chore(deps): bump react from 19.2.3 to 19.2.7#154
Conversation
Bumps [react](https://github.com/facebook/react/tree/HEAD/packages/react) from 19.2.3 to 19.2.7. - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/react/react/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react) --- updated-dependencies: - dependency-name: react dependency-version: 19.2.7 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
Dependabot PR ReviewSummary: Patch bump —
|
Dependabot PR ReviewSummary: Patch bump — no breaking changes noted.
CI StatusNot clean: Holding off on approve/auto-merge until CI is clean per policy. This bump itself looks safe to merge once the systemic CI issue is resolved. Generated by Claude Code |
📸 Visual snapshotsScreenshots captured for this PR — view all artifacts.
|
FrancesCoronel
left a comment
There was a problem hiding this comment.
Patch version bump (react 19.2.3 → 19.2.7), no breaking changes noted. Core CI is green: Lint, Type check, Playwright, and Lighthouse all passed. Security audit and Claude Code Review failures are pre-existing/unrelated to this bump — Security audit is failing on already-known transitive vulnerabilities (markdown-it, postcss via next, undici) present on main regardless of this PR, and Claude Code Review fails because dependabot-triggered workflows aren't in the allowed_bots list (a CI config gap, not a code issue). Approving.
Generated by Claude Code
|
Approved, but Generated by Claude Code |
Bumps react from 19.2.3 to 19.2.7.
Release notes
Sourced from react's releases.
Changelog
Sourced from react's changelog.
Commits
6117d7cVersion 19.2.7 (#36591)eaf3e95Version 19.2.623f4f9f19.2.590ab3f8Version 19.2.4Maintainer changes
This version was pushed to npm by GitHub Actions, a new releaser for react since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)