[Snyk] Upgrade @sveltejs/kit from 1.22.1 to 2.5.17

[WontonSam]

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade @sveltejs/kit from 1.22.1 to 2.5.17.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

• The recommended version is 72 versions ahead of your current version.

• The recommended version was released on a month ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Access Control Bypass SNYK-JS-VITE-6182924	144	Proof of Concept
	Uncontrolled resource consumption SNYK-JS-BRACES-6838727	144	Proof of Concept
	Improper Input Validation SNYK-JS-FOLLOWREDIRECTS-6141137	144	Proof of Concept
	Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728	144	No Known Exploit
	Improper Handling of Exceptional Conditions SNYK-JS-OCTOKITWEBHOOKS-6129527	144	No Known Exploit
	Cross-Site Scripting (XSS) SNYK-JS-VITE-6098386	144	Proof of Concept
	Improper Access Control SNYK-JS-VITE-6531286	144	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-6444610	144	Proof of Concept
	Improper Input Validation SNYK-JS-POSTCSS-5926692	144	No Known Exploit
	Prototype Pollution SNYK-JS-TOUGHCOOKIE-5672873	144	Proof of Concept
	Information Exposure SNYK-JS-UNDICI-5962466	144	No Known Exploit
	Permissive Cross-domain Policy with Untrusted Domains SNYK-JS-UNDICI-6252336	144	No Known Exploit
	Improper Access Control SNYK-JS-UNDICI-6564963	144	No Known Exploit
	Improper Authorization SNYK-JS-UNDICI-6564964	144	No Known Exploit

Release notes

Package name: @sveltejs/kit

• 2.5.17 - 2024-06-19
• 2.5.16 - 2024-06-16
• 2.5.15 - 2024-06-14
• 2.5.14 - 2024-06-14
• 2.5.13 - 2024-06-14
• 2.5.12 - 2024-06-14
• 2.5.11 - 2024-06-13
• 2.5.10 - 2024-05-21
• 2.5.9 - 2024-05-17
• 2.5.8 - 2024-05-13
• 2.5.7 - 2024-04-20
• 2.5.6 - 2024-04-14
• 2.5.5 - 2024-03-28
• 2.5.4 - 2024-03-13
• 2.5.3 - 2024-03-08
• 2.5.2 - 2024-02-26
• 2.5.1 - 2024-02-22
  

  Patch Changes

  • fix: copy .eot, .otf, .ttf, .woff, and woff2 font files when bundling (#12439)
• 2.5.0 - 2024-01-25
  

  Minor Changes

  • chore(deps): upgrade to esbuild 0.21 (#12415)

  Patch Changes

  • Updated dependencies [84298477a014ec471839adf7a4448d91bc7949e4, 5645614f497931f587b7cb8b3c885fce892a6a72, 84298477a014ec471839adf7a4448d91bc7949e4]:
    • @ sveltejs/kit@2.5.18
• 2.4.3 - 2024-01-22
• 2.4.2 - 2024-01-22
• 2.4.1 - 2024-01-19
• 2.4.0 - 2024-01-18
• 2.3.5 - 2024-01-18
• 2.3.4 - 2024-01-17
• 2.3.3 - 2024-01-16
• 2.3.2 - 2024-01-11
• 2.3.1 - 2024-01-11
• 2.3.0 - 2024-01-10
• 2.2.2 - 2024-01-10
• 2.2.1 - 2024-01-10
• 2.2.0 - 2024-01-09
• 2.1.2 - 2024-01-09
• 2.1.1 - 2024-01-09
• 2.1.0 - 2024-01-09
• 2.0.8 - 2024-01-08
• 2.0.7 - 2024-01-08
• 2.0.6 - 2023-12-21
• 2.0.5 - 2023-12-21
• 2.0.4 - 2023-12-19
• 2.0.3 - 2023-12-18
• 2.0.2 - 2023-12-18
• 2.0.1 - 2023-12-17
• 2.0.0 - 2023-12-14
• 1.30.4 - 2024-02-16
• 1.30.3 - 2023-12-13
• 1.30.2 - 2023-12-13
• 1.30.1 - 2023-12-13
• 1.30.0 - 2023-12-13
• 1.29.1 - 2023-12-12
• 1.29.0 - 2023-12-11
• 1.28.0 - 2023-12-11
• 1.27.7 - 2023-12-05
• 1.27.6 - 2023-11-14
• 1.27.5 - 2023-11-11
• 1.27.4 - 2023-11-09
• 1.27.3 - 2023-11-03
• 1.27.2 - 2023-10-30
• 1.27.1 - 2023-10-25
• 1.27.0 - 2023-10-23
• 1.26.0 - 2023-10-18
• 1.25.2 - 2023-10-09
• 1.25.1 - 2023-09-24
• 1.25.0 - 2023-09-12
• 1.24.1 - 2023-09-04
• 1.24.0 - 2023-08-29
• 1.23.1 - 2023-08-29
• 1.23.0 - 2023-08-23
• 1.22.6 - 2023-08-14
• 1.22.5 - 2023-08-10
• 1.22.4 - 2023-07-31
• 1.22.3 - 2023-07-12
• 1.22.2 - 2023-07-11
• 1.22.1 - 2023-07-06

from @sveltejs/kit GitHub release notes

---

Important

• Warning: This PR contains a major version upgrade, and may be a breaking change.
• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
cachimanboutique	❌ Failed (Inspect)			Jul 18, 2024 9:52am
website	❌ Failed (Inspect)			Jul 18, 2024 9:52am

[google-cla]

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.