Skip to content

chore(deps-dev): bump react-router from 7.13.0 to 7.15.0#1919

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/react-router-7.15.0
Open

chore(deps-dev): bump react-router from 7.13.0 to 7.15.0#1919
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/react-router-7.15.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Jun 3, 2026
edited by cursor Bot
Loading

Bumps react-router from 7.13.0 to 7.15.0.

Release notes

Sourced from react-router's releases.

v7.15.0

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7150

v7.14.2

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7142

v7.14.1

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7141

v7.14.0

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7140

v7.13.2

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7132

v7.13.1

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7131

Changelog

Sourced from react-router's changelog.

v7.15.0

Minor Changes

  • Stabilize unstable_defaultShouldRevalidate as defaultShouldRevalidate on <Link>, <Form>, useLinkClickHandler, useSubmit, fetcher.submit, and setSearchParams (a993f09)

    • ⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly

  • Stabilize the instrumentation APIs. unstable_instrumentations is now instrumentations and unstable_pattern is now pattern (a993f09)

    • The unstable_ServerInstrumentation, unstable_ClientInstrumentation, unstable_InstrumentRequestHandlerFunction, unstable_InstrumentRouterFunction, unstable_InstrumentRouteFunction, and unstable_InstrumentationHandlerResult types have had their unstable_ prefixes removed
    • ⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly

  • Stabilize unstable_mask as mask on <Link>, useLinkClickHandler, and useNavigate, and rename the corresponding Location.unstable_mask field to Location.mask (a993f09)

    • ⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly

  • Stabilize the unstable_normalizePath option on staticHandler.query and staticHandler.queryRoute as normalizePath (a993f09)

    • ⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly

  • Stabilize future.unstable_passThroughRequests as future.v8_passThroughRequests (a993f09)

    • ⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly

  • Remove unstable_subResourceIntegrity from the runtime FutureConfig type; the flag is now controlled by the top-level subResourceIntegrity option in react-router.config.ts (a993f09)

    • ⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly

  • Stabilize unstable_url as url on loader, action, and middleware function args (a993f09)

    • ⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly

  • Stabilize unstable_useTransitions as useTransitions on <BrowserRouter>, <HashRouter>, <HistoryRouter>, <MemoryRouter>, <Router>, <RouterProvider>, <HydratedRouter>, and useLinkClickHandler (a993f09)

    • ⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly

Patch Changes

  • Add nonce to <Scripts> <link rel="modulepreload"> elements (if provided) (af5d49b)

  • Fix a bug with unstable_defaultShouldRevalidate={false} where parent routes that did not export a shouldRevalidate function could be incorrectly included in the single fetch call for new child route data (#15012)

  • Improve server-side route matching performance by pre-computing flattened/cached route branches (#14967) (af5d49b)

    • Performance benchmarks showed roughly a 10-15% improvement in server-side request handling performance

  • Mark mask as an optional field in Location for easier mocking in unit tests (#14999)

  • Cache flattened/ranked route branches to optimize server-side route matching (#14967)

  • Improve route matching performance in Framework/Data Mode (#14971) (af5d49b)

    • Avoiding unnecessary calls to matchRoutes in data router scenarios
      • This includes adding back the optimization that was removed in 7.6.0 (#13562)
      • The issues that prompted the revert have been addressed by using the available router matches but always updating match.route to the latest route in the manifest
    • Leverage pre-computed pre-computing flattened/cached route branches during client side route matching
    • Performance benchmarks showed roughly a 15-30% improvement in server-side request handling performance

v7.14.2

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Note

Low Risk
Version-only change with no repo source edits; low risk here, though downstream apps on react-router unstable APIs would need renames per 7.15 release notes.

Overview
Dependency-only bump of react-router from 7.13.0 to 7.15.0 across the root workspace, @launchpad-ui/components, and @launchpad-ui/navigation (dev and peer entries), with pnpm-lock.yaml updated accordingly.

Transitive deps pulled in with the new router version include cookie 1.1.1 and set-cookie-parser 2.7.2 (replacing 1.0.2 / 2.7.1). There are no application or library source changes in this diff.

For consumers of this design system: 7.15.0 mainly stabilizes previously unstable_* APIs and adds routing performance fixes; that only matters if downstream apps opted into those unstable APIs. In-repo usage is limited to common APIs (BrowserRouter, MemoryRouter, useHref, useNavigate, Link-related types) with no unstable_ references found.

Reviewed by Cursor Bugbot for commit 3a05fe5. Bugbot is set up for automated code reviews on this repo. Configure here.

@dependabot
chore(deps-dev): bump react-router from 7.13.0 to 7.15.0
3a05fe5 
Bumps [react-router](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router) from 7.13.0 to 7.15.0.
- [Release notes](https://github.com/remix-run/react-router/releases)
- [Changelog](https://github.com/remix-run/react-router/blob/main/packages/react-router/CHANGELOG.md)
- [Commits](https://github.com/remix-run/react-router/commits/react-router@7.15.0/packages/react-router)

---
updated-dependencies:
- dependency-name: react-router
  dependency-version: 7.15.0
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 3, 2026
@dependabot dependabot Bot requested a review from a team as a code owner June 3, 2026 21:50
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 3, 2026
@changeset-bot
Copy link
Copy Markdown

changeset-bot Bot commented Jun 3, 2026

⚠️ No Changeset found

Latest commit: 3a05fe5

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@dependabot dependabot Bot mentioned this pull request Jun 3, 2026
Closed
@pkg-pr-new
Copy link
Copy Markdown

pkg-pr-new Bot commented Jun 3, 2026 

yarn add https://pkg.pr.new/@launchpad-ui/components@1919.tgz

yarn add https://pkg.pr.new/@launchpad-ui/icons@1919.tgz

yarn add https://pkg.pr.new/@launchpad-ui/tokens@1919.tgz

commit: 3a05fe5

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants