chore(deps-dev): bump vite from 8.0.11 to 8.0.16 in /docs

[dependabot]

Bumps vite from 8.0.11 to 8.0.16.

Release notes

Sourced from vite's releases.

v8.0.16

Please refer to CHANGELOG.md for details.

v8.0.15

Please refer to CHANGELOG.md for details.

v8.0.14

Please refer to CHANGELOG.md for details.

v8.0.13

Please refer to CHANGELOG.md for details.

v8.0.12

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

8.0.16 (2026-06-01)

Bug Fixes

• deps: reject UNC paths for launch-editor-middleware (#22571) (50b9512)
• reject windows alternate paths (#22572) (dc245c7)

8.0.15 (2026-06-01)

Features

• send 408 on request timeout (#22476) (c85c9ee)
• update rolldown to 1.0.3 (#22538) (646dbed)

Bug Fixes

• capitalize error messages and remove spurious space in parse error (#22488) (85a0eff)
• deps: update all non-major dependencies (#22511) (2686d7d)
• dev: fix html-proxy cache key mismatch for /@fs/ HTML paths (#21762) (47c4213)
• glob: error on relative glob in virtual module when no files match (#22497) (5c8e98f)
• optimizer: close the rolldown bundle when write() rejects (#22528) (e3cfb9d)
• resolve: provide onWarn for viteResolvePlugin in JS plugin containers (#22509) (40985f1)

Miscellaneous Chores

• deps: update rolldown-related dependencies (#22566) (3052a67)

Code Refactoring

• correct logic in collectAllModules function (#22562) (6978a9c)

8.0.14 (2026-05-21)

Features

• update rolldown to 1.0.2 (#22484) (96efc88)

Bug Fixes

• deps: update all non-major dependencies (#22471) (98b8163)
• dev: handle errors when sending messages to vite server (#22450) (e8e9a34)
• html: handle trailing slash paths in transformIndexHtml (#22480) (5d94d1b)
• optimizer: pass oxc jsx options to transformSync in dependency scan (#22342) (b3132da)

Miscellaneous Chores

• deps: update rolldown-related dependencies (#22470) (7cb728e)
• remove irrelevant commits from changelog (2c69495)

Code Refactoring

• glob: do not rewrite import path for absolute base (#22310) (0ae2844)

... (truncated)

Commits

• f94df87 release: v8.0.16
• dc245c7 fix: reject windows alternate paths (#22572)
• 50b9512 fix(deps): reject UNC paths for launch-editor-middleware (#22571)
• 8d1b019 release: v8.0.15
• 2686d7d fix(deps): update all non-major dependencies (#22511)
• 3052a67 chore(deps): update rolldown-related dependencies (#22566)
• e3cfb9d fix(optimizer): close the rolldown bundle when write() rejects (#22528)
• 6978a9c refactor: correct logic in collectAllModules function (#22562)
• 646dbed feat: update rolldown to 1.0.3 (#22538)
• 85a0eff fix: capitalize error messages and remove spurious space in parse error (#22488)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[greptile-apps]

Greptile Summary

This PR bumps the vite devDependency in docs/package.json from ^8.0.12 to ^8.0.16, incorporating several patch releases with bug and security fixes.

• Security fixes (8.0.16): Rejects UNC paths and Windows alternate paths for launch-editor-middleware, closing potential path-traversal vectors in the dev server.
• Bug fixes (8.0.12–8.0.15): Includes fixes for the rolldown optimizer bundle leak, html-proxy cache key mismatches, glob handling in virtual modules, and error handling improvements. This is a safe, low-risk patch bump scoped to the docs site build tooling.

Confidence Score: 5/5

Safe to merge — this is a patch-level devDependency bump scoped entirely to the docs site, with no application runtime impact.

The only change is bumping vite in the docs workspace. All intermediate releases are patch versions containing bug and security fixes with no breaking changes. The update is backwards-compatible and confined to the documentation build environment.

No files require special attention.

Important Files Changed

Filename	Overview
docs/package.json	Bumps the vite devDependency version specifier from ^8.0.12 to ^8.0.16, picking up security fixes for UNC path and Windows alternate path rejection in launch-editor-middleware.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[docs/package.json] -->|devDependency bump| B[vite ^8.0.12 → ^8.0.16]
    B --> C[8.0.12: html trailing-slash fix]
    B --> D[8.0.13–8.0.14: rolldown & optimizer fixes]
    B --> E[8.0.15: request timeout + glob fixes]
    B --> F[8.0.16: security — reject UNC & Windows alternate paths]

Loading

_{Reviews (1): Last reviewed commit: "chore(deps-dev): bump vite from 8.0.11 t..." | Re-trigger Greptile}