Commit 352953d
committed
minor #2977 [Vue] Update dev dependency `
This PR was merged into the 2.x branch.
Discussion
----------
[Vue] Update dev dependency ``@vitejs`/plugin-vue`
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| Docs? | no
| Issues | no
| License | MIT
esbuild 0.21.5 require by vite 5.4.19, require by plugin-vue 4.6.2 contains security vulnerabilities
It's necessary to upgrade to esbuild to 0.25.0+, so plugin-vue must be in 5.1.5+ in order to have vite 6+ which is the first version that require esbuild 0.25.0+
It's a recurring dependabot alerts for me, example : https://github.com/fastfony/fastfony/security/dependabot/1
<img width="1246" height="722" alt="Capture d’écran 2025-08-06 à 00 03 48" src="https://github.com/user-attachments/assets/3253530c-0dea-4eef-beda-96f1c6e5b437" />
I have tested this upgrade on Fastfony with a fork of ux-vue repo and seems to no BC appears.
Commits
-------
9457c8e Update plugin-vue required version in package.json@vitejs/plugin-vue` (neothone)2 files changed
+14
-8
lines changedSome generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
49 | 49 | | |
50 | 50 | | |
51 | 51 | | |
52 | | - | |
| 52 | + | |
53 | 53 | | |
54 | 54 | | |
55 | 55 | | |
| |||
0 commit comments