chore(deps-dev): bump vite from 6.4.1 to 6.4.2 in /frontend #342

Open

dependabot[bot] wants to merge 1 commit from dependabot/npm_and_yarn/frontend/vite-6.4.2 into main

pull from: dependabot/npm_and_yarn/frontend/vite-6.4.2

merge into: dunwright:main

dunwright:main

dunwright:issue-353

dunwright:issue-350

dunwright:issue-348

dunwright:issue-345

dunwright:issue-343

dunwright:dependabot/npm_and_yarn/example/theme/static_src/picomatch-2.3.2

dunwright:dependabot/npm_and_yarn/example/theme/static_src/multi-770cfcd984

dunwright:before_334_filedectomy

dunwright:fixtw

dunwright:release-2025.06.09.2

dunwright:release-2025.06.09.1

dunwright:release-2025.05.14.1

dunwright:revert-228-issue-188

dunwright:issue-76

dunwright:issue-24

Conversation 1 Commits 1 Files changed 2 +65 -5

dependabot[bot] commented 2026-04-07 04:36:26 +00:00 (Migrated from github.com)

Copy link

Bumps vite from 6.4.1 to 6.4.2.

Release notes

Sourced from vite's releases.

v6.4.2

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

6.4.2 (2026-04-06)

• fix: apply server.fs check to env transport (#22159) (#22163) (fe28e47), closes #22159 #22163
• fix: avoid path traversal with optimize deps sourcemap handler (#22161) (ca4da5d), closes #22161

Commits

• 6b3fad0 release: v6.4.2
• ca4da5d fix: avoid path traversal with optimize deps sourcemap handler (#22161)
• fe28e47 fix: apply server.fs check to env transport (#22159) (#22163)
• 5487f4f release: v6.4.1
• 1114b5d fix(dev): trim trailing slash before server.fs.deny check (#20968) (#20969)
• f12697c release: v6.4.0
• ca6455e feat: allow passing down resolved config to vite's createServer (#20932)
• 0e173d8 release: v6.3.7
• c59a222 fix(esbuild): inject esbuild helpers correctly for esbuild 0.25.9+ (#20940)
• 3f337c5 release: v6.3.6
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 6.4.1 to 6.4.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/vitejs/vite/releases">vite's releases</a>.</em></p> <blockquote> <h2>v6.4.2</h2> <p>Please refer to <a href="https://github.com/vitejs/vite/blob/v6.4.2/packages/vite/CHANGELOG.md">CHANGELOG.md</a> for details.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/vitejs/vite/blob/v6.4.2/packages/vite/CHANGELOG.md">vite's changelog</a>.</em></p> <blockquote> <h2><!-- raw HTML omitted -->6.4.2 (2026-04-06)<!-- raw HTML omitted --></h2> <ul> <li>fix: apply server.fs check to env transport (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159">#22159</a>) (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22163">#22163</a>) (<a href="https://github.com/vitejs/vite/commit/fe28e47e9463e4c9619f94bfa06d2f8f1411b44b">fe28e47</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/22159">#22159</a> <a href="https://redirect.github.com/vitejs/vite/issues/22163">#22163</a></li> <li>fix: avoid path traversal with optimize deps sourcemap handler (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161">#22161</a>) (<a href="https://github.com/vitejs/vite/commit/ca4da5d1fb45c9cfdce606aa30825095791b164b">ca4da5d</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/22161">#22161</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/vitejs/vite/commit/6b3fad02abd550bd7b79934ff92c58dbd7f33045"><code>6b3fad0</code></a> release: v6.4.2</li> <li><a href="https://github.com/vitejs/vite/commit/ca4da5d1fb45c9cfdce606aa30825095791b164b"><code>ca4da5d</code></a> fix: avoid path traversal with optimize deps sourcemap handler (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161">#22161</a>)</li> <li><a href="https://github.com/vitejs/vite/commit/fe28e47e9463e4c9619f94bfa06d2f8f1411b44b"><code>fe28e47</code></a> fix: apply server.fs check to env transport (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159">#22159</a>) (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22163">#22163</a>)</li> <li><a href="https://github.com/vitejs/vite/commit/5487f4f641f70c47ea05fd101a4319897df048b3"><code>5487f4f</code></a> release: v6.4.1</li> <li><a href="https://github.com/vitejs/vite/commit/1114b5d7ea03e26572708715343bec69db4536e8"><code>1114b5d</code></a> fix(dev): trim trailing slash before <code>server.fs.deny</code> check (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968">#20968</a>) (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20969">#20969</a>)</li> <li><a href="https://github.com/vitejs/vite/commit/f12697c0f64b9a37196b9ab218a0911829d5b103"><code>f12697c</code></a> release: v6.4.0</li> <li><a href="https://github.com/vitejs/vite/commit/ca6455ee9eb6111a9caa9810506a1b9ac96a520a"><code>ca6455e</code></a> feat: allow passing down resolved config to vite's createServer (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20932">#20932</a>)</li> <li><a href="https://github.com/vitejs/vite/commit/0e173d83681daa31be10fa8a62d56b1ec84690af"><code>0e173d8</code></a> release: v6.3.7</li> <li><a href="https://github.com/vitejs/vite/commit/c59a222aa584c087cfe710173de1b9ecb597a3ff"><code>c59a222</code></a> fix(esbuild): inject esbuild helpers correctly for esbuild 0.25.9+ (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20940">#20940</a>)</li> <li><a href="https://github.com/vitejs/vite/commit/3f337c5e24504e51188d29c970de1416ee523dbb"><code>3f337c5</code></a> release: v6.3.6</li> <li>Additional commits viewable in <a href="https://github.com/vitejs/vite/commits/v6.4.2/packages/vite">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/imAsparky/django-tag-me/network/alerts). </details>

