Skip to content

Bump vite, @sveltejs/kit, @sveltejs/vite-plugin-svelte and vitest #13

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
dependabot wants to merge 1 commit into from
Closed

Bump vite, @sveltejs/kit, @sveltejs/vite-plugin-svelte and vitest #13

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 21, 2025

Bumps vite, @sveltejs/kit, @sveltejs/vite-plugin-svelte and vitest. These dependencies needed to be updated together.
Updates vite from 3.2.10 to 6.0.11

Release notes

Sourced from vite's releases.

v6.0.11

Please refer to CHANGELOG.md for details.

v6.0.10

Please refer to CHANGELOG.md for details.

v6.0.9

This version contains a breaking change due to security fixes. See GHSA-vg6x-rcgg-rjx6 for more details.

Please refer to CHANGELOG.md for details.

v6.0.8

Please refer to CHANGELOG.md for details.

v6.0.7

Please refer to CHANGELOG.md for details.

v6.0.6

Please refer to CHANGELOG.md for details.

v6.0.5

Please refer to CHANGELOG.md for details.

v6.0.4

Please refer to CHANGELOG.md for details.

v6.0.3

Please refer to CHANGELOG.md for details.

v6.0.2

Please refer to CHANGELOG.md for details.

create-vite@6.0.1

Please refer to CHANGELOG.md for details.

v6.0.1

Please refer to CHANGELOG.md for details.

create-vite@6.0.0

Please refer to CHANGELOG.md for details.

plugin-legacy@6.0.0

Please refer to CHANGELOG.md for details.

v6.0.0

Please refer to CHANGELOG.md for details.

v6.0.0-beta.10

Please refer to CHANGELOG.md for details.

... (truncated)

Changelog

Sourced from vite's changelog.

6.0.11 (2025-01-21)

6.0.10 (2025-01-20)

6.0.9 (2025-01-20)

  • fix!: check host header to prevent DNS rebinding attacks and introduce server.allowedHosts (bd896fb)
  • fix!: default server.cors: false to disallow fetching from untrusted origins (b09572a)
  • fix: verify token for HMR WebSocket connection (029dcd6)

6.0.8 (2025-01-20)

6.0.7 (2025-01-02)

6.0.6 (2024-12-26)

... (truncated)

Commits
  • a0ed405 release: v6.0.11
  • 3d03899 fix: allow CORS from loopback addresses by default (#19249)
  • aeb3ec8 fix: preview.allowedHosts with specific values was not respected (#19246)
  • 9654348 release: v6.0.10
  • 2495022 fix: try parse server.origin URL (#19241)
  • a55f8ba release: v6.0.9
  • bd896fb fix!: check host header to prevent DNS rebinding attacks and introduce `serve...
  • 029dcd6 fix: verify token for HMR WebSocket connection
  • b09572a fix!: default server.cors: false to disallow fetching from untrusted origins
  • c0f72a6 release: v6.0.8
  • Additional commits viewable in compare view

Updates @sveltejs/kit from 1.0.0-next.390 to 1.30.4

Changelog

Sourced from @​sveltejs/kit's changelog.

1.30.4

Patch Changes

  • chore(deps): upgrade and unpin undici (#11860)

1.30.3

Patch Changes

  • fix: correct documentation for beforeNavigate (#11300)

1.30.2

Patch Changes

  • fix: revert recent 'correctly return 415' and 'correctly return 404' changes (#11295)

1.30.1

Patch Changes

  • fix: prerendered root page with paths.base config uses correct trailing slash option (#10763)

  • fix: correctly return 404 when a form action is not found (#11278)

1.30.0

Minor Changes

  • feat: inline response.arrayBuffer() during ssr (#10535)

Patch Changes

  • fix: allow "false" value for preload link options (#10555)

  • fix: call worker unref instead of terminate (#10120)

  • fix: correctly analyse exported server API methods during build (#11019)

  • fix: avoid error when back navigating before page is initialized (#10636)

  • fix: allow service-worker.js to import assets (#9285)

  • fix: distinguish better between not-found and internal-error (#11131)

1.29.1

Patch Changes

... (truncated)

Commits

Updates @sveltejs/vite-plugin-svelte from 1.0.1 to 5.0.3

Release notes

Sourced from @​sveltejs/vite-plugin-svelte's releases.

@​sveltejs/vite-plugin-svelte@​5.0.3

Patch Changes

  • fix errorhandling to work with errors that don't have a code property (#1054)

@​sveltejs/vite-plugin-svelte@​5.0.2

Patch Changes

  • adapt internal handling of warning and error code property to changes in svelte5 (#1044)

@​sveltejs/vite-plugin-svelte@​5.0.1

Patch Changes

  • Fix peer dependencies warning (#1038)

@​sveltejs/vite-plugin-svelte@​5.0.0

Major Changes

  • Handle Vite 6 breaking change and remove Vite 5 handling (#1020)

  • Support Vite 6 (#1026)

Minor Changes

  • Add esm-env to ssr.noExternal by default to resolve its conditions with Vite (#1020)

  • Support ?inline query on Svelte style virtual modules (#1024)

Patch Changes

  • remove vite6 beta from peer range (#1035)

  • Allow script tags to span multiple lines (0db95a9)

  • Updated dependencies [4fefbc2, e262266]:

    • @​sveltejs/vite-plugin-svelte-inspector@​4.0.0

@​sveltejs/vite-plugin-svelte@​5.0.0-next.0

Major Changes

  • Handle Vite 6 breaking change and remove Vite 5 handling (#1020)

  • Support Vite 6 (#1026)

Minor Changes

... (truncated)

Changelog

Sourced from @​sveltejs/vite-plugin-svelte's changelog.

5.0.3

Patch Changes

  • fix errorhandling to work with errors that don't have a code property (#1054)

5.0.2

Patch Changes

  • adapt internal handling of warning and error code property to changes in svelte5 (#1044)

5.0.1

Patch Changes

  • Fix peer dependencies warning (#1038)

5.0.0

Major Changes

  • Handle Vite 6 breaking change and remove Vite 5 handling (#1020)

  • Support Vite 6 (#1026)

Minor Changes

  • Add esm-env to ssr.noExternal by default to resolve its conditions with Vite (#1020)

  • Support ?inline query on Svelte style virtual modules (#1024)

Patch Changes

  • remove vite6 beta from peer range (#1035)

  • Allow script tags to span multiple lines (0db95a9)

  • Updated dependencies [4fefbc2, e262266]:

    • @​sveltejs/vite-plugin-svelte-inspector@​4.0.0

5.0.0-next.0

Major Changes

... (truncated)

Commits

Updates vitest from 0.19.1 to 3.0.3

Release notes

Sourced from vitest's releases.

v3.0.3

   🐞 Bug Fixes

   🏎 Performance

    View changes on GitHub

v3.0.2

   🐞 Bug Fixes

    View changes on GitHub

v3.0.1

   🐞 Bug Fixes

    View changes on GitHub

v3.0.0

Vitest 3 is here! There are a few breaking changes, but we expect the migration to be smooth. This release page lists all changes made to the project during the beta. For the migration guide, please refer to the documentation.

   🚨 Breaking Changes

   🚀 Features

... (truncated)

Commits
  • 33ab8a2 chore: release v3.0.3
  • e43a8f5 fix(browser): don't fail when running --browser.headless if the browser proje...
  • fa4634b fix(browser): don't throw a validation error if v8 coverage is used with filt...
  • 7f36b6f perf(reporters): update summary only when needed (#7291)
  • f17918a chore: release v3.0.2
  • 56c5018 chore: release v3.0.1
  • 755ecdf Revert "fix: re-apply default conditions if using vite 6 or later (#7071)" (#...
  • 537fa5e fix(deps): update all non-major dependencies (#7147)
  • 01600e0 chore: release v3.0.0
  • 84287fc fix: re-apply default conditions if using vite 6 or later (#7071)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by vitestbot, a new releaser for vitest since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump vite, @sveltejs/kit, @sveltejs/vite-plugin-svelte and vitest
bee59d6 
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite), [@sveltejs/kit](https://github.com/sveltejs/kit/tree/HEAD/packages/kit), [@sveltejs/vite-plugin-svelte](https://github.com/sveltejs/vite-plugin-svelte/tree/HEAD/packages/vite-plugin-svelte) and [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest). These dependencies needed to be updated together.

Updates `vite` from 3.2.10 to 6.0.11
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v6.0.11/packages/vite)

Updates `@sveltejs/kit` from 1.0.0-next.390 to 1.30.4
- [Release notes](https://github.com/sveltejs/kit/releases)
- [Changelog](https://github.com/sveltejs/kit/blob/@sveltejs/kit@1.30.4/packages/kit/CHANGELOG.md)
- [Commits](https://github.com/sveltejs/kit/commits/@sveltejs/kit@1.30.4/packages/kit)

Updates `@sveltejs/vite-plugin-svelte` from 1.0.1 to 5.0.3
- [Release notes](https://github.com/sveltejs/vite-plugin-svelte/releases)
- [Changelog](https://github.com/sveltejs/vite-plugin-svelte/blob/main/packages/vite-plugin-svelte/CHANGELOG.md)
- [Commits](https://github.com/sveltejs/vite-plugin-svelte/commits/@sveltejs/vite-plugin-svelte@5.0.3/packages/vite-plugin-svelte)

Updates `vitest` from 0.19.1 to 3.0.3
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v3.0.3/packages/vitest)

---
updated-dependencies:
- dependency-name: vite
  dependency-type: direct:development
- dependency-name: "@sveltejs/kit"
  dependency-type: direct:development
- dependency-name: "@sveltejs/vite-plugin-svelte"
  dependency-type: direct:development
- dependency-name: vitest
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot requested a review from dolfbarr as a code owner January 21, 2025 22:08
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jan 21, 2025
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Mar 26, 2025

Superseded by #15.

@dependabot dependabot bot closed this Mar 26, 2025
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/multi-f5b8b83693 branch March 26, 2025 06:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dolfbarr dolfbarr Awaiting requested review from dolfbarr dolfbarr is a code owner

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant