Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): bump vite and @angular-devkit/build-angular #1715

Closed
wants to merge 2 commits into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 23, 2025

Bumps vite to 6.0.11 and updates ancestor dependency @angular-devkit/build-angular. These dependencies need to be updated together.

Updates vite from 4.5.5 to 6.0.11

Release notes

Sourced from vite's releases.

v6.0.11

Please refer to CHANGELOG.md for details.

v6.0.10

Please refer to CHANGELOG.md for details.

v6.0.9

This version contains a breaking change due to security fixes. See GHSA-vg6x-rcgg-rjx6 for more details.

Please refer to CHANGELOG.md for details.

v6.0.8

Please refer to CHANGELOG.md for details.

v6.0.7

Please refer to CHANGELOG.md for details.

v6.0.6

Please refer to CHANGELOG.md for details.

v6.0.5

Please refer to CHANGELOG.md for details.

v6.0.4

Please refer to CHANGELOG.md for details.

v6.0.3

Please refer to CHANGELOG.md for details.

v6.0.2

Please refer to CHANGELOG.md for details.

[email protected]

Please refer to CHANGELOG.md for details.

v6.0.1

Please refer to CHANGELOG.md for details.

[email protected]

Please refer to CHANGELOG.md for details.

[email protected]

Please refer to CHANGELOG.md for details.

v6.0.0

Please refer to CHANGELOG.md for details.

v6.0.0-beta.10

Please refer to CHANGELOG.md for details.

... (truncated)

Changelog

Sourced from vite's changelog.

6.0.11 (2025-01-21)

6.0.10 (2025-01-20)

6.0.9 (2025-01-20)

  • fix!: check host header to prevent DNS rebinding attacks and introduce server.allowedHosts (bd896fb)
  • fix!: default server.cors: false to disallow fetching from untrusted origins (b09572a)
  • fix: verify token for HMR WebSocket connection (029dcd6)

6.0.8 (2025-01-20)

6.0.7 (2025-01-02)

6.0.6 (2024-12-26)

... (truncated)

Commits
  • a0ed405 release: v6.0.11
  • 3d03899 fix: allow CORS from loopback addresses by default (#19249)
  • aeb3ec8 fix: preview.allowedHosts with specific values was not respected (#19246)
  • 9654348 release: v6.0.10
  • 2495022 fix: try parse server.origin URL (#19241)
  • a55f8ba release: v6.0.9
  • bd896fb fix!: check host header to prevent DNS rebinding attacks and introduce `serve...
  • 029dcd6 fix: verify token for HMR WebSocket connection
  • b09572a fix!: default server.cors: false to disallow fetching from untrusted origins
  • c0f72a6 release: v6.0.8
  • Additional commits viewable in compare view

Updates @angular-devkit/build-angular from 16.2.16 to 19.1.4

Release notes

Sourced from @​angular-devkit/build-angular's releases.

v19.1.4

19.1.4 (2025-01-22)

@​angular-devkit/schematics

Commit Description
fix - aa6f0d051 ensure collections can be resolved via test runner in pnpm workspaces

@​angular/build

Commit Description
fix - ff8192a35 correct path for /@ng/components on Windows
fix - 14d2f7ca0 include extracted routes in the manifest during prerendering
fix - c87a38f5b only issue invalid i18n config error for duplicate subPaths with inlined locales
fix - d50788cf9 replace deprecation of i18n.baseHref with a warning

@​angular/ssr

Commit Description
fix - bcc5fab75 prevent route matcher error when SSR routing is not used
fix - 9bacf3981 properly manage catch-all routes with base href
fix - 59c757781 unblock route extraction with withEnabledBlockingInitialNavigation

v19.1.3

19.1.3 (2025-01-20)

@​angular/build

Commit Description
fix - 7d8c34172 allow asset changes to reload page on incremental updates
fix - 9fa29af37 handle relative @ng/components
fix - c4de34703 perform full reload for templates with $localize usage

v19.1.2

19.1.2 (2025-01-17)

@​angular/build

Commit Description
fix - 939d1612a perform incremental background file updates with component updates
fix - 304027207 prevent full page reload on HMR updates with SSR enabled
fix - 148acbd58 reset component updates on dev-server index request

v19.1.1

19.1.1 (2025-01-16)

@​angular/build

Commit Description
fix - 298506751 resolve HMR-prefixed files in SSR with Vite

v19.1.0

... (truncated)

Changelog

Sourced from @​angular-devkit/build-angular's changelog.

19.1.4 (2025-01-22)

@​angular-devkit/schematics

Commit Type Description
aa6f0d051 fix ensure collections can be resolved via test runner in pnpm workspaces

@​angular/build

Commit Type Description
ff8192a35 fix correct path for /@ng/components on Windows
14d2f7ca0 fix include extracted routes in the manifest during prerendering
c87a38f5b fix only issue invalid i18n config error for duplicate subPaths with inlined locales
d50788cf9 fix replace deprecation of i18n.baseHref with a warning

@​angular/ssr

Commit Type Description
bcc5fab75 fix prevent route matcher error when SSR routing is not used
9bacf3981 fix properly manage catch-all routes with base href
59c757781 fix unblock route extraction with withEnabledBlockingInitialNavigation

19.1.3 (2025-01-20)

@​angular/build

Commit Type Description
7d8c34172 fix allow asset changes to reload page on incremental updates
9fa29af37 fix handle relative @ng/components
c4de34703 fix perform full reload for templates with $localize usage

19.1.2 (2025-01-17)

@​angular/build

Commit Type Description
939d1612a fix perform incremental background file updates with component updates

... (truncated)

Commits
  • ec8f589 release: cut the v19.1.4 release
  • c5d9038 refactor(@​angular/ssr): update getPathSegments to use stripTrailingSlash ...
  • 9bacf39 fix(@​angular/ssr): properly manage catch-all routes with base href
  • 14d2f7c fix(@​angular/build): include extracted routes in the manifest during prerende...
  • c87a38f fix(@​angular/build): only issue invalid i18n config error for duplicate `subP...
  • bd2ab46 ci: replace platform linux with windows 11
  • d50788c fix(@​angular/build): replace deprecation of i18n.baseHref with a warning
  • 5165265 refactor: reduce dependencies on @angular-devkit/core
  • bce32c1 test: update saucelabs browsers versions
  • da08259 build: migrate @angular-devkit/build-webpack tests to rules_js
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Summary by Sourcery

Update Vite to v6.0.11 and @angular-devkit/build-angular to v19.1.4.

Build:

  • Bump Vite to v6.0.11.
  • Bump @angular-devkit/build-angular to v19.1.4.

@dependabot dependabot bot added dependencies Pull requests that update a dependency file npm npm package updates (e.g. dependabot) labels Jan 23, 2025
@github-actions github-actions bot enabled auto-merge January 23, 2025 13:05
Copy link

@sourcery-ai sourcery-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We have skipped reviewing this pull request. It seems to have been created by a bot (hey, dependabot[bot]!). We assume it knows what it's doing!

@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/multi-7c37e8837e branch 3 times, most recently from 30398c5 to f9b5733 Compare January 27, 2025 19:20
Copy link
Contributor Author

dependabot bot commented on behalf of github Jan 27, 2025

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/multi-7c37e8837e branch from f9b5733 to 33f5073 Compare January 31, 2025 09:30

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) to 6.0.11 and updates ancestor dependency [@angular-devkit/build-angular](https://github.com/angular/angular-cli). These dependencies need to be updated together.


Updates `vite` from 4.5.5 to 6.0.11
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v6.0.11/packages/vite)

Updates `@angular-devkit/build-angular` from 16.2.16 to 19.1.4
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Changelog](https://github.com/angular/angular-cli/blob/main/CHANGELOG.md)
- [Commits](angular/angular-cli@16.2.16...19.1.4)

---
updated-dependencies:
- dependency-name: vite
  dependency-type: indirect
- dependency-name: "@angular-devkit/build-angular"
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/multi-7c37e8837e branch from 33f5073 to 7b90e3a Compare January 31, 2025 12:59
auto-merge was automatically disabled February 3, 2025 09:51

Pull request was closed

Copy link
Contributor Author

dependabot bot commented on behalf of github Feb 3, 2025

OK, I won't notify you again about this release, but will get in touch when a new version is available. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@martin-trajanovski martin-trajanovski deleted the dependabot/npm_and_yarn/multi-7c37e8837e branch February 3, 2025 09:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file npm npm package updates (e.g. dependabot)
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

1 participant