Latest React Router Release Improves Middleware API
React Router v7.8.0 is out. TNS readers will recall that React Router is basically the Remix framework now.
The recent update improves API consistency, moves middleware closer to stabilization and — of course — there are bug fixes, according to the Remix newsletter.
New features included the addition of consistent loaderData naming.
“We’ve addressed those annoying discrepancies in loader data values across the framework,” the newsletter stated.
Previously, in components, React Router referred to the data from the loader as loaderData, but in matches, it referred to it as match.data. This release adds new loaderData fields alongside existing data fields to align with the loaderData naming used in the new Route.* APIs.
The old data fields are deprecated and will be removed in the next major version.
It also includes improvements to the middleware API.
“The biggest set of changes are focused on the unstable_middleware APIs as we move closer to stabilizing them,” the Remix team wrote. “If you’ve adopted middleware for early testing, check the changelog for detailed changes (some of which are breaking) as we refine the developer experience.”
The full React Router changelog can be seen on GitHub.
Also, if you’re interested in learning more about React Server Components (RSC) in React Router, Remix team member Jacob Ebey has created a dashboard Software as a Service (SaaS) template demonstrating RSC in production-ready scenarios, the team wrote in the newsletter. It includes a database, session-based signup and login, server components, server actions, middleware, data batching and caching.
The template includes an example of how frontend developers can build a production-ready application with RSC. Ebey also created a demo.
How Often Does Your Favorite Model Hallucinate?
Developers have to find the right model for their projects. One factor that might be worth considering is how often the model hallucinates.
Vectara is a Retrieval-Augmented Generation (RAG) as a Service and AI agent platform that operates an industry hallucination leaderboard for foundation and reasoning models on Hugging Face.
Image courtesy of Vectara.
It found that GPT-5 does indeed improve on most iterations of GPT-4, with a grounded hallucination rate of 1.4% compared to 1.8% for GPT-4. GPT-4o mini had a rate of 1.69% and GPT-4o rated 1.49%, according to Vectara.
GPT-5’s 1.4% is slightly higher than GPT-4.5 Preview’s 1.2%. It also exceeds the rate for the OpenAI o3-mini high reasoning model, which has a .795% hallucination rate according to Vectara’s tests.
Gemini-2.5-pro has a rate of 2.6% and Grok-4’s hallucination is high at 4.8%.
Oracle Requests JavaScript Trademark Case Be Dismissed
Oracle responded last week to Deno’s claim against its JavaScript trademark, claiming it is without merit.
In an Aug. 6 court filing, Oracle stated that Deno Land Inc. “is petitioning to cancel the JavaScript trademark registration but makes no allegations. Thus, no response is required and to the extent that a response is required, the Respondent [Oracle] denies the allegations.”
Oracle also denied that “there is broad industry and public consensus that the term ‘JavaScript’ is generic.” The software company also requested that the Trademark Board dismiss the proceedings “with prejudice,” which would mean the same claims could not be brought against Oracle again.
New TypeScript State Management Library
Frontend engineer Rafał Krupiński has created a state management library for TypeScript that implements the atomic approach. State management is the process of handling and organizing the application data that changes over time.
The atomic approach in state management is a method where an application’s state is broken down into small, independent, self-contained units, often called “atoms” or “micro-stores.” It allows for a more fine-grained approach to state management.
Called Stan, which is Polish for state, the library offers a minimal, type-safe approach to state management. Stan has a two-kilobyte footprint and comes without helpers, wrappers or obscure abstractions, the site states.
Krupiński stated that he looked at solutions with “aggressive” caching and minimal caching and decided to take the middle way.
“After working with atomic state for several years, I knew the answer lay somewhere in between,” he said. “I wanted a design that addressed the problems I had encountered more effectively.”
It’s also not tied to any particular framework, taking an agnostic approach, he wrote.
In addition to the website linked above, there’s also a GitHub repository for Stan.
Vulnerability in WordPress Plugins Has Wide Impact
A security vulnerability on three popular WordPress file management plugins allows unauthenticated attackers to delete arbitrary files, according to a report from Search Engine Journal.
The vulnerability is caused by versions 2.1.64 and earlier of the elFinder file manager. The affected plugins are:
- File Manager WordPress Plugin
- Advanced File Manager – Ultimate WP File Manager And Document Library Solution
- File Manager Pro – Filester
The plugins, which are installed on more than 1.3 million WordPress sites, include a Directory Traversal vulnerability that allows attackers to manipulate file paths, enabling them to reach outside the intended directory.
WordFence has additional information on the affected plugins.
10Web Offers White-Labeled AI Site Builder
10Web, which uses AI prompts to create WordPress sites, has officially launched its white-labeled site builder. As of Aug. 6, it’s available as a WordPress plugin for hosting providers.
The solution will allow infrastructure providers to offer AI-powered, branded WordPress site generation within their own hosting stack, without relying on a separate builder platform. The solution uses advanced models from OpenAI, Gemini and Anthropic to generate structured WordPress sites that are mobile-optimized, the company stated.
