Skip to content

chore(test): Bump svelte dependencies #1198

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
Lms24 merged 2 commits into from
Jan 16, 2026
Merged

chore(test): Bump svelte dependencies #1198

Lms24 merged 2 commits into from
Jan 16, 2026

Conversation

@Lms24
Copy link
Member

@Lms24 Lms24 commented Jan 16, 2026
edited
Loading

Updates svelte/kit/adapter node in our wizard e2e tests. See https://svelte.dev/blog/cves-affecting-the-svelte-ecosystem

File Package From To
sveltekit-tracing-test-app/package.json @sveltejs/kit 2.31.0 ^2.49.5
sveltekit-tracing-test-app/package.json @sveltejs/adapter-node ^5.3.1 ^5.5.1
sveltekit-tracing-test-app/package.json svelte ^5.0.0 ^5.46.4
sveltekit-hooks-test-app/package.json @sveltejs/kit ^2.0.0 2.18.0
pnpm-workspace.yaml @sveltejs/kit (catalog) ^2.31.0 ^2.49.5
pnpm-workspace-test-app/.../sveltekit/package.json @sveltejs/adapter-node ^5.4.0 ^5.5.1
pnpm-workspace-test-app/.../sveltekit/package.json svelte ^5.0.0 ^5.46.4

For sveltekit-hooks-test-app, we needed to stay on a 2.x version prior to 2.31.0. Therefore, I selected 2.18.0, which is the latest version before kit was affected by GHSA-j62c-4x62-9r35.

@github-actions
Copy link

github-actions bot commented Jan 16, 2026
edited
Loading

Semver Impact of This PR

🟢 Patch (bug fixes)

📋 Changelog Preview

This is how your changes will appear in the changelog.
Entries from this PR are highlighted with a left border (blockquote style).

This PR will not appear in the changelog.

🤖 This preview updates automatically when you update the PR.

@Lms24 Lms24 added the skip-changelog If set, this PR will not be mentioned in the changelog once the PR is merged and published label Jan 16, 2026
cursor[bot]
cursor bot reviewed Jan 16, 2026
View reviewed changes
Copy link
Contributor

@cursor cursor bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes and found 1 potential issue.

Bugbot Autofix is OFF. To automatically fix reported issues with Cloud Agents, enable Autofix in the Cursor dashboard.

@Lms24 Lms24 requested review from nicohrubec and s1gr1d January 16, 2026 14:10
@Lms24 Lms24 mentioned this pull request Jan 16, 2026
Closed
@Lms24 Lms24 merged commit 012cc9e into master Jan 16, 2026
56 of 57 checks passed
@Lms24 Lms24 deleted the lms/test-bump-svelte-deps branch January 16, 2026 15:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cursor cursor[bot] cursor[bot] left review comments

@nicohrubec nicohrubec nicohrubec approved these changes

@s1gr1d s1gr1d Awaiting requested review from s1gr1d

Assignees

No one assigned

Labels

skip-changelog If set, this PR will not be mentioned in the changelog once the PR is merged and published

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Lms24 @nicohrubec