Deps: Bump the patch-updates group across 1 directory with 8 updates

[dependabot]

Bumps the patch-updates group with 6 updates in the / directory:

Package	From	To
i18next	24.0.2	24.0.5
react-i18next	15.1.1	15.1.3
@vitejs/plugin-react	4.3.3	4.3.4
@vitest/coverage-v8	2.1.5	2.1.8
eslint-plugin-react-refresh	0.4.14	0.4.16
vite-plugin-eslint2	5.0.2	5.0.3

Updates i18next from 24.0.2 to 24.0.5

Release notes

Sourced from i18next's releases.

v24.0.5

• remove extra log for 2268

v24.0.4

• simplify fix: incorrect locale detected 2268

v24.0.3

• fix: incorrect locale detected 2268
• fix: Intl.getCanonicalLocales throws with custom regions 2267

Changelog

Sourced from i18next's changelog.

24.0.5

• remove extra log for 2268

24.0.4

• simplify fix: incorrect locale detected 2268

24.0.3

• fix: incorrect locale detected 2268
• fix: Intl.getCanonicalLocales throws with custom regions 2267

Commits

• 182abcc 24.0.5
• 0803d3d remove extra log for #2268
• 31d5b95 24.0.4
• d00da32 simplify fix #2268
• 9903c61 24.0.3
• 9084de0 release
• 8d3fef7 fix: incorrect locale detected (#2268)
• See full diff in compare view

Updates react-i18next from 15.1.1 to 15.1.3

Changelog

Sourced from react-i18next's changelog.

15.1.3

• fix: Self-closing REACT components in translation strings should not attempt to replace the component's children 1815 1816

15.1.2

• fix: Attempted to assign to readonly property 1813

Commits

• bf52f87 15.1.3
• 7916634 release
• 99bf308 fix issue where component children would be removed when they are passed to r...
• ae85abb cosmetics
• 4cd54b1 build
• 9f27377 15.1.2
• 12e2ebd release
• 2d00f34 fix: Attempted to assign to readonly property (#1813)
• 594555c update i18next dep in example
• c9a73eb update deps in react example
• Additional commits viewable in compare view

Updates @vitejs/plugin-react from 4.3.3 to 4.3.4

Release notes

Sourced from @​vitejs/plugin-react's releases.

v4.3.4

Add Vite 6 to peerDependencies range

Vite 6 is highly backward compatible, not much to add!

Force Babel to output spec compliant import attributes #386

The default was an old spec (with type: "json"). We now enforce spec compliant (with { type: "json" })

Changelog

Sourced from @​vitejs/plugin-react's changelog.

4.3.4 (2024-11-26)

Add Vite 6 to peerDependencies range

Vite 6 is highly backward compatible, not much to add!

Force Babel to output spec compliant import attributes #386

The default was an old spec (with type: "json"). We now enforce spec compliant (with { type: "json" })

Commits

• 2e368a6 release: [email protected]
• bde1ad6 feat: add Vite 6 to peerDependencies range (#390)
• 45a727c fix(deps): update all non-major dependencies (#373)
• 5d2b6c6 fix: force non-legacy import attributes babel output (#386)
• See full diff in compare view

Updates @vitest/coverage-v8 from 2.1.5 to 2.1.8

Release notes

Sourced from @​vitest/coverage-v8's releases.

v2.1.8

   🐞 Bug Fixes

• Support Node 21  -  by @​sheremet-va (92f7a)

    View changes on GitHub

v2.1.7

   🐞 Bug Fixes

• Revert support for Vite 6  -  by @​sheremet-va (fbe5c)
  • This introduced some breaking changes (vitest-dev/vitest#6992). We will enable support for it later. In the meantime, you can still use pnpm.overrides or yarn resolutions to override the vite version in the vitest package - the APIs are compatible.

    View changes on GitHub

v2.1.6

🚀 Features

• Support Vite 6

    View changes on GitHub

Commits

• d69cc75 bump: 2.1.8
• 81ed45b chore: release v2.1.7
• b936702 bump: 2.1.6
• See full diff in compare view

Updates @vitest/ui from 2.1.5 to 2.1.8

Release notes

Sourced from @​vitest/ui's releases.

v2.1.8

   🐞 Bug Fixes

• Support Node 21  -  by @​sheremet-va (92f7a)

    View changes on GitHub

v2.1.7

   🐞 Bug Fixes

• Revert support for Vite 6  -  by @​sheremet-va (fbe5c)
  • This introduced some breaking changes (vitest-dev/vitest#6992). We will enable support for it later. In the meantime, you can still use pnpm.overrides or yarn resolutions to override the vite version in the vitest package - the APIs are compatible.

    View changes on GitHub

v2.1.6

🚀 Features

• Support Vite 6

    View changes on GitHub

Commits

• d69cc75 bump: 2.1.8
• 81ed45b chore: release v2.1.7
• fbe5c39 fix: revert support for Vite 6
• b936702 bump: 2.1.6
• See full diff in compare view

Updates eslint-plugin-react-refresh from 0.4.14 to 0.4.16

Release notes

Sourced from eslint-plugin-react-refresh's releases.

v0.4.16

Fix CJS/ESM interop issue. Sorry everyone for the trouble.

v0.4.15

Add support for custom HOCs (#60)

By default, the rule only knows that memo & forwardRef function calls with return a React component. With this option, you can also allow extra function names like Mobx observer to make this code valid:

const Foo = () => <></>;
export default observer(Foo);

{
  "react-refresh/only-export-components": [
    "error",
    { "customHOCs": ["observer"] }
  ]
}

Thanks @​HorusGoul!

Add recommended config and simple types (#67)

You can now add the recommended config to your ESLint config like this:

import reactRefresh from "eslint-plugin-react-refresh";
export default [
/* Main config */
reactRefresh.configs.recommended, // Or reactRefresh.configs.vite for Vite users
];

To follow ESLint recommandations, the rule is added with the error severity.

Some simple types ensure that people typecheking their config won't need @ts-expect-error anymore.

Bump ESLint peer dependency to 8.40

This was actually done by mistake in the previous release when moving from a deprecated API to a new one.

Given that ESLint 8 is officialy end-of-life and the only report (#56) didn't get likes, I'm going forward and documenting the expected minimum version from ESLin in the package JSON so that people can get warning from their package manager.

Changelog

Sourced from eslint-plugin-react-refresh's changelog.

0.4.16

Fix CJS/ESM interop issue. Sorry everyone for the trouble.

0.4.15

Add support for custom HOCs (#60)

By default, the rule only knows that memo & forwardRef function calls with return a React component. With this option, you can also allow extra function names like Mobx observer to make this code valid:

const Foo = () => <></>;
export default observer(Foo);

{
  "react-refresh/only-export-components": [
    "error",
    { "customHOCs": ["observer"] }
  ]
}

Thanks @​HorusGoul!

Add recommended config and simple types (#67)

You can now add the recommended config to your ESLint config like this:

import reactRefresh from "eslint-plugin-react-refresh";
export default [
/* Main config */
reactRefresh.configs.recommended, // Or reactRefresh.configs.vite for Vite users
];

To follow ESLint recommandations, the rule is added with the error severity.

Some simple types ensure that people typecheking their config won't need @ts-expect-error anymore.

Bump ESLint peer dependency to 8.40

This was actually done by mistake in the previous release when moving from a deprecated API to a new one.

Given that ESLint 8 is officialy end-of-life and the only report (#56) didn't get likes, I'm going forward and documenting the expected minimum version from ESLin in the package JSON so that people can get warning from their package manager.

Commits

• d939cc4 Fix exports [publish]
• 7d1709b 0.4.15 [publish]
• ec747c2 Add configs and simple types (#67)
• 359ae21 Bump ESLint peer dependency (fixes #56)
• 86bddb3 Add changelog entry & simplify legacy name based only check
• 478e778 Add basic support for custom HOCs (#60)
• 94c9d7d docs: switch suggested severity from 'warn' to 'error' (#66)
• 599b0fd docs: refresh README.md with explainer and options types (#63)
• See full diff in compare view

Updates vite-plugin-eslint2 from 5.0.2 to 5.0.3

Release notes

Sourced from vite-plugin-eslint2's releases.

v5.0.3

No significant changes

    View changes on GitHub

Changelog

Sourced from vite-plugin-eslint2's changelog.

5.0.3 (2024-11-26)

Note: Version bump only for package vite-plugin-eslint2

Commits

• 6a8930b chore: release v5.0.3
• c8da896 docs: update
• 39cb5ed chore: update deps
• See full diff in compare view

Updates vitest from 2.1.5 to 2.1.8

Release notes

Sourced from vitest's releases.

v2.1.8

   🐞 Bug Fixes

• Support Node 21  -  by @​sheremet-va (92f7a)

    View changes on GitHub

v2.1.7

   🐞 Bug Fixes

• Revert support for Vite 6  -  by @​sheremet-va (fbe5c)
  • This introduced some breaking changes (vitest-dev/vitest#6992). We will enable support for it later. In the meantime, you can still use pnpm.overrides or yarn resolutions to override the vite version in the vitest package - the APIs are compatible.

    View changes on GitHub

v2.1.6

🚀 Features

• Support Vite 6

    View changes on GitHub

Commits

• d69cc75 bump: 2.1.8
• 92f7a2a fix: support Node 21
• 81ed45b chore: release v2.1.7
• fbe5c39 fix: revert support for Vite 6
• b936702 bump: 2.1.6
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA d6a6383.

Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
npm/@vitejs/plugin-react	4.3.4	🟢 5.7	Details Check Score Reason Code-Review 🟢 4 Found 10/23 approved changesets -- score normalized to 4 Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 10 13 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy 🟢 10 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 8 2 existing vulnerabilities detected
npm/@vitest/coverage-v8	2.1.8	Unknown	Unknown
npm/@vitest/expect	2.1.8	Unknown	Unknown
npm/@vitest/mocker	2.1.8	Unknown	Unknown
npm/@vitest/pretty-format	2.1.8	Unknown	Unknown
npm/@vitest/runner	2.1.8	Unknown	Unknown
npm/@vitest/snapshot	2.1.8	Unknown	Unknown
npm/@vitest/spy	2.1.8	Unknown	Unknown
npm/@vitest/ui	2.1.8	Unknown	Unknown
npm/@vitest/utils	2.1.8	Unknown	Unknown
npm/eslint-plugin-react-refresh	0.4.16	Unknown	Unknown
npm/i18next	24.0.5	🟢 3.9	Details Check Score Reason Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 10 30 commit(s) and 18 issue activity found in the last 90 days -- score normalized to 10 Code-Review ⚠️ 2 Found 6/30 approved changesets -- score normalized to 2 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 3 7 existing vulnerabilities detected
npm/react-i18next	15.1.3	🟢 3.6	Details Check Score Reason Maintained 🟢 10 17 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Code-Review 🟢 5 Found 15/30 approved changesets -- score normalized to 5 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Binary-Artifacts 🟢 7 binaries present in source code License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities ⚠️ 0 116 existing vulnerabilities detected
npm/vite-node	2.1.8	Unknown	Unknown
npm/vite-plugin-eslint2	5.0.3	Unknown	Unknown
npm/vitest	2.1.8	Unknown	Unknown
npm/@vitejs/plugin-react	^4.3.4	🟢 5.7	Details Check Score Reason Code-Review 🟢 4 Found 10/23 approved changesets -- score normalized to 4 Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 10 13 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy 🟢 10 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 8 2 existing vulnerabilities detected
npm/@vitest/coverage-v8	^2.1.8	Unknown	Unknown
npm/eslint-plugin-react-refresh	^0.4.16	Unknown	Unknown
npm/i18next	^24.0.5	🟢 3.9	Details Check Score Reason Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 10 30 commit(s) and 18 issue activity found in the last 90 days -- score normalized to 10 Code-Review ⚠️ 2 Found 6/30 approved changesets -- score normalized to 2 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 3 7 existing vulnerabilities detected
npm/react-i18next	^15.1.3	🟢 3.6	Details Check Score Reason Maintained 🟢 10 17 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Code-Review 🟢 5 Found 15/30 approved changesets -- score normalized to 5 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Binary-Artifacts 🟢 7 binaries present in source code License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities ⚠️ 0 116 existing vulnerabilities detected
npm/vite-plugin-eslint2	^5.0.3	Unknown	Unknown

Scanned Files

• package-lock.json
• package.json

[github-actions]

Conventional Commits Report

Type	Number
Dependencies	1

🚀 Conventional commits found.

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.