Skip to content

Javascript dependency: Bump react-frame-component from 5.2.7 to 5.3.2 in /web#3

Open
dependabot[bot] wants to merge 1 commit into
query-alertingfrom
dependabot/npm_and_yarn/web/react-frame-component-5.3.2
Open

Javascript dependency: Bump react-frame-component from 5.2.7 to 5.3.2 in /web#3
dependabot[bot] wants to merge 1 commit into
query-alertingfrom
dependabot/npm_and_yarn/web/react-frame-component-5.3.2

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 6, 2026

Copy link
Copy Markdown
Contributor

Bumps react-frame-component from 5.2.7 to 5.3.2.

Release notes

Sourced from react-frame-component's releases.

v5.3.2

Patch Changes

  • f191d58: Add types condition to package.json exports to fix TypeScript resolution with TSGo and modern ESM tools

  • 1820bc3: ## Fix race condition in getMountTarget() (issue #250)

    Fixed "Cannot read properties of null" errors when initialContent changes rapidly by adding null checks for doc and doc.body in getMountTarget().

    Changes

    • src/Frame.jsx: Added null check in getMountTarget() to handle cases when iframe document is temporarily unavailable during rapid rerenders

v5.3.0

What's Changed

Add fallback to document.write() for initial frame rendering via dangerouslyUseDocWrite prop to support libraries like Repcaptcha and Google Maps that depend on the frame's location/origin.

PR #248: Add document.write() fallback (@​andrewpye)


Previous releases: https://github.com/ryanseddon/react-frame-component/releases

Changelog

Sourced from react-frame-component's changelog.

5.3.2

Patch Changes

  • f191d58: Add types condition to package.json exports to fix TypeScript resolution with TSGo and modern ESM tools

  • 1820bc3: ## Fix race condition in getMountTarget() (issue #250)

    Fixed "Cannot read properties of null" errors when initialContent changes rapidly by adding null checks for doc and doc.body in getMountTarget().

    Changes

    • src/Frame.jsx: Added null check in getMountTarget() to handle cases when iframe document is temporarily unavailable during rapid rerenders

5.3.1

Patch Changes

  • 14c215c: Fix React 19 and Vite compatibility by externalizing react/jsx-runtime

    The ESM and UMD builds were incorrectly bundling react/jsx-runtime inline from CommonJS source, which caused two issues:

    1. ESM builds contained __require("react") calls - This failed in browser ESM environments with "Could not dynamically require react" errors when using Vite.
    2. UMD builds referenced __SECRET_INTERNALS_DO_NOT_USE_OR_YOU_WILL_BE_FIRED.ReactCurrentOwner - This internal API was removed in React 19, causing "Cannot read properties of undefined" errors.

    The fix adds react/jsx-runtime and react/jsx-dev-runtime to the external dependencies list in the Vite configuration. This ensures the JSX transform is loaded from the proper module format rather than being bundled inline from CJS source.

    Bundle size improvements:

    • ESM: 35.7 KB → 4.6 KB (-87%)
    • UMD: 37.9 KB → 6.8 KB (-82%)

    Fixes #280

5.3.0

Minor Changes

  • 8d922c3: Add fallback to document.write() for initial frame rendering via dangerouslyUseDocWrite prop to support libraries like Repcaptcha and Google Maps that depend on the frame's location/origin.
Commits
  • 3f4cb97 Update npm to latest for OIDC trusted publishing (#290)
  • eddb677 Revert "Update npm to latest for OIDC trusted publishing"
  • 194d769 Update npm to latest for OIDC trusted publishing
  • ed62652 Version Packages (#289)
  • fb302a0 Bump follow-redirects from 1.15.0 to 1.15.11
  • c44e385 Merge pull request #285 from ryanseddon/dependabot/npm_and_yarn/picomatch-2.3.2
  • 722560a Bump picomatch from 2.3.1 to 2.3.2
  • d6b8e30 Merge pull request #288 from ryanseddon/fix/issue-287-types-exports
  • f191d58 Add changeset
  • 1820bc3 fix: add null check in getMountTarget to prevent race condition (#286)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for react-frame-component since your current version.


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [react-frame-component](https://github.com/ryanseddon/react-frame-component) from 5.2.7 to 5.3.2.
- [Release notes](https://github.com/ryanseddon/react-frame-component/releases)
- [Changelog](https://github.com/ryanseddon/react-frame-component/blob/master/CHANGELOG.md)
- [Commits](ryanseddon/react-frame-component@v5.2.7...v5.3.2)

---
updated-dependencies:
- dependency-name: react-frame-component
  dependency-version: 5.3.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github

dependabot Bot commented on behalf of github Jul 6, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: Dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants