Skip to content

build(deps): bump glob and @quasar/app-vite in /serverpackcreator-web-frontend#1222

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/serverpackcreator-web-frontend/multi-7ba89ddc59
Open

build(deps): bump glob and @quasar/app-vite in /serverpackcreator-web-frontend#1222
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/serverpackcreator-web-frontend/multi-7ba89ddc59

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 14, 2026

Copy link
Copy Markdown
Contributor

Removes glob. It's no longer used after updating ancestor dependency @quasar/app-vite. These dependencies need to be updated together.

Removes glob

Updates @quasar/app-vite from 2.4.0 to 3.0.1

Release notes

Sourced from @​quasar/app-vite's releases.

@​quasar/app-vite-v3.0.1

Changes

  • fix(app-vite): Capacitor & Cordova modes -> www folder not cleaned before build #18351

Donations

Quasar Framework is an open-source MIT-licensed project made possible due to the generous contributions by sponsors and backers. If you are interested in supporting this project, please consider the following:

@​quasar/app-vite-v3.0.0

Bird's eye view on what's new

  • ⚡ Blazing Fast Compilation: We've replaced esbuild with Rolldown for /src-* folders and completely redesigned the build architecture. Build steps are now parallelized across all Quasar modes, resulting in significantly faster speeds and a smaller footprint for your production distributables.

  • ⚙️ Next-Gen Environment Management: We’ve redesigned env file management from the ground up. You will no longer need to restart the dev server when making changes to these files, and you can now use them directly within your quasar.config file too!

  • 🔒 Enhanced Security & Modern Standards: We’ve migrated from process.env to the modern import.meta.env (aligning with Vite's native model) with full TypeScript support. A new security layer ensures client-side files only use a configurable prefix for env definitions, preventing potential leaks of sensitive data.

  • 📦 Smarter Dependency Isolation: We now have a clear separation of dependencies for each Quasar mode. You can install mode-specific packages directly in their respective /src-* folders. For example, the default Electron app will no longer require dependencies to be installed in its dist folder—only what you explicitly install in /src-electron will be included.

  • 🌍 Redesigned SSR Architecture: SSR mode now features superior support for custom web servers and proper TypeScript integration. When adding SSR, the CLI will prompt you to spawn a preconfigured /src-ssr folder using Hono, Fastify, Express, or Koa (let us know what other out-of-the-box servers you’d like!).

  • 📂 New Server Assets Folder for SSR: We've introduced a /src-ssr/server-assets folder alongside helpful utility functions. This makes it incredibly easy to reference assets (like HTTPS certificates) across dev and production runtimes, eliminating the strict need for an Apache/Nginx wrapper. We've also made the serverless support a breeze.

  • 🚀 Paving the Way for SSG: This new SSR architecture lays the necessary groundwork for us to finally release Static Site Generation (SSG) mode in the future.

  • 🖥️ Revamped Electron Mode: We’ve added lots of new features to make desktop development smoother. Similar to SSR, we've introduced a /src-electron/electron-assets folder. Referencing files from here (or from the /public folder) is now much easier via new utility methods available in both /src-electron and /src.

  • 🛣️ Vue Router: First-class support for the filename-based routing.

  • 🚀 Smarter reloads (when absolutely needed): You'll notice the DX on dev has improved significantly, with even smarter heuristics when changing the quasar.config file or the dotenv files.

  • 🛠️ Modernized Core: The codebase has been updated to take full advantage of Node.js v22+ features, alongside countless other small but significant improvements across all Quasar modes to boost your productivity. The CLI uses significantly less dependencies.

  • ...and sooo many other new features and enhancements!

Upgrade Guide

Please refer to docs for the Upgrade Guide. Read top to bottom first.

Donations

Quasar Framework is an open-source MIT-licensed project made possible due to the generous contributions by sponsors and backers. If you are interested in supporting this project, please consider the following:

@​quasar/app-vite-v3.0.0-rc.6

Changes

  • fix(app-vite): Electron on Windows host -> quirk on dev mode hindering execution

... (truncated)

Commits
  • 5faf39f chore(app-vite): Bump version
  • 73708b0 fix(app-vite): Capacitor & Cordova modes -> www folder not cleaned before bui...
  • 97804d7 fix(docs): highlight on the buggy safari regex engine
  • 4e917d2 chore(ui/testing): remove console.log statement
  • 26d0b1f chore(create-quasar): Bump version
  • 1c41a9a fix(create-quasar): correct title/label mismatch in JS app-vite template (fix...
  • 657205c chore(create-quasar): Bump version
  • a0db496 chore(app-vite): Bump version
  • ad02993 chore(ui): Bump version
  • 230b171 fix+perf(QDialog): css instead of js approach to fix page scroll loss functio...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Removes [glob](https://github.com/isaacs/node-glob). It's no longer used after updating ancestor dependency [@quasar/app-vite](https://github.com/quasarframework/quasar). These dependencies need to be updated together.


Removes `glob`

Updates `@quasar/app-vite` from 2.4.0 to 3.0.1
- [Release notes](https://github.com/quasarframework/quasar/releases)
- [Commits](https://github.com/quasarframework/quasar/compare/@quasar/app-vite-v2.4.0...@quasar/app-vite-v3.0.1)

---
updated-dependencies:
- dependency-name: glob
  dependency-version:
  dependency-type: indirect
- dependency-name: "@quasar/app-vite"
  dependency-version: 3.0.1
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jul 14, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants