Skip to content

build(deps-dev): bump the npm_and_yarn group across 3 directories with 3 updates#414

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/platforms/web/npm_and_yarn-3c11b55cc1
Open

build(deps-dev): bump the npm_and_yarn group across 3 directories with 3 updates#414
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/platforms/web/npm_and_yarn-3c11b55cc1

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 29, 2026

Bumps the npm_and_yarn group with 1 update in the /platforms/web directory: vite.
Bumps the npm_and_yarn group with 1 update in the /public/themes/default/assets/libs/fslightbox directory: webpack-dev-server.
Bumps the npm_and_yarn group with 1 update in the /public/themes/default/assets/libs/jquery-ui directory: browserstack-local.

Updates vite from 5.4.21 to 8.0.10

Release notes

Sourced from vite's releases.

v8.0.10

Please refer to CHANGELOG.md for details.

v8.0.9

Please refer to CHANGELOG.md for details.

v8.0.8

Please refer to CHANGELOG.md for details.

v8.0.7

Please refer to CHANGELOG.md for details.

v8.0.6

Please refer to CHANGELOG.md for details.

v8.0.5

Please refer to CHANGELOG.md for details.

v8.0.4

Please refer to CHANGELOG.md for details.

create-vite@8.0.3

Please refer to CHANGELOG.md for details.

v8.0.3

Please refer to CHANGELOG.md for details.

create-vite@8.0.2

Please refer to CHANGELOG.md for details.

v8.0.2

Please refer to CHANGELOG.md for details.

create-vite@8.0.1

Please refer to CHANGELOG.md for details.

v8.0.1

Please refer to CHANGELOG.md for details.

plugin-legacy@8.0.1

Please refer to CHANGELOG.md for details.

create-vite@8.0.0

Please refer to CHANGELOG.md for details.

plugin-legacy@8.0.0

Please refer to CHANGELOG.md for details.

v8.0.0

Please refer to CHANGELOG.md for details.

... (truncated)

Changelog

Sourced from vite's changelog.

8.0.10 (2026-04-23)

Features

Bug Fixes

  • hmrClient.logger.debug and hmrClient.logger.error looked different from other HMR logs (#22147) (a4d828f)
  • css: show filename in CSS minification warnings for .css?inline (#22292) (83f0a78)
  • optimizer: allow user transform.target to override default in optimizeDeps (#22273) (5c7cec6)
  • remove format sniffing module resolution from JS resolver (#22297) (b8a21cc)

Code Refactoring

8.0.9 (2026-04-20)

Features

Bug Fixes

  • allow binding when strictPort is set but wildcard port is in use (#22150) (dfc8aa5)
  • build: emptyOutDir should happen for watch rebuilds (#22207) (ee52267)
  • bundled-dev: reject requests to HMR patch files in non potentially trustworthy origins (#22269) (868f141)
  • css: use unique key for cssEntriesMap to prevent same-basename collision (#22039) (374bb5d)
  • deps: update all non-major dependencies (#22219) (4cd0d67)
  • deps: update all non-major dependencies (#22268) (c28e9c1)
  • detect Deno workspace root (fix #22237) (#22238) (1b793c0)
  • dev: handle errors in watchChange hook (#22188) (fc08bda)
  • optimizer: handle more chars that will be sanitized (#22208) (3f24533)
  • skip fallback sourcemap generation for ?raw imports (#22148) (3ec9cda)

Documentation

Miscellaneous Chores

  • deps: update dependency dotenv-expand to v13 (#22271) (0a3887d)

8.0.8 (2026-04-09)

Features

... (truncated)

Commits
  • 32c2978 release: v8.0.10
  • a4d06d9 feat: update rolldown to 1.0.0-rc.17 (#22299)
  • a4d828f fix: hmrClient.logger.debug and hmrClient.logger.error looked different f...
  • 83f0a78 fix(css): show filename in CSS minification warnings for .css?inline (#22292)
  • b8a21cc fix: remove format sniffing module resolution from JS resolver (#22297)
  • 40a0847 refactor: typecheck client directory (#22284)
  • 5c7cec6 fix(optimizer): allow user transform.target to override default in optimizeDe...
  • 9437518 refactor: enable some typecheck rules (#22278)
  • ce729f5 release: v8.0.9
  • 605bb97 docs: update build CLI defaults (#22261)
  • Additional commits viewable in compare view

Updates webpack-dev-server from 3.11.3 to 5.2.3

Release notes

Sourced from webpack-dev-server's releases.

v5.2.3

5.2.3 (2026-01-12)

Bug Fixes

  • add cause for errorObject (#5518) (37b033d)
  • compatibility with event target and universal target and lazy compilation (574026c)
  • overlay: add ESC key to dismiss overlay (#5598) (f91baa8)
  • progress indicator styles (#5557) (41a53a1)
  • upgrade selfsigned to v5

v5.2.2

5.2.2 (2025-06-03)

Bug Fixes

  • "Overlay enabled" false positive (18e72ee)
  • do not crush when error is null for runtime errors (#5447) (309991f)
  • remove unnecessary header X_TEST (#5451) (64a6124)
  • respect the allowedHosts option for cross-origin header check (#5510) (03d1214)

v5.2.1

5.2.1 (2025-03-26)

Security

  • cross-origin requests are not allowed unless allowed by Access-Control-Allow-Origin header
  • requests with an IP addresses in the Origin header are not allowed to connect to WebSocket server unless configured by allowedHosts or it different from the Host header

The above changes may make the dev server not work if you relied on such behavior, but unfortunately they carry security risks, so they were considered as fixes.

Bug Fixes

  • prevent overlay for errors caught by React error boundaries (#5431) (8c1abc9)
  • take the first network found instead of the last one, this restores the same behavior as 5.0.4 (#5411) (ffd0b86)

v5.2.0

5.2.0 (2024-12-11)

Features

  • added getClientEntry and getClientHotEntry methods to get clients entries (dc642a8)

Bug Fixes

  • speed up initial client bundling (145b5d0)

... (truncated)

Changelog

Sourced from webpack-dev-server's changelog.

5.2.3 (2026-01-12)

Bug Fixes

  • add cause for errorObject (#5518) (37b033d)
  • compatibility with event target and universal target and lazy compilation (574026c)
  • overlay: add ESC key to dismiss overlay (#5598) (f91baa8)
  • progress indicator styles (#5557) (41a53a1)
  • upgrade selfsigned to v5

5.2.2 (2025-06-03)

Bug Fixes

  • "Overlay enabled" false positive (18e72ee)
  • do not crush when error is null for runtime errors (#5447) (309991f)
  • remove unnecessary header X_TEST (#5451) (64a6124)
  • respect the allowedHosts option for cross-origin header check (#5510) (03d1214)

5.2.1 (2025-03-26)

Security

  • cross-origin requests are not allowed unless allowed by Access-Control-Allow-Origin header
  • requests with an IP addresses in the Origin header are not allowed to connect to WebSocket server unless configured by allowedHosts or it different from the Host header

The above changes may make the dev server not work if you relied on such behavior, but unfortunately they carry security risks, so they were considered as fixes.

Bug Fixes

  • prevent overlay for errors caught by React error boundaries (#5431) (8c1abc9)
  • take the first network found instead of the last one, this restores the same behavior as 5.0.4 (#5411) (ffd0b86)

5.2.0 (2024-12-11)

Features

  • added getClientEntry and getClientHotEntry methods to get clients entries (dc642a8)

Bug Fixes

  • speed up initial client bundling (145b5d0)

5.1.0 (2024-09-03)

... (truncated)

Commits
  • b550a70 chore(release): 5.2.3
  • 9704dc5 chore: upgrade selfsigned to v5 and remove node-forge dependency (#5618)
  • 92bf644 chore: bump express to update qs (#5621)
  • 792b2f0 chore(deps-dev): bump the dependencies group with 4 updates (#5606)
  • 6d587ca chore(deps): bump the dependencies group across 1 directory with 27 updates (...
  • f91baa8 fix(overlay): add ESC key to dismiss overlay (#5598)
  • 574026c fix: compatibility with event target and universal target and lazy compilation
  • c53955d docs: remove unused files
  • efe0aea test: fix
  • b6bb50c chore(deps): update
  • Additional commits viewable in compare view
Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.


Updates browserstack-local from 1.5.5 to 1.5.9

Release notes

Sourced from browserstack-local's releases.

Changed local binary paths to support LocalBinary 7.3. Fixed folder argument.

Changed local binary paths to support LocalBinary 7.3. Fixed folder argument when building browserstack local arguments.

Commits
  • f11c8ea 1.5.9
  • 8c461a5 Merge pull request #169 from browserstack/LOC-6480
  • ee24820 use writeFileSync instead of echo to clear the logfile
  • 440aa80 Merge pull request #163 from browserstack/release_1.5.8
  • 125b8f1 1.5.8
  • 3eeca3f Merge pull request #162 from browserstack/download_source_from_specified_host
  • 17a583a refactor into utility methods
  • 4c0de9d Request download source from specified host
  • 3b190ed 1.5.7
  • 56d7b62 Merge pull request #161 from browserstack/Change_Binary_Download_Distribution
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by browserstack-admin, a new releaser for browserstack-local since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
build(deps-dev): bump the npm_and_yarn group across 3 directories wit…
ac49743 
…h 3 updates

Bumps the npm_and_yarn group with 1 update in the /platforms/web directory: [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite).
Bumps the npm_and_yarn group with 1 update in the /public/themes/default/assets/libs/fslightbox directory: [webpack-dev-server](https://github.com/webpack/webpack-dev-server).
Bumps the npm_and_yarn group with 1 update in the /public/themes/default/assets/libs/jquery-ui directory: [browserstack-local](https://github.com/browserstack/browserstack-local-nodejs).


Updates `vite` from 5.4.21 to 8.0.10
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v8.0.10/packages/vite)

Updates `webpack-dev-server` from 3.11.3 to 5.2.3
- [Release notes](https://github.com/webpack/webpack-dev-server/releases)
- [Changelog](https://github.com/webpack/webpack-dev-server/blob/main/CHANGELOG.md)
- [Commits](webpack/webpack-dev-server@v3.11.3...v5.2.3)

Updates `browserstack-local` from 1.5.5 to 1.5.9
- [Release notes](https://github.com/browserstack/browserstack-local-nodejs/releases)
- [Commits](browserstack/browserstack-local-nodejs@v1.5.5...v1.5.9)

---
updated-dependencies:
- dependency-name: vite
  dependency-version: 8.0.10
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: webpack-dev-server
  dependency-version: 5.2.3
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: browserstack-local
  dependency-version: 1.5.9
  dependency-type: direct:development
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Apr 29, 2026
@dependabot dependabot Bot mentioned this pull request Apr 29, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants