Skip to content

chore(deps): bump vite-plus to PR #1633 (pkg-pr-new)#11

Draft
fengmk2 wants to merge 1 commit into
mainfrom
update-vite-plus-prerelease-test-pr-1633
Draft

chore(deps): bump vite-plus to PR #1633 (pkg-pr-new)#11
fengmk2 wants to merge 1 commit into
mainfrom
update-vite-plus-prerelease-test-pr-1633

Conversation

@fengmk2

@fengmk2 fengmk2 commented May 19, 2026

Copy link
Copy Markdown
Owner

Summary

Bump vite-plus and related @voidzero-dev/* packages to the pkg-pr-new prerelease for vite-plus PR #1633.

Updated where applicable:

  • vite-plushttps://pkg.pr.new/voidzero-dev/vite-plus@1633
  • vite alias → @voidzero-dev/vite-plus-core pkg-pr-new URL
  • vitest alias → @voidzero-dev/vite-plus-test pkg-pr-new URL
  • overrides / resolutions / pnpm.overrides / pnpm-workspace.yaml catalogs

Also configured minimum-release-age with vite-plus / @voidzero-dev/* excluded for pnpm / bun / npm.

Test plan

  • CI passes

@fengmk2 fengmk2 self-assigned this May 19, 2026
gemini-code-assist[bot]
gemini-code-assist Bot reviewed May 19, 2026
View reviewed changes

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request updates the vite, vite-plus, and vitest dependencies across the workspace to use pre-release builds from a specific pull request and adds release age configurations to .npmrc. The reviewer recommends pinning these pre-release dependencies to specific commit hashes instead of mutable PR tags to ensure build reproducibility and prevent issues if the remote PR is updated or the lockfile is regenerated.

Comment thread apps/yaak-client/package.json
Comment on lines +105 to +110
"vite": "https://pkg.pr.new/voidzero-dev/vite-plus/@voidzero-dev/vite-plus-core@1633",
"vite-plugin-static-copy": "^3.3.0",
"vite-plugin-svgr": "^4.5.0",
"vite-plugin-top-level-await": "^1.5.0",
"vite-plugin-wasm": "^3.5.0",
"vite-plus": "^0.1.20"
"vite-plus": "https://pkg.pr.new/voidzero-dev/vite-plus@1633"

@gemini-code-assist gemini-code-assist Bot May 19, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

For reproducible builds, it's recommended to pin pre-release dependencies to a specific commit hash instead of a mutable tag like a PR number. The lockfile indicates that @1633 resolves to commit 428629ad4076431fdbeb332ba7c91935e32f92f6. Using the commit hash directly ensures that npm install will always use this exact version, even if the lockfile is regenerated or the remote PR is updated.

Suggested change
"vite": "https://pkg.pr.new/voidzero-dev/vite-plus/@voidzero-dev/vite-plus-core@1633",
"vite-plugin-static-copy": "^3.3.0",
"vite-plugin-svgr": "^4.5.0",
"vite-plugin-top-level-await": "^1.5.0",
"vite-plugin-wasm": "^3.5.0",
"vite-plus": "^0.1.20"
"vite-plus": "https://pkg.pr.new/voidzero-dev/vite-plus@1633"
"vite": "https://pkg.pr.new/voidzero-dev/vite-plus/@voidzero-dev/vite-plus-core@428629ad4076431fdbeb332ba7c91935e32f92f6",
"vite-plugin-static-copy": "^3.3.0",
"vite-plugin-svgr": "^4.5.0",
"vite-plugin-top-level-await": "^1.5.0",
"vite-plugin-wasm": "^3.5.0",
"vite-plus": "https://pkg.pr.new/voidzero-dev/vite-plus@428629ad4076431fdbeb332ba7c91935e32f92f6"

Comment thread apps/yaak-proxy/package.json
Comment on lines +34 to +35
"vite": "https://pkg.pr.new/voidzero-dev/vite-plus/@voidzero-dev/vite-plus-core@1633",
"vite-plus": "https://pkg.pr.new/voidzero-dev/vite-plus@1633"

@gemini-code-assist gemini-code-assist Bot May 19, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

For reproducible builds, it's recommended to pin pre-release dependencies to a specific commit hash instead of a mutable tag like a PR number. The lockfile indicates that @1633 resolves to commit 428629ad4076431fdbeb332ba7c91935e32f92f6. Using the commit hash directly ensures that npm install will always use this exact version, even if the lockfile is regenerated or the remote PR is updated.

