Skip to content

chore(deps-dev): bump vue from 3.5.33 to 3.5.35#81

Closed
dependabot[bot] wants to merge 2 commits into
mainfrom
dependabot/npm_and_yarn/vue-3.5.34
Closed

chore(deps-dev): bump vue from 3.5.33 to 3.5.35#81
dependabot[bot] wants to merge 2 commits into
mainfrom
dependabot/npm_and_yarn/vue-3.5.34

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 11, 2026
edited
Loading

Bumps vue from 3.5.33 to 3.5.35.

Release notes

Sourced from vue's releases.

v3.5.35

For stable releases, please refer to CHANGELOG.md for details. For pre-releases, please refer to CHANGELOG.md of the minor branch.

v3.5.34

For stable releases, please refer to CHANGELOG.md for details. For pre-releases, please refer to CHANGELOG.md of the minor branch.

Changelog

Sourced from vue's changelog.

3.5.35 (2026-05-27)

Bug Fixes

Performance Improvements

  • reactivity: skip type checks for cached proxies (#14860) (5734fe9)
  • runtime-dom: optimize array event handler dispatch (#14828) (bb18dc8)
  • server-renderer: avoid materializing iterables in ssrRenderList (#14821) (1b7a2cc)

3.5.34 (2026-05-06)

Bug Fixes

  • compiler-sfc: infer Vue ref wrapper types when source is unresolvable (#14758) (7f46fd4), closes #14729
  • compiler-sfc: preserve hash hrefs on <image> elements (#14756) (090b2e3)
  • compiler-sfc: resolve type re-exports inside declare global (#14766) (acfffe3)
  • reactivity: prevent orphan effect when created in a stopped scope (#14778) (c8e2d4a), closes #14777
  • runtime-core: avoid symbol coercion during props validation (#8539) (23d4fb5), closes #8487
  • suspense: avoid DOM leak with out-in transition in v-if fragment (#14762) (9667e0d), closes #14761
Commits
  • 8be32d6 release: v3.5.35
  • 80fc139 fix(runtime-core): skip idle persisted transition hooks in keep-alive moves (...
  • d6c7371 ci: use backup action for size report comments
  • bb18dc8 perf(runtime-dom): optimize array event handler dispatch (#14828)
  • 5734fe9 perf(reactivity): skip type checks for cached proxies (#14860)
  • 584beb1 fix(teleport): skip child unmount when pending mount discarded (#14876) (#14877)
  • 34a0ded fix(compiler-core): avoid double processing v-for keys with v-memo (#14861)
  • 170fc95 fix(runtime-core): avoid repeated hydration mismatch checks (#14857)
  • 1b7a2cc perf(server-renderer): avoid materializing iterables in ssrRenderList (#14821)
  • 3d077f2 fix(compiler-sfc): resolve top-level exports from files registered as global ...
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 11, 2026
@cloudflare-workers-and-pages
Copy link
Copy Markdown

cloudflare-workers-and-pages Bot commented May 11, 2026
edited
Loading

Deploying fs-packages with  Cloudflare Pages  Cloudflare Pages

Latest commit: 3668666
Status: ✅  Deploy successful!
Preview URL: https://f61162d3.fs-packages.pages.dev
Branch Preview URL: https://dependabot-npm-and-yarn-vue-3pza.fs-packages.pages.dev

View logs

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 11, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/vue-3.5.34 branch 7 times, most recently from 5d1d5b5 to 518f68b Compare May 18, 2026 09:07
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/vue-3.5.34 branch from 518f68b to e2e2916 Compare May 20, 2026 14:22
@Goosterhof Goosterhof mentioned this pull request May 26, 2026
Closed
@dependabot dependabot Bot changed the title chore(deps-dev): bump vue from 3.5.33 to 3.5.34 chore(deps-dev): bump vue from 3.5.33 to 3.5.35 May 29, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/vue-3.5.34 branch 5 times, most recently from e5cf711 to dc53cf6 Compare May 29, 2026 14:08
@dependabot
chore(deps-dev): bump vue from 3.5.33 to 3.5.35
7fd033a 
Bumps [vue](https://github.com/vuejs/core) from 3.5.33 to 3.5.35.
- [Release notes](https://github.com/vuejs/core/releases)
- [Changelog](https://github.com/vuejs/core/blob/main/CHANGELOG.md)
- [Commits](vuejs/core@v3.5.33...v3.5.35)

---
updated-dependencies:
- dependency-name: vue
  dependency-version: 3.5.34
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/vue-3.5.34 branch from dc53cf6 to 7fd033a Compare May 29, 2026 14:14
@Goosterhof Goosterhof mentioned this pull request Jun 1, 2026
Merged
@Goosterhof
Copy link
Copy Markdown
Contributor

Goosterhof commented Jun 1, 2026

Superseded by #102 — Dependabot's surgical lockfile edit split the vue family (3.5.35 nested under sub-packages vs 3.5.33 hoisted root), severing reactivity and emptying the toast renders. #102 regenerates a clean single-copy lockfile. Closing in favor of the clean regen.

@Goosterhof Goosterhof closed this Jun 1, 2026
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Jun 1, 2026

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/vue-3.5.34 branch June 1, 2026 09:30
Goosterhof added a commit that referenced this pull request Jun 1, 2026
@Goosterhof @claude
chore(deps-dev): bump vue 3.5.33 → 3.5.35 via clean lockfile regen (s…
303f468 
…ingle hoisted family) — supersedes #81

Dependabot #81 did a surgical lockfile edit that nested @vue/compiler-* at
3.5.35 under sub-packages while the hoisted root vue/@VUE stayed at 3.5.33.
Two copies of vue in one tree severs reactivity → empty renders → toast.spec.ts
"Mock called 0 times" failures on test:coverage.

This regenerates package-lock.json from scratch (rm -rf node_modules
package-lock.json && npm install), yielding a single hoisted vue family at
3.5.35 across the whole workspace. No package.json range edits — the ^3.5.33
carets already permit 3.5.35. Lockfile-only.

The clean regen also collapses a pre-existing packages/router nested 3.5.35
split present on main; the regenerated tree has zero packages/*/node_modules
entries.

Audit-gate preservation: the naive regen floated Stryker's transitive
typed-rest-client 2.3.0 → 2.3.1, which exact-pins the vulnerable qs@6.15.1
(GHSA-q8mj-m7cp-5q26) — clobbering the curation PR #100 landed on main. Held
typed-rest-client at 2.3.0 (its ^6.14.1 qs range resolves to patched 6.15.2)
via npm audit fix, lockfile-only, restoring `npm audit` = 0 vulnerabilities.
No package.json change.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Goosterhof added a commit that referenced this pull request Jun 1, 2026
@Goosterhof
Merge pull request #102 from script-development/medic/supersede-81-vu…
b5a3336 
…e-family-lockstep

chore(deps-dev): bump vue 3.5.33 → 3.5.35 (clean lockfile regen, single hoisted family) — supersedes #81
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Goosterhof