From b111850c547e9fbbac3c267a363332c52d4db1f0 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sun, 11 Jan 2026 10:31:28 +0000
Subject: [PATCH] fix: package.json & yarn.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-REACTROUTER-14908531
- https://snyk.io/vuln/SNYK-JS-REACTROUTER-14908286
- https://snyk.io/vuln/SNYK-JS-REACTROUTER-14908429
- https://snyk.io/vuln/SNYK-JS-REACTROUTER-14908293
- https://snyk.io/vuln/SNYK-JS-REACTROUTER-14908289
---
 package.json |  2 +-
 yarn.lock    | 25 +++++++++----------------
 2 files changed, 10 insertions(+), 17 deletions(-)

diff --git a/package.json b/package.json
index a318ebd3b..325e0d47b 100644
--- a/package.json
+++ b/package.json
@@ -41,7 +41,7 @@
     "postcss": "^8.4.49",
     "react": "^18.2.0",
     "react-dom": "18.3.1",
-    "react-router-dom": "7.1.5",
+    "react-router-dom": "7.12.0",
     "react-router-prompt": "^0.7.1",
     "react-scripts": "^5.0.1",
     "react-select": "^5.8.3",
diff --git a/yarn.lock b/yarn.lock
index 0fec7a6a8..52f7bbf39 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -16256,27 +16256,25 @@ react-remove-scroll@2.5.5:
     use-callback-ref "^1.3.0"
     use-sidecar "^1.1.2"
 
-react-router-dom@7.1.5:
-  version "7.1.5"
-  resolved "https://registry.yarnpkg.com/react-router-dom/-/react-router-dom-7.1.5.tgz#6b706a5503c01d99c1af69336a7de2e21cadd339"
-  integrity sha512-/4f9+up0Qv92D3bB8iN5P1s3oHAepSGa9h5k6tpTFlixTTskJZwKGhJ6vRJ277tLD1zuaZTt95hyGWV1Z37csQ==
+react-router-dom@7.12.0:
+  version "7.12.0"
+  resolved "https://registry.yarnpkg.com/react-router-dom/-/react-router-dom-7.12.0.tgz#0f2a059c6b2c4ae04474fe4171c59fb48b9fb8cf"
+  integrity sha512-pfO9fiBcpEfX4Tx+iTYKDtPbrSLLCbwJ5EqP+SPYQu1VYCXdy79GSj0wttR0U4cikVdlImZuEZ/9ZNCgoaxwBA==
   dependencies:
-    react-router "7.1.5"
+    react-router "7.12.0"
 
 react-router-prompt@^0.7.1:
   version "0.7.2"
   resolved "https://registry.yarnpkg.com/react-router-prompt/-/react-router-prompt-0.7.2.tgz#3715973bb7597f4eeb29338d6798e66ffd77fe07"
   integrity sha512-s+DlvPjGLsAvGBlimCIj0vDgTKeAtRtyAX9U358+WwH9t57kWlT0CKU5LnwP0kSEUJPwhsXf8mplRbm1aRoiPg==
 
-react-router@7.1.5:
-  version "7.1.5"
-  resolved "https://registry.yarnpkg.com/react-router/-/react-router-7.1.5.tgz#c9e19d329d9ce2215fdae844ab6b023b911094db"
-  integrity sha512-8BUF+hZEU4/z/JD201yK6S+UYhsf58bzYIDq2NS1iGpwxSXDu7F+DeGSkIXMFBuHZB21FSiCzEcUb18cQNdRkA==
+react-router@7.12.0:
+  version "7.12.0"
+  resolved "https://registry.yarnpkg.com/react-router/-/react-router-7.12.0.tgz#459a86862abbedd02e76e686751fe71f9fd73a4f"
+  integrity sha512-kTPDYPFzDVGIIGNLS5VJykK0HfHLY5MF3b+xj0/tTyNYL1gF1qs7u67Z9jEhQk2sQ98SUaHxlG31g1JtF7IfVw==
   dependencies:
-    "@types/cookie" "^0.6.0"
     cookie "^1.0.1"
     set-cookie-parser "^2.6.0"
-    turbo-stream "2.4.0"
 
 react-scripts@^5.0.1:
   version "5.0.1"
@@ -18511,11 +18509,6 @@ tunnel-agent@^0.6.0:
   dependencies:
     safe-buffer "^5.0.1"
 
-turbo-stream@2.4.0:
-  version "2.4.0"
-  resolved "https://registry.yarnpkg.com/turbo-stream/-/turbo-stream-2.4.0.tgz#1e4fca6725e90fa14ac4adb782f2d3759a5695f0"
-  integrity sha512-FHncC10WpBd2eOmGwpmQsWLDoK4cqsA/UT/GqNoaKOQnT8uzhtCbg3EoUDMvqpOSAI0S26mr0rkjzbOO6S3v1g==
-
 tweetnacl@^0.14.3, tweetnacl@~0.14.0:
   version "0.14.5"
   resolved "https://registry.yarnpkg.com/tweetnacl/-/tweetnacl-0.14.5.tgz#5ae68177f192d4456269d108afa93ff8743f4f64"