Skip to content
This repository was archived by the owner on Mar 14, 2026. It is now read-only.

⬆️ Bump @sveltejs/kit from 2.20.6 to 2.53.3#335

Open
dependabot[bot] wants to merge 2 commits into
mainfrom
dependabot/npm_and_yarn/sveltejs/kit-2.53.3
Open

⬆️ Bump @sveltejs/kit from 2.20.6 to 2.53.3#335
dependabot[bot] wants to merge 2 commits into
mainfrom
dependabot/npm_and_yarn/sveltejs/kit-2.53.3

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Feb 28, 2026

Copy link
Copy Markdown
Contributor

Bumps @sveltejs/kit from 2.20.6 to 2.53.3.

Release notes

Sourced from @​sveltejs/kit's releases.

@​sveltejs/kit@​2.53.3

Patch Changes

  • fix: prevent overlapping file metadata in remote functions form (faba869)

@​sveltejs/kit@​2.53.2

Patch Changes

  • fix: server-render nested form value sets (#15378)

  • fix: use deep partial types for form remote functions .value() and .set(...) (#14837)

  • fix: provide correct url info to remote functions (#15418)

  • fix: allow optional types for remote query/command/prerender functions (#15293)

  • fix: allow commands in more places (#15288)

@​sveltejs/kit@​2.53.1

Patch Changes

  • fix: address warning about inlineDynamicImports when using Vite 8 (#15403)

@​sveltejs/kit@​2.53.0

Minor Changes

  • feat: support Vite 8 (#15024)

Patch Changes

  • fix: remove event listeners on form attachment cleanup (#15286)

  • fix: apply queries refreshed in a form remote function when a redirect is thrown (#15362)

@​sveltejs/kit@​2.52.2

Patch Changes

  • fix: validate form file information to prevent amplification attacks (3e607b3)

  • chore: upgrade devalue and svelte (#15339)

  • fix: parse file offset table more strictly (f47c01b)

... (truncated)

Changelog

Sourced from @​sveltejs/kit's changelog.

2.53.3

Patch Changes

  • fix: prevent overlapping file metadata in remote functions form (faba869)

2.53.2

Patch Changes

  • fix: server-render nested form value sets (#15378)

  • fix: use deep partial types for form remote functions .value() and .set(...) (#14837)

  • fix: provide correct url info to remote functions (#15418)

  • fix: allow optional types for remote query/command/prerender functions (#15293)

  • fix: allow commands in more places (#15288)

2.53.1

Patch Changes

  • fix: address warning about inlineDynamicImports when using Vite 8 (#15403)

2.53.0

Minor Changes

  • feat: support Vite 8 (#15024)

Patch Changes

  • fix: remove event listeners on form attachment cleanup (#15286)

  • fix: apply queries refreshed in a form remote function when a redirect is thrown (#15362)

2.52.2

Patch Changes

  • fix: validate form file information to prevent amplification attacks (3e607b3)

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​sveltejs/kit since your current version.


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
⬆️ Bump @sveltejs/kit from 2.20.6 to 2.53.3
0d6ad81 
Bumps [@sveltejs/kit](https://github.com/sveltejs/kit/tree/HEAD/packages/kit) from 2.20.6 to 2.53.3.
- [Release notes](https://github.com/sveltejs/kit/releases)
- [Changelog](https://github.com/sveltejs/kit/blob/main/packages/kit/CHANGELOG.md)
- [Commits](https://github.com/sveltejs/kit/commits/@sveltejs/kit@2.53.3/packages/kit)

---
updated-dependencies:
- dependency-name: "@sveltejs/kit"
  dependency-version: 2.53.3
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Feb 28, 2026
@dependabot dependabot Bot requested a review from NatoBoram as a code owner February 28, 2026 03:39
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Feb 28, 2026
@dependabot dependabot Bot added the javascript Pull requests that update Javascript code label Feb 28, 2026
@dependabot dependabot Bot mentioned this pull request Feb 28, 2026
Closed
@coderabbitai

coderabbitai Bot commented Feb 28, 2026
edited
Loading

Copy link
Copy Markdown

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 9e0817b and 43c6d4d.

⛔ Files ignored due to path filters (1)
  • pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml
📒 Files selected for processing (1)
  • package.json

Walkthrough

Updated the @sveltejs/kit devDependency from version ^2.20.6 to ^2.53.3 in package.json. This represents a version bump with no other functional changes to the codebase.

Changes

Cohort / File(s) Summary
Dependency Update
package.json		 Updated @sveltejs/kit devDependency from ^2.20.6 to ^2.53.3.

Possibly related PRs

Suggested reviewers

  • NatoBoram
🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The pull request title correctly uses the ⬆️ emoji indicating dependency upgrade and clearly describes the specific version bump of @sveltejs/kit.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Gitmoji Commits ✅ Passed Both commits in PR #335 use valid Gitmoji emojis: ⬆️ for dependency upgrade and 📌 for pinning dependencies.
Git Flow ✅ Passed Branch dependabot/npm_and_yarn/sveltejs/kit-2.53.3 with user dependabot[bot] matches the exception clause allowing dependabot/ branches for this specific user.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch dependabot/npm_and_yarn/sveltejs/kit-2.53.3

Comment @coderabbitai help to get the list of available commands and usage tips.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@NatoBoram NatoBoram Awaiting requested review from NatoBoram NatoBoram is a code owner

1 more reviewer

@coderabbitai coderabbitai[bot] coderabbitai[bot] approved these changes

Reviewers whose approvals may not affect merge requirements

At least 0 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

Leanish
Status: No status

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants