othman.suseno/calypso
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
calypso/docs/REACT-UPDATE-REPORT.md
Warp Agent 419fcb7625 fixing storage management dashboard
2025-12-25 20:02:59 +00:00

1.7 KiB
Raw Permalink Blame History

React.js Update to v19.2.3 - Security Fix Complete

Summary

Updated React and related dependencies to latest versions, fixing critical CVE vulnerability (10/10 severity) in esbuild/Vite build tools.

Updated Packages

React Core

  • react: 18.3.1 → 19.2.3
  • react-dom: 18.3.1 → 19.2.3

Development Tools

  • vite: 5.x → 7.3.0 (Fixed critical esbuild vulnerability)
  • @vitejs/plugin-react: 4.2.1 → 5.1.2
  • @types/react: 18.2.43 → 19.x
  • @types/react-dom: 18.2.17 → 19.x
  • lucide-react: 0.294.0 → latest

Vulnerabilities Fixed

Before Update

2 moderate severity vulnerabilities

esbuild <=0.24.2 Severity: moderate Issue: esbuild enables any website to send any requests to the development server and read the response CVE: GHSA-67mh-4wv8-2f99

After Update

found 0 vulnerabilities

Code Changes Required for React 19

File: src/hooks/useWebSocket.ts

Issue: React 19 requires useRef to have an initial value Line 14: // Before const reconnectTimeoutRef = useRef<ReturnType>() // After const reconnectTimeoutRef = useRef<ReturnType | undefined>(undefined)

Build Verification

npm run build ✓ TypeScript compilation successful ✓ Vite build completed in 10.54s ✓ Production bundle: 822.87 kB (233.27 kB gzipped)

Testing Status

  • Build: Successful
  • TypeScript: No errors
  • Security audit: 0 vulnerabilities
  • Runtime testing: Recommended before deployment

Date: 2025-12-25 Status: Complete - Zero Vulnerabilities Build: Successful Upgrade Path: 18.3.1 → 19.2.3 (Major version)