chore(deps-dev): bump vite from 8.1.3 to 8.1.4#261
Conversation
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 8.1.3 to 8.1.4. - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v8.1.4/packages/vite) --- updated-dependencies: - dependency-name: vite dependency-version: 8.1.4 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
|
CLAUDE.md review — PR #261 (vite 8.1.3 → 8.1.4)Verdict: Approve — 0 blocking, 0 non-blocking. Scope: Dependabot devDependency bump (vite + picomatch/rolldown transitive deps). Diff touches only Note (not a blocker for this PR): The repo's automated review pipeline ( CI ( Generated by Claude Code |
Verdict: APPROVE — diff contains no reviewable source changesRan
No action needed beyond normal CI checks passing. Generated by Claude Code |
lupinesse
left a comment
There was a problem hiding this comment.
PR review (manual — automated Claude review is currently disabled)
Verdict: ✅ Approve — 0 blocking, 0 non-blocking findings.
Scope: package.json + package-lock.json only — vite ^8.1.3 → ^8.1.4 (devDependency, pulls in picomatch 4.0.5 and rolldown ~1.1.4 transitively). No src/js, src/css, or work-log.html changes, so /jsdoc-check, /a11y-audit, and /scss-audit have no surface to check.
CLAUDE.md checklist:
- Dependency management: version bump only, stays in
devDependencies, lockfile updated and committed. ✅ - No secrets/credentials introduced. ✅
- CI (lint, test, scripts-test, CodeQL, lighthouse) all green on this PR. ✅
Note for the maintainer: the chatgpt-review/claude-responds pipeline jobs completed as skipped with the message "Automated review skipped — CLAUDE_CODE_OAUTH_TOKEN is not set." This affects all 5 currently-open Dependabot PRs (#260–#264). Add the secret in Settings → Secrets and variables → Actions to restore the automated dialogue; until then this repo has no automated PR review.
Generated by Claude Code
Bumps vite from 8.1.3 to 8.1.4.
Release notes
Sourced from vite's releases.
Changelog
Sourced from vite's changelog.
Commits
a477454release: v8.1.4ab5dafafeat(legacy): prefer oxc as minifier (fix #21973) (#22468)173a1b6fix(ssr): align named export function call stacktrace column with Node (#22829)575c32cfix(build): add workaround for building on stackblitz (#22840)72a5e21fix(optimizer): avoid optimizer run for transform request before init (#22852)a9539d6chore(deps): update dependency postcss-modules to v9 (#22867)70435b2docs: fix incorrect@defaultforserver.cors(#22859)2c4a217build: remove the custom onLog function (#22878)c581b55build: replace deprecatedonwarnwithonLog(#22741)ea22fb3refactor: eliminate ineffectiveDynamicImport warn (#22876)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)