feat(deps): upgrade upstream dependencies#842
Conversation
✅ Deploy Preview for viteplus-preview canceled.
|
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: edd85d3ad5
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| "@oxc-node/cli": "catalog:", | ||
| "@oxc-node/core": "catalog:", | ||
| "@vitejs/devtools": "^0.0.0-alpha.34", | ||
| "@vitejs/devtools": "^0.1.0", |
There was a problem hiding this comment.
Bumping @vitejs/devtools to ^0.1.0 here leaves packages/core/package.json’s peerDependencies entry pinned to ^0.0.0-alpha.31, which does not include 0.1.x; consumers that install this package alongside @vitejs/devtools@0.1.x will see an unsatisfied peer (and installs can fail under strict peer-dependency settings). The peer range should be widened to include the newly adopted major/minor line.
Useful? React with 👍 / 👎.
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
| "@oxc-node/cli": "catalog:", | ||
| "@oxc-node/core": "catalog:", | ||
| "@vitejs/devtools": "^0.0.0-alpha.34", | ||
| "@vitejs/devtools": "^0.1.0", |
There was a problem hiding this comment.
Peer dependency range not updated with devDependency upgrade
Medium Severity
The devDependencies entry for @vitejs/devtools was upgraded to ^0.1.0, but the peerDependencies entry on line 131 still declares ^0.0.0-alpha.31. In semver, ^0.0.0-alpha.31 resolves to >=0.0.0-alpha.31 <0.0.1, so 0.1.0 falls outside this range. This means the installed dev version doesn't satisfy the package's own peer dependency contract, and downstream consumers installing @vitejs/devtools@0.1.0 will receive peer dependency warnings or errors.
Additional Locations (1)
1 participant
Automated daily upgrade of upstream dependencies:
Build status: success
Note
Low Risk
Low risk dependency-only update; main impact is potential dev/build tooling behavior changes from the
@vitejs/devtoolsupgrade and its updated transitive packages.Overview
Upgrades
@vitejs/devtoolsinpackages/corefrom an alpha release to^0.1.0.Updates
pnpm-lock.yamlaccordingly, pulling in the0.1.0versions of@vitejs/devtools-*packages and bumping@rolldown/debugto1.0.0-rc.9via the new dependency graph.Written by Cursor Bugbot for commit edd85d3. This will update automatically on new commits. Configure here.