build(deps-dev): bump the actions-deps group with 2 updates

[dependabot]

Bumps the actions-deps group with 2 updates: axios and vite.

Updates axios from 1.13.6 to 1.14.0

Release notes

Sourced from axios's releases.

v1.14.0

This release focuses on compatibility fixes, adapter stability improvements, and test/tooling modernisation.

⚠️ Important Changes

• Breaking Changes: None identified in this release.
• Action Required: If you rely on env-based proxy behaviour or CJS resolution edge-cases, validate your integration after upgrade (notably proxy-from-env v2 alignment and main entry compatibility fix).

🚀 New Features

• Runtime Features: No new end-user features were introduced in this release.
• Test Coverage Expansion: Added broader smoke/module test coverage for CJS and ESM package usage. (#7510)

🐛 Bug Fixes

• Headers: Trim trailing CRLF in normalised header values. (#7456)
• HTTP/2: Close detached HTTP/2 sessions on timeout to avoid lingering sessions. (#7457)
• Fetch Adapter: Cancel ReadableStream created during request-stream capability probing to prevent async resource leaks. (#7515)
• Proxy Handling: Fixed env proxy behavior with proxy-from-env v2 usage. (#7499)
• CommonJS Compatibility: Fixed package main entry regression affecting CJS consumers. (#7532)

🔧 Maintenance & Chores

• Security/Dependencies: Updated formidable and refreshed package set to newer versions. (#7533, #10556)
• Tooling: Continued migration to Vitest and modernised CI/test harnesses. (#7484, #7489, #7498)
• Build/Lint Stack: Rollup, ESLint, TypeScript, and related dev-dependency updates. (#7508, #7509, #7522)
• Documentation: Clarified JSON parsing and adapter-related docs/comments. (#7398, #7460, #7478)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve Axios:

• @​aviu16 (#7456)
• @​NETIZEN-11 (#7460)
• @​fedotov (#7457)
• @​nthbotast (#7478)
• @​veeceey (#7398)
• @​penkzhou (#7515)

Full Changelog: v1.13.6...v1.14.0

Commits

• 46bee3d chore(release): prepare release 1.14.0 (#10563)
• 518aff5 chore: add AI Moderator workflow for spam detection (#10551)
• b7dfda3 chore(sponsor): update sponsor block (#10557)
• 9aa34d5 fix: updated release flow to match the current flows (#10562)
• e9e5ebe Update packages to latest version (#10556)
• 4d8931c fix: formidable dependency vulnerable to arbitrary (#7533)
• 3a6f5c1 chore(deps-dev): bump @​babel/preset-env (#7531)
• bcfd299 fix: bug axios breaks commonjs compatibility main entry (#7532)
• d6dcbfd fix: dependabot uses the correct labels (#7530)
• 5dd7ba7 chore: upgrade to latest ts (#7522)
• Additional commits viewable in compare view

Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.

Updates vite from 8.0.2 to 8.0.3

Release notes

Sourced from vite's releases.

create-vite@8.0.3

Please refer to CHANGELOG.md for details.

v8.0.3

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

8.0.3 (2026-03-26)

Features

• update rolldown to 1.0.0-rc.12 (#22024) (84164ef)

Bug Fixes

• html: cache unfiltered CSS list to prevent missing styles across entries (#22017) (5464190)
• module-runner: handle non-ascii characters in base64 sourcemaps (#21985) (77c95bf)
• module-runner: skip re-import if the runner is closed (#22020) (ee2c2cd)
• optimizer: scan is not resolving sub path import if used in a glob import (#22018) (ddfe20d)
• ssr: ssrTransform incorrectly rewrites meta identifier inside import.meta when a binding named meta exists (#22019) (cff5f0c)

Miscellaneous Chores

• deps: bump picomatch from 4.0.3 to 4.0.4 (#22027) (7e56003)

Tests

• html: add tests for getCssFilesForChunk (#22016) (43fbbf9)

Commits

• 6a34ac3 fix(deps): update all non-major dependencies (#21096)
• 02ceaec chore(deps): update dependency @​rollup/plugin-commonjs to v29 (#21099)
• 572aaca release: v7.2.2
• 728c8ee fix: revert "refactor: use fs.cpSync (#21019)" (#21081)
• a532e68 release: v7.2.1
• 82d2d6c fix(worker): some worker asset was missing (#21074)
• f83264f refactor(build): rename indexOfMatchInSlice to findPreloadMarker (#21054)
• 8293de0 release: v7.2.0
• 2833c55 fix(types): add undefined to optional properties for exactOptionalProperties ...
• e3a6a83 chore(deps): update rolldown-related dependencies (#21047)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions