chore(deps): bump the npm_and_yarn group across 5 directories with 8 updates by dependabot[bot] · Pull Request #37 · NethermindEth/preconf-taiko-mono

dependabot · 2026-02-28T03:52:29Z

Bumps the npm_and_yarn group with 6 updates in the /packages/bridge-ui directory:

Package	From	To
axios	`1.6.8`	`1.13.5`
@sveltejs/kit	`2.5.22`	`2.53.3`
ajv	`8.13.0`	`8.18.0`
svelte	`4.2.15`	`5.53.5`
vite	`4.5.3`	`5.4.21`
vitest	`1.6.0`	`1.6.1`

Bumps the npm_and_yarn group with 1 update in the /packages/docs-site directory: astro.
Bumps the npm_and_yarn group with 4 updates in the /packages/snaefell-ui directory: @sveltejs/kit, svelte, vite and vitest.
Bumps the npm_and_yarn group with 4 updates in the /packages/taikoon-ui directory: @sveltejs/kit, svelte, vite and vitest.
Bumps the npm_and_yarn group with 5 updates in the /packages/ui-lib directory:

Package	From	To
@sveltejs/kit	`2.5.22`	`2.53.3`
svelte	`4.2.15`	`5.53.5`
vite	`4.5.3`	`5.4.21`
vitest	`1.6.0`	`1.6.1`
storybook	`8.2.7`	`8.6.17`

Updates axios from 1.6.8 to 1.13.5

Release notes

Sourced from axios's releases.

v1.13.5

Release 1.13.5

Highlights

Security: Fixed a potential Denial of Service issue involving the __proto__ key in mergeConfig. (PR #7369)

Bug fix: Resolved an issue where AxiosError could be missing the status field on and after v1.13.3. (PR #7368)

Changes

Security

Fix Denial of Service via __proto__ key in mergeConfig. (PR #7369)

Fixes

Fix/5657. (PR #7313)

Ensure status is present in AxiosError on and after v1.13.3. (PR #7368)

Features / Improvements

Add input validation to isAbsoluteURL. (PR #7326)

Refactor: bump minor package versions. (PR #7356)

Documentation

Clarify object-check comment. (PR #7323)

Fix deprecated Buffer constructor usage and README formatting. (PR #7371)

CI / Maintenance

Chore: fix issues with YAML. (PR #7355)

CI: update workflow YAMLs. (PR #7372)

CI: fix run condition. (PR #7373)

Dev deps: bump karma-sourcemap-loader from 0.3.8 to 0.4.0. (PR #7360)

Chore(release): prepare release 1.13.5. (PR #7379)

New Contributors

@sachin11063 (first contribution — PR #7323)

@asmitha-16 (first contribution — PR #7326)

Full Changelog: axios/axios@v1.13.4...v1.13.5

v1.13.4

Overview

The release addresses issues discovered in v1.13.3 and includes significant CI/CD improvements.

Full Changelog: v1.13.3...v1.13.4

What's New in v1.13.4

Bug Fixes

fix: issues with version 1.13.3 (#7352) (ee90dfc)

Fixed issues discovered in v1.13.3 release

... (truncated)

Changelog

Sourced from axios's changelog.

Changelog

1.13.3 (2026-01-20)

Bug Fixes

http2: Use port 443 for HTTPS connections by default. (#7256) (d7e6065)

interceptor: handle the error in the same interceptor (#6269) (5945e40)

main field in package.json should correspond to cjs artifacts (#5756) (7373fbf)

package.json: add 'bun' package.json 'exports' condition. Load the Node.js build in Bun instead of the browser build (#5754) (b89217e)

silentJSONParsing=false should throw on invalid JSON (#7253) (#7257) (7d19335)

turn AxiosError into a native error (#5394) (#5558) (1c6a86d)

types: add handlers to AxiosInterceptorManager interface (#5551) (8d1271b)

types: restore AxiosError.cause type from unknown to Error (#7327) (d8233d9)

unclear error message is thrown when specifying an empty proxy authorization (#6314) (6ef867e)

Features

add undefined as a value in AxiosRequestConfig (#5560) (095033c)

add automatic minor and patch upgrades to dependabot (#6053) (65a7584)

add Node.js coverage script using c8 (closes #7289) (#7294) (ec9d94e)

added copilot instructions (3f83143)

compatibility with frozen prototypes (#6265) (860e033)

enhance pipeFileToResponse with error handling (#7169) (88d7884)

types: Intellisense for string literals in a widened union (#6134) (f73474d), closes microsoft/TypeScript#33471

Reverts

Revert "fix: silentJSONParsing=false should throw on invalid JSON (#7253) (#7…" (#7298) (a4230f5), closes #7253 #7 #7298

deps: bump peter-evans/create-pull-request from 7 to 8 in the github-actions group (#7334) (2d6ad5e)

Contributors to this release

Ashvin Tiwari

Nikunj Mochi

Anchal Singh

jasonsaayman

Julian Dax

Akash Dhar Dubey

Madhumita

Tackoil

Justin Dhillon

Rudransh

WuMingDao

codenomnom

Nandan Acharya

Eric Dubé

Tibor Pilz

Gabriel Quaresma

Turadg Aleahmad

... (truncated)

Commits

29f7542 chore(release): prepare release 1.13.5 (#7379)
431c3a3 ci: fix run condition (#7373)
9ff3a78 ci: update ymls (#7372)
265b712 docs: fix deprecated Buffer constructor and formatting issues in README (#7371)
475e75a feat: add input validation to isAbsoluteURL (#7326)
28c7215 fix: Denial of Service via proto Key in mergeConfig (#7369)
04cf019 docs: clarify object check comment (#7323)
696fa75 fix: status is missing in AxiosError on and after v1.13.3 (#7368)
569f028 fix: added a option to choose between legacy and the new request/response int...
44b7c9f chore(deps-dev): bump karma-sourcemap-loader (#7360)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for axios since your current version.

Updates @sveltejs/kit from 2.5.22 to 2.53.3

Release notes

Sourced from @sveltejs/kit's releases.

@sveltejs/kit@2.53.3

Patch Changes

fix: prevent overlapping file metadata in remote functions form (faba869)

@sveltejs/kit@2.53.2

Patch Changes

fix: server-render nested form value sets (#15378)

fix: use deep partial types for form remote functions .value() and .set(...) (#14837)

fix: provide correct url info to remote functions (#15418)

fix: allow optional types for remote query/command/prerender functions (#15293)

fix: allow commands in more places (#15288)

@sveltejs/kit@2.53.1

Patch Changes

fix: address warning about inlineDynamicImports when using Vite 8 (#15403)

@sveltejs/kit@2.53.0

Minor Changes

feat: support Vite 8 (#15024)

Patch Changes

fix: remove event listeners on form attachment cleanup (#15286)

fix: apply queries refreshed in a form remote function when a redirect is thrown (#15362)

@sveltejs/kit@2.52.2

Patch Changes

fix: validate form file information to prevent amplification attacks (3e607b3)

chore: upgrade devalue and svelte (#15339)

fix: parse file offset table more strictly (f47c01b)

... (truncated)

Changelog

Sourced from @sveltejs/kit's changelog.

2.53.3

Patch Changes

fix: prevent overlapping file metadata in remote functions form (faba869)

2.53.2

Patch Changes

fix: server-render nested form value sets (#15378)

fix: use deep partial types for form remote functions .value() and .set(...) (#14837)

fix: provide correct url info to remote functions (#15418)

fix: allow optional types for remote query/command/prerender functions (#15293)

fix: allow commands in more places (#15288)

2.53.1

Patch Changes

fix: address warning about inlineDynamicImports when using Vite 8 (#15403)

2.53.0

Minor Changes

feat: support Vite 8 (#15024)

Patch Changes

fix: remove event listeners on form attachment cleanup (#15286)

fix: apply queries refreshed in a form remote function when a redirect is thrown (#15362)

2.52.2

Patch Changes

fix: validate form file information to prevent amplification attacks (3e607b3)

... (truncated)

Commits

66d88c9 Version Packages (#15440)
faba869 Merge commit from fork
708fc4b chore(deps): bump rollup to 4.59.0 (#15433)
98496fa Version Packages (#15416)
8c5048b fix: provide correct url info to remote functions (#15418)
ce4b57c fix: allow commands in more places (#15288)
7277edb chore: fix CI lint (#15417)
64f484f fix: deep partial .value() and .set(...) types for forms (#14837)
d28d372 fix: allow optional types for remote query/command/prerender functions (#15293)
244838c fix: server-render nested form value sets (#15378)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @sveltejs/kit since your current version.

Updates ajv from 8.13.0 to 8.18.0

Release notes

Sourced from ajv's releases.

v8.18.0

What's Changed

feat: allow tree-shaking by adding "sideEffects": false to package.json by @josdejong in ajv-validator/ajv#2480

fix: #2482 Infinity and NaN serialise to null by @jasoniangreen in ajv-validator/ajv#2487

fix: small grammatical error in managing-schemas.md by @monteiro-renato in ajv-validator/ajv#2508

fix: typos in schema-language.md by @monteiro-renato in ajv-validator/ajv#2507

fix(pattern): use configured RegExp engine with $data keyword to mitigate ReDoS attacks (CVE-2025-69873) by @epoberezkin in ajv-validator/ajv#2586

New Contributors

@josdejong made their first contribution in ajv-validator/ajv#2480

@monteiro-renato made their first contribution in ajv-validator/ajv#2508

Full Changelog: ajv-validator/ajv@v8.17.1...v8.18.0

v8.17.1

What's Changed

bump version to 8.17.1 by @jasoniangreen in ajv-validator/ajv#2472

Full Changelog: ajv-validator/ajv@v8.17.0...v8.17.1

Plus everything in 8.17.0 which failed to release

The only functional change is to switch from uri-js (which is no longer supported), to fast-uri. This is the second attempt and the team on fast-uri have been really helpful addressing the issues we found last time.

Revert "Revert fast-uri change (ajv-validator/ajv#2444)" by @gurgunday in ajv-validator/ajv#2448 fix: ignore new eslint error for @typescript-eslint/no-extraneous-class by @jasoniangreen in ajv-validator/ajv#2455 docs: clarify behaviour of addVocabulary by @jasoniangreen in ajv-validator/ajv#2454 docs: refactor to improve legibility by @blottn in ajv-validator/ajv#2432 Fix grammatical typo in managing-schemas.md by @wetneb in ajv-validator/ajv#2305 docs: Fix broken strict-mode link by @alexanderjsx in ajv-validator/ajv#2459 feat: add test for encoded refs and bump fast-uri by @jasoniangreen in ajv-validator/ajv#2449 fix: changes for @typescript-eslint/array-type rule by @jasoniangreen in ajv-validator/ajv#2467 fixes ajv-validator/ajv#2217 - clarify custom keyword naming by @jasoniangreen in ajv-validator/ajv#2457

v8.17.0

What's Changed

The only functional change is to switch from uri-js (which is no longer supported), to fast-uri. This is the second attempt and the team on fast-uri have been really helpful addressing the issues we found last time.

Revert "Revert fast-uri change (#2444)" by @gurgunday in ajv-validator/ajv#2448

fix: ignore new eslint error for @typescript-eslint/no-extraneous-class by @jasoniangreen in ajv-validator/ajv#2455

docs: clarify behaviour of addVocabulary by @jasoniangreen in ajv-validator/ajv#2454

docs: refactor to improve legibility by @blottn in ajv-validator/ajv#2432

Fix grammatical typo in managing-schemas.md by @wetneb in ajv-validator/ajv#2305

docs: Fix broken strict-mode link by @alexanderjsx in ajv-validator/ajv#2459

feat: add test for encoded refs and bump fast-uri by @jasoniangreen in ajv-validator/ajv#2449

fix: changes for @typescript-eslint/array-type rule by @jasoniangreen in ajv-validator/ajv#2467

fixes #2217 - clarify custom keyword naming by @jasoniangreen in ajv-validator/ajv#2457

... (truncated)

Commits

142ce84 8.18.0
720a23f fix(pattern): use configured RegExp engine with $data keyword to mitigate ReD...
82735a1 fix: typos in schema-language.md (#2507)
b17ec32 fix: small grammatical error in managing-schemas.md (#2508)
69568d0 fix: #2482 Infinity and NaN serialise to null (#2487)
f06766f feat: allow tree-shaking by adding ``"sideEffects": falsetopackage.json` ...
9050ba1 bump version to 8.17.1 (#2472)
f7831b4 fixes #2217 - clarify custom keyword naming (#2457)
a523784 fix: changes for @typescript-eslint/array-type rule (#2467)
595fe58 feat: add test for encoded refs and bump fast-uri (#2449)
Additional commits viewable in compare view

Updates svelte from 4.2.15 to 5.53.5

Release notes

Sourced from svelte's releases.

svelte@5.53.5

Patch Changes

fix: escape innerText and textContent bindings of contenteditable (0df5abcae223058ceb95491470372065fb87951d)

fix: sanitize transformError values prior to embedding in HTML comments (0298e979371bb583855c9810db79a70a551d22b9)

svelte@5.53.4

Patch Changes

fix: set server context after async transformError (#17799)

fix: hydrate if blocks correctly (#17784)

fix: handle default parameters scope leaks (#17788)

fix: prevent flushed effects from running again (#17787)

svelte@5.53.3

Patch Changes

fix: render :catch of #await block with correct key (#17769)

chore: pin aria-query@5.3.1 (#17772)

fix: make string coercion consistent to toString (#17774)

svelte@5.53.2

Patch Changes

fix: update expressions on server deriveds (#17767)

fix: further obfuscate node:crypto import from overzealous static analysis (#17763)

svelte@5.53.1

Patch Changes

fix: handle shadowed function names correctly (#17753)

svelte@5.53.0

Minor Changes

feat: allow comments in tags (#17671)

feat: allow error boundaries to work on the server (#17672)

Patch Changes

fix: use TrustedHTML to test for customizable support, where necessary (#17743)

... (truncated)

Changelog

Sourced from svelte's changelog.

5.53.5

Patch Changes

fix: escape innerText and textContent bindings of contenteditable (0df5abcae223058ceb95491470372065fb87951d)

fix: sanitize transformError values prior to embedding in HTML comments (0298e979371bb583855c9810db79a70a551d22b9)

5.53.4

Patch Changes

fix: set server context after async transformError (#17799)

fix: hydrate if blocks correctly (#17784)

fix: handle default parameters scope leaks (#17788)

fix: prevent flushed effects from running again (#17787)

5.53.3

Patch Changes

fix: render :catch of #await block with correct key (#17769)

chore: pin aria-query@5.3.1 (#17772)

fix: make string coercion consistent to toString (#17774)

5.53.2

Patch Changes

fix: update expressions on server deriveds (#17767)

fix: further obfuscate node:crypto import from overzealous static analysis (#17763)

5.53.1

Patch Changes

fix: handle shadowed function names correctly (#17753)

5.53.0

Minor Changes

feat: allow comments in tags (#17671)

... (truncated)

Commits

ed14b49 Version Packages (#17802)
0df5abc Merge commit from fork
0298e97 Merge commit from fork
96fd3ce Version Packages (#17786)
1b3e660 fix: prevent flushed effects from running again (#17787)
673a1ab fix: set server context after async transformError (#17799)
3a28979 fix: handle default parameters scope leaks (#17788)
fcdc028 fix: hydrate if blocks correctly (#17784)
97f3ac5 Version Packages (#17775)
7deedc5 fix: render :catch of #await block with correct key (#17769)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for svelte since your current version.

Updates vite from 4.5.3 to 5.4.21

Release notes

Sourced from vite's releases.

v5.4.21

Please refer to CHANGELOG.md for details.

v5.4.20

Please refer to CHANGELOG.md for details.

v5.4.19

Please refer to CHANGELOG.md for details.

v4.5.14

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

5.4.21 (2025-10-20)

fix(dev): trim trailing slash before server.fs.deny check (#20968) (#20970) (cad1d31), closes #20968 #20970

chore: update CHANGELOG (ca88ed7)

5.4.20 (2025-09-08)

fix: apply fs.strict check to HTML files (#20736) (482000f), closes #20736

fix: port sirv@3.0.2 changes to sirv@2.0.4 (#20737) (4f1c35b), closes #20737

5.4.19 (2025-04-30)

fix: backport #19965, check static serve file inside sirv (#19966) (766947e), closes #19965 #19966

5.4.18 (2025-04-10)

fix: backport #19830, reject requests with # in request-target (#19831) (823675b), closes #19830 #19831

5.4.17 (2025-04-03)

fix: backport #19782, fs check with svg and relative paths (#19784) (84b2b46), closes #19782 #19784

5.4.16 (2025-03-31)

fix: backport #19761, fs check in transform middleware (#19762) (b627c50), closes #19761 #19762

5.4.15 (2025-03-24)

fix: backport #19702, fs raw query with query separators (#19703) (807d7f0), closes #19702 #19703

5.4.14 (2025-01-21)

fix: preview.allowedHosts with specific values was not respected (#19246) (9df6e6b), closes #19246

fix: allow CORS from loopback addresses by default (#19249) (7d1699c), closes #19249

... (truncated)

Commits

adce3c2 release: v5.4.21
cad1d31 fix(dev): trim trailing slash before server.fs.deny check (#20968) (#20970)
ca88ed7 chore: update CHANGELOG
997700f release: v5.4.20
482000f fix: apply fs.strict check to HTML files (#20736)
80a333a release: v5.4.19
766947e fix: backport #19965, check static serve file inside sirv (#19966)
731b77d release: v5.4.18
823675b fix: backport #19830, reject requests with # in request-target (#19831)
0a2518a release: v5.4.17
Additional commits viewable in compare view

Updates vitest from 1.6.0 to 1.6.1

Release notes

Sourced from vitest's releases.

v1.6.1

This release includes security patches for:

Remote Code Execution when accessing a malicious website while Vitest API server is listening | CVE-2025-24964

🐞 Bug Fixes

backport vitest-dev/vitest#7317 to v1 - by @hi-ogawa in vitest-dev/vitest#7319

View changes on GitHub

Commits

017e1ee chore: release v1.6.1
7ce9fbb fix: backport #7317 to v1 (#7319)
See full diff in compare view

Updates astro from 4.13.1 to 5.15.9

Changelog

Sourced from astro's changelog.

4.16.16

Patch Changes

#12542 65e50eb Thanks @kadykov! - Fix JPEG image size determination

#12525 cf0d8b0 Thanks @ematipico! - Fixes an issue where with i18n enabled, Astro couldn't render the 404.astro component for non-existent routes.

4.16.15

Patch Changes

#12498 b140a3f Thanks @ematipico! - Fixes a regression where Astro was trying to access Request.headers

4.16.14

Patch Changes

#12480 c3b7e7c Thanks @matthewp! - Removes the default throw behavior in astro:env

#12444 28dd3ce Thanks @ematipico! - Fixes an issue where a server island hydration script might fail case the island ID misses from the DOM.

#12476 80a9a52 Thanks @florian-lefebvre! - Fixes a case where the Content Layer glob() loader would not update when renaming or deleting an entry

#12418 25baa4e Thanks @oliverlynch! - Fix cached image redownloading if it is the first asset

#12477 46f6b38 Thanks @ematipico! - Fixes an issue where the SSR build was emitting the dist/server/entry.mjs file with an incorrect import at the top of the file/

#12365 a23985b Thanks @apatel369! - Fixes an issue where Astro.currentLocale was not correctly returning the locale for 404 and 500 pages.

4.16.13

Patch Changes

#12436 453ec6b Thanks @martrapp! - Fixes a potential null access in the clientside router

#12392 0462219 Thanks @apatel369! - Fixes an issue where scripts were not correctly injected during the build. The issue was triggered when there were injected routes with the same entrypoint and different pattern

4.16.12

Patch Changes

#12420 acac0af Thanks @ematipico! - Fixes an issue where the dev server returns a 404 status code when a user middleware returns a valid Response.

4.16.11

Patch Changes

#12305 f5f7109 Thanks @florian-lefebvre! - Fixes a case where the error overlay would not escape the message

... (truncated)

Commits

7a07f02 [ci] release (#14788)
8cf3f05 [ci] format
758a891 fix(astro): handle invalid encrypted props in server island (#14786)
3537876 fix: passthroughImageService generate webp (#14776)
048e4dc [ci] format
9e9c528 fix: require explicit authorization to use data urls (#14791)
0f75f6b Fix wildcard hostname matching to reject hostnames without dots (#14787)
504958f feat(fonts): log number of downloaded files (#14783)
24e28d2 fix(deps): update astro dependencies (#14779)
60af4d0 [ci] release (#14773)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for astro since your current version.

Updates @sveltejs/kit from 2.5.22 to 2.53.3

Release notes

Sourced from @sveltejs/kit's releases.

@sveltejs/kit@2.53.3

Patch Changes

fix: prevent overlapping file metadata in remote functions form (faba869)

@sveltejs/kit@2.53.2

Patch Changes

fix: server-render nested form value sets (#15378)

fix: use deep partial types for form remote functions .value() and .set(...) (#14837)

fix: provide correct url info to remote functions (#15418)

fix: allow optional types for remote query/command/prerender functions (#15293)

fix: allow commands in more places (#15288)

@sveltejs/kit@2.53.1

Patch Changes

fix: address warning about inlineDynamicImports when using Vite 8 (...
Description has been truncated

…updates Bumps the npm_and_yarn group with 6 updates in the /packages/bridge-ui directory: | Package | From | To | | --- | --- | --- | | [axios](https://github.com/axios/axios) | `1.6.8` | `1.13.5` | | [@sveltejs/kit](https://github.com/sveltejs/kit/tree/HEAD/packages/kit) | `2.5.22` | `2.53.3` | | [ajv](https://github.com/ajv-validator/ajv) | `8.13.0` | `8.18.0` | | [svelte](https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte) | `4.2.15` | `5.53.5` | | [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `4.5.3` | `5.4.21` | | [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `1.6.0` | `1.6.1` | Bumps the npm_and_yarn group with 1 update in the /packages/docs-site directory: [astro](https://github.com/withastro/astro/tree/HEAD/packages/astro). Bumps the npm_and_yarn group with 4 updates in the /packages/snaefell-ui directory: [@sveltejs/kit](https://github.com/sveltejs/kit/tree/HEAD/packages/kit), [svelte](https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte), [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) and [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest). Bumps the npm_and_yarn group with 4 updates in the /packages/taikoon-ui directory: [@sveltejs/kit](https://github.com/sveltejs/kit/tree/HEAD/packages/kit), [svelte](https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte), [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) and [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest). Bumps the npm_and_yarn group with 5 updates in the /packages/ui-lib directory: | Package | From | To | | --- | --- | --- | | [@sveltejs/kit](https://github.com/sveltejs/kit/tree/HEAD/packages/kit) | `2.5.22` | `2.53.3` | | [svelte](https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte) | `4.2.15` | `5.53.5` | | [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `4.5.3` | `5.4.21` | | [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `1.6.0` | `1.6.1` | | [storybook](https://github.com/storybookjs/storybook/tree/HEAD/code/core) | `8.2.7` | `8.6.17` | Updates `axios` from 1.6.8 to 1.13.5 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v1.6.8...v1.13.5) Updates `@sveltejs/kit` from 2.5.22 to 2.53.3 - [Release notes](https://github.com/sveltejs/kit/releases) - [Changelog](https://github.com/sveltejs/kit/blob/main/packages/kit/CHANGELOG.md) - [Commits](https://github.com/sveltejs/kit/commits/@sveltejs/kit@2.53.3/packages/kit) Updates `ajv` from 8.13.0 to 8.18.0 - [Release notes](https://github.com/ajv-validator/ajv/releases) - [Commits](ajv-validator/ajv@v8.13.0...v8.18.0) Updates `svelte` from 4.2.15 to 5.53.5 - [Release notes](https://github.com/sveltejs/svelte/releases) - [Changelog](https://github.com/sveltejs/svelte/blob/main/packages/svelte/CHANGELOG.md) - [Commits](https://github.com/sveltejs/svelte/commits/svelte@5.53.5/packages/svelte) Updates `vite` from 4.5.3 to 5.4.21 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v5.4.21/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v5.4.21/packages/vite) Updates `vitest` from 1.6.0 to 1.6.1 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Commits](https://github.com/vitest-dev/vitest/commits/v1.6.1/packages/vitest) Updates `astro` from 4.13.1 to 5.15.9 - [Release notes](https://github.com/withastro/astro/releases) - [Changelog](https://github.com/withastro/astro/blob/main/packages/astro/CHANGELOG-v4.md) - [Commits](https://github.com/withastro/astro/commits/astro@5.15.9/packages/astro) Updates `@sveltejs/kit` from 2.5.22 to 2.53.3 - [Release notes](https://github.com/sveltejs/kit/releases) - [Changelog](https://github.com/sveltejs/kit/blob/main/packages/kit/CHANGELOG.md) - [Commits](https://github.com/sveltejs/kit/commits/@sveltejs/kit@2.53.3/packages/kit) Updates `svelte` from 4.2.15 to 5.53.5 - [Release notes](https://github.com/sveltejs/svelte/releases) - [Changelog](https://github.com/sveltejs/svelte/blob/main/packages/svelte/CHANGELOG.md) - [Commits](https://github.com/sveltejs/svelte/commits/svelte@5.53.5/packages/svelte) Updates `vite` from 4.5.3 to 5.4.21 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v5.4.21/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v5.4.21/packages/vite) Updates `vitest` from 1.6.0 to 1.6.1 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Commits](https://github.com/vitest-dev/vitest/commits/v1.6.1/packages/vitest) Updates `@sveltejs/kit` from 2.5.22 to 2.53.3 - [Release notes](https://github.com/sveltejs/kit/releases) - [Changelog](https://github.com/sveltejs/kit/blob/main/packages/kit/CHANGELOG.md) - [Commits](https://github.com/sveltejs/kit/commits/@sveltejs/kit@2.53.3/packages/kit) Updates `svelte` from 4.2.15 to 5.53.5 - [Release notes](https://github.com/sveltejs/svelte/releases) - [Changelog](https://github.com/sveltejs/svelte/blob/main/packages/svelte/CHANGELOG.md) - [Commits](https://github.com/sveltejs/svelte/commits/svelte@5.53.5/packages/svelte) Updates `vite` from 4.5.3 to 5.4.21 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v5.4.21/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v5.4.21/packages/vite) Updates `vitest` from 1.6.0 to 1.6.1 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Commits](https://github.com/vitest-dev/vitest/commits/v1.6.1/packages/vitest) Updates `@sveltejs/kit` from 2.5.22 to 2.53.3 - [Release notes](https://github.com/sveltejs/kit/releases) - [Changelog](https://github.com/sveltejs/kit/blob/main/packages/kit/CHANGELOG.md) - [Commits](https://github.com/sveltejs/kit/commits/@sveltejs/kit@2.53.3/packages/kit) Updates `svelte` from 4.2.15 to 5.53.5 - [Release notes](https://github.com/sveltejs/svelte/releases) - [Changelog](https://github.com/sveltejs/svelte/blob/main/packages/svelte/CHANGELOG.md) - [Commits](https://github.com/sveltejs/svelte/commits/svelte@5.53.5/packages/svelte) Updates `vite` from 4.5.3 to 5.4.21 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v5.4.21/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v5.4.21/packages/vite) Updates `vitest` from 1.6.0 to 1.6.1 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Commits](https://github.com/vitest-dev/vitest/commits/v1.6.1/packages/vitest) Updates `storybook` from 8.2.7 to 8.6.17 - [Release notes](https://github.com/storybookjs/storybook/releases) - [Changelog](https://github.com/storybookjs/storybook/blob/v8.6.17/CHANGELOG.md) - [Commits](https://github.com/storybookjs/storybook/commits/v8.6.17/code/core) --- updated-dependencies: - dependency-name: axios dependency-version: 1.13.5 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: "@sveltejs/kit" dependency-version: 2.53.3 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: ajv dependency-version: 8.18.0 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: svelte dependency-version: 5.53.5 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 5.4.21 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: vitest dependency-version: 1.6.1 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: astro dependency-version: 5.15.9 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: "@sveltejs/kit" dependency-version: 2.53.3 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: svelte dependency-version: 5.53.5 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 5.4.21 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: vitest dependency-version: 1.6.1 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: "@sveltejs/kit" dependency-version: 2.53.3 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: svelte dependency-version: 5.53.5 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 5.4.21 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: vitest dependency-version: 1.6.1 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: "@sveltejs/kit" dependency-version: 2.53.3 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: svelte dependency-version: 5.53.5 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 5.4.21 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: vitest dependency-version: 1.6.1 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: storybook dependency-version: 8.6.17 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Feb 28, 2026

dependabot Bot mentioned this pull request Feb 28, 2026

chore(deps): bump the npm_and_yarn group across 5 directories with 8 updates #36

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the npm_and_yarn group across 5 directories with 8 updates#37

chore(deps): bump the npm_and_yarn group across 5 directories with 8 updates#37
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/packages/bridge-ui/npm_and_yarn-97fbc16bb4

dependabot Bot commented on behalf of github Feb 28, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github Feb 28, 2026

v1.13.5

Release 1.13.5

Highlights

Changes

Security

Fixes

Features / Improvements

Documentation

CI / Maintenance

New Contributors

v1.13.4

Overview

What's New in v1.13.4

Bug Fixes

Changelog

1.13.3 (2026-01-20)

Bug Fixes

Features

Reverts

Contributors to this release

@​sveltejs/kit@​2.53.3

Patch Changes

@​sveltejs/kit@​2.53.2

Patch Changes

@​sveltejs/kit@​2.53.1

Patch Changes

@​sveltejs/kit@​2.53.0

Minor Changes

Patch Changes

@​sveltejs/kit@​2.52.2

Patch Changes

2.53.3

Patch Changes

2.53.2

Patch Changes

2.53.1

Patch Changes

2.53.0

Minor Changes

Patch Changes

2.52.2

Patch Changes

v8.18.0

What's Changed

New Contributors

v8.17.1

What's Changed

Plus everything in 8.17.0 which failed to release

v8.17.0

What's Changed

svelte@5.53.5

Patch Changes

svelte@5.53.4

Patch Changes

svelte@5.53.3

Patch Changes

svelte@5.53.2

Patch Changes

svelte@5.53.1

Patch Changes

svelte@5.53.0

Minor Changes

Patch Changes

5.53.5

Patch Changes

5.53.4

Patch Changes

5.53.3

Patch Changes

5.53.2

Patch Changes

5.53.1

Patch Changes

5.53.0

Minor Changes

v5.4.21

v5.4.20

v5.4.19

`@sveltejs/kit@2`.53.3

`@sveltejs/kit@2`.53.2

`@sveltejs/kit@2`.53.1

`@sveltejs/kit@2`.53.0

`@sveltejs/kit@2`.52.2

`@sveltejs/kit@2`.53.3

`@sveltejs/kit@2`.53.2

`@sveltejs/kit@2`.53.1