Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

Bump the npm group with 31 updates

Open
Number: #115
Type: Pull Request
State: Open
Author: dependabot[bot] dependabot[bot]
Association: Contributor
Comments: 2
Created: June 06, 2025 at 12:29 PM UTC
(12 months ago)
Updated: June 07, 2025 at 08:57 AM UTC
(12 months ago)
Labels:
dependencies javascript
Assignees:
poad
Description:

Bumps the npm group with 31 updates:

Package From To
astro 5.8.2 5.9.0
@rollup/rollup-android-arm-eabi 4.41.1 4.41.2
@rollup/rollup-android-arm64 4.41.1 4.41.2
@rollup/rollup-darwin-arm64 4.41.1 4.41.2
@rollup/rollup-darwin-x64 4.41.1 4.41.2
@rollup/rollup-freebsd-arm64 4.41.1 4.41.2
@rollup/rollup-freebsd-x64 4.41.1 4.41.2
@rollup/rollup-linux-arm-gnueabihf 4.41.1 4.41.2
@rollup/rollup-linux-arm-musleabihf 4.41.1 4.41.2
@rollup/rollup-linux-arm64-gnu 4.41.1 4.41.2
@rollup/rollup-linux-arm64-musl 4.41.1 4.41.2
@rollup/rollup-linux-loongarch64-gnu 4.41.1 4.41.2
@rollup/rollup-linux-powerpc64le-gnu 4.41.1 4.41.2
@rollup/rollup-linux-riscv64-gnu 4.41.1 4.41.2
@rollup/rollup-linux-riscv64-musl 4.41.1 4.41.2
@rollup/rollup-linux-s390x-gnu 4.41.1 4.41.2
@rollup/rollup-linux-x64-gnu 4.41.1 4.41.2
@rollup/rollup-linux-x64-musl 4.41.1 4.41.2
@rollup/rollup-win32-arm64-msvc 4.41.1 4.41.2
@rollup/rollup-win32-ia32-msvc 4.41.1 4.41.2
@rollup/rollup-win32-x64-msvc 4.41.1 4.41.2
@shikijs/core 3.5.0 3.6.0
@shikijs/engine-javascript 3.5.0 3.6.0
@shikijs/engine-oniguruma 3.5.0 3.6.0
@shikijs/langs 3.5.0 3.6.0
@shikijs/themes 3.5.0 3.6.0
@shikijs/types 3.5.0 3.6.0
@types/node 22.15.29 22.15.30
rollup 4.41.1 4.41.2
shiki 3.5.0 3.6.0
zod 3.25.51 3.25.55

Updates astro from 5.8.2 to 5.9.0

Release notes

Sourced from astro's releases.

astro@5.9.0

Minor Changes

  • #13802 0eafe14 Thanks @​ematipico! - Adds experimental Content Security Policy (CSP) support

    CSP is an important feature to provide fine-grained control over resources that can or cannot be downloaded and executed by a document. In particular, it can help protect against cross-site scripting (XSS) attacks.

    Enabling this feature adds additional security to Astro's handling of processed and bundled scripts and styles by default, and allows you to further configure these, and additional, content types. This new experimental feature has been designed to work in every Astro rendering environment (static pages, dynamic pages and single page applications), while giving you maximum flexibility and with type-safety in mind.

    It is compatible with most of Astro's features such as client islands, and server islands, although Astro's view transitions using the <ClientRouter /> are not yet fully supported. Inline scripts are not supported out of the box, but you can provide your own hashes for external and inline scripts.

    To enable this feature, add the experimental flag in your Astro config:

    // astro.config.mjs
import { defineConfig } from 'astro/config';

    export default defineConfig({
experimental: {
csp: true,
},
});

    For more information on enabling and using this feature in your project, see the Experimental CSP docs.

    For a complete overview, and to give feedback on this experimental API, see the Content Security Policy RFC.

  • #13850 1766d22 Thanks @​ascorbic! - Provides a Markdown renderer to content loaders

    When creating a content loader, you will now have access to a renderMarkdown function that allows you to render Markdown content directly within your loaders. It uses the same settings and plugins as the renderer used for Markdown files in Astro, and follows any Markdown settings you have configured in your Astro project.

    This allows you to render Markdown content from various sources, such as a CMS or other data sources, directly in your loaders without needing to preprocess the Markdown content separately.

    import type { Loader } from 'astro/loaders';
import { loadFromCMS } from './cms';

    export function myLoader(settings): Loader {
return {
name: 'my-loader',
async load({ renderMarkdown, store }) {
const entries = await loadFromCMS();
    

      store.clear();

    for (const entry of entries) {
    
// Assume each entry has a 'content' field with markdown content
    
store.set(entry.id, {
    
id: entry.id,

... (truncated)

Changelog

Sourced from astro's changelog.

5.9.0

Minor Changes

  • #13802 0eafe14 Thanks @​ematipico! - Adds experimental Content Security Policy (CSP) support

    CSP is an important feature to provide fine-grained control over resources that can or cannot be downloaded and executed by a document. In particular, it can help protect against cross-site scripting (XSS) attacks.

    Enabling this feature adds additional security to Astro's handling of processed and bundled scripts and styles by default, and allows you to further configure these, and additional, content types. This new experimental feature has been designed to work in every Astro rendering environment (static pages, dynamic pages and single page applications), while giving you maximum flexibility and with type-safety in mind.

    It is compatible with most of Astro's features such as client islands, and server islands, although Astro's view transitions using the <ClientRouter /> are not yet fully supported. Inline scripts are not supported out of the box, but you can provide your own hashes for external and inline scripts.

    To enable this feature, add the experimental flag in your Astro config:

    // astro.config.mjs
import { defineConfig } from 'astro/config';

    export default defineConfig({
experimental: {
csp: true,
},
});

    For more information on enabling and using this feature in your project, see the Experimental CSP docs.

    For a complete overview, and to give feedback on this experimental API, see the Content Security Policy RFC.

  • #13850 1766d22 Thanks @​ascorbic! - Provides a Markdown renderer to content loaders

    When creating a content loader, you will now have access to a renderMarkdown function that allows you to render Markdown content directly within your loaders. It uses the same settings and plugins as the renderer used for Markdown files in Astro, and follows any Markdown settings you have configured in your Astro project.

    This allows you to render Markdown content from various sources, such as a CMS or other data sources, directly in your loaders without needing to preprocess the Markdown content separately.

    import type { Loader } from 'astro/loaders';
import { loadFromCMS } from './cms';

    export function myLoader(settings): Loader {
return {
name: 'my-loader',
async load({ renderMarkdown, store }) {
const entries = await loadFromCMS();
    

      store.clear();

    for (const entry of entries) {
    
// Assume each entry has a 'content' field with markdown content
    
store.set(entry.id, {

... (truncated)

Commits

Updates @rollup/rollup-android-arm-eabi from 4.41.1 to 4.41.2

Release notes

Sourced from @​rollup/rollup-android-arm-eabi's releases.

v4.41.2

4.41.2

2025-06-06

Bug Fixes

  • Detect named export usages in dynamic imports with then and non-arrow function expressions (#5977)
  • Do not replace usages of constant variables with their values for readability (#5968)

Pull Requests

Changelog

Sourced from @​rollup/rollup-android-arm-eabi's changelog.

4.41.2

2025-06-06

Bug Fixes

  • Detect named export usages in dynamic imports with then and non-arrow function expressions (#5977)
  • Do not replace usages of constant variables with their values for readability (#5968)

Pull Requests

Commits
  • 13b4669 4.41.2
  • 149d94c Debug/fix watch pipeline (#5982)
  • 13992f2 Update README.md (#5976)
  • 224c900 fix: preserve constant identifiers in unary expressions instead of magic numb...
  • da88626 fix: consider function expression in thenable when tree-shaking dynamic impor...
  • 8f0dbc9 fix(deps): lock file maintenance minor/patch updates (#5981)
  • 4f69d33 chore(deps): update dependency yargs-parser to v22 (#5969)
  • 0fbd796 chore(deps): lock file maintenance (#5971)
  • 11dba62 chore(deps): lock file maintenance minor/patch updates (#5970)
  • See full diff in compare view

Updates @rollup/rollup-android-arm64 from 4.41.1 to 4.41.2

Release notes

Sourced from @​rollup/rollup-android-arm64's releases.

v4.41.2

4.41.2

2025-06-06

Bug Fixes

  • Detect named export usages in dynamic imports with then and non-arrow function expressions (#5977)
  • Do not replace usages of constant variables with their values for readability (#5968)

Pull Requests

Changelog

Sourced from @​rollup/rollup-android-arm64's changelog.

4.41.2

2025-06-06

Bug Fixes

  • Detect named export usages in dynamic imports with then and non-arrow function expressions (#5977)
  • Do not replace usages of constant variables with their values for readability (#5968)

Pull Requests

Commits
  • 13b4669 4.41.2
  • 149d94c Debug/fix watch pipeline (#5982)
  • 13992f2 Update README.md (#5976)
  • 224c900 fix: preserve constant identifiers in unary expressions instead of magic numb...
  • da88626 fix: consider function expression in thenable when tree-shaking dynamic impor...
  • 8f0dbc9 fix(deps): lock file maintenance minor/patch updates (#5981)
  • 4f69d33 chore(deps): update dependency yargs-parser to v22 (#5969)
  • 0fbd796 chore(deps): lock file maintenance (#5971)
  • 11dba62 chore(deps): lock file maintenance minor/patch updates (#5970)
  • See full diff in compare view

Updates @rollup/rollup-darwin-arm64 from 4.41.1 to 4.41.2

Release notes

Sourced from @​rollup/rollup-darwin-arm64's releases.

v4.41.2

4.41.2

2025-06-06

Bug Fixes

  • Detect named export usages in dynamic imports with then and non-arrow function expressions (#5977)
  • Do not replace usages of constant variables with their values for readability (#5968)

Pull Requests

Changelog

Sourced from @​rollup/rollup-darwin-arm64's changelog.

4.41.2

2025-06-06

Bug Fixes

  • Detect named export usages in dynamic imports with then and non-arrow function expressions (#5977)
  • Do not replace usages of constant variables with their values for readability (#5968)

Pull Requests

Commits
  • 13b4669 4.41.2
  • 149d94c Debug/fix watch pipeline (#5982)
  • 13992f2 Update README.md (#5976)
  • 224c900 fix: preserve constant identifiers in unary expressions instead of magic numb...
  • da88626 fix: consider function expression in thenable when tree-shaking dynamic impor...
  • 8f0dbc9 fix(deps): lock file maintenance minor/patch updates (#5981)
  • 4f69d33 chore(deps): update dependency yargs-parser to v22 (#5969)
  • 0fbd796 chore(deps): lock file maintenance (#5971)
  • 11dba62 chore(deps): lock file maintenance minor/patch updates (#5970)
  • See full diff in compare view

Updates @rollup/rollup-darwin-x64 from 4.41.1 to 4.41.2

Release notes

Sourced from @​rollup/rollup-darwin-x64's releases.

v4.41.2

4.41.2

2025-06-06

Bug Fixes

  • Detect named export usages in dynamic imports with then and non-arrow function expressions (#5977)
  • Do not replace usages of constant variables with their values for readability (#5968)

Pull Requests

Changelog

Sourced from @​rollup/rollup-darwin-x64's changelog.

4.41.2

2025-06-06

Bug Fixes

  • Detect named export usages in dynamic imports with then and non-arrow function expressions (#5977)
  • Do not replace usages of constant variables with their values for readability (#5968)

Pull Requests

Commits
  • 13b4669 4.41.2
  • 149d94c Debug/fix watch pipeline (#5982)
  • 13992f2 Update README.md (#5976)
  • 224c900 fix: preserve constant identifiers in unary expressions instead of magic numb...
  • da88626 fix: consider function expression in thenable when tree-shaking dynamic impor...
  • 8f0dbc9 fix(deps): lock file maintenance minor/patch updates (#5981)
  • 4f69d33 chore(deps): update dependency yargs-parser to v22 (#5969)
  • 0fbd796 chore(deps): lock file maintenance (#5971)
  • 11dba62 chore(deps): lock file maintenance minor/patch updates (#5970)
  • See full diff in compare view

Updates @rollup/rollup-freebsd-arm64 from 4.41.1 to 4.41.2

Release notes

Sourced from @​rollup/rollup-freebsd-arm64's releases.

v4.41.2

4.41.2

2025-06-06

Bug Fixes

  • Detect named export usages in dynamic imports with then and non-arrow function expressions (#5977)
  • Do not replace usages of constant variables with their values for readability (#5968)

Pull Requests

Changelog

Sourced from @​rollup/rollup-freebsd-arm64's changelog.

4.41.2

2025-06-06

Bug Fixes

  • Detect named export usages in dynamic imports with then and non-arrow function expressions (#5977)
  • Do not replace usages of constant variables with their values for readability (#5968)

Pull Requests

Commits
  • 13b4669 4.41.2
  • 149d94c Debug/fix watch pipeline (#5982)
  • 13992f2 Update README.md (#5976)
  • 224c900 fix: preserve constant identifiers in unary expressions instead of magic numb...
  • da88626 fix: consider function expression in thenable when tree-shaking dynamic impor...
  • 8f0dbc9 fix(deps): lock file maintenance minor/patch updates (#5981)
  • 4f69d33 chore(deps): update dependency yargs-parser to v22 (#5969)
  • 0fbd796 chore(deps): lock file maintenance (#5971)
  • 11dba62 chore(deps): lock file maintenance minor/patch updates (#5970)
  • See full diff in compare view

Updates @rollup/rollup-freebsd-x64 from 4.41.1 to 4.41.2

Release notes

Sourced from @​rollup/rollup-freebsd-x64's releases.

v4.41.2

4.41.2

2025-06-06

Bug Fixes

  • Detect named export usages in dynamic imports with then and non-arrow function expressions (#5977)
  • Do not replace usages of constant variables with their values for readability (#5968)

Pull Requests

Changelog

Sourced from @​rollup/rollup-freebsd-x64's changelog.

4.41.2

2025-06-06

Bug Fixes

  • Detect named export usages in dynamic imports with then and non-arrow function expressions (#5977)
  • Do not replace usages of constant variables with their values for readability (#5968)

Pull Requests

Commits
  • 13b4669 4.41.2
  • 149d94c Debug/fix watch pipeline (#5982)
  • 13992f2 Update README.md (#5976)
  • 224c900 fix: preserve constant identifiers in unary expressions instead of magic numb...
  • da88626 fix: consider function expression in thenable when tree-shaking dynamic impor...
  • 8f0dbc9 fix(deps): lock file maintenance minor/patch updates (#5981)
  • 4f69d33 chore(deps): update dependency yargs-parser to v22 (#5969)
  • 0fbd796 chore(deps): lock file maintenance (#5971)
  • 11dba62 chore(deps): lock file maintenance minor/patch updates (#5970)
  • See full diff in compare view

Updates @rollup/rollup-linux-arm-gnueabihf from 4.41.1 to 4.41.2

Release notes

Sourced from @​rollup/rollup-linux-arm-gnueabihf's releases.

v4.41.2

4.41.2

2025-06-06

Bug Fixes

  • Detect named export usages in dynamic imports with then and non-arrow function expressions (#5977)
  • Do not replace usages of constant variables with their values for readability (#5968)

Pull Requests

Changelog

Sourced from @​rollup/rollup-linux-arm-gnueabihf's changelog.

4.41.2

2025-06-06

Bug Fixes

  • Detect named export usages in dynamic imports with then and non-arrow function expressions (#5977)
  • Do not replace usages of constant variables with their values for readability (#5968)

Pull Requests

Commits
  • 13b4669 4.41.2
  • 149d94c Debug/fix watch pipeline (#5982)
  • 13992f2 Update README.md (#5976)
  • 224c900 fix: preserve constant identifiers in unary expressions instead of magic numb...
  • da88626 fix: consider function expression in thenable when tree-shaking dynamic impor...
  • 8f0dbc9 fix(deps): lock file maintenance minor/patch updates (#5981)
  • 4f69d33 chore(deps): update dependency yargs-parser to v22 (#5969)
  • 0fbd796 chore(deps): lock file maintenance (#5971)
  • 11dba62 chore(deps): lock file maintenance minor/patch updates (#5970)
  • See full diff in compare view

Updates @rollup/rollup-linux-arm-musleabihf from 4.41.1 to 4.41.2

Release notes

Sourced from @​rollup/rollup-linux-arm-musleabihf's releases.

v4.41.2

4.41.2

2025-06-06

Bug Fixes

  • Detect named export usages in dynamic imports with then and non-arrow function expressions (#5977)
  • Do not replace usages of constant variables with their values for readability (#5968)

Pull Requests

Pull Request Statistics
Commits:
0
Files Changed:
0
Additions:
+0
Deletions:
-0
Package Dependencies
Package:
 astro
Ecosystem:
npm
Version Change:
5.8.2 → 5.9.0
Update Type:
Minor
Package:
zod
Ecosystem:
npm
Version Change:
3.25.51 → 3.25.55
Update Type:
Patch
Package:
@types/node
Ecosystem:
npm
Version Change:
22.15.29 → 22.15.30
Update Type:
Patch
Package:
rollup
Ecosystem:
npm
Version Change:
4.41.1 → 4.41.2
Update Type:
Patch
Package:
@rollup/rollup-linux-x64-gnu
Ecosystem:
npm
Version Change:
4.41.1 → 4.41.2
Update Type:
Patch
Package:
shiki
Ecosystem:
npm
Version Change:
3.5.0 → 3.6.0
Update Type:
Minor
Package:
@rollup/rollup-linux-x64-musl
Ecosystem:
npm
Version Change:
4.41.1 → 4.41.2
Update Type:
Patch
Package:
@rollup/rollup-android-arm-eabi
Ecosystem:
npm
Version Change:
4.41.1 → 4.41.2
Update Type:
Patch
Package:
@rollup/rollup-android-arm64
Ecosystem:
npm
Version Change:
4.41.1 → 4.41.2
Update Type:
Patch
Package:
@rollup/rollup-darwin-arm64
Ecosystem:
npm
Version Change:
4.41.1 → 4.41.2
Update Type:
Patch
Package:
@rollup/rollup-darwin-x64
Ecosystem:
npm
Version Change:
4.41.1 → 4.41.2
Update Type:
Patch
Package:
@rollup/rollup-freebsd-arm64
Ecosystem:
npm
Version Change:
4.41.1 → 4.41.2
Update Type:
Patch
Package:
@rollup/rollup-freebsd-x64
Ecosystem:
npm
Version Change:
4.41.1 → 4.41.2
Update Type:
Patch
Package:
@rollup/rollup-linux-arm-gnueabihf
Ecosystem:
npm
Version Change:
4.41.1 → 4.41.2
Update Type:
Patch
Package:
@rollup/rollup-linux-arm-musleabihf
Ecosystem:
npm
Version Change:
4.41.1 → 4.41.2
Update Type:
Patch
Package:
@rollup/rollup-linux-arm64-gnu
Ecosystem:
npm
Version Change:
4.41.1 → 4.41.2
Update Type:
Patch
Package:
@rollup/rollup-linux-arm64-musl
Ecosystem:
npm
Version Change:
4.41.1 → 4.41.2
Update Type:
Patch
Package:
@rollup/rollup-linux-loongarch64-gnu
Ecosystem:
npm
Version Change:
4.41.1 → 4.41.2
Update Type:
Patch
Package:
@rollup/rollup-linux-powerpc64le-gnu
Ecosystem:
npm
Version Change:
4.41.1 → 4.41.2
Update Type:
Patch
Package:
@rollup/rollup-linux-riscv64-gnu
Ecosystem:
npm
Version Change:
4.41.1 → 4.41.2
Update Type:
Patch
Package:
@rollup/rollup-linux-riscv64-musl
Ecosystem:
npm
Version Change:
4.41.1 → 4.41.2
Update Type:
Patch
Package:
@rollup/rollup-linux-s390x-gnu
Ecosystem:
npm
Version Change:
4.41.1 → 4.41.2
Update Type:
Patch
Package:
@rollup/rollup-win32-arm64-msvc
Ecosystem:
npm
Version Change:
4.41.1 → 4.41.2
Update Type:
Patch
Package:
@rollup/rollup-win32-ia32-msvc
Ecosystem:
npm
Version Change:
4.41.1 → 4.41.2
Update Type:
Patch
Package:
@rollup/rollup-win32-x64-msvc
Ecosystem:
npm
Version Change:
4.41.1 → 4.41.2
Update Type:
Patch
Package:
@shikijs/core
Ecosystem:
npm
Version Change:
3.5.0 → 3.6.0
Update Type:
Minor
Package:
@shikijs/engine-javascript
Ecosystem:
npm
Version Change:
3.5.0 → 3.6.0
Update Type:
Minor
Package:
@shikijs/engine-oniguruma
Ecosystem:
npm
Version Change:
3.5.0 → 3.6.0
Update Type:
Minor
Package:
@shikijs/langs
Ecosystem:
npm
Version Change:
3.5.0 → 3.6.0
Update Type:
Minor
Package:
@shikijs/themes
Ecosystem:
npm
Version Change:
3.5.0 → 3.6.0
Update Type:
Minor
Package:
@shikijs/types
Ecosystem:
npm
Version Change:
3.5.0 → 3.6.0
Update Type:
Minor
Actions
View on GitHub View Repository All Dependabot PRs
Technical Details
ID: 71543
UUID: 3124644856
Node ID: PR_kwDOKSIIAM6ZYnOs
Host: GitHub
Repository: poad/astro-solid-example