vite/5.2.9 package update #16881

octo-sts · 2024-04-15T09:16:08Z

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>

github-actions · 2024-04-16T14:15:40Z

Package vite: Click to expand/collapse

Package vite:

.PKGINFO metadata:

  (
  	"""
- 	# Generated by melange v0.15.16
+ 	# Generated by melange v0.6.11-2-g5643b49
  	pkgname = vite
- 	pkgver = 5.2.8-r0
+ 	pkgver = 5.2.9-r0
  	arch = x86_64
- 	size = 9239221
+ 	size = 9262273
  	origin = vite
  	pkgdesc = Vite (French word for "quick", pronounced /vit/, like "veet") is a build tool that aims to provide a faster and leaner development experience for modern web projects.
  	url = 
- 	commit = 868368bae07d60c8cf4487a3f0af1ee9a8d2c523
- 	builddate = 1712158010
+ 	commit = de631a6c42d1b854d38c5f9c0f901a20c31cfaa6
  	license = MIT
+ 	depend = cmd:node
  	depend = esbuild
  	depend = nodejs
- 	datahash = 4f84195e6b5a1893080f722c0233f7e39cf164636e89b6da278b2712eee7790c
+ 	datahash = cf995c59df979d386ad6ebf549704414e06dd515b3ad947a2fc7b16b8c659d1d
  	"""
  )

Added: /usr/lib/node_modules/vite/dist/node/chunks/dep-DHU7GEFN.js
Added: /usr/lib/node_modules/vite/dist/node/chunks/dep-DbzVZKyq.js
Added: /usr/lib/node_modules/vite/dist/node/chunks/dep-_QLjGPdL.js
Modified: /usr/lib/node_modules/vite/dist/client/client.mjs
Modified: /usr/lib/node_modules/vite/dist/client/client.mjs.map
Modified: /usr/lib/node_modules/vite/dist/node/cli.js
Modified: /usr/lib/node_modules/vite/dist/node/index.js
Modified: /usr/lib/node_modules/vite/dist/node-cjs/publicUtils.cjs
Modified: /usr/lib/node_modules/vite/node_modules/@rollup/rollup-linux-x64-gnu/package.json
Modified: /usr/lib/node_modules/vite/node_modules/@rollup/rollup-linux-x64-gnu/rollup.linux-x64-gnu.node
Modified: /usr/lib/node_modules/vite/node_modules/rollup/README.md
Modified: /usr/lib/node_modules/vite/node_modules/rollup/dist/bin/rollup
Modified: /usr/lib/node_modules/vite/node_modules/rollup/dist/es/getLogFilter.js
Modified: /usr/lib/node_modules/vite/node_modules/rollup/dist/es/parseAst.js
Modified: /usr/lib/node_modules/vite/node_modules/rollup/dist/es/rollup.js
Modified: /usr/lib/node_modules/vite/node_modules/rollup/dist/es/shared/node-entry.js
Modified: /usr/lib/node_modules/vite/node_modules/rollup/dist/es/shared/parseAst.js
Modified: /usr/lib/node_modules/vite/node_modules/rollup/dist/es/shared/watch.js
Modified: /usr/lib/node_modules/vite/node_modules/rollup/dist/getLogFilter.js
Modified: /usr/lib/node_modules/vite/node_modules/rollup/dist/loadConfigFile.js
Modified: /usr/lib/node_modules/vite/node_modules/rollup/dist/native.js
Modified: /usr/lib/node_modules/vite/node_modules/rollup/dist/parseAst.js
Modified: /usr/lib/node_modules/vite/node_modules/rollup/dist/rollup.js
Modified: /usr/lib/node_modules/vite/node_modules/rollup/dist/shared/fsevents-importer.js
Modified: /usr/lib/node_modules/vite/node_modules/rollup/dist/shared/index.js
Modified: /usr/lib/node_modules/vite/node_modules/rollup/dist/shared/loadConfigFile.js
Modified: /usr/lib/node_modules/vite/node_modules/rollup/dist/shared/parseAst.js
Modified: /usr/lib/node_modules/vite/node_modules/rollup/dist/shared/rollup.js
Modified: /usr/lib/node_modules/vite/node_modules/rollup/dist/shared/watch-cli.js
Modified: /usr/lib/node_modules/vite/node_modules/rollup/dist/shared/watch.js
Modified: /usr/lib/node_modules/vite/node_modules/rollup/package.json
Modified: /usr/lib/node_modules/vite/package.json
Deleted: /usr/lib/node_modules/vite/dist/node/chunks/dep-2j8ZV8Rx.js
Deleted: /usr/lib/node_modules/vite/dist/node/chunks/dep-D6I3Q2TL.js
Deleted: /usr/lib/node_modules/vite/dist/node/chunks/dep-whKeNLxG.js

bincapz found differences: Click to expand/collapse

Deleted: vite/usr/lib/node_modules/vite/dist/node/chunks/dep-whKeNLxG.js

RISK	KEY	DESCRIPTION
meta	lang	nodejs

-3/HIGH	combo/recon/nodejs	exfiltrate system information: "POST
		http.request
		process.platform
		process.versions"
-3/HIGH	evasion/hex	converts hex data to ASCII
-2/MEDIUM	combo/recon/system_network	invasive recon val: "ip if route"
-2/MEDIUM	combo/stealer/browser	uses HTTP, archives, and references multiple browsers: ".config
		Brave
		Chrome
		Firefox
		POST
		Safari
		http
		tar
		zip"
-2/MEDIUM	data/embedded/html	contains HTML content
-2/MEDIUM	exec/program	executes another program: "subprocess.once('close', exitCode
		subprocess.once('error', reject
		subprocess.unref("
-2/MEDIUM	fs/file/times/set	change file timestamps
-2/MEDIUM	kernel/uname/get	get system identification
-2/MEDIUM	net/fetch	invokes curl: "curl 7.77.0 behavior and drop the following headers. These
		curl 7.77.0 behavior and make the first"
-2/MEDIUM	net/http/cookies	able to access HTTP resources using cookies
-2/MEDIUM	net/http/post	able to submit content via HTTP POST
-2/MEDIUM	net/url/request	requests resources via URL
-2/MEDIUM	process/chdir	changes current working directory: "cd"
-2/MEDIUM	procfs/self/cgroup	accesses /proc files within own cgroup: "/proc/self/cgroup"
-2/MEDIUM	ref/extensions/office	references multiple Office file extensions (possible exfil): "docm
		docx
		eml
		ppam
		ppt
		xlsx"
-2/MEDIUM	ref/path/root	references paths within /root: "/root/root/path-to-file"
-2/MEDIUM	ref/program/osascript	osascript caller: "osascript"
-2/MEDIUM	ref/program/powershell	powershell: "powershell -NoProfile -Command"
-2/MEDIUM	ref/site/php	accesses hardcoded PHP endpoint: "http://www.robvanderwoude.com/escapechars.php"
-2/MEDIUM	ref/words/agent	references an 'agent': "agents
		npm_config_user_agent"
-2/MEDIUM	ref/words/intercept	references interception: "intercept"
-2/MEDIUM	shell/pipe_sh	pipes to shell
-1/LOW	compression/bzip2	works with bzip2 files
-1/LOW	compression/gzip	works with gzip files
-1/LOW	encoding/base64	supports base64 encoded strings
-1/LOW	encoding/json/decode	decodes JSON messages
-1/LOW	encoding/json/encode	encodes JSON
-1/LOW	env/TERM	look up or override terminal settings
-1/LOW	env/get	retrieve environment variable values:
		env.BROWSER
		env.CHOKIDAR
		env.DEBUG
		env.DOTENV
		env.EDITOR
		env.LAUNCH
		env.NODE
		env.OSTYPE
		env.PATHEXT
		env.SSR
		env.SYSTEMROOT
		env.TERM
		env.VISUAL
		env.VITE
-1/LOW	fs/file/delete	deletes files
-1/LOW	fs/file/read	reads files
-1/LOW	fs/file/stat	access filesystem information
-1/LOW	fs/link/read	read value of a symbolic link
-1/LOW	fs/mount	mounts file systems
-1/LOW	fs/symlink/resolve	resolves symbolic links
-1/LOW	fs/tempdir/create	uses libc functions to create a temporary directory
-1/LOW	net/hostname/resolve	resolves network host names
-1/LOW	net/http/accept/encoding	able to decode multiple forms of HTTP responses (example: gzip)
-1/LOW	net/http/request	makes HTTP requests
-1/LOW	net/socket/listen	listen on a socket
-1/LOW	net/socket/send	send a message to a socket
-1/LOW	ref/path/bin/su	calls /bin/su: "/bin/su"
-1/LOW	ref/path/etc	references paths within /etc: "/etc/passwd
		/etc/wsl.conf"
-1/LOW	ref/path/hidden	possible hidden file path: "/absolute/path/to/node_modules/.vite
		/blah/.exec
		/run/.containerenv
		/vault/.env.vault"
-1/LOW	ref/site/url	contains embedded HTTPS URLs:
		https://bugs.chromium.org/p/v8/issues/detail?id=3056
		https://bugs.chromium.org/p/v8/issues/detail?id=4118
		https://bugzilla.mozilla.org/show_bug.cgi?id=745678
		https://caniuse.com/?search=es2015
		https://caniuse.com/?search=es2016
		https://caniuse.com/?search=es2017
		https://caniuse.com/?search=es2018
		https://caniuse.com/?search=es2019
		https://caniuse.com/?search=es2020
		https://caniuse.com/?search=es2021
		https://caniuse.com/?search=es2022
		https://caniuse.com/js-regexp-lookbehind
		https://classic.yarnpkg.com/en/docs/workspaces/
		https://developer.chrome.com/blog/modulepreload/
		https://developer.mozilla.org/en-US/docs/Tools/Web_Console
		https://developer.mozilla.org/en-US/docs/Web/HTML/Global_attributes/nonce
		https://developer.mozilla.org/en-US/docs/Web/HTTP/Basics_of_HTTP/MIME_typ
		https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_
		https://developer.mozilla.org/en-US/docs/Web/Media/Formats/Containers
		https://docs.microsoft.com/en-us/windows/wsl/wsl-config
		https://docs.npmjs.com/cli/v7/using-npm/workspaces
		https://dotenvx.com
		https://drafts.csswg.org/css-images-4/
		https://drafts.csswg.org/css-syntax-3/
		https://esbuild.github.io/api/
		https://esbuild.github.io/content-types/
		https://feross.org/opensource
		https://git-lfs.github.com
		https://git.io/debug_fd
		moxystudio/node-cross-spawn#16
		microsoft/WSL#423
		https://github.com/STRML/async-limiter
		https://github.com/acornjs/acorn.git
		acornjs/acorn#575
		https://github.com/chimurai/http-proxy-middleware/blob/cd58f962aec22c925b
		https://github.com/chromium/chromium/blob/da4adbb3/third_party/blink/rend
		https://github.com/davidbonnet/astring.git
		https://github.com/davidbonnet/astring/issues
		https://github.com/defunctzombie/package-browser-field-spec
		https://github.com/ds300/patch-package
		eemeli/yaml#228
		https://github.com/estree/estree/blob/a27003adf4fd7bfad44de9cef372a2eacd5
		evanw/esbuild#1921
		evanw/esbuild#2265
		evanw/esbuild#3317
		evanw/esbuild#566
		https://github.com/facebook/create-react-app/blob/master/LICENSE
		facebook/create-react-app#1690
		facebook/react-native#1632
		https://github.com/facebookincubator/create-react-app/blob/master/LICENSE
		http-party/node-http-proxy#1520
		https://github.com/iconify/iconify/blob/main/packages/utils/src/svg/url.t
		isaacs/node-glob#167
		isaacs/node-glob#205
		https://github.com/isaacs/node-graceful-fs/blob/main/LICENSE
		https://github.com/jonschlinkert/fill-range
		https://github.com/jonschlinkert/is-extglob
		https://github.com/jonschlinkert/is-glob
		https://github.com/jonschlinkert/is-number
		https://github.com/jonschlinkert/normalize-path
		nodejs/node-v0.x-archive#1726
		nodejs/node-v0.x-archive#4337
		nodejs/node-v0.x-archive#7878
		https://github.com/larrybahr/windows-network-drive
		https://github.com/lerna/lerna
		lukeed/mrmime#3
		https://github.com/lukeed/resolve.exports
		mdn/webassembly-examples#5
		micromatch/picomatch#89
		https://github.com/micromatch/to-regex-range
		https://github.com/mozilla/source-map/blob/8cb3ee57/lib/util.js
		https://github.com/mozilla/sweet.js/wiki/design
		https://github.com/mrmlnc/fast-glob
		https://github.com/nodejs/node/blob/7faeddf23a98c53896f8b574a6e66589e8fb1
		nodejs/node#22066
		nodejs/node#37737
		nodejs/node#43047
		nodejs/node#43205
		nodejs/node#44663
		nodejs/node#8871
		https://github.com/parcel-bundler/lightningcss/blob/master/node/targets.d
		parcel-bundler/lightningcss#291
		https://github.com/paulmillr/chokidar/blob/e1753ddbc9571bdc33b4a4af172d52
		https://github.com/postcss/postcss/blob/main/docs/guidelines/plugin.md
		https://github.com/preactjs/wmr/blob/main/packages/wmr/src/lib/rollup-plu
		https://github.com/preactjs/wmr/blob/master/LICENSE
		https://github.com/rich-harris/magic-string
		https://github.com/rollup/plugins/blob/master/LICENSE
		https://github.com/rollup/plugins/blob/master/packages/json/src/index.js
		rollup/plugins#759
		https://github.com/rollup/plugins/tree/master/packages/dynamic-import-var
		rollup/rollup-plugin-commonjs#151
		https://github.com/rollup/rollup/blob/62b648e1cc6a1f00260bb85aa2050097bb4
		https://github.com/rollup/rollup/blob/ce6cb93098850a46fa242e37b74a919e99a
		https://github.com/rollup/rollup/graphs/contributors
		sass/dart-sass#710
		https://github.com/sindresorhus/open
		https://github.com/sindresorhus/strip-bom/blob/v5.0.0/index.js
		https://github.com/sindresorhus/strip-json-comments/blob/v4.0.0/index.js
		https://github.com/sveltejs/svelte/blob/abf11bb02b2afbd3e4cac509a0f70e318
		https://github.com/tc39/proposal-is-usv-string/blob/main/README.md
		https://github.com/teambition/merge2
		https://github.com/thlorenz/convert-source-map
		typescript-eslint/typescript-eslint#60
		typescript-eslint/typescript-eslint#7478
		vitejs/vite#13816.
		vitejs/vite#12923
		vitejs/vite#12931
		vitejs/vite#1363
		vitejs/vite#1428
		vitejs/vite#2062
		vitejs/vite#2820
		vitejs/vite#5812
		vitejs/vite#6372
		vitejs/vite#9438
		vitejs/vite#11807
		vitejs/vite#13514
		vitejs/vite#13893
		vitejs/vite#14643
		vitejs/vite#15206
		vuejs/core#2860
		https://github.com/websockets/ws/blob/45e17acea791d865df6b255a55182e9c42e
		websockets/ws#1202
		websockets/ws#1869.
		websockets/ws#1940.
		whatwg/html#3656
		https://github.com/yetingli
		https://html.spec.whatwg.org/multipage/common-dom-interfaces.html
		https://html.spec.whatwg.org/multipage/comms.html
		https://learn.microsoft.com/en-us/dotnet/standard/io/file-path-formats
		https://learn.microsoft.com/en-us/windows/win32/fileio/naming-a-file
		https://lightningcss.dev/css-modules.html
		https://msdn.microsoft.com/library/windows/desktop/aa365247
		https://nodejs.org/api/http.html
		https://nodejs.org/api/modules.html
		https://nx.dev/latest/react/getting-started/nx-setup
		https://pnpm.io/workspaces/
		https://qntm.org/cmd
		https://rollupjs.org/configuration-options/
		https://rollupjs.org/guide/en/
		https://rushjs.io/pages/advanced/config_files/
		https://stackoverflow.com/a/11781404/1358405
		https://stackoverflow.com/a/36328890
		https://tc39.es/ecma262/
		https://tools.ietf.org/html/rfc6455
		https://url.spec.whatwg.org/
		https://vitejs.dev/config/server-options.html
		https://vitejs.dev/guide/api-plugin.html
		https://vitejs.dev/guide/features.html
		https://vitejs.dev/guide/troubleshooting.html
		https://webpack.js.org/guides/tree-shaking/
		https://www.cl.cam.ac.uk/
		https://www.ecma-international.org/ecma-262/8.0/
-1/LOW	ref/words/password	references a password: "password"

Deleted: vite/usr/lib/node_modules/vite/dist/node/chunks/dep-2j8ZV8Rx.js

RISK	KEY	DESCRIPTION
meta	lang	nodejs

-2/MEDIUM	kernel/uname/get	get system identification
-2/MEDIUM	ref/site/php	accesses hardcoded PHP endpoint: "http://www.opensource.org/licenses/mit-license.php"
-2/MEDIUM	techniques/code_eval	evaluate code dynamically using exec(): "exec(alias)
		exec(node
		exec(rule
		exec(token)
		exec(value)))"
-1/LOW	encoding/base64	supports base64 encoded strings
-1/LOW	encoding/json/encode	encodes JSON
-1/LOW	fs/file/read	reads files
-1/LOW	ref/site/url	contains embedded HTTPS URLs:
		https://drafts.csswg.org/css-syntax/
		https://en.wikipedia.org/wiki/CamelCase
		https://en.wikipedia.org/wiki/Combining_Diacritical_Marks_for_Symbols
		https://en.wikipedia.org/wiki/Latin-1_Supplement_
		https://en.wikipedia.org/wiki/Latin_Extended-A
		https://github.com/css-modules/css-modules-loader-core
		https://github.com/lakenen/node-unquote
		postcss/postcss-selector-parser@`01a6b346e3612ce`
		postcss/postcss-selector-parser@`268c9a7656fb53f`
		https://jquery.org/
		https://lodash.com/license
		https://mathiasbynens.be/notes/css-escapes
		https://mathiasbynens.be/notes/javascript-unicode
		https://mths.be/cssesc
		https://nodejs.org/api/crypto.html

Moved: vite/usr/lib/node_modules/vite/dist/node/chunks/dep-D6I3Q2TL.js -> vite/usr/lib/node_modules/vite/dist/node/chunks/dep-_QLjGPdL.js (score: 0.933333)

Previous Risk: ✅ 1/LOW
New Risk: 🔥 3/HIGH

RISK	KEY	DESCRIPTION
+3/HIGH	combo/recon/nodejs	exfiltrate system information: "POST
		http.request
		process.platform
		process.versions"
+3/HIGH	evasion/hex	converts hex data to ASCII
+2/MEDIUM	combo/recon/system_network	invasive recon val: "ip if route"
+2/MEDIUM	combo/stealer/browser	uses HTTP, archives, and references multiple browsers: ".config
		Brave
		Chrome
		Firefox
		POST
		Safari
		http
		tar
		zip"
+2/MEDIUM	data/embedded/html	contains HTML content
+2/MEDIUM	exec/program	executes another program: "subprocess.once('close', exitCode
		subprocess.once('error', reject
		subprocess.unref("
+2/MEDIUM	fs/file/times/set	change file timestamps
+2/MEDIUM	kernel/uname/get	get system identification
+2/MEDIUM	net/fetch	invokes curl: "curl 7.77.0 behavior and drop the following headers. These
		curl 7.77.0 behavior and make the first"
+2/MEDIUM	net/http/cookies	able to access HTTP resources using cookies
+2/MEDIUM	net/http/post	able to submit content via HTTP POST
+2/MEDIUM	net/url/request	requests resources via URL
+2/MEDIUM	process/chdir	changes current working directory: "cd"
+2/MEDIUM	procfs/self/cgroup	accesses /proc files within own cgroup: "/proc/self/cgroup"
+2/MEDIUM	ref/extensions/office	references multiple Office file extensions (possible exfil): "docm
		docx
		eml
		ppam
		ppt
		xlsx"
+2/MEDIUM	ref/path/root	references paths within /root: "/root/root/path-to-file"
+2/MEDIUM	ref/program/osascript	osascript caller: "osascript"
+2/MEDIUM	ref/program/powershell	powershell: "powershell -NoProfile -Command"
+2/MEDIUM	ref/site/php	accesses hardcoded PHP endpoint: "http://www.robvanderwoude.com/escapechars.php"
+2/MEDIUM	ref/words/agent	references an 'agent': "agents
		npm_config_user_agent"
+2/MEDIUM	ref/words/intercept	references interception: "intercept"
+2/MEDIUM	shell/pipe_sh	pipes to shell
+1/LOW	compression/bzip2	works with bzip2 files
+1/LOW	compression/gzip	works with gzip files
+1/LOW	encoding/json/decode	decodes JSON messages
+1/LOW	encoding/json/encode	encodes JSON
+1/LOW	env/TERM	look up or override terminal settings
+1/LOW	env/get	retrieve environment variable values:
		env.BROWSER
		env.CHOKIDAR
		env.DEBUG
		env.DOTENV
		env.EDITOR
		env.LAUNCH
		env.NODE
		env.OSTYPE
		env.PATHEXT
		env.SSR
		env.SYSTEMROOT
		env.TERM
		env.VISUAL
		env.VITE
+1/LOW	fs/file/delete	deletes files
+1/LOW	fs/link/read	read value of a symbolic link
+1/LOW	fs/mount	mounts file systems
+1/LOW	fs/symlink/resolve	resolves symbolic links
+1/LOW	fs/tempdir/create	uses libc functions to create a temporary directory
+1/LOW	net/hostname/resolve	resolves network host names
+1/LOW	net/http/accept/encoding	able to decode multiple forms of HTTP responses (example: gzip)
+1/LOW	net/http/request	makes HTTP requests
+1/LOW	net/socket/listen	listen on a socket
+1/LOW	net/socket/send	send a message to a socket
+1/LOW	ref/path/bin/su	calls /bin/su: "/bin/su"
+1/LOW	ref/path/etc	references paths within /etc: "/etc/passwd
		/etc/wsl.conf"
+1/LOW	ref/path/hidden	possible hidden file path: "/absolute/path/to/node_modules/.vite
		/blah/.exec
		/run/.containerenv
		/vault/.env.vault"
+1/LOW	ref/words/password	references a password: "password"

Moved: vite/usr/lib/node_modules/vite/dist/node/chunks/dep-D6I3Q2TL.js -> vite/usr/lib/node_modules/vite/dist/node/chunks/dep-DHU7GEFN.js (score: 0.933333)

Moved: vite/usr/lib/node_modules/vite/dist/node/chunks/dep-D6I3Q2TL.js -> vite/usr/lib/node_modules/vite/dist/node/chunks/dep-DbzVZKyq.js (score: 0.933333)

Previous Risk: ✅ 1/LOW
New Risk: ✅ 2/MEDIUM

RISK	KEY	DESCRIPTION
+2/MEDIUM	kernel/uname/get	get system identification
+2/MEDIUM	ref/site/php	accesses hardcoded PHP endpoint: "http://www.opensource.org/licenses/mit-license.php"
+2/MEDIUM	techniques/code_eval	evaluate code dynamically using exec(): "exec(alias)
		exec(node
		exec(rule
		exec(token)
		exec(value)))"
+1/LOW	encoding/json/encode	encodes JSON
-1/LOW	fs/file/stat	access filesystem information

sergio-chainguard · 2024-04-16T14:19:16Z

It was not passing at the time, there are no changes to review.

pdeslaur

Blocking for now - we have bincapz findings

pdeslaur · 2024-04-16T16:05:07Z

bincapz findings are due to a file rename

vite/5.2.9 package update

eee9375

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>

octo-sts bot added request-version-update request for a newer version of a package automated pr labels Apr 15, 2024

Merge branch 'main' into wolfictl-cd2a5fc0-e9cc-4632-83f3-25fcf5491c1b

ba1373f

hectorj2f approved these changes Apr 16, 2024

View reviewed changes

pdeslaur requested changes Apr 16, 2024

View reviewed changes

pdeslaur approved these changes Apr 16, 2024

View reviewed changes

tstromberg mentioned this pull request Apr 16, 2024

diff: rename detector misbehaves with NodeJS chunks chainguard-dev/malcontent#122

Closed

sergio-chainguard merged commit a3e7d5f into main Apr 17, 2024
8 checks passed

sergio-chainguard deleted the wolfictl-cd2a5fc0-e9cc-4632-83f3-25fcf5491c1b branch April 17, 2024 20:02

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

vite/5.2.9 package update #16881

vite/5.2.9 package update #16881

octo-sts bot commented Apr 15, 2024

github-actions bot commented Apr 16, 2024

Deleted: vite/usr/lib/node_modules/vite/dist/node/chunks/dep-whKeNLxG.js

Deleted: vite/usr/lib/node_modules/vite/dist/node/chunks/dep-2j8ZV8Rx.js

Moved: vite/usr/lib/node_modules/vite/dist/node/chunks/dep-D6I3Q2TL.js -> vite/usr/lib/node_modules/vite/dist/node/chunks/dep-_QLjGPdL.js (score: 0.933333)

Moved: vite/usr/lib/node_modules/vite/dist/node/chunks/dep-D6I3Q2TL.js -> vite/usr/lib/node_modules/vite/dist/node/chunks/dep-DHU7GEFN.js (score: 0.933333)

Moved: vite/usr/lib/node_modules/vite/dist/node/chunks/dep-D6I3Q2TL.js -> vite/usr/lib/node_modules/vite/dist/node/chunks/dep-DbzVZKyq.js (score: 0.933333)

sergio-chainguard commented Apr 16, 2024

pdeslaur left a comment

pdeslaur commented Apr 16, 2024

vite/5.2.9 package update #16881

vite/5.2.9 package update #16881

Conversation

octo-sts bot commented Apr 15, 2024

github-actions bot commented Apr 16, 2024

Deleted: vite/usr/lib/node_modules/vite/dist/node/chunks/dep-whKeNLxG.js

Deleted: vite/usr/lib/node_modules/vite/dist/node/chunks/dep-2j8ZV8Rx.js

Moved: vite/usr/lib/node_modules/vite/dist/node/chunks/dep-D6I3Q2TL.js -> vite/usr/lib/node_modules/vite/dist/node/chunks/dep-_QLjGPdL.js (score: 0.933333)

Moved: vite/usr/lib/node_modules/vite/dist/node/chunks/dep-D6I3Q2TL.js -> vite/usr/lib/node_modules/vite/dist/node/chunks/dep-DHU7GEFN.js (score: 0.933333)

Moved: vite/usr/lib/node_modules/vite/dist/node/chunks/dep-D6I3Q2TL.js -> vite/usr/lib/node_modules/vite/dist/node/chunks/dep-DbzVZKyq.js (score: 0.933333)

sergio-chainguard commented Apr 16, 2024

pdeslaur left a comment

Choose a reason for hiding this comment

pdeslaur commented Apr 16, 2024