Skip to content

chore(deps-dev): bump the rollup group with 3 updates#470

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/rollup-fb16744dfe
Open

chore(deps-dev): bump the rollup group with 3 updates#470
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/rollup-fb16744dfe

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 4, 2026

Copy link
Copy Markdown
Contributor

Bumps the rollup group with 3 updates: rollup, rollup-plugin-dts and rollup-plugin-esbuild.

Updates rollup from 2.80.0 to 4.62.2

Release notes

Sourced from rollup's releases.

v4.62.2

4.62.2

2026-06-19

Bug Fixes

  • Do not add spurious side-effect-free external imports to chunks when using minChunkSize (#6411)

Pull Requests

v4.62.1

4.62.1

2026-06-19

Bug Fixes

  • Preserve multipart file extensions when deconflicting output chunks (#6408)
  • Fix an issue where getLogFilter would match additional logs (#6415)

Pull Requests

v4.62.0

4.62.0

2026-06-13

Features

  • Ensure that shared dependencies between manual chunks and entry points receive a serparate chunk (#6374)

Pull Requests

... (truncated)

Changelog

Sourced from rollup's changelog.

4.62.2

2026-06-19

Bug Fixes

  • Do not add spurious side-effect-free external imports to chunks when using minChunkSize (#6411)

Pull Requests

4.62.1

2026-06-19

Bug Fixes

  • Preserve multipart file extensions when deconflicting output chunks (#6408)
  • Fix an issue where getLogFilter would match additional logs (#6415)

Pull Requests

4.62.0

2026-06-13

Features

  • Ensure that shared dependencies between manual chunks and entry points receive a serparate chunk (#6374)

Pull Requests

... (truncated)

Commits
  • 8faa187 4.62.2
  • a38a795 refactor(rust/parser_ast): extract property AstConverter write buffer kind lo...
  • 6cc5c31 Skip side-effect-free external imports when hoisting is disabled (#6411)
  • caacf70 4.62.1
  • d1e8297 Add missing ignore
  • 1ba1fc2 fix: insert conflict numbers before first extension in multi-extension filena...
  • 532bd0a Use import attributes for importing JSON (#6393)
  • 2cd8194 fix: advance value past wildcard prefix before suffix check in getLogFilter (...
  • dfac590 fix(deps): update minor/patch updates (#6418)
  • 1d6db3d chore(deps): update dependency eslint-plugin-unicorn to v66 (#6419)
  • Additional commits viewable in compare view
Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.


Updates rollup-plugin-dts from 4.2.3 to 6.4.1

Changelog

Sourced from rollup-plugin-dts's changelog.

6.4.1

Fixes:

  • Fixed regression related to new SourceMap handling

Thank you:

Features, fixes and improvements in this release have been contributed by:

6.4.0

Features:

  • Implement proper SourceMap support with goto-definition granularity
  • Support dotted namespace syntax

Fixes:

  • Better naming for declare module paths
  • Add compatibility with TS6

Thank you:

Features, fixes and improvements in this release have been contributed by:

6.3.0

Features:

  • Support default export of object/array literals
  • Add support for child imports and nesting in namespaces

Fixes:

  • Rewrite names of module declarations with relative paths
  • Remove unused reference tracking

Thank you:

Features, fixes and improvements in this release have been contributed by:

... (truncated)

Commits
  • cf29baa 6.4.1
  • df29b74 fix CI, prepare changelog
  • a987e06 Bump minimum node version
  • ca344c9 fix: return map: null from transform when sourcemap is disabled (#381)
  • 5e0ba91 override yargs version
  • b8e0f64 6.4.0
  • 2fd14c5 prepare release
  • f7b95e9 chore(deps): update dependency @​types/node to ^24.12.0
  • 72e8f63 Upgrade to Rollup 4.59 and fix transform param compatibility (#378)
  • ec126d1 chore(deps): update dependency c8 to v11 (#377)
  • Additional commits viewable in compare view

Updates rollup-plugin-esbuild from 4.10.3 to 6.2.1

Release notes

Sourced from rollup-plugin-esbuild's releases.

v6.2.1

6.2.1 (2025-02-27)

Reverts

v6.2.0

6.2.0 (2025-02-05)

Features

v6.1.1

6.1.1 (2024-01-23)

Bug Fixes

v6.1.0

6.1.0 (2023-10-08)

Features

v6.0.2

6.0.2 (2023-09-28)

Bug Fixes

v6.0.1

6.0.1 (2023-09-21)

Bug Fixes

v6.0.0

6.0.0 (2023-09-20)

... (truncated)

Commits
  • a923504 chore: upgrade deps
  • 65b4b02 revert: "feat: extend default loaders (#379)"
  • 08d409f chore(deps-dev): bump esbuild from 0.24.2 to 0.25.0 (#386)
  • f574435 ci: upgrade deps
  • c227c2b refactor: enable isolatedDeclarations & verbatimModuleSyntax
  • 45f9fc4 refactor: replace @rollup/pluginutils with unplugin-utils
  • 9de42e5 chore: upgrade deps
  • 0829a32 chore(deps-dev): bump braces from 3.0.2 to 3.0.3 (#380)
  • cd74a50 chore(deps-dev): bump vite from 5.2.8 to 5.4.6 (#381)
  • 85bb84e feat: extend default loaders (#379)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the rollup group with 3 updates: [rollup](https://github.com/rollup/rollup), [rollup-plugin-dts](https://github.com/Swatinem/rollup-plugin-dts) and [rollup-plugin-esbuild](https://github.com/egoist/rollup-plugin-esbuild).


Updates `rollup` from 2.80.0 to 4.62.2
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](rollup/rollup@v2.80.0...v4.62.2)

Updates `rollup-plugin-dts` from 4.2.3 to 6.4.1
- [Changelog](https://github.com/Swatinem/rollup-plugin-dts/blob/master/CHANGELOG.md)
- [Commits](Swatinem/rollup-plugin-dts@v4.2.3...v6.4.1)

Updates `rollup-plugin-esbuild` from 4.10.3 to 6.2.1
- [Release notes](https://github.com/egoist/rollup-plugin-esbuild/releases)
- [Commits](egoist/rollup-plugin-esbuild@v4.10.3...v6.2.1)

---
updated-dependencies:
- dependency-name: rollup
  dependency-version: 4.62.2
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: rollup
- dependency-name: rollup-plugin-dts
  dependency-version: 6.4.1
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: rollup
- dependency-name: rollup-plugin-esbuild
  dependency-version: 6.2.1
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: rollup
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 4, 2026
@changeset-bot

changeset-bot Bot commented Jul 4, 2026

Copy link
Copy Markdown

⚠️ No Changeset found

Latest commit: 84cc267

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@socket-security

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security
Vulnerability Quality Maintenance License
Addedrollup-plugin-dts@​6.4.11001001008370
Addedrollup-plugin-esbuild@​6.2.19910010080100
Addedrollup@​4.62.29710010098100

View full report

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants