Skip to content

chore(deps-dev): bump the dev-dependencies group with 10 updates#414

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/dev-dependencies-7b2d59dd48
Open

chore(deps-dev): bump the dev-dependencies group with 10 updates#414
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/dev-dependencies-7b2d59dd48

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 19, 2026

Bumps the dev-dependencies group with 10 updates:

Package From To
@iconify/json 2.2.474 2.2.476
@shikijs/langs 4.0.2 4.1.0
@shikijs/themes 4.0.2 4.1.0
@types/node 25.8.0 25.9.1
@typescript/native-preview 7.0.0-dev.20260514.1 7.0.0-dev.20260519.1
isomorphic-dompurify 3.13.0 3.14.0
shiki 4.0.2 4.1.0
svelte 5.55.7 5.55.8
svelte-check-rs 0.9.11 0.9.13
wrangler 4.92.0 4.93.0

Updates @iconify/json from 2.2.474 to 2.2.476

Commits
  • 540c25d Update 3 icon sets: Maki, Pinhead Map Icons, Temaki
  • 75746ac Update 3 icon sets: Röntgen, Simple Icons, VSCode Icons
  • See full diff in compare view

Updates @shikijs/langs from 4.0.2 to 4.1.0

Release notes

Sourced from @​shikijs/langs's releases.

v4.1.0

   🐞 Bug Fixes

    View changes on GitHub
Commits

Updates @shikijs/themes from 4.0.2 to 4.1.0

Release notes

Sourced from @​shikijs/themes's releases.

v4.1.0

   🐞 Bug Fixes

    View changes on GitHub
Commits

Updates @types/node from 25.8.0 to 25.9.1

Commits

Updates @typescript/native-preview from 7.0.0-dev.20260514.1 to 7.0.0-dev.20260519.1

Commits

Updates isomorphic-dompurify from 3.13.0 to 3.14.0

Release notes

Sourced from isomorphic-dompurify's releases.

3.14.0: Updated dependencies

What's Changed

  • chore(deps): bump dompurify from 3.4.3 to 3.4.5 by @​dependabot[bot]
  • chore: Allowed esbuild and disallowed lefthook for ci.
  • chore: Added homepage URL to package.json.

Full Changelog: kkomelin/isomorphic-dompurify@3.13.0...3.14.0

Commits
  • fa11d1d chore: bump version to 3.14.0
  • 3706f30 chore(deps): bump dompurify from 3.4.3 to 3.4.5
  • 0f1d8b2 chore: Added homepage URL to package.json.
  • 0c05491 chore: Allowed esbuild and disallowed lefthook for ci.
  • See full diff in compare view

Updates shiki from 4.0.2 to 4.1.0

Release notes

Sourced from shiki's releases.

v4.1.0

   🐞 Bug Fixes

    View changes on GitHub
Commits

Updates svelte from 5.55.7 to 5.55.8

Release notes

Sourced from svelte's releases.

svelte@5.55.8

Patch Changes

  • fix(print): handle svelte:body and fix keyframe percentage double-printing (#18234)

  • fix: execute uninitialized derived even if it's destroyed (#18228)

  • fix: use named symbols everywhere (#18238)

  • fix: don't run teardown effects when deriveds are unfreezed (#18227)

  • fix: unset context synchronously in run (#18236)

Changelog

Sourced from svelte's changelog.

5.55.8

Patch Changes

  • fix(print): handle svelte:body and fix keyframe percentage double-printing (#18234)

  • fix: execute uninitialized derived even if it's destroyed (#18228)

  • fix: use named symbols everywhere (#18238)

  • fix: don't run teardown effects when deriveds are unfreezed (#18227)

  • fix: unset context synchronously in run (#18236)

Commits

Updates svelte-check-rs from 0.9.11 to 0.9.13

Release notes

Sourced from svelte-check-rs's releases.

v0.9.13

What's Changed

Features

  • parser: full parity with the upstream Svelte parser test corpus. Every sample under packages/svelte/tests/parser-modern and parser-legacy (97 strict + 10 loose = 107 total) now parses without errors. New ParseOptions { loose: true } mirrors upstream's tolerant-recovery mode for editor/LSP scenarios (#134, closes #33).

Bug Fixes

  • parser: unquoted attribute values are now parsed per the HTML spec, e.g. <div class=container>, <a href=https://example.com/foo>. The / character is permitted inside unquoted values, so <a href=/>home</a> correctly parses with href="/" and is not self-closing (the lexer's SlashRAngle token is split into Slash + RAngle when the value consumes only the /).
  • parser: HTML5 optional-end-tag rules for <li> — auto-closes on a sibling <li> opening or an ancestor </ul> / </ol> / </menu>.
  • parser: // line and /* block */ comments are now skipped between attributes inside an opening tag.
  • parser: {// ... } and {/* ... */} comments inside directive expression values are now recognized (lexer collapses {/ into LBraceSlash; the directive branch handles it).
  • parser: <textarea> and <title> bodies are now parsed as escapable raw text — nested HTML markup is treated as text, but {...} mustache expressions remain active. Trailing whitespace before </textarea> is tolerated.

Tests

  • New opt-in cargo test -p svelte-parser test_upstream_svelte_parser_samples -- --ignored harness (gated on SVELTE_REPO) runs the full upstream parser corpus, enabling loose mode for loose-* samples to mirror upstream's runner.
  • In-tree snapshot tests and test-fixtures/valid/parser/ fixtures cover each parity case so CI guards the new behavior without needing a local Svelte checkout.

Docs

  • README and AGENTS.md document the new upstream parity harness.

Full Changelog

pheuter/svelte-check-rs@v0.9.12...v0.9.13

v0.9.12

What's Changed

Bug Fixes

  • parser: <script> and <style> opening tags now accept single-quoted (<script lang='ts'>) and unquoted (<script lang=ts>) attribute values, not just double-quoted. Previously, single-quoted attrs caused parse_script to bail silently and the body leaked into the template parser, producing two confusing false-positive cascades: $bindable() can only be used inside a $derived or $effect ... (invalid-rune-usage) on valid $props() destructures, and mismatched closing tag: expected </typeof>, found </script> (parse-error) on TypeScript generics like ZodInfer<typeof schema>. The parser is now also defensive about any other malformed-opening-tag tokens — they're skipped instead of causing the script body to be misparsed (#133, fixes #132).

Tests

  • Added unit-level coverage for single-quoted/unquoted <script> and <style> attribute parsing in svelte-parser.
  • Added integration tests under test-fixtures/projects/sveltekit-bundler/src/routes/issue-132-single-quote-script/ that replay the user's Modal.svelte ($bindable()) and +page.svelte (typeof generics) reproductions and assert zero diagnostics.

Full Changelog

pheuter/svelte-check-rs@v0.9.11...v0.9.12

Commits
  • d651de7 chore: release v0.9.13
  • d06f37d feat(parser): complete upstream parser parity (closes #33) (#134)
  • b963177 chore: release v0.9.12
  • 110a73b fix(parser): handle single-quoted and unquoted attrs on <script>/<style> (#133)
  • See full diff in compare view

Updates wrangler from 4.92.0 to 4.93.0

Release notes

Sourced from wrangler's releases.

wrangler@4.93.0

Minor Changes

  • #13901 aac7ca0 Thanks @​bghira! - Add wrangler ai models schema command for fetching model schemas

    You can now run wrangler ai models schema <model> to fetch the input and output schema for a Workers AI model from the public model catalog schema endpoint.

  • #12656 ae047ee Thanks @​mikenomitch! - Add --containers-rollout=none

    This allows you to skip deploying a container. This is useful if you know that your container is not going to be updated or you don't have Docker locally, but still want to make changes to your Worker.

  • #13901 aac7ca0 Thanks @​bghira! - Add wrangler ai models list command for querying the Workers AI model catalog

    wrangler ai models list accepts --search, --task, --author, --source, and --hide-experimental, matching the public model catalog search endpoint.

Patch Changes

  • #13948 b25dc0d Thanks @​dependabot! - Update dependencies of "miniflare", "wrangler"

    The following dependency versions have been updated:

    Dependency From To
    workerd 1.20260515.1 1.20260518.1

  • #13882 a4f22bc Thanks @​matingathani! - Throw a clear error when a D1 migration is cancelled instead of silently returning

  • #13950 f78d435 Thanks @​dario-piotrowicz! - Improve the Docker CLI error message to be more actionable.

    Include a link to Docker installation docs, platform-specific instructions for starting the daemon, and guidance for alternative Docker-compatible CLIs.

  • #11896 c5c9e20 Thanks @​staticpayload! - Surface remote proxy session errors

    When remote bindings fail to start, include the controller reason and root cause in the error message to make failures like missing cloudflared clearer.

  • #13932 ebf4b24 Thanks @​zebp! - Fix local Workflow startup when compatibility flags include experimental

    Miniflare now deduplicates compatibility flags for the internal Workflow engine service. This prevents wrangler dev from failing with Compatibility flag specified multiple times: experimental when the user's Worker already enables that flag.

  • #13929 895baf5 Thanks @​Caio-Nogueira! - Prompt to provision a workers.dev subdomain before deploying Workflows

    Wrangler now checks for the account-level workers.dev subdomain when deploying Workflows, even if the Worker is not being published to workers.dev. If the subdomain has not been registered yet, Wrangler prompts to create one before calling the Workflows deploy API so users avoid an opaque server-side deployment failure.

  • #13930 7bcdf45 Thanks @​shiminshen! - Sweep stale .wrangler/tmp/* dirs left behind by abnormal exits

    A wrangler dev session creates .wrangler/tmp/bundle-* and .wrangler/tmp/dev-* directories at startup and removes them via a signal-exit hook on graceful shutdown. When the process exited abnormally (SIGKILL, OOM, host crash) those directories were left behind and accumulated across sessions, slowing down dependency-walking tools that follow the bundle-emitted absolute-path imports.

    wrangler now sweeps entries in .wrangler/tmp/ older than 24 hours when a new temporary directory is requested, bounding the leak regardless of how prior sessions exited.

  • Updated dependencies [b25dc0d, ebf4b24, b27eb18]:

... (truncated)

Commits
  • ee8857f Version Packages (#13931)
  • a4f22bc [wrangler] fix: throw clear error when D1 migration execution returns null (#...
  • f78d435 Improve the Docker CLI error message to be more actionable (#13950)
  • b25dc0d Bump the workerd-and-workers-types group with 2 updates (#13948)
  • ae047ee Adds option to skip container rollout on deploy (#12656)
  • 1d8924f [wrangler] fix: update remote proxy session error test snapshots (#13935)
  • c5c9e20 [wrangler] Surface remote proxy session errors (#11896)
  • 895baf5 WOR-1251: provision workers.dev subdomain when a script has a workflo… (#13929)
  • aac7ca0 add missing model catalogue search parameters (search, task, author, source) ...
  • 7bcdf45 [wrangler] sweep stale .wrangler/tmp/* dirs at startup (#13930)
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps-dev): bump the dev-dependencies group with 10 updates
e05b64e 
Bumps the dev-dependencies group with 10 updates:

| Package | From | To |
| --- | --- | --- |
| [@iconify/json](https://github.com/iconify/icon-sets) | `2.2.474` | `2.2.476` |
| [@shikijs/langs](https://github.com/shikijs/shiki/tree/HEAD/packages/langs) | `4.0.2` | `4.1.0` |
| [@shikijs/themes](https://github.com/shikijs/shiki/tree/HEAD/packages/themes) | `4.0.2` | `4.1.0` |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.8.0` | `25.9.1` |
| [@typescript/native-preview](https://github.com/microsoft/typescript-go) | `7.0.0-dev.20260514.1` | `7.0.0-dev.20260519.1` |
| [isomorphic-dompurify](https://github.com/kkomelin/isomorphic-dompurify) | `3.13.0` | `3.14.0` |
| [shiki](https://github.com/shikijs/shiki/tree/HEAD/packages/shiki) | `4.0.2` | `4.1.0` |
| [svelte](https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte) | `5.55.7` | `5.55.8` |
| [svelte-check-rs](https://github.com/pheuter/svelte-check-rs) | `0.9.11` | `0.9.13` |
| [wrangler](https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler) | `4.92.0` | `4.93.0` |


Updates `@iconify/json` from 2.2.474 to 2.2.476
- [Commits](iconify/icon-sets@2.2.474...2.2.476)

Updates `@shikijs/langs` from 4.0.2 to 4.1.0
- [Release notes](https://github.com/shikijs/shiki/releases)
- [Commits](https://github.com/shikijs/shiki/commits/v4.1.0/packages/langs)

Updates `@shikijs/themes` from 4.0.2 to 4.1.0
- [Release notes](https://github.com/shikijs/shiki/releases)
- [Commits](https://github.com/shikijs/shiki/commits/v4.1.0/packages/themes)

Updates `@types/node` from 25.8.0 to 25.9.1
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `@typescript/native-preview` from 7.0.0-dev.20260514.1 to 7.0.0-dev.20260519.1
- [Changelog](https://github.com/microsoft/typescript-go/blob/main/CHANGES.md)
- [Commits](https://github.com/microsoft/typescript-go/commits)

Updates `isomorphic-dompurify` from 3.13.0 to 3.14.0
- [Release notes](https://github.com/kkomelin/isomorphic-dompurify/releases)
- [Commits](kkomelin/isomorphic-dompurify@3.13.0...3.14.0)

Updates `shiki` from 4.0.2 to 4.1.0
- [Release notes](https://github.com/shikijs/shiki/releases)
- [Commits](https://github.com/shikijs/shiki/commits/v4.1.0/packages/shiki)

Updates `svelte` from 5.55.7 to 5.55.8
- [Release notes](https://github.com/sveltejs/svelte/releases)
- [Changelog](https://github.com/sveltejs/svelte/blob/main/packages/svelte/CHANGELOG.md)
- [Commits](https://github.com/sveltejs/svelte/commits/svelte@5.55.8/packages/svelte)

Updates `svelte-check-rs` from 0.9.11 to 0.9.13
- [Release notes](https://github.com/pheuter/svelte-check-rs/releases)
- [Commits](pheuter/svelte-check-rs@v0.9.11...v0.9.13)

Updates `wrangler` from 4.92.0 to 4.93.0
- [Release notes](https://github.com/cloudflare/workers-sdk/releases)
- [Commits](https://github.com/cloudflare/workers-sdk/commits/wrangler@4.93.0/packages/wrangler)

---
updated-dependencies:
- dependency-name: "@iconify/json"
  dependency-version: 2.2.476
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: "@shikijs/langs"
  dependency-version: 4.1.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: "@shikijs/themes"
  dependency-version: 4.1.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: "@types/node"
  dependency-version: 25.9.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: "@typescript/native-preview"
  dependency-version: 7.0.0-dev.20260519.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: isomorphic-dompurify
  dependency-version: 3.14.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: shiki
  dependency-version: 4.1.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: svelte
  dependency-version: 5.55.8
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: svelte-check-rs
  dependency-version: 0.9.13
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: wrangler
  dependency-version: 4.93.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 19, 2026
@getarcaneappbot
Copy link
Copy Markdown
Contributor

getarcaneappbot commented May 19, 2026

Preview deployed successfully!

Built from commit d44dd7a

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@getarcaneappbot