chore: upgrade react-router-dom v5 to v6 in examples#402
Closed
kparkinson-ld wants to merge 1 commit into
Closed
Conversation
Migrate both example apps from react-router-dom v5 to v6:
- Switch -> Routes
- Route component={X} -> Route element={<X />}
- Redirect -> Navigate
- StaticRouter moved to react-router-dom/server
- Remove context prop from StaticRouter (removed in v6)
Resolves path-to-regexp Dependabot alerts (#228, #227) by removing
the transitive dependency on the vulnerable path-to-regexp 1.x.
Contributor
🤖 Devin AI EngineerI'll be helping with this pull request! Here's what you should know: ✅ I will automatically:
Note: I can only respond to comments from users who have write access to this repository. ⚙️ Control Options:
|
3 tasks
devin-ai-integration
Bot
changed the title
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Requirements
Related issues
Resolves Dependabot alerts #228, #227 (path-to-regexp ReDoS vulnerability).
Describe the solution you've provided
Upgrades
react-router-domfrom v5 to v6 in both example apps (examples/async-provider,examples/hoc), migrating the router API:Switch→Routes<Route component={X}>→<Route element={<X />}><Redirect>→<Navigate replace>StaticRouterimport moved fromreact-router-domtoreact-router-dom/servercontextprop fromStaticRouter(dropped in v6)This eliminates the transitive dependency on
path-to-regexp@1.x(vulnerable to ReDoS).Additional context
The
async-providerexample still has onepath-to-regexp@1.9.0fromwebpack-serve→koa-route, which will be addressed separately in a follow-up PR removinguniversal-hot-reloadandwebpack-serve.Link to Devin session: https://app.devin.ai/sessions/381e0dd095a446e49ba0e8a9c9022c0c
Requested by: @kparkinson-ld
Note
Low Risk
Example-app-only dependency and routing API changes with no impact on the published SDK or production services.
Overview
Upgrades
react-router-domfrom v5 to ^6.0.0 in theasync-providerexample and updates routing to the v6 API.In
app.js,Switchis replaced withRoutes, routes useelement={<Component />}instead ofcomponent={Component}, and the/homeredirect usesNavigatewithreplaceinstead ofRedirect. This aligns the sample app with React Router 6 and removes the vulnerablepath-to-regexp@1.xchain that came with v5 (Dependabot ReDoS alerts).Reviewed by Cursor Bugbot for commit b3a22e7. Bugbot is set up for automated code reviews on this repo. Configure here.