Bump vite from 5.1.1 to 5.2.7

[dependabot[bot]]

Bumps vite from 5.1.1 to 5.2.7.

Release notes

Sourced from vite's releases.

create-vite@5.2.3

Please refer to CHANGELOG.md for details.

create-vite@5.2.2

Please refer to CHANGELOG.md for details.

create-vite@5.2.1

Please refer to CHANGELOG.md for details.

create-vite@5.2.0

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

5.2.7 (2024-03-29)

• chore: deprecate splitVendorChunkPlugin (#16274) (45a06da), closes #16274
• fix: skip injecting __vite__mapDeps when it's not used (#16271) (890538a), closes #16271
• fix(deps): update all non-major dependencies (#16258) (7caef42), closes #16258
• fix(hmr): don't mutate module graph when collecting modules (#16302) (dfffea1), closes #16302
• fix(hmr): trigger hmr for missing file import errored module after file creation (#16303) (ffedc06), closes #16303
• fix(sourcemap): don't warn even if the sourcesContent is an empty string (#16273) (24e376a), closes #16273
• feat(hmr): reload when HTML file is created/deleted (#16288) (1f53796), closes #16288

5.2.6 (2024-03-24)

• fix: fs.deny with globs with directories (#16250) (ba5269c), closes #16250

5.2.5 (2024-03-24)

• fix: avoid SSR requests in waitForRequestIdle (#16246) (7093f77), closes #16246
• docs: clarify enforce vs hook.order (#16226) (3a73e48), closes #16226

5.2.4 (2024-03-23)

• fix: dont resolve imports with malformed URI (#16244) (fbf69d5), closes #16244

5.2.3 (2024-03-22)

• fix: handle warmup request error correctly (#16223) (d7c5256), closes #16223
• fix: skip encode if is data uri (#16233) (8617e76), closes #16233
• fix(optimizer): fix optimizeDeps.include glob syntax for ./* exports (#16230) (f184c80), closes #16230
• fix(runtime): fix sourcemap with prepareStackTrace (#16220) (dad7f4f), closes #16220
• chore: utf8 replaced with utf-8 (#16232) (9800c73), closes #16232

5.2.2 (2024-03-20)

• fix(importAnalysis): skip encode in ssr (#16213) (e4d2d60), closes #16213

5.2.1 (2024-03-20)

• fix: encode path uri only (#16212) (0b2e40b), closes #16212

... (truncated)

Commits

• ad246da release: v5.2.7
• 45a06da chore: deprecate splitVendorChunkPlugin (#16274)
• ffedc06 fix(hmr): trigger hmr for missing file import errored module after file creat...
• dfffea1 fix(hmr): don't mutate module graph when collecting modules (#16302)
• 1f53796 feat(hmr): reload when HTML file is created/deleted (#16288)
• 24e376a fix(sourcemap): don't warn even if the sourcesContent is an empty string (#16...
• 7caef42 fix(deps): update all non-major dependencies (#16258)
• 890538a fix: skip injecting __vite__mapDeps when it's not used (#16271)
• 7369016 release: v5.2.6
• ba5269c fix: fs.deny with globs with directories (#16250)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/cylc/cylc-ui/network/alerts).

[MetRonnie]

Impact

Only apps setting a custom server.fs.deny that includes a pattern with directories, and explicitly exposing the Vite dev server to the network (using --host or server.host config option) are affected.

[dependabot[bot]]

Looks like vite is no longer updatable, so this is no longer needed.