Bump vite from 8.0.9 to 8.0.10 in /actions/setup/js

[dependabot]

Bumps vite from 8.0.9 to 8.0.10.

Release notes

Sourced from vite's releases.

v8.0.10

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

8.0.10 (2026-04-23)

Features

• update rolldown to 1.0.0-rc.17 (#22299) (a4d06d9)

Bug Fixes

• hmrClient.logger.debug and hmrClient.logger.error looked different from other HMR logs (#22147) (a4d828f)
• css: show filename in CSS minification warnings for .css?inline (#22292) (83f0a78)
• optimizer: allow user transform.target to override default in optimizeDeps (#22273) (5c7cec6)
• remove format sniffing module resolution from JS resolver (#22297) (b8a21cc)

Code Refactoring

• enable some typecheck rules (#22278) (9437518)
• typecheck client directory (#22284) (40a0847)

Commits

• 32c2978 release: v8.0.10
• a4d06d9 feat: update rolldown to 1.0.0-rc.17 (#22299)
• a4d828f fix: hmrClient.logger.debug and hmrClient.logger.error looked different f...
• 83f0a78 fix(css): show filename in CSS minification warnings for .css?inline (#22292)
• b8a21cc fix: remove format sniffing module resolution from JS resolver (#22297)
• 40a0847 refactor: typecheck client directory (#22284)
• 5c7cec6 fix(optimizer): allow user transform.target to override default in optimizeDe...
• 9437518 refactor: enable some typecheck rules (#22278)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

❌ Smoke Multi PR failed to create multiple PRs. Check the logs.

[github-actions]

📰 DEVELOPING STORY: Smoke Copilot ARM64 reports was cancelled. Our correspondents are investigating the incident...

[github-actions]

❌ Smoke Temporary ID encountered failures. Check the logs for details.

[github-actions]

❌ Smoke Project encountered failures. Check the logs for details.

[github-actions]

Dependabot Repair Review

Action: no-op
Checks reviewed: yes
Repair PR: N/A

Summary: All CI checks are passing or in-progress — no failures detected. No repair needed for this dependabot PR bumping vite from 8.0.9 to 8.0.10.
Next Step: Await remaining in-progress checks; merge when all pass.

Generated by Dependabot Local Repair for issue #28909 · ● 184.4K · ◷

To install this agentic workflow, run

gh aw add githubnext/dependabot-campaign/.github/workflows/dependabot-repair.md@ff91842c074b23270d3a0e26a7206a251232a374

[github-actions]

Hey @dependabot 👋 — thanks for keeping the vite dependency in actions/setup/js up to date with this patch bump to 8.0.10!

A couple of things worth noting for maintainers reviewing this:

• Process note — The CONTRIBUTING.md states that this project uses a core-team-only PR model. Dependabot is typically configured by the core team, so this automated PR is likely intentional — but it may be worth confirming that Dependabot is expected to open PRs directly rather than having a core team member review and apply the bump via an agent.
• No tests changed — This is a patch-level dependency update (bug fixes + rolldown upgrade), so test changes aren't expected. However, it's worth ensuring the existing test suite passes on the updated version before merging.

If a core team member wants to verify and land this update via the standard agentic workflow, here's a ready-to-use prompt:

Review and apply the vite patch bump from 8.0.9 to 8.0.10 in actions/setup/js.
1. Check the vite 8.0.10 changelog for any breaking changes or notable fixes.
2. Update package.json and regenerate package-lock.json if needed.
3. Run the existing test suite in actions/setup/js to confirm nothing is broken.
4. Commit and push to the appropriate branch following the project's agentic workflow.

Generated by Contribution Check · ● 2.1M · ◷

[mnkiefer]

@copilot resolve the merge conflicts in this pull request

[Copilot]

@copilot resolve the merge conflicts in this pull request

The merge conflicts have already been resolved — the branch is clean and up to date. Vite is correctly bumped to 8.0.10 in both package.json and package-lock.json.

[github-actions]

✅ smoke-ci: safeoutputs CLI comment + comment-memory run (25094262761)

Generated by Smoke CI for issue #28909 · ◷