[Snyk] Upgrade react-focus-on from 3.9.1 to 3.9.2

[JasonStoltz]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade react-focus-on from 3.9.1 to 3.9.2.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 1 version ahead of your current version.
• The recommended version was released 23 days ago, on 2024-03-03.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[mgadewoll]

This upgrade updates internal dependencies only, see the changes here.

Dependencies updated:

• react-focus-lock: ^2.9.4 -> ^2.11.2, (changes)
• react-remove-scroll: ^2.5.6 -> ^2.5.7 (changes)
• react-style-singleton: ^2.2.0 -> ^2.2.1 (changes)

ℹ️ Affected components:

• EuiFocusTrap - used in:
  • EuiOverlayMask
  • EuiFlyout
  • EuiCustomFlyout
  • EuiCodeBlock (fullscreen)
  • EuiDataGrid (fullscreen)
  • EuiImage (fullscreen)
  • EuiModal
  • EuiInputPopover
  • EuiPopover

✅ There were no regression issues found for EuiFocusTrap through manual testing.

[cee-chen]

FYI, this is a potentially high risk/high impact set of dependency / subdependency updates - we semi-frequently contribute back to react-focus-on and it's many sub-dependencies to get the fixes/functionality we need. We have "react-focus-lock": "^2.9.5" pinned in our package.json for one of those fixes, and we should go ahead and remove that now

[elasticmachine]

:broken_heart: Build Failed

• Buildkite Build
• Commit: 4816b812e0481abcd42612aa9d78e545f0db9c56

Failed CI Steps

• :hammer: EUI pull request test

History

• :broken_heart: Build #1618 failed 4816b812e0481abcd42612aa9d78e545f0db9c56
• :green_heart: Build #1616 succeeded b445497278bd73257a6ef50b2745799992f43673
• :green_heart: Build #1592 succeeded acc5d9d5fb99d0421d5bae05e1036f5d89b97e41

cc @mgadewoll

[kibanamachine]

Preview staging links for this PR:

• Docs site: https://eui.elastic.co/pr_7624/
• Storybook: https://eui.elastic.co/pr_7624/storybook

[mgadewoll]

FYI, this is a potentially high risk/high impact set of dependency / subdependency updates - we semi-frequently contribute back to react-focus-on and it's many sub-dependencies to get the fixes/functionality we need. We have "react-focus-lock": "^2.9.5" pinned in our package.json for one of those fixes, and we should go ahead and remove that now

⚠️ After removing the fixed resolution for react-focus-lock some tests for focus_utils.spec.tsx started failing. After opening the actions popover of a cell, the tests expect focus to return to the cell (button) when pressing ESCAPE on the opened actions popover. Instead it moves to the first focusable item in the grid toolbar.

current

expected

It seems that with react-focus-on version 2.11.0 there where underlying changes to returning focus that change the behavior.

🔍 It might be related to this change:

• The activeElement passed to captureFocusRestore is the cell button that previously was focused on returned focus
• The newly returned element that comes back from restoreFocusTo called inside captureFocusRestore is now the toolbar action button

📦 Some dependency update info on when it starts breaking:

• the dependency focus-lock added the returnFocusTo functionality in version 1.2.0 which react-focus-lock added in version 2.10.1 (version comparison here)
• react-focus-lock started using captureFocusRestore in version 2.11.0 (version comparison here)