chore(depends): bump vite from 2.9.13 to 3.1.7 in /Mod Manager by dependabot[bot] · Pull Request #422 · atampy25/simple-mod-framework

dependabot · 2022-10-10T17:31:39Z

Bumps vite from 2.9.13 to 3.1.7.

Release notes

create-vite@3.1.0

Please refer to CHANGELOG.md for details.

create-vite@3.0.2

Please refer to CHANGELOG.md for details.

create-vite@3.0.1

Please refer to CHANGELOG.md for details.

create-vite@3.0.0

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

3.1.7 (2022-10-10)

fix(ssr): track var as function scope (#10397) (a5143e9), closes #10397 #10388

3.1.6 (2022-10-06)

fix(config): don't resolve by module field (#10347) (#10360) (f756e84), closes #10347 #10360 #10347

3.1.5 (2022-10-06)

fix(build): fix resolution algorithm when build.ssr is true (#9989) (f20d285), closes #9989

fix(config): resolve implicit deps as absolute path (#10254) (dc140af), closes #10254

fix(css): missing css in lib mode (#10185) (e2cdb28), closes #10185

fix(esbuild): transpile with esnext in dev (#10207) (abf2cfd), closes #10207

fix(hmr): handle virtual module update (#10324) (14ebbc6), closes #10324

fix(ssr): correctly track scope (#10300) (effb7c3), closes #10300

chore: fix build error (01aa224)

3.1.4 (2022-09-28)

fix(esbuild): transpile with esnext in dev (#10215) (4a0f210), closes #10215

3.1.3 (2022-09-19)

fix: esbuildOutputFromId for symlinked root (#10154) (fc5310f), closes #10154

fix(hmr): dedupe virtual modules in module graph (#10144) (71f08e7), closes #10144

fix(lib): respect rollupOptions.input in lib mode (#10116) (c948e7d), closes #10116

3.1.2 (2022-09-17)

fix: use isOptimizable to ensure version query (#10141) (23a51c6), closes #10141

3.1.1 (2022-09-15)

fix: ensure version query for relative node_modules imports (#10016) (1b822d0), closes #10016

fix: no quote on attrs (#10117) (f541239), closes #10117

fix: prevent error overlay style being overridden (fixes #9969) (#9971) (a7706d0), closes #9969 #9971

fix: proxy to secured websocket server (#10045) (9de9bc4), closes #10045

... (truncated)

Commits

94abccc release: v3.1.7
a5143e9 fix(ssr): track var as function scope (#10397)
d2af6d9 release: v3.1.6
f756e84 fix(config): don't resolve by module field (#10347) (#10360)
31f8ea6 release: v3.1.5
f20d285 fix(build): fix resolution algorithm when build.ssr is true (#9989)
01aa224 chore: fix build error
14ebbc6 fix(hmr): handle virtual module update (#10324)
e2cdb28 fix(css): missing css in lib mode (#10185)
effb7c3 fix(ssr): correctly track scope (#10300)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 2.9.13 to 3.1.7. - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v3.1.7/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v3.1.7/packages/vite) --- updated-dependencies: - dependency-name: vite dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>

socket-security · 2022-10-10T17:32:25Z

Socket Security Report

Dependency issues detected. If you merge this pull request, you will not be alerted to the instances of these issues again.

📜 New install scripts detected

A dependency change in this PR is introducing new install scripts to your install step.

Package	Script field	Location
esbuild@0.14.54 (upgraded)	`postinstall`	`Mod Manager/package.json` via @sveltejs/kit@1.0.0-next.330, vite@2.9.15
esbuild@0.15.10 (upgraded)	`postinstall`	`Mod Manager/package.json` via vite@3.1.7

Socket.dev scan summary

Issue	Status
Did you mean?	✅ no new possible package typos
Install scripts	⚠️ 2 new install scripts detected
Telemetry	✅ no new telemetry
Troll package	✅ no new troll packages
Malware	✅ no new malware
Native code	✅ no new native modules

Bot Commands

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore foo@1.0.0 bar@2.4.2

@SocketSecurity ignore esbuild@0.14.54
@SocketSecurity ignore esbuild@0.15.10

⚠️ Please accept the latest app permissions to ensure bot commands work properly. Accept the new permissions here.

Powered by socket.dev

github-actions · 2022-10-10T17:36:51Z

Download the artifacts for this pull request:

Output.zip

dependabot · 2022-10-13T16:58:52Z

Superseded by #424.

dependabot bot added the dependencies Pull requests that update a dependency file label Oct 10, 2022

dependabot bot mentioned this pull request Oct 10, 2022

chore(depends): bump vite from 2.9.13 to 3.1.6 in /Mod Manager #415

Closed

dependabot bot closed this Oct 13, 2022

dependabot bot deleted the dependabot/npm_and_yarn/Mod-Manager/vite-3.1.7 branch October 13, 2022 16:58

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(depends): bump vite from 2.9.13 to 3.1.7 in /Mod Manager#422

chore(depends): bump vite from 2.9.13 to 3.1.7 in /Mod Manager#422
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/Mod-Manager/vite-3.1.7

dependabot bot commented on behalf of github Oct 10, 2022

Uh oh!

socket-security bot commented Oct 10, 2022

Uh oh!

github-actions bot commented Oct 10, 2022

Uh oh!

dependabot bot commented on behalf of github Oct 13, 2022

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot bot commented on behalf of github Oct 10, 2022

create-vite@3.1.0

create-vite@3.0.2

create-vite@3.0.1

create-vite@3.0.0

3.1.7 (2022-10-10)

3.1.6 (2022-10-06)

3.1.5 (2022-10-06)

3.1.4 (2022-09-28)

3.1.3 (2022-09-19)

3.1.2 (2022-09-17)

3.1.1 (2022-09-15)

Uh oh!

socket-security bot commented Oct 10, 2022

Socket Security Report

Uh oh!

github-actions bot commented Oct 10, 2022

Uh oh!

dependabot bot commented on behalf of github Oct 13, 2022

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants