fix: update Vite dependency in Vite templates

[unstephenk]

• I have read the contribution documentation for this project.
• I agree to follow the code of conduct that this project follows, as appropriate.
• The changes are appropriately documented (if applicable).
• The changes have sufficient test coverage (if applicable).
• The testsuite passes successfully on my local machine (if applicable).

Summarize your changes:

Updated the Vite dependency used by the Electron Forge Vite templates.

The existing templates generate projects with an older Vite/esbuild dependency chain. In some corporate environments, older esbuild versions are blocked by security scanners such as JFrog Xray. Updating the template dependency allows newly generated Electron Forge Vite apps to resolve to a newer esbuild version.

This updates:

• packages/template/vite/tmpl/package.json
• packages/template/vite-typescript/tmpl/package.json

Validation:

Validated locally by generating a new Electron Forge Vite TypeScript app from the updated template and confirming that the app installs and runs successfully.

Commands used:

npm ls vite
npm ls esbuild
npm start

[unstephenk]

I intentionally used Vite ^6.4.2 instead of jumping to Vite 7/8 because Vite 6 keeps broader Node compatibility while moving the esbuild dependency to a newer line.

[unstephenk]

Just checking in to see if there is anything else I can provide to make this easier to review.

I’m happy to adjust the target Vite version if the maintainers prefer a different minimum. I chose Vite ^6.4.2 as a low-risk update because it moves the generated templates onto a newer esbuild dependency line without jumping all the way to Vite 7/8.

Thanks!

[MarshallOfSound]

We actually don't permit external contributors to update dependencies or touch lock files

In this case I believe we've already updated vite quite substantially on the next branch and you can use that in the v8 alpha releases

[unstephenk]

Thanks for the clarification. I understand the policy around external contributors not updating dependencies or touching lock files.

Since our generated Electron Forge Vite apps are used in a production environment, I want to make sure we choose the safest path forward.

I see that the next branch / v8 alpha templates already use Vite ^8.0.0, and create-electron-app is currently published under the v8 alpha line. Do you have an expected path or rough timeline for those changes to land in main / the stable latest release?

If there is not a timeline yet, would you recommend that production users:

1. use create-electron-app@alpha,
2. continue using create-electron-app@latest and override the generated Vite dependency internally, or
3. wait for the stable v8 release?

Happy to close this PR if the dependency update is already covered by the v8 work on next.