Update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@sveltejs/adapter-vercel (source)	5.4.2 -> 5.6.3
@sveltejs/kit (source)	2.5.21 -> 2.18.0
@sveltejs/vite-plugin-svelte (source)	3.1.1 -> 3.1.2
flowbite (source)	2.5.1 -> 2.5.2
flowbite-svelte (source)	^0.46.1 -> ^0.48.0
flowbite-svelte-icons (source)	1.6.1 -> 1.6.2
postcss (source)	8.4.41 -> 8.5.3
sanitize-html	2.13.0 -> 2.14.0
svelte (source)	4.2.18 -> 4.2.19
svelte-gestures	5.0.4 -> 5.1.3
svelte-turnstile	^0.7.0 -> ^0.10.0
tailwindcss (source)	3.4.9 -> 3.4.17
vite (source)	5.4.0 -> 5.4.14

---

Release Notes

sveltejs/kit (@​sveltejs/adapter-vercel)

v5.6.3

Compare Source

Patch Changes

• chore(deps): upgrade @​vercel/nft to fix glob deprecation warnings (b1e9781a6dff41841d8e1509311d948421956746)

v5.6.2

Compare Source

Patch Changes

• fix: change server-side route resolution endpoint (#​13461)

• Updated dependencies [9612a60a0277aef0ab4723a0e7ed8dd03a7ffb95, 3d88ae33fc14b08a1d48c2cb7315739c8cfcd9fd]:

  • @​sveltejs/kit@​2.17.2

v5.6.1

Compare Source

Patch Changes

• fix: correct edge function path for route resolution endpoint (#​13409)

v5.6.0

Compare Source

Minor Changes

• feat: generate edge function dedicated to server side route resolution when using that option in SvelteKit (#​13379)

Patch Changes

• Updated dependencies [09296d0f19c8d1ff57d699e637bd1beabb69d438, d62ed39a431f0db3db4dd90bf6b17ed2a2a2de79, f30352f874790b9de0bd0eba985a21aef23e158e, 180fa3467e195065c0a25206c6328a908e6952d7, 5906e9708965b848b468d0014999c36272dc8d50, d62ed39a431f0db3db4dd90bf6b17ed2a2a2de79]:
  • @​sveltejs/kit@​2.17.0

v5.5.3

Compare Source

Patch Changes

• fix: include ambient type declarations (#​12088)

• Updated dependencies [d440c68acac67ed64eea4b9bda267e229303db7b, 6774ebc34330b12ae8c0cae08e98b577d819fffb, 777c8ef11f17d2ab48aee0f2347c051663da5826, f451f6c4a3dbbc73dc86667c6ff89ab2f46ca9d2, 34a03ff16af29e917abebb649b31eadfc40a98a0, 1c77e283896058084c1cb5752d9ec207987a585e, 04958cca5905aaeeff367c9e4a5ce6e90fc64779, 9dc5c0e3e01a3c07010e9996688169be68e1dde8, 00e1a7621de554054d068e4525a9e505d1c2e588, 9fcd1e7574197fa6e7ac000a030378d877cb8837, e541a4057a00f5ab6740fb51b7f88f17776da50a, 37f72fbb075b481de8263f62c77125333735f382, b60707ca8e755be95c86490122aa1b792b9bd6be, 699f4405c752261cf46c1ad32e4dbadceaffc75b, e2a4538c48295cde06f64fb8c7f0b333fbf95496, a91ba1f326b6e244503de9a010771d942b461dad]:

  • @​sveltejs/kit@​2.16.0

v5.5.2

Compare Source

Patch Changes

• chore: upgrade @vercel/nft to 0.27.9 (#​13129)

• Updated dependencies [9fc5ff3339e543b956f7ce5eb31267fa73ee332a, 85b57168189fa16fe966434ec50cc19425cab275]:

  • @​sveltejs/kit@​2.10.0

v5.5.1

Compare Source

Patch Changes

• chore: upgrade @​vercel/nft to 0.27.7 (#​13082)

• Updated dependencies [78404dfe1eb346723eefc183278b85f25485b419]:

  • @​sveltejs/kit@​2.9.1

v5.5.0

Compare Source

Minor Changes

• chore: upgrade esbuild to 0.24.0 (#​12270)

Patch Changes

• Updated dependencies [d030f4bb285e70844d09b3f0c87809bae43014b8, 67dd214863cbc5852eb0e8512efbb7bad5358e8a]:
  • @​sveltejs/kit@​2.9.0

v5.4.8

Compare Source

Patch Changes

• chore: support building with Node 22 (#​13043)

• Updated dependencies [570562b74d9e9f295d9b617478088a650f51e96b, 1358cccd52190df3c74bdd8970dbfb06ffc4ec72]:

  • @​sveltejs/kit@​2.8.2

v5.4.7

Compare Source

Patch Changes

• fix: disregard presence/absence of trailing slash in prerendered redirect (#​12966)

• Updated dependencies [92b2686314a7dbebee1761c3da7719d599f003c7]:

  • @​sveltejs/kit@​2.8.0

v5.4.6

Compare Source

Patch Changes

• docs: update URLs for new svelte.dev site (#​12857)

• Updated dependencies [dcbe4222a194c5f90cfc0fc020cf065f7a4e4c46, 4cdbf76fbbf0c0ce7f574ef69c8daddcf954d39d, 3a9b78f04786898ca93f6d4b75ab18d26bc45192, 723eb8b31e6a22c82f730c30e485386c8676b746, 8ec471c875345b751344e67580ff1b772ef2735b]:

  • @​sveltejs/kit@​2.7.3

v5.4.5

Compare Source

Patch Changes

• fix: updated @default annotation for runtime (#​12717)

• Updated dependencies [3591411e880ed5337123c66365433afe8c2f747b, 2292170ecba27c70600fae0c2adc473ac9d938e8, 809983f377f0b18c4651a8a4f3af7b69c0df20ab]:

  • @​sveltejs/kit@​2.6.3

v5.4.4

Compare Source

Patch Changes

• fix: import node:process instead of using globals (#​12641)

• Updated dependencies [e798ef718f163bed4f93e1918bd8294f765376ad]:

  • @​sveltejs/kit@​2.5.28

v5.4.3

Compare Source

Patch Changes

• chore: configure provenance in a simpler manner (#​12570)

• Updated dependencies [087a43d391fc38b8c008fb39a804dc6988974101]:

  • @​sveltejs/kit@​2.5.22

sveltejs/kit (@​sveltejs/kit)

v2.18.0

Compare Source

Minor Changes

• feat: allow async reroute (#​13520)

• feat: provide normalizeUrl helper (#​13539)

Patch Changes

• fix: correct navigation history with hash router and ensure load functions are rerun on user changes to URL hash (#​13492)

• fix: include universal load assets as server assets (#​13531)

• fix: Include root layout and error nodes even when apps have only prerendered pages (#​13522)

• fix: correctly preload data on mousedown/touchstart if code was preloaded on hover (#​13530)

v2.17.3

Compare Source

Patch Changes

• fix: avoid simulated CORS errors with non-HTTP URLs (#​13493)

• fix: correctly preload links on mousedown/touchstart (#​13486)

• fix: load CSS when using server-side route resolution (#​13498)

• fix: correctly find shared entry-point CSS files during inlining (#​13431)

v2.17.2

Compare Source

Patch Changes

• fix: add promise return type to the enhance action callback (#​13420)

• fix: change server-side route resolution endpoint (#​13461)

v2.17.1

Compare Source

Patch Changes

• fix: make route resolution imports root-relative if paths.relative option is false (#​13412)

v2.17.0

Compare Source

Minor Changes

• feat: validate values for cache-control and content-type headers in dev mode (#​13114)

• feat: support server-side route resolution (#​13379)

Patch Changes

• chore: don't error during development when using use:enhance with +server as some third party libraries make it possible to POST forms to it (#​13397)

• fix: skip hooks for server fetch to prerendered routes (#​13377)

• fix: ignore non-entry-point CSS files during inlining (#​13395)

• fix: default server fetch to use prerendered paths (#​13377)

v2.16.1

Compare Source

Patch Changes

• fix: avoid overwriting headers for sub-requests made while loading the error page (#​13341)

• fix: correctly resolve index file entrypoints such as src/service-worker/index.js (#​13354)

• fix: correctly handle relative anchors when using the hash router (#​13356)

v2.16.0

Compare Source

Minor Changes

• feat: add ability to invalidate a custom identifier on goto() (#​13256)

• feat: remove the postinstall script to support pnpm 10 (#​13304)

  NOTE: users should add "prepare": "svelte-kit sync" to their package.json in order to avoid the following warning upon first running Vite:

  ▲ [WARNING] Cannot find base config file "./.svelte-kit/tsconfig.json" [tsconfig.json]
  
      tsconfig.json:2:12:
        2 │   "extends": "./.svelte-kit/tsconfig.json",
          ╵              ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  

• feat: provide PageProps and LayoutProps types (#​13308)

Patch Changes

• perf: shorten chunk file names (#​13003)

• fix: strip internal data before passing URL to reroute (#​13092)

• fix: support absolute URLs and reroutes with data-sveltekit-preload-code="viewport" (#​12217)

• fix: use current window.fetch for server load fetch requests (#​13315)

• fix: resolve symlinks when handling routes (#​12740)

• fix: prevent infinite reload when using the hash router and previewing /index.html (#​13296)

• fix: service worker base path in dev mode (#​12577)

• chore: error during development when using use:enhance with +server (#​13197)

• chore: add most common status codes to redirect() JS documentation (#​13301)

• fix: correctly link to assets inlined by the inlineStyleThreshold option (#​13068)

• fix: fall back to importing dynamic dependencies relative to SvelteKit package (#​12532)

• fix: use arrow function types over bound funcs (#​12955)

• fix: correctly navigate when hash router is enabled and the browser encodes extra hashes (#​13321)

v2.15.3

Compare Source

Patch Changes

• fix: fix race-condition when not using SSR when pressing back before initial load (#​12925)

• fix: remove ":$" from virtual module ids to allow dev server to work with proxies (#​12157)

• fix: upgrade esm-env to remove warning when NODE_ENV is not set (#​13291)

• fix: handle Redirect thrown from root layout load function when client-side navigating to a non-existent page (#​12005)

• fix: make param matchers generated type import end with .js (#​13286)

v2.15.2

Compare Source

Patch Changes

• fix: correctly notify page store subscribers (#​13205)

• fix: prerender data when there is no server load but the trailingSlash option is set from the server (#​13262)

• fix: correctly remove navigation callbacks when returning function in onNavigate (#​13241)

v2.15.1

Compare Source

Patch Changes

• fix: add CSP hashes/nonces to inline styles when using bundleStrategy: 'inline' (#​13232)

• fix: silence dev/prod warning during sync (#​13244)

v2.15.0

Compare Source

Minor Changes

• feat: add bundleStrategy: 'inline' option (#​13193)

v2.14.1

Compare Source

Patch Changes

• fix: do not mutate URL during reroute logic (#​13222)

v2.14.0

Compare Source

Minor Changes

• feat: add hash-based routing option (#​13191)

Patch Changes

• fix: create new URL when calling goto(...), to handle case where URL is mutated (#​13196)

v2.13.0

Compare Source

Minor Changes

• feat: add bundleStrategy: 'split' | 'single' option (#​13173)

v2.12.2

Compare Source

Patch Changes

• fix: correctly resolve no hooks file when a similarly named directory exists (#​13188)

• fix: correctly resolve $app/state on the server with Vite 5 (#​13192)

v2.12.1

Compare Source

Patch Changes

• fix: replace navigating.current.<x> with navigating.<x> (#​13174)

v2.12.0

Compare Source

Minor Changes

• feat: add $app/state module (#​13140)

Patch Changes

• chore: specify the route ID in the error message during development when making a form action request to a route without form actions (#​13167)

v2.11.1

Compare Source

Patch Changes

• fix: adhere to Vite build.minify setting when building the service worker (#​13143)

v2.11.0

Compare Source

Minor Changes

• feat: transport custom types across the server/client boundary (#​13149)

Patch Changes

• fix: correctly resolve hooks file when a similarly named directory exists (#​13144)

v2.10.1

Compare Source

Patch Changes

• fix: export init hook from get_hooks (#​13136)

v2.10.0

Compare Source

Minor Changes

• feat: server and client init hook (#​13103)

Patch Changes

• fix: prevent hooks exported from hooks.js from overwriting hooks from hooks.server.js (#​13104)

v2.9.1

Compare Source

Patch Changes

• fix: correctly match route groups preceding optional parameters (#​13099)

v2.9.0

Compare Source

Minor Changes

• feat: Vite 6 support (#​12270)

Patch Changes

• fix: transform link[rel='shortcut icon'] and link[rel='apple-touch-icon'] to be absolute to avoid console error when navigating (#​13077)

v2.8.5

Compare Source

Patch Changes

• fix: don't hydrate when falling back to error page (#​13056)

v2.8.4

Compare Source

Patch Changes

• fix: update inline css url generation for FOUC prevention in dev (#​13007)

v2.8.3

Compare Source

Patch Changes

• fix: ensure error messages are escaped (#​13050)

• fix: escape values included in dev 404 page (#​13039)

v2.8.2

Compare Source

Patch Changes

• fix: prevent duplicate fetch request when using Request with load function's fetch (#​13023)

• fix: do not override default cookie decoder to allow users to override the cookie library version (#​13037)

v2.8.1

Compare Source

Patch Changes

• fix: only add nonce to script-src-elem, style-src-attr and style-src-elem CSP directives when unsafe-inline is not present (#​11613)

• fix: support HTTP/2 in dev and production. Revert the changes from #​12907 to downgrade HTTP/2 to TLS as now being unnecessary (#​12989)

v2.8.0

Compare Source

Minor Changes

• feat: add helper to identify ActionFailure objects (#​12878)

v2.7.7

Compare Source

Patch Changes

• fix: update link in JSDoc (#​12963)

v2.7.6

Compare Source

Patch Changes

• fix: update broken links in JSDoc (#​12960)

v2.7.5

Compare Source

Patch Changes

• fix: warn on invalid cookie name characters (#​12806)

• fix: when using @vitejs/plugin-basic-ssl, set a no-op proxy config to downgrade from HTTP/2 to TLS since undici does not yet enable HTTP/2 by default (#​12907)

v2.7.4

Compare Source

Patch Changes

• fix: ensure element is focused after subsequent clicks of the same hash link (#​12866)

• fix: avoid preload if event default was prevented for touchstart and mousedown events (#​12887)

• fix: avoid reloading behaviour for hash links with data-sveltekit-reload if the hash is on the same page (#​12866)

v2.7.3

Compare Source

Patch Changes

• fix: include importer in illegal import error message (#​12820)

• fix: don't try reading assets directly that aren't present (#​12876)

• fix: decode non-latin characters when previewing prerendered pages (#​12874)

• fix: better error message when a Result is returned from a form action (#​12829)

• docs: update URLs for new svelte.dev site (#​12857)

v2.7.2

Compare Source

Patch Changes

• fix: use absolute links in JSDoc comments (#​12718)

v2.7.1

Compare Source

Patch Changes

• chore: upgrade to sirv 3.0 (#​12796)

• fix: warn when form action responses are lost because SSR is off (#​12063)

v2.7.0

Compare Source

Minor Changes

• feat: update service worker when new version is detected (#​12448)

Patch Changes

• fix: correctly handle relative paths when fetching assets on the server (#​12113)

• fix: decode non ASCII anchor hashes when scrolling into view (#​12699)

• fix: page response missing CSP and Link headers when return promise in load (#​12418)

v2.6.4

Compare Source

Patch Changes

• fix: only preload links that have a different URL than the current page (#​12773)

• fix: revert change to replace version in generateBundle (#​12779)

• fix: catch stack trace fixing errors thrown in web containers (#​12775)

• fix: use absolute links in JSDoc comments (#​12772)

v2.6.3

Compare Source

Patch Changes

• fix: ensure a changing version doesn't affect the hashes for chunks without any actual code changes (#​12700)

• fix: prevent crash when logging URL search params in a server load function (#​12763)

• chore: revert update dependency cookie to ^0.7.0 (#​12767)

v2.6.2

Compare Source

Patch Changes

• chore(deps): update dependency cookie to ^0.7.0 (#​12746)

v2.6.1

Compare Source

Patch Changes

• fix: better error message when calling push/replaceState before router is initialized (#​11968)

v2.6.0

Compare Source

Minor Changes

• feat: support typed arrays in load functions (#​12716)

Patch Changes

• fix: open a new tab for <form target="_blank"> and ` submissions (#​11936)

v2.5.28

Compare Source

Patch Changes

• fix: import node:process instead of using globals (#​12641)

v2.5.27

Compare Source

Patch Changes

• fix: asynchronously instantiate components when using Svelte 5 (#​12613)

• fix: use {@​render ...} tag when generating default fallback page for svelte 5 apps (#​12653)

• fix: emulate event.platform even when the route does not exist (#​12513)

v2.5.26

Compare Source

Patch Changes

• fix: exclude service worker directory from tsconfig (#​12196)

v2.5.25

Compare Source

Patch Changes

• chore: upgrade dts-buddy to 0.5.3 (6056ba30e29ac5747c356fbf1a42dd71f2c4aa1f)

v2.5.24

Compare Source

Patch Changes

• extend peer dependency range for @​sveltejs/vite-plugin-svelte to include 4.0.0-next for improved svelte5 support (#​12593)

v2.5.23

Compare Source

Patch Changes

• fix: use dynamic components in root.svelte instead of svelte:component for svelte 5 (#​12584)

v2.5.22

Compare Source

Patch Changes

• chore: configure provenance in a simpler manner (#​12570)

sveltejs/vite-plugin-svelte (@​sveltejs/vite-plugin-svelte)

v3.1.2

Compare Source

Patch Changes

• add warning for svelte5 users to update to vite-plugin-svelte@4 (#​964)

themesberg/flowbite (flowbite)

v2.5.2

Compare Source

• release new WYSIWYG text editor component

themesberg/flowbite-svelte (flowbite-svelte)

v0.48.4

Compare Source

v0.48.3

Compare Source

Patch Changes

• fix: bugs

v0.48.2

Compare Source

Patch Changes

• fix: bugs

v0.48.1

Compare Source

Patch Changes

• fix: bugs

v0.47.4

Compare Source

Patch Changes

• fix: datepicker

v0.47.3

Compare Source

Patch Changes

• fix: #​1392 #​1455 #​1463 #​1468 #​1475 #​1476

v0.47.2

Compare Source

Patch Changes

• fix: #​1470 #​1467 #​1031

v0.47.1

Compare Source

Patch Changes

• fix: remove flowbite-svelte-icons from Datepicker (e017ac0)

v0.47.0

Compare Source

Minor Changes

• feat: datepicker

v0.46.23

Compare Source

Patch Changes

• bug fix (5b0798a414d2bbcd72dc940ebf20d8448b600150)

v0.46.22

Compare Source

Patch Changes

• fix: omit size from Toggle (cbdc23136d7cbd57338fee3ae57fd0b347fcedd6)

v0.46.21

Compare Source

Patch Changes

• types: add $Props (458b98eea93e1b9c82374d1727e057bf97d85930)

• types: component type updates types: Button and ToolbarButton update for using anchor and button, HTMLAnchorAttributes, HTMLButtonAttributes types: GradientButton uses import ButtonProps from "./Button.svelte" instead of using ComponentProps that does not work. (a1ba5af532261772bfd8b0b2c8267f65e814f997)

• fix: #​1454 extends HTMLInputAttributes for Checkbox component (4ce2ced37a28885614ac1d863386e396f190a65e)

v0.46.20

Compare Source

Patch Changes

• types: add $Props (46a29798f77a63482a0951720eb761e474d11287)

v0.46.19

[Compare Source](https://redirect.github.com/themesberg/flow

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - "* 0-3 * * *" (UTC).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
give-headpats	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Mar 4, 2025 4:39pm