[Tech] bump vite from 5.4.2 to 5.4.6 in /frontend #1704

dependabot · 2024-09-17T19:21:57Z

Bumps vite from 5.4.2 to 5.4.6.

Changelog

5.4.6 (2024-09-16)

fix: avoid DOM Clobbering gadget in getRelativeUrlFromDocument (#18115) (179b177), closes #18115

fix: fs raw query (#18112) (6820bb3), closes #18112

5.4.5 (2024-09-13)

fix(preload): backport #18098, throw error preloading module as well (#18099) (faa2405), closes #18098 #18099

5.4.4 (2024-09-11)

fix: backport #17997, ensure req.url matches moduleByEtag URL to avoid incorrect 304 (#18078) (74a79c5), closes #17997 #18078

fix: backport #18063, allow scanning exports from script module in svelte (#18077) (d90ba40), closes #18063 #18077

fix(preload): backport #18046, allow ignoring dep errors (#18076) (8760293), closes #18046 #18076

5.4.3 (2024-09-03)

fix: allow getting URL of JS files in publicDir (#17915) (943ece1), closes #17915

fix: cjs warning respect the logLevel flag (#17993) (dc3c14f), closes #17993

fix: improve CJS warning trace information (#17926) (5c5f82c), closes #17926

fix: only remove entry assets handled by Vite core (#17916) (ebfaa7e), closes #17916

fix: waitForRequestIdle locked (#17982) (ad13760), closes #17982

fix(css): fix directory index import in sass modern api (#17960) (9b001ba), closes #17960

fix(css): fix sass file:// reference (#17909) (561b940), closes #17909

fix(css): fix sass modern source map (#17938) (d428e7e), closes #17938

fix(deps): bump tsconfck (#17990) (8c661b2), closes #17990

fix(html): rewrite assets url in <template> (#17988) (413c86a), closes #17988

fix(preload): add crossorigin attribute in CSS link tags (#17930) (15871c7), closes #17930

chore: reduce diffs with v6 branch (#17942) (bf9065a), closes #17942

chore(deps): update all non-major dependencies (#17945) (cfb621e), closes #17945

chore(deps): update all non-major dependencies (#17991) (0ca53cf), closes #17991

Commits

f969176 release: v5.4.6
179b177 fix: avoid DOM Clobbering gadget in getRelativeUrlFromDocument (#18115)
6820bb3 fix: fs raw query (#18112)
37881e7 release: v5.4.5
faa2405 fix(preload): backport #18098, throw error preloading module as well (#18099)
54c55db release: v5.4.4
74a79c5 fix: backport #17997, ensure req.url matches moduleByEtag URL to avoid incorr...
d90ba40 fix: backport #18063, allow scanning exports from script module in svelte (...
8760293 fix(preload): backport #18046, allow ignoring dep errors (#18076)
ccbfc1a release: v5.4.3
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 5.4.2 to 5.4.6. - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v5.4.6/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v5.4.6/packages/vite) --- updated-dependencies: - dependency-name: vite dependency-type: direct:development ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added dependencies tech. enhancement technical enhancement labels Sep 17, 2024

dependabot bot assigned claire2212, ivangabriele and maximeperraultdev Sep 17, 2024

dependabot bot force-pushed the dependabot/npm_and_yarn/frontend/vite-5.4.6 branch 2 times, most recently from f60892e to 525274f Compare September 18, 2024 14:14

dependabot bot force-pushed the dependabot/npm_and_yarn/frontend/vite-5.4.6 branch from 525274f to 6918fd6 Compare September 18, 2024 16:34

[Tech] update package-lock.json

eac9213

claire2212 approved these changes Sep 19, 2024

View reviewed changes

claire2212 merged commit 37e0b8e into main Sep 19, 2024
21 checks passed

claire2212 deleted the dependabot/npm_and_yarn/frontend/vite-5.4.6 branch September 19, 2024 15:33

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Tech] bump vite from 5.4.2 to 5.4.6 in /frontend #1704

[Tech] bump vite from 5.4.2 to 5.4.6 in /frontend #1704

dependabot bot commented on behalf of github Sep 17, 2024 •

edited

Loading

[Tech] bump vite from 5.4.2 to 5.4.6 in /frontend #1704

[Tech] bump vite from 5.4.2 to 5.4.6 in /frontend #1704

Conversation

dependabot bot commented on behalf of github Sep 17, 2024 • edited Loading

5.4.6 (2024-09-16)

5.4.5 (2024-09-13)

5.4.4 (2024-09-11)

5.4.3 (2024-09-03)

dependabot bot commented on behalf of github Sep 17, 2024 •

edited

Loading