Sync Upstream by smithcoin · Pull Request #190 · kindspells/astro-shield

smithcoin · 2025-04-29T04:17:53Z

bump dependencies, includes: #183 and #187

Apply #187

feat: add `removeHtmlExtension` option

update deps

Upgrade deps

bump versions

Bumps the dev-deps-security group with 1 update: [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite). Updates `vite` from 6.3.3 to 6.3.4 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v6.3.4/packages/vite) --- updated-dependencies: - dependency-name: vite dependency-version: 6.3.4 dependency-type: direct:development dependency-group: dev-deps-security ... Signed-off-by: dependabot[bot] <support@github.com>

…ps-security-de653eece3 chore(deps-dev): bump vite from 6.3.3 to 6.3.4 in the dev-deps-security group

…dates Bumps the dev-deps group with 1 update in the / directory: [@moonrepo/cli](https://github.com/moonrepo/moon/tree/HEAD/packages/cli). Updates `@moonrepo/cli` from 1.35.3 to 1.35.5 - [Release notes](https://github.com/moonrepo/moon/releases) - [Changelog](https://github.com/moonrepo/moon/blob/master/CHANGELOG.md) - [Commits](https://github.com/moonrepo/moon/commits/@moonrepo/cli@1.35.5/packages/cli) Updates `@vitest/coverage-v8` from 3.1.2 to 3.1.3 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Commits](https://github.com/vitest-dev/vitest/commits/v3.1.3/packages/coverage-v8) Updates `vitest` from 3.1.2 to 3.1.3 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Commits](https://github.com/vitest-dev/vitest/commits/v3.1.3/packages/vitest) Updates `@astrojs/starlight` from 0.34.1 to 0.34.3 - [Release notes](https://github.com/withastro/starlight/releases) - [Changelog](https://github.com/withastro/starlight/blob/main/packages/starlight/CHANGELOG.md) - [Commits](https://github.com/withastro/starlight/commits/@astrojs/starlight@0.34.3/packages/starlight) Updates `@types/node` from 22.15.3 to 22.15.17 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `rollup` from 4.40.1 to 4.40.2 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.40.1...v4.40.2) Updates `vite` from 6.3.4 to 6.3.5 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v6.3.5/packages/vite) --- updated-dependencies: - dependency-name: "@moonrepo/cli" dependency-version: 1.35.5 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-deps - dependency-name: "@vitest/coverage-v8" dependency-version: 3.1.3 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-deps - dependency-name: vitest dependency-version: 3.1.3 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-deps - dependency-name: "@astrojs/starlight" dependency-version: 0.34.3 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-deps - dependency-name: "@types/node" dependency-version: 22.15.17 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-deps - dependency-name: rollup dependency-version: 4.40.2 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-deps - dependency-name: vite dependency-version: 6.3.5 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-deps ... Signed-off-by: dependabot[bot] <support@github.com>

…eps-0eb56ae30e chore(deps-dev): bump the dev-deps group across 1 directory with 7 updates

Bumps the prod-deps group with 3 updates: [astro-sst](https://github.com/sst/astro-sst/tree/HEAD/packages/astro-sst), [sst](https://github.com/sst/sst) and [astro](https://github.com/withastro/astro/tree/HEAD/packages/astro). Updates `astro-sst` from 3.1.3 to 3.1.4 - [Release notes](https://github.com/sst/astro-sst/releases) - [Changelog](https://github.com/sst/astro-sst/blob/master/packages/astro-sst/CHANGELOG.md) - [Commits](https://github.com/sst/astro-sst/commits/astro-sst@3.1.4/packages/astro-sst) Updates `sst` from 3.14.12 to 3.14.28 - [Release notes](https://github.com/sst/sst/releases) - [Changelog](https://github.com/sst/sst/blob/dev/.goreleaser.yml) - [Commits](anomalyco/sst@v3.14.12...v3.14.28) Updates `astro` from 5.7.12 to 5.7.13 - [Release notes](https://github.com/withastro/astro/releases) - [Changelog](https://github.com/withastro/astro/blob/main/packages/astro/CHANGELOG.md) - [Commits](https://github.com/withastro/astro/commits/astro@5.7.13/packages/astro) --- updated-dependencies: - dependency-name: astro-sst dependency-version: 3.1.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-deps - dependency-name: sst dependency-version: 3.14.28 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-deps - dependency-name: astro dependency-version: 5.7.13 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-deps ... Signed-off-by: dependabot[bot] <support@github.com>

