Bump @chakra-ui/react from 2.10.3 to 3.0.1 in the major-dependencies group #897

dependabot · 2024-10-28T08:49:03Z

Bumps the major-dependencies group with 1 update: @chakra-ui/react.

Updates @chakra-ui/react from 2.10.3 to 3.0.1

Release notes

Sourced from @chakra-ui/react's releases.

@chakra-ui/react@3.0.1

Patch Changes

c0020c9 Thanks @segunadebayo! - Fix issue where using keyframe interpolation in animation prop doesn't work

7d4f898 Thanks @segunadebayo! - Fix issue where scrollBehavior=outside doesn't allow scrolling outside the dialog content

@chakra-ui/react@3.0.0

Major Changes

#8153 7b6e66a Thanks @segunadebayo! - Prepares the ground for the next version Chakra that leverages Ark UI.

User Facing

Consolidate all component packages into a single package

Remove all deprecated components and APIs

Simplify the Changelogs for all v2 releases

Infrastructure

Simplify the repo infrastructure and release process

Migrate from jest to vitest

Migrate from tsup to custom rollup setup for better bundling strategy

#8815 806be96 Thanks @isBatak! - Remove the @chakra-ui/hooks package in favour of using dedicated, robust libraries like react-use and usehooks-ts

Minor Changes

#8121 170198f Thanks @kkieninger! - ### Fixed

Fix hard-coded z-index for Menu in favor of one defined from the theme

Fix problem with leading and trailing spaces when getting initials for the Avatar component

Suppress unnecessary re-renders of Checkbox and Radio component

Added

... (truncated)

Changelog

Sourced from @chakra-ui/react's changelog.

3.0.1

Patch Changes

c0020c9 Thanks @segunadebayo! - Fix issue where using keyframe interpolation in animation prop doesn't work

7d4f898 Thanks @segunadebayo! - Fix issue where scrollBehavior=outside doesn't allow scrolling outside the dialog content

3.0.0

Major Changes

#8153 7b6e66a Thanks @segunadebayo! - Prepares the ground for the next version Chakra that leverages Ark UI.

User Facing

Consolidate all component packages into a single package

Remove all deprecated components and APIs

Simplify the Changelogs for all v2 releases

Infrastructure

Simplify the repo infrastructure and release process

Migrate from jest to vitest

Migrate from tsup to custom rollup setup for better bundling strategy

#8815 806be96 Thanks @isBatak! - Remove the @chakra-ui/hooks package in favour of using dedicated, robust libraries like react-use and usehooks-ts

Minor Changes

#8121 170198f Thanks @kkieninger! - ### Fixed

Fix hard-coded z-index for Menu in favor of one defined from the theme

Fix problem with leading and trailing spaces when getting initials for the Avatar component

Suppress unnecessary re-renders of Checkbox and Radio component

... (truncated)

Commits

See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the major-dependencies group with 1 update: [@chakra-ui/react](https://github.com/chakra-ui/chakra-ui/tree/HEAD/packages/react). Updates `@chakra-ui/react` from 2.10.3 to 3.0.1 - [Release notes](https://github.com/chakra-ui/chakra-ui/releases) - [Changelog](https://github.com/chakra-ui/chakra-ui/blob/main/packages/react/CHANGELOG.md) - [Commits](https://github.com/chakra-ui/chakra-ui/commits/@chakra-ui/react@3.0.1/packages/react) --- updated-dependencies: - dependency-name: "@chakra-ui/react" dependency-type: direct:production update-type: version-update:semver-major dependency-group: major-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

changeset-bot · 2024-10-28T08:49:06Z

⚠️ No Changeset found

Latest commit: 98e8161

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

github-actions · 2024-10-28T08:49:30Z

Dependency Review

The following issues were found:

✅ 0 vulnerable package(s)
✅ 0 package(s) with incompatible licenses
✅ 0 package(s) with invalid SPDX license definitions
⚠️ 1 package(s) with unknown licenses.
⚠️ 1 packages with OpenSSF Scorecard issues.

See the Details below.

License Issues

package-lock.json

Package	Version	License	Issue Type
packages/react	4.6.5	Null	Unknown License

OpenSSF Scorecard

Scorecard details

Package

Version

Score

Details

npm/@ark-ui/anatomy

3.5.0

Unknown

npm/@ark-ui/react

4.1.2

Unknown

npm/@chakra-ui/react

3.0.1

🟢 4.6

Details

Check	Score	Reason
Code-Review	⚠️ 0	Found 1/27 approved changesets -- score normalized to 0
Maintained	🟢 10	30 commit(s) and 18 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
License	🟢 10	license file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	⚠️ -1	no releases found
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Security-Policy	⚠️ 0	security policy file not detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Binary-Artifacts	🟢 10	no binaries found in the repo
Fuzzing	⚠️ 0	project is not fuzzed
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities	🟢 8	2 existing vulnerabilities detected

npm/@floating-ui/dom

1.6.8

Unknown

npm/@internationalized/date

3.5.5

🟢 6.1

Details

Check	Score	Reason
Code-Review	🟢 9	Found 27/30 approved changesets -- score normalized to 9
Maintained	🟢 10	30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Security-Policy	🟢 10	security policy file detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Fuzzing	🟢 10	project is fuzzed
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities	⚠️ 0	110 existing vulnerabilities detected

npm/@internationalized/number

3.5.3

🟢 6.1

Details

Check	Score	Reason
Code-Review	🟢 9	Found 27/30 approved changesets -- score normalized to 9
Maintained	🟢 10	30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Security-Policy	🟢 10	security policy file detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Fuzzing	🟢 10	project is fuzzed
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities	⚠️ 0	110 existing vulnerabilities detected

