Skip to content

chore(deps-dev): bump @vitejs/plugin-react from 5.2.0 to 6.0.2 #58

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
dependabot wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps-dev): bump @vitejs/plugin-react from 5.2.0 to 6.0.2 #58

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -94,7 +94,7 @@
"@testing-library/react": "^16.3.2",
"@types/gradient-string": "^1.1.6",
"@types/node": "^22.15.21",
"@vitejs/plugin-react": "^5.2.0",
"@vitejs/plugin-react": "^6.0.2",
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot May 26, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "== package engines.node =="
node_engine=$(jq -r '.engines.node' package.json)
echo "$node_engine"

echo "== plugin-react resolved version and engines from lockfile =="
awk '
  /@vitejs\/plugin-react@6\.0\.2:/, /peerDependenciesMeta:/ { print }
' pnpm-lock.yaml

echo "== direct usage of `@vitejs/plugin-react` in config =="
rg -n -C2 "from '`@vitejs/plugin-react`'|plugins:\s*\[react\(\)\]" vitest.config.ts

Repository: forbiddenlink/specter

Length of output: 443

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "== package.json engines.node =="
jq -r '.engines.node' package.json

echo "== package.json engines block (context) =="
jq '.engines' package.json

echo "== package.json pnpm overrides (context) =="
jq '.pnpm // empty | (.overrides // empty)' package.json

echo "== pnpm-lock.yaml: locate `@vitejs/plugin-react` 6.0.2 entry =="
rg -n "`@vitejs/plugin-react`@6\\.0\\.2" pnpm-lock.yaml
rg -n "plugin-react\\`@6`\\.0\\.2" pnpm-lock.yaml

echo "== pnpm-lock.yaml: print around the found entry (small context) =="
python3 - <<'PY'
import re
path="pnpm-lock.yaml"
pat=re.compile(r'`@vitejs/plugin-react`@6\.0\.2')
lines=open(path,'r',encoding='utf-8').read().splitlines()
for i,l in enumerate(lines):
    if pat.search(l):
        start=max(0,i-15); end=min(len(lines), i+80)
        print("\n--- match at line", i+1, "---")
        for j in range(start,end):
            print(f"{j+1}:{lines[j]}")
PY

echo "== package.json also contains `@vitejs/plugin-react` version spec =="
jq -r '.devDependencies["`@vitejs/plugin-react`"] // .dependencies["`@vitejs/plugin-react`"] // empty' package.json

Repository: forbiddenlink/specter

Length of output: 1233

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "== package.json devDependencies entry (plugin-react version spec) =="
jq -r '.devDependencies["`@vitejs/plugin-react`"] // .dependencies["`@vitejs/plugin-react`"] // empty' package.json

echo "== package.json engines.node =="
jq -r '.engines.node // empty' package.json

echo "== pnpm-lock.yaml excerpt around line 1344 (base `@vitejs/plugin-react`@6.0.2 entry) =="
sed -n '1335,1375p' pnpm-lock.yaml

echo "== pnpm-lock.yaml excerpt around line 4700 (plugin-react@6.0.2 with vite peer) =="
sed -n '4685,4725p' pnpm-lock.yaml

echo "== locate vitest.config.ts plugin-react import/usage (context) =="
rg -n "from '`@vitejs/plugin-react`'|plugins:\s*\[react\(\)\]" vitest.config.ts

Repository: forbiddenlink/specter

Length of output: 3665

Tighten engines.node to match @vitejs/plugin-react’s Node requirement

package.json declares engines.node as >=20.0.0, but pnpm-lock.yaml shows @vitejs/plugin-react@6.0.2 requires engines: { node: ^20.19.0 || >=22.12.0 } (and it’s used in vitest.config.ts via plugins: [react()]). Tighten engines.node to the plugin’s Node range to avoid CI/dev breakage on Node 20.0–20.18.

🤖 Prompt for AI Agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@package.json` at line 97, The package.json currently specifies "engines.node"
as >=20.0.0 which is too permissive for the dependency `@vitejs/plugin-react`
(plugin name: `@vitejs/plugin-react`, version referenced: ^6.0.2) that requires
node: ^20.19.0 || >=22.12.0; update package.json's engines.node to match that
range (e.g., ">=20.19.0 || >=22.12.0" or the equivalent consolidated semver
range) so CI and developer environments meet the plugin's Node requirement;
modify the engines.node field in package.json accordingly and run
install/lockfile regeneration to ensure consistency with pnpm-lock.yaml.

"@vitest/coverage-v8": "^4.0.18",
"concurrently": "^9.2.1",
"husky": "^9.1.7",
Expand Down
Loading
Loading