build(deps-dev): bump vite from 6.0.3 to 6.0.10 #6002
Conversation
dependabot
bot
added
the
Dependencies
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
|
How to use the Graphite Merge QueueAdd either label to this PR to merge it via the merge queue:
You must have a Graphite account in order to use the merge queue. Sign up using this link. An organization admin has enabled the Graphite Merge Queue in this repository. Please do not merge from GitHub as this will restart CI on PRs being processed by the merge queue. |
dependabot
bot
force-pushed
the
dependabot/npm_and_yarn/vite-6.0.10
branch
from
606a3ba to
4905053
Compare
|
New and updated dependencies detected. Learn more about Socket for GitHub ↗︎
|
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 6.0.3 to 6.0.10. - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v6.0.10/packages/vite) --- updated-dependencies: - dependency-name: vite dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
force-pushed
the
dependabot/npm_and_yarn/vite-6.0.10
branch
from
4905053 to
e91e1b2
Compare
Bumps vite from 6.0.3 to 6.0.10.
Release notes
Sourced from vite's releases.
Changelog
Sourced from vite's changelog.
... (truncated)
Commits
9654348release: v6.0.102495022fix: try parseserver.originURL (#19241)a55f8barelease: v6.0.9bd896fbfix!: check host header to prevent DNS rebinding attacks and introduce `serve...029dcd6fix: verify token for HMR WebSocket connectionb09572afix!: defaultserver.cors: falseto disallow fetching from untrusted originsc0f72a6release: v6.0.8f2aed62fix: tree shake stringified JSON imports (#19189)db81c2dfix: ensureserver.close()only called once (#19204)47039f4fix: use shared sigterm callback (#19203)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)PR-Codex overview
This PR focuses on updating dependencies in the
package.jsonandpnpm-lock.yamlfiles, primarily upgrading thevitepackage and various other libraries to newer versions, ensuring compatibility and potentially improved performance.Detailed summary
vitefrom6.0.3to6.0.10inpackage.json.@noble/hashesfrom1.7.0to1.7.1inpnpm-lock.yaml.@aws-sdk/credential-providersversion specification inpnpm-lock.yaml.rolluprelated packages to4.31.0inpnpm-lock.yaml.@scure/basefrom1.2.1to1.2.4inpnpm-lock.yaml.zustandfrom5.0.0to5.0.3inpnpm-lock.yaml.@types/connectfrom3.4.36to3.4.38inpnpm-lock.yaml.readable-streamfrom4.6.0to4.7.0inpnpm-lock.yaml.