build(deps): bump the npm_and_yarn group across 1 directory with 2 updates #4
Conversation
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=80&v=4){kind=small}
…dates Bumps the npm_and_yarn group with 2 updates in the / directory: [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) and [linkifyjs](https://github.com/nfrasser/linkifyjs/tree/HEAD/packages/linkifyjs). Updates `vite` from 5.4.14 to 5.4.20 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v5.4.20/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v5.4.20/packages/vite) Updates `linkifyjs` from 4.2.0 to 4.3.2 - [Release notes](https://github.com/nfrasser/linkifyjs/releases) - [Changelog](https://github.com/nfrasser/linkifyjs/blob/main/CHANGELOG.md) - [Commits](https://github.com/nfrasser/linkifyjs/commits/v4.3.2/packages/linkifyjs) --- updated-dependencies: - dependency-name: vite dependency-version: 5.4.20 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: linkifyjs dependency-version: 4.3.2 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
added
dependencies
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
This PR is being reviewed by Cursor Bugbot
Details
Your team is on the Bugbot Free tier. On this plan, Bugbot will review limited PRs each billing cycle for each member of your team.
To receive Bugbot reviews on all of your PRs, visit the Cursor dashboard to activate Pro and start your 14-day free trial.
| /@tiptap/suggestion@2.11.3(@tiptap/[email protected])(@tiptap/[email protected]): | ||
| resolution: {integrity: sha512-w3zTPAYGbUxrgA1kUjhCZ4H6Js5RhbAjHqvNV9zJzREC8A/aiAYfQXCwhA5pYwRNedmQx6l4AVwtHxiCHfwtwA==} | ||
| /@tiptap/suggestion@2.26.1(@tiptap/[email protected])(@tiptap/[email protected]): | ||
| resolution: {integrity: sha512-iNWJdQN7h01keNoVwyCsdI7ZX11YkrexZjCnutWK17Dd72s3NYVTmQXu7saftwddT4nDdlczNxAFosrt0zMhcg==} |
There was a problem hiding this comment.
Bug: TipTap Package Version Mismatch
A significant version mismatch exists across TipTap packages. @tiptap/suggestion updated to 2.26.1, while @tiptap/core, @tiptap/pm, and @tiptap/extension-mention remain at 2.11.x. This large gap between interdependent packages risks compatibility issues and unexpected runtime behavior, and appears to be an unintended update.
|
This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests. To ignore these dependencies, configure ignore rules in dependabot.yml |
dependabot
bot
deleted the
dependabot/npm_and_yarn/npm_and_yarn-aef974c90e
branch
2 participants
Rebasing might not happen immediately, so don't worry if this takes some time.
Note: if you make any changes to this PR yourself, they will take precedence over the rebase.
Bumps the npm_and_yarn group with 2 updates in the / directory: vite and linkifyjs.
Updates
vitefrom 5.4.14 to 5.4.20Release notes
Sourced from vite's releases.
Changelog
Sourced from vite's changelog.
Commits
997700frelease: v5.4.20482000ffix: applyfs.strictcheck to HTML files (#20736)80a333arelease: v5.4.19766947efix: backport #19965, check static serve file inside sirv (#19966)731b77drelease: v5.4.18823675bfix: backport #19830, reject requests with#in request-target (#19831)0a2518arelease: v5.4.1784b2b46fix: backport #19782, fs check with svg and relative paths (#19784)712cb71release: v5.4.16b627c50fix: backport #19761, fs check in transform middleware (#19762)Updates
linkifyjsfrom 4.2.0 to 4.3.2Release notes
Sourced from linkifyjs's releases.
Changelog
Sourced from linkifyjs's changelog.
Commits
3abe9abv4.3.2931d3e2Use Object.assign instead of custom assign function (#518)45bc27ev4.3.1251a5c6v4.3.0359ed4eUpdate dependencies (#513)c4bdf85Revert "Don't allow apostrophe in URLs (#499)" (#504)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditionsYou can disable automated security fix PRs for this repo from the Security Alerts page.