Skip to content

Bump react-router and react-router-dom in /cmd/kueueviz/frontend #8481

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
k8s-ci-robot merged 1 commit into from
Jan 9, 2026
Merged

Bump react-router and react-router-dom in /cmd/kueueviz/frontend #8481

k8s-ci-robot merged 1 commit into from
Jan 9, 2026

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 9, 2026

Bumps react-router to 7.12.0 and updates ancestor dependency react-router-dom. These dependencies need to be updated together.

Updates react-router from 7.9.6 to 7.12.0

Release notes

Sourced from react-router's releases.

v7.12.0

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7120

v7.11.0

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7110

v7.10.1

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7101

v7.10.0

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7100

Changelog

Sourced from react-router's changelog.

7.12.0

Minor Changes

  • Add additional layer of CSRF protection by rejecting submissions to UI routes from external origins. If you need to permit access to specific external origins, you can specify them in the react-router.config.ts config allowedActionOrigins field. (#14708)

Patch Changes

  • Fix generatePath when used with suffixed params (i.e., "/books/:id.json") (#14269)

  • Export UNSAFE_createMemoryHistory and UNSAFE_createHashHistory alongside UNSAFE_createBrowserHistory for consistency. These are not intended to be used for new apps but intended to help apps usiong unstable_HistoryRouter migrate from v6->v7 so they can adopt the newer APIs. (#14663)

  • Escape HTML in scroll restoration keys (#14705)

  • Validate redirect locations (#14706)

  • [UNSTABLE] Pass <Scripts nonce> value through to the underlying importmap script tag when using future.unstable_subResourceIntegrity (#14675)

  • [UNSTABLE] Add a new future.unstable_trailingSlashAwareDataRequests flag to provide consistent behavior of request.pathname inside middleware, loader, and action functions on document and data requests when a trailing slash is present in the browser URL. (#14644)

    Currently, your HTTP and request pathnames would be as follows for /a/b/c and /a/b/c/

    URL /a/b/c HTTP pathname request pathname`
    Document /a/b/c /a/b/c
    Data /a/b/c.data /a/b/c
    URL /a/b/c/ HTTP pathname request pathname`
    Document /a/b/c/ /a/b/c/
    Data /a/b/c.data /a/b/c ⚠️

    With this flag enabled, these pathnames will be made consistent though a new _.data format for client-side .data requests:

    URL /a/b/c HTTP pathname request pathname`
    Document /a/b/c /a/b/c
    Data /a/b/c.data /a/b/c
    URL /a/b/c/ HTTP pathname request pathname`
    Document /a/b/c/ /a/b/c/
    Data /a/b/c/_.data ⬅️ /a/b/c/

    This a bug fix but we are putting it behind an opt-in flag because it has the potential to be a "breaking bug fix" if you are relying on the URL format for any other application or caching logic.

    Enabling this flag also changes the format of client side .data requests from /_root.data to /_.data when navigating to / to align with the new format. This does not impact the request pathname which is still / in all cases.

  • Preserve clientLoader.hydrate=true when using <HydratedRouter unstable_instrumentations> (#14674)

... (truncated)

Commits
  • 26653a6 chore: Update version for release (#14712)
  • 7ac2346 chore: Update version for release (pre) (#14709)
  • 75b1ef5 Add origin checks for UI route submissions (#14708)
  • c05ef93 Validate redirect locations (#14706)
  • c89c32c Escape HTML in scroll restoration keys (#14705)
  • cbcbf30 fix: pass nonce to importmap script when using subResourceIntegrity (#14675)
  • 30f6c1d fix(react-router): handle parameters with static suffixes in generatePath (#1...
  • 7f140e0 Handle data requests with trailing slash consistently (#14644)
  • 1954af6 Preserve hydrate property on client loaders during instrumentation (#14674)
  • 5ce5cd4 chore: format
  • Additional commits viewable in compare view

Updates react-router-dom from 7.9.6 to 7.12.0

Release notes

Sourced from react-router-dom's releases.

[email protected]

Patch Changes

Changelog

Sourced from react-router-dom's changelog.

7.12.0

Patch Changes

7.11.0

Patch Changes

7.10.1

Patch Changes

7.10.0

Patch Changes

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump react-router and react-router-dom in /cmd/kueueviz/frontend
d6e2275 
Bumps [react-router](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router) to 7.12.0 and updates ancestor dependency [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom). These dependencies need to be updated together.


Updates `react-router` from 7.9.6 to 7.12.0
- [Release notes](https://github.com/remix-run/react-router/releases)
- [Changelog](https://github.com/remix-run/react-router/blob/main/packages/react-router/CHANGELOG.md)
- [Commits](https://github.com/remix-run/react-router/commits/[email protected]/packages/react-router)

Updates `react-router-dom` from 7.9.6 to 7.12.0
- [Release notes](https://github.com/remix-run/react-router/releases)
- [Changelog](https://github.com/remix-run/react-router/blob/main/packages/react-router-dom/CHANGELOG.md)
- [Commits](https://github.com/remix-run/react-router/commits/[email protected]/packages/react-router-dom)

---
updated-dependencies:
- dependency-name: react-router
  dependency-version: 7.12.0
  dependency-type: indirect
- dependency-name: react-router-dom
  dependency-version: 7.12.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jan 9, 2026
@k8s-ci-robot k8s-ci-robot added do-not-merge/release-note-label-needed Indicates that a PR should not merge because it's missing one of the release note labels. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. labels Jan 9, 2026
@k8s-ci-robot
Copy link
Contributor

k8s-ci-robot commented Jan 9, 2026

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@k8s-ci-robot k8s-ci-robot requested review from PBundyra and akram January 9, 2026 00:11
@k8s-ci-robot k8s-ci-robot added the size/M Denotes a PR that changes 30-99 lines, ignoring generated files. label Jan 9, 2026
@netlify
Copy link

netlify bot commented Jan 9, 2026
edited
Loading

Deploy Preview for kubernetes-sigs-kueue ready!

Name Link
🔨 Latest commit d6e2275
🔍 Latest deploy log https://app.netlify.com/projects/kubernetes-sigs-kueue/deploys/6960479d1c2ded0008a3718c
😎 Deploy Preview https://deploy-preview-8481--kubernetes-sigs-kueue.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@sohankunkerkar
Copy link
Member

sohankunkerkar commented Jan 9, 2026

/ok-to-test

@k8s-ci-robot k8s-ci-robot added ok-to-test Indicates a non-member PR verified by an org member that is safe to test. and removed needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. labels Jan 9, 2026
tenzen-y
tenzen-y reviewed Jan 9, 2026
View reviewed changes
Copy link
Member

@tenzen-y tenzen-y left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm
/approve

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Jan 9, 2026
@k8s-ci-robot
Copy link
Contributor

k8s-ci-robot commented Jan 9, 2026

LGTM label has been added.

DetailsGit tree hash: 6c531fca50a708b0f75e07f11289b05700b00260

@k8s-ci-robot
Copy link
Contributor

k8s-ci-robot commented Jan 9, 2026

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: dependabot[bot], tenzen-y

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jan 9, 2026
@tenzen-y
Copy link
Member

tenzen-y commented Jan 9, 2026

/release-note-none

@k8s-ci-robot k8s-ci-robot added release-note-none Denotes a PR that doesn't merit a release note. and removed do-not-merge/release-note-label-needed Indicates that a PR should not merge because it's missing one of the release note labels. labels Jan 9, 2026
@k8s-ci-robot k8s-ci-robot merged commit 5188c01 into main Jan 9, 2026
28 checks passed
@k8s-ci-robot k8s-ci-robot added this to the v0.16 milestone Jan 9, 2026
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/cmd/kueueviz/frontend/multi-d64369b380 branch January 9, 2026 02:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tenzen-y tenzen-y tenzen-y left review comments

@akram akram Awaiting requested review from akram

@PBundyra PBundyra Awaiting requested review from PBundyra

Assignees

@tenzen-y tenzen-y

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code lgtm "Looks good to me", indicates that a PR is ready to be merged. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. release-note-none Denotes a PR that doesn't merit a release note. size/M Denotes a PR that changes 30-99 lines, ignoring generated files.

Projects

None yet

Milestone

v0.16

Development

Successfully merging this pull request may close these issues.

4 participants

@k8s-ci-robot @sohankunkerkar @tenzen-y