Bump react-hook-form from 7.49.2 to 7.53.0

dependabot[bot] commented 1 month ago

Bumps react-hook-form from 7.49.2 to 7.53.0.

Release notes

Sourced from react-hook-form's releases.

Version 7.53.0

🌫️ feat: #12148 support isValid when mode is set to onBlur (#12194)
// update formstate isValid with onBlur event
const { formState: { isValid } } = useForm({
  mode: 'onBlur'
})
🐞 fix #12021 issue with disable prop not reflecting on re-render without trigger by useEffect (#12193) 👩‍🌾 close #12168 optimise re-render with validating fields subscription (#12192) 🐞 fix #12127 issue with compare object value changed with object input (#12185) 🎲 improve : break out of recursive loops on first focus (#11827) 📖 fix example of ObjectKeys type (#11965)

thanks to @suke & @DPflasterer

Version 7.52.2

👍 close #12108 useController should subscribe to exact field name of form's state (#12109) 👍 chore: upgrade app deps 🩻 fix: add useCallback for ref callback (#12078) 🚀 fix: skip call executeBuiltInValidation if no sub-fields left (#12054)

thanks to @newsiberian, @Wendystraite and @abnud11

Version 7.52.1

🐞 fix #12024 dirty not update issue with values prop (#12041) 🐞 fix: field array validate rules shift errors (#12033)

thanks to @JardelCheung

Version 7.52.0

⚛️ close #11932 enable react 19 peer dependency (#11935) 👮‍♀️ close #11954 getFieldState remove unnessaried inValidating and touched subscription (#11995) 🐞 fix #11985 logic createFormControl check field before usage (#11986) ⌨️ fix: enforce type safety for deps property in RegisterOptions (#11969) 🐞 fix #11922 keep dirty on reset with dirty fields (#11958) 🚔 close #11937 add validation in the cleanup process in useController (#11938) Revert "⌨️ close: correct type of error field in getFieldState return object (#11831)" 📖 fix: change info.values type in WatchObserver (#11917)

thanks to @nakaakist, @IdoBouskila, @pincy and @peinguin

Version 7.51.5

📖 fix broken link to examples in README.md (#11805) ⌨️ close: correct type of error field in getFieldState return object (#11831) 🐞 fix #11842 radio buttons not disabled when multiple share a name (#11873) 🐞 fix #11821 set value with disabled false before mount (#11880) 🐞 fix setError to preserve existing errors elsewhere in the object (#11888)

... (truncated)

Changelog

Sourced from react-hook-form's changelog.

[7.53.0] - 2024-8-31

Added

add support for onBlur with formState isValid

Changed

validateFields will only trigger re-render for async validation

[7.51.0] - 2024-3-2

Added

added 'validateFields' to formState
const { formState: { validateFields } } = useForm();
[7.49.0] - 2023-12-10

Added

add reactive errors prop at useForm
useForm({
  errors, // Server errors
});
[7.48.0] - 2023-11-05

Added

added new disabled prop for useForm to disable the entire form
const App = () => {
  const [disabled, setDisabled] = useState(false);
  const { handleSubmit } = useForm({ disabled });
return (
<form
onSubmit={handleSubmit(async () => {
setDisabled(true);
await sleep(100);
setDisabled(false);
})}
</tr></table>

... (truncated)

Commits

35e2d77 7.53.0
81f472c 🌫️ close #12148 support isValid when mode is set to onBlur (#12194)
7b61061 🐞 fix #12021 issue with disable prop not reflect on re-render without trigger...
829d492 👩‍🌾 close #12168 optimise re-render with validating fields subscription (#12192)
ba50380 🐞 fix #12127 issue with compare object value changed with object input (#12185)
e069d69 🎲 improve : break out of recursive loops on first focus (#11827)
3e3f3b5 📖 fix example of ObjectKeys type (#11965)
ea0f3ed ❤️ thank you so much for Route4Me Route Planner sponsor
c912450 7.52.2
52a0908 👌 chore: upgrade codeql github workflow (#12131)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dryrunsecurity[bot] commented 1 month ago

DryRun Security Summary

The pull request updates the react-hook-form dependency in the package.json file from version 7.49.2 to 7.53.0, which is generally a positive change as it indicates the developers are keeping their dependencies up-to-date and addressing potential security vulnerabilities or bug fixes.

Expand for full summary

**Summary:** The code change in this pull request is an update to the `react-hook-form` dependency in the `package.json` file, where the version is being updated from `7.49.2` to `7.53.0`. From an application security perspective, this update is generally a positive change, as it indicates the developers are keeping their dependencies up-to-date and addressing any potential security vulnerabilities or bug fixes. The `react-hook-form` library is a popular and widely-used form management library for React, and keeping it up-to-date is important for maintaining the security and stability of the application. However, it's always a good practice to review the release notes or change log for the new version of the dependency to understand what has changed and whether there are any potential security implications or breaking changes that need to be addressed. In this case, the version change from `7.49.2` to `7.53.0` suggests there may be several minor releases in between, and it would be prudent to review the release notes to understand the changes and any potential security-related updates. **Files Changed:** - `package.json`: The version of the `react-hook-form` dependency is being updated from `7.49.2` to `7.53.0`.

Code Analysis

We ran 9 analyzers against 2 files and 1 analyzer had findings. 8 analyzers had no findings.

Analyzer	Findings
Sensitive Files Analyzer	1 finding

Riskiness

:green_circle: Risk threshold not exceeded.

View PR in the DryRun Dashboard.

dependabot[bot] commented 3 weeks ago

Superseded by #113.

intelops / genpod