Skip to content

Bump vitest from 0.33.0 to 4.1.0 in /helm-frontend#10

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/helm-frontend/vitest-4.1.0
Closed

Bump vitest from 0.33.0 to 4.1.0 in /helm-frontend#10
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/helm-frontend/vitest-4.1.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 1, 2026

Copy link
Copy Markdown

Bumps vitest from 0.33.0 to 4.1.0.

Release notes

Sourced from vitest's releases.

v4.1.0

Vitest 4.1 is out!

This release page lists all changes made to the project during the 4.1 beta. To get a review of all the new features, read our blog post.

   🚀 Features

... (truncated)

Commits
  • 4150b91 chore: release v4.1.0
  • 1de0aa2 fix: correctly identify concurrent test during static analysis (#9846)
  • c3cac1c fix: use isAgent check, not just TTY, for watch mode (#9841)
  • eab68ba chore(deps): update all non-major dependencies (#9824)
  • 031f02a fix: allow catch/finally for async assertion (#9827)
  • 3e9e096 feat(reporters): add agent reporter to reduce ai agent token usage (#9779)
  • 0c2c013 chore: release v4.1.0-beta.6
  • 8181e06 fix: hideSkippedTests should not hide test.todo (fix #9562) (#9781)
  • a8216b0 fix: manual and redirect mock shouldn't load or transform original module...
  • 689a22a fix(browser): types of getCDPSession and cdp() (#9716)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for vitest since your current version.


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Note

Medium Risk
Major Vitest upgrade may break existing tests or config (Chai/assertion and runner API changes) without touching production code.

Overview
Upgrades the helm-frontend dev dependency vitest from ^0.33.0 to ^4.1.0, with a matching yarn.lock refresh. No application or test source files change in this diff.

Vitest 4 replaces the old runner stack (e.g. vite-node, Chai 4, tinypool) with updated @vitest/* packages, Chai 6, and a newer optional Vite 8-based test runner dependency tree (rolldown, lightningcss, etc.). The app’s direct vite (^4.5.3) and existing vite.config.ts test settings (globals, jsdom) are unchanged—reviewers should still run yarn test in helm-frontend to catch breaking changes across the 0.x → 4.x major jump.

Reviewed by Cursor Bugbot for commit 70aaacb. Bugbot is set up for automated code reviews on this repo. Configure here.

Bumps [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) from 0.33.0 to 4.1.0.
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.0/packages/vitest)

---
updated-dependencies:
- dependency-name: vitest
  dependency-version: 4.1.0
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 1, 2026

@cursor cursor Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes and found 1 potential issue.

Fix All in Cursor

❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.

Reviewed by Cursor Bugbot for commit 70aaacb. Configure here.

"typescript": "^5.0.2",
"vite": "^4.5.3",
"vitest": "^0.33.0"
"vitest": "^4.1.0"

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Incompatible vite version with vitest 4.1.0 dependency

High Severity

The vite dependency remains at ^4.5.3 while the upgraded vitest@^4.1.0 requires vite "^6.0.0 || ^7.0.0 || ^8.0.0-0". This results in two incompatible vite versions in the lockfile (4.5.3 for the project, 8.0.16 for vitest). The vite.config.ts imports defineConfig from vitest/config (backed by vite 8.x) but also imports ViteDevServer from vite (which resolves to 4.x), creating type and runtime incompatibilities. The build.rollupOptions config is also potentially broken since vite 8 uses rolldown instead of rollup. Tests will likely fail or behave inconsistently.

Additional Locations (1)
Fix in Cursor Fix in Web

Reviewed by Cursor Bugbot for commit 70aaacb. Configure here.

@dependabot @github

dependabot Bot commented on behalf of github Jun 8, 2026

Copy link
Copy Markdown
Author

Superseded by #14.

@dependabot dependabot Bot closed this Jun 8, 2026
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/helm-frontend/vitest-4.1.0 branch June 8, 2026 17:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants