Skip to content

chore: bump lucide-react from 0.577.0 to 1.22.0#106

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/lucide-react-1.22.0
Closed

chore: bump lucide-react from 0.577.0 to 1.22.0#106
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/lucide-react-1.22.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 29, 2026

Copy link
Copy Markdown
Contributor

Bumps lucide-react from 0.577.0 to 1.22.0.

Release notes

Sourced from lucide-react's releases.

Version 1.22.0

What's Changed

New Contributors

Full Changelog: lucide-icons/lucide@1.21.0...1.22.0

Version 1.21.0

What's Changed

New Contributors

Full Changelog: lucide-icons/lucide@1.20.0...1.21.0

Version 1.20.0

What's Changed

... (truncated)

Commits
  • 5ff536e ci(release.yml): Fix workflow and remove version scripts in package scripts...
  • 07c885e fix(docs): fix zephyr-cloud URL in readmes
  • 50d8af5 docs(readme): Update readme files (#4320)
  • 653e44b feat(packages): use .mjs for ESM bundles (#4285)
  • 7623e23 feat(docs): add Zephyr Cloud to Hero Backers tier & rework updateSponsors scr...
  • dada0a8 fix(lucide-react): Fix dynamic imports (#4210)
  • a6e648a fix(lucide-react): correct client directives in RSC files (#4189)
  • 1f010a3 fix(lucide-react): Fixes provider export and RSC render issues (#4175)
  • 484f2c9 docs(version-1): Version 1 website (#4142)
  • a0e202d feat(packages/angular): add new @​lucide/angular package (#3897)
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 29, 2026
Bumps [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) from 0.577.0 to 1.22.0.
- [Release notes](https://github.com/lucide-icons/lucide/releases)
- [Commits](https://github.com/lucide-icons/lucide/commits/1.22.0/packages/lucide-react)

---
updated-dependencies:
- dependency-name: lucide-react
  dependency-version: 1.22.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/lucide-react-1.22.0 branch from 8cecf19 to 385561c Compare June 30, 2026 00:17

Copy link
Copy Markdown
Owner

Automated PR Review

Risk: HIGH | Bump: lucide-react 0.577 → 1.22 (major — 0.x → 1.x) | Verdict: NEEDS_REVIEW

Changelog Analysis

lucide-react 1.0 was a stabilization release. The key breaking changes from 0.x → 1.x:

  • Icon renames: Several icons were renamed for consistency (e.g. Loader2LoaderCircle, MoreHorizontalEllipsis, MoreVerticalEllipsisVertical). If cashflow uses any renamed icons by their old names, those imports will fail at runtime (tree-shaken out, not a build error).
  • Package entrypoint changes: The import path structure was cleaned up.
  • Type changes: IconNode and LucideProps types were tightened.

Since CI build passes (TypeScript compiles clean), any used icons were either not renamed or Lucide maintained re-exports for backwards compatibility for the ones cashflow uses.

Security

No CVE. UI icon library only.

Upstream Peer-Dep Check

lucide-react 1.x requires React 16+ — satisfied by React 19. No peer conflicts.

Build / Type / Tests

CI run on 2026-06-30T00:17 — all 8 checks green: ✅ build, ✅ test, ✅ lint, ✅ security, ✅ CodeQL, ✅ Trivy, ✅ GitGuardian, ✅ release. TypeScript passes cleanly.

Downstream Workflow Simulation

Build passes. However, renamed icons that are imported via string (dynamic imports, Storybook stories, etc.) would not be caught by TypeScript. cashflow doesn't appear to have Storybook or dynamic icon lookups.

Recommendation

CI is fully green and TypeScript catches static import errors. The main risk is a renamed icon appearing as null/broken in the UI rather than as a build error. Recommend visually spot-checking pages that use icons after merge, or reviewing which lucide-react icons cashflow imports against the v1.0 migration guide. Safe to merge with that caveat.

Automated review posted by PR-review-bot — 2026-06-30


Generated by Claude Code

@dependabot @github

dependabot Bot commented on behalf of github Jul 6, 2026

Copy link
Copy Markdown
Contributor Author

Superseded by #111.

@dependabot dependabot Bot closed this Jul 6, 2026
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/lucide-react-1.22.0 branch July 6, 2026 19:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant