Skip to content

Commit 7e69b9d

Browse files
chore(deps): bump svelte and @sveltejs/kit to patch security advisories (#221)
- svelte 5.55.5 -> 5.55.7 (XSS via spread attrs, hydratable Promise, DOM clobbering, <svelte:element> ReDoS) - @sveltejs/kit 2.59.1 -> 2.60.1 (pulls patched devalue 5.8.1 — DoS via sparse array deserialization) `npm audit` reports 0 vulnerabilities after the bump. Closes #220 Co-authored-by: dobby-yivi-agent[bot] <275734547+dobby-yivi-agent[bot]@users.noreply.github.com>
1 parent 7d3c83b commit 7e69b9d

2 files changed

Lines changed: 15 additions & 15 deletions

File tree

package-lock.json

Lines changed: 13 additions & 13 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

package.json

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@
1717
"@eslint/js": "^10.0.1",
1818
"@playwright/test": "^1.60.0",
1919
"@sveltejs/adapter-static": "^3.0.10",
20-
"@sveltejs/kit": "^2.59.1",
20+
"@sveltejs/kit": "^2.60.1",
2121
"@sveltejs/vite-plugin-svelte": "^7.1.2",
2222
"@types/node": "^25.7.0",
2323
"@typescript-eslint/eslint-plugin": "^8.59.3",
@@ -35,7 +35,7 @@
3535
"prettier-plugin-svelte": "^3.5.2",
3636
"rollup": "^4.60.3",
3737
"sass": "^1.99.0",
38-
"svelte": "^5.55.5",
38+
"svelte": "^5.55.7",
3939
"svelte-check": "^4.4.8",
4040
"svelte-i18n": "^4.0.1",
4141
"svelte-preprocess": "^6.0.3",

0 commit comments

Comments
 (0)