chore: update dependencies

[dobby-coder]

This repo has outdated dependencies. Workers should update them, with security advisories taking priority.

Outdated packages

Minor

• webpack 5.106.2 → 5.107.0 (pg-manual)

Patch

• svelte 5.55.8 → 5.55.9 (pg-sveltekit)
• E4A.PostGuard 0.4.0 → 0.4.1 (pg-dotnet)

Major (consider deferring if breaking changes are intrusive)

• prettier-plugin-svelte 3.5.2 → 4.0.0 (pg-sveltekit)

Instructions

• Update all listed dependencies. Security fixes first, then minor/patch, then major.
• Build the project and run the full test suite. If no test suite, note "no tests to verify" in the PR body.
• Create a PR (ready if CI is green and you're confident; draft if a major bump might need maintainer review).
• Flip drafts to ready with gh pr ready once CI is green.
• Assign @rubenhensen as reviewer.

[dobby-coder]

/dobby

[dobby-coder]

On it! This agent sees the dependency update request and is gathering the bumps now. Dobby will check each sub-project, build to verify nothing breaks, and open PRs — patch/minor first, then the prettier-plugin-svelte major as its own change so it can be reviewed on its merits.

[dobby-coder]

Plan

Bumps to apply

• pg-manual: webpack 5.106.2 → 5.107.0 (minor)
• pg-sveltekit: svelte 5.55.8 → 5.55.9 (patch)
• pg-sveltekit: prettier-plugin-svelte 3.5.2 → 4.0.0 (major)
• pg-dotnet: E4A.PostGuard 0.4.0 → 0.4.1 (patch)

On the prettier-plugin-svelte major

Breaking changes per upstream changelog:

• requires Svelte 5 (we are on 5.55.x, fine)
• requires Node >= 20 (CI machines + this workspace are on Node 22, fine)
• removes svelteBracketNewLine and svelteStrictMode options (neither present in pg-sveltekit/.prettierrc)

So the major is non-intrusive for this repo. Shipping in the same PR.

Shape

Single PR chore: update dependencies covering all three sub-projects (matches the shape of merged #43).

Verification

• pg-sveltekit: npm install && npm run build && npm run check && npm run lint — must be clean (one pre-existing svelte runes warning per repo notes is tolerated). npm run lint matters because the prettier plugin is what changed.
• pg-manual: npm install && npm run build — must be clean, no export … was not found warnings.
• pg-dotnet: dotnet restore && dotnet build against the bumped NuGet.

No test suite exists in this repo — verification is build-only.

PR state

Repo has no CI workflow, so a draft would sit invisible. Will open ready with @rubenhensen as reviewer, body listing each bump and the verification results.

Closes #44.

[dobby-coder]

Done — opened #45 (ready for review, rubenhensen assigned). All four bumps applied; pg-sveltekit, pg-manual and pg-dotnet all build clean. No test suite to verify.