Closed dependabot[bot] closed 6 months ago
New and removed dependencies detected. Learn more about Socket for GitHub ↗︎
Package | New capabilities | Transitives | Size | Publisher |
---|---|---|---|---|
npm/vite@4.5.2 | environment, eval, filesystem, network, shell, unsafe | +3 |
5.66 MB | antfu, patak, soda, ...2 more |
🚮 Removed packages: npm/vite@4.4.11
Superseded by #2129.
Bumps vite from 4.4.11 to 4.5.2.
Changelog
Sourced from vite's changelog.
Commits
d0360c1
release: v4.5.2eeec23b
fix: fs deny for case insensitive systems (#15653)c075115
release: v4.5.141bb354
fix: backport #15223, proxy html path should be encoded (#15226)055d2b8
release: v4.5.0ed7bdc5
feat: scan .marko files (#14669)45595ef
feat: backport mdx as known js source (#14560) (#14670)520139c
feat(ssr): backport ssr.resolve.conditions and ssr.resolve.externalConditions...Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show