Bump vite from 5.4.18 to 5.4.19

[dependabot]

Bumps vite from 5.4.18 to 5.4.19.

Release notes

Sourced from vite's releases.

v5.4.19

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

5.4.19 (2025-04-30)

• fix: backport #19965, check static serve file inside sirv (#19966) (766947e), closes #19965 #19966

Commits

• 80a333a release: v5.4.19
• 766947e fix: backport #19965, check static serve file inside sirv (#19966)
• See full diff in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[gitbotzup]

Overall Summary

This PR updates the devDependency vite from ^5.4.12 to ^5.4.19 across multiple packages, ensuring all are aligned with the latest Vite 5.4 patch release. The pnpm-lock.yaml file is also updated to reflect this change and to synchronize several transitive dependencies to their latest patch or minor versions. These updates are expected to bring bug fixes, minor improvements, and potential security enhancements.

Changed Files and Their Updates

• packages/edp-extension/package.json

  • Updated the devDependency vite from ^5.4.12 to ^5.4.19.
  • Ensures the package uses the latest patch version of Vite 5.4, likely including bug fixes and minor improvements.

• packages/edp-form-extension/package.json

  • Updated the devDependency vite from ^5.4.12 to ^5.4.19.
  • Aligns the package with the latest Vite 5.4 patch release.

• packages/edp-simulation/package.json

  • Updated the devDependency vite from ^5.4.12 to ^5.4.19.
  • Brings the package up to date with the latest Vite 5.4 patch.

• pnpm-lock.yaml

  • Synchronized the lockfile to reflect the update of vite from 5.4.18 to 5.4.19 across all relevant importers.
  • Updated several transitive dependencies:
    • rollup: 4.39.0 → 4.45.1 (including all platform-specific binaries)
    • @types/estree: 1.0.7 → 1.0.8
    • postcss: 8.5.3 → 8.5.6
  • Ensures all packages use the latest compatible versions, likely improving stability, performance, and security.

Security Advice

No immediate security concerns are apparent. All changes are patch or minor updates to dependencies, which typically address bugs and security vulnerabilities. As always, it is recommended to review the changelogs of vite, rollup, postcss, and other updated dependencies for any breaking changes or notable security fixes.
This is an AI-generated summary, which may be innacurate.
This aims only to assist human reviewers, and does not replace code reviews in any way.
Use responsibly and please submit any feedback to this form.