build(deps): bump the npm_and_yarn group across 1 directory with 5 updates

[dependabot]

Bumps the npm_and_yarn group with 5 updates in the / directory:

Package	From	To
rollup	4.22.4	4.27.2
next	14.2.10	15.0.3
nuxt	3.12.4	3.13.0
svelte	4.2.15	4.2.19
webpack	5.90.0	5.94.0

Updates rollup from 4.22.4 to 4.27.2

Release notes

Sourced from rollup's releases.

v4.27.2

4.27.2

2024-11-15

Bug Fixes

• Ensure unused variables in patterns are always deconflicted if rendered (#5728)

Pull Requests

• #5728: Fix more variable deconflicting issues (@​lukastaegert)

v4.27.1

4.27.1

2024-11-15

Bug Fixes

• Fix some situations where parameter declarations could put Rollup into an infinite loop (#5727)

Pull Requests

• #5727: Debug out-of-memory issues with Rollup v4.27.0 (@​lukastaegert)

v4.27.0

4.27.0

2024-11-15

Features

• Tree-shake unused properties in object literals (#5420)

Bug Fixes

• Change hash length limit to 21 to avoid inconsistent hash length (#5423)

Pull Requests

• #5420: feat: implement object tree-shaking (@​TrickyPi, @​lukastaegert)
• #5723: Reduce max hash size to 21 (@​lukastaegert)
• #5724: fix(deps): update swc monorepo (major) (@​renovate[bot])
• #5725: chore(deps): lock file maintenance minor/patch updates (@​renovate[bot])

v4.26.0

4.26.0

2024-11-13

... (truncated)

Changelog

Sourced from rollup's changelog.

4.27.2

2024-11-15

Bug Fixes

• Ensure unused variables in patterns are always deconflicted if rendered (#5728)

Pull Requests

• #5728: Fix more variable deconflicting issues (@​lukastaegert)

4.27.1

2024-11-15

Bug Fixes

• Fix some situations where parameter declarations could put Rollup into an infinite loop (#5727)

Pull Requests

• #5727: Debug out-of-memory issues with Rollup v4.27.0 (@​lukastaegert)

4.27.0

2024-11-15

Features

• Tree-shake unused properties in object literals (#5420)

Bug Fixes

• Change hash length limit to 21 to avoid inconsistent hash length (#5423)

Pull Requests

• #5420: feat: implement object tree-shaking (@​TrickyPi, @​lukastaegert)
• #5723: Reduce max hash size to 21 (@​lukastaegert)
• #5724: fix(deps): update swc monorepo (major) (@​renovate[bot])
• #5725: chore(deps): lock file maintenance minor/patch updates (@​renovate[bot])

4.26.0

2024-11-13

Features

• Allow to avoid await bundle.close() via explicit resource management in TypeScript (#5721)

... (truncated)

Commits

• a503a4d 4.27.2
• 6c68455 Fix more variable deconflicting issues (#5728)
• aaf38b7 4.27.1
• faeb905 Debug out-of-memory issues with Rollup v4.27.0 (#5727)
• c035068 4.27.0
• b58e48b fix(deps): update swc monorepo (major) (#5724)
• 50697b8 Reduce max hash size to 21 (#5723)
• a9acb57 feat: implement object tree-shaking (#5420)
• 7ec926c chore(deps): lock file maintenance minor/patch updates (#5725)
• ae1d14b 4.26.0
• Additional commits viewable in compare view

Updates next from 14.2.10 to 15.0.3

Release notes

Sourced from next's releases.

