Skip to content

chore(deps): update bump npm dependencies#915

Open
renovate[bot] wants to merge 1 commit intomasterfrom
renovate/bump-dependencies-npm
Open

chore(deps): update bump npm dependencies#915
renovate[bot] wants to merge 1 commit intomasterfrom
renovate/bump-dependencies-npm

Conversation

@renovate
Copy link
Copy Markdown
Contributor

@renovate renovate Bot commented Feb 11, 2026
edited
Loading

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package Change Age Confidence
@types/react (source) 19.2.1319.2.14 age confidence
@uiw/codemirror-theme-material (source) 4.25.44.25.9 age confidence
@uiw/react-codemirror (source) 4.25.44.25.9 age confidence
@vitejs/plugin-react (source) 5.1.35.2.0 age confidence
eslint (source) 10.2.110.3.0 age confidence
get-port 7.1.07.2.0 age confidence
mobx (source) 6.15.06.15.2 age confidence
prettier (source) 3.8.13.8.3 age confidence
puppeteer (source) 24.37.224.43.0 age confidence
react (source) 19.2.419.2.5 age confidence
react-dom (source) 19.2.419.2.5 age confidence
react-router (source) 7.13.07.15.0 age confidence
react-router-dom (source) 7.13.07.15.0 age confidence
react-virtuoso (source) 4.18.14.18.6 age confidence
rimraf 6.1.26.1.3 age confidence
typescript-eslint (source) 8.54.08.59.2 age confidence
vite (source) 8.0.88.0.10 age confidence
vitest (source) 4.0.184.1.5 age confidence
wait-on 9.0.39.0.5 age confidence

Release Notes

uiwjs/react-codemirror (@​uiw/codemirror-theme-material)

v4.25.9

Compare Source

Buy me a coffee

Documentation v4.25.9: https://raw.githack.com/uiwjs/react-codemirror/6b3db64/index.html
Comparing Changes: uiwjs/react-codemirror@v4.25.8...v4.25.9

npm i @​uiw/react-codemirror@4.25.9

v4.25.8

Compare Source

Buy me a coffee

Documentation v4.25.8: https://raw.githack.com/uiwjs/react-codemirror/03129ff/index.html
Comparing Changes: uiwjs/react-codemirror@v4.25.7...v4.25.8

npm i @​uiw/react-codemirror@4.25.8

v4.25.7

Compare Source

Buy me a coffee

Documentation v4.25.7: https://raw.githack.com/uiwjs/react-codemirror/f3d65ee/index.html
Comparing Changes: uiwjs/react-codemirror@v4.25.6...v4.25.7

npm i @​uiw/react-codemirror@4.25.7

v4.25.6

Compare Source

Buy me a coffee

Documentation v4.25.6: https://raw.githack.com/uiwjs/react-codemirror/b4c8595/index.html
Comparing Changes: uiwjs/react-codemirror@v4.25.5...v4.25.6

npm i @​uiw/react-codemirror@4.25.6

v4.25.5

Compare Source

Buy me a coffee

Documentation v4.25.5: https://raw.githack.com/uiwjs/react-codemirror/2bcb7df/index.html
Comparing Changes: uiwjs/react-codemirror@v4.25.4...v4.25.5

npm i @​uiw/react-codemirror@4.25.5
vitejs/vite-plugin-react (@​vitejs/plugin-react)

v5.2.0

Compare Source

v5.1.4

Compare Source

Fix canSkipBabel not accounting for babel.overrides (#​1098)

When configuring babel.overrides without top-level plugins or presets, Babel was incorrectly skipped. The canSkipBabel function now checks for overrides.length to ensure override configurations are processed.

eslint/eslint (eslint)

v10.3.0

Compare Source

sindresorhus/get-port (get-port)

v7.2.0

Compare Source

  • Add reserve option to lock ports for the process lifetime 8af215b
mobxjs/mobx (mobx)

v6.15.2

Compare Source

Patch Changes

v6.15.1

Compare Source

Patch Changes
prettier/prettier (prettier)

v3.8.3

Compare Source

v3.8.2

Compare Source

puppeteer/puppeteer (puppeteer)

v24.43.0

Compare Source

🎉 Features
Dependencies
  • The following workspace dependencies were updated
🛠️ Fixes

v24.42.0

Compare Source

♻️ Chores
  • puppeteer: Synchronize puppeteer versions
Dependencies
  • The following workspace dependencies were updated
    • dependencies
      • puppeteer-core bumped from 24.41.0 to 24.42.0
🎉 Features
🛠️ Fixes
  • remove PartitionAllocSchedulerLoopQuarantineTaskControlledPurge from disabled features (#​14872) (c9909a5)
  • roll to Chrome 147.0.7727.57 (#​14869) (51c4305)

v24.41.0

Compare Source

🎉 Features
Dependencies
  • The following workspace dependencies were updated
    • dependencies
      • puppeteer-core bumped from 24.40.0 to 24.41.0
🛠️ Fixes
📄 Documentation

v24.40.0

Compare Source

♻️ Chores
  • puppeteer: Synchronize puppeteer versions
Dependencies
  • The following workspace dependencies were updated
    • dependencies
      • puppeteer-core bumped from 24.39.1 to 24.40.0
🎉 Features
  • support PUPPETEER_DANGEROUS_NO_SANDBOX environment variable (#​14756) (2a8276e)
🛠️ Fixes

v24.39.1

Compare Source

♻️ Chores
  • puppeteer: Synchronize puppeteer versions
Dependencies
  • The following workspace dependencies were updated
    • dependencies
      • puppeteer-core bumped from 24.39.0 to 24.39.1
🛠️ Fixes

v24.39.0

Compare Source

♻️ Chores
  • puppeteer: Synchronize puppeteer versions
Dependencies
  • The following workspace dependencies were updated
    • dependencies
      • puppeteer-core bumped from 24.38.0 to 24.39.0
🎉 Features
🛠️ Fixes

v24.38.0

Compare Source

🎉 Features
Dependencies
  • The following workspace dependencies were updated
    • dependencies
      • puppeteer-core bumped from 24.37.5 to 24.38.0
🛠️ Fixes
  • consider browsingContext.navigationCommitted to dispose an existing navigation (#​14724) (b4e92c6)
  • disable PartitionAllocSchedulerLoopQuarantineTaskControlledPurge (#​14744) (e6c7425)
  • roll to Chrome 145.0.7632.117 (#​14719) (1d407e1)

v24.37.5

Compare Source

♻️ Chores
  • puppeteer: Synchronize puppeteer versions
Dependencies
  • The following workspace dependencies were updated
    • dependencies
      • puppeteer-core bumped from 24.37.4 to 24.37.5
🛠️ Fixes

v24.37.4

Compare Source

♻️ Chores
  • puppeteer: Synchronize puppeteer versions
Dependencies
  • The following workspace dependencies were updated
    • dependencies
      • puppeteer-core bumped from 24.37.4 to 24.37.5
🛠️ Fixes

v24.37.3

Compare Source

♻️ Chores
  • puppeteer: Synchronize puppeteer versions
Dependencies
  • The following workspace dependencies were updated
🛠️ Fixes
facebook/react (react)

v19.2.5: 19.2.5 (April 8th, 2026)

Compare Source

React Server Components
remix-run/react-router (react-router)

v7.15.0

Compare Source

Minor Changes

  • Stabilize unstable_defaultShouldRevalidate as defaultShouldRevalidate on <Link>, <Form>, useLinkClickHandler, useSubmit, fetcher.submit, and setSearchParams (a993f09)

    • ⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly

  • Stabilize the instrumentation APIs. unstable_instrumentations is now instrumentations and unstable_pattern is now pattern (a993f09)

    • The unstable_ServerInstrumentation, unstable_ClientInstrumentation, unstable_InstrumentRequestHandlerFunction, unstable_InstrumentRouterFunction, unstable_InstrumentRouteFunction, and unstable_InstrumentationHandlerResult types have had their unstable_ prefixes removed
    • ⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly

  • Stabilize unstable_mask as mask on <Link>, useLinkClickHandler, and useNavigate, and rename the corresponding Location.unstable_mask field to Location.mask (a993f09)

    • ⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly

  • Stabilize the unstable_normalizePath option on staticHandler.query and staticHandler.queryRoute as normalizePath (a993f09)

    • ⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly

  • Stabilize future.unstable_passThroughRequests as future.v8_passThroughRequests (a993f09)

    • ⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly

  • Remove unstable_subResourceIntegrity from the runtime FutureConfig type; the flag is now controlled by the top-level subResourceIntegrity option in react-router.config.ts (a993f09)

    • ⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly

  • Stabilize unstable_url as url on loader, action, and middleware function args (a993f09)

    • ⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly

  • Stabilize unstable_useTransitions as useTransitions on <BrowserRouter>, <HashRouter>, <HistoryRouter>, <MemoryRouter>, <Router>, <RouterProvider>, <HydratedRouter>, and useLinkClickHandler (a993f09)

    • ⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly
Patch Changes

  • Add nonce to <Scripts> <link rel="modulepreload"> elements (if provided) (af5d49b)

  • Fix a bug with unstable_defaultShouldRevalidate={false} where parent routes that did not export a shouldRevalidate function could be incorrectly included in the single fetch call for new child route data (#​15012)

  • Improve server-side route matching performance by pre-computing flattened/cached route branches (#​14967) (af5d49b)

    • Performance benchmarks showed roughly a 10-15% improvement in server-side request handling performance

  • Mark mask as an optional field in Location for easier mocking in unit tests (#​14999)

  • Cache flattened/ranked route branches to optimize server-side route matching (#​14967)

  • Improve route matching performance in Framework/Data Mode (#​14971) (af5d49b)

    • Avoiding unnecessary calls to matchRoutes in data router scenarios
      • This includes adding back the optimization that was removed in 7.6.0 (#​13562)
      • The issues that prompted the revert have been addressed by using the available router matches but always updating match.route to the latest route in the manifest
    • Leverage pre-computed pre-computing flattened/cached route branches during client side route matching
    • Performance benchmarks showed roughly a 15-30% improvement in server-side request handling performance

v7.14.2

Compare Source

Patch Changes

  • Remove the un-documented custom error serialization logic from the internal turbo-stream implementation. React Router only automatically handles serialization of Error and it's standard subtypes (SyntaxError, TypeError, etc.). ([aabf4a1)

  • Properly handle parent middleware redirects during fetcher.load ([aabf4a1)

  • Remove redundant Omit<RouterProviderProps, "flushSync"> from react-router/dom RouterProvider ([aabf4a1)

  • Improved types for generatePath's param arg ([aabf4a1)

    Type errors when required params are omitted:

    // Before
// Passes type checks, but throws at runtime 💥
generatePath(":required", { required: null });

// After
generatePath(":required", { required: null });
//                          ^^^^^^^^ Type 'null' is not assignable to type 'string'.ts(2322)

    Allow omission of optional params:

    // Before
generatePath(":optional?", {});
//                         ^^ Property 'optional' is missing in type '{}' but required in type '{ optional: string | null | undefined; }'.ts(2741)

// After
generatePath(":optional?", {});

    Allows extra keys:

    // Before
generatePath(":a", { a: "1", b: "2" });
//                           ^ Object literal may only specify known properties, and 'b' does not exist in type '{ a: string; }'.ts(2353)

// After
generatePath(":a", { a: "1", b: "2" });

v7.14.1

Compare Source

Patch Changes
  • Fix a potential race condition that can occur when rendering a HydrateFallback and initial loaders land before the router.subscribe call happens in the RouterProvider layout effect
  • Normalize double-slashes in redirect paths

v7.14.0

Compare Source

Patch Changes

  • UNSTABLE RSC FRAMEWORK MODE BREAKING CHANGE - Existing route module exports remain unchanged from stable v7 non-RSC mode, but new exports are added for RSC mode. If you want to use RSC features, you will need to update your route modules to export the new annotations. (#​14901)

    If you are using RSC framework mode currently, you will need to update your route modules to the new conventions. The following route module components have their own mutually exclusive server component counterparts:

    Server Component Export Client Component
    ServerComponent default
    ServerErrorBoundary ErrorBoundary
    ServerLayout Layout
    ServerHydrateFallback HydrateFallback

    If you were previously exporting a ServerComponent, your ErrorBoundary, Layout, and HydrateFallback were also server components. If you want to keep those as server components, you can rename them and prefix them with Server. If you were previously importing the implementations of those components from a client module, you can simply inline them.

    Example:

    Before

    import { ErrorBoundary as ClientErrorBoundary } from "./client";

export function ServerComponent() {
  // ...
}

export function ErrorBoundary() {
  return <ClientErrorBoundary />;
}

export function Layout() {
  // ...
}

export function HydrateFallback() {
  // ...
}

    After

    export function ServerComponent() {
  // ...
}

export function ErrorBoundary() {
  // previous implementation of ClientErrorBoundary, this is now a client component
}

export function ServerLayout() {
  // rename previous Layout export to ServerLayout to make it a server component
}

export function ServerHydrateFallback() {
  // rename previous HydrateFallback export to ServerHydrateFallback to make it a server component
}

  • rsc Link prefetch (#​14902)

  • Remove recursion from turbo-stream v2 allowing for encoding / decoding of massive payloads. (#​14838)

  • encodeViaTurboStream leaked memory via unremoved AbortSignal listener (#​14900)

v7.13.2

Compare Source

Patch Changes

  • Fix clientLoader.hydrate when an ancestor route is also hydrating a clientLoader (#​14835)

  • Fix type error when passing Framework Mode route components using Route.ComponentProps to createRoutesStub (#​14892)

  • Fix percent encoding in relative path navigation (#​14786)

  • Add future.unstable_passThroughRequests flag (#​14775)

    By default, React Router normalizes the request.url passed to your loader, action, and middleware functions by removing React Router's internal implementation details (.data suffixes, index + _routes query params).

    Enabling this flag removes that normalization and passes the raw HTTP request instance to your handlers. This provides a few benefits:

    • Reduces server-side overhead by eliminating multiple new Request() calls on the critical path
    • Allows you to distinguish document from data requests in your handlers base don the presence of a .data suffix (useful for observability purposes)

    If you were previously relying on the normalization of request.url, you can switch to use the new sibling unstable_url parameter which contains a URL instance representing the normalized location:

    // ❌ Before: you could assume there was no `.data` suffix in `request.url`
export async function loader({ request }: Route.LoaderArgs) {
  let url = new URL(request.url);
  if (url.pathname === "/path") {
    // This check will fail with the flag enabled because the `.data` suffix will
    // exist on data requests
  }
}

// ✅ After: use `unstable_url` for normalized routing logic and `request.url`
// for raw routing logic
export async function loader({ request, unstable_url }: Route.LoaderArgs) {
  if (unstable_url.pathname === "/path") {
    // This will always have the `.data` suffix stripped
  }

  // And now you can distinguish between document versus data requests
  let isDataRequest = new URL(request.url).pathname.endsWith(".data");
}

  • Internal refactor to consolidate framework-agnostic/React-specific route type layers - no public API changes (#​14765)

  • Sync protocol validation to rsc flows (#​14882)

  • Add a new unstable_url: URL parameter to route handler methods (loader, action, middleware, etc.) representing the normalized URL the application is navigating to or fetching, with React Router implementation details removed (.datasuffix, index/_routes query params) (#​14775)

    This is being added alongside the new future.unstable_passthroughRequests future flag so that users still have a way to access the normalized URL when that flag is enabled and non-normalized request's are being passed to your handlers. When adopting this flag, you will only need to start leveraging this new parameter if you are relying on the normalization of request.url in your application code.

    If you don't have the flag enabled, then unstable_url will match request.url.

v7.13.1

Compare Source

Patch Changes

  • fix null reference exception in bad codepath leading to invalid route tree comparisons (#​14780)

  • fix: clear timeout when turbo-stream encoding completes (#​14810)

  • Improve error message when Origin header is invalid (#​14743)

  • Fix matchPath optional params matching without a "/" separator. (#​14689)

    • matchPath("/users/:id?", "/usersblah") now returns null.
    • matchPath("/test_route/:part?", "/test_route_more") now returns null.

  • add RSC unstable_getRequest (#​14758)

  • Fix HydrateFallback rendering during initial lazy route discovery with matching splat route (#​14740)

  • [UNSTABLE] Add support for <Link unstable_mask> in Data Mode which allows users to navigate to a URL in the router but "mask" the URL displayed in the browser. This is useful for contextual routing usages such as displaying an image in a model on top of a gallery, but displaying a browser URL directly to the image that can be shared and loaded without the contextual gallery in the background. (#​14716)

    // routes/gallery.tsx
export function clientLoader({ request }: Route.LoaderArgs) {
  let sp = new URL(request.url).searchParams;
  return {
    images: getImages(),
    // When the router location has the image param, load the modal data
    modalImage: sp.has("image") ? getImage(sp.get("image")!) : null,
  };
}

export default function Gallery({ loaderData }: Route.ComponentProps) {
  return (
    <>
      <GalleryGrid>
        {loaderData.images.map((image) => (
          <Link
            key={image.id}
            {/* Navigate the router to /galley?image=N */}}
            to={`/gallery?image=${image.id}`}
            {/* But display /images/N in the URL bar */}}
            unstable_mask={`/images/${image.id}`}
          >
            <img src={image.url} alt={image.alt} />
          </Link>
        ))}
      </GalleryGrid>

      {/* When the modal data exists, display the modal */}
      {data.modalImage ? (
        <dialog open>
          <img src={data.modalImage.url} alt={data.modalImage.alt} />
        </dialog>
      ) : null}
    </>
  );
}

    Notes:

    • The masked location, if present, will be available on useLocation().unstable_mask so you can detect whether you are currently masked or not.
    • Masked URLs only work for SPA use cases, and will be removed from history.state during SSR.
    • This provides a first-class API to mask URLs in Data Mode to achieve the same behavior you could do in Declarative Mode via manual backgroundLocation management.

  • RSC: Update failed origin checks to return a 400 status and appropriate UI instead of a generic 500 (#​14755)

  • Preserve query parameters and hash on manifest version mismatch reload (#​14813)

remix-run/react-router (react-router-dom)

v7.15.0

Compare Source

Patch Changes

v7.14.2

Compare Source

Patch Changes

v7.14.1

Compare Source

Patch Changes

v7.14.0

Compare Source

Patch Changes
  • Updated dependencies:
    • react-router@7.14.0

v7.13.2

Compare Source

Patch Changes
  • Updated dependencies:
    • react-router@7.13.2

v7.13.1

Compare Source

Patch Changes
  • Updated dependencies:
    • react-router@7.13.1
petyosi/react-virtuoso (react-virtuoso)

v4.18.6

Compare Source

Patch Changes

Note

PR body was truncated to here.

Configuration

📅 Schedule: (UTC)

  • Branch creation
    • At any time (no schedule defined)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot requested a review from a team as a code owner February 11, 2026 14:39
@renovate renovate Bot added the dependencies Pull requests that update a dependency file label Feb 11, 2026
@codecov
Copy link
Copy Markdown

codecov Bot commented Feb 11, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 75.01%. Comparing base (ec8ce07) to head (64d0daf).

Additional details and impacted files 
@@           Coverage Diff           @@
##           master     #915   +/-   ##
=======================================
  Coverage   75.01%   75.01%           
=======================================
  Files          61       61           
  Lines        2886     2886           
=======================================
  Hits         2165     2165           
  Misses        566      566           
  Partials      155      155

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@renovate renovate Bot force-pushed the renovate/bump-dependencies-npm branch from 94b6973 to d7a81eb Compare February 12, 2026 19:14
@renovate renovate Bot changed the title chore(deps): update dependency axios to v1.13.5 chore(deps): update dependency typescript-eslint to v8.55.0 Feb 12, 2026
@renovate renovate Bot force-pushed the renovate/bump-dependencies-npm branch from d7a81eb to 1fbb81a Compare February 13, 2026 06:10
@renovate renovate Bot changed the title chore(deps): update dependency typescript-eslint to v8.55.0 chore(deps): update bump npm dependencies Feb 13, 2026
@renovate renovate Bot force-pushed the renovate/bump-dependencies-npm branch 8 times, most recently from f27bd19 to 3e76e58 Compare February 21, 2026 12:52
@renovate renovate Bot force-pushed the renovate/bump-dependencies-npm branch 6 times, most recently from e533b10 to 588becc Compare February 28, 2026 17:57
@renovate renovate Bot force-pushed the renovate/bump-dependencies-npm branch 9 times, most recently from 395c600 to 2dc1c85 Compare March 11, 2026 02:14
@renovate renovate Bot force-pushed the renovate/bump-dependencies-npm branch 7 times, most recently from f66369a to 0c60580 Compare April 4, 2026 09:29
@renovate renovate Bot force-pushed the renovate/bump-dependencies-npm branch 8 times, most recently from 352c433 to 06397f4 Compare April 12, 2026 17:25
@renovate renovate Bot force-pushed the renovate/bump-dependencies-npm branch 14 times, most recently from 5b76f68 to 4f19f75 Compare April 19, 2026 16:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants