Skip to content

chore(deps): bump the npm_and_yarn group across 1 directory with 6 updates#398

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm_and_yarn-ddd0580bbc
Open

chore(deps): bump the npm_and_yarn group across 1 directory with 6 updates#398
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm_and_yarn-ddd0580bbc

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 16, 2026

Copy link
Copy Markdown
Contributor

Bumps the npm_and_yarn group with 6 updates in the / directory:

Package From To
react-router 7.15.0 7.15.1
@babel/core 7.23.9 7.29.6
vite 6.4.2 6.4.3
form-data 4.0.4 4.0.6
shell-quote 1.8.1 1.8.4
tar 7.5.13 7.5.16

Updates react-router from 7.15.0 to 7.15.1

Release notes

Sourced from react-router's releases.

v7.15.1

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7151

Changelog

Sourced from react-router's changelog.

v7.15.1

Patch Changes

  • Update router to operate on fetcher Maps in an immutable manner to avoid delayed React renders from potentially reading an updated but not yet committed Map. This could result in brief flickers in some fetcher-driven optimistic UI scenarios. (#15028)
  • Fix serverLoader() returning stale SSR data when a client navigation aborts pending hydration before the hydration clientLoader resolves (#15022)
  • Fix RouterProvider onError callback not being called for synchronous initial loader errors in SPA mode (#15039) (#14942)
  • Memoize useFetchers to return a stable identity and only change if fetchers changed (#15028)
  • Internal refactor to consolidate mutation request detection through shared utility (#15033)

Unstable Changes

⚠️ Unstable features are not recommended for production use

  • Add a new unstable_useRouterState() hook that consolidates access to active and pending router states (RFC: #12358) (#15017)
    • Data/Framework/RSC only — throws when used without a data router

    • This should allow you to consolidate usages of the following hooks which will likely be deprecated and removed in a future major version

      • useLocation
      • useSearchParams
      • useParams
      • useMatches
      • useNavigationType
      • useNavigation
      let { active, pending } = unstable_useRouterState();
      // Active is always populated with the current location
      active.location; // replaces useLocation()
      active.searchParams; // replaces useSearchParams()[0]
      active.params; // replaces useParams()
      active.matches; // replaces useMatches()
      active.type; // replaces useNavigationType()
      // Pending is only populated during a navigation
      pending.location; // replaces useNavigation().location
      pending.searchParams; // equivalent to new URLSearchParams(useNavigation().search)
      pending.params; // Not directly accessible today
      pending.matches; // Not directly accessible today
      pending.type; // Not directly accessible today
      pending.state; // replaces useNavigation().state
      pending.formMethod; // replaces useNavigation().formMethod
      pending.formAction; // replaces useNavigation().formAction
      pending.formEncType; // replaces useNavigation().formEncType
      pending.formData; // replaces useNavigation().formData
      pending.json; // replaces useNavigation().json
      pending.text; // replaces useNavigation().text

Commits
  • 587d08f Release v7.15.1 (#15038)
  • 89996bd Fire onError for initial-load errors when RouterProvider mounts late (#15039)
  • 4322e58 Update docs for useRouterState
  • fadd6c4 Merge branch 'main' into release
  • 6bf91ce chore: format
  • 44c3478 fix: prevent fetcher formData flicker and eliminate state.fetchers mutations ...
  • 7e6725a Cleanup lint issues (#15030)
  • aabd30c Use shared isMutationMethod check (#15033)
  • 954a4a6 Fix stale SSR data when hydration is aborted by a same-route navigation (#15022)
  • 041cd32 fix(react-router): Internal preloads refactor to preserve types (#14860)
  • Additional commits viewable in compare view

Updates @babel/core from 7.23.9 to 7.29.6

Release notes

Sourced from @​babel/core's releases.

v7.29.6 (2026-05-25)

🐛 Bug Fix

Committers: 3

v7.29.5 (2026-05-05)

🏠 Internal

  • babel-preset-env
    • Update @babel/* dependencies

v7.29.4 (2026-05-05)

🐛 Bug Fix

  • babel-plugin-transform-modules-systemjs
    • #17974 [7.x backport]fix(systemjs): improve module string name support (@​JLHwung)

Committers: 1

v7.29.3 (2026-04-30)

👓 Spec Compliance

🐛 Bug Fix

  • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
    • #17931 fix(decorators): replace super within all removed static elements (@​JLHwung)
  • babel-register
  • babel-compat-data, babel-plugin-bugfix-safari-rest-destructuring-rhs-array, babel-preset-env

💅 Polish

📝 Documentation

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​babel/core since your current version.


Updates vite from 6.4.2 to 6.4.3

Release notes

Sourced from vite's releases.

v6.4.3

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

6.4.3 (2026-06-01)

Commits

Updates form-data from 4.0.4 to 4.0.6

Changelog

Sourced from form-data's changelog.

v4.0.6 - 2026-06-12

Commits

  • [Fix] escape CR, LF, and " in field names and filenames 8dff42c
  • [Dev Deps] update @ljharb/eslint-config, auto-changelog, tape f31d21e
  • [Deps] update hasown, mime-types 92ae0eb
  • [Dev Deps] update js-randomness-predictor 67b0f65

v4.0.5 - 2025-11-17

Commits

  • [Tests] Switch to newer v8 prediction library; enable node 24 testing 16e0076
  • [Dev Deps] update @ljharb/eslint-config, eslint 5822467
  • [Fix] set Symbol.toStringTag in the proper place 76d0dee
Commits
  • 64190db v4.0.6
  • 92ae0eb [Deps] update hasown, mime-types
  • f31d21e [Dev Deps] update @ljharb/eslint-config, auto-changelog, tape
  • 8dff42c [Fix] escape CR, LF, and " in field names and filenames
  • 67b0f65 [Dev Deps] update js-randomness-predictor
  • 68ff7dd v4.0.5
  • 5822467 [Dev Deps] update @ljharb/eslint-config, eslint
  • 76d0dee [Fix] set Symbol.toStringTag in the proper place
  • 16e0076 [Tests] Switch to newer v8 prediction library; enable node 24 testing
  • See full diff in compare view

Updates shell-quote from 1.8.1 to 1.8.4

Changelog

Sourced from shell-quote's changelog.

v1.8.4 - 2026-05-22

Commits

  • [Fix] quote: validate object-token shapes 4378a6e
  • [Dev Deps] update @ljharb/eslint-config, auto-changelog, eslint, npmignore 22ebec0
  • [Tests] increase coverage 9f3caa3
  • [readme] replace runkit CI badge with shields.io check-runs badge 3344a04
  • [Dev Deps] update @ljharb/eslint-config 699c511

v1.8.3 - 2025-06-01

Fixed

v1.8.2 - 2024-11-27

Fixed

Commits

  • [meta] fix changelog tags 0fb9fd8
  • [actions] split out node 10-20, and 20+ 819bd84
  • [Dev Deps] update @ljharb/eslint-config, auto-changelog, npmignore, tape fc56408
  • [actions] update npm for windows tests fdeb0fd
  • [Dev Deps] update @ljharb/eslint-config, aud, tape b8a4a3b
  • [actions] prevent node 14 on ARM mac from failing 9eecafc
  • [meta] exclude more files from the package 4044e7f
  • [Tests] replace aud with npm audit 8cfdbd8
  • [meta] add missing engines.node 843820e
  • [Dev Deps] add missing peer dep 4c3b88d
  • [Dev Deps] pin jackspeak since 2.1.2+ depends on npm aliases, which kill the install process in npm < 6 80322ed
Commits
  • ff166e2 v1.8.4
  • 4378a6e [Fix] quote: validate object-token shapes
  • 22ebec0 [Dev Deps] update @ljharb/eslint-config, auto-changelog, eslint, `npmig...
  • 9f3caa3 [Tests] increase coverage
  • 3344a04 [readme] replace runkit CI badge with shields.io check-runs badge
  • 699c511 [Dev Deps] update @ljharb/eslint-config
  • 487a9b4 v1.8.3
  • 01faaff [Fix] remove unnecessary backslash escaping in single quotes
  • b19fc77 v1.8.2
  • 59d29ea [Fix] quote: preserve empty strings
  • Additional commits viewable in compare view

Updates tar from 7.5.13 to 7.5.16

Commits
  • cf21338 7.5.16
  • 21a8220 do not apply PAX header fields to meta entries
  • 52632cf update project deps
  • 302f51f fix inconsequential typo in PENDINGLINKS symbol name
  • 55dbb99 remove some uses of mutate-fs
  • 87cc309 7.5.15
  • 7aef486 fix: regression in pending links detection
  • 6244eb3 7.5.14
  • 9704d8c stricter protection against hardlinks preempting their targets
  • 700734f update workflows and deps
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

…dates

Bumps the npm_and_yarn group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [react-router](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router) | `7.15.0` | `7.15.1` |
| [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) | `7.23.9` | `7.29.6` |
| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `6.4.2` | `6.4.3` |
| [form-data](https://github.com/form-data/form-data) | `4.0.4` | `4.0.6` |
| [shell-quote](https://github.com/ljharb/shell-quote) | `1.8.1` | `1.8.4` |
| [tar](https://github.com/isaacs/node-tar) | `7.5.13` | `7.5.16` |



Updates `react-router` from 7.15.0 to 7.15.1
- [Release notes](https://github.com/remix-run/react-router/releases)
- [Changelog](https://github.com/remix-run/react-router/blob/main/packages/react-router/CHANGELOG.md)
- [Commits](https://github.com/remix-run/react-router/commits/react-router@7.15.1/packages/react-router)

Updates `@babel/core` from 7.23.9 to 7.29.6
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.29.6/packages/babel-core)

Updates `vite` from 6.4.2 to 6.4.3
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/v6.4.3/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v6.4.3/packages/vite)

Updates `form-data` from 4.0.4 to 4.0.6
- [Release notes](https://github.com/form-data/form-data/releases)
- [Changelog](https://github.com/form-data/form-data/blob/master/CHANGELOG.md)
- [Commits](form-data/form-data@v4.0.4...v4.0.6)

Updates `shell-quote` from 1.8.1 to 1.8.4
- [Changelog](https://github.com/ljharb/shell-quote/blob/main/CHANGELOG.md)
- [Commits](ljharb/shell-quote@v1.8.1...v1.8.4)

Updates `tar` from 7.5.13 to 7.5.16
- [Release notes](https://github.com/isaacs/node-tar/releases)
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md)
- [Commits](isaacs/node-tar@v7.5.13...v7.5.16)

---
updated-dependencies:
- dependency-name: react-router
  dependency-version: 7.15.1
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: "@babel/core"
  dependency-version: 7.29.6
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: vite
  dependency-version: 6.4.3
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: form-data
  dependency-version: 4.0.6
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: shell-quote
  dependency-version: 1.8.4
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: tar
  dependency-version: 7.5.16
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 16, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants