chore(deps): bump rollup and vite

[dependabot]

Bumps rollup to 2.79.2 and updates ancestor dependency vite. These dependencies need to be updated together.

Updates rollup from 2.79.1 to 2.79.2

Changelog

Sourced from rollup's changelog.

rollup changelog

4.23.0

2024-10-01

Features

• Collect all emitted names and originalFileNames for assets (#5686)

Pull Requests

• #5686: Add names and originalFileNames to assets (@​lukastaegert)

4.22.5

2024-09-27

Bug Fixes

• Allow parsing of certain unicode characters again (#5674)

Pull Requests

• #5674: Fix panic with unicode characters (@​sapphi-red, @​lukastaegert)
• #5675: chore(deps): update dependency rollup to v4.22.4 [security] (@​renovate[bot])
• #5680: chore(deps): update dependency @​rollup/plugin-commonjs to v28 (@​renovate[bot], @​lukastaegert)
• #5681: chore(deps): update dependency @​rollup/plugin-replace to v6 (@​renovate[bot])
• #5682: chore(deps): update dependency @​rollup/plugin-typescript to v12 (@​renovate[bot])
• #5684: chore(deps): lock file maintenance minor/patch updates (@​renovate[bot])

4.22.4

2024-09-21

Bug Fixes

• Fix a vulnerability in generated code that affects IIFE, UMD and CJS bundles when run in a browser context (#5671)

Pull Requests

• #5670: refactor: Use object.prototype to check for reserved properties (@​YuHyeonWook)
• #5671: Fix DOM Clobbering CVE (@​lukastaegert)

4.22.3

2024-09-21

Bug Fixes

... (truncated)

Commits

• c9bd03d 2.79.2
• 48aef33 fix: resolve DOM Clobbering CVE-2024-43788 (backport to v2) (#5677)
• See full diff in compare view

Updates vite from 2.9.18 to 5.4.8

Release notes

Sourced from vite's releases.

[email protected]

Please refer to CHANGELOG.md for details.

[email protected]

Please refer to CHANGELOG.md for details.

[email protected]

Please refer to CHANGELOG.md for details.

[email protected]

Please refer to CHANGELOG.md for details.

[email protected]

Please refer to CHANGELOG.md for details.

[email protected]

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

5.4.8 (2024-09-25)

• fix(css): backport #18113, fix missing source file warning with sass modern api custom importer (#18 (7d47fc1), closes #18183
• fix(css): backport #18128, ensure sass compiler initialized only once (#18184) (8464d97), closes #18128 #18184

5.4.7 (2024-09-20)

• fix: treat config file as ESM in Deno (#18158) (b5908a2), closes #18158

5.4.6 (2024-09-16)

• fix: avoid DOM Clobbering gadget in getRelativeUrlFromDocument (#18115) (179b177), closes #18115
• fix: fs raw query (#18112) (6820bb3), closes #18112

5.4.5 (2024-09-13)

• fix(preload): backport #18098, throw error preloading module as well (#18099) (faa2405), closes #18098 #18099

5.4.4 (2024-09-11)

• fix: backport #17997, ensure req.url matches moduleByEtag URL to avoid incorrect 304 (#18078) (74a79c5), closes #17997 #18078
• fix: backport #18063, allow scanning exports from script module in svelte (#18077) (d90ba40), closes #18063 #18077
• fix(preload): backport #18046, allow ignoring dep errors (#18076) (8760293), closes #18046 #18076

5.4.3 (2024-09-03)

• fix: allow getting URL of JS files in publicDir (#17915) (943ece1), closes #17915
• fix: cjs warning respect the logLevel flag (#17993) (dc3c14f), closes #17993
• fix: improve CJS warning trace information (#17926) (5c5f82c), closes #17926
• fix: only remove entry assets handled by Vite core (#17916) (ebfaa7e), closes #17916
• fix: waitForRequestIdle locked (#17982) (ad13760), closes #17982
• fix(css): fix directory index import in sass modern api (#17960) (9b001ba), closes #17960
• fix(css): fix sass file:// reference (#17909) (561b940), closes #17909
• fix(css): fix sass modern source map (#17938) (d428e7e), closes #17938
• fix(deps): bump tsconfck (#17990) (8c661b2), closes #17990
• fix(html): rewrite assets url in <template> (#17988) (413c86a), closes #17988
• fix(preload): add crossorigin attribute in CSS link tags (#17930) (15871c7), closes #17930
• chore: reduce diffs with v6 branch (#17942) (bf9065a), closes #17942
• chore(deps): update all non-major dependencies (#17945) (cfb621e), closes #17945
• chore(deps): update all non-major dependencies (#17991) (0ca53cf), closes #17991

... (truncated)

Commits

• 0474550 release: v5.4.8
• 8464d97 fix(css): backport #18128, ensure sass compiler initialized only once (#18184)
• 7d47fc1 fix(css): backport #18113, fix missing source file warning with sass modern a...
• a403e73 release: v5.4.7
• b5908a2 fix: treat config file as ESM in Deno (#18158)
• f969176 release: v5.4.6
• 179b177 fix: avoid DOM Clobbering gadget in getRelativeUrlFromDocument (#18115)
• 6820bb3 fix: fs raw query (#18112)
• 37881e7 release: v5.4.5
• faa2405 fix(preload): backport #18098, throw error preloading module as well (#18099)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Updated (UTC)
zinzen	✅ Ready (Inspect)	Visit Preview	Oct 12, 2024 3:03pm

[tijlleenders]

Getting the following error in Vercel:

[17:12:32.315] Cloning github.com/tijlleenders/ZinZen (Branch: dependabot/npm_and_yarn/multi-96e66b30f7, Commit: 3bae6e0)
[17:12:36.163] Running "vercel build"
[17:12:36.563] Vercel CLI 37.6.0
[17:12:37.301] Installing dependencies...
[17:12:39.640] npm notice
[17:12:39.640] npm notice New minor version of npm available! 10.7.0 -> 10.8.3
[17:12:39.641] npm notice Changelog: https://github.com/npm/cli/releases/tag/v10.8.3
[17:12:39.641] npm notice To update run: npm install -g [email protected]
[17:12:39.641] npm notice
[17:12:39.642] npm error code ERESOLVE
[17:12:39.644] npm error ERESOLVE could not resolve
[17:12:39.644] npm error
[17:12:39.645] npm error While resolving: [email protected]
[17:12:39.645] npm error Found: @types/[email protected]
[17:12:39.645] npm error node_modules/@types/node
[17:12:39.645] npm error @types/node@"^17.0.31" from the root project
[17:12:39.646] npm error peer @types/node@"*" from [email protected]
[17:12:39.646] npm error node_modules/ts-node
[17:12:39.646] npm error ts-node@"^10.9.2" from the root project
[17:12:39.646] npm error peerOptional ts-node@">=9.0.0" from [email protected]
[17:12:39.646] npm error node_modules/jest-config
[17:12:39.647] npm error jest-config@"^27.5.1" from @jest/[email protected]
[17:12:39.647] npm error node_modules/@jest/core
[17:12:39.647] npm error @jest/core@"^27.5.1" from [email protected]
[17:12:39.647] npm error node_modules/jest
[17:12:39.647] npm error 1 more (jest-cli)
[17:12:39.647] npm error 1 more (jest-cli)
[17:12:39.647] npm error
[17:12:39.647] npm error Could not resolve dependency:
[17:12:39.653] npm error peerOptional @types/node@"^18.0.0 || >=20.0.0" from [email protected]
[17:12:39.653] npm error node_modules/vite
[17:12:39.653] npm error vite@"^5.4.8" from the root project
[17:12:39.653] npm error
[17:12:39.653] npm error Conflicting peer dependency: @types/[email protected]
[17:12:39.653] npm error node_modules/@types/node
[17:12:39.653] npm error peerOptional @types/node@"^18.0.0 || >=20.0.0" from [email protected]
[17:12:39.653] npm error node_modules/vite
[17:12:39.653] npm error vite@"^5.4.8" from the root project
[17:12:39.653] npm error
[17:12:39.653] npm error Fix the upstream dependency conflict, or retry
[17:12:39.653] npm error this command with --force or --legacy-peer-deps
[17:12:39.653] npm error to accept an incorrect (and potentially broken) dependency resolution.
[17:12:39.653] npm error
[17:12:39.653] npm error
[17:12:39.654] npm error A complete log of this run can be found in: /vercel/.npm/_logs/2024-10-01T15_12_37_554Z-debug-0.log
[17:12:39.661] Error: Command "npm install" exited with 1
[17:12:39.982]

[tijlleenders]

Thanks!