npm/@pandacss/is-valid-prop

0.41.0

Unknown

npm/@zag-js/accordion

0.74.2

Unknown

npm/@zag-js/accordion

0.62.1

Unknown

npm/@zag-js/anatomy

0.74.2

Unknown

npm/@zag-js/anatomy

0.62.1

Unknown

npm/@zag-js/aria-hidden

0.74.2

Unknown

npm/@zag-js/aria-hidden

0.62.1

Unknown

npm/@zag-js/auto-resize

0.74.2

Unknown

npm/@zag-js/auto-resize

0.62.1

Unknown

npm/@zag-js/avatar

0.74.2

Unknown

npm/@zag-js/avatar

0.62.1

Unknown

npm/@zag-js/carousel

0.74.2

Unknown

npm/@zag-js/carousel

0.62.1

Unknown

npm/@zag-js/checkbox

0.74.2

Unknown

npm/@zag-js/checkbox

0.62.1

Unknown

npm/@zag-js/clipboard

0.74.2

Unknown

npm/@zag-js/clipboard

0.62.1

Unknown

npm/@zag-js/collapsible

0.74.2

Unknown

npm/@zag-js/collapsible

0.62.1

Unknown

npm/@zag-js/collection

0.74.2

Unknown

npm/@zag-js/collection

0.62.1

Unknown

npm/@zag-js/color-picker

0.74.2

Unknown

npm/@zag-js/color-picker

0.62.1

Unknown

npm/@zag-js/color-utils

0.74.2

Unknown

npm/@zag-js/color-utils

0.62.1

Unknown

npm/@zag-js/combobox

0.74.2

Unknown

npm/@zag-js/combobox

0.62.1

Unknown

npm/@zag-js/core

0.62.1

Unknown

npm/@zag-js/core

0.74.2

Unknown

npm/@zag-js/date-picker

0.74.2

Unknown

npm/@zag-js/date-picker

0.62.1

Unknown

npm/@zag-js/date-utils

0.74.2

Unknown

npm/@zag-js/date-utils

0.62.1

Unknown

npm/@zag-js/dialog

0.74.2

Unknown

npm/@zag-js/dialog

0.62.1

Unknown

npm/@zag-js/dismissable

0.74.2

Unknown

npm/@zag-js/dismissable

0.62.1

Unknown

npm/@zag-js/dom-event

0.74.2

Unknown

npm/@zag-js/dom-event

0.62.1

Unknown

npm/@zag-js/dom-query

0.62.1

Unknown

npm/@zag-js/dom-query

0.74.2

Unknown

npm/@zag-js/editable

0.74.2

Unknown

npm/@zag-js/editable

0.62.1

Unknown

npm/@zag-js/element-rect

0.74.2

Unknown

npm/@zag-js/element-rect

0.62.1

Unknown

npm/@zag-js/element-size

0.74.2

Unknown

npm/@zag-js/element-size

0.62.1

Unknown

npm/@zag-js/file-upload

0.74.2

Unknown

npm/@zag-js/file-upload

0.62.1

Unknown

npm/@zag-js/file-utils

0.62.1

Unknown

npm/@zag-js/file-utils

0.74.2

Unknown

npm/@zag-js/focus-visible

0.74.2

Unknown

npm/@zag-js/form-utils

0.74.2

Unknown

npm/@zag-js/form-utils

0.62.1

Unknown

npm/@zag-js/highlight-word

0.74.2

Unknown

npm/@zag-js/hover-card

0.74.2

Unknown

npm/@zag-js/hover-card

0.62.1

Unknown

npm/@zag-js/i18n-utils

0.62.1

Unknown

npm/@zag-js/i18n-utils

0.74.2

Unknown

npm/@zag-js/interact-outside

0.74.2

Unknown

npm/@zag-js/interact-outside

0.62.1

Unknown

npm/@zag-js/live-region

0.74.2

Unknown

npm/@zag-js/live-region

0.62.1

Unknown

npm/@zag-js/menu

0.74.2

Unknown

npm/@zag-js/menu

0.62.1

Unknown

npm/@zag-js/number-input

0.74.2

Unknown

npm/@zag-js/number-input

0.62.1

Unknown

npm/@zag-js/number-utils

0.74.2

Unknown

npm/@zag-js/number-utils

0.62.1

Unknown

npm/@zag-js/numeric-range

0.74.2

Unknown

npm/@zag-js/numeric-range

0.62.1

Unknown

npm/@zag-js/pagination

0.74.2

Unknown

npm/@zag-js/pagination

0.62.1

Unknown

npm/@zag-js/pin-input

0.74.2

Unknown

npm/@zag-js/pin-input

0.62.1

Unknown

npm/@zag-js/popover

0.74.2

Unknown

npm/@zag-js/popover

0.62.1

Unknown

npm/@zag-js/popper

0.74.2

Unknown

npm/@zag-js/popper

0.62.1

Unknown

npm/@zag-js/presence

0.74.2

Unknown

npm/@zag-js/presence

0.62.1

Unknown

npm/@zag-js/progress

0.74.2

Unknown

npm/@zag-js/progress

0.62.1

Unknown

npm/@zag-js/qr-code

0.74.2

Unknown

npm/@zag-js/qr-code

0.62.1

Unknown

npm/@zag-js/radio-group

0.74.2

Unknown

npm/@zag-js/radio-group

0.62.1

Unknown

npm/@zag-js/rating-group

0.74.2

Unknown

npm/@zag-js/rating-group

0.62.1

Unknown

npm/@zag-js/react

0.74.2

Unknown

npm/@zag-js/rect-utils

0.74.2

Unknown

npm/@zag-js/rect-utils

0.62.1

Unknown

npm/@zag-js/remove-scroll

0.74.2

Unknown

npm/@zag-js/remove-scroll

0.62.1

Unknown

npm/@zag-js/select

0.74.2

Unknown

npm/@zag-js/select

0.62.1

Unknown

npm/@zag-js/signature-pad

0.74.2

Unknown

npm/@zag-js/signature-pad

0.62.1

Unknown

npm/@zag-js/slider

0.74.2

Unknown

npm/@zag-js/slider

0.62.1

Unknown

npm/@zag-js/splitter

0.74.2

Unknown

npm/@zag-js/splitter

0.62.1

Unknown

npm/@zag-js/steps

0.74.2

Unknown

npm/@zag-js/store

0.62.1

Unknown

npm/@zag-js/store

0.74.2

Unknown

npm/@zag-js/switch

0.74.2

Unknown

npm/@zag-js/switch

0.62.1

Unknown

npm/@zag-js/tabs

0.74.2

Unknown

npm/@zag-js/tabs

0.62.1

Unknown

npm/@zag-js/tags-input

0.74.2

Unknown

npm/@zag-js/tags-input

0.62.1

Unknown

npm/@zag-js/text-selection

0.74.2

Unknown

npm/@zag-js/text-selection

0.62.1

Unknown

npm/@zag-js/time-picker

0.74.2

Unknown

npm/@zag-js/time-picker

0.62.1

Unknown

npm/@zag-js/timer

0.74.2

Unknown

npm/@zag-js/toast

0.74.2

Unknown

npm/@zag-js/toast

0.62.1

Unknown

npm/@zag-js/toggle-group

0.74.2

Unknown

npm/@zag-js/toggle-group

0.62.1

Unknown

npm/@zag-js/tooltip

0.74.2

Unknown

npm/@zag-js/tooltip

0.62.1

Unknown

npm/@zag-js/tree-view

0.74.2

Unknown

npm/@zag-js/tree-view

0.62.1

Unknown

npm/@zag-js/types

0.62.1

Unknown

npm/@zag-js/types

0.74.2

Unknown

npm/@zag-js/utils

0.74.2

Unknown

npm/@zag-js/utils

0.62.1

Unknown

npm/focus-trap

7.6.0

🟢 6.3

Details

Check	Score	Reason
Code-Review	🟢 5	Found 1/2 approved changesets -- score normalized to 5
Maintained	🟢 10	30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Security-Policy	🟢 10	security policy file detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Binary-Artifacts	🟢 10	no binaries found in the repo
Packaging	⚠️ -1	packaging workflow not detected
Pinned-Dependencies	🟢 4	dependency not pinned by hash detected -- score normalized to 4
Fuzzing	⚠️ 0	project is not fuzzed
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	🟢 10	0 existing vulnerabilities detected

npm/focus-trap

7.5.4

🟢 6.3

Details

Check	Score	Reason
Code-Review	🟢 5	Found 1/2 approved changesets -- score normalized to 5
Maintained	🟢 10	30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Security-Policy	🟢 10	security policy file detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Binary-Artifacts	🟢 10	no binaries found in the repo
Packaging	⚠️ -1	packaging workflow not detected
Pinned-Dependencies	🟢 4	dependency not pinned by hash detected -- score normalized to 4
Fuzzing	⚠️ 0	project is not fuzzed
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	🟢 10	0 existing vulnerabilities detected

npm/klona

2.0.6

🟢 3.5

Details

Check	Score	Reason
Code-Review	⚠️ 1	Found 4/24 approved changesets -- score normalized to 1
Maintained	⚠️ 0	1 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Binary-Artifacts	🟢 10	no binaries found in the repo
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Security-Policy	⚠️ 0	security policy file not detected
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
Fuzzing	⚠️ 0	project is not fuzzed
Branch-Protection	⚠️ 0	branch protection not enabled on development/release branches
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

npm/packages/react

4.6.5

Unknown

npm/perfect-freehand

1.2.2

⚠️ 2.6

Details

Check	Score	Reason
Code-Review	⚠️ 1	Found 5/30 approved changesets -- score normalized to 1
Maintained	⚠️ 0	0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Branch-Protection	⚠️ 0	branch protection not enabled on development/release branches
Binary-Artifacts	🟢 10	no binaries found in the repo
Security-Policy	⚠️ 0	security policy file not detected
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Fuzzing	⚠️ 0	project is not fuzzed
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	⚠️ 0	39 existing vulnerabilities detected

npm/proxy-compare

3.0.0

🟢 3.9

Details

Check	Score	Reason
Code-Review	⚠️ 1	Found 3/29 approved changesets -- score normalized to 1
Maintained	⚠️ 0	0 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 0
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Security-Policy	⚠️ 0	security policy file not detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Fuzzing	⚠️ 0	project is not fuzzed
Packaging	🟢 10	packaging workflow detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	🟢 6	4 existing vulnerabilities detected

npm/proxy-memoize

3.0.1

🟢 3.6

Details

Check	Score	Reason
Code-Review	⚠️ 1	Found 4/26 approved changesets -- score normalized to 1
Maintained	🟢 3	0 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 3
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Security-Policy	⚠️ 0	security policy file not detected
Fuzzing	⚠️ 0	project is not fuzzed
Packaging	🟢 10	packaging workflow detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	⚠️ 0	22 existing vulnerabilities detected

npm/tabbable

6.2.0

🟢 5.6

Details

Check	Score	Reason
Code-Review	⚠️ 0	Found 0/1 approved changesets -- score normalized to 0
Maintained	🟢 10	30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Packaging	⚠️ -1	packaging workflow not detected
Pinned-Dependencies	🟢 3	dependency not pinned by hash detected -- score normalized to 3
Security-Policy	🟢 10	security policy file detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Fuzzing	⚠️ 0	project is not fuzzed
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	🟢 9	1 existing vulnerabilities detected

npm/uqr

0.1.2

Unknown

npm/@chakra-ui/react

^3.0.1

🟢 4.6

Details

Check	Score	Reason
Code-Review	⚠️ 0	Found 1/27 approved changesets -- score normalized to 0
Maintained	🟢 10	30 commit(s) and 18 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
License	🟢 10	license file detected
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	⚠️ -1	no releases found
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Packaging	⚠️ -1	packaging workflow not detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Security-Policy	⚠️ 0	security policy file not detected
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Binary-Artifacts	🟢 10	no binaries found in the repo
Fuzzing	⚠️ 0	project is not fuzzed
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities	🟢 8	2 existing vulnerabilities detected

Scanned Manifest Files

package-lock.json

@ark-ui/anatomy@3.5.0
@ark-ui/react@4.1.2
@chakra-ui/react@3.0.1
@floating-ui/dom@1.6.8
@internationalized/date@3.5.5
@internationalized/number@3.5.3
@pandacss/is-valid-prop@0.41.0
@zag-js/accordion@0.74.2
@zag-js/accordion@0.62.1
@zag-js/anatomy@0.74.2
@zag-js/anatomy@0.62.1
@zag-js/aria-hidden@0.74.2
@zag-js/aria-hidden@0.62.1
@zag-js/auto-resize@0.74.2
@zag-js/auto-resize@0.62.1
@zag-js/avatar@0.74.2
@zag-js/avatar@0.62.1
@zag-js/carousel@0.74.2
@zag-js/carousel@0.62.1
@zag-js/checkbox@0.74.2
@zag-js/checkbox@0.62.1
@zag-js/clipboard@0.74.2
@zag-js/clipboard@0.62.1
@zag-js/collapsible@0.74.2
@zag-js/collapsible@0.62.1
@zag-js/collection@0.74.2
@zag-js/collection@0.62.1
@zag-js/color-picker@0.74.2
@zag-js/color-picker@0.62.1
@zag-js/color-utils@0.74.2
@zag-js/color-utils@0.62.1
@zag-js/combobox@0.74.2
@zag-js/combobox@0.62.1
@zag-js/core@0.62.1
@zag-js/core@0.74.2
@zag-js/date-picker@0.74.2
@zag-js/date-picker@0.62.1
@zag-js/date-utils@0.74.2
@zag-js/date-utils@0.62.1
@zag-js/dialog@0.74.2
@zag-js/dialog@0.62.1
@zag-js/dismissable@0.74.2
@zag-js/dismissable@0.62.1
@zag-js/dom-event@0.74.2
@zag-js/dom-event@0.62.1
@zag-js/dom-query@0.62.1
@zag-js/dom-query@0.74.2
@zag-js/editable@0.74.2
@zag-js/editable@0.62.1
@zag-js/element-rect@0.74.2
@zag-js/element-rect@0.62.1
@zag-js/element-size@0.74.2
@zag-js/element-size@0.62.1
@zag-js/file-upload@0.74.2
@zag-js/file-upload@0.62.1
@zag-js/file-utils@0.62.1
@zag-js/file-utils@0.74.2
@zag-js/focus-visible@0.74.2
@zag-js/form-utils@0.74.2
@zag-js/form-utils@0.62.1
@zag-js/highlight-word@0.74.2
@zag-js/hover-card@0.74.2
@zag-js/hover-card@0.62.1
@zag-js/i18n-utils@0.62.1
@zag-js/i18n-utils@0.74.2
@zag-js/interact-outside@0.74.2
@zag-js/interact-outside@0.62.1
@zag-js/live-region@0.74.2
@zag-js/live-region@0.62.1
@zag-js/menu@0.74.2
@zag-js/menu@0.62.1
@zag-js/number-input@0.74.2
@zag-js/number-input@0.62.1
@zag-js/number-utils@0.74.2
@zag-js/number-utils@0.62.1
@zag-js/numeric-range@0.74.2
@zag-js/numeric-range@0.62.1
@zag-js/pagination@0.74.2
@zag-js/pagination@0.62.1
@zag-js/pin-input@0.74.2
@zag-js/pin-input@0.62.1
@zag-js/popover@0.74.2
@zag-js/popover@0.62.1
@zag-js/popper@0.74.2
@zag-js/popper@0.62.1
@zag-js/presence@0.74.2
@zag-js/presence@0.62.1
@zag-js/progress@0.74.2
@zag-js/progress@0.62.1
@zag-js/qr-code@0.74.2
@zag-js/qr-code@0.62.1
@zag-js/radio-group@0.74.2
@zag-js/radio-group@0.62.1
@zag-js/rating-group@0.74.2
@zag-js/rating-group@0.62.1
@zag-js/react@0.74.2
@zag-js/rect-utils@0.74.2
@zag-js/rect-utils@0.62.1
@zag-js/remove-scroll@0.74.2
@zag-js/remove-scroll@0.62.1
@zag-js/select@0.74.2
@zag-js/select@0.62.1
@zag-js/signature-pad@0.74.2
@zag-js/signature-pad@0.62.1
@zag-js/slider@0.74.2
@zag-js/slider@0.62.1
@zag-js/splitter@0.74.2
@zag-js/splitter@0.62.1
@zag-js/steps@0.74.2
@zag-js/store@0.62.1
@zag-js/store@0.74.2
@zag-js/switch@0.74.2
@zag-js/switch@0.62.1
@zag-js/tabs@0.74.2
@zag-js/tabs@0.62.1
@zag-js/tags-input@0.74.2
@zag-js/tags-input@0.62.1
@zag-js/text-selection@0.74.2
@zag-js/text-selection@0.62.1
@zag-js/time-picker@0.74.2
@zag-js/time-picker@0.62.1
@zag-js/timer@0.74.2
@zag-js/toast@0.74.2
@zag-js/toast@0.62.1
@zag-js/toggle-group@0.74.2
@zag-js/toggle-group@0.62.1
@zag-js/tooltip@0.74.2
@zag-js/tooltip@0.62.1
@zag-js/tree-view@0.74.2
@zag-js/tree-view@0.62.1
@zag-js/types@0.62.1
@zag-js/types@0.74.2
@zag-js/utils@0.74.2
@zag-js/utils@0.62.1
focus-trap@7.6.0
focus-trap@7.5.4
klona@2.0.6
packages/react@4.6.5
perfect-freehand@1.2.2
proxy-compare@3.0.0
proxy-memoize@3.0.1
tabbable@6.2.0
uqr@0.1.2
@chakra-ui/anatomy@2.3.4
@chakra-ui/hooks@2.4.2
@chakra-ui/react@2.10.3
@chakra-ui/styled-system@2.12.0
@chakra-ui/theme@3.4.6
@chakra-ui/theme-tools@2.2.6
@chakra-ui/utils@2.2.2
@popperjs/core@2.11.8
@types/lodash.mergewith@4.6.9
@zag-js/dom-query@0.31.1
@zag-js/element-size@0.31.1
@zag-js/focus-visible@0.31.1
copy-to-clipboard@3.3.3
detect-node-es@1.1.0
focus-lock@1.3.5
framer-motion@11.11.9
get-nonce@1.0.1
invariant@2.2.4
packages/react@4.6.4
react-clientside-effect@1.2.6
react-focus-lock@2.13.2
react-remove-scroll@2.6.0
react-remove-scroll-bar@2.3.6
react-style-singleton@2.2.1
toggle-selection@1.0.6
use-callback-ref@1.3.2
use-sidecar@1.1.2

packages/react/package.json

@chakra-ui/react@^3.0.1
@chakra-ui/react@^2.10.3

dependabot · 2024-11-04T08:12:07Z

Superseded by #906.

dependabot bot requested a review from a team as a code owner October 28, 2024 08:49

dependabot bot added the dependencies Pull requests that update a dependency file label Oct 28, 2024

dependabot bot closed this Nov 4, 2024

dependabot bot deleted the dependabot/npm_and_yarn/major-dependencies-ad67693efa branch November 4, 2024 08:12

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump @chakra-ui/react from 2.10.3 to 3.0.1 in the major-dependencies group #897

Bump @chakra-ui/react from 2.10.3 to 3.0.1 in the major-dependencies group #897

dependabot bot commented on behalf of github Oct 28, 2024 •

edited

Loading

Added

changeset-bot bot commented Oct 28, 2024

github-actions bot commented Oct 28, 2024

dependabot bot commented on behalf of github Nov 4, 2024

Bump @chakra-ui/react from 2.10.3 to 3.0.1 in the major-dependencies group #897

Bump @chakra-ui/react from 2.10.3 to 3.0.1 in the major-dependencies group #897

Conversation

dependabot bot commented on behalf of github Oct 28, 2024 • edited Loading

@​chakra-ui/react@​3.0.1

Patch Changes

@​chakra-ui/react@​3.0.0

Major Changes

Minor Changes

Added

3.0.1

Patch Changes

3.0.0

Major Changes

Minor Changes

changeset-bot bot commented Oct 28, 2024

⚠️ No Changeset found

github-actions bot commented Oct 28, 2024

Dependency Review

License Issues

package-lock.json

OpenSSF Scorecard

Scanned Manifest Files

dependabot bot commented on behalf of github Nov 4, 2024

dependabot bot commented on behalf of github Oct 28, 2024 •

edited

Loading

`@chakra-ui/react@3`.0.1

`@chakra-ui/react@3`.0.0