Bump redux from 3.6.0 to 3.7.2

[dependabot-preview]

Bumps redux from 3.6.0 to 3.7.2.

Release notes

Sourced from redux's releases.

v3.7.2

Changes

• Fixed the definition of 'Reducer' for TypeScript 2.4. (#2467 by @​DanielRosenwasser)

v3.7.1

This reverts the console.error on bindActionCreators() coming from #2279.

While well-intentioned, when star importing all exports from a module (import * as actions from './actions'), transpilation by Babel defaults to adding a default and __esModule property to the import, which are not functions. While it can be disabled, this isn't common to do and leads to a lot of confusion. So, we're reverting the change.

Thanks for the feedback from everyone and the civility and healthy discourse on the issue!

v3.7.0

Another long break!

Oh, hey! I didn't see you sitting there. You look bored. How about a Redux release to spice things up?

Not a huge set of changes to report here. The biggest change, and the reason for the minor bump, is the UMD build is now done via Rollup. One big advantage is more readable code in the bundle. Rollup does "scope hoisting", which is a fancy term for putting every module at the top level of the file. Other than a surrounding IIFE, all of the code in Redux all lives together. You can compare the two here:

Rollup UMD build
vs
Webpack UMD build

There is also a cost savings of 30,811 vs 26,880 bytes, and 6,999 vs 5,995 bytes minified. Redux is already a small library, and this helps shave some extra bytes for our UMD users.

One thing to note is that Webpack has introduced it's own scope hoisting feature in 3.0 beta. So, this isn't intended as an indictment of Webpack. You should continue to use it in your own apps. The adage of "Webpack is for apps, Rollup is for libraries" definitely holds true. It still has a superior developer experience with hot module reloading and webpack-dev-server. But use whatever makes sense for your project, not just whatever we use. 😄

We're also looking at applying this to the NPM bundle. The main motivation is again more readable code in your bundles. Instead of transpilation oddities from Babel, you will end up with a single clean file, which should be easier to read through and debug. It's currently scheduled for the big, mythical 4.0 release and you can follow along in #2358

Changes

• Build UMD with rollup (#2283 by @​TrySound)
• Warn when bindActionCreators encounters non-function property (#2279 by @​artgillespie)
• Update variables to ES6 (#2169 by @​dfrownfelter)
• Remove filtering inside compose (#2167 by @​istarkov)
• Simplify compose (#2147 by @​JoeCortopassi)

Commits

• 8f60ba3 3.7.2
• f4c908b Add new discussion links to Performance (#2500)
• b8cf8aa writing tests for middleware example changed (#2496)
• 7c68f34 Add new links to Code Structure (#2494)
• d019f11 Fix a typo (#2497)
• e9067e6 Add link to Full Stack React article
• c1953b0 Add sandboxes to the examples in the docs (#2487)
• 6ca30fb Add Sandboxes for almost all examples (#2486)
• 0de7e5b Fixed the definition of 'Reducer' for TypeScript 2.4. (#2467)
• 6eed34d Switch prepublish to prepare script for npm 5 warning
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Note: This repo was added to Dependabot recently, so you'll receive a maximum of 5 PRs for your first few update runs. Once an update run creates fewer than 5 PRs we'll remove that limit.

You can always request more updates by clicking Bump now in your Dependabot dashboard.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.