build(deps): bump the production-dependencies group across 1 directory with 8 updates

[dependabot]

Bumps the production-dependencies group with 8 updates in the / directory:

Package	From	To
@astrojs/react	3.6.2	4.1.2
@astrojs/rss	4.0.7	4.0.10
@astrojs/sitemap	3.1.6	3.2.1
@astrojs/tailwind	5.1.1	5.1.4
astro	4.15.9	5.1.1
rollup	4.22.5	4.29.1
sanitize-html	2.13.0	2.14.0
tailwindcss	3.4.13	3.4.17

Updates @astrojs/react from 3.6.2 to 4.1.2

Release notes

Sourced from @​astrojs/react's releases.

@​astrojs/react@​4.1.2

Patch Changes

• #12799 739dbfb Thanks @​ascorbic! - Upgrades Vite to pin esbuild

@​astrojs/react@​4.1.1

Patch Changes

• #12755 391df0e Thanks @​matthewp! - Preoptimize React compiler runtime

@​astrojs/react@​4.1.0

Minor Changes

• #12678 97c9265 Thanks @​bskimball! - Add React 19 stable to peer dependencies

@​astrojs/react@​4.0.0

Major Changes

• #12524 9f44019 Thanks @​bluwy! - Updates Vite dependency to v6 to match Astro v5

Minor Changes

• #12539 827093e Thanks @​bluwy! - Drops node 21 support

• #12510 14feaf3 Thanks @​bholmesdev! - Changes the generated URL query param from _astroAction to _action when submitting a form using Actions. This avoids leaking the framework name into the URL bar, which may be considered a security issue.

@​astrojs/react@​4.0.0-beta.2

Major Changes

• #12524 9f44019 Thanks @​bluwy! - Updates Vite dependency to v6 to match Astro v5

Minor Changes

• #12539 827093e Thanks @​bluwy! - Drops node 21 support

@​astrojs/react@​3.7.0-beta.1

Minor Changes

• #12510 14feaf3 Thanks @​bholmesdev! - Changes the generated URL query param from _astroAction to _action when submitting a form using Actions. This avoids leaking the framework name into the URL bar, which may be considered a security issue.

@​astrojs/react@​3.6.3

Patch Changes

• #12481 8a46e80 Thanks @​marbrex! - Resolve vite peer dependency problem for strict package managers like Yarn in PnP mode.

@​astrojs/react@​3.6.3-beta.0

Patch Changes

• #12481 8a46e80 Thanks @​marbrex! - Resolve vite peer dependency problem for strict package managers like Yarn in PnP mode.

Changelog

Sourced from @​astrojs/react's changelog.

4.1.2

Patch Changes

• #12799 739dbfb Thanks @​ascorbic! - Upgrades Vite to pin esbuild

4.1.1

Patch Changes

• #12755 391df0e Thanks @​matthewp! - Preoptimize React compiler runtime

4.1.0

Minor Changes

• #12678 97c9265 Thanks @​bskimball! - Add React 19 stable to peer dependencies

4.0.0

Major Changes

• #12524 9f44019 Thanks @​bluwy! - Updates Vite dependency to v6 to match Astro v5

Minor Changes

• #12539 827093e Thanks @​bluwy! - Drops node 21 support

• #12510 14feaf3 Thanks @​bholmesdev! - Changes the generated URL query param from _astroAction to _action when submitting a form using Actions. This avoids leaking the framework name into the URL bar, which may be considered a security issue.

4.0.0-beta.2

Major Changes

• #12524 9f44019 Thanks @​bluwy! - Updates Vite dependency to v6 to match Astro v5

Minor Changes

• #12539 827093e Thanks @​bluwy! - Drops node 21 support

3.7.0-beta.1

Minor Changes

• #12510 14feaf3 Thanks @​bholmesdev! - Changes the generated URL query param from _astroAction to _action when submitting a form using Actions. This avoids leaking the framework name into the URL bar, which may be considered a security issue.

3.6.3

Patch Changes

... (truncated)

Commits

• 5f4c543 [ci] release (#12790)
• 739dbfb fix(deps): upgrade Vite (#12799)
• a44cfb8 [ci] release (#12753)
• 75de4a8 [ci] format
• 0ac0f25 fix: add support for react-compiler-runtime (#12735)
• 929ce28 [ci] release (#12698)
• 97c9265 Add React 19 stable as peer dependency for React integration (#12678)
• fcdd37f [ci] release (#12567)
• 218267c [ci] release (beta) (#12534)
• 2da81e5 Merge branch 'main' into next
• Additional commits viewable in compare view

Updates @astrojs/rss from 4.0.7 to 4.0.10

Release notes

Sourced from @​astrojs/rss's releases.

@​astrojs/rss@​4.0.10

Patch Changes

• #12644 5b9b618 Thanks @​kunyan! - Sends the standard RSS content type response header, with UTF-8 charset

Changelog

Sourced from @​astrojs/rss's changelog.

4.0.10

Patch Changes

• #12644 5b9b618 Thanks @​kunyan! - Sends the standard RSS content type response header, with UTF-8 charset

4.0.9

Patch Changes

• #12157 925cff3 Thanks @​bholmesdev! - Improves README configuration reference.

4.0.8

Patch Changes

• #12137 50dd88b Thanks @​ArmandPhilippot! - Fixes an error that occurred when the optional pubDate property was missing in an item.

• #12137 50dd88b Thanks @​ArmandPhilippot! - Fixes an error where docs incorrectly stated the title, link and pubDate properties of RSS items was required.

Commits

• a5b1735 [ci] release (#12617)
• 5b9b618 fix(@​astrojs/rss): use standard rss content type, add utf-8 charset (#12644)
• cec4af8 Add publint checks (#12445)
• 5a4edeb [ci] release (#12234)
• 67bb22e [ci] format
• 925cff3 Improved rss readme (#12157)
• 582f12e [ci] release (#12148)
• 2a1536d chore: move lint rules to Biome (#12145)
• 50dd88b fix(@​astrojs/rss): prevent an error when pubDate is missing (#12137)
• a46839a docs: update Vite links to use their new domain (#12117)
• Additional commits viewable in compare view

Updates @astrojs/sitemap from 3.1.6 to 3.2.1

Release notes

Sourced from @​astrojs/sitemap's releases.

@​astrojs/prism@​3.2.0

Minor Changes

• #12539 827093e Thanks @​bluwy! - Drops node 21 support

@​astrojs/telemetry@​3.2.0

Minor Changes

• #12539 827093e Thanks @​bluwy! - Drops node 21 support

@​astrojs/prism@​3.2.0-beta.0

Minor Changes

• #12539 827093e Thanks @​bluwy! - Drops node 21 support

@​astrojs/telemetry@​3.2.0-beta.0

Minor Changes

• #12539 827093e Thanks @​bluwy! - Drops node 21 support

Changelog

Sourced from @​astrojs/sitemap's changelog.

3.2.1

Patch Changes

• #12156 07754f5 Thanks @​mingjunlu! - Adds missing xslURL property to SitemapOptions type.

3.2.0

Minor Changes

• #11485 fbe1bc5 Thanks @​sondr3! - Adds new xslURL option to enable styling of sitemaps

Commits

• 6df5bba [ci] release (#12225)
• 07754f5 fix(sitemap): add missing xslURL property to SitemapOptions type (#12156)
• 34d7952 [ci] release (#12098)
• fbe1bc5 feat(sitemap): add xslURL to enable styling (#11485)
• 11ebf3b chore: move node and vercel to adapters repo (#11866)
• 87ce238 [ci] format
• 70945dd refactor: enforce node prefix (#11723)
• 72c7ae9 update formatter config (#11640)
• 87c179a chore: bump @​typescript-eslint/no-unused-vars to error internally (#11173)
• edd35d3 fix(deps): update dependency sitemap to v8 (#11321)
• See full diff in compare view

Updates @astrojs/tailwind from 5.1.1 to 5.1.4

Release notes

Sourced from @​astrojs/tailwind's releases.

@​astrojs/tailwind@​5.1.4

Patch Changes

• #12799 739dbfb Thanks @​ascorbic! - Upgrades Vite to pin esbuild

@​astrojs/tailwind@​5.1.3

Patch Changes

• #12594 4f2fd0a Thanks @​Princesseuh! - Fixes compatibility with Astro 5

Changelog

Sourced from @​astrojs/tailwind's changelog.

5.1.4

Patch Changes

• #12799 739dbfb Thanks @​ascorbic! - Upgrades Vite to pin esbuild

5.1.3

Patch Changes

• #12594 4f2fd0a Thanks @​Princesseuh! - Fixes compatibility with Astro 5

6.0.0-alpha.0

Patch Changes

• Updated dependencies [b6fbdaa, 89bab1e, d74617c, e90f559, 2df49a6, 8a53517]:
  • [email protected]

5.1.2

Patch Changes

• #12161 8e500f2 Thanks @​delucis! - Adds keywords to package.json to improve categorization in the Astro integrations catalog

6.0.0-alpha.0

Patch Changes

• Updated dependencies [b6fbdaa, 89bab1e, d74617c, e90f559, 2df49a6, 8a53517]:
  • [email protected]

Commits

• 5f4c543 [ci] release (#12790)
• 739dbfb fix(deps): upgrade Vite (#12799)
• 901c21f test: make tailwind test more stable (#12732)
• 7a02982 [ci] release (#12595)
• 4f2fd0a fix: cleanup peer deps ranges (#12594)
• 9f44019 Update Vite to 6.0.0 (#12524)
• 285c6e3 chore: merge fixes
• cec4af8 Add publint checks (#12445)
• c280655 Update to Vite 6.0.0-beta.6 (#12323)
• ecc4402 fix(deps): update all non-major dependencies (#12316)
• Additional commits viewable in compare view

Updates astro from 4.15.9 to 5.1.1

Release notes

Sourced from astro's releases.

[email protected]

Patch Changes

• #12782 f3d8385 Thanks @​fhiromasa! - update comment in packages/astro/src/types/public/common.ts

• #12789 f632b94 Thanks @​ascorbic! - Pass raw frontmatter to remark plugins in glob loader

• #12799 739dbfb Thanks @​ascorbic! - Upgrades Vite to pin esbuild

[email protected]

Minor Changes

• #12441 b4fec3c Thanks @​ascorbic! - Adds experimental session support

  Sessions are used to store user state between requests for server-rendered pages, such as login status, shopping cart contents, or other user-specific data.

  ---
  export const prerender = false; // Not needed in 'server' mode
  const cart = await Astro.session.get('cart');
  ---
  <a href="/checkout">🛒 {cart?.length ?? 0} items</a>

  Sessions are available in on-demand rendered/SSR pages, API endpoints, actions and middleware. To enable session support, you must configure a storage driver.

  If you are using the Node.js adapter, you can use the fs driver to store session data on the filesystem:

  // astro.config.mjs
  {
    adapter: node({ mode: 'standalone' }),
    experimental: {
      session: {
        // Required: the name of the unstorage driver
        driver: "fs",
      },
    },
  }

  If you are deploying to a serverless environment, you can use drivers such as redis, netlify-blobs, vercel-kv, or cloudflare-kv-binding and optionally pass additional configuration options.

  For more information, including using the session API with other adapters and a full list of supported drivers, see the docs for experimental session support. For even more details, and to leave feedback and participate in the development of this feature, the Sessions RFC.

• #12426 3dc02c5 Thanks @​oliverlynch! - Improves asset caching of remote images

  Astro will now store entity tags and the Last-Modified date for cached remote images and use them to revalidate the cache when it goes stale.

... (truncated)

Changelog

Sourced from astro's changelog.

5.1.1

Patch Changes

• #12782 f3d8385 Thanks @​fhiromasa! - update comment in packages/astro/src/types/public/common.ts

• #12789 f632b94 Thanks @​ascorbic! - Pass raw frontmatter to remark plugins in glob loader

• #12799 739dbfb Thanks @​ascorbic! - Upgrades Vite to pin esbuild

5.1.0

Minor Changes

• #12441 b4fec3c Thanks @​ascorbic! - Adds experimental session support

  Sessions are used to store user state between requests for server-rendered pages, such as login status, shopping cart contents, or other user-specific data.

  ---
  export const prerender = false; // Not needed in 'server' mode
  const cart = await Astro.session.get('cart');
  ---
  <a href="/checkout">🛒 {cart?.length ?? 0} items</a>

  Sessions are available in on-demand rendered/SSR pages, API endpoints, actions and middleware. To enable session support, you must configure a storage driver.

  If you are using the Node.js adapter, you can use the fs driver to store session data on the filesystem:

  // astro.config.mjs
  {
    adapter: node({ mode: 'standalone' }),
    experimental: {
      session: {
        // Required: the name of the unstorage driver
        driver: "fs",
      },
    },
  }

  If you are deploying to a serverless environment, you can use drivers such as redis, netlify-blobs, vercel-kv, or cloudflare-kv-binding and optionally pass additional configuration options.

  For more information, including using the session API with other adapters and a full list of supported drivers, see the docs for experimental session support. For even more details, and to leave feedback and participate in the development of this feature, the Sessions RFC.

• #12426 3dc02c5 Thanks @​oliverlynch! - Improves asset caching of remote images

... (truncated)

Commits

• 5f4c543 [ci] release (#12790)
• 739dbfb fix(deps): upgrade Vite (#12799)
• f3d8385 update comment in packages/astro/src/types/public/common.ts (#12782)
• 49cc5d7 [ci] format
• f632b94 fix: pass raw frontmatter to when parsing markdown in glob loader (#12789)
• 5e9d1bc chore: move files to .mjs (#12765)
• 73b6c8b chore: fix links in session errors (#12787)
• 3f557b2 [ci] release (#12762)
• 4353fc5 fix: correctly return 404.astro in i18n (#12764)
• 45005a5 [ci] format
• Additional commits viewable in compare view

Updates rollup from 4.22.5 to 4.29.1

Release notes

Sourced from rollup's releases.

v4.29.1

4.29.1

2024-12-21

Bug Fixes

• Fix crash from deoptimized logical expressions (#5771)

Pull Requests

• #5769: Remove unnecessary lifetimes (@​lukastaegert)
• #5771: fix: do not optimize the literal value if the cache is deoptimized (@​TrickyPi)

v4.29.0

4.29.0

2024-12-20

Features

• Treat objects as truthy and always check second argument to better simplify logical expressions (#5763)

Pull Requests

• #5759: docs: add utf-8 encoding to JSON file reading (@​chouchouji)
• #5760: fix(deps): lock file maintenance minor/patch updates (@​renovate[bot])
• #5763: fix: introduce UnknownFalsyValue for enhancing if statement tree-shaking (@​TrickyPi)
• #5766: chore(deps): update dependency @​rollup/plugin-node-resolve to v16 (@​renovate[bot])
• #5767: fix(deps): lock file maintenance minor/patch updates (@​renovate[bot])

v4.28.1

4.28.1

2024-12-06

Bug Fixes

• Support running Rollup natively on LoongArch (#5749)
• Add optional debugId to SourceMap types (#5751)

Pull Requests

• #5749: feat: add support for LoongArch (@​darkyzhou)
• #5751: feat: Add debugId to SourceMap types (@​timfish, @​lukastaegert)
• #5752: chore(deps): update dependency mocha to v11 (@​renovate[bot])
• #5753: chore(deps): update dependency vite to v6 (@​renovate[bot])
• #5754: fix(deps): update swc monorepo (major) (@​renovate[bot])
• #5755: chore(deps): lock file maintenance minor/patch updates (@​renovate[bot])
• #5756: Test if saving the Cargo cache can speed up FreeBSD (@​lukastaegert)

... (truncated)

Changelog

Sourced from rollup's changelog.

4.29.1

2024-12-21

Bug Fixes

• Fix crash from deoptimized logical expressions (#5771)

Pull Requests

• #5769: Remove unnecessary lifetimes (@​lukastaegert)
• #5771: fix: do not optimize the literal value if the cache is deoptimized (@​TrickyPi)

4.29.0

2024-12-20

Features

• Treat objects as truthy and always check second argument to better simplify logical expressions (#5763)

Pull Requests

• #5759: docs: add utf-8 encoding to JSON file reading (@​chouchouji)
• #5760: fix(deps): lock file maintenance minor/patch updates (@​renovate[bot])
• #5763: fix: introduce UnknownFalsyValue for enhancing if statement tree-shaking (@​TrickyPi)
• #5766: chore(deps): update dependency @​rollup/plugin-node-resolve to v16 (@​renovate[bot])
• #5767: fix(deps): lock file maintenance minor/patch updates (@​renovate[bot])

4.28.1

2024-12-06

Bug Fixes

• Support running Rollup natively on LoongArch (#5749)
• Add optional debugId to SourceMap types (#5751)

Pull Requests

• #5749: feat: add support for LoongArch (@​darkyzhou)
• #5751: feat: Add debugId to SourceMap types (@​timfish, @​lukastaegert)
• #5752: chore(deps): update dependency mocha to v11 (@​renovate[bot])
• #5753: chore(deps): update dependency vite to v6 (@​renovate[bot])
• #5754: fix(deps): update swc monorepo (major) (@​renovate[bot])
• #5755: chore(deps): lock file maintenance minor/patch updates (@​renovate[bot])
• #5756: Test if saving the Cargo cache can speed up FreeBSD (@​lukastaegert)

4.28.0

... (truncated)

Commits

• 5d37778 4.29.1
• 86e1f43 fix: do not optimize the literal value if the cache is deoptimized (#5771)
• f116952 Remove unnecessary lifetimes (#5769)
• dadd488 4.29.0
• a4b78eb fix(deps): lock file maintenance minor/patch updates (#5767)
• d52f00d fix: introduce UnknownFalsyValue for enhancing if statement tree-shaking (#5763)
• 65c8901 chore(deps): update dependency @​rollup/plugin-node-resolve to v16 (#5766)
• 7a8ac46 docs: add utf-8 encoding to JSON file reading (#5759)
• 31f1670 fix(deps): lock file maintenance minor/patch updates (#5760)
• e60fb1c 4.28.1
• Additional commits viewable in compare view

Updates sanitize-html from 2.13.0 to 2.14.0

Changelog

Sourced from sanitize-html's changelog.

2.14.0 (2024-12-18)

• Fix adding text with transformTags in cases where it originally had no text child elements. Thanks to f0x.

2.13.1 (2024-10-03)

• Fix to allow regex in allowedClasses wildcard whitelist. Thanks to anak-dev.

Commits

• 1a11f7c eslint
• 4ae37d9 Merge pull request #687 from apostrophecms/release-2.14.0
• af62944 release 2.14.0
• d50f36f Merge pull request #684 from f0x52/transform-new-text1
• 19e9532 changelog entry
• de2aefb add testcase for transforming text inside empty tags
• 98b4900 still add text added by transformation when tag is discarded
• 20878b9 Merge pull request #678 from apostrophecms/release-2.13.1
• bf08233 release 2.13.1
• 4d5c4cb Merge pull request #676 from apostrophecms/thanks-anak-dev
• Additional commits viewable in compare view

Updates tailwindcss from 3.4.13 to 3.4.17

Release notes

Sourced from tailwindcss's releases.

v3.4.17

Fixed

• Work around Node v22.12+ issue (#15421)

v3.4.16

Fixed

• Ensure the TypeScript types for PluginsConfig allow undefined values (#14668)

Changed

• Bumped lilconfig to v3.x (#15289)

v3.4.15

• Bump versions for security vulnerabilities (#14697)
• Ensure the TypeScript types for the boxShadow theme configuration allows arrays (#14856)
• Set fallback for opacity variables to ensure setting colors with the selection:* variant works in Chrome 131 (#15003)

v3.4.14

Fixed

• Don't set display: none on elements that use hidden="until-found" (#14625)

Changelog

Sourced from tailwindcss's changelog.

[3.4.17] - 2024-12-17

Fixed

• Work around Node v22.12+ issue (#15421)

[3.4.16] - 2024-12-03

Fixed

• Ensure the TypeScript types for PluginsConfig allow undefined values (#14668)

Changed

• Bumped lilconfig to v3.x (#15289)

[3.4.15] - 2024-11-14

• Bump versions for security vulnerabilities (#14697)
• Ensure the TypeScript types for the boxShadow theme configuration allows arrays (#14856)
• Set fallback for opacity variables to ensure setting colors with the selection:* variant works in Chrome 131 (#15003)

[3.4.14] - 2024-10-15

Fixed

• Don't set display: none on elements that use hidden="until-found" (#14625)

Commits

• 4f9f603 Fix error
• 02faa15 v3.4.17
• e268b2a Update changelog
• 0a836f7 Work around issue with Node 22 and Jiti (#15421)
• f875ab9 Bump macos version
• 8f91c27 v3.4.16
• 8c8c986 fix: update lilconfig for ESM and Windows support (#15289)
• 2702cfc Fix Plugin type issue (#14668)
• 6069a81 v3.4.15
• d093dce Add variable fallback to fix Chrome issue (#15003)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[netlify]

✅ Deploy Preview for flamboyant-stallman-9dcf8d ready!

Name	Link
🔨 Latest commit	c683541
🔍 Latest deploy log	https://app.netlify.com/sites/flamboyant-stallman-9dcf8d/deploys/6774d9704c1c98000848535a
😎 Deploy Preview	https://deploy-preview-842--flamboyant-stallman-9dcf8d.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.
Lighthouse	2 paths audited Performance: 100 Accessibility: 100 Best Practices: 100 SEO: 93 PWA: - View the detailed breakdown and full score reports

---

To edit notification comments on pull requests, go to your Netlify site configuration.