Skip to content

chore(deps): bump the dependencies group across 1 directory with 7 updates #546

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps): bump the dependencies group across 1 directory with 7 updates #546

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 11, 2026

Bumps the dependencies group with 7 updates in the / directory:

Package From To
react 19.2.0 19.2.4
react-dom 19.2.0 19.2.4
react-router-dom 6.30.0 6.30.3
react-syntax-highlighter 15.6.1 15.6.6
scheduler 0.26.0 0.27.0
cmd-ts 0.13.0 0.14.3
semver 7.7.3 7.7.4

Updates react from 19.2.0 to 19.2.4

Release notes

Sourced from react's releases.

19.2.4 (January 26th, 2026)

React Server Components

19.2.3 (December 11th, 2025)

React Server Components

19.2.2 (December 11th, 2025)

React Server Components

19.2.1 (December 3rd, 2025)

React Server Components

Changelog

Sourced from react's changelog.

19.2.1 (Dec 3, 2025)

React Server Components

Commits

Updates react-dom from 19.2.0 to 19.2.4

Release notes

Sourced from react-dom's releases.

19.2.4 (January 26th, 2026)

React Server Components

19.2.3 (December 11th, 2025)

React Server Components

19.2.2 (December 11th, 2025)

React Server Components

19.2.1 (December 3rd, 2025)

React Server Components

Changelog

Sourced from react-dom's changelog.

19.2.1 (Dec 3, 2025)

React Server Components

Commits

Updates react-router-dom from 6.30.0 to 6.30.3

Release notes

Sourced from react-router-dom's releases.

react-router-dom-v5-compat@6.4.0-pre.15

Patch Changes

  • Updated dependencies
    • react-router@6.4.0-pre.15
    • react-router-dom@6.4.0-pre.15
Changelog

Sourced from react-router-dom's changelog.

v6.30.3

Date: 2026-01-07

Security Notice

This release addresses 1 security vulnerability:

Patch Changes

  • Validate redirect locations (#14707)

Full Changelog: v6.30.2...v6.30.3

v6.30.2

Date: 2025-11-13

Security Notice

This release addresses 1 security vulnerability:

Patch Changes

  • Normalize double-slashes in resolvePath (#14537)

Full Changelog: v6.30.1...v6.30.2

v6.30.1

Date: 2025-05-20

Patch Changes

  • Partially revert optimization added in 6.29.0 to reduce calls to matchRoutes because it surfaced other issues (#13623)
  • Stop logging invalid warning when v7_relativeSplatPath is set to false (#13502)

Full Changelog: v6.30.0...v6.30.1

Commits
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for react-router-dom since your current version.


Updates react-syntax-highlighter from 15.6.1 to 15.6.6

Release notes

Sourced from react-syntax-highlighter's releases.

v15.6.6

Updated overrides block attempting to solve transitive prismjs dependency issue:

"overrides": {
    "prismjs": "^1.30.0",
    "refractor": {
      "prismjs": "^1.30.0"
    }
  }

Full Changelog: react-syntax-highlighter/react-syntax-highlighter@v15.6.5...v15.6.6

v15.6.5

What's Changed

New Contributors

Full Changelog: react-syntax-highlighter/react-syntax-highlighter@v15.6.4...v15.6.5

v15.6.4

What's Changed

Full Changelog: react-syntax-highlighter/react-syntax-highlighter@v15.6.3...v15.6.4

v15.6.3

What's Changed

New Contributors

Full Changelog: react-syntax-highlighter/react-syntax-highlighter@v15.6.2...v15.6.3

v15.6.2

What's Changed

... (truncated)

Changelog

Sourced from react-syntax-highlighter's changelog.

Changelog

Commits

Updates scheduler from 0.26.0 to 0.27.0

Commits

Updates cmd-ts from 0.13.0 to 0.14.3

Release notes

Sourced from cmd-ts's releases.

v0.14.3

Patch Changes

  • e0afa2f: handle circuit breaker (--help and --version) before parsing arguments

v0.14.2

Patch Changes

  • 87565b2: Added onMissing callback support to flags, options, and custom types

    That allows providing dynamic fallback values when command-line arguments are not provided, This enables:

    • Hiding default values from help output
    • Interactive prompts: Ask users for input when flags/options are missing
    • Environment-based defaults: Check environment variables or config files dynamically
    • Auto-discovery: Automatically find files or resources when not specified
    • Async support: Handle both synchronous and asynchronous fallback logic

    The onMissing callback is used as a fallback when defaultValue is not provided, following the precedence order: environment variables → defaultValue → onMissing → type defaults.

    New APIs:

    • flag({ onMissing: () => boolean | Promise })
    • option({ onMissing: () => T | Promise })
    • multioption({ onMissing: () => T[] | Promise<T[]> })
    • Custom Type interface now supports onMissing property

v0.14.1

Patch Changes

  • 46bf4a7: fix: properly reconstruct original argument strings in rest combinator
Changelog

Sourced from cmd-ts's changelog.

0.14.3

Patch Changes

  • e0afa2f: handle circuit breaker (--help and --version) before parsing arguments

0.14.2

Patch Changes

  • 87565b2: Added onMissing callback support to flags, options, and custom types

    That allows providing dynamic fallback values when command-line arguments are not provided, This enables:

    • Hiding default values from help output
    • Interactive prompts: Ask users for input when flags/options are missing
    • Environment-based defaults: Check environment variables or config files dynamically
    • Auto-discovery: Automatically find files or resources when not specified
    • Async support: Handle both synchronous and asynchronous fallback logic

    The onMissing callback is used as a fallback when defaultValue is not provided, following the precedence order: environment variables → defaultValue → onMissing → type defaults.

    New APIs:

    • flag({ onMissing: () => boolean | Promise })
    • option({ onMissing: () => T | Promise })
    • multioption({ onMissing: () => T[] | Promise<T[]> })
    • Custom Type interface now supports onMissing property

0.14.1

Patch Changes

  • 46bf4a7: fix: properly reconstruct original argument strings in rest combinator

0.14.0

Minor Changes

  • a1afb05: --help exits with statuscode 0
Commits

Updates semver from 7.7.3 to 7.7.4

Release notes

Sourced from semver's releases.

v7.7.4

7.7.4 (2026-01-16)

Bug Fixes

Documentation

Dependencies

Chores

Changelog

Sourced from semver's changelog.

7.7.4 (2026-01-16)

Bug Fixes

Documentation

Dependencies

Chores

Commits
  • 5993c2e chore: release 7.7.4 (#839)
  • 120968b deps: @​npmcli/template-oss@​4.29.0 (#840)
  • a29faa5 fix(cli): pass options to semver.valid() for loose version validation (#835)
  • 1d28d5e docs: fix typos and update -n CLI option documentation (#836)
  • 5816d4c chore: bump @​npmcli/template-oss from 4.28.0 to 4.28.1 (#829)
  • ab9e28a chore: bump @​npmcli/template-oss from 4.27.1 to 4.28.0 (#827)
  • 44d7130 chore: bump @​npmcli/eslint-config from 5.1.0 to 6.0.0 (#824)
  • 7073576 chore: reorder parameters in invalid-versions.js test (#820)
  • 16a35f5 chore: bump @​npmcli/template-oss from 4.26.0 to 4.27.1 (#823)
  • 3a3459d chore: bump @​npmcli/template-oss from 4.25.1 to 4.26.0 (#818)
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the dependencies group across 1 directory with 7 up…
a1916fd 
…dates

Bumps the dependencies group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.0` | `19.2.4` |
| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.0` | `19.2.4` |
| [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom) | `6.30.0` | `6.30.3` |
| [react-syntax-highlighter](https://github.com/react-syntax-highlighter/react-syntax-highlighter) | `15.6.1` | `15.6.6` |
| [scheduler](https://github.com/facebook/react/tree/HEAD/packages/scheduler) | `0.26.0` | `0.27.0` |
| [cmd-ts](https://github.com/Schniz/cmd-ts) | `0.13.0` | `0.14.3` |
| [semver](https://github.com/npm/node-semver) | `7.7.3` | `7.7.4` |



Updates `react` from 19.2.0 to 19.2.4
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.4/packages/react)

Updates `react-dom` from 19.2.0 to 19.2.4
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.4/packages/react-dom)

Updates `react-router-dom` from 6.30.0 to 6.30.3
- [Release notes](https://github.com/remix-run/react-router/releases)
- [Changelog](https://github.com/remix-run/react-router/blob/main/CHANGELOG.md)
- [Commits](https://github.com/remix-run/react-router/commits/react-router-dom@6.30.3/packages/react-router-dom)

Updates `react-syntax-highlighter` from 15.6.1 to 15.6.6
- [Release notes](https://github.com/react-syntax-highlighter/react-syntax-highlighter/releases)
- [Changelog](https://github.com/react-syntax-highlighter/react-syntax-highlighter/blob/master/CHANGELOG.MD)
- [Commits](react-syntax-highlighter/react-syntax-highlighter@v15.6.1...v15.6.6)

Updates `scheduler` from 0.26.0 to 0.27.0
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/HEAD/packages/scheduler)

Updates `cmd-ts` from 0.13.0 to 0.14.3
- [Release notes](https://github.com/Schniz/cmd-ts/releases)
- [Changelog](https://github.com/Schniz/cmd-ts/blob/main/CHANGELOG.md)
- [Commits](Schniz/cmd-ts@v0.13.0...v0.14.3)

Updates `semver` from 7.7.3 to 7.7.4
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md)
- [Commits](npm/node-semver@v7.7.3...v7.7.4)

---
updated-dependencies:
- dependency-name: react
  dependency-version: 19.2.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: react-dom
  dependency-version: 19.2.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: react-router-dom
  dependency-version: 6.30.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: react-syntax-highlighter
  dependency-version: 15.6.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: scheduler
  dependency-version: 0.27.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: cmd-ts
  dependency-version: 0.14.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: semver
  dependency-version: 7.7.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Feb 11, 2026
@dependabot dependabot bot requested a review from a team as a code owner February 11, 2026 05:09
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Feb 11, 2026
@socket-security
Copy link

socket-security bot commented Feb 11, 2026

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Updatedreact-router-dom@​6.30.0 ⏵ 6.30.3971007598 +1100
Updated@​types/​react@​19.2.6 ⏵ 19.2.13100 +110079 +196100
Updatedcmd-ts@​0.13.0 ⏵ 0.14.399 +1100100 +182100
Updatedreact@​19.2.0 ⏵ 19.2.41001008497100
Updatedreact-syntax-highlighter@​15.6.1 ⏵ 15.6.689 +110099 +187100
Updatedsemver@​7.7.3 ⏵ 7.7.410010010092100
Updatedreact-dom@​19.2.0 ⏵ 19.2.41001009298100

View full report

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants