chore(deps-dev): bump the npm_and_yarn group across 3 directories with 4 updates#1963
chore(deps-dev): bump the npm_and_yarn group across 3 directories with 4 updates#1963dependabot[bot] wants to merge 1 commit into
Conversation
…h 4 updates Bumps the npm_and_yarn group with 3 updates in the / directory: [tsup](https://github.com/egoist/tsup), [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) and [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core). Bumps the npm_and_yarn group with 1 update in the /apps/auth/remix-ssr directory: [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite). Bumps the npm_and_yarn group with 1 update in the /packages/client/wallets/walletconnect directory: [postcss](https://github.com/postcss/postcss). Updates `tsup` from 8.1.0 to 8.3.5 - [Release notes](https://github.com/egoist/tsup/releases) - [Commits](egoist/tsup@v8.1.0...v8.3.5) Updates `vite` from 5.4.21 to 6.4.3 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v6.4.3/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v6.4.3/packages/vite) Updates `@babel/core` from 7.28.5 to 7.29.6 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.29.6/packages/babel-core) Updates `vite` from 5.4.21 to 6.4.3 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v6.4.3/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v6.4.3/packages/vite) Updates `postcss` from 8.4.35 to 8.5.10 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.4.35...8.5.10) --- updated-dependencies: - dependency-name: tsup dependency-version: 8.3.5 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 6.4.3 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: "@babel/core" dependency-version: 7.29.6 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 6.4.3 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: postcss dependency-version: 8.5.10 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
|
Prompt To Fix All With AIFix the following 2 code review issues. Work through them one at a time, proposing concise fixes.
---
### Issue 1 of 2
package.json:37
**Vitest major version bump (3 → 4) without config migration**
Vitest 4.x ships with Vite 6 as its bundler and dropped support for Vite 5. This major release includes breaking changes in the workspace protocol, the `pool` / `poolOptions` API shape, and how browser mode is configured. If any workspace-level `vitest.config.ts` or `vite.config.ts` files use APIs that changed between Vite 5 and Vite 6, tests will fail to start. The PR contains no corresponding config updates — worth verifying that CI passes before merging.
### Issue 2 of 2
apps/auth/remix-ssr/package.json:41
**Vite major version bump (5 → 6) without visible config migration**
Vite 6 introduced breaking changes including a new Environment API, a revised plugin hook contract, and raised the minimum Node.js requirement to 18.x. Remix SSR setups that rely on `vite.config.ts` for SSR entry-point configuration (`ssr.target`, `ssr.noExternal`, custom middleware) are common sources of breakage on this upgrade. No `vite.config.ts` changes appear in this PR — please confirm the Remix dev server and production build both work correctly after this bump.
Reviews (1): Last reviewed commit: "chore(deps-dev): bump the npm_and_yarn g..." | Re-trigger Greptile |
| "ts-jest": "29.1.1", | ||
| "tsup": "8.1.0", | ||
| "tsup": "8.3.5", | ||
| "turbo": "2.9.14", |
There was a problem hiding this comment.
Vitest major version bump (3 → 4) without config migration
Vitest 4.x ships with Vite 6 as its bundler and dropped support for Vite 5. This major release includes breaking changes in the workspace protocol, the pool / poolOptions API shape, and how browser mode is configured. If any workspace-level vitest.config.ts or vite.config.ts files use APIs that changed between Vite 5 and Vite 6, tests will fail to start. The PR contains no corresponding config updates — worth verifying that CI passes before merging.
Prompt To Fix With AI
This is a comment left during a code review.
Path: package.json
Line: 37
Comment:
**Vitest major version bump (3 → 4) without config migration**
Vitest 4.x ships with Vite 6 as its bundler and dropped support for Vite 5. This major release includes breaking changes in the workspace protocol, the `pool` / `poolOptions` API shape, and how browser mode is configured. If any workspace-level `vitest.config.ts` or `vite.config.ts` files use APIs that changed between Vite 5 and Vite 6, tests will fail to start. The PR contains no corresponding config updates — worth verifying that CI passes before merging.
How can I resolve this? If you propose a fix, please make it concise.Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!
| "vite": "^6.4.3", | ||
| "vite-tsconfig-paths": "^4.2.1" | ||
| }, | ||
| "engines": { |
There was a problem hiding this comment.
Vite major version bump (5 → 6) without visible config migration
Vite 6 introduced breaking changes including a new Environment API, a revised plugin hook contract, and raised the minimum Node.js requirement to 18.x. Remix SSR setups that rely on vite.config.ts for SSR entry-point configuration (ssr.target, ssr.noExternal, custom middleware) are common sources of breakage on this upgrade. No vite.config.ts changes appear in this PR — please confirm the Remix dev server and production build both work correctly after this bump.
Prompt To Fix With AI
This is a comment left during a code review.
Path: apps/auth/remix-ssr/package.json
Line: 41
Comment:
**Vite major version bump (5 → 6) without visible config migration**
Vite 6 introduced breaking changes including a new Environment API, a revised plugin hook contract, and raised the minimum Node.js requirement to 18.x. Remix SSR setups that rely on `vite.config.ts` for SSR entry-point configuration (`ssr.target`, `ssr.noExternal`, custom middleware) are common sources of breakage on this upgrade. No `vite.config.ts` changes appear in this PR — please confirm the Remix dev server and production build both work correctly after this bump.
How can I resolve this? If you propose a fix, please make it concise.Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!
|
Superseded by #1967. |
Bumps the npm_and_yarn group with 3 updates in the / directory: tsup, vite and @babel/core.
Bumps the npm_and_yarn group with 1 update in the /apps/auth/remix-ssr directory: vite.
Bumps the npm_and_yarn group with 1 update in the /packages/client/wallets/walletconnect directory: postcss.
Updates
tsupfrom 8.1.0 to 8.3.5Release notes
Sourced from tsup's releases.
... (truncated)
Commits
cd03e1echore: release v8.3.5fddd451fix: runexperimentalDtsonly once (#1236)21b1193chore: release v8.3.4580e03dci: fix release workflow01b38f2chore: release v8.3.34f5b71eci: fix release workflowe80dad6chore: release v8.3.2f4af79aci: fix release workflow (#1241)4b72d61chore: release v8.3.141c98fffix: supportNode16andNodeNextmodule resolution inexperimentalDts(...Updates
vitefrom 5.4.21 to 6.4.3Release notes
Sourced from vite's releases.
Changelog
Sourced from vite's changelog.
... (truncated)
Commits
6c2c881release: v6.4.396b0c10fix: backport #22572, reject windows alternate paths (#22576)8fed5cffix(deps): backport #22571, reject UNC paths for launch-editor-middleware (#2...6b3fad0release: v6.4.2ca4da5dfix: avoid path traversal with optimize deps sourcemap handler (#22161)fe28e47fix: apply server.fs check to env transport (#22159) (#22163)5487f4frelease: v6.4.11114b5dfix(dev): trim trailing slash beforeserver.fs.denycheck (#20968) (#20969)f12697crelease: v6.4.0ca6455efeat: allow passing down resolved config to vite's createServer (#20932)Updates
@babel/corefrom 7.28.5 to 7.29.6Release notes
Sourced from @babel/core's releases.
... (truncated)
Commits
04ea6b2v7.29.699f498a[7.x packport]Improve input source map handling (#18001)feba0a3Preserve original identifier names from input sourcemaps (#17992) (#17998)aa8394ev7.29.0ad0d03f[7.x backport] feat: Allow specifying startLine in code frame (#17739)d7f4008v7.28.6e130225Polish(standalone): improve message on invalid preset/plugin (#17606)99dcba5chore: enable some ts-eslint rules (#17592)c92c491Improve Unicode handling in code-frame tokenizer (#17589)d725e39AddBABEL_7_TO_8_DANGEROUSLY_DISABLE_VERSION_CHECK(#17569)Updates
vitefrom 5.4.21 to 6.4.3Release notes
Sourced from vite's releases.
Changelog
Sourced from vite's changelog.
... (truncated)
Commits
6c2c881release: v6.4.396b0c10fix: backport #22572, reject windows alternate paths (#22576)8fed5cffix(deps): backport #22571, reject UNC paths for launch-editor-middleware (#2...6b3fad0release: v6.4.2ca4da5dfix: avoid path traversal with optimize deps sourcemap handler (#22161)fe28e47fix: apply server.fs check to env transport (#22159) (#22163)5487f4frelease: v6.4.11114b5dfix(dev): trim trailing slash beforeserver.fs.denycheck (#20968) (#20969)f12697crelease: v6.4.0ca6455efeat: allow passing down resolved config to vite's createServer (#20932)Updates
postcssfrom 8.4.35 to 8.5.10Release notes
Sourced from postcss's releases.
... (truncated)
Changelog
Sourced from postcss's changelog.
... (truncated)
Commits
33b9790Release 8.5.10 version536c79eEscape </style> in CSS output (#2074)afa96b2Update dependencies (#2073)effe88bTypo (#2072)3ee79a2Thread model (#2071)2e0683dCreate incident response docs (#2070)fe88ac2Release 8.5.9 versionc551632Avoid RegExp when we can use simple JS89a6b74Move SECURITY.txt for docs folder to keep GitHub page cleaner6ceb8a4Create SECURITY.mdDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditionsYou can disable automated security fix PRs for this repo from the Security Alerts page.