Skip to content

deps(npm): bump the dev-deps group across 1 directory with 4 updates#62

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/dev-deps-60d36694b6
Open

deps(npm): bump the dev-deps group across 1 directory with 4 updates#62
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/dev-deps-60d36694b6

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 21, 2026
edited
Loading

Bumps the dev-deps group with 4 updates in the / directory: @sveltejs/kit, svelte, typescript and vite.

Updates @sveltejs/kit from 2.56.1 to 2.57.1

Release notes

Sourced from @​sveltejs/kit's releases.

@​sveltejs/kit@​2.57.1

Patch Changes

  • fix: better validation for redirect inputs (10d7b44)

  • fix: enforce BODY_SIZE_LIMIT on chunked requests (3202ed6)

  • fix: use default values as fallbacks (#15680)

  • fix: relax form typings for union types (#15687)

@​sveltejs/kit@​2.57.0

Minor Changes

  • feat: return boolean from submit to indicate submission validity for enhanced form remote functions (#15530)

Patch Changes

  • fix: use array type for select fields that accept multiple values (#15591)

  • fix: silently 404 Chrome DevTools workspaces request in dev and preview (#15656)

  • fix: config.kit.csp.directives['trusted-types'] requires 'svelte-trusted-html' (and 'sveltekit-trusted-url' when a service worker is automatically registered) if it is configured (#15323)

  • fix: avoid inlineDynamicImports ignored with codeSplitting warning when using Vite 8 (#15647)

  • fix: reimplement treeshaking non-dynamic prerendered remote functions (#15447)

Changelog

Sourced from @​sveltejs/kit's changelog.

2.57.1

Patch Changes

  • fix: better validation for redirect inputs (10d7b44)

  • fix: enforce BODY_SIZE_LIMIT on chunked requests (3202ed6)

  • fix: use default values as fallbacks (#15680)

  • fix: relax form typings for union types (#15687)

2.57.0

Minor Changes

  • feat: return boolean from submit to indicate submission validity for enhanced form remote functions (#15530)

Patch Changes

  • fix: use array type for select fields that accept multiple values (#15591)

  • fix: silently 404 Chrome DevTools workspaces request in dev and preview (#15656)

  • fix: config.kit.csp.directives['trusted-types'] requires 'svelte-trusted-html' (and 'sveltekit-trusted-url' when a service worker is automatically registered) if it is configured (#15323)

  • fix: avoid inlineDynamicImports ignored with codeSplitting warning when using Vite 8 (#15647)

  • fix: reimplement treeshaking non-dynamic prerendered remote functions (#15447)

Commits

Updates svelte from 5.55.1 to 5.55.4

Release notes

Sourced from svelte's releases.

svelte@5.55.4

Patch Changes

  • fix: never mark a child effect root as inert (#18111)

  • fix: reset context after waiting on blockers of @const expressions (#18100)

  • fix: keep flushing new eager effects (#18102)

svelte@5.55.3

Patch Changes

  • fix: ensure proper HMR updates for dynamic components (#18079)

  • fix: correctly calculate @const blockers (#18039)

  • fix: freeze deriveds once their containing effects are destroyed (#17921)

  • fix: defer error boundary rendering in forks (#18076)

  • fix: avoid false positives for reactivity loss warning (#18088)

svelte@5.55.2

Patch Changes

  • fix: invalidate @const tags based on visible references in legacy mode (#18041)

  • fix: handle parens in template expressions more robustly (#18075)

  • fix: disallow -- in idPrefix (#18038)

  • fix: correct types for ontoggle on <details> elements (#18063)

  • fix: don't override $destroy/set/on instance methods in dev mode (#18034)

  • fix: unskip branches of earlier batches after commit (#18048)

  • fix: never set derived.v inside fork (#18037)

  • fix: skip rebase logic in non-async mode (#18040)

  • fix: don't reset status of uninitialized deriveds (#18054)

Changelog

Sourced from svelte's changelog.

5.55.4

Patch Changes

  • fix: never mark a child effect root as inert (#18111)

  • fix: reset context after waiting on blockers of @const expressions (#18100)

  • fix: keep flushing new eager effects (#18102)

5.55.3

Patch Changes

  • fix: ensure proper HMR updates for dynamic components (#18079)

  • fix: correctly calculate @const blockers (#18039)

  • fix: freeze deriveds once their containing effects are destroyed (#17921)

  • fix: defer error boundary rendering in forks (#18076)

  • fix: avoid false positives for reactivity loss warning (#18088)

5.55.2

Patch Changes

  • fix: invalidate @const tags based on visible references in legacy mode (#18041)

  • fix: handle parens in template expressions more robustly (#18075)

  • fix: disallow -- in idPrefix (#18038)

  • fix: correct types for ontoggle on <details> elements (#18063)

  • fix: don't override $destroy/set/on instance methods in dev mode (#18034)

  • fix: unskip branches of earlier batches after commit (#18048)

  • fix: never set derived.v inside fork (#18037)

  • fix: skip rebase logic in non-async mode (#18040)

  • fix: don't reset status of uninitialized deriveds (#18054)

Commits

Updates typescript from 6.0.2 to 6.0.3

Release notes

Sourced from typescript's releases.

TypeScript 6.0.3

For release notes, check out the release announcement blog post.

Downloads are available on:

Commits
  • 050880c Bump version to 6.0.3 and LKG
  • eeae9dd 🤖 Pick PR #63401 (Also check package name validity in...) into release-6.0 (#...
  • ad1c695 🤖 Pick PR #63368 (Harden ATA package name filtering) into release-6.0 (#63372)
  • 0725fb4 🤖 Pick PR #63310 (Mark class property initializers as...) into release-6.0 (#...
  • See full diff in compare view

Updates vite from 8.0.5 to 8.0.9

Release notes

Sourced from vite's releases.

v8.0.9

Please refer to CHANGELOG.md for details.

v8.0.8

Please refer to CHANGELOG.md for details.

v8.0.7

Please refer to CHANGELOG.md for details.

v8.0.6

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

8.0.9 (2026-04-20)

Features

Bug Fixes

  • allow binding when strictPort is set but wildcard port is in use (#22150) (dfc8aa5)
  • build: emptyOutDir should happen for watch rebuilds (#22207) (ee52267)
  • bundled-dev: reject requests to HMR patch files in non potentially trustworthy origins (#22269) (868f141)
  • css: use unique key for cssEntriesMap to prevent same-basename collision (#22039) (374bb5d)
  • deps: update all non-major dependencies (#22219) (4cd0d67)
  • deps: update all non-major dependencies (#22268) (c28e9c1)
  • detect Deno workspace root (fix #22237) (#22238) (1b793c0)
  • dev: handle errors in watchChange hook (#22188) (fc08bda)
  • optimizer: handle more chars that will be sanitized (#22208) (3f24533)
  • skip fallback sourcemap generation for ?raw imports (#22148) (3ec9cda)

Documentation

Miscellaneous Chores

  • deps: update dependency dotenv-expand to v13 (#22271) (0a3887d)

8.0.8 (2026-04-09)

Features

Bug Fixes

  • avoid dns.getDefaultResultOrder temporary (#22202) (15f1c15)
  • ssr: class property keys hoisting matching imports (#22199) (e137601)

8.0.7 (2026-04-07)

Bug Fixes

  • use sync dns.getDefaultResultOrder instead of dns.promises (#22185) (5c05b04)

8.0.6 (2026-04-07)

Features

Bug Fixes

... (truncated)

Commits
  • ce729f5 release: v8.0.9
  • 605bb97 docs: update build CLI defaults (#22261)
  • c28e9c1 fix(deps): update all non-major dependencies (#22268)
  • 0a3887d chore(deps): update dependency dotenv-expand to v13 (#22271)
  • 868f141 fix(bundled-dev): reject requests to HMR patch files in non potentially trust...
  • 3ec9cda fix: skip fallback sourcemap generation for ?raw imports (#22148)
  • 3f24533 fix(optimizer): handle more chars that will be sanitized (#22208)
  • 1b793c0 fix: detect Deno workspace root (fix #22237) (#22238)
  • fc08bda fix(dev): handle errors in watchChange hook (#22188)
  • 374bb5d fix(css): use unique key for cssEntriesMap to prevent same-basename collision...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Apr 21, 2026
@dependabot
deps(npm): bump the dev-deps group across 1 directory with 4 updates
385a6b2 
Bumps the dev-deps group with 4 updates in the / directory: [@sveltejs/kit](https://github.com/sveltejs/kit/tree/HEAD/packages/kit), [svelte](https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte), [typescript](https://github.com/microsoft/TypeScript) and [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite).


Updates `@sveltejs/kit` from 2.56.1 to 2.57.1
- [Release notes](https://github.com/sveltejs/kit/releases)
- [Changelog](https://github.com/sveltejs/kit/blob/main/packages/kit/CHANGELOG.md)
- [Commits](https://github.com/sveltejs/kit/commits/@sveltejs/kit@2.57.1/packages/kit)

Updates `svelte` from 5.55.1 to 5.55.4
- [Release notes](https://github.com/sveltejs/svelte/releases)
- [Changelog](https://github.com/sveltejs/svelte/blob/main/packages/svelte/CHANGELOG.md)
- [Commits](https://github.com/sveltejs/svelte/commits/svelte@5.55.4/packages/svelte)

Updates `typescript` from 6.0.2 to 6.0.3
- [Release notes](https://github.com/microsoft/TypeScript/releases)
- [Commits](microsoft/TypeScript@v6.0.2...v6.0.3)

Updates `vite` from 8.0.5 to 8.0.9
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v8.0.9/packages/vite)

---
updated-dependencies:
- dependency-name: "@sveltejs/kit"
  dependency-version: 2.57.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dev-deps
- dependency-name: svelte
  dependency-version: 5.55.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev-deps
- dependency-name: typescript
  dependency-version: 6.0.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev-deps
- dependency-name: vite
  dependency-version: 8.0.9
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/dev-deps-60d36694b6 branch from 2c95b41 to 385a6b2 Compare April 23, 2026 17:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants