chore(deps): bump react-router-dom to ^7.15.0 (fixes 4 HIGH react-router CVEs)

[DevanshuNEU]

Summary

Bumps react-router-dom (floor ^7.15.0, resolves to 7.17.0) to clear 4 HIGH react-router CVEs that Trivy flags on every PR's Security Scan.

CVEs fixed (all in transitive react-router 7.13.0)

• CVE-2026-33245 - XSS in unstable RSC redirect handling (fixed 7.13.2)
• CVE-2026-34077 - DoS via reflected user input (fixed 7.14.0)
• CVE-2026-42211 - turbo-stream arbitrary constructor invocation (fixed 7.14.2)
• CVE-2026-42342 - DoS via unbounded path expansion in __manifest (fixed 7.15.0)

Changes

• frontend/package.json: react-router-dom ^7.12.0 to ^7.15.0
• frontend/bun.lock: react-router/react-router-dom 7.13.0 to 7.17.0

Validation

• bun run typecheck clean
• bun run test - 13 passed
• bun run build - succeeds

Dependency bump only, no code changes. Unblocks the Security Scan check on other open PRs (e.g. #316) once merged into main.

[vercel]

@DevanshuNEU is attempting to deploy a commit to the Dev's projects Team on Vercel.

A member of the Team first needs to authorize it.

[coderabbitai]

Warning

Review limit reached

@DevanshuNEU, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 16 minutes and 1 second. Learn how PR review limits work.

Your organization has run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: f12d10e8-91ae-4f58-85cc-1d235f95a444

📥 Commits

Reviewing files that changed from the base of the PR and between 7a29b89 and 0600744.

⛔ Files ignored due to path filters (1)

• frontend/bun.lock is excluded by !**/*.lock

📒 Files selected for processing (1)

• frontend/package.json

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
opencodeintel	Ready	Preview, Comment	Jun 8, 2026 7:53pm