Skip to content

[Snyk] Upgrade react-hook-form from 7.53.0 to 7.56.3 #155

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[Snyk] Upgrade react-hook-form from 7.53.0 to 7.56.3 #155

wants to merge 1 commit into from
+1 −1

Conversation

@sumansaurabh
Copy link
Contributor

@sumansaurabh sumansaurabh commented Jun 6, 2025

snyk-top-banner

Snyk has created this PR to upgrade react-hook-form from 7.53.0 to 7.56.3.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 21 versions ahead of your current version.

  • The recommended version was released a month ago.

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-BABELHELPERS-9397697		 452 Proof of Concept
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-BABELRUNTIME-10044504		 452 Proof of Concept
medium severity Improper Input Validation
SNYK-JS-NANOID-8492085		 452 No Known Exploit
critical severity Improper Authorization
SNYK-JS-NEXT-9508709		 452 Mature
Release notes
Package name: react-hook-form
  • 7.56.3 - 2025-05-07

    Revert "📭 close #12773 pass input ref instead partial (#12775)"

  • 7.56.2 - 2025-05-03

    🐞 fix #12785 regression on default value gets overwritten by values props (#12790)
    🐞 fix: use layoutEffect in useWatch for subscription similar to useForm (#12786)
    🐞 fix #12772 reset form useWatch to utilize ref for defaultValue and … (#12780)
    📭 close #12773 pass input ref instead partial (#12775)

  • 7.56.1 - 2025-04-22

    🐞 fix #12761 #12762 issue with usage reset isReady formState (#12765)
    🐞 fix #12763 import warning with named exports (#12764)

  • 7.56.0 - 2025-04-20

    ⏰ feat: introduce isReady state for subscription (#12568)

    const { formState: { isReady }, setValue } = useForm()

    useEffect(() => {
    // form subscription setup is ready
    if (isReady) setValue('test', 'value')
    }, [isReady])

    🌗 feat: support reactive mode and reValidateMode (#12743)
    🐞 fix #12741 regression on move/swap on useFieldArray input update (#12749)
    🐞 fix: use useIsomorphicLayoutEffect to address warning in SSR (#12738)

  • 7.56.0-next.0 - 2025-04-13

    ⏰ feat: introduce isReady state for subscription (#12568)

    const { formState: { isReady }, setValue } = useForm()

    useEffect(() => {
    // form subscription setup is ready
    if (isReady) setValue('test', 'value')
    }, [isReady])

    🌗 feat: support reactive mode and reValidateMode (#12743)
    🐞 fix #12741 regression on move/swap on useFieldArray input update (#12749)
    🐞 fix: use useIsomorphicLayoutEffect to address warning in SSR (#12738)

  • 7.55.0 - 2025-03-28

    ⚡️ createFormControl

    • Allow us to start subscribing outside of the React component
    const { formControl, control } = createFormControl(props)

    function App() {
    const { register } = useForm({
    formControl,
    })

    return <form />
    }

    function Test() {
    useFormState({
    control // no longer need context api
    })
    }

    ⚡️ subscribe

    • subscribe form state update without re-render
    • subscribe outside of the react component
    const { formControl } = createFormControl(props)

    formControl.subscribe({
    formState: { isDirty: true },
    callback: (formState) => {
    if (formState.isDirty) {
    // do something here
    }
    }
    })

    function App() {
    const { register } = useForm({
    formControl,
    })

    return <form />
    }

    🪲 fix #12680: Update Fieldarray Unmount Status (#12690)
    🫡 fix: improve type inference for useFormContext (#12689)
    👮‍♂️ feat: infer resolver output types (#12638)
    🐞 fix(useForm): make values and defaultValues work correctly with createFormControl and useMemo (#12675)
    🥹 close #12665 issue with values not populate form
    🐞 fix #12665 regression on values over take default values
    🫡 allow use of handleSubmit with native events (#12645)
    🐞 fix #12631 revalidateMode issue with useFieldArray validation (#12646)
    🦥 close #12634 allow components with useController hook be memoized (#12635)
    🐞 fix #12580 setError in useEffect does not work when used inside the FormProvider context (#12642)
    🛟 fix: add the condition to prevent infinite render with errors prop (#12622)
    🐞 fix #12580 valid state update with onBlur mode (#12612)
    🐞 fix #12572 disabled field value not get undefined in resolver (#12573)
    🦾 feat: reference stable for useWatch defaultValue (#12564)
    ⏰ chore: remove typetest folder from build (#12555)
    🐞 fix #12532 useController should unregister issue with strict mode (#12538)
    👁️ feat: improve reference update with useWatch (#12537)
    🦥 close #12531 disabled state issue with touched and dirty (#12536)

    thanks to @ jtomaszewski, @ joshkel, @ candymask0712, @ kotarella1110, @ jorisre, @ jtomaszewski, @ controversial and @ jedahu

  • 7.55.0-next.9 - 2025-03-17

    🪲 fix #12680: Update Fieldarray Unmount Status (#12690)
    🫡 fix: improve type inference for useFormContext (#12689)

    thanks to @ jorisre & @ DavidIMk

  • 7.55.0-next.8 - 2025-03-13

    👮‍♂️ feat: infer resolver output types (#12638)
    🐞 fix(useForm): make values and defaultValues work correctly with createFormControl and useMemo (#12675)
    🥹 close #12665 issue with values not populate form

    thanks @ kotarella1110, @ jorisre, @ jtomaszewski, @ controversial and @ jedahu

  • 7.55.0-next.7 - 2025-03-07

    🐞 fix #12665 regression on values over take default values

  • 7.55.0-next.6 - 2025-03-05
  • 7.55.0-next.5 - 2025-02-22
  • 7.55.0-next.4 - 2025-02-08
  • 7.55.0-next.3 - 2025-01-25
  • 7.55.0-next.2 - 2025-01-18
  • 7.55.0-next.1 - 2024-12-27
  • 7.55.0-next.0 - 2024-12-24
  • 7.54.2 - 2024-12-20
  • 7.54.1 - 2024-12-12
  • 7.54.0 - 2024-12-06
  • 7.53.2 - 2024-11-08
  • 7.53.1 - 2024-10-19
  • 7.53.0 - 2024-08-24
from react-hook-form GitHub release notes

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • Snyk has automatically assigned this pull request, set who gets assigned.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

@snyk-bot
fix: upgrade react-hook-form from 7.53.0 to 7.56.3
cfa60fc 
Snyk has created this PR to upgrade react-hook-form from 7.53.0 to 7.56.3.

See this package in npm:
react-hook-form

See this project in Snyk:
https://app.snyk.io/org/sumansaurabh/project/569040e7-a26f-4ef9-a26e-4c16b49d3e71?utm_source=github&utm_medium=referral&page=upgrade-pr
@sumansaurabh sumansaurabh self-assigned this Jun 6, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@sumansaurabh sumansaurabh

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@sumansaurabh @snyk-bot