Revert "chore(linea-ens-app): upgrade React" #360

alainncls · 2025-12-12T09:15:20Z

Reverts #358

Note

Reverts the React 19 upgrade by downgrading to React 18 and aligning dependencies and code (styled-components v5, type/ref tweaks, minor UI text).

Dependencies/Tooling:
- Downgrade react/react-dom to 18.2.0; update peer and type packages accordingly.
- Replace styled-components@6 with styled-components@5 and add babel-plugin-styled-components.
- Adjust many packages to React 18-compatible versions (e.g., @ensdomains/thorin, rainbowkit, wagmi, @sentry/nextjs).
- Update pnpm workspace and overrides (including Next.js pins) and add packages/linea-ens-app/pnpm-workspace.yaml.
App code updates (React 18/styled-components v5 compatibility):
- Refactor styled components to functional style and pass style helpers as args (e.g., cacheableComponentStyles, gridAreaStyle).
- Simplify/inline types: remove explicit JSX imports, tighten RefObject types (drop | null generics), and clean useRef initializations.
- Update CacheableComponent API/signatures and usages.
- Minor UI/text tweaks: change sort label/placeholder in NameTableHeader; small prop/type fixes (e.g., anchorRef).

^{Written by Cursor Bugbot for commit 9b754fe. This will update automatically on new commits. Configure here.}

This reverts commit e170722.

socket-security · 2025-12-12T09:16:51Z

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Package	Supply Chain Security	Quality	Maintenance
npm/next@15.2.4
npm/@vitest/spy@1.6.0
npm/@vitest/coverage-v8@1.6.0
npm/@types/styled-components@5.1.23
npm/@types/react-dom@19.0.1 ⏵ 18.2.25	⁺¹	⁺⁴	^-2
npm/@types/react-dom@19.0.1 ⏵ 18.3.0	⁺¹	⁺⁴	^-3
npm/@types/react@19.0.1 ⏵ 18.2.21
npm/@wagmi/core@2.10.5
npm/@types/lodash@4.17.4
npm/react-use@17.6.0 ⏵ 17.5.0
npm/@types/react-is@17.0.7
npm/@types/node@18.19.33
npm/jsdom@24.1.0
npm/eslint-plugin-react@7.34.2
npm/react@19.0.1 ⏵ 18.2.0	⁺¹	⁺¹
npm/react@19.0.1 ⏵ 18.3.1	⁺¹	⁺¹
npm/yaml@2.4.3
npm/styled-components@6.1.19 ⏵ 5.3.11	⁺¹	⁺¹
npm/sitemap@7.1.2
npm/@next/bundle-analyzer@15.5.6 ⏵ 13.5.6
npm/hardhat@2.22.4
npm/@testing-library/jest-dom@6.4.5
npm/@openzeppelin/contracts@4.9.6
npm/react-dom@19.0.1 ⏵ 18.2.0
npm/react-dom@19.0.1 ⏵ 18.3.1
npm/eslint-plugin-react-hooks@4.6.2
npm/@vitejs/plugin-react@4.3.0
npm/eslint-plugin-testing-library@6.2.2
npm/@sentry/nextjs@7.116.0
npm/react-hook-form@7.51.5
npm/wrangler@3.58.0
npm/viem@2.13.3
npm/@playwright/test@1.44.1

View full report

socket-security · 2025-12-12T09:16:52Z

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert (click "▶" to expand/collapse)
Warn		Critical CVE: Next.js is vulnerable to RCE in React flight protocol CVE: GHSA-9qr9-h5gf-34mp Next.js is vulnerable to RCE in React flight protocol (CRITICAL) Affected versions: >= 14.3.0-canary.77 < 15.0.5; >= 15.1.0-canary.0 < 15.1.9; >= 15.2.0-canary.0 < 15.2.6; >= 15.3.0-canary.0 < 15.3.6; >= 15.4.0-canary.0 < 15.4.8; >= 15.5.0-canary.0 < 15.5.7; >= 16.0.0-canary.0 < 16.0.7 Patched version: 15.2.6 From: packages/linea-ens-app/package.json → `npm/[email protected]` ℹ Read more on: This package \| This alert \| What is a critical CVE? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `[email protected]`. Suggestion: Remove or replace dependencies that include known critical CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/[email protected]`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `vite` is 91.0% likely obfuscated Confidence: 0.91 Location: Package overview From: packages/linea-ens-app/pnpm-lock.yaml → `npm/[email protected]` → `npm/[email protected]` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `[email protected]`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/[email protected]`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `vite` is 91.0% likely obfuscated Confidence: 0.91 Location: Package overview From: packages/linea-ens-app/pnpm-lock.yaml → `npm/[email protected]` → `npm/@vitejs/[email protected]` → `npm/[email protected]` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `[email protected]`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/[email protected]`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

Revert "chore(linea-ens-app): upgrade React (#358)"

9b754fe

This reverts commit e170722.

alainncls requested a review from VGau December 12, 2025 09:15

alainncls self-assigned this Dec 12, 2025

alainncls requested a review from a team as a code owner December 12, 2025 09:15

VGau approved these changes Dec 12, 2025

View reviewed changes

alainncls merged commit 1d7c92c into main Dec 12, 2025
7 checks passed

alainncls deleted the revert-358-chore/upgrade-react branch December 12, 2025 09:24

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Revert "chore(linea-ens-app): upgrade React" #360

Revert "chore(linea-ens-app): upgrade React" #360

Uh oh!

alainncls commented Dec 12, 2025 •

edited by cursor bot

Loading

Uh oh!

socket-security bot commented Dec 12, 2025

Uh oh!

socket-security bot commented Dec 12, 2025

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Revert "chore(linea-ens-app): upgrade React" #360

Revert "chore(linea-ens-app): upgrade React" #360

Uh oh!

Conversation

alainncls commented Dec 12, 2025 • edited by cursor bot Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

socket-security bot commented Dec 12, 2025

Uh oh!

socket-security bot commented Dec 12, 2025

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

alainncls commented Dec 12, 2025 •

edited by cursor bot

Loading