Skip to content

Bump the npm group across 1 directory with 2 updates#3508

Merged
github-actions[bot] merged 1 commit into
mainfrom
dependabot/npm_and_yarn/package/npm-f01342acb0
Jul 10, 2026
Merged

Bump the npm group across 1 directory with 2 updates#3508
github-actions[bot] merged 1 commit into
mainfrom
dependabot/npm_and_yarn/package/npm-f01342acb0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 10, 2026

Copy link
Copy Markdown
Contributor

Bumps the npm group with 2 updates in the /package directory: tsx and vite.

Updates tsx from 4.22.4 to 4.22.5

Release notes

Sourced from tsx's releases.

v4.22.5

4.22.5 (2026-07-02)

Bug Fixes

  • isolate hook state per async module.register() registration (a305f36)

This release is also available on:

Commits
  • a305f36 fix: isolate hook state per async module.register() registration
  • ca501a9 chore: upgrade skills-npm to v1.2.0
  • 596cd1f test: cover __dirname, __filename, & require.cache in CJS TS file
  • 75d9bf0 test: lock in lenient ESM for ambiguous and CJS-typed packages
  • 1472f3e test: cover ESM-syntax dependency with omitted "type" field
  • See full diff in compare view

Updates vite from 8.1.2 to 8.1.3

Release notes

Sourced from vite's releases.

v8.1.3

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

8.1.3 (2026-07-02)

Bug Fixes

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the npm group with 2 updates in the /package directory: [tsx](https://github.com/privatenumber/tsx) and [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite).


Updates `tsx` from 4.22.4 to 4.22.5
- [Release notes](https://github.com/privatenumber/tsx/releases)
- [Changelog](https://github.com/privatenumber/tsx/blob/master/release.config.cjs)
- [Commits](privatenumber/tsx@v4.22.4...v4.22.5)

Updates `vite` from 8.1.2 to 8.1.3
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v8.1.3/packages/vite)

---
updated-dependencies:
- dependency-name: tsx
  dependency-version: 4.22.5
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: vite
  dependency-version: 8.1.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jul 10, 2026
@github-actions

Copy link
Copy Markdown
Contributor

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
npm/tsx ^4.22.5 UnknownUnknown
npm/vite ^8.1.3 UnknownUnknown

Scanned Files

  • package/package.json

@github-actions
github-actions Bot enabled auto-merge (squash) July 10, 2026 03:21
@github-actions
github-actions Bot merged commit 8322597 into main Jul 10, 2026
4 checks passed
@github-actions
github-actions Bot deleted the dependabot/npm_and_yarn/package/npm-f01342acb0 branch July 10, 2026 03:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant