Upgrade antd from 5.19.3 to 5.20.0 for Security Improvements

[sumansaurabh]

User description

Snyk has created this PR to upgrade antd from 5.19.3 to 5.20.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 2 versions ahead of your current version.

• The recommended version was released on a month ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Server-side Request Forgery (SSRF) SNYK-JS-AXIOS-7361793	833	Proof of Concept

Release notes

Package name: antd

• 5.20.0 - 2024-08-03
  
  • 🛠 Replace ColorPicker internal @ ctrl/tiny-color with @ ant-design/fast-color. #49846
  • 🆕 ConfigProvider support indicator property for Spin. #50183 @ coding-ice
  • 🆕 Upload showUploadList support extra for additional content. #50098 @ guoyunhe
  • 🆕 Tree support custom loading icon for tree nodes with new prop switcherLoadingIcon. #49716 @ coding-ice
  • 🆕 Slider support range.editable to dynamic add/remove handles. #49923
  • 🆕 Slider range.editable support minCount and maxCount. #49987
  • 🆕 Support custom status render in QRCode. #49563 @ kiner-tang
  • 🆕 Table component supports custom Filter dropdown box empty status. #49613 @ Wxh16144
  • 🆕 Allow user to add the Divider style of dashed, dotted or solid. #49654 @ pinaki-08
  • 🆕 InputNumber supports suffix prop. #49674 @ coding-ice
  • 🆕 ColorPicker support gradient color type and fix controlled mode not working. #50050
  • 🆕 Input/TextArea/Mentions support onClear prop. #49905 @ li-jia-nan
  • ⌨️ Optimize Input be changed repeatedly when hold the enter key in multi-mode. rc-input#72 @ crazyair
  • 🐞 Fix the issue where line-height is not effective in cssinjs mode for ColorPicker. #50220 @ vagusX
  • 🐞 Fix cursor disabled state for ColorPicker. #50217 @ coding-ice
  • 🐞 Fix grouping columns does not apply sorting for Table. #50086 @ Zyf665
  • 🐞 Fix Popover/PopConfirm/Tooltip with topLeft, topRight, bottomLeft, bottomRight zoom in transform origin not correct when target element width is too large. #50134
  • 💄 Fix Tree filter node style lost. #49773 @ wanpan11
  • 💄 Optimize ColorPicker when selecting a color from the transparent state, it defaults to using a bright color instead of black color to enhance the user interaction experience. #50148
  • TypeScript
    • 🤖 Component Token support string and number. #49837 @ thinkasany
    • 🤖 Improve Radio export types. #50203 @ baicie
  • 🌐 Locales
    • 🇪🇸 Improve Spanish translation. #50179 @ sergioalmela
    • 🇺🇦 Add missed translation in uk_UA. #50178 @ Andrik264

  ---

  • 🛠 替换 ColorPicker 内部使用的 @ ctrl/tiny-color 为 @ ant-design/fast-color。#49846
  • 🆕 ConfigProvider 支持配置 Spin 的 indicator 属性。#50183 @ coding-ice
  • 🆕 Upload showUploadList 添加 extra 以支持渲染额外信息。#50098 @ guoyunhe
  • 🆕 Tree 新增 switcherLoadingIcon 属性以支持自定义树节点的加载图标#49716 @ coding-ice
  • 🆕 Slider 支持 range.editable 以动态添加/删除节点。#49923
  • 🆕 Slider range.editable 支持 minCount 与 maxCount 以配置可编辑节点树。#49987
  • 🆕 在 QRCode 中支持自定义状态渲染。#49563 @ kiner-tang
  • 🆕 Table 组件支持自定义过滤器下拉框空状态。 #49613 @ Wxh16144
  • 🆕 Divider 支持添加 dashed（虚线）、dotted（点线）或 solid（实线）的样式。#49654 @ pinaki-08
  • 🆕 InputNumber 支持 suffix 属性。#49674 @ coding-ice
  • 🆕 ColorPicker 支持渐变色选择，并修复受控模式不生效的问题。#50050
  • 🆕 Input/TextArea/Mentions 组件支持 onClear 回调，便于区分点击 x 清除和手动清除这两个行为。#49905 @ li-jia-nan
  • ⌨️ 优化 Input 下长按回车会不断触发变更的问题。rc-input#72 @ crazyair
  • 🐞 修复 ColorPicker 在 cssinjs 模式下 line-height 失效的问题。#50220 @ vagusX
  • 🐞 修复 ColorPicker 在 disabled 状态下的光标问题. #50217 @ coding-ice
  • 🐞 修复 Table 中列存在分组时，排序不生效的问题。#50086 @ Zyf665
  • 🐞 修复 Popover/PopConfirm/Tooltip 在目标元素宽度过大时，使用 topLeft, topRight, bottomLeft, bottomRight 的弹出动画起始缩放中心有所偏移的问题。#50134
  • 💄 修复 Tree 组件 filter-node 节点高亮样式丢失。#49773 @ wanpan11
  • 💄 优化 ColorPicker 当从 transparent 状态进行颜色选取时，默认使用亮色以代替原本的纯黑色以提升用户交互体验。#50148
  • TypeScript
    • 🤖 Component Token 支持 string 或 number。#49837 @ thinkasany
    • 🤖 改进 Radio 类型导出。#50203 @ baicie
  • 🌐 Locales
    • 🇪🇸 改进西班牙语本地化文案。#50179 @ sergioalmela
    • 🇺🇦 补全 uk_UA 本地化文案。#50178 @ Andrik264
• 5.19.4 - 2024-07-30
  
  • 🐞 Fix the internal elements of Form.Item did not inherit the row height. #50020 @ Wanpan
  • 🐞 Fix Overlay is still displayed when both Popover title and content do not exist. #50064 @ LLmoskk
  • 🐞 Fix the Token of Empty setting opacityImage does not take effect. #50066 @ thinkasany
  • 💄 Fix Tour overflowed the screen on mobile devices. #50082
  • 💄 Fix hover style of Checkbox indeterminate state. #50083
  • 💄 Fix DatePicker selection style is not intuitive under rtl. #50045 @ Layouwen
  • 💄 Fix Descriptions overflowing the container in bordered mode. #49946 @ leefinder
  • 🛠 MISC: Migrate common style tools to @ ant-design/cssinjs-utils. #50030 @ YumoImer
  • 🌐 Locales
    • 🇵🇱 Add DatePicker locales for pl_PL. #50023 @ ang33l
    • 🇧🇪🇫🇷 Add Modal Tour locales for fr_BE fr_FR. #50058 @ JaccoGoris

  ---

  • 🐞 修复 Form.Item 内部元素没有继承行高的问题。#50020 @ Wanpan
  • 🐞 修复 Popover title 和 content 都不存在时 Overlay 仍显示的问题。#50064 @ LLmoskk
  • 🐞 修复 Empty Token 设置 opacityImage 不生效的问题。#50066 @ thinkasany
  • 💄 修复 Tour 在移动端下溢出屏幕的问题。#50082
  • 💄 修复 Checkbox indeterminate 状态的 hover 样式。#50083
  • 💄 修复 DatePicker 在 rtl 下选择样式不符直觉。#50045 @ Layouwen
  • 💄 修复 Descriptions 在 bordered 模式下溢出容器的问题。#49946 @ leefinder
  • 🛠 MISC：将通用样式工具迁移到 @ ant-design/cssinjs-utils。#50030 @ YumoImer
  • 🌐 国际化
    • 🇵🇱 为 pl_PL 补充 DatePicker 国际化。#50023 @ ang33l
    • 🇧🇪🇫🇷 为 fr_BE fr_FR 补充 Modal Tour 国际化。#50058 @ JaccoGoris
• 5.19.3 - 2024-07-19
  
  • 🐞 Fix Table sorter argument of onChange with unexpected value. #49533 @ Zyf665
  • 🐞 Fix Pagination token.itemBg not working. #49933
  • 🐞 Fix List wrong align style of pagination. #49925 @ coding-ice
  • 🐞 Fix Image cannot exit preview, when click blank area on both sides of aciton bar. #49915 @ wanpan11
  • 🐞 Fix Card border radius cannot works for non-img elements from cover property. #49862 @ coding-ice
  • 💄 Fix Dropdown menu item wrong wrap style at edge of viewport. #49899
  • 💄 Fix Descriptions items may too close with each other. #49895 @ crazyair
  • ⌨️ Optimize Select be changed repeatedly when hold the enter key in multi-mode. #49963 @ crazyair
  • 🇪🇬 Add missing translation for the Arabic language(Egypt) (ar_EG). #49852 @ ahmedsamirdev
  • TypeScript
    • 🤖 Reuse Tooltips type definitions for ColorPicker. #49949 @ Wxh16144

  ---

  • 🐞 修复 Table 的 onChange 事件中排序器参数错误的问题。#49533 @ Zyf665
  • 🐞 修复 Pagination token.itemBg 设置不生效的问题。#49933
  • 🐞 修复 List 默认分页位置错误的问题。#49925 @ coding-ice
  • 🐞 修复 Image 预览操作栏两侧空白区域被点击时，无法关闭预览的问题。#49915 @ wanpan11
  • 🐞 修复 Card 圆角对 cover 属性中的非 img 元素不生效的问题。#49862 @ coding-ice
  • 💄 修复 Dropdown 菜单内容在视口边缘换行的问题。#49899
  • 💄 修复 Descriptions 子项之间可能没有边距的问题。#49895 @ crazyair
  • ⌨️ 优化 Select 多选模式下长按回车会不断触发变更的问题。#49963 @ crazyair
  • 🇪🇬 添加阿拉伯文(埃及) (ar_EG) 的翻译。#49852 @ ahmedsamirdev
  • TypeScript
    • 🤖 复用 Tooltips 的定义以简化 ColorPicker 的类型声明。#49949 @ Wxh16144

from antd GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• Snyk has automatically assigned this pull request, set who gets assigned.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 👩‍💻 Set who automatically gets assigned
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

---

Description

• Upgraded antd to version 5.20.0 to improve security and functionality.
• This upgrade addresses vulnerabilities, including a high severity SSRF issue.
• Keeping dependencies up-to-date helps in quickly identifying and fixing vulnerabilities.

---

Changes walkthrough 📝

	Relevant files
Dependencies	package.json Upgrade `antd` Dependency to Latest Version                            package.json Upgraded antd from version 5.19.3 to 5.20.0. +1/-1

[penify-dev]

PR Review 🔍

⏱️ Estimated effort to review [1-5]	1, because the change is straightforward and involves only a version update in the package.json file.
🧪 Relevant tests	No
⚡ Possible issues	No
🔒 Security concerns	No

[penify-dev]

PR Code Suggestions ✨

Category	Suggestion	Score
Possible issue	Verify compatibility of the new antd version with existing dependencies Consider verifying the compatibility of antd version 5.20.0 with other dependencies to avoid potential conflicts or issues in the application. package.json [18] -"antd": "^5.20.0", +"antd": "^5.20.0", // Ensure compatibility with other dependencies Suggestion importance[1-10]: 7 Why: The suggestion addresses a valid concern regarding dependency compatibility, which is important for maintaining application stability, but it does not directly change the code itself.	7