Skip to content

Update radix-ui 1.0.1 → 1.4.3 and patch CVE-2025-55182, CVE-2025-66478 #264

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Copilot wants to merge 2 commits into
base: depfu/update/npm/radix-ui-1.4.3
Choose a base branch
from
Open

Update radix-ui 1.0.1 → 1.4.3 and patch CVE-2025-55182, CVE-2025-66478 #264

Copilot wants to merge 2 commits into from

Conversation

Copy link

Copilot AI commented Dec 4, 2025
edited
Loading

Upgrades radix-ui packages and patches critical React Server Components vulnerabilities affecting React 19 and Next.js 15/16.

Security Fixes

Type Definitions

  • @types/react: 18.3.5 → 19.0.0
  • @types/react-dom: 18.3.0 → 19.0.0

Radix UI Updates

Comprehensive update of radix-ui primitives from 1.0.1 to 1.4.3, including version bumps for:

  • react-hover-card, react-label, react-navigation-menu, react-radio-group, react-slider, react-tooltip
  • All indirect dependencies (accordion, alert-dialog, avatar, checkbox, dropdown-menu, select, tabs, toast, toggle, etc.)

New components added: react-form, react-menubar, react-one-time-password-field, react-password-toggle-field

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

@changeset-bot
Copy link

changeset-bot bot commented Dec 4, 2025
edited
Loading

⚠️ No Changeset found

Latest commit: e5cf2e3

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

Copilot AI mentioned this pull request Dec 4, 2025
Open
@vercel
Copy link
Contributor

vercel bot commented Dec 4, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Preview Comments Updated (UTC)
mindect Error Error Dec 4, 2025 11:21am

@Gitstar-OC
Update React to 19.2.1 and Next.js to 15.5.7 for security fixes (CVE-…
e5cf2e3 
…2025-55182, CVE-2025-66478)

Co-authored-by: Gitstar-OC <152989429+Gitstar-OC@users.noreply.github.com>
Copy link
Author

Copilot AI commented Dec 4, 2025

Just as a heads up, I was blocked by some firewall rules while working on your feedback. Expand below for details.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

  • fonts.googleapis.com
    • Triggering command: /usr/local/bin/node node /home/REDACTED/work/Mindect/Mindect/node_modules/.bin/next build (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

Copilot AI changed the title [WIP] Update radix-ui and related packages to latest versions Update radix-ui 1.0.1 → 1.4.3 and patch CVE-2025-55182, CVE-2025-66478 Dec 4, 2025
Copilot AI requested a review from Gitstar-OC December 4, 2025 11:23
@Gitstar-OC Gitstar-OC marked this pull request as ready for review December 4, 2025 11:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@Gitstar-OC Gitstar-OC Gitstar-OC approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@Gitstar-OC Gitstar-OC

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Gitstar-OC