Skip to content

[Snyk] Upgrade react-dom from 19.2.3 to 19.2.7#4

Open
sickn33 wants to merge 1 commit into
mainfrom
snyk-upgrade-f32a4068cb7f8ef0ee79788104fd385c
Open

[Snyk] Upgrade react-dom from 19.2.3 to 19.2.7#4
sickn33 wants to merge 1 commit into
mainfrom
snyk-upgrade-f32a4068cb7f8ef0ee79788104fd385c

Conversation

@sickn33

@sickn33 sickn33 commented Jun 24, 2026

Copy link
Copy Markdown
Owner

snyk-top-banner

Snyk has created this PR to upgrade react-dom from 19.2.3 to 19.2.7.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


  • The recommended version is 4 versions ahead of your current version.

  • The recommended version was released 22 days ago.

Release notes
Package name: react-dom from react-dom GitHub release notes

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

@socket-security

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security
Vulnerability Quality Maintenance License
Updatedreact@​19.2.3 ⏵ 19.2.71001008497100
Updatedreact-dom@​19.2.3 ⏵ 19.2.71001009298100

View full report

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 8a72500266

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread package-lock.json
Comment on lines 2775 to 2778
"dev": true,
"libc": [
"glibc"
],
"license": "MIT",
"optional": true,
"os": [

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Restore Rollup libc filters in the lockfile

This lockfile drops the libc selector from the Rollup native optional packages (shown here for the x64 GNU package; the same deletion happened for the other Linux GNU/musl entries). npm builds its install plan from these package-lock packages entries, so on Linux it can no longer prune the wrong glibc/musl variant and will fetch/extract both native tarballs for the matching CPU, bloating CI/deploy installs and making them depend on extra optional binaries. Please preserve the libc fields when regenerating the lockfile.

Useful? React with 👍 / 👎.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants