Skip to content

chore(deps-dev): bump vite from 8.1.3 to 8.1.4#261

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/vite-8.1.4
Open

chore(deps-dev): bump vite from 8.1.3 to 8.1.4#261
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/vite-8.1.4

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 13, 2026

Copy link
Copy Markdown
Contributor

Bumps vite from 8.1.3 to 8.1.4.

Release notes

Sourced from vite's releases.

v8.1.4

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

8.1.4 (2026-07-09)

Features

Bug Fixes

  • build: add workaround for building on stackblitz (#22840) (575c32c)
  • build: keep import.meta.url in preload function as-is (#22839) (f1f90ed)
  • deps: update all non-major dependencies (#22865) (d4295a9)
  • deps: update rolldown-related dependencies (#22866) (7cf07e4)
  • html: avoid backtracking in import-only check (#22848) (b5868c0)
  • optimizer: avoid optimizer run for transform request before init (#22852) (72a5e21)
  • ssr: align named export function call stacktrace column with Node (#22829) (173a1b6)
  • strip pure CSS chunk imports when chunkImportMap is enabled (#22841) (648bd04)

Documentation

Miscellaneous Chores

  • deps: update dependency postcss-modules to v9 (#22867) (a9539d6)

Code Refactoring

Tests

Build System

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 8.1.3 to 8.1.4.
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v8.1.4/packages/vite)

---
updated-dependencies:
- dependency-name: vite
  dependency-version: 8.1.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jul 13, 2026
@github-actions

Copy link
Copy Markdown
Contributor

⚠️ Automated review skipped — CLAUDE_CODE_OAUTH_TOKEN is not set. Add it in Settings → Secrets and variables → Actions to enable AI code review.

Copy link
Copy Markdown
Owner

CLAUDE.md review — PR #261 (vite 8.1.3 → 8.1.4)

Verdict: Approve — 0 blocking, 0 non-blocking.

Scope: Dependabot devDependency bump (vite + picomatch/rolldown transitive deps). Diff touches only package.json and package-lock.json, updated together with the existing caret-range convention preserved. No src/js/, src/css/, or HTML files changed, so /pr-review, /jsdoc-check, /a11y-audit, and /scss-audit have nothing applicable to flag — ran each and confirmed no findings in scope.

Note (not a blocker for this PR): The repo's automated review pipeline (chatgpt-reviewclaude-respondsclaude-final-reviewchatgpt-respondsmerge-gate) is currently non-functional — every recent PR gets ⚠️ Automated review skipped — CLAUDE_CODE_OAUTH_TOKEN is not set. Worth adding that secret in Settings → Secrets and variables → Actions so the dialogue and merge-gate actually run, per the CLAUDE.md PR workflow.

CI (lint, scripts-test, CodeQL, lighthouse) is green; test was still in progress at review time.


Generated by Claude Code

Copy link
Copy Markdown
Owner

Verdict: APPROVE — diff contains no reviewable source changes

Ran /pr-review, /jsdoc-check, /a11y-audit, /scss-audit against this diff (manual pass — the automated chatgpt-review/claude-responds pipeline reports it skipped on this PR because CLAUDE_CODE_OAUTH_TOKEN isn't set in repo secrets).

  • Blocking: 0 · Non-blocking: 0
  • Files changed: package.json (devDependency vite ^8.1.3^8.1.4), package-lock.json (auto-generated — excluded from review per the pr-review skill's rules).
  • No src/js/**, src/css/**, or work-log.html changes, so jsdoc-check, a11y-audit, and scss-audit have nothing to audit.
  • CLAUDE.md dependency-management check: stays a devDependency, version range follows the existing ^ convention already used throughout package.json, lockfile committed alongside the bump. No new dependency introduced.

No action needed beyond normal CI checks passing.


Generated by Claude Code

@lupinesse lupinesse left a comment

Copy link
Copy Markdown
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PR review (manual — automated Claude review is currently disabled)

Verdict: ✅ Approve — 0 blocking, 0 non-blocking findings.

Scope: package.json + package-lock.json only — vite ^8.1.3^8.1.4 (devDependency, pulls in picomatch 4.0.5 and rolldown ~1.1.4 transitively). No src/js, src/css, or work-log.html changes, so /jsdoc-check, /a11y-audit, and /scss-audit have no surface to check.

CLAUDE.md checklist:

  • Dependency management: version bump only, stays in devDependencies, lockfile updated and committed. ✅
  • No secrets/credentials introduced. ✅
  • CI (lint, test, scripts-test, CodeQL, lighthouse) all green on this PR. ✅

Note for the maintainer: the chatgpt-review/claude-responds pipeline jobs completed as skipped with the message "Automated review skipped — CLAUDE_CODE_OAUTH_TOKEN is not set." This affects all 5 currently-open Dependabot PRs (#260#264). Add the secret in Settings → Secrets and variables → Actions to restore the automated dialogue; until then this repo has no automated PR review.


Generated by Claude Code

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant