chore(deps): update dependency vite to ^8.0.14

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
vite (source)	^8.0.13 → ^8.0.14

cc @skulidropek

---

Release Notes

vitejs/vite (vite)

v8.0.14

Compare Source

Features

• update rolldown to 1.0.2 (#​22484) (96efc88)

Bug Fixes

• deps: update all non-major dependencies (#​22471) (98b8163)
• dev: handle errors when sending messages to vite server (#​22450) (e8e9a34)
• html: handle trailing slash paths in transformIndexHtml (#​22480) (5d94d1b)
• optimizer: pass oxc jsx options to transformSync in dependency scan (#​22342) (b3132da)

Miscellaneous Chores

• deps: update rolldown-related dependencies (#​22470) (7cb728e)
• remove irrelevant commits from changelog (2c69495)

Code Refactoring

• glob: do not rewrite import path for absolute base (#​22310) (0ae2844)

Tests

• css: sass does not use main field (#​22449) (ebf39a0)

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[coderabbitai]

Caution

Review failed

Pull request was closed or merged during review

📝 Walkthrough

Summary by CodeRabbit

• Chores
  • Обновлена dev‑зависимость Vite (8.0.13 → 8.0.14) в нескольких внутренних пакетах.
  • Обновление носит косметический характер и не влияет на публичные API или поведение пользователя.

Walkthrough

Обновлена версия dev-зависимости Vite с ^8.0.13 на ^8.0.14 в трёх файлах package.json: packages/app, packages/docker-git-session-sync и packages/lib.

Changes

Обновление Vite в зависимостях

Layer / File(s)	Summary
Обновление Vite 8.0.13 → 8.0.14 packages/app/package.json, packages/docker-git-session-sync/package.json, packages/lib/package.json	Версия dev-зависимости Vite обновлена с ^8.0.13 на ^8.0.14 во всех трёх пакетах монорепозитория.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Possibly related issues

• Dependency Dashboard #99: Соответствует задаче по обновлению Vite в нескольких пакетах (тот же набор bump-ов).

Possibly related PRs

• ProverCoderAI/docker-git#296: Предыдущее последовательное обновление той же зависимости Vite (^8.0.12 → ^8.0.13).

Suggested reviewers

• skulidropek

---

Important

Pre-merge checks failed

Please resolve all errors before merging. Addressing warnings is optional.

❌ Failed checks (1 error, 1 warning)

Check name	Status	Explanation	Resolution
Requirements Alignment	❌ Error	PR spec exists (v8.0.14 release notes) but unaddressed reviewer comment demands rationale documentation for vite bump in packages/lib; no justification provided in commit message or code.	Add brief justification in commit message or PR description explaining bugfix/compatibility rationale for v8.0.14 update to address reviewer's concern about packages/lib dependency change.
Description check	⚠️ Warning	Описание не соответствует требуемому шаблону репозитория: отсутствуют разделы 'Source TZ / Issues', 'Summary', 'Requirements Alignment' и 'Verification'.	Переформатируйте описание согласно шаблону репозитория, включив все требуемые разделы и структуру документации.

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	Заголовок точно описывает основное изменение - обновление зависимости vite до версии ^8.0.14 во всех пакетах.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Security Regression	✅ Passed	PR содержит только обновление vite с ^8.0.13 на ^8.0.14. Версия 8.0.14 содержит исправления уязвимостей CVE-2026-39363 и CVE-2026-39365. Нет новых CVE для этой версии. Изменения безопасны.

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch renovate/all

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@packages/app/package.json`:
- Line 122: The PR needs concrete acceptance criteria and actual smoke-test
results for bumping devDependencies.vite in packages/app/package.json from
^8.0.13 to ^8.0.14: add a short list of invariants/pre- and post-conditions and
paste terminal outputs (or summarized pass/fail lines) for the commands
build:app, build:web, dev:web, preview:web, plus at least the output of `bun run
docker-git --help` (and if relevant `bun run docker-git -- browser`) mentioning
whether DOCKER_GIT_WEB_HOST behavior matches README; also include a link or
quoted excerpt to the official Vite v8.0.14 release notes (or note absence) and
explicitly state any observed differences vs v8.0.13 around
build/SSR/transformIndexHtml.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro Plus

Run ID: 90b7addd-7ce4-4010-bb08-0c0ec9569cc9

📥 Commits

Reviewing files that changed from the base of the PR and between 464fc34 and ca92574.

⛔ Files ignored due to path filters (1)

• bun.lock is excluded by !**/*.lock

📒 Files selected for processing (3)

• packages/app/package.json
• packages/docker-git-session-sync/package.json
• packages/lib/package.json

📜 Review details

⏰ Context from checks skipped due to timeout of 900000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (9)

• GitHub Check: E2E (Runtime volumes + SSH)
• GitHub Check: E2E (Clone auto-open SSH)
• GitHub Check: E2E (Browser command)
• GitHub Check: E2E (OpenCode)
• GitHub Check: E2E (Clone cache)
• GitHub Check: E2E (Login context)
• GitHub Check: Lint
• GitHub Check: Test
• GitHub Check: Final build (windows-latest)

🧰 Additional context used

📓 Path-based instructions (3)

**/*.{js,ts,jsx,tsx,py,java,go,rb,php,sh,bash,yml,yaml,json,env*,toml,cfg,config,dockerfile,dockerignore}

📄 CodeRabbit inference engine (Custom checks)

Fail if changed files expose credentials, tokens, private-keys, or PII in source, generated config, logs, or CI output

Files:

• packages/lib/package.json
• packages/docker-git-session-sync/package.json
• packages/app/package.json

**/{package*.json,requirements*.txt,setup.py,setup.cfg,Pipfile,Pipfile.lock,pyproject.toml,pom.xml,build.gradle,Gemfile,Gemfile.lock,go.mod,go.sum,composer.json,Cargo.toml,Cargo.lock}

📄 CodeRabbit inference engine (Custom checks)

Fail if dependency or package-manager changes materially increase supply-chain risk without justification

Files:

• packages/lib/package.json
• packages/docker-git-session-sync/package.json
• packages/app/package.json

**/*

⚙️ CodeRabbit configuration file

**/*: Ты строгий ревьюер SPEC DRIVEN DEVELOPMENT.

Перед выводами изучи README.md, другие *.md файлы, linked issues,
PR description, PR comments/discussion и релевантную кодовую базу.

Сверь изменения с исходным ТЗ/спекой и обсуждением. Флагай любой уход
от спеки, недокументированное изменение поведения, отсутствие тестов
для заявленного поведения и security-риск. Если спека не видна,
попроси автора добавить ее в issue или PR description.

Проверь решение с точки зрения формальной верификации: какие инварианты,
предусловия и постусловия можно доказать математически, а где доказуемость
слабая. Оцени решение с точки зрения теории игр: устойчивы ли стимулы,
нет ли выгодного обхода правил, и какое решение было бы сильнее.

Files:

• packages/lib/package.json
• packages/docker-git-session-sync/package.json
• packages/app/package.json

[coderabbitai]

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

🧩 Analysis chain

🌐 Web query:

Official Vite changelog: what changed in 8.0.14 vs 8.0.13, and were any regressions or breaking behavior noted for build/SSR/transformIndexHtml?

💡 Result:

Vite 8.0.14 changelog vs 8.0.13: I couldn’t find an official Vite 8.0.14 entry in the sources available to me, so I can’t reliably list “what changed in 8.0.14 vs 8.0.13” from the official changelog. What I can confirm from the official changelog content I found is only the 8.0.13 set of changes, and it includes the following build/SSR-related items: - build: copy public directory after building same environment with write=false (#22328) [1][2] - ssr: avoid rewriting labels that collide with imports (#22451) [1][2] No regressions or breaking behavior specific to build/SSR/transformIndexHtml were explicitly called out for 8.0.14 vs 8.0.13 in the changelog content I located. If you can share the official “v8.0.14” release/tag URL (or paste the changelog section text), I can re-run the comparison and then answer your exact “what changed” and “any regressions/breaking behavior for build/SSR/transformIndexHtml?” questions precisely.

Citations:

• 1: https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md
• 2: https://raw.githubusercontent.com/vitejs/vite/main/packages/vite/CHANGELOG.md

---

Требуются acceptance criteria и фактические smoke-результаты после bump Vite до 8.0.14

• Для packages/app/package.json (devDependencies.vite: ^8.0.13 → ^8.0.14) добавьте в описание PR конкретные инварианты/пред- и постусловия и приложите фактические результаты прогонов: build:app, build:web, dev:web, preview:web, а также как минимум bun run docker-git --help (и при необходимости bun run docker-git -- browser, с упоминанием DOCKER_GIT_WEB_HOST согласно README).
• Уточните влияние именно Vite 8.0.14 относительно 8.0.13: пришлите ссылку на официальный релиз/секцию v8.0.14 (или процитируйте её), т.к. в доступном changelog-контенте не находится явной записи 8.0.14 для точного ответа про build/SSR/transformIndexHtml.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@packages/app/package.json` at line 122, The PR needs concrete acceptance
criteria and actual smoke-test results for bumping devDependencies.vite in
packages/app/package.json from ^8.0.13 to ^8.0.14: add a short list of
invariants/pre- and post-conditions and paste terminal outputs (or summarized
pass/fail lines) for the commands build:app, build:web, dev:web, preview:web,
plus at least the output of `bun run docker-git --help` (and if relevant `bun
run docker-git -- browser`) mentioning whether DOCKER_GIT_WEB_HOST behavior
matches README; also include a link or quoted excerpt to the official Vite
v8.0.14 release notes (or note absence) and explicitly state any observed
differences vs v8.0.13 around build/SSR/transformIndexHtml.