Skip to content

Bump the npm_and_yarn group across 1 directory with 6 updates #7

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump the npm_and_yarn group across 1 directory with 6 updates #7

wants to merge 1 commit into from

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Jul 18, 2025

Bumps the npm_and_yarn group with 5 updates in the /src/frontend directory:

Package From To
axios 1.7.9 1.8.2
vite 6.1.0 6.3.5
@babel/runtime 7.26.7 7.27.6
react-router 7.1.5 7.7.0
react-router-dom 7.1.5 7.7.0

Updates axios from 1.7.9 to 1.8.2

Release notes

Sourced from axios's releases.

Release v1.8.2

Release notes:

Bug Fixes

  • http-adapter: add allowAbsoluteUrls to path building (#6810) (fb8eec2)

Contributors to this release

Release v1.8.1

Release notes:

Bug Fixes

  • utils: move generateString to platform utils to avoid importing crypto module into client builds; (#6789) (36a5a62)

Contributors to this release

Release v1.8.0

Release notes:

Bug Fixes

  • examples: application crashed when navigating examples in browser (#5938) (1260ded)
  • missing word in SUPPORT_QUESTION.yml (#6757) (1f890b1)
  • utils: replace getRandomValues with crypto module (#6788) (23a25af)

Features

Reverts

BREAKING CHANGES

  • code relying on the above will now combine the URLs instead of prefer request URL

  • feat: add config option for allowing absolute URLs

  • fix: add default value for allowAbsoluteUrls in buildFullPath

  • fix: typo in flow control when setting allowAbsoluteUrls

Contributors to this release

... (truncated)

Changelog

Sourced from axios's changelog.

1.8.2 (2025-03-07)

Bug Fixes

  • http-adapter: add allowAbsoluteUrls to path building (#6810) (fb8eec2)

Contributors to this release

1.8.1 (2025-02-26)

Bug Fixes

  • utils: move generateString to platform utils to avoid importing crypto module into client builds; (#6789) (36a5a62)

Contributors to this release

1.8.0 (2025-02-25)

Bug Fixes

  • examples: application crashed when navigating examples in browser (#5938) (1260ded)
  • missing word in SUPPORT_QUESTION.yml (#6757) (1f890b1)
  • utils: replace getRandomValues with crypto module (#6788) (23a25af)

Features

Reverts

BREAKING CHANGES

  • code relying on the above will now combine the URLs instead of prefer request URL

  • feat: add config option for allowing absolute URLs

  • fix: add default value for allowAbsoluteUrls in buildFullPath

... (truncated)

Commits
  • a9f7689 chore(release): v1.8.2 (#6812)
  • fb8eec2 fix(http-adapter): add allowAbsoluteUrls to path building (#6810)
  • 9812045 chore(sponsor): update sponsor block (#6804)
  • 72acf75 chore(sponsor): update sponsor block (#6794)
  • 2e64afd chore(release): v1.8.1 (#6800)
  • 36a5a62 fix(utils): move generateString to platform utils to avoid importing crypto...
  • cceb7b1 chore(release): v1.8.0 (#6795)
  • 23a25af fix(utils): replace getRandomValues with crypto module (#6788)
  • 32c7bcc feat: Add config for ignoring absolute URLs (#5902) (#6192)
  • 4a3e26c chore(config): adjust rollup config to preserve license header to minified Ja...
  • Additional commits viewable in compare view

Updates vite from 6.1.0 to 6.3.5

Release notes

Sourced from vite's releases.

v6.3.5

Please refer to CHANGELOG.md for details.

v6.3.4

Please refer to CHANGELOG.md for details.

v6.3.3

Please refer to CHANGELOG.md for details.

v6.3.2

Please refer to CHANGELOG.md for details.

[email protected]

Please refer to CHANGELOG.md for details.

v6.3.1

Please refer to CHANGELOG.md for details.

[email protected]

Please refer to CHANGELOG.md for details.

v6.3.0

Please refer to CHANGELOG.md for details.

v6.3.0-beta.2

Please refer to CHANGELOG.md for details.

v6.3.0-beta.1

Please refer to CHANGELOG.md for details.

v6.3.0-beta.0

Please refer to CHANGELOG.md for details.

v6.2.7

Please refer to CHANGELOG.md for details.

v6.2.6

Please refer to CHANGELOG.md for details.

v6.2.5

Please refer to CHANGELOG.md for details.

v6.2.4

Please refer to CHANGELOG.md for details.

v6.2.3

Please refer to CHANGELOG.md for details.

v6.2.2

Please refer to CHANGELOG.md for details.

... (truncated)

Changelog

Sourced from vite's changelog.

6.3.5 (2025-05-05)

Bug Fixes

  • ssr: handle uninitialized export access as undefined (#19959) (fd38d07)

6.3.4 (2025-04-30)

Bug Fixes

  • check static serve file inside sirv (#19965) (c22c43d)
  • optimizer: return plain object when using require to import externals in optimized dependencies (#19940) (efc5eab)

Code Refactoring

6.3.3 (2025-04-24)

Bug Fixes

  • assets: ensure ?no-inline is not included in the asset url in the production environment (#19496) (16a73c0)
  • css: resolve relative imports in sass properly on Windows (#19920) (ffab442)
  • deps: update all non-major dependencies (#19899) (a4b500e)
  • ignore malformed uris in tranform middleware (#19853) (e4d5201)
  • ssr: fix execution order of re-export (#19841) (ed29dee)
  • ssr: fix live binding of default export declaration and hoist exports getter (#19842) (80a91ff)

Performance Improvements

  • skip sourcemap generation for renderChunk hook of import-analysis-build plugin (#19921) (55cfd04)

Tests

  • ssr: test ssrTransform re-export deps and test stacktrace with first line (#19629) (9399cda)

6.3.2 (2025-04-18)

Features

Bug Fixes

  • css: respect css.lightningcss option in css minification process (#19879) (b5055e0)
  • deps: update all non-major dependencies (#19698) (bab4cb9)
  • match default asserts case insensitive (#19852) (cbdab1d)
  • open first url if host does not match any urls (#19886) (6abbdce)

6.3.1 (2025-04-17)

Bug Fixes

  • avoid using Promise.allSettled in preload function (#19805) (35c7f35)
  • backward compat for internal plugin transform calls (#19878) (a152b7c)

... (truncated)

Commits
  • 84e4647 release: v6.3.5
  • fd38d07 fix(ssr): handle uninitialized export access as undefined (#19959)
  • b040d54 release: v6.3.4
  • c22c43d fix: check static serve file inside sirv (#19965)
  • efc5eab fix(optimizer): return plain object when using require to import externals ...
  • d6d01c2 refactor: remove duplicate plugin context type (#19935)
  • db9eb97 release: v6.3.3
  • e4d5201 fix: ignore malformed uris in tranform middleware (#19853)
  • 55cfd04 perf: skip sourcemap generation for renderChunk hook of import-analysis-build...
  • ffab442 fix(css): resolve relative imports in sass properly on Windows (#19920)
  • Additional commits viewable in compare view

Updates @babel/runtime from 7.26.7 to 7.27.6

Release notes

Sourced from @​babel/runtime's releases.

v7.27.6 (2025-06-05)

🐛 Bug Fix

  • babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator, babel-preset-env, babel-runtime-corejs3
  • babel-generator, babel-parser, babel-types

Committers: 3

v7.27.5 (2025-06-03)

Thanks @​NullVoxPopuli for your first PR!

🐛 Bug Fix

💅 Polish

Committers: 4

v7.27.4 (2025-05-30)

👓 Spec Compliance

  • babel-parser, babel-plugin-proposal-explicit-resource-management

💅 Polish

🔬 Output optimization

  • babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-classes, babel-plugin-transform-destructuring, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-classes, babel-plugin-transform-destructuring, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs3
  • babel-core, babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-classes, babel-plugin-transform-destructuring, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone

... (truncated)

Changelog

Sourced from @​babel/runtime's changelog.

v7.27.6 (2025-06-05)

🐛 Bug Fix

  • babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator, babel-preset-env, babel-runtime-corejs3
  • babel-generator, babel-parser, babel-types

v7.27.5 (2025-06-03)

🐛 Bug Fix

💅 Polish

v7.27.4 (2025-05-30)

👓 Spec Compliance

  • babel-parser, babel-plugin-proposal-explicit-resource-management

💅 Polish

🔬 Output optimization

  • babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-classes, babel-plugin-transform-destructuring, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-classes, babel-plugin-transform-destructuring, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs3
  • babel-core, babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-classes, babel-plugin-transform-destructuring, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone

v7.27.3 (2025-05-27)

🐛 Bug Fix

  • babel-generator
  • babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator, babel-preset-env, babel-runtime-corejs3
  • babel-plugin-proposal-explicit-resource-management
  • babel-plugin-proposal-decorators, babel-types
    • #17321 fix(converter): Remove abstract modifiers in class declaration to expression conversion (@​magic-akari)
  • babel-helper-module-transforms, babel-plugin-proposal-explicit-resource-management, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-umd
    • #17257 Preserve class id when transforming using declarations with exported class (@​JLHwung)

... (truncated)

Commits

Updates esbuild from 0.24.2 to 0.25.6

Release notes

Sourced from esbuild's releases.

v0.25.6

  • Fix a memory leak when cancel() is used on a build context (#4231)

    Calling rebuild() followed by cancel() in rapid succession could previously leak memory. The bundler uses a producer/consumer model internally, and the resource leak was caused by the consumer being termianted while there were still remaining unreceived results from a producer. To avoid the leak, the consumer now waits for all producers to finish before terminating.

  • Support empty :is() and :where() syntax in CSS (#4232)

    Previously using these selectors with esbuild would generate a warning. That warning has been removed in this release for these cases.

  • Improve tree-shaking of try statements in dead code (#4224)

    With this release, esbuild will now remove certain try statements if esbuild considers them to be within dead code (i.e. code that is known to not ever be evaluated). For example:

    // Original code
return 'foo'
try { return 'bar' } catch {}
// Old output (with --minify)
return"foo";try{return"bar"}catch{}
// New output (with --minify)
return"foo";

  • Consider negated bigints to have no side effects

    While esbuild currently considers 1, -1, and 1n to all have no side effects, it didn't previously consider -1n to have no side effects. This is because esbuild does constant folding with numbers but not bigints. However, it meant that unused negative bigint constants were not tree-shaken. With this release, esbuild will now consider these expressions to also be side-effect free:

    // Original code
let a = 1, b = -1, c = 1n, d = -1n
// Old output (with --bundle --minify)
(()=>{var n=-1n;})();
// New output (with --bundle --minify)
(()=>{})();

  • Support a configurable delay in watch mode before rebuilding (#3476, #4178)

    The watch() API now takes a delay option that lets you add a delay (in milliseconds) before rebuilding when a change is detected in watch mode. If you use a tool that regenerates multiple source files very slowly, this should make it more likely that esbuild's watch mode won't generate a broken intermediate build before the successful final build. This option is also available via the CLI using the --watch-delay= flag.

    This should also help avoid confusion about the watch() API's options argument. It was previously empty to allow for future API expansion, which caused some people to think that the documentation was missing. It's no longer empty now that the watch() API has an option.

  • Allow mixed array for entryPoints API option (#4223)

    The TypeScript type definitions now allow you to pass a mixed array of both string literals and object literals to the entryPoints API option, such as ['foo.js', { out: 'lib', in: 'bar.js' }]. This was always possible to do in JavaScript but the TypeScript type definitions were previously too restrictive.

... (truncated)

Changelog

Sourced from esbuild's changelog.

Changelog: 2024

This changelog documents all esbuild versions published in the year 2024 (versions 0.19.12 through 0.24.2).

Commits

Updates react-router from 7.1.5 to 7.7.0

Release notes

Sourced from react-router's releases.

v7.7.0

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v770

v7.6.3

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v763

v7.6.2

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v762

v7.6.1

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v761

v7.6.0

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v760

v7.5.3

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v753

v7.5.2

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v752

v7.5.1

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v751

v7.5.0

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v750

v7.4.1

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v741

v7.4.0

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v740

v7.3.0

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v730

v7.2.0

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v720

Changelog

Sourced from react-router's changelog.

7.7.0

Minor Changes

Patch Changes

  • Handle InvalidCharacterError when validating cookie signature (#13847)

  • Pass a copy of searchParams to the setSearchParams callback function to avoid muations of the internal searchParams instance. This was an issue when navigations were blocked because the internal instance be out of sync with useLocation().search. (#12784)

  • Support invalid Date in turbo-stream v2 fork (#13684)

  • In Framework Mode, clear critical CSS in development after initial render (#13872)

  • Strip search parameters from patchRoutesOnNavigation path param for fetcher calls (#13911)

  • Skip scroll restoration on useRevalidator() calls because they're not new locations (#13671)

  • Support unencoded UTF-8 routes in prerender config with ssr set to false (#13699)

  • Do not throw if the url hash is not a valid URI component (#13247)

  • Fix a regression in createRoutesStub introduced with the middleware feature. (#13946)

    As part of that work we altered the signature to align with the new middleware APIs without making it backwards compatible with the prior AppLoadContext API. This permitted createRoutesStub to work if you were opting into middleware and the updated context typings, but broke createRoutesStub for users not yet opting into middleware.

    We've reverted this change and re-implemented it in such a way that both sets of users can leverage it.

    // If you have not opted into middleware, the old API should work again
let context: AppLoadContext = {
  /*...*/
};
let Stub = createRoutesStub(routes, context);
// If you have opted into middleware, you should now pass an instantiated unstable_routerContextProvider instead of a getContext factory function.
let context = new unstable_RouterContextProvider();
context.set(SomeContext, someValue);
let Stub = createRoutesStub(routes, context);

    ⚠️ This may be a breaking bug for if you have adopted the unstable Middleware feature and are using createRoutesStub with the updated API.

  • Remove Content-Length header from Single Fetch responses (#13902)

7.6.3

... (truncated)

Commits
  • 63f0cd3 chore: Update version for release (#14015)
  • b7753cf chore: Update version for release (pre) (#14008)
  • 7150677 Inject client route component props during RSC render (#14007)
  • 216222b chore: Update version for release (pre) (#13999)
  • b6c5168 Remove leftover critical CSS on hydration mismatch (#13995)
  • 7204a29 chore: Update version for release (pre) (#13980)
  • b76ed3d fix(rsc): handle ErrorResponse in resource routes (#13966)
  • b3337fc always include additional route patches in payload to aid in SPA / "lazy" dis...
  • 3f0526b fix(rsc): remove manual error bubbling (#13973)
  • 1b459f5 fix(rsc): support unstable_getContext in RSCHydratedRouter (#13960)
  • Additional commits viewable in compare view

Updates react-router-dom from 7.1.5 to 7.7.0

Release notes

Sourced from react-router-dom's releases.

[email protected]

Patch Changes

[email protected]

Patch Changes

[email protected]

Patch Changes

[email protected]

Patch Changes

Changelog

Sourced from react-router-dom's changelog.

7.7.0

Patch Changes

7.6.3

Patch Changes

7.6.2

Patch Changes

7.6.1

Patch Changes

7.6.0

Patch Changes

7.5.3

Patch Changes

7.5.2

Patch Changes

7.5.1

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump the npm_and_yarn group across 1 directory with 6 updates
7dc5f9b 
Bumps the npm_and_yarn group with 5 updates in the /src/frontend directory:

| Package | From | To |
| --- | --- | --- |
| [axios](https://github.com/axios/axios) | `1.7.9` | `1.8.2` |
| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `6.1.0` | `6.3.5` |
| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.26.7` | `7.27.6` |
| [react-router](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router) | `7.1.5` | `7.7.0` |
| [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom) | `7.1.5` | `7.7.0` |



Updates `axios` from 1.7.9 to 1.8.2
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.7.9...v1.8.2)

Updates `vite` from 6.1.0 to 6.3.5
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v6.3.5/packages/vite)

Updates `@babel/runtime` from 7.26.7 to 7.27.6
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.27.6/packages/babel-runtime)

Updates `esbuild` from 0.24.2 to 0.25.6
- [Release notes](https://github.com/evanw/esbuild/releases)
- [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG-2024.md)
- [Commits](evanw/esbuild@v0.24.2...v0.25.6)

Updates `react-router` from 7.1.5 to 7.7.0
- [Release notes](https://github.com/remix-run/react-router/releases)
- [Changelog](https://github.com/remix-run/react-router/blob/main/packages/react-router/CHANGELOG.md)
- [Commits](https://github.com/remix-run/react-router/commits/[email protected]/packages/react-router)

Updates `react-router-dom` from 7.1.5 to 7.7.0
- [Release notes](https://github.com/remix-run/react-router/releases)
- [Changelog](https://github.com/remix-run/react-router/blob/main/packages/react-router-dom/CHANGELOG.md)
- [Commits](https://github.com/remix-run/react-router/commits/[email protected]/packages/react-router-dom)

---
updated-dependencies:
- dependency-name: axios
  dependency-version: 1.8.2
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: vite
  dependency-version: 6.3.5
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: "@babel/runtime"
  dependency-version: 7.27.6
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: esbuild
  dependency-version: 0.25.6
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: react-router
  dependency-version: 7.7.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: react-router-dom
  dependency-version: 7.7.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 18, 2025
This was referenced Jul 18, 2025
Closed
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant