Bump the npm_and_yarn group across 1 directory with 3 updates

[dependabot]

Bumps the npm_and_yarn group with 3 updates in the /ExaminePeek/Client directory: vite, rollup and tinymce.

Updates vite from 5.3.1 to 5.3.6

Release notes

Sourced from vite's releases.

v5.3.6

Please refer to CHANGELOG.md for details.

v5.3.5

Please refer to CHANGELOG.md for details.

v5.3.4

Please refer to CHANGELOG.md for details.

v5.3.3

Please refer to CHANGELOG.md for details.

v5.3.2

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

5.3.6 (2024-09-16)

• fix: avoid DOM Clobbering gadget in getRelativeUrlFromDocument (#18115) (2691bb3), closes #18115
• fix: fs raw query (#18112) (4573a6f), closes #18112

5.3.5 (2024-07-25)

• refactor(asset): remove rollup 3 public file watch workaround (#16331) (66bdb1d), closes #16331
• fix: make server type less restrictive (fix #17627) (#17628) (b55c32f), closes #17627 #17628
• fix: show error if vite client cannot be loaded (#17419) (db5ab1d), closes #17419
• fix(build): env output is not stable (#17748) (b240a83), closes #17748
• fix(client): fix vite error path (#17744) (3c1bde3), closes #17744
• fix(css): resolve url aliases with fragments (fix: #17690) (#17691) (d906d3f)
• fix(deps): update all non-major dependencies (#17629) (93281b0), closes #17629
• fix(importMetaGlob): handle alias that starts with hash (#17743) (b58b423), closes #17743
• fix(ssrTransform): sourcemaps with multiple sources (#17677) (f321fa8), closes #17677
• chore: extend commit hash (#17709) (4fc9b64), closes #17709
• chore(deps): update all non-major dependencies (#17734) (9983731), closes #17734
• chore(deps): update typescript (#17699) (df5ceb3), closes #17699
• revert: fix(logger): truncate log over 5000 characters long (#16581) (#17729) (f4f488f), closes #16581 #17729

5.3.4 (2024-07-16)

• fix: update Terser type definitions (fix #17668) (#17669) (b723a75), closes #17668 #17669
• fix(build): skip preload treeshaking for nested braces (#17687) (4be96b4), closes #17687
• fix(css): include .css?url in assets field of manifest (#17623) (1465b20), closes #17623
• fix(worker): nested inlined worker always fallbacked to data URI worker instead of using blob worker (07bc489), closes #17509
• refactor: replace includes with logical operations (#17620) (c4a2227), closes #17620
• chore: add callback to http-proxy.d.ts jsdoc (#17646) (d8a5d70), closes #17646

5.3.3 (2024-07-03)

• fix: lazily evaluate __vite__mapDeps files (#17602) (dafff4a), closes #17602
• fix(deps): update all non-major dependencies (#17590) (012490c), closes #17590
• fix(lib): remove pure CSS dynamic import (#17601) (055f1c1), closes #17601
• fix(proxy): replace changeOrigin changes in 5.3.0 with new rewriteWsOrigin option (#17563) (14c3d49), closes #17563

5.3.2 (2024-06-27)

• fix(client): uniform variable location (#17528) (a8e2f6f), closes #17528
• fix(deps): update all non-major dependencies (#17494) (bf123f2), closes #17494
• fix(typescript): correctly expand ${configDir} in tsconfig.json (#17576) (24c799b), closes #17576

... (truncated)

Commits

• f469ceb release: v5.3.6
• 2691bb3 fix: avoid DOM Clobbering gadget in getRelativeUrlFromDocument (#18115)
• 4573a6f fix: fs raw query (#18112)
• 4407839 release: v5.3.5
• 66bdb1d refactor(asset): remove rollup 3 public file watch workaround (#16331)
• b240a83 fix(build): env output is not stable (#17748)
• b58b423 fix(importMetaGlob): handle alias that starts with hash (#17743)
• d906d3f fix(css): resolve url aliases with fragments (fix: #17690) (#17691)
• 3c1bde3 fix(client): fix vite error path (#17744)
• 9983731 chore(deps): update all non-major dependencies (#17734)
• Additional commits viewable in compare view

Updates rollup from 4.13.0 to 4.28.1

Release notes

Sourced from rollup's releases.

v4.28.1

4.28.1

2024-12-06

Bug Fixes

• Support running Rollup natively on LoongArch (#5749)
• Add optional debugId to SourceMap types (#5751)

Pull Requests

• #5749: feat: add support for LoongArch (@​darkyzhou)
• #5751: feat: Add debugId to SourceMap types (@​timfish, @​lukastaegert)
• #5752: chore(deps): update dependency mocha to v11 (@​renovate[bot])
• #5753: chore(deps): update dependency vite to v6 (@​renovate[bot])
• #5754: fix(deps): update swc monorepo (major) (@​renovate[bot])
• #5755: chore(deps): lock file maintenance minor/patch updates (@​renovate[bot])
• #5756: Test if saving the Cargo cache can speed up FreeBSD (@​lukastaegert)

v4.28.0

4.28.0

2024-11-30

Features

• Allow to specify how to handle import attributes when transpiling Rollup config files (#5743)

Pull Requests

• #5743: fix: supports modify the import attributes key in the config file (@​TrickyPi, @​lukastaegert)
• #5747: chore(deps): update codecov/codecov-action action to v5 (@​renovate[bot])
• #5748: chore(deps): lock file maintenance minor/patch updates (@​renovate[bot])

v4.27.4

4.27.4

2024-11-23

Bug Fixes

• Update bundled magic-string to support sourcemap debug ids (#5740)

Pull Requests

• #5740: chore(deps): lock file maintenance minor/patch updates (@​renovate[bot])

v4.27.3

4.27.3

... (truncated)

Changelog

Sourced from rollup's changelog.

4.28.1

2024-12-06

Bug Fixes

• Support running Rollup natively on LoongArch (#5749)
• Add optional debugId to SourceMap types (#5751)

Pull Requests

• #5749: feat: add support for LoongArch (@​darkyzhou)
• #5751: feat: Add debugId to SourceMap types (@​timfish, @​lukastaegert)
• #5752: chore(deps): update dependency mocha to v11 (@​renovate[bot])
• #5753: chore(deps): update dependency vite to v6 (@​renovate[bot])
• #5754: fix(deps): update swc monorepo (major) (@​renovate[bot])
• #5755: chore(deps): lock file maintenance minor/patch updates (@​renovate[bot])
• #5756: Test if saving the Cargo cache can speed up FreeBSD (@​lukastaegert)

4.28.0

2024-11-30

Features

• Allow to specify how to handle import attributes when transpiling Rollup config files (#5743)

Pull Requests

• #5743: fix: supports modify the import attributes key in the config file (@​TrickyPi, @​lukastaegert)
• #5747: chore(deps): update codecov/codecov-action action to v5 (@​renovate[bot])
• #5748: chore(deps): lock file maintenance minor/patch updates (@​renovate[bot])

4.27.4

2024-11-23

Bug Fixes

• Update bundled magic-string to support sourcemap debug ids (#5740)

Pull Requests

• #5740: chore(deps): lock file maintenance minor/patch updates (@​renovate[bot])

4.27.3

2024-11-18

Bug Fixes

... (truncated)

Commits

• e60fb1c 4.28.1
• 224247b chore(deps): lock file maintenance minor/patch updates (#5755)
• c3283cf Test if saving the Cargo cache can speed up FreeBSD (#5756)
• 87a911c feat: Add debugId to SourceMap types (#5751)
• 1b78f74 chore(deps): update dependency mocha to v11 (#5752)
• 89e1c70 chore(deps): update dependency vite to v6 (#5753)
• 4d6b077 feat: add support for LoongArch (#5749)
• d3464e4 fix(deps): update swc monorepo (major) (#5754)
• 0595e43 4.28.0
• 5053019 fix: supports modify the import attributes key in the config file (#5743)
• Additional commits viewable in compare view

Updates tinymce from 6.8.3 to 6.8.5

Changelog

Sourced from tinymce's changelog.

6.8.5 - 2024-10-10

Fixed

• Upgraded dependencies. #TINY-11331
• Invalid HTML elements within an svg element are removed. #TINY-11331

6.8.4 - 2024-06-19

Fixed

• HTML entities that were double decoded in noscript elements caused an XSS vulnerability. #TINY-11019
• It was possible to inject XSS HTML that was not matching the regexp when using the noneditable_regexp option. #TINY-11022

Commits

• a3d8e2e TINY-11334: Changelog
• 6fb4248 TINY-11331: Update dependencies (#9907)
• 8c9f1c1 TINY-11375: Remote testing capabilities for tinymce/6 (#9904)
• 5acb741 TINY-11019 & TINY-11022: Fixed issues with noscript encoding and noneditable_...
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.