fix(deps): update astro monorepo (major) - autoclosed#708
Closed
renovate[bot] wants to merge 1 commit into
Closed
Conversation
4a4e800 to
bfcc67e
Compare
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
50ced17 to
84f74f9
Compare
feb0c7d to
c6621c3
Compare
4be6426 to
76f7ee6
Compare
918ff06 to
1dae97e
Compare
b9d4ac6 to
2f4b346
Compare
5f7c365 to
0e6d9ae
Compare
0e6d9ae to
1815351
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
^11.0.5->^12.0.05.1.5->6.0.24.16.18->5.11.0Release Notes
withastro/astro (@astrojs/cloudflare)
v12.6.0Compare Source
Minor Changes
#13837
7cef86fThanks @alexanderniebuhr! - Adds new configuration options to allow you to set a customworkerEntryPointfor Cloudflare Workers. This is useful if you want to use features that require handlers (e.g. Durable Objects, Cloudflare Queues, Scheduled Invocations) not supported by the basic generic entry file.This feature is not supported when running the Astro dev server. However, you can run
astro buildfollowed by eitherwrangler deploy(to deploy it) orwrangler devto preview it.The following example configures a custom entry file that registers a Durable Object and a queue handler:
Patch Changes
#13963
c667c55Thanks @florian-lefebvre! - Fixes a case where the platform proxy would not be disposed when the dev process endedUpdated dependencies []:
v12.5.5Compare Source
Patch Changes
#13930
acb9b30Thanks @alexanderniebuhr! - Fixes an issue where setting values forAstro.responseresulted in a Cloudflare runtime exception.Updated dependencies [
de82ef2,de82ef2,de82ef2]:v12.5.4Compare Source
Patch Changes
#13817
b7258f1Thanks @yanthomasdev! - Clarifies and reduces a few logs when starting the dev server with@astrojs/cloudflare.Warnings about sharp support will now be suppressed when you have explicitly set an
imageServiceoption.Updated dependencies []:
v12.5.3Compare Source
Patch Changes
#13792
7910feaThanks @alexeyzimarev! - Unify imported images detection across adaptersUpdated dependencies []:
v12.5.2Compare Source
Patch Changes
#13731
c3e80c2Thanks @jsparkdev! - update vite to latest version for fixing CVEUpdated dependencies []:
v12.5.1Compare Source
Patch Changes
#13591
5dd2d3fThanks @florian-lefebvre! - Removes unused codeUpdated dependencies [
5dd2d3f]:v12.5.0Compare Source
Minor Changes
#13527
2fd6a6bThanks @ascorbic! - The experimental session API introduced in Astro 5.1 is now stable and ready for production use.Sessions are used to store user state between requests for on-demand rendered pages. You can use them to store user data, such as authentication tokens, shopping cart contents, or any other data that needs to persist across requests:
v12.4.1Compare Source
Patch Changes
#13596
3752519Thanks @jsparkdev! - update vite to latest version to fix CVE#13547
360cb91Thanks @jsparkdev! - Updates vite to the latest versionUpdated dependencies []:
v12.4.0Compare Source
Minor Changes
#13514
a9aafecThanks @ascorbic! - Automatically configures Cloudflare KV storage when experimental sessions are enabledIf the
experimental.sessionflag is enabled when using the Cloudflare adapter, Astro will automatically configure the session storage using the Cloudflare KV driver. You can still manually configure the session storage if you need to use a different driver or want to customize the session storage configuration. If you want to use sessions, you will need to create the KV namespace and declare it in your wrangler config. You can do this using the Wrangler CLI:This will log the id of the created namespace. You can then add it to your
wrangler.json/wrangler.tomlfile like this:By default it uses the binding name
SESSION, but if you want to use a different binding name you can do so by passing thesessionKVBindingNameoption to the adapter. For example:See the Cloudflare KV docs for more details on setting up KV namespaces.
See the experimental session docs for more information on configuring session storage.
Patch Changes
#13526
ff9d69eThanks @jsparkdev! - updateviteto the latest versionUpdated dependencies []:
v12.3.1Compare Source
Patch Changes
#13505
a98ae5bThanks @ematipico! - Updates the dependencyviteto the latest.Updated dependencies []:
v12.3.0Compare Source
Minor Changes
#13444
9721f4aThanks @florian-lefebvre! - Adds globalastro:envsupportCloudflare workers now support importing
envin the global scope. Until now, callingastro:envAPIs had to be done within request scope or the values wereundefined.With this release, they can be called anywhere server-side, like any other official adapter.
Patch Changes
#13463
d5ad591Thanks @ascorbic! - Fixes a bug that caused builds to fail when a base directory is configuredUpdated dependencies []:
v12.2.4Compare Source
Patch Changes
042d1de]:v12.2.3Compare Source
Patch Changes
#13323
80926faThanks @ematipico! - Updatesesbuildandviteto the latest to avoid false positives audits warnings caused byesbuild.Updated dependencies [
1e11f5e]:v12.2.2Patch Changes
#13304
6efd57dThanks @ematipico! - Fixes a small issue where the package was pulling an outdated version of its internal dependencies.#13201
065157cThanks @ekwoka! - Includes onerror passthrough param for Cloudflare Image Service#13299
2e1321eThanks @bluwy! - Usestinyglobbyfor globbing filesUpdated dependencies []:
v12.2.1Patch Changes
ce66003Thanks @bluwy! - Removes internalvuehandlingv12.2.0Minor Changes
4b5cd22Thanks @florian-lefebvre! - Stabilizesastro:envsecrets supportPatch Changes
#454
83cedadThanks @alexanderniebuhr! - Improves Astro 5 support#501
012b31dThanks @florian-lefebvre! - Refactor of the redirects logicv12.1.0Minor Changes
1d4e6fcThanks @meyer! - Addswrangler.jsoncto the default watched config files. If a config file is specified inplatformProxy.configPath, that file location is watched instead of the defaults.Patch Changes
a8a8ab1Thanks @bluwy! - Removes resolving with "node" conditionto fix Vue importsv12.0.1Patch Changes
70e0054Thanks @bluwy! - Fixes setting customworkerdandworkerconditions for the ssr environment onlyv12.0.0Major Changes
#367
e02b54aThanks @alexanderniebuhr! - Removed support for the Squoosh image service. As the underlying librarylibsquooshis no longer maintained, and the image service sees very little usage we have decided to remove it from Astro.Our recommendation is to use the base Sharp image service, which is more powerful, faster, and more actively maintained.
If you are using this service, and cannot migrate to the base Sharp image service, a third-party extraction of the previous service is available here: https://github.com/Princesseuh/astro-image-service-squoosh
#367
e02b54aThanks @alexanderniebuhr! - Deprecates thefunctionPerRouteoptionThis option is now deprecated, and will be removed entirely in Astro v5.0. We suggest removing this option from your configuration as soon as you are able to:
import { defineConfig } from 'astro/config'; import vercel from '@​astrojs/vercel/serverless'; export default defineConfig({ // ... output: 'server', adapter: vercel({ - functionPerRoute: true, }), });#375
e7881f7Thanks @Princesseuh! - Updates internal code to works with Astro 5 changes to hybrid rendering. No changes are necessary to your project, apart from using Astro 5#397
776a266Thanks @Princesseuh! - Welcome to the Astro 5 beta! This release has no changes from the latest alpha of this package, but it does bring us one step closer to the final, stable release.Starting from this release, no breaking changes will be introduced unless absolutely necessary.
To learn how to upgrade, check out the Astro v5.0 upgrade guide in our beta docs site.
#451
f248546Thanks @ematipico! - Updates esbuild dependency to v0.24.0#392
3a49eb7Thanks @Princesseuh! - Updates internal code for Astro 5 changes. No changes is required to your project, apart from using Astro 5Patch Changes
9cedc9bThanks @renovate! - InheritsplatformProxyoption types fromwranglerwithastro/astro (@astrojs/tailwind)
v6.0.2Compare Source
Patch Changes
a98ae5bThanks @ematipico! - Updates the dependencyviteto the latest.v6.0.1Compare Source
Patch Changes
020c542Thanks @delucis! - Updates the README to indicate that the Tailwind integration is deprecatedv6.0.0Compare Source
Major Changes
#13049
2ed4bd9Thanks @florian-lefebvre! - Deprecates the integrationTailwind CSS now offers a Vite plugin which is the preferred way to use Tailwind 4 in Astro. Please uninstall
@astrojs/tailwindand follow the Tailwind documentation for manual installation.This updated major version is only provided as a convenience for existing projects until they are able to migrate to the new plugin. It offers no additional functionality and is no longer recommended, but may continue to be used in your projects until it is removed entirely.
withastro/astro (astro)
v5.11.0Compare Source
Minor Changes
#13972
db8f8beThanks @ematipico! - Updates theNodeApp.match()function in the Adapter API to accept a second, optional parameter to allow adapter authors to add headers to static, prerendered pages.NodeApp.match(request)currently checks whether there is a route that matches the givenRequest. If there is a prerendered route, the function returnsundefined, because static routes are already rendered and their headers cannot be updated.When the new, optional boolean parameter is passed (e.g.
NodeApp.match(request, true)), Astro will return the first matched route, even when it's a prerendered route. This allows your adapter to now access static routes and provides the opportunity to set headers for these pages, for example, to implement a Content Security Policy (CSP).Patch Changes
#14029
42562f9Thanks @ematipico! - Fixes a bug where server islands wouldn't be correctly rendered when they are rendered inside fragments.Now the following examples work as expected:
v5.10.2Compare Source
Patch Changes
#14000
3cbedaeThanks @feelixe! - Fix routePattern JSDoc examples to show correct return values#13990
de6cfd6Thanks @isVivek99! - Fixes a case whereastro:config/clientandastro:config/servervirtual modules would not contain config passed to integrationsupdateConfig()during the build#14019
a160d1eThanks @ascorbic! - Removes the requirement to settype: 'live'when defining experimental live content collectionsPreviously, live collections required a
typeandloaderconfigured. Now, Astro can determine that your collection is alivecollection without defining it explicitly.This means it is now safe to remove
type: 'live'from your collections defined insrc/live.config.ts:import { defineLiveCollection } from 'astro:content'; import { storeLoader } from '@​mystore/astro-loader'; const products = defineLiveCollection({ - type: 'live', loader: storeLoader({ apiKey: process.env.STORE_API_KEY, endpoint: 'https://api.mystore.com/v1', }), }); export const collections = { products };This is not a breaking change: your existing live collections will continue to work even if you still include
type: 'live'. However, we suggest removing this line at your earliest convenience for future compatibility when the feature becomes stable and this config option may be removed entirely.#13966
598da21Thanks @msamoylov! - Fixes a broken link on the default 404 page in developmentv5.10.1Compare Source
Patch Changes
#13988
609044cThanks @ascorbic! - Fixes a bug in live collections that caused it to incorrectly complain about the collection being defined in the wrong file#13909
b258d86Thanks @isVivek99! - Fixes rendering of special boolean attributes for custom elements#13983
e718375Thanks @florian-lefebvre! - Fixes a case where the toolbar audit would incorrectly flag images processed by Astro in content collections documents#13999
f077b68Thanks @ascorbic! - AddslastModifiedfield to experimental live collection cache hintsLive loaders can now set a
lastModifiedfield in the cache hints for entries and collections to indicate when the data was last modified. This is then available in thecacheHintfield returned bygetCollectionandgetEntry.#13987
08f34b1Thanks @ematipico! - Adds an informative message in dev mode when the CSP feature is enabled.#14005
82aad62Thanks @ematipico! - Fixes a bug where inline styles and scripts didn't work when CSP was enabled. Now when adding<styles>elements inside an Astro component, their hashes care correctly computed.#13985
0b4c641Thanks @jsparkdev! - Updates wrong linkv5.10.0Compare Source
Minor Changes
#13917
e615216Thanks @ascorbic! - Adds a newpriorityattribute for Astro's image components.This change introduces a new
priorityoption for the<Image />and<Picture />components, which automatically sets theloading,decoding, andfetchpriorityattributes to their optimal values for above-the-fold images which should be loaded immediately.It is a boolean prop, and you can use the shorthand syntax by simply adding
priorityas a prop to the<Image />or<Picture />component. When set, it will apply the following attributes:loading="eager"decoding="sync"fetchpriority="high"The individual attributes can still be set manually if you need to customize your images further.
By default, the Astro
<Image />component generates<img>tags that lazy-load their content by settingloading="lazy"anddecoding="async". This improves performance by deferring the loading of images that are not immediately visible in the viewport, and gives the best scores in performance audits like Lighthouse.The new
priorityattribute will override those defaults and automatically add the best settings for your high-priority assets.This option was previously available for experimental responsive images, but now it is a standard feature for all images.
Usage
#13917
e615216Thanks @ascorbic! - The responsive images feature introduced behind a flag in v5.0.0 is no longer experimental and is available for general use.The new responsive images feature in Astro automatically generates optimized images for different screen sizes and resolutions, and applies the correct attributes to ensure that images are displayed correctly on all devices.
Enable the
or component, or configure a default
image.responsiveStylesoption in your Astro config. Then, set alayoutattribute on anyimage.layout, for instantly responsive images with automatically generatedsrcsetandsizesattributes based on the image's dimensions and the layout type.Displaying images correctly on the web can be challenging, and is one of the most common performance issues seen in sites. This new feature simplifies the most challenging part of the process: serving your site visitor an image optimized for their viewing experience, and for your website's performance.
For full details, see the updated Image guide.
Migration from Experimental Responsive Images
The
experimental.responsiveImagesflag has been removed, and all experimental image configuration options have been renamed to their final names.If you were using the experimental responsive images feature, you'll need to update your configuration:
Remove the experimental flag
export default defineConfig({ experimental: { - responsiveImages: true, }, });Update image configuration options
During the experimental phase, default styles were applied automatically to responsive images. Now, you need to explicitly set the
responsiveStylesoption totrueif you want these styles applied.export default defineConfig({ image: { + responsiveStyles: true, }, });The experimental image configuration options have been renamed:
Before:
After:
Component usage remains the same
The
layout,fit, andpositionprops on<Image>and<Picture>components work exactly the same as before:If you weren't using the experimental responsive images feature, no changes are required.
Please see the Image guide for more information on using responsive images in Astro.
#13685
3c04c1fThanks @ascorbic! - Adds experimental support for live content collectionsLive content collections are a new type of content collection that fetch their data at runtime rather than build time. This allows you to access frequently-updated data from CMSs, APIs, databases, or other sources using a unified API, without needing to rebuild your site when the data changes.
Live collections vs build-time collections
In Astro 5.0, the content layer API added support for adding diverse content sources to content collections. You can create loaders that fetch data from any source at build time, and then access it inside a page via
getEntry()andgetCollection(). The data is cached between builds, giving fast access and updates.However there is no method for updating the data store between builds, meaning any updates to the data need a full site deploy, even if the pages are rendered on-demand. This means that content collections are not suitable for pages that update frequently. Instead, today these pages tend to access the APIs directly in the frontmatter. This works, but leads to a lot of boilerplate, and means users don't benefit from the simple, unified API that content loaders offer. In most cases users tend to individually create loader libraries that they share between pages.
Live content collections solve this problem by allowing you to create loaders that fetch data at runtime, rather than build time. This means that the data is always up-to-date, without needing to rebuild the site.
How to use
To enable live collections add the
experimental.liveContentCollectionsflag to yourastro.config.mjsfile:Then create a new
src/live.config.tsfile (alongside yoursrc/content.config.tsif you have one) to define your live collections with a live loader and optionally a schema using the newdefineLiveCollection()function from theastro:contentmodule.You can then use the dedicated
getLiveCollection()andgetLiveEntry()functions to access your live data:v5.9.4Compare Source
Patch Changes
#13951
7eb88f1Thanks @ascorbic! - Fixes a issue that caused errors when using an adapter-provided session driver with custom options#13953
448bddcThanks @zaitovalisher! - Fixes a bug where quotes were not added to the 'strict-dynamic' CSP directivev5.9.3Compare Source
Patch Changes
#13923
a9ac5edThanks @ematipico! - BREAKING CHANGE to the experimental Content Security Policy (CSP) onlyChanges the behavior of experimental Content Security Policy (CSP) to now serve hashes differently depending on whether or not a page is prerendered:
<meta>element for static pages.Responseheadercontent-security-policyfor on-demand rendered pages.This new strategy allows you to add CSP content that is not supported in a
<meta>element (e.g.report-uri,frame-ancestors, and sandbox directives) to on-demand rendered pages.No change to your project code is required as this is an implementation detail. However, this will result in a different HTML output for pages that are rendered on demand. Please check your production site to verify that CSP is working as intended.
To keep up to date with this developing feature, or to leave feedback, visit the CSP Roadmap proposal.
#13926
953a249Thanks @ematipico! - Adds a new Astro Adapter Feature calledexperimentalStaticHeadersto allow your adapter to receive theHeadersfor rendered static pages.Adapters that enable support for this feature can access header values directly, affecting their handling of some Astro features such as Content Security Policy (CSP). For example, Astro will no longer serve the CSP
<meta http-equiv="content-security-policy">element in static pages to adapters with this support.Astro will serve the value of the header inside a map that can be retrieved from the hook
astro:build:generated. Adapters can read this mapping and use their hosting headers capabilities to create a configuration file.A new field called
experimentalRouteToHeaderswill contain a map ofMap<IntegrationResolvedRoute, Headers>where theHeaderstype contains the headers emitted by the rendered static route.To enable support for this experimental Astro Adapter Feature, add it to your
adapterFeaturesin your adapter config:See the Adapter API docs for more information about providing adapter features.
#13697
af83b85Thanks @benosmac! - Fixes issues with fallback route pattern matching wheni18n.routing.fallbackTypeisrewrite.generatePathwhen building fallback routes and checking for existing translated pagesNow for a route to be matched it needs to be inside a named
[locale]folder. This fixes an issue whereroute.pattern.test()incorrectly matched dynamic routes, causing the page to be skipped.findRouteToRewriteNow the requested pathname must exist in
route.distURLfor a dynamic route to match. This fixes an issue whereroute.pattern.test()incorrectly matched dynamic routes, causing the build to fail.#13924
1cd8c3bThanks @qw-in! - Fixes an edge case whereisPrerenderedwas incorrectly set tofalsefor static redirects.#13926
953a249Thanks @ematipico! - Fixes an issue where the experimental CSPmetaelement wasn't placed in the<head>element as early as possible, causing these policies to not apply to styles and scripts that came before themetaelement.v5.9.2Compare Source
Patch Changes
#13919
423fe60Thanks @ematipico! - Fixes a bug where Astro added quotes to the CSP resources.Only certain resources require quotes (e.g.
'self'but nothttps://cdn.example.com), so Astro no longer adds quotes to any resources. You must now provide the quotes yourself for resources such as'self'when necessary:export default defineConfig({ experimental: { csp: { styleDirective: { resources: [ - "self", + "'self'", "https://cdn.example.com" ] } } } })#13914
76c5480Thanks @ematipico! - BREAKING CHANGE to the experimental Content Security Policy feature onlyRemoves support for experimental Content Security Policy (CSP) when using the
<ClientRouter />component for view transitions.It is no longer possible to enable experimental CSP while using Astro's view transitions. Support was already unstable with the
<ClientRouter />because CSP required making its underlying implementation asynchronous. This caused breaking changes for several users and therefore, this PR removes support completely.If you are currently using the component for view transitions, please remove the experimental CSP flag as they cannot be used together.
import { defineConfig } from 'astro/config'; export default defineConfig({ experimental: { - csp: true } });Alternatively, to continue using experimental CSP in your project, you can consider migrating to the browser native View Transition API and remove the
<ClientRouter />from your project. You may be able to achieve similar results if you are not using Astro's enhancements to the native View Transitions and Navigation APIs.Support might be reintroduced in future releases. You can follow this experimental feature's development in the CSP RFC.
v5.9.1Compare Source
Patch Changes
#13899
7a1303dThanks @reknih! - Fix bug where error pages would return invalid bodies if the upstream response was compressed#13902
051bc30Thanks @arHSM! - Fixes a bug where vite virtual module ids were incorrectly added in the dev server#13905
81f71caThanks @jsparkdev! - Fixes wrong contents in CSP meta tag.#13907
8246bccThanks @martrapp! - Fixes a bug that caused view transition names to be lost.#13901
37fa0a2Thanks @ansg191! - fix fallback not being removed when server island is renderedv5.9.0Compare Source
Minor Changes
#13802
0eafe14Thanks @ematipico! - Adds experimental Content Security Policy (CSP) supportCSP is an important feature to provide fine-grained control over resources that can or cannot be downloaded and executed by a document. In particular, it can help protect against cross-site scripting (XSS) attacks.
Enabling this feature adds additional security to Astro's handling of processed and bundled scripts and styles by default, and allows you to further configure these, and additional, content types. This new experimental feature has been designed to work in every Astro rendering environment (static pages, dynamic pages and single page applications), while giving you maximum flexibility and with type-safety in mind.
It is compatible with most of Astro's features such as client islands, and server islands, although Astro's view transitions using the
<ClientRouter />are not yet fully supported. Inline scripts are not supported out of the box, but you can provide your own hashes for external and inline scripts.To enable this feature, add the experimental flag in your Astro config:
For more information on enabling and using this feature in your project, see the Experimental CSP docs.
For a complete overview, and to give feedback on this experimental API, see the Content Security Policy RFC.
#13850
1766d22Thanks @ascorbic! - Provides a Markdown renderer to content loadersWhen creating a content loader, you will now have access to a
renderMarkdownfunction that allows you to render Markdown content directly within your loaders. It uses the same settings and plugins as the renderer used for Markdown files in Astro, and follows any Markdown settings you have configured in your Astro project.This allows you to render Markdown content from various sources, such as a CMS or other data sources, directly in your loaders without needing to preprocess the Markdown content separately.
The return value of
renderMarkdownis an object with two properties:htmlandmetadata. These match therenderedproperty of content entries in content collections, so you can use them to render the content in your components or pages.v5.8.2Compare Source
Patch Changes
#13877
5a7797fThanks @yuhang-dong! - Fixes a bug that causedAstro.rewriteto fail when used insequenced middleware#13872
442b841Thanks @isVivek99! - Fixes rendering of thedownloadattribute when it has a boolean valuev5.8.1Compare Source
Patch Changes
de2fc9bThanks @nanarino! - Fixes rendering of thepopoverConfiguration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR was generated by Mend Renovate. View the repository job log.