chore(deps-dev): bump the prod-dependencies group with 4 updates

[dependabot]

Bumps the prod-dependencies group with 4 updates: @lucide/svelte, @sveltejs/kit, knip and svelte.

Updates @lucide/svelte from 1.8.0 to 1.9.0

Release notes

Sourced from @​lucide/svelte's releases.

Version 1.9.0

What's Changed

• fix(packages/angular): allow string inputs for size by @​swastik7805 in lucide-icons/lucide#4253
• fix(gh-icon): update colors for ColoredPath component by @​jguddas in lucide-icons/lucide#4233
• feat(packages): use .mjs for ESM bundles by @​karsa-mistmere in lucide-icons/lucide#4285
• fix(build-font): add collision detection to font codepoints by @​karsa-mistmere in lucide-icons/lucide#4300
• feat(icons): added timeline icon by @​jguddas in lucide-icons/lucide#4270

New Contributors

• @​swastik7805 made their first contribution in lucide-icons/lucide#4253

Full Changelog: lucide-icons/lucide@1.8.0...1.9.0

Commits

• See full diff in compare view

Updates @sveltejs/kit from 2.57.1 to 2.58.0

Release notes

Sourced from @​sveltejs/kit's releases.

@​sveltejs/kit@​2.58.0

Minor Changes

• breaking: require limit in requested (as originally intended) (#15739)

• feat: RemoteQueryFunction gains an optional third generic parameter Validated (defaulting to Input) that represents the argument type after schema validation/transformation (#15739)

• breaking: requested now yields { arg, query } entries instead of the validated argument (#15739)

Patch Changes

• fix: allow query().current, .error, .loading, and .ready to work in non-reactive contexts (#15699)

• fix: prevent deep_set crash on nullish nested values (#15600)

• fix: restore correct RemoteFormFields typing for nullable array fields (e.g. when a schema uses .default([])), so .as('checkbox') and friends work again (#15723)

• fix: don't warn about removed SSI comments in transformPageChunk (#15695)

  Server-side include (SSI) directives like <!--#include virtual="..." --> are HTML comments that are replaced by servers such as nginx. Previously, removing them in transformPageChunk would trigger a false positive warning about breaking Svelte's hydration. Since SSI comments always start with <!--# and Svelte's hydration comments never do, they can be safely excluded from the check.

• Change enhance function return type from void to MaybePromise. (#15710)

• fix: throw an error when resolve is called with an external URL (#15733)

• fix: avoid FOUC for CSR-only pages by loading styles and fonts before CSR starts (#15718)

• fix: reset form result on redirect (#15724)

Changelog

Sourced from @​sveltejs/kit's changelog.

2.58.0

Minor Changes

• breaking: require limit in requested (as originally intended) (#15739)

• feat: RemoteQueryFunction gains an optional third generic parameter Validated (defaulting to Input) that represents the argument type after schema validation/transformation (#15739)

• breaking: requested now yields { arg, query } entries instead of the validated argument (#15739)

Patch Changes

• fix: allow query().current, .error, .loading, and .ready to work in non-reactive contexts (#15699)

• fix: prevent deep_set crash on nullish nested values (#15600)

• fix: restore correct RemoteFormFields typing for nullable array fields (e.g. when a schema uses .default([])), so .as('checkbox') and friends work again (#15723)

• fix: don't warn about removed SSI comments in transformPageChunk (#15695)

  Server-side include (SSI) directives like <!--#include virtual="..." --> are HTML comments that are replaced by servers such as nginx. Previously, removing them in transformPageChunk would trigger a false positive warning about breaking Svelte's hydration. Since SSI comments always start with <!--# and Svelte's hydration comments never do, they can be safely excluded from the check.

• Change enhance function return type from void to MaybePromise. (#15710)

• fix: throw an error when resolve is called with an external URL (#15733)

• fix: avoid FOUC for CSR-only pages by loading styles and fonts before CSR starts (#15718)

• fix: reset form result on redirect (#15724)

Commits

• a21582c Version Packages (#15716)
• f499a45 breaking: return bound query instance from requested (#15739)
• 8cc203a fix: don't warn about removed SSI comments in transformPageChunk (#15695)
• 6b41862 Testing fix for CVE-2026-40073 (#15701)
• ee8047b fix: throw on external links in resolve (#15733)
• f06726c Change enhance function return type to void | Promise<void> (#15710)
• b34cc27 fix: reset form result on redirect (#15724)
• 394470c fix: restore correct RemoteFormFields typing for nullable array fields (#15...
• b77f00d fix: allow query().current and other data properties to work in non-reactiv...
• 50cc685 fix: link stylesheets and fonts in the head even when SSR is disabled (#15718)
• Additional commits viewable in compare view

Updates knip from 6.6.1 to 6.6.2

Release notes

Sourced from knip's releases.

Release 6.6.2

• Don't track typeof value refs at top of exported type alias (resolve #1697) (1a9904832878f5e8e4b633bdb08fb327baa17ed6)
• Treat Props as used when Astro.props is referenced (resolve #1629) (46cb33871b236249cf9b09679988d530a61a545f)
• Update dependencies (dcf53157452b996f970d91d3149c4b7bb4f45edd)

Commits

• 2527ddd Release knip@6.6.2
• dcf5315 Update dependencies
• 46cb338 Treat Props as used when Astro.props is referenced (resolve #1629)
• 1a99048 Don't track typeof value refs at top of exported type alias (resolve #1697)
• See full diff in compare view

Updates svelte from 5.55.4 to 5.55.5

Release notes

Sourced from svelte's releases.

svelte@5.55.5

Patch Changes

• fix: don't mark deriveds while an effect is updating (#18124)

• fix: do not dispatch introstart event with animation of animate directive (#18122)

Changelog

Sourced from svelte's changelog.

5.55.5

Patch Changes

• fix: don't mark deriveds while an effect is updating (#18124)

• fix: do not dispatch introstart event with animation of animate directive (#18122)

Commits

• b771df3 Version Packages (#18125)
• 8e73190 fix: don't mark deriveds while an effect is updating (#18124)
• 51736e5 fix: do not dispatch transition event with animation (#18122)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[getarcaneappbot]

Preview deployed successfully!

• Preview: https://pr-369-arcane.ofkm.workers.dev

Built from commit 2c850ce

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.