Skip to content

[Snyk] Upgrade react-hook-form from 7.51.1 to 7.53.0#342

Open
psturc wants to merge 1 commit into
mainfrom
snyk-upgrade-299d0949c9044ac515f2dbe237221d62
Open

[Snyk] Upgrade react-hook-form from 7.51.1 to 7.53.0#342
psturc wants to merge 1 commit into
mainfrom
snyk-upgrade-299d0949c9044ac515f2dbe237221d62

Conversation

@psturc

@psturc psturc commented Sep 24, 2024

Copy link
Copy Markdown
Member

snyk-top-banner

Snyk has created this PR to upgrade react-hook-form from 7.51.1 to 7.53.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


  • The recommended version is 8 versions ahead of your current version.

  • The recommended version was released on a month ago.

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
high severity Server-side Request Forgery (SSRF)
SNYK-JS-AXIOS-7361793
761 Proof of Concept
high severity Asymmetric Resource Consumption (Amplification)
SNYK-JS-BODYPARSER-7926860
761 No Known Exploit
high severity Uncontrolled resource consumption
SNYK-JS-BRACES-6838727
761 Proof of Concept
high severity Improper Input Validation
SNYK-JS-FOLLOWREDIRECTS-6141137
761 Proof of Concept
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-SEMVER-3247795
761 Proof of Concept
high severity Path Traversal
SNYK-JS-WEBPACKDEVMIDDLEWARE-6476555
761 Proof of Concept
medium severity Open Redirect
SNYK-JS-EXPRESS-6474509
761 No Known Exploit
medium severity Cross-site Scripting
SNYK-JS-EXPRESS-7926867
761 No Known Exploit
medium severity Information Exposure
SNYK-JS-FOLLOWREDIRECTS-6444610
761 Proof of Concept
medium severity Information Exposure
SNYK-JS-FOLLOWREDIRECTS-6444610
761 Proof of Concept
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-PATHTOREGEXP-7925106
761 Proof of Concept
medium severity Cross-site Scripting (XSS)
SNYK-JS-SERIALIZEJAVASCRIPT-6147607
761 Proof of Concept
medium severity Cross-site Scripting (XSS)
SNYK-JS-WEBPACK-7840298
761 Proof of Concept
low severity Cross-site Scripting
SNYK-JS-SEND-7926862
761 No Known Exploit
low severity Cross-site Scripting
SNYK-JS-SERVESTATIC-7926865
761 No Known Exploit
Release notes
Package name: react-hook-form
  • 7.53.0 - 2024-08-24

    🌫️ feat: #12148 support isValid when mode is set to onBlur (#12194)

    // update formstate isValid with onBlur event
    const { formState: { isValid } } = useForm({
      mode: 'onBlur'
    })

    🐞 fix #12021 issue with disable prop not reflecting on re-render without trigger by useEffect (#12193)
    👩‍🌾 close #12168 optimise re-render with validating fields subscription (#12192)
    🐞 fix #12127 issue with compare object value changed with object input (#12185)
    🎲 improve : break out of recursive loops on first focus (#11827)
    📖 fix example of ObjectKeys type (#11965)

    thanks to @ suke & @ DPflasterer

  • 7.52.2 - 2024-08-03

    👍 close #12108 useController should subscribe to exact field name of form's state (#12109)
    👍 chore: upgrade app deps
    🩻 fix: add useCallback for ref callback (#12078)
    🚀 fix: skip call executeBuiltInValidation if no sub-fields left (#12054)

    thanks to @ newsiberian, @ Wendystraite and @ abnud11

  • 7.52.1 - 2024-07-02

    🐞 fix #12024 dirty not update issue with values prop (#12041)
    🐞 fix: field array validate rules shift errors (#12033)

    thanks to @ JardelCheung

  • 7.52.0 - 2024-06-15

    ⚛️ close #11932 enable react 19 peer dependency (#11935)
    👮‍♀️ close #11954 getFieldState remove unnessaried inValidating and touched subscription (#11995)
    🐞 fix #11985 logic createFormControl check field before usage (#11986)
    ⌨️ fix: enforce type safety for deps property in RegisterOptions (#11969)
    🐞 fix #11922 keep dirty on reset with dirty fields (#11958)
    🚔 close #11937 add validation in the cleanup process in useController (#11938)
    Revert "⌨️ close: correct type of error field in getFieldState return object (#11831)"
    📖 fix: change info.values type in WatchObserver (#11917)

    thanks to @ nakaakist, @ IdoBouskila, @ pincy and @ peinguin

  • 7.51.5 - 2024-05-21

    📖 fix broken link to examples in README.md (#11805)
    ⌨️ close: correct type of error field in getFieldState return object (#11831)
    🐞 fix #11842 radio buttons not disabled when multiple share a name (#11873)
    🐞 fix #11821 set value with disabled false before mount (#11880)
    🐞 fix setError to preserve existing errors elsewhere in the object (#11888)
    ⌨️ fix: add info.value type to WatchObserver (#11872)
    🫡 fix issue with internal set api (#11915)

    thanks to @ mjr2595 @ erashu212 @ SimonJTurner and @ peinguin

  • 7.51.4 - 2024-05-04

    👹 close #11778 improve unregister omit key with getValues method (#11779)
    🐞 fix #11794 issue: Fields dirty state is not updated when passing values to useForm

  • 7.51.3 - 2024-04-11

    🐞 fix #11773 regression on dirty check with reset (#11775)

  • 7.51.2 - 2024-03-26

    🐞 fix #11719 validation stuck on true state (#11723)

  • 7.51.1 - 2024-03-17

    🐛 bug(validatingFields, trigger): handle all fields validation trigger (#11624)
    💚 ci: cleanup actions versions (#11629)
    🐞 fix #11590 issue with trigger on validatingFields (#11613)

    thanks to @ Moshyfawn

from react-hook-form GitHub release notes

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment