Bump the npm_and_yarn group across 3 directories with 3 updates by dependabot[bot] · Pull Request #202 · oss-slu/core_desk

dependabot · 2026-04-17T00:28:08Z

Bumps the npm_and_yarn group with 1 update in the / directory: follow-redirects.
Bumps the npm_and_yarn group with 1 update in the /app directory: vite.
Bumps the npm_and_yarn group with 1 update in the /microservices/stl-renderer directory: basic-ftp.

Updates follow-redirects from 1.15.11 to 1.16.0

Commits

0c23a22 Release version 1.16.0 of the npm package.
844c4d3 Add sensitiveHeaders option.
5e8b8d0 ci: add Node.js 24.x to the CI matrix
7953e22 ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6
86dc1f8 Sanitizing input.
See full diff in compare view

Updates vite from 5.4.20 to 6.4.2

Release notes

Sourced from vite's releases.

v6.4.2

Please refer to CHANGELOG.md for details.

v6.4.1

Please refer to CHANGELOG.md for details.

v6.4.0

Please refer to CHANGELOG.md for details.

v6.3.7

Please refer to CHANGELOG.md for details.

v6.3.6

Please refer to CHANGELOG.md for details.

v5.4.21

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

6.4.2 (2026-04-06)

fix: apply server.fs check to env transport (#22159) (#22163) (fe28e47), closes #22159 #22163

fix: avoid path traversal with optimize deps sourcemap handler (#22161) (ca4da5d), closes #22161

6.4.1 (2025-10-20)

fix(dev): trim trailing slash before server.fs.deny check (#20968) (#20969) (1114b5d), closes #20968 #20969

6.4.0 (2025-10-15)

feat: allow passing down resolved config to vite's createServer (#20932) (ca6455e), closes #20932

6.3.7 (2025-10-14)

fix(esbuild): inject esbuild helpers correctly for esbuild 0.25.9+ (#20940) (c59a222), closes #20940

6.3.6 (2025-09-08)

fix: apply fs.strict check to HTML files (#20736) (0ab19ea), closes #20736

fix: upgrade sirv to 3.0.2 (#20735) (e11d240), closes #20735

test: detect ts support via process.features (#20544) (7d99229), closes #20544

6.3.5 (2025-05-05)

fix(ssr): handle uninitialized export access as undefined (#19959) (fd38d07), closes #19959

6.3.4 (2025-04-30)

fix: check static serve file inside sirv (#19965) (c22c43d), closes #19965

fix(optimizer): return plain object when using require to import externals in optimized dependenci (efc5eab), closes #19940

refactor: remove duplicate plugin context type (#19935) (d6d01c2), closes #19935

6.3.3 (2025-04-24)

fix: ignore malformed uris in tranform middleware (#19853) (e4d5201), closes #19853

... (truncated)

Commits

6b3fad0 release: v6.4.2
ca4da5d fix: avoid path traversal with optimize deps sourcemap handler (#22161)
fe28e47 fix: apply server.fs check to env transport (#22159) (#22163)
5487f4f release: v6.4.1
1114b5d fix(dev): trim trailing slash before server.fs.deny check (#20968) (#20969)
f12697c release: v6.4.0
ca6455e feat: allow passing down resolved config to vite's createServer (#20932)
0e173d8 release: v6.3.7
c59a222 fix(esbuild): inject esbuild helpers correctly for esbuild 0.25.9+ (#20940)
3f337c5 release: v6.3.6
Additional commits viewable in compare view

Updates basic-ftp from 5.2.2 to 5.3.0

Release notes

Sourced from basic-ftp's releases.

5.3.0

Changed: Introduced an upper bound for total bytes of directory listing, fixes GHSA-rp42-5vxx-qpwr.

Added: Option to increase the upper bound for total bytes of directory listing in Client constructor.

Changelog

Sourced from basic-ftp's changelog.

5.3.0

Changed: Introduced an upper bound for total bytes of directory listing, fixes GHSA-rp42-5vxx-qpwr.

Added: Option to increase the upper bound for total bytes of directory listing in Client constructor.

Commits

c9378a8 Fix test
22abe43 Update Github Actions
0feaaec Fix test
6629d7d Improve error message
9c3bf4f Set higher default value for max size of directory listing
acd3942 Bump version
1304429 Offer maxListingBytes as an option
5cb5367 Add bounded StringWriter
07e9fc5 Update dev dependencies
See full diff in compare view

github-actions · 2026-04-17T00:28:30Z

E2E Tests: Failed

Workflow run: #195
Cypress videos artifact: (none uploaded)
E2E stdout artifact: (none uploaded)

Failure summary

npm ci failed.
PostgreSQL client installation failed.
E2E test step was skipped because an earlier step failed.

Failure stdout (tail)

No stdout log found at e2e/cypress/e2e-stdout.log

Bumps the npm_and_yarn group with 1 update in the / directory: [follow-redirects](https://github.com/follow-redirects/follow-redirects). Bumps the npm_and_yarn group with 1 update in the /app directory: [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite). Bumps the npm_and_yarn group with 1 update in the /microservices/stl-renderer directory: [basic-ftp](https://github.com/patrickjuchli/basic-ftp). Updates `follow-redirects` from 1.15.11 to 1.16.0 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.15.11...v1.16.0) Updates `vite` from 5.4.20 to 6.4.2 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v6.4.2/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v6.4.2/packages/vite) Updates `basic-ftp` from 5.2.2 to 5.3.0 - [Release notes](https://github.com/patrickjuchli/basic-ftp/releases) - [Changelog](https://github.com/patrickjuchli/basic-ftp/blob/master/CHANGELOG.md) - [Commits](patrickjuchli/basic-ftp@v5.2.2...v5.3.0) --- updated-dependencies: - dependency-name: basic-ftp dependency-version: 5.3.0 dependency-type: indirect - dependency-name: follow-redirects dependency-version: 1.16.0 dependency-type: indirect - dependency-name: vite dependency-version: 6.4.2 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Apr 17, 2026

dependabot Bot mentioned this pull request Apr 17, 2026

Bump the npm_and_yarn group across 2 directories with 2 updates #201

Closed

dependabot Bot force-pushed the dependabot/npm_and_yarn/npm_and_yarn-0bfc7ba60b branch 3 times, most recently from 0c29305 to 8206f48 Compare April 27, 2026 21:23

dependabot Bot force-pushed the dependabot/npm_and_yarn/npm_and_yarn-0bfc7ba60b branch from 8206f48 to cf3b866 Compare April 27, 2026 21:35

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the npm_and_yarn group across 3 directories with 3 updates#202

Bump the npm_and_yarn group across 3 directories with 3 updates#202
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm_and_yarn-0bfc7ba60b

dependabot Bot commented on behalf of github Apr 17, 2026 •

edited

Loading

Uh oh!

github-actions Bot commented Apr 17, 2026 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github Apr 17, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v6.4.2

v6.4.1

v6.4.0

v6.3.7

v6.3.6

v5.4.21

6.4.2 (2026-04-06)

6.4.1 (2025-10-20)

6.4.0 (2025-10-15)

6.3.7 (2025-10-14)

6.3.6 (2025-09-08)

6.3.5 (2025-05-05)

6.3.4 (2025-04-30)

6.3.3 (2025-04-24)

5.3.0

5.3.0

Uh oh!

github-actions Bot commented Apr 17, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

E2E Tests: Failed

Failure summary

Failure stdout (tail)

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

dependabot Bot commented on behalf of github Apr 17, 2026 •

edited

Loading

github-actions Bot commented Apr 17, 2026 •

edited

Loading