chore(deps):(deps): bump react from 19.2.4 to 19.2.5#282
chore(deps):(deps): bump react from 19.2.4 to 19.2.5#282dependabot[bot] wants to merge 1 commit intomainfrom
Conversation
Bumps [react](https://github.com/facebook/react/tree/HEAD/packages/react) from 19.2.4 to 19.2.5. - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v19.2.5/packages/react) --- updated-dependencies: - dependency-name: react dependency-version: 19.2.5 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
dependencies
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 2 potential issues.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit eb53d5e. Configure here.
| "jszip": "^3.10.1", | ||
| "lucide-react": "^1.7.0", | ||
| "react": "^19.2.4", | ||
| "react": "^19.2.5", |
There was a problem hiding this comment.
react and react-dom version mismatch after bump
Medium Severity
react was bumped to ^19.2.5 (resolving to 19.2.5) but react-dom was left at ^19.2.4 (locked to 19.2.4). The React team strongly recommends keeping react and react-dom at identical versions, as they share internal modules and version mismatches can cause subtle runtime inconsistencies. Both dependencies need to be bumped together.
Additional Locations (1)
Reviewed by Cursor Bugbot for commit eb53d5e. Configure here.
| "dev": true, | ||
| "libc": [ | ||
| "glibc" | ||
| ], |
There was a problem hiding this comment.
Missing libc constraints for native Linux packages
Low Severity
The libc field (distinguishing glibc vs musl) was removed from numerous native platform-specific packages (@img/sharp-*, @rolldown/binding-*, lightningcss-*). On musl-based Linux environments (e.g., Alpine Docker containers), npm ci may attempt to install glibc-targeted binaries or vice versa, potentially causing build failures in CI.
Reviewed by Cursor Bugbot for commit eb53d5e. Configure here.
Bumps react from 19.2.4 to 19.2.5.
Release notes
Sourced from react's releases.
Commits
23f4f9f19.2.5Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)Note
Low Risk
Low risk dependency-only update; no application code changes, but runtime behavior could shift slightly due to the React patch release.
Overview
Bumps the
reactdependency from19.2.4to19.2.5inpackage.json.Updates
package-lock.jsonto resolve the new React version and normalizes metadata for several platform-specific optional packages (e.g., removal oflibcfields).Reviewed by Cursor Bugbot for commit eb53d5e. Bugbot is set up for automated code reviews on this repo. Configure here.