Bump the npm group with 3 updates

[dependabot]

Bumps the npm group with 3 updates: @playwright/test, gh-pages and vite.

Updates @playwright/test from 1.49.1 to 1.50.1

Release notes

Sourced from @​playwright/test's releases.

v1.50.1

Highlights

microsoft/playwright#34483 - [Feature]: single aria snapshot for different engines/browsers microsoft/playwright#34497 - [Bug]: Firefox not handling keepalive: true fetch requests microsoft/playwright#34504 - [Bug]: update snapshots not creating good diffs microsoft/playwright#34507 - [Bug]: snapshotPathTemplate doesnt work when multiple projects microsoft/playwright#34462 - [Bug]: updateSnapshots "changed" throws an error

Browser Versions

• Chromium 133.0.6943.16
• Mozilla Firefox 134.0
• WebKit 18.2

This version was also tested against the following stable channels:

• Google Chrome 132
• Microsoft Edge 132

v1.50.0

Test runner

• New option timeout allows specifying a maximum run time for an individual test step. A timed-out step will fail the execution of the test.

  test('some test', async ({ page }) => {
    await test.step('a step', async () => {
      // This step can time out separately from the test
    }, { timeout: 1000 });
  });

• New method test.step.skip() to disable execution of a test step.

  test('some test', async ({ page }) => {
    await test.step('before running step', async () => {
      // Normal step
    });
  await test.step.skip('not yet ready', async () => {
  // This step is skipped
  });
  await test.step('after running step', async () => {
  // This step still runs even though the previous one was skipped
  });
  });

• Expanded expect(locator).toMatchAriaSnapshot() to allow storing of aria snapshots in separate YAML files.

... (truncated)

Commits

• dbc685c chore: mark v1.50.1 (#34575)
• 13d80f1 cherry-pick(#34560): chore(docs): clarify connection method via BrowserType.c...
• 159210d cherry-pick(#34556): fix(toMatchAriaSnapshot): fail test run when updating mi...
• fbad9f7 cherry-pick(#34537): feat: per-assertion snapshot path template in config (#3...
• 67313fa cherry-pick(#34550): roll follow-ups for .NET and Python
• 4b7794b cherry-pick(#34544): fix(aria): disregard text area textContent
• 1efbedd cherry-pick(#34535): Revert "Reapply "fix(har timing): record connect timing ...
• 1e258e0 cherry-pick(#34420): chore(deps): bump vite from 5.4.6 to 5.4.14 (#34539)
• 7be4ef5 cherry-pick(#34522): test: fetch request through socks proxy over ipv4
• 7b3e590 cherry-pick(#34530): fix(firefox): disable fetch keep-alive for now before a ...
• Additional commits viewable in compare view

Updates gh-pages from 6.2.0 to 6.3.0

Release notes

Sourced from gh-pages's releases.

v6.3.0

What's Changed

• Bump chai from 4.3.10 to 4.5.0 by @​dependabot in tschaub/gh-pages#584
• Bump mocha from 10.7.3 to 10.8.2 by @​dependabot in tschaub/gh-pages#583
• Bump mocha from 10.8.2 to 11.0.1 by @​dependabot in tschaub/gh-pages#590
• Bump eslint-config-tschaub from 14.1.2 to 15.1.0 by @​dependabot in tschaub/gh-pages#587
• Bump commander from 11.1.0 to 13.0.0 by @​dependabot in tschaub/gh-pages#591
• Support filenames starting with - by @​sherlockdoyle in tschaub/gh-pages#593

New Contributors

• @​sherlockdoyle made their first contribution in tschaub/gh-pages#593

Full Changelog: tschaub/gh-pages@v6.2.0...v6.3.0

Changelog

Sourced from gh-pages's changelog.

v6.3.0

This relesae includes a fix for filenames starting with - and a number of dependency updates. See below for details.

• #593 - Handle filenames starting with a dash (@​sherlockdoyle)
• #591 - Bump commander from 11.1.0 to 13.0.0 (@​tschaub)
• #587 - Bump eslint-config-tschaub from 14.1.2 to 15.1.0 (@​tschaub)
• #590 - Bump mocha from 10.8.2 to 11.0.1 (@​tschaub)
• #583 - Bump mocha from 10.7.3 to 10.8.2 (@​tschaub)
• #584 - Bump chai from 4.3.10 to 4.5.0 (@​tschaub)

Commits

• ed6cd8e 6.3.0
• 7bfced0 Log changes
• fe4756c Merge pull request #593 from sherlockdoyle/fix-592
• 7e44de2 fixes #592
• b3478f0 Merge pull request #591 from tschaub/dependabot/npm_and_yarn/commander-13.0.0
• 1208c2e Remove extra argument
• fbf8432 Bump commander from 11.1.0 to 13.0.0
• 4be5ff0 Merge pull request #587 from tschaub/dependabot/npm_and_yarn/eslint-config-ts...
• b18ebf0 Updates to work with ESLint 9
• b7862ca Bump eslint-config-tschaub from 14.1.2 to 15.1.0
• Additional commits viewable in compare view

Updates vite from 6.0.6 to 6.0.11

Release notes

Sourced from vite's releases.

v6.0.11

Please refer to CHANGELOG.md for details.

v6.0.10

Please refer to CHANGELOG.md for details.

v6.0.9

This version contains a breaking change due to security fixes. See GHSA-vg6x-rcgg-rjx6 for more details.

Please refer to CHANGELOG.md for details.

v6.0.8

Please refer to CHANGELOG.md for details.

v6.0.7

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

6.0.11 (2025-01-21)

• fix: preview.allowedHosts with specific values was not respected (#19246) (aeb3ec8), closes #19246
• fix: allow CORS from loopback addresses by default (#19249) (3d03899), closes #19249

6.0.10 (2025-01-20)

• fix: try parse server.origin URL (#19241) (2495022), closes #19241

6.0.9 (2025-01-20)

• fix!: check host header to prevent DNS rebinding attacks and introduce server.allowedHosts (bd896fb)
• fix!: default server.cors: false to disallow fetching from untrusted origins (b09572a)
• fix: verify token for HMR WebSocket connection (029dcd6)

6.0.8 (2025-01-20)

• fix: avoid SSR HMR for HTML files (#19193) (3bd55bc), closes #19193
• fix: build time display 7m 60s (#19108) (cf0d2c8), closes #19108
• fix: don't resolve URL starting with double slash (#19059) (35942cd), closes #19059
• fix: ensure server.close() only called once (#19204) (db81c2d), closes #19204
• fix: resolve.conditions in ResolvedConfig was defaultServerConditions (#19174) (ad75c56), closes #19174
• fix: tree shake stringified JSON imports (#19189) (f2aed62), closes #19189
• fix: use shared sigterm callback (#19203) (47039f4), closes #19203
• fix(deps): update all non-major dependencies (#19098) (8639538), closes #19098
• fix(optimizer): use correct default install state path for yarn PnP (#19119) (e690d8b), closes #19119
• fix(types): improve ESBuildOptions.include / exclude type to allow readonly (string | RegExp)[] (ea53e70), closes #19146
• chore(deps): update dependency pathe to v2 (#19139) (71506f0), closes #19139

6.0.7 (2025-01-02)

• fix: fix minify when builder.sharedPlugins: true (#19025) (f7b1964), closes #19025
• fix: skip the plugin if it has been called before with the same id and importer (#19016) (b178c90), closes #19016
• fix(html): error while removing vite-ignore attribute for inline script (#19062) (a492253), closes #19062
• fix(ssr): fix semicolon injection by ssr transform (#19097) (1c102d5), closes #19097
• perf: skip globbing for static path in warmup (#19107) (677508b), closes #19107
• feat(css): show lightningcss warnings (#19076) (b07c036), closes #19076

Commits

• a0ed405 release: v6.0.11
• 3d03899 fix: allow CORS from loopback addresses by default (#19249)
• aeb3ec8 fix: preview.allowedHosts with specific values was not respected (#19246)
• 9654348 release: v6.0.10
• 2495022 fix: try parse server.origin URL (#19241)
• a55f8ba release: v6.0.9
• bd896fb fix!: check host header to prevent DNS rebinding attacks and introduce `serve...
• 029dcd6 fix: verify token for HMR WebSocket connection
• b09572a fix!: default server.cors: false to disallow fetching from untrusted origins
• c0f72a6 release: v6.0.8
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions