chore: bump @vitest/coverage-v8 from 3.2.4 to 4.1.0 in /web by dependabot[bot] · Pull Request #379 · Aureliolo/synthorg

dependabot · 2026-03-14T09:38:57Z

Bumps @vitest/coverage-v8 from 3.2.4 to 4.1.0.

Release notes

Sourced from @vitest/coverage-v8's releases.

v4.1.0

Vitest 4.1 is out!

This release page lists all changes made to the project during the 4.1 beta. To get a review of all the new features, read our blog post.

🚀 Features

Return a disposable from doMock() - by @kirkwaiblinger in vitest-dev/vitest#9332 (e3e65)

Added chai style assertions - by @ronnakamoto and @sheremet-va in vitest-dev/vitest#8842 (841df)

Update to sinon/fake-timers v15 and add setTickMode to timer controls - by @atscott and @sheremet-va in vitest-dev/vitest#8726 (4b480)

Expose matcher types - by @sheremet-va in vitest-dev/vitest#9448 (3e4b9)

Add toTestSpecification to reported tasks - by @sheremet-va in vitest-dev/vitest#9464 (1a470)

Show a warning if vi.mock or vi.hoisted are declared outside of top level of the module - by @sheremet-va in vitest-dev/vitest#9387 (5db54)

Track and display expectedly failed tests (.fails) in UI and CLI - by @Copilot, sheremet-va and @sheremet-va in vitest-dev/vitest#9476 (77d75)

Support tags - by @sheremet-va in vitest-dev/vitest#9478 (de7c8)

Implement aroundEach and aroundAll hooks - by @sheremet-va in vitest-dev/vitest#9450 (2a8cb)

Stabilize experimental features - by @sheremet-va in vitest-dev/vitest#9529 (b5fd2)

Accept new or all in --update flag - by @sheremet-va in vitest-dev/vitest#9543 (a5acf)

Support meta in test options - by @sheremet-va in vitest-dev/vitest#9535 (7d622)

Support type inference with a new test.extend syntax - by @sheremet-va in vitest-dev/vitest#9550 (e5385)

Support vite 8 beta, fix type issues in the config with different vite versions - by @sheremet-va in vitest-dev/vitest#9587 (99028)

Add assertion helper to hide internal stack traces - by @hi-ogawa and Claude Opus 4.6 in vitest-dev/vitest#9594 (eeb0a)

Store failure screenshots using artifacts API - by @macarie in vitest-dev/vitest#9588 (24603)

Allow vitest list to statically collect tests instead of running files to collect them - by @sheremet-va in vitest-dev/vitest#9630 (7a8e7)

Add --detect-async-leaks - by @AriPerkkio in vitest-dev/vitest#9528 (c594d)

Implement mockThrow and mockThrowOnce - by @thor-juhasz and @sheremet-va in vitest-dev/vitest#9512 (61917)

Support update: "none" and add docs about snapshots behavior on CI - by @hi-ogawa in vitest-dev/vitest#9700 (05f18)

Support playwright launchOptions with connectOptions - by @hi-ogawa in vitest-dev/vitest#9702 (f0ff1)

Add page/locator.mark API to enhance playwright trace - by @hi-ogawa in vitest-dev/vitest#9652 (d0ee5)

api:

Support tests starting or ending with test in experimental_parseSpecification - by @jgillick and Jeremy Gillick in vitest-dev/vitest#9235 (2f367)

Add filters to createSpecification - by @sheremet-va in vitest-dev/vitest#9336 (c8e6c)

Expose runTestFiles as alternative to runTestSpecifications - by @sheremet-va in vitest-dev/vitest#9443 (43d76)

Add allowWrite and allowExec options to api - by @sheremet-va in vitest-dev/vitest#9350 (20e00)

Allow passing down test cases to toTestSpecification - by @sheremet-va in vitest-dev/vitest#9627 (6f17d)

browser:

Add userEvent.wheel API - by @macarie in vitest-dev/vitest#9188 (66080)

Add filterNode option to prettyDOM for filtering browser assertion error output - by @Copilot, sheremet-va and @sheremet-va in vitest-dev/vitest#9475 (d3220)

Support playwright persistent context - by @hi-ogawa, Claude Opus 4.6 and @sheremet-va in vitest-dev/vitest#9229 (f865d)

Added detailsPanelPosition option and button - by @shairez in vitest-dev/vitest#9525 (c8a31)

Use BlazeDiff instead of pixelmatch - by @macarie in vitest-dev/vitest#9514 (30936)

Add findElement and enable strict mode in webdriverio and preview - by @sheremet-va in vitest-dev/vitest#9677 (c3f37)

cli:

Add @bomb.sh/tab completions - by @AmirSa12 and @sheremet-va in vitest-dev/vitest#8639 (200f3)

coverage:

Support ignore start/stop ignore hints - by @AriPerkkio in vitest-dev/vitest#9204 (e59c9)

Add coverage.changed option to report only changed files - by @kykim00 and @AriPerkkio in vitest-dev/vitest#9521 (1d939)

experimental:

Add onModuleRunner hook to worker.init - by @sheremet-va in vitest-dev/vitest#9286 (e977f)

Option to disable the module runner - by @sheremet-va and @AriPerkkio in vitest-dev/vitest#9210 (9be61)

... (truncated)

Commits

4150b91 chore: release v4.1.0
0c2c013 chore: release v4.1.0-beta.6
689a22a fix(browser): types of getCDPSession and cdp() (#9716)
94eb73b chore(deps): update eslint packages (#9615)
8c96bb0 refator: update links to npmx (#9783)
aaf7758 chore: standardize packages README (#9776)
57cbe39 chore(deps): update ast-v8-to-istanbul to v1 (#9755)
79672d7 chore: release v4.1.0-beta.5
1d9e3b3 chore: release v4.1.0-beta.4
4ff8c6f chore(build): raise build target to the minimum supported, don't bundle utils...
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @vitest/coverage-v8 since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

greptile-apps · 2026-03-14T09:39:00Z

PR author is in the excluded authors list.

socket-security · 2026-03-14T09:39:27Z

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	npm/@vitest/coverage-v8@3.2.4 ⏵ 4.1.0	⁺¹		⁺⁸

View full report

github-actions · 2026-03-14T09:39:54Z

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package

Version

Score

Details

npm/@vitest/coverage-v8

4.1.0

Unknown

npm/@vitest/pretty-format

4.1.0

Unknown

npm/@vitest/utils

4.1.0

Unknown

npm/ast-v8-to-istanbul

1.0.0

Unknown

npm/convert-source-map

2.0.0

🟢 3.9

Details

Check	Score	Reason
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Security-Policy	🟢 10	security policy file detected
Code-Review	🟢 4	Found 12/30 approved changesets -- score normalized to 4
Binary-Artifacts	🟢 10	no binaries found in the repo
Packaging	⚠️ -1	packaging workflow not detected
Maintained	⚠️ 0	0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Fuzzing	⚠️ 0	project is not fuzzed
License	🟢 10	license file detected
Branch-Protection	⚠️ 0	branch protection not enabled on development/release branches
Signed-Releases	⚠️ -1	no releases found
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

npm/magicast

0.5.2

Unknown

npm/obug

2.1.1

Unknown

npm/std-env

4.0.0

Unknown

npm/tinyrainbow

3.1.0

Unknown

Scanned Files

web/package-lock.json

Bumps [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8) from 3.2.4 to 4.1.0. - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.0/packages/coverage-v8) --- updated-dependencies: - dependency-name: "@vitest/coverage-v8" dependency-version: 4.1.0 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2026-03-14T11:35:50Z

Superseded by #389.

dependabot Bot added the type:chore Maintenance, cleanup, dependency updates label Mar 14, 2026

dependabot Bot requested a review from Aureliolo as a code owner March 14, 2026 09:38

dependabot Bot added the type:chore Maintenance, cleanup, dependency updates label Mar 14, 2026

dependabot Bot temporarily deployed to ci March 14, 2026 09:39 Inactive

dependabot Bot force-pushed the dependabot/npm_and_yarn/web/vitest/coverage-v8-4.1.0 branch from d1a4544 to e81e37f Compare March 14, 2026 09:49

dependabot Bot temporarily deployed to ci March 14, 2026 09:49 Inactive

dependabot Bot force-pushed the dependabot/npm_and_yarn/web/vitest/coverage-v8-4.1.0 branch from e81e37f to 743b894 Compare March 14, 2026 10:03

dependabot Bot temporarily deployed to ci March 14, 2026 10:03 Inactive

dependabot Bot force-pushed the dependabot/npm_and_yarn/web/vitest/coverage-v8-4.1.0 branch from 743b894 to 9a478f6 Compare March 14, 2026 10:09

dependabot Bot temporarily deployed to ci March 14, 2026 10:09 Inactive

dependabot Bot closed this Mar 14, 2026

dependabot Bot deleted the dependabot/npm_and_yarn/web/vitest/coverage-v8-4.1.0 branch March 14, 2026 11:35

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore: bump @vitest/coverage-v8 from 3.2.4 to 4.1.0 in /web#379

chore: bump @vitest/coverage-v8 from 3.2.4 to 4.1.0 in /web#379
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/web/vitest/coverage-v8-4.1.0

dependabot Bot commented on behalf of github Mar 14, 2026 •

edited

Loading

Uh oh!

greptile-apps Bot commented Mar 14, 2026

Uh oh!

socket-security Bot commented Mar 14, 2026 •

edited

Loading

Uh oh!

github-actions Bot commented Mar 14, 2026 •

edited

Loading

Uh oh!

dependabot Bot commented on behalf of github Mar 14, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github Mar 14, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v4.1.0

🚀 Features

Uh oh!

greptile-apps Bot commented Mar 14, 2026

Uh oh!

socket-security Bot commented Mar 14, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

github-actions Bot commented Mar 14, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Dependency Review

OpenSSF Scorecard

Scanned Files

Uh oh!

dependabot Bot commented on behalf of github Mar 14, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

dependabot Bot commented on behalf of github Mar 14, 2026 •

edited

Loading

socket-security Bot commented Mar 14, 2026 •

edited

Loading

github-actions Bot commented Mar 14, 2026 •

edited

Loading