Skip to content

chore(deps): bump the dependencies group across 1 directory with 8 updates#548

Merged
axis-d0op merged 1 commit intomainfrom
dependabot/npm_and_yarn/dependencies-0867f8324c
Mar 13, 2026
Merged

chore(deps): bump the dependencies group across 1 directory with 8 updates#548
axis-d0op merged 1 commit intomainfrom
dependabot/npm_and_yarn/dependencies-0867f8324c

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 11, 2026
edited
Loading

Bumps the dependencies group with 8 updates in the / directory:

Package From To
react 19.2.0 19.2.4
react-dom 19.2.0 19.2.4
react-router-dom 6.30.0 6.30.3
react-syntax-highlighter 15.6.1 15.6.6
scheduler 0.26.0 0.27.0
@griffel/react 1.5.32 1.6.1
cmd-ts 0.13.0 0.15.0
semver 7.7.3 7.7.4

Updates react from 19.2.0 to 19.2.4

Release notes

Sourced from react's releases.

19.2.4 (January 26th, 2026)

React Server Components

19.2.3 (December 11th, 2025)

React Server Components

19.2.2 (December 11th, 2025)

React Server Components

19.2.1 (December 3rd, 2025)

React Server Components

Changelog

Sourced from react's changelog.

19.2.1 (Dec 3, 2025)

React Server Components

Commits

Updates react-dom from 19.2.0 to 19.2.4

Release notes

Sourced from react-dom's releases.

19.2.4 (January 26th, 2026)

React Server Components

19.2.3 (December 11th, 2025)

React Server Components

19.2.2 (December 11th, 2025)

React Server Components

19.2.1 (December 3rd, 2025)

React Server Components

Changelog

Sourced from react-dom's changelog.

19.2.1 (Dec 3, 2025)

React Server Components

Commits

Updates react-router-dom from 6.30.0 to 6.30.3

Changelog

Sourced from react-router-dom's changelog.

v6.30.3

Date: 2026-01-07

Security Notice

This release addresses 1 security vulnerability:

Patch Changes

  • Validate redirect locations (#14707)

Full Changelog: v6.30.2...v6.30.3

v6.30.2

Date: 2025-11-13

Security Notice

This release addresses 1 security vulnerability:

Patch Changes

  • Normalize double-slashes in resolvePath (#14537)

Full Changelog: v6.30.1...v6.30.2

v6.30.1

Date: 2025-05-20

Patch Changes

  • Partially revert optimization added in 6.29.0 to reduce calls to matchRoutes because it surfaced other issues (#13623)
  • Stop logging invalid warning when v7_relativeSplatPath is set to false (#13502)

Full Changelog: v6.30.0...v6.30.1

Commits
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for react-router-dom since your current version.


Updates react-syntax-highlighter from 15.6.1 to 15.6.6

Release notes

Sourced from react-syntax-highlighter's releases.

v15.6.6

Updated overrides block attempting to solve transitive prismjs dependency issue:

"overrides": {
    "prismjs": "^1.30.0",
    "refractor": {
      "prismjs": "^1.30.0"
    }
  }

Full Changelog: react-syntax-highlighter/react-syntax-highlighter@v15.6.5...v15.6.6

v15.6.5

What's Changed

New Contributors

Full Changelog: react-syntax-highlighter/react-syntax-highlighter@v15.6.4...v15.6.5

v15.6.4

What's Changed

Full Changelog: react-syntax-highlighter/react-syntax-highlighter@v15.6.3...v15.6.4

v15.6.3

What's Changed

New Contributors

Full Changelog: react-syntax-highlighter/react-syntax-highlighter@v15.6.2...v15.6.3

v15.6.2

What's Changed

... (truncated)

Changelog

Sourced from react-syntax-highlighter's changelog.

Changelog

Commits

Updates scheduler from 0.26.0 to 0.27.0

Commits

Updates @griffel/react from 1.5.32 to 1.6.1

Commits

Updates cmd-ts from 0.13.0 to 0.15.0

Release notes

Sourced from cmd-ts's releases.

v0.15.0

Minor Changes

  • 0366d4f: Add pluggable help formatters with HelpFormatter interface and setDefaultHelpFormatter() API. This allows customizing how CLI help is rendered. Also adds:
    • examples option to commands and subcommands for documenting usage examples
    • cmd-ts/batteries/vercelFormatter - a Vercel-style help formatter with column-aligned output

v0.14.3

Patch Changes

  • e0afa2f: handle circuit breaker (--help and --version) before parsing arguments

v0.14.2

Patch Changes

  • 87565b2: Added onMissing callback support to flags, options, and custom types

    That allows providing dynamic fallback values when command-line arguments are not provided, This enables:

    • Hiding default values from help output
    • Interactive prompts: Ask users for input when flags/options are missing
    • Environment-based defaults: Check environment variables or config files dynamically
    • Auto-discovery: Automatically find files or resources when not specified
    • Async support: Handle both synchronous and asynchronous fallback logic

    The onMissing callback is used as a fallback when defaultValue is not provided, following the precedence order: environment variables → defaultValue → onMissing → type defaults.

    New APIs:

    • flag({ onMissing: () => boolean | Promise })
    • option({ onMissing: () => T | Promise })
    • multioption({ onMissing: () => T[] | Promise<T[]> })
    • Custom Type interface now supports onMissing property

v0.14.1

Patch Changes

  • 46bf4a7: fix: properly reconstruct original argument strings in rest combinator
Changelog

Sourced from cmd-ts's changelog.

0.15.0

Minor Changes

  • 0366d4f: Add pluggable help formatters with HelpFormatter interface and setDefaultHelpFormatter() API. This allows customizing how CLI help is rendered. Also adds:
    • examples option to commands and subcommands for documenting usage examples
    • cmd-ts/batteries/vercelFormatter - a Vercel-style help formatter with column-aligned output

0.14.4

Patch Changes

  • bcd5d02: better multiline error formatting

0.14.3

Patch Changes

  • e0afa2f: handle circuit breaker (--help and --version) before parsing arguments

0.14.2

Patch Changes

  • 87565b2: Added onMissing callback support to flags, options, and custom types

    That allows providing dynamic fallback values when command-line arguments are not provided, This enables:

    • Hiding default values from help output
    • Interactive prompts: Ask users for input when flags/options are missing
    • Environment-based defaults: Check environment variables or config files dynamically
    • Auto-discovery: Automatically find files or resources when not specified
    • Async support: Handle both synchronous and asynchronous fallback logic

    The onMissing callback is used as a fallback when defaultValue is not provided, following the precedence order: environment variables → defaultValue → onMissing → type defaults.

    New APIs:

    • flag({ onMissing: () => boolean | Promise })
    • option({ onMissing: () => T | Promise })
    • multioption({ onMissing: () => T[] | Promise<T[]> })
    • Custom Type interface now supports onMissing property

0.14.1

Patch Changes

  • 46bf4a7: fix: properly reconstruct original argument strings in rest combinator

0.14.0

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for cmd-ts since your current version.


Updates semver from 7.7.3 to 7.7.4

Release notes

Sourced from semver's releases.

v7.7.4

7.7.4 (2026-01-16)

Bug Fixes

Documentation

Dependencies

Chores

Changelog

Sourced from semver's changelog.

7.7.4 (2026-01-16)

Bug Fixes

Documentation

Dependencies

Chores

Commits
  • 5993c2e chore: release 7.7.4 (#839)
  • 120968b deps: @​npmcli/template-oss@​4.29.0 (#840)
  • a29faa5 fix(cli): pass options to semver.valid() for loose version validation (#835)
  • 1d28d5e docs: fix typos and update -n CLI option documentation (#836)
  • 5816d4c chore: bump @​npmcli/template-oss from 4.28.0 to 4.28.1 (#829)
  • ab9e28a chore: bump @​npmcli/template-oss from 4.27.1 to 4.28.0 (#827)
  • 44d7130 chore: bump @​npmcli/eslint-config from 5.1.0 to 6.0.0 (#824)
  • 7073576 chore: reorder parameters in invalid-versions.js test (#820)
  • 16a35f5 chore: bump @​npmcli/template-oss from 4.26.0 to 4.27.1 (#823)
  • 3a3459d chore: bump @​npmcli/template-oss from 4.25.1 to 4.26.0 (#818)
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Mar 11, 2026
@dependabot dependabot bot requested a review from a team as a code owner March 11, 2026 05:10
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Mar 11, 2026
@socket-security
Copy link

socket-security bot commented Mar 11, 2026
edited
Loading

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Updatedreact-router-dom@​6.30.0 ⏵ 6.30.3961007597100
Updated@​types/​react@​19.2.6 ⏵ 19.2.14100 +110079 +192 -1100
Updatedreact@​19.2.0 ⏵ 19.2.41001008497100
Updatedcmd-ts@​0.13.0 ⏵ 0.15.099 +1100100 +188 +2100
Updatedreact-syntax-highlighter@​15.6.1 ⏵ 15.6.689 +110099 +191 -1100
Updatedreact-dom@​19.2.0 ⏵ 19.2.41001009298100
Added@​griffel/​react@​1.6.110010010094100

View full report

@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/dependencies-0867f8324c branch from 91a776b to b9f2a94 Compare March 11, 2026 09:43
@axis-d0op
Copy link
Contributor

axis-d0op commented Mar 12, 2026

@dependabot recreate

@dependabot
chore(deps): bump the dependencies group across 1 directory with 8 up…
2c6674a 
…dates

Bumps the dependencies group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.0` | `19.2.4` |
| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.0` | `19.2.4` |
| [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom) | `6.30.0` | `6.30.3` |
| [react-syntax-highlighter](https://github.com/react-syntax-highlighter/react-syntax-highlighter) | `15.6.1` | `15.6.6` |
| [scheduler](https://github.com/facebook/react/tree/HEAD/packages/scheduler) | `0.26.0` | `0.27.0` |
| [@griffel/react](https://github.com/microsoft/griffel) | `1.5.32` | `1.6.1` |
| [cmd-ts](https://github.com/Schniz/cmd-ts) | `0.13.0` | `0.15.0` |
| [semver](https://github.com/npm/node-semver) | `7.7.3` | `7.7.4` |



Updates `react` from 19.2.0 to 19.2.4
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.4/packages/react)

Updates `react-dom` from 19.2.0 to 19.2.4
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.4/packages/react-dom)

Updates `react-router-dom` from 6.30.0 to 6.30.3
- [Release notes](https://github.com/remix-run/react-router/releases)
- [Changelog](https://github.com/remix-run/react-router/blob/main/CHANGELOG.md)
- [Commits](https://github.com/remix-run/react-router/commits/react-router-dom@6.30.3/packages/react-router-dom)

Updates `react-syntax-highlighter` from 15.6.1 to 15.6.6
- [Release notes](https://github.com/react-syntax-highlighter/react-syntax-highlighter/releases)
- [Changelog](https://github.com/react-syntax-highlighter/react-syntax-highlighter/blob/master/CHANGELOG.MD)
- [Commits](react-syntax-highlighter/react-syntax-highlighter@v15.6.1...v15.6.6)

Updates `scheduler` from 0.26.0 to 0.27.0
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/HEAD/packages/scheduler)

Updates `@griffel/react` from 1.5.32 to 1.6.1
- [Commits](https://github.com/microsoft/griffel/commits)

Updates `cmd-ts` from 0.13.0 to 0.15.0
- [Release notes](https://github.com/Schniz/cmd-ts/releases)
- [Changelog](https://github.com/Schniz/cmd-ts/blob/main/CHANGELOG.md)
- [Commits](Schniz/cmd-ts@v0.13.0...v0.15.0)

Updates `semver` from 7.7.3 to 7.7.4
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md)
- [Commits](npm/node-semver@v7.7.3...v7.7.4)

---
updated-dependencies:
- dependency-name: react
  dependency-version: 19.2.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: react-dom
  dependency-version: 19.2.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: react-router-dom
  dependency-version: 6.30.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: react-syntax-highlighter
  dependency-version: 15.6.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: scheduler
  dependency-version: 0.27.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: "@griffel/react"
  dependency-version: 1.6.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: cmd-ts
  dependency-version: 0.15.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: semver
  dependency-version: 7.7.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/dependencies-0867f8324c branch from b9f2a94 to 2c6674a Compare March 12, 2026 09:40
axis-d0op
axis-d0op approved these changes Mar 13, 2026
View reviewed changes
Copy link
Contributor

@axis-d0op axis-d0op left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

OK

@axis-d0op axis-d0op merged commit 186c19e into main Mar 13, 2026
10 checks passed
@axis-d0op axis-d0op deleted the dependabot/npm_and_yarn/dependencies-0867f8324c branch March 13, 2026 14:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@axis-d0op axis-d0op axis-d0op approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@axis-d0op