chore(deps): bump the npm group in /frontend/web with 16 updates by dependabot[bot] · Pull Request #117 · KooshaPari/BytePort

dependabot · 2026-05-06T13:29:14Z

Bumps the npm group in /frontend/web with 16 updates:

Package	From	To
@rollup/rollup-darwin-arm64	`4.60.2`	`4.60.3`
@tauri-apps/cli-darwin-arm64	`2.10.1`	`2.11.1`
@tauri-apps/plugin-http	`2.5.8`	`2.5.9`
@storybook/svelte	`10.3.5`	`10.3.6`
@storybook/sveltekit	`10.3.5`	`10.3.6`
@sveltejs/kit	`2.58.0`	`2.59.1`
@sveltejs/vite-plugin-svelte	`7.0.0`	`7.1.1`
@tauri-apps/api	`2.10.1`	`2.11.0`
@tauri-apps/cli	`2.10.1`	`2.11.1`
bits-ui	`2.18.0`	`2.18.1`
eslint	`10.2.1`	`10.3.0`
globals	`17.5.0`	`17.6.0`
storybook	`10.3.5`	`10.3.6`
svelte-check	`4.4.6`	`4.4.8`
typescript-eslint	`8.59.1`	`8.59.2`
zod	`4.3.6`	`4.4.3`

Updates @rollup/rollup-darwin-arm64 from 4.60.2 to 4.60.3

Changelog

Sourced from @rollup/rollup-darwin-arm64's changelog.

4.60.3

2026-05-04

Bug Fixes

Ensure nested "exports" variables are not renamed (#6360)

Pull Requests

#6360: fix: do not rename nested "exports" bindings that do not conflict (@tariqrafique, @lukastaegert)

#6364: chore(deps): update msys2/setup-msys2 digest to e989830 (@renovate[bot])

#6365: fix(deps): update minor/patch updates (@renovate[bot])

#6366: fix(deps): update swc monorepo (major) (@renovate[bot])

#6367: chore(deps): lock file maintenance (@renovate[bot], @lukastaegert)

#6368: docs: add missing backticks in plugin-development (@lumirlumir, @lukastaegert)

Commits

b47bdab 4.60.3
15c5f33 Add again some unneeded dev dependencies, to make some builds succeed
12195dc fix: do not rename nested "exports" bindings that do not conflict (#6360)
b74aa39 Migrate instructions to AGENTS.md
aa5a377 fix(deps): update minor/patch updates (#6365)
197e68b chore(deps): update msys2/setup-msys2 digest to e989830 (#6364)
cded70a fix(deps): update swc monorepo (major) (#6366)
bb2b8a5 docs: add missing backticks in plugin-development (#6368)
20af1c4 chore(deps): lock file maintenance (#6367)
See full diff in compare view

Updates @tauri-apps/cli-darwin-arm64 from 2.10.1 to 2.11.1

Release notes

Sourced from @tauri-apps/cli-darwin-arm64's releases.

`@tauri-apps/cli` v2.11.1

[2.11.1]

Dependencies

Upgraded to tauri-cli@2.11.1

tauri-cli v2.11.1

Fetching advisory database from `https://github.com/RustSec/advisory-db.git`
      Loaded 1067 security advisories (from /home/runner/.cargo/advisory-db)
    Updating crates.io index
    Scanning Cargo.lock for vulnerabilities (1088 crate dependencies)
Crate:     atk
Version:   0.18.2
Warning:   unmaintained
Title:     gtk-rs GTK3 bindings - no longer maintained
Date:      2024-03-04
ID:        RUSTSEC-2024-0413
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0413
Dependency tree:
atk 0.18.2
└── gtk 0.18.2
    ├── wry 0.55.0
    │   └── tauri-runtime-wry 2.11.1
    │       └── tauri 2.11.1
    │           ├── tauri-utils 2.9.1
    │           │   ├── tauri-schema-generator 0.0.0
    │           │   ├── tauri-runtime-wry 2.11.1
    │           │   ├── tauri-runtime 2.11.1
    │           │   │   ├── tauri-runtime-wry 2.11.1
    │           │   │   └── tauri 2.11.1
    │           │   ├── tauri-plugin 2.6.1
    │           │   │   ├── tauri-plugin-sample 0.1.0
    │           │   │   │   └── api 0.1.0
    │           │   │   └── tauri-plugin-log 2.6.0
    │           │   │       └── api 0.1.0
    │           │   ├── tauri-macros 2.6.1
    │           │   │   └── tauri 2.11.1
    │           │   ├── tauri-codegen 2.6.1
    │           │   │   ├── tauri-macros 2.6.1
    │           │   │   └── tauri-build 2.6.1
    │           │   │       ├── tauri-file-associations-demo 0.1.0
    │           │   │       ├── tauri 2.11.1
    │           │   │       ├── resources 0.1.0
    │           │   │       ├── bench_helloworld 0.1.0
    │           │   │       ├── bench_files_transfer 0.1.0
</tr></table>

... (truncated)

Commits

e5ae5b9 chore: fix changelog
4d2db70 Apply Version Updates From Current Changes (#15328)
5e3126f feat(mobile): expose monitor APIs (#15338)
ba02558 Merge commit from fork
5f479c0 fix(core): requestPermission crash regression on Android, closes #15323 (#15336)
1b26769 fix(tauri): enforce ACL for remote origins even without AppManifest (#15266)
3057eda fix(driver): enable eq-separator feature for pico-args. (#15324)
4f548e7 chore(deps): update phf to 0.13 (#15308)
4ca427d fix: pin napi for msrv and Node.js on CI (#15310)
a04d907 fix(ci): publish-cli-rs script for Powershell (#15309)
Additional commits viewable in compare view

Updates @tauri-apps/plugin-http from 2.5.8 to 2.5.9

Release notes

Sourced from @tauri-apps/plugin-http's releases.

http-js v2.5.9

[2.5.9]

Dependencies

Upgraded to fs-js@2.5.1

npm warn Unknown user config "always-auth". This will stop working in the next major version of npm. See `npm help npmrc` for supported config options.
npm warn publish npm auto-corrected some errors in your package.json when publishing.  Please run "npm pkg fix" to address these errors.
npm warn publish errors corrected:
npm warn publish "repository" was changed from a string to an object
npm warn publish "repository.url" was normalized to "git+https://github.com/tauri-apps/plugins-workspace.git"
npm notice
npm notice 📦  @tauri-apps/plugin-http@2.5.9
npm notice Tarball Contents
npm notice 888B LICENSE.spdx
npm notice 2.6kB README.md
npm notice 7.1kB dist-js/index.cjs
npm notice 2.4kB dist-js/index.d.ts
npm notice 7.0kB dist-js/index.js
npm notice 655B package.json
npm notice Tarball Details
npm notice name: @tauri-apps/plugin-http
npm notice version: 2.5.9
npm notice filename: tauri-apps-plugin-http-2.5.9.tgz
npm notice package size: 5.1 kB
npm notice unpacked size: 20.5 kB
npm notice shasum: f612a86239b95f6b2d5d211e26d512176c9f490b
npm notice integrity: sha512-lCiY0+vs4HvIU[...]Y6SFAO3gCWxDA==
npm notice total files: 6
npm notice
npm notice Publishing to https://registry.npmjs.org/ with tag latest and public access
npm notice publish Signed provenance statement with source and build information from GitHub Actions
npm notice publish Provenance statement published to transparency log: https://search.sigstore.dev/?logIndex=1429011759
+ @tauri-apps/plugin-http@2.5.9

http v2.5.9

[2.5.9]

Dependencies

Upgraded to fs-js@2.5.1

... (truncated)

Commits

5c7668b publish new versions (#3397)
ec05401 chore(deps): update rust crate toml to v1 (#3323)
b86e999 chore(deps): update tauri packages to 2.11 (#3407)
c463d8a chore(deps): update rustls-webpki in lockfile, ignore core2 in audit (#3405)
1bb7beb chore(deps): bump openssl (#3402)
3412fa2 docs(readme): fix platform support matrix (opener supports mobile)
af81fda docs(readme): fix platform support matrix (mobile is supported)
c1fd33b fix(opener): allow open network share locations (#3343)
250857b chore(deps): update dependency typescript to v6 (#3363)
964e13f fix(store): dead lock trying to set while exiting (#3395)
Additional commits viewable in compare view

Updates @storybook/svelte from 10.3.5 to 10.3.6

Release notes

Sourced from @storybook/svelte's releases.

v10.3.6

10.3.6

ESLint: Update deprecated @storybook/test reference to storybook/test - #34430, thanks @venkat22022202!

React: Add optional React type peers to packages that publish React-based declarations - #34641, thanks @copilot-swe-agent!

UI: Fix global background + color styles affecting stories - #34071, thanks @Axadali!

Changelog

Sourced from @storybook/svelte's changelog.

10.3.6

ESLint: Update deprecated @storybook/test reference to storybook/test - #34430, thanks @venkat22022202!

React: Add optional React type peers to packages that publish React-based declarations - #34641, thanks @copilot-swe-agent!

UI: Fix global background + color styles affecting stories - #34071, thanks @Axadali!

Commits

b8748e4 Bump version from "10.3.5" to "10.3.6" [skip ci]
See full diff in compare view

Updates @storybook/sveltekit from 10.3.5 to 10.3.6

Release notes

Sourced from @storybook/sveltekit's releases.

v10.3.6

10.3.6

ESLint: Update deprecated @storybook/test reference to storybook/test - #34430, thanks @venkat22022202!

React: Add optional React type peers to packages that publish React-based declarations - #34641, thanks @copilot-swe-agent!

UI: Fix global background + color styles affecting stories - #34071, thanks @Axadali!

Changelog

Sourced from @storybook/sveltekit's changelog.

10.3.6

ESLint: Update deprecated @storybook/test reference to storybook/test - #34430, thanks @venkat22022202!

React: Add optional React type peers to packages that publish React-based declarations - #34641, thanks @copilot-swe-agent!

UI: Fix global background + color styles affecting stories - #34071, thanks @Axadali!

Commits

b8748e4 Bump version from "10.3.5" to "10.3.6" [skip ci]
See full diff in compare view

Updates @sveltejs/kit from 2.58.0 to 2.59.1

Release notes

Sourced from @sveltejs/kit's releases.

@sveltejs/kit@2.59.1

Patch Changes

fix: resolve paths to route files with the letter drive on Windows (#15793)

@sveltejs/kit@2.59.0

Minor Changes

feat: support query.batch in requested(...) (#15751)

breaking: on the server, make the promise returned from refresh represent adding the refresh to the map, not the time it takes to run the remote function (#15705)

feat: experimental query.live function (#15705)

Patch Changes

fix: unwrap Promise in RemoteCommand output type (#15771)

fix: empty call to .updates() on a command/form invocation means "don't update anything" (#15705)

fix: form.fields.foo.as('checkbox', default_value) now works (#15752)

fix: remote forms with default values defined by field.as('text', defaultValue) now correctly reset to the provided default values once submitted (#15753)

fix: make sure queries always get started correctly (#15705)

fix: allow plain functions as overrides in updates (#15705)

Changelog

Sourced from @sveltejs/kit's changelog.

2.59.1

Patch Changes

fix: resolve paths to route files with the letter drive on Windows (#15793)

2.59.0

Minor Changes

feat: support query.batch in requested(...) (#15751)

breaking: on the server, make the promise returned from refresh represent adding the refresh to the map, not the time it takes to run the remote function (#15705)

feat: experimental query.live function (#15705)

Patch Changes

fix: unwrap Promise in RemoteCommand output type (#15771)

fix: empty call to .updates() on a command/form invocation means "don't update anything" (#15705)

fix: form.fields.foo.as('checkbox', default_value) now works (#15752)

fix: remote forms with default values defined by field.as('text', defaultValue) now correctly reset to the provided default values once submitted (#15753)

fix: make sure queries always get started correctly (#15705)

fix: allow plain functions as overrides in updates (#15705)

Commits

9cfa07d Version Packages (#15795)
e547ec1 fix: resolve user files with drive letter on Windows (#15793)
522ac32 Version Packages (#15769)
a416bb0 docs: improve description for read config parameter (#15673)
af248a7 fix: unwrap Promise in RemoteCommand output type (#15771)
1c8e573 fix: remote forms with default values defined by `field.as('text', defaultVal...
5b28e23 feat: support query.batch in requested (#15751)
a074dc1 fix: .as('checkbox', value) was completely broken (#15752)
055ac24 feat: experimental query.live remote function (#15705)
c1d3633 chore: fix IDE typescript errors (#15756)
See full diff in compare view

Updates @sveltejs/vite-plugin-svelte from 7.0.0 to 7.1.1

Release notes

Sourced from @sveltejs/vite-plugin-svelte's releases.

@sveltejs/vite-plugin-svelte@7.1.1

Patch Changes

fix: pass typescript.onlyRemoveTypeImports to transformWithOxc in vitePreprocess so that value imports are not dropped when they are only referenced in Svelte template markup (#1326)

fix: correctly resolve compiled CSS for optimised Svelte dependencies on the server (#1336)

@sveltejs/vite-plugin-svelte@7.1.0

Minor Changes

feat: enable optimizer for server environments during dev (#1328)

Changelog

Sourced from @sveltejs/vite-plugin-svelte's changelog.

7.1.1

Patch Changes

fix: pass typescript.onlyRemoveTypeImports to transformWithOxc in vitePreprocess so that value imports are not dropped when they are only referenced in Svelte template markup (#1326)

fix: correctly resolve compiled CSS for optimised Svelte dependencies on the server (#1336)

7.1.0

Minor Changes

feat: enable optimizer for server environments during dev (#1328)

Commits

508d91b Version Packages (#1339)
990e58c fix: correctly resolve Svelte CSS on the server during development (#1336)
d5458a9 fix: restore value imports stripped by oxc in script preprocessing (#1326)
1c85126 Version Packages (#1331)
1a4d225 feat: enable optimizer for server environments during dev (#1328)
d91be5f fix: use correct pnpm catalog syntax
4d3afb4 chore: fix audit CI (#1327)
8b3687b use modern JSDoc imports (#1309)
See full diff in compare view

Updates @tauri-apps/api from 2.10.1 to 2.11.0

Release notes

Sourced from @tauri-apps/api's releases.

`@tauri-apps/api` v2.11.0

No known vulnerabilities found

[2.11.0]

New Features

074299c08 (#14307) Add Bring All to Front predefined menu item type
a12142a48 (#14357) Add macos support for setting the icon and icon template state in the same step of the main thread, to prevent flickering.
001c8fe3d (#14722) Add a WebView option to control browser-level general autofill behavior. This option does not disable password or credit card autofill. On Windows (WebView2), setting it to true disables the general autofill "Suggestions" UI, which may appear even when autocomplete="off" is specified on input elements. On Linux, macOS, iOS, and Android, this option is currently unsupported and performs no operation.
eb0312ea9 (#15199) Propagates the Event::Suspended and Event::Resumed events from tao when they are emitted on mobile targets.

> @tauri-apps/api@2.11.0 npm-publish /home/runner/work/tauri/tauri/packages/api > pnpm build && cd ./dist && pnpm publish --access public --loglevel silly --no-git-checks > @tauri-apps/api@2.11.0 build /home/runner/work/tauri/tauri/packages/api > rollup -c --configPlugin typescript

�[36m �[1m./src/app.ts, ./src/core.ts, ./src/dpi.ts, ./src/event.ts, ./src/image.ts, ./src/index.ts, ./src/menu.ts, ./src/mocks.ts, ./src/path.ts, ./src/tray.ts, ./src/webview.ts, ./src/webviewWindow.ts, ./src/window.ts�[22m → �[1m./dist, ./dist�[22m...�[39m �[32mcreated �[1m./dist, ./dist�[22m in �[1m1s�[22m�[39m �[36m �[1msrc/index.ts�[22m → �[1m../../crates/tauri/scripts/bundle.global.js�[22m...�[39m �[32mcreated �[1m../../crates/tauri/scripts/bundle.global.js�[22m in �[1m1.6s�[22m�[39m npm verbose cli /opt/hostedtoolcache/node/24.14.1/x64/bin/node /opt/hostedtoolcache/node/24.14.1/x64/bin/npm npm info using npm@11.11.0 npm info using node@v24.14.1 npm silly config load:file:/opt/hostedtoolcache/node/24.14.1/x64/lib/node_modules/npm/npmrc npm silly config load:file:/tmp/62753b73fd2498862aee9b07ed29cc21/.npmrc npm silly config load:file:/home/runner/.npmrc npm silly config load:file:/home/runner/.config/pnpm/rc npm verbose title npm publish tauri-apps-api-2.11.0.tgz npm verbose argv "publish" "--ignore-scripts" "tauri-apps-api-2.11.0.tgz" "--access" "public" "--loglevel" "silly" npm verbose logfile logs-max:10 dir:/home/runner/.npm/_logs/2026-04-30T15_51_13_171Z- npm verbose logfile /home/runner/.npm/_logs/2026-04-30T15_51_13_171Z-debug-0.log npm warn Unknown env config "verify-deps-before-run". This will stop working in the next major version of npm. See npm help npmrc for supported config options. npm warn Unknown env config "npm-globalconfig". This will stop working in the next major version of npm. See npm help npmrc for supported config options. npm warn Unknown env config "_jsr-registry". This will stop working in the next major version of npm. See npm help npmrc for supported config options. </tr></table>

... (truncated)

Commits

e60834f Apply Version Updates From Current Changes (#15041)
df05c00 chore: minor bump for codegen crate
13bea17 chore: fmt
9808236 fix(macOS): correct value for work_area.position.y (#14655)
eb0312e feat(mobile): Propagate tao::Event::Suspended and tao::Event::Resumed to the ...
4ef5797 feat(ios): add --no-sign and --archive-only flags to ios build (#15061)
110336c fix(macOS): fix incorrect window position on multi-monitor setups (#15250)
c00a3db feat(macros): add support for rename command macro in tauri-macros #14173 (#1...
764b913 feat(cli): restart Android emulator if it is disconnected from adb (#14313)
1035f12 fix(windows): tauri-bundler detect arm system (#14923)
Additional commits viewable in compare view

Updates @tauri-apps/cli from 2.10.1 to 2.11.1

Release notes

Sourced from @tauri-apps/cli's releases.

@tauri-apps/cli v2.11.1

[2.11.1]

Dependencies

Upgraded to tauri-cli@2.11.1

@tauri-apps/cli v2.11.0

[2.11.0]

New Features

926a57bb0 (#15201) Added uninstaller icon and uninstaller header image support for NSIS installer.

Notes:

For tauri-bundler lib users, the NsisSettings now has 2 new fields uninstaller_icon and uninstaller_header_image which can be a breaking change

When bundling with NSIS, users can add uninstallerIcon and uninstallerHeaderImage under bundle > windows > nsis to configure them.

764b9139a (#14313) Prompt to restart the Android emulator if it is not connected to adb.

5dc2cee60 (#14793) Added support for minimumWebview2Version option support for the MSI (Wix) installer, the old bundle > windows > nsis > minimumWebview2Version is now deprecated in favor of bundle > windows > minimumWebview2Version

Notes:

For anyone relying on the WVRTINSTALLED Property tag in main.wxs, it is now renamed to INSTALLED_WEBVIEW2_VERSION

For tauri-bundler lib users, the WindowsSettings now has a new field minimum_webview2_version which can be a breaking change

Enhancements

be0e4bd2d (#15218) Added Vietnamese translations for the NSIS installer

8718d0816 (#15033) Show the context before prompting for updater signing key password

Bug Fixes

fcb702ec4 (#14954) Fix build --bundles to allow nsis arg in linux+macOS

80c1425af (#14921) Fix iOS build failure when Metal Toolchain is installed by using explicit $(DEVELOPER_DIR)/Toolchains/XcodeDefault.xctoolchain path instead of $(TOOLCHAIN_DIR) for Swift library search paths.

What's Changed

9979cde1c (#15175) Update NSIS installer Italian translations

Dependencies

Upgraded to tauri-cli@2.11.0

Commits

e5ae5b9 chore: fix changelog
4d2db70 Apply Version Updates From Current Changes (#15328)
5e3126f feat(mobile): expose monitor APIs (#15338)
ba02558 Merge commit from fork
5f479c0 fix(core): requestPermission crash regression on Android, closes #15323 (#15336)
1b26769 fix(tauri): enforce ACL for remote origins even without AppManifest (#15266)
3057eda fix(driver): enable eq-separator feature for pico-args. (#15324)
4f548e7 chore(deps): update phf to 0.13 (#15308)
4ca427d fix: pin napi for msrv and Node.js on CI (#15310)
a04d907 fix(ci): publish-cli-rs script for Powershell (#15309)
Additional commits viewable in compare view

Updates bits-ui from 2.18.0 to 2.18.1

Release notes

Sourced from bits-ui's releases.

bits-ui@2.18.1

Patch Changes

fix(text-selection-layer): snapshot enabled and pointer handlers for listeners (#2041)

fix(Tooltip): set wrapper pointer-events when hoverable content is disabled (#2041)

fix(Menu): prevent page scroll-jump on item hover when scroll-padding is set (#2035)

Commits

25f8137 Version Packages (#2042)
158364e fix(menu): use preventScroll when focusing items on hover and content on item...
5a3f7ce fix(Tooltip): pointer event handling (#2041)
788fc03 chore: update workflows to Node 24 and latest action versions (#2032)
See full diff in compare view

Updates eslint from 10.2.1 to 10.3.0

Release notes

Sourced from eslint's releases.

v10.3.0

Features

379571a feat: add suggestions for no-unused-private-class-members (#20773) (sethamus)

Bug Fixes

b6ae5cf fix: handle unavailable require cache (#20812) (Simon Podlipsky)

6fb3685 fix: rule suggestions cause continuation in class body (#20787) (Milos Djermanovic)

Documentation

32cc7ab docs: fix typos in docs and comments (#20809) (Tanuj Kanti)

7f47937 docs: Update README (GitHub Actions Bot)

Chores

d32235e ci: use pnpm in eslint-flat-config-utils type integration test (#20826) (Francesco Trotta)

3ffb14e chore: clean up typos in comments and JSDoc (#20821) (Pixel998)

22eb58a chore: add missing continue-on-error to ecosystem-tests.yml (#20818) (Josh Goldberg ✨)

88bf002 ci: bump pnpm/action-setup from 6.0.1 to 6.0.3 (#20815) (dependabot[bot])

97c8c33 chore: update ilshidur/action-discord action to v0.4.0 (#20811) (renovate[bot])

2f58136 chore: pin peter-evans/create-pull-request action to 5f6978f (#20810) (renovate[bot])

77add7f chore: add initial ecosystem plugin tests workflow (#19643) (Josh Goldberg ✨)

4023b55 test: Add unit tests for SuppressionsService.prune() (#20797) (kuldeep kumar)

54080da test: add unit tests for ForkContext (#20778) (kuldeep kumar)

f0e2bcc test: add unit tests for SuppressionsService.suppress() method (#20765) (kuldeep kumar)

a7f0b94 chore: update dependency prettier to v3.8.3 (#20782) (renovate[bot])

7bf93d9 chore: update TypeScript to v6 (#20677) (sethamus)

b42dd72 ci: bump pnpm/action-setup from 6.0.0 to 6.0.1 (#20781) (dependabot[bot])

2b252be test: add unit tests for IdGenerator (#20775) (kuldeep kumar)

Commits

7889204 10.3.0
5b69b4f Build: changelog update for 10.3.0
d32235e ci: use pnpm in eslint-flat-config-utils type integration test (#20826)
b6ae5cf fix: handle unavailable require cache (#20812)
3ffb14e chore: clean up typos in comments and JSDoc (#20821)
6fb3685 fix: rule suggestions cause continuation in class body (#20787)
22eb58a chore: add missing continue-on-error to ecosystem-tests.yml (#20818)
88bf002 ci: bump pnpm/action-setup from 6.0.1 to 6.0.3 (#20815)
379571a feat: add suggestions for no-unused-private-class-members (#20773)
97c8c33 chore: update ilshidur/action-discord action to v0.4.0 (#20811)
Additional commits viewable in compare view

Updates globals from 17.5.0 to 17.6.0

Release notes

Sourced from globals's releases.

v17.6.0

Update globals (2026-05-01) (#343) 00a4dd9

sindresorhus/globals@v17.5.0...v17.6.0

Commits

6b15870 17.6.0
00a4dd9 Update globals (2026-05-01) (#343)
See full diff in compare view

Updates storybook from 10.3.5 to 10.3.6

Release notes

Sourced from storybook's releases.

v10.3.6

10.3.6

ESLint: Update deprecated @storybook/test reference to storybook/test - #34430, thanks @venkat22022202!

React: Add optional React type peers to packages that publish React-based declarations - #34641, thanks @copilot-swe-agent!

UI: Fix global background + color styles affecting stories - #34071, thanks @Axadali!

Changelog

Sourced from storybook's changelog.

10.3.6

ESLint: Update deprecated @storybook/test reference to storybook/test - #34430, thanks @venkat22022202!

React: Add optional React type peers to packages that publish React-based declarations - #34641, thanks @copilot-swe-agent!

UI: Fix global background + color styles affecting stories - #34071, thanks @Axadali!

Commits

b8748e4 Bump version from "10.3.5" to "10.3.6" [skip ci]
8879a0f remove .ts extension
4cd495a Merge pull request #34550 from storybookjs/fix/vite-plus-devdepsoxfmt
f7809a8 Merge pull request #34509 from storybookjs/fix/vite-plus-detection
e20dc8d Merge pull request #34071 from Axadali/33735-global-style-issue
See full diff in compare view

Updates svelte-check from 4.4.6 to 4.4.8

Release notes

Sourced from svelte-check's releases.

svelte-check@4.4.8

Patch Changes

feat: typescript 6.0 support (#2985)

svelte-check@4.4.7

Patch Changes

fix: flush stdout/stderr before exit (#3014)

fix: report diagnostics in tsconfig.json (#3005)

Commits

0070c6f Version Packages (#3015)
29e2894 feat: typescript 6.0 support (#2985)
d99bb34 Version Packages (#2999)
35428ae fix: flush stdout/stderr before exit in svelte-check (#3014)
a553963 fix: report diagnostics in tsconfig.json (#3005)
4c306eb fix: prevent incorrect $types imports being injected in update import (#3010)
31488f9 fix: properly place svelte-ignore comment in quickfix when \<script module> ...
5be821d fix: prevent duplicate diagnostics (#3000)
8b103ba fix: hoist self-referenced props interface (#2998)
See full diff in compare view

Updates typescript-eslint from 8.59.1 to 8.59.2

Release notes

Sourced from typescript-eslint's releases.

v8.59.2

8.59.2 (2026-05-04)

🩹 Fixes

eslint-plugin: [no-unsafe-type-assertion] handle crash on recursive template literal types (#12150)

eslint-plugin: [no-deprecated] object destructuring values should be treated as declarations (#12292)

rule-tester: add TypeScript as a peer dependency (#12288)

❤️ Thank You

Dariusz Czajkowski

Dima Barabash

Kirk Waiblinger @kirkwaiblinger

See GitHub Releases for more information.

You can read about our Description has been truncated

Bumps the npm group in /frontend/web with 16 updates: | Package | From | To | | --- | --- | --- | | [@rollup/rollup-darwin-arm64](https://github.com/rollup/rollup) | `4.60.2` | `4.60.3` | | [@tauri-apps/cli-darwin-arm64](https://github.com/tauri-apps/tauri) | `2.10.1` | `2.11.1` | | [@tauri-apps/plugin-http](https://github.com/tauri-apps/plugins-workspace) | `2.5.8` | `2.5.9` | | [@storybook/svelte](https://github.com/storybookjs/storybook/tree/HEAD/code/renderers/svelte) | `10.3.5` | `10.3.6` | | [@storybook/sveltekit](https://github.com/storybookjs/storybook/tree/HEAD/code/frameworks/sveltekit) | `10.3.5` | `10.3.6` | | [@sveltejs/kit](https://github.com/sveltejs/kit/tree/HEAD/packages/kit) | `2.58.0` | `2.59.1` | | [@sveltejs/vite-plugin-svelte](https://github.com/sveltejs/vite-plugin-svelte/tree/HEAD/packages/vite-plugin-svelte) | `7.0.0` | `7.1.1` | | [@tauri-apps/api](https://github.com/tauri-apps/tauri) | `2.10.1` | `2.11.0` | | [@tauri-apps/cli](https://github.com/tauri-apps/tauri) | `2.10.1` | `2.11.1` | | [bits-ui](https://github.com/huntabyte/bits-ui) | `2.18.0` | `2.18.1` | | [eslint](https://github.com/eslint/eslint) | `10.2.1` | `10.3.0` | | [globals](https://github.com/sindresorhus/globals) | `17.5.0` | `17.6.0` | | [storybook](https://github.com/storybookjs/storybook/tree/HEAD/code/core) | `10.3.5` | `10.3.6` | | [svelte-check](https://github.com/sveltejs/language-tools) | `4.4.6` | `4.4.8` | | [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.59.1` | `8.59.2` | | [zod](https://github.com/colinhacks/zod) | `4.3.6` | `4.4.3` | Updates `@rollup/rollup-darwin-arm64` from 4.60.2 to 4.60.3 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.60.2...v4.60.3) Updates `@tauri-apps/cli-darwin-arm64` from 2.10.1 to 2.11.1 - [Release notes](https://github.com/tauri-apps/tauri/releases) - [Commits](tauri-apps/tauri@tauri-v2.10.1...tauri-v2.11.1) Updates `@tauri-apps/plugin-http` from 2.5.8 to 2.5.9 - [Release notes](https://github.com/tauri-apps/plugins-workspace/releases) - [Commits](tauri-apps/plugins-workspace@http-v2.5.8...http-v2.5.9) Updates `@storybook/svelte` from 10.3.5 to 10.3.6 - [Release notes](https://github.com/storybookjs/storybook/releases) - [Changelog](https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md) - [Commits](https://github.com/storybookjs/storybook/commits/v10.3.6/code/renderers/svelte) Updates `@storybook/sveltekit` from 10.3.5 to 10.3.6 - [Release notes](https://github.com/storybookjs/storybook/releases) - [Changelog](https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md) - [Commits](https://github.com/storybookjs/storybook/commits/v10.3.6/code/frameworks/sveltekit) Updates `@sveltejs/kit` from 2.58.0 to 2.59.1 - [Release notes](https://github.com/sveltejs/kit/releases) - [Changelog](https://github.com/sveltejs/kit/blob/main/packages/kit/CHANGELOG.md) - [Commits](https://github.com/sveltejs/kit/commits/@sveltejs/kit@2.59.1/packages/kit) Updates `@sveltejs/vite-plugin-svelte` from 7.0.0 to 7.1.1 - [Release notes](https://github.com/sveltejs/vite-plugin-svelte/releases) - [Changelog](https://github.com/sveltejs/vite-plugin-svelte/blob/main/packages/vite-plugin-svelte/CHANGELOG.md) - [Commits](https://github.com/sveltejs/vite-plugin-svelte/commits/@sveltejs/vite-plugin-svelte@7.1.1/packages/vite-plugin-svelte) Updates `@tauri-apps/api` from 2.10.1 to 2.11.0 - [Release notes](https://github.com/tauri-apps/tauri/releases) - [Commits](https://github.com/tauri-apps/tauri/compare/@tauri-apps/api-v2.10.1...@tauri-apps/api-v2.11.0) Updates `@tauri-apps/cli` from 2.10.1 to 2.11.1 - [Release notes](https://github.com/tauri-apps/tauri/releases) - [Commits](https://github.com/tauri-apps/tauri/compare/@tauri-apps/cli-v2.10.1...@tauri-apps/cli-v2.11.1) Updates `bits-ui` from 2.18.0 to 2.18.1 - [Release notes](https://github.com/huntabyte/bits-ui/releases) - [Commits](https://github.com/huntabyte/bits-ui/compare/bits-ui@2.18.0...bits-ui@2.18.1) Updates `eslint` from 10.2.1 to 10.3.0 - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](eslint/eslint@v10.2.1...v10.3.0) Updates `globals` from 17.5.0 to 17.6.0 - [Release notes](https://github.com/sindresorhus/globals/releases) - [Commits](sindresorhus/globals@v17.5.0...v17.6.0) Updates `storybook` from 10.3.5 to 10.3.6 - [Release notes](https://github.com/storybookjs/storybook/releases) - [Changelog](https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md) - [Commits](https://github.com/storybookjs/storybook/commits/v10.3.6/code/core) Updates `svelte-check` from 4.4.6 to 4.4.8 - [Release notes](https://github.com/sveltejs/language-tools/releases) - [Commits](https://github.com/sveltejs/language-tools/compare/svelte-check@4.4.6...svelte-check@4.4.8) Updates `typescript-eslint` from 8.59.1 to 8.59.2 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.59.2/packages/typescript-eslint) Updates `zod` from 4.3.6 to 4.4.3 - [Release notes](https://github.com/colinhacks/zod/releases) - [Commits](colinhacks/zod@v4.3.6...v4.4.3) --- updated-dependencies: - dependency-name: "@rollup/rollup-darwin-arm64" dependency-version: 4.60.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: npm - dependency-name: "@tauri-apps/cli-darwin-arm64" dependency-version: 2.11.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: npm - dependency-name: "@tauri-apps/plugin-http" dependency-version: 2.5.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: npm - dependency-name: "@storybook/svelte" dependency-version: 10.3.6 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm - dependency-name: "@storybook/sveltekit" dependency-version: 10.3.6 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm - dependency-name: "@sveltejs/kit" dependency-version: 2.59.1 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm - dependency-name: "@sveltejs/vite-plugin-svelte" dependency-version: 7.1.1 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm - dependency-name: "@tauri-apps/api" dependency-version: 2.11.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm - dependency-name: "@tauri-apps/cli" dependency-version: 2.11.1 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm - dependency-name: bits-ui dependency-version: 2.18.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm - dependency-name: eslint dependency-version: 10.3.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm - dependency-name: globals dependency-version: 17.6.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm - dependency-name: storybook dependency-version: 10.3.6 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm - dependency-name: svelte-check dependency-version: 4.4.8 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm - dependency-name: typescript-eslint dependency-version: 8.59.2 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm - dependency-name: zod dependency-version: 4.4.3 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm ... Signed-off-by: dependabot[bot] <support@github.com>

codeant-ai · 2026-05-06T13:29:21Z

Skipping PR review because a bot author is detected.

If you want to trigger CodeAnt AI, comment @codeant-ai review to trigger a manual review.

sonarqubecloud · 2026-05-06T13:30:20Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

socket-security · 2026-05-06T13:30:59Z

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Package	Supply Chain Security	Quality	Maintenance
npm/@rollup/rollup-darwin-arm64@4.60.2 ⏵ 4.60.3
npm/@tauri-apps/cli-darwin-arm64@2.10.1 ⏵ 2.11.1			⁺²
npm/@storybook/svelte@10.3.5 ⏵ 10.3.6			⁺¹
npm/typescript-eslint@8.59.1 ⏵ 8.59.2
npm/@storybook/sveltekit@10.3.5 ⏵ 10.3.6			⁺¹
npm/@sveltejs/kit@2.59.1
npm/@sveltejs/vite-plugin-svelte@7.1.1
npm/globals@17.5.0 ⏵ 17.6.0	⁺¹	⁺¹
npm/storybook@10.3.5 ⏵ 10.3.6
npm/@tauri-apps/cli@2.10.1 ⏵ 2.11.1		⁺¹	⁺²
npm/@tauri-apps/api@2.10.1 ⏵ 2.11.0	⁺¹	⁺¹
npm/eslint@10.2.1 ⏵ 10.3.0	⁺¹
npm/bits-ui@2.18.0 ⏵ 2.18.1	⁺¹	⁺¹
npm/svelte-check@4.4.8
npm/@tauri-apps/plugin-http@2.5.8 ⏵ 2.5.9			⁺³
npm/zod@4.3.6 ⏵ 4.4.3		⁺¹

View full report

dependabot · 2026-05-13T13:39:03Z

Looks like these dependencies are updatable in another way, so this is no longer needed.

dependabot Bot requested a review from KooshaPari as a code owner May 6, 2026 13:29

dependabot Bot added dependencies Pull requests updating dependencies javascript Pull requests that update javascript code labels May 6, 2026

dependabot Bot closed this May 13, 2026

dependabot Bot deleted the dependabot/npm_and_yarn/frontend/web/npm-117a9295ae branch May 13, 2026 13:39

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the npm group in /frontend/web with 16 updates#117

chore(deps): bump the npm group in /frontend/web with 16 updates#117
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/frontend/web/npm-117a9295ae

dependabot Bot commented on behalf of github May 6, 2026 •

edited

Loading

Uh oh!

codeant-ai Bot commented May 6, 2026

Uh oh!

sonarqubecloud Bot commented May 6, 2026

Uh oh!

socket-security Bot commented May 6, 2026

Uh oh!

dependabot Bot commented on behalf of github May 13, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github May 6, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

4.60.3

Bug Fixes

Pull Requests

@​tauri-apps/cli v2.11.1

[2.11.1]

Dependencies

tauri-cli v2.11.1

http-js v2.5.9

[2.5.9]

Dependencies

http v2.5.9

[2.5.9]

Dependencies

v10.3.6

10.3.6

10.3.6

v10.3.6

10.3.6

10.3.6

@​sveltejs/kit@​2.59.1

Patch Changes

@​sveltejs/kit@​2.59.0

Minor Changes

Patch Changes

2.59.1

Patch Changes

2.59.0

Minor Changes

Patch Changes

@​sveltejs/vite-plugin-svelte@​7.1.1

Patch Changes

@​sveltejs/vite-plugin-svelte@​7.1.0

Minor Changes

7.1.1

Patch Changes

7.1.0

Minor Changes

@​tauri-apps/api v2.11.0

[2.11.0]

New Features

@​tauri-apps/cli v2.11.1

[2.11.1]

Dependencies

@​tauri-apps/cli v2.11.0

[2.11.0]

New Features

Enhancements

Bug Fixes

What's Changed

Dependencies

bits-ui@2.18.1

Patch Changes

v10.3.0

Features

Bug Fixes

Documentation

Chores

v17.6.0

v10.3.6

10.3.6

10.3.6

svelte-check@4.4.8

Patch Changes

svelte-check@4.4.7

Patch Changes

v8.59.2

8.59.2 (2026-05-04)

🩹 Fixes

❤️ Thank You

Uh oh!

codeant-ai Bot commented May 6, 2026

Uh oh!

sonarqubecloud Bot commented May 6, 2026

Quality Gate passed

Uh oh!

socket-security Bot commented May 6, 2026

Uh oh!

dependabot Bot commented on behalf of github May 6, 2026 •

edited

Loading

`@tauri-apps/cli` v2.11.1

`@sveltejs/kit@2`.59.1

`@sveltejs/kit@2`.59.0

`@sveltejs/vite-plugin-svelte@7`.1.1

`@sveltejs/vite-plugin-svelte@7`.1.0

`@tauri-apps/api` v2.11.0

`@tauri-apps/cli` v2.11.1

`@tauri-apps/cli` v2.11.0