Bump react-dom from 16.3.1 to 16.3.3

[dependabot[bot]]

Bumps react-dom from 16.3.1 to 16.3.3.

Release notes

Sourced from react-dom's releases.

v16.3.2

16.3.2 (April 16, 2018)

React

• Improve the error message when passing null or undefined to React.cloneElement. (@​nicolevy in #12534)

React DOM

• Fix an IE crash in development when using <StrictMode>. (@​bvaughn in #12546)
• Fix labels in User Timing measurements for new component types. (@​bvaughn in #12609)
• Improve the warning about wrong component type casing. (@​nicolevy in #12533)
• Improve general performance in development mode. (@​gaearon in #12537)
• Improve performance of the experimental unstable_observedBits API with nesting. (@​gaearon in #12543)

React Test Renderer

• Add a UMD build. (@​bvaughn in #12594)

Changelog

Sourced from react-dom's changelog.

16.3.3 (August 1, 2018)

React DOM Server

• Fix a potential XSS vulnerability when the attacker controls an attribute name (CVE-2018-6341). This fix is available in the latest [email protected], as well as in previous affected minor versions: [email protected], [email protected], [email protected], and [email protected]. (@​gaearon in #13302)

16.3.2 (April 16, 2018)

React

• Improve the error message when passing null or undefined to React.cloneElement. (@​nicolevy in #12534)

React DOM

• Fix an IE crash in development when using <StrictMode>. (@​bvaughn in #12546)
• Fix labels in User Timing measurements for new component types. (@​bvaughn in #12609)
• Improve the warning about wrong component type casing. (@​nicolevy in #12533)
• Improve general performance in development mode. (@​gaearon in #12537)
• Improve performance of the experimental unstable_observedBits API with nesting. (@​gaearon in #12543)

React Test Renderer

• Add a UMD build. (@​bvaughn in #12594)

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language