Skip to content

build(deps): bump astro from 6.1.9 to 6.2.1#46

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/astro-6.1.10
Closed

build(deps): bump astro from 6.1.9 to 6.2.1#46
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/astro-6.1.10

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 29, 2026
edited
Loading

Bumps astro from 6.1.9 to 6.2.1.

Release notes

Sourced from astro's releases.

astro@6.2.1

Patch Changes

  • #16531 76db01d Thanks @​rodrigosdev! - Fixes config validation for omitted integrations fields with newer Zod versions.

  • #16535 7df0fe4 Thanks @​rururux! - Fixed an issue where a warning was displayed when the server property was missing during config validation, even though it is not required.

  • #16534 5cf6c51 Thanks @​matthewp! - Fixes compatibility with Zod 4.4.0 for the server config property and error formatting

astro@6.2.0

Minor Changes

  • #16187 fe58071 Thanks @​gllmt! - Adds a waitUntil option to the RenderOptions so that adapters can forward runtime background-task hooks to Astro.

    When provided by an adapter, runtime cache providers receive context.waitUntil in CacheProvider.onRequest(), which allows background cache work such as stale-while-revalidate without blocking the response. The Cloudflare adapter now forwards ExecutionContext.waitUntil to this API.

  • #16290 a49637a Thanks @​ViVaLaDaniel! - Ensures that server.allowedHosts (and vite.preview.allowedHosts) configuration is respected when using astro preview with the @astrojs/cloudflare adapter. This improves security by preventing DNS rebinding attacks when previewing Cloudflare builds locally.

  • #15725 4108ec1 Thanks @​meyer! - Adds support for a new 'jsx' value for the compressHTML option. When set, whitespace is stripped using JSX whitespace rules instead of the default HTML compression strategy.

    // astro.config.mjs
import { defineConfig } from 'astro/config';
export default defineConfig({
compressHTML: 'jsx',
});

    In JSX, whitespaces never matter, as such, no amount of indentation, or newlines will not affect the rendered output. For instance, the following code:

    <div>
  <span>foo</span>
  <span>bar</span>
</div>

    will be rendered as foobar, whereas with HTML whitespace rules, a space would be present between the words due to the newline and indentation between the tags.

  • #16477 28fb3e1 Thanks @​ematipico! - Adds experimental support for configurable log handlers.

    This experimental feature provides better control over Astro's logging infrastructure by allowing users to replace the default console output with custom logging implementations (e.g., structured JSON). This is particularly useful for users using on-demand rendering and wishing to connect their log aggregation services, such as Kibana, Logstash, CloudWatch, Grafana, or Loki.

    By default, Astro provides three built-in log handlers (json, node, and console), but you can also create your own.

    JSON logging

... (truncated)

Changelog

Sourced from astro's changelog.

6.2.1

Patch Changes

  • #16531 76db01d Thanks @​rodrigosdev! - Fixes config validation for omitted integrations fields with newer Zod versions.

  • #16535 7df0fe4 Thanks @​rururux! - Fixed an issue where a warning was displayed when the server property was missing during config validation, even though it is not required.

  • #16534 5cf6c51 Thanks @​matthewp! - Fixes compatibility with Zod 4.4.0 for the server config property and error formatting

6.2.0

Minor Changes

  • #16187 fe58071 Thanks @​gllmt! - Adds a waitUntil option to the RenderOptions so that adapters can forward runtime background-task hooks to Astro.

    When provided by an adapter, runtime cache providers receive context.waitUntil in CacheProvider.onRequest(), which allows background cache work such as stale-while-revalidate without blocking the response. The Cloudflare adapter now forwards ExecutionContext.waitUntil to this API.

  • #16290 a49637a Thanks @​ViVaLaDaniel! - Ensures that server.allowedHosts (and vite.preview.allowedHosts) configuration is respected when using astro preview with the @astrojs/cloudflare adapter. This improves security by preventing DNS rebinding attacks when previewing Cloudflare builds locally.

  • #15725 4108ec1 Thanks @​meyer! - Adds support for a new 'jsx' value for the compressHTML option. When set, whitespace is stripped using JSX whitespace rules instead of the default HTML compression strategy.

    // astro.config.mjs
import { defineConfig } from 'astro/config';
export default defineConfig({
compressHTML: 'jsx',
});

    In JSX, whitespaces never matter, as such, no amount of indentation, or newlines will not affect the rendered output. For instance, the following code:

    <div>
  <span>foo</span>
  <span>bar</span>
</div>

    will be rendered as foobar, whereas with HTML whitespace rules, a space would be present between the words due to the newline and indentation between the tags.

  • #16477 28fb3e1 Thanks @​ematipico! - Adds experimental support for configurable log handlers.

    This experimental feature provides better control over Astro's logging infrastructure by allowing users to replace the default console output with custom logging implementations (e.g., structured JSON). This is particularly useful for users using on-demand rendering and wishing to connect their log aggregation services, such as Kibana, Logstash, CloudWatch, Grafana, or Loki.

    By default, Astro provides three built-in log handlers (json, node, and console), but you can also create your own.

... (truncated)

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Apr 29, 2026
@dependabot dependabot Bot changed the title build(deps): bump astro from 6.1.9 to 6.1.10 build(deps): bump astro from 6.1.9 to 6.2.1 Apr 30, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/astro-6.1.10 branch 3 times, most recently from 3e9e083 to 3a5351f Compare April 30, 2026 18:10
@dependabot
build(deps): bump astro from 6.1.9 to 6.2.1
a1c4240 
Bumps [astro](https://github.com/withastro/astro/tree/HEAD/packages/astro) from 6.1.9 to 6.2.1.
- [Release notes](https://github.com/withastro/astro/releases)
- [Changelog](https://github.com/withastro/astro/blob/main/packages/astro/CHANGELOG.md)
- [Commits](https://github.com/withastro/astro/commits/astro@6.2.1/packages/astro)

---
updated-dependencies:
- dependency-name: astro
  dependency-version: 6.1.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/astro-6.1.10 branch from 3a5351f to a1c4240 Compare April 30, 2026 21:17
@theagenticguy theagenticguy mentioned this pull request Apr 30, 2026
Merged
5 tasks
@theagenticguy
Copy link
Copy Markdown
Owner

theagenticguy commented Apr 30, 2026

Superseded by #51, which consolidates this bump with 11 other open dependabot PRs so they land in a single CI cycle.

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Apr 30, 2026

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/astro-6.1.10 branch April 30, 2026 22:46
theagenticguy added a commit that referenced this pull request Apr 30, 2026
@theagenticguy
build(deps): consolidate 12 dependabot bumps (#51)
283c2be 
## Summary

Consolidates all 12 open dependabot PRs into a single branch so they can
land together with one CI cycle.

### npm deps
- `@aws-sdk/client-bedrock-runtime` 3.1035.0 → 3.1040.0 — closes #50
- `@commitlint/cli` 20.5.0 → 20.5.3 — closes #49
- `fast-xml-parser` 5.7.1 → 5.7.2 — closes #48
- `sharp` ^0.34.1 → ^0.34.5 — closes #47
- `astro` ^6.1.9 → ^6.2.1 — closes #46
- `ts-morph` ^25.0.1 → ^28.0.0 — closes #45
- `@bufbuild/protobuf` 2.11.0 → 2.12.0 — closes #44
- `ajv` 8.18.0 → 8.20.0 — closes #43
- typescript-tooling group (`@biomejs/biome` 2.4.12 → 2.4.13,
`@types/node` 24.12.2 → 25.6.0) — closes #42

### GitHub Actions
- `actions/cache` v4 → v5 — closes #41
- `googleapis/release-please-action` v4 → v5 — closes #40
- `actions/github-script` v7 → v9 — closes #39

### Drive-by fixes
- Bump `biome.json` `$schema` URL to 2.4.13 to match the new CLI
version.
- Remove `.gitnexus` from `.gitignore` — it was tripping the
banned-strings guardrail (added in b848c2f) and blocking every local
commit via lefthook.

## Test plan
- [x] `pnpm install` — no peer warnings introduced beyond those already
present on main
- [x] `pnpm run build` — all 15 packages build
- [x] `pnpm run typecheck` — clean
- [x] `pnpm -r test` — 1627 pass, 0 fail across all packages
- [x] lefthook pre-commit (biome + banned-strings) passes

Does NOT touch the `pnpm.onlyBuiltDependencies` list — verified by diff,
because prior sessions saw `pnpm approve-builds` destructively rewrite
it.
theagenticguy added a commit that referenced this pull request May 1, 2026
@theagenticguy
build(deps): consolidate 12 dependabot bumps (#51)
d2958f2 
## Summary

Consolidates all 12 open dependabot PRs into a single branch so they can
land together with one CI cycle.

### npm deps
- `@aws-sdk/client-bedrock-runtime` 3.1035.0 → 3.1040.0 — closes #50
- `@commitlint/cli` 20.5.0 → 20.5.3 — closes #49
- `fast-xml-parser` 5.7.1 → 5.7.2 — closes #48
- `sharp` ^0.34.1 → ^0.34.5 — closes #47
- `astro` ^6.1.9 → ^6.2.1 — closes #46
- `ts-morph` ^25.0.1 → ^28.0.0 — closes #45
- `@bufbuild/protobuf` 2.11.0 → 2.12.0 — closes #44
- `ajv` 8.18.0 → 8.20.0 — closes #43
- typescript-tooling group (`@biomejs/biome` 2.4.12 → 2.4.13,
`@types/node` 24.12.2 → 25.6.0) — closes #42

### GitHub Actions
- `actions/cache` v4 → v5 — closes #41
- `googleapis/release-please-action` v4 → v5 — closes #40
- `actions/github-script` v7 → v9 — closes #39

### Drive-by fixes
- Bump `biome.json` `$schema` URL to 2.4.13 to match the new CLI
version.

## Test plan
- [x] `pnpm install` — no peer warnings introduced beyond those already
present on main
- [x] `pnpm run build` — all 15 packages build
- [x] `pnpm run typecheck` — clean
- [x] `pnpm -r test` — 1627 pass, 0 fail across all packages
- [x] lefthook pre-commit (biome + banned-strings) passes

Does NOT touch the `pnpm.onlyBuiltDependencies` list — verified by diff,
because prior sessions saw `pnpm approve-builds` destructively rewrite
it.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@theagenticguy