Skip to content

build(deps): bump serialize-javascript and @quasar/app-vite in /serverpackcreator-web-frontend#1024

Open
dependabot[bot] wants to merge 1 commit intodevelopfrom
dependabot/npm_and_yarn/serverpackcreator-web-frontend/multi-36f2d6f3d2
Open

build(deps): bump serialize-javascript and @quasar/app-vite in /serverpackcreator-web-frontend#1024
dependabot[bot] wants to merge 1 commit intodevelopfrom
dependabot/npm_and_yarn/serverpackcreator-web-frontend/multi-36f2d6f3d2

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 18, 2026

Bumps serialize-javascript to 7.0.4 and updates ancestor dependency @quasar/app-vite. These dependencies need to be updated together.

Updates serialize-javascript from 6.0.2 to 7.0.4

Release notes

Sourced from serialize-javascript's releases.

v7.0.4

What's Changed

Full Changelog: yahoo/serialize-javascript@v7.0.3...v7.0.4

v7.0.3

  • fix(CVE-2020-7660): fix for RegExp.flags and Date.prototype.toISOString (#207) 2e609d0
  • build(deps-dev): bump lodash from 4.17.21 to 4.17.23 (#206) 42b7cdb

yahoo/serialize-javascript@v7.0.2...v7.0.3

v7.0.2

What's Changed

Full Changelog: yahoo/serialize-javascript@v7.0.1...v7.0.2

v7.0.1

What's Changed

New Contributors

Full Changelog: yahoo/serialize-javascript@v7.0.0...v7.0.1

v7.0.0

Breaking Changes

  • requires Node.js v20+

What's Changed

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for serialize-javascript since your current version.


Updates @quasar/app-vite from 2.4.0 to 2.5.1

Release notes

Sourced from @​quasar/app-vite's releases.

@​quasar/app-vite-v2.5.1

Changes

  • fix(app-vite): browser target type in BuildTargetOptions (#18248)

Donations

Quasar Framework is an open-source MIT-licensed project made possible due to the generous contributions by sponsors and backers. If you are interested in supporting this project, please consider the following:

@​quasar/app-vite-v2.5.0

Important!

We have upgraded to Vite 8, so you might want to check its release notes. Unless you have tampered with advanced rollupOptions (now rolldownOptions) settings, you can safely upgrade. 99.9% of the users won't be affected by this, which is why we have released this as a minor version of q/app-vite.

Also, in order to fully support Vite 8, we are forced to bump up the minimum Node.js version to v22. Since the latest LTS is 24 (as of writing these lines), most you have probably upgraded from Node.js v20 anyway.

We highly recommend updating the build target in your /quasar.config file:

build: {
  target: {
    browser: 'baseline-widely-available',
    node: 'node22'
  }

Changes

  • feat(app-vite): security patches
  • feat(app-vite): Vite 8 support
  • feat(app-vite): support for @​electron/packager v19
  • feat(app-vite): Express v5 support (and forward compat for catch-all route)
  • feat(app-vite): upgrade deps
  • feat(render-ssr-error): upgrade to vite 8
  • fix(app-vite): PWA dev error on index.html

Donations

Quasar Framework is an open-source MIT-licensed project made possible due to the generous contributions by sponsors and backers. If you are interested in supporting this project, please consider the following:

@​quasar/app-vite-v2.4.1

Changes

  • feat(app-vite;app-webpack): vue-router v5 support (#18222)
  • feat(app-vite): Add --silent option to prepare command (#18213)
  • fix(app-vite): improve pnpm monorepo support for capacitor (#18218)
  • fix(config): update electron-builder config outdated link (#18225)

Donations

Quasar Framework is an open-source MIT-licensed project made possible due to the generous contributions by sponsors and backers. If you are interested in supporting this project, please consider the following:

... (truncated)

Commits
  • 4d670b6 chore(app-webpack): Bump version
  • 45aafe0 chore(app-vite): Bump version
  • c594fdc fix(q/app-vite;q/app-webpack): browser target type in BuildTargetOptions ...
  • ddd697f fix(q/app-vite;q/app-webpack): browser target type in BuildTargetOptions ...
  • e5b02ff fix(docs): update SSR boot file template variable syntax for q/app-webpack (#...
  • 0a1b325 fix(docs): update SSR boot file template variable syntax for app-vite v2 (#18...
  • aff2edb feat: update the roadmap
  • 559b331 feat(docs): update to newer vue-router nav guards specs
  • 2d9c389 chore: update lock file
  • b4941d4 chore(create-quasar): Bump version
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
build(deps): bump serialize-javascript and @quasar/app-vite
e036984 
Bumps [serialize-javascript](https://github.com/yahoo/serialize-javascript) to 7.0.4 and updates ancestor dependency [@quasar/app-vite](https://github.com/quasarframework/quasar). These dependencies need to be updated together.


Updates `serialize-javascript` from 6.0.2 to 7.0.4
- [Release notes](https://github.com/yahoo/serialize-javascript/releases)
- [Commits](yahoo/serialize-javascript@v6.0.2...v7.0.4)

Updates `@quasar/app-vite` from 2.4.0 to 2.5.1
- [Release notes](https://github.com/quasarframework/quasar/releases)
- [Commits](https://github.com/quasarframework/quasar/compare/@quasar/app-vite-v2.4.0...@quasar/app-vite-v2.5.1)

---
updated-dependencies:
- dependency-name: serialize-javascript
  dependency-version: 7.0.4
  dependency-type: indirect
- dependency-name: "@quasar/app-vite"
  dependency-version: 2.5.1
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Mar 18, 2026
@Griefed Griefed changed the base branch from main to develop March 19, 2026 19:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants