Skip to content

build(deps-dev): bump svelte from 5.55.10 to 5.56.2 in /cornucopia.owasp.org#3072

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/cornucopia.owasp.org/svelte-5.56.2
Open

build(deps-dev): bump svelte from 5.55.10 to 5.56.2 in /cornucopia.owasp.org#3072
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/cornucopia.owasp.org/svelte-5.56.2

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Jun 5, 2026
edited
Loading

Bumps svelte from 5.55.10 to 5.56.2.

Release notes

Sourced from svelte's releases.

svelte@5.56.2

Patch Changes

  • fix: properly track effect end node for async sibling component (#18371)

  • fix: prevent false-positive reactivity loss warning (#18373)

  • chore: bump esrap dependency (#18372)

  • fix: ignore declaration tags for animation directive (#18366)

  • fix: reject pending async deriveds on discard (#18308)

svelte@5.56.1

Patch Changes

  • fix: error at compile time on duplicate snippet/declaration tag definitions (#18351)

  • fix: parse declaration tag contents more robustly (#18353)

  • fix: correctly transform references to earlier declarators in a declaration tag (e.g. {let a = $state(0), b = $derived(a * 2)}) (#18348)

  • fix: avoid spurious state_referenced_locally warnings for $derived declarations in declaration tags (#18348)

  • fix: tolerate whitespace before let/const in declaration tags (#18348)

  • fix: prevent infinite loop when a tag's expression ends with a trailing / at the end of the input (#18350)

  • fix: more robust parsing of declaration tags with regards to type (#18330)

  • fix: preserve newlines in spread input values when the type attribute is applied after value (#18345)

  • fix: update SvelteURLSearchParams when setting duplicate keys to the same joined value (#18336)

  • fix: check references for blockers on server, too (#18352)

svelte@5.56.0

Minor Changes

  • feat: allow declarations in the template (#18282)

Patch Changes

  • perf: use createElement instead of createElementNS for HTML elements (#18262)

  • perf: store current_sources as a Set for O(1) membership checks (#18278)

  • perf: deduplicate identical hoisted templates within a component (#18320)

  • perf: hoist rest_props exclude list as a module-scope Set (#18252)

Changelog

Sourced from svelte's changelog.

5.56.2

Patch Changes

  • fix: properly track effect end node for async sibling component (#18371)

  • fix: prevent false-positive reactivity loss warning (#18373)

  • chore: bump esrap dependency (#18372)

  • fix: ignore declaration tags for animation directive (#18366)

  • fix: reject pending async deriveds on discard (#18308)

5.56.1

Patch Changes

  • fix: error at compile time on duplicate snippet/declaration tag definitions (#18351)

  • fix: parse declaration tag contents more robustly (#18353)

  • fix: correctly transform references to earlier declarators in a declaration tag (e.g. {let a = $state(0), b = $derived(a * 2)}) (#18348)

  • fix: avoid spurious state_referenced_locally warnings for $derived declarations in declaration tags (#18348)

  • fix: tolerate whitespace before let/const in declaration tags (#18348)

  • fix: prevent infinite loop when a tag's expression ends with a trailing / at the end of the input (#18350)

  • fix: more robust parsing of declaration tags with regards to type (#18330)

  • fix: preserve newlines in spread input values when the type attribute is applied after value (#18345)

  • fix: update SvelteURLSearchParams when setting duplicate keys to the same joined value (#18336)

  • fix: check references for blockers on server, too (#18352)

5.56.0

Minor Changes

  • feat: allow declarations in the template (#18282)

Patch Changes

  • perf: use createElement instead of createElementNS for HTML elements (#18262)

  • perf: store current_sources as a Set for O(1) membership checks (#18278)

... (truncated)

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jun 5, 2026
@dependabot dependabot Bot requested review from cw-owasp, rewtd and sydseter as code owners June 5, 2026 06:54
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jun 5, 2026
@sydseter
Copy link
Copy Markdown
Collaborator

sydseter commented Jun 5, 2026

@dependabot rebase

@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/cornucopia.owasp.org/svelte-5.56.2 branch from 6d16179 to 0b9ef1c Compare June 5, 2026 11:00
@sydseter
Copy link
Copy Markdown
Collaborator

sydseter commented Jun 5, 2026

@dependabot rebase

@dependabot
build(deps-dev): bump svelte in /cornucopia.owasp.org
00dbd96 
Bumps [svelte](https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte) from 5.55.10 to 5.56.2.
- [Release notes](https://github.com/sveltejs/svelte/releases)
- [Changelog](https://github.com/sveltejs/svelte/blob/main/packages/svelte/CHANGELOG.md)
- [Commits](https://github.com/sveltejs/svelte/commits/svelte@5.56.2/packages/svelte)

---
updated-dependencies:
- dependency-name: svelte
  dependency-version: 5.56.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/cornucopia.owasp.org/svelte-5.56.2 branch from 0b9ef1c to 00dbd96 Compare June 5, 2026 11:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cw-owasp cw-owasp Awaiting requested review from cw-owasp cw-owasp is a code owner

@rewtd rewtd Awaiting requested review from rewtd rewtd is a code owner

@sydseter sydseter Awaiting requested review from sydseter sydseter is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@sydseter