-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore: bump the npm_and_yarn group across 1 directory with 2 updates #15
base: main
Are you sure you want to change the base?
chore: bump the npm_and_yarn group across 1 directory with 2 updates #15
Conversation
Bumps the npm_and_yarn group with 2 updates in the /site directory: [axios](https://github.com/axios/axios) and [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite). Updates `axios` from 1.7.2 to 1.7.4 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v1.7.2...v1.7.4) Updates `vite` from 5.3.3 to 5.3.6 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v5.3.6/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v5.3.6/packages/vite) --- updated-dependencies: - dependency-name: axios dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: vite dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
By default, I don't review pull requests opened by bots. If you would like me to review this pull request anyway, you can request a review via the |
Important Review skippedBot user detected. To trigger a single review, invoke the You can disable this status message by setting the 🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
CodeRabbit Configuration File (
|
New and removed dependencies detected. Learn more about Socket for GitHub ↗︎
🚮 Removed packages: npm/axios@1.7.2 |
Bumps the npm_and_yarn group with 2 updates in the /site directory: axios and vite.
Updates
axios
from 1.7.2 to 1.7.4Release notes
Sourced from axios's releases.
Changelog
Sourced from axios's changelog.
Commits
abd24a7
chore(release): v1.7.4 (#6544)6b6b605
fix(sec): CVE-2024-39338 (#6539) (#6543)07a661a
fix(sec): disregard protocol-relative URL to remediate SSRF (#6539)c6cce43
chore(release): v1.7.3 (#6521)e3c76fc
fix(adapter): fix progress event emitting; (#6518)85d4d0e
fix(fetch): fix withCredentials request config (#6505)92cd8ed
chore(github): update ISSUE_TEMPLATE.md (#6519)8966ee7
fix(xhr): return original config on errors from XHR adapter (#6515)Updates
vite
from 5.3.3 to 5.3.6Changelog
Sourced from vite's changelog.
Commits
f469ceb
release: v5.3.62691bb3
fix: avoid DOM Clobbering gadget ingetRelativeUrlFromDocument
(#18115)4573a6f
fix: fs raw query (#18112)4407839
release: v5.3.566bdb1d
refactor(asset): remove rollup 3 public file watch workaround (#16331)b240a83
fix(build): env output is not stable (#17748)b58b423
fix(importMetaGlob): handle alias that starts with hash (#17743)d906d3f
fix(css): resolve url aliases with fragments (fix: #17690) (#17691)3c1bde3
fix(client): fix vite error path (#17744)9983731
chore(deps): update all non-major dependencies (#17734)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major version
will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor version
will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>
will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>
will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>
will remove the ignore condition of the specified dependency and ignore conditionsYou can disable automated security fix PRs for this repo from the Security Alerts page.