Skip to content

Bump the non-security group across 1 directory with 5 updates#8175

Draft
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/cirq-web/cirq_web/non-security-930f3e5715
Draft

Bump the non-security group across 1 directory with 5 updates#8175
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/cirq-web/cirq_web/non-security-930f3e5715

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown
Contributor

Bumps the non-security group with 4 updates in the /cirq-web/cirq_web directory: @vitest/coverage-v8, three, @types/three and vite.

Updates @vitest/coverage-v8 from 4.1.8 to 4.1.9

Release notes

Sourced from @​vitest/coverage-v8's releases.

v4.1.9

🐞 Bug Fixes

View changes on GitHub
Commits

Updates three from 0.184.0 to 0.185.0

Commits

Updates @types/three from 0.184.1 to 0.185.0

Commits

Updates vite from 8.0.16 to 8.1.2

Release notes

Sourced from vite's releases.

v8.1.2

Please refer to CHANGELOG.md for details.

v8.1.1

Please refer to CHANGELOG.md for details.

create-vite@8.1.0

Please refer to CHANGELOG.md for details.

plugin-legacy@8.1.0

Please refer to CHANGELOG.md for details.

v8.1.0

Please refer to CHANGELOG.md for details.

plugin-legacy@8.1.0-beta.0

Please refer to CHANGELOG.md for details.

v8.1.0-beta.0

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

8.1.2 (2026-06-30)

Bug Fixes

  • deps: revert es-module-lexer to 2.1.0 (#22827) (0d3bd7c)
  • restore, "fix: resolve pnpm .modules.yaml from workspace root instead of cwd (#22757)" (#22825) (efb98cc)
  • revert, "fix: escape ids with multiple null bytes (#22687)" (cccef55)
  • revert, "fix: resolve pnpm .modules.yaml from workspace root instead of cwd (#22757)" (cf97711)

8.1.1 (2026-06-30)

Features

  • update dynamic import warning to link to Vite docs (#22823) (62bd7af)

Bug Fixes

  • bundled-dev: avoid stack overflow on import.meta.hot.invalidate() (#22797) (709eb8e)
  • bundled-dev: serve assets emitted during HMR/lazy compile (#22745) (5876b2c)
  • bundledDev: skip plugin transform hooks for rolldown-lazy stub modules (#22778) (8f925e2)
  • css: preserve dollar signs in external @import urls with lightningcss (#22718) (9fa7ab4)
  • css: resolve tsconfig paths in CSS and Sass @​import (#22775) (ef0b891)
  • deps: update all non-major dependencies (#22734) (e635f49)
  • deps: update all non-major dependencies (#22804) (8837400)
  • deps: update rolldown-related dependencies (#22591) (2ce6677)
  • escape ids with multiple null bytes (#22687) (833fc30)
  • hide console window when running 'net use' on Windows (#22698) (92b63f2)
  • ignore bundled config temp dir (#22800) (043a810)
  • invert esbuild.jsxSideEffects when converting to oxc.jsx.pure (#22809) (33895ba)
  • optimize-deps: ignore ERR_CLOSED_SERVER in scanner (#22784) (085a0ab)
  • optimizer: scanner should resolve input from root (#22769) (9722b07)
  • resolve pnpm .modules.yaml from workspace root instead of cwd (#22757) (2531ac7)
  • return sourcemap field from some plugins that were lacking (#22782) (7e18bf8)
  • server: handle malformed URI in indexHtmlMiddleware (#22781) (84f5ccc)

Miscellaneous Chores

Code Refactoring

  • css: remove lightningcss null byte bug workaround (#22822) (2dafd3b)
  • use pre-defined environments variable to avoid duplicate Object.values calls (#22790) (1113acf)

Tests

  • enable "manual chunk path" test and remove "worker.format error" test (#22824) (c088511)

8.1.0 (2026-06-23)

Features

  • extend server.fs.deny list with common files (#22707) (61ba8fd)

... (truncated)

Commits
  • ba31193 release: v8.1.2
  • 0d3bd7c fix(deps): revert es-module-lexer to 2.1.0 (#22827)
  • efb98cc fix: restore, "fix: resolve pnpm .modules.yaml from workspace root instead of...
  • cf97711 fix: revert, "fix: resolve pnpm .modules.yaml from workspace root instead of ...
  • cccef55 fix: revert, "fix: escape ids with multiple null bytes (#22687)"
  • 4ae9e14 release: v8.1.1
  • 8f925e2 fix(bundledDev): skip plugin transform hooks for rolldown-lazy stub modules (...
  • c088511 test: enable "manual chunk path" test and remove "worker.format error" test (...
  • 62bd7af feat: update dynamic import warning to link to Vite docs (#22823)
  • 2dafd3b refactor(css): remove lightningcss null byte bug workaround (#22822)
  • Additional commits viewable in compare view

Updates vitest from 4.1.8 to 4.1.9

Release notes

Sourced from vitest's releases.

v4.1.9

🐞 Bug Fixes

View changes on GitHub
Commits
  • a7a61e7 chore: release v4.1.9 (#10598)
  • 934b0f5 fix(pool): prevent test run hang on worker crash (#10543) [backport to v4] (#...
  • 7fb2965 fix(browser): wait for orchestrator readiness before resolving browser sessio...
  • a518019 fix: fix importOriginal with optimizer and query import [backport to v4] (#...
  • See full diff in compare view

Most Recent Ignore Conditions Applied to This Pull Request
Dependency Name Ignore Conditions
@types/three [>= 0.178.a, < 0.179]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the non-security group with 4 updates in the /cirq-web/cirq_web directory: [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8), [three](https://github.com/mrdoob/three.js), [@types/three](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/three) and [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite).


Updates `@vitest/coverage-v8` from 4.1.8 to 4.1.9
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.9/packages/coverage-v8)

Updates `three` from 0.184.0 to 0.185.0
- [Release notes](https://github.com/mrdoob/three.js/releases)
- [Commits](https://github.com/mrdoob/three.js/commits)

Updates `@types/three` from 0.184.1 to 0.185.0
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/three)

Updates `vite` from 8.0.16 to 8.1.2
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v8.1.2/packages/vite)

Updates `vitest` from 4.1.8 to 4.1.9
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.9/packages/vitest)

---
updated-dependencies:
- dependency-name: "@vitest/coverage-v8"
  dependency-version: 4.1.9
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: non-security
- dependency-name: three
  dependency-version: 0.185.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: non-security
- dependency-name: "@types/three"
  dependency-version: 0.185.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: non-security
- dependency-name: vite
  dependency-version: 8.1.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: non-security
- dependency-name: vitest
  dependency-version: 4.1.9
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: non-security
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added area/dependencies area/javascript Pull requests that update Javascript code kind/health For CI/testing/release process/refactoring/technical debt items labels Jul 1, 2026
@dependabot dependabot Bot requested a review from a team as a code owner July 1, 2026 06:34
@dependabot dependabot Bot requested a review from senecameeks July 1, 2026 06:34
@dependabot dependabot Bot added kind/health For CI/testing/release process/refactoring/technical debt items area/dependencies area/javascript Pull requests that update Javascript code labels Jul 1, 2026
@github-actions github-actions Bot marked this pull request as draft July 1, 2026 06:34
@github-actions github-actions Bot added status/on-hold dependabot PR to be revisited early next month (remove label when fixed) size: L 250< lines changed <1000 labels Jul 1, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

area/dependencies area/javascript Pull requests that update Javascript code kind/health For CI/testing/release process/refactoring/technical debt items size: L 250< lines changed <1000 status/on-hold dependabot PR to be revisited early next month (remove label when fixed)

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants