fix(deps): update all non-major dependencies

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence	Type	Update
@fortawesome/fontawesome-free (source)	6.6.0 → 6.7.2			devDependencies	minor
docker/login-action	v3.3.0 → v3.7.0			action	minor
docker/metadata-action	v5.5.1 → v5.10.0			action	minor
github.com/coreos/go-oidc/v3	v3.17.0 → v3.18.0			require	minor
github.com/getkin/kin-openapi	v0.131.0 → v0.135.0			require	minor
github.com/go-ldap/ldap/v3	v3.4.12 → v3.4.13			require	patch
github.com/oapi-codegen/oapi-codegen/v2	v2.4.1 → v2.6.0			indirect	minor
github.com/oapi-codegen/runtime	v1.1.1 → v1.4.0			require	minor
github.com/urfave/cli/v3	v3.6.2 → v3.8.0			require	minor
golang.org/x/crypto	v0.47.0 → v0.50.0			require	minor
golang.org/x/net	v0.49.0 → v0.53.0			require	minor
golang.org/x/oauth2	v0.35.0 → v0.36.0			require	minor
golang.org/x/sys	v0.41.0 → v0.43.0			require	minor

---

Release Notes

FortAwesome/Font-Awesome (@​fortawesome/fontawesome-free)

v6.7.2

Compare Source

Change log available at https://fontawesome.com/docs/changelog/

v6.7.1

Compare Source

Change log available at https://fontawesome.com/docs/changelog/

v6.7.0

Compare Source

Change log available at https://fontawesome.com/docs/changelog/

docker/login-action (docker/login-action)

v3.7.0

Compare Source

• Add scope input to set scopes for the authentication token by @​crazy-max in #​912
• Add support for AWS European Sovereign Cloud ECR by @​dphi in #​914
• Ensure passwords are redacted with registry-auth input by @​crazy-max in #​911
• build(deps): bump lodash from 4.17.21 to 4.17.23 in #​915

Full Changelog: docker/login-action@v3.6.0...v3.7.0

v3.6.0

Compare Source

• Add registry-auth input for raw authentication to registries by @​crazy-max in #​887
• Bump @​aws-sdk/client-ecr to 3.890.0 in #​882 #​890
• Bump @​aws-sdk/client-ecr-public to 3.890.0 in #​882 #​890
• Bump @​docker/actions-toolkit from 0.62.1 to 0.63.0 in #​883
• Bump brace-expansion from 1.1.11 to 1.1.12 in #​880
• Bump undici from 5.28.4 to 5.29.0 in #​879
• Bump tmp from 0.2.3 to 0.2.4 in #​881

Full Changelog: docker/login-action@v3.5.0...v3.6.0

v3.5.0

Compare Source

• Support dual-stack endpoints for AWS ECR by @​Spacefish @​crazy-max in #​874 #​876
• Bump @​aws-sdk/client-ecr to 3.859.0 in #​860 #​878
• Bump @​aws-sdk/client-ecr-public to 3.859.0 in #​860 #​878
• Bump @​docker/actions-toolkit from 0.57.0 to 0.62.1 in #​870
• Bump form-data from 2.5.1 to 2.5.5 in #​875

Full Changelog: docker/login-action@v3.4.0...v3.5.0

v3.4.0

Compare Source

• Bump @​actions/core from 1.10.1 to 1.11.1 in #​791
• Bump @​aws-sdk/client-ecr to 3.766.0 in #​789 #​856
• Bump @​aws-sdk/client-ecr-public to 3.758.0 in #​789 #​856
• Bump @​docker/actions-toolkit from 0.35.0 to 0.57.0 in #​801 #​806 #​858
• Bump cross-spawn from 7.0.3 to 7.0.6 in #​814
• Bump https-proxy-agent from 7.0.5 to 7.0.6 in #​823
• Bump path-to-regexp from 6.2.2 to 6.3.0 in #​777

Full Changelog: docker/login-action@v3.3.0...v3.4.0

docker/metadata-action (docker/metadata-action)

v5.10.0

Compare Source

• Bump @​docker/actions-toolkit from 0.66.0 to 0.68.0 in #​559 #​569
• Bump js-yaml from 3.14.1 to 3.14.2 in #​564

Full Changelog: docker/metadata-action@v5.9.0...v5.10.0

v5.9.0

Compare Source

• Add tag-names output to return tag names without image base name by @​crazy-max in #​553
• Bump @​babel/runtime-corejs3 from 7.14.7 to 7.28.2 in #​539
• Bump @​docker/actions-toolkit from 0.62.1 to 0.66.0 in #​555
• Bump brace-expansion from 1.1.11 to 1.1.12 in #​540
• Bump csv-parse from 5.6.0 to 6.1.0 in #​532
• Bump semver from 7.7.2 to 7.7.3 in in #​554
• Bump tmp from 0.2.3 to 0.2.5 in #​541

Full Changelog: docker/metadata-action@v5.8.0...v5.9.0

v5.8.0

Compare Source

• New is_not_default_branch global expression by @​crazy-max in #​535
• Allow to match part of the git tag or value for semver/pep440 types by @​crazy-max in #​536 #​537
• Bump @​actions/github from 6.0.0 to 6.0.1 in #​523
• Bump @​docker/actions-toolkit from 0.56.0 to 0.62.1 in #​526
• Bump form-data from 2.5.1 to 2.5.5 in #​533
• Bump moment-timezone from 0.5.47 to 0.6.0 in #​525
• Bump semver from 7.7.1 to 7.7.2 in #​524

Full Changelog: docker/metadata-action@v5.7.0...v5.8.0

v5.7.0

Compare Source

• Global expressions support for labels and annotations by @​crazy-max in #​489
• Support disabling outputs as environment variables by @​omus in #​497
• Bump @​docker/actions-toolkit from 0.44.0 to 0.56.0 in #​507 #​509
• Bump csv-parse from 5.5.6 to 5.6.0 in #​482
• Bump moment-timezone from 0.5.46 to 0.5.47 in #​501
• Bump semver from 7.6.3 to 7.7.1 in #​504

Full Changelog: docker/metadata-action@v5.6.1...v5.7.0

v5.6.1

Compare Source

• Fix GitHub API request fallback for commit date by @​crazy-max in #​478
• Revert to default commit SHA length of 7 by @​crazy-max in #​480

Full Changelog: docker/metadata-action@v5.6.0...v5.6.1

v5.6.0

Compare Source

• Add commit_date global expression by @​trim21 in #​471 #​475
• Increase short commit sha length to 12 for uniqueness by @​crazy-max in #​467
• Bump @​actions/core from 1.10.1 to 1.11.1 #​460
• Bump @​docker/actions-toolkit from 0.16.1 to 0.44.0 #​391 #​399 #​413 #​441
• Bump braces from 3.0.2 to 3.0.3 #​424
• Bump cross-spawn from 7.0.3 to 7.0.5 #​474
• Bump csv-parse from 5.5.5 to 5.5.6 #​412
• Bump moment-timezone from 0.5.44 to 0.5.46 #​383 #​470 #​459
• Bump path-to-regexp from 6.2.2 to 6.3.0 #​454
• Bump semver from 7.6.0 to 7.6.3 #​400 #​411 #​440
• Bump undici from 5.26.3 to 5.28.4 #​386 #​402

Full Changelog: docker/metadata-action@v5.5.1...v5.6.0

coreos/go-oidc (github.com/coreos/go-oidc/v3)

v3.18.0

Compare Source

What's Changed

• .github: configure dependabot by @​ericchiang in #​477
• .github: update go versions in CI by @​ericchiang in #​480
• build(deps): bump golang.org/x/oauth2 from 0.28.0 to 0.36.0 by @​dependabot[bot] in #​478
• build(deps): bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4 by @​dependabot[bot] in #​479

Full Changelog: coreos/go-oidc@v3.17.0...v3.18.0

getkin/kin-openapi (github.com/getkin/kin-openapi)

v0.135.0

Compare Source

What's Changed

• openapi3: strip origin from Encodings and ServerVariables maps by @​reuvenharrison in #​1132
• fix: update yaml3 to prevent panic on empty mapping node in sequence by @​reuvenharrison in #​1133
• openapi3: strip origin from extension values to prevent spurious diffs by @​reuvenharrison in #​1137
• openapi3: strip origin from slices in example values by @​reuvenharrison in #​1138
• fix: bump yaml and yaml3 to v0.0.4 by @​reuvenharrison in #​1136
• openapi3: OriginTree approach for origin tracking — separate pass, no inline stripping by @​reuvenharrison in #​1142
• README: drop go-openapi/spec3 by @​zonescape in #​1143
• fix: bump yaml3+yaml to v0.0.9 to fix -root schema origin by @​reuvenharrison in #​1144
• openapi3: call ReadFromURIFunc before checking IsExternalRefsAllowed by @​reuvenharrison in #​1146
• fix: use location.String() instead of location.Path for origin file tracking by @​reuvenharrison in #​1145
• refactor: Replace sort usage with slices package by @​jedevc in #​1147

New Contributors

• @​zonescape made their first contribution in #​1143
• @​jedevc made their first contribution in #​1147

Full Changelog: getkin/kin-openapi@v0.134.0...v0.135.0

v0.134.0

Compare Source

What's Changed

• openapi3filter: feat(multipart-ct-decoder): default body decoder on binary schema by @​mieltn in #​1097
• openapi3: ensure SchemaErrors get the correct path for allOf schemas by @​jamesfcarter in #​1098
• openapi3filter: Fix empty string handling in parameter validation by @​utah-KT in #​1096
• tidy(docs): Update references to oapi-codegen project URL (issue #​1094) by @​frenchi in #​1095
• openapi2conv: fix allOf inside additionalProperties by @​dani-maarouf in #​1103
• openapi3filter: Reject requests with body when non expected (issue 1100) by @​CynanX in #​1101
• openapi3: fix for RFC3339 validation: time-offset is a required component by @​mpreu in #​1104
• openapi3: add file path to origin location tracking by @​reuvenharrison in #​1128
• openapi3filter: fix bug where absent optional properties fail validation in form-urlencoded requests by @​thierry-f-78 in #​1110
• feat: add document-scoped format validators to prevent global state pollution by @​the-corp-mark in #​1126
• openapi3: process discriminator mapping values as refs by @​RaduPetreTarean in #​1108
• openapi3: serialize Extensions when using $ref by @​irees in #​1131

New Contributors

• @​mieltn made their first contribution in #​1097
• @​jamesfcarter made their first contribution in #​1098
• @​utah-KT made their first contribution in #​1096
• @​frenchi made their first contribution in #​1095
• @​dani-maarouf made their first contribution in #​1103
• @​CynanX made their first contribution in #​1101
• @​mpreu made their first contribution in #​1104
• @​thierry-f-78 made their first contribution in #​1110
• @​the-corp-mark made their first contribution in #​1126
• @​RaduPetreTarean made their first contribution in #​1108

Full Changelog: getkin/kin-openapi@v0.133.0...v0.134.0

v0.133.0

Compare Source

What's Changed

• openapi3: resolve Snyk security warning with path traversal by @​seborama in #​1066
• openapi3: replace bigfloat with decimal128 to fix rounding errors during validation by @​Revolyssup in #​1068
• openapi2conv: Preserve externalDocs on operations during conversion by @​hwustrack in #​1070
• openapi3: fix ineffectual caching of compiled regexps by @​philpearl in #​1076
• openapi3: use Ptr instead of BoolPtr,Float64Ptr,Int64Ptr,Uint64Ptr by @​alexandear in #​1033
• openapi3: resolve refs in parameter examples by @​reuvenharrison in #​1086
• openapifilter: Add support for RFC 7396 application/merge-patch+json by @​byted in #​1084
• openapi3filter: use FileBodyDecoder if the format is specified as binary by @​dbarrosop in #​1088
• openapi3: preserve all validation errors for allOf by @​alexbakker in #​1087
• openapi3filter: support primitive parsing for individual text like parts in multipart/form-data by @​nmeheus in #​1090
• Some coding style fixes and cleaning up by @​fenollp in #​1093
• openapi2conv: preserve x-fields when converting from v2 to v3 by @​saltbo in #​1092

New Contributors

• @​seborama made their first contribution in #​1066
• @​Revolyssup made their first contribution in #​1068
• @​hwustrack made their first contribution in #​1070
• @​philpearl made their first contribution in #​1076
• @​byted made their first contribution in #​1084
• @​dbarrosop made their first contribution in #​1088
• @​nmeheus made their first contribution in #​1090
• @​saltbo made their first contribution in #​1092

Full Changelog: getkin/kin-openapi@v0.132.0...v0.133.0

v0.132.0

Compare Source

What's Changed

• style: Use fmt.Sprint without formating by @​gaiaz-iusipov in #​1061
• openapi3filter: don't consume request body in AuthenticatorFunc by @​jamietanna in #​1064
• openapi2conv: fix for refs on items within additional properties by @​roberth1988 in #​1067

New Contributors

• @​gaiaz-iusipov made their first contribution in #​1061
• @​roberth1988 made their first contribution in #​1067

Full Changelog: getkin/kin-openapi@v0.131.0...v0.132.0

go-ldap/ldap (github.com/go-ldap/ldap/v3)

v3.4.13

Compare Source

What's Changed

• fix DirSync flags encoding by @​johnallers in #​571
• Remove execute bit from test file by @​gibmat in #​572
• chore(deps): bump golang.org/x/crypto from 0.36.0 to 0.45.0 in /v3 by @​dependabot[bot] in #​573
• Update search.go: fix typo by @​reshke in #​574
• Fix ExtendedResponse parsing by @​giggsoff in #​575
• fix: correct extended request/response handling in Extended by @​cpuschma in #​576
• refactor: simplify WhoAmI implementation using Extended API by @​cpuschma in #​577
• feat: add PostalAddress type by @​cpuschma in #​579
• chore: update dependencies by @​cpuschma in #​581
• Address panic in GetLDAPError, add fuzzer by @​TomSellers in #​582

New Contributors

• @​johnallers made their first contribution in #​571
• @​gibmat made their first contribution in #​572
• @​reshke made their first contribution in #​574
• @​giggsoff made their first contribution in #​575

Full Changelog: go-ldap/ldap@v3.4.12...v3.4.13

oapi-codegen/oapi-codegen (github.com/oapi-codegen/oapi-codegen/v2)

v2.6.0: : 7th anniversary release 🎂

Compare Source

For those that aren't aware, 7 years ago to the day, oapi-codegen was born!

(Well, technically it's tonight at midnight UTC, but who's splitting hairs?)

There's nothing too special planned for today, but we thought it'd be the perfect time to cut a slice of cake a release!

🎉 Notable changes

New generated code requires oapi-codegen/runtime v1.2.0+

As part of #​2256, github.com/oapi-codegen/runtime v1.2.0 is needed alongside github.com/oapi-codegen/oapi-codegen, for new generated code.

This is providing a more future-proofed means to bind parameters.

See the release notes for the runtime package, and #​2256 for more information.

oapi-codegen was part of the GitHub Secure Open Source Fund

oapi-codegen was one of the projects taking part in the third GitHub Secure Open Source Fund session.

We've written up more about what we've learned, and have some more things to share with you over the coming months about lessons we've learned and improvements we've taken that we can share.

We were pretty chuffed to be selected, and it's already helped improve our security posture as a project, which is also very important for the wider ecosystem!

go directive bump in next release

Long-time users will be aware that we work very hard to try and keep our requirement for Go source compatibility, through the go directive, especially as we recommend folks use oapi-codegen as a source-tracked dependency.

For more details about this, see our Support Model docs.

In the next minor release, we'll be setting our minimum go directive to Go 1.24 (End-of-Life on 2026-02-11), as it's required for a number of dependencies of ours to be updated any higher, and a change to the module import path for Speakeasy's OpenAPI Overlay library requires us fix this centrally for our users to be able to continue updating their libraries.

[!NOTE]
Nothing is changing as part of v2.6.0, this is a pre-announcement for v2.7.0.

Behind the scenes cleanup

There's also been some work behind-the-scenes to try and clean up outstanding issues (of which we know there are many!) that have been fixed, as well as Marcin's work on trying to do some more significant rework of the internals with help from Claude.

There's still, as ever, work to go with this - as we've mentioned before, sponsoring our work would be greatly appreciated, so we can continue to put in the work, considering this is a widely used and depended on project.

🚀 New features and improvements

• feat: Pass schema type/formats to runtime v1.2.0 to allow better parameter serialization (#​2256) @​mromaszewicz
• feat: add Valid() method to generated enum types (#​2227) @​mromaszewicz
• Support nullable slice elements and map values (#​2185) @​iamtakingiteasy
• feat: add configurable type mapping for OpenAPI primitive types (#​2223) @​mromaszewicz
• Support unions with multiple mappings pointing to a single underlying type (#​2071) @​tobio
• feat: add support for custom package alias for external ref imports (#​2211) @​InventivetalentDev
• feat(output-options): add resolve-type-name-collisions to avoid name collisions (#​200) @​mgurevin
• Adopt fiber middleware template for updated GetReqHeaders() method signature (#​1419) @​getBolted

🐛 Bug fixes

• fix: qualify external ref schema types in default response codes (#​2241) @​mromaszewicz
• fix: add omitempty to optional nullable fields (#​2221) @​mromaszewicz
• fix(codegen): generate nullable.Nullable in arrays (#​2242) @​jamietanna
• fix: support x-oapi-codegen-extra-tags on parameter schemas (#​2232) (#​2235) @​mromaszewicz
• fix(templates/client): correctly nil check query parameters (#​2237) @​jamietanna
• fix(server-urls): restore generation of constants (#​2239) @​jamietanna
• fix(server-urls): use URL in GoDoc if description is empty (#​2226) @​jamietanna
• fix: set indentation to 2 when marshalling spec for overlay (#​2172) @​wndhydrnt
• fix: handle optional request bodies in strict server mode (#​2222) @​mromaszewicz
• fix(strict-server): generate correct type for $ref text responses (#​2225) @​mromaszewicz
• Fix schema gathering oversight (#​2219) @​mromaszewicz
• fix: handle duplicate path parameters in OpenAPI specs (#​2220) @​mromaszewicz
• fix: escape quoted media type directives (#​2217) @​brahmlower
• Fix Iris strict server for no content case (#​1411) @​ShouheiNishi
• Fixes type collision for enum values that start with _ (underscore) (#​1438) @​ula

📝 Documentation updates

• chore: readme update (#​2209) @​mromaszewicz
• docs: fix link to example (#​1884) @​rkosegi
• docs(extensions): correct links to examples (#​1836) @​yuro241
• docs(sponsors): update section (#​2195) @​jamietanna
• docs(sponsors): remove Elastic as a sponsor (#​2083) @​jamietanna

👻 Maintenance

• chore(renovate): add module path to security updates + override test-only dependencies' label (#​2249) @​jamietanna
• Configure Greptile code review (#​2236) @​mromaszewicz
• style(gofix): Apply go fix (#​2229) @​gaiaz-iusipov
• Run golangci-lint on a supported Go version (#​2215) @​mromaszewicz
• refactor(internal): move Fiber tests into their own modules (#​2212) @​mromaszewicz
• build: use a re-usable, single, workflow for running CI (#​2205) @​jamietanna
• fix(renovate): only run make tidy after Go module updates (#​2159) @​jamietanna
• chore(renovate): run make tidy after dependency updates to go.mod (#​2150) @​jamietanna

📦 Dependency updates

8 changes

• chore(deps): update module github.com/golangci/golangci-lint to v2.10.1 (makefile) (#​2153) @​renovate[bot]
• chore(deps): update github/codeql-action action to v4.32.4 (.github/workflows) (#​2157) @​renovate[bot]
• chore(deps): update actions/setup-go action to v6.3.0 (.github/workflows) (#​2164) @​renovate[bot]
• chore(deps): update actions/checkout action to v6 (.github/workflows) - autoclosed (#​2165) @​renovate[bot]
• chore(deps): update release-drafter/release-drafter action to v6.2.0 (.github/workflows) (#​2253) @​renovate[bot]
• chore(deps): update actions/upload-artifact action to v7 (.github/workflows) (#​2254) @​renovate[bot]
• chore(deps): update dessant/label-actions action to v5 (.github/workflows) (#​2255) @​renovate[bot]
• chore(deps): update release-drafter/release-drafter action to v6.1.0 (.github/workflows) (#​2132) @​renovate[bot]

Sponsors

We would like to thank our sponsors for their support during this release.

v2.5.1: : fix a couple of regressions from v2.5.0

Compare Source

🐛 Bug fixes

• fix(templates): correctly nil check arrays (#​2118) @​jamietanna
• fix: report formatting errors with line numbers (#​2117) @​jamietanna
• fix(output-options): correctly reference x-go-type-skip-optional-pointer in allOf (#​2042) @​magnetikonline

📝 Documentation updates

• docs: clarify support + go directives (#​2099) @​jamietanna
• docs: correct level of headers (#​2095) @​jamietanna
• docs(sponsors): update Speakeasy logo (#​2049) @​chailandau
• Fix bullet point line prefer-skip-optional-pointer-with-omitzero typo in README.md (#​2028) @​magnetikonline

👻 Maintenance

• build: handle additional values in GOVERSION (#​2119) @​jamietanna
• build: add explicit permissions blocks for tidy.yml (#​2101) @​jamietanna
• build: add explicit permissions blocks for Actions (#​2100) @​jamietanna
• build: add Scorecards workflow (#​2098) @​jamietanna
• build: capture govulncheck results as Code Scanning alerts (#​2084) @​jamietanna
• build: test against Go 1.25 (#​2056) @​jamietanna

Renovate configuration changes

• chore(renovate): improve actionability of pending updates (#​2120) @​jamietanna
• chore(renovate): don't exclude examples and internal/test (#​2033) @​jamietanna
• chore(renovate): correctly create branches for top-level files (#​2138) @​jamietanna

📦 Dependency updates

9 changes

• fix(deps): update module github.com/getkin/kin-openapi to v0.133.0 (go.mod) (#​2141) @​renovate[bot]
• fix(deps): update module github.com/stretchr/testify to v1.11.1 (go.mod) (#​2142) @​renovate[bot]
• chore(deps): update module github.com/golangci/golangci-lint to v2.6.0 (makefile) (#​2140) @​renovate[bot]
• chore(deps): update ossf/scorecard-action action to v2.4.3 (.github/workflows) (#​2128) @​renovate[bot]
• chore(deps): update actions/upload-artifact action to v5 (.github/workflows) (#​2136) @​renovate[bot]
• chore(deps): update actions/setup-go action to v6 (.github/workflows) (#​2135) @​renovate[bot]
• chore(deps): update actions/labeler action to v6 (.github/workflows) (#​2134) @​renovate[bot]
• chore(deps): update actions/checkout action to v5 (.github/workflows) (#​2133) @​renovate[bot]
• chore(deps): update github/codeql-action action to v4 (.github/workflows) (#​2137) @​renovate[bot]

Sponsors

We would like to thank our sponsors for their support during this release.

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: package-lock.json

npm warn Unknown env config "store". This will stop working in the next major version of npm. See `npm help npmrc` for supported config options.
npm warn Unknown project config "shamefully-flatten". This will stop working in the next major version of npm. See `npm help npmrc` for supported config options.
npm error code ERESOLVE
npm error ERESOLVE could not resolve
npm error
npm error While resolving: convos@8.7.0
npm error Found: @sveltejs/vite-plugin-svelte@5.0.3
npm error node_modules/@sveltejs/vite-plugin-svelte
npm error   dev @sveltejs/vite-plugin-svelte@"^3.0.0" from the root project
npm error   peer @sveltejs/vite-plugin-svelte@"^5.0.0" from @sveltejs/vite-plugin-svelte-inspector@4.0.1
npm error   node_modules/@sveltejs/vite-plugin-svelte/node_modules/@sveltejs/vite-plugin-svelte-inspector
npm error     @sveltejs/vite-plugin-svelte-inspector@"^4.0.1" from @sveltejs/vite-plugin-svelte@5.0.3
npm error
npm error Could not resolve dependency:
npm error dev @sveltejs/vite-plugin-svelte@"^3.0.0" from the root project
npm error
npm error Conflicting peer dependency: vite@5.4.21
npm error node_modules/vite
npm error   peer vite@"^5.0.0" from @sveltejs/vite-plugin-svelte@3.1.2
npm error   node_modules/@sveltejs/vite-plugin-svelte
npm error     dev @sveltejs/vite-plugin-svelte@"^3.0.0" from the root project
npm error
npm error Fix the upstream dependency conflict, or retry this command with --force or --legacy-peer-deps to accept an incorrect (and potentially broken) dependency resolution.
npm error
npm error
npm error For a full report see:
npm error /runner/cache/others/npm/_logs/2026-04-19T13_23_40_444Z-eresolve-report.txt
npm error A complete log of this run can be found in: /runner/cache/others/npm/_logs/2026-04-19T13_23_40_444Z-debug-0.log