[Snyk] Upgrade bootstrap from 4.0.0 to 4.4.1 #1
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade bootstrap from 4.0.0 to 4.4.1.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.The recommended version fixes:
npm:bootstrap:20180529
SNYK-JS-BOOTSTRAP-73560
SNYK-JS-BOOTSTRAP-173700
Release notes
Package name: bootstrap
Highlights
Here's what you need to know about v4.4.0. Remember that with every minor and major release of Bootstrap, we ship a new URL for our hosted docs to ensure URLs continue to work.- New responsive containers! Over a year in the making, fluid up to a particular breakpoint, available for all responsive tiers.
.row-cols
classes for quickly specifying the number of columns across breakpoints. This one is huge for those of you who have asked for responsive card decks.escape-svg()
function for simplifying our embeddedbackground-image
SVGs for forms and more.add()
andsubtract()
functions for avoiding errors and zero values from CSS's built incalc
feature.make-col-auto()
mixin to make our.col-auto
class available with custom HTML.:disabled
styles by moving selectors to[disabled]
.bg-variant()
,nav-divider()
, andform-control-focus()
mixins are now deprecated as they're going away in v5.:invalid
validation icon to be an alert instead of an×
to avoid confusion with browser functionality for clearing the form field value.Links
Highlights
.stretched-link
utility to make any anchor the size of it's nearestposition: relative
parent, perfect for entirely clickable cards!.text-break
utility for applyingword-break: break-word
.rounded-sm
and.rounded-lg
for small and largeborder-radius
..modal-dialog-scrollable
modifier class for scrolling content within a modal..list-group-horizontal
modifier classes for displaying list groups as a horizontal row.null
for variables that by default inherit their values from other elements (e.g.,$headings-color
wasinherit
and is nownull
until you modifier it in your custom CSS).background-color
like our buttons.href
HTML attribute to avoid JavaScript errors. Please try to use valid selectors or thedata-target
HTML attribute/target
option where available.white-space: nowrap
to.dropdown-toggle
(before v4.2.1 it was on all.btn
s) so carets don't wrap to new lines.img-retina
,invisible
,float
, andsize
mixins are now deprecated and will be removed in v5.Links
Bump to v4.2.1 to republish package on npm. See v4.2.0 release notes for changes introduced in v4.2.
:not(:root)
selector from oursvg
Reboot styles, resolving an issue that caused all inline SVGs ignorevertical-align
styles via single class due to higher specificity.package.json
to a separate file to avoid unintended inherited browser settings across npm projects..form-control
s now have a fixedheight
to compensate for differences in computed height across differenttype
s. This also fixes some IE alignment issues.Noto Color Emoji
to our system font stack for better rendering in Linux OSes.Checkout the v4.1.2 ship list and GitHub project for the full details.
Commit messages
Package name: bootstrap
Compare
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs