GitShow/remix-run/react-router
remix-run

react-router

Declarative routing for React

by remix-run
Star on GitHubForkWebsitenpm

TypeScript

56.5k stars10.9k forks1.3k contributorsActive · 1d agoSince 2014react-router@8.1.0MIT

Meet the team

See all 1295 on GitHub →
brophdawg11
brophdawg112.0k contributions
mjackson
mjackson2.0k contributions
ryanflorence
ryanflorence1.3k contributions
remix-run-bot
remix-run-bot437 contributions
chaance
chaance418 contributions
pcattori
pcattori406 contributions
markdalgleish
markdalgleish388 contributions
taion
taion381 contributions

Languages

View on GitHub →
TypeScript98.9%
JavaScript0.8%
CSS0.3%
Shell0%
MDX0%
HTML0%

Commit activity

Last 12 weeks · 366 commits

Full graph →

Community health

4 of 6 standards met

Community profile →
75
✓README✓License✓Contributing✓Code of Conduct○Issue Template○PR Template

Recent PRs & issues

Active · Last activity 1d ago
See all on GitHub →
orbisai0security
fix: upgrade axios to 1.7.4 (CVE-2024-39338)OpenPR

Summary Upgrade axios from 1.6.8 to 1.7.4 to fix CVE-2024-39338. Vulnerability Description: axios: axios: Server-Side Request Forgery Evidence Scanner confirmation: trivy rule flagged this pattern. Production code*: This file is in the production codebase, not test-only code. Threat Model Context This is a web application - XSS and injection vulnerabilities can affect end users. Changes Verification [x] Build passes [x] Scanner re-scan confirms fix [x] LLM code review passed This change addresses a pattern flagged by static analysis. The code path handles user-influenced input and the fix reduces the attack surface against both manual and automated exploitation. Automated security fix by OrbisAI Security*

orbisai0security · 8h ago
borngraced
`react-router dev` crashes with ENOTEMPTY when typegen runs in parallelOpenIssue

Description can crash when another process runs at the same time. The failure is a filesystem race on : This happens because the dev-server typegen watcher and a standalone invocation both try to remove and rewrite the same generated directories concurrently. Reproduction 1. Start the dev server in a Framework Mode app: 2. While dev is running, trigger typegen from another process (common in real projects): Or run a script that shells out to typegen, e.g.: with a pre-commit hook that also runs before . 3. Repeat a few times or trigger a route-config change in dev while typegen is running. Expected: Both processes complete; generated types stay consistent. Actual: Dev server or typegen crashes with when one process s (or the whole tree) while the other is still writing. Root cause In : and call before writing also calls on route-config changes, which removes There is no cross-process coordination between the Vite plugin watcher and CLI Proposed fix 1. Serialize typegen writes with a cross-process lock outside the generated tree (e.g. ), so dev watcher and CLI typegen cannot overlap destructive writes 2. Retry on retryable errors (, , ) with short backoff before surfacing the error Environment : 8.1.0 Node: >= 22 OS: macOS (also reported on other platforms with parallel file operations) Happy to open a PR with lock + retry if this approach looks good.

borngraced · 13h ago
dfedoryshchev
docs: fix useNavigate example to pass state in the options argumentOpenPR

The example for navigating with a object places inside the object: But is not a property of (, and is only / / ), so this is a TypeScript excess-property error. At runtime reads from its second argument (), so the above is silently dropped, and is empty on the next page, which is the opposite of what the sentence right below the example promises. This moves into the options argument so the example type-checks and actually populates .

dfedoryshchev · 18h ago

Recent fixes

View closed PRs →
spokodev
fix: rank a static route above a dynamic param with a static suffixMergedPR

classifies each path segment as static, dynamic, or empty to rank matching routes. A segment that starts with a param but carries a static suffix, such as , is dynamic: compiles it to and captures a param. But scores it as a fully static segment, so and a truly static get the same score and tie. The tie is broken by declaration order, so when the dynamic route is declared first, a request for the literal matches with instead of the static route. This breaks the invariant that a static route beats a dynamic one regardless of order, and the documented workaround of adding a static path to disambiguate does not help, since the static path is present and still loses. Real cases: per-language sitemaps or feeds ( + ), asset routes ( + ), extension routes ( + ). Cause : const paramRe = /^:[\w-]+$/; The trailing requires the whole segment to be a bare param, so a param with a static suffix fails the test and is scored as static. The router's own definition of a param is a segment that starts with ( uses ; a mid-segment colon like stays static). Fix Drop the so a segment counts as dynamic when it starts with a param token: const paramRe = /^:[\w-]+/; Predicate table after the change: dynamic, dynamic, dynamic, dynamic, static, static (mid-segment colon, unchanged), static. Added (uses the export): the static route wins in either declaration order, and still matches . It fails before the change; the , and suites (82 tests) stay green. One point for review: this also changes a previously order-dependent case. no longer automatically outranks a sibling ; both are dynamic now and tie, so declaration order decides. That is arguably more correct, but if you would rather rank suffix-params strictly between plain-dynamic and static, that needs a dedicated weight, which is the re-weighting direction discussed in #13666. This change stays narrow and only corrects the static-vs-dynamic inversion.

spokodev · 1d ago
Structured data for AI agents

Repository: remix-run/react-router. Description: Declarative routing for React Stars: 56489, Forks: 10902. Primary language: TypeScript. Languages: TypeScript (98.9%), JavaScript (0.8%), CSS (0.3%), Shell (0%), MDX (0%). License: MIT. Homepage: https://reactrouter.com Latest release: react-router@8.1.0 (4d ago). Open PRs: 34, open issues: 88. Last activity: 1d ago. Community health: 75%. Top contributors: brophdawg11, mjackson, ryanflorence, remix-run-bot, chaance, pcattori, markdalgleish, taion, github-actions[bot], timdorr and others.

·@ofershap

Replace github.com with gitshow.dev