UI5 / webcomponents-react / 20844715548 / 7
85%
main: 85%

LAST BUILD BRANCH: renovate/typescript
DEFAULT BRANCH: main
Ran
Files 168
Run time 5s
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
coverage: 13.34%. Remained the same
20844715548.7

push

github

web-flow 
chore(deps): update dependency react-router to v7.12.0 [security] (#8085)

This PR contains the following updates:

| Package | Change |
[Age](https://docs.renovatebot.com/merge-confidence/) |
[Confidence](https://docs.renovatebot.com/merge-confidence/) |
|---|---|---|---|
| [react-router](https://redirect.github.com/remix-run/react-router)
([source](https://redirect.github.com/remix-run/react-router/tree/HEAD/packages/react-router))
| [`7.11.0` →
`7.12.0`](https://renovatebot.com/diffs/npm/react-router/7.11.0/7.12.0)
|
![age](https://developer.mend.io/api/mc/badges/age/npm/react-router/7.12.0?slim=true)
|
![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/react-router/7.11.0/7.12.0?slim=true)
|

### GitHub Vulnerability Alerts

####
[CVE-2026-21884](https://redirect.github.com/remix-run/react-router/security/advisories/GHSA-8v8x-cx79-35w7)

A XSS vulnerability exists in in React Router's `<ScrollRestoration>`
API in [Framework Mode](https://reactrouter.com/start/modes#framework)
when using the `getKey`/`storageKey` props during Server-Side Rendering
which could allow arbitrary JavaScript execution during SSR if untrusted
content is used to generate the keys.

> [!NOTE]
> This does not impact applications if developers have [disabled
server-side rendering](https://reactrouter.com/how-to/spa) in Framework
Mode, or if they are using [Declarative
Mode](https://reactrouter.com/start/modes#declarative)
(`<BrowserRouter>`) or [Data
Mode](https://reactrouter.com/start/modes#data)
(`createBrowserRouter`/`<RouterProvider>`).

####
[CVE-2026-22029](https://redirect.github.com/remix-run/react-router/security/advisories/GHSA-2w69-qvjg-hvjx)

React Router (and Remix v1/v2) SPA open navigation redirects originating
from loaders or actions in [Framework
Mode](https://reactrouter.com/start/modes#framework), [Data
Mode](https://reactrouter.com/start/modes#data), or the unstable RSC
modes can result in unsafe URLs causing unintended javascript executi... (continued)

196 of 3260 branches covered (6.01%)

Branch coverage included in aggregate %.

931 of 5188 relevant lines covered (17.95%)

501.76 hits per line

Source Files on job compat - 20844715548.7