…dates Bumps the dev-deps group with 1 update in the / directory: [@moonrepo/cli](https://github.com/moonrepo/moon/tree/HEAD/packages/cli). Updates `@moonrepo/cli` from 1.35.5 to 1.35.7 - [Release notes](https://github.com/moonrepo/moon/releases) - [Changelog](https://github.com/moonrepo/moon/blob/master/CHANGELOG.md) - [Commits](https://github.com/moonrepo/moon/commits/@moonrepo/cli@1.35.7/packages/cli) Updates `@types/node` from 22.15.17 to 22.15.19 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `rollup` from 4.40.2 to 4.41.0 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.40.2...v4.41.0) --- updated-dependencies: - dependency-name: "@moonrepo/cli" dependency-version: 1.35.7 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-deps - dependency-name: "@types/node" dependency-version: 22.15.19 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-deps - dependency-name: rollup dependency-version: 4.41.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-deps ... Signed-off-by: dependabot[bot] <support@github.com>

…deps-2fc0133869 chore(deps): bump the prod-deps group with 3 updates

Signed-off-by: Daniel Smith <31456567+smithcoin@users.noreply.github.com>

…eps-65856f17b0 chore(deps-dev): bump the dev-deps group across 1 directory with 3 updates

Bumps the prod-deps group with 4 updates: [sharp](https://github.com/lovell/sharp), [sst](https://github.com/sst/sst), [astro](https://github.com/withastro/astro/tree/HEAD/packages/astro) and [@astrojs/node](https://github.com/withastro/astro/tree/HEAD/packages/integrations/node). Updates `sharp` from 0.34.1 to 0.34.2 - [Release notes](https://github.com/lovell/sharp/releases) - [Commits](lovell/sharp@v0.34.1...v0.34.2) Updates `sst` from 3.14.28 to 3.16.0 - [Release notes](https://github.com/sst/sst/releases) - [Changelog](https://github.com/sst/sst/blob/dev/.goreleaser.yml) - [Commits](anomalyco/sst@v3.14.28...v3.16.0) Updates `astro` from 5.7.13 to 5.8.0 - [Release notes](https://github.com/withastro/astro/releases) - [Changelog](https://github.com/withastro/astro/blob/main/packages/astro/CHANGELOG.md) - [Commits](https://github.com/withastro/astro/commits/astro@5.8.0/packages/astro) Updates `@astrojs/node` from 9.2.1 to 9.2.2 - [Release notes](https://github.com/withastro/astro/releases) - [Changelog](https://github.com/withastro/astro/blob/main/packages/integrations/node/CHANGELOG.md) - [Commits](https://github.com/withastro/astro/commits/@astrojs/node@9.2.2/packages/integrations/node) --- updated-dependencies: - dependency-name: sharp dependency-version: 0.34.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-deps - dependency-name: sst dependency-version: 3.16.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-deps - dependency-name: astro dependency-version: 5.8.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-deps - dependency-name: "@astrojs/node" dependency-version: 9.2.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-deps ... Signed-off-by: dependabot[bot] <support@github.com>

…deps-2e0699381c chore(deps): bump the prod-deps group with 4 updates

…dates Bumps the dev-deps group with 2 updates in the / directory: [@biomejs/biome](https://github.com/biomejs/biome/tree/HEAD/packages/@biomejs/biome) and [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite). Updates `@biomejs/biome` from 1.9.4 to 2.0.6 - [Release notes](https://github.com/biomejs/biome/releases) - [Changelog](https://github.com/biomejs/biome/blob/main/packages/@biomejs/biome/CHANGELOG.md) - [Commits](https://github.com/biomejs/biome/commits/@biomejs/biome@2.0.6/packages/@biomejs/biome) Updates `@moonrepo/cli` from 1.36.2 to 1.38.0 - [Release notes](https://github.com/moonrepo/moon/releases) - [Changelog](https://github.com/moonrepo/moon/blob/master/CHANGELOG.md) - [Commits](https://github.com/moonrepo/moon/commits/@moonrepo/cli@1.38.0/packages/cli) Updates `@vitest/coverage-v8` from 3.1.4 to 3.2.4 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Commits](https://github.com/vitest-dev/vitest/commits/v3.2.4/packages/coverage-v8) Updates `vitest` from 3.1.4 to 3.2.4 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Commits](https://github.com/vitest-dev/vitest/commits/v3.2.4/packages/vitest) Updates `@astrojs/starlight` from 0.34.3 to 0.34.4 - [Release notes](https://github.com/withastro/starlight/releases) - [Changelog](https://github.com/withastro/starlight/blob/main/packages/starlight/CHANGELOG.md) - [Commits](https://github.com/withastro/starlight/commits/@astrojs/starlight@0.34.4/packages/starlight) Updates `@types/node` from 22.15.21 to 22.15.34 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `rollup` from 4.41.1 to 4.44.1 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.41.1...v4.44.1) Updates `vite` from 6.3.5 to 7.0.0 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/create-vite@7.0.0/packages/vite) --- updated-dependencies: - dependency-name: "@biomejs/biome" dependency-version: 2.0.6 dependency-type: direct:development update-type: version-update:semver-major dependency-group: dev-deps - dependency-name: "@moonrepo/cli" dependency-version: 1.38.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-deps - dependency-name: "@vitest/coverage-v8" dependency-version: 3.2.4 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-deps - dependency-name: vitest dependency-version: 3.2.4 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-deps - dependency-name: "@astrojs/starlight" dependency-version: 0.34.4 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-deps - dependency-name: "@types/node" dependency-version: 22.15.34 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-deps - dependency-name: rollup dependency-version: 4.44.1 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-deps - dependency-name: vite dependency-version: 7.0.0 dependency-type: direct:development update-type: version-update:semver-major dependency-group: dev-deps ... Signed-off-by: dependabot[bot] <support@github.com>

…eps-241c0f6dba chore(deps-dev): bump the dev-deps group across 1 directory with 8 updates

--- updated-dependencies: - dependency-name: "@biomejs/biome" dependency-version: 2.1.2 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-deps - dependency-name: "@moonrepo/cli" dependency-version: 1.38.6 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-deps - dependency-name: "@astrojs/starlight" dependency-version: 0.34.8 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-deps - dependency-name: "@types/node" dependency-version: 22.16.5 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-deps - dependency-name: rollup dependency-version: 4.45.1 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-deps - dependency-name: vite dependency-version: 7.0.5 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-deps ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps the prod-deps group with 4 updates: [sharp](https://github.com/lovell/sharp), [sst](https://github.com/sst/sst), [astro](https://github.com/withastro/astro/tree/HEAD/packages/astro) and [@astrojs/node](https://github.com/withastro/astro/tree/HEAD/packages/integrations/node). Updates `sharp` from 0.34.2 to 0.34.3 - [Release notes](https://github.com/lovell/sharp/releases) - [Commits](lovell/sharp@v0.34.2...v0.34.3) Updates `sst` from 3.17.8 to 3.17.10 - [Release notes](https://github.com/sst/sst/releases) - [Changelog](https://github.com/sst/sst/blob/dev/.goreleaser.yml) - [Commits](anomalyco/sst@v3.17.8...v3.17.10) Updates `astro` from 5.10.1 to 5.12.0 - [Release notes](https://github.com/withastro/astro/releases) - [Changelog](https://github.com/withastro/astro/blob/main/packages/astro/CHANGELOG.md) - [Commits](https://github.com/withastro/astro/commits/astro@5.12.0/packages/astro) Updates `@astrojs/node` from 9.2.2 to 9.3.0 - [Release notes](https://github.com/withastro/astro/releases) - [Changelog](https://github.com/withastro/astro/blob/main/packages/integrations/node/CHANGELOG.md) - [Commits](https://github.com/withastro/astro/commits/@astrojs/node@9.3.0/packages/integrations/node) --- updated-dependencies: - dependency-name: sharp dependency-version: 0.34.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-deps - dependency-name: sst dependency-version: 3.17.10 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-deps - dependency-name: astro dependency-version: 5.12.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-deps - dependency-name: "@astrojs/node" dependency-version: 9.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-deps ... Signed-off-by: dependabot[bot] <support@github.com>

…eps-ef6223e9c5 chore(deps-dev): bump the dev-deps group with 6 updates

Signed-off-by: Daniel Smith <31456567+smithcoin@users.noreply.github.com>

…deps-61f71098e3 chore(deps): bump the prod-deps group with 4 updates

Bumps the prod-deps group with 1 update in the / directory: [sharp](https://github.com/lovell/sharp). Updates `sharp` from 0.34.2 to 0.34.3 - [Release notes](https://github.com/lovell/sharp/releases) - [Commits](lovell/sharp@v0.34.2...v0.34.3) Updates `astro` from 5.12.0 to 5.12.2 - [Release notes](https://github.com/withastro/astro/releases) - [Changelog](https://github.com/withastro/astro/blob/main/packages/astro/CHANGELOG.md) - [Commits](https://github.com/withastro/astro/commits/astro@5.12.2/packages/astro) --- updated-dependencies: - dependency-name: sharp dependency-version: 0.34.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-deps - dependency-name: astro dependency-version: 5.12.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-deps ... Signed-off-by: dependabot[bot] <support@github.com>

…deps-03c511d8f3 chore(deps): bump the prod-deps group across 1 directory with 2 updates

pnpm update recursive

Bumps the prod-deps-security group with 1 update: [astro](https://github.com/withastro/astro/tree/HEAD/packages/astro). Updates `astro` from 5.12.3 to 5.12.8 - [Release notes](https://github.com/withastro/astro/releases) - [Changelog](https://github.com/withastro/astro/blob/main/packages/astro/CHANGELOG.md) - [Commits](https://github.com/withastro/astro/commits/astro@5.12.8/packages/astro) --- updated-dependencies: - dependency-name: astro dependency-version: 5.12.8 dependency-type: direct:production dependency-group: prod-deps-security ... Signed-off-by: dependabot[bot] <support@github.com>

…deps-security-4ff975fab0 chore(deps): bump astro from 5.12.3 to 5.12.8 in the prod-deps-security group

Bumps the prod-deps group with 2 updates: [astro](https://github.com/withastro/astro/tree/HEAD/packages/astro) and [@astrojs/node](https://github.com/withastro/astro/tree/HEAD/packages/integrations/node). Updates `astro` from 5.12.8 to 5.12.9 - [Release notes](https://github.com/withastro/astro/releases) - [Changelog](https://github.com/withastro/astro/blob/main/packages/astro/CHANGELOG.md) - [Commits](https://github.com/withastro/astro/commits/astro@5.12.9/packages/astro) Updates `@astrojs/node` from 9.3.3 to 9.4.0 - [Release notes](https://github.com/withastro/astro/releases) - [Changelog](https://github.com/withastro/astro/blob/main/packages/integrations/node/CHANGELOG.md) - [Commits](https://github.com/withastro/astro/commits/@astrojs/node@9.4.0/packages/integrations/node) --- updated-dependencies: - dependency-name: astro dependency-version: 5.12.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-deps - dependency-name: "@astrojs/node" dependency-version: 9.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-deps ... Signed-off-by: dependabot[bot] <support@github.com>

…deps-d40ee1323f chore(deps): bump the prod-deps group with 2 updates

socket-security · 2025-08-18T15:21:05Z

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Package	Supply Chain Security	Vulnerability	Quality	Maintenance
astro-sst@2.43.5 ⏵ 3.1.4	⁺²		^-31	⁺³
sst@3.2.73 ⏵ 3.17.13	⁺¹		⁺¹	⁺³
@vitest/coverage-v8@2.1.4 ⏵ 3.2.4			⁺¹	^-1
vitest@2.1.4 ⏵ 3.2.4		⁺⁷⁵		⁺²
rollup-plugin-esbuild@6.1.1 ⏵ 6.2.1
@types/node@22.8.6 ⏵ 22.18.1	⁺¹		⁺¹	^-1
get-tsconfig@4.8.1 ⏵ 4.10.1	⁺¹		⁺¹
publint@0.2.12 ⏵ 0.3.12			^-18
@astrojs/node@8.3.4 ⏵ 9.4.3		⁺⁹	⁺¹	⁺²
vite@5.4.10 ⏵ 7.1.5	⁺³	⁺¹⁷
rollup-plugin-dts@6.1.1 ⏵ 6.2.3	⁺¹		⁺¹
sharp@0.33.5 ⏵ 0.34.3			⁺¹
@astrojs/starlight@0.28.5 ⏵ 0.35.2			⁺¹	^-1
astro@4.16.8 ⏵ 5.13.7		⁺²⁵
typescript@5.6.3 ⏵ 5.9.2	⁺¹		⁺¹
@moonrepo/cli@1.29.3 ⏵ 1.40.2	⁺¹⁰		⁺¹
rollup@4.24.3 ⏵ 4.50.1
@biomejs/biome@1.9.4 ⏵ 2.2.4	⁺⁷

View full report

Bumps the prod-deps-security group with 1 update: [@astrojs/node](https://github.com/withastro/astro/tree/HEAD/packages/integrations/node). Updates `@astrojs/node` from 9.3.3 to 9.4.1 - [Release notes](https://github.com/withastro/astro/releases) - [Changelog](https://github.com/withastro/astro/blob/main/packages/integrations/node/CHANGELOG.md) - [Commits](https://github.com/withastro/astro/commits/@astrojs/node@9.4.1/packages/integrations/node) --- updated-dependencies: - dependency-name: "@astrojs/node" dependency-version: 9.4.1 dependency-type: direct:production dependency-group: prod-deps-security ... Signed-off-by: dependabot[bot] <support@github.com>

…deps-security-4e55af2ad6 chore(deps): bump @astrojs/node from 9.3.3 to 9.4.1 in the prod-deps-security group

Bumps the prod-deps group with 1 update in the / directory: [sst](https://github.com/sst/sst). Updates `sst` from 3.17.10 to 3.17.12 - [Release notes](https://github.com/sst/sst/releases) - [Changelog](https://github.com/sst/sst/blob/dev/.goreleaser.yml) - [Commits](anomalyco/sst@v3.17.10...v3.17.12) Updates `astro` from 5.13.2 to 5.13.5 - [Release notes](https://github.com/withastro/astro/releases) - [Changelog](https://github.com/withastro/astro/blob/main/packages/astro/CHANGELOG.md) - [Commits](https://github.com/withastro/astro/commits/astro@5.13.5/packages/astro) Updates `@astrojs/node` from 9.4.1 to 9.4.3 - [Release notes](https://github.com/withastro/astro/releases) - [Changelog](https://github.com/withastro/astro/blob/main/packages/integrations/node/CHANGELOG.md) - [Commits](https://github.com/withastro/astro/commits/@astrojs/node@9.4.3/packages/integrations/node) --- updated-dependencies: - dependency-name: sst dependency-version: 3.17.12 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-deps - dependency-name: astro dependency-version: 5.13.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-deps - dependency-name: "@astrojs/node" dependency-version: 9.4.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-deps ... Signed-off-by: dependabot[bot] <support@github.com>

…deps-6b054c7edb chore(deps): bump the prod-deps group across 1 directory with 3 updates

Bumps the dev-deps-security group with 1 update in the / directory: [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite). Updates `vite` from 7.1.2 to 7.1.5 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v7.1.5/packages/vite) --- updated-dependencies: - dependency-name: vite dependency-version: 7.1.5 dependency-type: direct:development dependency-group: dev-deps-security ... Signed-off-by: dependabot[bot] <support@github.com>

…eps-security-f5c1666f0c chore(deps-dev): bump vite from 7.1.2 to 7.1.5 in the dev-deps-security group across 1 directory

socket-security · 2025-09-11T20:39:30Z

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert (click "▶" to expand/collapse)
Warn		`buffer@4.9.2` has Obfuscated code. Confidence: 0.96 Location: Package overview From: pnpm-lock.yaml → `npm/sst@3.17.13` → `npm/buffer@4.9.2` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/buffer@4.9.2`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		`safer-buffer@2.1.2` has Obfuscated code. Confidence: 0.94 Location: Package overview From: pnpm-lock.yaml → `npm/sst@3.17.13` → `npm/safer-buffer@2.1.2` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/safer-buffer@2.1.2`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

Bumps the dev-deps group with 1 update in the / directory: [@astrojs/starlight](https://github.com/withastro/starlight/tree/HEAD/packages/starlight). Updates `@astrojs/starlight` from 0.34.8 to 0.35.2 - [Release notes](https://github.com/withastro/starlight/releases) - [Changelog](https://github.com/withastro/starlight/blob/main/packages/starlight/CHANGELOG.md) - [Commits](https://github.com/withastro/starlight/commits/@astrojs/starlight@0.35.2/packages/starlight) --- updated-dependencies: - dependency-name: "@astrojs/starlight" dependency-version: 0.35.2 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-deps ... Signed-off-by: dependabot[bot] <support@github.com>

…eps-eb1e78499a chore(deps-dev): bump @astrojs/starlight from 0.34.8 to 0.35.2 in the dev-deps group across 1 directory

azat-io and others added 30 commits December 31, 2024 02:43

feat: add removeHtmlExtension option

074538e

fix: improve assets path resolution for static pages

a94ae62

fix: correct resource path resolution logic

46b85b5

Merge pull request #1 from rafalynch/main

25cf2cf

Apply #187

Merge pull request #2 from azat-io/feat/remove-html-ext

57f5ee5

feat: add `removeHtmlExtension` option

update deps

fdc5872

bump version

f0389a4

Merge pull request #3 from digitalmint/update-deps

e46401b

update deps

bump versions

b05d79a

bump versions

753fbec

Merge pull request #4 from digitalmint/upgrade-deps

57196dc

Upgrade deps

bump versions

69228f4

Merge pull request #8 from digitalmint/recursive-update

b5d4994

bump versions

Merge pull request #9 from digitalmint/dependabot/npm_and_yarn/dev-de…

b71f2dc

…ps-security-de653eece3 chore(deps-dev): bump vite from 6.3.3 to 6.3.4 in the dev-deps-security group

Merge pull request #12 from digitalmint/dependabot/npm_and_yarn/dev-d…

63761ab

…eps-0eb56ae30e chore(deps-dev): bump the dev-deps group across 1 directory with 7 updates

Merge pull request #14 from digitalmint/dependabot/npm_and_yarn/prod-…

597d4b3

…deps-2fc0133869 chore(deps): bump the prod-deps group with 3 updates

Merge branch 'main' into dependabot/npm_and_yarn/dev-deps-65856f17b0

d03d3cd

Signed-off-by: Daniel Smith <31456567+smithcoin@users.noreply.github.com>

Merge pull request #15 from digitalmint/dependabot/npm_and_yarn/dev-d…

e531ebf

…eps-65856f17b0 chore(deps-dev): bump the dev-deps group across 1 directory with 3 updates

Merge pull request #17 from digitalmint/dependabot/npm_and_yarn/prod-…

99aa971

…deps-2e0699381c chore(deps): bump the prod-deps group with 4 updates

Merge pull request #22 from digitalmint/dependabot/npm_and_yarn/dev-d…

0fb65fa

…eps-241c0f6dba chore(deps-dev): bump the dev-deps group across 1 directory with 8 updates

Merge pull request #26 from digitalmint/dependabot/npm_and_yarn/dev-d…

8151599

…eps-ef6223e9c5 chore(deps-dev): bump the dev-deps group with 6 updates

Merge branch 'main' into dependabot/npm_and_yarn/prod-deps-61f71098e3

af6e70b

Signed-off-by: Daniel Smith <31456567+smithcoin@users.noreply.github.com>

smithcoin and others added 9 commits July 22, 2025 15:00

Merge pull request #27 from digitalmint/dependabot/npm_and_yarn/prod-…

6919792

…deps-61f71098e3 chore(deps): bump the prod-deps group with 4 updates

Merge pull request #28 from digitalmint/dependabot/npm_and_yarn/prod-…

027b58e

…deps-03c511d8f3 chore(deps): bump the prod-deps group across 1 directory with 2 updates

pnpm update recursive

4b7beff

Merge pull request #29 from digitalmint/deps

c195755

pnpm update recursive

Merge pull request #33 from digitalmint/dependabot/npm_and_yarn/prod-…

13ca59c

…deps-security-4ff975fab0 chore(deps): bump astro from 5.12.3 to 5.12.8 in the prod-deps-security group

Merge pull request #35 from digitalmint/dependabot/npm_and_yarn/prod-…

1e28796

…deps-d40ee1323f chore(deps): bump the prod-deps group with 2 updates

dependabot bot and others added 6 commits August 18, 2025 15:22

Merge pull request #37 from digitalmint/dependabot/npm_and_yarn/prod-…

a673e6e

…deps-security-4e55af2ad6 chore(deps): bump @astrojs/node from 9.3.3 to 9.4.1 in the prod-deps-security group

Merge pull request #42 from digitalmint/dependabot/npm_and_yarn/prod-…

ef6294f

…deps-6b054c7edb chore(deps): bump the prod-deps group across 1 directory with 3 updates

Merge pull request #44 from digitalmint/dependabot/npm_and_yarn/dev-d…

fde3825

…eps-security-f5c1666f0c chore(deps-dev): bump vite from 7.1.2 to 7.1.5 in the dev-deps-security group across 1 directory

dependabot bot and others added 2 commits September 11, 2025 20:40

Merge pull request #46 from digitalmint/dependabot/npm_and_yarn/dev-d…

c4683bb

…eps-eb1e78499a chore(deps-dev): bump @astrojs/starlight from 0.34.8 to 0.35.2 in the dev-deps group across 1 directory

digitalmint closed this by deleting the head repository Sep 11, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Sync Upstream#190

Sync Upstream#190
smithcoin wants to merge 47 commits intokindspells:mainfrom
digitalmint:main

smithcoin commented Apr 29, 2025

Uh oh!

socket-security bot commented Aug 18, 2025 •

edited

Loading

Uh oh!

socket-security bot commented Sep 11, 2025 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

Uh oh!

Conversation

smithcoin commented Apr 29, 2025

Uh oh!

socket-security bot commented Aug 18, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

socket-security bot commented Sep 11, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

socket-security bot commented Aug 18, 2025 •

edited

Loading

socket-security bot commented Sep 11, 2025 •

edited

Loading