chore(deps-dev): bump the rollup group with 3 updates #3380

dependabot · 2025-09-29T09:39:21Z

Bumps the rollup group with 3 updates: @rollup/plugin-commonjs, rollup and rollup-plugin-node-externals.

Updates @rollup/plugin-commonjs from 28.0.5 to 28.0.6

Changelog

Sourced from @rollup/plugin-commonjs's changelog.

v28.0.6

2025-06-17

Bugfixes

fix: fix crash with invalidated proxy modules (#1876)

Commits

a433ac9 chore(release): commonjs v28.0.6
7b9d40d fix(commonjs): fix crash with invalidated proxy modules (#1876)
See full diff in compare view

Updates rollup from 4.43.0 to 4.52.3

Release notes

Sourced from rollup's releases.

v4.52.3

4.52.3

2025-09-27

Bug Fixes

Fix check in native loader for environments that do not support reports (#6123)

Pull Requests

#6123: fix(native-loader): safely handle report.getReport() on Termux/Android (@Jobians, @lukastaegert)

#6124: chore(deps): pin msys2/setup-msys2 action to fb197b7 (@renovate[bot])

#6125: fix(deps): lock file maintenance minor/patch updates (@renovate[bot])

#6126: chore(deps): lock file maintenance minor/patch updates (@renovate[bot])

v4.52.2

4.52.2

2025-09-23

Bug Fixes

Fix Android build crashing due to failed dlopen (#6109)

Pull Requests

#6109: fix(rust): use prebuilt std when it is available (@cyyynthia)

v4.52.1

4.52.1

2025-09-23

Bug Fixes

Opt-out of dynamic import optimization when using top-level await to effectively prevent deadlocks (#6121)

Pull Requests

#6121: Simplify top-level await deadlock prevention (@lukastaegert)

v4.52.0

4.52.0

2025-09-19

Features

Add option output.onlyExplicitManualChunks to turn off merging additional dependencies into manual chunks (#6087)

... (truncated)

Changelog

Sourced from rollup's changelog.

4.52.3

2025-09-27

Bug Fixes

Fix check in native loader for environments that do not support reports (#6123)

Pull Requests

#6123: fix(native-loader): safely handle report.getReport() on Termux/Android (@Jobians, @lukastaegert)

#6124: chore(deps): pin msys2/setup-msys2 action to fb197b7 (@renovate[bot])

#6125: fix(deps): lock file maintenance minor/patch updates (@renovate[bot])

#6126: chore(deps): lock file maintenance minor/patch updates (@renovate[bot])

4.52.2

2025-09-23

Bug Fixes

Fix Android build crashing due to failed dlopen (#6109)

Pull Requests

#6109: fix(rust): use prebuilt std when it is available (@cyyynthia)

4.52.1

2025-09-23

Bug Fixes

Opt-out of dynamic import optimization when using top-level await to effectively prevent deadlocks (#6121)

Pull Requests

#6121: Simplify top-level await deadlock prevention (@lukastaegert)

4.52.0

2025-09-19

Features

Add option output.onlyExplicitManualChunks to turn off merging additional dependencies into manual chunks (#6087)

Add support for x86_64-pc-windows-gnu platform (#6110)

Pull Requests

... (truncated)

Commits

74c555c 4.52.3
4362862 fix(native-loader): safely handle report.getReport() on Termux/Android (#6123)
7340c45 chore(deps): pin msys2/setup-msys2 action to fb197b7 (#6124)
cfe817e chore(deps): lock file maintenance minor/patch updates (#6126)
89e4411 fix(deps): lock file maintenance minor/patch updates (#6125)
fa2315c 4.52.2
10b2672 fix(rust): use prebuilt std when it is available (#6109)
69b5dd3 4.52.1
5eee44c Simplify top-level await deadlock prevention (#6121)
2029f63 4.52.0
Additional commits viewable in compare view

Updates rollup-plugin-node-externals from 8.0.0 to 8.1.1

Release notes

Sourced from rollup-plugin-node-externals's releases.

v8.1.1

VSCode stuff bce53db

Back to a synchronous factory. Fixes #37. bc1a2f3

Shorten excessively long line 6423e23

Remove useless intermediary variable 910f3b3

Septh/rollup-plugin-node-externals@v8.1.0...v8.1.1

v8.1.0

Fix linting issues c6e0784

Fix usage of fast-check 4 in test 93f10c6

Update dependencies to their latest version 997a50b

Update README.md cc7a232

Activate support for rush.json as a workspace root marker 4061761

Ask git the root of the repo instead of (wrongly) looking for a .git folder 34c0d38

Septh/rollup-plugin-node-externals@v8.0.1...v8.1.0

v8.0.1

This is a maintenance-only release.

Typos 4e233eb

Update dev dependencies 8775fc8

Update VS Code task to run on folder open 2d3c7d0

Update package description c75855d

Update README.md with #35 warning 171b2b6

Add Vite's apply: 'build' property 04add45

Septh/rollup-plugin-node-externals@v8.0.0...v8.0.1

Commits

f5c40e5 8.1.1
bce53db VSCode stuff
bc1a2f3 Back to a synchronous factory. Fixes #37.
6423e23 Shorten excessively long line
910f3b3 Remove useless intermediary variable
6162d29 8.1.0
c6e0784 Fix linting issues
93f10c6 Fix usage of fast-check 4 in test
997a50b Update dependencies to their latest version
cc7a232 Update README.md
Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the rollup group with 3 updates: [@rollup/plugin-commonjs](https://github.com/rollup/plugins/tree/HEAD/packages/commonjs), [rollup](https://github.com/rollup/rollup) and [rollup-plugin-node-externals](https://github.com/Septh/rollup-plugin-node-externals). Updates `@rollup/plugin-commonjs` from 28.0.5 to 28.0.6 - [Changelog](https://github.com/rollup/plugins/blob/master/packages/commonjs/CHANGELOG.md) - [Commits](https://github.com/rollup/plugins/commits/commonjs-v28.0.6/packages/commonjs) Updates `rollup` from 4.43.0 to 4.52.3 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.43.0...v4.52.3) Updates `rollup-plugin-node-externals` from 8.0.0 to 8.1.1 - [Release notes](https://github.com/Septh/rollup-plugin-node-externals/releases) - [Commits](Septh/rollup-plugin-node-externals@v8.0.0...v8.1.1) --- updated-dependencies: - dependency-name: "@rollup/plugin-commonjs" dependency-version: 28.0.6 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: rollup - dependency-name: rollup dependency-version: 4.52.3 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: rollup - dependency-name: rollup-plugin-node-externals dependency-version: 8.1.1 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: rollup ... Signed-off-by: dependabot[bot] <support@github.com>

tbouffard

✔️ All checks pass
✔️ Changelog and release-notes reviewed. Nothing impactful for us.

@dependabot squash and merge

dependabot bot added dependencies Pull requests that update a dependency (dev or runtime) javascript Pull requests that update Javascript code skip-changelog Do not include in Changelog and Release Notes labels Sep 29, 2025

tbouffard approved these changes Sep 29, 2025

View reviewed changes

dependabot bot merged commit 08795e2 into master Sep 29, 2025
22 checks passed

dependabot bot deleted the dependabot/npm_and_yarn/rollup-719d451d66 branch September 29, 2025 10:10

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

chore(deps-dev): bump the rollup group with 3 updates #3380

chore(deps-dev): bump the rollup group with 3 updates #3380

Uh oh!

dependabot bot commented on behalf of github Sep 29, 2025

Uh oh!

tbouffard left a comment

Uh oh!

Uh oh!

Uh oh!

chore(deps-dev): bump the rollup group with 3 updates #3380

chore(deps-dev): bump the rollup group with 3 updates #3380

Uh oh!

Conversation

dependabot bot commented on behalf of github Sep 29, 2025

v28.0.6

Bugfixes

v4.52.3

4.52.3

Bug Fixes

Pull Requests

v4.52.2

4.52.2

Bug Fixes

Pull Requests

v4.52.1

4.52.1

Bug Fixes

Pull Requests

v4.52.0

4.52.0

Features

4.52.3

Bug Fixes

Pull Requests

4.52.2

Bug Fixes

Pull Requests

4.52.1

Bug Fixes

Pull Requests

4.52.0

Features

Pull Requests

v8.1.1

v8.1.0

v8.0.1

Uh oh!

tbouffard left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!