Skip to content

chore(deps-dev): bump @sveltejs/vite-plugin-svelte from 5.1.1 to 7.0.0 in /prompt-launcher#27

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/prompt-launcher/sveltejs/vite-plugin-svelte-7.0.0
Open

chore(deps-dev): bump @sveltejs/vite-plugin-svelte from 5.1.1 to 7.0.0 in /prompt-launcher#27
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/prompt-launcher/sveltejs/vite-plugin-svelte-7.0.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Mar 18, 2026

Copy link
Copy Markdown

Bumps @sveltejs/vite-plugin-svelte from 5.1.1 to 7.0.0.

Release notes

Sourced from @​sveltejs/vite-plugin-svelte's releases.

@​sveltejs/vite-plugin-svelte@​7.0.0

Major Changes

  • breaking(deps): require vite 8 (#1266)

  • breaking(options): remove deprecated options (#1274)

    • vitePlugin.hot in svelte.config.js use compilerOptions.hmr instead
    • vitePlugin.ignorePluginPreprocessors in svelte.config.js no longer needed
    • api.idFilter of vite-plugin-svelte:api use api.filter instead
    • plugin.api.sveltePreprocess of other vite plugins Update affected plugins to a newer version or remove them. See docs for more information.

  • breaking(dev): no longer overrides compilerOptions.cssHash because Svelte now produces a stable css hash by itself (#1271)

  • breaking(inspector): integrate vite-plugin-svelte-inspector into vite-plugin-svelte to avoid circular dependency (#1270)

  • breaking(deps): require svelte 5.46.4 or later (#1271)

Patch Changes

  • chore: upgrade vitefu to compatible peer dependency range (#1286)

  • remove author field from package.json (#1281)

@​sveltejs/vite-plugin-svelte@​7.0.0-next.1

Patch Changes

  • chore: upgrade vitefu to compatible peer dependency range (#1286)

  • remove author field from package.json (#1281)

@​sveltejs/vite-plugin-svelte@​7.0.0-next.0

Major Changes

  • breaking(deps): require vite 8 (#1266)

  • breaking(deps): require svelte 5.46.4 or later (#1271)

... (truncated)

Changelog

Sourced from @​sveltejs/vite-plugin-svelte's changelog.

7.0.0

Major Changes

  • breaking(deps): require vite 8 (#1266)

  • breaking(options): remove deprecated options (#1274)

    • vitePlugin.hot in svelte.config.js use compilerOptions.hmr instead
    • vitePlugin.ignorePluginPreprocessors in svelte.config.js no longer needed
    • api.idFilter of vite-plugin-svelte:api use api.filter instead
    • plugin.api.sveltePreprocess of other vite plugins Update affected plugins to a newer version or remove them. See docs for more information.

  • breaking(dev): no longer overrides compilerOptions.cssHash because Svelte now produces a stable css hash by itself (#1271)

  • breaking(inspector): integrate vite-plugin-svelte-inspector into vite-plugin-svelte to avoid circular dependency (#1270)

  • breaking(deps): require svelte 5.46.4 or later (#1271)

Patch Changes

  • chore: upgrade vitefu to compatible peer dependency range (#1286)

  • remove author field from package.json (#1281)

7.0.0-next.1

Patch Changes

  • chore: upgrade vitefu to compatible peer dependency range (#1286)

  • remove author field from package.json (#1281)

7.0.0-next.0

Major Changes

  • breaking(deps): require vite 8 (#1266)

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​sveltejs/vite-plugin-svelte since your current version.


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps-dev): bump @sveltejs/vite-plugin-svelte in /prompt-launcher
841abbc 
Bumps [@sveltejs/vite-plugin-svelte](https://github.com/sveltejs/vite-plugin-svelte/tree/HEAD/packages/vite-plugin-svelte) from 5.1.1 to 7.0.0.
- [Release notes](https://github.com/sveltejs/vite-plugin-svelte/releases)
- [Changelog](https://github.com/sveltejs/vite-plugin-svelte/blob/main/packages/vite-plugin-svelte/CHANGELOG.md)
- [Commits](https://github.com/sveltejs/vite-plugin-svelte/commits/@sveltejs/vite-plugin-svelte@7.0.0/packages/vite-plugin-svelte)

---
updated-dependencies:
- dependency-name: "@sveltejs/vite-plugin-svelte"
  dependency-version: 7.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github

dependabot Bot commented on behalf of github Mar 18, 2026

Copy link
Copy Markdown
Author

Labels

The following labels could not be found: dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot requested a review from ZeroPointSix as a code owner March 18, 2026 00:11
@dependabot dependabot Bot mentioned this pull request Mar 18, 2026
Closed
ZeroPointSix
ZeroPointSix requested changes Jun 11, 2026
View reviewed changes

@ZeroPointSix ZeroPointSix left a comment

Copy link
Copy Markdown
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

总体结论:本轮巡检审查了 PR #27 当前 head 841abbc。这个 PR 不能单独合并:@sveltejs/vite-plugin-svelte@7 与当前解析到的 @sveltejs/kit@2.49.4 peer dependency 不兼容,CI 已在 npm ci 阶段失败。

关键发现:

  • 阻塞:GitHub Actions CI #36check-and-test (22.x)Install dependencies 步骤失败,错误为 ERESOLVE could not resolve。日志显示 @sveltejs/kit@2.49.4 的 peer dependency 只接受 @sveltejs/vite-plugin-svelte^3.0.0 || ^4.0.0-next.1 || ^5.0.0 || ^6.0.0-next.0,但本 PR 将根项目升级到 @sveltejs/vite-plugin-svelte@^7.0.0,因此安装阶段已经无法解析依赖。
  • 阻塞:插件 7 的 lockfile peer dependency 明确要求 vite^8.0.0-beta.7 || ^8.0.0,但当前 prompt-launcher/package.json 仍是 vite ^6.0.3。这和 PR #38 的 Vite 8 升级风险相关,不能把插件 7 作为独立小升级合并。
  • 高:插件 7 还要求 svelte ^5.46.4 和 Node ^20.19 || ^22.12 || >=24。当前 lockfile 被动解析出 svelte@5.54.0,满足最低 Svelte 要求;CI Node 22.22.x 也满足 engine。但这些条件应与 Svelte/Vite/SvelteKit 的整体升级一起验证,而不是靠单个 Dependabot PR 分散推进。
  • 中:lockfile 中本次触及的多个依赖 resolved 来源从 registry.npmmirror.com 变为 registry.npmjs.org。如果仓库有固定 registry 策略,后续重新生成 lockfile 时也需要保持一致。

优先级建议:

  • 阻塞:不要单独合并 PR #27。需要同步升级一组兼容版本:@sveltejs/kit@sveltejs/vite-plugin-sveltevite,并确认 Svelte 版本满足插件 7 的 peer range。
  • 高:完成依赖组合后重新生成 lockfile,并跑 npm cinpm run checknpm run build;如果 PR #44 的完整测试入口已合入基线,还应跑 npm run test
  • 中:确认 lockfile registry 来源变化是否符合仓库策略。

后续建议:

  • 建议把 PR #27 与 Vite 8 相关升级合并成一个明确的“前端工具链兼容性升级”PR 来处理,或者暂时关闭/忽略插件 7 的单独升级,等 SvelteKit 支持链完整后再重建 Dependabot PR。

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ZeroPointSix ZeroPointSix ZeroPointSix requested changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ZeroPointSix