[Snyk] Upgrade: , jotai, lucide-react, react-hook-form, react-router-dom, tailwind-merge

[DimitriRomano]

Snyk has created this PR to upgrade multiple dependencies.

👯‍♂ The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name	Versions	Released on

@tanstack/react-query
from 5.52.1 to 5.52.2 | 1 version ahead of your current version | 22 days ago
on 2024-08-26
jotai
from 2.8.3 to 2.9.3 | 5 versions ahead of your current version | a month ago
on 2024-08-13
lucide-react
from 0.383.0 to 0.436.0 | 47 versions ahead of your current version | 23 days ago
on 2024-08-25
react-hook-form
from 7.52.2 to 7.53.0 | 1 version ahead of your current version | 24 days ago
on 2024-08-24
react-router-dom
from 6.23.1 to 6.26.1 | 13 versions ahead of your current version | a month ago
on 2024-08-15
tailwind-merge
from 2.3.0 to 2.5.2 | 28 versions ahead of your current version | a month ago
on 2024-08-12

Release notes

Package name: @tanstack/react-query

• 5.52.2 - 2024-08-26
  

  Version 5.52.2 - 8/26/24, 5:54 PM

  Changes

  Fix

  • types: error booleans shouldn"t permanently be typed as false (#7956) (b93941d) by Dominik Dorfmeister

  Chore

  • remove unused .all-contributorsrc (#7949) (8cf7e2f) by @ manudeli
  • angular-query: add type tests for injectQuery (#7947) (73258c6) by Arnoud

  Examples

  • svelte-query: fix svelte auto-refetching styling (#7951) (519759d) by Lachlan Collins

  Packages

  • @ tanstack/query-core@5.52.2
  • @ tanstack/react-query@5.52.2
  • @ tanstack/solid-query@5.52.2
  • @ tanstack/angular-query-experimental@5.52.2
  • @ tanstack/query-broadcast-client-experimental@5.52.2
  • @ tanstack/query-persist-client-core@5.52.2
  • @ tanstack/query-sync-storage-persister@5.52.2
  • @ tanstack/react-query-devtools@5.52.2
  • @ tanstack/react-query-persist-client@5.52.2
  • @ tanstack/react-query-next-experimental@5.52.2
  • @ tanstack/solid-query-devtools@5.52.2
  • @ tanstack/solid-query-persist-client@5.52.2
  • @ tanstack/svelte-query@5.52.2
  • @ tanstack/svelte-query-devtools@5.52.2
  • @ tanstack/svelte-query-persist-client@5.52.2
  • @ tanstack/vue-query@5.52.2
  • @ tanstack/vue-query-devtools@5.52.2
  • @ tanstack/angular-query-devtools-experimental@5.52.2
  • @ tanstack/query-async-storage-persister@5.52.2
• 5.52.1 - 2024-08-22
  

  Version 5.52.1 - 8/22/24, 4:37 PM

  Changes

  Fix

  • react-query: Add missing React 19 peer dependency. (#7937) (ca2e306) by @ kbumsik

  Docs

  • make copyable example useful by default (#7928) (639363c) by Lanre Adelowo

  Packages

  • @ tanstack/react-query@5.52.1
  • @ tanstack/react-query-devtools@5.52.1
  • @ tanstack/react-query-persist-client@5.52.1
  • @ tanstack/react-query-next-experimental@5.52.1

from @tanstack/react-query GitHub release notes

Package name: jotai

• 2.9.3 - 2024-08-13
  

  This fixes a regression in an edge case that is introduced in v2.6.4.

  What's Changed

  • fix(store): derived atom not updating when its value changes if another atom is read it conditionally by @ yuneco in #2700
  • experimental(core): expose unstable_derive by @ dai-shi in #2652

  New Contributors

  • @ yuneco made their first contribution in #2700

  Full Changelog: v2.9.2...v2.9.3

• 2.9.2 - 2024-08-07
  

  A small improvement in atomFamily for edge use cases.

  What's Changed

  • feat(utils): atomFamily supports getParams and unstable_listen api by @ dmaskasky in #2685

  New Contributors

  • @ junkboy0315 made their first contribution in #2694

  Full Changelog: v2.9.1...v2.9.2

• 2.9.1 - 2024-07-23
  

  This patch version includes various fixes. Huge thanks to contributors!

  What's Changed

  • refactor(core): follow naming convention by @ dai-shi in #2662
  • refactor(core): store with Object.assign by @ dai-shi in #2663
  • fix(core): atom toString includes debugLabel in dev mode by @ dmaskasky in #2659
  • fix(core): Unmount an atom that is no longer dependent within a derived atom by @ nogaten in #2660
  • fix(types): add undefined initial value to Atom definition by @ rtritto in #2668

  New Contributors

  • @ rtritto made their first contribution in #2668

  Full Changelog: v2.9.0...v2.9.1

• 2.9.0 - 2024-07-09
  

  This version introduces a new core implementation. All tests are passing but there can be some regressions due to missing tests. Please feel free to report such cases and let's improve test coverage.

  The benefit with the new implementation:

  • Fix memory leak issue with vanilla store usage.
  • More readability of the core code.

  What's Changed

  • feat: use new store by default by @ dai-shi in #2641

  Full Changelog: v2.8.4...v2.9.0

• 2.8.4 - 2024-06-28
  

  This changes the behavior of async atom with abort signal on unmount to fix some use cases.

  What's Changed

  • fix: do not abort atoms on unmount by @ Pinpickle in #2627

  New Contributors

  • @ tcpdumppy made their first contribution in #2602
  • @ GregorGabric made their first contribution in #2605
  • @ ideabrian made their first contribution in #2614

  Full Changelog: v2.8.3...v2.8.4

• 2.8.3 - 2024-06-03
  

  The improvement for atomWithStorage in v2.8.2 contained a bug, which is fixed in this version.

  What's Changed

  • fix(utils): subscribe method of createJSONStorage should only run in the client by @ mhsattarian in #2585
  • feat(store2): add dev4_get_mounted_atoms by @ arjunvegda in #2594

  New Contributors

  • @ leo-diehl made their first contribution in #2590

  Full Changelog: v2.8.2...v2.8.3

from jotai GitHub release notes

Package name: lucide-react

• 0.436.0 - 2024-08-25
  

  Modified Icons 🔨

  • backpack (#2406) by @ jguddas
• 0.435.0 - 2024-08-23
  

  Modified Icons 🔨

  • milestone (#2281) by @ jguddas
  • signpost (#2281) by @ jguddas
• 0.434.0 - 2024-08-23
  

  New icons 🎨

  • volume-off (#2378) by @ karsa-mistmere

  Modified Icons 🔨

  • file-volume (#2378) by @ karsa-mistmere
  • volume-1 (#2378) by @ karsa-mistmere
  • volume-2 (#2378) by @ karsa-mistmere
  • volume-x (#2378) by @ karsa-mistmere
  • volume (#2378) by @ karsa-mistmere
• 0.433.0 - 2024-08-23
  

  New icons 🎨

  • trending-up-down (#2372) by @ Alportan

  Fixes Lucide Solid

  • Fixed compilation issues when starting up Vite Dev server by @ ericfennis in #2375
• 0.432.0 - 2024-08-23
  

  New icons 🎨

  • chart-gantt (#2392) by @ jguddas

  Modified Icons 🔨

  • contact-round (#2391) by @ jguddas
  • contact (#2391) by @ jguddas
• 0.429.0 - 2024-08-21
• 0.428.0 - 2024-08-16
• 0.427.0 - 2024-08-09
• 0.426.0 - 2024-08-08
• 0.425.0 - 2024-08-08
• 0.424.0 - 2024-08-02
• 0.423.0 - 2024-08-02
• 0.422.0 - 2024-08-02
• 0.421.0 - 2024-08-02
• 0.420.0 - 2024-08-02
• 0.419.0 - 2024-08-01
• 0.418.0 - 2024-07-31
• 0.417.0 - 2024-07-28
• 0.416.0 - 2024-07-25
• 0.415.0 - 2024-07-25
• 0.414.0 - 2024-07-22
• 0.413.0 - 2024-07-22
• 0.412.0 - 2024-07-20
• 0.411.0 - 2024-07-19
• 0.410.0 - 2024-07-19
• 0.409.0 - 2024-07-19
• 0.408.0 - 2024-07-12
• 0.407.0 - 2024-07-09
• 0.406.0 - 2024-07-09
• 0.405.0 - 2024-07-09
• 0.404.0 - 2024-07-09
• 0.403.0 - 2024-07-08
• 0.402.0 - 2024-07-08
• 0.401.0 - 2024-07-07
• 0.400.0 - 2024-07-01
• 0.399.0 - 2024-06-28
• 0.398.0 - 2024-06-28
• 0.397.0 - 2024-06-26
• 0.396.0 - 2024-06-21
• 0.395.0 - 2024-06-14
• 0.394.0 - 2024-06-10
• 0.391.0 - 2024-06-10
• 0.390.0 - 2024-06-06
• 0.387.0 - 2024-06-06
• 0.386.0 - 2024-06-06
• 0.385.0 - 2024-06-06
• 0.384.0 - 2024-06-06
• 0.383.0 - 2024-06-02

from lucide-react GitHub release notes

Package name: react-hook-form

• 7.53.0 - 2024-08-24
  

  🌫️ feat: #12148 support isValid when mode is set to onBlur (#12194)

  // update formstate isValid with onBlur event
  const { formState: { isValid } } = useForm({
    mode: 'onBlur'
  })

  🐞 fix #12021 issue with disable prop not reflecting on re-render without trigger by useEffect (#12193)
  👩‍🌾 close #12168 optimise re-render with validating fields subscription (#12192)
  🐞 fix #12127 issue with compare object value changed with object input (#12185)
  🎲 improve : break out of recursive loops on first focus (#11827)
  📖 fix example of ObjectKeys type (#11965)

  thanks to @ suke & @ DPflasterer

• 7.52.2 - 2024-08-03
  

  👍 close #12108 useController should subscribe to exact field name of form's state (#12109)
  👍 chore: upgrade app deps
  🩻 fix: add useCallback for ref callback (#12078)
  🚀 fix: skip call executeBuiltInValidation if no sub-fields left (#12054)

  thanks to @ newsiberian, @ Wendystraite and @ abnud11

from react-hook-form GitHub release notes

Package name: react-router-dom

• 6.26.1 - 2024-08-15
  

  react-router-native@6.26.1

• 6.26.1-pre.0 - 2024-08-14
  

  react-router-native@6.26.1-pre.0

• 6.26.0 - 2024-08-01
• 6.26.0-pre.1 - 2024-07-31
• 6.26.0-pre.0 - 2024-07-30
• 6.25.1 - 2024-07-17
• 6.25.1-pre.0 - 2024-07-17
• 6.25.0 - 2024-07-16
• 6.25.0-pre.0 - 2024-07-12
• 6.24.1 - 2024-07-03
• 6.24.1-pre.0 - 2024-07-01
• 6.24.0 - 2024-06-24
• 6.24.0-pre.0 - 2024-06-14
• 6.23.1 - 2024-05-10

from react-router-dom GitHub release notes

Package name: tailwind-merge

• 2.5.2 - 2024-08-12
  

  Sorry for all the bugs today!

  Bug Fixes

  • Fix multiline input not working anymore by @ dcastil in #459

  Full Changelog: v2.5.1...v2.5.2

  Thanks to @ brandonmcconnell, @ manavm1990, @ langy, @ jamesreaco and @ jamaluddinrumi for sponsoring tailwind-merge! ❤️

• 2.5.2-dev.a9aa5911cc624d0ddd2ee81bcce00b932a437aea - 2024-08-30
• 2.5.2-dev.a72f2f474fbba41c9940d3c9737cd3ad431d68da - 2024-08-12
• 2.5.2-dev.9a68667c3a6710512dedcee4e74cbd60dbe57f38 - 2024-09-02
• 2.5.2-dev.34753fec69281e1f001a4129b6518b2e589eb28f - 2024-08-18
• 2.5.2-dev.1bed05d40bc8f053548fb85c40eeaac60e0234ef - 2024-08-18
• 2.5.2-dev.0c74ac3cababfa706594629e5244995535ca70a1 - 2024-08-18
• 2.5.1 - 2024-08-12
  

  Bug Fixes

  • Fix space at beginning of input causing infinite loop by @ dcastil in #457

  Full Changelog: v2.5.0...v2.5.1

  Thanks to @ brandonmcconnell, @ manavm1990, @ langy, @ jamesreaco and @ jamaluddinrumi for sponsoring tailwind-merge! ❤️

