Bump @remix-run/router and react-router-dom #149

Closed

dependabot[bot] wants to merge 1 commits from dependabot/npm_and_yarn/multi-5c7f151553 into main

pull from: dependabot/npm_and_yarn/multi-5c7f151553

merge into: frishi:main

frishi:main

frishi:dep-hell

frishi:dependabot/npm_and_yarn/picomatch-2.3.2

frishi:dependabot/npm_and_yarn/multi-c136cad177

frishi:dependabot/npm_and_yarn/flatted-3.4.2

frishi:dependabot/npm_and_yarn/socket.io-parser-4.2.6

frishi:dependabot/npm_and_yarn/underscore-1.13.8

frishi:dependabot/npm_and_yarn/svgo-4.0.1

frishi:graphql-refactor

frishi:react-19-upgrade

frishi:airdcpp-regression

frishi:comicvine-integration-improvements

frishi:qbittorrent-integration

frishi:dark-mode-3

frishi:dark-mode-2

frishi:dark-mode-refactor

frishi:dark-mode-refactor-2

frishi:comic-detail-react-query

frishi:zustand-react-query-navbar

frishi:qbittorrent-settings-form

frishi:move-to-zustand-react-query

frishi:import-queue-progress

frishi:service-statuses-settings

frishi:80-vite-env-var-hostname-fix

frishi:76-hostname-docker-context-fix

frishi:71-dockerfile-update

frishi:comicvine-import-improvements

frishi:bugfix-#59

frishi:relocating-screenshots

frishi:storybook-7-upgrade

frishi:elasticsearch-upgrade-fix

frishi:vite-build-system

frishi:funding-fix

frishi:funding

frishi:service-statuses

frishi:dcpp-socket-status

frishi:dev

frishi:rishighan-screenshots-dec-2022

Conversation 1 Commits 1 Files Changed 3 +1661 -561

dependabot[bot] commented 2026-02-25 14:20:01 +00:00 (Migrated from github.com)

Copy Link

Bumps @remix-run/router to 1.23.2 and updates ancestor dependency react-router-dom. These dependencies need to be updated together.

Updates @remix-run/router from 1.14.2 to 1.23.2

Changelog

Sourced from @​remix-run/router's changelog.

1.23.2

Patch Changes

• Validate redirect locations (#14707)

1.23.1

Patch Changes

• Normalize double-slashes in resolvePath (#14537)

1.23.0

Minor Changes

• Add fetcherKey as a parameter to patchRoutesOnNavigation (#13109)

Patch Changes

• Fix regression introduced in 6.29.0 via #12169 that caused issues navigating to hash routes inside splat routes for applications using Lazy Route Discovery (patchRoutesOnNavigation) (#13108)

1.22.0

Minor Changes

• Provide the request signal as a parameter to patchRoutesOnNavigation (#12900)

  • This can be used to abort any manifest fetches if the in-flight navigation/fetcher is aborted

Patch Changes

• Do not log v7 deprecation warnings in production builds (#12794)
• Strip search parameters from patchRoutesOnNavigation path param for fetcher calls (#12899)
• Properly bubble headers when throwing a data() result (#12845)
• Optimize route matching by skipping redundant matchRoutes calls when possible (#12169)

1.21.1

Patch Changes

• • Fix issue with fetcher data cleanup in the data layer on fetcher unmount (#12674)
  • Fix behavior of manual fetcher keys when not opted into future.v7_fetcherPersist

1.21.0

Minor Changes

• • Log deprecation warnings for v7 flags (#11750)
  • Add deprecation warnings to json/defer in favor of returning raw objects

... (truncated)

Commits

• c662ca3 chore: Update version for release (#14713)
• 98ad691 chore: Update version for release (pre-v6) (#14710)
• 2fbb84c Validate redirect locations (v6) (#14707)
• 26b5d45 chore: Update version for release (#14541)
• 919f8a8 chore: Update version for release (pre-v6) (#14540)
• 69bf705 Normalize double slashes in resolvePath (#14537)
• e4ba522 chore: Update version for release (#13128)
• f0bc784 chore: Update version for release (pre-v6) (#13111)
• 2585e54 Add fetcherKey as parameter to patchRoutesOnNavigation (#13109)
• 4f93036 Fix hash issue for matchRoutes optimization (#13108)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​remix-run/router since your current version.

