chore(deps): bump vite-plus to pkg-pr-new pr-1588#20
Conversation
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request updates dependency configurations in package.json and pnpm-workspace.yaml, replacing local/npm aliases for vite-plus and vitest with PR-based URLs and standard npm versions, as well as configuring minimumReleaseAge exclusions. The reviewer points out that some dependencies are pointing to mutable PR-based URLs (e.g., @1588) while others are pinned to a specific commit SHA. To prevent version mismatches and ensure reproducibility, it is recommended to pin all PR-based URLs to the same commit SHA.
| "virtua": "0.48.8", | ||
| "vite-plugin-pwa": "1.3.0", | ||
| "vite-plus": "0.1.20", | ||
| "vite-plus": "https://pkg.pr.new/voidzero-dev/vite-plus@1588", |
There was a problem hiding this comment.
The vite-plus dependency is currently pointing to the mutable PR-based URL (@1588), while the overrides in pnpm-workspace.yaml are pinned to a specific commit SHA (@5577b0154f33d1480a3c96347e94fa5d2094de2e). If the PR is updated with new commits, vite-plus will resolve to a newer version than its overridden core dependencies, which can lead to runtime issues or type mismatches. Please pin vite-plus to the same commit SHA for consistency and reproducibility.
| "vite-plus": "https://pkg.pr.new/voidzero-dev/vite-plus@1588", | |
| "vite-plus": "https://pkg.pr.new/voidzero-dev/vite-plus@5577b0154f33d1480a3c96347e94fa5d2094de2e", |
| sharp: 0.34.5 | ||
| vite: npm:@voidzero-dev/vite-plus-core@0.1.20 | ||
| vitest: npm:@voidzero-dev/vite-plus-test@0.1.20 | ||
| vite: 'https://pkg.pr.new/voidzero-dev/vite-plus/@voidzero-dev/vite-plus-core@1588' |
There was a problem hiding this comment.
The vite override is currently pointing to the PR-based URL (@1588), whereas the other @voidzero-dev/vite-plus-* overrides are pinned to the specific commit SHA (@5577b0154f33d1480a3c96347e94fa5d2094de2e). To prevent potential version mismatches, duplicate package resolution, or installation inconsistencies, please pin the vite override to the same commit SHA.
vite: 'https://pkg.pr.new/voidzero-dev/vite-plus/@voidzero-dev/vite-plus-core@5577b0154f33d1480a3c96347e94fa5d2094de2e'
|
1 participant
Summary
Bump vite-plus to pkg-pr-new build for PR #1588 (replace @voidzero-dev/vite-plus-test wrapper with upstream vitest@4.1.5).
Updated where applicable:
Test plan