Bump the npm_and_yarn group across 1 directory with 3 updates by dependabot[bot] · Pull Request #295 · jkingsman/Remote-Terminal-for-MeshCore

dependabot · 2026-06-18T00:53:52Z

Bumps the npm_and_yarn group with 3 updates in the /frontend directory: vite, form-data and js-yaml.

Updates vite from 6.4.2 to 8.1.0

Release notes

create-vite@8.1.0

Please refer to CHANGELOG.md for details.

plugin-legacy@8.1.0

Please refer to CHANGELOG.md for details.

v8.1.0

Please refer to CHANGELOG.md for details.

plugin-legacy@8.1.0-beta.0

Please refer to CHANGELOG.md for details.

v8.1.0-beta.0

Please refer to CHANGELOG.md for details.

v8.0.16

Please refer to CHANGELOG.md for details.

v8.0.15

Please refer to CHANGELOG.md for details.

v8.0.14

Please refer to CHANGELOG.md for details.

v8.0.13

Please refer to CHANGELOG.md for details.

v8.0.12

Please refer to CHANGELOG.md for details.

v8.0.11

Please refer to CHANGELOG.md for details.

v8.0.10

Please refer to CHANGELOG.md for details.

v8.0.9

Please refer to CHANGELOG.md for details.

v8.0.8

Please refer to CHANGELOG.md for details.

v8.0.7

Please refer to CHANGELOG.md for details.

v8.0.6

Please refer to CHANGELOG.md for details.

v8.0.5

Please refer to CHANGELOG.md for details.

... (truncated)

Changelog

Sourced from vite's changelog.

8.1.0 (2026-06-23)

Features

extend server.fs.deny list with common files (#22707) (61ba8fd)

update rolldown to 1.1.2 (#22695) (4f008a6)

use ~ for Rolldown (#22693) (9928722)

Bug Fixes

bundled-dev: errors should be kept when incremental build fails (#22617) (9a0dd48)

cache falsy values in perEnvironmentState (#22715) (0e91e79)

glob: respect caseSensitive option in hmr matcher (#22711) (65f525e)

html: omit nonce on import map when cspNonce is unset (#22713) (8340bb5)

optimizer: skip null-valued exports in expandGlobIds glob resolution (#22611) (8b9f5cd)

resolved build options should be kept as a getter (#22691) (3527191)

server: handle malformed URI in memory files middleware (#22714) (df9e0a5)

use literal envPrefix queries for Vite Task (#22706) (da72733)

warn on deprecated envFile (#22555) (ed7b283)

Code Refactoring

client: inline dev-id value in CSS selector (#22736) (57f59bc)

remove unused removeRawQuery util (#22724) (403cc60)

use rolldownOptions property for chunkImportMap (#22692) (8e8816c)

8.1.0-beta.0 (2026-06-15)

Features

import.meta.glob support caseSensitive option (#21707) (2ad6737)

add warning to discourage Vite with yarn pnp (#21906) (3fbb55a)

build: chunk importmap (#21580) (e180312)

css: support lightningcss plugin dependency (#21748) (0b7aaed)

deps: bump @vitejs/devtools peer dependency version (#22542) (d2c2bc0)

html: add html.additionalAssetSources option (#21412) (a41404b)

integrate with Vite Task for zero-config build caching (#22453) (f8d75f7)

rename server.hmr options to server.ws options (#21357) (9ce3036)

server: support multiple hosts in __VITE_ADDITIONAL_SERVER_ALLOWED_HOSTS (#21501) (735f9a1)

track dependencies when loading config with native (#22602) (a7e2da8)

types: add more precise typing for known query types to match known as types (#21863) (cc39e55)

update rolldown to 1.1.1 (#22593) (8a13d63)

wasm: direct .wasm imports (WASM ESM Integration) (#21779) (c23d85b)

Bug Fixes

apply correct fs restrictions for pnpm gvs (#22415) (092320b)

css: support external CSS with lightningcss (#18389) (d64a1a5)

deps: update all non-major dependencies (#22637) (44bb9d9)

deps: update all non-major dependencies (#22681) (f4f0633)

html: insert import map before modulepreload that is not self-close tag (#21409) (e399c89)

optimizer: preserve sourcemaps for transformed optimized deps with follow-up transforms (#22428) (1298951)

... (truncated)

Commits

5909efd fix: allow multiple bindCLIShortcuts calls with shortcut merging (#21103)
39a0a15 chore(deps): update rolldown-related dependencies (#21095)
6a34ac3 fix(deps): update all non-major dependencies (#21096)
02ceaec chore(deps): update dependency @rollup/plugin-commonjs to v29 (#21099)
572aaca release: v7.2.2
728c8ee fix: revert "refactor: use fs.cpSync (#21019)" (#21081)
a532e68 release: v7.2.1
82d2d6c fix(worker): some worker asset was missing (#21074)
f83264f refactor(build): rename indexOfMatchInSlice to findPreloadMarker (#21054)
8293de0 release: v7.2.0
Additional commits viewable in compare view

Updates form-data from 4.0.5 to 4.0.6

Changelog

Sourced from form-data's changelog.

v4.0.6 - 2026-06-12

Commits

[Fix] escape CR, LF, and " in field names and filenames 8dff42c

[Dev Deps] update @ljharb/eslint-config, auto-changelog, tape f31d21e

[Deps] update hasown, mime-types 92ae0eb

[Dev Deps] update js-randomness-predictor 67b0f65

Commits

64190db v4.0.6
92ae0eb [Deps] update hasown, mime-types
f31d21e [Dev Deps] update @ljharb/eslint-config, auto-changelog, tape
8dff42c [Fix] escape CR, LF, and " in field names and filenames
67b0f65 [Dev Deps] update js-randomness-predictor
See full diff in compare view

Updates js-yaml from 4.1.1 to 4.2.0

Changelog

Sourced from js-yaml's changelog.

[4.2.0] - 2026-06-01

Added

Added docs/safety.md with notes about processing untrusted YAML.

Added maxDepth (100) loader option. Not a problem, but gives a better exception instead of RangeError on stack overflow.

Added maxMergeSeqLength (20) loader option. Not a problem after merge fix, but an additional restriction for safety.

Added sourcemaps to dist/ builds.

Changed

Stop resolving numbers with underscores as numeric scalars, #627.

Switched dev toolchains to Vite / neostandard.

Updated demo.

Reorganized tests.

dist/ files are no longer kept in the repository.

Fixed

Fix parsing of properties on the first implicit block mapping key, #62.

Fix trailing whitespace handling when folding flow scalar lines, #307.

Reject top-level block scalars without content indentation, #280.

Ensure numbers survive round-trip, #737.

Fix test coverage for issue #221.

Fix flow scalar trailing whitespace folding, #307.

Fix digits in YAML named tag handles.

Security

Fix potential DoS via quadratic complexity in merge - deduplicate repeated elements (makes sense for malformed files > 10K).

[3.14.2] - 2025-11-15

Security

Backported v4.1.1 fix to v3

Commits

590dbab 4.2.0 released
f944dc5 Add package.json funding field
f692719 Changelog update
9971a06 Fix digits in YAML named tag handles
464a5b8 Fix flow scalar trailing whitespace folding, close #307
1fda4f7 Tests for #567, #565
031ad07 Stop resolving numbers with underscores as numeric scalars, #627
e46d223 CI config update
9023fee Add lockfile
990e6f4 Docs update
Additional commits viewable in compare view

Bumps the npm_and_yarn group with 3 updates in the /frontend directory: [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite), [form-data](https://github.com/form-data/form-data) and [js-yaml](https://github.com/nodeca/js-yaml). Updates `vite` from 6.4.2 to 8.1.0 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/create-vite@8.1.0/packages/vite) Updates `form-data` from 4.0.5 to 4.0.6 - [Changelog](https://github.com/form-data/form-data/blob/master/CHANGELOG.md) - [Commits](form-data/form-data@v4.0.5...v4.0.6) Updates `js-yaml` from 4.1.1 to 4.2.0 - [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md) - [Commits](nodeca/js-yaml@4.1.1...4.2.0) --- updated-dependencies: - dependency-name: form-data dependency-version: 4.0.6 dependency-type: indirect - dependency-name: js-yaml dependency-version: 4.2.0 dependency-type: indirect - dependency-name: vite dependency-version: 8.0.16 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 18, 2026

dependabot Bot force-pushed the dependabot/npm_and_yarn/frontend/npm_and_yarn-a11d9bf118 branch from b27731f to 8064abf Compare June 21, 2026 05:42

dependabot Bot force-pushed the dependabot/npm_and_yarn/frontend/npm_and_yarn-a11d9bf118 branch from 8064abf to 0fe3211 Compare June 24, 2026 04:37

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the npm_and_yarn group across 1 directory with 3 updates#295

Bump the npm_and_yarn group across 1 directory with 3 updates#295
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/frontend/npm_and_yarn-a11d9bf118

dependabot Bot commented on behalf of github Jun 18, 2026 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github Jun 18, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

create-vite@8.1.0

plugin-legacy@8.1.0

v8.1.0

plugin-legacy@8.1.0-beta.0

v8.1.0-beta.0

v8.0.16

v8.0.15

v8.0.14

v8.0.13

v8.0.12

v8.0.11

v8.0.10

v8.0.9

v8.0.8

v8.0.7

v8.0.6

v8.0.5

8.1.0 (2026-06-23)

Features

Bug Fixes

Code Refactoring

8.1.0-beta.0 (2026-06-15)

Features

Bug Fixes

v4.0.6 - 2026-06-12

Commits

[4.2.0] - 2026-06-01

Added

Changed

Fixed

Security

[3.14.2] - 2025-11-15

Security

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

dependabot Bot commented on behalf of github Jun 18, 2026 •

edited

Loading