chore(deps): bump the npm_and_yarn group across 1 directory with 4 updates

[dependabot]

Bumps the npm_and_yarn group with 4 updates in the / directory: vite, vitest, send and @gouvminint/vue-dsfr.

Updates vite from 6.0.11 to 6.1.0

Release notes

Sourced from vite's releases.

create-vite@6.1.0

Please refer to CHANGELOG.md for details.

v6.1.0

Please refer to CHANGELOG.md for details.

v6.1.0-beta.2

Please refer to CHANGELOG.md for details.

v6.1.0-beta.1

Please refer to CHANGELOG.md for details.

v6.1.0-beta.0

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

6.1.0 (2025-02-05)

Features

• feat: show hosts in cert in CLI (#19317) (a5e306f), closes #19317
• feat: support for env var for defining allowed hosts (#19325) (4d88f6c), closes #19325
• feat: use native runtime to import the config (#19178) (7c2a794), closes #19178
• feat: print port in the logged error message after failed WS connection with EADDRINUSE (#19212) (14027b0), closes #19212
• perf(css): only run postcss when needed (#19061) (30194fa), closes #19061
• feat: add support for .jxl (#18855) (57b397c), closes #18855
• feat: add the builtins environment resolve (#18584) (2c2d521), closes #18584
• feat: call Logger for plugin logs in build (#13757) (bf3e410), closes #13757
• feat: export defaultAllowedOrigins for user-land config and 3rd party plugins (#19259) (dc8946b), closes #19259
• feat: expose createServerModuleRunnerTransport (#18730) (8c24ee4), closes #18730
• feat: support async for proxy.bypass (#18940) (a6b9587), closes #18940
• feat: support log related functions in dev (#18922) (3766004), closes #18922
• feat: use module runner to import the config (#18637) (b7e0e42), closes #18637
• feat(css): add friendly errors for IE hacks that are not supported by lightningcss (#19072) (caad985), closes #19072
• feat(optimizer): support bun text lockfile (#18403) (05b005f), closes #18403
• feat(reporter): add wasm to the compressible assets regex (#19085) (ce84142), closes #19085
• feat(worker): support dynamic worker option fields (#19010) (d0c3523), closes #19010

Fixes

• fix: avoid builtStart during vite optimize (#19356) (fdb36e0), closes #19356
• fix(build): fix stale build manifest on watch rebuild (#19361) (fcd5785), closes #19361
• fix: allow expanding env vars in reverse order (#19352) (3f5f2bd), closes #19352
• fix: avoid packageJson without name in resolveLibCssFilename (#19324) (f183bdf), closes #19324
• fix(html): fix css disorder when building multiple entry html (#19143) (e7b4ba3), closes #19143
• fix: don't call buildStart hooks for vite optimize (#19347) (19ffad0), closes #19347
• fix: don't call next middleware if user sent response in proxy.bypass (#19318) (7e6364d), closes #19318
• fix: respect top-level server.preTransformRequests (#19272) (12aaa58), closes #19272
• fix: use nodeLikeBuiltins for ssr.target: 'webworker' without noExternal: true (#19313) (9fc31b6), closes #19313
• fix(css): less @plugin imports of JS files treated as CSS and rebased (fix #19268) (#19269) (602b373), closes #19268 #19269
• fix(deps): update all non-major dependencies (#19296) (2bea7ce), closes #19296
• fix(resolve): preserve hash/search of file url (#19300) (d1e1b24), closes #19300
• fix(resolve): warn if node-like builtin was imported when resolve.builtin is empty (#19312) (b7aba0b), closes #19312
• fix(ssr): fix transform error due to export all id scope (#19331) (e28bce2), closes #19331
• fix(ssr): pretty print plugin error in ssrLoadModule (#19290) (353c467), closes #19290
• fix: change ResolvedConfig type to interface to allow extending it (#19210) (bc851e3), closes #19210
• fix: correctly resolve hmr dep ids and fallback to url (#18840) (b84498b), closes #18840
• fix: make --force work for all environments (#18901) (51a42c6), closes #18901
• fix: use loc.file from rollup errors if available (#19222) (ce3fe23), closes #19222
• fix(deps): update all non-major dependencies (#19190) (f2c07db), closes #19190
• fix(hmr): register inlined assets as a dependency of CSS file (#18979) (eb22a74), closes #18979
• fix(resolve): support resolving TS files by JS extension specifiers in JS files (#18889) (612332b), closes #18889
• fix(ssr): combine empty source mappings (#19226) (ba03da2), closes #19226
• fix(utils): clone RegExp values with new RegExp instead of structuredClone (fix #19245, fix #1 (56ad2be), closes #19245 #18875 #19247

... (truncated)

Commits

• 3734f80 fix(css): escape double quotes in url() when lightningcss is used (#18997)
• 2b4f115 fix(deps): update all non-major dependencies (#18996)
• 12b612d fix: fallback terser to main thread when function options are used (#18987)
• d88d000 fix(deps): update all non-major dependencies (#18967)
• 21680bd fix(css): skip non css in custom sass importer (#18970)
• 62fad6d chore(deps): update dependency @​rollup/plugin-node-resolve to v16 (#18968)
• 8a6bb4e fix(optimizer): keep NODE_ENV as-is when keepProcessEnv is true (#18899)
• 7d6dd5d fix(ssr): recreate ssrCompatModuleRunner on restart (#18973)
• c4b532c fix(css): root relative import in sass modern API on Windows (#18945)
• 27f691b refactor: make internal invoke event to use the same interface with `handleIn...
• Additional commits viewable in compare view

Updates vitest from 2.1.8 to 2.1.9

Release notes

Sourced from vitest's releases.

v2.1.9

This release includes security patches for:

• Browser mode serves arbitrary files | CVE-2025-24963
• Remote Code Execution when accessing a malicious website while Vitest API server is listening | CVE-2025-24964

   🐞 Bug Fixes

• backport vitest-dev/vitest#7317 to v2 - by @​hi-ogawa in vitest-dev/vitest#7318
• (backport #7340 to v2) restrict served files from /__screenshot-error - by @​hi-ogawa in vitest-dev/vitest#7343

    View changes on GitHub

Commits

• c9e59a0 chore: release v2.1.9
• e0fe1d8 fix: backport #7317 to v2 (#7318)
• See full diff in compare view

Removes send

Updates @gouvminint/vue-dsfr from 8.1.0 to 8.2.1

Release notes

Sourced from @​gouvminint/vue-dsfr's releases.

v8.2.1

8.2.1 (2025-02-08)

Bug Fixes

• DsfrTabs: 🐛 corrige la navigation au clavier (d031276)

v8.2.0

8.2.0 (2025-02-08)

Features

• ✨ facilite la gestion des tags sélectionnables (d6ec5ad)
• ⬆️ utilise DSFR 1.13 (42ee9a8)

v8.1.1

8.1.1 (2025-01-21)

Bug Fixes

• 🐛 réduit les mismatch, notamment des id (080525f)

Commits

• f815b3b Merge pull request #1033 from dnum-mi/develop
• fff563d Merge pull request #1032 from dnum-mi/fix/dsfr-tabs-navigation-au-clavier
• 9458f06 chore: ⬆️ upgrade vite to v6
• 179b0fc chore: ⬆️ update TypeScript version
• d031276 fix(DsfrTabs): 🐛 corrige la navigation au clavier
• 6330dec chore: ⬆️ update dependencies
• 0e81984 chore: ⬆️ update dependencies
• a546033 Merge pull request #1031 from dnum-mi/develop
• ae17c66 Merge pull request #1030 from dnum-mi/tech/use-dsfr-1.13
• d6ec5ad feat: ✨ facilite la gestion des tags sélectionnables
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[netlify]

✅ Deploy Preview for ecospheres ready!

Name	Link
🔨 Latest commit	3b86558
🔍 Latest deploy log	https://app.netlify.com/sites/ecospheres/deploys/67ac25f740a22700084bd01d
😎 Deploy Preview	https://deploy-preview-663--ecospheres.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site configuration.

[netlify]

✅ Deploy Preview for meteo-france ready!

Name	Link
🔨 Latest commit	3b86558
🔍 Latest deploy log	https://app.netlify.com/sites/meteo-france/deploys/67ac25f71195ff0008aab710
😎 Deploy Preview	https://deploy-preview-663--meteo-france.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site configuration.