chore(deps): bump react-hook-form from 7.42.1 to 7.43.2

[dependabot]

Bumps react-hook-form from 7.42.1 to 7.43.2.

Release notes

Sourced from react-hook-form's releases.

Version 7.43.2

🐞 fix #9972 input focus with submitted form (#9978) 💉 improve perf & save some bytes (#9968) 🐞 fix #9955 useForm values prop keepDirtyValues not update isDirty (#9959) 🗑️ remove JSX message check (#9921)

Version 7.43.1

🐞 fix #9871 issue with error type (#9873) 🐞 fix #9842 clearErrors method does not support global error (#9843)

Version 7.43.0

🌏 feature: support global error type #9746

const onSubmit = async () => {
  const response = await fetch(...)
  if (response.statusCode > 200) {
      setError('root.serverError', { 
        type: response.statusCode,
      })
  }
}
const onClick = () => {
setError('root.random', {
type: 'random',
})
}
return (
<>
{errors.root.serverError.type === 400 && <p>server response message</p>}
<p>{errors.root?.serverError?.message}</p>
<p>{errors.root?.random?.message}</p>
</>
)

🪜 fix set values for controlled components (#9780)

const { control } = useForm({ values: { test: '' } })
<Controller name="test" /> // no longer throw react warning for uncontrolled become controlled.

🚓 stronger typing to document non-spec attribute uses (#9809)

register('number', {
  valueAsNumber: true,
  pattern: /[1-4]/g // ❌ type error
})
</tr></table> 

... (truncated)

Commits

• 6de47e9 7.43.2
• 695f623 🐞 fix #9972 input focus with submitted form (#9978)
• f9e179c 💉 improve perf & save some bytes (#9968)
• c3c4893 🐞 fix #9955 useForm values prop keepDirtyValues not update isDirty (#9959)
• 28cafa8 🗑️ remove JSX message check (#9921)
• 47537f2 7.43.1
• 494c4cf 🐞 fix #9871 issue with error type (#9873)
• f0f75e6 🐞 fix #9842 clearError method not support global error (#9843)
• 28e33c9 7.43.0
• af094a2 🌏 feature: support global error type #9746 (#9758)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[socket-security]

Socket Security Pull Request Report

Dependency issues detected: If you merge this pull request, you will not be alerted to the instances of these issues again.

⚠️ Minified code

This package contains minified code. This may be harmless in some cases where minified code is included in packaged libraries, however packages on npm should not minify code.

In many cases minified code is harmless, however minified code can be used to hide a supply chain attack. Consider not shipping minified code on npm.

Package	Confidence	Location	Source
react-hook-form@7.43.2 (upgraded)	1.00	dist/index.cjs.js	package.json via @hookform/resolvers@2.9.11

⚠️ Chronological version anomaly

Semantic versions published out of chronological order.

This could either indicate dependency confusion or a patched vulnerability.

Package	Previous Chronological	Previous Semver	Source
react-hook-form@7.43.2 (upgraded)	react-hook-form@7.44.0-next.1 (2/16/2023, 10:44:52 PM)	react-hook-form@7.43.1 (2/7/2023, 9:00:34 AM)	package.json via @hookform/resolvers@2.9.11

Pull request report summary

Issue	Status
Critical CVE	✅ 0 issues
CVE	✅ 0 issues
Mild CVE	✅ 0 issues
Install scripts	✅ 0 issues
Native code	✅ 0 issues
Bin script confusion	✅ 0 issues
Bin script shell injection	✅ 0 issues
Filesystem access	✅ 0 issues
Network access	✅ 0 issues
Shell access	✅ 0 issues
Debug access	✅ 0 issues
Long strings	✅ 0 issues
High entropy strings	✅ 0 issues
URL strings	✅ 0 issues
Uses eval	✅ 0 issues
Dynamic require	✅ 0 issues
Environment variable access	✅ 0 issues
Missing dependency	✅ 0 issues
Unused dependency	✅ 0 issues
Peer dependency	✅ 0 issues
Uncaught optional dependency	✅ 0 issues
Unresolved require	✅ 0 issues
Extraneous dependency	✅ 0 issues
Obfuscated require	✅ 0 issues
Obfuscated code	✅ 0 issues
Minified code	⚠️ 1 issue
Bidirectional unicode control characters	✅ 0 issues
Zero width unicode chars	✅ 0 issues
Bad text encoding	✅ 0 issues
Unicode homoglyphs	✅ 0 issues
Invisible chars	✅ 0 issues
Suspicious strings	✅ 0 issues
Invalid package.json	✅ 0 issues
HTTP dependency	✅ 0 issues
Git dependency	✅ 0 issues
GitHub dependency	✅ 0 issues
File dependency	✅ 0 issues
No tests	✅ 0 issues
No repository	✅ 0 issues
Bad semver	✅ 0 issues
Bad dependency semver	✅ 0 issues
No v1	✅ 0 issues
No website	✅ 0 issues
No bug tracker	✅ 0 issues
No contributors or author data	✅ 0 issues
CommonJS depending on ESModule	✅ 0 issues
Empty package	✅ 0 issues
Trivial Package	✅ 0 issues
No README	✅ 0 issues
Deprecated	✅ 0 issues
Chronological version anomaly	⚠️ 1 issue
Semver anomaly	✅ 0 issues
New author	✅ 0 issues
Unstable ownership	✅ 0 issues
Non-existent author	✅ 0 issues
Unmaintained	✅ 0 issues
Unpublished package	✅ 0 issues
Major refactor	✅ 0 issues
Missing package tarball	✅ 0 issues
Unsafe copyright	✅ 0 issues
License change	✅ 0 issues
Non OSI license	✅ 0 issues
Deprecated license	✅ 0 issues
Missing license	✅ 0 issues
Non SPDX license	✅ 0 issues
Unclear license	✅ 0 issues
Mixed license	✅ 0 issues
Legal notice	✅ 0 issues
Modified license	✅ 0 issues
Modified license exception	✅ 0 issues
License exception	✅ 0 issues
Deprecated SPDX exception	✅ 0 issues
Potential typo squat	✅ 0 issues
Known Malware	✅ 0 issues
Telemetry	✅ 0 issues
Protestware/Troll package	✅ 0 issues
AI detected malware	✅ 0 issues

Bot Commands

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore foo@1.0.0 bar@2.4.2

• @SocketSecurity ignore react-hook-form@7.43.2

Powered by socket.dev