fix(deps): update all non-major dependencies#287
Conversation
Deploying with
|
| Status | Name | Latest Commit | Preview URL | Updated (UTC) |
|---|---|---|---|---|
| ✅ Deployment successful! View logs |
saas-starter | d94bf98 | Commit Preview URL Branch Preview URL |
May 01 2026, 06:04 PM |
439c63b to
e2a1891
Compare
|
Warning Review the following alerts detected in dependencies. According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.
|
2cb454c to
ffc47a7
Compare
652bbee to
9b65b6c
Compare
15f94f8 to
ea7c8c3
Compare
ea7c8c3 to
bd89798
Compare
- Patch oxlint-plugin-convex@0.1.1 to import definePlugin/defineRule from @oxlint/plugins (oxlint moved them out of its main entry point starting in 1.45 — see oxc-project/oxc#18828) - Drop resolve('#') in team-two.svelte; sveltekit 2.58 made resolve() strict and rejects non-absolute paths (sveltejs/kit#15733) - Ignore varlock-generated env types in eslint (varlock 0.9 emits @ts-nocheck, tripping ban-ts-comment) - Drop now-stale eslint-disable directives surfaced by typescript-eslint See also: juliusmarminge/agent-tools#26
Edited/Blocked NotificationRenovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR. You can manually request rebase by checking the rebase/retry box above. |
This PR contains the following updates:
4.11.1→4.11.24.11.31.2.1→1.2.2^5.2.8→5.2.83.12.0→3.12.1^0.577.0→0.577.01.58.2→1.59.1^7.2.8→7.2.8^5.5.4→5.5.4^6.3.1→6.3.32.55.0→2.58.02.59.03.40.0→3.41.14.2.1→4.2.4^2.14.0→2.16.125.5.0→25.6.08.57.0→8.59.18.57.0→8.59.14b73464→4a36011bbbca2d→043fb46df37d2f→fefa07e2.16.3→2.18.0^2.1.1→2.1.11.33.1→1.36.11.37.00.17.1→0.18.0^0.4.0→0.4.03.15.2→3.17.117.4.0→17.5.017.6.06.2.1→6.2.35.88.0→5.88.11.41.0→1.62.03.8.1→3.8.30.7.2→0.8.05.53.12→5.55.54.4.5→4.4.64.4.71.1.0→1.1.1^3.5.0→3.5.0^3.2.2→3.2.24.2.1→4.2.4^1.4.0→1.4.08.57.0→8.59.1^0.5.0→^0.9.0^1.0.0-next.7→1.0.0-next.7^50.0.0→50.44.04.1.0→4.1.5Release Notes
dequelabs/axe-core-npm (@axe-core/playwright)
v4.11.2: Release 4.11.2Compare Source
Bug Fixes
get-convex/convex-backend (@convex-dev/eslint-plugin)
v1.2.2@typescript-eslint/utilsto v8.58.0 to properly support ESLint v10.adobe/react-spectrum (@internationalized/date)
v3.12.1Compare Source
microsoft/playwright (@playwright/test)
v1.59.1Compare Source
v1.59.0Compare Source
sveltejs/kit (@sveltejs/kit)
v2.58.0Compare Source
Minor Changes
breaking: require
limitinrequested(as originally intended) (#15739)feat:
RemoteQueryFunctiongains an optional third generic parameterValidated(defaulting toInput) that represents the argument type after schema validation/transformation (#15739)breaking:
requestednow yields{ arg, query }entries instead of the validated argument (#15739)Patch Changes
fix: allow
query().current,.error,.loading, and.readyto work in non-reactive contexts (#15699)fix: prevent
deep_setcrash on nullish nested values (#15600)fix: restore correct
RemoteFormFieldstyping for nullable array fields (e.g. when a schema uses.default([])), so.as('checkbox')and friends work again (#15723)fix: don't warn about removed SSI comments in
transformPageChunk(#15695)Server-side include (SSI) directives like
<!--#include virtual="..." -->are HTML comments that are replaced by servers such as nginx. Previously, removing them intransformPageChunkwould trigger a false positive warning about breaking Svelte's hydration. Since SSI comments always start with<!--#and Svelte's hydration comments never do, they can be safely excluded from the check.Change enhance function return type from void to MaybePromise. (#15710)
fix: throw an error when
resolveis called with an external URL (#15733)fix: avoid FOUC for CSR-only pages by loading styles and fonts before CSR starts (#15718)
fix: reset form result on redirect (#15724)
v2.57.1Compare Source
Patch Changes
fix: better validation for
redirectinputs (10d7b44)fix: enforce
BODY_SIZE_LIMITon chunked requests (3202ed6)fix: use default values as fallbacks (#15680)
fix: relax form typings for union types (#15687)
v2.57.0Compare Source
Minor Changes
submitto indicate submission validity for enhancedformremote functions (#15530)Patch Changes
fix: use array type for select fields that accept multiple values (#15591)
fix: silently 404 Chrome DevTools workspaces request in dev and preview (#15656)
fix:
config.kit.csp.directives['trusted-types']requires'svelte-trusted-html'(and'sveltekit-trusted-url'when a service worker is automatically registered) if it is configured (#15323)fix: avoid inlineDynamicImports ignored with codeSplitting warning when using Vite 8 (#15647)
fix: reimplement treeshaking non-dynamic prerendered remote functions (#15447)
v2.56.1Compare Source
Patch Changes
v2.56.0Compare Source
Minor Changes
breaking: rework client-driven refreshes (#15562)
breaking: stabilize remote function caching by sorting object keys (#15570)
breaking: add
run()method to queries, disallow awaiting queries outside render (#15533)feat: support TypeScript 6.0 (#15595)
breaking: isolate command-triggered query refresh failures per-query (#15562)
feat: use
hydratablefor remote function transport (#15533)feat: allow
formfields to specify a default value (field.as(type, value)) (#15577)Patch Changes
fix: don't request new data when
.refreshis called on a query with no cache entry (#15533)fix: allow using multiple remote functions within one async derived (#15561)
fix: avoid false-positive overridden Vite
basesetting warning when setting apaths.baseinsvelte.config.js(#15623)fix: manage queries in their own
$effect.root(#15533)fix: avoid
inlineDynamicImportsdeprecation warning when building the service worker with Vite 8 (#15550)fix: correctly escape backticks when precomputing CSS (#15593)
fix: discard obsolete forks before finishing navigation (#15634)
chore: tighten up override implementation (#15562)
fix: ensure the default Svelte 5
error.sveltefile uses runes mode (#15609)fix: deduplicate same-cache-key
batchcalls during SSR (#15533)fix: decrement pending_count when form callback doesn't call submit() (#15520)
tabler/tabler-icons (@tabler/icons-svelte)
v3.41.1: Release 3.41.1Compare Source
Fixed icon:
outline/x-markv3.41.0: Release 3.41.0Compare Source
18 new icons:
outline/brand-jiraoutline/car-off-roadoutline/car-suspensionoutline/credit-card-handoutline/device-3d-cameraoutline/device-3d-lensoutline/device-screenoutline/icebergoutline/jetskioutline/olympic-torchoutline/parking-meteroutline/pillowoutline/pipelineoutline/quote-openoutline/scan-letter-aoutline/scan-letter-toutline/segwayoutline/x-markNew features
@tabler/icons-angularpackage with components, build pipeline, unit tests, andtest/test-angularsample app (#1091).<g>elements; broader SVG icon validation improvements (#1487); more consistent SVG path syntax (#1488).icons-react: JSDoc with icon previews in generated output (#1472).icons-react-native:react-native-svgadded as a peer dependency (#1475).icons-solidjs: SSR support viarollup-preset-solidand JSX/TSX component refactor (#1493).Fixed icons
outline/brand-kbinandoutline/volume-4: adjusted for compatibility withbuildJsIcons(#1469).outline/number-35-smallthroughoutline/number-50-small: updated Unicode values (#1494).tailwindlabs/tailwindcss (@tailwindcss/vite)
v4.2.4Compare Source
Fixed
@importand@pluginstill resolve correctly when using Vite aliases in@tailwindcss/vite(#19947)v4.2.3Compare Source
Fixed
tracking-*utilities by preferring non-negative utilities (e.g.-tracking-tighter→tracking-wider) (#19827)@tailwindcss/webpack(#19723)px-[1.2rem] py-[1.2rem]→p-[1.2rem]) (#19837)border-{t,b}-*intoborder-y-*,border-{l,r}-*intoborder-x-*, andborder-{t,r,b,l}-*intoborder-*(#19842)scroll-m{t,b}-*intoscroll-my-*,scroll-m{l,r}-*intoscroll-mx-*, andscroll-m{t,r,b,l}-*intoscroll-m-*(#19842)scroll-p{t,b}-*intoscroll-py-*,scroll-p{l,r}-*intoscroll-px-*, andscroll-p{t,r,b,l}-*intoscroll-p-*(#19842)overflow-{x,y}-*intooverflow-*(#19842)overscroll-{x,y}-*intooverscroll-*(#19842)--placeholder-colorinstead of--background-colorforplaceholder-*utilities (#19843)config.contentwhen migrating from Tailwind CSS v3 to Tailwind CSS v4 (#19846).envand.env.*to default ignored content files (#19846)overflow-ellipsisintotext-ellipsis(#19849)start-full→inset-s-full,start-auto→inset-s-auto,start-px→inset-s-px, andstart-<number>→inset-s-<number>as well as negative versions (#19849)end-full→inset-e-full,end-auto→inset-e-auto,end-px→inset-e-px, andend-<number>→inset-e-<number>as well as negative versions (#19849)-sign inside the arbitrary value-left-[9rem]→left-[-9rem](#19858)-sign outside the arbitrary valueml-[calc(-1*var(--width))]→-ml-(--width)(#19858)NODE_PATHenvironment variable in standalone CLI (#19617)v4.2.2Compare Source
Fixed
row-constructor(#19725)calc(var(--spacing)*…)expressions into--spacing(…)(#19769)@propertyat-rules (e.g.shadow-sm border) (#19727)@tailwindcss/vite(#19745)@tailwindcss/vite(#19790)w-1234 h-1234→size-1234) (#19809)w-5 h-5 size-5→''instead ofsize-5) (#19812)typescript-eslint/typescript-eslint (@typescript-eslint/eslint-plugin)
v8.59.1Compare Source
🩹 Fixes
❤️ Thank You
See GitHub Releases for more information.
You can read about our versioning strategy and releases on our website.
v8.59.0Compare Source
🚀 Features
❤️ Thank You
See GitHub Releases for more information.
You can read about our versioning strategy and releases on our website.
v8.58.2Compare Source
🩹 Fixes
❤️ Thank You
See GitHub Releases for more information.
You can read about our versioning strategy and releases on our website.
v8.58.1Compare Source
🩹 Fixes
❤️ Thank You
See GitHub Releases for more information.
You can read about our versioning strategy and releases on our website.
v8.58.0Compare Source
🚀 Features
🩹 Fixes
no-unnecessary-type-arguments(#12163)❤️ Thank You
See GitHub Releases for more information.
You can read about our versioning strategy and releases on our website.
v8.57.2Compare Source
🩹 Fixes
❤️ Thank You
See GitHub Releases for more information.
You can read about our versioning strategy and releases on our website.
v8.57.1Compare Source
🩹 Fixes
❤️ Thank You
See GitHub Releases for more information.
You can read about our versioning strategy and releases on our website.
typescript-eslint/typescript-eslint (@typescript-eslint/parser)
v8.59.1Compare Source
This was a version bump only for parser to align it with other projects, there were no code changes.
See GitHub Releases for more information.
You can read about our versioning strategy and releases on our website.
v8.59.0Compare Source
This was a version bump only for parser to align it with other projects, there were no code changes.
See GitHub Releases for more information.
You can read about our versioning strategy and releases on our website.
v8.58.2Compare Source
🩹 Fixes
❤️ Thank You
See GitHub Releases for more information.
You can read about our versioning strategy and releases on our website.
v8.58.1Compare Source
This was a version bump only for parser to align it with other projects, there were no code changes.
See GitHub Releases for more information.
You can read about our versioning strategy and releases on our website.
v8.58.0Compare Source
🚀 Features
❤️ Thank You
See GitHub Releases for more information.
You can read about our versioning strategy and releases on our website.
v8.57.2Compare Source
This was a version bump only for parser to align it with other projects, there were no code changes.
See GitHub Releases for more information.
You can read about our versioning strategy and releases on our website.
v8.57.1Compare Source
This was a version bump only for parser to align it with other projects, there were no code changes.
See GitHub Releases for more information.
You can read about our versioning strategy and releases on our website.
huntabyte/bits-ui (bits-ui)
v2.18.0Compare Source
Minor Changes
feat(Select): Add
<Select.Value/>component (#2026)feat(PinInput): add bindable
inputRefonPinInput.Root(#2028)v2.17.3Compare Source
Patch Changes
v2.17.2Compare Source
Patch Changes
fix(ContextMenu): prevent left-click on nested context-menu triggers from dismissing parent layers (#2019)
fix(Slider): use ResizeObserver to recompute thumb positioning (#2015)
fix(TimeField): preserve current AM/PM when typing the hour in 12-hour mode so PM values no longer flip to AM (#2016)
fix(HiddenInput): prevent page scroll in nested overflow layouts by anchoring the visually hidden input at top-left (#2018)
v2.17.1Compare Source
Patch Changes
v2.17.0Compare Source
Minor Changes
Patch Changes
fix(ContextMenu): nested submenus not opening (#2010)
fix(Menu): exit animations not firing on close (#2010)
improve(Menu): safe area handling (#2010)
perf(PresenceLayer): simplify and improve efficiency (#2010)
v2.16.5Compare Source
Patch Changes
fix(DateField):
onbeforeinputhandling (#1990)fix(Select): scroll jumping (#2005)
fix(Tooltip): skip delay race condition with multiple tooltips (#2002)
fix(NavigationMenu): delay hover close; add leave-delay regression test (#1983)
v2.16.4Compare Source
Patch Changes
fix: menu not ignoring onCloseAutoFocus when closed as another focus scope (#1999)
fix: floating layer bouncing on scroll (#1997)
get-convex/convex-backend (convex)
v1.36.1npx convex login --vercelto ask before joining a Convex team through the Vercel Marketplace.v1.36.0npx convex runnow supports--inline-queryfor evaluating readonly querieswithout creating a named function first, for example:
npx convex run --inline-query 'await ctx.db.query("messages").take(5)'.ctx.metato access extra metadata at runtime:ctx.meta.getFunctionMetadata(): the current function's name, component,visibility, and whether it's a query, mutation, or action.
ctx.meta.getTransactionMetrics(): how much capacity remains in the currenttransaction. Only available in queries and mutations.
npx convex env defaultcommand for getting and setting defaultenvironment variables for a project.
npx convex deployConfiguration
📅 Schedule: (UTC)
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR was generated by Mend Renovate. View the repository job log.