Skip to content

Bump @types/react from 19.2.9 to 19.2.14#659

Merged
guibranco merged 1 commit intomainfrom
dependabot/npm_and_yarn/types/react-19.2.14
Apr 2, 2026
Merged

Bump @types/react from 19.2.9 to 19.2.14#659
guibranco merged 1 commit intomainfrom
dependabot/npm_and_yarn/types/react-19.2.14

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Feb 16, 2026
edited
Loading

Bumps @types/react from 19.2.9 to 19.2.14.

Commits

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Feb 16, 2026

Labels

The following labels could not be found: npm. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot added the dependencies Dependencies label Feb 16, 2026
@dependabot dependabot Bot mentioned this pull request Feb 16, 2026
Closed
@github-actions github-actions Bot added the size/S Denotes a PR that changes 10-29 lines, ignoring generated files. label Feb 16, 2026
@socket-security
Copy link
Copy Markdown

socket-security Bot commented Feb 16, 2026
edited
Loading

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Updated@​types/​react@​19.2.9 ⏵ 19.2.14100 +110079 +192100

View full report

@socket-security
Copy link
Copy Markdown

socket-security Bot commented Feb 16, 2026
edited
Loading

Caution

Review the following alerts detected in dependencies.

According to your organization's Security Policy, you must resolve all "Block" alerts before proceeding. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Block Low
Embedded URLs or IPs: npm @types/react

URLs: https://developer.mozilla.org/en-US/docs/Web/API/View_Transition_API, https://react.dev/reference/react-dom/components/common#ref-callback, https://react.dev/reference/react/Component#static-contexttype, https://react.dev/reference/react/Component#context, https://www.typescriptlang.org/docs/handbook/2/conditional-types.html#distributive-conditional-types, https://github.com/microsoft/TypeScript/issues/28339, https://react.dev/reference/react/useContext, https://react.dev/reference/react/useState, https://react.dev/reference/react/useReducer, https://react.dev/reference/react/useRef, https://react.dev/reference/react/useLayoutEffect, https://react.dev/reference/react/useEffect, https://react.dev/reference/react/useEffectEvent, https://react.dev/reference/react/useImperativeHandle, https://react.dev/reference/react/useDebugValue, https://github.com/facebook/react/pull/21913, https://github.com/reactwg/react-18/discussions/86, https://react.dev/reference/react/Activity, https://react.dev/reference/react/captureOwnerStack, https://github.com/DefinitelyTyped/DefinitelyTyped/issues/11508#issuecomment-256045682, https://github.com/frenic/csstype#what-should-i-do-when-i-get-type-errors, https://www.w3.org/TR/wai-aria-1.1/

Location: Package overview

From: package-lock.jsonnpm/@types/react@19.2.14

ℹ Read more on: This package | This alert | What are URL strings?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Review all remote URLs to ensure they are intentional, pointing to trusted sources, and not being used for data exfiltration or loading untrusted code at runtime.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@types/react@19.2.14. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

@guibranco guibranco enabled auto-merge (squash) February 16, 2026 07:28
@gstraccini gstraccini Bot added the ☑️ auto-merge Automatic merging of pull requests (gstraccini-bot) label Feb 16, 2026
guibranco
guibranco approved these changes Feb 16, 2026
View reviewed changes
Copy link
Copy Markdown
Owner

@guibranco guibranco left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Automatically approved by gstraccini[bot]

@gstraccini gstraccini Bot added the 🤖 bot Automated processes or integrations label Feb 16, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/types/react-19.2.14 branch from be546cd to c576af8 Compare February 25, 2026 16:04
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/types/react-19.2.14 branch 2 times, most recently from 0eede9e to edabf97 Compare March 13, 2026 10:43
@guibranco
Copy link
Copy Markdown
Owner

guibranco commented Apr 2, 2026

@dependabot recreate

@dependabot
Bump @types/react from 19.2.9 to 19.2.14
553d3b2 
Bumps [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) from 19.2.9 to 19.2.14.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react)

---
updated-dependencies:
- dependency-name: "@types/react"
  dependency-version: 19.2.14
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/types/react-19.2.14 branch from aafb428 to 553d3b2 Compare April 2, 2026 11:53
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Apr 2, 2026

Infisical secrets check: ✅ No secrets leaked!

💻 Scan logs 
2026-04-02T11:54:08Z INF scanning for exposed secrets...
11:54AM INF 742 commits scanned.
2026-04-02T11:54:08Z INF scan completed in 521ms
2026-04-02T11:54:08Z INF no leaks found

@codacy-production
Copy link
Copy Markdown

codacy-production Bot commented Apr 2, 2026

Up to standards ✅

🟢 Issues 0 issues

Results:
0 new issues

View in Codacy

🟢 Metrics 0 complexity · 0 duplication

Metric Results
Complexity 0
Duplication 0

View in Codacy

TIP This summary will be updated as you push new changes. Give us feedback

@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented Apr 2, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@guibranco guibranco merged commit 32772a2 into main Apr 2, 2026
18 of 19 checks passed
@guibranco guibranco deleted the dependabot/npm_and_yarn/types/react-19.2.14 branch April 2, 2026 11:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@guibranco guibranco guibranco approved these changes

@gstraccini gstraccini[bot] gstraccini[bot] approved these changes

Assignees

@guibranco guibranco

Labels

☑️ auto-merge Automatic merging of pull requests (gstraccini-bot) 🤖 bot Automated processes or integrations dependencies Dependencies size/S Denotes a PR that changes 10-29 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@guibranco