Skip to content

Comments

Bump vite from 5.4.16 to 5.4.17 in the security group#6151

Merged
jessfraz merged 1 commit intomainfrom
dependabot/npm_and_yarn/security-13db4ee2ba
Apr 4, 2025
Merged

Bump vite from 5.4.16 to 5.4.17 in the security group#6151
jessfraz merged 1 commit intomainfrom
dependabot/npm_and_yarn/security-13db4ee2ba

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Apr 4, 2025

Bumps the security group with 1 update: vite.

Updates vite from 5.4.16 to 5.4.17

Release notes

Sourced from vite's releases.

v5.4.17

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

5.4.17 (2025-04-03)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump vite from 5.4.16 to 5.4.17 in the security group
42c5962 
Bumps the security group with 1 update: [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite).


Updates `vite` from 5.4.16 to 5.4.17
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/v5.4.17/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v5.4.17/packages/vite)

---
updated-dependencies:
- dependency-name: vite
  dependency-version: 5.4.17
  dependency-type: direct:development
  dependency-group: security
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Apr 4, 2025
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Apr 4, 2025

Reviewers

The following users could not be added as reviewers: irev-dev. Either the username does not exist or it does not have the correct permissions to be added as a reviewer.

Please fix the above issues or remove invalid values from dependabot.yml.

@vercel
Copy link

vercel bot commented Apr 4, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Updated (UTC)
modeling-app ✅ Ready (Inspect) Visit Preview Apr 4, 2025 5:45pm

@qa-wolf
Copy link

qa-wolf bot commented Apr 4, 2025

QA Wolf here! As you write new code it's important that your test coverage is keeping up.
Click here to request test coverage for this PR!

@codecov
Copy link

codecov bot commented Apr 4, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 85.37%. Comparing base (a789632) to head (42c5962).
Report is 2 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #6151      +/-   ##
==========================================
- Coverage   85.39%   85.37%   -0.02%     
==========================================
  Files         110      110              
  Lines       44215    44215              
==========================================
- Hits        37756    37750       -6     
- Misses       6459     6465       +6
Flag Coverage Δ
rust 85.37% <ø> (-0.02%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@jessfraz jessfraz enabled auto-merge (squash) April 4, 2025 18:23
@jessfraz jessfraz merged commit ef451fd into main Apr 4, 2025
35 checks passed
@jessfraz jessfraz deleted the dependabot/npm_and_yarn/security-13db4ee2ba branch April 4, 2025 18:40
jessfraz added a commit that referenced this pull request Apr 5, 2025
@jessfraz
Merge remote-tracking branch 'origin/main' into jess/changes-import
de137ff 
* origin/main: (26 commits)
  attempt to import win-ca on windows (#6136)
  Upgrade e2e-tests windows runner from 4 cores to 8 (#6166)
  Follow-up fixes after bearing sample rename (#6164)
  Add test for #5799: "Only showing axis planes when there are no errors" (#6007)
  Wait for export button to make test more reliable (#6143)
  sketching on a mirror2d thats been extruded fixed! (#6149)
  Bump vite from 5.4.16 to 5.4.17 in /packages/codemirror-lang-kcl in the security group (#6150)
  Bump vite from 5.4.16 to 5.4.17 in the security group (#6151)
  Update all KCL-Samples to be more ME friendly (#6132)
  Shorten feedback cycle for legitimate failures (#6146)
  Remove the camera projection toggle from the UI (#6077)
  Use all available CPUs to run tests on CI (#6138)
  [fix] Get rid of risky useEffect in restart onboarding flow (#6133)
  Feature: Traditional menu actions in desktop application part II (#6030)
  [Bug] fix some UI friction from imports (#6139)
  Use scene fixture to make test more reliable on macOS (#6140)
  Fix: function composition during playwright setup created a massive page.reload loop (#6137)
  Alternative way to make appMachine spawned children type safe (#5890)
  [BUG] mutate ast to keep comments for pipe split ast-mod (#6128)
  Rename the app to Zoo Design Studio (#5974)
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jessfraz jessfraz jessfraz approved these changes

@adamchalmers adamchalmers Awaiting requested review from adamchalmers

@franknoirot franknoirot Awaiting requested review from franknoirot

@Irev-Dev Irev-Dev Awaiting requested review from Irev-Dev

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jessfraz