chore(deps-dev): bump the minor-and-patch group across 1 directory with 6 updates

[dependabot]

Bumps the minor-and-patch group with 6 updates in the / directory:

Package	From	To
@sveltejs/kit	2.48.4	2.49.0
prettier	3.6.2	3.7.3
svelte	5.43.5	5.45.2
svelte-check	4.3.3	4.3.4
typescript-eslint	8.46.3	8.48.0
vite	7.2.2	7.2.4

Updates @sveltejs/kit from 2.48.4 to 2.49.0

Release notes

Sourced from @​sveltejs/kit's releases.

@​sveltejs/kit@​2.49.0

Minor Changes

• feat: stream file uploads inside form remote functions allowing form data to be accessed before large files finish uploading (#14775)

@​sveltejs/kit@​2.48.8

Patch Changes

• breaking: invalid now must be imported from @sveltejs/kit (#14768)

• breaking: remove submitter option from experimental form validate() method, always provide default submitter (#14762)

@​sveltejs/kit@​2.48.7

Patch Changes

• fix: allow multiple server-timing headers (#14700)

• fix: allow access to root-level issues in schema-less forms (#14893)

• fix: allow hosting hash-based apps from non-index.html files (#14825)

@​sveltejs/kit@​2.48.6

Patch Changes

• fix: clear issues upon passing validation (#14683)

• fix: don't use fork of unrelated route (#14947)

• fix: prevent type errors when optional @opentelemetry/api dependency isn't installed (#14949)

• fix: preserve this when invoking standard validator (#14943)

• fix: treat client/universal hooks as entrypoints for illegal server import detection (#14876)

• fix: correct query .set and .refresh behavior in commands (#14877)

• fix: improved the accuracy of the types of the output of field.as('...') (#14908)

@​sveltejs/kit@​2.48.5

Patch Changes

... (truncated)

Changelog

Sourced from @​sveltejs/kit's changelog.

2.49.0

Minor Changes

• feat: stream file uploads inside form remote functions allowing form data to be accessed before large files finish uploading (#14775)

2.48.8

Patch Changes

• breaking: invalid now must be imported from @sveltejs/kit (#14768)

• breaking: remove submitter option from experimental form validate() method, always provide default submitter (#14762)

2.48.7

Patch Changes

• fix: allow multiple server-timing headers (#14700)

• fix: allow access to root-level issues in schema-less forms (#14893)

• fix: allow hosting hash-based apps from non-index.html files (#14825)

2.48.6

Patch Changes

• fix: clear issues upon passing validation (#14683)

• fix: don't use fork of unrelated route (#14947)

• fix: prevent type errors when optional @opentelemetry/api dependency isn't installed (#14949)

• fix: preserve this when invoking standard validator (#14943)

• fix: treat client/universal hooks as entrypoints for illegal server import detection (#14876)

• fix: correct query .set and .refresh behavior in commands (#14877)

• fix: improved the accuracy of the types of the output of field.as('...') (#14908)

... (truncated)

Commits

• ab37849 Version Packages (#14959)
• d07ddcf feat: Streaming file uploads (#14775)
• dfb41e1 Version Packages (#14958)
• b9635ab breaking: remove submitter option from experimental form validate(…) meth...
• bd55128 breaking: invalid now must be imported from @sveltejs/kit (#14768)
• 9f55c85 Version Packages (#14954)
• 5b30755 fix: allow hosting hash apps from other html files (#14825)
• 2ff3951 fix: allow access to root-level issues in schema-less forms (#14893)
• 0889a2a fix: append server-timing header value if key exist when using setHeaders...
• f316be0 Version Packages (#14948)
• Additional commits viewable in compare view

Updates prettier from 3.6.2 to 3.7.3

Release notes

Sourced from prettier's releases.

3.7.3

What's Changed

• Fix prettier.getFileInfo() change that breaks VSCode extension by @​fisker in prettier/prettier#18375

🔗 Changelog

3.7.2

What's Changed

• Fix string print when switching quotes by @​fisker in prettier/prettier#18351
• Preserve quote for embedded HTML attribute values by @​kovsu in prettier/prettier#18352
• Fix comment in empty type literal by @​fisker in prettier/prettier#18364

🔗 Changelog

3.7.1

• Fix performance regression in doc printer (#18342 by @​fisker)

🔗 Changelog

3.7.0

diff

🔗 Release note

Changelog

Sourced from prettier's changelog.

3.7.3

diff

API: Fix prettier.getFileInfo() change that breaks VSCode extension (#18375 by @​fisker)

An internal refactor accidentally broke the VSCode extension plugin loading.

3.7.2

diff

JavaScript: Fix string print when switching quotes (#18351 by @​fisker)

// Input
console.log("A descriptor\\'s .kind must be \"method\" or \"field\".")
// Prettier 3.7.1
console.log('A descriptor\'s .kind must be "method" or "field".');
// Prettier 3.7.2
console.log('A descriptor\'s .kind must be "method" or "field".');

JavaScript: Preserve quote for embedded HTML attribute values (#18352 by @​kovsu)

// Input
const html = /* HTML */ ` <div class="${styles.banner}"></div> `;
// Prettier 3.7.1
const html = /* HTML */ &lt;div class=${styles.banner}&gt;&lt;/div&gt;;
// Prettier 3.7.2
const html = /* HTML */ &lt;div class=&quot;${styles.banner}&quot;&gt;&lt;/div&gt;;

TypeScript: Fix comment in empty type literal (#18364 by @​fisker)

// Input
export type XXX = {
  // tbd
};
// Prettier 3.7.1
</tr></table>

... (truncated)

Commits

• fdfa670 Release 3.7.3
• 2dce3ec Fix typo
• 27d6c64 Revert previous change to getFileInfo (#18375)
• f4a7afa Add types for config related functions (#18376)
• 9266e3e Add resolved test cases (#18358)
• 3bfc014 Bump Prettier dependency to 3.7.2
• 081b846 Clean changelog_unreleased
• 03384c9 Release 3.7.2
• 514e51a Release @​prettier/plugin-hermes & @​prettier/plugin-oxc v0.1.2
• 29a11ae Fix comment in empty type literal (#18364)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for prettier since your current version.

Updates svelte from 5.43.5 to 5.45.2

Release notes

Sourced from svelte's releases.

[email protected]

Patch Changes

• fix: array destructuring after await (#17254)

• fix: throw on invalid {@tag}s (#17256)

[email protected]

Patch Changes

• fix: link offscreen items and last effect in each block correctly (#17240)

[email protected]

Minor Changes

• feat: add print(...) function (#16188)

[email protected]

Patch Changes

• fix: await blockers before initialising const (#17226)

• fix: link offscreen items and last effect in each block correctly (#17244)

• fix: generate correct code for simple destructurings (#17237)

• fix: ensure each block animations don't mess with transitions (#17238)

[email protected]

Minor Changes

• feat: hydratable API (#17154)

[email protected]

Patch Changes

• fix: don't execute attachments and attribute effects eagerly (#17208)

• chore: lift "flushSync cannot be called in effects" restriction (#17139)

• fix: store forked derived values (#17212)

[email protected]

Patch Changes

• fix: correctly migrate named self closing slots (#17199)

• fix: error at compile time instead of at runtime on await expressions inside bindings/transitions/animations/attachments (#17198)

• fix: take async blockers into account for bindings/transitions/animations/attachments (#17198)

... (truncated)

Changelog

Sourced from svelte's changelog.

5.45.2

Patch Changes

• fix: array destructuring after await (#17254)

• fix: throw on invalid {@tag}s (#17256)

5.45.1

Patch Changes

• fix: link offscreen items and last effect in each block correctly (#17240)

5.45.0

Minor Changes

• feat: add print(...) function (#16188)

5.44.1

Patch Changes

• fix: await blockers before initialising const (#17226)

• fix: link offscreen items and last effect in each block correctly (#17244)

• fix: generate correct code for simple destructurings (#17237)

• fix: ensure each block animations don't mess with transitions (#17238)

5.44.0

Minor Changes

• feat: hydratable API (#17154)

5.43.15

Patch Changes

• fix: don't execute attachments and attribute effects eagerly (#17208)

• chore: lift "flushSync cannot be called in effects" restriction (#17139)

• fix: store forked derived values (#17212)

5.43.14

... (truncated)

Commits

• b4b580a Version Packages (#17257)
• bec7ca7 fix: throw on invalid {@tag}s (#17256)
• ae60046 fix: array destructuring after await (#17254)
• 5c821c1 Version Packages (#17253)
• da4cd0e fix: link offscreen items and last effect in each block correctly (#17240)
• 1bc3ae7 Version Packages (#17247)
• 8addf20 feat: add print(...) function (#16188)
• cc1b3f2 Version Packages (#17245)
• 3c63b12 chore: fix typos in code comments and documentation (#17187)
• a7848c0 fix: generate correct code for simple destructurings (#17237)
• Additional commits viewable in compare view

Updates svelte-check from 4.3.3 to 4.3.4

Release notes

Sourced from svelte-check's releases.

[email protected]

Patch Changes

• chore: use machine format when run by Claude Code (#2870)

Commits

• 253b872 Version Packages (#2869)
• 6f08d66 fix: support experimental feature in "Show compiled Code" (#2884)
• 6546923 feat: quick fix for adding lang="ts" (#2882)
• ba9185b feat: support hierarchical document symbols (#2817)
• 574c34d chore: turn changeset into patch
• 16d8454 feat: use machine format when run by Claude Code (#2870)
• 6a8ef1a fix: use moustache for svelte5 onhandler completion (#2883)
• 2a31d04 chore: slight optimize
• 04d52b7 fix: treat a script tag as top-level if it's the first tag in file (#2886)
• d085830 docs: update command for setting up TailwindCSS (#2880)
• Additional commits viewable in compare view

Updates typescript-eslint from 8.46.3 to 8.48.0

Release notes

Sourced from typescript-eslint's releases.

v8.48.0

8.48.0 (2025-11-24)

🚀 Features

• eslint-plugin: [no-redundant-type-constituents] use assignability checking for redundancy checks (#10744)
• rule-tester: remove workaround for jest circular structure error (#11772)
• typescript-estree: gate all errors behind allowInvalidAST (#11693)
• typescript-estree: replace fast-glob with tinyglobby (#11740)

🩹 Fixes

• eslint-plugin: [consistent-generic-constructors] ignore when constructor is typed array (#10477)
• scope-manager: change unhelpful aaa error message and change analyze to expects Program (#11747)
• typescript-estree: infers singleRun as true for project service (#11327)
• typescript-estree: disallow binding patterns in parameter properties (#11760)

❤️ Thank You

• Ben McCann @​benmccann
• Dima Barabash @​dbarabashh
• fisker Cheung @​fisker
• James Henry @​JamesHenry
• JamesHenry @​JamesHenry
• Josh Goldberg
• Josh Goldberg ✨
• Kirk Waiblinger @​kirkwaiblinger
• mdm317 @​gen-ip-1
• Younsang Na @​nayounsang

You can read about our versioning strategy and releases on our website.

v8.47.0

8.47.0 (2025-11-17)

🚀 Features

• eslint-plugin: [no-unused-private-class-members] new extension rule (#10913)

❤️ Thank You

• Brad Zacher @​bradzacher

You can read about our versioning strategy and releases on our website.

v8.46.4

8.46.4 (2025-11-10)

🩹 Fixes

... (truncated)

Changelog

Sourced from typescript-eslint's changelog.

8.48.0 (2025-11-24)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.47.0 (2025-11-17)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.46.4 (2025-11-10)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

Commits

• 6fb1551 chore(release): publish 8.48.0
• a4dc42a chore: migrate to nx 22 (#11780)
• 28cf803 chore(release): publish 8.47.0
• 843f144 chore(release): publish 8.46.4
• 7c6944e chore: fix typos (#11744)
• See full diff in compare view

Updates vite from 7.2.2 to 7.2.4

Release notes

Sourced from vite's releases.

v7.2.4

Please refer to CHANGELOG.md for details.

v7.2.3

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

7.2.4 (2025-11-20)

Bug Fixes

• revert "perf(deps): replace debug with obug (#21107)" (2d66b7b)

7.2.3 (2025-11-20)

Bug Fixes

• allow multiple bindCLIShortcuts calls with shortcut merging (#21103) (5909efd)
• deps: update all non-major dependencies (#21096) (6a34ac3)
• deps: update all non-major dependencies (#21128) (4f8171e)

Performance Improvements

• deps: replace debug with obug (#21107) (acfe939)

Miscellaneous Chores

• deps: update dependency @​rollup/plugin-commonjs to v29 (#21099) (02ceaec)
• deps: update rolldown-related dependencies (#21095) (39a0a15)
• deps: update rolldown-related dependencies (#21127) (5029720)

Commits

• 24a611f release: v7.2.4
• 2d66b7b fix: revert "perf(deps): replace debug with obug (#21107)"
• a668014 release: v7.2.3
• acfe939 perf(deps): replace debug with obug (#21107)
• 4f8171e fix(deps): update all non-major dependencies (#21128)
• 5029720 chore(deps): update rolldown-related dependencies (#21127)
• 5909efd fix: allow multiple bindCLIShortcuts calls with shortcut merging (#21103)
• 39a0a15 chore(deps): update rolldown-related dependencies (#21095)
• 6a34ac3 fix(deps): update all non-major dependencies (#21096)
• 02ceaec chore(deps): update dependency @​rollup/plugin-commonjs to v29 (#21099)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.