Sync Upstream

.node-version

@@ -1 +1 @@
-22.9.0
+22.15.0

@kindspells/astro-shield/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@kindspells/astro-shield",
-	"version": "1.7.1",
+	"version": "1.8.0",
 	"description": "Astro integration to enhance your website's security with SubResource Integrity hashes, Content-Security-Policy headers, and other techniques.",
 	"private": false,
 	"type": "module",
@@ -27,7 +27,9 @@
 			"import": "./dist/*.mjs"
 		}
 	},
-	"files": ["dist/*"],
+	"files": [
+		"dist/*"
+	],
 	"scripts": {
 		"build": "moon run build",
 		"format": "biome format --write .",
@@ -63,15 +65,15 @@
 		"astro": "^4.0.0"
 	},
 	"devDependencies": {
-		"@types/node": "^22.8.6",
-		"astro": "^4.16.8",
-		"get-tsconfig": "^4.8.1",
-		"rollup": "^4.24.3",
-		"rollup-plugin-dts": "^6.1.1",
-		"rollup-plugin-esbuild": "^6.1.1",
-		"typescript": "^5.6.3",
-		"vite": "^5.4.10",
-		"vitest": "^2.1.4"
+		"@types/node": "^22.16.5",
+		"astro": "^5.12.9",
+		"get-tsconfig": "^4.10.1",
+		"rollup": "^4.45.1",
+		"rollup-plugin-dts": "^6.2.1",
+		"rollup-plugin-esbuild": "^6.2.1",
+		"typescript": "^5.8.3",
+		"vite": "^7.1.5",
+		"vitest": "^3.2.4"
 	},
 	"repository": {
 		"type": "git",
@@ -89,7 +91,7 @@
 			"url": "https://ko-fi.com/coderspirit"
 		}
 	],
-	"packageManager": "pnpm@9.11.0",
+	"packageManager": "pnpm@10.10.0",
 	"engines": {
 		"node": ">= 18.0.0"
 	},

@kindspells/astro-shield/src/core.mts

@@ -242,7 +242,13 @@ export const updateStaticPageSriHashes = async (
 							const updatedSrc = src.startsWith(base)
 								? src.replace(base, '')
 								: src
-							const resourcePath = resolve(distDir, `.${updatedSrc}`)
+
+							// Prepare a relative path for resolve - depending on a trailing slash on base above
+							// after removing it, updatedSrc may or may not start with a slash
+							const resourcePath = resolve(
+								distDir,
+								updatedSrc.startsWith('/') ? `.${updatedSrc}` : updatedSrc,
+							)
 							resourceContent = await readFile(resourcePath)
 						} else {
 							// TODO: should we remove the element?

@kindspells/astro-shield/src/e2e/fixtures/dynamic/package.json

@@ -10,8 +10,8 @@
 	},
 	"license": "MIT",
 	"dependencies": {
-		"@astrojs/node": "^8.3.4",
-		"astro": "^4.16.8"
+		"@astrojs/node": "^9.4.1",
+		"astro": "^5.12.9"
 	},
 	"devDependencies": {
 		"@kindspells/astro-shield": "workspace:*"

@kindspells/astro-shield/src/e2e/fixtures/hybrid/package.json

@@ -8,8 +8,8 @@
 	},
 	"license": "MIT",
 	"dependencies": {
-		"@astrojs/node": "^8.3.4",
-		"astro": "^4.16.8"
+		"@astrojs/node": "^9.4.1",
+		"astro": "^5.12.9"
 	},
 	"devDependencies": {
 		"@kindspells/astro-shield": "workspace:*"

@kindspells/astro-shield/src/e2e/fixtures/hybrid2/package.json

@@ -8,8 +8,8 @@
 	},
 	"license": "MIT",
 	"dependencies": {
-		"@astrojs/node": "^8.3.4",
-		"astro": "^4.16.8"
+		"@astrojs/node": "^9.4.1",
+		"astro": "^5.12.9"
 	},
 	"devDependencies": {
 		"@kindspells/astro-shield": "workspace:*"

@kindspells/astro-shield/src/e2e/fixtures/hybrid3/package.json

@@ -8,8 +8,8 @@
 	},
 	"license": "MIT",
 	"dependencies": {
-		"@astrojs/node": "^8.3.4",
-		"astro": "^4.16.8"
+		"@astrojs/node": "^9.4.1",
+		"astro": "^5.12.9"
 	},
 	"devDependencies": {
 		"@kindspells/astro-shield": "workspace:*"

@kindspells/astro-shield/src/e2e/fixtures/static/package.json

@@ -8,7 +8,7 @@
 	},
 	"license": "MIT",
 	"dependencies": {
-		"astro": "^4.16.8"
+		"astro": "^5.12.9"
 	},
 	"devDependencies": {
 		"@kindspells/astro-shield": "workspace:*"

@kindspells/astro-shield/src/netlify.mts

@@ -459,5 +459,13 @@ export const patchNetlifyHeadersConfig = async (
 
 	const mergedConfig = mergeNetlifyHeadersConfig(baseConfig, patchConfig)
 
+	if (securityHeadersOptions.removeHtmlExtension) {
+		for (const entry of mergedConfig.entries) {
+			if (typeof entry === 'object' && 'path' in entry) {
+				entry.path = entry.path.replace(/\.html$/, '')
+			}
+		}
+	}
+
 	await writeFile(configPath, serializeNetlifyHeadersConfig(mergedConfig))
 }

@kindspells/astro-shield/src/types.mts

@@ -129,6 +129,13 @@ export type SecurityHeadersOptions = {
 	 * Defaults to `undefined`.
 	 */
 	contentSecurityPolicy?: CSPOptions | undefined
+
+	/**
+	 * - If set, it will remove the `.html` extension from the URLs.
+	 * 
+	 * Defaults to `false`.
+	 */
+	removeHtmlExtension?: boolean
 }
 
 export type ShieldOptions = {

@kindspells/astro-shield/src/vercel.mts

@@ -159,5 +159,12 @@ export const patchVercelHeadersConfig = async (
 
 	const mergedConfig = mergeVercelConfig(baseConfig, patchConfig)
 
+	if (securityHeadersOptions.removeHtmlExtension) {
+		for (const route of mergedConfig.routes ?? []) {
+			if (route.src.endsWith('.html'))
+				route.src = route.src.slice(0, -5)
+		}
+	}
+
 	await writeFile(configPath, serializeVercelConfig(mergedConfig))
 }

docs/package.json

@@ -11,16 +11,16 @@
 		"start": "astro dev"
 	},
 	"dependencies": {
-		"astro-sst": "^2.43.5",
-		"sharp": "0.33.5",
-		"sst": "^3.2.73"
+		"astro-sst": "^3.1.4",
+		"sharp": "0.34.3",
+		"sst": "^3.17.12"
 	},
 	"devDependencies": {
 		"@astrojs/check": "^0.9.4",
-		"@astrojs/starlight": "^0.28.5",
+		"@astrojs/starlight": "^0.35.2",
 		"@astrojs/ts-plugin": "^1.10.4",
 		"@kindspells/astro-shield": "workspace:^",
-		"astro": "^4.16.8",
-		"typescript": "^5.6.3"
+		"astro": "^5.12.9",
+		"typescript": "^5.8.3"
 	}
 }

docs/src/content/docs/reference/configuration.mdx

@@ -199,3 +199,9 @@ Type: `object | undefined`, defaults to `undefined`.
 
 Possible values are:
 - `'netlify'`: Generate the security headers for static content on Netlify.
+
+#### `securityHeaders.removeHtmlExtension`
+
+If set, it will remove the `.html` extension from the URLs.
+
+Type: `boolean`, defaults to `false`.

docs/src/content/docs/ru/reference/configuration.mdx

@@ -103,7 +103,7 @@ Content-Security-Policy (CSP) для динамического контента
 
 ### `sri.hashesModule`
 
-Указывает путь к автоматически сгенерированному модулю, который содержит и 
+Указывает путь к автоматически сгенерированному модулю, который содержит и
 кспортирует хеши SRI, вычисленные Astro-Shield для нашего контента.
 
 Мы можем импортировать этот модуль в наш собственный код, если нам нужно
@@ -201,3 +201,10 @@ Content-Security-Policy (CSP) для статического и/или дина
 
 Возможные значения:
 - `'netlify'`: генерировать заголовки безопасности для статического контента на Netlify.
+
+#### `securityHeaders.removeHtmlExtension`
+
+Если установлено, то Astro-Shield будет удалять расширение `.html` из
+URL-адресов.
+
+Тип: `boolean`, defaults to `false`.

package.json

@@ -1,7 +1,7 @@
 {
 	"name": "@kindspells/root",
 	"private": true,
-	"version": "1.0.0",
+	"version": "1.0.2",
 	"license": "MIT",
 	"contributors": [
 		{
@@ -10,21 +10,23 @@
 		}
 	],
 	"devDependencies": {
-		"@biomejs/biome": "^1.9.4",
-		"@moonrepo/cli": "^1.29.3",
-		"@vitest/coverage-v8": "^2.1.4",
-		"publint": "^0.2.12",
-		"vitest": "^2.1.4"
+		"@biomejs/biome": "^2.1.2",
+		"@moonrepo/cli": "^1.38.6",
+		"@vitest/coverage-v8": "^3.2.4",
+		"publint": "^0.3.12",
+		"vitest": "^3.2.4"
 	},
 	"engines": {
 		"node": ">= 22.9.0"
 	},
-	"packageManager": "pnpm@9.12.0",
+	"packageManager": "pnpm@10.10.0",
 	"scripts": {
 		"format": "biome format --write .",
 		"install-githooks": "if [ -d .git ]; then git config core.hooksPath .hooks; fi"
 	},
 	"pnpm": {
-		"onlyBuiltDependencies": ["@moonrepo/cli"]
+		"onlyBuiltDependencies": [
+			"@moonrepo/cli"
+		]
 	}
 }