chore(deps-dev): bump the sample-frontend group across 3 directories with 4 updates

[dependabot]

Bumps the sample-frontend group with 2 updates in the /atmosphere.js directory: svelte and vue.
Bumps the sample-frontend group with 1 update in the /modules/spring-boot-starter/frontend directory: vue-tsc.
Bumps the sample-frontend group with 1 update in the /samples/grpc-chat/frontend directory: @bufbuild/buf.

Updates svelte from 5.55.9 to 5.55.10

Release notes

Sourced from svelte's releases.

svelte@5.55.10

Patch Changes

• fix: unlink errored and otherwise finished batch (#18264)

• perf: walk composedPath() directly in delegated event propagation (#18268)

• fix: transfer effects when merging batches (#18254)

• fix: allow $derived(await ...) in disconnected effect roots (#18273)

• fix: remove temporary raw-text hydration markers (#18269)

• fix: propagate async @const blockers through closure references so template expressions like {(() => host)()} correctly wait for the awaited value (#18309)

• fix: properly unlink batches (#18298)

• fix: settle discarded batch (#18290)

• fix: declare let: directives before {@const} declarations on slotted elements (#18271)

• fix: resume outro-ed branches if they were kept around (#18291)

• fix: avoid waterfall-warning when async resolves to same value (#18297)

• fix: correctly coordinate component-level effects inside async blocks (#18260)

• fix: make unnecessary commit work less likely (#18263)

• chore: add tag name to a11y_click_events_have_key_events warning (#18272)

• fix: catch rejected promises while merging/committing (#18266)

Changelog

Sourced from svelte's changelog.

5.55.10

Patch Changes

• fix: unlink errored and otherwise finished batch (#18264)

• perf: walk composedPath() directly in delegated event propagation (#18268)

• fix: transfer effects when merging batches (#18254)

• fix: allow $derived(await ...) in disconnected effect roots (#18273)

• fix: remove temporary raw-text hydration markers (#18269)

• fix: propagate async @const blockers through closure references so template expressions like {(() => host)()} correctly wait for the awaited value (#18309)

• fix: properly unlink batches (#18298)

• fix: settle discarded batch (#18290)

• fix: declare let: directives before {@const} declarations on slotted elements (#18271)

• fix: resume outro-ed branches if they were kept around (#18291)

• fix: avoid waterfall-warning when async resolves to same value (#18297)

• fix: correctly coordinate component-level effects inside async blocks (#18260)

• fix: make unnecessary commit work less likely (#18263)

• chore: add tag name to a11y_click_events_have_key_events warning (#18272)

• fix: catch rejected promises while merging/committing (#18266)

Commits

• 0bb715d Version Packages (#18255)
• 4953860 chore: remove unused class property (#18307)
• 638ab37 fix: prevent batch unlinking twice (#18303)
• 0da9f9e fix: disallow effect creation after await (#18299)
• d4be4e2 chore: ensure treeshaking test runs during CI (#18302)
• e705369 fix: propagate async @​const blockers through closure references (#18309)
• ec08dbc fix: only unlink batch if we're done with it (#18298)
• b40c359 fix: don't assume boundary exists during increment/decrement (#18289)
• c01e598 fix: avoid waterfall-warning when async resolves to same value (#18297)
• 070a0c4 Revert "perf: use Set instead of Array for constant lookups in utils.js" (#18...
• Additional commits viewable in compare view

Updates vue from 3.5.34 to 3.5.35

Release notes

Sourced from vue's releases.

v3.5.35

For stable releases, please refer to CHANGELOG.md for details. For pre-releases, please refer to CHANGELOG.md of the minor branch.

Changelog

Sourced from vue's changelog.

3.5.35 (2026-05-27)

Bug Fixes

• compiler-core: avoid double processing v-for keys with v-memo (#14861) (34a0ded), closes #14859
• compiler-sfc: resolve top-level exports from files registered as global types (#14805) (3d077f2), closes nuxt/nuxt#33694
• runtime-core: avoid repeated hydration mismatch checks (#14857) (170fc95), closes #14855
• runtime-core: skip idle persisted transition hooks in keep-alive moves (#14865) (80fc139), closes #14031
• server-renderer: propagate sync errors from ssrRenderSuspense (#14804) (4760997), closes nuxt/nuxt#28162
• teleport: skip child unmount when pending mount discarded (#14876) (#14877) (584beb1)

Performance Improvements

• reactivity: skip type checks for cached proxies (#14860) (5734fe9)
• runtime-dom: optimize array event handler dispatch (#14828) (bb18dc8)
• server-renderer: avoid materializing iterables in ssrRenderList (#14821) (1b7a2cc)

Commits

• 8be32d6 release: v3.5.35
• 80fc139 fix(runtime-core): skip idle persisted transition hooks in keep-alive moves (...
• d6c7371 ci: use backup action for size report comments
• bb18dc8 perf(runtime-dom): optimize array event handler dispatch (#14828)
• 5734fe9 perf(reactivity): skip type checks for cached proxies (#14860)
• 584beb1 fix(teleport): skip child unmount when pending mount discarded (#14876) (#14877)
• 34a0ded fix(compiler-core): avoid double processing v-for keys with v-memo (#14861)
• 170fc95 fix(runtime-core): avoid repeated hydration mismatch checks (#14857)
• 1b7a2cc perf(server-renderer): avoid materializing iterables in ssrRenderList (#14821)
• 3d077f2 fix(compiler-sfc): resolve top-level exports from files registered as global ...
• Additional commits viewable in compare view

Updates vue-tsc from 3.3.1 to 3.3.2

Release notes

Sourced from vue-tsc's releases.

v3.3.2

language-core

• feat: preserve literal types for inline v-for sources (#6067) - Thanks to @​kkesidis!
• fix: align v-bind shorthand identifier skipping with interpolation - Thanks to @​KazariEX!

vscode

• feat: transform tsserver content (#6062) - Thanks to @​KazariEX!
• fix: do not mark trailing slash in capitalized self-closing tags as invalid (#6065) - Thanks to @​suisanka!

Our Sponsors ❤️

... (truncated)

Changelog

Sourced from vue-tsc's changelog.

3.3.2 (2026-05-25)

language-core

• feat: preserve literal types for inline v-for sources (#6067) - Thanks to @​kkesidis!
• fix: align v-bind shorthand identifier skipping with interpolation - Thanks to @​KazariEX!

vscode

• feat: transform tsserver content (#6062) - Thanks to @​KazariEX!
• fix: do not mark trailing slash in capitalized self-closing tags as invalid (#6065) - Thanks to @​suisanka!

Commits

• 7a00047 v3.3.2 (#6068)
• See full diff in compare view

Updates @bufbuild/buf from 1.69.0 to 1.70.0

Release notes

Sourced from @​bufbuild/buf's releases.

v1.70.0

• Add LSP completion for buf.gen.yaml, buf.yaml, and buf.policy.yaml files.
• Fix LSP textDocument/documentSymbol marking every symbol as deprecated.
• Add error for when a dependency is added to buf.yaml and is missing from buf.lock.
• Update the PROTOVALIDATE lint rule support checking NaN in const, in, not_in, gt, gte, lt and lte rules for float and double fields.
• Update the PROTOVALIDATE lint rule support to check (buf.validate.message).oneof rules and make sure they are well-formed and valid.

Changelog

Sourced from @​bufbuild/buf's changelog.

[v1.70.0] - 2026-05-25

• Add LSP completion for buf.gen.yaml, buf.yaml, and buf.policy.yaml files.
• Fix LSP textDocument/documentSymbol marking every symbol as deprecated.
• Add error for when a dependency is added to buf.yaml and is missing from buf.lock.
• Update the PROTOVALIDATE lint rule support checking NaN in const, in, not_in, gt, gte, lt and lte rules for float and double fields.
• Update the PROTOVALIDATE lint rule support to check (buf.validate.message).oneof rules and make sure they are well-formed and valid.

Commits

• 4f657db Release v1.70.0 (#4556)
• f278fa0 Bump buf.build/gen/go/bufbuild/registry/connectrpc/go from 1.19.2-20260507063...
• 977b89b Make upgrade (#4555)
• 88dfb34 Lint MessageRules.oneof in PROTOVALIDATE check (#4540)
• e96239e Filter out GIT_WORK_TREE from cloner environment variables (#4549)
• d0e7d39 Add env override test cases to git package (#4550)
• 3747817 Bump actions/create-github-app-token from 3.1.1 to 3.2.0 (#4544)
• 9eddb9c Make upgrade (#4548)
• d460060 Update README.md (#4547)
• 2dae477 Fix LSP documentSymbol marking every symbol as deprecated (#4531)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions