Bump vite from 4.0.0 to 4.0.5 #4485

dependabot · 2023-06-06T02:05:15Z

Bumps vite from 4.0.0 to 4.0.5.

Changelog

4.0.5 (2023-05-26)

fix: fs.deny with leading double slash (#13348) (28548b5), closes #13348

4.0.4 (2023-01-03)

fix: importmap should insert before module preload link (#11492) (25c64d7), closes #11492

fix: server.host with ipv6 missed [] (fix #11466) (#11509) (2c38bae), closes #11466 #11509

fix: stop considering parent URLs as public file (#11145) (568a014), closes #11145

fix(build): invalidate chunk hash when css changed (#11475) (7a97a04), closes #11475

fix(cli): ctrl+C no longer kills processes (#11434) (#11518) (718fc1d), closes #11434 #11518

fix(cli): revert ctrl+C no longer kills processes (#11434) (#11518) (#11562) (3748acb), closes #11434 #11518 #11562

fix(optimizer): check .vite/deps directory existence before removing (#11499) (1b043f9), closes #11499

fix(ssr): emit js sourcemaps for ssr builds (#11343) (f12a1ab), closes #11343

chore: update license (#11476) (3d346c0), closes #11476

chore(deps): update dependency @rollup/plugin-json to v6 (#11553) (3647d07), closes #11553

4.0.3 (2022-12-21)

chore(deps): update dependency @rollup/plugin-commonjs to v24 (#11420) (241db16), closes #11420

chore(typo): fix typo (#11445) (ed80ea5), closes #11445

fix(ssr): ignore module exports condition (#11409) (d3c9c0b), closes #11409

feat: allow import.meta.hot define override (#8944) (857d578), closes #8944

4.0.2 (2022-12-18)

fix: fix the error message in the toOutputFilePathWithoutRuntime function (#11367) (8820f75), closes #11367

fix: make vite optimize prebundle for dev (#11387) (b4ced0f), closes #11387

fix: revert #11290 (#11412) (6587d2f), closes #11290 #11412

fix: server and preview open fails to add slash before relative path (#11394) (57276b7), closes #11394

fix: skip applescript when no Chromium browser found (fixes #11205) (#11406) (274d1f3), closes #11205 #11406

fix(deps): update dependency ufo to v1 (#11372) (4288300), closes #11372

chore: typecheck create-vite (#11295) (af86e5b), closes #11295

chore(deps): update dependency convert-source-map to v2 (#10548) (8dc6528), closes #10548

chore(deps): update dependency mlly to v1 (#11370) (9662d4d), closes #11370

4.0.1 (2022-12-12)

feat: show server url by pressing u (#11319) (8c0bb7b), closes #11319

feat(html): clickable error position for html parse error (#11334) (2e15f3d), closes #11334

fix: ?inline warning for .css.js file (#11347) (729fb1a), closes #11347

fix: check if build exists so preview doesn't show 404s due to nonexistent build (#10564) (0a1db8c), closes #10564

... (truncated)

Commits

2f5827c release: v4.0.5
28548b5 fix: fs.deny with leading double slash (#13348)
4f7a48f release: v4.0.4
1b043f9 fix(optimizer): check .vite/deps directory existence before removing (#11499)
3748acb fix(cli): revert ctrl+C no longer kills processes (#11434) (#11518) (#11562)
718fc1d fix(cli): ctrl+C no longer kills processes (#11434) (#11518)
3647d07 chore(deps): update dependency @rollup/plugin-json to v6 (#11553)
25c64d7 fix: importmap should insert before module preload link (#11492)
f12a1ab fix(ssr): emit js sourcemaps for ssr builds (#11343)
2c38bae fix: server.host with ipv6 missed [] (fix #11466) (#11509)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 4.0.0 to 4.0.5. - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v4.0.5/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v4.0.5/packages/vite) --- updated-dependencies: - dependency-name: vite dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com>

socket-security · 2023-06-09T10:03:33Z

New and updated dependency changes detected. Learn more about Socket for GitHub ↗︎

🚮 Removed packages: esbuild@0.16.17

| Package | Version | Package | Version | | ---------------------- | ------- | ---------------------- | ------- | | @uppy/aws-s3 | 3.2.0 | @uppy/status-bar | 3.2.0 | | @uppy/aws-s3-multipart | 3.4.0 | @uppy/transloadit | 3.1.6 | | @uppy/companion | 4.5.1 | @uppy/tus | 3.1.1 | | @uppy/core | 3.2.1 | @uppy/url | 3.3.2 | | @uppy/dashboard | 3.4.1 | @uppy/utils | 5.4.0 | | @uppy/golden-retriever | 3.0.4 | @uppy/xhr-upload | 3.3.0 | | @uppy/locales | 3.2.2 | uppy | 3.10.0 | | @uppy/provider-views | 3.3.1 | | | - @uppy/aws-s3-multipart: fix the chunk size calculation (Antoine du Hamel / #4508) - @uppy/aws-s3: add `shouldUseMultipart` option (Antoine du Hamel / #4299) - @uppy/companion: switch from aws-sdk v2 to @aws-sdk/* (v3) (Scott Bessler / #4285) - @uppy/companion,@uppy/core,@uppy/dashboard,@uppy/golden-retriever,@uppy/status-bar,@uppy/utils: Migrate all lodash' per-method-packages usage to lodash. (LinusMain / #4274) - @uppy/core: Don't set late (throttled) progress event on a file that is 100% complete (Artur Paikin / #4507) - @uppy/companion: revert randomness from file names (Mikael Finstad / #4509) - @uppy/companion: Custom provider fixes (Mikael Finstad / #4498) - @uppy/transloadit: ensure `fields` is not nullish when there no uploaded files (Antoine du Hamel / #4487) - @uppy/aws-s3-multipart,@uppy/aws-s3,@uppy/tus,@uppy/utils,@uppy/xhr-upload: When file is removed (or all are canceled), controller.abort queued requests (Artur Paikin / #4504) - @uppy/provider-views: Fix range selection not resetting and computing correctly (Terence C / #4415) - meta: disallow use of `.only` in tests (Antoine du Hamel / #4494) - @uppy/companion: fix 500 when file name contains non-ASCII chars (Antoine du Hamel / #4493) - @uppy/locales: update `fr_FR.js` (Samuel De Backer / #4499) - @uppy/aws-s3-multipart,@uppy/tus,@uppy/xhr-upload: Don't close socket while upload is still in progress (Artur Paikin / #4479) - meta: bump `luxon` from 1.28.0 to 1.28.1 (dependabot[bot] / #4497) - @uppy/utils: rename `EventTracker` -> `EventManager` (Stephen Wooten / #4481) - meta: bump cookiejar from 2.1.3 to 2.1.4 (dependabot[bot] / #4496) - meta: make `pre-commit` use `corepack yarn` instead of `npm run` (Antoine du Hamel / #4495) - meta: bump ua-parser-js from 0.7.31 to 0.7.35 (dependabot[bot] / #4474) - meta: bump @sideway/formula from 3.0.0 to 3.0.1 (dependabot[bot] / #4473) - meta: bump http-cache-semantics from 4.1.0 to 4.1.1 (dependabot[bot] / #4472) - @uppy/companion: Use filename from content-disposition instead of relying on url, with fallback (Artur Paikin / #4489) - meta: bump `babel`, `esbuild`, and `vite` (dependabot[bot] / #4485) - @uppy/dashboard: include the old state when setting new (Artur Paikin / #4490) - @uppy/companion: fix companion implicitpath (Mikael Finstad / #4484) - @uppy/companion: fix undefined protocol and example page (Mikael Finstad / #4483) - meta: upgrade Cypress 12.9.0 -> 12.14.0 (Antoine du Hamel / #4491) - @uppy/core: remove `state` getter from types (Antoine du Hamel / #4477) - examples/php-xhr: Added filename sanitation and file size check before saving (neuronet77 / #4432) - examples/php-xhr: update PHP dependencies (dependabot[bot]) - @uppy/xhr-upload: add support for arrays in metadata (Vasiliy Matyushin / #4431) - @uppy/status-bar: Filtered ETA (stduhpf / #4458) - @uppy/aws-s3-multipart: fix `getUploadParameters` option (Antoine du Hamel / #4465)

dependabot bot added dependencies Pull requests that update a dependency file javascript labels Jun 6, 2023

arturi requested a review from aduh95 June 6, 2023 17:40

arturi assigned aduh95 Jun 6, 2023

aduh95 added 2 commits June 9, 2023 11:52

upgrade babel, vite, and eslint

b0ce27f

fixup! upgrade babel, vite, and eslint

91833f5

aduh95 merged commit 947421b into main Jun 9, 2023
19 checks passed

aduh95 deleted the dependabot/npm_and_yarn/vite-4.0.5 branch June 9, 2023 10:07

github-actions bot mentioned this pull request Jun 19, 2023

Release: uppy@3.10.0 #4511

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump vite from 4.0.0 to 4.0.5 #4485

Bump vite from 4.0.0 to 4.0.5 #4485

dependabot bot commented on behalf of github Jun 6, 2023

socket-security bot commented Jun 9, 2023

Bump vite from 4.0.0 to 4.0.5 #4485

Bump vite from 4.0.0 to 4.0.5 #4485

Conversation

dependabot bot commented on behalf of github Jun 6, 2023

4.0.5 (2023-05-26)

4.0.4 (2023-01-03)

4.0.3 (2022-12-21)

4.0.2 (2022-12-18)

4.0.1 (2022-12-12)

socket-security bot commented Jun 9, 2023