Skip to content

feat(deps): upgrade upstream dependencies#1998

Closed
voidzero-guard[bot] wants to merge 3 commits into
mainfrom
deps/upstream-update
Closed

feat(deps): upgrade upstream dependencies#1998
voidzero-guard[bot] wants to merge 3 commits into
mainfrom
deps/upstream-update

Conversation

@voidzero-guard

Copy link
Copy Markdown
Contributor

Summary

  • Automated upgrade of upstream dependencies.
  • Bumps vite to v8.1.2 (63b1489 -> ba31193) and oxlint-tsgolint 0.23.0 -> 0.24.0.
  • Updates packages/core/build.ts so wireBundledTsdownExtensions accepts the newer tsdown/rolldown form that dedupes @tsdown/css directly onto the bundled CssPlugin dynamic import.
  • Updates packages/core/package.json bundledVersions.vite to 8.1.2.

Dependency updates

Package From To
vite 63b1489 v8.1.2 (ba31193)
oxlint-tsgolint 0.23.0 0.24.0

Code changes

  • packages/core/build.ts: add detection of the { CssPlugin } = await import("./...") dedup form so a bundled CSS load that needs no specifier rewrite is treated as wired instead of failing the build.
  • packages/core/package.json: bump bundledVersions.vite from 8.1.0 to 8.1.2.

Build status

  • sync-remote-and-build: success
  • build-upstream: failure

- vite: 63b1489 -> v8.1.2 (ba31193)
- oxlint-tsgolint: 0.23.0 -> 0.24.0

Code changes:
- packages/core/build.ts: recognize the newer tsdown/rolldown form
  where `@tsdown/css` is deduped directly onto the bundled `CssPlugin`
  dynamic import, so `wireBundledTsdownExtensions` no longer fails on a
  bundled CSS load that needs no specifier rewrite.
- packages/core/package.json: bump bundledVersions.vite 8.1.0 -> 8.1.2.
@netlify

netlify Bot commented Jun 30, 2026

Copy link
Copy Markdown

Deploy Preview for viteplus-preview canceled.

Name Link
🔨 Latest commit 0781778
🔍 Latest deploy log https://app.netlify.com/projects/viteplus-preview/deploys/6a4473a5e164ac0007b54e2d

@socket-security

socket-security Bot commented Jun 30, 2026

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security
Vulnerability Quality Maintenance License
Addednpm/​oxlint-tsgolint@​0.24.01001009794100

View full report

@socket-security

socket-security Bot commented Jun 30, 2026

Copy link
Copy Markdown

All alerts resolved. Learn more about Socket for GitHub.

This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored.

View full report

@github-actions

github-actions Bot commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

✅ Staging deployment successful!

Preview: https://viteplus-staging.void.app/
Commit: 0781778

@fengmk2 fengmk2 force-pushed the deps/upstream-update branch from 8deb379 to 959643c Compare July 1, 2026 01:44
@voidzero-guard voidzero-guard Bot closed this Jul 1, 2026
@voidzero-guard voidzero-guard Bot deleted the deps/upstream-update branch July 1, 2026 02:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant