Bump the npm_and_yarn group with 3 updates

[dependabot]

Bumps the npm_and_yarn group with 3 updates: vite, astro and rollup.

Updates vite from 5.1.6 to 5.1.8

Release notes

Sourced from vite's releases.

v5.1.8

Please refer to CHANGELOG.md for details.

v5.1.7

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

5.1.8 (2024-09-19)

• fix: avoid DOM Clobbering gadget in getRelativeUrlFromDocument (#18115) (5caa08f), closes #18115
• fix: fs raw query (#18112) (03f1033), closes #18112

5.1.7 (2024-03-24)

• fix: fs.deny with globs with directories (#16250) (5a056dd), closes #16250

Commits

• fe63231 release: v5.1.8
• 5caa08f fix: avoid DOM Clobbering gadget in getRelativeUrlFromDocument (#18115)
• 03f1033 fix: fs raw query (#18112)
• e710c2f release: v5.1.7
• 5a056dd fix: fs.deny with globs with directories (#16250)
• See full diff in compare view

Updates astro from 4.5.6 to 4.16.1

Release notes

Sourced from astro's releases.

[email protected]

Patch Changes

• #12177 a4ffbfa Thanks @​matthewp! - Ensure we target scripts for execution in the router

  Using document.scripts is unsafe because if the application has a name="scripts" this will shadow the built-in document.scripts. Fix is to use getElementsByTagName to ensure we're only grabbing real scripts.

• #12173 2d10de5 Thanks @​ematipico! - Fixes a bug where Astro Actions couldn't redirect to the correct pathname when there was a rewrite involved.

Changelog

Sourced from astro's changelog.

4.16.16

Patch Changes

• #12542 65e50eb Thanks @​kadykov! - Fix JPEG image size determination

• #12525 cf0d8b0 Thanks @​ematipico! - Fixes an issue where with i18n enabled, Astro couldn't render the 404.astro component for non-existent routes.

4.16.15

Patch Changes

• #12498 b140a3f Thanks @​ematipico! - Fixes a regression where Astro was trying to access Request.headers

4.16.14

Patch Changes

• #12480 c3b7e7c Thanks @​matthewp! - Removes the default throw behavior in astro:env

• #12444 28dd3ce Thanks @​ematipico! - Fixes an issue where a server island hydration script might fail case the island ID misses from the DOM.

• #12476 80a9a52 Thanks @​florian-lefebvre! - Fixes a case where the Content Layer glob() loader would not update when renaming or deleting an entry

• #12418 25baa4e Thanks @​oliverlynch! - Fix cached image redownloading if it is the first asset

• #12477 46f6b38 Thanks @​ematipico! - Fixes an issue where the SSR build was emitting the dist/server/entry.mjs file with an incorrect import at the top of the file/

• #12365 a23985b Thanks @​apatel369! - Fixes an issue where Astro.currentLocale was not correctly returning the locale for 404 and 500 pages.

4.16.13

Patch Changes

• #12436 453ec6b Thanks @​martrapp! - Fixes a potential null access in the clientside router

• #12392 0462219 Thanks @​apatel369! - Fixes an issue where scripts were not correctly injected during the build. The issue was triggered when there were injected routes with the same entrypoint and different pattern

4.16.12

Patch Changes

• #12420 acac0af Thanks @​ematipico! - Fixes an issue where the dev server returns a 404 status code when a user middleware returns a valid Response.

4.16.11

Patch Changes

• #12305 f5f7109 Thanks @​florian-lefebvre! - Fixes a case where the error overlay would not escape the message

... (truncated)

Commits

• c73d65d [ci] release (#12178)
• 650dd22 Fix VT video test fail in firefox (#12188)
• 58e22bd [ci] format
• 2d10de5 fix(routing): actions should redirect the original pathname (#12173)
• a4ffbfa Ensure router only targets scripts for execution (#12177)
• 2f5b28e Use p-queue instead of fastq (#12189)
• 1f93fca Fix biome lint warning (#12187)
• 582f12e [ci] release (#12148)
• b9e8e96 add info about content intellisense (#12164)
• c6fd1df Fix mts reloads (#12160)
• Additional commits viewable in compare view

Updates rollup from 4.12.1 to 4.28.1

Release notes

Sourced from rollup's releases.

v4.28.1

4.28.1

2024-12-06

Bug Fixes

• Support running Rollup natively on LoongArch (#5749)
• Add optional debugId to SourceMap types (#5751)

Pull Requests

• #5749: feat: add support for LoongArch (@​darkyzhou)
• #5751: feat: Add debugId to SourceMap types (@​timfish, @​lukastaegert)
• #5752: chore(deps): update dependency mocha to v11 (@​renovate[bot])
• #5753: chore(deps): update dependency vite to v6 (@​renovate[bot])
• #5754: fix(deps): update swc monorepo (major) (@​renovate[bot])
• #5755: chore(deps): lock file maintenance minor/patch updates (@​renovate[bot])
• #5756: Test if saving the Cargo cache can speed up FreeBSD (@​lukastaegert)

v4.28.0

4.28.0

2024-11-30

Features

• Allow to specify how to handle import attributes when transpiling Rollup config files (#5743)

Pull Requests

• #5743: fix: supports modify the import attributes key in the config file (@​TrickyPi, @​lukastaegert)
• #5747: chore(deps): update codecov/codecov-action action to v5 (@​renovate[bot])
• #5748: chore(deps): lock file maintenance minor/patch updates (@​renovate[bot])

v4.27.4

4.27.4

2024-11-23

Bug Fixes

• Update bundled magic-string to support sourcemap debug ids (#5740)

Pull Requests

• #5740: chore(deps): lock file maintenance minor/patch updates (@​renovate[bot])

v4.27.3

4.27.3

... (truncated)

Changelog

Sourced from rollup's changelog.

4.28.1

2024-12-06

Bug Fixes

• Support running Rollup natively on LoongArch (#5749)
• Add optional debugId to SourceMap types (#5751)

Pull Requests

• #5749: feat: add support for LoongArch (@​darkyzhou)
• #5751: feat: Add debugId to SourceMap types (@​timfish, @​lukastaegert)
• #5752: chore(deps): update dependency mocha to v11 (@​renovate[bot])
• #5753: chore(deps): update dependency vite to v6 (@​renovate[bot])
• #5754: fix(deps): update swc monorepo (major) (@​renovate[bot])
• #5755: chore(deps): lock file maintenance minor/patch updates (@​renovate[bot])
• #5756: Test if saving the Cargo cache can speed up FreeBSD (@​lukastaegert)

4.28.0

2024-11-30

Features

• Allow to specify how to handle import attributes when transpiling Rollup config files (#5743)

Pull Requests

• #5743: fix: supports modify the import attributes key in the config file (@​TrickyPi, @​lukastaegert)
• #5747: chore(deps): update codecov/codecov-action action to v5 (@​renovate[bot])
• #5748: chore(deps): lock file maintenance minor/patch updates (@​renovate[bot])

4.27.4

2024-11-23

Bug Fixes

• Update bundled magic-string to support sourcemap debug ids (#5740)

Pull Requests

• #5740: chore(deps): lock file maintenance minor/patch updates (@​renovate[bot])

4.27.3

2024-11-18

Bug Fixes

... (truncated)

Commits

• e60fb1c 4.28.1
• 224247b chore(deps): lock file maintenance minor/patch updates (#5755)
• c3283cf Test if saving the Cargo cache can speed up FreeBSD (#5756)
• 87a911c feat: Add debugId to SourceMap types (#5751)
• 1b78f74 chore(deps): update dependency mocha to v11 (#5752)
• 89e1c70 chore(deps): update dependency vite to v6 (#5753)
• 4d6b077 feat: add support for LoongArch (#5749)
• d3464e4 fix(deps): update swc monorepo (major) (#5754)
• 0595e43 4.28.0
• 5053019 fix: supports modify the import attributes key in the config file (#5743)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 12f0797

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[dependabot]

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml