Skip to content

fix(deps): update dependency astro to v5.9.3 #1132

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jun 13, 2025
Merged

fix(deps): update dependency astro to v5.9.3 #1132

merged 1 commit into from
Jun 13, 2025

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jun 13, 2025

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
astro (source) 5.9.2 -> 5.9.3 age adoption passing confidence

Release Notes

withastro/astro (astro)

v5.9.3

Compare Source

Patch Changes

  • #​13923 a9ac5ed Thanks @​ematipico! - BREAKING CHANGE to the experimental Content Security Policy (CSP) only

    Changes the behavior of experimental Content Security Policy (CSP) to now serve hashes differently depending on whether or not a page is prerendered:

    • Via the <meta> element for static pages.
    • Via the Response header content-security-policy for on-demand rendered pages.

    This new strategy allows you to add CSP content that is not supported in a <meta> element (e.g. report-uri, frame-ancestors, and sandbox directives) to on-demand rendered pages.

    No change to your project code is required as this is an implementation detail. However, this will result in a different HTML output for pages that are rendered on demand. Please check your production site to verify that CSP is working as intended.

    To keep up to date with this developing feature, or to leave feedback, visit the CSP Roadmap proposal.

  • #​13926 953a249 Thanks @​ematipico! - Adds a new Astro Adapter Feature called experimentalStaticHeaders to allow your adapter to receive the Headers for rendered static pages.

    Adapters that enable support for this feature can access header values directly, affecting their handling of some Astro features such as Content Security Policy (CSP). For example, Astro will no longer serve the CSP <meta http-equiv="content-security-policy"> element in static pages to adapters with this support.

    Astro will serve the value of the header inside a map that can be retrieved from the hook astro:build:generated. Adapters can read this mapping and use their hosting headers capabilities to create a configuration file.

    A new field called experimentalRouteToHeaders will contain a map of Map<IntegrationResolvedRoute, Headers> where the Headers type contains the headers emitted by the rendered static route.

    To enable support for this experimental Astro Adapter Feature, add it to your adapterFeatures in your adapter config:

    // my-adapter.mjs
export default function createIntegration() {
  return {
    name: '@&#8203;example/my-adapter',
    hooks: {
      'astro:config:done': ({ setAdapter }) => {
        setAdapter({
          name: '@&#8203;example/my-adapter',
          serverEntrypoint: '@&#8203;example/my-adapter/server.js',
          adapterFeatures: {
            experimentalStaticHeaders: true,
          },
        });
      },
    },
  };
}

    See the Adapter API docs for more information about providing adapter features.

  • #​13697 af83b85 Thanks @​benosmac! - Fixes issues with fallback route pattern matching when i18n.routing.fallbackType is rewrite.

    • Adds conditions for route matching in generatePath when building fallback routes and checking for existing translated pages

    Now for a route to be matched it needs to be inside a named [locale] folder. This fixes an issue where route.pattern.test() incorrectly matched dynamic routes, causing the page to be skipped.

    • Adds conditions for route matching in findRouteToRewrite

    Now the requested pathname must exist in route.distURL for a dynamic route to match. This fixes an issue where route.pattern.test() incorrectly matched dynamic routes, causing the build to fail.

  • #​13924 1cd8c3b Thanks @​qw-in! - Fixes an edge case where isPrerendered was incorrectly set to false for static redirects.

  • #​13926 953a249 Thanks @​ematipico! - Fixes an issue where the experimental CSP meta element wasn't placed in the <head> element as early as possible, causing these policies to not apply to styles and scripts that came before the meta element.

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot merged commit 32f86b7 into develop Jun 13, 2025
4 checks passed
@renovate renovate bot deleted the renovate/astro-monorepo branch June 13, 2025 22:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants