chore(deps): update non-major updates

[bottd]

This PR contains the following updates:

Package	Change	Age	Confidence
@lucide/svelte (source)	0.575.0 → 0.576.0
@takumi-rs/core	0.69.3 → 0.70.3
@takumi-rs/helpers	0.69.3 → 0.70.3
@tanstack/svelte-query (source)	6.0.18 → 6.1.0
@types/node (source)	25.3.2 → 25.3.3
globals	17.3.0 → 17.4.0
happy-dom	20.7.0 → 20.8.3
prettier-plugin-svelte	3.5.0 → 3.5.1
svelte (source)	5.53.6 → 5.53.7
svelte-sonner	1.0.7 → 1.0.8
vite-plugin-norg	3.0.4 → 3.0.5
wrangler (source)	4.69.0 → 4.70.0

---

Release Notes

lucide-icons/lucide (@​lucide/svelte)

v0.576.0: Version 0.576.0

Compare Source

What's Changed

• Added zodiac signs by @​karsa-mistmere in #​712
• fix(icons): fixes guideline violations in package-* icons. by @​karsa-mistmere in #​4074
• fix(icons): changed receipt icon by @​karsa-mistmere in #​4075
• fix(icons): updated cuboid icon tags and categories by @​karsa-mistmere in #​4095
• fix(icons): changed cuboid icon by @​jamiemlaw in #​4098
• fix(lucide-font, lucide-static): Fixing stable code points by @​ericfennis in #​3894
• feat(icons): added fishing-rod icon by @​7ender in #​3839

Full Changelog: lucide-icons/lucide@0.575.0...0.576.0

kane50613/takumi (@​takumi-rs/core)

v0.70.3

Compare Source

Patch Changes

• a6fdb08: Replace Mutex with RwLock

v0.70.2

Compare Source

Patch Changes

• 7270512: Fix concurrent call to async methods caused race-condition

v0.70.1

Compare Source

v0.70.0

Compare Source

Patch Changes

• fb8ccf8: Secure ArrayBuffer memory accessing

v0.69.5

Compare Source

v0.69.4

Compare Source

TanStack/query (@​tanstack/svelte-query)

v6.1.0

Minor Changes

• feat(svelte-query): add 'mutationOptions' (#​10175)

sindresorhus/globals (globals)

v17.4.0

Compare Source

• Update globals (2026-03-01) (#​338) d43a051

---

capricorn86/happy-dom (happy-dom)

v20.8.3

Compare Source

👷‍♂️ Patch fixes

• Throw error if event is not of type Event in EventTarget.dispatchEvent() - By @​capricorn86 in task #​2054

v20.8.2

Compare Source

👷‍♂️ Patch fixes

• Resets Event.cancelBubble and Event.defaultPrevented when calling Event.initEvent() - By @​capricorn86 in task #​2090

v20.8.1

Compare Source

👷‍♂️ Patch fixes

• Make "inert" attribute block focus interactions - By @​coffeeandwork in task #​1422

v20.8.0

Compare Source

🎨 Features

• Adds support for setPointerCapture, hasPointerCapture, and releasePointerCapture to Element - By @​coffeeandwork in task #​1733

v20.7.2

Compare Source

👷‍♂️ Patch fixes

• Properly decode CSS escape sequences in attribute selector values - By @​silverwind

v20.7.1

Compare Source

👷‍♂️ Patch fixes

• Fixes issue related to parsing direct descendants (>) and universal (*) query selectors - By @​Cherry in task #​2078

sveltejs/prettier-plugin-svelte (prettier-plugin-svelte)

v3.5.1

Compare Source

sveltejs/svelte (svelte)

v5.53.7

Compare Source

Patch Changes

• fix: correctly add __svelte_meta after else-if chains (#​17830)

• perf: cache element interactivity and source line splitting in compiler (#​17839)

• chore: avoid rescheduling effects during branch commit (#​17837)

• perf: optimize CSS selector pruning (#​17846)

• fix: preserve original boundary errors when keyed each rows are removed during async updates (#​17843)

• perf: avoid O(n²) name scanning in scope generate and unique (#​17844)

• fix: preserve each items that are needed by pending batches (#​17819)

wobsoriano/svelte-sonner (svelte-sonner)

v1.0.8

Compare Source

Patch Changes

• 3cfc3c8: Ignore system theme change if theme has been set explicitly

bottd/vite-plugin-norg (vite-plugin-norg)

v3.0.5

Compare Source

cloudflare/workers-sdk (wrangler)

v4.70.0

Compare Source

Minor Changes

• #​11332 6a8aa5f Thanks @​nikitassharma! - Users are now able to configure DockerHub credentials and have containers reference images stored there.

  DockerHub can be configured as follows:

  echo $PAT_TOKEN | npx wrangler@latest containers registries configure docker.io --dockerhub-username=user --secret-name=DockerHub_PAT_Token

  Containers can then specify an image from DockerHub in their wrangler.jsonc as follows:

  "containers": {
    "image": "docker.io/namespace/image:tag",
    ...
  }

• #​12649 35b2c56 Thanks @​gabivlj! - Add experimental support for containers to workers communication with interceptOutboundHttp

  This feature is experimental and requires adding the "experimental" compatibility flag to your Wrangler configuration.

• #​12701 23a365a Thanks @​jamesopstad! - Add local dev validation for the experimental secrets configuration property

  When the new secrets property is defined, wrangler dev and vite dev now validate secrets declared in secrets.required. When required secrets are missing from .dev.vars or .env/process.env, a warning is logged listing the missing secret names.

  When secrets is defined, only the keys listed in secrets.required are loaded. Additional keys in .dev.vars or .env are excluded. If you are not using .dev.vars, keys listed in secrets.required are loaded from process.env as well as .env. The CLOUDFLARE_INCLUDE_PROCESS_ENV environment variable is therefore not needed when using this feature.

  When secrets is not defined, the existing behavior is unchanged.

  // wrangler.jsonc
  {
  	"secrets": {
  		"required": ["API_KEY", "DB_PASSWORD"],
  	},
  }

• #​12695 0769056 Thanks @​jamesopstad! - Add type generation for the experimental secrets configuration property

  When the new secrets property is defined, wrangler types now generates typed bindings from the names listed in secrets.required.

  When secrets is defined at any config level, type generation uses it exclusively and no longer infers secret names from .dev.vars or .env files. This enables running type generation in environments where these files are not present.

  Per-environment secrets are supported. Each named environment produces its own interface, and the aggregated Env marks secrets that only appear in some environments as optional.

  When secrets is not defined, the existing behavior is unchanged.

  // wrangler.jsonc
  {
  	"secrets": {
  		"required": ["API_KEY", "DB_PASSWORD"],
  	},
  }

• #​12693 150ef7b Thanks @​martinezjandrew! - Add wrangler containers registries credentials command for generating temporary push/pull credentials

  This command generates short-lived credentials for authenticating with the Cloudflare managed registry (registry.cloudflare.com). Useful for CI/CD pipelines or local Docker authentication.

  # Generate push credentials (for uploading images)
  wrangler containers registries credentials registry.cloudflare.com --push
  
  # Generate pull credentials (for downloading images)
  wrangler containers registries credentials registry.cloudflare.com --pull
  
  # Generate credentials with both permissions
  wrangler containers registries credentials registry.cloudflare.com --push --pull
  
  # Custom expiration (default 15)
  wrangler containers registries credentials registry.cloudflare.com --push --expiration-minutes=30

• #​12622 bf9cb3d Thanks @​LuisDuarte1! - Add configurable step limits for Workflows

  You can now set a maximum number of steps for a Workflow instance via the limits.steps configuration in your Wrangler config. When a Workflow instance exceeds this limit, it will fail with an error indicating the limit was reached.

  // wrangler.jsonc
  {
  	"workflows": [
  		{
  			"binding": "MY_WORKFLOW",
  			"name": "my-workflow",
  			"class_name": "MyWorkflow",
  			"limits": {
  				"steps": 5000,
  			},
  		},
  	],
  }

  The steps value must be an integer between 1 and 25,000. If not specified, the default limit of 10,000 steps is used. Step limits are also enforced in local development via wrangler dev.

Patch Changes

• #​12733 d672e2e Thanks @​dario-piotrowicz! - Fix SolidStart autoconfig for projects using version 2.0.0-alpha or later

  SolidStart v2.0.0-alpha introduced a breaking change where configuration moved from app.config.(js|ts) to vite.config.(js|ts). Wrangler's autoconfig now detects the installed SolidStart version and based on it updates the appropriate configuration file

• #​12698 209b396 Thanks @​penalosa! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260305.0	1.20260226.1
  @​cloudflare/workers-types	4.20260305.0	4.20260226.1

• #​12691 596b8a0 Thanks @​penalosa! - Remove temporary AI Search RPC workaround (no user-facing changes)

• #​12694 00e729e Thanks @​garvit-gupta! - Fix wrangler pipelines setup failing for Data Catalog sinks on new buckets by using the correct R2 Catalog API error code (40401).

• Updated dependencies [35b2c56, 5f7aaf2, 209b396, 596b8a0, bf9cb3d]:

  • miniflare@​4.20260301.1

---

Configuration

📅 Schedule: Branch creation - "every weekday" in timezone America/Chicago, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.