Skip to content

chore(deps-dev): bump @sveltejs/kit from 2.42.1 to 2.49.5#5476

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/sveltejs/kit-2.49.5
Closed

chore(deps-dev): bump @sveltejs/kit from 2.42.1 to 2.49.5#5476
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/sveltejs/kit-2.49.5

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Jan 15, 2026
edited
Loading

Bumps @sveltejs/kit from 2.42.1 to 2.49.5.

Release notes

Sourced from @​sveltejs/kit's releases.

@​sveltejs/kit@​2.49.5

Patch Changes

  • fix: avoid overriding Vite default base when running Vitest 4 (#14866)

  • fix: ensure url decoded pathnames are not mistaken as rerouted requests (d9ae9b0)

  • fix: add length checks to remote forms (8ed8155)

@​sveltejs/kit@​2.49.4

Patch Changes

  • fix: support instrumentation for vite preview (#15105)

  • fix: support for URLSearchParams.has(name, value) overload (#15076)

  • fix: put forking behind experimental.forkPreloads (#15135)

@​sveltejs/kit@​2.49.3

Patch Changes

  • fix: avoid false-positive Vite config overridden warning when using Vitest 4 (#15121)

  • fix: add typescript as an optional peer dependency (#15074)

  • fix: use hasOwn check when deep-setting object properties (#15127)

@​sveltejs/kit@​2.49.2

Patch Changes

  • fix: Stop re-loading already-loaded CSS during server-side route resolution (#15014)

  • fix: posixify the instrumentation file import on Windows (#14993)

  • fix: Correctly handle shared memory when decoding binary form data (#15028)

@​sveltejs/kit@​2.49.1

Patch Changes

  • fix: suppress state_referenced_locally warnings in .svelte-kit/generated/root.svelte (#15013)

... (truncated)

Changelog

Sourced from @​sveltejs/kit's changelog.

2.49.5

Patch Changes

  • fix: avoid overriding Vite default base when running Vitest 4 (#14866)

  • fix: ensure url decoded pathnames are not mistaken as rerouted requests (d9ae9b0)

  • fix: add length checks to remote forms (8ed8155)

2.49.4

Patch Changes

  • fix: support instrumentation for vite preview (#15105)

  • fix: support for URLSearchParams.has(name, value) overload (#15076)

  • fix: put forking behind experimental.forkPreloads (#15135)

2.49.3

Patch Changes

  • fix: avoid false-positive Vite config overridden warning when using Vitest 4 (#15121)

  • fix: add typescript as an optional peer dependency (#15074)

  • fix: use hasOwn check when deep-setting object properties (#15127)

2.49.2

Patch Changes

  • fix: Stop re-loading already-loaded CSS during server-side route resolution (#15014)

  • fix: posixify the instrumentation file import on Windows (#14993)

  • fix: Correctly handle shared memory when decoding binary form data (#15028)

2.49.1

Patch Changes

... (truncated)

Commits
  • 80ffb53 Version Packages (#15162)
  • 8ed8155 Merge commit from fork
  • d9ae9b0 Merge commit from fork
  • ec4596a chore: Upgrade devalue (#15172)
  • 81cd545 fix: avoid overriding Vite default base when running Vitest 4 (#14866)
  • 6cf9491 chore: remove unused is_http_method helper and method set to (#15152)
  • 3305022 Revert "breaking: remove buttonProps from experimental remote form function...
  • 4f9870d breaking: remove buttonProps from experimental remote form functions (#14622)
  • c8e4017 Version Packages (#15129)
  • 50bf727 chore: fix prettier ignoring source code in with build in the name (#15133)
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Jan 15, 2026

Labels

The following labels could not be found: chore: update dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@changeset-bot
Copy link
Copy Markdown

changeset-bot Bot commented Jan 15, 2026
edited
Loading

⚠️ No Changeset found

Latest commit: 01db4c4

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@vercel
Copy link
Copy Markdown

vercel Bot commented Jan 15, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
appkit-basic-html Ready Ready Preview, Comment Feb 3, 2026 10:45am
appkit-demo Ready Ready Preview, Comment Feb 3, 2026 10:45am
appkit-gallery Ready Ready Preview Feb 3, 2026 10:45am
appkit-headless-sample-app Error Error Feb 3, 2026 10:45am
appkit-laboratory Error Error Feb 3, 2026 10:45am
10 Skipped Deployments
Project Deployment Actions Updated (UTC)
appkit-basic-example Ignored Ignored Feb 3, 2026 10:45am
appkit-basic-sign-client-example Ignored Ignored Feb 3, 2026 10:45am
appkit-basic-up-example Ignored Ignored Feb 3, 2026 10:45am
appkit-ethers5-bera Ignored Ignored Feb 3, 2026 10:45am
appkit-nansen-demo Ignored Ignored Feb 3, 2026 10:45am
appkit-vue-solana Ignored Ignored Feb 3, 2026 10:45am
appkit-wagmi-cdn-example Ignored Ignored Feb 3, 2026 10:45am
ethereum-provider-wagmi-example Ignored Ignored Feb 3, 2026 10:45am
next-wagmi-solana-bitcoin-example Ignored Ignored Feb 3, 2026 10:45am
vue-wagmi-example Ignored Ignored Feb 3, 2026 10:45am

Request Review

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Jan 15, 2026
edited
Loading

Visual Regression Test Results ❌ Failed

✨ No visual changes detected

Chromatic Build: undefined
Storybook Preview: undefined

@dependabot
chore(deps-dev): bump @sveltejs/kit from 2.42.1 to 2.49.5
01db4c4 
Bumps [@sveltejs/kit](https://github.com/sveltejs/kit/tree/HEAD/packages/kit) from 2.42.1 to 2.49.5.
- [Release notes](https://github.com/sveltejs/kit/releases)
- [Changelog](https://github.com/sveltejs/kit/blob/main/packages/kit/CHANGELOG.md)
- [Commits](https://github.com/sveltejs/kit/commits/@sveltejs/kit@2.49.5/packages/kit)

---
updated-dependencies:
- dependency-name: "@sveltejs/kit"
  dependency-version: 2.49.5
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/sveltejs/kit-2.49.5 branch from fa293d2 to 01db4c4 Compare February 3, 2026 10:36
@socket-security
Copy link
Copy Markdown

socket-security Bot commented Feb 3, 2026

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Addedhusky@​9.1.71001006280100
Addedesbuild@​0.27.2911007389100
Addedprocess@​0.11.101001007675100
Addedbuffer@​6.0.310010010075100
Addeddate-fns@​4.1.0981009280100
Addedclassnames@​2.5.110010010082100
Added@​sentry/​core@​8.55.0991008396100

View full report

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Apr 10, 2026

Superseded by #5640.

@dependabot dependabot Bot closed this Apr 10, 2026
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/sveltejs/kit-2.49.5 branch April 10, 2026 19:13
@github-actions github-actions Bot locked and limited conversation to collaborators Apr 10, 2026
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants