Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[Snyk] Upgrade realm from 11.3.1 to 11.5.0 (#2660)
<h3>Snyk has created this PR to upgrade realm from 11.3.1 to
11.5.0.</h3>
:information_source: Keep your dependencies up-to-date. This makes it
easier to fix existing vulnerabilities and to more quickly identify and
fix newly disclosed vulnerabilities when they affect your project.
<hr/>
- The recommended version is **3 versions** ahead of your current
version.
- The recommended version was released **25 days ago**, on 2023-02-19.
<details>
<summary><b>Release notes</b></summary>
<br/>
<details>
<summary>Package name: <b>realm</b></summary>
<ul>
<li>
<b>11.5.0</b> - <a
href="https://snyk.io/redirect/github/realm/realm-js/releases/tag/v11.5.0">2023-02-19</a></br><h3>Deprecations</h3>
<ul>
<li>The ECMAScript Array APIs (such as <code>map</code>,
<code>every</code>, access using indexing operator <code>[]</code>,
etc.) on the <code>SubscriptionSet</code> types were deprecated.
<ul>
<li>The existing methods will continue to work until the next major
version.</li>
<li>The following will <strong>not</strong> be removed from
<code>BaseSubscriptionSet</code>:
<ul>
<li>Being iterable (e.g using <code>for-of</code> loop).</li>
<li>Being able to spread (e.g.
<code>[...realm.subscriptions]</code>).</li>
</ul>
</li>
</ul>
</li>
</ul>
<h3>Enhancements</h3>
<ul>
<li>Converting flexible sync Realms to bundled and local Realms is now
supported. (<a
href="https://snyk.io/redirect/github/realm/realm-core/pull/6076"
data-hovercard-type="pull_request"
data-hovercard-url="/realm/realm-core/pull/6076/hovercard">realm/realm-core#6076</a>)</li>
<li>For client reset mode <code>onRecoveryOrDiscard</code>, the
<code>onDiscard</code> and <code>onRecovery</code> callbacks now have
simple default values. (<a
href="https://snyk.io/redirect/github/realm/realm-js/pull/5288"
data-hovercard-type="pull_request"
data-hovercard-url="/realm/realm-js/pull/5288/hovercard">#5288</a>,
since v11.1.0)</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Fixed possible segfault in sync client where async callback was
using object after being deallocated. (<a
href="https://snyk.io/redirect/github/realm/realm-core/issues/6053"
data-hovercard-type="issue"
data-hovercard-url="/realm/realm-core/issues/6053/hovercard">realm/realm-core#6053</a>,
since v10.11.0)</li>
<li>Fixed crash when using client reset with recovery and flexible sync
with a single subscription (<a
href="https://snyk.io/redirect/github/realm/realm-core/issues/6070"
data-hovercard-type="issue"
data-hovercard-url="/realm/realm-core/issues/6070/hovercard">#6070</a>,
since v10.19.5)</li>
<li>If <code>path</code> is defined in the configuration, it will used
for synced Realms too. Relative paths will be appended to a default
prefix (prefix is computed using app id and user id). Absolute paths are
left untouched. (since v10.0.0)</li>
<li>Fixed a bug related to parsing the client reset configuration. (<a
href="https://snyk.io/redirect/github/realm/realm-js/pull/5288"
data-hovercard-type="pull_request"
data-hovercard-url="/realm/realm-js/pull/5288/hovercard">#5288</a>,
since v11.1.0)</li>
<li>Client reset with recovery or discard local could fail if there were
dangling links in lists that got ressurected while the list was being
transferred from the fresh Realm. (<a
href="https://snyk.io/redirect/github/realm/realm-core/issues/6292"
data-hovercard-type="issue"
data-hovercard-url="/realm/realm-core/issues/6292/hovercard">realm/realm-core#6292</a>,
since v10.10.0)</li>
<li>Sharing Realm files between a Catalyst app and Realm Studio did not
properly synchronize access to the Realm file. (<a
href="https://snyk.io/redirect/github/realm/realm-core/pull/6258"
data-hovercard-type="pull_request"
data-hovercard-url="/realm/realm-core/pull/6258/hovercard">realm/realm-core#6258</a>,
since v6.1.0)</li>
<li>When client reset with recovery is used and the recovery does not
actually result in any new local commits, the sync client may have
gotten stuck in a cycle with a <code>A fatal error occured during client
reset: 'A previous 'Recovery' mode reset from <timestamp> did not
succeed, giving up on 'Recovery' mode to prevent a cycle'</code> error
message. (<a
href="https://snyk.io/redirect/github/realm/realm-core/issues/6195"
data-hovercard-type="issue"
data-hovercard-url="/realm/realm-core/issues/6195/hovercard">realm/realm-core#6195</a>,
since v10.18.0)</li>
<li>Fixed diverging history in flexible sync if writes occur during
bootstrap to objects that just came into view. (<a
href="https://snyk.io/redirect/github/realm/realm-core/issues/5804"
data-hovercard-type="issue"
data-hovercard-url="/realm/realm-core/issues/5804/hovercard">realm/realm-core#5804</a>,
since v10.11.0)</li>
<li>If a client reset with recovery or discard local is interrupted
while the "fresh" Realm is being downloaded, the sync client may crash
with a <code>MultipleSyncAgents</code> exception (<a
href="https://snyk.io/redirect/github/realm/realm-core/issues/6217"
data-hovercard-type="issue"
data-hovercard-url="/realm/realm-core/issues/6217/hovercard">realm/realm-core#6217</a>,
since v10.15.0)</li>
<li>Online compaction may cause a single commit to take a long time. (<a
href="https://snyk.io/redirect/github/realm/realm-core/pull/6245"
data-hovercard-type="pull_request"
data-hovercard-url="/realm/realm-core/pull/6245/hovercard">realm/realm-core#6245</a>,
since v11.3.0-rc.0)</li>
</ul>
<h3>Compatibility</h3>
<ul>
<li>React Native >= v0.71.0</li>
<li>Atlas App Services.</li>
<li>Realm Studio v13.0.0.</li>
<li>File format: generates Realms with format v23 (reads and upgrades
file format v5 or later for non-synced Realm, upgrades file format v10
or later for synced Realms).</li>
</ul>
<h3>Internal</h3>
<ul>
<li>Upgrade Example to use React Native 0.71.1 (<a
href="https://snyk.io/redirect/github/realm/realm-js/pull/5438"
data-hovercard-type="pull_request"
data-hovercard-url="/realm/realm-js/pull/5438/hovercard">#5438</a>)</li>
<li>Upgraded Realm Core from v13.1.1 to v13.4.2. (<a
href="https://snyk.io/redirect/github/realm/realm-js/issues/5174"
data-hovercard-type="issue"
data-hovercard-url="/realm/realm-js/issues/5174/hovercard">#5174</a>, <a
href="https://snyk.io/redirect/github/realm/realm-js/issues/5244"
data-hovercard-type="issue"
data-hovercard-url="/realm/realm-js/issues/5244/hovercard">#5244</a>, <a
href="https://snyk.io/redirect/github/realm/realm-js/issues/5419"
data-hovercard-type="issue"
data-hovercard-url="/realm/realm-js/issues/5419/hovercard">#5419</a> and
<a href="https://snyk.io/redirect/github/realm/realm-js/issues/5450"
data-hovercard-type="issue"
data-hovercard-url="/realm/realm-js/issues/5450/hovercard">#5450</a>)</li>
<li>Unpin Xcode version when building locally and upgrade the Xcode
version used by Github Actions.</li>
<li>Enable tests for notifications on dictionary.</li>
<li>Automate releasing package on Github Actions.</li>
<li>Upgrade OpenSSL v1.1.1n to v3.0.8. (<a
href="https://snyk.io/redirect/github/realm/realm-core/pull/6097"
data-hovercard-type="pull_request"
data-hovercard-url="/realm/realm-core/pull/6097/hovercard">realm/realm-core#6097</a>
and <a href="https://snyk.io/redirect/github/realm/realm-core/pull/6305"
data-hovercard-type="pull_request"
data-hovercard-url="/realm/realm-core/pull/6305/hovercard">realm/realm-core#6305</a>)</li>
</ul>
</li>
<li>
<b>11.4.0</b> - <a
href="https://snyk.io/redirect/github/realm/realm-js/releases/tag/v11.4.0">2023-01-23</a></br><h3>Fixed</h3>
<ul>
<li>Fix no notification for write transaction that contains only change
to backlink property. (<a
href="https://snyk.io/redirect/github/realm/realm-core/issues/4994"
data-hovercard-type="issue"
data-hovercard-url="/realm/realm-core/issues/4994/hovercard">realm/realm-core#4994</a>,
since v10.8.0)</li>
</ul>
<h3>Compatibility</h3>
<ul>
<li>React Native >= v0.71.0</li>
<li>File format: generates Realms with format v23 (reads and upgrades
file format v5 or later for non-synced Realm, upgrades file format v10
or later for synced Realms).</li>
</ul>
<h3>Internal</h3>
<ul>
<li>Upgraded Realm Core from v13.1.1 to v13.1.2. (<a
href="https://snyk.io/redirect/github/realm/realm-js/issues/5174"
data-hovercard-type="issue"
data-hovercard-url="/realm/realm-js/issues/5174/hovercard">#5174</a>)</li>
<li>Switching from NDK 21 to NDK 23 for Android builds, and bumping the
required CMake version to 3.21.4. Sizes of binaries are found below. (<a
href="https://snyk.io/redirect/github/realm/realm-js/issues/3905"
data-hovercard-type="issue"
data-hovercard-url="/realm/realm-js/issues/3905/hovercard">#3905</a>)</li>
</ul>
<table>
<thead>
<tr>
<th>Architecture</th>
<th>NDK 21</th>
<th>NDK 23</th>
</tr>
</thead>
<tbody>
<tr>
<td>armeabi-v7a</td>
<td>5415116</td>
<td>5554692</td>
</tr>
<tr>
<td>x86</td>
<td>9760312</td>
<td>10905472</td>
</tr>
<tr>
<td>arm64-v8a</td>
<td>8883176</td>
<td>9547032</td>
</tr>
<tr>
<td>x86_64</td>
<td>9879208</td>
<td>10574368</td>
</tr>
</tbody>
</table>
</li>
<li>
<b>11.3.2</b> - <a
href="https://snyk.io/redirect/github/realm/realm-js/releases/tag/v11.3.2">2023-01-17</a></br><h3>DEPRECATED</h3>
<p>Please use either 11.3.1 or 11.4.0, depending on what version of
React Native you are using.</p>
</li>
<li>
<b>11.3.1</b> - <a
href="https://snyk.io/redirect/github/realm/realm-js/releases/tag/v11.3.1">2022-12-07</a></br><h3>Fixed</h3>
<ul>
<li>Not possible to open an encrypted file on a device with a page size
bigger than the one on which the file was produced. (<a
href="https://snyk.io/redirect/github/realm/realm-swift/issues/8030"
data-hovercard-type="issue"
data-hovercard-url="/realm/realm-swift/issues/8030/hovercard">#8030</a>,
since v11.1.0)</li>
<li>Empty binary values will no longer be treated as null (<a
href="https://snyk.io/redirect/github/realm/realm-js/issues/5114"
data-hovercard-type="issue"
data-hovercard-url="/realm/realm-js/issues/5114/hovercard">#5114</a>,
since v10.5.0)</li>
</ul>
<h3>Compatibility</h3>
<ul>
<li>React Native >= v0.70.0</li>
<li>Atlas App Services.</li>
<li>Realm Studio v13.0.0.</li>
<li>File format: generates Realms with format v23 (reads and upgrades
file format v5 or later for non-synced Realm, upgrades file format v10
or later for synced Realms).</li>
</ul>
<h3>Internal</h3>
<ul>
<li>Upgraded Realm Core from v13.1.0 to v13.1.1. (<a
href="https://snyk.io/redirect/github/realm/realm-js/issues/5154"
data-hovercard-type="issue"
data-hovercard-url="/realm/realm-js/issues/5154/hovercard">#5154</a>)</li>
</ul>
</li>
</ul>
from <a
href="https://snyk.io/redirect/github/realm/realm-js/releases">realm
GitHub release notes</a>
</details>
</details>
<details>
<summary><b>Commit messages</b></summary>
</br>
<details>
<summary>Package name: <b>realm</b></summary>
<ul>
<li><a
href="https://snyk.io/redirect/github/realm/realm-js/commit/12bc38cbb02bd2ebbce4b9d311c316ca7c205b1a">12bc38c</a>
[11.5.0] Bump version</li>
<li><a
href="https://snyk.io/redirect/github/realm/realm-js/commit/d3697007858dc91a722f9e654ae02e2d5c06c93c">d369700</a>
Upgrade to Realm Core v13.4.2 (#5453)</li>
<li><a
href="https://snyk.io/redirect/github/realm/realm-js/commit/4cbf5d49d289642261211f6e30f7cc91dbb784df">4cbf5d4</a>
Upgrade to Realm Core v13.4.1 (#5435)</li>
<li><a
href="https://snyk.io/redirect/github/realm/realm-js/commit/d3cedd84f132df420f26a597d49ee6c883b4f1db">d3cedd8</a>
Use `rollup` for building `@ realm/react`
(#5446)</li>
<li><a
href="https://snyk.io/redirect/github/realm/realm-js/commit/106a9f323944022390f2a997c656977cb9b58276">106a9f3</a>
Update deploy-cluster.yml</li>
<li><a
href="https://snyk.io/redirect/github/realm/realm-js/commit/61524c62cfe9ed15d94463240648944d32c4ae29">61524c6</a>
Update publish-release.yml</li>
<li><a
href="https://snyk.io/redirect/github/realm/realm-js/commit/5057178932a06fb94a6360496729d243bfd43750">5057178</a>
Update deploy-cluster.yml</li>
<li><a
href="https://snyk.io/redirect/github/realm/realm-js/commit/4c3ad08d6e98694821515db657b31faa4be276f8">4c3ad08</a>
Update deploy-cluster.yml</li>
<li><a
href="https://snyk.io/redirect/github/realm/realm-js/commit/196201c089771b945d0fd49b3675fbd2f7c80657">196201c</a>
Deploy cluster workflow (#5420)</li>
<li><a
href="https://snyk.io/redirect/github/realm/realm-js/commit/f0ffa3c65deec6a479b3eab37d6438e5a74f454c">f0ffa3c</a>
Derive the config when deleting.</li>
<li><a
href="https://snyk.io/redirect/github/realm/realm-js/commit/24783288671f60b7882cd3264a3c5548d4663d72">2478328</a>
Update `useUser` to never return `null` (#5443)</li>
<li><a
href="https://snyk.io/redirect/github/realm/realm-js/commit/fe0a4e3757c6bb8f2f5858d5ea41ba25fbeee76f">fe0a4e3</a>
Revert "Use clusterName as differentiator"</li>
<li><a
href="https://snyk.io/redirect/github/realm/realm-js/commit/b6696df7b99a0268842778bd84263e2386916f34">b6696df</a>
Use clusterName as differentiator</li>
<li><a
href="https://snyk.io/redirect/github/realm/realm-js/commit/1b804bfc02953c001f3b2f6f78b36687f3ae8e7f">1b804bf</a>
Moved `closeThisRealm` and simplified `closeRealm`
(#5437)</li>
<li><a
href="https://snyk.io/redirect/github/realm/realm-js/commit/2cc1541b2ddbe82c5a8ccd5c334331ef8e5b3279">2cc1541</a>
Fix "Invalid Realm passed to bind_to_context()" when clearing
test state (#5436)</li>
<li><a
href="https://snyk.io/redirect/github/realm/realm-js/commit/84f1d3cb0185b4486f3edb36057631d7f99da7b6">84f1d3c</a>
Create Default Provider and Hooks for `@ realm/react`
(#5340)</li>
<li><a
href="https://snyk.io/redirect/github/realm/realm-js/commit/4a5e32475c907748772c55a55bbcb84759ac8046">4a5e324</a>
Update Example to use Realm 0.71 (#5442)</li>
<li><a
href="https://snyk.io/redirect/github/realm/realm-js/commit/c04099fc7b7a2087c33a10d2d6c9fea3c8c6f782">c04099f</a>
Revert "Update Example to use Realm 0.71 (#5438)" (#5441)</li>
<li><a
href="https://snyk.io/redirect/github/realm/realm-js/commit/14f8179fd5f54eff8a127020e8ecfeba43b2e557">14f8179</a>
Update Example to use Realm 0.71 (#5438)</li>
<li><a
href="https://snyk.io/redirect/github/realm/realm-js/commit/dd7708373afd51fde6c752ba72f31697a142457f">dd77083</a>
Adding a `longTimeout` method to `Suite` and
`Context` (#5360)</li>
<li><a
href="https://snyk.io/redirect/github/realm/realm-js/commit/c9c4853431ae7730406806bf20267f0e0c891fa4">c9c4853</a>
Updated package-lock of the tests package</li>
<li><a
href="https://snyk.io/redirect/github/realm/realm-js/commit/308ce4f80252624b4852e883c97265550cebc801">308ce4f</a>
Update .gitignore</li>
<li><a
href="https://snyk.io/redirect/github/realm/realm-js/commit/650b6ed6a05b166589ee4a436e9a85668d18fb84">650b6ed</a>
Fixed vscode integration tests task</li>
<li><a
href="https://snyk.io/redirect/github/realm/realm-js/commit/e3bebc66a3fad604dcaf618bd224043b412b73f2">e3bebc6</a>
Merge pull request #5434 from realm/papafe-patch-1</li>
</ul>
<a
href="https://snyk.io/redirect/github/realm/realm-js/compare/14ddea6f64062f3f404de6ca3e6744ea803359b2...12bc38cbb02bd2ebbce4b9d311c316ca7c205b1a">Compare</a>
</details>
</details>
<hr/>
**Note:** *You are seeing this because you or someone else with access
to this repository has authorized Snyk to open upgrade PRs.*
For more information: <img
src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiJmYzRiZjQ0MS03YjdjLTQ1NWUtYmIwNy1kOTIxZTViOTVkMWYiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6ImZjNGJmNDQxLTdiN2MtNDU1ZS1iYjA3LWQ5MjFlNWI5NWQxZiJ9fQ=="
width="0" height="0"/>
🧐 [View latest project
report](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55?utm_source=github&utm_medium=referral&page=upgrade-pr)
🛠 [Adjust upgrade PR
settings](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr)
🔕 [Ignore this dependency or unsubscribe from future upgrade
PRs](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55/settings/integration?pkg=realm&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)
<!---
(snyk:metadata:{"prId":"fc4bf441-7b7c-455e-bb07-d921e5b95d1f","prPublicId":"fc4bf441-7b7c-455e-bb07-d921e5b95d1f","dependencies":[{"name":"realm","from":"11.3.1","to":"11.5.0"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55?utm_source=github&utm_medium=referral&page=upgrade-pr","projectPublicId":"852e6e4f-be96-45c8-b370-1060f5ebee55","env":"prod","prType":"upgrade","vulns":[],"issuesToFix":[],"upgrade":[],"upgradeInfo":{"versionsDiff":3,"publishedDate":"2023-02-19T15:33:31.722Z"},"templateVariants":[],"hasFixes":false,"isMajorUpgrade":false,"isBreakingChange":false,"priorityScoreList":[]})
--->
---------
Co-authored-by: snyk-bot <snyk-bot@snyk.io>- Loading branch information
1 parent
823319c
commit d54c193