Bump devalue, @sveltejs/adapter-static and @sveltejs/kit in /generative-chatbots

[dependabot]

Bumps devalue to 5.6.4 and updates ancestor dependencies devalue, @sveltejs/adapter-static and @sveltejs/kit. These dependencies need to be updated together.

Updates devalue from 4.3.2 to 5.6.4

Release notes

Sourced from devalue's releases.

v5.6.4

Patch Changes

• 87c1f3c: fix: reject __proto__ keys in malformed Object wrapper payloads

  This validates the "Object" parse path and throws when the wrapped value has an own __proto__ key.

• 40f1db1: fix: ensure sparse array indices are integers

• 87c1f3c: fix: disallow __proto__ keys in null-prototype object parsing

  This disallows __proto__ keys in the "null" parse path so null-prototype object hydration cannot carry that key through parse/unflatten.

v5.6.3

Patch Changes

• 0f04d4d: fix: Properly handle __proto__
• 819f1ac: fix: better encoding for sparse arrays

v5.6.2

Patch Changes

• 1175584: fix: validate input for ArrayBuffer parsing
• e46afa6: fix: validate input for typed arrays
• 1175584: fix: more helpful errors for inputs causing stack overflows

v5.6.1

Patch Changes

• 2161d44: fix: add hasOwn check before calling reviver

v5.6.0

Minor Changes

• a3d09d4: feat: expose DevalueError for instanceof checks in catch clauses
• a3d09d4: feat: add value and root properties in DevalueError instances

v5.5.0

Minor Changes

• 828fa1c: Enable support for custom reducer/reviver for "function" values

v5.4.2

Patch Changes

• 5c26c0d: fix: allow custom revivers to revive things serialized by builtin reducers

v5.4.1

Patch Changes

... (truncated)

Changelog

Sourced from devalue's changelog.

5.6.4

Patch Changes

• 87c1f3c: fix: reject __proto__ keys in malformed Object wrapper payloads

  This validates the "Object" parse path and throws when the wrapped value has an own __proto__ key.

• 40f1db1: fix: ensure sparse array indices are integers

• 87c1f3c: fix: disallow __proto__ keys in null-prototype object parsing

  This disallows __proto__ keys in the "null" parse path so null-prototype object hydration cannot carry that key through parse/unflatten.

5.6.3

Patch Changes

• 0f04d4d: fix: Properly handle __proto__
• 819f1ac: fix: better encoding for sparse arrays

5.6.2

Patch Changes

• 1175584: fix: validate input for ArrayBuffer parsing
• e46afa6: fix: validate input for typed arrays
• 1175584: fix: more helpful errors for inputs causing stack overflows

5.6.1

Patch Changes

• 2161d44: fix: add hasOwn check before calling reviver

5.6.0

Minor Changes

• a3d09d4: feat: expose DevalueError for instanceof checks in catch clauses
• a3d09d4: feat: add value and root properties in DevalueError instances

5.5.0

Minor Changes

• 828fa1c: Enable support for custom reducer/reviver for "function" values

5.4.2

Patch Changes

... (truncated)

Commits

• 6cbb3f5 Version Packages (#133)
• 40f1db1 Merge commit from fork
• 87c1f3c Merge commit from fork
• a4a37d2 Version Packages (#132)
• 819f1ac Merge commit from fork
• 0f04d4d Merge commit from fork
• fcf4e88 fix tests
• 1d8a5ea Version Packages (#131)
• 1175584 Merge commit from fork
• e46afa6 Merge commit from fork
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for devalue since your current version.

Updates @sveltejs/adapter-static from 2.0.3 to 3.0.10

Release notes

Sourced from @​sveltejs/adapter-static's releases.

@​sveltejs/adapter-static@​3.0.10

Patch Changes

• chore: update "homepage" field in package.json (#14579)

Changelog

Sourced from @​sveltejs/adapter-static's changelog.

3.0.10

Patch Changes

• chore: update "homepage" field in package.json (#14579)

3.0.9

Patch Changes

• chore: add .git to the end of package.json repository url (#14134)

• Updated dependencies [c968aef]:

  • @​sveltejs/kit@​2.27.3

3.0.8

Patch Changes

• fix: use optional chaining when checking router type (#13218)

3.0.7

Patch Changes

• fix: allow dynamic routes with missing fallback in hash mode (#13213)

3.0.6

Patch Changes

• docs: update URLs for new svelte.dev site (#12857)

• Updated dependencies [dcbe4222a194c5f90cfc0fc020cf065f7a4e4c46, 4cdbf76fbbf0c0ce7f574ef69c8daddcf954d39d, 3a9b78f04786898ca93f6d4b75ab18d26bc45192, 723eb8b31e6a22c82f730c30e485386c8676b746, 8ec471c875345b751344e67580ff1b772ef2735b]:

  • @​sveltejs/kit@​2.7.3

3.0.5

Patch Changes

• fix: import node:process instead of using globals (#12641)

• Updated dependencies [e798ef718f163bed4f93e1918bd8294f765376ad]:

  • @​sveltejs/kit@​2.5.28

3.0.4

Patch Changes

• chore: configure provenance in a simpler manner (#12570)

... (truncated)

Commits

• 9fbd0d1 Version Packages (#14580)
• 193d37c chore: fix "homepage" field in package.json (#14579)
• 5f9df61 use catalog dependencies for everything (#14509)
• d4efeb5 chore: remove stale create-svelte references (#14501)
• 0afc71d chore: use catalog for more "svelte" dependencies (#14487)
• 6652939 chore: bump Svelte (#14320)
• 758ec17 fix: conditionally access builder properties that only exist on the latest Sv...
• d4f00a1 chore: remove skipLibCheck (#14227)
• f635678 feat: OpenTelemetry Tracing (#13899)
• 0548b15 Version Packages (#14142)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​sveltejs/adapter-static since your current version.

Updates @sveltejs/kit from 1.22.6 to 2.54.0

Release notes

Sourced from @​sveltejs/kit's releases.

@​sveltejs/kit@​2.54.0

Minor Changes

• feat: allow error boundaries to catch errors on the server (#15308)

Patch Changes

• chore: upgrade devalue (#15535)

• fix: don't wait for remote functions that are not awaited in the template (#15280)

• feat: allow resolve() to accept pathnames with a search string and/or hash (#15458)

• chore: remove deprecation warnings for config.kit.files.* options when validating the Svelte config file (#15482)

• fix: handles form target attribute in remote form redirects (#15457)

@​sveltejs/kit@​2.53.4

Patch Changes

• fix: avoid Vite warning about unknown codeSplitting option (#15451)

@​sveltejs/kit@​2.53.3

Patch Changes

• fix: prevent overlapping file metadata in remote functions form (faba869)

@​sveltejs/kit@​2.53.2

Patch Changes

• fix: server-render nested form value sets (#15378)

• fix: use deep partial types for form remote functions .value() and .set(...) (#14837)

• fix: provide correct url info to remote functions (#15418)

• fix: allow optional types for remote query/command/prerender functions (#15293)

• fix: allow commands in more places (#15288)

@​sveltejs/kit@​2.53.1

Patch Changes

... (truncated)

Changelog

Sourced from @​sveltejs/kit's changelog.

2.54.0

Minor Changes

• feat: allow error boundaries to catch errors on the server (#15308)

Patch Changes

• chore: upgrade devalue (#15535)

• fix: don't wait for remote functions that are not awaited in the template (#15280)

• feat: allow resolve() to accept pathnames with a search string and/or hash (#15458)

• chore: remove deprecation warnings for config.kit.files.* options when validating the Svelte config file (#15482)

• fix: handles form target attribute in remote form redirects (#15457)

2.53.4

Patch Changes

• fix: avoid Vite warning about unknown codeSplitting option (#15451)

2.53.3

Patch Changes

• fix: prevent overlapping file metadata in remote functions form (faba869)

2.53.2

Patch Changes

• fix: server-render nested form value sets (#15378)

• fix: use deep partial types for form remote functions .value() and .set(...) (#14837)

• fix: provide correct url info to remote functions (#15418)

• fix: allow optional types for remote query/command/prerender functions (#15293)

... (truncated)

Commits

• 54dadc1 Version Packages (#15464)
• 5b65f39 chore: upgrade devalue (#15535)
• a85396c feat: allow error boundaries to catch errors on the server (#15308)
• 796d1e7 chore: fix Vite ecosystem CI test (#15516)
• d3387f9 chore: fix serialize_data comment typo (#15518)
• 568da5e chore: fix Vite comment typo (#15513)
• 56fa4fa fix: handle target attribute on remote form redirects (#15457)
• 55df690 chore: undeprecate config.kit.files.* options (#15482)
• 37ec6c8 chore: fix navigation type duplicated descriptions (#15490)
• aebeae8 chore: catalog prettier and prettier-plugin-svelte (#15485)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​sveltejs/kit since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.