Bump svelte from 4.2.19 to 5.2.7 in /templates/svelte-basic

[dependabot[bot]]

Bumps svelte from 4.2.19 to 5.2.7.

Release notes

Sourced from svelte's releases.

svelte@5.2.7

Patch Changes

• fix: always use set for private identifiers (#14378)

svelte@5.2.6

Patch Changes

• fix: remove template expression inlining (#14374)

svelte@5.2.5

Patch Changes

• fix: correctly handle srcObject attribute on video elements (#14369)

• add contentvisibilityautostatechange event to element definitions (#14373)

• fix: tighten up export default validation (#14368)

• fix: include method definitions in class private fields (#14365)

svelte@5.2.4

Patch Changes

• fix: ensure internal cloning can work circular values (#14347)

• fix: correctly update dynamic member expressions (#14359)

• fix: ensure is_pure takes into account $effect.tracking() (#14333)

• fix: coerce value to number when hydrating range/number input with changed value (#14349)

svelte@5.2.3

Patch Changes

• fix: ensure dynamic call expressions correctly generate output (#14345)

svelte@5.2.2

Patch Changes

• fix: treat property accesses of literals as pure (#14325)

svelte@5.2.1

Patch Changes

• fix: mark pseudo classes nested inside :not as used (#14303)

• fix: disallow invalid attributes for <svelte:window> and <svelte:document> (#14228)

• fix: ensure props passed to components via mount are updateable (#14210)

... (truncated)

Changelog

Sourced from svelte's changelog.

5.2.7

Patch Changes

• fix: always use set for private identifiers (#14378)

5.2.6

Patch Changes

• fix: remove template expression inlining (#14374)

5.2.5

Patch Changes

• fix: correctly handle srcObject attribute on video elements (#14369)

• add contentvisibilityautostatechange event to element definitions (#14373)

• fix: tighten up export default validation (#14368)

• fix: include method definitions in class private fields (#14365)

5.2.4

Patch Changes

• fix: ensure internal cloning can work circular values (#14347)

• fix: correctly update dynamic member expressions (#14359)

• fix: ensure is_pure takes into account $effect.tracking() (#14333)

• fix: coerce value to number when hydrating range/number input with changed value (#14349)

5.2.3

Patch Changes

• fix: ensure dynamic call expressions correctly generate output (#14345)

5.2.2

Patch Changes

• fix: treat property accesses of literals as pure (#14325)

5.2.1

... (truncated)

Commits

• 6e391fc Version Packages (#14380)
• 520055c fix: always use set for private identifiers (#14378)
• 85ec6fa Version Packages (#14377)
• 9d12fd1 chore: remove template expression inlining (#14374)
• f616c22 Version Packages (#14366)
• 811c8d3 fix: correctly handle srcObject attribute on video elements (#14369)
• 7bd1cdf feat: add content-visibility: auto state change event (#14373)
• 4dfa0e3 fix: tighten up export default validation (#14368)
• 4c98c2e chore: consolidate checks for never-static attributes (#14372)
• 32a1453 fix: include method definitions in class private fields (#14365)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[socket-security[bot]]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/svelte@5.2.7	None	+17	4.76 MB	conduitry, rich_harris, svelte-admin

🚮 Removed packages: npm/svelte@4.2.19

View full report↗︎

[dependabot[bot]]

Superseded by #469.