Bump @remix-run/router and react-router-dom

[dependabot]

Bumps @remix-run/router to 1.23.2 and updates ancestor dependency react-router-dom. These dependencies need to be updated together.

Updates @remix-run/router from 1.20.0 to 1.23.2

Changelog

Sourced from @​remix-run/router's changelog.

1.23.2

Patch Changes

• Validate redirect locations (#14707)

1.23.1

Patch Changes

• Normalize double-slashes in resolvePath (#14537)

1.23.0

Minor Changes

• Add fetcherKey as a parameter to patchRoutesOnNavigation (#13109)

Patch Changes

• Fix regression introduced in 6.29.0 via #12169 that caused issues navigating to hash routes inside splat routes for applications using Lazy Route Discovery (patchRoutesOnNavigation) (#13108)

1.22.0

Minor Changes

• Provide the request signal as a parameter to patchRoutesOnNavigation (#12900)

  • This can be used to abort any manifest fetches if the in-flight navigation/fetcher is aborted

Patch Changes

• Do not log v7 deprecation warnings in production builds (#12794)
• Strip search parameters from patchRoutesOnNavigation path param for fetcher calls (#12899)
• Properly bubble headers when throwing a data() result (#12845)
• Optimize route matching by skipping redundant matchRoutes calls when possible (#12169)

1.21.1

Patch Changes

• • Fix issue with fetcher data cleanup in the data layer on fetcher unmount (#12674)
  • Fix behavior of manual fetcher keys when not opted into future.v7_fetcherPersist

1.21.0

Minor Changes

• • Log deprecation warnings for v7 flags (#11750)
  • Add deprecation warnings to json/defer in favor of returning raw objects

... (truncated)

Commits

• c662ca3 chore: Update version for release (#14713)
• 98ad691 chore: Update version for release (pre-v6) (#14710)
• 2fbb84c Validate redirect locations (v6) (#14707)
• 26b5d45 chore: Update version for release (#14541)
• 919f8a8 chore: Update version for release (pre-v6) (#14540)
• 69bf705 Normalize double slashes in resolvePath (#14537)
• e4ba522 chore: Update version for release (#13128)
• f0bc784 chore: Update version for release (pre-v6) (#13111)
• 2585e54 Add fetcherKey as parameter to patchRoutesOnNavigation (#13109)
• 4f93036 Fix hash issue for matchRoutes optimization (#13108)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​remix-run/router since your current version.

Updates react-router-dom from 6.27.0 to 6.30.3

Release notes

Sourced from react-router-dom's releases.

react-router-dom-v5-compat@6.4.0-pre.15

Patch Changes

• Updated dependencies
  • react-router@6.4.0-pre.15
  • react-router-dom@6.4.0-pre.15

Changelog

Sourced from react-router-dom's changelog.

v6.30.3

Date: 2026-01-07

Patch Changes

• Validate redirect locations (#14707)

Full Changelog: v6.30.2...v6.30.3

v6.30.2

Date: 2025-11-13

Patch Changes

• Normalize double-slashes in resolvePath (#14537)

Full Changelog: v6.30.1...v6.30.2

v6.30.1

Date: 2025-05-20

Patch Changes

• Partially revert optimization added in 6.29.0 to reduce calls to matchRoutes because it surfaced other issues (#13623)
• Stop logging invalid warning when v7_relativeSplatPath is set to false (#13502)

Full Changelog: v6.30.0...v6.30.1

v6.30.0

Date: 2025-02-27

Minor Changes

• Add fetcherKey as a parameter to patchRoutesOnNavigation (#13109)

Patch Changes

• Fix regression introduced in 6.29.0 via #12169 that caused issues navigating to hash routes inside splat routes for applications using Lazy Route Discovery (patchRoutesOnNavigation) (#13108)

Full Changelog: v6.29.0...v6.30.0

v6.29.0

Date: 2025-01-30

Minor Changes

... (truncated)

Commits

• c662ca3 chore: Update version for release (#14713)
• 98ad691 chore: Update version for release (pre-v6) (#14710)
• 26b5d45 chore: Update version for release (#14541)
• 919f8a8 chore: Update version for release (pre-v6) (#14540)
• 3f2400e chore: Update version for release (#13647)
• 25a264d chore: Update version for release (pre-v6) (#13638)
• e4ba522 chore: Update version for release (#13128)
• f0bc784 chore: Update version for release (pre-v6) (#13111)
• d9ed824 Fix up changelogs
• cc8b8ce chore: Update version for release (#12911)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for react-router-dom since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

---

Important

Update @remix-run/router to 1.23.2 and react-router-dom to 6.30.3.

• Dependencies:
  • Update @remix-run/router from 1.20.0 to 1.23.2.
  • Update react-router-dom from 6.27.0 to 6.30.3.

^{This description was created by for 2e6888c. You can customize this summary. It will automatically update as commits are pushed.}

---

📦 This PR updates React Router dependencies to their latest versions, bumping react-router-dom from 6.26.2 to 6.30.3 and its underlying @remix-run/router dependency from 1.20.0 to 1.23.2. This is an automated dependency update that brings important bug fixes and security improvements to the routing system.

🔍 Detailed Analysis

Key Changes

• Dependency Updates: Updated react-router-dom from version 6.26.2 to 6.30.3 in package.json
• Indirect Dependencies: Automatically updated @remix-run/router from 1.20.0 to 1.23.2 as a transitive dependency
• Security Fixes: Includes validation for redirect locations and path normalization improvements

Technical Implementation

flowchart TD
    A[react-router-dom 6.26.2] --> B[react-router-dom 6.30.3]
    C[@remix-run/router 1.20.0] --> D[@remix-run/router 1.23.2]
    B --> D
    E[Application Routing] --> B
    F[Bug Fixes & Security] --> D
    
    style B fill:#e1f5fe
    style D fill:#e8f5e8
    style F fill:#fff3e0

Loading

Impact

• Security Enhancement: Validates redirect locations to prevent potential security vulnerabilities
• Path Resolution: Normalizes double-slashes in path resolution for more consistent routing behavior
• Lazy Route Discovery: Improved support for patchRoutesOnNavigation with better fetcher key handling and signal support
• Performance: Optimized route matching by reducing redundant matchRoutes calls
• Developer Experience: Reduced v7 deprecation warnings in production builds

Created with Palmier

---

Summary by cubic

Upgrade react-router-dom to 6.30.3 and @remix-run/router to 1.23.2 to pick up safety checks and bug fixes, including better redirect validation and path handling.

• Dependencies
  • Updated react-router-dom to ^6.30.3 and @remix-run/router to 1.23.2.
  • Includes validated redirect targets and double-slash normalization in resolvePath.

^{Written for commit 2e6888c. Summary will update on new commits.}

[bolt-new-by-stackblitz]

Run & review this pull request in StackBlitz Codeflow.

[codesherlock-ai]

We could not run your PR Review. We noticed that you are part of an Org. We require everyone who is part of an Org to SignUp via GitHub so we can track your individual usage and maximize on your usage capacity. Enroll into CodeSherlock system by signing up via GitHub using the SignUp link. Also, please note — every user pays for their own usage.

[jazzberry-ai]

This repository is associated with RectiFlex whose free trial has ended. Subscribe at jazzberry.ai.
_{If this is an error contact us at support@jazzberry.ai.}

[entelligence-ai-pr-reviews]

Entelligence AI Vulnerability Scanner

Status: No security vulnerabilities found

Your code passed our comprehensive security analysis.

[entelligence-ai-pr-reviews]

---

🔗 Cross-Repository Impact Analysis

Enable automatic detection of breaking changes across your dependent repositories. → Set up now

Learn more about Cross-Repository Analysis

What It Does

• Automatically identifies repositories that depend on this code
• Analyzes potential breaking changes across your entire codebase
• Provides risk assessment before merging to prevent cross-repo issues

How to Enable

1. Visit Settings → Code Management
2. Configure repository dependencies
3. Future PRs will automatically include cross-repo impact analysis!

Benefits

• 🛡️ Prevent breaking changes across repositories
• 🔍 Catch integration issues before they reach production
• 📊 Better visibility into your multi-repo architecture

---

▶️ ⚡ AI Code Reviews for VS Code, Cursor, Windsurf
Install the extension

Note for Windsurf

Please change the default marketplace provider to the following in the windsurf settings:

Marketplace Extension Gallery Service URL: https://marketplace.visualstudio.com/_apis/public/gallery

Marketplace Gallery Item URL: https://marketplace.visualstudio.com/items

Entelligence.ai can learn from your feedback. Simply add 👍 / 👎 emojis to teach it your preferences. More shortcuts below

Emoji Descriptions:

• ⚠️ Potential Issue - May require further investigation.
• 🔒 Security Vulnerability - Fix to ensure system safety.
• 💻 Code Improvement - Suggestions to enhance code quality.
• 🔨 Refactor Suggestion - Recommendations for restructuring code.
• ℹ️ Others - General comments and information.

Interact with the Bot:

• Send a message or request using the format:
  @entelligenceai + *your message*

Example: @entelligenceai Can you suggest improvements for this code?

• Help the Bot learn by providing feedback on its responses.
  @entelligenceai + *feedback*

Example: @entelligenceai Do not comment on `save_auth` function !

Also you can trigger various commands with the bot by doing
@entelligenceai command

The current supported commands are

1. config - shows the current config
2. retrigger_review - retriggers the review

More commands to be added soon.

[ellipsis-dev]

Important

Looks good to me! 👍

Reviewed everything up to 2e6888c in 26 seconds. Click for details.

• Reviewed 13 lines of code in 1 files
• Skipped 1 files when reviewing.
• Skipped posting 1 draft comments. View those below.
• Modify your settings and rules to customize what types of comments Ellipsis leaves. And don't forget to react with 👍 or 👎 to teach Ellipsis.

1. package.json:63

• Draft comment:
  Bump of react-router-dom to version 6.30.3 appears correct. Please ensure that any usages dependent on the previous API (e.g., behavior around patchRoutesOnNavigation and lazy route discovery) have been verified against the updated version.
• Reason this comment was not posted:
  Comment did not seem useful. Confidence is useful = 0% <= threshold 50% This comment is asking the PR author to ensure that dependent usages are verified, which falls under the rule of not asking the author to ensure behavior is intended or tested. It does not provide a specific suggestion or point out a specific issue.

Workflow ID: wflow_Ip5TobGuVIROjByB

^{You can customize by changing your verbosity settings, reacting with 👍 or 👎, replying to comments, or adding code review rules.}

[cubic-dev-ai]

No issues found across 2 files

[openzeppelin-code]

Bump @remix-run/router and react-router-dom

Generated at commit: 2e6888cea37b20da55178ffef81816002875ce63

🚨 Report Summary

	Severity Level	Results
Contracts	Critical High Medium Low Note Total	0 0 0 0 0 0
Dependencies	Critical High Medium Low Note Total	0 0 0 0 0 0

---

For more details view the full report in OpenZeppelin Code Inspector