Bump svelte from 3.59.2 to 5.2.8 in /frontend

[dependabot]

Bumps svelte from 3.59.2 to 5.2.8.

Release notes

Sourced from svelte's releases.

svelte@5.2.8

Patch Changes

• fix: correctly prune each blocks (#14403)

• fix: provide temporary LegacyComponentType (#14257)

• fix: attach spread attribute events synchronously (#14387)

• fix: ensure last empty text node correctly hydrates (#14425)

• fix: correctly prune key blocks (#14403)

svelte@5.2.7

Patch Changes

• fix: always use set for private identifiers (#14378)

svelte@5.2.6

Patch Changes

• fix: remove template expression inlining (#14374)

svelte@5.2.5

Patch Changes

• fix: correctly handle srcObject attribute on video elements (#14369)

• add contentvisibilityautostatechange event to element definitions (#14373)

• fix: tighten up export default validation (#14368)

• fix: include method definitions in class private fields (#14365)

svelte@5.2.4

Patch Changes

• fix: ensure internal cloning can work circular values (#14347)

• fix: correctly update dynamic member expressions (#14359)

• fix: ensure is_pure takes into account $effect.tracking() (#14333)

• fix: coerce value to number when hydrating range/number input with changed value (#14349)

svelte@5.2.3

Patch Changes

• fix: ensure dynamic call expressions correctly generate output (#14345)

... (truncated)

Changelog

Sourced from svelte's changelog.

svelte

4.2.3

Patch Changes

• fix: improve a11y-click-events-have-key-events message (#9358)

• fix: more robust hydration of html tag (#9184)

4.2.2

Patch Changes

• fix: support camelCase properties on custom elements (#9328)

• fix: add missing plaintext-only value to contenteditable type (#9242)

• chore: upgrade magic-string to 0.30.4 (#9292)

• fix: ignore trailing comments when comparing nodes (#9197)

4.2.1

Patch Changes

• fix: update style directive when style attribute is present and is updated via an object prop (#9187)

• fix: css sourcemap generation with unicode filenames (#9120)

• fix: do not add module declared variables as dependencies (#9122)

• fix: handle svelte:element with dynamic this and spread attributes (#9112)

• fix: silence false positive reactive component warning (#9094)

• fix: head duplication when binding is present (#9124)

• fix: take custom attribute name into account when reflecting property (#9140)

• fix: add indeterminate to the list of HTMLAttributes (#9180)

• fix: recognize option value on spread attribute (#9125)

4.2.0

Minor Changes

• feat: move svelteHTML from language-tools into core to load the correct svelte/element types (#9070)

... (truncated)

Commits

• 2b5c0e7 Version Packages (#14383)
• 63484af fix: ensure last empty text node correctly hydrates (#14425)
• 37e6c7f fix: correctly prune key/each blocks (#14403)
• e721d96 fix: export temporary LegacyComponentType (#14256) (#14257)
• 0469008 chore: remove references to node.parent (#14395)
• dd9abea fix: ensure spread attribute events are attached synchronously (#14387)
• 6e391fc Version Packages (#14380)
• 520055c fix: always use set for private identifiers (#14378)
• 85ec6fa Version Packages (#14377)
• 9d12fd1 chore: remove template expression inlining (#14374)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
capy-life	❌ Failed (Inspect)			Nov 25, 2024 5:50pm

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/svelte@5.2.8	None	+17	4.77 MB	conduitry, rich_harris, svelte-admin

🚮 Removed packages: npm/svelte@3.59.2

View full report↗︎

[dependabot]

Superseded by #287.