• 2.5.1-dev.c795f4bcf2ef5a80b735db30d20f96b49a14ae57 - 2024-08-12
• 2.5.1-dev.a9ebe22aaea320d0894ce4255eaffcb6b2d1a649 - 2024-08-12
• 2.5.1-dev.0f0f53e1b3d930b21560eea24b467e0870854f52 - 2024-08-12
• 2.5.1-dev.056b2a31bf7d9244aa97cc859e110bdbae6723e5 - 2024-08-12
• 2.5.0 - 2024-08-11
  

  New Features

  • Performance improvements in mergeClassList by @ XantreDev in #450 and @ rortan134 in #445
  • Use arrow functions where possible to help with minification by @ VIKTORVAV99 in #449

  Bug Fixes

  • Fix bg-opacity arbitrary percentages not being recognized properly by @ dcastil in #451

  Full Changelog: v2.4.0...v2.5.0

  Thanks to @ brandonmcconnell, @ manavm1990, @ langy and @ jamesreaco for sponsoring tailwind-merge! ❤️

• 2.5.0-dev.bceb688b56d9e901493eb53cbb236c6767b27818 - 2024-08-11
• 2.5.0-dev.b42e5961db46b205575bf54414d4f00a9ed81c23 - 2024-08-11
• 2.5.0-dev.80d01a1abb4d048841c8757da10bb9c0e5c441c8 - 2024-08-12
• 2.5.0-dev.41e589bb317c8203857f9293af64c6c9cbf3ddf7 - 2024-08-12
• 2.5.0-dev.0ba31f3c3d64f1f4c334d97ec569d6a2ece5c759 - 2024-08-11
• 2.4.0 - 2024-07-07
  

  New Features

  • Allow hooking into class parsing logic (experimental) by @ dcastil in #444
    • There is no info to this in the docs because this is experimental, but there is a new experimentalParseClassName property in the config that allows you to customize how tailwind-merge recognizes classes. If you're interested, you can read how to use it in the inline JSDocs and subscribe to #385 for upcoming more powerful low-level functionality.
  • Create security policy by @ dcastil in #439
    • Added documentation on how to report potential vulnerabilities
  • Avoid @ babel/runtime dependency by @ dcastil in #431
    • Now no dependencies in tailwind-merge anymore. This dependency was only used in the tailwind-merge/es5 bundle anyway which I don't optimize for.

  Documentation

  • Comment/typo fixes by @ barvian in #443
  • Fix typo in doc/recipes.md by @ dsernst in #428
  • Add tailwind-merge-dotnet to similar packages by @ desmondinho in #415

  Other

  • Added GitHub Action that adds context-v2 label to every issue, discussion and PR by @ Pritam1211 in #434
  • Replace size-limit action with own metrics-report action by @ dcastil in #433

  Full Changelog: v2.3.0...v2.4.0

  Thanks to @ brandonmcconnell, @ manavm1990, @ langy, @ jamesreaco and @ microsoft for sponsoring tailwind-merge! ❤️

• 2.4.0-dev.f745ace15e9a8cdf7815d9972858e5940c8db8b7 - 2024-07-07
• 2.4.0-dev.f3b5d4a2acc36bef2a58f30c9808f3874fafc76d - 2024-07-29
• 2.4.0-dev.4e3c37aebdee0d2619aed25af271f7f1482ce5c2 - 2024-07-07
• 2.4.0-dev.488f9130f2ccc3696d37060104f967401b56da74 - 2024-07-29
• 2.4.0-dev.38db48d362b45aab9ba7e2e05aef4c36abab6edb - 2024-07-24
• 2.4.0-dev.31722ed18ba0f6f2edfe65a469664adb8ef2a77a - 2024-07-29
• 2.4.0-dev.29b7592b391e73a0bd3bac75fc68b2ce12f65fef - 2024-08-11
• 2.4.0-dev.1d82a24b93b50392a3a3ed22281d5b18130b5fab - 2024-07-29
• 2.4.0-dev.0a332483114bb4ab4ec002262968ced86200ae23 - 2024-08-01
• 2.3.0 - 2024-04-19
  

  New Features

  • Add support for mix-blend-plus-darker utility by @ dcastil