Bump svelte from 4.2.19 to 5.2.8 in /templates/svelte-basic

[dependabot[bot]]

Bumps svelte from 4.2.19 to 5.2.8.

Release notes

Sourced from svelte's releases.

svelte@5.2.8

Patch Changes

• fix: correctly prune each blocks (#14403)

• fix: provide temporary LegacyComponentType (#14257)

• fix: attach spread attribute events synchronously (#14387)

• fix: ensure last empty text node correctly hydrates (#14425)

• fix: correctly prune key blocks (#14403)

svelte@5.2.7

Patch Changes

• fix: always use set for private identifiers (#14378)

svelte@5.2.6

Patch Changes

• fix: remove template expression inlining (#14374)

svelte@5.2.5

Patch Changes

• fix: correctly handle srcObject attribute on video elements (#14369)

• add contentvisibilityautostatechange event to element definitions (#14373)

• fix: tighten up export default validation (#14368)

• fix: include method definitions in class private fields (#14365)

svelte@5.2.4

Patch Changes

• fix: ensure internal cloning can work circular values (#14347)

• fix: correctly update dynamic member expressions (#14359)

• fix: ensure is_pure takes into account $effect.tracking() (#14333)

• fix: coerce value to number when hydrating range/number input with changed value (#14349)

svelte@5.2.3

Patch Changes

• fix: ensure dynamic call expressions correctly generate output (#14345)

... (truncated)

Changelog

Sourced from svelte's changelog.

5.2.8

Patch Changes

• fix: correctly prune each blocks (#14403)

• fix: provide temporary LegacyComponentType (#14257)

• fix: attach spread attribute events synchronously (#14387)

• fix: ensure last empty text node correctly hydrates (#14425)

• fix: correctly prune key blocks (#14403)

5.2.7

Patch Changes

• fix: always use set for private identifiers (#14378)

5.2.6

Patch Changes

• fix: remove template expression inlining (#14374)

5.2.5

Patch Changes

• fix: correctly handle srcObject attribute on video elements (#14369)

• add contentvisibilityautostatechange event to element definitions (#14373)

• fix: tighten up export default validation (#14368)

• fix: include method definitions in class private fields (#14365)

5.2.4

Patch Changes

• fix: ensure internal cloning can work circular values (#14347)

• fix: correctly update dynamic member expressions (#14359)

• fix: ensure is_pure takes into account $effect.tracking() (#14333)

• fix: coerce value to number when hydrating range/number input with changed value (#14349)

... (truncated)

Commits

• 2b5c0e7 Version Packages (#14383)
• 63484af fix: ensure last empty text node correctly hydrates (#14425)
• 37e6c7f fix: correctly prune key/each blocks (#14403)
• e721d96 fix: export temporary LegacyComponentType (#14256) (#14257)
• 0469008 chore: remove references to node.parent (#14395)
• dd9abea fix: ensure spread attribute events are attached synchronously (#14387)
• 6e391fc Version Packages (#14380)
• 520055c fix: always use set for private identifiers (#14378)
• 85ec6fa Version Packages (#14377)
• 9d12fd1 chore: remove template expression inlining (#14374)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[socket-security[bot]]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/svelte@5.2.8	None	+17	4.76 MB	conduitry, rich_harris, svelte-admin

🚮 Removed packages: npm/svelte@4.2.19

View full report↗︎

[dependabot[bot]]

Superseded by #471.