Suggested change
"vite": "https://pkg.pr.new/voidzero-dev/vite-plus/@voidzero-dev/vite-plus-core@1633",
"vite-plus": "https://pkg.pr.new/voidzero-dev/vite-plus@1633"
"vite": "https://pkg.pr.new/voidzero-dev/vite-plus/@voidzero-dev/vite-plus-core@428629ad4076431fdbeb332ba7c91935e32f92f6",
"vite-plus": "https://pkg.pr.new/voidzero-dev/vite-plus@428629ad4076431fdbeb332ba7c91935e32f92f6"

Comment thread package.json
Comment on lines +123 to +130
"vite": "https://pkg.pr.new/voidzero-dev/vite-plus/@voidzero-dev/vite-plus-core@1633",
"vite-plus": "https://pkg.pr.new/voidzero-dev/vite-plus@1633",
"vitest": "https://pkg.pr.new/voidzero-dev/vite-plus/@voidzero-dev/vite-plus-test@1633"
},
"overrides": {
"js-yaml": "^4.1.1",
"vite": "npm:@voidzero-dev/vite-plus-core@^0.1.20",
"vitest": "npm:@voidzero-dev/vite-plus-test@^0.1.20"
"vite": "https://pkg.pr.new/voidzero-dev/vite-plus/@voidzero-dev/vite-plus-core@1633",
"vitest": "https://pkg.pr.new/voidzero-dev/vite-plus/@voidzero-dev/vite-plus-test@1633"

@gemini-code-assist gemini-code-assist Bot May 19, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

To ensure reproducible builds, it's best practice to pin pre-release dependencies to a specific commit hash rather than a PR number/tag. The package-lock.json indicates that @1633 resolves to commit 428629ad4076431fdbeb332ba7c91935e32f92f6.

Using the commit hash directly in package.json for vite-plus and its related packages will guarantee that the same version is always installed, even if the lockfile is regenerated or the remote PR is updated.

Please apply this change to vite, vite-plus, and vitest in both devDependencies and overrides. This should also be applied to the other package.json files in this PR.

Suggested change
"vite": "https://pkg.pr.new/voidzero-dev/vite-plus/@voidzero-dev/vite-plus-core@1633",
"vite-plus": "https://pkg.pr.new/voidzero-dev/vite-plus@1633",
"vitest": "https://pkg.pr.new/voidzero-dev/vite-plus/@voidzero-dev/vite-plus-test@1633"
},
"overrides": {
"js-yaml": "^4.1.1",
"vite": "npm:@voidzero-dev/vite-plus-core@^0.1.20",
"vitest": "npm:@voidzero-dev/vite-plus-test@^0.1.20"
"vite": "https://pkg.pr.new/voidzero-dev/vite-plus/@voidzero-dev/vite-plus-core@1633",
"vitest": "https://pkg.pr.new/voidzero-dev/vite-plus/@voidzero-dev/vite-plus-test@1633"
"vite": "https://pkg.pr.new/voidzero-dev/vite-plus/@voidzero-dev/vite-plus-core@428629ad4076431fdbeb332ba7c91935e32f92f6",
"vite-plus": "https://pkg.pr.new/voidzero-dev/vite-plus@428629ad4076431fdbeb332ba7c91935e32f92f6",
"vitest": "https://pkg.pr.new/voidzero-dev/vite-plus/@voidzero-dev/vite-plus-test@428629ad4076431fdbeb332ba7c91935e32f92f6"
},
"overrides": {
"js-yaml": "^4.1.1",
"vite": "https://pkg.pr.new/voidzero-dev/vite-plus/@voidzero-dev/vite-plus-core@428629ad4076431fdbeb332ba7c91935e32f92f6",
"vitest": "https://pkg.pr.new/voidzero-dev/vite-plus/@voidzero-dev/vite-plus-test@428629ad4076431fdbeb332ba7c91935e32f92f6"

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

@fengmk2 fengmk2

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@fengmk2