Bumps the vite group with 1 update in the /frontend-react directory: vite.

Updates vite from 5.3.4 to 5.4.1

Release notes

[email protected]

Please refer to CHANGELOG.md for details.

Changelog

5.4.1 (2024-08-15)

fix: build.modulePreload.resolveDependencies is optimizable (#16083) (e961b31), closes #16083

fix: align CorsOptions.origin type with @types/cors (#17836) (1bda847), closes #17836

fix: typings for vite:preloadError (#17868) (6700594), closes #17868

fix(build): avoid re-define __vite_import_meta_env__ (#17876) (e686d74), closes #17876

fix(deps): update all non-major dependencies (#17869) (d11711c), closes #17869

fix(lightningcss): search for assets with correct base path (#17856) (4e5ce3c), closes #17856

fix(worker): handle self reference url worker in dependency for build (#17846) (391bb49), closes #17846

chore: fix picocolors import for local dev (#17884) (9018255), closes #17884

refactor: remove handleHotUpdate from watch-package-data plugin (#17865) (e16bf1f), closes #17865

5.4.0 (2024-08-07)

fix(build): windows platform build output path error (#17818) (6ae0615), closes #17818

fix(deps): update launch-editor to consume fix for windows paths (#17828) (cf2f90d), closes #17828

fix(ssr): fix global variable name conflict (#17809) (6aa2206), closes #17809

fix(worker): fix importScripts injection breaking iife code (#17827) (bb4ba9f), closes #17827

chore: bump typescript-eslint to v8 (#17624) (d1891fd), closes #17624

chore(deps): update all non-major dependencies (#17820) (bb2f8bb), closes #17820

perf(ssr): do a single-pass over AST with node cache arrays (#17812) (81327eb), closes #17812

5.4.0-beta.1 (2024-08-01)

fix: handle encoded base paths (#17577) (720447e), closes #17577

fix: opt-in server.fs.cachedChecks (#17807) (4de659c), closes #17807

feat(css): support sass compiler api and sass-embedded package (#17754) (1025bb6), closes #17754

5.4.0-beta.0 (2024-07-30)

fix: specify own Node version as target when bundling config files (#17307) (bbf001f), closes #17307

fix(build): handle invalid JSON in import.meta.env (#17648) (659b720), closes #17648

fix(deps): update all non-major dependencies (#17780) (e408542), closes #17780

fix(mergeConfig): don't recreate server.hmr.server instance (#17763) (5c55b29), closes #17763

feat(css): support sass modern api (#17728) (73a3de0), closes #17728

feat(types): support custom VitePreloadErrorEvent (#17615) (116e37a), closes #17615

perf: improve regex performance (#17789) (952bae3), closes #17789

chore: minor config.logger refactor (#17770) (b947fdc), closes #17770

chore: update eslint config (#17788) (796eef3), closes #17788

5.3.5 (2024-07-25)

... (truncated)

Commits

b44c20c release: v5.4.1
391bb49 fix(worker): handle self reference url worker in dependency for build (#17846)
e686d74 fix(build): avoid re-define __vite_import_meta_env__ (#17876)
9018255 chore: fix picocolors import for local dev (#17884)
1bda847 fix: align CorsOptions.origin type with @types/cors (#17836)
e16bf1f refactor: remove handleHotUpdate from watch-package-data plugin (#17865)
6700594 fix: typings for vite:preloadError (#17868)
d11711c fix(deps): update all non-major dependencies (#17869)
4e5ce3c fix(lightningcss): search for assets with correct base path (#17856)
e961b31 fix: build.modulePreload.resolveDependencies is optimizable (#16083)
Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Aug 16 '24 12:08 dependabot[bot]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package

Version

Score

Details

npm/vite

^5.4.1

:green_circle: 5.6

Details

Check	Score	Reason
Maintained	:green_circle: 10	30 commit(s) and 15 issue activity found in the last 90 days -- score normalized to 10
Code-Review	:green_circle: 7	Found 20/28 approved changesets -- score normalized to 7
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	:warning: -1	no releases found
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Binary-Artifacts	:green_circle: 7	binaries present in source code
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0
Security-Policy	:green_circle: 10	security policy file detected
Fuzzing	:warning: 0	project is not fuzzed
Vulnerabilities	:green_circle: 7	3 existing vulnerabilities detected

npm/vite

5.4.1

:green_circle: 5.6

Details

Check	Score	Reason
Maintained	:green_circle: 10	30 commit(s) and 15 issue activity found in the last 90 days -- score normalized to 10
Code-Review	:green_circle: 7	Found 20/28 approved changesets -- score normalized to 7
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases	:warning: -1	no releases found
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Binary-Artifacts	:green_circle: 7	binaries present in source code
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0
Security-Policy	:green_circle: 10	security policy file detected
Fuzzing	:warning: 0	project is not fuzzed
Vulnerabilities	:green_circle: 7	3 existing vulnerabilities detected

Scanned Manifest Files

frontend-react/package.json

vite@^5.4.1
vite@^5.3.4

frontend-react/yarn.lock

Aug 16 '24 12:08 github-actions[bot]

@dependabot recreate

Aug 23 '24 23:08 etanb

Superseded by #15676.

Aug 23 '24 23:08 dependabot[bot]

Bump vite from 5.3.4 to 5.4.1 in /frontend-react in the vite group across 1 directory

[email protected]

5.4.1 (2024-08-15)

5.4.0 (2024-08-07)

5.4.0-beta.1 (2024-08-01)

5.4.0-beta.0 (2024-07-30)

5.3.5 (2024-07-25)

Dependency Review

OpenSSF Scorecard

Scanned Manifest Files