chore(deps-dev): bump vite from 7.1.1 to 7.1.6

[dependabot]

Bumps vite from 7.1.1 to 7.1.6.

Release notes

Sourced from vite's releases.

v7.1.6

Please refer to CHANGELOG.md for details.

v7.1.5

Please refer to CHANGELOG.md for details.

v7.1.4

Please refer to CHANGELOG.md for details.

v7.1.3

Please refer to CHANGELOG.md for details.

v7.1.2

Please refer to CHANGELOG.md for details.

create-vite@7.1.2

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

7.1.6 (2025-09-18)

Bug Fixes

• deps: update all non-major dependencies (#20773) (88af2ae)
• esbuild: inject esbuild helper functions with minified $ variables correctly (#20761) (7e8e004)
• fallback terser to main thread when nameCache is provided (#20750) (a679a64)
• types: strict env typings fail when skipLibCheck is false (#20755) (cc54e29)

Miscellaneous Chores

• deps: update rolldown-related dependencies (#20675) (a67bb5f)
• deps: update rolldown-related dependencies (#20772) (d785e72)

7.1.5 (2025-09-08)

Bug Fixes

• apply fs.strict check to HTML files (#20736) (14015d7)
• deps: update all non-major dependencies (#20732) (122bfba)
• upgrade sirv to 3.0.2 (#20735) (09f2b52)

7.1.4 (2025-09-01)

Bug Fixes

• add missing awaits (#20697) (79d10ed)
• deps: update all non-major dependencies (#20676) (5a274b2)
• deps: update all non-major dependencies (#20709) (0401feb)
• pass rollup watch options when building in watch mode (#20674) (f367453)

Miscellaneous Chores

• remove unused constants entry from rolldown.config.ts (#20710) (537fcf9)

Code Refactoring

• remove unnecessary minify parameter from finalizeCss (#20701) (8099582)

7.1.3 (2025-08-19)

Features

• cli: add Node.js version warning for unsupported versions (#20638) (a1be1bf)
• generate code frame for parse errors thrown by terser (#20642) (a9ba017)
• support long lines in generateCodeFrame (#20640) (1559577)

Bug Fixes

• deps: update all non-major dependencies (#20634) (4851cab)
• optimizer: incorrect incompatible error (#20439) (446fe83)
• support multiline new URL(..., import.meta.url) expressions (#20644) (9ccf142)

Performance Improvements

... (truncated)

Commits

• 54377f7 release: v7.1.6
• 88af2ae fix(deps): update all non-major dependencies (#20773)
• d785e72 chore(deps): update rolldown-related dependencies (#20772)
• cc54e29 fix(types): strict env typings fail when skipLibCheck is false (#20755)
• 7e8e004 fix(esbuild): inject esbuild helper functions with minified $ variables cor...
• a679a64 fix: fallback terser to main thread when nameCache is provided (#20750)
• a67bb5f chore(deps): update rolldown-related dependencies (#20675)
• 5647540 release: v7.1.5
• 09f2b52 fix: upgrade sirv to 3.0.2 (#20735)
• 14015d7 fix: apply fs.strict check to HTML files (#20736)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for vite since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[pkg-pr-new]

Open in StackBlitz

npm i https://pkg.pr.new/cameroncooke/XcodeBuildMCP/xcodebuildmcp@113

commit: 5926e26

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[claude]

Claude finished @dependabot[bot]'s task —— View job

---

Pull Request Review: Vite 7.1.1 → 7.1.6 Update

Summary

This Dependabot PR safely updates Vite from 7.1.1 to 7.1.6 as a transitive dependency through Vitest. The update contains important bug fixes and security improvements with zero breaking changes and no code modifications required.

✅ Review Findings

Code Quality & Best Practices

• Excellent: Clean dependency update with only package-lock.json changes
• Excellent: Automated dependency management via Dependabot
• Excellent: Follows semantic versioning (patch updates only)

Security Analysis

• ✅ Security Improvement: v7.1.5 includes fix for fs.strict check on HTML files (security hardening)
• ✅ No Vulnerabilities: No new security issues introduced
• ✅ Dependency Chain: Vite is only accessible through Vitest (limited exposure)

Performance Considerations

• ✅ Performance Gains: Terser optimization improvements in v7.1.6
• ✅ Build Performance: Better rollup watch mode handling in v7.1.4
• ✅ Memory Usage: No adverse impact expected (test-only dependency)

Compatibility & Breaking Changes

• ✅ Zero Breaking Changes: All updates are patch releases (7.1.x)
• ✅ Version Constraints: Satisfies Vitest requirement ^5.0.0 || ^6.0.0 || ^7.0.0-0
• ✅ No Code Changes: No direct Vite usage in source code
• ✅ Test Framework: Vitest 3.2.4 fully compatible with Vite 7.1.6

Test Coverage Impact

• ✅ No Impact: Extensive test suite (83 test files) unaffected
• ✅ Test Configuration: vitest.config.ts requires no changes
• ✅ Test Dependencies: All test imports remain valid

Technical Details

• Scope: Transitive dependency via Vitest (dev dependency only)
• Build System: Project uses tsup for compilation, not Vite
• Usage Pattern: Vite only used for test execution environment
• Risk Level: Very Low (isolated to testing infrastructure)

📋 Changelog Highlights

v7.1.6 (2025-09-18)

• Bug Fix: ESBuild helper injection with minified variables
• Bug Fix: Terser fallback for nameCache scenarios
• Bug Fix: Strict env typings when skipLibCheck=false

v7.1.5 (2025-09-08)

• Security: fs.strict validation for HTML files
• Upgrade: sirv to 3.0.2

v7.1.4 (2025-09-01)

• Bug Fix: Missing awaits in async operations
• Improvement: Rollup watch options handling

v7.1.3 (2025-08-19)

• Feature: Node.js version warnings
• Improvement: Terser error handling with code frames

🚀 Recommendation

✅ APPROVE & MERGE

This is a safe, beneficial update that:

• ✅ Improves security posture
• ✅ Enhances performance
• ✅ Fixes multiple bugs
• ✅ Requires zero code changes
• ✅ Maintains full backward compatibility

The update follows best practices for dependency management and contains only improvements with no breaking changes or security concerns.

---