Jayden/AFFiNE-Mirror
1
0
Fork 0
mirror of https://github.com/toeverything/AFFiNE.git synced 2026-02-04 00:28:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore: bump up vite version to v6.3.6 [SECURITY] (#13573)

Browse Source 
This PR contains the following updates:

| Package | Change | Age | Confidence |
|---|---|---|---|
| [vite](https://vite.dev)
([source](https://redirect.github.com/vitejs/vite/tree/HEAD/packages/vite))
| [`6.3.5` ->
`6.3.6`](https://renovatebot.com/diffs/npm/vite/6.3.5/6.3.6) |
[![age](https://developer.mend.io/api/mc/badges/age/npm/vite/6.3.6?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/vite/6.3.5/6.3.6?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

### GitHub Vulnerability Alerts

####
[CVE-2025-58751](https://redirect.github.com/vitejs/vite/security/advisories/GHSA-g4jq-h2w9-997c)

### Summary
Files starting with the same name with the public directory were served
bypassing the `server.fs` settings.

### Impact
Only apps that match the following conditions are affected:

- explicitly exposes the Vite dev server to the network (using --host or
[`server.host` config
option](https://vitejs.dev/config/server-options.html#server-host))
- uses [the public directory
feature](https://vite.dev/guide/assets.html#the-public-directory)
(enabled by default)
- a symlink exists in the public directory

### Details
The
[servePublicMiddleware](9719497ade/packages/vite/src/node/server/middlewares/static.ts (L79))
function is in charge of serving public files from the server. It
returns the
[viteServePublicMiddleware](9719497ade/packages/vite/src/node/server/middlewares/static.ts (L106))
function which runs the needed tests and serves the page. The
viteServePublicMiddleware function [checks if the publicFiles variable
is
defined](9719497ade/packages/vite/src/node/server/middlewares/static.ts (L111)),
and then uses it to determine if the requested page is public. In the
case that the publicFiles is undefined, the code will treat the
requested page as a public page, and go on with the serving function.
[publicFiles may be undefined if there is a symbolic link anywhere
inside the public
directory](9719497ade/packages/vite/src/node/publicDir.ts (L21)).
In that case, every requested page will be passed to the public serving
function. The serving function is based on the
[sirv](https://redirect.github.com/lukeed/sirv) library. Vite patches
the library to add the possibility to test loading access to pages, but
when the public page middleware [disables this
functionality](9719497ade/packages/vite/src/node/server/middlewares/static.ts (L89))
since public pages are meant to be available always, regardless of
whether they are in the allow or deny list.

In the case of public pages, the serving function is [provided with the
path to the public
directory](9719497ade/packages/vite/src/node/server/middlewares/static.ts (L85))
as a root directory. The code of the sirv library [uses the join
function to get the full path to the requested
file](d061616827/packages/sirv/index.mjs (L42)).
For example, if the public directory is "/www/public", and the requested
file is "myfile", the code will join them to the string
"/www/public/myfile". The code will then pass this string to the
normalize function. Afterwards, the code will [use the string's
startsWith
function](d061616827/packages/sirv/index.mjs (L43))
to determine whether the created path is within the given directory or
not. Only if it is, it will be served.

Since [sirv trims the trailing slash of the public
directory](d061616827/packages/sirv/index.mjs (L119)),
the string's startsWith function may return true even if the created
path is not within the public directory. For example, if the server's
root is at "/www", and the public directory is at "/www/p", if the
created path will be "/www/private.txt", the startsWith function will
still return true, because the string "/www/private.txt" starts with 
"/www/p". To achieve this, the attacker will use ".." to ask for the
file "../private.txt". The code will then join it to the "/www/p"
string, and will receive "/www/p/../private.txt". Then, the normalize
function will return "/www/private.txt", which will then be passed to
the startsWith function, which will return true, and the processing of
the page will continue without checking the deny list (since this is the
public directory middleware which doesn't check that).

### PoC
Execute the following shell commands:

```
npm  create  vite@latest
cd vite-project/
mkdir p
cd p
ln -s a b
cd ..
echo  'import path from "node:path"; import { defineConfig } from "vite"; export default defineConfig({publicDir: path.resolve(__dirname, "p/"), server: {fs: {deny: [path.resolve(__dirname, "private.txt")]}}})' > vite.config.js
echo  "secret" > private.txt
npm install
npm run dev
```

Then, in a different shell, run the following command:

`curl -v --path-as-is 'http://localhost:5173/private.txt'`

You will receive a 403 HTTP Response,  because private.txt is denied.

Now in the same shell run the following command:

`curl -v --path-as-is 'http://localhost:5173/../private.txt'`

You will receive the contents of private.txt.

### Related links
-
f0113f3f82

####
[CVE-2025-58752](https://redirect.github.com/vitejs/vite/security/advisories/GHSA-jqfw-vq24-v9c3)

### Summary
Any HTML files on the machine were served regardless of the `server.fs`
settings.

### Impact

Only apps that match the following conditions are affected:

- explicitly exposes the Vite dev server to the network (using --host or
[server.host config
option](https://vitejs.dev/config/server-options.html#server-host))
- `appType: 'spa'` (default) or `appType: 'mpa'` is used

This vulnerability also affects the preview server. The preview server
allowed HTML files not under the output directory to be served.

### Details
The
[serveStaticMiddleware](9719497ade/packages/vite/src/node/server/middlewares/static.ts (L123))
function is in charge of serving static files from the server. It
returns the
[viteServeStaticMiddleware](9719497ade/packages/vite/src/node/server/middlewares/static.ts (L136))
function which runs the needed tests and serves the page. The
viteServeStaticMiddleware function [checks if the extension of the
requested file is
".html"](9719497ade/packages/vite/src/node/server/middlewares/static.ts (L144)).
If so, it doesn't serve the page. Instead, the server will go on to the
next middlewares, in this case
[htmlFallbackMiddleware](9719497ade/packages/vite/src/node/server/middlewares/htmlFallback.ts (L14)),
and then to
[indexHtmlMiddleware](9719497ade/packages/vite/src/node/server/middlewares/indexHtml.ts (L438)).
These middlewares don't perform any test against allow or deny rules,
and they don't make sure that the accessed file is in the root directory
of the server. They just find the file and send back its contents to the
client.

### PoC
Execute the following shell commands:

```
npm  create  vite@latest
cd vite-project/
echo  "secret" > /tmp/secret.html
npm install
npm run dev
```

Then, in a different shell, run the following command:

`curl -v --path-as-is
'http://localhost:5173/../../../../../../../../../../../tmp/secret.html'`

The contents of /tmp/secret.html will be returned.

This will also work for HTML files that are in the root directory of the
project, but are in the deny list (or not in the allow list). Test that
by stopping the running server (CTRL+C), and running the following
commands in the server's shell:

```
echo  'import path from "node:path"; import { defineConfig } from "vite"; export default defineConfig({server: {fs: {deny: [path.resolve(__dirname, "secret_files/*")]}}})'  >  [vite.config.js](http://vite.config.js)
mkdir secret_files
echo "secret txt" > secret_files/secret.txt
echo "secret html" > secret_files/secret.html
npm run dev

```

Then, in a different shell, run the following command:

`curl -v --path-as-is 'http://localhost:5173/secret_files/secret.txt'`

You will receive a 403 HTTP Response,  because everything in the
secret_files directory is denied.

Now in the same shell run the following command:

`curl -v --path-as-is 'http://localhost:5173/secret_files/secret.html'`

You will receive the contents of secret_files/secret.html.

---

### Release Notes

<details>
<summary>vitejs/vite (vite)</summary>

###
[`v6.3.6`](https://redirect.github.com/vitejs/vite/releases/tag/v6.3.6)

[Compare
Source](https://redirect.github.com/vitejs/vite/compare/v6.3.5...v6.3.6)

Please refer to
[CHANGELOG.md](https://redirect.github.com/vitejs/vite/blob/v6.3.6/packages/vite/CHANGELOG.md)
for details.

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "" (UTC), Automerge - At any time (no
schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about these
updates again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/toeverything/AFFiNE).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS45Ny4xMCIsInVwZGF0ZWRJblZlciI6IjQxLjk3LjEwIiwidGFyZ2V0QnJhbmNoIjoiY2FuYXJ5IiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
This commit is contained in:
renovate[bot]
2025-09-14 01:55:54 +08:00
committed by GitHub
parent e158e11608
commit 039976ee6d
1 changed files with 129 additions and 119 deletions
Download Patch File Download Diff File Expand all files Collapse all files

248
yarn.lock
View File

@@ -12592,142 +12592,149 @@ __metadata:
languageName: node
linkType: hard
"@rollup/rollup-android-arm-eabi@npm:4.43.0":
version: 4.43.0
resolution: "@rollup/rollup-android-arm-eabi@npm:4.43.0"
"@rollup/rollup-android-arm-eabi@npm:4.50.1":
version: 4.50.1
resolution: "@rollup/rollup-android-arm-eabi@npm:4.50.1"
conditions: os=android & cpu=arm
languageName: node
linkType: hard
"@rollup/rollup-android-arm64@npm:4.43.0":
version: 4.43.0
resolution: "@rollup/rollup-android-arm64@npm:4.43.0"
"@rollup/rollup-android-arm64@npm:4.50.1":
version: 4.50.1
resolution: "@rollup/rollup-android-arm64@npm:4.50.1"
conditions: os=android & cpu=arm64
languageName: node
linkType: hard
"@rollup/rollup-darwin-arm64@npm:4.43.0":
version: 4.43.0
resolution: "@rollup/rollup-darwin-arm64@npm:4.43.0"
"@rollup/rollup-darwin-arm64@npm:4.50.1":
version: 4.50.1
resolution: "@rollup/rollup-darwin-arm64@npm:4.50.1"
conditions: os=darwin & cpu=arm64
languageName: node
linkType: hard
"@rollup/rollup-darwin-x64@npm:4.43.0":
version: 4.43.0
resolution: "@rollup/rollup-darwin-x64@npm:4.43.0"
"@rollup/rollup-darwin-x64@npm:4.50.1":
version: 4.50.1
resolution: "@rollup/rollup-darwin-x64@npm:4.50.1"
conditions: os=darwin & cpu=x64
languageName: node
linkType: hard
"@rollup/rollup-freebsd-arm64@npm:4.43.0":
version: 4.43.0
resolution: "@rollup/rollup-freebsd-arm64@npm:4.43.0"
"@rollup/rollup-freebsd-arm64@npm:4.50.1":
version: 4.50.1
resolution: "@rollup/rollup-freebsd-arm64@npm:4.50.1"
conditions: os=freebsd & cpu=arm64
languageName: node
linkType: hard
"@rollup/rollup-freebsd-x64@npm:4.43.0":
version: 4.43.0
resolution: "@rollup/rollup-freebsd-x64@npm:4.43.0"
"@rollup/rollup-freebsd-x64@npm:4.50.1":
version: 4.50.1
resolution: "@rollup/rollup-freebsd-x64@npm:4.50.1"
conditions: os=freebsd & cpu=x64
languageName: node
linkType: hard
"@rollup/rollup-linux-arm-gnueabihf@npm:4.43.0":
version: 4.43.0
resolution: "@rollup/rollup-linux-arm-gnueabihf@npm:4.43.0"
"@rollup/rollup-linux-arm-gnueabihf@npm:4.50.1":
version: 4.50.1
resolution: "@rollup/rollup-linux-arm-gnueabihf@npm:4.50.1"
conditions: os=linux & cpu=arm & libc=glibc
languageName: node
linkType: hard
"@rollup/rollup-linux-arm-musleabihf@npm:4.43.0":
version: 4.43.0
resolution: "@rollup/rollup-linux-arm-musleabihf@npm:4.43.0"
"@rollup/rollup-linux-arm-musleabihf@npm:4.50.1":
version: 4.50.1
resolution: "@rollup/rollup-linux-arm-musleabihf@npm:4.50.1"
conditions: os=linux & cpu=arm & libc=musl
languageName: node
linkType: hard
"@rollup/rollup-linux-arm64-gnu@npm:4.43.0":
version: 4.43.0
resolution: "@rollup/rollup-linux-arm64-gnu@npm:4.43.0"
"@rollup/rollup-linux-arm64-gnu@npm:4.50.1":
version: 4.50.1
resolution: "@rollup/rollup-linux-arm64-gnu@npm:4.50.1"
conditions: os=linux & cpu=arm64 & libc=glibc
languageName: node
linkType: hard
"@rollup/rollup-linux-arm64-musl@npm:4.43.0":
version: 4.43.0
resolution: "@rollup/rollup-linux-arm64-musl@npm:4.43.0"
"@rollup/rollup-linux-arm64-musl@npm:4.50.1":
version: 4.50.1
resolution: "@rollup/rollup-linux-arm64-musl@npm:4.50.1"
conditions: os=linux & cpu=arm64 & libc=musl
languageName: node
linkType: hard
"@rollup/rollup-linux-loongarch64-gnu@npm:4.43.0":
version: 4.43.0
resolution: "@rollup/rollup-linux-loongarch64-gnu@npm:4.43.0"
"@rollup/rollup-linux-loongarch64-gnu@npm:4.50.1":
version: 4.50.1
resolution: "@rollup/rollup-linux-loongarch64-gnu@npm:4.50.1"
conditions: os=linux & cpu=loong64 & libc=glibc
languageName: node
linkType: hard
"@rollup/rollup-linux-powerpc64le-gnu@npm:4.43.0":
version: 4.43.0
resolution: "@rollup/rollup-linux-powerpc64le-gnu@npm:4.43.0"
"@rollup/rollup-linux-ppc64-gnu@npm:4.50.1":
version: 4.50.1
resolution: "@rollup/rollup-linux-ppc64-gnu@npm:4.50.1"
conditions: os=linux & cpu=ppc64 & libc=glibc
languageName: node
linkType: hard
"@rollup/rollup-linux-riscv64-gnu@npm:4.43.0":
version: 4.43.0
resolution: "@rollup/rollup-linux-riscv64-gnu@npm:4.43.0"
"@rollup/rollup-linux-riscv64-gnu@npm:4.50.1":
version: 4.50.1
resolution: "@rollup/rollup-linux-riscv64-gnu@npm:4.50.1"
conditions: os=linux & cpu=riscv64 & libc=glibc
languageName: node
linkType: hard
"@rollup/rollup-linux-riscv64-musl@npm:4.43.0":
version: 4.43.0
resolution: "@rollup/rollup-linux-riscv64-musl@npm:4.43.0"
"@rollup/rollup-linux-riscv64-musl@npm:4.50.1":
version: 4.50.1
resolution: "@rollup/rollup-linux-riscv64-musl@npm:4.50.1"
conditions: os=linux & cpu=riscv64 & libc=musl
languageName: node
linkType: hard
"@rollup/rollup-linux-s390x-gnu@npm:4.43.0":
version: 4.43.0
resolution: "@rollup/rollup-linux-s390x-gnu@npm:4.43.0"
"@rollup/rollup-linux-s390x-gnu@npm:4.50.1":
version: 4.50.1
resolution: "@rollup/rollup-linux-s390x-gnu@npm:4.50.1"
conditions: os=linux & cpu=s390x & libc=glibc
languageName: node
linkType: hard
"@rollup/rollup-linux-x64-gnu@npm:4.43.0":
version: 4.43.0
resolution: "@rollup/rollup-linux-x64-gnu@npm:4.43.0"
"@rollup/rollup-linux-x64-gnu@npm:4.50.1":
version: 4.50.1
resolution: "@rollup/rollup-linux-x64-gnu@npm:4.50.1"
conditions: os=linux & cpu=x64 & libc=glibc
languageName: node
linkType: hard
"@rollup/rollup-linux-x64-musl@npm:4.43.0":
version: 4.43.0
resolution: "@rollup/rollup-linux-x64-musl@npm:4.43.0"
"@rollup/rollup-linux-x64-musl@npm:4.50.1":
version: 4.50.1
resolution: "@rollup/rollup-linux-x64-musl@npm:4.50.1"
conditions: os=linux & cpu=x64 & libc=musl
languageName: node
linkType: hard
"@rollup/rollup-win32-arm64-msvc@npm:4.43.0":
version: 4.43.0
resolution: "@rollup/rollup-win32-arm64-msvc@npm:4.43.0"
"@rollup/rollup-openharmony-arm64@npm:4.50.1":
version: 4.50.1
resolution: "@rollup/rollup-openharmony-arm64@npm:4.50.1"
conditions: os=openharmony & cpu=arm64
languageName: node
linkType: hard
"@rollup/rollup-win32-arm64-msvc@npm:4.50.1":
version: 4.50.1
resolution: "@rollup/rollup-win32-arm64-msvc@npm:4.50.1"
conditions: os=win32 & cpu=arm64
languageName: node
linkType: hard
"@rollup/rollup-win32-ia32-msvc@npm:4.43.0":
version: 4.43.0
resolution: "@rollup/rollup-win32-ia32-msvc@npm:4.43.0"
"@rollup/rollup-win32-ia32-msvc@npm:4.50.1":
version: 4.50.1
resolution: "@rollup/rollup-win32-ia32-msvc@npm:4.50.1"
conditions: os=win32 & cpu=ia32
languageName: node
linkType: hard
"@rollup/rollup-win32-x64-msvc@npm:4.43.0":
version: 4.43.0
resolution: "@rollup/rollup-win32-x64-msvc@npm:4.43.0"
"@rollup/rollup-win32-x64-msvc@npm:4.50.1":
version: 4.50.1
resolution: "@rollup/rollup-win32-x64-msvc@npm:4.50.1"
conditions: os=win32 & cpu=x64
languageName: node
linkType: hard
@@ -14899,10 +14906,10 @@ __metadata:
languageName: node
linkType: hard
"@types/estree@npm:*, @types/estree@npm:1.0.7, @types/estree@npm:^1.0.0, @types/estree@npm:^1.0.6":
version: 1.0.7
resolution: "@types/estree@npm:1.0.7"
checksum: 10/419c845ece767ad4b21171e6e5b63dabb2eb46b9c0d97361edcd9cabbf6a95fcadb91d89b5fa098d1336fa0b8fceaea82fca97a2ef3971f5c86e53031e157b21
"@types/estree@npm:*, @types/estree@npm:1.0.8, @types/estree@npm:^1.0.0, @types/estree@npm:^1.0.6":
version: 1.0.8
resolution: "@types/estree@npm:1.0.8"
checksum: 10/25a4c16a6752538ffde2826c2cc0c6491d90e69cd6187bef4a006dd2c3c45469f049e643d7e516c515f21484dc3d48fd5c870be158a5beb72f5baf3dc43e4099
languageName: node
linkType: hard
@@ -22041,15 +22048,15 @@ __metadata:
languageName: node
linkType: hard
"fdir@npm:^6.4.4, fdir@npm:^6.4.5":
version: 6.4.6
resolution: "fdir@npm:6.4.6"
"fdir@npm:^6.4.4, fdir@npm:^6.5.0":
version: 6.5.0
resolution: "fdir@npm:6.5.0"
peerDependencies:
picomatch: ^3 || ^4
peerDependenciesMeta:
picomatch:
optional: true
checksum: 10/c186ba387e7b75ccf874a098d9bc5fe0af0e9c52fc56f8eac8e80aa4edb65532684bf2bf769894ff90f53bf221d6136692052d31f07a9952807acae6cbe7ee50
checksum: 10/14ca1c9f0a0e8f4f2e9bf4e8551065a164a09545dae548c12a18d238b72e51e5a7b39bd8e5494b56463a0877672d0a6c1ef62c6fa0677db1b0c847773be939b1
languageName: node
linkType: hard
@@ -29394,10 +29401,10 @@ __metadata:
languageName: node
linkType: hard
"picomatch@npm:^4.0.2":
version: 4.0.2
resolution: "picomatch@npm:4.0.2"
checksum: 10/ce617b8da36797d09c0baacb96ca8a44460452c89362d7cb8f70ca46b4158ba8bc3606912de7c818eb4a939f7f9015cef3c766ec8a0c6bfc725fdc078e39c717
"picomatch@npm:^4.0.2, picomatch@npm:^4.0.3":
version: 4.0.3
resolution: "picomatch@npm:4.0.3"
checksum: 10/57b99055f40b16798f2802916d9c17e9744e620a0db136554af01d19598b96e45e2f00014c91d1b8b13874b80caa8c295b3d589a3f72373ec4aaf54baa5962d5
languageName: node
linkType: hard
@@ -29917,14 +29924,14 @@ __metadata:
languageName: node
linkType: hard
"postcss@npm:^8.4.33, postcss@npm:^8.4.38, postcss@npm:^8.4.41, postcss@npm:^8.4.49, postcss@npm:^8.5.3, postcss@npm:^8.5.4":
version: 8.5.5
resolution: "postcss@npm:8.5.5"
"postcss@npm:^8.4.33, postcss@npm:^8.4.38, postcss@npm:^8.4.41, postcss@npm:^8.4.49, postcss@npm:^8.5.3, postcss@npm:^8.5.6":
version: 8.5.6
resolution: "postcss@npm:8.5.6"
dependencies:
nanoid: "npm:^3.3.11"
picocolors: "npm:^1.1.1"
source-map-js: "npm:^1.2.1"
checksum: 10/c80f723c754b656bf7c983e34841fa35fe0c37a13edd27e24de64e7962cfab11ea081b3b1c900838d2dbe576a045fdecad4f17862c488f12735742f525d22cf0
checksum: 10/9e4fbe97574091e9736d0e82a591e29aa100a0bf60276a926308f8c57249698935f35c5d2f4e80de778d0cbb8dcffab4f383d85fd50c5649aca421c3df729b86
languageName: node
linkType: hard
@@ -31386,31 +31393,32 @@ __metadata:
languageName: node
linkType: hard
"rollup@npm:^4.34.9, rollup@npm:^4.40.0":
version: 4.43.0
resolution: "rollup@npm:4.43.0"
"rollup@npm:^4.34.9, rollup@npm:^4.43.0":
version: 4.50.1
resolution: "rollup@npm:4.50.1"
dependencies:
"@rollup/rollup-android-arm-eabi": "npm:4.43.0"
"@rollup/rollup-android-arm64": "npm:4.43.0"
"@rollup/rollup-darwin-arm64": "npm:4.43.0"
"@rollup/rollup-darwin-x64": "npm:4.43.0"
"@rollup/rollup-freebsd-arm64": "npm:4.43.0"
"@rollup/rollup-freebsd-x64": "npm:4.43.0"
"@rollup/rollup-linux-arm-gnueabihf": "npm:4.43.0"
"@rollup/rollup-linux-arm-musleabihf": "npm:4.43.0"
"@rollup/rollup-linux-arm64-gnu": "npm:4.43.0"
"@rollup/rollup-linux-arm64-musl": "npm:4.43.0"
"@rollup/rollup-linux-loongarch64-gnu": "npm:4.43.0"
"@rollup/rollup-linux-powerpc64le-gnu": "npm:4.43.0"
"@rollup/rollup-linux-riscv64-gnu": "npm:4.43.0"
"@rollup/rollup-linux-riscv64-musl": "npm:4.43.0"
"@rollup/rollup-linux-s390x-gnu": "npm:4.43.0"
"@rollup/rollup-linux-x64-gnu": "npm:4.43.0"
"@rollup/rollup-linux-x64-musl": "npm:4.43.0"
"@rollup/rollup-win32-arm64-msvc": "npm:4.43.0"
"@rollup/rollup-win32-ia32-msvc": "npm:4.43.0"
"@rollup/rollup-win32-x64-msvc": "npm:4.43.0"
"@types/estree": "npm:1.0.7"
"@rollup/rollup-android-arm-eabi": "npm:4.50.1"
"@rollup/rollup-android-arm64": "npm:4.50.1"
"@rollup/rollup-darwin-arm64": "npm:4.50.1"
"@rollup/rollup-darwin-x64": "npm:4.50.1"
"@rollup/rollup-freebsd-arm64": "npm:4.50.1"
"@rollup/rollup-freebsd-x64": "npm:4.50.1"
"@rollup/rollup-linux-arm-gnueabihf": "npm:4.50.1"
"@rollup/rollup-linux-arm-musleabihf": "npm:4.50.1"
"@rollup/rollup-linux-arm64-gnu": "npm:4.50.1"
"@rollup/rollup-linux-arm64-musl": "npm:4.50.1"
"@rollup/rollup-linux-loongarch64-gnu": "npm:4.50.1"
"@rollup/rollup-linux-ppc64-gnu": "npm:4.50.1"
"@rollup/rollup-linux-riscv64-gnu": "npm:4.50.1"
"@rollup/rollup-linux-riscv64-musl": "npm:4.50.1"
"@rollup/rollup-linux-s390x-gnu": "npm:4.50.1"
"@rollup/rollup-linux-x64-gnu": "npm:4.50.1"
"@rollup/rollup-linux-x64-musl": "npm:4.50.1"
"@rollup/rollup-openharmony-arm64": "npm:4.50.1"
"@rollup/rollup-win32-arm64-msvc": "npm:4.50.1"
"@rollup/rollup-win32-ia32-msvc": "npm:4.50.1"
"@rollup/rollup-win32-x64-msvc": "npm:4.50.1"
"@types/estree": "npm:1.0.8"
fsevents: "npm:~2.3.2"
dependenciesMeta:
"@rollup/rollup-android-arm-eabi":
@@ -31435,7 +31443,7 @@ __metadata:
optional: true
"@rollup/rollup-linux-loongarch64-gnu":
optional: true
"@rollup/rollup-linux-powerpc64le-gnu":
"@rollup/rollup-linux-ppc64-gnu":
optional: true
"@rollup/rollup-linux-riscv64-gnu":
optional: true
@@ -31447,6 +31455,8 @@ __metadata:
optional: true
"@rollup/rollup-linux-x64-musl":
optional: true
"@rollup/rollup-openharmony-arm64":
optional: true
"@rollup/rollup-win32-arm64-msvc":
optional: true
"@rollup/rollup-win32-ia32-msvc":
@@ -31457,7 +31467,7 @@ __metadata:
optional: true
bin:
rollup: dist/bin/rollup
checksum: 10/c7f436880dfd5bd54e9ac579625b5355be58b5437ebb386eb88d709d6bed733a4411673cc80fd64dc5514cd71794544bc83775842108c86ed2b51827e11b33b8
checksum: 10/99f47dc64ea5bc15056a9af49a10a287ec1c49550563ce7827d85d2c03a4a46e42ad2fd48f91b647193e849a22e01a66a782c8311bcefd4246932f02cc437e74
languageName: node
linkType: hard
@@ -33531,13 +33541,13 @@ __metadata:
languageName: node
linkType: hard
"tinyglobby@npm:^0.2.12, tinyglobby@npm:^0.2.13, tinyglobby@npm:^0.2.14":
version: 0.2.14
resolution: "tinyglobby@npm:0.2.14"
"tinyglobby@npm:^0.2.12, tinyglobby@npm:^0.2.13, tinyglobby@npm:^0.2.14, tinyglobby@npm:^0.2.15":
version: 0.2.15
resolution: "tinyglobby@npm:0.2.15"
dependencies:
fdir: "npm:^6.4.4"
picomatch: "npm:^4.0.2"
checksum: 10/3d306d319718b7cc9d79fb3f29d8655237aa6a1f280860a217f93417039d0614891aee6fc47c5db315f4fcc6ac8d55eb8e23e2de73b2c51a431b42456d9e5764
fdir: "npm:^6.5.0"
picomatch: "npm:^4.0.3"
checksum: 10/d72bd826a8b0fa5fa3929e7fe5ba48fceb2ae495df3a231b6c5408cd7d8c00b58ab5a9c2a76ba56a62ee9b5e083626f1f33599734bed1ffc4b792406408f0ca2
languageName: node
linkType: hard
@@ -34818,16 +34828,16 @@ __metadata:
linkType: hard
"vite@npm:^5.0.0 || ^6.0.0 || ^7.0.0-0":
version: 7.0.0-beta.1
resolution: "vite@npm:7.0.0-beta.1"
version: 7.1.5
resolution: "vite@npm:7.1.5"
dependencies:
esbuild: "npm:^0.25.0"
fdir: "npm:^6.4.5"
fdir: "npm:^6.5.0"
fsevents: "npm:~2.3.3"
picomatch: "npm:^4.0.2"
postcss: "npm:^8.5.4"
rollup: "npm:^4.40.0"
tinyglobby: "npm:^0.2.14"
picomatch: "npm:^4.0.3"
postcss: "npm:^8.5.6"
rollup: "npm:^4.43.0"
tinyglobby: "npm:^0.2.15"
peerDependencies:
"@types/node": ^20.19.0 || >=22.12.0
jiti: ">=1.21.0"
@@ -34868,13 +34878,13 @@ __metadata:
optional: true
bin:
vite: bin/vite.js
checksum: 10/59dc57a531214dfd477147050718e6661f85421adbd47fc4cc22d6e7320fa354f7099c18e0b3c4cfd4e03f32a9999f872909ebd8c35408610920c5c0d17a546d
checksum: 10/59edeef7e98757a668b2ad8a1731a5657fa83e22a165a36b7359225ea98a9be39b2f486710c0cf5085edb85daee7c8b6b6b0bd85d0ef32a1aa84aef71aabd0f0
languageName: node
linkType: hard
"vite@npm:^5.0.0 || ^6.0.0, vite@npm:^6.0.3, vite@npm:^6.1.0":
version: 6.3.5
resolution: "vite@npm:6.3.5"
version: 6.3.6
resolution: "vite@npm:6.3.6"
dependencies:
esbuild: "npm:^0.25.0"
fdir: "npm:^6.4.4"
@@ -34923,7 +34933,7 @@ __metadata:
optional: true
bin:
vite: bin/vite.js
checksum: 10/7bc3a1c5ef79413ad70daeeaf69b76cd1218d16aa18ed8ee08d74648ef17284f4a17c11f5cf42b573b6dc5e3d5f115110b67b1d23c2c699cfe404757764a634a
checksum: 10/8b8b6fe12318ca457396bf2053df7056cf4810f1d4a43b36b6afe59860e32b749c0685a290fe8a973b0d3da179ceec4c30cebbd3c91d0c47fbcf6436b17bdeef
languageName: node
linkType: hard