chore(deps): bump react-router and react-router-dom in /humanlayer-wui#36
chore(deps): bump react-router and react-router-dom in /humanlayer-wui#36dependabot[bot] wants to merge 1 commit into
Security Analysis Passed
No security issues found
Details
Kusari Analysis Results:
✅ No Flagged Issues Detected
All values appear to be within acceptable risk parameters.
Both dependency and code security analyses independently recommend proceeding with no blocking concerns. The primary benefit of this PR is the update of react-router and react-router-dom from 7.6.3 to 7.16.0, which resolves 9 CVEs covering XSS, CSRF, open redirect, DoS, and an RCE chain vulnerability. The new version (7.16.0) is the latest release with no active advisories. Additional changes include a minor patch update to the cookie package (1.0.2 to 1.1.1) and platform-specific binary additions for esbuild, rollup, tailwindcss/oxide, lightningcss, sentry CLI, and tauri CLI — all transitive dependencies with no identified vulnerabilities. The code analysis found zero findings across all severity levels, with no exposed secrets or workflow issues. This PR is a net security improvement with no introduced risk.
Note
View full detailed analysis result for more information on the output and the checks that were run.
@kusari-inspector rerun - Trigger a re-analysis of this PR
@kusari-inspector feedback [your message] - Send feedback to our AI and team
See Kusari's documentation for setup and configuration.
Commit: d9e7689, performed at: 2026-06-03T21:48:51Z