Skip to content

chore(deps): bump react-router-dom from 6.30.3 to 7.18.1#1622

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/react-router-dom-7.18.0
Open

chore(deps): bump react-router-dom from 6.30.3 to 7.18.1#1622
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/react-router-dom-7.18.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 28, 2026

Copy link
Copy Markdown
Contributor

Bumps react-router-dom from 6.30.3 to 7.18.1.

Release notes

Sourced from react-router-dom's releases.

v7.1.3

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v713

Changelog

Sourced from react-router-dom's changelog.

v7.18.1

Patch Changes

v7.18.0

Patch Changes

v7.17.0

Patch Changes

v7.16.0

Patch Changes

  • Remove stale/invalid unpkg field from package.json. This was removed from other packages with the release of v7 but missed in the react-router-dom re-export package (#15075)
  • Updated dependencies:

v7.15.1

Patch Changes

v7.15.0

Patch Changes

v7.14.2

Patch Changes

... (truncated)

Commits

@dependabot dependabot Bot added automated dependencies Pull requests that update a dependency file labels Jun 28, 2026
@dependabot
dependabot Bot requested a review from a team as a code owner June 28, 2026 09:40
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file automated labels Jun 28, 2026
@netlify

netlify Bot commented Jun 28, 2026

Copy link
Copy Markdown

Deploy Preview for endearing-brigadeiros-63f9d0 canceled.

Name Link
🔨 Latest commit 6f3b6bd
🔍 Latest deploy log https://app.netlify.com/projects/endearing-brigadeiros-63f9d0/deploys/6a5481645bd1680008197201

@github-actions

github-actions Bot commented Jun 28, 2026

Copy link
Copy Markdown

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
npm/cookie 1.1.1 🟢 8.5
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
CI-Tests🟢 925 out of 26 merged PRs checked by a CI test -- score normalized to 9
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Code-Review🟢 6Found 18/26 approved changesets -- score normalized to 6
Contributors🟢 10project has 20 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Maintained🟢 1017 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST🟢 9SAST tool detected but not run on all commits
Security-Policy🟢 9security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Vulnerabilities🟢 91 existing vulnerabilities detected
npm/react-router 7.18.1 🟢 3.7
Details
CheckScoreReason
Code-Review⚠️ 2Found 8/30 approved changesets -- score normalized to 2
Security-Policy🟢 10security policy file detected
Maintained🟢 1030 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow⚠️ 0dangerous workflow patterns detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
License🟢 10license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases⚠️ -1no releases found
Fuzzing⚠️ 0project is not fuzzed
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
npm/react-router-dom 7.18.1 🟢 3.7
Details
CheckScoreReason
Code-Review⚠️ 2Found 8/30 approved changesets -- score normalized to 2
Security-Policy🟢 10security policy file detected
Maintained🟢 1030 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow⚠️ 0dangerous workflow patterns detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
License🟢 10license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases⚠️ -1no releases found
Fuzzing⚠️ 0project is not fuzzed
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
npm/set-cookie-parser 2.7.2 🟢 3.6
Details
CheckScoreReason
Code-Review⚠️ 1Found 2/15 approved changesets -- score normalized to 1
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Maintained🟢 57 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies🟢 3dependency not pinned by hash detected -- score normalized to 3
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Security-Policy⚠️ 0security policy file not detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0

Scanned Files

  • package-lock.json

@kriswest

kriswest commented Jul 9, 2026

Copy link
Copy Markdown
Contributor

Needs grouping with a react update... Defer until @andypols' UI rebuild goes in?

Bumps [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom) from 6.30.3 to 7.18.1.
- [Release notes](https://github.com/remix-run/react-router/releases)
- [Changelog](https://github.com/remix-run/react-router/blob/react-router-dom@7.18.1/packages/react-router-dom/CHANGELOG.md)
- [Commits](https://github.com/remix-run/react-router/commits/react-router-dom@7.18.1/packages/react-router-dom)

---
updated-dependencies:
- dependency-name: react-router-dom
  dependency-version: 7.18.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title chore(deps): bump react-router-dom from 6.30.3 to 7.18.0 chore(deps): bump react-router-dom from 6.30.3 to 7.18.1 Jul 13, 2026
@dependabot
dependabot Bot force-pushed the dependabot/npm_and_yarn/react-router-dom-7.18.0 branch from ab33891 to 6f3b6bd Compare July 13, 2026 06:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

automated dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant