Skip to content

build(deps): bump the frontend group across 1 directory with 6 updates#106

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/src/ResQ.Viz.Web/frontend-0e896611aa
Open

build(deps): bump the frontend group across 1 directory with 6 updates#106
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/src/ResQ.Viz.Web/frontend-0e896611aa

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 18, 2026

Bumps the frontend group with 6 updates in the /src/ResQ.Viz.Web directory:

Package From To
effect 4.0.0-beta.60 4.0.0-beta.67
posthog-js 1.372.9 1.374.0
@types/node 25.6.0 25.8.0
@types/three 0.184.0 0.184.1
vite 8.0.10 8.0.13
vitest 4.1.5 4.1.6

Updates effect from 4.0.0-beta.60 to 4.0.0-beta.67

Commits

Updates posthog-js from 1.372.9 to 1.374.0

Release notes

Sourced from posthog-js's releases.

posthog-js@1.374.0

1.374.0

Minor Changes

  • #3620 594ea11 Thanks @​pauldambra! - Dead clicks: add a .ph-no-deadclick CSS class (and capture_dead_clicks.css_selector_ignorelist config option) to exclude specific elements from dead-click detection without affecting autocapture, session replay, or heatmaps. Mirrors the existing .ph-no-rageclick pattern. (2026-05-18)

Patch Changes

  • #3621 3c0a09f Thanks @​pauldambra! - Dead clicks: a click on an <a> (or any element inside an <a>, including across shadow DOM) is no longer flagged as a dead click — the browser navigates / downloads / opens a new window and we can't observe that. Reuses autocapture's existing DOM walker for the ancestor walk. Direct clicks on <button>, <input>, <select>, <textarea>, <label>, and <form> (previously all skipped) are now eligible for dead-click detection: if their JS handler ran, the existing mutation / scroll / selection observers see the effect; if it didn't, dead-click correctly surfaces the bug. A broken <button> with no handler, or an <svg> icon inside one, will now flag — which is exactly the dead-click case we want to catch. (2026-05-18)
  • Updated dependencies [594ea11]:
    • @​posthog/types@​1.374.0
    • @​posthog/core@​1.29.3

posthog-js@1.373.5

1.373.5

Patch Changes

  • #3613 221973e Thanks @​lucasheriques! - Surveys: submit open text questions with Cmd/Ctrl+Enter. The textarea still inserts a newline on plain Enter (native behaviour), matching the convention used by Slack, GitHub, Discord, and ChatGPT for multi-line inputs. Single-line "Other:" inputs continue to submit on plain Enter as before. (2026-05-15)
  • Updated dependencies []:
    • @​posthog/types@​1.373.5
    • @​posthog/core@​1.29.2

posthog-js@1.373.4

1.373.4

Patch Changes

  • #3602 4b895bf Thanks @​marandaneto! - Validate gzip request bodies at the browser send boundary and fall back to JSON if the outgoing body is not gzip data. (2026-05-12)
  • Updated dependencies [4b895bf]:
    • @​posthog/core@​1.29.1
    • @​posthog/types@​1.373.4

posthog-js@1.373.3

1.373.3

Patch Changes

  • Updated dependencies [ad60818]:
    • @​posthog/core@​1.29.0
    • @​posthog/types@​1.373.3

posthog-js@1.373.2

1.373.2

... (truncated)

Commits
  • 5b4eda1 chore: update versions and lockfile [version bump]
  • 3c0a09f feat(dead-clicks): ignore clicks inside an interactive ancestor (#3621)
  • 594ea11 feat(dead-clicks): support .ph-no-deadclick css class (#3620)
  • 0a7143b chore: update versions and lockfile [version bump]
  • 221973e feat(surveys): submit open text questions with Cmd/Ctrl+Enter (#3613)
  • c9f6c79 chore: update versions and lockfile [version bump]
  • 77ee9df fix: set default next pages export to client version, matching the default ex...
  • 6407531 chore: update versions and lockfile [version bump]
  • afb0ae8 fix: send absolute current URLs for Next pageviews (#3608)
  • 50480eb chore: update versions and lockfile [version bump]
  • Additional commits viewable in compare view

Updates @types/node from 25.6.0 to 25.8.0

Commits

Updates @types/three from 0.184.0 to 0.184.1

Commits

Updates vite from 8.0.10 to 8.0.13

Release notes

Sourced from vite's releases.

v8.0.13

Please refer to CHANGELOG.md for details.

v8.0.12

Please refer to CHANGELOG.md for details.

v8.0.11

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

8.0.13 (2026-05-14)

Features

  • bundled-dev: add lazy bundling support (#21406) (4f0949f)
  • optimizer: improve the esbuild plugin converter to pass some properties of build result to onEnd (#22357) (47071ce)
  • update rolldown to 1.0.1 (#22444) (8c766a6)

Bug Fixes

  • build: copy public directory after building same environment with write=false (#22328) (158e8ae)
  • css: await sass/less/styl worker disposal on teardown (fix #22274) (#22275) (b7edcb7)
  • css: keep deprecated name/originalFileName in synthetic assetFileNames call (#22439) (8e59c97)
  • make isBundled per environment (#22257) (a576326)
  • ssr: avoid rewriting labels that collide with imports (#22451) (d9b18e0)

Miscellaneous Chores

8.0.12 (2026-05-11)

Features

Bug Fixes

  • deps: update all non-major dependencies (#22420) (2be6000)
  • module-runner: prevent partial-exports race on concurrent imports of in-flight invalidated re-export chains (#22369) (f5a22e6)
  • refer to rolldownOptions instead of deprecated rollupOptions in messages (#22400) (b675c7b)
  • worker: apply build.target to worker bundle (#22404) (3c93fde)
  • worker: forward define to worker bundle transform (#22408) (d4838a0)

Miscellaneous Chores

8.0.11 (2026-05-07)

Features

Bug Fixes

  • deps: update all non-major dependencies (#22334) (672c962)
  • deps: update all non-major dependencies (#22382) (5c0cfcb)
  • glob: align hmr matcher options with glob enumeration (#22306) (30028f9)
  • make separate object instance for each environment (#22276) (7c2aa3b)

... (truncated)

Commits
  • a46f11a release: v8.0.13
  • d9b18e0 fix(ssr): avoid rewriting labels that collide with imports (#22451)
  • 4f0949f feat(bundled-dev): add lazy bundling support (#21406)
  • 158e8ae fix(build): copy public directory after building same environment with `write...
  • 47071ce feat(optimizer): improve the esbuild plugin converter to pass some properties...
  • 8e59c97 fix(css): keep deprecated name/originalFileName in synthetic `assetFileNa...
  • a576326 fix: make isBundled per environment (#22257)
  • 8c766a6 feat: update rolldown to 1.0.1 (#22444)
  • b7edcb7 fix(css): await sass/less/styl worker disposal on teardown (fix #22274) (#22275)
  • fcdc87c chore: update changelog (#22413)
  • Additional commits viewable in compare view

Updates vitest from 4.1.5 to 4.1.6

Release notes

Sourced from vitest's releases.

v4.1.6

   🐞 Bug Fixes

   🏎 Performance

    View changes on GitHub
Commits
  • a8fd24c chore: release v4.1.6
  • 18af98c fix(browser): simplify orchestrator otel carrier (#10285)
  • 3188260 feat(browser): provide project reference in ToMatchScreenshotResolvePath (#...
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps): bump the frontend group across 1 directory with 6 updates
f2e01f1 
Bumps the frontend group with 6 updates in the /src/ResQ.Viz.Web directory:

| Package | From | To |
| --- | --- | --- |
| [effect](https://github.com/Effect-TS/effect/tree/HEAD/packages/effect) | `4.0.0-beta.60` | `4.0.0-beta.67` |
| [posthog-js](https://github.com/PostHog/posthog-js) | `1.372.9` | `1.374.0` |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.6.0` | `25.8.0` |
| [@types/three](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/three) | `0.184.0` | `0.184.1` |
| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `8.0.10` | `8.0.13` |
| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `4.1.5` | `4.1.6` |



Updates `effect` from 4.0.0-beta.60 to 4.0.0-beta.67
- [Release notes](https://github.com/Effect-TS/effect/releases)
- [Changelog](https://github.com/Effect-TS/effect/blob/main/packages/effect/CHANGELOG.md)
- [Commits](https://github.com/Effect-TS/effect/commits/HEAD/packages/effect)

Updates `posthog-js` from 1.372.9 to 1.374.0
- [Release notes](https://github.com/PostHog/posthog-js/releases)
- [Changelog](https://github.com/PostHog/posthog-js/blob/main/CHANGELOG.md)
- [Commits](https://github.com/PostHog/posthog-js/compare/posthog-js@1.372.9...posthog-js@1.374.0)

Updates `@types/node` from 25.6.0 to 25.8.0
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `@types/three` from 0.184.0 to 0.184.1
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/three)

Updates `vite` from 8.0.10 to 8.0.13
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v8.0.13/packages/vite)

Updates `vitest` from 4.1.5 to 4.1.6
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.6/packages/vitest)

---
updated-dependencies:
- dependency-name: effect
  dependency-version: 4.0.0-beta.67
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: frontend
- dependency-name: posthog-js
  dependency-version: 1.374.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: frontend
- dependency-name: "@types/node"
  dependency-version: 25.8.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: frontend
- dependency-name: "@types/three"
  dependency-version: 0.184.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: frontend
- dependency-name: vite
  dependency-version: 8.0.13
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: frontend
- dependency-name: vitest
  dependency-version: 4.1.6
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: frontend
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 18, 2026

Labels

The following labels could not be found: chore, deps. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot requested a review from WomB0ComB0 as a code owner May 18, 2026 09:45
@socket-security
Copy link
Copy Markdown

socket-security Bot commented May 18, 2026

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Updatednpm/​vitest@​4.1.5 ⏵ 4.1.696 +110079 +199100
Updatednpm/​@​types/​three@​0.184.0 ⏵ 0.184.11001008190100
Updatednpm/​@​types/​node@​25.6.0 ⏵ 25.8.0100 +110081 +196100
Updatednpm/​posthog-js@​1.372.9 ⏵ 1.374.092 +2710082 +1100 +1100
Updatednpm/​vite@​8.0.10 ⏵ 8.0.139910082 +198100
Updatednpm/​effect@​4.0.0-beta.60 ⏵ 4.0.0-beta.6710010091 +198 +1100

View full report

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@WomB0ComB0 WomB0ComB0 Awaiting requested review from WomB0ComB0 WomB0ComB0 is a code owner

At least 0 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants