Bump vite and @nx/next

[dependabot]

Bumps vite to 7.3.5 and updates ancestor dependency @nx/next. These dependencies need to be updated together.

Updates vite from 7.3.2 to 7.3.5

Release notes

Sourced from vite's releases.

v7.3.5

Please refer to CHANGELOG.md for details.

v7.3.3

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

7.3.5 (2026-06-01)

Bug Fixes

• backport #22572, reject windows alternate paths (#22574) (8c18556)
• deps: backport #22571, reject UNC paths for launch-editor-middleware (#22573) (f20d64b)

Miscellaneous Chores

• skip v7.3.4 release (8a6a0c9)

7.3.4 (2026-06-01)

Bug Fixes

• backport #22572, reject windows alternate paths (#22574) (8c18556)
• deps: backport #22571, reject UNC paths for launch-editor-middleware (#22573) (f20d64b)

7.3.3 (2026-05-07)

Bug Fixes

• avoid destructure lowering for newer safari (#22346) (5ab51c0)

Commits

• 077945c release: v7.3.5
• 8a6a0c9 chore: skip v7.3.4 release
• 8c18556 fix: backport #22572, reject windows alternate paths (#22574)
• f20d64b fix(deps): backport #22571, reject UNC paths for launch-editor-middleware (#2...
• ca31424 release: v7.3.3
• 5ab51c0 fix: avoid destructure lowering for newer safari (#22346)
• See full diff in compare view

Updates @nx/next from 22.5.3 to 22.7.5

Release notes

Sourced from @​nx/next's releases.

22.7.5 (2026-05-27)

🩹 Fixes

• core: update tmp to 0.2.6 due to CVE-2026-44705 (#35813)

❤️ Thank You

• Jack Hsu @​jaysoo

22.7.4 (2026-05-25)

🩹 Fixes

• core: update brace-expansion and yaml (#35790)

❤️ Thank You

• Jack Hsu @​jaysoo

22.7.3 (2026-05-22)

🚀 Features

• js: support pnpm 11.2.2 (#35772)

🩹 Fixes

• angular: only add @​oxc-project/runtime on the vitest-analog path (#35734)
• angular-rspack: exclude eslint config from tailwind v4 source scan (#35663)
• core: warn before installing unknown npm packages as preset (#35644)
• core: preserve input order in createNodes plugin results (#35595)
• core: resolve local plugin subpath imports from source (#35631)
• core: treat undefined task parallelism as parallel when scheduling (#35736)
• core: handle object form of bin field in getPrettierPath (#35680)
• core: detect vscode copilot ai agent (#35757)
• core: allow local plugin subpath imports without custom conditions (#35751, #35631)
• dotnet: include Directory.. files in inputs (#35738)
• gradle: add transitive:true to all tasks (#35677)
• gradle: pin generated e2e project toolchain to installed JDK (#35703)
• js: fall back to npm publish when bun publish fails with auth error (#35756)
• linter: improve convert-to-flat-config output fidelity (#35330)
• linter: only rewrite workspace-package peer deps to workspace:* (#35423, #35318, #33417)
• misc: stop inferring projects: 'self' in dependsOn entries (#35686)
• misc: skip $ escaping in file paths on windows (#35692)
• repo: run dotnet restore before publish (#35771)
• repo: run dotnet restore before macos e2e job (#35774)
• rsbuild: infer build outputs from distPath.root directly (#35707)
• rsbuild: lazy-require @​rsbuild/core in plugin so spec mocks work after jest.resetModules (#35707)
• testing: correct yargs-parser import in getJestProjectsAsync (#35672, #35654)

... (truncated)

Commits

• d84f424 fix(devkit): expand @​nx/devkit/internal re-exports for cherry-picked v23 deep...
• ac81879 fix(repo): revert deep-import rewrites that targeted v23-only @​nx/devkit/inte...
• fd783ac chore(repo): update nx to 23.0.0-beta.9 (#35627)
• 37fb080 chore(linter): bump ignore from ^5.0.4 to ^7.0.5 (#35508)
• cdca177 chore(repo): declare lazy-loaded packages as implicit deps (#35392)
• 83d98f7 fix(nextjs): use cached project graph in withNx (#35475)
• 7b42332 fix(nextjs): add semver to required packages in update-package-json (#35384)
• 4bbd4b1 chore(repo): migrate nx repo to eslint v9 flat config (#35359)
• e6e2f4b fix(nextjs): align nx-dev build inputs and update plugin defaults (#35238)
• dc479c5 fix(js): stop generating baseUrl in tsconfig, use ./ prefix for path mappings...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.