Bump @astrojs/node and @eventcatalog/core in /src/eventcatalog

[dependabot]

Bumps @astrojs/node to 10.0.3 and updates ancestor dependency @eventcatalog/core. These dependencies need to be updated together.

Updates @astrojs/node from 9.5.4 to 10.0.3

Release notes

Sourced from @​astrojs/node's releases.

@​astrojs/node@​10.0.3

Patch Changes

• #15735 9685e2d Thanks @​fa-sharp! - Fixes an EventEmitter memory leak when serving static pages from Node.js middleware.

  When using the middleware handler, requests that were being passed on to Express / Fastify (e.g. static files / pre-rendered pages / etc.) weren't cleaning up socket listeners before calling next(), causing a memory leak warning. This fix makes sure to run the cleanup before calling next().

@​astrojs/node@​10.0.2

Patch Changes

• #15934 6f8f0bc Thanks @​ematipico! - Updates the Astro peerDependencies#astro to be 6.0.0.

@​astrojs/node@​10.0.1

Patch Changes

• #15868 bb2b8f5 Thanks @​ematipico! - Fixes an issue where the adapter would cause a series of warnings during the build.

@​astrojs/node@​10.0.0

Major Changes

• #15654 a32aee6 Thanks @​florian-lefebvre! - Removes the experimentalErrorPageHost option

  This option allowed fetching a prerendered error page from a different host than the server is currently running on.

  However, there can be security implications with prefetching from other hosts, and often more customization was required to do this safely. This has now been removed as a built-in option so that you can implement your own secure solution as needed and appropriate for your project via middleware.

  What should I do?

  If you were previously using this feature, you must remove the option from your adapter configuration as it no longer exists:

  // astro.config.mjs
  import { defineConfig } from 'astro/config'
  import node from '@astrojs/node'
  export default defineConfig({
  adapter: node({
  mode: 'standalone',
  
  experimentalErrorPageHost: 'http://localhost:4321'
  })
  })

You can replicate the previous behavior by checking the response status in a middleware and fetching the prerendered page yourself:

// src/middleware.ts
import { defineMiddleware } from 'astro:middleware';
export const onRequest = defineMiddleware(async (ctx, next) => {

... (truncated)

Changelog

Sourced from @​astrojs/node's changelog.

10.0.3

Patch Changes

• #15735 9685e2d Thanks @​fa-sharp! - Fixes an EventEmitter memory leak when serving static pages from Node.js middleware.

  When using the middleware handler, requests that were being passed on to Express / Fastify (e.g. static files / pre-rendered pages / etc.) weren't cleaning up socket listeners before calling next(), causing a memory leak warning. This fix makes sure to run the cleanup before calling next().

10.0.2

Patch Changes

• #15934 6f8f0bc Thanks @​ematipico! - Updates the Astro peerDependencies#astro to be 6.0.0.

10.0.1

Patch Changes

• #15868 bb2b8f5 Thanks @​ematipico! - Fixes an issue where the adapter would cause a series of warnings during the build.

10.0.0

Major Changes

• #15654 a32aee6 Thanks @​florian-lefebvre! - Removes the experimentalErrorPageHost option

  This option allowed fetching a prerendered error page from a different host than the server is currently running on.

  However, there can be security implications with prefetching from other hosts, and often more customization was required to do this safely. This has now been removed as a built-in option so that you can implement your own secure solution as needed and appropriate for your project via middleware.

  What should I do?

  If you were previously using this feature, you must remove the option from your adapter configuration as it no longer exists:

  // astro.config.mjs
  import { defineConfig } from 'astro/config'
  import node from '@astrojs/node'
  export default defineConfig({
  adapter: node({
  mode: 'standalone',
  
  experimentalErrorPageHost: 'http://localhost:4321'
  })
  })

You can replicate the previous behavior by checking the response status in a middleware and fetching the prerendered page yourself:

... (truncated)

Commits

• 878791f [ci] release (#15985)
• 9685e2d fix: EventEmitter memory leak when serving static pages from Node.js middlewa...
• 09ecdd7 [ci] release (#15889)
• 6f8f0bc fix: update peer dependency range (#15934)
• b16ee32 [ci] release (#15858)
• bb2b8f5 fix: correctly exclude entrypoint via environments (#15868)
• 48e5c4d [ci] release (#15808)
• 2ce9e74 chore: update docs links (#15732)
• 25560db [ci] release (beta) (#15773)
• 39ff2a5 Harden Node adapter HTTP server defaults and request body handling (#15759)
• Additional commits viewable in compare view

Updates @eventcatalog/core from 2.64.3 to 3.26.8

Release notes

Sourced from @​eventcatalog/core's releases.

@​eventcatalog/core@​3.26.8

Patch Changes

• 6418562: Fix auth behind reverse proxy: default trustHost to true and add signout error handling

@​eventcatalog/core@​3.26.7

Patch Changes

• 1035f52: Replace better-sqlite3 (native module) with sql.js (WASM) to eliminate native compilation requirements during npm install

@​eventcatalog/core@​3.26.6

Patch Changes

• 038e402: Fix SSR compatibility: remove CSS import from NodeGraph that breaks server-side rendering, add proper type assertion for lazy-loaded component, and export NodeGraphProps type
• Updated dependencies [038e402]
  • @​eventcatalog/visualiser@​3.16.1

@​eventcatalog/core@​3.26.5

Patch Changes

• 26f2b3d: Fix SSR crash on schema/fields page by adding @​xyflow/react to vite.ssr.noExternal so Vite handles CSS imports during SSR

@​eventcatalog/core@​3.26.4

Patch Changes

• 214d9df: Fix SSR crash on schema/fields page by moving @​xyflow/react CSS import from static to dynamic

@​eventcatalog/core@​3.26.3

Patch Changes

• 6cbccb5: Widen @​tailwindcss/vite version range to >=4.1.5 <4.2.2

@​eventcatalog/core@​3.26.2

Patch Changes

• 223ac55: pin @​tailwindcss/vite to ~4.2.1 to avoid breaking changes from minor releases

@​eventcatalog/core@​3.26.1

Patch Changes

• 02747f8: Update Astro dependency to ^6.0.8

@​eventcatalog/core@​3.26.0

Minor Changes

• 1539e71: add schema fields explorer with field traceability, conflict detection, and node graph visualization

Patch Changes

• Updated dependencies [1539e71]

... (truncated)

Commits

• 2aff3eb Version Packages (#2391)
• 6418562 Fix auth behind reverse proxy by defaulting trustHost to true (#2390)
• 051514a Version Packages (#2389)
• 1035f52 fix(core): replace better-sqlite3 with sql.js (WASM) (#2388)
• a667a72 Version Packages (#2386)
• cb40037 Improve generated README for new EventCatalog projects (#2385)
• d94409f Version Packages (#2384)
• 038e402 Fix SSR compatibility for visualiser NodeGraph (#2383)
• f0b83cc Version Packages (#2381)
• 26f2b3d Fix SSR crash: add @​xyflow/react to vite.ssr.noExternal (#2380)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​eventcatalog/core since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.