build(deps): Bump vite from 7.2.2 to 7.3.2 by dependabot[bot] · Pull Request #127 · flex-development/string-wrap

dependabot · 2026-04-06T20:59:00Z

Bumps vite from 7.2.2 to 7.3.2.

Release notes

v7.3.2

Please refer to CHANGELOG.md for details.

v7.3.1

Please refer to CHANGELOG.md for details.

v7.3.0

Please refer to CHANGELOG.md for details.

v7.2.7

Please refer to CHANGELOG.md for details.

v7.2.6

Please refer to CHANGELOG.md for details.

v7.2.5

Please refer to CHANGELOG.md for details.

Note: 7.2.5 failed to publish so it is skipped on npm

v7.2.4

Please refer to CHANGELOG.md for details.

v7.2.3

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

7.3.2 (2026-04-06)

Bug Fixes

avoid path traversal with optimize deps sourcemap handler (#22161) (09d8c90)

backport #22159, apply server.fs check to env transport (#22162) (19db0f2)

check server.fs after stripping query as well (#22160) (f8103cc)

7.3.1 (2026-01-07)

Features

add ignoreOutdatedRequests option to optimizeDeps (#21364) (9d39d37)

7.3.0 (2025-12-15)

Features

deps: update esbuild from ^0.25.0 to ^0.27.0 (#21183) (cff26ec)

7.2.7 (2025-12-08)

Bug Fixes

plugin shortcut support (#21211) (721f163)

7.2.6 (2025-12-01)

7.2.5 (2025-12-01)

Bug Fixes

config: handle shebang properly (#21158) (df5a30d)

deps: update all non-major dependencies (#21146) (a3cd262)

deps: update all non-major dependencies (#21175) (72e398a)

fix external: true merging (#21164) (5ef557a)

shortcuts not rebound after server restart (#21166) (3765f7b)

Performance Improvements

deps: replace debug with obug (#21137) (203a551)

Documentation

clarify manifest.json imports field is JS chunks only (#21136) (46d3077)

Miscellaneous Chores

deps: update rolldown-related dependencies (#21174) (74559c9)

7.2.4 (2025-11-20)

Bug Fixes

revert "perf(deps): replace debug with obug (#21107)" (2d66b7b)

7.2.3 (2025-11-20)

... (truncated)

Commits

cc383e0 release: v7.3.2
09d8c90 fix: avoid path traversal with optimize deps sourcemap handler (#22161)
f8103cc fix: check server.fs after stripping query as well (#22160)
19db0f2 fix: backport #22159, apply server.fs check to env transport (#22162)
95e8923 release: v7.3.1
9d39d37 feat: add ignoreOutdatedRequests option to optimizeDeps (#21364)
acf7e05 release: v7.3.0
cff26ec feat(deps): update esbuild from ^0.25.0 to ^0.27.0 (#21183)
317b3b2 release: v7.2.7
721f163 fix: plugin shortcut support (#21211)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 7.2.2 to 7.3.2. - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v7.3.2/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v7.3.2/packages/vite) --- updated-dependencies: - dependency-name: vite dependency-version: 7.3.2 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

codecov · 2026-04-06T21:01:04Z

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 100.00%. Comparing base (a5b488e) to head (ef2ae9e).
⚠️ Report is 87 commits behind head on main.
✅ All tests successful. No failed tests found.

Additional details and impacted files

@@            Coverage Diff            @@
##              main      #127   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files           12        12           
  Lines          173       173           
  Branches        41        41           
=========================================
  Hits           173       173

Flag	Coverage Δ
bun-canary	`100.00% <ø> (ø)`
bun-latest	`100.00% <ø> (ø)`
node20	`100.00% <ø> (ø)`
node21	`100.00% <ø> (ø)`
node22	`100.00% <ø> (ø)`
node23	`100.00% <ø> (ø)`
node24	`100.00% <ø> (ø)`

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update cc1e087...ef2ae9e. Read the comment docs.

🚀 New features to boost your workflow:

📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

flex-development

lgtm 👍🏾

dependabot Bot added scope:dependencies dependency updates type:build changes to the build system or external dependencies labels Apr 6, 2026

github-project-automation Bot added this to @flex-development/string-wrap Apr 6, 2026

github-project-automation Bot moved this to 🆕 New in @flex-development/string-wrap Apr 6, 2026

flex-development Bot enabled auto-merge (squash) April 6, 2026 20:59

flex-development Bot approved these changes Apr 6, 2026

View reviewed changes

github-project-automation Bot moved this from 🆕 New to 🤩 Approved in @flex-development/string-wrap Apr 6, 2026

flex-development Bot merged commit 9c9d560 into main Apr 6, 2026
22 checks passed

flex-development Bot deleted the dependabot/npm_and_yarn/vite-7.3.2 branch April 6, 2026 21:01

github-project-automation Bot moved this from 🤩 Approved to ✅ Done in @flex-development/string-wrap Apr 6, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

build(deps): Bump vite from 7.2.2 to 7.3.2#127

build(deps): Bump vite from 7.2.2 to 7.3.2#127
flex-development[bot] merged 1 commit into
mainfrom
dependabot/npm_and_yarn/vite-7.3.2

dependabot Bot commented on behalf of github Apr 6, 2026

Uh oh!

codecov Bot commented Apr 6, 2026 •

edited

Loading

Uh oh!

flex-development Bot left a comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Uh oh!

Conversation

dependabot Bot commented on behalf of github Apr 6, 2026

v7.3.2

v7.3.1

v7.3.0

v7.2.7

v7.2.6

v7.2.5

v7.2.4

v7.2.3

7.3.2 (2026-04-06)

Bug Fixes

7.3.1 (2026-01-07)

Features

7.3.0 (2025-12-15)

Features

7.2.7 (2025-12-08)

Bug Fixes

7.2.6 (2025-12-01)

7.2.5 (2025-12-01)

Bug Fixes

Performance Improvements

Documentation

Miscellaneous Chores

7.2.4 (2025-11-20)

Bug Fixes

7.2.3 (2025-11-20)

Uh oh!

codecov Bot commented Apr 6, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Codecov Report

Uh oh!

flex-development Bot left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

codecov Bot commented Apr 6, 2026 •

edited

Loading