Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): bump react-router-dom from 6.20.1 to 6.28.0 in /demos/jans-tarp #10083

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps): bump react-router-dom from 6.20.1 to 6.28.0 in /demos/jans-tarp #10083

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 7, 2024

Bumps react-router-dom from 6.20.1 to 6.28.0.

Release notes

Sourced from react-router-dom's releases.

[email protected]

Patch Changes

[email protected]

Patch Changes

[email protected]

Patch Changes

[email protected]

Patch Changes

[email protected]

Patch Changes

[email protected]

Patch Changes

[email protected]

Patch Changes

[email protected]

... (truncated)

Changelog

Sourced from react-router-dom's changelog.

6.28.0

Minor Changes

    • Log deprecation warnings for v7 flags (#11750)
    • Add deprecation warnings to json/defer in favor of returning raw objects
      • These methods will be removed in React Router v7

Patch Changes

6.27.0

Minor Changes

  • Stabilize unstable_patchRoutesOnNavigation (#11973)
    • Add new PatchRoutesOnNavigationFunctionArgs type for convenience (#11967)
  • Stabilize unstable_dataStrategy (#11974)
  • Stabilize the unstable_flushSync option for navigations and fetchers (#11989)
  • Stabilize the unstable_viewTransition option for navigations and the corresponding unstable_useViewTransitionState hook (#11989)

Patch Changes

  • Fix bug when submitting to the current contextual route (parent route with an index child) when an ?index param already exists from a prior submission (#12003)

  • Fix useFormAction bug - when removing ?index param it would not keep other non-Remix index params (#12003)

  • Fix types for RouteObject within PatchRoutesOnNavigationFunction's patch method so it doesn't expect agnostic route objects passed to patch (#11967)

  • Updated dependencies:

6.26.2

Patch Changes

6.26.1

Patch Changes

  • Rename unstable_patchRoutesOnMiss to unstable_patchRoutesOnNavigation to match new behavior (#11888)

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): bump react-router-dom in /demos/jans-tarp
3a7f41e 
Bumps [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom) from 6.20.1 to 6.28.0.
- [Release notes](https://github.com/remix-run/react-router/releases)
- [Changelog](https://github.com/remix-run/react-router/blob/[email protected]/packages/react-router-dom/CHANGELOG.md)
- [Commits](https://github.com/remix-run/react-router/commits/[email protected]/packages/react-router-dom)

---
updated-dependencies:
- dependency-name: react-router-dom
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot requested a review from duttarnab as a code owner November 7, 2024 10:33
@dependabot dependabot bot added javascript Pull requests that update Javascript code kind-dependencies Pull requests that update a dependency file labels Nov 7, 2024
@dependabot dependabot bot mentioned this pull request Nov 7, 2024
Closed
@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Nov 7, 2024

DryRun Security Summary

The code change in this pull request updates the version of the react-router-dom dependency from 6.20 to 6.28 in the package.json file, which is a routine dependency update that should not pose any significant application security risks as long as the update is properly reviewed and the application is thoroughly tested.

Expand for full summary

Summary:

The code change in this pull request updates the version of the react-router-dom dependency from 6.20 to 6.28 in the package.json file. From an application security perspective, this change does not immediately raise any major concerns. Updating dependencies to their latest versions is generally a good practice, as it can provide bug fixes, security improvements, and new features.

However, it's important to thoroughly review the changelog and release notes for the new version of react-router-dom to ensure that there are no known security vulnerabilities or breaking changes that could impact the application. Additionally, the application should be thoroughly tested after the dependency update to ensure that the application continues to function as expected. Overall, the code change appears to be a routine dependency update, which is a common and necessary practice in software development. As long as the update is properly reviewed and the application is thoroughly tested, this change should not pose any significant application security risks.

Files Changed:

  • demos/jans-tarp/package.json: The version of the react-router-dom dependency has been updated from 6.20 to 6.28.

Code Analysis

We ran 9 analyzers against 1 file and 1 analyzer had findings. 8 analyzers had no findings.

Analyzer Findings
Sensitive Files Analyzer 1 finding

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@duttarnab duttarnab Awaiting requested review from duttarnab duttarnab is a code owner

@devrimyatar devrimyatar Awaiting requested review from devrimyatar

@iromli iromli Awaiting requested review from iromli

@jgomer2001 jgomer2001 Awaiting requested review from jgomer2001

@moabu moabu Awaiting requested review from moabu

@yurem yurem Awaiting requested review from yurem

@yuriyz yuriyz Awaiting requested review from yuriyz

@yuriyzz yuriyzz Awaiting requested review from yuriyzz

At least 2 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
javascript Pull requests that update Javascript code kind-dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants