wails icon indicating copy to clipboard operation
wails copied to clipboard

Published 20 hours ago verified publisher icon wailsapp

Bump the npm_and_yarn group across 16 directories with 11 updates

Open dependabot[bot] opened this issue 3 months ago • 3 comments

Bumps the npm_and_yarn group with 1 update in the /v2/examples/customlayout/myfrontend directory: vite. Bumps the npm_and_yarn group with 5 updates in the /v2/internal/frontend/runtime directory:

Package From To
vite 3.2.10 7.1.2
vitest 0.24.3 3.2.4
esbuild 0.15.12 0.25.0
brace-expansion 1.1.11 1.1.12
form-data 2.5.1 2.5.5

Bumps the npm_and_yarn group with 2 updates in the /v2/internal/frontend/runtime/dev directory: esbuild and brace-expansion. Bumps the npm_and_yarn group with 1 update in the /v2/pkg/templates/templates/lit-ts/frontend directory: vite. Bumps the npm_and_yarn group with 1 update in the /v2/pkg/templates/templates/lit/frontend directory: vite. Bumps the npm_and_yarn group with 1 update in the /v2/pkg/templates/templates/preact-ts/frontend directory: vite. Bumps the npm_and_yarn group with 1 update in the /v2/pkg/templates/templates/preact/frontend directory: vite. Bumps the npm_and_yarn group with 1 update in the /v2/pkg/templates/templates/react-ts/frontend directory: vite. Bumps the npm_and_yarn group with 1 update in the /v2/pkg/templates/templates/react/frontend directory: vite. Bumps the npm_and_yarn group with 1 update in the /v2/pkg/templates/templates/svelte-ts/frontend directory: vite. Bumps the npm_and_yarn group with 1 update in the /v2/pkg/templates/templates/svelte/frontend directory: vite. Bumps the npm_and_yarn group with 1 update in the /v2/pkg/templates/templates/vanilla-ts/frontend directory: vite. Bumps the npm_and_yarn group with 1 update in the /v2/pkg/templates/templates/vanilla/frontend directory: vite. Bumps the npm_and_yarn group with 1 update in the /v2/pkg/templates/templates/vue-ts/frontend directory: vite. Bumps the npm_and_yarn group with 1 update in the /v2/pkg/templates/templates/vue/frontend directory: vite. Bumps the npm_and_yarn group with 8 updates in the /website directory:

Package From To
brace-expansion 1.1.11 1.1.12
form-data 4.0.0 4.0.4
@babel/helpers 7.24.7 7.28.2
@babel/runtime-corejs3 7.24.7 7.28.2
@babel/runtime 7.24.7 7.28.2
http-proxy-middleware 2.0.6 2.0.9
image-size 1.1.1 1.2.1
prismjs 1.29.0 1.30.0

Updates vite from 3.2.11 to 7.1.2

Release notes

Sourced from vite's releases.

v7.1.2

Please refer to CHANGELOG.md for details.

v7.1.1

Please refer to CHANGELOG.md for details.

[email protected]

Please refer to CHANGELOG.md for details.

[email protected]

Please refer to CHANGELOG.md for details.

[email protected]

Please refer to CHANGELOG.md for details.

v7.1.0

Please refer to CHANGELOG.md for details.

v7.1.0-beta.1

Please refer to CHANGELOG.md for details.

v7.1.0-beta.0

Please refer to CHANGELOG.md for details.

v7.0.6

Please refer to CHANGELOG.md for details.

v7.0.5

Please refer to CHANGELOG.md for details.

v7.0.4

Please refer to CHANGELOG.md for details.

v7.0.3

Please refer to CHANGELOG.md for details.

[email protected]

Please refer to CHANGELOG.md for details.

v7.0.2

Please refer to CHANGELOG.md for details.

[email protected]

Please refer to CHANGELOG.md for details.

v7.0.1

Please refer to CHANGELOG.md for details.

[email protected]

Please refer to CHANGELOG.md for details.

... (truncated)

Changelog

Sourced from vite's changelog.

7.1.2 (2025-08-12)

Bug Fixes

  • client: add [vite] prefixes to debug logs (#20595) (7cdef61)
  • config: make debugger work with bundle loader (#20573) (c583927)
  • deps: update all non-major dependencies (#20587) (20d4817)
  • don't consider ids with npm: prefix as a built-in module (#20558) (ab33803)
  • hmr: watch non-inlined assets referenced by CSS (#20581) (b7d494b)
  • module-runner: prevent crash when sourceMappingURL pattern appears in string literals (#20554) (2770478)

Miscellaneous Chores

  • deps: migrate to @jridgewell/remapping from @ampproject/remapping (#20577) (0a6048a)
  • deps: update rolldown-related dependencies (#20586) (77632c5)

7.1.1 (2025-08-08)

Bug Fixes

Miscellaneous Chores

7.1.0 (2025-08-07)

Features

  • support files with more than 1000 lines by generateCodeFrame (#20508) (e7d0b2a)
  • add import.meta.main support in config (bundle config loader) (#20516) (5d3e3c2)
  • optimizer: improve dependency optimization error messages with esbuild formatMessages (#20525) (d17cfed)
  • ssr: add import.meta.main support for Node.js module runner (#20517) (794a8f2)
  • add future: 'warn' (#20473) (e6aaf17)
  • add removeServerPluginContainer future deprecation (#20437) (c1279e7)
  • add removeServerReloadModule future deprecation (#20436) (6970d17)
  • add server.warmupRequest to future deprecation (#20431) (8ad388a)
  • add ssrFixStacktrace / ssrRewriteStacktrace to removeSsrLoadModule future deprecation (#20435) (8c8f587)
  • client: ping from SharedWorker (#19057) (5c97c22)
  • dev: add this.fs support (#20301) (0fe3f2f)
  • export defaultExternalConditions (#20279) (344d302)
  • implement removePluginHookSsrArgument future deprecation (#20433) (95927d9)
  • implement removeServerHot future deprecation (#20434) (259f45d)
  • resolve server URLs before calling other listeners (#19981) (45f6443)
  • ssr: resolve externalized packages with resolve.externalConditions and add module-sync to default external condition (#20409) (c669c52)
  • ssr: support import.meta.resolve in module runner (#20260) (62835f7)

Bug Fixes

  • css: avoid warnings for image-set containing __VITE_ASSET__ (#20520) (f1a2635)
  • css: empty CSS entry points should generate CSS files, not JS files (#20518) (bac9f3e)

... (truncated)

Commits
  • 42de3e6 release: v7.1.2
  • b7d494b fix(hmr): watch non-inlined assets referenced by CSS (#20581)
  • c583927 fix(config): make debugger work with bundle loader (#20573)
  • 20d4817 fix(deps): update all non-major dependencies (#20587)
  • 7cdef61 fix(client): add [vite] prefixes to debug logs (#20595)
  • 77632c5 chore(deps): update rolldown-related dependencies (#20586)
  • 0a6048a chore(deps): migrate to @jridgewell/remapping from @ampproject/remapping ...
  • 2770478 fix(module-runner): prevent crash when sourceMappingURL pattern appears in st...
  • ab33803 fix: don't consider ids with npm: prefix as a built-in module (#20558)
  • f4438a1 release: v7.1.1
  • Additional commits viewable in compare view

Updates vite from 3.2.10 to 7.1.2

Release notes

Sourced from vite's releases.

v7.1.2

Please refer to CHANGELOG.md for details.

v7.1.1

Please refer to CHANGELOG.md for details.

[email protected]

Please refer to CHANGELOG.md for details.

[email protected]

Please refer to CHANGELOG.md for details.

[email protected]

Please refer to CHANGELOG.md for details.

v7.1.0

Please refer to CHANGELOG.md for details.

v7.1.0-beta.1

Please refer to CHANGELOG.md for details.

v7.1.0-beta.0

Please refer to CHANGELOG.md for details.

v7.0.6

Please refer to CHANGELOG.md for details.

v7.0.5

Please refer to CHANGELOG.md for details.

v7.0.4

Please refer to CHANGELOG.md for details.

v7.0.3

Please refer to CHANGELOG.md for details.

[email protected]

Please refer to CHANGELOG.md for details.

v7.0.2

Please refer to CHANGELOG.md for details.

[email protected]

Please refer to CHANGELOG.md for details.

v7.0.1

Please refer to CHANGELOG.md for details.

[email protected]

Please refer to CHANGELOG.md for details.

... (truncated)

Changelog

Sourced from vite's changelog.

7.1.2 (2025-08-12)

Bug Fixes

  • client: add [vite] prefixes to debug logs (#20595) (7cdef61)
  • config: make debugger work with bundle loader (#20573) (c583927)
  • deps: update all non-major dependencies (#20587) (20d4817)
  • don't consider ids with npm: prefix as a built-in module (#20558) (ab33803)
  • hmr: watch non-inlined assets referenced by CSS (#20581) (b7d494b)
  • module-runner: prevent crash when sourceMappingURL pattern appears in string literals (#20554) (2770478)

Miscellaneous Chores

  • deps: migrate to @jridgewell/remapping from @ampproject/remapping (#20577) (0a6048a)
  • deps: update rolldown-related dependencies (#20586) (77632c5)

7.1.1 (2025-08-08)

Bug Fixes

Miscellaneous Chores

7.1.0 (2025-08-07)

Features

  • support files with more than 1000 lines by generateCodeFrame (#20508) (e7d0b2a)
  • add import.meta.main support in config (bundle config loader) (#20516) (5d3e3c2)
  • optimizer: improve dependency optimization error messages with esbuild formatMessages (#20525) (d17cfed)
  • ssr: add import.meta.main support for Node.js module runner (#20517) (794a8f2)
  • add future: 'warn' (#20473) (e6aaf17)
  • add removeServerPluginContainer future deprecation (#20437) (c1279e7)
  • add removeServerReloadModule future deprecation (#20436) (6970d17)
  • add server.warmupRequest to future deprecation (#20431) (8ad388a)
  • add ssrFixStacktrace / ssrRewriteStacktrace to removeSsrLoadModule future deprecation (#20435) (8c8f587)
  • client: ping from SharedWorker (#19057) (5c97c22)
  • dev: add this.fs support (#20301) (0fe3f2f)
  • export defaultExternalConditions (#20279) (344d302)
  • implement removePluginHookSsrArgument future deprecation (#20433) (95927d9)
  • implement removeServerHot future deprecation (#20434) (259f45d)
  • resolve server URLs before calling other listeners (#19981) (45f6443)
  • ssr: resolve externalized packages with resolve.externalConditions and add module-sync to default external condition (#20409) (c669c52)
  • ssr: support import.meta.resolve in module runner (#20260) (62835f7)

Bug Fixes

  • css: avoid warnings for image-set containing __VITE_ASSET__ (#20520) (f1a2635)
  • css: empty CSS entry points should generate CSS files, not JS files (#20518) (bac9f3e)

... (truncated)

Commits
  • 42de3e6 release: v7.1.2
  • b7d494b fix(hmr): watch non-inlined assets referenced by CSS (#20581)
  • c583927 fix(config): make debugger work with bundle loader (#20573)
  • 20d4817 fix(deps): update all non-major dependencies (#20587)
  • 7cdef61 fix(client): add [vite] prefixes to debug logs (#20595)
  • 77632c5 chore(deps): update rolldown-related dependencies (#20586)
  • 0a6048a chore(deps): migrate to @jridgewell/remapping from @ampproject/remapping ...
  • 2770478 fix(module-runner): prevent crash when sourceMappingURL pattern appears in st...
  • ab33803 fix: don't consider ids with npm: prefix as a built-in module (#20558)
  • f4438a1 release: v7.1.1
  • Additional commits viewable in compare view

Updates vitest from 0.24.3 to 3.2.4

Release notes

Sourced from vitest's releases.

v3.2.4

   🐞 Bug Fixes

    View changes on GitHub

v3.2.3

   🚀 Features

   🐞 Bug Fixes

    View changes on GitHub

v3.2.2

... (truncated)

Commits
  • c666d14 chore: release v3.2.4
  • 8a18c8e fix(cli): throw error when --shard x/\<count> exceeds count of test files (#...
  • 8abd7cc chore(deps): update tinypool (#8174)
  • 93f3200 fix(deps): update all non-major dependencies (#8123)
  • 0c3be6f fix(coverage): ignore SCSS in browser mode (#8161)
  • 790bc31 chore: update deprecation notice for globs (#8148)
  • c0eae7d chore: update deprecated workspace file log (#8118)
  • 14dc072 fix(pool): auto-adjust minWorkers when only maxWorkers specified (#8110)
  • 85dc019 fix(cli): use absolute path environment on Windows (#8105)
  • 27df68a fix(reporter): task.meta should be available in custom reporter's errors (#...
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by vitestbot, a new releaser for vitest since your current version.


Updates esbuild from 0.15.12 to 0.25.0

Release notes

Sourced from esbuild's releases.

v0.25.0

This release deliberately contains backwards-incompatible changes. To avoid automatically picking up releases like this, you should either be pinning the exact version of esbuild in your package.json file (recommended) or be using a version range syntax that only accepts patch upgrades such as ^0.24.0 or ~0.24.0. See npm's documentation about semver for more information.

  • Restrict access to esbuild's development server (GHSA-67mh-4wv8-2f99)

    This change addresses esbuild's first security vulnerability report. Previously esbuild set the Access-Control-Allow-Origin header to * to allow esbuild's development server to be flexible in how it's used for development. However, this allows the websites you visit to make HTTP requests to esbuild's local development server, which gives read-only access to your source code if the website were to fetch your source code's specific URL. You can read more information in the report.

    Starting with this release, CORS will now be disabled, and requests will now be denied if the host does not match the one provided to --serve=. The default host is 0.0.0.0, which refers to all of the IP addresses that represent the local machine (e.g. both 127.0.0.1 and 192.168.0.1). If you want to customize anything about esbuild's development server, you can put a proxy in front of esbuild and modify the incoming and/or outgoing requests.

    In addition, the serve() API call has been changed to return an array of hosts instead of a single host string. This makes it possible to determine all of the hosts that esbuild's development server will accept.

    Thanks to @​sapphi-red for reporting this issue.

  • Delete output files when a build fails in watch mode (#3643)

    It has been requested for esbuild to delete files when a build fails in watch mode. Previously esbuild left the old files in place, which could cause people to not immediately realize that the most recent build failed. With this release, esbuild will now delete all output files if a rebuild fails. Fixing the build error and triggering another rebuild will restore all output files again.

  • Fix correctness issues with the CSS nesting transform (#3620, #3877, #3933, #3997, #4005, #4037, #4038)

    This release fixes the following problems:

    • Naive expansion of CSS nesting can result in an exponential blow-up of generated CSS if each nesting level has multiple selectors. Previously esbuild sometimes collapsed individual nesting levels using :is() to limit expansion. However, this collapsing wasn't correct in some cases, so it has been removed to fix correctness issues.

      /* Original code */
.parent {
  > .a,
  > .b1 > .b2 {
    color: red;
  }
}

      /* Old output (with --supported:nesting=false) */
.parent > :is(.a, .b1 > .b2) {
color: red;
}
      

      /* New output (with --supported:nesting=false) */
.parent > .a,
.parent > .b1 > .b2 {
color: red;
}

      Thanks to @​tim-we for working on a fix.

    • The & CSS nesting selector can be repeated multiple times to increase CSS specificity. Previously esbuild ignored this possibility and incorrectly considered && to have the same specificity as &. With this release, this should now work correctly:

      /* Original code (color should be red) */

... (truncated)

Changelog

Sourced from esbuild's changelog.

Changelog: 2022

This changelog documents all esbuild versions published in the year 2022 (versions 0.14.11 through 0.16.12).

0.16.12

  • Loader defaults to js for extensionless files (#2776)

    Certain packages contain files without an extension. For example, the yargs package contains the file yargs/yargs which has no extension. Node, Webpack, and Parcel can all understand code that imports yargs/yargs because they assume that the file is JavaScript. However, esbuild was previously unable to understand this code because it relies on the file extension to tell it how to interpret the file. With this release, esbuild will now assume files without an extension are JavaScript files. This can be customized by setting the loader for "" (the empty string, representing files without an extension) to another loader. For example, if you want files without an extension to be treated as CSS instead, you can do that like this:

    • CLI:

      esbuild --bundle --loader:=css

    • JS:

      esbuild.build({
  bundle: true,
  loader: { '': 'css' },
})

    • Go:

      api.Build(api.BuildOptions{
  Bundle: true,
  Loader: map[string]api.Loader{"": api.LoaderCSS},
})

    In addition, the "type" field in package.json files now only applies to files with an explicit .js, .jsx, .ts, or .tsx extension. Previously it was incorrectly applied by esbuild to all files that had an extension other than .mjs, .mts, .cjs, or .cts including extensionless files. So for example an extensionless file in a "type": "module" package is now treated as CommonJS instead of ESM.

0.16.11

  • Avoid a syntax error in the presence of direct eval (#2761)

    The behavior of nested function declarations in JavaScript depends on whether the code is run in strict mode or not. It would be problematic if esbuild preserved nested function declarations in its output because then the behavior would depend on whether the output was run in strict mode or not instead of respecting the strict mode behavior of the original source code. To avoid this, esbuild transforms nested function declarations to preserve the intended behavior of the original source code regardless of whether the output is run in strict mode or not:

    // Original code
if (true) {
  function foo() {}
  console.log(!!foo)
  foo = null
  console.log(!!foo)
}

... (truncated)

Commits
  • e9174d6 publish 0.25.0 to npm
  • c27dbeb fix hosts in plugin-tests.js
  • 6794f60 fix hosts in node-unref-tests.js
  • de85afd Merge commit from fork
  • da1de1b fix #4065: bitwise operators can return bigints
  • f4e9d19 switch case liveness: default is always last
  • 7aa47c3 fix #4028: minify live/dead switch cases better
  • 22ecd30 minify: more constant folding for strict equality
  • 4cdf03c fix #4053: reordering of .tsx in node_modules
  • dc71977 fix #3692: 0 now picks a random ephemeral port
  • Additional commits viewable in compare view

Updates brace-expansion from 1.1.11 to 1.1.12

Release notes

Sourced from brace-expansion's releases.

v1.1.12

  • pkg: publish on tag 1.x c460dbd
  • fmt ccb8ac6
  • Fix potential ReDoS Vulnerability or Inefficient Regular Expression (#65) c3c73c8

https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12

Commits

Updates form-data from 2.5.1 to 2.5.5

Release notes

Sourced from form-data's releases.

v2.5.2

Fixes

  • Buffer.from and Buffer.alloc require node 4+
  • npmignore temporary build files (#532)
  • move util.isArray to Array.isArray (#564)

Tests

  • migrate from travis to GHA
Changelog

Sourced from form-data's changelog.

v2.5.5 - 2025-07-18

Commits

  • [meta] actually ensure the readme backup isn’t published 10626c0
  • [Fix] use proper dependency 026abe5

v2.5.4 - 2025-07-17

Fixed

Commits

  • [eslint] update linting config 8bf2492
  • [meta] add auto-changelog b5101ad
  • [Tests] handle predict-v8-randomness failures in node < 17 and node > 23 0e93122
  • [Fix] Switch to using crypto random for boundary values b88316c
  • [Fix] validate boundary type in setBoundary() method 131ae5e
  • [Tests] Switch to newer v8 prediction library; enable node 24 testing c97cfbe
  • [Refactor] use hasown 97ac9c2
  • [meta] remove local commit hooks be99d4e
  • [Dev Deps] remove unused deps ddbc89b
  • [meta] fix scripts to use prepublishOnly e351a97
  • [Dev Deps] remove unused script 8f23366
  • [Dev Deps] add missing peer dep 02ff026
  • [meta] fix readme capitalization 2fd5f61

v2.5.3 - 2025-02-14

Merged

Fixed

Commits

  • [Refactor] use Object.prototype.hasOwnProperty.call 6e682d4
  • [Dev Deps] update @types/node, browserify, coveralls, eslint, formidable, in-publish, phantomjs-prebuilt, pkgfiles, pre-commit, request, tape, typescript 819f6b7
  • Only apps should have lockfiles b170ee2
  • [Deps] update combined-stream, mime-types 6b1ca1d
  • Bumped version 2.5.3 9457283
  • [Dev Deps] pin request which via tough-cookie ^2.4 depends on psl 9dbe192

v2.5.2 - 2024-10-10

... (truncated)

Commits
  • 40de5a7 v2.5.5
  • 026abe5 [Fix] use proper dependency
  • 10626c0 [meta] actually ensure the readme backup isn’t published
  • efe6c26 v2.5.4
  • c97cfbe [Tests] Switch to newer v8 prediction library; enable node 24 testing
  • 0e93122 [Tests] handle predict-v8-randomness failures in node < 17 and node > 23
  • b88316c [Fix] Switch to using crypto random for boundary values
  • b70869d [Fix] append: avoid a crash on nullish values
  • 131ae5e [Fix] validate boundary type in setBoundary() method
  • 8bf2492 [eslint] update linting config
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ljharb, a new releaser for form-data since your current version.


Updates esbuild from 0.12.21 to 0.25.8

Release notes

Sourced from esbuild's releases.

v0.25.0

This release deliberately contains backwards-incompatible changes. To avoid automatically picking up releases like this, you should either be pinning the exact version of esbuild in your package.json file (recommended) or be using a version range syntax that only accepts patch upgrades such as ^0.24.0 or ~0.24.0. See npm's documentation about

dependabot[bot] avatar Aug 13 '25 00:08 dependabot[bot]

[!IMPORTANT]

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Join our Discord community for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Status, Documentation and Community

  • Visit our Status Page to check the current availability of CodeRabbit.
  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

coderabbitai[bot] avatar Aug 13 '25 00:08 coderabbitai[bot]

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

sonarqubecloud[bot] avatar Aug 13 '25 00:08 sonarqubecloud[bot]

Deploying wails with  Cloudflare Pages  Cloudflare Pages

Latest commit: c88710d
Status:🚫  Build failed.

View logs

cloudflare-workers-and-pages[bot] avatar Aug 13 '25 00:08 cloudflare-workers-and-pages[bot]