Updates react-router-dom from 6.21.3 to 6.30.3

Changelog

Sourced from react-router-dom's changelog.

v6.30.3

Date: 2026-01-07

Security Notice

This release addresses 1 security vulnerability:

• XSS via Open Redirects

Patch Changes

• Validate redirect locations (#14707)

Full Changelog: v6.30.2...v6.30.3

v6.30.2

Date: 2025-11-13

Security Notice

This release addresses 1 security vulnerability:

• Unexpected external redirect via untrusted paths

Patch Changes

• Normalize double-slashes in resolvePath (#14537)

Full Changelog: v6.30.1...v6.30.2

v6.30.1

Date: 2025-05-20

Patch Changes

• Partially revert optimization added in 6.29.0 to reduce calls to matchRoutes because it surfaced other issues (#13623)
• Stop logging invalid warning when v7_relativeSplatPath is set to false (#13502)

Full Changelog: v6.30.0...v6.30.1

v6.30.0

Date: 2025-02-27

Minor Changes

• Add fetcherKey as a parameter to patchRoutesOnNavigation (#13109)

... (truncated)

Commits

• c662ca3 chore: Update version for release (#14713)
• 98ad691 chore: Update version for release (pre-v6) (#14710)
• 26b5d45 chore: Update version for release (#14541)
• 919f8a8 chore: Update version for release (pre-v6) (#14540)
• 3f2400e chore: Update version for release (#13647)
• 25a264d chore: Update version for release (pre-v6) (#13638)
• e4ba522 chore: Update version for release (#13128)
• f0bc784 chore: Update version for release (pre-v6) (#13111)
• d9ed824 Fix up changelogs
• cc8b8ce chore: Update version for release (#12911)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for react-router-dom since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [@remix-run/router](https://github.com/remix-run/react-router/tree/HEAD/packages/router) to 1.23.2 and updates ancestor dependency [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom). These dependencies need to be updated together. Updates `@remix-run/router` from 1.14.2 to 1.23.2 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/remix-run/react-router/blob/@remix-run/router@1.23.2/packages/router/CHANGELOG.md"><code>@​remix-run/router</code>'s changelog</a>.</em></p> <blockquote> <h2>1.23.2</h2> <h3>Patch Changes</h3> <ul> <li>Validate redirect locations (<a href="https://redirect.github.com/remix-run/react-router/pull/14707">#14707</a>)</li> </ul> <h2>1.23.1</h2> <h3>Patch Changes</h3> <ul> <li>Normalize double-slashes in <code>resolvePath</code> (<a href="https://redirect.github.com/remix-run/react-router/pull/14537">#14537</a>)</li> </ul> <h2>1.23.0</h2> <h3>Minor Changes</h3> <ul> <li>Add <code>fetcherKey</code> as a parameter to <code>patchRoutesOnNavigation</code> (<a href="https://redirect.github.com/remix-run/react-router/pull/13109">#13109</a>)</li> </ul> <h3>Patch Changes</h3> <ul> <li>Fix regression introduced in <code>6.29.0</code> via <a href="https://redirect.github.com/remix-run/react-router/pull/12169">#12169</a> that caused issues navigating to hash routes inside splat routes for applications using Lazy Route Discovery (<code>patchRoutesOnNavigation</code>) (<a href="https://redirect.github.com/remix-run/react-router/pull/13108">#13108</a>)</li> </ul> <h2>1.22.0</h2> <h3>Minor Changes</h3> <ul> <li> <p>Provide the request <code>signal</code> as a parameter to <code>patchRoutesOnNavigation</code> (<a href="https://redirect.github.com/remix-run/react-router/pull/12900">#12900</a>)</p> <ul> <li>This can be used to abort any manifest fetches if the in-flight navigation/fetcher is aborted</li> </ul> </li> </ul> <h3>Patch Changes</h3> <ul> <li>Do not log v7 deprecation warnings in production builds (<a href="https://redirect.github.com/remix-run/react-router/pull/12794">#12794</a>)</li> <li>Strip search parameters from <code>patchRoutesOnNavigation</code> <code>path</code> param for fetcher calls (<a href="https://redirect.github.com/remix-run/react-router/pull/12899">#12899</a>)</li> <li>Properly bubble headers when throwing a <code>data()</code> result (<a href="https://redirect.github.com/remix-run/react-router/pull/12845">#12845</a>)</li> <li>Optimize route matching by skipping redundant <code>matchRoutes</code> calls when possible (<a href="https://redirect.github.com/remix-run/react-router/pull/12169">#12169</a>)</li> </ul> <h2>1.21.1</h2> <h3>Patch Changes</h3> <ul> <li> <ul> <li>Fix issue with fetcher data cleanup in the data layer on fetcher unmount (<a href="https://redirect.github.com/remix-run/react-router/pull/12674">#12674</a>)</li> <li>Fix behavior of manual fetcher keys when not opted into <code>future.v7_fetcherPersist</code></li> </ul> </li> </ul> <h2>1.21.0</h2> <h3>Minor Changes</h3> <ul> <li> <ul> <li>Log deprecation warnings for v7 flags (<a href="https://redirect.github.com/remix-run/react-router/pull/11750">#11750</a>)</li> <li>Add deprecation warnings to <code>json</code>/<code>defer</code> in favor of returning raw objects</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/remix-run/react-router/commit/c662ca366a414bf42624dd6cd20a7c414b2602e3"><code>c662ca3</code></a> chore: Update version for release (<a href="https://github.com/remix-run/react-router/tree/HEAD/packages/router/issues/14713">#14713</a>)</li> <li><a href="https://github.com/remix-run/react-router/commit/98ad6912daec8df0d911f786f18006048efd7ade"><code>98ad691</code></a> chore: Update version for release (pre-v6) (<a href="https://github.com/remix-run/react-router/tree/HEAD/packages/router/issues/14710">#14710</a>)</li> <li><a href="https://github.com/remix-run/react-router/commit/2fbb84c83dae3695a0435beb0c3c0b467b7c2da2"><code>2fbb84c</code></a> Validate redirect locations (v6) (<a href="https://github.com/remix-run/react-router/tree/HEAD/packages/router/issues/14707">#14707</a>)</li> <li><a href="https://github.com/remix-run/react-router/commit/26b5d4581fb2829dc7eaeaad413de4735173a6eb"><code>26b5d45</code></a> chore: Update version for release (<a href="https://github.com/remix-run/react-router/tree/HEAD/packages/router/issues/14541">#14541</a>)</li> <li><a href="https://github.com/remix-run/react-router/commit/919f8a86b95f0c8956e3820743503d5609f572cd"><code>919f8a8</code></a> chore: Update version for release (pre-v6) (<a href="https://github.com/remix-run/react-router/tree/HEAD/packages/router/issues/14540">#14540</a>)</li> <li><a href="https://github.com/remix-run/react-router/commit/69bf7056f1540918a0324e0af215978cdaf5d486"><code>69bf705</code></a> Normalize double slashes in resolvePath (<a href="https://github.com/remix-run/react-router/tree/HEAD/packages/router/issues/14537">#14537</a>)</li> <li><a href="https://github.com/remix-run/react-router/commit/e4ba5224c911e070b1eabd12cff2aa581270dfb3"><code>e4ba522</code></a> chore: Update version for release (<a href="https://github.com/remix-run/react-router/tree/HEAD/packages/router/issues/13128">#13128</a>)</li> <li><a href="https://github.com/remix-run/react-router/commit/f0bc784ce8951cc5ed67bf6d48d9c132b9bdc621"><code>f0bc784</code></a> chore: Update version for release (pre-v6) (<a href="https://github.com/remix-run/react-router/tree/HEAD/packages/router/issues/13111">#13111</a>)</li> <li><a href="https://github.com/remix-run/react-router/commit/2585e54ecf98185fb07dfd1abd1b2da6effd3eb4"><code>2585e54</code></a> Add fetcherKey as parameter to patchRoutesOnNavigation (<a href="https://github.com/remix-run/react-router/tree/HEAD/packages/router/issues/13109">#13109</a>)</li> <li><a href="https://github.com/remix-run/react-router/commit/4f930367cd66f4c48a5dff9b77bda93314f4c958"><code>4f93036</code></a> Fix hash issue for matchRoutes optimization (<a href="https://github.com/remix-run/react-router/tree/HEAD/packages/router/issues/13108">#13108</a>)</li> <li>Additional commits viewable in <a href="https://github.com/remix-run/react-router/commits/@remix-run/router@1.23.2/packages/router">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by [GitHub Actions](<a href="https://www.npmjs.com/~GitHub">https://www.npmjs.com/~GitHub</a> Actions), a new releaser for <code>@​remix-run/router</code> since your current version.</p> </details> <br /> Updates `react-router-dom` from 6.21.3 to 6.30.3 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/remix-run/react-router/blob/main/CHANGELOG.md">react-router-dom's changelog</a>.</em></p> <blockquote> <h2>v6.30.3</h2> <p>Date: 2026-01-07</p> <h3>Security Notice</h3> <p>This release addresses 1 security vulnerability:</p> <ul> <li><a href="https://github.com/remix-run/react-router/security/advisories/GHSA-2w69-qvjg-hvjx">XSS via Open Redirects</a></li> </ul> <h3>Patch Changes</h3> <ul> <li>Validate redirect locations (<a href="https://redirect.github.com/remix-run/react-router/pull/14707">#14707</a>)</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/remix-run/react-router/compare/react-router@6.30.2...react-router@6.30.3"><code>v6.30.2...v6.30.3</code></a></p> <h2>v6.30.2</h2> <p>Date: 2025-11-13</p> <h3>Security Notice</h3> <p>This release addresses 1 security vulnerability:</p> <ul> <li><a href="https://github.com/remix-run/react-router/security/advisories/GHSA-9jcx-v3wj-wh4m">Unexpected external redirect via untrusted paths</a></li> </ul> <h3>Patch Changes</h3> <ul> <li>Normalize double-slashes in <code>resolvePath</code> (<a href="https://redirect.github.com/remix-run/react-router/pull/14537">#14537</a>)</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/remix-run/react-router/compare/react-router@6.30.1...react-router@6.30.2"><code>v6.30.1...v6.30.2</code></a></p> <h2>v6.30.1</h2> <p>Date: 2025-05-20</p> <h3>Patch Changes</h3> <ul> <li>Partially revert optimization added in <code>6.29.0</code> to reduce calls to <code>matchRoutes</code> because it surfaced other issues (<a href="https://redirect.github.com/remix-run/react-router/pull/13623">#13623</a>)</li> <li>Stop logging invalid warning when <code>v7_relativeSplatPath</code> is set to <code>false</code> (<a href="https://redirect.github.com/remix-run/react-router/pull/13502">#13502</a>)</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/remix-run/react-router/compare/react-router@6.30.0...react-router@6.30.1"><code>v6.30.0...v6.30.1</code></a></p> <h2>v6.30.0</h2> <p>Date: 2025-02-27</p> <h3>Minor Changes</h3> <ul> <li>Add <code>fetcherKey</code> as a parameter to <code>patchRoutesOnNavigation</code> (<a href="https://redirect.github.com/remix-run/react-router/pull/13109">#13109</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/remix-run/react-router/commit/c662ca366a414bf42624dd6cd20a7c414b2602e3"><code>c662ca3</code></a> chore: Update version for release (<a href="https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom/issues/14713">#14713</a>)</li> <li><a href="https://github.com/remix-run/react-router/commit/98ad6912daec8df0d911f786f18006048efd7ade"><code>98ad691</code></a> chore: Update version for release (pre-v6) (<a href="https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom/issues/14710">#14710</a>)</li> <li><a href="https://github.com/remix-run/react-router/commit/26b5d4581fb2829dc7eaeaad413de4735173a6eb"><code>26b5d45</code></a> chore: Update version for release (<a href="https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom/issues/14541">#14541</a>)</li> <li><a href="https://github.com/remix-run/react-router/commit/919f8a86b95f0c8956e3820743503d5609f572cd"><code>919f8a8</code></a> chore: Update version for release (pre-v6) (<a href="https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom/issues/14540">#14540</a>)</li> <li><a href="https://github.com/remix-run/react-router/commit/3f2400e9a7e255953afef3d29126db2efb6c08ab"><code>3f2400e</code></a> chore: Update version for release (<a href="https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom/issues/13647">#13647</a>)</li> <li><a href="https://github.com/remix-run/react-router/commit/25a264d87bce0bd5f0170e99a3dcad3a61a5f080"><code>25a264d</code></a> chore: Update version for release (pre-v6) (<a href="https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom/issues/13638">#13638</a>)</li> <li><a href="https://github.com/remix-run/react-router/commit/e4ba5224c911e070b1eabd12cff2aa581270dfb3"><code>e4ba522</code></a> chore: Update version for release (<a href="https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom/issues/13128">#13128</a>)</li> <li><a href="https://github.com/remix-run/react-router/commit/f0bc784ce8951cc5ed67bf6d48d9c132b9bdc621"><code>f0bc784</code></a> chore: Update version for release (pre-v6) (<a href="https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom/issues/13111">#13111</a>)</li> <li><a href="https://github.com/remix-run/react-router/commit/d9ed8241d677de006a9bfe808d32fe4582184dad"><code>d9ed824</code></a> Fix up changelogs</li> <li><a href="https://github.com/remix-run/react-router/commit/cc8b8cebe241c1464424e1a66d1f3e3bfa5bdd4d"><code>cc8b8ce</code></a> chore: Update version for release (<a href="https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom/issues/12911">#12911</a>)</li> <li>Additional commits viewable in <a href="https://github.com/remix-run/react-router/commits/react-router-dom@6.30.3/packages/react-router-dom">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by [GitHub Actions](<a href="https://www.npmjs.com/~GitHub">https://www.npmjs.com/~GitHub</a> Actions), a new releaser for react-router-dom since your current version.</p> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/rishighan/threetwo/network/alerts). </details>

dependabot[bot] commented 2026-02-25 21:58:58 +00:00 (Migrated from github.com)

Copy Link

Looks like these dependencies are no longer a dependency, so this is no longer needed.

Looks like these dependencies are no longer a dependency, so this is no longer needed.

Pull request closed

This pull request cannot be reopened because the branch was deleted.

Sign in to join this conversation.

Reviewers

No Reviewers

Labels

Clear labels

P0

Game-stopping bug

bug

Something isn't working

catch-all

Holding place for similar issues

dependencies

Pull requests that update a dependency file

documentation

Improvements or additions to documentation

duplicate

This issue or pull request already exists

enhancement

New feature or request

fix

good first issue

Good for newcomers

help wanted

Extra attention is needed

invalid

This doesn't seem right

javascript

Pull requests that update javascript code

major

question

Further information is requested

refactor

tech debt

testing-required

Fix issued, but tests are pending

wontfix

This will not be worked on

No Label dependencies javascript

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

frishi

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: frishi/threetwo#149