deps(npm): bump vitest from 4.1.1 to 4.1.6 in /crates/neuroncite-web/frontend#54
Closed
dependabot[bot] wants to merge 1 commit into
Closed
Conversation
Bumps [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) from 4.1.1 to 4.1.6. - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.6/packages/vitest) --- updated-dependencies: - dependency-name: vitest dependency-version: 4.1.6 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Author
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
4 tasks
FF-TEC
added a commit
that referenced
this pull request
May 13, 2026
* chore(release): v0.1.2 dependency bulk update Workspace dependency bulk update for the v0.1.2 release. Security: - rustls-webpki 0.103.10 -> 0.103.13 fixes RUSTSEC-2026-0098, -0099, and -0104 (name-constraint bypass and CRL-parsing panic) Workspace Cargo bumps: - sha2 0.10 -> 0.11 (Output type now hybrid-array; manual hex format in neuroncite-html/fetch.rs and neuroncite-store/index/hnsw.rs) - tokio 1.43 -> 1.52 - clap 4.5 -> 4.6 - pdfium-render 0.8 -> 0.9 (PdfPageIndex is now i32; all pages().get() call sites adapted with .into(); Bitmap::as_image() now returns Result and is unwrapped via map_err in neuroncite-pdf/ocr.rs) - arc-swap, libc, proptest, semver, unicode-segmentation, uuid bumped to latest via cargo update Frontend npm bumps: - @typescript-eslint/eslint-plugin 8.57.1 -> 8.59.3 - @typescript-eslint/parser 8.57.1 -> 8.59.3 - jsdom 29.0.0 -> 29.1.1 - typescript 6.0.0 -> 6.0.3 - vite 8.0.0 -> 8.0.12 - vite-plugin-solid 2.11.11 -> 2.11.12 - vitest 4.1.0 -> 4.1.6 - eslint, eslint-plugin-jsx-a11y, eslint-plugin-solid, solid-js bumped to latest patch/minor via npm update Docker base: - node 25-bookworm -> 26-bookworm - rust 1.94-bookworm -> 1.95-bookworm GitHub Actions: - softprops/action-gh-release v2 -> v3 (Node 20 -> 24 runtime, input schema unchanged) CI audit ignores extended: - RUSTSEC-2026-0097: rand unsound with custom logger via hnsw_rs, lopdf, uuid (no upstream fix available) - RUSTSEC-2026-0105: core2 unmaintained and yanked, transitive via image -> ravif -> rav1e -> bitstream-io (no alternative dependency path) CI and pre-commit test execution: - All cargo test invocations now run with --test-threads=1. pdfium-render 0.9 loads pdfium per test; concurrent LoadLibrary/FreeLibrary aborts on Windows and is intermittent on Linux. Tests run serially. Format fix in neuroncite-html/src/ssrf.rs:65 from the SSRF redirect- validation change applied via cargo fmt. Generated test catalog (docs/tests_generated.tex) regenerated by the pre-commit hook to reflect the test suite after the dependency update. Closes #18, #19, #21, #22, #24, #25, #26, #29, #34, #37, #38, #41, #43, #44, #51, #53, #54, #55, #56, #57. * fix(release): bump NODE_VERSION env to 26 for frontend build Aligns the release workflow's Node.js version with the Docker base image (node:26-bookworm) bumped in the v0.1.2 dependency update. * fix(clippy): resolve Rust 1.95 lints Rust 1.95 introduced new clippy lints that flag the following: - useless_conversion in tokenize.rs and handlers/search.rs: redundant .into_iter() inside Iterator::zip - collapsible_match in agent.rs: 'if stack.last() == Some(&c)' patterns inside outer match collapsed into match guards - unnecessary_sort_by in handlers/browse.rs: sort_by with a pure projection rewritten as sort_by_key --------- Co-authored-by: Felix Fritz <[email protected]>
Owner
Author
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
dependabot
Bot
deleted the
dependabot/npm_and_yarn/crates/neuroncite-web/frontend/vitest-4.1.6
branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Rebasing might not happen immediately, so don't worry if this takes some time.
Note: if you make any changes to this PR yourself, they will take precedence over the rebase.
Bumps vitest from 4.1.1 to 4.1.6.
Release notes
Sourced from vitest's releases.
... (truncated)
Commits
a8fd24cchore: release v4.1.618af98cfix(browser): simplify orchestrator otel carrier (#10285)3188260feat(browser): provide project reference inToMatchScreenshotResolvePath(#...e399846chore: release v4.1.57dc6d54Revert "fix: respect diff config options in soft assertions (#8696)"9787dedfix: respect diff config options in soft assertions (#8696)325463afix(ast-collect): recognize _vi_import prefix in static test discovery (#10...0e0ff41feat(coverage): istanbul to supportinstrumenteroption (#10119)663b99ffix: aliasagentreporter tominimal(#10157)122c25bfix: fixvi.defineHelpercalled as object method (#10163)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)