[PR #17305] [CLOSED] build(deps): bump the npm_and_yarn group across 1 directory with 8 updates #40022

New Issue

GiteaMirror · 2026-04-25T12:26:26-05:00

GiteaMirror commented

2026-04-25 12:26:26 -05:00

📋 Pull Request Information

Original PR: https://github.com/open-webui/open-webui/pull/17305
Author: @dependabot[bot]
Created: 9/9/2025
Status: ❌ Closed

Base: main ← Head: dependabot/npm_and_yarn/npm_and_yarn-0734abb53c

📝 Commits (1)

501312d build(deps): bump the npm_and_yarn group across 1 directory with 8 updates

📊 Changes

2 files changed (+681 additions, -1001 deletions)

View changed files

📝 package-lock.json (+676 -996)
📝 package.json (+5 -5)

📄 Description

Bumps the npm_and_yarn group with 8 updates in the / directory:

Package	From	To
jspdf	`3.0.1`	`3.0.2`
vite-plugin-static-copy	`2.2.0`	`2.3.2`
devalue	`5.1.1`	`5.3.2`
esbuild	`0.21.5`	`0.25.1`
@sveltejs/vite-plugin-svelte	`3.1.1`	`6.1.4`
vite	`5.4.19`	`7.1.5`
vitest	`1.6.1`	`3.2.4`
tmp	`0.2.3`	`0.2.5`

Updates jspdf from 3.0.1 to 3.0.2

Release notes

Sourced from jspdf's releases.

v3.0.2

This release fixes a security issue where parsing of corrupt PNG images could lead to long running loops and denial of service.

What's Changed

[Snyk] Upgrade @babel/runtime from 7.26.7 to 7.26.9 by @MrRio in parallax/jsPDF#3847

Fix parsing corrupt PNG images in addImage method by @HackbrettXXX in parallax/jsPDF#3880. The atob and btoa dependencies have been removed and the fast-png dependency has been added.

New Contributors

@WardenDrew made their first contribution in parallax/jsPDF#3872

Full Changelog: https://github.com/parallax/jsPDF/compare/v3.0.1...v3.0.2

Commits

543b356 3.0.2
4cf3ab6 Fix parsing corrupt PNG images in the addImage method (#3880)
7c51caa Correct the millimeter unit conversion constant in docs (#3872)
d8bfc9f fix: upgrade @babel/runtime from 7.26.7 to 7.26.9 (#3847)
See full diff in compare view

Updates vite-plugin-static-copy from 2.2.0 to 2.3.2

Release notes

Sourced from vite-plugin-static-copy's releases.

vite-plugin-static-copy@2.3.2

Patch Changes

4627afb Thanks @sapphi-red! - Files not included in src was possible to acess with a crafted request. See GHSA-pp7p-q8fx-2968 for more details.

vite-plugin-static-copy@2.3.1

Patch Changes

#152 6aee6a3 Thanks @sapphi-red! - improve performance of internal isSubdirectoryOrEqual function

vite-plugin-static-copy@2.3.0

Minor Changes

281f5b2 Thanks @sapphi-red! - improve performance by coping files concurrently when possible

Patch Changes

#149 a9f35c9 Thanks @sapphi-red! - ensure .[cm]?[tj]sx? static assets are JS mime to align with Vite. vitejs/vite#19453

Changelog

Sourced from vite-plugin-static-copy's changelog.

2.3.2

Patch Changes

4627afb Thanks @sapphi-red! - Files not included in src was possible to acess with a crafted request. See GHSA-pp7p-q8fx-2968 for more details.

2.3.1

Patch Changes

#152 6aee6a3 Thanks @sapphi-red! - improve performance of internal isSubdirectoryOrEqual function

2.3.0

Minor Changes

281f5b2 Thanks @sapphi-red! - improve performance by coping files concurrently when possible

Patch Changes

#149 a9f35c9 Thanks @sapphi-red! - ensure .[cm]?[tj]sx? static assets are JS mime to align with Vite. vitejs/vite#19453

Commits

326a79f chore: update versions (#197)
0f39cad ci: run release against v* branches
4627afb fix: only serve files under src (#195)
08cafec chore: update versions (#154)
6aee6a3 perf: improve isSubdirectoryOrEqual performance (#152)
5f707b6 chore: update versions (#147)
26cbffe chore: update pnpm to v10
a9f35c9 fix: ensure .[cm]?[tj]sx? static assets are JS mime (#149)
94b04d5 chore: update packages (#148)
281f5b2 chore: add changeset for #146
Additional commits viewable in compare view

Updates devalue from 5.1.1 to 5.3.2

Release notes

Sourced from devalue's releases.

v5.3.2

Patch Changes

0623a47: fix: disallow array method access when parsing

0623a47: fix: disallow __proto__ properties on objects

v5.3.1

Patch Changes

ae904c5: fix: correctly differentiate between +0 and -0

v5.3.0

Minor Changes

2896e7b: feat: support Temporal

fec694d: feat: support URL and URLSearchParams objects

Changelog

Sourced from devalue's changelog.

5.3.2

Patch Changes

0623a47: fix: disallow array method access when parsing

0623a47: fix: disallow __proto__ properties on objects

5.3.1

Patch Changes

ae904c5: fix: correctly differentiate between +0 and -0

5.3.0

Minor Changes

2896e7b: feat: support Temporal

fec694d: feat: support URL and URLSearchParams objects

5.2.1

Patch Changes

e46f4c8: fix: handle repeated array buffers and subarrays

2dfa504: fix: handle custom classes with null proto as pojo

5.2.0

Handle custom classes with null proto as pojo (#95)

Commits

86a6a66 Version Packages (#109)
0623a47 Merge commit from fork
02d20e8 Version Packages (#108)
ae904c5 fix stringify not picking up negative zero if a normal zero has appeared befo...
e95b87a fix pkg.repository
8300172 fix changeset config
434d8ae Version Packages (#106)
67c8334 mention support for URL/URLSearchParams/Temporal in README
fec694d feat: support URL and URLSearchParams (#92)
2896e7b Add support for Temporal objects (#98)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by svelte-admin, a new releaser for devalue since your current version.

Updates esbuild from 0.21.5 to 0.25.1

Release notes

Sourced from esbuild's releases.

v0.25.1
Fix incorrect paths in inline source maps (#4070, #4075, #4105)

This fixes a regression from version 0.25.0 where esbuild didn't correctly resolve relative paths contained within source maps in inline sourceMappingURL data URLs. The paths were incorrectly being passed through as-is instead of being resolved relative to the source file containing the sourceMappingURL comment, which was due to the data URL not being a file URL. This regression has been fixed, and this case now has test coverage.

Fix invalid generated source maps (#4080, #4082, #4104, #4107)

This release fixes a regression from version 0.24.1 that could cause esbuild to generate invalid source maps. Specifically under certain conditions, esbuild could generate a mapping with an out-of-bounds source index. It was introduced by code that attempted to improve esbuild's handling of "null" entries in source maps (i.e. mappings with a generated position but no original position). This regression has been fixed.

This fix was contributed by @jridgewell.

Fix a regression with non-file source map paths (#4078)

The format of paths in source maps that aren't in the file namespace was unintentionally changed in version 0.25.0. Path namespaces is an esbuild-specific concept that is optionally available for plugins to use to distinguish paths from file paths and from paths meant for other plugins. Previously the namespace was prepended to the path joined with a : character, but version 0.25.0 unintentionally failed to prepend the namespace. The previous behavior has been restored.
Fix a crash with switch optimization (#4088)

The new code in the previous release to optimize dead code in switch statements accidentally introduced a crash in the edge case where one or more switch case values include a function expression. This is because esbuild now visits the case values first to determine whether any cases are dead code, and then visits the case bodies once the dead code status is known. That triggered some internal asserts that guard against traversing the AST in an unexpected order. This crash has been fixed by changing esbuild to expect the new traversal ordering. Here's an example of affected code:
switch (x) {
  case '':
    return y.map(z => z.value)
  case y.map(z => z.key).join(','):
    return []
}
Update Go from 1.23.5 to 1.23.7 (#4076, #4077)

This should have no effect on existing code as this version change does not change Go's operating system support. It may remove certain reports from vulnerability scanners that detect which version of the Go compiler esbuild uses.

This PR was contributed by @MikeWillCook.
v0.25.0

This release deliberately contains backwards-incompatible changes. To avoid automatically picking up releases like this, you should either be pinning the exact version of esbuild in your package.json file (recommended) or be using a version range syntax that only accepts patch upgrades such as ^0.24.0 or ~0.24.0. See npm's documentation about semver for more information.

Restrict access to esbuild's development server (GHSA-67mh-4wv8-2f99)

This change addresses esbuild's first security vulnerability report. Previously esbuild set the Access-Control-Allow-Origin header to * to allow esbuild's development server to be flexible in how it's used for development. However, this allows the websites you visit to make HTTP requests to esbuild's local development server, which gives read-only access to your source code if the website were to fetch your source code's specific URL. You can read more information in the report.

Starting with this release, CORS will now be disabled, and requests will now be denied if the host does not match the one provided to --serve=. The default host is 0.0.0.0, which refers to all of the IP addresses that represent the local machine (e.g. both 127.0.0.1 and 192.168.0.1). If you want to customize anything about esbuild's development server, you can put a proxy in front of esbuild and modify the incoming and/or outgoing requests.

In addition, the serve() API call has been changed to return an array of hosts instead of a single host string. This makes it possible to determine all of the hosts that esbuild's development server will accept.

Thanks to @sapphi-red for reporting this issue.

Delete output files when a build fails in watch mode (#3643)

It has been requested for esbuild to delete files when a build fails in watch mode. Previously esbuild left the old files in place, which could cause people to not immediately realize that the most recent build failed. With this release, esbuild will now delete all output files if a rebuild fails. Fixing the build error and triggering another rebuild will restore all output files again.

... (truncated)

Changelog

Sourced from esbuild's changelog.

Changelog: 2024

This changelog documents all esbuild versions published in the year 2024 (versions 0.19.12 through 0.24.2).

0.24.2

Fix regression with --define and import.meta (#4010, #4012, #4013)

The previous change in version 0.24.1 to use a more expression-like parser for define values to allow quoted property names introduced a regression that removed the ability to use --define:import.meta=.... Even though import is normally a keyword that can't be used as an identifier, ES modules special-case the import.meta expression to behave like an identifier anyway. This change fixes the regression.

This fix was contributed by @sapphi-red.

0.24.1
Allow es2024 as a target in tsconfig.json (#4004)

TypeScript recently added es2024 as a compilation target, so esbuild now supports this in the target field of tsconfig.json files, such as in the following configuration file:
{
  "compilerOptions": {
    "target": "ES2024"
  }
}
As a reminder, the only thing that esbuild uses this field for is determining whether or not to use legacy TypeScript behavior for class fields. You can read more in the documentation.

This fix was contributed by @billyjanitsch.
Allow automatic semicolon insertion after get/set

This change fixes a grammar bug in the parser that incorrectly treated the following code as a syntax error:
class Foo {
  get
  *x() {}
  set
  *y() {}
}
The above code will be considered valid starting with this release. This change to esbuild follows a similar change to TypeScript which will allow this syntax starting with TypeScript 5.7.
Allow quoted property names in --define and --pure (#4008)

The define and pure API options now accept identifier expressions containing quoted property names. Previously all identifiers in the identifier expression had to be bare identifiers. This change now makes --define and --pure consistent with --global-name, which already supported quoted property names. For example, the following is now possible:

... (truncated)

Commits

6bfc1c1 publish 0.25.1 to npm
f9b3952 fix #4078: prepend namespaces to source map paths
ccf3dd7 add "contributed by" in changelog
48cd7a9 Update Go from 1.23.5 to 1.23.7 (#4077)
1f04fa4 fix absolute windows paths in source maps
9ca03f6 also add test case from #4075
2f244c0 add test case from #4104
1dde994 fix incorrect test names
9f008c5 fix #4070: file namespace for sourceMappingURL
cbd5eb8 release notes and tests for #4082
Additional commits viewable in compare view

Updates @sveltejs/vite-plugin-svelte from 3.1.1 to 6.1.4

Release notes

Sourced from @sveltejs/vite-plugin-svelte's releases.

@sveltejs/vite-plugin-svelte@6.1.4

Patch Changes

fix: allow preprocess plugin to run twice (#1206)

fix(types): update urls to PreprocessorGroup and CompileOptions in type documention (#1203)

replace kleur dependency with builtin node:utils styleText (#1210)

@sveltejs/vite-plugin-svelte@6.1.3

Patch Changes

fix(api): add api.filter and deprecate api.idFilter to avoid confusing filter.id = idFilter.id assignments when used as hybrid filter in other plugins (#1199)

@sveltejs/vite-plugin-svelte@6.1.2

Patch Changes

fix: ensure compiled css is returned when reloading during dev with ssr (e.g. SvelteKit) (#1194)

@sveltejs/vite-plugin-svelte@6.1.1

Patch Changes

fix: ensure compiled svelte css is loaded correctly when rebuilding in build --watch (#1189)

@sveltejs/vite-plugin-svelte@6.1.0

Minor Changes

feat: add support for the new experimental.async option and apply dynamicCompileOptions when compiling Svelte modules (#1176)

Patch Changes

skip comment blocks when reporting compiler errors that might be caused by a preprocessor issue (#1166)

increase logLevel to info for "no Svelte config found" message (#1179)

@sveltejs/vite-plugin-svelte@6.0.0

Major Changes

drop support for node18 and update exports map to use default export. cjs is supported via require esm in node 20.19+ (#1129)

Remove experimental "advanced raw queries" feature. Basic File.svelte?raw is still supported. (#1145)

Using the typescript preprocessor now requires a tsconfig.json with verbatimModuleSyntax enabled, eg @tsconfig/svelte (#1135)

... (truncated)

Changelog

Sourced from @sveltejs/vite-plugin-svelte's changelog.

6.1.4

Patch Changes

fix: allow preprocess plugin to run twice (#1206)

fix(types): update urls to PreprocessorGroup and CompileOptions in type documention (#1203)

replace kleur dependency with builtin node:utils styleText (#1210)

6.1.3

Patch Changes

fix(api): add api.filter and deprecate api.idFilter to avoid confusing filter.id = idFilter.id assignments when used as hybrid filter in other plugins (#1199)

6.1.2

Patch Changes

fix: ensure compiled css is returned when reloading during dev with ssr (e.g. SvelteKit) (#1194)

6.1.1

Patch Changes

fix: ensure compiled svelte css is loaded correctly when rebuilding in build --watch (#1189)

6.1.0

Minor Changes

feat: add support for the new experimental.async option and apply dynamicCompileOptions when compiling Svelte modules (#1176)

Patch Changes

skip comment blocks when reporting compiler errors that might be caused by a preprocessor issue (#1166)

increase logLevel to info for "no Svelte config found" message (#1179)

6.0.0

Major Changes

drop support for node18 and update exports map to use default export. cjs is supported via require esm in node 20.19+ (#1129)

... (truncated)

Commits

2842159 Version Packages (#1204)
35121ac refactor: replace kleur with styleText (#1210)
db12c90 fix(deps): update all non-major dependencies (#1205)
79a56c4 fix: allow preprocess plugin to run twice (#1206)
e10850b fix(types): update urls to PreprocessorGroup and CompileOptions docs (#1203)
42681d3 Version Packages (#1200)
f9e4632 fix(api): rename idFilter to filter to avoid confusion (#1199)
cf5a6be fix(deps): update all non-major dependencies (#1193)
7bcf224 Version Packages (#1195)
3e3eb85 fix: ensure compiled css is available after reload during dev with SSR (Svelt...
Additional commits viewable in compare view

Updates vite from 5.4.19 to 7.1.5

Release notes

Sourced from vite's releases.

v7.1.5

Please refer to CHANGELOG.md for details.

v7.1.4

Please refer to CHANGELOG.md for details.

v7.1.3

Please refer to CHANGELOG.md for details.

v7.1.2

Please refer to CHANGELOG.md for details.

v7.1.1

Please refer to CHANGELOG.md for details.

create-vite@7.1.1

Please refer to CHANGELOG.md for details.

plugin-legacy@7.1.0

Please refer to CHANGELOG.md for details.

create-vite@7.1.0

Please refer to CHANGELOG.md for details.

v7.1.0

Please refer to CHANGELOG.md for details.

v7.1.0-beta.1

Please refer to CHANGELOG.md for details.

v7.1.0-beta.0

Please refer to CHANGELOG.md for details.

v7.0.7

Please refer to CHANGELOG.md for details.

v7.0.6

Please refer to CHANGELOG.md for details.

v7.0.5

Please refer to CHANGELOG.md for details.

v7.0.4

Please refer to CHANGELOG.md for details.

v7.0.3

Please refer to CHANGELOG.md for details.

create-vite@7.0.3

Please refer to CHANGELOG.md for details.

... (truncated)

Changelog

Sourced from vite's changelog.

7.1.5 (2025-09-08)

Bug Fixes

apply fs.strict check to HTML files (#20736) (14015d7)

deps: update all non-major dependencies (#20732) (122bfba)

upgrade sirv to 3.0.2 (#20735) (09f2b52)

7.1.4 (2025-09-01)

Bug Fixes

add missing awaits (#20697) (79d10ed)

deps: update all non-major dependencies (#20676) (5a274b2)

deps: update all non-major dependencies (#20709) (0401feb)

pass rollup watch options when building in watch mode (#20674) (f367453)

Miscellaneous Chores

remove unused constants entry from rolldown.config.ts (#20710) (537fcf9)

Code Refactoring

remove unnecessary minify parameter from finalizeCss (#20701) (8099582)

7.1.3 (2025-08-19)

Features

cli: add Node.js version warning for unsupported versions (#20638) (a1be1bf)

generate code frame for parse errors thrown by terser (#20642) (a9ba017)

support long lines in generateCodeFrame (#20640) (1559577)

Bug Fixes

deps: update all non-major dependencies (#20634) (4851cab)

optimizer: incorrect incompatible error (#20439) (446fe83)

support multiline new URL(..., import.meta.url) expressions (#20644) (9ccf142)

Performance Improvements

cli: dynamically import resolveConfig (#20646) (f691f57)

Miscellaneous Chores

deps: update rolldown-related dependencies (#20633) (98b92e8)

Code Refactoring

replace startsWith with strict equality (#20603) (42816de)

use import in worker threads (#20641) (530687a)

Tests

... (truncated)

Commits

5647540 release: v7.1.5
09f2b52 fix: upgrade sirv to 3.0.2 (#20735)
14015d7 fix: apply fs.strict check to HTML files (#20736)
122bfba fix(deps): update all non-major dependencies (#20732)
bcc3144 release: v7.1.4
0401feb fix(deps): update all non-major dependencies (#20709)
537fcf9 chore: remove unused constants entry from rolldown.config.ts (#20710)
79d10ed fix: add missing awaits (#20697)
8099582 refactor: remove unnecessary minify parameter from finalizeCss (#20701)
f367453 fix: pass rollup watch options when building in watch mode (#20674)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for vite since your current version.

Updates vitest from 1.6.1 to 3.2.4

Release notes

Sourced from vitest's releases.

v3.2.4

   🐞 Bug Fixes

Use correct path for optimisation of strip-literal - by @mrginglymus in vitest-dev/vitest#8139 (44940)

Print uint and buffer as a simple string - by @sheremet-va in vitest-dev/vitest#8141 (b86bf)

browser:

Show a helpful error when spying on an export - by @sheremet-va in vitest-dev/vitest#8178 (56007)

cli:

vitest run --watch should be watch-mode - by @AriPerkkio in vitest-dev/vitest#8128 (657e8)

Use absolute path environment on Windows - by @colinaaa in vitest-dev/vitest#8105 (85dc0)

Throw error when --shard x/<count> exceeds count of test files - by @AriPerkkio in vitest-dev/vitest#8112 (8a18c)

coverage:

Ignore SCSS in browser mode - by @sheremet-va in vitest-dev/vitest#8161 (0c3be)

deps:

Update all non-major dependencies - in vitest-dev/vitest#8123 (93f32)

expect:

Handle async errors in expect.soft - by @lzl0304 in vitest-dev/vitest#8145 (68699)

pool:

Auto-adjust minWorkers when only maxWorkers specified - by @AriPerkkio in vitest-dev/vitest#8110 (14dc0)

reporter:

task.meta should be available in custom reporter's errors - by @AriPerkkio in vitest-dev/vitest#8115 (27df6)

runner:

Preserve handler wrapping on extend - by @pengooseDev in vitest-dev/vitest#8153 (a9281)

ui:

Ensure ui config option works correctly - by @lzl0304 in vitest-dev/vitest#8147 (42eeb)

    View changes on GitHub

v3.2.3

   🚀 Features

browser: Use base url instead of vitest - by @sheremet-va in vitest-dev/vitest#8126 (1d8eb)

ui: Show test annotations and metadata in the test report tab - by @sheremet-va in vitest-dev/vitest#8093 (c69be)

   🐞 Bug Fixes

Rerun tests when project's setup file is changed - by @sheremet-va in vitest-dev/vitest#8097 (0f335)

Revert expect.any return type - by @sheremet-va in vitest-dev/vitest#8129 (47514)

Run only the name plugin last, not all config plugins - by @sheremet-va in vitest-dev/vitest#8130 (83862)

pool:

Throw if user's tests use process.send() - by @AriPerkkio in vitest-dev/vitest#8125 (dfe81)

runner:

Fast sequential task updates missing - by @AriPerkkio in vitest-dev/vitest#8121 (7bd11)

Comments between fixture destructures - by @AriPerkkio in vitest-dev/vitest#8127 (dc469)

vite-node:

Unable to handle errors where sourcemap mapping empty - by @blake-newman and @hi-ogawa in vitest-dev/vitest#8071 (8aa25)

    View changes on GitHub

v3.2.2

... (truncated)

Commits

c666d14 chore: release v3.2.4
8a18c8e fix(cli): throw error when --shard x/\<count> exceeds count of test files (#...
8abd7cc chore(deps): update tinypool (#8174)
93f3200 fix(deps): update all non-major dependencies (#8123)
0c3be6f fix(coverage): ignore SCSS in browser mode (#8161)
790bc31 chore: update deprecation notice for globs (#8148)
c0eae7d chore: update deprecated workspace file log (#8118)
14dc072 fix(pool): auto-adjust minWorkers when only maxWorkers specified (#8110)
85dc019 fix(cli): use absolute path environment on Windows (#8105)
27df68a fix(reporter): task.meta should be available in custom reporter's errors (#...
Additional commits viewable in compare view

Updates tmp from 0.2.3 to 0.2.5

Commits

3d2fe38 Bump up the version
e162828 Merge pull request #309 from fflorent/fix-tmp-dir-with-dir
b847d2f Fix use of tmp.dir() with dir option
08fa3ab Update version
1cf4ec5 Merge commit from fork
188b25e Fix GHSA-52f5-9888-hmc6
73b9fe4 Add test case for GHSA-52f5-9888-hmc6
b8e2f29 Remove broken tests
2892a02 Remove outdated URL
f592318 Reformat package.json
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
You can disable automated security fix PRs for this repo from the Security Alerts page.

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/open-webui/open-webui/pull/17305 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 9/9/2025 **Status:** ❌ Closed **Base:** `main` ← **Head:** `dependabot/npm_and_yarn/npm_and_yarn-0734abb53c` --- ### 📝 Commits (1) - [`501312d`](https://github.com/open-webui/open-webui/commit/501312dcb38ac93e90563f7eec181d7870d9c62a) build(deps): bump the npm_and_yarn group across 1 directory with 8 updates ### 📊 Changes **2 files changed** (+681 additions, -1001 deletions) <details> <summary>View changed files</summary> 📝 `package-lock.json` (+676 -996) 📝 `package.json` (+5 -5) </details> ### 📄 Description Bumps the npm_and_yarn group with 8 updates in the / directory: | Package | From | To | | --- | --- | --- | | [jspdf](https://github.com/parallax/jsPDF) | `3.0.1` | `3.0.2` | | [vite-plugin-static-copy](https://github.com/sapphi-red/vite-plugin-static-copy) | `2.2.0` | `2.3.2` | | [devalue](https://github.com/sveltejs/devalue) | `5.1.1` | `5.3.2` | | [esbuild](https://github.com/evanw/esbuild) | `0.21.5` | `0.25.1` | | [@sveltejs/vite-plugin-svelte](https://github.com/sveltejs/vite-plugin-svelte/tree/HEAD/packages/vite-plugin-svelte) | `3.1.1` | `6.1.4` | | [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `5.4.19` | `7.1.5` | | [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `1.6.1` | `3.2.4` | | [tmp](https://github.com/raszi/node-tmp) | `0.2.3` | `0.2.5` | Updates `jspdf` from 3.0.1 to 3.0.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/parallax/jsPDF/releases">jspdf's releases</a>.</em></p> <blockquote> <h2>v3.0.2</h2> <p>This release fixes a <a href="https://github.com/parallax/jsPDF/security/advisories/GHSA-8mvj-3j78-4qmw">security issue</a> where parsing of corrupt PNG images could lead to long running loops and denial of service.</p> <h2>What's Changed</h2> <ul> <li>[Snyk] Upgrade <code>@babel/runtime</code> from 7.26.7 to 7.26.9 by <a href="https://github.com/MrRio"><code>@MrRio</code></a> in <a href="https://redirect.github.com/parallax/jsPDF/pull/3847">parallax/jsPDF#3847</a></li> <li>Fix parsing corrupt PNG images in addImage method by <a href="https://github.com/HackbrettXXX"><code>@HackbrettXXX</code></a> in <a href="https://redirect.github.com/parallax/jsPDF/pull/3880">parallax/jsPDF#3880</a>. The atob and btoa dependencies have been removed and the fast-png dependency has been added.</li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/WardenDrew"><code>@WardenDrew</code></a> made their first contribution in <a href="https://redirect.github.com/parallax/jsPDF/pull/3872">parallax/jsPDF#3872</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/parallax/jsPDF/compare/v3.0.1...v3.0.2">https://github.com/parallax/jsPDF/compare/v3.0.1...v3.0.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/parallax/jsPDF/commit/543b356c321a7e13f08d4cb3d1f247e8b130a871"><code>543b356</code></a> 3.0.2</li> <li><a href="https://github.com/parallax/jsPDF/commit/4cf3ab619e565d9b88b4b130bff901b91d8688e9"><code>4cf3ab6</code></a> Fix parsing corrupt PNG images in the addImage method (<a href="https://redirect.github.com/parallax/jsPDF/issues/3880">#3880</a>)</li> <li><a href="https://github.com/parallax/jsPDF/commit/7c51caa387b5c08326fc5e70ac7f5e266741fcae"><code>7c51caa</code></a> Correct the millimeter unit conversion constant in docs (<a href="https://redirect.github.com/parallax/jsPDF/issues/3872">#3872</a>)</li> <li><a href="https://github.com/parallax/jsPDF/commit/d8bfc9f0af8a91ff96c8396147b582d136551151"><code>d8bfc9f</code></a> fix: upgrade <code>@babel/runtime</code> from 7.26.7 to 7.26.9 (<a href="https://redirect.github.com/parallax/jsPDF/issues/3847">#3847</a>)</li> <li>See full diff in <a href="https://github.com/parallax/jsPDF/compare/v3.0.1...v3.0.2">compare view</a></li> </ul> </details> <br /> Updates `vite-plugin-static-copy` from 2.2.0 to 2.3.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sapphi-red/vite-plugin-static-copy/releases">vite-plugin-static-copy's releases</a>.</em></p> <blockquote> <h2>vite-plugin-static-copy@2.3.2</h2> <h3>Patch Changes</h3> <ul> <li><a href="https://github.com/sapphi-red/vite-plugin-static-copy/commit/4627afb8582083eab733881d3d974e1c1f23997d"><code>4627afb</code></a> Thanks <a href="https://github.com/sapphi-red"><code>@sapphi-red</code></a>! - Files not included in <code>src</code> was possible to acess with a crafted request. See <a href="https://github.com/sapphi-red/vite-plugin-static-copy/security/advisories/GHSA-pp7p-q8fx-2968">GHSA-pp7p-q8fx-2968</a> for more details.</li> </ul> <h2>vite-plugin-static-copy@2.3.1</h2> <h3>Patch Changes</h3> <ul> <li><a href="https://redirect.github.com/sapphi-red/vite-plugin-static-copy/pull/152">#152</a> <a href="https://github.com/sapphi-red/vite-plugin-static-copy/commit/6aee6a3d8caf6d08bedeb4c97fb7580fd904b895"><code>6aee6a3</code></a> Thanks <a href="https://github.com/sapphi-red"><code>@sapphi-red</code></a>! - improve performance of internal <code>isSubdirectoryOrEqual</code> function</li> </ul> <h2>vite-plugin-static-copy@2.3.0</h2> <h3>Minor Changes</h3> <ul> <li><a href="https://github.com/sapphi-red/vite-plugin-static-copy/commit/281f5b22aaa23a055af93553da8c84932ef31c41"><code>281f5b2</code></a> Thanks <a href="https://github.com/sapphi-red"><code>@sapphi-red</code></a>! - improve performance by coping files concurrently when possible</li> </ul> <h3>Patch Changes</h3> <ul> <li><a href="https://redirect.github.com/sapphi-red/vite-plugin-static-copy/pull/149">#149</a> <a href="https://github.com/sapphi-red/vite-plugin-static-copy/commit/a9f35c9557b0ab710006c83418c3c982c2eb746e"><code>a9f35c9</code></a> Thanks <a href="https://github.com/sapphi-red"><code>@sapphi-red</code></a>! - ensure <code>.[cm]?[tj]sx?</code> static assets are JS mime to align with Vite. <a href="https://redirect.github.com/vitejs/vite/pull/19453">vitejs/vite#19453</a></li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/sapphi-red/vite-plugin-static-copy/blob/vite-plugin-static-copy@2.3.2/CHANGELOG.md">vite-plugin-static-copy's changelog</a>.</em></p> <blockquote> <h2>2.3.2</h2> <h3>Patch Changes</h3> <ul> <li><a href="https://github.com/sapphi-red/vite-plugin-static-copy/commit/4627afb8582083eab733881d3d974e1c1f23997d"><code>4627afb</code></a> Thanks <a href="https://github.com/sapphi-red"><code>@sapphi-red</code></a>! - Files not included in <code>src</code> was possible to acess with a crafted request. See <a href="https://github.com/sapphi-red/vite-plugin-static-copy/security/advisories/GHSA-pp7p-q8fx-2968">GHSA-pp7p-q8fx-2968</a> for more details.</li> </ul> <h2>2.3.1</h2> <h3>Patch Changes</h3> <ul> <li><a href="https://redirect.github.com/sapphi-red/vite-plugin-static-copy/pull/152">#152</a> <a href="https://github.com/sapphi-red/vite-plugin-static-copy/commit/6aee6a3d8caf6d08bedeb4c97fb7580fd904b895"><code>6aee6a3</code></a> Thanks <a href="https://github.com/sapphi-red"><code>@sapphi-red</code></a>! - improve performance of internal <code>isSubdirectoryOrEqual</code> function</li> </ul> <h2>2.3.0</h2> <h3>Minor Changes</h3> <ul> <li><a href="https://github.com/sapphi-red/vite-plugin-static-copy/commit/281f5b22aaa23a055af93553da8c84932ef31c41"><code>281f5b2</code></a> Thanks <a href="https://github.com/sapphi-red"><code>@sapphi-red</code></a>! - improve performance by coping files concurrently when possible</li> </ul> <h3>Patch Changes</h3> <ul> <li><a href="https://redirect.github.com/sapphi-red/vite-plugin-static-copy/pull/149">#149</a> <a href="https://github.com/sapphi-red/vite-plugin-static-copy/commit/a9f35c9557b0ab710006c83418c3c982c2eb746e"><code>a9f35c9</code></a> Thanks <a href="https://github.com/sapphi-red"><code>@sapphi-red</code></a>! - ensure <code>.[cm]?[tj]sx?</code> static assets are JS mime to align with Vite. <a href="https://redirect.github.com/vitejs/vite/pull/19453">vitejs/vite#19453</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sapphi-red/vite-plugin-static-copy/commit/326a79fb29bd082a876f59681d2d61e488267331"><code>326a79f</code></a> chore: update versions (<a href="https://redirect.github.com/sapphi-red/vite-plugin-static-copy/issues/197">#197</a>)</li> <li><a href="https://github.com/sapphi-red/vite-plugin-static-copy/commit/0f39cad26e703a09ab6b10049a5ba455e14ad8c8"><code>0f39cad</code></a> ci: run release against <code>v*</code> branches</li> <li><a href="https://github.com/sapphi-red/vite-plugin-static-copy/commit/4627afb8582083eab733881d3d974e1c1f23997d"><code>4627afb</code></a> fix: only serve files under <code>src</code> (<a href="https://redirect.github.com/sapphi-red/vite-plugin-static-copy/issues/195">#195</a>)</li> <li><a href="https://github.com/sapphi-red/vite-plugin-static-copy/commit/08cafec9b7562b76244aeff460328898724aac16"><code>08cafec</code></a> chore: update versions (<a href="https://redirect.github.com/sapphi-red/vite-plugin-static-copy/issues/154">#154</a>)</li> <li><a href="https://github.com/sapphi-red/vite-plugin-static-copy/commit/6aee6a3d8caf6d08bedeb4c97fb7580fd904b895"><code>6aee6a3</code></a> perf: improve <code>isSubdirectoryOrEqual</code> performance (<a href="https://redirect.github.com/sapphi-red/vite-plugin-static-copy/issues/152">#152</a>)</li> <li><a href="https://github.com/sapphi-red/vite-plugin-static-copy/commit/5f707b6103044ecff36791efee26b33ecf689b41"><code>5f707b6</code></a> chore: update versions (<a href="https://redirect.github.com/sapphi-red/vite-plugin-static-copy/issues/147">#147</a>)</li> <li><a href="https://github.com/sapphi-red/vite-plugin-static-copy/commit/26cbffedd9dfa5241e3cd9269b660f1ea8bd23ea"><code>26cbffe</code></a> chore: update pnpm to v10</li> <li><a href="https://github.com/sapphi-red/vite-plugin-static-copy/commit/a9f35c9557b0ab710006c83418c3c982c2eb746e"><code>a9f35c9</code></a> fix: ensure <code>.[cm]?[tj]sx?</code> static assets are JS mime (<a href="https://redirect.github.com/sapphi-red/vite-plugin-static-copy/issues/149">#149</a>)</li> <li><a href="https://github.com/sapphi-red/vite-plugin-static-copy/commit/94b04d5edde8eca46da38f504435901ee35e327c"><code>94b04d5</code></a> chore: update packages (<a href="https://redirect.github.com/sapphi-red/vite-plugin-static-copy/issues/148">#148</a>)</li> <li><a href="https://github.com/sapphi-red/vite-plugin-static-copy/commit/281f5b22aaa23a055af93553da8c84932ef31c41"><code>281f5b2</code></a> chore: add changeset for <a href="https://redirect.github.com/sapphi-red/vite-plugin-static-copy/issues/146">#146</a></li> <li>Additional commits viewable in <a href="https://github.com/sapphi-red/vite-plugin-static-copy/compare/vite-plugin-static-copy@2.2.0...vite-plugin-static-copy@2.3.2">compare view</a></li> </ul> </details> <br /> Updates `devalue` from 5.1.1 to 5.3.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sveltejs/devalue/releases">devalue's releases</a>.</em></p> <blockquote> <h2>v5.3.2</h2> <h3>Patch Changes</h3> <ul> <li>0623a47: fix: disallow array method access when parsing</li> <li>0623a47: fix: disallow <code>__proto__</code> properties on objects</li> </ul> <h2>v5.3.1</h2> <h3>Patch Changes</h3> <ul> <li>ae904c5: fix: correctly differentiate between +0 and -0</li> </ul> <h2>v5.3.0</h2> <h3>Minor Changes</h3> <ul> <li>2896e7b: feat: support Temporal</li> <li>fec694d: feat: support <code>URL</code> and <code>URLSearchParams</code> objects</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/sveltejs/devalue/blob/main/CHANGELOG.md">devalue's changelog</a>.</em></p> <blockquote> <h2>5.3.2</h2> <h3>Patch Changes</h3> <ul> <li>0623a47: fix: disallow array method access when parsing</li> <li>0623a47: fix: disallow <code>__proto__</code> properties on objects</li> </ul> <h2>5.3.1</h2> <h3>Patch Changes</h3> <ul> <li>ae904c5: fix: correctly differentiate between +0 and -0</li> </ul> <h2>5.3.0</h2> <h3>Minor Changes</h3> <ul> <li>2896e7b: feat: support Temporal</li> <li>fec694d: feat: support <code>URL</code> and <code>URLSearchParams</code> objects</li> </ul> <h2>5.2.1</h2> <h3>Patch Changes</h3> <ul> <li>e46f4c8: fix: handle repeated array buffers and subarrays</li> <li>2dfa504: fix: handle custom classes with null proto as pojo</li> </ul> <h2>5.2.0</h2> <ul> <li>Handle custom classes with null proto as pojo (<a href="https://redirect.github.com/sveltejs/devalue/pull/95">#95</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sveltejs/devalue/commit/86a6a66d2c830514e94326a0f8fa2d8d670eac8a"><code>86a6a66</code></a> Version Packages (<a href="https://redirect.github.com/sveltejs/devalue/issues/109">#109</a>)</li> <li><a href="https://github.com/sveltejs/devalue/commit/0623a47c9555b639c03ff1baea82951b2d9d1132"><code>0623a47</code></a> Merge commit from fork</li> <li><a href="https://github.com/sveltejs/devalue/commit/02d20e8a792e5daa387b23816aba0170fec7437e"><code>02d20e8</code></a> Version Packages (<a href="https://redirect.github.com/sveltejs/devalue/issues/108">#108</a>)</li> <li><a href="https://github.com/sveltejs/devalue/commit/ae904c5b189b5c2c3b7b969f70064dbc59196b58"><code>ae904c5</code></a> fix stringify not picking up negative zero if a normal zero has appeared befo...</li> <li><a href="https://github.com/sveltejs/devalue/commit/e95b87a6cc86bf116bada5ff28faead87df69920"><code>e95b87a</code></a> fix pkg.repository</li> <li><a href="https://github.com/sveltejs/devalue/commit/8300172d1d222e60f14cdec712ff0650756e9002"><code>8300172</code></a> fix changeset config</li> <li><a href="https://github.com/sveltejs/devalue/commit/434d8aefb9d67ec7bd9664a29599770cd22a3e3b"><code>434d8ae</code></a> Version Packages (<a href="https://redirect.github.com/sveltejs/devalue/issues/106">#106</a>)</li> <li><a href="https://github.com/sveltejs/devalue/commit/67c8334b82ec0fcf44543e39cc5f37f00bbd1f2f"><code>67c8334</code></a> mention support for URL/URLSearchParams/Temporal in README</li> <li><a href="https://github.com/sveltejs/devalue/commit/fec694d87e3f7f0cc764776bb91fd47095be1371"><code>fec694d</code></a> feat: support URL and URLSearchParams (<a href="https://redirect.github.com/sveltejs/devalue/issues/92">#92</a>)</li> <li><a href="https://github.com/sveltejs/devalue/commit/2896e7bef2d4b7f810a5df02652ffce5dfb76b64"><code>2896e7b</code></a> Add support for Temporal objects (<a href="https://redirect.github.com/sveltejs/devalue/issues/98">#98</a>)</li> <li>Additional commits viewable in <a href="https://github.com/sveltejs/devalue/compare/v5.1.1...v5.3.2">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~svelte-admin">svelte-admin</a>, a new releaser for devalue since your current version.</p> </details> <br /> Updates `esbuild` from 0.21.5 to 0.25.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/evanw/esbuild/releases">esbuild's releases</a>.</em></p> <blockquote> <h2>v0.25.1</h2> <ul> <li> <p>Fix incorrect paths in inline source maps (<a href="https://redirect.github.com/evanw/esbuild/issues/4070">#4070</a>, <a href="https://redirect.github.com/evanw/esbuild/issues/4075">#4075</a>, <a href="https://redirect.github.com/evanw/esbuild/issues/4105">#4105</a>)</p> <p>This fixes a regression from version 0.25.0 where esbuild didn't correctly resolve relative paths contained within source maps in inline <code>sourceMappingURL</code> data URLs. The paths were incorrectly being passed through as-is instead of being resolved relative to the source file containing the <code>sourceMappingURL</code> comment, which was due to the data URL not being a file URL. This regression has been fixed, and this case now has test coverage.</p> </li> <li> <p>Fix invalid generated source maps (<a href="https://redirect.github.com/evanw/esbuild/issues/4080">#4080</a>, <a href="https://redirect.github.com/evanw/esbuild/issues/4082">#4082</a>, <a href="https://redirect.github.com/evanw/esbuild/issues/4104">#4104</a>, <a href="https://redirect.github.com/evanw/esbuild/issues/4107">#4107</a>)</p> <p>This release fixes a regression from version 0.24.1 that could cause esbuild to generate invalid source maps. Specifically under certain conditions, esbuild could generate a mapping with an out-of-bounds source index. It was introduced by code that attempted to improve esbuild's handling of "null" entries in source maps (i.e. mappings with a generated position but no original position). This regression has been fixed.</p> <p>This fix was contributed by <a href="https://github.com/jridgewell"><code>@jridgewell</code></a>.</p> </li> <li> <p>Fix a regression with non-file source map paths (<a href="https://redirect.github.com/evanw/esbuild/issues/4078">#4078</a>)</p> <p>The format of paths in source maps that aren't in the <code>file</code> namespace was unintentionally changed in version 0.25.0. Path namespaces is an esbuild-specific concept that is optionally available for plugins to use to distinguish paths from <code>file</code> paths and from paths meant for other plugins. Previously the namespace was prepended to the path joined with a <code>:</code> character, but version 0.25.0 unintentionally failed to prepend the namespace. The previous behavior has been restored.</p> </li> <li> <p>Fix a crash with <code>switch</code> optimization (<a href="https://redirect.github.com/evanw/esbuild/issues/4088">#4088</a>)</p> <p>The new code in the previous release to optimize dead code in switch statements accidentally introduced a crash in the edge case where one or more switch case values include a function expression. This is because esbuild now visits the case values first to determine whether any cases are dead code, and then visits the case bodies once the dead code status is known. That triggered some internal asserts that guard against traversing the AST in an unexpected order. This crash has been fixed by changing esbuild to expect the new traversal ordering. Here's an example of affected code:</p> <pre lang="js"><code>switch (x) { case '': return y.map(z => z.value) case y.map(z => z.key).join(','): return [] } </code></pre> </li> <li> <p>Update Go from 1.23.5 to 1.23.7 (<a href="https://redirect.github.com/evanw/esbuild/issues/4076">#4076</a>, <a href="https://redirect.github.com/evanw/esbuild/pull/4077">#4077</a>)</p> <p>This should have no effect on existing code as this version change does not change Go's operating system support. It may remove certain reports from vulnerability scanners that detect which version of the Go compiler esbuild uses.</p> <p>This PR was contributed by <a href="https://github.com/MikeWillCook"><code>@MikeWillCook</code></a>.</p> </li> </ul> <h2>v0.25.0</h2> <p><strong>This release deliberately contains backwards-incompatible changes.</strong> To avoid automatically picking up releases like this, you should either be pinning the exact version of <code>esbuild</code> in your <code>package.json</code> file (recommended) or be using a version range syntax that only accepts patch upgrades such as <code>^0.24.0</code> or <code>~0.24.0</code>. See npm's documentation about <a href="https://docs.npmjs.com/cli/v6/using-npm/semver/">semver</a> for more information.</p> <ul> <li> <p>Restrict access to esbuild's development server (<a href="https://github.com/evanw/esbuild/security/advisories/GHSA-67mh-4wv8-2f99">GHSA-67mh-4wv8-2f99</a>)</p> <p>This change addresses esbuild's first security vulnerability report. Previously esbuild set the <code>Access-Control-Allow-Origin</code> header to <code>*</code> to allow esbuild's development server to be flexible in how it's used for development. However, this allows the websites you visit to make HTTP requests to esbuild's local development server, which gives read-only access to your source code if the website were to fetch your source code's specific URL. You can read more information in <a href="https://github.com/evanw/esbuild/security/advisories/GHSA-67mh-4wv8-2f99">the report</a>.</p> <p>Starting with this release, <a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS">CORS</a> will now be disabled, and requests will now be denied if the host does not match the one provided to <code>--serve=</code>. The default host is <code>0.0.0.0</code>, which refers to all of the IP addresses that represent the local machine (e.g. both <code>127.0.0.1</code> and <code>192.168.0.1</code>). If you want to customize anything about esbuild's development server, you can <a href="https://esbuild.github.io/api/#serve-proxy">put a proxy in front of esbuild</a> and modify the incoming and/or outgoing requests.</p> <p>In addition, the <code>serve()</code> API call has been changed to return an array of <code>hosts</code> instead of a single <code>host</code> string. This makes it possible to determine all of the hosts that esbuild's development server will accept.</p> <p>Thanks to <a href="https://github.com/sapphi-red"><code>@sapphi-red</code></a> for reporting this issue.</p> </li> <li> <p>Delete output files when a build fails in watch mode (<a href="https://redirect.github.com/evanw/esbuild/issues/3643">#3643</a>)</p> <p>It has been requested for esbuild to delete files when a build fails in watch mode. Previously esbuild left the old files in place, which could cause people to not immediately realize that the most recent build failed. With this release, esbuild will now delete all output files if a rebuild fails. Fixing the build error and triggering another rebuild will restore all output files again.</p> </li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/evanw/esbuild/blob/main/CHANGELOG-2024.md">esbuild's changelog</a>.</em></p> <blockquote> <h1>Changelog: 2024</h1> <p>This changelog documents all esbuild versions published in the year 2024 (versions 0.19.12 through 0.24.2).</p> <h2>0.24.2</h2> <ul> <li> <p>Fix regression with <code>--define</code> and <code>import.meta</code> (<a href="https://redirect.github.com/evanw/esbuild/issues/4010">#4010</a>, <a href="https://redirect.github.com/evanw/esbuild/issues/4012">#4012</a>, <a href="https://redirect.github.com/evanw/esbuild/pull/4013">#4013</a>)</p> <p>The previous change in version 0.24.1 to use a more expression-like parser for <code>define</code> values to allow quoted property names introduced a regression that removed the ability to use <code>--define:import.meta=...</code>. Even though <code>import</code> is normally a keyword that can't be used as an identifier, ES modules special-case the <code>import.meta</code> expression to behave like an identifier anyway. This change fixes the regression.</p> <p>This fix was contributed by <a href="https://github.com/sapphi-red"><code>@sapphi-red</code></a>.</p> </li> </ul> <h2>0.24.1</h2> <ul> <li> <p>Allow <code>es2024</code> as a target in <code>tsconfig.json</code> (<a href="https://redirect.github.com/evanw/esbuild/issues/4004">#4004</a>)</p> <p>TypeScript recently <a href="https://devblogs.microsoft.com/typescript/announcing-typescript-5-7/#support-for---target-es2024-and---lib-es2024">added <code>es2024</code></a> as a compilation target, so esbuild now supports this in the <code>target</code> field of <code>tsconfig.json</code> files, such as in the following configuration file:</p> <pre lang="json"><code>{ "compilerOptions": { "target": "ES2024" } } </code></pre> <p>As a reminder, the only thing that esbuild uses this field for is determining whether or not to use legacy TypeScript behavior for class fields. You can read more in <a href="https://esbuild.github.io/content-types/#tsconfig-json">the documentation</a>.</p> <p>This fix was contributed by <a href="https://github.com/billyjanitsch"><code>@billyjanitsch</code></a>.</p> </li> <li> <p>Allow automatic semicolon insertion after <code>get</code>/<code>set</code></p> <p>This change fixes a grammar bug in the parser that incorrectly treated the following code as a syntax error:</p> <pre lang="ts"><code>class Foo { get *x() {} set *y() {} } </code></pre> <p>The above code will be considered valid starting with this release. This change to esbuild follows a <a href="https://redirect.github.com/microsoft/TypeScript/pull/60225">similar change to TypeScript</a> which will allow this syntax starting with TypeScript 5.7.</p> </li> <li> <p>Allow quoted property names in <code>--define</code> and <code>--pure</code> (<a href="https://redirect.github.com/evanw/esbuild/issues/4008">#4008</a>)</p> <p>The <code>define</code> and <code>pure</code> API options now accept identifier expressions containing quoted property names. Previously all identifiers in the identifier expression had to be bare identifiers. This change now makes <code>--define</code> and <code>--pure</code> consistent with <code>--global-name</code>, which already supported quoted property names. For example, the following is now possible:</p> <pre lang="js"><code></code></pre> </li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/evanw/esbuild/commit/6bfc1c13b4d986b86e8bc2035f00c337b0c1d007"><code>6bfc1c1</code></a> publish 0.25.1 to npm</li> <li><a href="https://github.com/evanw/esbuild/commit/f9b39529a328f513cd73b36e8488a4a624df5c36"><code>f9b3952</code></a> fix <a href="https://redirect.github.com/evanw/esbuild/issues/4078">#4078</a>: prepend namespaces to source map paths</li> <li><a href="https://github.com/evanw/esbuild/commit/ccf3dd7889e7765a1d6f1596ada0f22b320d7174"><code>ccf3dd7</code></a> add "contributed by" in changelog</li> <li><a href="https://github.com/evanw/esbuild/commit/48cd7a9e26452f30345eb10a3d471f26de56d1ec"><code>48cd7a9</code></a> Update Go from 1.23.5 to 1.23.7 (<a href="https://redirect.github.com/evanw/esbuild/issues/4077">#4077</a>)</li> <li><a href="https://github.com/evanw/esbuild/commit/1f04fa4dc85ef4b1fa01e1938fa127a2cc170c35"><code>1f04fa4</code></a> fix absolute windows paths in source maps</li> <li><a href="https://github.com/evanw/esbuild/commit/9ca03f6ea8aa4c418cb66da876139eef4e2abb26"><code>9ca03f6</code></a> also add test case from <a href="https://redirect.github.com/evanw/esbuild/issues/4075">#4075</a></li> <li><a href="https://github.com/evanw/esbuild/commit/2f244c085a970b873e579ac2a0b1c054cf9c66ea"><code>2f244c0</code></a> add test case from <a href="https://redirect.github.com/evanw/esbuild/issues/4104">#4104</a></li> <li><a href="https://github.com/evanw/esbuild/commit/1dde994de8858d71fe0e9e128d22142b3c9d7de6"><code>1dde994</code></a> fix incorrect test names</li> <li><a href="https://github.com/evanw/esbuild/commit/9f008c59b628b65c00878d7673ed24317e911666"><code>9f008c5</code></a> fix <a href="https://redirect.github.com/evanw/esbuild/issues/4070">#4070</a>: <code>file</code> namespace for <code>sourceMappingURL</code></li> <li><a href="https://github.com/evanw/esbuild/commit/cbd5eb8c82089619f235b96be7b7b18c06fc10c0"><code>cbd5eb8</code></a> release notes and tests for <a href="https://redirect.github.com/evanw/esbuild/issues/4082">#4082</a></li> <li>Additional commits viewable in <a href="https://github.com/evanw/esbuild/compare/v0.21.5...v0.25.1">compare view</a></li> </ul> </details> <br /> Updates `@sveltejs/vite-plugin-svelte` from 3.1.1 to 6.1.4 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sveltejs/vite-plugin-svelte/releases"><code>@sveltejs/vite-plugin-svelte</code>'s releases</a>.</em></p> <blockquote> <h2><code>@sveltejs/vite-plugin-svelte</code><a href="https://github.com/6"><code>@6</code></a>.1.4</h2> <h3>Patch Changes</h3> <ul> <li> <p>fix: allow preprocess plugin to run twice (<a href="https://redirect.github.com/sveltejs/vite-plugin-svelte/pull/1206">#1206</a>)</p> </li> <li> <p>fix(types): update urls to PreprocessorGroup and CompileOptions in type documention (<a href="https://redirect.github.com/sveltejs/vite-plugin-svelte/pull/1203">#1203</a>)</p> </li> <li> <p>replace kleur dependency with builtin node:utils styleText (<a href="https://redirect.github.com/sveltejs/vite-plugin-svelte/pull/1210">#1210</a>)</p> </li> </ul> <h2><code>@sveltejs/vite-plugin-svelte</code><a href="https://github.com/6"><code>@6</code></a>.1.3</h2> <h3>Patch Changes</h3> <ul> <li>fix(api): add <code>api.filter</code> and deprecate <code>api.idFilter</code> to avoid confusing <code>filter.id = idFilter.id</code> assignments when used as hybrid filter in other plugins (<a href="https://redirect.github.com/sveltejs/vite-plugin-svelte/pull/1199">#1199</a>)</li> </ul> <h2><code>@sveltejs/vite-plugin-svelte</code><a href="https://github.com/6"><code>@6</code></a>.1.2</h2> <h3>Patch Changes</h3> <ul> <li>fix: ensure compiled css is returned when reloading during dev with ssr (e.g. SvelteKit) (<a href="https://redirect.github.com/sveltejs/vite-plugin-svelte/pull/1194">#1194</a>)</li> </ul> <h2><code>@sveltejs/vite-plugin-svelte</code><a href="https://github.com/6"><code>@6</code></a>.1.1</h2> <h3>Patch Changes</h3> <ul> <li>fix: ensure compiled svelte css is loaded correctly when rebuilding in <code>build --watch</code> (<a href="https://redirect.github.com/sveltejs/vite-plugin-svelte/pull/1189">#1189</a>)</li> </ul> <h2><code>@sveltejs/vite-plugin-svelte</code><a href="https://github.com/6"><code>@6</code></a>.1.0</h2> <h3>Minor Changes</h3> <ul> <li>feat: add support for the new experimental.async option and apply dynamicCompileOptions when compiling Svelte modules (<a href="https://redirect.github.com/sveltejs/vite-plugin-svelte/pull/1176">#1176</a>)</li> </ul> <h3>Patch Changes</h3> <ul> <li> <p>skip comment blocks when reporting compiler errors that might be caused by a preprocessor issue (<a href="https://redirect.github.com/sveltejs/vite-plugin-svelte/pull/1166">#1166</a>)</p> </li> <li> <p>increase logLevel to info for "no Svelte config found" message (<a href="https://redirect.github.com/sveltejs/vite-plugin-svelte/pull/1179">#1179</a>)</p> </li> </ul> <h2><code>@sveltejs/vite-plugin-svelte</code><a href="https://github.com/6"><code>@6</code></a>.0.0</h2> <h3>Major Changes</h3> <ul> <li> <p>drop support for node18 and update exports map to use default export. cjs is supported via require esm in node 20.19+ (<a href="https://redirect.github.com/sveltejs/vite-plugin-svelte/pull/1129">#1129</a>)</p> </li> <li> <p>Remove experimental "advanced raw queries" feature. Basic <code>File.svelte?raw</code> is still supported. (<a href="https://redirect.github.com/sveltejs/vite-plugin-svelte/pull/1145">#1145</a>)</p> </li> <li> <p>Using the typescript preprocessor now requires a tsconfig.json with verbatimModuleSyntax enabled, eg <code>@tsconfig/svelte</code> (<a href="https://redirect.github.com/sveltejs/vite-plugin-svelte/pull/1135">#1135</a>)</p> </li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/sveltejs/vite-plugin-svelte/blob/main/packages/vite-plugin-svelte/CHANGELOG.md"><code>@sveltejs/vite-plugin-svelte</code>'s changelog</a>.</em></p> <blockquote> <h2>6.1.4</h2> <h3>Patch Changes</h3> <ul> <li> <p>fix: allow preprocess plugin to run twice (<a href="https://redirect.github.com/sveltejs/vite-plugin-svelte/pull/1206">#1206</a>)</p> </li> <li> <p>fix(types): update urls to PreprocessorGroup and CompileOptions in type documention (<a href="https://redirect.github.com/sveltejs/vite-plugin-svelte/pull/1203">#1203</a>)</p> </li> <li> <p>replace kleur dependency with builtin node:utils styleText (<a href="https://redirect.github.com/sveltejs/vite-plugin-svelte/pull/1210">#1210</a>)</p> </li> </ul> <h2>6.1.3</h2> <h3>Patch Changes</h3> <ul> <li>fix(api): add <code>api.filter</code> and deprecate <code>api.idFilter</code> to avoid confusing <code>filter.id = idFilter.id</code> assignments when used as hybrid filter in other plugins (<a href="https://redirect.github.com/sveltejs/vite-plugin-svelte/pull/1199">#1199</a>)</li> </ul> <h2>6.1.2</h2> <h3>Patch Changes</h3> <ul> <li>fix: ensure compiled css is returned when reloading during dev with ssr (e.g. SvelteKit) (<a href="https://redirect.github.com/sveltejs/vite-plugin-svelte/pull/1194">#1194</a>)</li> </ul> <h2>6.1.1</h2> <h3>Patch Changes</h3> <ul> <li>fix: ensure compiled svelte css is loaded correctly when rebuilding in <code>build --watch</code> (<a href="https://redirect.github.com/sveltejs/vite-plugin-svelte/pull/1189">#1189</a>)</li> </ul> <h2>6.1.0</h2> <h3>Minor Changes</h3> <ul> <li>feat: add support for the new experimental.async option and apply dynamicCompileOptions when compiling Svelte modules (<a href="https://redirect.github.com/sveltejs/vite-plugin-svelte/pull/1176">#1176</a>)</li> </ul> <h3>Patch Changes</h3> <ul> <li> <p>skip comment blocks when reporting compiler errors that might be caused by a preprocessor issue (<a href="https://redirect.github.com/sveltejs/vite-plugin-svelte/pull/1166">#1166</a>)</p> </li> <li> <p>increase logLevel to info for "no Svelte config found" message (<a href="https://redirect.github.com/sveltejs/vite-plugin-svelte/pull/1179">#1179</a>)</p> </li> </ul> <h2>6.0.0</h2> <h3>Major Changes</h3> <ul> <li>drop support for node18 and update exports map to use default export. cjs is supported via require esm in node 20.19+ (<a href="https://redirect.github.com/sveltejs/vite-plugin-svelte/pull/1129">#1129</a>)</li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sveltejs/vite-plugin-svelte/commit/28421598f595e6a794714bf756f1e8f4c6984460"><code>2842159</code></a> Version Packages (<a href="https://github.com/sveltejs/vite-plugin-svelte/tree/HEAD/packages/vite-plugin-svelte/issues/1204">#1204</a>)</li> <li><a href="https://github.com/sveltejs/vite-plugin-svelte/commit/35121ac10f8360b8004c87c6525f398e0f0bcf33"><code>35121ac</code></a> refactor: replace kleur with styleText (<a href="https://github.com/sveltejs/vite-plugin-svelte/tree/HEAD/packages/vite-plugin-svelte/issues/1210">#1210</a>)</li> <li><a href="https://github.com/sveltejs/vite-plugin-svelte/commit/db12c90af23872586f35e9919d0f87fb75e6bb17"><code>db12c90</code></a> fix(deps): update all non-major dependencies (<a href="https://github.com/sveltejs/vite-plugin-svelte/tree/HEAD/packages/vite-plugin-svelte/issues/1205">#1205</a>)</li> <li><a href="https://github.com/sveltejs/vite-plugin-svelte/commit/79a56c43fa391fa2d908c33c6585bf534d691d13"><code>79a56c4</code></a> fix: allow preprocess plugin to run twice (<a href="https://github.com/sveltejs/vite-plugin-svelte/tree/HEAD/packages/vite-plugin-svelte/issues/1206">#1206</a>)</li> <li><a href="https://github.com/sveltejs/vite-plugin-svelte/commit/e10850b871a2a723b7d9c350398e790c44eb0eab"><code>e10850b</code></a> fix(types): update urls to PreprocessorGroup and CompileOptions docs (<a href="https://github.com/sveltejs/vite-plugin-svelte/tree/HEAD/packages/vite-plugin-svelte/issues/1203">#1203</a>)</li> <li><a href="https://github.com/sveltejs/vite-plugin-svelte/commit/42681d32333655152dc84a454ebc5ec8bf9ee69b"><code>42681d3</code></a> Version Packages (<a href="https://github.com/sveltejs/vite-plugin-svelte/tree/HEAD/packages/vite-plugin-svelte/issues/1200">#1200</a>)</li> <li><a href="https://github.com/sveltejs/vite-plugin-svelte/commit/f9e46326021b4c2275fab8e72f0f079e9ca364e0"><code>f9e4632</code></a> fix(api): rename idFilter to filter to avoid confusion (<a href="https://github.com/sveltejs/vite-plugin-svelte/tree/HEAD/packages/vite-plugin-svelte/issues/1199">#1199</a>)</li> <li><a href="https://github.com/sveltejs/vite-plugin-svelte/commit/cf5a6be4b620d94b8fd686a6009d02ab5b7b3d59"><code>cf5a6be</code></a> fix(deps): update all non-major dependencies (<a href="https://github.com/sveltejs/vite-plugin-svelte/tree/HEAD/packages/vite-plugin-svelte/issues/1193">#1193</a>)</li> <li><a href="https://github.com/sveltejs/vite-plugin-svelte/commit/7bcf224ebb839985498f9612e99be27e3b1951b7"><code>7bcf224</code></a> Version Packages (<a href="https://github.com/sveltejs/vite-plugin-svelte/tree/HEAD/packages/vite-plugin-svelte/issues/1195">#1195</a>)</li> <li><a href="https://github.com/sveltejs/vite-plugin-svelte/commit/3e3eb85a48034ec75084764bfdd09d4457608288"><code>3e3eb85</code></a> fix: ensure compiled css is available after reload during dev with SSR (Svelt...</li> <li>Additional commits viewable in <a href="https://github.com/sveltejs/vite-plugin-svelte/commits/@sveltejs/vite-plugin-svelte@6.1.4/packages/vite-plugin-svelte">compare view</a></li> </ul> </details> <br /> Updates `vite` from 5.4.19 to 7.1.5 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/vitejs/vite/releases">vite's releases</a>.</em></p> <blockquote> <h2>v7.1.5</h2> <p>Please refer to <a href="https://github.com/vitejs/vite/blob/v7.1.5/packages/vite/CHANGELOG.md">CHANGELOG.md</a> for details.</p> <h2>v7.1.4</h2> <p>Please refer to <a href="https://github.com/vitejs/vite/blob/v7.1.4/packages/vite/CHANGELOG.md">CHANGELOG.md</a> for details.</p> <h2>v7.1.3</h2> <p>Please refer to <a href="https://github.com/vitejs/vite/blob/v7.1.3/packages/vite/CHANGELOG.md">CHANGELOG.md</a> for details.</p> <h2>v7.1.2</h2> <p>Please refer to <a href="https://github.com/vitejs/vite/blob/v7.1.2/packages/vite/CHANGELOG.md">CHANGELOG.md</a> for details.</p> <h2>v7.1.1</h2> <p>Please refer to <a href="https://github.com/vitejs/vite/blob/v7.1.1/packages/vite/CHANGELOG.md">CHANGELOG.md</a> for details.</p> <h2>create-vite@7.1.1</h2> <p>Please refer to <a href="https://github.com/vitejs/vite/blob/create-vite@7.1.1/packages/create-vite/CHANGELOG.md">CHANGELOG.md</a> for details.</p> <h2>plugin-legacy@7.1.0</h2> <p>Please refer to <a href="https://github.com/vitejs/vite/blob/plugin-legacy@7.1.0/packages/plugin-legacy/CHANGELOG.md">CHANGELOG.md</a> for details.</p> <h2>create-vite@7.1.0</h2> <p>Please refer to <a href="https://github.com/vitejs/vite/blob/create-vite@7.1.0/packages/create-vite/CHANGELOG.md">CHANGELOG.md</a> for details.</p> <h2>v7.1.0</h2> <p>Please refer to <a href="https://github.com/vitejs/vite/blob/v7.1.0/packages/vite/CHANGELOG.md">CHANGELOG.md</a> for details.</p> <h2>v7.1.0-beta.1</h2> <p>Please refer to <a href="https://github.com/vitejs/vite/blob/v7.1.0-beta.1/packages/vite/CHANGELOG.md">CHANGELOG.md</a> for details.</p> <h2>v7.1.0-beta.0</h2> <p>Please refer to <a href="https://github.com/vitejs/vite/blob/v7.1.0-beta.0/packages/vite/CHANGELOG.md">CHANGELOG.md</a> for details.</p> <h2>v7.0.7</h2> <p>Please refer to <a href="https://github.com/vitejs/vite/blob/v7.0.7/packages/vite/CHANGELOG.md">CHANGELOG.md</a> for details.</p> <h2>v7.0.6</h2> <p>Please refer to <a href="https://github.com/vitejs/vite/blob/v7.0.6/packages/vite/CHANGELOG.md">CHANGELOG.md</a> for details.</p> <h2>v7.0.5</h2> <p>Please refer to <a href="https://github.com/vitejs/vite/blob/v7.0.5/packages/vite/CHANGELOG.md">CHANGELOG.md</a> for details.</p> <h2>v7.0.4</h2> <p>Please refer to <a href="https://github.com/vitejs/vite/blob/v7.0.4/packages/vite/CHANGELOG.md">CHANGELOG.md</a> for details.</p> <h2>v7.0.3</h2> <p>Please refer to <a href="https://github.com/vitejs/vite/blob/v7.0.3/packages/vite/CHANGELOG.md">CHANGELOG.md</a> for details.</p> <h2>create-vite@7.0.3</h2> <p>Please refer to <a href="https://github.com/vitejs/vite/blob/create-vite@7.0.3/packages/create-vite/CHANGELOG.md">CHANGELOG.md</a> for details.</p>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md">vite's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/vitejs/vite/compare/v7.1.4...v7.1.5">7.1.5</a> (2025-09-08)</h2> <h3>Bug Fixes</h3> <ul> <li>apply <code>fs.strict</code> check to HTML files (<a href="https://redirect.github.com/vitejs/vite/issues/20736">#20736</a>) (<a href="https://github.com/vitejs/vite/commit/14015d794f69accba68798bd0e15135bc51c9c1e">14015d7</a>)</li> <li><strong>deps:</strong> update all non-major dependencies (<a href="https://redirect.github.com/vitejs/vite/issues/20732">#20732</a>) (<a href="https://github.com/vitejs/vite/commit/122bfbabeb1f095ce7cabd30893e5531e9a007c4">122bfba</a>)</li> <li>upgrade sirv to 3.0.2 (<a href="https://redirect.github.com/vitejs/vite/issues/20735">#20735</a>) (<a href="https://github.com/vitejs/vite/commit/09f2b52e8d5907f26602653caf41b3a56692600d">09f2b52</a>)</li> </ul> <h2><a href="https://github.com/vitejs/vite/compare/v7.1.3...v7.1.4">7.1.4</a> (2025-09-01)</h2> <h3>Bug Fixes</h3> <ul> <li>add missing awaits (<a href="https://redirect.github.com/vitejs/vite/issues/20697">#20697</a>) (<a href="https://github.com/vitejs/vite/commit/79d10ed6341ba7a751d007b7ad113a9b8be9c853">79d10ed</a>)</li> <li><strong>deps:</strong> update all non-major dependencies (<a href="https://redirect.github.com/vitejs/vite/issues/20676">#20676</a>) (<a href="https://github.com/vitejs/vite/commit/5a274b29df83744cf0ce4dafd94029d2a9e01135">5a274b2</a>)</li> <li><strong>deps:</strong> update all non-major dependencies (<a href="https://redirect.github.com/vitejs/vite/issues/20709">#20709</a>) (<a href="https://github.com/vitejs/vite/commit/0401feba17e60bd7e976c5643128a0da49670a83">0401feb</a>)</li> <li>pass rollup watch options when building in watch mode (<a href="https://redirect.github.com/vitejs/vite/issues/20674">#20674</a>) (<a href="https://github.com/vitejs/vite/commit/f367453ca2825bc8a390d41c5d13b161756f2b41">f367453</a>)</li> </ul> <h3>Miscellaneous Chores</h3> <ul> <li>remove unused constants entry from rolldown.config.ts (<a href="https://redirect.github.com/vitejs/vite/issues/20710">#20710</a>) (<a href="https://github.com/vitejs/vite/commit/537fcf91862a1bf51e70ce6fe9b414319dd3a675">537fcf9</a>)</li> </ul> <h3>Code Refactoring</h3> <ul> <li>remove unnecessary <code>minify</code> parameter from <code>finalizeCss</code> (<a href="https://redirect.github.com/vitejs/vite/issues/20701">#20701</a>) (<a href="https://github.com/vitejs/vite/commit/8099582e5364f907f2bc6cb8e2d52ae0c4d937e4">8099582</a>)</li> </ul> <h2><a href="https://github.com/vitejs/vite/compare/v7.1.2...v7.1.3">7.1.3</a> (2025-08-19)</h2> <h3>Features</h3> <ul> <li><strong>cli:</strong> add Node.js version warning for unsupported versions (<a href="https://redirect.github.com/vitejs/vite/issues/20638">#20638</a>) (<a href="https://github.com/vitejs/vite/commit/a1be1bf0905b9086e5f1370c63d76a7fa4a195ec">a1be1bf</a>)</li> <li>generate code frame for parse errors thrown by terser (<a href="https://redirect.github.com/vitejs/vite/issues/20642">#20642</a>) (<a href="https://github.com/vitejs/vite/commit/a9ba0174a58b949373d6b4240bc69180dff0b780">a9ba017</a>)</li> <li>support long lines in <code>generateCodeFrame</code> (<a href="https://redirect.github.com/vitejs/vite/issues/20640">#20640</a>) (<a href="https://github.com/vitejs/vite/commit/15595773170c2a07f2efdccee05964fb87c19ae6">1559577</a>)</li> </ul> <h3>Bug Fixes</h3> <ul> <li><strong>deps:</strong> update all non-major dependencies (<a href="https://redirect.github.com/vitejs/vite/issues/20634">#20634</a>) (<a href="https://github.com/vitejs/vite/commit/4851cab3ba818b5f0f82eef3796b61d4b12768f1">4851cab</a>)</li> <li><strong>optimizer:</strong> incorrect incompatible error (<a href="https://redirect.github.com/vitejs/vite/issues/20439">#20439</a>) (<a href="https://github.com/vitejs/vite/commit/446fe83033686dd38d13b786a217b8277b5c5f09">446fe83</a>)</li> <li>support multiline new URL(..., import.meta.url) expressions (<a href="https://redirect.github.com/vitejs/vite/issues/20644">#20644</a>) (<a href="https://github.com/vitejs/vite/commit/9ccf142764d48292aa33e5ca6f020a7d55b97f61">9ccf142</a>)</li> </ul> <h3>Performance Improvements</h3> <ul> <li><strong>cli:</strong> dynamically import <code>resolveConfig</code> (<a href="https://redirect.github.com/vitejs/vite/issues/20646">#20646</a>) (<a href="https://github.com/vitejs/vite/commit/f691f57e46118328e00174160ceab2101b7256ca">f691f57</a>)</li> </ul> <h3>Miscellaneous Chores</h3> <ul> <li><strong>deps:</strong> update rolldown-related dependencies (<a href="https://redirect.github.com/vitejs/vite/issues/20633">#20633</a>) (<a href="https://github.com/vitejs/vite/commit/98b92e8c4b10ae87c48292a8ac09b01ca81a02cf">98b92e8</a>)</li> </ul> <h3>Code Refactoring</h3> <ul> <li>replace startsWith with strict equality (<a href="https://redirect.github.com/vitejs/vite/issues/20603">#20603</a>) (<a href="https://github.com/vitejs/vite/commit/42816dee0e177dded1c9de4d9099089ec4acef96">42816de</a>)</li> <li>use <code>import</code> in worker threads (<a href="https://redirect.github.com/vitejs/vite/issues/20641">#20641</a>) (<a href="https://github.com/vitejs/vite/commit/530687a344c51daf3115d1c134586bbde58356e0">530687a</a>)</li> </ul> <h3>Tests</h3>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/vitejs/vite/commit/564754061e9494f355370e31ee9d7ea5abef6037"><code>5647540</code></a> release: v7.1.5</li> <li><a href="https://github.com/vitejs/vite/commit/09f2b52e8d5907f26602653caf41b3a56692600d"><code>09f2b52</code></a> fix: upgrade sirv to 3.0.2 (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20735">#20735</a>)</li> <li><a href="https://github.com/vitejs/vite/commit/14015d794f69accba68798bd0e15135bc51c9c1e"><code>14015d7</code></a> fix: apply <code>fs.strict</code> check to HTML files (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20736">#20736</a>)</li> <li><a href="https://github.com/vitejs/vite/commit/122bfbabeb1f095ce7cabd30893e5531e9a007c4"><code>122bfba</code></a> fix(deps): update all non-major dependencies (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20732">#20732</a>)</li> <li><a href="https://github.com/vitejs/vite/commit/bcc31449c0c4f852ccb1eedda1842bc7ded23d01"><code>bcc3144</code></a> release: v7.1.4</li> <li><a href="https://github.com/vitejs/vite/commit/0401feba17e60bd7e976c5643128a0da49670a83"><code>0401feb</code></a> fix(deps): update all non-major dependencies (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20709">#20709</a>)</li> <li><a href="https://github.com/vitejs/vite/commit/537fcf91862a1bf51e70ce6fe9b414319dd3a675"><code>537fcf9</code></a> chore: remove unused constants entry from rolldown.config.ts (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20710">#20710</a>)</li> <li><a href="https://github.com/vitejs/vite/commit/79d10ed6341ba7a751d007b7ad113a9b8be9c853"><code>79d10ed</code></a> fix: add missing awaits (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20697">#20697</a>)</li> <li><a href="https://github.com/vitejs/vite/commit/8099582e5364f907f2bc6cb8e2d52ae0c4d937e4"><code>8099582</code></a> refactor: remove unnecessary <code>minify</code> parameter from <code>finalizeCss</code> (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20701">#20701</a>)</li> <li><a href="https://github.com/vitejs/vite/commit/f367453ca2825bc8a390d41c5d13b161756f2b41"><code>f367453</code></a> fix: pass rollup watch options when building in watch mode (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20674">#20674</a>)</li> <li>Additional commits viewable in <a href="https://github.com/vitejs/vite/commits/v7.1.5/packages/vite">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by [GitHub Actions](<a href="https://www.npmjs.com/~GitHub">https://www.npmjs.com/~GitHub</a> Actions), a new releaser for vite since your current version.</p> </details> <br /> Updates `vitest` from 1.6.1 to 3.2.4 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/vitest-dev/vitest/releases">vitest's releases</a>.</em></p> <blockquote> <h2>v3.2.4</h2> <h3> 🐞 Bug Fixes</h3> <ul> <li>Use correct path for optimisation of strip-literal - by <a href="https://github.com/mrginglymus"><code>@mrginglymus</code></a> in <a href="https://redirect.github.com/vitest-dev/vitest/issues/8139">vitest-dev/vitest#8139</a> <a href="https://github.com/vitest-dev/vitest/commit/44940d9dd">(44940)</a></li> <li>Print uint and buffer as a simple string - by <a href="https://github.com/sheremet-va"><code>@sheremet-va</code></a> in <a href="https://redirect.github.com/vitest-dev/vitest/issues/8141">vitest-dev/vitest#8141</a> <a href="https://github.com/vitest-dev/vitest/commit/b86bf0d99">(b86bf)</a></li> <li><strong>browser</strong>: <ul> <li>Show a helpful error when spying on an export - by <a href="https://github.com/sheremet-va"><code>@sheremet-va</code></a> in <a href="https://redirect.github.com/vitest-dev/vitest/issues/8178">vitest-dev/vitest#8178</a> <a href="https://github.com/vitest-dev/vitest/commit/5600772c2">(56007)</a></li> </ul> </li> <li><strong>cli</strong>: <ul> <li><code>vitest run --watch</code> should be watch-mode - by <a href="https://github.com/AriPerkkio"><code>@AriPerkkio</code></a> in <a href="https://redirect.github.com/vitest-dev/vitest/issues/8128">vitest-dev/vitest#8128</a> <a href="https://github.com/vitest-dev/vitest/commit/657e83f9f">(657e8)</a></li> <li>Use absolute path environment on Windows - by <a href="https://github.com/colinaaa"><code>@colinaaa</code></a> in <a href="https://redirect.github.com/vitest-dev/vitest/issues/8105">vitest-dev/vitest#8105</a> <a href="https://github.com/vitest-dev/vitest/commit/85dc0195f">(85dc0)</a></li> <li>Throw error when <code>--shard x/<count></code> exceeds count of test files - by <a href="https://github.com/AriPerkkio"><code>@AriPerkkio</code></a> in <a href="https://redirect.github.com/vitest-dev/vitest/issues/8112">vitest-dev/vitest#8112</a> <a href="https://github.com/vitest-dev/vitest/commit/8a18c8e20">(8a18c)</a></li> </ul> </li> <li><strong>coverage</strong>: <ul> <li>Ignore SCSS in browser mode - by <a href="https://github.com/sheremet-va"><code>@sheremet-va</code></a> in <a href="https://redirect.github.com/vitest-dev/vitest/issues/8161">vitest-dev/vitest#8161</a> <a href="https://github.com/vitest-dev/vitest/commit/0c3be6f63">(0c3be)</a></li> </ul> </li> <li><strong>deps</strong>: <ul> <li>Update all non-major dependencies - in <a href="https://redirect.github.com/vitest-dev/vitest/issues/8123">vitest-dev/vitest#8123</a> <a href="https://github.com/vitest-dev/vitest/commit/93f3200e4">(93f32)</a></li> </ul> </li> <li><strong>expect</strong>: <ul> <li>Handle async errors in expect.soft - by <a href="https://github.com/lzl0304"><code>@lzl0304</code></a> in <a href="https://redirect.github.com/vitest-dev/vitest/issues/8145">vitest-dev/vitest#8145</a> <a href="https://github.com/vitest-dev/vitest/commit/686996912">(68699)</a></li> </ul> </li> <li><strong>pool</strong>: <ul> <li>Auto-adjust <code>minWorkers</code> when only <code>maxWorkers</code> specified - by <a href="https://github.com/AriPerkkio"><code>@AriPerkkio</code></a> in <a href="https://redirect.github.com/vitest-dev/vitest/issues/8110">vitest-dev/vitest#8110</a> <a href="https://github.com/vitest-dev/vitest/commit/14dc0724f">(14dc0)</a></li> </ul> </li> <li><strong>reporter</strong>: <ul> <li><code>task.meta</code> should be available in custom reporter's errors - by <a href="https://github.com/AriPerkkio"><code>@AriPerkkio</code></a> in <a href="https://redirect.github.com/vitest-dev/vitest/issues/8115">vitest-dev/vitest#8115</a> <a href="https://github.com/vitest-dev/vitest/commit/27df68a0e">(27df6)</a></li> </ul> </li> <li><strong>runner</strong>: <ul> <li>Preserve handler wrapping on extend - by <a href="https://github.com/pengooseDev"><code>@pengooseDev</code></a> in <a href="https://redirect.github.com/vitest-dev/vitest/issues/8153">vitest-dev/vitest#8153</a> <a href="https://github.com/vitest-dev/vitest/commit/a92812b70">(a9281)</a></li> </ul> </li> <li><strong>ui</strong>: <ul> <li>Ensure ui config option works correctly - by <a href="https://github.com/lzl0304"><code>@lzl0304</code></a> in <a href="https://redirect.github.com/vitest-dev/vitest/issues/8147">vitest-dev/vitest#8147</a> <a href="https://github.com/vitest-dev/vitest/commit/42eeb2ee6">(42eeb)</a></li> </ul> </li> </ul> <h5> <a href="https://github.com/vitest-dev/vitest/compare/v3.2.3...v3.2.4">View changes on GitHub</a></h5> <h2>v3.2.3</h2> <h3> 🚀 Features</h3> <ul> <li><strong>browser</strong>: Use base url instead of <strong>vitest</strong> - by <a href="https://github.com/sheremet-va"><code>@sheremet-va</code></a> in <a href="https://redirect.github.com/vitest-dev/vitest/issues/8126">vitest-dev/vitest#8126</a> <a href="https://github.com/vitest-dev/vitest/commit/1d8ebf9ae">(1d8eb)</a></li> <li><strong>ui</strong>: Show test annotations and metadata in the test report tab - by <a href="https://github.com/sheremet-va"><code>@sheremet-va</code></a> in <a href="https://redirect.github.com/vitest-dev/vitest/issues/8093">vitest-dev/vitest#8093</a> <a href="https://github.com/vitest-dev/vitest/commit/c69be1fc1">(c69be)</a></li> </ul> <h3> 🐞 Bug Fixes</h3> <ul> <li>Rerun tests when project's setup file is changed - by <a href="https://github.com/sheremet-va"><code>@sheremet-va</code></a> in <a href="https://redirect.github.com/vitest-dev/vitest/issues/8097">vitest-dev/vitest#8097</a> <a href="https://github.com/vitest-dev/vitest/commit/0f3350667">(0f335)</a></li> <li>Revert <code>expect.any</code> return type - by <a href="https://github.com/sheremet-va"><code>@sheremet-va</code></a> in <a href="https://redirect.github.com/vitest-dev/vitest/issues/8129">vitest-dev/vitest#8129</a> <a href="https://github.com/vitest-dev/vitest/commit/4751436d5">(47514)</a></li> <li>Run only the name plugin last, not all config plugins - by <a href="https://github.com/sheremet-va"><code>@sheremet-va</code></a> in <a href="https://redirect.github.com/vitest-dev/vitest/issues/8130">vitest-dev/vitest#8130</a> <a href="https://github.com/vitest-dev/vitest/commit/83862d46e">(83862)</a></li> <li><strong>pool</strong>: <ul> <li>Throw if user's tests use <code>process.send()</code> - by <a href="https://github.com/AriPerkkio"><code>@AriPerkkio</code></a> in <a href="https://redirect.github.com/vitest-dev/vitest/issues/8125">vitest-dev/vitest#8125</a> <a href="https://github.com/vitest-dev/vitest/commit/dfe81a67a">(dfe81)</a></li> </ul> </li> <li><strong>runner</strong>: <ul> <li>Fast sequential task updates missing - by <a href="https://github.com/AriPerkkio"><code>@AriPerkkio</code></a> in <a href="https://redirect.github.com/vitest-dev/vitest/issues/8121">vitest-dev/vitest#8121</a> <a href="https://github.com/vitest-dev/vitest/commit/7bd11a9b3">(7bd11)</a></li> <li>Comments between fixture destructures - by <a href="https://github.com/AriPerkkio"><code>@AriPerkkio</code></a> in <a href="https://redirect.github.com/vitest-dev/vitest/issues/8127">vitest-dev/vitest#8127</a> <a href="https://github.com/vitest-dev/vitest/commit/dc469f260">(dc469)</a></li> </ul> </li> <li><strong>vite-node</strong>: <ul> <li>Unable to handle errors where sourcemap mapping empty - by <a href="https://github.com/blake-newman"><code>@blake-newman</code></a> and <a href="https://github.com/hi-ogawa"><code>@hi-ogawa</code></a> in <a href="https://redirect.github.com/vitest-dev/vitest/issues/8071">vitest-dev/vitest#8071</a> <a href="https://github.com/vitest-dev/vitest/commit/8aa252121">(8aa25)</a></li> </ul> </li> </ul> <h5> <a href="https://github.com/vitest-dev/vitest/compare/v3.2.2...v3.2.3">View changes on GitHub</a></h5> <h2>v3.2.2</h2>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/vitest-dev/vitest/commit/c666d149a4516761bae92ca56ce1336d2fd352c3"><code>c666d14</code></a> chore: release v3.2.4</li> <li><a href="https://github.com/vitest-dev/vitest/commit/8a18c8e20a19f2c8d9f402e426886999f378c389"><code>8a18c8e</code></a> fix(cli): throw error when <code>--shard x/\<count></code> exceeds count of test files (#...</li> <li><a href="https://github.com/vitest-dev/vitest/commit/8abd7cc6fff5fa47d899b5f5383f526d2fdef784"><code>8abd7cc</code></a> chore(deps): update <code>tinypool</code> (<a href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8174">#8174</a>)</li> <li><a href="https://github.com/vitest-dev/vitest/commit/93f3200e452874ed4e2d018718bbbde7ebd28590"><code>93f3200</code></a> fix(deps): update all non-major dependencies (<a href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8123">#8123</a>)</li> <li><a href="https://github.com/vitest-dev/vitest/commit/0c3be6f637d65ef47f2fcf2ccd637f1ecc9d1786"><code>0c3be6f</code></a> fix(coverage): ignore SCSS in browser mode (<a href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8161">#8161</a>)</li> <li><a href="https://github.com/vitest-dev/vitest/commit/790bc310c55ce81306baf5d8954e7cc849ec4ca0"><code>790bc31</code></a> chore: update deprecation notice for globs (<a href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8148">#8148</a>)</li> <li><a href="https://github.com/vitest-dev/vitest/commit/c0eae7df8447602d20b39f3769edbc91fafebf7b"><code>c0eae7d</code></a> chore: update deprecated workspace file log (<a href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8118">#8118</a>)</li> <li><a href="https://github.com/vitest-dev/vitest/commit/14dc0724f9bfbf71c598156597ac12494ebce2f4"><code>14dc072</code></a> fix(pool): auto-adjust <code>minWorkers</code> when only <code>maxWorkers</code> specified (<a href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8110">#8110</a>)</li> <li><a href="https://github.com/vitest-dev/vitest/commit/85dc0195f53f140d7c1de2f62fec15ad990b1e5c"><code>85dc019</code></a> fix(cli): use absolute path environment on Windows (<a href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8105">#8105</a>)</li> <li><a href="https://github.com/vitest-dev/vitest/commit/27df68a0e978776ddf51fe4188f1c8036a89c04d"><code>27df68a</code></a> fix(reporter): <code>task.meta</code> should be available in custom reporter's errors (#...</li> <li>Additional commits viewable in <a href="https://github.com/vitest-dev/vitest/commits/v3.2.4/packages/vitest">compare view</a></li> </ul> </details> <br /> Updates `tmp` from 0.2.3 to 0.2.5 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/raszi/node-tmp/commit/3d2fe387f3f91b13830b9182faa02c3231ea8258"><code>3d2fe38</code></a> Bump up the version</li> <li><a href="https://github.com/raszi/node-tmp/commit/e16282879e5d0554fe824e1ab3df724847e91183"><code>e162828</code></a> Merge pull request <a href="https://redirect.github.com/raszi/node-tmp/issues/309">#309</a> from fflorent/fix-tmp-dir-with-dir</li> <li><a href="https://github.com/raszi/node-tmp/commit/b847d2f1a42b625c26149f4a2029ed00a1edf90b"><code>b847d2f</code></a> Fix use of tmp.dir() with <code>dir</code> option</li> <li><a href="https://github.com/raszi/node-tmp/commit/08fa3abac32b621506512724b28b56b9c4a95846"><code>08fa3ab</code></a> Update version</li> <li><a href="https://github.com/raszi/node-tmp/commit/1cf4ec54180a77a2a95dc1941efa1659774c8787"><code>1cf4ec5</code></a> Merge commit from fork</li> <li><a href="https://github.com/raszi/node-tmp/commit/188b25e529496e37adaf1a1d9dccb40019a08b1b"><code>188b25e</code></a> Fix GHSA-52f5-9888-hmc6</li> <li><a href="https://github.com/raszi/node-tmp/commit/73b9fe45bbb40157acdfab8126dd0911de91c8fa"><code>73b9fe4</code></a> Add test case for GHSA-52f5-9888-hmc6</li> <li><a href="https://github.com/raszi/node-tmp/commit/b8e2f29a7575352e49e4882a836aab4bd2ec927f"><code>b8e2f29</code></a> Remove broken tests</li> <li><a href="https://github.com/raszi/node-tmp/commit/2892a027b4d2d3a25d1d08a398bc108a0200857f"><code>2892a02</code></a> Remove outdated URL</li> <li><a href="https://github.com/raszi/node-tmp/commit/f5923182461a89e9de5a7a09c75f410a76979ae7"><code>f592318</code></a> Reformat package.json</li> <li>Additional commits viewable in <a href="https://github.com/raszi/node-tmp/compare/v0.2.3...v0.2.5">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/open-webui/open-webui/network/alerts). </details> --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>

GiteaMirror added the pull-request label 2026-04-25 12:26:26 -05:00

GiteaMirror closed this issue

2026-04-25 12:26:28 -05:00

Sign in to join this conversation.

Branches Tags

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/open-webui#40022

[PR #17305] [CLOSED] build(deps): bump the npm_and_yarn group across 1 directory with 8 updates #40022

📋 Pull Request Information

📝 Commits (1)

📊 Changes

📄 Description

v3.0.2

What's Changed

New Contributors

vite-plugin-static-copy@2.3.2

Patch Changes

vite-plugin-static-copy@2.3.1

Patch Changes

vite-plugin-static-copy@2.3.0

Minor Changes

Patch Changes

2.3.2

Patch Changes

2.3.1

Patch Changes

2.3.0

Minor Changes

Patch Changes

v5.3.2

Patch Changes

v5.3.1

Patch Changes

v5.3.0

Minor Changes

5.3.2

Patch Changes

5.3.1

Patch Changes

5.3.0

Minor Changes

5.2.1

Patch Changes

5.2.0

v0.25.1

v0.25.0

Changelog: 2024

0.24.2

0.24.1

@​sveltejs/vite-plugin-svelte@​6.1.4

Patch Changes

@​sveltejs/vite-plugin-svelte@​6.1.3

Patch Changes

@​sveltejs/vite-plugin-svelte@​6.1.2

Patch Changes

@​sveltejs/vite-plugin-svelte@​6.1.1

Patch Changes

@​sveltejs/vite-plugin-svelte@​6.1.0

Minor Changes

Patch Changes

@​sveltejs/vite-plugin-svelte@​6.0.0

Major Changes

6.1.4

Patch Changes

6.1.3

Patch Changes

6.1.2

Patch Changes

6.1.1

Patch Changes

6.1.0

Minor Changes

Patch Changes

6.0.0

Major Changes

v7.1.5

v7.1.4

v7.1.3

v7.1.2

v7.1.1

create-vite@7.1.1

plugin-legacy@7.1.0

create-vite@7.1.0

v7.1.0

v7.1.0-beta.1

v7.1.0-beta.0

v7.0.7

`@sveltejs/vite-plugin-svelte@6`.1.4

`@sveltejs/vite-plugin-svelte@6`.1.3

`@sveltejs/vite-plugin-svelte@6`.1.2

`@sveltejs/vite-plugin-svelte@6`.1.1

`@sveltejs/vite-plugin-svelte@6`.1.0

`@sveltejs/vite-plugin-svelte@6`.0.0