chore(deps): Bump the npm-dependencies group in /site with 2 updates

[dependabot]

Bumps the npm-dependencies group in /site with 2 updates: @astrojs/cloudflare and astro.

Updates @astrojs/cloudflare from 13.5.2 to 13.5.3

Release notes

Sourced from @​astrojs/cloudflare's releases.

@​astrojs/cloudflare@​13.5.3

Patch Changes

• #16801 d619277 Thanks @​ematipico! - Reverts a change to the esbuild dep-scan plugin that caused astro check and astro build to fail by making esbuild incorrectly bundle virtual: modules (e.g. from expressive-code)

• Updated dependencies []:

  • @​astrojs/underscore-redirects@​1.0.3

Changelog

Sourced from @​astrojs/cloudflare's changelog.

13.5.3

Patch Changes

• #16801 d619277 Thanks @​ematipico! - Reverts a change to the esbuild dep-scan plugin that caused astro check and astro build to fail by making esbuild incorrectly bundle virtual: modules (e.g. from expressive-code)

• Updated dependencies []:

  • @​astrojs/underscore-redirects@​1.0.3

Commits

• 223a843 [ci] release (#16775)
• d619277 revert: PR 16708 (#16801)
• 8062391 chore(deps): dedupe vite installations (#16788)
• See full diff in compare view

Updates astro from 6.3.5 to 6.3.6

Release notes

Sourced from astro's releases.

astro@6.3.6

Patch Changes

• #16774 8f77583 Thanks @​astrobot-houston! - Fixes markdown images with empty alt text (![](https://github.com/withastro/astro/tree/HEAD/packages/astro/blob/HEAD/image.jpg)) in content collections dropping the alt attribute entirely. The alt="" attribute is now correctly preserved in the rendered HTML output, which is important for accessibility (indicating decorative images).

• #16776 3d10b5e Thanks @​matthewp! - Fixes HMR serving stale content when components are passed as props via getStaticPaths()

• #16784 7453860 Thanks @​ematipico! - Improved the printing of the build time if it goes over the 60 seconds.

• #16665 3dbbcee Thanks @​Princesseuh! - Fixes remote SVG sources erroring with dangerouslyProcessSVG after the v6.3 SVG-processing gate. The default Sharp service now resolves the output format from the source up-front when it can (URL extension, data: MIME, ESM metadata), and from the actual buffer at request time when it can't, so SVG sources pass through untouched without needing to set image.dangerouslyProcessSVG: true or an explicit format="svg".

  The error message has also been updated to point at format="svg" as the simpler workaround when an SVG source is encountered without dangerouslyProcessSVG enabled.

• #16777 1754b91 Thanks @​matthewp! - Fixes HMR serving stale content for dynamically imported components through barrel files

• #16730 068d924 Thanks @​harshagarwalnyu! - Fixes an issue where the file() content loader did not generate a valid JSON Schema for collections whose JSON or YAML data is a top-level array instead of an object.

Changelog

Sourced from astro's changelog.

6.3.6

Patch Changes

• #16774 8f77583 Thanks @​astrobot-houston! - Fixes markdown images with empty alt text (![](https://github.com/withastro/astro/blob/main/packages/astro/image.jpg)) in content collections dropping the alt attribute entirely. The alt="" attribute is now correctly preserved in the rendered HTML output, which is important for accessibility (indicating decorative images).

• #16776 3d10b5e Thanks @​matthewp! - Fixes HMR serving stale content when components are passed as props via getStaticPaths()

• #16784 7453860 Thanks @​ematipico! - Improved the printing of the build time if it goes over the 60 seconds.

• #16665 3dbbcee Thanks @​Princesseuh! - Fixes remote SVG sources erroring with dangerouslyProcessSVG after the v6.3 SVG-processing gate. The default Sharp service now resolves the output format from the source up-front when it can (URL extension, data: MIME, ESM metadata), and from the actual buffer at request time when it can't, so SVG sources pass through untouched without needing to set image.dangerouslyProcessSVG: true or an explicit format="svg".

  The error message has also been updated to point at format="svg" as the simpler workaround when an SVG source is encountered without dangerouslyProcessSVG enabled.

• #16777 1754b91 Thanks @​matthewp! - Fixes HMR serving stale content for dynamically imported components through barrel files

• #16730 068d924 Thanks @​harshagarwalnyu! - Fixes an issue where the file() content loader did not generate a valid JSON Schema for collections whose JSON or YAML data is a top-level array instead of an object.

Commits

• 223a843 [ci] release (#16775)
• e4bce73 [ci] format
• 1754b91 Invalidate importer modules in runner cache during HMR (#16777)
• 3d10b5e Invalidate route cache when module identity changes after HMR (#16776)
• 7453860 fix: build times timestamp (#16784)
• 3dbbcee fix(sharp): handle default formats differently (#16665)
• 068d924 fix(content): generate anyOf schema for file() loader to support top-level ar...
• 8f77583 fix(content): preserve empty alt attributes on markdown images in content col...
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions