chore(deps-dev): bump the development group with 8 updates

[dependabot]

Bumps the development group with 8 updates:

Package	From	To
@sveltejs/vite-plugin-svelte	7.0.0	7.1.2
lighthouse	13.1.0	13.3.0
playwright	1.59.1	1.60.0
svelte	5.55.7	5.56.1
svelte-check	4.4.7	4.5.0
vite	8.0.10	8.0.16
vite-plugin-pwa	1.2.0	1.3.0
vitest	4.1.5	4.1.8

Updates @sveltejs/vite-plugin-svelte from 7.0.0 to 7.1.2

Release notes

Sourced from @​sveltejs/vite-plugin-svelte's releases.

@​sveltejs/vite-plugin-svelte@​7.1.2

Patch Changes

• fix: correctly resolve compiled CSS on the server for dependencies with Svelte files (#1342)

@​sveltejs/vite-plugin-svelte@​7.1.1

Patch Changes

• fix: pass typescript.onlyRemoveTypeImports to transformWithOxc in vitePreprocess so that value imports are not dropped when they are only referenced in Svelte template markup (#1326)

• fix: correctly resolve compiled CSS for optimised Svelte dependencies on the server (#1336)

@​sveltejs/vite-plugin-svelte@​7.1.0

Minor Changes

• feat: enable optimizer for server environments during dev (#1328)

Changelog

Sourced from @​sveltejs/vite-plugin-svelte's changelog.

7.1.2

Patch Changes

• fix: correctly resolve compiled CSS on the server for dependencies with Svelte files (#1342)

7.1.1

Patch Changes

• fix: pass typescript.onlyRemoveTypeImports to transformWithOxc in vitePreprocess so that value imports are not dropped when they are only referenced in Svelte template markup (#1326)

• fix: correctly resolve compiled CSS for optimised Svelte dependencies on the server (#1336)

7.1.0

Minor Changes

• feat: enable optimizer for server environments during dev (#1328)

Commits

• 471f822 Version Packages (#1344)
• 1a9bc08 fix: always retrieve CSS using component filename first (#1342)
• 508d91b Version Packages (#1339)
• 990e58c fix: correctly resolve Svelte CSS on the server during development (#1336)
• d5458a9 fix: restore value imports stripped by oxc in script preprocessing (#1326)
• 1c85126 Version Packages (#1331)
• 1a4d225 feat: enable optimizer for server environments during dev (#1328)
• d91be5f fix: use correct pnpm catalog syntax
• 4d3afb4 chore: fix audit CI (#1327)
• 8b3687b use modern JSDoc imports (#1309)
• See full diff in compare view

Updates lighthouse from 13.1.0 to 13.3.0

Release notes

Sourced from lighthouse's releases.

v13.3.0

Full Changelog

We expect this release to ship in the DevTools of Chrome 150, and to PageSpeed Insights within 2 weeks.

Notable Changes

• New agentic browsing category added to default config (#17002)

Core

• agentic-web: add links to category and audit descriptions (#16997)
• llms-txt: adjust titles and descriptions and add smoketests (#17005)

Deps

• upgrade dependencies (#17006)

Tests

• smoke: widen byte efficiency wastedBytes range for ToT (#16996)
• webmcp: add webmcp smoketests (#16999)

Misc

• bundle: update build-bundle-mcp (#16995)

v13.2.0

Full Changelog

We expect this release to ship in the DevTools of Chrome 150, and to PageSpeed Insights within 2 weeks.

New contributors

Thanks to our new contributors 👽🐷🐰🐯🐻!

• ducky-duke @​ducky-duke
• Simon Zünd @​szuend

New Audits

• webmcp-form-coverage: add audit for missing webmcp tool annotations (#16964)
• webmcp-registered-tools: add audit to list registered webmcp tools (#16959)
• webmcp-schema-validity: add audit to check WebMCP schema issues (#16973)

Core

• implement UKM Invalidate fallback for LCP (#16956)
• agentic: add new agentic browsing category (#16953)

... (truncated)

Changelog

Sourced from lighthouse's changelog.

13.3.0 (2026-05-07)

Full Changelog

We expect this release to ship in the DevTools of Chrome 150, and to PageSpeed Insights within 2 weeks.

Notable Changes

• New agentic browsing category added to default config (#17002)

Core

• agentic-web: add links to category and audit descriptions (#16997)
• llms-txt: adjust titles and descriptions and add smoketests (#17005)

Deps

• upgrade dependencies (#17006)

Tests

• smoke: widen byte efficiency wastedBytes range for ToT (#16996)
• webmcp: add webmcp smoketests (#16999)

Misc

• bundle: update build-bundle-mcp (#16995)

13.2.0 (2026-04-30)

Full Changelog

We expect this release to ship in the DevTools of Chrome 150, and to PageSpeed Insights within 2 weeks.

New contributors

Thanks to our new contributors 👽🐷🐰🐯🐻!

• ducky-duke @​ducky-duke
• Simon Zünd @​szuend

New Audits

• webmcp-form-coverage: add audit for missing webmcp tool annotations (#16964)
• webmcp-registered-tools: add audit to list registered webmcp tools (#16959)
• webmcp-schema-validity: add audit to check WebMCP schema issues (#16973)

Core

• implement UKM Invalidate fallback for LCP (#16956)
• agentic: add new agentic browsing category (#16953)

... (truncated)

Commits

• 7d8dcf5 v13.3.0 (#17008)
• f146050 deps: upgrade dependencies (#17006)
• ec66b4a core(llms-txt): adjust titles and descriptions and add smoketests (#17005)
• 147d04c tests(webmcp): add webmcp smoketests (#16999)
• e120fad Revert "clients(devtools): include agentic browsing config in devtools entry"...
• e796f1b core(agentic browsing): add agentic browsing category to default config (#17002)
• e148cc6 Revert "clients(devtools): include agentic browsing config in devtools entry"...
• 081b1f2 clients(devtools): include agentic browsing config in devtools entry (#16998)
• 7db9ab8 core(agentic-web): add links to category and audit descriptions (#16997)
• 8c6a64e misc(bundle): update build-bundle-mcp (#16995)
• Additional commits viewable in compare view

Updates playwright from 1.59.1 to 1.60.0

Release notes

Sourced from playwright's releases.

v1.60.0

🌐 HAR recording on Tracing

tracing.startHar() / tracing.stopHar() expose HAR recording as a first-class tracing API, with the same content, mode and urlFilter options as recordHar. The returned Disposable makes it easy to scope a recording with await using:

await using har = await context.tracing.startHar('trace.har');
const page = await context.newPage();
await page.goto('https://playwright.dev');
// HAR is finalized when `har` goes out of scope.

🪝 Drop API

New locator.drop() simulates an external drag-and-drop of files or clipboard-like data onto an element. Playwright dispatches dragenter, dragover, and drop with a synthetic [DataTransfer] in the page context — works cross-browser and is great for testing upload zones:

await page.locator('#dropzone').drop({
  files: { name: 'note.txt', mimeType: 'text/plain', buffer: Buffer.from('hello') },
});
await page.locator('#dropzone').drop({
data: {
'text/plain': 'hello world',
'text/uri-list': 'https://example.com',
},
});

🎯 Aria snapshots

• expect(page).toMatchAriaSnapshot() now works on a Page, in addition to a Locator — equivalent to asserting against page.locator('body').
• New boxes option on locator.ariaSnapshot() / page.ariaSnapshot() appends each element's bounding box as [box=x,y,width,height], useful for AI consumption.

🛑 test.abort()

New test.abort() aborts the currently running test from a fixture, hook, or route handler with an optional message. Use it when you have detected an unrecoverable misuse and want to fail the test right away:

test('does not publish to the shared page', async ({ page }) => {
  await page.route('**/publish', route => {
    test.abort('Tests must not publish to the shared page. Use the `clone` option.');
    return route.abort();
  });
  // ...
});

New APIs

Browser, Context and Page

... (truncated)

Commits

• 87bb9dd cherry-pick(#40747): fix(yauzl): vendor yauzl with destroy-lifecycle fix
• 9a9c51c cherry-pick(#40733): chore(electron): revert #40184 (move Electron API to a s...
• 4b3b628 cherry-pick(#40736): Revert "feat(electron): add timeout option to electronAp...
• f869f96 chore: bump version to v1.60.0 (#40714)
• 7eb6918 cherry-pick(#40710): docs: release notes v1.60
• 118d2aa cherry-pick(#40693): chore(python): formdata path type
• 54012f5 chore(deps): bump ip-address and express-rate-limit (#40680)
• 9fa531d fix(screencast): unblock frame ack when an async client disconnects (#40674)
• 3649db5 chore(mcp): bump default extension protocol to v2 (#40678)
• bb6c009 chore(extension): mark 0.2.1 (#40679)
• Additional commits viewable in compare view

Updates svelte from 5.55.7 to 5.56.1

Release notes

Sourced from svelte's releases.

svelte@5.56.1

Patch Changes

• fix: error at compile time on duplicate snippet/declaration tag definitions (#18351)

• fix: parse declaration tag contents more robustly (#18353)

• fix: correctly transform references to earlier declarators in a declaration tag (e.g. {let a = $state(0), b = $derived(a * 2)}) (#18348)

• fix: avoid spurious state_referenced_locally warnings for $derived declarations in declaration tags (#18348)

• fix: tolerate whitespace before let/const in declaration tags (#18348)

• fix: prevent infinite loop when a tag's expression ends with a trailing / at the end of the input (#18350)

• fix: more robust parsing of declaration tags with regards to type (#18330)

• fix: preserve newlines in spread input values when the type attribute is applied after value (#18345)

• fix: update SvelteURLSearchParams when setting duplicate keys to the same joined value (#18336)

• fix: check references for blockers on server, too (#18352)

svelte@5.56.0

Minor Changes

• feat: allow declarations in the template (#18282)

Patch Changes

• perf: use createElement instead of createElementNS for HTML elements (#18262)

• perf: store current_sources as a Set for O(1) membership checks (#18278)

• perf: deduplicate identical hoisted templates within a component (#18320)

• perf: hoist rest_props exclude list as a module-scope Set (#18252)

svelte@5.55.10

Patch Changes

• fix: unlink errored and otherwise finished batch (#18264)

• perf: walk composedPath() directly in delegated event propagation (#18268)

• fix: transfer effects when merging batches (#18254)

• fix: allow $derived(await ...) in disconnected effect roots (#18273)

• fix: remove temporary raw-text hydration markers (#18269)

... (truncated)

Changelog

Sourced from svelte's changelog.

5.56.1

Patch Changes

• fix: error at compile time on duplicate snippet/declaration tag definitions (#18351)

• fix: parse declaration tag contents more robustly (#18353)

• fix: correctly transform references to earlier declarators in a declaration tag (e.g. {let a = $state(0), b = $derived(a * 2)}) (#18348)

• fix: avoid spurious state_referenced_locally warnings for $derived declarations in declaration tags (#18348)

• fix: tolerate whitespace before let/const in declaration tags (#18348)

• fix: prevent infinite loop when a tag's expression ends with a trailing / at the end of the input (#18350)

• fix: more robust parsing of declaration tags with regards to type (#18330)

• fix: preserve newlines in spread input values when the type attribute is applied after value (#18345)

• fix: update SvelteURLSearchParams when setting duplicate keys to the same joined value (#18336)

• fix: check references for blockers on server, too (#18352)

5.56.0

Minor Changes

• feat: allow declarations in the template (#18282)

Patch Changes

• perf: use createElement instead of createElementNS for HTML elements (#18262)

• perf: store current_sources as a Set for O(1) membership checks (#18278)

• perf: deduplicate identical hoisted templates within a component (#18320)

• perf: hoist rest_props exclude list as a module-scope Set (#18252)

5.55.10

Patch Changes

• fix: unlink errored and otherwise finished batch (#18264)

• perf: walk composedPath() directly in delegated event propagation (#18268)

• fix: transfer effects when merging batches (#18254)

... (truncated)

Commits

• 3ef761b Version Packages (#18346)
• 5b8db1b fix: error at compile time on duplicate snippet/declaration tag definitions (...
• 56013a2 fix: check references for blockers on server, too (#18352)
• 2afb895 fix: parse declaration tags with a division operator in the initializer (#18353)
• b471c15 fix: don't hang on a tag whose expression ends with a trailing slash (#18350)
• c74f44f fix: don't mistake type identifier expressions for TS type declarations i...
• b76b937 fix: various declaration tag bugs (#18348)
• 378bb25 fix: set input type before spread value (#18345)
• 2f6307a Fix searchParams.set duplicate updates (#18336)
• 11985c0 docs: desloppify browser support page (#18333)
• Additional commits viewable in compare view

Updates svelte-check from 4.4.7 to 4.5.0

Release notes

Sourced from svelte-check's releases.

svelte-check@4.5.0

Minor Changes

• feat: support Svelte 5 declaration tags (#3033)

Patch Changes

• fix: properly handle props with the name slot inside Svelte 5 snippets (#3030)

• feat: add support for svelte config ts/mts files (#3009)

svelte-check@4.4.8

Patch Changes

• feat: typescript 6.0 support (#2985)

Commits

• 67fbcae Version Packages (#3018)
• 3474048 fix(emitDts): drop declarations emitted outside declarationDir (#2965)
• e9f4ce9 feat: support Svelte 5 declaration tags (#3033)
• 6bd8b17 fix: take into account component references when calculating snippet hoistabi...
• 86fafb1 fix: handle prop named "slot" inside Svelte 5 snippets (#3030)
• f53efb3 feat: add support for svelte config ts/mts files (#3009)
• 6d19b08 fix: tweak "show compiled" icon (#3019)
• 6e31da3 fix: prevent > in expression affects HTML folding (#3029)
• 1521b92 fix: support prettier.useEditorConfig setting (#3026)
• eb3fba7 feat: support CSS completions in nested style tags (#3022)
• Additional commits viewable in compare view

Updates vite from 8.0.10 to 8.0.16

Release notes

Sourced from vite's releases.

v8.0.16

Please refer to CHANGELOG.md for details.

v8.0.15

Please refer to CHANGELOG.md for details.

v8.0.14

Please refer to CHANGELOG.md for details.

v8.0.13

Please refer to CHANGELOG.md for details.

v8.0.12

Please refer to CHANGELOG.md for details.

v8.0.11

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

8.0.16 (2026-06-01)

Bug Fixes

• deps: reject UNC paths for launch-editor-middleware (#22571) (50b9512)
• reject windows alternate paths (#22572) (dc245c7)

8.0.15 (2026-06-01)

Features

• send 408 on request timeout (#22476) (c85c9ee)
• update rolldown to 1.0.3 (#22538) (646dbed)

Bug Fixes

• capitalize error messages and remove spurious space in parse error (#22488) (85a0eff)
• deps: update all non-major dependencies (#22511) (2686d7d)
• dev: fix html-proxy cache key mismatch for /@fs/ HTML paths (#21762) (47c4213)
• glob: error on relative glob in virtual module when no files match (#22497) (5c8e98f)
• optimizer: close the rolldown bundle when write() rejects (#22528) (e3cfb9d)
• resolve: provide onWarn for viteResolvePlugin in JS plugin containers (#22509) (40985f1)

Miscellaneous Chores

• deps: update rolldown-related dependencies (#22566) (3052a67)

Code Refactoring

• correct logic in collectAllModules function (#22562) (6978a9c)

8.0.14 (2026-05-21)

Features

• update rolldown to 1.0.2 (#22484) (96efc88)

Bug Fixes

• deps: update all non-major dependencies (#22471) (98b8163)
• dev: handle errors when sending messages to vite server (#22450) (e8e9a34)
• html: handle trailing slash paths in transformIndexHtml (#22480) (5d94d1b)
• optimizer: pass oxc jsx options to transformSync in dependency scan (#22342) (b3132da)

Miscellaneous Chores

• deps: update rolldown-related dependencies (#22470) (7cb728e)
• remove irrelevant commits from changelog (2c69495)

Code Refactoring

• glob: do not rewrite import path for absolute base (#22310) (0ae2844)

... (truncated)

Commits

• f94df87 release: v8.0.16
• dc245c7 fix: reject windows alternate paths (#22572)
• 50b9512 fix(deps): reject UNC paths for launch-editor-middleware (#22571)
• 8d1b019 release: v8.0.15
• 2686d7d fix(deps): update all non-major dependencies (#22511)
• 3052a67 chore(deps): update rolldown-related dependencies (#22566)
• e3cfb9d fix(optimizer): close the rolldown bundle when write() rejects (#22528)
• 6978a9c refactor: correct logic in collectAllModules function (#22562)
• 646dbed feat: update rolldown to 1.0.3 (#22538)
• 85a0eff fix: capitalize error messages and remove spurious space in parse error (#22488)
• Additional commits viewable in compare view

Updates vite-plugin-pwa from 1.2.0 to 1.3.0

Release notes

Sourced from vite-plugin-pwa's releases.

v1.3.0

   🚀 Features

• Add vite 8 peer dependency support  -  by @​Hermione-Granger-1176 and Claude Opus 4.6 (1M context) (276af)
• client: Add onNeedReload callback  -  by @​tomrehnstrom (fb308)

    View changes on GitHub

Commits

• 05670fc chore: release v1.3.0
• 207f86e Merge pull request #899 from rj-au/patch-1
• 67f5000 Merge pull request #929 from vite-pwa/userquin/chore-bump-workbox-to-7.4.1
• a964691 chore: update workbox to 7.4.1
• 2432f65 Merge pull request #924 from Hermione-Granger-1176/feat/add-vite-8-peer-dep
• 3476818 Merge pull request #914 from tomrehnstrom/feat/on-need-reload
• 276af62 feat: add vite 8 peer dependency support
• 4e16215 chore: use "moduleResolution": "bundler" (#913)
• fb30890 feat(client): add onNeedReload callback
• 3fc4b27 JSDOC: registerType: fix grammar and description
• See full diff in compare view

Updates vitest from 4.1.5 to 4.1.8

Release notes

Sourced from vitest's releases.

v4.1.8

   🐞 Bug Fixes

• browser:
  • Disable client cdp API when allowWrite/allowExec: false [backport to v4]  -  by @​hi-ogawa and Codex in vitest-dev/vitest#10450 (e4067)
  • Remove orphaned Playwright route when same module is mocked via multiple ids [backport to v4]  -  by @​toxik and @​Zelys-DFKH in vitest-dev/vitest#10474 (675b4)

    View changes on GitHub

v4.1.7

   🐞 Bug Fixes

• runner: Limit concurrency per task branch in addition to per leaf callbacks (backport)  -  by @​hi-ogawa in vitest-dev/vitest#10384 (4f0f2)

    View changes on GitHub

v4.1.6

   🐞 Bug Fixes

• browser: Provide project reference in ToMatchScreenshotResolvePath  -  by @​macarie and @​sheremet-va in vitest-dev/vitest#10138 (31882)
• Global sequence.concurrent: true with top-level test(..., { concurrent: false }) + depreacte sequential test API and options  -  by @​hi-ogawa, Codex and @​sheremet-va in vitest-dev/vitest#10196 (2847d)
• browser: Simplify orchestrator otel carrier  -  by @​hi-ogawa in vitest-dev/vitest#10285 (18af9)

   🏎 Performance

• Stringify diff objects only once  -  by @​sheremet-va in vitest-dev/vitest#10276 (9f7b1)

    View changes on GitHub

Commits

• e61f2dd chore: release v4.1.8
• e4067b3 fix(browser): disable client cdp API when allowWrite/allowExec: false [ba...
• a09d472 chore: release v4.1.7
• a8fd24c chore: release v4.1.6
• 18af98c fix(browser): simplify orchestrator otel carrier (#10285)
• 3188260 feat(browser): provide project reference in ToMatchScreenshotResolvePath (#...
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: auto-merge, dependencies, npm. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.