Bump vite by dependabot[bot] · Pull Request #3 · neilzo/neilzo.github.io

dependabot · 2026-04-12T20:42:41Z

Bumps and vite. These dependencies needed to be updated together.
Updates vite from 6.4.1 to 6.4.2

Release notes

v6.4.2

Please refer to CHANGELOG.md for details.

Changelog

6.4.2 (2026-04-06)

fix: apply server.fs check to env transport (#22159) (#22163) (fe28e47), closes #22159 #22163

fix: avoid path traversal with optimize deps sourcemap handler (#22161) (ca4da5d), closes #22161

Commits

6b3fad0 release: v6.4.2
ca4da5d fix: avoid path traversal with optimize deps sourcemap handler (#22161)
fe28e47 fix: apply server.fs check to env transport (#22159) (#22163)
5487f4f release: v6.4.1
1114b5d fix(dev): trim trailing slash before server.fs.deny check (#20968) (#20969)
f12697c release: v6.4.0
ca6455e feat: allow passing down resolved config to vite's createServer (#20932)
0e173d8 release: v6.3.7
c59a222 fix(esbuild): inject esbuild helpers correctly for esbuild 0.25.9+ (#20940)
3f337c5 release: v6.3.6
Additional commits viewable in compare view

Updates vite from 8.0.3 to 8.0.8

Release notes

Sourced from vite's releases.

v6.4.2

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

6.4.2 (2026-04-06)

fix: apply server.fs check to env transport (#22159) (#22163) (fe28e47), closes #22159 #22163

fix: avoid path traversal with optimize deps sourcemap handler (#22161) (ca4da5d), closes #22161

Commits

6b3fad0 release: v6.4.2
ca4da5d fix: avoid path traversal with optimize deps sourcemap handler (#22161)
fe28e47 fix: apply server.fs check to env transport (#22159) (#22163)
5487f4f release: v6.4.1
1114b5d fix(dev): trim trailing slash before server.fs.deny check (#20968) (#20969)
f12697c release: v6.4.0
ca6455e feat: allow passing down resolved config to vite's createServer (#20932)
0e173d8 release: v6.3.7
c59a222 fix(esbuild): inject esbuild helpers correctly for esbuild 0.25.9+ (#20940)
3f337c5 release: v6.3.6
Additional commits viewable in compare view

Bumps and [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite). These dependencies needed to be updated together. Updates `vite` from 6.4.1 to 6.4.2 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v6.4.2/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v6.4.2/packages/vite) Updates `vite` from 8.0.3 to 8.0.8 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v6.4.2/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v6.4.2/packages/vite) --- updated-dependencies: - dependency-name: vite dependency-version: 6.4.2 dependency-type: indirect - dependency-name: vite dependency-version: 8.0.8 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Apr 12, 2026

dependabot Bot force-pushed the dependabot/npm_and_yarn/multi-d110154fb2 branch from b10ea8a to 2e9091e Compare April 19, 2026 13:27

dependabot Bot force-pushed the dependabot/npm_and_yarn/multi-d110154fb2 branch from 2e9091e to 9b16c19 Compare April 19, 2026 14:04

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump vite#3

Bump vite#3
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/multi-d110154fb2

dependabot Bot commented on behalf of github Apr 12, 2026 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github Apr 12, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v6.4.2

6.4.2 (2026-04-06)

v6.4.2

6.4.2 (2026-04-06)

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

dependabot Bot commented on behalf of github Apr 12, 2026 •

edited

Loading