fix: upgrade rollup 4.22.2, deterministic chunk hashing fix

[mattkubej]

Description

We recently encountered an issue where hashes produced by rollup were non-deterministic when collisions occur. A fix has been upstreamed to rollup to resolve this and was released in version 4.22.2. Our application currently has a patch to mitigate this issue, so by upgrading rollup we can remove it.

More details about the issue and resolution within rollup can be found in the following PR: rollup/rollup#5644

Looking over the rollup releases, I am not seeing any change that would require an implementation change to vite. So, it seems this should be safe to upgrade.

[stackblitz]

Run & review this pull request in StackBlitz Codeflow.

[mattkubej]

Looks like rollup released a couple of patches this morning. I'll update this PR to capture those as well.

Also, seeing a build error, which is present for me on main as well too. So, trying to take a look at that as well. Looks like a TS issue.

Edit: error on main is due to installing with pnpm i instead of pnpm i --frozen-lockfile

[bluwy]

Why do you need to patch vite to bring in the rollup upgrade? It should be possible for a package manager to update the nested dependency directly without vite bumping it. The ^ allows that.

[mattkubej]

Why do you need to patch vite to bring in the rollup upgrade? It should be possible for a package manager to update the nested dependency directly without vite bumping it. The ^ allows that.

Thanks for taking a look at this!

You're right, we do not need to patch vite to bring in the rollup upgrade. I just figured this might be helpful to expedite the adoption of the change and bring more awareness to it in case others encounter it.

Happy to close this PR if you'd prefer.