[security](deps-dev): Bump @radix-ui/react-focus-guards from 1.1.3 to 1.1.4#184
[security](deps-dev): Bump @radix-ui/react-focus-guards from 1.1.3 to 1.1.4#184dependabot[bot] wants to merge 1 commit into
Conversation
Bumps [@radix-ui/react-focus-guards](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/focus-guards) from 1.1.3 to 1.1.4. - [Changelog](https://github.com/radix-ui/primitives/blob/main/packages/react/focus-guards/CHANGELOG.md) - [Commits](https://github.com/radix-ui/primitives/commits/HEAD/packages/react/focus-guards) --- updated-dependencies: - dependency-name: "@radix-ui/react-focus-guards" dependency-version: 1.1.4 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
✅ Snyk checks have passed. No issues have been found so far.
💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse. |
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: b80f06d547
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| "@radix-ui/react-dismissable-layer": "^1.1.11", | ||
| "@radix-ui/react-dropdown-menu": "^2.1.16", | ||
| "@radix-ui/react-focus-guards": "^1.1.3", | ||
| "@radix-ui/react-focus-guards": "^1.1.4", |
There was a problem hiding this comment.
This direct Storybook bump does not actually remove the old package from the install graph: pnpm-lock.yaml still contains @radix-ui/react-focus-guards@1.1.3 and Radix overlay packages such as dialog/menu/popover/select still resolve to it (for example lockfile lines 9174, 9326, 9426, and 9590). In Storybook scenarios that render those overlays, pnpm can still install and execute the 1.1.3 focus-guard code, so the security/performance update remains incomplete unless the transitive resolutions are overridden or the dependent Radix packages are updated too.
Useful? React with 👍 / 👎.
1 participant
Bumps @radix-ui/react-focus-guards from 1.1.3 to 1.1.4.
Changelog
Sourced from @radix-ui/react-focus-guards's changelog.
Commits
Maintainer changes
This version was pushed to npm by GitHub Actions, a new releaser for
@radix-ui/react-focus-guardssince your current version.Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)