⬆️ Bump svelte from 5.1.9 to 5.53.5

[dependabot]

Bumps svelte from 5.1.9 to 5.53.5.

Release notes

Sourced from svelte's releases.

svelte@5.53.5

Patch Changes

• fix: escape innerText and textContent bindings of contenteditable (0df5abcae223058ceb95491470372065fb87951d)

• fix: sanitize transformError values prior to embedding in HTML comments (0298e979371bb583855c9810db79a70a551d22b9)

svelte@5.53.4

Patch Changes

• fix: set server context after async transformError (#17799)

• fix: hydrate if blocks correctly (#17784)

• fix: handle default parameters scope leaks (#17788)

• fix: prevent flushed effects from running again (#17787)

svelte@5.53.3

Patch Changes

• fix: render :catch of #await block with correct key (#17769)

• chore: pin aria-query@5.3.1 (#17772)

• fix: make string coercion consistent to toString (#17774)

svelte@5.53.2

Patch Changes

• fix: update expressions on server deriveds (#17767)

• fix: further obfuscate node:crypto import from overzealous static analysis (#17763)

svelte@5.53.1

Patch Changes

• fix: handle shadowed function names correctly (#17753)

svelte@5.53.0

Minor Changes

• feat: allow comments in tags (#17671)

• feat: allow error boundaries to work on the server (#17672)

Patch Changes

• fix: use TrustedHTML to test for customizable support, where necessary (#17743)

... (truncated)

Changelog

Sourced from svelte's changelog.

5.53.5

Patch Changes

• fix: escape innerText and textContent bindings of contenteditable (0df5abcae223058ceb95491470372065fb87951d)

• fix: sanitize transformError values prior to embedding in HTML comments (0298e979371bb583855c9810db79a70a551d22b9)

5.53.4

Patch Changes

• fix: set server context after async transformError (#17799)

• fix: hydrate if blocks correctly (#17784)

• fix: handle default parameters scope leaks (#17788)

• fix: prevent flushed effects from running again (#17787)

5.53.3

Patch Changes

• fix: render :catch of #await block with correct key (#17769)

• chore: pin aria-query@5.3.1 (#17772)

• fix: make string coercion consistent to toString (#17774)

5.53.2

Patch Changes

• fix: update expressions on server deriveds (#17767)

• fix: further obfuscate node:crypto import from overzealous static analysis (#17763)

5.53.1

Patch Changes

• fix: handle shadowed function names correctly (#17753)

5.53.0

Minor Changes

• feat: allow comments in tags (#17671)

... (truncated)

Commits

• ed14b49 Version Packages (#17802)
• 0df5abc Merge commit from fork
• 0298e97 Merge commit from fork
• 96fd3ce Version Packages (#17786)
• 1b3e660 fix: prevent flushed effects from running again (#17787)
• 673a1ab fix: set server context after async transformError (#17799)
• 3a28979 fix: handle default parameters scope leaks (#17788)
• fcdc028 fix: hydrate if blocks correctly (#17784)
• 97f3ac5 Version Packages (#17775)
• 7deedc5 fix: render :catch of #await block with correct key (#17769)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for svelte since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

Upgrade svelte with bug fixes and new server-side features.

Changed

• ⬆️ Bump svelte from 5.1.9 to 5.53.5 in package.json

[coderabbitai]

Important

Review skipped

Review was skipped due to path filters

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

CodeRabbit blocks several paths by default. You can override this behavior by explicitly including those paths in the path filters. For example, including **/dist/** will override the default block on the dist directory, by removing the pattern from both the lists.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

Walkthrough

Updated the Svelte devDependency from version 5.1.9 to 5.53.5 in package.json. This is a patch-level version update with no changes to functional behavior or public API signatures.

Changes

Cohort / File(s)	Summary
Dependency Update package.json	Upgraded devDependency "svelte" from "^5.1.9" to "^5.53.5"

Suggested reviewers

• NatoBoram

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Gitmoji Commits	❓ Inconclusive	Unable to access git repository or commit information to verify Gitmoji convention compliance.	Provide access to the pull request commits or git repository to assess Gitmoji convention adherence.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The pull request title correctly uses the ⬆️ emoji for dependency upgrades and clearly describes the specific change: updating Svelte from version 5.1.9 to 5.53.5.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Git Flow	✅ Passed	The source branch 'dependabot/npm_and_yarn/svelte-5.53.5' uses the allowed dependabot/ prefix for user @dependabot[bot], and targets main branch per Git Flow config.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch dependabot/npm_and_yarn/svelte-5.53.5

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

package.json (1)

131-134: ⚠️ Potential issue | 🟠 Major

Update peerDependencies to reflect Svelte 5 requirement.

The devDependencies specify Svelte 5.53.5, but peerDependencies still declares "svelte": "^4.2.19". Although the current code doesn't use any Svelte 5-specific features and remains compatible with Svelte 4, this mismatch will trigger peer dependency warnings for consumers. Update the peer dependency to align with the devDependency version:

🔧 Suggested fix

 	"peerDependencies": {
 		"@sveltejs/kit": "^2.6.1",
-		"svelte": "^4.2.19"
+		"svelte": "^5.0.0"
 	},

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@package.json` around lines 131 - 134, Update the peerDependencies block in
package.json so the "svelte" entry matches the devDependency (Svelte 5) to avoid
peer warning; specifically, in the peerDependencies object change the "svelte":
"^4.2.19" entry to the appropriate Svelte 5 semver (e.g. "^5.53.5") so consumers
see a consistent required version.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Outside diff comments:
In `@package.json`:
- Around line 131-134: Update the peerDependencies block in package.json so the
"svelte" entry matches the devDependency (Svelte 5) to avoid peer warning;
specifically, in the peerDependencies object change the "svelte": "^4.2.19"
entry to the appropriate Svelte 5 semver (e.g. "^5.53.5") so consumers see a
consistent required version.

---

ℹ️ Review info

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 9e0817b and e004be6.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (1)

• package.json