Bump astro, @astrojs/starlight, astro-og-canvas and starlight-llms-txt

[dependabot]

Bumps astro, @astrojs/starlight, astro-og-canvas and starlight-llms-txt. These dependencies needed to be updated together.
Updates astro from 5.11.2 to 6.1.9

Release notes

Sourced from astro's releases.

astro@6.1.9

Patch Changes

• #16448 99464ed Thanks @​matthewp! - Updates vite, picomatch, and unstorage to latest patch versions

• #16422 a3951d7 Thanks @​matthewp! - Hardens astro-island export resolution and hydration error handling for malformed component metadata

• #16420 e21de1d Thanks @​matthewp! - Hardens Astro's error overlay and server logging paths to avoid unsafe HTML insertion and format-string interpolation

• #16419 f3485c3 Thanks @​matthewp! - Hardens nested object and package metadata lookups to ignore prototype keys in content handling and project scaffolding

• #16022 a002540 Thanks @​mathieumaf! - Fixes an issue where i18n domains would return 404 when trailingSlash is set to never.

• Updated dependencies [99464ed, f3485c3]:

  • @​astrojs/internal-helpers@​0.9.0
  • @​astrojs/markdown-remark@​7.1.1

astro@6.1.8

Patch Changes

• #16367 a6866a7 Thanks @​ematipico! - Fixes an issue where build output files could contain special characters (!, ~, {, }) in their names, causing deploy failures on platforms like Netlify.

• #16381 217c5b3 Thanks @​ematipico! - Slightly improved the performance of the dev server by caching the internal crawling of the dependencies of a project.

• #16348 7d26cd7 Thanks @​ocavue! - Fixes a bug where emitted assets during a client build would contain always fresh, new hashes in their name. Now the build should be more stable.

• #16317 d012bfe Thanks @​das-peter! - Fixes a bug where allowedDomains weren't correctly propagated when using the development server.

• #16379 5a84551 Thanks @​martrapp! - Improves Vue scoped style handling in DEV mode during client router navigation.

• #16317 d012bfe Thanks @​das-peter! - Adds tests to verify settings are properly propagated when using the development server.

• #16282 5b0fdaa Thanks @​jmurty! - Fixes build errors on platforms with skew protection enabled (e.g. Vercel, Netlify) for inter-chunk Javascript using dynamic imports

• Updated dependencies [e0b240e]:

  • @​astrojs/telemetry@​3.3.1

astro@6.1.7

Patch Changes

• #16027 c62516b Thanks @​fkatsuhiro! - Fixes a bug where remote image dimensions were not validated during static builds on Netlify.

• #16311 94048f2 Thanks @​Arecsu! - Fixes --port flag being ignored after a Vite-triggered server restart (e.g. when a .env file changes)

• #16316 0fcd04c Thanks @​ematipico! - Fixes the /_image endpoint accepting an arbitrary f=svg query parameter and serving non-SVG content as image/svg+xml. The endpoint now validates that the source is actually SVG before honoring f=svg, matching the same guard already enforced on the <Image> component path.

astro@6.1.6

Patch Changes

• #16202 b5c2fba Thanks @​matthewp! - Fixes Actions failing with ActionsWithoutServerOutputError when using output: 'static' with an adapter

... (truncated)

Changelog

Sourced from astro's changelog.

6.1.9

Patch Changes

• #16448 99464ed Thanks @​matthewp! - Updates vite, picomatch, and unstorage to latest patch versions

• #16422 a3951d7 Thanks @​matthewp! - Hardens astro-island export resolution and hydration error handling for malformed component metadata

• #16420 e21de1d Thanks @​matthewp! - Hardens Astro's error overlay and server logging paths to avoid unsafe HTML insertion and format-string interpolation

• #16419 f3485c3 Thanks @​matthewp! - Hardens nested object and package metadata lookups to ignore prototype keys in content handling and project scaffolding

• #16022 a002540 Thanks @​mathieumaf! - Fixes an issue where i18n domains would return 404 when trailingSlash is set to never.

• Updated dependencies [99464ed, f3485c3]:

  • @​astrojs/internal-helpers@​0.9.0
  • @​astrojs/markdown-remark@​7.1.1

6.1.8

Patch Changes

• #16367 a6866a7 Thanks @​ematipico! - Fixes an issue where build output files could contain special characters (!, ~, {, }) in their names, causing deploy failures on platforms like Netlify.

• #16381 217c5b3 Thanks @​ematipico! - Slightly improved the performance of the dev server by caching the internal crawling of the dependencies of a project.

• #16348 7d26cd7 Thanks @​ocavue! - Fixes a bug where emitted assets during a client build would contain always fresh, new hashes in their name. Now the build should be more stable.

• #16317 d012bfe Thanks @​das-peter! - Fixes a bug where allowedDomains weren't correctly propagated when using the development server.

• #16379 5a84551 Thanks @​martrapp! - Improves Vue scoped style handling in DEV mode during client router navigation.

• #16317 d012bfe Thanks @​das-peter! - Adds tests to verify settings are properly propagated when using the development server.

• #16282 5b0fdaa Thanks @​jmurty! - Fixes build errors on platforms with skew protection enabled (e.g. Vercel, Netlify) for inter-chunk Javascript using dynamic imports

• Updated dependencies [e0b240e]:

  • @​astrojs/telemetry@​3.3.1

6.1.7

Patch Changes

• #16027 c62516b Thanks @​fkatsuhiro! - Fixes a bug where remote image dimensions were not validated during static builds on Netlify.

• #16311 94048f2 Thanks @​Arecsu! - Fixes --port flag being ignored after a Vite-triggered server restart (e.g. when a .env file changes)

• #16316 0fcd04c Thanks @​ematipico! - Fixes the /_image endpoint accepting an arbitrary f=svg query parameter and serving non-SVG content as image/svg+xml. The endpoint now validates that the source is actually SVG before honoring f=svg, matching the same guard already enforced on the <Image> component path.

6.1.6

... (truncated)

Commits

• 21ca872 [ci] release (#16399)
• f3485c3 Harden nested object path lookups (#16419)
• 99464ed Bump vite, picomatch, and unstorage to latest patch versions (#16448)
• 471a4d6 refactor(astro): migrate all remaining tests to typescript (#16444)
• e21de1d fix(astro): harden error overlay and log formatting (#16420)
• a3951d7 fix(astro): harden astro-island export resolution (#16422)
• 8a13969 refactor(astro): migrate 4 tests to typescript (#16427)
• 3bdc4ac refactor(astro): migrate core-image tests to typescript (#16413)
• 72e9faa refactor(astro): migrate 19 tests to typescript (#16414)
• 1c477aa refactor(astro): migrate 10 tests to typescript (#16411)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for astro since your current version.

Updates @astrojs/starlight from 0.34.8 to 0.38.3

Release notes

Sourced from @​astrojs/starlight's releases.

@​astrojs/starlight@​0.38.3

Patch Changes

• #3799 313611b Thanks @​JosefJezek! - Improves Czech UI translations

• #3770 6e7bed1 Thanks @​gameroman! - Adds examples to the inline documentation for title in the Starlight configuration object

• #3801 fedd48b Thanks @​delucis! - Fixes missing draft content warning in dev on pages using the hero layout

@​astrojs/starlight@​0.38.2

Patch Changes

• #3759 f24ce99 Thanks @​MilesChou! - Fixes an issue where monolingual sites using a region-specific locale (e.g., zh-TW) as the default would incorrectly display base language translations (e.g., zh Simplified Chinese) instead of the region-specific ones (e.g., zh-TW Traditional Chinese).

• #3768 a4c6c20 Thanks @​delucis! - Improves performance of sidebar generation for sites with very large sidebars

@​astrojs/starlight@​0.38.1

Patch Changes

• #3751 fb955ff Thanks @​pyxelr! - Fixes a regression causing global tableOfContents config to be ignored

@​astrojs/starlight@​0.38.0

Minor Changes

• #3644 0d2e7ed Thanks @​HiDeoo! - Adds support for Astro v6, drops support for Astro v5.

  Upgrade Astro and dependencies

  ⚠️ BREAKING CHANGE: Astro v5 is no longer supported. Make sure you update Astro and any other official integrations at the same time as updating Starlight:

  npx @astrojs/upgrade

  Community Starlight plugins and Astro integrations may also need to be manually updated to work with Astro v6. If you encounter any issues, please reach out to the plugin or integration author to see if it is a known issue or if an updated version is being worked on.

  Update your collections

  ⚠️ BREAKING CHANGE: Drops support for content collections backwards compatibility.

  In Astro 5.x, projects could delay upgrading to the new Content Layer API introduced for content collections because of some existing automatic backwards compatibility that was not previously behind a flag. This meant that it was possible to upgrade from Astro 4 to Astro 5 without updating your content collections, even if you had not enabled the legacy.collections flag. Projects would continue to build, and no errors or warnings would be displayed.

  Astro v6.0 now removes this automatic legacy content collections support, along with the legacy.collections flag.

  If you experience content collections errors after updating to v6, check your project for any removed legacy features that may need updating to the Content Layer API. See the Starlight v0.30.0 upgrade guide for detailed instructions on upgrading legacy collections to the new Content Layer API.

  If you are unable to make any changes to your collections at this time, including Starlight's default docs and i18n collections, you can enable the legacy.collectionsBackwardsCompat flag to upgrade to v6 without updating your collections. This temporary flag preserves some legacy v4 content collections features, and will allow you to keep your collections in their current state until the legacy flag is no longer supported.

• #3704 375edcc Thanks @​florian-lefebvre! - Fixes autocomplete for components exported from @astrojs/starlight/components/*

... (truncated)

Changelog

Sourced from @​astrojs/starlight's changelog.

0.38.3

Patch Changes

• #3799 313611b Thanks @​JosefJezek! - Improves Czech UI translations

• #3770 6e7bed1 Thanks @​gameroman! - Adds examples to the inline documentation for title in the Starlight configuration object

• #3801 fedd48b Thanks @​delucis! - Fixes missing draft content warning in dev on pages using the hero layout

0.38.2

Patch Changes

• #3759 f24ce99 Thanks @​MilesChou! - Fixes an issue where monolingual sites using a region-specific locale (e.g., zh-TW) as the default would incorrectly display base language translations (e.g., zh Simplified Chinese) instead of the region-specific ones (e.g., zh-TW Traditional Chinese).

• #3768 a4c6c20 Thanks @​delucis! - Improves performance of sidebar generation for sites with very large sidebars

0.38.1

Patch Changes

• #3751 fb955ff Thanks @​pyxelr! - Fixes a regression causing global tableOfContents config to be ignored

0.38.0

Minor Changes

• #3644 0d2e7ed Thanks @​HiDeoo! - Adds support for Astro v6, drops support for Astro v5.

  Upgrade Astro and dependencies

  ⚠️ BREAKING CHANGE: Astro v5 is no longer supported. Make sure you update Astro and any other official integrations at the same time as updating Starlight:

  npx @astrojs/upgrade

  Community Starlight plugins and Astro integrations may also need to be manually updated to work with Astro v6. If you encounter any issues, please reach out to the plugin or integration author to see if it is a known issue or if an updated version is being worked on.

  Update your collections

  ⚠️ BREAKING CHANGE: Drops support for content collections backwards compatibility.

  In Astro 5.x, projects could delay upgrading to the new Content Layer API introduced for content collections because of some existing automatic backwards compatibility that was not previously behind a flag. This meant that it was possible to upgrade from Astro 4 to Astro 5 without updating your content collections, even if you had not enabled the legacy.collections flag. Projects would continue to build, and no errors or warnings would be displayed.

  Astro v6.0 now removes this automatic legacy content collections support, along with the legacy.collections flag.

  If you experience content collections errors after updating to v6, check your project for any removed legacy features that may need updating to the Content Layer API. See the Starlight v0.30.0 upgrade guide for detailed instructions on upgrading legacy collections to the new Content Layer API.

... (truncated)

Commits

• 7a59b9a [ci] release (#3773)
• 313611b Update Czech translations for consistency (#3799)
• fedd48b Include draft content notice on pages with hero component (#3801)
• d940845 [ci] format
• 6e7bed1 docs: update jsdoc for UserConfigSchema.title with example (#3770)
• d871021 [ci] release (#3766)
• a4c6c20 Improve performance of sidebar generation logic (#3768)
• f24ce99 fix: use region-specific translations for default locale (#3759)
• 1a87ed4 Update to Vitest 4.1 (#3757)
• ac64c72 [ci] release (#3752)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​astrojs/starlight since your current version.

Updates astro-og-canvas from 0.5.6 to 0.11.1

Release notes

Sourced from astro-og-canvas's releases.

astro-og-canvas@0.11.1

Patch Changes

• #163 390fdea Thanks @​renovate! - Updates dependency canvaskit-wasm to ^0.41.1

astro-og-canvas@0.11.0

Minor Changes

• #157 91ac061 Thanks @​renovate! - Updates dependency entities to v8

  ⚠️ Potentially breaking change: The minimum supported Node version is now 20.19.0

Patch Changes

• #155 1066126 Thanks @​renovate! - Updates dependency canvaskit-wasm to ^0.41.0

astro-og-canvas@0.10.1

Patch Changes

• #128 dd829f9 Thanks @​renovate! - Updates dependency entities to ^7.0.1

astro-og-canvas@0.10.0

Minor Changes

• #119 151edd2 Thanks @​delucis! - Makes OGImageRoute() asynchronous.

  ⚠️ BREAKING CHANGE: You must now await the result of OGImageRoute():

  import { OGImageRoute } from 'astro-og-canvas';
  
  export const { getStaticPaths, GET } = OGImageRoute({
  
  
  export const { getStaticPaths, GET } = await OGImageRoute({

Patch Changes

• #119 151edd2 Thanks @​delucis! - Fixes using the built-in getSlug() for OG images with format: "JPEG" or format: "WEBP"

astro-og-canvas@0.9.0

Minor Changes

• #117 b94a123 Thanks @​delucis! - Adds type safety to OGImageRoute. The page parameter in getSlug() and getImageOptions() is now correctly inferred from the value passed to pages instead of being typed as any.

  OGImageRoute({
    pages: {
      example: {
        title: 'Example Page',
        description: 'Description of this page shown in smaller text',

... (truncated)

Changelog

Sourced from astro-og-canvas's changelog.

0.11.1

Patch Changes

• #163 390fdea Thanks @​renovate! - Updates dependency canvaskit-wasm to ^0.41.1

0.11.0

Minor Changes

• #157 91ac061 Thanks @​renovate! - Updates dependency entities to v8

  ⚠️ Potentially breaking change: The minimum supported Node version is now 20.19.0

Patch Changes

• #155 1066126 Thanks @​renovate! - Updates dependency canvaskit-wasm to ^0.41.0

0.10.1

Patch Changes

• #128 dd829f9 Thanks @​renovate! - Updates dependency entities to ^7.0.1

0.10.0

Minor Changes

• #119 151edd2 Thanks @​delucis! - Makes OGImageRoute() asynchronous.

  ⚠️ BREAKING CHANGE: You must now await the result of OGImageRoute():

  import { OGImageRoute } from 'astro-og-canvas';
  
  export const { getStaticPaths, GET } = OGImageRoute({
  
  
  export const { getStaticPaths, GET } = await OGImageRoute({

Patch Changes

• #119 151edd2 Thanks @​delucis! - Fixes using the built-in getSlug() for OG images with format: "JPEG" or format: "WEBP"

0.9.0

Minor Changes

• #117 b94a123 Thanks @​delucis! - Adds type safety to OGImageRoute. The page parameter in getSlug() and getImageOptions() is now correctly inferred from the value passed to pages instead of being typed as any.

... (truncated)

Commits

• 574c03c Version Packages (#165)
• 867ea9d Update dependency typescript to v6 (#158)
• 390fdea Update dependency canvaskit-wasm to ^0.41.1 (#163)
• 705ec9b Update dependency astro to ^6.1.5 (#162)
• d9c7beb Version Packages (#160)
• 91ac061 Update dependency entities to v8 (#157)
• 1066126 Update dependency canvaskit-wasm to ^0.41.0 (#155)
• f1ea3a0 Update astro (#153)
• 6fbab24 Update dependency astro to ^6.0.4 (#152)
• 0b30f26 Update dependency astro to ^6.0.3 (#151)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for astro-og-canvas since your current version.

Install script changes

This version modifies prepublish script that runs during installation. Review the package contents before updating.

Updates starlight-llms-txt from 0.5.1 to 0.8.1

Release notes

Sourced from starlight-llms-txt's releases.

starlight-llms-txt@0.8.1

Patch Changes

• 29e5efb Thanks @​mvanhorn! - Strips HTML comments from llms.txt files. <!-- ... --> style comments in .md files are no longer emitted in the generated files.

starlight-llms-txt@0.8.0

Minor Changes

• #80 dea7b22 Thanks @​nonoakij! - Adds support for Astro v6 and Starlight v0.38, drops support for lower versions.

starlight-llms-txt@0.7.0

Minor Changes

• #43 1db4591 Thanks @​sanscontext! - Enforces llms.txt files to be prerendered at build time. Previously, sites using Astro’s output: server configuration would generate llms.txt files on-demand, which can be slow, and additionally was incompatible with the custom sets feature. This change means that llms.txt files are statically generated even for sites using output: server.

  ⚠️ Potentially breaking change: If you were relying on on-demand rendered llms.txt files, for example by using middleware to gate access, this may be a breaking change. Please share your use case to let us know if you need this.

starlight-llms-txt@0.6.1

Patch Changes

• #49 56b8233 Thanks @​delucis! - No code changes. This release is the first published using OIDC trusted publisher configuration for improved security.

starlight-llms-txt@0.6.0

Minor Changes

• #30 a1650c9 Thanks @​alvinometric! - Adds a new rawContent option to skip the Markdown processing pipeline

Changelog

Sourced from starlight-llms-txt's changelog.

0.8.1

Patch Changes

• 29e5efb Thanks @​mvanhorn! - Strips HTML comments from llms.txt files. <!-- ... --> style comments in .md files are no longer emitted in the generated files.

0.8.0

Minor Changes

• #80 dea7b22 Thanks @​nonoakij! - Adds support for Astro v6 and Starlight v0.38, drops support for lower versions.

0.7.0

Minor Changes

• #43 1db4591 Thanks @​sanscontext! - Enforces llms.txt files to be prerendered at build time. Previously, sites using Astro’s output: server configuration would generate llms.txt files on-demand, which can be slow, and additionally was incompatible with the custom sets feature. This change means that llms.txt files are statically generated even for sites using output: server.

  ⚠️ Potentially breaking change: If you were relying on on-demand rendered llms.txt files, for example by using middleware to gate access, this may be a breaking change. Please share your use case to let us know if you need this.

0.6.1

Patch Changes

• #49 56b8233 Thanks @​delucis! - No code changes. This release is the first published using OIDC trusted publisher configuration for improved security.

0.6.0

Minor Changes

• #30 a1650c9 Thanks @​alvinometric! - Adds a new rawContent option to skip the Markdown processing pipeline

Commits

• 5b7d9e0 [ci] release (#98)
• 29e5efb fix: strip HTML comments from llms.txt output (#97)
• a66510e fix(deps): update astro (#95)
• 6409751 fix(deps): update astro (#92)
• 897ff05 fix(deps): update dependency astro to ^6.0.4 (#89)
• c0eb642 fix(deps): update dependency @​astrojs/starlight to ^0.38.1 (#88)
• 9b81974 fix(deps): update dependency astro to ^6.0.3 (#86)
• b70667a fix(deps): update dependency astro to ^6.0.2 (#82)
• 9aee078 [ci] release (#81)
• dea7b22 feat: add Astro v6 support (#80)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for starlight-llms-txt since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[ejntaylor]

@maciekpalmowski @leo-siburian7 can you QA as major version bump

[netlify]

❌ Deploy Preview for deluxe-meerkat-8daf24 failed.

Name	Link
🔨 Latest commit	ad65be9
🔍 Latest deploy log	https://app.netlify.com/projects/deluxe-meerkat-8daf24/deploys/69ea09269b92870008c5a026

[leo-siburian7]

@ejntaylor the deployment is failed, could you help fix? Will check once deployed.