%, but depends a lot on the scenario). Fixes #867, #1012. Thanks hrsh7th for implementing it in #941!
  • [breaking change] Promise based reducers are no longer supported. Conceptually it is an anti pattern to hold on to drafts over time. If needed the old behavior can still be achieved by leveraging createDraft and finishDraft.
  • [breaking change] ES5 mode (for legacy browsers) has been dropped. If your project relies on enableES5(), you SHOULD NOT upgrade Immer. enableES5 has been removed.
  • [breaking change] produce is no longer exposed as the default export. This improves eco system compatibility, and makes sure that there is only one correct way of doing things
  • [breaking change] enableAllPlugins has been removed, use enablePatches(); enableMapSet() instead
  • [breaking change] shortening the length of a JSON array now results in delete patches, rather than a mutation of the length property, in accordance with JSON spec. Thanks kshramt for implementing this in #964!
  • Immer is now an ESM package that can be directly imported into the browser. CJS should still work, UMD support has been removed.

  Overall, there is a rough performance increase of 33% for Immer (and in some cases significantly higher), and the (non gzipped) bundle size has reduced from 16 to 11.5 KB, while the the minimal gzipped import of just produce has remained roughly the same at 3.3 KB.

  For more details, see #1015

  Migration steps

  1. If you have any enableES5() call, don't migrate
  2. When using getters/ setters icmw plain objects, call useStrictShallowCopy(true) at startup
  3. Replace all default imports: Replace import produce from "immer" with import {produce} from "immer"
  4. Replace all calls to enableAllPlugins() with enablePatches(); enableMapSet(); to be more specific and smoothen future migrations.
  5. If any producer returned a Promise, refactor it to leverage createDraft instead. Roughly:
  const newState = await produce(oldState, recipe)

  // becomes
  const draft = createDraft(oldState)
  await recipe(draft)
  const newState = finishDraft(draft)

  
  


• 
  10.0.0-beta.7 - 2023-04-16
  


• 
  10.0.0-beta.6 - 2023-04-06
  


• 
  10.0.0-beta.4 - 2023-04-03
  


• 
  10.0.0-beta.3 - 2023-04-03
  


• 
  10.0.0-beta.2 - 2023-04-03
  


• 
  10.0.0-beta.1 - 2023-04-03
  


• 
  9.0.21 - 2023-03-23
  

  9.0.21 (2023-03-23)

  Bug Fixes

  • ensure type exports is first in package.json export declaration (#1018) (b6ccd0f)
• 9.0.20 - 2023-03-23
  

  9.0.20 (2023-03-23)

  Bug Fixes

  • patching maps failed when using number keys (#1025) (dd83e2e)
• 9.0.19 - 2023-01-27
  

  9.0.19 (2023-01-27)

  Bug Fixes

  • don't freeze drafts returned from produce if they were passed in as draft (#917) (46867f8)
  • produce results should never be frozen when returned from nested produces, to prevent 'hiding' drafts. Fixes #935 (a810960)
  • release and publish from 'main' rather than 'master' branch (82acc40)
  • revert earlier fix (#990) for recursive types (#1014) (3eeb331)
  • Upgrade Github actions to Node 16 attempt 1 (9d4ea93)
  • Upgrade Github actions to Node 16 attempt 2 (082eecd)
• 9.0.18 - 2023-01-15
• 9.0.17 - 2023-01-02
• 9.0.16 - 2022-10-22

from immer GitHub release notes

---

Important

• Warning: This PR contains a major version upgrade, and may be a breaking change.
• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
blog	❌ Failed (Inspect)			May 26, 2024 0:13am
storybook	❌ Failed (Inspect)			May 26, 2024 0:13am

[stale]

Is this still relevant? If so, what is blocking it? Is there anything you can do to help move it forward?

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.