Skip to content

chore(deps): bump @rollup/rollup-linux-x64-gnu from 4.9.5 to 4.62.2#113

Merged
hasparus merged 2 commits into
mainfrom
dependabot/npm_and_yarn/rollup/rollup-linux-x64-gnu-4.62.2
Jul 2, 2026
Merged

chore(deps): bump @rollup/rollup-linux-x64-gnu from 4.9.5 to 4.62.2#113
hasparus merged 2 commits into
mainfrom
dependabot/npm_and_yarn/rollup/rollup-linux-x64-gnu-4.62.2

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown
Contributor

Bumps @rollup/rollup-linux-x64-gnu from 4.9.5 to 4.62.2.

Release notes

Sourced from @​rollup/rollup-linux-x64-gnu's releases.

v4.62.2

4.62.2

2026-06-19

Bug Fixes

  • Do not add spurious side-effect-free external imports to chunks when using minChunkSize (#6411)

Pull Requests

v4.62.1

4.62.1

2026-06-19

Bug Fixes

  • Preserve multipart file extensions when deconflicting output chunks (#6408)
  • Fix an issue where getLogFilter would match additional logs (#6415)

Pull Requests

v4.62.0

4.62.0

2026-06-13

Features

  • Ensure that shared dependencies between manual chunks and entry points receive a serparate chunk (#6374)

Pull Requests

... (truncated)

Changelog

Sourced from @​rollup/rollup-linux-x64-gnu's changelog.

4.62.2

2026-06-19

Bug Fixes

  • Do not add spurious side-effect-free external imports to chunks when using minChunkSize (#6411)

Pull Requests

4.62.1

2026-06-19

Bug Fixes

  • Preserve multipart file extensions when deconflicting output chunks (#6408)
  • Fix an issue where getLogFilter would match additional logs (#6415)

Pull Requests

4.62.0

2026-06-13

Features

  • Ensure that shared dependencies between manual chunks and entry points receive a serparate chunk (#6374)

Pull Requests

... (truncated)

Commits
  • 8faa187 4.62.2
  • a38a795 refactor(rust/parser_ast): extract property AstConverter write buffer kind lo...
  • 6cc5c31 Skip side-effect-free external imports when hoisting is disabled (#6411)
  • caacf70 4.62.1
  • d1e8297 Add missing ignore
  • 1ba1fc2 fix: insert conflict numbers before first extension in multi-extension filena...
  • 532bd0a Use import attributes for importing JSON (#6393)
  • 2cd8194 fix: advance value past wildcard prefix before suffix check in getLogFilter (...
  • dfac590 fix(deps): update minor/patch updates (#6418)
  • 1d6db3d chore(deps): update dependency eslint-plugin-unicorn to v66 (#6419)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​rollup/rollup-linux-x64-gnu since your current version.


@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jul 1, 2026

@hasparus hasparus left a comment

Copy link
Copy Markdown
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CI is green on all functional checks (lint, typecheck, build, Playwright e2e all pass) despite the rollup native binary bump. The only failing job step is Deploy Preview to Vercel (deploy.mjs: missing --token), which fails identically on every open Dependabot PR because secrets aren't available in dependabot-triggered pull_request runs — a pre-existing CI gap unrelated to this bump. Approving and merging.


Generated by Claude Code

hasparus commented Jul 1, 2026

Copy link
Copy Markdown
Owner

·@·d·ependabot r·ebase


Generated by Claude Code

Bumps [@rollup/rollup-linux-x64-gnu](https://github.com/rollup/rollup) from 4.9.5 to 4.62.2.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](rollup/rollup@v4.9.5...v4.62.2)

---
updated-dependencies:
- dependency-name: "@rollup/rollup-linux-x64-gnu"
  dependency-version: 4.62.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/rollup/rollup-linux-x64-gnu-4.62.2 branch from bc688c2 to b7af275 Compare July 1, 2026 10:12
Dependabot PRs run from the same repo (not a fork), so the deploy
step's fork-only guard let it through even though GitHub withholds
repository secrets from dependabot-actor runs. That caused
deploy.mjs to fail with 'missing --token'. Treat dependabot[bot]
runs the same as fork PRs: build/lint/typecheck/test still run,
but preview deploy and lighthouse are skipped until a maintainer
adds the 'trusted' label.

Co-Authored-By: Claude Sonnet 5 <noreply@anthropic.com>

hasparus commented Jul 2, 2026

Copy link
Copy Markdown
Owner

CI was failing on build-and-deploy with deploy.mjs: missing --token, unrelated to this dependency bump (build/lint/typecheck/test all passed). Root cause: Dependabot PRs run from a branch in this repo (not a fork), so the "fork-only" guard on the Vercel preview-deploy step let the step run — but GitHub withholds repository secrets from dependabot[bot]-authored runs, so VERCEL_TOKEN was empty.

Pushed a fix that also excludes github.actor == 'dependabot[bot]' from the "trusted" condition (matching the pattern already used for OG_IMAGE_SECRET), so build/lint/typecheck/test still run but the deploy/lighthouse steps are skipped until a maintainer labels the PR trusted. Re-running CI now.


Generated by Claude Code

@hasparus hasparus merged commit 64d9a95 into main Jul 2, 2026
3 checks passed
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/rollup/rollup-linux-x64-gnu-4.62.2 branch July 2, 2026 10:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant