chore(deps-dev): bump vite from 8.0.0 to 8.0.5#1115
Open
dependabot[bot] wants to merge 1 commit intomainfrom
Open
chore(deps-dev): bump vite from 8.0.0 to 8.0.5#1115dependabot[bot] wants to merge 1 commit intomainfrom
dependabot[bot] wants to merge 1 commit intomainfrom
Conversation
dependabot
bot
added
dependencies
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
dependabot
bot
added
dependencies
|
Contributor
📦 NPM canary releaseDeployed canary version 0.0.0-canary-fc2e46b. |
Contributor
🏋️ Size limit report
Click here if you want to find out what is changed in this build |
Member
|
@dependabot update |
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 8.0.0 to 8.0.5. - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v8.0.5/packages/vite) --- updated-dependencies: - dependency-name: vite dependency-version: 8.0.5 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
force-pushed
the
dependabot/npm_and_yarn/vite-8.0.5
branch
from
86f4e7d to
3f47caa
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps vite from 8.0.0 to 8.0.5.
Release notes
Sourced from vite's releases.
Changelog
Sourced from vite's changelog.
... (truncated)
Commits
1a12d4crelease: v8.0.579f002ffix: avoid path traversal with optimize deps sourcemap handler (#22161)a9a3df2fix: checkserver.fsafter stripping query as well (#22160)f02d9fdfix: apply server.fs check to env transport (#22159)f05f501fix: disallow referencing files outside the package from sourcemap (#22158)7339bdcrelease: v8.0.454229e7docs: addenvironment.fetchModuledocumentation (#22035)b0da973feat: allow esbuild 0.28 as peer deps (#22155)22b0166fix(deps): update all non-major dependencies (#22143)17330d2fix: add types forvite/modulepreload-polyfill(#22126)Note
Low Risk
Low risk lockfile-only dev tooling upgrade, though it may affect local/CI build and Storybook/Vitest behavior via updated Vite/Rolldown internals.
Overview
Upgrades the dev build toolchain by updating
vitefrom8.0.0to8.0.5inpnpm-lock.yaml, pulling in the corresponding ecosystem updates used by Storybook/Vitest.This refreshes related transitive dependencies (notably
rolldownto1.0.0-rc.12,picomatch,ws, and some CodeMirror packages) and updates Vite peer dependency expectations (e.g.,@vitejs/devtoolsand broaderesbuildcompatibility) as reflected in the lockfile.Reviewed by Cursor Bugbot for commit 3f47caa. Bugbot is set up for automated code reviews on this repo. Configure here.