chore(deps-dev): bump vite from 6.3.5 to 7.1.11 #243
Conversation
dependabot
bot
added
dependencies
dependabot
bot
added
dependencies
📝 WalkthroughSummary by CodeRabbit
WalkthroughThe pull request updates the vite devDependency in package.json from version ^6.3.5 to ^7.1.11. This is a minor version upgrade to a development-time build tool with no changes to application code, exports, or public interfaces. Estimated code review effort🎯 1 (Trivial) | ⏱️ ~2 minutes Rationale: Single-line dependency version bump in package.json with no code logic changes, no affected exports, and no control-flow modifications. Review entails confirming version compatibility and checking release notes if desired. Pre-merge checks✅ Passed checks (3 passed)
Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 1
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
Disabled knowledge base sources:
- Jira integration is disabled by default for public repositories
You can enable these sources in your CodeRabbit configuration.
⛔ Files ignored due to path filters (1)
package-lock.jsonis excluded by!**/package-lock.json
📒 Files selected for processing (1)
package.json(1 hunks)
| "semantic-release": "^25.0.0", | ||
| "typescript": "^5.9.3", | ||
| "vite": "^6.3.5", | ||
| "vite": "^7.1.11", |
There was a problem hiding this comment.
❓ Verification inconclusive
Verify compatibility with custom Vite config and confirm lock file updates.
The vite upgrade from v6.3.5 to v7.1.11 is a minor version bump with potential breaking changes. Several items need verification:
-
Custom config compatibility: The project uses
@lokalise/package-vite-config@^4.0.0. Verify this custom config supports [email protected]. Check the config package's documentation or repository for version constraints. -
Breaking changes: Vite v7 introduces breaking changes (e.g., build output hash removal, CJS reference changes). Ensure these align with your project's export strategy. Note: The PR mentions "removing CommonJS reference" but your package.json still exports CJS via the
"main"field (line 13). Confirm this remains intentional and compatible. -
Lock files: Ensure that
package-lock.jsonoryarn.lockhas been regenerated and committed with this change. -
Node version: Confirm that Vite 7.1.11 fully supports Node ≥20 (line 41).
Run the following script to verify the custom config compatibility and check for any version constraint conflicts:
🏁 Script executed:
#!/bin/bash
# Description: Verify @lokalise/package-vite-config supports [email protected]
# Search for vite version constraints in the custom config package metadata
npm info @lokalise/package-vite-config@^4.0.0 | grep -A 20 "dependencies\|peerDependencies"
# Alternatively, check if there's a lock file and what vite version would be resolved
if [ -f package-lock.json ]; then
echo "=== Vite resolution from package-lock.json ==="
jq '.packages | to_entries[] | select(.value.name == "vite") | {resolved: .value.resolved, version: .value.version}' package-lock.json
fiLength of output: 0
I need additional verification. Let me check the repository structure and search for compatibility information.
Now let me inspect the actual repository files to complete the verification:
Based on my verification, I found a critical issue that needs to be addressed:
Update package.json engines field to require Node.js 20.19+ or 22.12+
Vite 7 no longer supports Node.js 18 and now requires Node.js 20.19+ / 22.12+. The current "engines": { "node": ">=20" } allows Node.js 20.0 through 20.18, which are incompatible with Vite 7.1.11. This will break CI/CD pipelines and development for team members using older Node 20 versions.
Change the engines field to:
"engines": { "node": ">=20.19.0" }Other notes:
- Vite 7 should be a smooth update from Vite 6, so most breaking changes won't affect typical projects
- Vitest 3.2+ supports Vite 7.0, and your project uses vitest@^3.2.4, so that's compatible
- Verify that lock files (package-lock.json or yarn.lock) are committed with the updated Vite version
🤖 Prompt for AI Agents
In package.json around line 37, the engines field currently allows Node >=20
which permits Node 20.0–20.18 that are incompatible with Vite 7.1.11; update the
engines requirement to require Node 20.19.0 or newer (or a compatible 22.x
minimum) by changing the node range to >=20.19.0 so CI and developers cannot run
with unsupported Node versions, then verify and commit updated lockfile(s) if
dependency resolution changed.
becba29 to
e5aa465
Compare
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 6.3.5 to 7.1.11. - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v7.1.11/packages/vite) --- updated-dependencies: - dependency-name: vite dependency-version: 7.1.11 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
force-pushed
the
dependabot/npm_and_yarn/vite-7.1.11
branch
from
e5aa465 to
e2f0c30
Compare
|
Superseded by #247. |
Bumps vite from 6.3.5 to 7.1.11.
Release notes
Sourced from vite's releases.
... (truncated)
Changelog
Sourced from vite's changelog.
... (truncated)
Commits
8b69c9erelease: v7.1.11f479cc5fix(dev): trim trailing slash beforeserver.fs.denycheck (#20968)6fb41a2chore(deps): update all non-major dependencies (#20966)a817307build: remove hash from built filenames (#20946)ef411cebuild: remove cjs reference in files field (#20945)d0094afrefactor: use subpath imports for types module reference (#20921)ed4a0dcrelease: v7.1.10c714776fix: preserve original sourcemap file field when combining sourcemaps (#20926)446eb38fix(esbuild): inject esbuild helpers correctly for esbuild 0.25.9+ (#20906)879de86fix(deps): update all non-major dependenciesMaintainer changes
This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for vite since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)