Skip to content

chore(deps): update dependency @sveltejs/kit to ^2.43.4 #263

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Sep 24, 2025
Merged

chore(deps): update dependency @sveltejs/kit to ^2.43.4 #263

merged 1 commit into from
Sep 24, 2025

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Sep 23, 2025
edited
Loading

Coming soon: The Renovate bot (GitHub App) will be renamed to Mend. PRs from Renovate will soon appear from 'Mend'. Learn more here.

This PR contains the following updates:

Package Change Age Confidence
@sveltejs/kit (source) ^2.28.0 -> ^2.43.4 age confidence

Release Notes

sveltejs/kit (@​sveltejs/kit)

v2.43.4

Compare Source

Patch Changes
  • fix: Webcontainer AsyncLocalStorage workaround (#​14526)

v2.43.3

Compare Source

Patch Changes

  • fix: Webcontainer AsyncLocalStorage workaround (#​14521)

  • fix: include the value of form submitters on form remote functions (#​14475)

v2.43.2

Compare Source

Patch Changes

  • fix: ensure rendering starts off synchronously (#​14517)

  • fix: keep serialized remote data alive until navigation (#​14508)

v2.43.1

Compare Source

Patch Changes
  • fix: consistently use bare import for internals (#​14506)

v2.43.0

Compare Source

Minor Changes
Patch Changes

  • fix: ensure __SVELTEKIT_PAYLOAD__.data is accessed safely (#​14491)

  • fix: create separate cache entries for non-exported remote function queries (#​14499)

v2.42.2

Compare Source

Patch Changes

  • fix: prevent loops in postbuild analysis phase (#​14450)

  • fix: handle nested object fields in form data (#​14469)

  • fix: robustify form helper types (#​14463)

  • fix: avoid running the init hook during builds if there's nothing to prerender (#​14464)

  • fix: ensure SSR rendering gets request store context (#​14476)

v2.42.1

Compare Source

Patch Changes
  • fix: ensure environment setup is in its own chunk (#​14441)

v2.42.0

Compare Source

Minor Changes

  • feat: enhance remote form functions with schema support, input and issues properties (#​14383)

  • breaking: remote form functions get passed a parsed POJO instead of a FormData object now (#​14383)

v2.41.0

Compare Source

Minor Changes
  • feat: add %sveltekit.version% to app.html (#​12132)
Patch Changes

  • fix: allow remote functions to return custom types serialized with transport hooks (#​14435)

  • fix: fulfil beforeNavigate complete when redirected (#​12896)

v2.40.0

Compare Source

Minor Changes
  • feat: include event property on popstate/link/form navigation (#​14307)
Patch Changes

  • fix: respect replaceState/keepFocus/noScroll when a navigation results in a redirect (#​14424)

  • fix: invalidate preload cache when invalidateAll is true (#​14420)

v2.39.1

Compare Source

Patch Changes
  • fix: more robust remote function code transformation (#​14418)

v2.39.0

Compare Source

Minor Changes
  • feat: lazy discovery of remote functions (#​14293)
Patch Changes

  • fix: layout load data not serialized on error page (#​14395)

  • fix: fail prerendering when remote function fails (#​14365)

  • fix: treat handle hook redirect as part of remote function call as json redirect (#​14362)

v2.38.1

Compare Source

Patch Changes

  • fix: enable redirects from queries (#​14400)

  • fix: remove empty nodes from serialized server load data (#​14404)

  • fix: allow commands from within endpoints (#​14343)

v2.38.0

Compare Source

Minor Changes
  • feat: add new remote function query.batch (#​14272)

v2.37.1

Compare Source

Patch Changes

  • fix: serialize server load data before passing to universal load, to handle mutations and promises (#​14298)

  • fix: resolve_route prevent dropping a trailing slash of id (#​14294)

  • fix: assign correct status code to form submission error on the client (#​14345)

  • fix: un-proxy form.result (#​14346)

v2.37.0

Compare Source

Minor Changes

  • feat: automatically resolve query.refresh() promises on the server (#​14332)

  • feat: allow query.set() to be called on the server (#​14304)

Patch Changes

  • fix: disable CSRF checks in dev (#​14335)

  • fix: allow redirects to external URLs from within form functions (#​14329)

  • fix: add type definitions for query.set() method to override the value of a remote query function (#​14303)

  • fix: ensure uniqueness of form.for(...) across form functions (#​14327)

v2.36.3

Compare Source

Patch Changes

  • fix: bump devalue (#​14323)

  • chore: consolidate dev checks to use esm-env instead of a __SVELTEKIT_DEV__ global (#​14308)

  • fix: reset form inputs by default when using remote form functions (#​14322)

v2.36.2

Compare Source

Patch Changes

  • chore: make config deprecation warnings more visible (#​14281)

  • chore: remove redundant Not Found error message (#​14289)

  • chore: deprecate csrf.checkOrigin in favour of csrf.trustedOrigins: ['*'] (#​14281)

v2.36.1

Compare Source

Patch Changes
  • fix: ensure importing from $app/navigation works in test files (#​14195)

v2.36.0

Compare Source

Minor Changes
  • feat: add csrf.trustedOrigins configuration (#​14021)
Patch Changes

  • fix: correctly decode custom types streamed from a server load function (#​14261)

  • fix: add trailing slash pathname when generating typed routes (#​14065)

v2.35.0

Compare Source

Minor Changes
  • feat: better server-side error logging (#​13990)
Patch Changes
  • fix: ensure static error page is loaded correctly for custom user errors (#​13952)

v2.34.1

Compare Source

Patch Changes

  • fix: support multiple cookies with the same name across different paths and domains (b2c5d02)

  • fix: add link header when preloading font (#​14200)

  • fix: cookies.get(...) returns undefined for a just-deleted cookie (b2c5d02)

  • fix: load env before prerender (c5f7139)

v2.34.0

Compare Source

Minor Changes
  • feat: allow dynamic env access during prerender (#​14243)
Patch Changes

  • fix: clone fetch responses so that headers are mutable (#​13942)

  • fix: serialize server load data before passing to universal load, to handle mutations (#​14268)

  • fix: allow asset(...) to be used with imported assets (#​14270)

v2.33.1

Compare Source

Patch Changes

  • fix: make paths in .css assets relative (#​14262)

  • fix: avoid copying SSR stylesheets to client assets (#​13069)

v2.33.0

Compare Source

Minor Changes
  • feat: configure error reporting when routes marked as prerendable were not prerendered (#​11702)
Patch Changes

  • fix: use correct flag for server tracing (#​14250)

  • fix: correct type names for new handleUnseenRoutes option (#​14254)

  • chore: Better docs and error message for missing @opentelemetry/api dependency (#​14250)

v2.32.0

Compare Source

Minor Changes
  • feat: inline load fetch response.body stream data as base64 in page (#​11473)
Patch Changes
  • fix: better error when .remote.ts files are used without the experimental.remoteFunctions flag (#​14225)

v2.31.1

Compare Source

Patch Changes
  • fix: pass options to resolve in resolveId hook (#​14223)

v2.31.0

Compare Source

Minor Changes

  • feat: OpenTelemetry tracing for handle, sequence, form actions, remote functions, and load functions running on the server (#​13899)

  • feat: add instrumentation.server.ts for tracing and observability setup (#​13899)

v2.30.1

Compare Source

Patch Changes
  • chore: generate $app/types in a more Typescript-friendly way (#​14207)

v2.30.0

Compare Source

Minor Changes
  • feat: allow to specify options for the service worker in svelte.config.js (#​13578)
Patch Changes

  • fix: ensure buttonProps.enhance works on buttons with nested text (#​14199)

  • fix: pass validation issues specifically to avoid non-enumerable spreading error (#​14197)

v2.29.1

Compare Source

Patch Changes
  • chore: allow remote functions in all of the src directory (#​14198)

v2.29.0

Compare Source

Minor Changes
  • feat: add a kit.files.src option (#​14152)
Patch Changes

  • fix: don't treat $lib/server.ts or $lib/server_whatever.ts as server-only modules, only $lib/server/** (#​14191)

  • fix: make illegal server-only import errors actually useful (#​14155)

  • chore: deprecate config.kit.files options (#​14152)

  • fix: avoid warning if page options in a Svelte file belongs to a comment (#​14180)

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the dependencies Relates to dependencies label Sep 23, 2025
@socket-security
Copy link

socket-security bot commented Sep 23, 2025
edited
Loading

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Updated@​sveltejs/​kit@​2.28.0 ⏵ 2.43.4100 +2100100 +21100 +2100

View full report

@socket-security
Copy link

socket-security bot commented Sep 23, 2025
edited
Loading

All alerts resolved. Learn more about Socket for GitHub.

This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored.

View full report

@renovate renovate bot force-pushed the renovate/sveltejs-kit-2.x branch from 984bc9e to 6cc175f Compare September 24, 2025 14:36
@renovate renovate bot changed the title chore(deps): update dependency @sveltejs/kit to ^2.43.2 chore(deps): update dependency @sveltejs/kit to ^2.43.4 Sep 24, 2025
@lishaduck lishaduck added this pull request to the merge queue Sep 24, 2025
Merged via the queue into main with commit b67ba5a Sep 24, 2025
12 checks passed
@lishaduck lishaduck deleted the renovate/sveltejs-kit-2.x branch September 24, 2025 15:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lishaduck lishaduck Awaiting requested review from lishaduck lishaduck is a code owner

@ParkerH27 ParkerH27 Awaiting requested review from ParkerH27 ParkerH27 is a code owner

Assignees

@lishaduck lishaduck

@ParkerH27 ParkerH27

Labels

dependencies Relates to dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@lishaduck @ParkerH27