Skip to content

build(deps-dev): Bump @vitest/ui from 3.2.4 to 4.0.3 #10

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

build(deps-dev): Bump @vitest/ui from 3.2.4 to 4.0.3 #10

wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 25, 2025
edited
Loading

Bumps @vitest/ui from 3.2.4 to 4.0.3.

Release notes

Sourced from @​vitest/ui's releases.

v4.0.3

   🐞 Bug Fixes

    View changes on GitHub

v4.0.2

   🐞 Bug Fixes

    View changes on GitHub

v4.0.1

   🐞 Bug Fixes

    View changes on GitHub

v4.0.0

Vitest 4.0 is out!

To stay updated, read our blog post and check the migration guide.

   🚨 Breaking Changes

... (truncated)

Commits
  • ca1766f chore: release v4.0.3
  • 07bc56a chore: release v4.0.2
  • 4a28faa chore: release v4.0.1
  • da7ce17 chore: release v4.0.0
  • 624032e chore(ui): use vitest-browser-vue for UI tests, remove auto loading, typechec...
  • 3e4b6b7 chore: release v4.0.0-beta.19
  • bc7c20d chore: release v4.0.0-beta.18
  • 4783137 chore: release v4.0.0-beta.17
  • 9edf904 docs: correct WebSocket spelling (#8661)
  • 6fc7890 chore: release v4.0.0-beta.16
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​vitest/ui since your current version.


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
build(deps-dev): Bump @vitest/ui from 3.2.4 to 4.0.3
aab1d49 
Bumps [@vitest/ui](https://github.com/vitest-dev/vitest/tree/HEAD/packages/ui) from 3.2.4 to 4.0.3.
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.0.3/packages/ui)

---
updated-dependencies:
- dependency-name: "@vitest/ui"
  dependency-version: 4.0.3
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Oct 25, 2025

Labels

The following labels could not be found: dependabot, dependencies. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@kevalyq kevalyq added dependencies Pull requests that update dependencies dependabot Dependabot automated updates labels Oct 25, 2025
@kevalyq
Copy link
Contributor

kevalyq commented Oct 25, 2025

@dependabot rebase

@kevalyq
Copy link
Contributor

kevalyq commented Oct 25, 2025

Closing due to dependency conflicts with vitest. Dependabot will create a new PR with compatible versions.

@kevalyq kevalyq closed this Oct 25, 2025
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Oct 25, 2025

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot bot deleted the dependabot/npm_and_yarn/vitest/ui-4.0.3 branch October 25, 2025 21:56
@kevalyq kevalyq mentioned this pull request Oct 25, 2025
Merged
kevalyq added a commit that referenced this pull request Nov 19, 2025
@kevalyq
fix(docs): address Copilot comments - remove orphaned JSDoc, fix mark…
b9cb180 
…down structure

- Remove orphaned NIST JSDoc comment block in testVectors.ts
- Fix malformed markdown code blocks in IMPLEMENTATION_PLAN_ISSUE143.md
- Rename duplicate '## Encryption Flow' to '### Encryption Workflow'
- Add API reference example code block

Copilot Comments Addressed:
✅ #10: Removed incomplete JSDoc block (lines 14-20)
✅ #11: Fixed nested/malformed code blocks (lines 879-914)

Note: BufferSource casts in encryption.ts/checksum.ts REQUIRED by TypeScript strict mode
(Uint8Array<ArrayBufferLike> incompatibility - known TS limitation)
kevalyq added a commit that referenced this pull request Nov 19, 2025
@kevalyq
feat(crypto): Phase 1 - AES-GCM-256 Encryption Utilities (#177)
6931e01 
* feat(crypto): implement Phase 1 - AES-GCM-256 encryption utilities

Implements #172 (Phase 1 of Issue #143)

## Implementation Summary

### Added Files (TDD Approach)
- src/lib/crypto/testVectors.ts - NIST-validated test vectors for AES-GCM-256
- src/lib/crypto/encryption.test.ts - Comprehensive test suite (20 tests)
- src/lib/crypto/encryption.ts - AES-GCM-256 encryption implementation
- src/lib/crypto/checksum.test.ts - SHA-256 checksum tests (17 tests)
- src/lib/crypto/checksum.ts - SHA-256 integrity verification
- src/lib/crypto/index.ts - Public API exports

### Features
✅ AES-GCM-256 authenticated encryption
✅ HKDF-SHA-256 file-specific key derivation
✅ Master key generation/import/export
✅ SHA-256 checksums for integrity verification
✅ Zero-knowledge architecture (file keys non-extractable)
✅ Web Crypto API only (no external dependencies)

### Test Coverage
- 37/37 tests passing
- Encryption/decryption round-trip validation
- Auth tag tampering detection
- Ciphertext integrity verification
- Deterministic key derivation
- Large file support (1KB+ tested)

### Security Properties
- 256-bit AES-GCM keys
- 96-bit random IVs (unique per encryption)
- 128-bit authentication tags
- File-specific derived keys (non-extractable)
- Constant-time checksum comparison

Next: Phase 2 - ShareTarget encryption integration (#173)

* fix(crypto): Address Copilot review - remove NIST placeholder, fix duplicates, move test exports

- Remove NIST_TEST_VECTOR_1 (contained placeholder values, not real NIST data)
- Fix duplicate conditional logic in encryption.test.ts (tampering tests)
- Remove test vector exports from public API (index.ts)
- Add testVectors.test.ts to cover toHex/fromHex helper functions (8 tests)
- BufferSource casts kept in encryption.ts (required by TypeScript strict mode)
- BufferSource cast kept in checksum.ts (TypeScript requires it)

Copilot Comments Addressed:
✅ #1: Removed NIST_TEST_VECTOR_1 placeholder
✅ #2-5: Removed unnecessary BufferSource casts where possible
✅ #6-7: Fixed duplicate conditionals in tampering tests
❌ #8: BufferSource cast in checksum.ts REQUIRED by TypeScript
✅ #9: Moved test exports out of public API

Tests: 48/48 passing, 100% coverage maintained
Quality: TypeCheck passing, ESLint passing

* docs: fix markdownlint - add language identifiers to code blocks

* fix(docs): address Copilot comments - remove orphaned JSDoc, fix markdown structure

- Remove orphaned NIST JSDoc comment block in testVectors.ts
- Fix malformed markdown code blocks in IMPLEMENTATION_PLAN_ISSUE143.md
- Rename duplicate '## Encryption Flow' to '### Encryption Workflow'
- Add API reference example code block

Copilot Comments Addressed:
✅ #10: Removed incomplete JSDoc block (lines 14-20)
✅ #11: Fixed nested/malformed code blocks (lines 879-914)

Note: BufferSource casts in encryption.ts/checksum.ts REQUIRED by TypeScript strict mode
(Uint8Array<ArrayBufferLike> incompatibility - known TS limitation)

* fix(crypto): add missing BufferSource cast for iv parameter in decryptFile

TypeScript strict mode requires BufferSource cast for iv parameter
in crypto.subtle.decrypt call (line 215).

Fixes CI build error:
- error TS2769: No overload matches this call
- Type 'Uint8Array<ArrayBufferLike>' is not assignable to 'BufferSource'

All BufferSource casts are TypeScript strict mode requirement, not redundant.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependabot Dependabot automated updates dependencies Pull requests that update dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kevalyq