v15.0.3

Core Changes

• Read page name from work store in server module map proxy: #71669
• codemod: should not transform when param is not used: #71664
• [dynamicIO] complete refactor to prerender: #71687
• fix: metadata image route normalize path posix for windows: #71673
• next-codemod(upgrade): optional catch when missing dev script: #71598
• Avoid server action function indirection in Turbopack: #71628
• fix: exclude basePath in findSourceMapURL: #71719
• fix: stack frame text color in dark mode: #71656
• Fix: revert the bad node binary handling: #71723
• next-codemod: add empty pnpm-workspace.yaml to test fixtures to bypass PNPM workspace checks: #71726
• warn on sync access if dynamicIO is not enabled: #71696
• Update React from 69d4b800-20241021 to 45804af1-20241021: #71718
• next-upgrade: do not add --turbopack flag when --turbo exists in next dev: #71730
• feat: stitch errors with react owner stack: #70393
• [dynamicIO] update data access error and documentation: #71738
• Test cached form action with revalidate: #71591
• Upgrade React from 45804af1-20241021 to 28668d39-20241023: #71745
• Fix race condition when setting client reference manifests: #71741
• Fix fetch with no-store inside of use cache: #71754
• Remove the bottom collapse button in dev overlay: #71658
• [dynamicIO] unify cache filling and lazy-module warming: #71749
• Don't filter out source location frames through RSC: #71752
• fix undefined default export error msg: #71762
• Upgrade React from 28668d39-20241023 to 1631855f-20241023: #71769
• Enable owner stack in experimental build: #71716
• feat: add experiment for sharpjs cpu flags: #71733
• fix: handle server component replay error in error overlay: #71772
• Don't error asking for prebuilt bundles: #71778
• Replace turbopack://[project]/... sourcemap uris with file://... in development: #71489
• misc: update source map paths for bundled Next.js runtime: #71779
• [dynamicIO] refine error message and docs: #71781
• next-upgrade: change --turbo to --turbopack if applicable: #71737
• Show all diff when uncollapse: #71792
• Sourcemap errors in terminal by default : #71444
• Fully enable custom error callbacks for app router: #71794
• Simplify Server Action Webpack plugin: #71721
• ensure DIO development segment errors are cleared after correcting: #71811
• Include sourceframe in errors logged in the terminal during development: #71803
• [dynamicIO] update prerender cache scoping and cache warming for validation: #71822
• only force stack frame color in tty: #71860
• Add test for fetch with auth in use cache: #71768
• Fix race with hot-reloader-client clearing overlay errors: #71771
• Fix dynamic tracking in dev: #71867
• Revert "Sourcemap errors in terminal by default (#71444)": #71868
• Fix fetch caching inside of "use cache": #71793
• Trace upload: only send traces for current session: #71838
• Reland "Sourcemap errors in terminal by default": #71877

... (truncated)

Commits

• 7dc7be2 v15.0.3
• 74b4d2d v15.0.3-canary.9
• be40adb Add missing closing \</AppOnly> (#72453)
• 224447c Getting Started Docs: Improve "Project Structure" page (#72399)
• 5f0adad chore(turbopack): Update dashmap from 5.x to 6.x (#72433)
• f668af2 [ppr] Fixed deployment tests (#72428)
• 856521b docs(parallel-routes): update 11-parallel-routes.mdx example for modal closin...
• 9d31638 docs(route-handlers): add TS/JS switcher to Route Resolution section in `...
• 200fdc1 [Turbopack] remove unneeded type annotation (#72390)
• 74a19b7 docs: unify the header deps by removing # (#72391)
• Additional commits viewable in compare view

Updates nuxt from 3.12.4 to 3.13.0

Release notes

Sourced from nuxt's releases.

v3.13.0

👀 Highlights

I'm pretty excited about this release - we've ported some features we had planned for Nuxt v4 back to v3, as well as a raft of bug fixes and performance improvements - as usual.

Here are a few of things I'm most excited about.

🏘️ Route Groups

We now support naming directories with parentheses/brackets to organise your routes without affecting the path.

For example:

-| pages/
---| index.vue
---| (marketing)/
-----| about.vue
-----| contact.vue

This will produce /, /about and /contact pages in your app. The marketing group is ignored for purposes of your URL structure.

Read more in the original PR.

🏝️ Islands and Head Metadata

It's now possible for server component islands to manipulate the head, such as by adding SEO metadata when rendering.

Read more in #27987.

🪝 Custom Prefetch Triggers

We now support custom prefetch triggers for NuxtLink (#27846).

For example:

\<template>
  <div>
    <NuxtLink prefetch-on="interaction">
      This will prefetch when hovered or when it gains focus
    </NuxtLink>
    <!-- note that you probably don't want both enabled! -->
    <NuxtLink :prefetch-on="{ visibility: true, interaction: true }">
      This will prefetch when hovered/focus - or when it becomes visible
    </NuxtLink>
  </div>
</template>

... (truncated)

Commits

• 74ef96d v3.13.0
• a012471 fix(nuxt): revert back to object syntax for island head (#28656)
• 3f1db54 feat(nuxt): allow server islands to manipulate head (#27987)
• 68f451a chore(deps): update devdependency @​nuxt/scripts to v0.7.1 (3.x) (#28646)
• ad63154 chore(deps): update all non-major dependencies (3.x) (#28637)
• 4dfbec8 fix(nuxt): do not provide default prefetchOn prop (#28630)
• fb7c2f7 fix(nuxt): allow customising status code in validate method (#28612)
• eed8730 fix(nuxt): extract route rules/page meta in 2+ script blocks (#28625)
• 81774f3 chore(deps): update all non-major dependencies (3.x) (#28614)
• 1eb9b0a feat(nuxt): namespace __NUXT__ when using multi-app (#27263)
• Additional commits viewable in compare view

Updates svelte from 4.2.15 to 4.2.19

Release notes

Sourced from svelte's releases.

[email protected]

Patch Changes

• fix: ensure typings for <svelte:options> are picked up (#12902)

• fix: escape < in attribute strings (#12989)

Changelog

Sourced from svelte's changelog.

4.2.19

Patch Changes

• fix: ensure typings for <svelte:options> are picked up (#12902)

• fix: escape < in attribute strings (#12989)

4.2.18

Patch Changes

• chore: speed up regex (#11922)

4.2.17

Patch Changes

• fix: correctly handle falsy values of style directives in SSR mode (#11584)

4.2.16

Patch Changes

• fix: check if svelte component exists on custom element destroy (#11489)

Commits

• d8b3133 Version Packages (#12990)
• 83e96e0 fix: escape < in attribute strings (#12989)
• 5ec4409 fix: ensure typings for \<svelte:options> are picked up (#12902)
• 230916f Version Packages (#11925)
• dbe6057 chore: speed up regex (#11922)
• a8deae9 Version Packages (#11594)
• 8592914 fix: correctly handle falsy values of style directives in SSR mode (#11584)
• 8e4c778 Version Packages (#11491)
• 1bab571 fix: additional check for component on destroy (svelte4) (#11489)
• See full diff in compare view

Updates webpack from 5.90.0 to 5.94.0

Release notes

Sourced from webpack's releases.

v5.94.0

Bug Fixes

• Added runtime condition for harmony reexport checked
• Handle properly data/http/https protocols in source maps
• Make bigint optimistic when browserslist not found
• Move @​types/eslint-scope to dev deps
• Related in asset stats is now always an array when no related found
• Handle ASI for export declarations
• Mangle destruction incorrect with export named default properly
• Fixed unexpected asi generation with sequence expression
• Fixed a lot of types

New Features

• Added new external type "module-import"
• Support webpackIgnore for new URL() construction
• [CSS] @import pathinfo support

Security

• Fixed DOM clobbering in auto public path

v5.93.0

Bug Fixes

• Generate correct relative path to runtime chunks
• Makes DefinePlugin quieter under default log level
• Fixed mangle destructuring default in namespace import
• Fixed consumption of eager shared modules for module federation
• Strip slash for pretty regexp
• Calculate correct contenthash for CSS generator options

New Features

• Added the binary generator option for asset modules to explicitly keep source maps produced by loaders
• Added the modern-module library value for tree shakable output
• Added the overrideStrict option to override strict or non-strict mode for javascript modules

v5.92.1

Bug Fixes

• Doesn't crash with an error when the css experiment is enabled and contenthash is used

v5.92.0

Bug Fixes

• Correct tidle range's comutation for module federation
• Consider runtime for pure expression dependency update hash
• Return value in the subtractRuntime function for runtime logic

... (truncated)

Commits

• eabf85d chore(release): 5.94.0
• 955e057 security: fix DOM clobbering in auto public path
• 9822387 test: fix
• cbb86ed test: fix
• 5ac3d7f fix: unexpected asi generation with sequence expression
• 2411661 security: fix DOM clobbering in auto public path
• b8c03d4 fix: unexpected asi generation with sequence expression
• f46a03c revert: do not use heuristic fallback for "module-import"
• 60f1898 fix: do not use heuristic fallback for "module-import"
• 66306aa Revert "fix: module-import get fallback from externalsPresets"
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[dependabot]

Superseded by #213.