Comments

Bump semver and react-scripts#11

Open

dependabot[bot] wants to merge 1 commit intomaster from

dependabot/npm_and_yarn/multi-0d0c3a1fc1

Open

Bump semver and react-scripts #11
dependabot[bot] wants to merge 1 commit intomaster from
dependabot/npm_and_yarn/multi-0d0c3a1fc1

Conversation

@dependabot

Copy link

@dependabot dependabot bot commented on behalf of github Feb 5, 2026

Bumps semver to 7.7.3 and updates ancestor dependency react-scripts. These dependencies need to be updated together.

Updates semver from 5.7.1 to 7.7.3

Release notes

Sourced from semver's releases.

v7.7.3

7.7.3 (2025年10月06日)

Bug Fixes

e37e0ca #813 faster paths for compare (#813) (@H4ad)

2471d75 #811 x-range build metadata support (i529015)

Chores

8f05c87 #807 bump @npmcli/template-oss from 4.25.0 to 4.25.1 (#807) (@dependabot[bot], @owlstronaut)

v7.7.2

7.7.2 (2025年05月12日)

Bug Fixes

fcafb61 #780 add missing 'use strict' directives (#780) (@Fdawgs)

c99f336 #781 prerelease identifier starting with digits (#781) (@mbtools)

Chores

c760403 #784 template-oss-apply for workflow permissions (#784) (@wraithgar)

2677f2a #778 bump @npmcli/template-oss from 4.23.6 to 4.24.3 (#778) (@dependabot[bot], @npm-cli-bot)

v7.7.1

7.7.1 (2025年02月03日)

Bug Fixes

af761c0 #764 inc: fully capture prerelease identifier (#764) (@wraithgar)

v7.7.0

7.7.0 (2025年01月29日)

Features

0864b3c #753 add "release" inc type (#753) (@mbtools)

Bug Fixes

d588e37 #755 diff: fix prerelease to stable version diff logic (#755) (@eminberkayd, berkay.daglar)

8a34bde #754 add identifier validation to inc() (#754) (@mbtools)

Documentation

67e5478 #756 readme: added missing period for consistency (#756) (@shaymolcho)

868d4bb #749 clarify comment about obsolete prefixes (#749) (@mbtools, @ljharb)

Chores

145c554 #741 bump @npmcli/eslint-config from 4.0.5 to 5.0.0 (@dependabot[bot])

753e02b #747 bump @npmcli/template-oss from 4.23.3 to 4.23.4 (#747) (@dependabot[bot], @npm-cli-bot)

0b812d5 #744 postinstall for dependabot template-oss PR (@hashtagchris)

v7.6.3

7.6.3 (2024年07月16日)

Bug Fixes

73a3d79 #726 optimize Range parsing and formatting (#726) (@jviide)

Documentation

2975ece #719 fix extra backtick typo (#719) (@stdavis)

v7.6.2

7.6.2 (2024年05月09日)

... (truncated)

Changelog

Sourced from semver's changelog.

7.7.3 (2025年10月06日)

Bug Fixes

e37e0ca #813 faster paths for compare (#813) (@H4ad)

2471d75 #811 x-range build metadata support (i529015)

Chores

8f05c87 #807 bump @npmcli/template-oss from 4.25.0 to 4.25.1 (#807) (@dependabot[bot], @owlstronaut)

7.7.2 (2025年05月12日)

Bug Fixes

fcafb61 #780 add missing 'use strict' directives (#780) (@Fdawgs)

c99f336 #781 prerelease identifier starting with digits (#781) (@mbtools)

Chores

c760403 #784 template-oss-apply for workflow permissions (#784) (@wraithgar)

2677f2a #778 bump @npmcli/template-oss from 4.23.6 to 4.24.3 (#778) (@dependabot[bot], @npm-cli-bot)

7.7.1 (2025年02月03日)

Bug Fixes

af761c0 #764 inc: fully capture prerelease identifier (#764) (@wraithgar)

7.7.0 (2025年01月29日)

Features

0864b3c #753 add "release" inc type (#753) (@mbtools)

Bug Fixes

d588e37 #755 diff: fix prerelease to stable version diff logic (#755) (@eminberkayd, berkay.daglar)

8a34bde #754 add identifier validation to inc() (#754) (@mbtools)

Documentation

67e5478 #756 readme: added missing period for consistency (#756) (@shaymolcho)

868d4bb #749 clarify comment about obsolete prefixes (#749) (@mbtools, @ljharb)

Chores

145c554 #741 bump @npmcli/eslint-config from 4.0.5 to 5.0.0 (@dependabot[bot])

753e02b #747 bump @npmcli/template-oss from 4.23.3 to 4.23.4 (#747) (@dependabot[bot], @npm-cli-bot)

0b812d5 #744 postinstall for dependabot template-oss PR (@hashtagchris)

7.6.3 (2024年07月16日)

Bug Fixes

73a3d79 #726 optimize Range parsing and formatting (#726) (@jviide)

Documentation

2975ece #719 fix extra backtick typo (#719) (@stdavis)

7.6.2 (2024年05月09日)

Bug Fixes

6466ba9 #713 lru: use map.delete() directly (#713) (@negezor, @lukekarrys)

7.6.1 (2024年05月04日)

... (truncated)

Commits

a25789b chore: release 7.7.3 (#812)
e37e0ca fix: faster paths for compare (#813)
2471d75 fix: x-range build metadata support
8f05c87 chore: bump @npmcli/template-oss from 4.25.0 to 4.25.1 (#807)
d17aebf chore: bump @npmcli/template-oss from 4.24.4 to 4.25.0 (#797)
3b03e3b chore: bump @npmcli/template-oss from 4.24.3 to 4.24.4 (#790)
281055e chore: release 7.7.2 (#783)
fcafb61 fix: add missing 'use strict' directives (#780)
c760403 chore: template-oss-apply for workflow permissions (#784)
c99f336 fix: prerelease identifier starting with digits (#781)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for semver since your current version.

Updates react-scripts from 3.3.0 to 5.0.1

Changelog

Sourced from react-scripts's changelog.

3.4.4 (2020年10月20日)

v3.4.4 release bumps resolve-url-loader to a version for which npm audit does not report a vulnerability. Note that this vulnerability did not affect Create React App projects, so this change is only necessary to satisfy auditing tools.

Migrating from 3.4.3 to 3.4.4

Inside any created project that has not been ejected, run:
npm install --save --save-exact react-scripts@3.4.4
or
yarn add --exact react-scripts@3.4.4
3.4.3 (2020年08月12日)

v3.4.3 release bumps terser-webpack-plugin to a version for which npm audit does not report a vulnerability. Note that this vulnerability did not affect Create React App projects, so this change is only necessary to satisfy auditing tools.

Migrating from 3.4.2 to 3.4.3

Inside any created project that has not been ejected, run:
npm install --save --save-exact react-scripts@3.4.3
or
yarn add --exact react-scripts@3.4.3
3.4.2 (2020年08月11日)

v3.4.2 release bumps webpack-dev-server to a version for which npm audit does not report a vulnerability. Note that this vulnerability did not affect Create React App projects, so this change is only necessary to satisfy auditing tools.

Migrating from 3.4.1 to 3.4.2

Inside any created project that has not been ejected, run:
npm install --save --save-exact react-scripts@3.4.2
or

... (truncated)

Commits

19fa58d Publish
9802941 fix: webpack noise printed only if error or warning (#12245)
2eef1d0 Update templates to use React 18 createRoot (#12220)
221e511 Publish
5614c87 Add support for Tailwind (#11717)
20edab4 fix(webpackDevServer): disable overlay for warnings (#11413)
3afbbc0 Update all dependencies (#11624)
f5467d5 feat(eslint-config-react-app): support ESLint 8.x (#11375)
c7627ce Update webpack and dev server (#11646)
544befe Update package.json (#11597)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot


 Bump semver and react-scripts

3b7dd63

Bumps [semver](https://github.com/npm/node-semver) to 7.7.3 and updates ancestor dependency [react-scripts](https://github.com/facebook/create-react-app/tree/HEAD/packages/react-scripts). These dependencies need to be updated together.
Updates `semver` from 5.7.1 to 7.7.3
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md)
- [Commits](npm/node-semver@v5.7.1...v7.7.3)
Updates `react-scripts` from 3.3.0 to 5.0.1
- [Release notes](https://github.com/facebook/create-react-app/releases)
- [Changelog](https://github.com/facebook/create-react-app/blob/main/CHANGELOG-3.x.md)
- [Commits](https://github.com/facebook/create-react-app/commits/react-scripts@5.0.1/packages/react-scripts)
---
updated-dependencies:
- dependency-name: semver
 dependency-version: 7.7.3
 dependency-type: indirect
- dependency-name: react-scripts
 dependency-version: 5.0.1
 dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>

@dependabot dependabot bot added dependencies javascript labels

Feb 5, 2026

Labels

dependencies javascript

Comments

Conversation

@dependabot dependabot bot commented on behalf of github Feb 5, 2026

v7.7.3

7.7.3 (2025年10月06日)

Bug Fixes

Chores

v7.7.2

7.7.2 (2025年05月12日)

Bug Fixes

Chores

v7.7.1

7.7.1 (2025年02月03日)

Bug Fixes

v7.7.0

7.7.0 (2025年01月29日)

Features

Bug Fixes

Documentation

Chores

v7.6.3

7.6.3 (2024年07月16日)

Bug Fixes

Documentation

v7.6.2

7.6.2 (2024年05月09日)

7.7.3 (2025年10月06日)

Bug Fixes

Chores

7.7.2 (2025年05月12日)

Bug Fixes

Chores

7.7.1 (2025年02月03日)

Bug Fixes

7.7.0 (2025年01月29日)

Features

Bug Fixes

Documentation

Chores

7.6.3 (2024年07月16日)

Bug Fixes

Documentation

7.6.2 (2024年05月09日)

Bug Fixes

7.6.1 (2024年05月04日)

3.4.4 (2020年10月20日)

Migrating from 3.4.3 to 3.4.4

3.4.3 (2020年08月12日)

Migrating from 3.4.2 to 3.4.3

3.4.2 (2020年08月11日)

Migrating from 3.4.1 to 3.4.2

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants