chore(deps): update vite by renovate[bot] · Pull Request #6263 · nuxt/ui

renovate · 2026-03-30T06:13:49Z

This PR contains the following updates:

Package	Change	Age	Confidence
@vitejs/plugin-vue (source)	`^6.0.5` → `^6.0.6`
vite (source)	`^7.3.1` → `^7.3.2`
vue (source)	`^3.5.30` → `^3.5.33`
vue-router (source)	`^5.0.4` → `^5.0.6`

Release Notes

vitejs/vite (vite)

`v7.3.2`

Compare Source

Please refer to CHANGELOG.md for details.

vuejs/router (vue-router)

`v5.0.6`

Compare Source

🐞 Bug Fixes

Missing closing quote in generated import - by @zjy040525 and @posva in #2688 (32f78)

View changes on GitHub

`v5.0.5`

Compare Source

🚀 Features

Enable standard schema param parsers - by @posva (ea8e3)
Normalize param parsers once - by @posva (48087)

🐞 Bug Fixes

Track definePage imports per-file to fix named view race condition - by @posva (11191)
Avoid double decoding hash on string location - by @posva (1578c)

View changes on GitHub

Configuration

📅 Schedule: (in timezone Europe/Paris)

Branch creation
- Between 06:00 AM and 09:59 AM, only on Monday (* 6-9 * * 1)
Automerge
- At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

pkg-pr-new · 2026-03-30T06:25:17Z

npm i https://pkg.pr.new/@nuxt/ui@6263

commit: d742e7d

socket-security · 2026-04-27T08:06:26Z

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	happy-dom@20.9.0
	fflate@0.8.2
	eslint@10.3.0
	fuse.js@7.3.0

View full report

socket-security · 2026-05-04T09:58:54Z

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert (click "▶" to expand/collapse)
Warn		Critical CVE: Handlebars.js has JavaScript Injection via AST Type Confusion CVE: GHSA-2w6w-674q-4c4q Handlebars.js has JavaScript Injection via AST Type Confusion (CRITICAL) Affected versions: >= 4.0.0 < 4.7.9 Patched version: 4.7.9 From: pnpm-lock.yaml → `npm/@release-it/conventional-changelog@10.0.6` → `npm/handlebars@4.7.8` ℹ Read more on: This package \| This alert \| What is a critical CVE? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Remove or replace dependencies that include known critical CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/handlebars@4.7.8`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `entities` is 91.0% likely obfuscated Confidence: 0.91 Location: Package overview From: pnpm-lock.yaml → `npm/entities@4.5.0` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/entities@4.5.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `entities` is 91.0% likely obfuscated Confidence: 0.91 Location: Package overview From: pnpm-lock.yaml → `npm/entities@6.0.1` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/entities@6.0.1`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

renovate Bot requested a review from benjamincanac as a code owner March 30, 2026 06:13

github-actions Bot added the v4 #4488 label Mar 30, 2026

vercel Bot deployed to Preview – ui March 30, 2026 06:25 View deployment

renovate Bot force-pushed the renovate/vite branch 2 times, most recently from d556298 to e93d321 Compare March 30, 2026 16:56

vercel Bot deployed to Preview – ui March 30, 2026 17:08 View deployment

renovate Bot force-pushed the renovate/vite branch from e93d321 to e0c7264 Compare March 30, 2026 17:24

vercel Bot deployed to Preview – ui March 30, 2026 17:37 View deployment

renovate Bot force-pushed the renovate/vite branch from e0c7264 to 937f4b0 Compare March 30, 2026 20:02

vercel Bot deployed to Preview – ui March 30, 2026 20:17 View deployment

renovate Bot force-pushed the renovate/vite branch from 937f4b0 to 27618ad Compare April 1, 2026 15:48

vercel Bot deployed to Preview – ui April 1, 2026 16:00 View deployment

renovate Bot force-pushed the renovate/vite branch from 27618ad to 67f9289 Compare April 2, 2026 13:13

vercel Bot deployed to Preview – ui April 2, 2026 13:27 View deployment

renovate Bot force-pushed the renovate/vite branch from 67f9289 to a80843c Compare April 3, 2026 06:42

renovate Bot changed the title ~~chore(deps): update dependency vue to ^3.5.31~~ chore(deps): update dependency vue to ^3.5.32 Apr 3, 2026

vercel Bot deployed to Preview – ui April 3, 2026 06:54 View deployment

renovate Bot force-pushed the renovate/vite branch from a80843c to 43de7a6 Compare April 6, 2026 11:37

vercel Bot deployed to Preview – ui April 6, 2026 11:49 View deployment

renovate Bot force-pushed the renovate/vite branch from 43de7a6 to f9d14f3 Compare April 6, 2026 14:43

renovate Bot changed the title ~~chore(deps): update dependency vue to ^3.5.32~~ chore(deps): update vite Apr 6, 2026

vercel Bot deployed to Preview – ui April 6, 2026 14:56 View deployment

renovate Bot force-pushed the renovate/vite branch from f9d14f3 to 8ccdd8a Compare April 7, 2026 12:13

vercel Bot deployed to Preview – ui April 7, 2026 12:25 View deployment

renovate Bot force-pushed the renovate/vite branch from 8ccdd8a to c9075d0 Compare April 7, 2026 13:52

vercel Bot deployed to Preview – ui April 7, 2026 14:05 View deployment

renovate Bot force-pushed the renovate/vite branch from c9075d0 to 4a42763 Compare April 8, 2026 15:37

vercel Bot had a problem deploying to Preview – ui April 8, 2026 15:45 Failure

renovate Bot force-pushed the renovate/vite branch from 4a42763 to c1c3ef7 Compare April 9, 2026 13:16

vercel Bot deployed to Preview – ui April 13, 2026 10:15 View deployment

renovate Bot force-pushed the renovate/vite branch from 021982e to ce7e112 Compare April 13, 2026 11:54

vercel Bot deployed to Preview – ui April 13, 2026 12:06 View deployment

renovate Bot force-pushed the renovate/vite branch from ce7e112 to eb1ee25 Compare April 15, 2026 16:16

vercel Bot deployed to Preview – ui April 15, 2026 16:29 View deployment

renovate Bot force-pushed the renovate/vite branch from eb1ee25 to d5edda0 Compare April 20, 2026 10:47

vercel Bot deployed to Preview – ui April 20, 2026 10:59 View deployment

renovate Bot force-pushed the renovate/vite branch from d5edda0 to 297f51d Compare April 20, 2026 13:37

vercel Bot deployed to Preview – ui April 20, 2026 13:49 View deployment

renovate Bot force-pushed the renovate/vite branch from 297f51d to 50d04de Compare April 22, 2026 08:00

vercel Bot deployed to Preview – ui April 22, 2026 08:12 View deployment

renovate Bot force-pushed the renovate/vite branch from 50d04de to 63d5a21 Compare April 22, 2026 10:31

vercel Bot deployed to Preview – ui April 22, 2026 10:43 View deployment

renovate Bot force-pushed the renovate/vite branch from 63d5a21 to 2432f07 Compare April 22, 2026 13:29

vercel Bot deployed to Preview – ui April 22, 2026 13:41 View deployment

renovate Bot force-pushed the renovate/vite branch from 2432f07 to a0afe51 Compare April 22, 2026 13:49

vercel Bot deployed to Preview – ui April 22, 2026 14:01 View deployment

renovate Bot force-pushed the renovate/vite branch from a0afe51 to 585f46e Compare April 22, 2026 14:46

vercel Bot deployed to Preview – ui April 22, 2026 14:58 View deployment

renovate Bot force-pushed the renovate/vite branch from 585f46e to 8094319 Compare April 27, 2026 08:05

vercel Bot deployed to Preview – ui April 27, 2026 08:18 View deployment

renovate Bot force-pushed the renovate/vite branch from 8094319 to 78dddbf Compare April 29, 2026 17:45

vercel Bot deployed to Preview – ui April 29, 2026 17:58 View deployment

renovate Bot force-pushed the renovate/vite branch from 78dddbf to 9935cfd Compare April 30, 2026 15:31

vercel Bot deployed to Preview – ui April 30, 2026 15:44 View deployment

chore(deps): update vite

d742e7d

renovate Bot force-pushed the renovate/vite branch from 9935cfd to d742e7d Compare May 4, 2026 09:58

vercel Bot deployed to Preview – ui May 4, 2026 10:11 View deployment

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): update vite#6263

chore(deps): update vite#6263
renovate[bot] wants to merge 1 commit intov4from
renovate/vite

renovate Bot commented Mar 30, 2026 •

edited

Loading

Uh oh!

pkg-pr-new Bot commented Mar 30, 2026 •

edited

Loading

Uh oh!

socket-security Bot commented Apr 27, 2026 •

edited

Loading

Uh oh!

socket-security Bot commented May 4, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

renovate Bot commented Mar 30, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Release Notes

v7.3.2

v5.0.6

🐞 Bug Fixes

View changes on GitHub

v5.0.5

🚀 Features

🐞 Bug Fixes

View changes on GitHub

Configuration

Uh oh!

pkg-pr-new Bot commented Mar 30, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

socket-security Bot commented Apr 27, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

socket-security Bot commented May 4, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

renovate Bot commented Mar 30, 2026 •

edited

Loading

`v7.3.2`

`v5.0.6`

`v5.0.5`

pkg-pr-new Bot commented Mar 30, 2026 •

edited

Loading

socket-security Bot commented Apr 27, 2026 •

edited

Loading