chore(deps-dev): bump the development-dependencies group across 1 directory with 9 updates

[dependabot]

Bumps the development-dependencies group with 9 updates in the / directory:

Package	From	To
typescript	5.8.3	5.9.2
@farmfe/core	1.7.9	1.7.11
vite	7.0.4	7.0.6
rollup	4.45.0	4.46.2
@rsbuild/core	1.4.6	1.4.14
@sveltejs/kit	2.22.5	2.27.0
@sveltejs/vite-plugin-svelte	6.0.0	6.1.0
svelte	5.35.6	5.37.3
svelte-check	4.2.2	4.3.1

Updates typescript from 5.8.3 to 5.9.2

Release notes

Sourced from typescript's releases.

TypeScript 5.9

For release notes, check out the release announcement

• fixed issues query for Typescript 5.9.0 (Beta).
• fixed issues query for Typescript 5.9.1 (RC).
• No specific changes for TypeScript 5.9.2 (Stable)

Downloads are available on:

• npm

TypeScript 5.9 RC

For release notes, check out the release announcement

• fixed issues query for Typescript 5.9.0 (Beta).
• fixed issues query for Typescript 5.9.1 (RC).

Downloads are available on:

• npm

TypeScript 5.9 Beta

For release notes, check out the release announcement.

• fixed issues query for Typescript 5.9.0 (Beta).

Downloads are available on:

• npm

Commits

• be86783 Give more specific errors for verbatimModuleSyntax (#62113)
• 22ef577 LEGO: Pull request from lego/hb_5378966c-b857-470a-8675-daebef4a6da1_20250714...
• d5a414c Don't use noErrorTruncation when printing types with maximumLength set (#...
• f14b5c8 Remove unused and confusing dom.iterable.d.ts file (#62037)
• 2778e84 Restore AbortSignal.abort (#62086)
• 65cb4bd LEGO: Pull request from lego/hb_5378966c-b857-470a-8675-daebef4a6da1_20250710...
• 9e20e03 Clear out checker-level stacks on pop (#62016)
• 87740bc Fix for Issue 61081 (#61221)
• 833a8d4 Fix Symbol completion priority and cursor positioning (#61945)
• 0018c9f LEGO: Pull request from lego/hb_5378966c-b857-470a-8675-daebef4a6da1_20250702...
• Additional commits viewable in compare view

Updates @farmfe/core from 1.7.9 to 1.7.11

Release notes

Sourced from @​farmfe/core's releases.

@​farmfe/core@​1.7.11

Patch Changes

• cebded5f: fix #2211 exports should panic only when strict_exports is true
• cebded5f: fix #2210 compatible with invalid css syntax by ignoring recovered errors"

@​farmfe/core@​1.7.10

Patch Changes

• 606bf87a: fix: remove hmr origin validate

Commits

• 549e294 Version Packages (#2216)
• cebded5 fix: #2211 (#2213)
• 04f2bfc fix: add @vue/tsconfig for vue3 template (#2205)
• ebf935a Version Packages (#2203)
• 606bf87 fix: remove hmr origin validate (#2202)
• See full diff in compare view

Updates vite from 7.0.4 to 7.0.6

Release notes

Sourced from vite's releases.

v7.0.6

Please refer to CHANGELOG.md for details.

v7.0.5

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

7.0.6 (2025-07-24)

Bug Fixes

• deps: update all non-major dependencies (#20442) (e49f505)
• dev: incorrect sourcemap when optimized CJS is imported (#20458) (ead2dec)
• module-runner: normalize file:// on windows (#20449) (1c9cb49)
• respond with correct headers and status code for HEAD requests (#20421) (23d04fc)

Miscellaneous Chores

• deps: update rolldown-related dependencies (#20441) (f689d61)
• remove some files from prettier ignore (#20459) (8403f69)

Code Refactoring

• use environment transform request (#20430) (24e6a0c)

7.0.5 (2025-07-17)

Bug Fixes

• deps: update all non-major dependencies (#20406) (1a1cc8a)
• remove special handling for Accept: text/html (#20376) (c9614b9)
• watch assets referenced by new URL(, import.meta.url) (#20382) (6bc8bf6)

Miscellaneous Chores

• deps: update dependency rolldown to ^1.0.0-beta.27 (#20405) (1165667)

Code Refactoring

• use foo.endsWith("bar") instead of /bar$/.test(foo) (#20413) (862e192)

Commits

• bdde0f9 release: v7.0.6
• 23d04fc fix: respond with correct headers and status code for HEAD requests (#20421)
• ead2dec fix(dev): incorrect sourcemap when optimized CJS is imported (#20458)
• e49f505 fix(deps): update all non-major dependencies (#20442)
• f689d61 chore(deps): update rolldown-related dependencies (#20441)
• 8403f69 chore: remove some files from prettier ignore (#20459)
• 1c9cb49 fix(module-runner): normalize file:// on windows (#20449)
• 24e6a0c refactor: use environment transform request (#20430)
• 832f687 release: v7.0.5
• c9614b9 fix: remove special handling for Accept: text/html (#20376)
• Additional commits viewable in compare view

Updates rollup from 4.45.0 to 4.46.2

Release notes

Sourced from rollup's releases.

v4.46.2

4.46.2

2025-07-29

Bug Fixes

• Fix in-operator handling for external namespace and when the left side cannot be analyzed (#6041)

Pull Requests

• #6041: Correct the logic of include in BinaryExpression and don't optimize external references away (@​TrickyPi, @​cyyynthia, @​lukastaegert)

v4.46.1

4.46.1

2025-07-28

Bug Fixes

• Do not fail when using the in operator on external namespaces (#6036)

Pull Requests

• #6036: disables optimization for external namespace when using the in operator (@​TrickyPi)

v4.46.0

4.46.0

2025-07-27

Features

• Optimize in checks on namespaces to keep them treeshake-able (#6029)

Pull Requests

• #5991: feat: update linux-loongarch64-gnu (@​wojiushixiaobai, @​lukastaegert)
• #6029: feat: optimize in checks on namespaces to keep them treeshake-able (@​cyyynthia, @​lukastaegert)
• #6033: fix(deps): update swc monorepo (major) (@​renovate[bot], @​lukastaegert)

v4.45.3

4.45.3

2025-07-26

Bug Fixes

• Do not fail build if a const is reassigned but warn instead (#6020)
• Fail with a helpful error message if an exported binding is not defined (#6023)

... (truncated)

Changelog

Sourced from rollup's changelog.

4.46.2

2025-07-29

Bug Fixes

• Fix in-operator handling for external namespace and when the left side cannot be analyzed (#6041)

Pull Requests

• #6041: Correct the logic of include in BinaryExpression and don't optimize external references away (@​TrickyPi, @​cyyynthia, @​lukastaegert)

4.46.1

2025-07-28

Bug Fixes

• Do not fail when using the in operator on external namespaces (#6036)

Pull Requests

• #6036: disables optimization for external namespace when using the in operator (@​TrickyPi)

4.46.0

2025-07-27

Features

• Optimize in checks on namespaces to keep them treeshake-able (#6029)

Pull Requests

• #5991: feat: update linux-loongarch64-gnu (@​wojiushixiaobai, @​lukastaegert)
• #6029: feat: optimize in checks on namespaces to keep them treeshake-able (@​cyyynthia, @​lukastaegert)
• #6033: fix(deps): update swc monorepo (major) (@​renovate[bot], @​lukastaegert)

4.45.3

2025-07-26

Bug Fixes

• Do not fail build if a const is reassigned but warn instead (#6020)
• Fail with a helpful error message if an exported binding is not defined (#6023)

Pull Requests

• #6014: chore(deps): update dependency @​vue/language-server to v3 (@​renovate[bot])

... (truncated)

Commits

• 4e19bad 4.46.2
• 603e046 Correct the logic of include in BinaryExpression and don't optimize external ...
• 244dc20 4.46.1
• 6031a33 disables optimization for external namespace when using the in operator (#6036)
• 09794f1 4.46.0
• 9a8614f feat: optimize in checks on namespaces to keep them treeshake-able (#6029)
• fdd48a9 feat: update linux-loongarch64-gnu (#5991)
• 461b1ac fix(deps): update swc monorepo (major) (#6033)
• d6908c9 4.45.3
• ccdde29 Fix option name
• Additional commits viewable in compare view

Updates @rsbuild/core from 1.4.6 to 1.4.14

Release notes

Sourced from @​rsbuild/core's releases.

v1.4.14

What's Changed

Trusted Publishing

All Rsbuild npm packages are now published based on npm's trusted publishing, making Rsbuild's npm packages more secure and transparent.

See:

• https://github.blog/changelog/2025-07-31-npm-trusted-publishing-with-oidc-is-generally-available/
• https://docs.npmjs.com/trusted-publishers

Other Changes

• chore(deps): update all patch dependencies by @​renovate[bot] in web-infra-dev/rsbuild#5750
• chore(workflow): enable npm trusted publishing by @​chenjiahan in web-infra-dev/rsbuild#5754
• release: 1.4.14 by @​chenjiahan in web-infra-dev/rsbuild#5755

Full Changelog: web-infra-dev/rsbuild@v1.4.13...v1.4.14

v1.4.13

What's Changed

New Features 🎉

• feat(client): add periodic ping to WebSocket connection by @​chenjiahan in web-infra-dev/rsbuild#5724
• feat: add support for disabling live reload in environments by @​chenjiahan in web-infra-dev/rsbuild#5731
• feat(create-rsbuild): update typescript to ^5.9.2 by @​chenjiahan in web-infra-dev/rsbuild#5739
• feat(create-rsbuild): update tsconfig modules settings by @​chenjiahan in web-infra-dev/rsbuild#5744
• feat: add support for custom favicon output directory by @​chenjiahan in web-infra-dev/rsbuild#5746

Bug Fixes 🐞

• fix(server): remove unused socket messages by @​chenjiahan in web-infra-dev/rsbuild#5740
• fix(runner): remove redundant module.instantiate calls by @​chenjiahan in web-infra-dev/rsbuild#5743

Refactor 🔨

• refactor: socket message types by @​chenjiahan in web-infra-dev/rsbuild#5735

Document 📖

• docs: update Node version requirements for loading TS config by @​chenjiahan in web-infra-dev/rsbuild#5729
• docs: add distPath.favicon option by @​chenjiahan in web-infra-dev/rsbuild#5747
• docs: display llms copy buttons by @​chenjiahan in web-infra-dev/rsbuild#5748

Other Changes

• chore(deps): update dependency launch-editor-middleware to ^2.11.0 by @​renovate[bot] in web-infra-dev/rsbuild#5726
• chore(deps): update dependency webpack to ^5.101.0 by @​renovate[bot] in web-infra-dev/rsbuild#5727
• chore(deps): update dependency @​rslint/core to ^0.1.0 by @​renovate[bot] in web-infra-dev/rsbuild#5725
• test: update Rstest to v0.1.0 and spy on console.log by @​chenjiahan in web-infra-dev/rsbuild#5730

... (truncated)

Commits

• 16e9ec6 release: 1.4.14 (#5755)
• 1f2469a chore(workflow): enable npm trusted publishing (#5754)
• 3f7ca7d chore(deps): update all patch dependencies (#5750)
• 943f960 release: 1.4.13 (#5749)
• 160a5bb feat: add support for custom favicon output directory (#5746)
• 0227d29 fix(runner): remove redundant module.instantiate calls (#5743)
• 322bb9d fix(server): remove unused socket messages (#5740)
• ab19aee feat(create-rsbuild): update typescript to ^5.9.2 (#5739)
• 5257755 refactor: socket message types (#5735)
• d2da715 chore(deps): update dependency @​types/node to ^22.17.0 (#5736)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​rsbuild/core since your current version.

Updates @sveltejs/kit from 2.22.5 to 2.27.0

Release notes

Sourced from @​sveltejs/kit's releases.

@​sveltejs/kit@​2.27.0

Minor Changes

• feat: remote functions (#13986)

@​sveltejs/kit@​2.26.1

Patch Changes

• fix: posixify internal app server path (#14049)

• fix: ignore route groups when generating typed routes (#14050)

@​sveltejs/kit@​2.26.0

Minor Changes

• feat: better type-safety for page.route.id, page.params, page.url.pathname` and various other places (#13864)

• feat: resolve(...) and asset(...) helpers for resolving paths (#13864)

• feat: Add $app/types module with Asset, RouteId, Pathname, ResolvedPathname RouteParams<T> and LayoutParams<T> (#13864)

@​sveltejs/kit@​2.25.2

Patch Changes

• fix: correctly set URL when navigating during an ongoing navigation (#14004)

@​sveltejs/kit@​2.25.1

Patch Changes

• fix: add missing params property (#14012)

@​sveltejs/kit@​2.25.0

Minor Changes

• feat: support asynchronous read implementations from adapters (#13859)

Patch Changes

• fix: log when no Svelte config file has been found to avoid confusion (#14001)

@​sveltejs/kit@​2.24.0

Minor Changes

• feat: typed params prop for page/layout components (#13999)

Patch Changes

... (truncated)

Changelog

Sourced from @​sveltejs/kit's changelog.

2.27.0

Minor Changes

• feat: remote functions (#13986)

2.26.1

Patch Changes

• fix: posixify internal app server path (#14049)

• fix: ignore route groups when generating typed routes (#14050)

2.26.0

Minor Changes

• feat: better type-safety for page.route.id, page.params, page.url.pathname and various other places (#13864)

• feat: resolve(...) and asset(...) helpers for resolving paths (#13864)

• feat: Add $app/types module with Asset, RouteId, Pathname, ResolvedPathname RouteParams<T> and LayoutParams<T> (#13864)

2.25.2

Patch Changes

• fix: correctly set URL when navigating during an ongoing navigation (#14004)

2.25.1

Patch Changes

• fix: add missing params property (#14012)

2.25.0

Minor Changes

• feat: support asynchronous read implementations from adapters (#13859)

Patch Changes

• fix: log when no Svelte config file has been found to avoid confusion (#14001)

... (truncated)

Commits

• 5142acc Version Packages (#14073)
• 793ae28 Remote Functions (#13986)
• 23a6564 docs: use sh instead of bash in source blocks (#14059)
• 1164ffa Version Packages (#14053)
• 1cd93cd fix: ignore route groups when generating typed routes (#14050)
• de3be9a fix: posixify internal app server path (#14049)
• e0e8e3e docs: fix typo in changelog
• e1f9714 Version Packages (#14040)
• a8cc450 feat: typed route ids (#13864)
• a18e21a Version Packages (#14025)
• Additional commits viewable in compare view

Updates @sveltejs/vite-plugin-svelte from 6.0.0 to 6.1.0

Release notes

Sourced from @​sveltejs/vite-plugin-svelte's releases.

@​sveltejs/vite-plugin-svelte@​6.1.0

Minor Changes

• feat: add support for the new experimental.async option and apply dynamicCompileOptions when compiling Svelte modules (#1176)

Patch Changes

• skip comment blocks when reporting compiler errors that might be caused by a preprocessor issue (#1166)

• increase logLevel to info for "no Svelte config found" message (#1179)

Changelog

Sourced from @​sveltejs/vite-plugin-svelte's changelog.

6.1.0

Minor Changes

• feat: add support for the new experimental.async option and apply dynamicCompileOptions when compiling Svelte modules (#1176)

Patch Changes

• skip comment blocks when reporting compiler errors that might be caused by a preprocessor issue (#1166)

• increase logLevel to info for "no Svelte config found" message (#1179)

Commits

• b5f7194 Version Packages (#1169)
• 16c08e5 fix: log missing config at info level (#1179)
• 6abf2c6 feat: support experimental.async and dynamicCompileOptions for Svelte modules...
• 55951de fix(deps): update all non-major dependencies (#1175)
• 666dc61 fix: do not wrongly suggest that a lang attribute is missing when finding com...
• See full diff in compare view

Updates svelte from 5.35.6 to 5.37.3

Release notes

Sourced from svelte's releases.

[email protected]

Patch Changes

• fix: reset attribute cache after setting corresponding property (#16543)

[email protected]

Patch Changes

• fix: double event processing in firefox due to event object being garbage collected (#16527)

• fix: add bindable dimension attributes types to SVG and MathML elements (#16525)

• fix: correctly differentiate static fields before emitting duplicate_class_field (#16526)

• fix: prevent last_propagated_event from being DCE'd (#16538)

[email protected]

Patch Changes

• chore: remove some todos (#16515)

• fix: allow await expressions inside {#await ...} argument (#16514)

• fix: append_styles in an effect to make them available on mount (#16509)

• chore: remove parser.template_untrimmed (#16511)

• fix: always inject styles when compiling as a custom element (#16509)

[email protected]

Minor Changes

• feat: ignore component options in compileModule (#16362)

Patch Changes

• fix: always mark props as stateful (#16504)

[email protected]

Patch Changes

• fix: throw on duplicate class field declarations (#16502)

• fix: add types for part attribute to svg attributes (#16499)

[email protected]

Patch Changes

• fix: don't update a focused input with values from its own past (#16491)

... (truncated)

Changelog

Sourced from svelte's changelog.

5.37.3

Patch Changes

• fix: reset attribute cache after setting corresponding property (#16543)

5.37.2

Patch Changes

• fix: double event processing in firefox due to event object being garbage collected (#16527)

• fix: add bindable dimension attributes types to SVG and MathML elements (#16525)

• fix: correctly differentiate static fields before emitting duplicate_class_field (#16526)

• fix: prevent last_propagated_event from being DCE'd (#16538)

5.37.1

Patch Changes

• chore: remove some todos (#16515)

• fix: allow await expressions inside {#await ...} argument (#16514)

• fix: append_styles in an effect to make them available on mount (#16509)

• chore: remove parser.template_untrimmed (#16511)

• fix: always inject styles when compiling as a custom element (#16509)

5.37.0

Minor Changes

• feat: ignore component options in compileModule (#16362)

Patch Changes

• fix: always mark props as stateful (#16504)

5.36.17

Patch Changes

• fix: throw on duplicate class field declarations (#16502)

• fix: add types for part attribute to svg attributes (#16499)

... (truncated)

Commits

• 0cbb5be Version Packages (#16544)
• 540f1b1 fix: reset attribute cache after setting corresponding property (#16543)
• 9134856 Version Packages (#16529)
• c04975d fix: prevent last_propagated_event from being DCE'd (#16538)
• 72e46d3 fix: add types for SVG bindable attributes (#16525)
• f5950f8 fix: correctly differentiate static fields before emitting `duplicate_class_f...
• a91e015 fix: double event processing in Firefox (#16522) (#16527)
• d82edf6 Version Packages (#16513)
• 48f2fa2 fix: allow await expressions inside {#await ...} argument (#16514)
• 03f2e44 chore: remove some todos (#16515)
• Additional commits viewable in compare view

Updates svelte-check from 4.2.2 to 4.3.1

Release notes

Sourced from svelte-check's releases.

svelte-check-4.3.1

fix: handle object literal in MustacheTag (sveltejs/language-tools#2805)

svelte-check-4.3.0

• feat: zero types for params (#2795)
• feat: add await support (#2799)
• fix: strip doctype using AST instead of regex (#2798)
• chore: make human output more concise and readable (#2748)

Commits

• d84b178 fix: prevent organize imports from removing snippet (#2809)
• 23db5a4 fix: handle object literal in MustacheTag (#2805)
• b73d807 fix: Better detection version (#2801)
• 2e2c6c3 feat: add await support (#2799)
• 2a0c8a0 feat: add xxxProps support to VS Code snippets (#2796)
• 314ad4d fix: strip doctype using AST instead of regex (#2798)
• 14dc584 chore: make human output more concise and readable (#2748)
• 9b3f7f7 feat: zero types for params (#2795)
• 9b98894 docs: use svelte 5 syntax in readme (#2785)
• 3b30d5e fix: enable fallback watcher when dynamicRegistration is false (#2783)
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud