chore(deps): bump astro and @astrojs/mdx

[dependabot]

Bumps astro and @astrojs/mdx. These dependencies needed to be updated together.
Updates astro from 5.18.1 to 6.1.9

Release notes

Sourced from astro's releases.

astro@6.1.9

Patch Changes

• #16448 99464ed Thanks @​matthewp! - Updates vite, picomatch, and unstorage to latest patch versions

• #16422 a3951d7 Thanks @​matthewp! - Hardens astro-island export resolution and hydration error handling for malformed component metadata

• #16420 e21de1d Thanks @​matthewp! - Hardens Astro's error overlay and server logging paths to avoid unsafe HTML insertion and format-string interpolation

• #16419 f3485c3 Thanks @​matthewp! - Hardens nested object and package metadata lookups to ignore prototype keys in content handling and project scaffolding

• #16022 a002540 Thanks @​mathieumaf! - Fixes an issue where i18n domains would return 404 when trailingSlash is set to never.

• Updated dependencies [99464ed, f3485c3]:

  • @​astrojs/internal-helpers@​0.9.0
  • @​astrojs/markdown-remark@​7.1.1

astro@6.1.8

Patch Changes

• #16367 a6866a7 Thanks @​ematipico! - Fixes an issue where build output files could contain special characters (!, ~, {, }) in their names, causing deploy failures on platforms like Netlify.

• #16381 217c5b3 Thanks @​ematipico! - Slightly improved the performance of the dev server by caching the internal crawling of the dependencies of a project.

• #16348 7d26cd7 Thanks @​ocavue! - Fixes a bug where emitted assets during a client build would contain always fresh, new hashes in their name. Now the build should be more stable.

• #16317 d012bfe Thanks @​das-peter! - Fixes a bug where allowedDomains weren't correctly propagated when using the development server.

• #16379 5a84551 Thanks @​martrapp! - Improves Vue scoped style handling in DEV mode during client router navigation.

• #16317 d012bfe Thanks @​das-peter! - Adds tests to verify settings are properly propagated when using the development server.

• #16282 5b0fdaa Thanks @​jmurty! - Fixes build errors on platforms with skew protection enabled (e.g. Vercel, Netlify) for inter-chunk Javascript using dynamic imports

• Updated dependencies [e0b240e]:

  • @​astrojs/telemetry@​3.3.1

astro@6.1.7

Patch Changes

• #16027 c62516b Thanks @​fkatsuhiro! - Fixes a bug where remote image dimensions were not validated during static builds on Netlify.

• #16311 94048f2 Thanks @​Arecsu! - Fixes --port flag being ignored after a Vite-triggered server restart (e.g. when a .env file changes)

• #16316 0fcd04c Thanks @​ematipico! - Fixes the /_image endpoint accepting an arbitrary f=svg query parameter and serving non-SVG content as image/svg+xml. The endpoint now validates that the source is actually SVG before honoring f=svg, matching the same guard already enforced on the <Image> component path.

astro@6.1.6

Patch Changes

• #16202 b5c2fba Thanks @​matthewp! - Fixes Actions failing with ActionsWithoutServerOutputError when using output: 'static' with an adapter

... (truncated)

Changelog

Sourced from astro's changelog.

6.1.9

Patch Changes

• #16448 99464ed Thanks @​matthewp! - Updates vite, picomatch, and unstorage to latest patch versions

• #16422 a3951d7 Thanks @​matthewp! - Hardens astro-island export resolution and hydration error handling for malformed component metadata

• #16420 e21de1d Thanks @​matthewp! - Hardens Astro's error overlay and server logging paths to avoid unsafe HTML insertion and format-string interpolation

• #16419 f3485c3 Thanks @​matthewp! - Hardens nested object and package metadata lookups to ignore prototype keys in content handling and project scaffolding

• #16022 a002540 Thanks @​mathieumaf! - Fixes an issue where i18n domains would return 404 when trailingSlash is set to never.

• Updated dependencies [99464ed, f3485c3]:

  • @​astrojs/internal-helpers@​0.9.0
  • @​astrojs/markdown-remark@​7.1.1

6.1.8

Patch Changes

• #16367 a6866a7 Thanks @​ematipico! - Fixes an issue where build output files could contain special characters (!, ~, {, }) in their names, causing deploy failures on platforms like Netlify.

• #16381 217c5b3 Thanks @​ematipico! - Slightly improved the performance of the dev server by caching the internal crawling of the dependencies of a project.

• #16348 7d26cd7 Thanks @​ocavue! - Fixes a bug where emitted assets during a client build would contain always fresh, new hashes in their name. Now the build should be more stable.

• #16317 d012bfe Thanks @​das-peter! - Fixes a bug where allowedDomains weren't correctly propagated when using the development server.

• #16379 5a84551 Thanks @​martrapp! - Improves Vue scoped style handling in DEV mode during client router navigation.

• #16317 d012bfe Thanks @​das-peter! - Adds tests to verify settings are properly propagated when using the development server.

• #16282 5b0fdaa Thanks @​jmurty! - Fixes build errors on platforms with skew protection enabled (e.g. Vercel, Netlify) for inter-chunk Javascript using dynamic imports

• Updated dependencies [e0b240e]:

  • @​astrojs/telemetry@​3.3.1

6.1.7

Patch Changes

• #16027 c62516b Thanks @​fkatsuhiro! - Fixes a bug where remote image dimensions were not validated during static builds on Netlify.

• #16311 94048f2 Thanks @​Arecsu! - Fixes --port flag being ignored after a Vite-triggered server restart (e.g. when a .env file changes)

• #16316 0fcd04c Thanks @​ematipico! - Fixes the /_image endpoint accepting an arbitrary f=svg query parameter and serving non-SVG content as image/svg+xml. The endpoint now validates that the source is actually SVG before honoring f=svg, matching the same guard already enforced on the <Image> component path.

6.1.6

... (truncated)

Commits

• 21ca872 [ci] release (#16399)
• f3485c3 Harden nested object path lookups (#16419)
• 99464ed Bump vite, picomatch, and unstorage to latest patch versions (#16448)
• 471a4d6 refactor(astro): migrate all remaining tests to typescript (#16444)
• e21de1d fix(astro): harden error overlay and log formatting (#16420)
• a3951d7 fix(astro): harden astro-island export resolution (#16422)
• 8a13969 refactor(astro): migrate 4 tests to typescript (#16427)
• 3bdc4ac refactor(astro): migrate core-image tests to typescript (#16413)
• 72e9faa refactor(astro): migrate 19 tests to typescript (#16414)
• 1c477aa refactor(astro): migrate 10 tests to typescript (#16411)
• Additional commits viewable in compare view

Updates @astrojs/mdx from 4.3.14 to 5.0.4

Release notes

Sourced from @​astrojs/mdx's releases.

@​astrojs/mdx@​5.0.4

Patch Changes

• Updated dependencies [f3485c3]:
  • @​astrojs/markdown-remark@​7.1.1

@​astrojs/mdx@​5.0.3

Patch Changes

• Updated dependencies [10a1a5a]:
  • @​astrojs/markdown-remark@​7.1.0

@​astrojs/mdx@​5.0.2

Patch Changes

• #15864 d3c7de9 Thanks @​florian-lefebvre! - Removes temporary support for Node >=20.19.1 because Stackblitz now uses Node 22 by default

• Updated dependencies []:

  • @​astrojs/markdown-remark@​7.0.1

@​astrojs/mdx@​5.0.1

Patch Changes

• #15934 6f8f0bc Thanks @​ematipico! - Updates the Astro peerDependencies#astro to be 6.0.0.

Changelog

Sourced from @​astrojs/mdx's changelog.

5.0.4

Patch Changes

• Updated dependencies [f3485c3]:
  • @​astrojs/markdown-remark@​7.1.1

5.0.3

Patch Changes

• Updated dependencies [10a1a5a]:
  • @​astrojs/markdown-remark@​7.1.0

5.0.2

Patch Changes

• #15864 d3c7de9 Thanks @​florian-lefebvre! - Removes temporary support for Node >=20.19.1 because Stackblitz now uses Node 22 by default

• Updated dependencies []:

  • @​astrojs/markdown-remark@​7.0.1

5.0.1

Patch Changes

• #15934 6f8f0bc Thanks @​ematipico! - Updates the Astro peerDependencies#astro to be 6.0.0.

5.0.0

Major Changes

• #14494 727b0a2 Thanks @​florian-lefebvre! - Updates Markdown heading ID generation - (v6 upgrade guidance)

• #14427 e131261 Thanks @​florian-lefebvre! - Increases minimum Node.js version to 22.12.0 - (v6 upgrade guidance)

• #14445 ecb0b98 Thanks @​florian-lefebvre! - Astro v6.0 upgrades to Vite v7.0 as the development server and production bundler - (v6 upgrade guidance)

Patch Changes

• #15187 bbb5811 Thanks @​matthewp! - Update to Astro 6 beta

• #15475 36fc0e0 Thanks @​delucis! - Fixes edge cases where an export const components = {...} declaration would fail to be detected with the optimize option enabled

• #15264 11efb05 Thanks @​florian-lefebvre! - Lower the Node version requirement to allow running on Stackblitz until it supports v22

• Updated dependencies [bbb5811, cb99214, 80f0225, 727b0a2, 1fa4177, 7c55f80, 6f19ecc, f94d3c5]:

  • @​astrojs/markdown-remark@​7.0.0

... (truncated)

Commits

• 21ca872 [ci] release (#16399)
• 99464ed Bump vite, picomatch, and unstorage to latest patch versions (#16448)
• f7566b8 refactor: unify test setup (#16445)
• 8e13469 refactor(mdx): add SpyIntegrationLogger for test (#16384)
• 50f0dce refactor(mdx): migrate tests to typescript (#16359)
• 7454854 fix(astro): Fix isHTMLString check failing in multi-realm environments (#16...
• ade6f51 refactor(mdx): more unit tests, less integrations (#16158)
• 88fcc98 fix integrations links across docs (#16098)
• 4a6ff2a [ci] release (#16020)
• a2c15bb fix(deps): update astro dependencies (#15913)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[netlify]

❌ Deploy Preview for benji-docs-previews failed.

Name	Link
🔨 Latest commit	e08a545
🔍 Latest deploy log	https://app.netlify.com/projects/benji-docs-previews/deploys/69e93e6969f1410008ee0dd1