Skip to content

chore(deps-dev): bump @sveltejs/kit from 2.49.2 to 2.49.5#7401

Merged
himself65 merged 1 commit into
canaryfrom
dependabot/npm_and_yarn/sveltejs/kit-2.49.5
Jan 15, 2026
Merged

chore(deps-dev): bump @sveltejs/kit from 2.49.2 to 2.49.5#7401
himself65 merged 1 commit into
canaryfrom
dependabot/npm_and_yarn/sveltejs/kit-2.49.5

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Jan 15, 2026
edited by cubic-dev-ai Bot
Loading

Bumps @sveltejs/kit from 2.49.2 to 2.49.5.

Release notes

Sourced from @​sveltejs/kit's releases.

@​sveltejs/kit@​2.49.5

Patch Changes

  • fix: avoid overriding Vite default base when running Vitest 4 (#14866)

  • fix: ensure url decoded pathnames are not mistaken as rerouted requests (d9ae9b0)

  • fix: add length checks to remote forms (8ed8155)

@​sveltejs/kit@​2.49.4

Patch Changes

  • fix: support instrumentation for vite preview (#15105)

  • fix: support for URLSearchParams.has(name, value) overload (#15076)

  • fix: put forking behind experimental.forkPreloads (#15135)

@​sveltejs/kit@​2.49.3

Patch Changes

  • fix: avoid false-positive Vite config overridden warning when using Vitest 4 (#15121)

  • fix: add typescript as an optional peer dependency (#15074)

  • fix: use hasOwn check when deep-setting object properties (#15127)

Changelog

Sourced from @​sveltejs/kit's changelog.

2.49.5

Patch Changes

  • fix: avoid overriding Vite default base when running Vitest 4 (#14866)

  • fix: ensure url decoded pathnames are not mistaken as rerouted requests (d9ae9b0)

  • fix: add length checks to remote forms (8ed8155)

2.49.4

Patch Changes

  • fix: support instrumentation for vite preview (#15105)

  • fix: support for URLSearchParams.has(name, value) overload (#15076)

  • fix: put forking behind experimental.forkPreloads (#15135)

2.49.3

Patch Changes

  • fix: avoid false-positive Vite config overridden warning when using Vitest 4 (#15121)

  • fix: add typescript as an optional peer dependency (#15074)

  • fix: use hasOwn check when deep-setting object properties (#15127)

Commits
  • 80ffb53 Version Packages (#15162)
  • 8ed8155 Merge commit from fork
  • d9ae9b0 Merge commit from fork
  • ec4596a chore: Upgrade devalue (#15172)
  • 81cd545 fix: avoid overriding Vite default base when running Vitest 4 (#14866)
  • 6cf9491 chore: remove unused is_http_method helper and method set to (#15152)
  • 3305022 Revert "breaking: remove buttonProps from experimental remote form function...
  • 4f9870d breaking: remove buttonProps from experimental remote form functions (#14622)
  • c8e4017 Version Packages (#15129)
  • 50bf727 chore: fix prettier ignoring source code in with build in the name (#15133)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Summary by cubic

Upgrade @sveltejs/kit from 2.49.2 to 2.49.5 to pick up patch fixes and improve dev/test stability. This includes better Vitest 4 compatibility, route handling, and remote form validation.

  • Dependencies
    • Bumped @sveltejs/kit to 2.49.5 (dev).
    • Brings upstream patches for Vitest 4, reroute detection, remote forms, URLSearchParams.has overload, and vite preview instrumentation.

Written for commit 8a47da1. Summary will update on new commits.

@dependabot
chore(deps-dev): bump @sveltejs/kit from 2.49.2 to 2.49.5
8a47da1 
Bumps [@sveltejs/kit](https://github.com/sveltejs/kit/tree/HEAD/packages/kit) from 2.49.2 to 2.49.5.
- [Release notes](https://github.com/sveltejs/kit/releases)
- [Changelog](https://github.com/sveltejs/kit/blob/main/packages/kit/CHANGELOG.md)
- [Commits](https://github.com/sveltejs/kit/commits/@sveltejs/kit@2.49.5/packages/kit)

---
updated-dependencies:
- dependency-name: "@sveltejs/kit"
  dependency-version: 2.49.5
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot requested a review from Bekacru as a code owner January 15, 2026 18:15
@dependabot dependabot Bot requested a review from himself65 as a code owner January 15, 2026 18:15
@vercel
Copy link
Copy Markdown

vercel Bot commented Jan 15, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Review Updated (UTC)
better-auth-docs Ready Ready Preview, Comment Jan 15, 2026 6:16pm
1 Skipped Deployment
Project Deployment Review Updated (UTC)
better-auth-demo Ignored Ignored Jan 15, 2026 6:16pm

Review with Vercel Agent

cubic-dev-ai[bot]
cubic-dev-ai Bot reviewed Jan 15, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@cubic-dev-ai cubic-dev-ai Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No issues found across 2 files

@pkg-pr-new
Copy link
Copy Markdown

pkg-pr-new Bot commented Jan 15, 2026

Open in StackBlitz

better-auth

npm i https://pkg.pr.new/better-auth/better-auth@7401

@better-auth/cli

npm i https://pkg.pr.new/better-auth/better-auth/@better-auth/cli@7401

@better-auth/core

npm i https://pkg.pr.new/better-auth/better-auth/@better-auth/core@7401

@better-auth/expo

npm i https://pkg.pr.new/better-auth/better-auth/@better-auth/expo@7401

@better-auth/mcp

npm i https://pkg.pr.new/better-auth/better-auth/@better-auth/mcp@7401

@better-auth/oauth-provider

npm i https://pkg.pr.new/better-auth/better-auth/@better-auth/oauth-provider@7401

@better-auth/passkey

npm i https://pkg.pr.new/better-auth/better-auth/@better-auth/passkey@7401

@better-auth/scim

npm i https://pkg.pr.new/better-auth/better-auth/@better-auth/scim@7401

@better-auth/sso

npm i https://pkg.pr.new/better-auth/better-auth/@better-auth/sso@7401

@better-auth/stripe

npm i https://pkg.pr.new/better-auth/better-auth/@better-auth/stripe@7401

@better-auth/telemetry

npm i https://pkg.pr.new/better-auth/better-auth/@better-auth/telemetry@7401

commit: 8a47da1

@himself65 himself65 added this pull request to the merge queue Jan 15, 2026
Merged via the queue into canary with commit dc0fb52 Jan 15, 2026
14 checks passed
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/sveltejs/kit-2.49.5 branch January 15, 2026 18:36
himself65 pushed a commit that referenced this pull request Jan 17, 2026
@dependabot @himself65
chore(deps-dev): bump @sveltejs/kit from 2.49.2 to 2.49.5 (#7401)
01ad71f 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
himself65 pushed a commit that referenced this pull request Jan 17, 2026
@dependabot @himself65
chore(deps-dev): bump @sveltejs/kit from 2.49.2 to 2.49.5 (#7401)
2aeca5d 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
himself65 pushed a commit that referenced this pull request Jan 17, 2026
@dependabot @himself65
chore(deps-dev): bump @sveltejs/kit from 2.49.2 to 2.49.5 (#7401)
286b8df 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
himself65 pushed a commit that referenced this pull request Jan 28, 2026
@dependabot @himself65
chore(deps-dev): bump @sveltejs/kit from 2.49.2 to 2.49.5 (#7401)
1963106 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@better-auth better-auth locked as resolved and limited conversation to collaborators Apr 1, 2026
@bytaesu bytaesu added the locked Locked conversations after being closed for 7 days label Apr 1, 2026
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@cubic-dev-ai cubic-dev-ai[bot] cubic-dev-ai[bot] left review comments

@Bekacru Bekacru Awaiting requested review from Bekacru

+1 more reviewer

@himself65 himself65 himself65 approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

locked Locked conversations after being closed for 7 days

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@himself65 @bytaesu