Skip to content

build(deps-dev): bump the development group with 9 updates#8

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/development-aa5faefff4
Open

build(deps-dev): bump the development group with 9 updates#8
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/development-aa5faefff4

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 20, 2026
edited
Loading

Bumps the development group with 9 updates:

Package From To
@cloudflare/vite-plugin 1.33.2 1.37.2
@tailwindcss/postcss 4.2.4 4.3.0
@vitejs/plugin-react 6.0.1 6.0.2
@vitejs/plugin-rsc 0.5.24 0.5.26
react-server-dom-webpack 19.2.5 19.2.6
tailwindcss 4.2.4 4.3.0
vinext 0.0.44 0.0.51
vite 8.0.10 8.0.13
wrangler 4.85.0 4.93.0

Updates @cloudflare/vite-plugin from 1.33.2 to 1.37.2

Release notes

Sourced from @​cloudflare/vite-plugin's releases.

@​cloudflare/vite-plugin@​1.37.2

Patch Changes

@​cloudflare/vite-plugin@​1.37.1

Patch Changes

  • #13922 23800f8 Thanks @​edmundhung! - Add a tunnel shortcut hint when CLI shortcuts are printed

    The Cloudflare Vite plugin now includes a t + enter tunnel hint alongside the other CLI shortcuts it prints.

  • #13920 f579e57 Thanks @​petebacondarwin! - Honor X-Forwarded-Proto when constructing the Worker's request.url

    When running the Vite dev server behind a TLS-terminating reverse proxy or tunnel, the Worker's request.url was always http://... even though the client reached the server over https://.... This caused frameworks that perform Origin/Host checks (e.g. CSRF protection) to reject requests with 403.

    The Vite plugin now reads the X-Forwarded-Proto header from the incoming request and uses it to set the protocol of request.url. If the header is absent or invalid, the connection protocol is used as before. The same handling is applied to WebSocket upgrade URLs.

    Fixes #13801.

  • Updated dependencies [19ed49a, 3ff0a50, bf688f7, 2e72c83, 802eaf4, 506aa02, 8f5cdb1, be8a98c]:

    • miniflare@4.20260515.0
    • wrangler@4.92.0

@​cloudflare/vite-plugin@​1.37.0

Minor Changes

  • #13903 7ce6f6f Thanks @​edmundhung! - Add named tunnel support to the cloudflare() Vite plugin

    You can now expose your local dev server publicly with a stable hostname by configuring tunnel with a named Cloudflare Tunnel:

    cloudflare({
  tunnel: { name: "my-tunnel", autoStart: true },
});

    If autoStart is omitted or set to false, you can still start or close the tunnel by pressing t + enter.

Patch Changes

@​cloudflare/vite-plugin@​1.36.4

... (truncated)

Changelog

Sourced from @​cloudflare/vite-plugin's changelog.

1.37.2

Patch Changes

1.37.1

Patch Changes

  • #13922 23800f8 Thanks @​edmundhung! - Add a tunnel shortcut hint when CLI shortcuts are printed

    The Cloudflare Vite plugin now includes a t + enter tunnel hint alongside the other CLI shortcuts it prints.

  • #13920 f579e57 Thanks @​petebacondarwin! - Honor X-Forwarded-Proto when constructing the Worker's request.url

    When running the Vite dev server behind a TLS-terminating reverse proxy or tunnel, the Worker's request.url was always http://... even though the client reached the server over https://.... This caused frameworks that perform Origin/Host checks (e.g. CSRF protection) to reject requests with 403.

    The Vite plugin now reads the X-Forwarded-Proto header from the incoming request and uses it to set the protocol of request.url. If the header is absent or invalid, the connection protocol is used as before. The same handling is applied to WebSocket upgrade URLs.

    Fixes #13801.

  • Updated dependencies [19ed49a, 3ff0a50, bf688f7, 2e72c83, 802eaf4, 506aa02, 8f5cdb1, be8a98c]:

    • miniflare@4.20260515.0
    • wrangler@4.92.0

1.37.0

Minor Changes

  • #13903 7ce6f6f Thanks @​edmundhung! - Add named tunnel support to the cloudflare() Vite plugin

    You can now expose your local dev server publicly with a stable hostname by configuring tunnel with a named Cloudflare Tunnel:

    cloudflare({
  tunnel: { name: "my-tunnel", autoStart: true },
});

    If autoStart is omitted or set to false, you can still start or close the tunnel by pressing t + enter.

Patch Changes

... (truncated)

Commits

Updates @tailwindcss/postcss from 4.2.4 to 4.3.0

Release notes

Sourced from @​tailwindcss/postcss's releases.

v4.3.0

Added

  • Add @container-size utility (#18901)
  • Add scrollbar-{auto,thin,none} utilities for scrollbar-width, and scrollbar-thumb-* / scrollbar-track-* color utilities for scrollbar-color (#19981, #20019)
  • Add scrollbar-gutter-* utilities (#20018)
  • Add zoom-* utilities (#20020)
  • Add tab-* utilities (#20022)
  • Allow using @variant with stacked variants (e.g. @variant hover:focus { … }) (#19996)
  • Allow using @variant with compound variants (e.g. @variant hover, focus { … }) (#19996)
  • Support --default(…) in --value(…) and --modifier(…) for functional @utility definitions (#19989)

Fixed

  • Ensure @plugin resolves package JavaScript entries instead of browser CSS entries when using @tailwindcss/vite (#19949)
  • Fix relative @import and @plugin paths resolving from the wrong directory when using @tailwindcss/vite (#19965)
  • Ensure CSS files containing @variant are processed by @tailwindcss/vite (#19966)
  • Resolve imports relative to base when result.opts.from is not provided when using @tailwindcss/postcss (#19980)
  • Canonicalization: preserve significant _ whitespace in arbitrary values (#19986)
  • Canonicalization: add parentheses when removing whitespace from arbitrary values would hurt readability (e.g. w-[calc(100%---spacing(60))]w-[calc(100%-(--spacing(60)))]) (#19986)
  • Canonicalization: preserve the original unit in arbitrary values instead of normalizing to base units (e.g. -mt-[20in]mt-[-20in], not mt-[-1920px]) (#19988)
  • Canonicalization: migrate arbitrary :has() variants from [&:has(…)] to has-[…] (#19991)
  • Upgrade: don’t migrate inline style attributes (e.g. style="flex-grow: 1"style="flex-grow: 1", not style="grow: 1") (#19918)
  • Allow multiple @utility definitions with the same name but different value types (#19777)
  • Export missing PluginWithConfig type from tailwindcss/plugin to fix errors when inferring plugin config types (#19707)
  • Ensure start and end legacy utilities without values do not generate CSS (#20003)
  • Ensure --value(…) is required in functional @utility definitions (#20005)
  • Canonicalization: preserve required whitespace around operators in negated arbitrary values (e.g. -left-[(var(--a)+var(--b))]) (#20011)
Changelog

Sourced from @​tailwindcss/postcss's changelog.

[4.3.0] - 2026-05-08

Added

  • Add @container-size utility (#18901)
  • Add scrollbar-{auto,thin,none} utilities for scrollbar-width, and scrollbar-thumb-* / scrollbar-track-* color utilities for scrollbar-color (#19981, #20019)
  • Add scrollbar-gutter-* utilities (#20018)
  • Add zoom-* utilities (#20020)
  • Add tab-* utilities (#20022)
  • Allow using @variant with stacked variants (e.g. @variant hover:focus { … }) (#19996)
  • Allow using @variant with compound variants (e.g. @variant hover, focus { … }) (#19996)
  • Support --default(…) in --value(…) and --modifier(…) for functional @utility definitions (#19989)

Fixed

  • Ensure @plugin resolves package JavaScript entries instead of browser CSS entries when using @tailwindcss/vite (#19949)
  • Fix relative @import and @plugin paths resolving from the wrong directory when using @tailwindcss/vite (#19965)
  • Ensure CSS files containing @variant are processed by @tailwindcss/vite (#19966)
  • Resolve imports relative to base when result.opts.from is not provided when using @tailwindcss/postcss (#19980)
  • Canonicalization: preserve significant _ whitespace in arbitrary values (#19986)
  • Canonicalization: add parentheses when removing whitespace from arbitrary values would hurt readability (e.g. w-[calc(100%---spacing(60))]w-[calc(100%-(--spacing(60)))]) (#19986)
  • Canonicalization: preserve the original unit in arbitrary values instead of normalizing to base units (e.g. -mt-[20in]mt-[-20in], not mt-[-1920px]) (#19988)
  • Canonicalization: migrate arbitrary :has() variants from [&:has(…)] to has-[…] (#19991)
  • Upgrade: don’t migrate inline style attributes (e.g. style="flex-grow: 1"style="flex-grow: 1", not style="grow: 1") (#19918)
  • Allow multiple @utility definitions with the same name but different value types (#19777)
  • Export missing PluginWithConfig type from tailwindcss/plugin to fix errors when inferring plugin config types (#19707)
  • Ensure start and end legacy utilities without values do not generate CSS (#20003)
  • Ensure --value(…) is required in functional @utility definitions (#20005)
  • Canonicalization: preserve required whitespace around operators in negated arbitrary values (e.g. -left-[(var(--a)+var(--b))]) (#20011)
Commits

Updates @vitejs/plugin-react from 6.0.1 to 6.0.2

Release notes

Sourced from @​vitejs/plugin-react's releases.

plugin-react@6.0.2

Allow all options in reactCompilerPreset (#1189)

This is a type only change. Only compilationMode and target options were available for reactCompilerPreset.

Changelog

Sourced from @​vitejs/plugin-react's changelog.

6.0.2 (2026-05-14)

Allow all options in reactCompilerPreset (#1189)

This is a type only change. Only compilationMode and target options were available for reactCompilerPreset.

Commits

Updates @vitejs/plugin-rsc from 0.5.24 to 0.5.26

Release notes

Sourced from @​vitejs/plugin-rsc's releases.

plugin-rsc@0.5.26

Please refer to CHANGELOG.md for details.

plugin-rsc@0.5.25

Please refer to CHANGELOG.md for details.

Changelog

Sourced from @​vitejs/plugin-rsc's changelog.

0.5.26 (2026-05-07)

Bug Fixes

Tests

  • rsc: add starter-extra and enhance css tests (#1202) (bb42093)

0.5.25 (2026-04-27)

Bug Fixes

  • deps: update all non-major dependencies (#1196) (323ccd7)
  • rsc: fix server css hmr with cssLinkPrecedence: false (#1188) (f4647c4)
  • rsc: include bundled server CSS when cssCodeSplit is false (#1192) (2845b9f)

Miscellaneous Chores

Tests

  • assert new minified error message on react canary (#1199) (cbac17c)
Commits
  • 65d378f release: plugin-rsc@0.5.26
  • 8fa9619 fix(deps): update react 19.2.6 (#1211)
  • a4296ad fix(deps): update all non-major dependencies (#1209)
  • bb42093 test(rsc): add starter-extra and enhance css tests (#1202)
  • 152e549 fix(deps): update all non-major dependencies (#1201)
  • ab01352 release: plugin-rsc@0.5.25
  • f4647c4 fix(rsc): fix server css hmr with cssLinkPrecedence: false (#1188)
  • 2845b9f fix(rsc): include bundled server CSS when cssCodeSplit is false (#1192)
  • 323ccd7 fix(deps): update all non-major dependencies (#1196)
  • a7506e1 chore(deps): update vite 8.0.10 (#1198)
  • Additional commits viewable in compare view

Updates react-server-dom-webpack from 19.2.5 to 19.2.6

Release notes

Sourced from react-server-dom-webpack's releases.

19.2.6 (May 6th, 2026)

React Server Components

Commits

Updates tailwindcss from 4.2.4 to 4.3.0

Release notes

Sourced from tailwindcss's releases.

v4.3.0

Added

  • Add @container-size utility (#18901)
  • Add scrollbar-{auto,thin,none} utilities for scrollbar-width, and scrollbar-thumb-* / scrollbar-track-* color utilities for scrollbar-color (#19981, #20019)
  • Add scrollbar-gutter-* utilities (#20018)
  • Add zoom-* utilities (#20020)
  • Add tab-* utilities (#20022)
  • Allow using @variant with stacked variants (e.g. @variant hover:focus { … }) (#19996)
  • Allow using @variant with compound variants (e.g. @variant hover, focus { … }) (#19996)
  • Support --default(…) in --value(…) and --modifier(…) for functional @utility definitions (#19989)

Fixed

  • Ensure @plugin resolves package JavaScript entries instead of browser CSS entries when using @tailwindcss/vite (#19949)
  • Fix relative @import and @plugin paths resolving from the wrong directory when using @tailwindcss/vite (#19965)
  • Ensure CSS files containing @variant are processed by @tailwindcss/vite (#19966)
  • Resolve imports relative to base when result.opts.from is not provided when using @tailwindcss/postcss (#19980)
  • Canonicalization: preserve significant _ whitespace in arbitrary values (#19986)
  • Canonicalization: add parentheses when removing whitespace from arbitrary values would hurt readability (e.g. w-[calc(100%---spacing(60))]w-[calc(100%-(--spacing(60)))]) (#19986)
  • Canonicalization: preserve the original unit in arbitrary values instead of normalizing to base units (e.g. -mt-[20in]mt-[-20in], not mt-[-1920px]) (#19988)
  • Canonicalization: migrate arbitrary :has() variants from [&:has(…)] to has-[…] (#19991)
  • Upgrade: don’t migrate inline style attributes (e.g. style="flex-grow: 1"style="flex-grow: 1", not style="grow: 1") (#19918)
  • Allow multiple @utility definitions with the same name but different value types (#19777)
  • Export missing PluginWithConfig type from tailwindcss/plugin to fix errors when inferring plugin config types (#19707)
  • Ensure start and end legacy utilities without values do not generate CSS (#20003)
  • Ensure --value(…) is required in functional @utility definitions (#20005)
  • Canonicalization: preserve required whitespace around operators in negated arbitrary values (e.g. -left-[(var(--a)+var(--b))]) (#20011)
Changelog

Sourced from tailwindcss's changelog.

[4.3.0] - 2026-05-08

Added

  • Add @container-size utility (#18901)
  • Add scrollbar-{auto,thin,none} utilities for scrollbar-width, and scrollbar-thumb-* / scrollbar-track-* color utilities for scrollbar-color (#19981, #20019)
  • Add scrollbar-gutter-* utilities (#20018)
  • Add zoom-* utilities (#20020)
  • Add tab-* utilities (#20022)
  • Allow using @variant with stacked variants (e.g. @variant hover:focus { … }) (#19996)
  • Allow using @variant with compound variants (e.g. @variant hover, focus { … }) (#19996)
  • Support --default(…) in --value(…) and --modifier(…) for functional @utility definitions (#19989)

Fixed

  • Ensure @plugin resolves package JavaScript entries instead of browser CSS entries when using @tailwindcss/vite (#19949)
  • Fix relative @import and @plugin paths resolving from the wrong directory when using @tailwindcss/vite (#19965)
  • Ensure CSS files containing @variant are processed by @tailwindcss/vite (#19966)
  • Resolve imports relative to base when result.opts.from is not provided when using @tailwindcss/postcss (#19980)
  • Canonicalization: preserve significant _ whitespace in arbitrary values (#19986)
  • Canonicalization: add parentheses when removing whitespace from arbitrary values would hurt readability (e.g. w-[calc(100%---spacing(60))]w-[calc(100%-(--spacing(60)))]) (#19986)
  • Canonicalization: preserve the original unit in arbitrary values instead of normalizing to base units (e.g. -mt-[20in]mt-[-20in], not mt-[-1920px]) (#19988)
  • Canonicalization: migrate arbitrary :has() variants from [&:has(…)] to has-[…] (#19991)
  • Upgrade: don’t migrate inline style attributes (e.g. style="flex-grow: 1"style="flex-grow: 1", not style="grow: 1") (#19918)
  • Allow multiple @utility definitions with the same name but different value types (#19777)
  • Export missing PluginWithConfig type from tailwindcss/plugin to fix errors when inferring plugin config types (#19707)
  • Ensure start and end legacy utilities without values do not generate CSS (#20003)
  • Ensure --value(…) is required in functional @utility definitions (#20005)
  • Canonicalization: preserve required whitespace around operators in negated arbitrary values (e.g. -left-[(var(--a)+var(--b))]) (#20011)
Commits

Updates vinext from 0.0.44 to 0.0.51

Release notes

Sourced from vinext's releases.

v0.0.51

What's Changed

New Features

  • Implemented assetPrefix config with full Next.js semantics (path-prefix and absolute-URL forms, basePath fallback)
  • Added App Router support for app/global-not-found.tsx (Next.js 16 parity)
  • Added dev server lock file to prevent concurrent dev sessions
  • Added manifest-backed interception topology to the App Router
  • Planned App Router navigation from RouteManifest topology
  • Promoted intercepted route preservation through the navigation planner
  • Recorded App Router render observations in the caching layer
  • Classified private and dynamic render downgrades in the cache
  • Added static layout proof and variant budget guardrails to the cache
  • Added support for declared artifact compatibility sets
  • Added /compatibility page backed by D1 + deploy-suite ingest

Bug Fixes

  • Matched Next dynamic route semantics for metadata routes
  • Applied ancestor templates to title defaults in metadata
  • Threaded basePath through metadata, manifest, and redirects
  • Emitted streamed redirect and not-found meta tags
  • Rendered progressive action not-found HTML on the server
  • Threw a typed error for unrecognized server actions
  • Modeled RSC redirect and traversal lifecycle
  • Hard-navigated stale RSC build payloads
  • Hydrated initial root in a transition
  • Kept refresh transitions pending until completion
  • Refreshed after discarded revalidating actions
  • Skipped RSC navigation for hash-only history traversal
  • Tracked hash-only traversal metadata
  • Guarded stale popstate scroll restoration
  • Preserved history metadata for external state updates
  • Promoted default slot persistence through route state
  • Forwarded searchParams correctly in probePage()
  • Matched Next.js RSC Content-Type and 404 plain-text body
  • Added x-action-forwarded guard to prevent server action forwarding loops
  • Surfaced invalid dynamic usage errors via Flight in dev
  • Populated useParams/useSearchParams under the Pages Router
  • Included _app module assets in served page HTML
  • Shared pages useRouter state through context
  • Derived shallow dynamic params from the URL
  • Kept next/router import free of popstate side effects
  • Supported string paths and missing params in getStaticPaths
  • Decoded hash scroll targets
  • Threw when App Router context is missing during navigation
  • Supported prefetch invalidation callbacks
  • Gated intercept matching on Next-URL source pattern
  • Aligned visible and intent prefetching for next/link

... (truncated)

Commits
  • 1551f91 fix(metadata): match Next dynamic route semantics (#1317)
  • e0eabc1 feat(router): add manifest-backed interception topology (#1314)
  • 9415a23 feat(config): implement assetPrefix (#1311)
  • 1dbcbfb feat(app-router): plan navigation from RouteManifest topology (#1312)
  • a85c2c1 fix: add x-action-forwarded guard and E2E tests for server action forwarding ...
  • 4aaae3d fix(build): pin cssTarget so esbuild preserves max-width media-query syntax...
  • 54e271d fix(cache-runtime): attach inner "use cache" call site as cause of nested-dyn...
  • 558cec0 fix(shims/script): preload <script> sources during SSR via ReactDOM.preload (...
  • 14ec0a1 fix(shims): treat draftMode() as non-dynamic; mark dynamic only on enable/dis...
  • c483253 fix(rsc): allow JSX in .js client modules inside node_modules (#1295)
  • Additional commits viewable in compare view

Updates vite from 8.0.10 to 8.0.13

Release notes

Sourced from vite's releases.

v8.0.13

Please refer to CHANGELOG.md for details.

v8.0.12

Please refer to CHANGELOG.md for details.

v8.0.11

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

8.0.13 (2026-05-14)

Features

  • bundled-dev: add lazy bundling support (#21406) (4f0949f)
  • optimizer: improve the esbuild plugin converter to pass some properties of build result to onEnd (#22357) (47071ce)
  • update rolldown to 1.0.1 (#22444) (8c766a6)

Bug Fixes

  • build: copy public directory after building same environment with write=false (#22328) (158e8ae)
  • css: await sass/less/styl worker disposal on teardown (fix #22274) (#22275) (b7edcb7)
  • css: keep deprecated name/originalFileName in synthetic assetFileNames call (#22439) (8e59c97)
  • make isBundled per environment (#22257) (a576326)
  • ssr: avoid rewriting labels that collide with imports (#22451) (d9b18e0)

Miscellaneous Chores

  • remove irrelevant commits from changelog (#22430) (

@dependabot
build(deps-dev): bump the development group with 9 updates
5893fbb 
Bumps the development group with 9 updates:

| Package | From | To |
| --- | --- | --- |
| [@cloudflare/vite-plugin](https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/vite-plugin-cloudflare) | `1.33.2` | `1.37.2` |
| [@tailwindcss/postcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss) | `4.2.4` | `4.3.0` |
| [@vitejs/plugin-react](https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react) | `6.0.1` | `6.0.2` |
| [@vitejs/plugin-rsc](https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-rsc) | `0.5.24` | `0.5.26` |
| [react-server-dom-webpack](https://github.com/facebook/react/tree/HEAD/packages/react-server-dom-webpack) | `19.2.5` | `19.2.6` |
| [tailwindcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss) | `4.2.4` | `4.3.0` |
| [vinext](https://github.com/cloudflare/vinext) | `0.0.44` | `0.0.51` |
| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `8.0.10` | `8.0.13` |
| [wrangler](https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler) | `4.85.0` | `4.93.0` |


Updates `@cloudflare/vite-plugin` from 1.33.2 to 1.37.2
- [Release notes](https://github.com/cloudflare/workers-sdk/releases)
- [Changelog](https://github.com/cloudflare/workers-sdk/blob/main/packages/vite-plugin-cloudflare/CHANGELOG.md)
- [Commits](https://github.com/cloudflare/workers-sdk/commits/@cloudflare/vite-plugin@1.37.2/packages/vite-plugin-cloudflare)

Updates `@tailwindcss/postcss` from 4.2.4 to 4.3.0
- [Release notes](https://github.com/tailwindlabs/tailwindcss/releases)
- [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.3.0/packages/@tailwindcss-postcss)

Updates `@vitejs/plugin-react` from 6.0.1 to 6.0.2
- [Release notes](https://github.com/vitejs/vite-plugin-react/releases)
- [Changelog](https://github.com/vitejs/vite-plugin-react/blob/main/packages/plugin-react/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite-plugin-react/commits/plugin-react@6.0.2/packages/plugin-react)

Updates `@vitejs/plugin-rsc` from 0.5.24 to 0.5.26
- [Release notes](https://github.com/vitejs/vite-plugin-react/releases)
- [Changelog](https://github.com/vitejs/vite-plugin-react/blob/main/packages/plugin-rsc/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite-plugin-react/commits/plugin-rsc@0.5.26/packages/plugin-rsc)

Updates `react-server-dom-webpack` from 19.2.5 to 19.2.6
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.6/packages/react-server-dom-webpack)

Updates `tailwindcss` from 4.2.4 to 4.3.0
- [Release notes](https://github.com/tailwindlabs/tailwindcss/releases)
- [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.3.0/packages/tailwindcss)

Updates `vinext` from 0.0.44 to 0.0.51
- [Release notes](https://github.com/cloudflare/vinext/releases)
- [Commits](cloudflare/vinext@v0.0.44...v0.0.51)

Updates `vite` from 8.0.10 to 8.0.13
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v8.0.13/packages/vite)

Updates `wrangler` from 4.85.0 to 4.93.0
- [Release notes](https://github.com/cloudflare/workers-sdk/releases)
- [Commits](https://github.com/cloudflare/workers-sdk/commits/wrangler@4.93.0/packages/wrangler)

---
updated-dependencies:
- dependency-name: "@cloudflare/vite-plugin"
  dependency-version: 1.37.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: development
- dependency-name: "@tailwindcss/postcss"
  dependency-version: 4.3.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: development
- dependency-name: "@vitejs/plugin-react"
  dependency-version: 6.0.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: development
- dependency-name: "@vitejs/plugin-rsc"
  dependency-version: 0.5.26
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: development
- dependency-name: react-server-dom-webpack
  dependency-version: 19.2.6
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: development
- dependency-name: tailwindcss
  dependency-version: 4.3.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: development
- dependency-name: vinext
  dependency-version: 0.0.51
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: development
- dependency-name: vite
  dependency-version: 8.0.13
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: development
- dependency-name: wrangler
  dependency-version: 4.93.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 20, 2026

Labels

The following labels could not be found: security. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label May 20, 2026
@dependabot dependabot Bot requested a review from crowterliam as a code owner May 20, 2026 22:17
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label May 20, 2026
@kilo-code-bot
Copy link
Copy Markdown

kilo-code-bot Bot commented May 20, 2026
edited
Loading

Code Review Summary

Status: 3 Issues Found | Recommendation: Address before merge

Overview

Severity Count
WARNING 3
Issue Details (click to expand)

WARNING

File Line Issue
package.json 28 @vitejs/plugin-rsc not bumped from ^0.5.24 though vinext 0.0.51 now requires >=0.5.26 in its peerDependencies — lock file resolves to 0.5.26 so it works at runtime, but package.json constraint is stale and will drift on next install
package.json 27 react and react-dom pinned to exact 19.2.5 though vinext 0.0.51 upgrades its peerDependencies to ^19.2.6 — lock file satisfies the peer constraint but the direct package.json declaration is not aligned and will not auto-bump
package.json 34 wrangler bumped to ^4.93.0 which raises its engines.node from >=20.3.0 to >=22.0.0; confirmed environments still running node: >=22 before deploying
Files Reviewed (2 files)
  • package.json — 3 warnings (stale version constraints and engine mismatch risk)
  • pnpm-lock.yaml — lock file consistent with updated versions; no issues

Reviewed by step-3.5-flash · 980,403 tokens

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@crowterliam crowterliam Awaiting requested review from crowterliam crowterliam is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants