Skip to content

chore(deps): bump vite-plus to v0.2.0#9

Draft
fengmk2 wants to merge 2 commits into
mainfrom
update-vite-plus-prerelease-test-0.2.0
Draft

chore(deps): bump vite-plus to v0.2.0#9
fengmk2 wants to merge 2 commits into
mainfrom
update-vite-plus-prerelease-test-0.2.0

Conversation

@fengmk2

@fengmk2 fengmk2 commented Jun 17, 2026

Copy link
Copy Markdown
Owner

Summary

Bump vite-plus and related packages to the pkg.pr.new prerelease build for v0.2.0.

Updated where applicable:

  • vite-plus -> pkg.pr.new build
  • vite (alias/override -> @voidzero-dev/vite-plus-core)
  • vitest pinned to bundled 4.1.9 (the @voidzero-dev/vite-plus-test wrapper was removed upstream; vitest is now plain upstream)
  • minimumReleaseAge enabled with vite-plus packages excluded (pnpm/bun/npm as applicable)
  • moved the pnpm.overrides field from package.json into pnpm-workspace.yaml (the pnpm field is no longer read by pnpm)

Test plan

  • CI passes

@fengmk2 fengmk2 self-assigned this Jun 17, 2026
gemini-code-assist[bot]
gemini-code-assist Bot reviewed Jun 17, 2026
View reviewed changes

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request updates the vite-plus dependency to a temporary pkg.pr.new URL in both the template package.json and the workspace configuration, along with updating the lockfile. It also introduces minimumReleaseAge and minimumReleaseAgeExclude settings to pnpm-workspace.yaml. Feedback highlights two critical issues: first, using an ephemeral pkg.pr.new URL in a template meant for end-users will eventually break the template; second, the minimumReleaseAge configurations are .npmrc options and will be ignored if placed in pnpm-workspace.yaml.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

Comment thread packages/create-rari-app/templates/default/package.json
"@typescript/native-preview": "^7.0.0-dev.20260615.1",
"tailwindcss": "^4.3.1",
"vite-plus": "^0.1.24"
"vite-plus": "https://pkg.pr.new/voidzero-dev/vite-plus@1856"

@gemini-code-assist gemini-code-assist Bot Jun 17, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

high

Using a temporary pkg.pr.new URL in a template package.json meant for end-users is highly discouraged. These URLs are ephemeral and can be garbage-collected or deleted, which will break the template for anyone using create-rari-app in the future. Please use a published npm version (or a prerelease tag like ^0.2.0-beta.0) instead.

Comment thread pnpm-workspace.yaml
@@ -1,4 +1,5 @@
catalogMode: prefer
minimumReleaseAge: 60

@gemini-code-assist gemini-code-assist Bot Jun 17, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

high

The minimumReleaseAge and minimumReleaseAgeExclude settings are .npmrc configuration options (typically configured as minimum-release-age and minimum-release-age-exclude in kebab-case) rather than pnpm-workspace.yaml options. Placing them here means they will be ignored by pnpm, leaving the security feature inactive. Please move these configurations to your .npmrc file.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

@fengmk2 fengmk2

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@fengmk2