Skip to content

[Snyk] Security upgrade @c15t/react from 1.8.5 to 2.0.0#12970

Open
sestinj wants to merge 1 commit into
mainfrom
snyk-fix-10ae0b39f370635264d1d83f2a4e35a5
Open

[Snyk] Security upgrade @c15t/react from 1.8.5 to 2.0.0#12970
sestinj wants to merge 1 commit into
mainfrom
snyk-fix-10ae0b39f370635264d1d83f2a4e35a5

Conversation

@sestinj

@sestinj sestinj commented Jul 10, 2026

Copy link
Copy Markdown
Contributor

snyk-top-banner

Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

  • docs/package.json
  • docs/package-lock.json

Vulnerabilities that will be fixed with an upgrade:

Issue Score
high severity Uncaught Exception
SNYK-JS-OPENTELEMETRYPROPAGATORJAEGER-17901201
  828  

Breaking Change Risk

Merge Risk: High

Notice: This assessment is enhanced by AI.


Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic


Learn how to fix vulnerabilities with free interactive lessons:

🦉 Uncaught Exception

@sestinj

sestinj commented Jul 10, 2026

Copy link
Copy Markdown
Contributor Author

Merge Risk: High

The upgrade from @c15t/react v1.8.5 to v2.0.0 is a major release with significant breaking changes that require code modifications and a new approach to styling and script management.

Key Breaking Changes:

  • New Styling System: Version 2.0 replaces the v1 css-in-js theme objects with a new token-based styling system. Styling is now applied by importing a CSS stylesheet (e.g., @c15t/react/styles.css) instead of using theme objects. This will require a complete refactor of any custom styling.
  • Tracking Blocker Removed: The deprecated tracking blocker functionality has been removed and is replaced by a new, more capable Script Loader system. Implementations using the old tracking blocker must be migrated to the new script loader API.
  • Policy-Driven Consent: A new "Policy Packs" system for managing regional consent behavior replaces the previous "one-size-fits-all" model, which may require changes to your consent strategy configuration.
  • New c15t CLI with Codemods: The official CLI tool has been updated and includes codemods to assist with the migration from v1 to v2, indicating the substantial nature of the required changes.

Source: Changelog v2.0.0
Recommendation: This is a high-effort upgrade. Do not merge without a dedicated effort to refactor styling, adopt the new script loader, and review the new policy-driven consent system. It is highly recommended to use the c15t CLI's codemods to assist with the migration.

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.

@sestinj sestinj requested a review from a team as a code owner July 10, 2026 08:12
@dosubot dosubot Bot added the size:XS This PR changes 0-9 lines, ignoring generated files. label Jul 10, 2026
@mintlify

mintlify Bot commented Jul 10, 2026

Copy link
Copy Markdown

Preview deployment for your docs. Learn more about Mintlify Previews.

Project Status Preview Updated (UTC)
continue-docs 🟢 Ready View Preview Jul 10, 2026, 8:28 AM

💡 Tip: Enable Workflows to automatically generate PRs for you.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

size:XS This PR changes 0-9 lines, ignoring generated files.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants