Skip to content

build(deps-dev): bump vitest from 3.2.4 to 4.1.0 in /peek#2476

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/peek/vitest-4.1.0
Open

build(deps-dev): bump vitest from 3.2.4 to 4.1.0 in /peek#2476
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/peek/vitest-4.1.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Mar 15, 2026

Bumps vitest from 3.2.4 to 4.1.0.

Release notes

Sourced from vitest's releases.

v4.1.0

Vitest 4.1 is out!

This release page lists all changes made to the project during the 4.1 beta. To get a review of all the new features, read our blog post.

   🚀 Features

... (truncated)

Commits
  • 4150b91 chore: release v4.1.0
  • 1de0aa2 fix: correctly identify concurrent test during static analysis (#9846)
  • c3cac1c fix: use isAgent check, not just TTY, for watch mode (#9841)
  • eab68ba chore(deps): update all non-major dependencies (#9824)
  • 031f02a fix: allow catch/finally for async assertion (#9827)
  • 3e9e096 feat(reporters): add agent reporter to reduce ai agent token usage (#9779)
  • 0c2c013 chore: release v4.1.0-beta.6
  • 8181e06 fix: hideSkippedTests should not hide test.todo (fix #9562) (#9781)
  • a8216b0 fix: manual and redirect mock shouldn't load or transform original module...
  • 689a22a fix(browser): types of getCDPSession and cdp() (#9716)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for vitest since your current version.


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
build(deps-dev): bump vitest from 3.2.4 to 4.1.0 in /peek
e9eccb1 
Bumps [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) from 3.2.4 to 4.1.0.
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.0/packages/vitest)

---
updated-dependencies:
- dependency-name: vitest
  dependency-version: 4.1.0
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Mar 15, 2026
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Mar 15, 2026
edited
Loading

🤖 AI Assistant 🤖

6 Enabled Automations • 1 Disabled Automations

Enabled automations

  • Investigate CI Failures
  • Run an extra, in-depth, PR Review
  • Auto-label pull requests
  • Address review feedback
  • Address merge conflicts
  • Enable PR Preview deployment

Disabled automations

  • Keep the body of the PR updated
Troubleshooting

This control panel only adds or removes labels on the PR.
It does not directly start workflows.
If you toggle an option, related automation may not run until its next normal trigger event.

  • Re-sync control panel from labels

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Mar 15, 2026

❌ UI Smoke Test Review — e9eccb1

🎭 Smoke Test Results

⚠️ Could not parse smoke test results. Check the workflow run for details.

📸 Screenshot Preflight

⚠️ Could not parse preflight diagnostics. Check the workflow run for details.

💡 Recommendations

  • 🔧 Smoke test results were unavailable or invalid — rerun this workflow and verify peek/smoke-results.json is generated.
  • 🔧 Investigate console or page errors reported by the screenshot preflight.

📎 Full diagnostics and screenshots: workflow run

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Mar 15, 2026

Dependency Update Analysis

Summary: This PR updates vitest from 3.2.4 to 4.1.0 (npm devDependency), but the lockfile/package manifest still pins @vitest/coverage-v8 to 3.2.4 with a strict vitest@3.2.4 peer, causing npm ci to fail. Current risk: high (merge-blocking).

vitest 3.2.44.1.0

Ecosystem: npm / Node

Check Result
Breaking changes ⚠️ Found (major bump includes Vitest 4.0 breaking changes)
Testable in PR ✅ Yes (CI runs on pull_request)
Changelog highlights (v3.2.4 → v4.1.0)
  • v4.0.0 introduces a dedicated Breaking Changes section (major upgrade), including removals/deprecations and behavioral changes.
  • Notable items relevant to tooling/config include removal of Vite 5 support, migration from vite-node to module runner internals, and multiple deprecated API removals.
  • v4.1.0 adds features and fixes, but does not remove the major-version migration risk introduced in 4.0.

Release sources reviewed:

  • vitest-dev/vitest release tags: v4.0.0, v4.1.0, and baseline v3.2.4.
Usage in this repository
  • Manifest update in this PR:
    • peek/package.json (devDependencies): vitest ^3.2.4^4.1.0
  • Vitest config and setup files:
    • peek/vitest.config.ts
    • peek/vitest.integration.config.ts
    • peek/vitest.setup.ts
  • Test scripts using Vitest CLI:
    • peek/package.json lines for test:unit, test:coverage, test:integration
  • CI usage:
    • .github/workflows/ci.yml runs on pull_request and push
    • pull_request: make test-unit ...
    • push: make test-unit-coverage

There are extensive direct imports from "vitest" across unit/component tests under peek/tests/**.

Compatibility assessment

Verified incompatibility in current PR state:

  • peek/package.json still has @vitest/coverage-v8: "^3.2.4" while vitest is ^4.1.0.
  • peek/package-lock.json shows node_modules/@vitest/coverage-v8`` peer dependency:
    • "vitest": "3.2.4" (strict peer)
  • Local validation command failed:
    • cd peek && npm ci --no-audit --no-fund
    • Error: ERESOLVE ... peer vitest@"3.2.4" from @vitest/coverage-v8@3.2.4

Because ci.yml installs dependencies with npm ci on PRs, this should be caught immediately in PR checks.

Recommendation: bump @vitest/coverage-v8 to a Vitest 4-compatible version in the same PR (or revert vitest to 3.2.4).

Labels Applied

No labels applied (no configured classification labels were provided in this workflow run).

What is this? | From workflow: Dependency Review

Give us feedback! React with 🚀 if perfect, 👍 if helpful, 👎 if not.

@github-actions github-actions Bot mentioned this pull request Mar 15, 2026
Open
@github-actions github-actions Bot added the no-update-pr-body Disable Update PR Body workflow label Mar 23, 2026
@github-actions github-actions Bot mentioned this pull request Apr 5, 2026
Closed
4 tasks
@github-actions github-actions Bot mentioned this pull request Apr 20, 2026
Open
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code no-update-pr-body Disable Update PR Body workflow

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants