fix(deps): update website dependencies#294
Open
renovate[bot] wants to merge 1 commit into
Open
Conversation
7484bb0 to
fa8eb20
Compare
54a7209 to
7a01ce4
Compare
ededc9d to
bc29317
Compare
bc29317 to
85de844
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
7.0.0→7.0.31.2.114→1.2.1171.2.79→1.2.852.4.1→2.5.07.0.0→7.1.03.8.4→3.9.50.35.2→0.35.3Release Notes
withastro/astro (@astrojs/mdx)
v7.0.3Compare Source
Patch Changes
64b0d66Thanks @Princesseuh! - Fixes customprecomponents not applying to syntax-highlighted code blocks when using the Sätteri Markdown processor with MDX.v7.0.2Compare Source
Patch Changes
eb6f97e]:v7.0.1Compare Source
Patch Changes
02b73b0Thanks @ematipico! - Fixes an issue where thepeerDependenciesfield used incorrect dependencies.material-components/material-web (@material/web)
v2.5.0Compare Source
Features
gapon items (3302730)@material/web/sass/exthelper utilities (dd87fd2)Bug Fixes
<md-icon>not working whenmd-icon.cssnot imported (f7fd08c)*-styles.jsgenerated files (7bf4a7e)@material/web/tokens/versionsfolder (a7ba471)Reverts
withastro/astro (astro)
v7.1.0Minor Changes
#17302
5f4dc03Thanks @astrobot-houston! - Adds a newdeferRenderoption to theglob()content loaderWhen set to
true, renderable entries (such as Markdown) are not rendered during content sync. Instead, rendering is deferred until the entry is actually rendered in a page, using the same on-demand path that.mdxfiles already use.This reduces memory usage during
astro buildfor large collections whose rendered output is much larger than the source — for example, Markdown that uses heavy rehype plugins likerehype-katex. Such builds could previously run out of memory while storing the eagerly-rendered HTML for every entry.By default
deferRenderisfalse, preserving the existing behavior of rendering entries eagerly during sync so their rendered HTML can be cached across builds.#17296
30698a2Thanks @ematipico! - Adds a new experimentalcollectionStorageoption for controlling how the content layer persists its data storeBy default, Astro serializes the entire content layer data store to a single file (
.astro/data-store.json). For very large content collections, this file can grow large enough to hit platform file-size limits.Set
experimental.collectionStorage: 'chunked'to instead split the data store across many smaller, content-addressed files inside a.astro/data-store/directory, described by a manifest:Because each part file is named by a hash of its contents, unchanged parts keep the same name across builds and are not rewritten, and identical parts are deduplicated. The default value is
'single-file', which preserves the current behavior.#17214
44c4989Thanks @ematipico! - Adds support for the more specific CSP directivesscript-src-elem,script-src-attr,style-src-elem, andstyle-src-attrthrough a newkindoption.Previously,
CSPwas only scoped to genericscript-src/style-srcdirectives. Now each source or hash can be scoped to a narrower directive — for example, to allow inlinestyleattributes (such as those fromdefine:varsor Shiki) without loosening the policy for your<style>and<link>elements.Scoping sources and hashes in your config
Each entry in
resourcesandhashescan be an object with akindproperty. Depending on whether you usescriptDirectiveorstyleDirective,"element"targetsscript-src-elemorstyle-src-elem,"attribute"targetsscript-src-attrorstyle-src-attr, and"default"(the same as a bare string or hash) targetsscript-srcorstyle-src.Scoping at runtime
The same
kindoption is available on the runtime CSP API, where the existing methods now also accept an object:#17258
84814d4Thanks @astrobot-houston! - Adds a newformat()option to thepaginateutility. Theformat()option is a function that accepts the current URL of the page, and returns a new URL.For example, when your host only supports URLs using the
.htmlextension, you can useformat()to add it to the generated URLs:#17331
7db6420Thanks @matthewp! - Adds a--ignore-lockflag toastro devfor starting a dev server without checking or writing the lock file, so it can run alongside an already-running dev server for the same project.The new instance is not tracked by
astro dev stop,astro dev status, orastro dev logs.--ignore-lockcannot be combined with--background(or an auto-detected AI agent environment, which runs dev servers in the background automatically) or--force, since those rely on the lock file.#17389
16de021Thanks @florian-lefebvre! - Allows passing URL entrypoints when configuring the loggerMatching other APIs like session drivers or font providers, the logger entrypoint can now be a URL:
Patch Changes
#17332
4407483Thanks @astrobot-houston! - Fixes the JSON logger crashing withprocess is not definedin non-Node runtimes like Cloudflare's workerd. The JSON logger now usesconsole.log/console.errorinstead ofprocess.stdout/process.stderr, matching the pattern already used by the console logger.#17391
186a1e7Thanks @florian-lefebvre! - Fixes a case where an integration could not update the logger withupdateConfig()#17394
d9f99e1Thanks @matthewp! - Fixes element-specific CSP directives to preserve the existing behavior of configured script and style resources#17374
b2d1b3eThanks @astrobot-houston! - Fixes dev server returning 404 for?urlimported assets when accessed via browser navigation#17390
ed71eafThanks @florian-lefebvre! - Removes an unused and undocumented generic from theAstroLoggerDestinationtype#17393
092da56Thanks @matthewp! - Hardens generated transition styles, development metadata, and server island URLs when embedding dynamic valuesv7.0.9Compare Source
Patch Changes
#17286
a249317Thanks @astrobot-houston! - Fixes the first browser visit afterastro devstarts triggering an immediate full page reload#17369
a94d4a5Thanks @adamchal! - Fixes an issue where a client island could permanently fail to hydrate if the first attempt to load its component failed. Islands now reliably recover from transient import failures, which previously did not work for React components duringastro dev.v7.0.8Compare Source
Patch Changes
#17363
3f4efc5Thanks @astrobot-houston! - Fixesastro preview --opennot opening a browser when using an adapter with a custom preview entrypoint, such as@astrojs/cloudflare#17313
e2e319dThanks @ronits2407! - Exposes theAstroRuntimeLoggerinterface to allow users to properly type the logger functions at runtime.#17328
025cc74Thanks @matthewp! - Fixesastro dev --forcenot replacing an already-running dev server#17353
2bba277Thanks @ematipico! - Updates the Astro compiler to the latest version, which fixes many regressions. Refer to the changelog for more details.#17344
79a41e0Thanks @adamchal! - Improves rendering performance for pages with many component instances, such as repeated MDX<Content />components.Updated dependencies [
64b0d66]:v7.0.7Compare Source
Patch Changes
#17318
23a4120Thanks @astrobot-houston! - Fixes CSS module scoped-name hash mismatch inastro devwhen usingvite.css.transformer: 'lightningcss'with content collections. Previously, a component importing a CSS module and rendered via content collectionrender()would get different class name hashes in the element and the injected<style>tag, causing styles not to apply.#17323
4298883Thanks @ematipico! - Fixes a dev server memory leak which caused Node.js to emit warnings in the console.#17323
4298883Thanks @ematipico! - Fixes a dev server crash when a.htmlor/index.htmlsuffixed request (such as thosenetlify devprobes as pretty-URL fallbacks) matched a dynamic endpoint route, causing aTypeError: Missing parametererror#17325
cebc404Thanks @astrobot-houston! - Fixes a bug where CSS@importrules could end up mid-stylesheet after inline CSS chunks were merged during build, causing browsers to silently ignore them#17323
4298883Thanks @ematipico! - Fixes a build regression that could leave unresolved preload markers in inlined scripts with external dynamic importsUpdated dependencies [
4298883,4298883]:v7.0.6Compare Source
Patch Changes
#17261
79aa99cThanks @astrobot-houston! - Fixes a false deprecation warning formarkdown.gfmandmarkdown.smartypantswhen using the Container API#17247
f94280dThanks @chatman-media! - Fixes route generation throwing "Missing parameter" (or silently dropping the segment) when a dynamic param's value is0. The generator used truthy checks instead of checking forundefined, sopaginate(posts, { params: { categoryId: 0 } })would crash even though0is a perfectly valid param value.#17278
6f11739Thanks @astrobot-houston! - Fixes missing CSS for virtual style modules (e.g., responsive image layout styles) in dev mode when JavaScript is disabled#17250
0b30b35Thanks @matthewp! - Fixes thesecurity.checkOrigincheck so it is applied consistently to Astro Actions and on-demand endpoints, regardless of how the request pipeline is composed. Previously, the origin check could be skipped in the composableastro/honopipeline depending on the order of themiddleware()primitive (or when it was omitted).#17274
8c3579bThanks @astrobot-houston! - Fixes missingrender()type overload for live collection entries. Previously, callingrender()on aLiveDataEntryproduced a TypeScript error when using onlylive.config.tswithout acontent.config.ts.#17257
4208297Thanks @astrobot-houston! - Fixesastro checkfailing to find@astrojs/checkandtypescriptwhen astro is installed in a directory outside the project tree (e.g. pnpm virtual store)#17272
b428648Thanks @matthewp! - Fixes island component paths so that extensionless imports (e.g.import { Counter } from '../components/Counter') resolve to the real file on disk, matching Vite's extension order and directoryindexresolution. This makes theinclude/excludeoptions of JSX renderer integrations (React, Preact, Solid) match components imported without a file extension, and removes the spurious React 19 "Invalid hook call" warning logged on every request in dev whenincludewas set alongside another JSX renderer#17279
2aeaa44Thanks @astrobot-houston! - Fixes a bug where<Picture inferSize>with a remote image could fail withFailedToFetchRemoteImageDimensionswhen the image server rate-limits requests (e.g. HTTP 429). Remote dimensions are now resolved once per render instead of once per output format.#17251
5240e26Thanks @matthewp! - Hardens the handling of attribute rendering when using with custom elements.#17248
429bd62Thanks @astrobot-houston! - Fixes a crash when using Astro'sgetViteConfigwith Vitest browser mode (e.g., Storybook vitest runner). Astro now skips dev server setup inside Vitest, preventing errors.#17260
14524c0Thanks @matthewp! - Fixes a regression where a<script>inside a component rendered throughAstro.slots.render()was hoisted out of its original position instead of staying next to its component contentUpdated dependencies [
eb6f97e]:v7.0.5Compare Source
Patch Changes
#17242
9c05ba4Thanks @matthewp! - Fixes an error that could occur after the dev server restarts when using an adapter such as@astrojs/cloudflare, where a request would fail with a500referencing a missing pre-bundled dependency:#17202
c6d254dThanks @matthewp! - Refactors path alias resolution to use Vite's nativetsconfigPathsoptionThis is an internal change with no expected impact on user projects. Astro now defers tsconfig and jsconfig
pathsalias resolution to Vite, keeping a small fallback for a few CSS cases Vite does not yet handle.#17123
72e29bdThanks @martrapp! - Fixes an issue where the ClientRouter wipes head elements after page transitions if the<head>contains aserver:defercomponent.#17232
257505eThanks @matthewp! - Fixes a bug where<style>tags from components such as a content collection'sContentcould be silently dropped from the output when anawaitappeared before the component in an.astrofile's markup.#17193
a7352fdThanks @jan-kubica! - Fixes the background dev server failing to start whenastrois hoisted outside the project'snode_modules(for example bun workspaces). The background process is now spawned from Astro's own resolved location instead of a path assumed under the project root.#17255
581d171Thanks @astrobot-houston! - Fixes prefetch not working for links insideserver:defercomponentsv7.0.4Compare Source
Patch Changes
#17212
7ba0bb1Thanks @matthewp! - Ensures transition directive values are HTML-escaped when rendered on hydrated islands#17224
dc5e52fThanks @astrobot-houston! - Fixes trailing slash handling for dynamic file endpoints in dev mode. Dynamic file endpoints (e.g.,src/pages/api/[name].json.ts) withtrailingSlash: "always"incorrectly required a trailing slash in dev mode, returning 404 for/api/bar.jsonand 200 for/api/bar.json/.#17067
23f9446Thanks @fkatsuhiro! - Fixed a bug where the development toolbar did not output a warning even though the implicit ARIA role and the manually specified role were duplicated.#17234
d5fbee8Thanks @ocavue! - Adds support forsharpv0.35. pnpm users no longer need to approvesharp's build script (seeallowBuilds) when on v0.35.#17223
5970ef4Thanks @astrobot-houston! - FixesgetCollection()returning empty in dev mode for large content collections (500k+ entries)#17184
799e5cdThanks @Princesseuh! - Upgrades the Rust compiler to the latest, which fixes some bugs. Refer to its changelog for more information.#17208
da8b573Thanks @matthewp! - Hardens forwarded header handling so the internal request helper validatesX-Forwarded-Hostagainstsecurity.allowedDomainsbefore trustingX-Forwarded-ForforclientAddress. Previously it only checked that the header was present, which was inconsistent with the publiccreateRequesthelper. This aligns both code paths; behavior is unchanged for correctly configured proxies.v7.0.3Compare Source
Patch Changes
#17189
24d2c9eThanks @astrobot-houston! - Fixes a bug where an error thrown inside one route'sgetStaticPaths()would prevent other valid routes from being matched in dev mode#16932
8f4a3dbThanks @fkatsuhiro! - Fixes HMR for action files during development. Editing files insrc/actions/now takes effect on the next request without requiring a dev server restart.#17087
fb0ab02Thanks @jp-knj! - Fixes localized custom error pages in i18n projects so routes like/pt/404are used for missing localized pages and return the correct status codev7.0.2Compare Source
Patch Changes
3b5e994]:v7.0.1Compare Source
Patch Changes
#17151
ccceda3Thanks @matthewp! - Fixesastro devincorrectly starting in background mode for Warp terminal users. Hybrid environments like Warp are no longer treated as AI agents for auto-background detection.#17158
164df87Thanks @ematipico! - Fixesastro dev --background --hostnot listing the network addresses. The background server start output andastro dev statusnow show every exposed network URL, matching the foreground dev server.#17141
d785b9dThanks @astrobot-houston! - Fixes responsive image CSS overriding user styles defined inside CSS@layerblocks. The generated image styles are now wrapped in@layer astro.images, ensuring they have lower cascade priority than user-defined layers.#17150
1a61386Thanks @matthewp! - Fixesastro dev --backgroundfailing on Windows with "Failed to spawn background dev server process"prettier/prettier (prettier)
v3.9.5Compare Source
diff
Markdown: Cap ordered list mark at 999,999,999 (#19351 by @tats-u)
CommonMark parsers only support ordered list item numbers up to 999,999,999.
With this change, Prettier now caps the ordered list item number at 999,999,999 to ensure that the output is correctly parsed as an ordered list by CommonMark parsers. Numbers larger than 999,999,999 are not parsed as list item numbers and are left unchanged in the output:
Markdown: Avoid corrupting empty link with title (#19487 by @andersk)
Do not remove
<>from an inline link or image with an empty URL and a title, as this removal would change its interpretation.Less: Remove extra spaces after
[in map lookups (#19503 by @kovsu)CSS: Prevent addition space in
type()with+(#19516 by @bigandy)This fixes the addition space before
+in CSStype()declaration. For exampletype(<number>+)was being converted intotype(<number> +)which is invalid CSS and does not work.Less: Remove spaces between merge markers and colons (#19517 by @kovsu)
Markdown: Preserve wiki links with aliases (#19527 by @kovsu)
TypeScript: Fix comments being dropped on shorthand
typeimport/export specifiers (#19565 by @kirkwaiblinger)Miscellaneous: Preserving comments'
placementproperty (#19567 by @Janther)Prettier@3.9.0 deleted an undocumented property on comments, which was already used by plugins,
comment.placementis now available again after comment attach.Flow: Stop enforcing empty module declaration to break (#19568 by @fisker)
Angular: Support expression for exhaustive typechecking (#19571 by @fisker)
TypeScript: Ignore comments inside mapped type when checking type parameter comments (#19572 by @fisker)
Less: Fix adjacent block comments being corrupted (#19574 by @kovsu)
JavaScript: Handle dangling comments in
SwitchStatement(#19581 by @fisker)TypeScript: Remove space in comment-only object type (#19583 by @fisker)
v3.9.4Compare Source
v3.9.3Compare Source
v3.9.2Compare Source
v3.9.1Compare Source
v3.9.0Compare Source
diff
🔗 Release Notes
v3.8.5Compare Source
lovell/sharp (sharp)
v0.35.3Compare Source
Tighten verification of
textdimensions, TIFF tile dimensions andextendvalues.Improve code bundler support by resolving path to libvips binary.
Increase default concurrency when use of
MALLOC_ARENA_MAXis detected.Emit warning about binaries provided by Electron for use on Linux.
Add
hasAlphaproperty to outputinfo.#4500
TypeScript: Return more precise
Buffer<ArrayBuffer>fromtoBuffer.#4520
@Andarist
Bound
clahewidth and height to avoid signed overflow.#4551
@metsw24-max
Bound
trimmargin to avoid signed overflow.#4552
@metsw24-max
Reject infinite values when validating numbers.
#4553
@metsw24-max
Bound extract region to libvips coordinate limit.
#4555
@metsw24-max
Verify background colour values are numbers.
#4556
@metsw24-max
Bound create and raw input dimensions to coordinate limit.
#4558
@metsw24-max
Tighten recomb and affine matrix verification.
#4560
@chatman-media
Verify cache memory limit to avoid overflow.
#4561
@metsw24-max
Configuration
📅 Schedule: (UTC)
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR was generated by Mend Renovate. View the repository job log.