github-actions[bot] commented 2026-04-07 04:38:07 +00:00 (Migrated from github.com)

Copy link

Code Coverage Report

Summary

• Overall Coverage: 96.2%
• Minimum Required: 50%
• Status: ✅ PASSED

Report generated on 2026-04-07 04:38:06 UTC

Package Details

Package	Coverage
tag_me.forms	🟢 100.0%
tag_me.views	🟢 99.1%
tag_me.models	🟢 97.5%
tag_me	🟢 95.8%
tag_me.templatetags	🟢 95.1%
tag_me.utils	🟢 94.4%

# Code Coverage Report  ## Summary - **Overall Coverage**: 96.2% - **Minimum Required**: 50% - **Status**: ✅ PASSED *Report generated on 2026-04-07 04:38:06 UTC* ## Package Details | Package | Coverage | |---------|-----------| | tag_me.forms | 🟢 100.0% | | tag_me.views | 🟢 99.1% | | tag_me.models | 🟢 97.5% | | tag_me | 🟢 95.8% | | tag_me.templatetags | 🟢 95.1% | | tag_me.utils | 🟢 94.4% |

This pull request can be merged automatically.

This branch is out-of-date with the base branch

You are not authorized to merge this pull request.

View command line instructions

Checkout

From your project repository, check out a new branch and test the changes.

git fetch -u origin dependabot/npm_and_yarn/frontend/vite-6.4.2:dependabot/npm_and_yarn/frontend/vite-6.4.2

git switch dependabot/npm_and_yarn/frontend/vite-6.4.2

Merge

Merge the changes and update on Forgejo.

Warning: The "Autodetect manual merge" setting is not enabled for this repository, you will have to mark this pull request as manually merged afterwards.

git switch main

git merge --no-ff dependabot/npm_and_yarn/frontend/vite-6.4.2

git switch dependabot/npm_and_yarn/frontend/vite-6.4.2

git rebase main

git switch main

git merge --ff-only dependabot/npm_and_yarn/frontend/vite-6.4.2

git switch dependabot/npm_and_yarn/frontend/vite-6.4.2

git rebase main

git switch main

git merge --no-ff dependabot/npm_and_yarn/frontend/vite-6.4.2

git switch main

git merge --squash dependabot/npm_and_yarn/frontend/vite-6.4.2

git switch main

git merge --ff-only dependabot/npm_and_yarn/frontend/vite-6.4.2

git switch main

git merge dependabot/npm_and_yarn/frontend/vite-6.4.2

git push origin main

Sign in to join this conversation.

Reviewers

No reviewers

Labels

Clear labels   

bug

Something isn't working

  

Chore

A chore to be done

  

dependencies

Pull requests that update a dependency file

  

documentation

Improvements or additions to documentation

  

duplicate

This issue or pull request already exists

  

enhancement

New feature or request

  

good first issue

Good for newcomers

  

help wanted

Extra attention is needed

  

invalid

This doesn't seem right

  

javascript

Pull requests that update javascript code

  

python

Pull requests that update python code

  

question

Further information is requested

  

refactor

Refactor code

  

release

  

tests

Has test additions/improvements

  

ui

  

wontfix

This will not be worked on

No labels

bug

Chore

dependencies

documentation

duplicate

enhancement

good first issue

help wanted

invalid

javascript

python

question

refactor

release

tests

ui

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

dunwright/django-tag-me!342

No description provided.