Skip to content

Bump astro and astro-compress in /src/eventcatalog#266

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/src/eventcatalog/multi-77e6cb1bad
Open

Bump astro and astro-compress in /src/eventcatalog#266
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/src/eventcatalog/multi-77e6cb1bad

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 26, 2026

Bumps astro and astro-compress. These dependencies needed to be updated together.
Updates astro from 5.17.3 to 5.18.1

Release notes

Sourced from astro's releases.

astro@5.18.1

Patch Changes

  • Updated dependencies [c2cd371]:
    • @​astrojs/internal-helpers@​0.7.6
    • @​astrojs/markdown-remark@​6.3.11
Changelog

Sourced from astro's changelog.

5.18.1

Patch Changes

  • Updated dependencies [c2cd371]:
    • @​astrojs/internal-helpers@​0.7.6
    • @​astrojs/markdown-remark@​6.3.11

5.18.0

Minor Changes

  • #15589 b7dd447 Thanks @​qzio! - Adds a new security.actionBodySizeLimit option to configure the maximum size of Astro Actions request bodies.

    This lets you increase the default 1 MB limit when your actions need to accept larger payloads. For example, actions that handle file uploads or large JSON payloads can now opt in to a higher limit.

    If you do not set this option, Astro continues to enforce the 1 MB default to help prevent abuse.

    // astro.config.mjs
export default defineConfig({
  security: {
    actionBodySizeLimit: 10 * 1024 * 1024, // set to 10 MB
  },
});

Patch Changes

  • #15594 efae11c Thanks @​qzio! - Fix X-Forwarded-Proto validation when allowedDomains includes both protocol and hostname fields. The protocol check no longer fails due to hostname mismatch against the hardcoded test URL.
Commits

Updates astro-compress from 2.3.9 to 2.4.0

Release notes

Sourced from astro-compress's releases.

AstroCompress/v2.4.0

What's Changed

Full Changelog: PlayForm/Compress@AstroCompress/v2.3.9...AstroCompress/v2.4.0

Commits
  • 54f795c AstroCompress/v2.4.0
  • c8bf46c Merge remote-tracking branch 'Source/Current' into Alternative
  • a166496 Compress/v0.2.2
  • 71e7e21 chore(deps): update lightningcss and svgo dependencies
  • d3e386d chore(deps): bump version to 0.2.2 and fix astro dependency to any version
  • 952aebd
  • 368155f Merge pull request #585 from PlayForm/dependabot/npm_and_yarn/astro-6.0.3
  • 893bd63 Bump astro from 6.0.2 to 6.0.3
  • 667aad3 Merge pull request #584 from PlayForm/dependabot/github_actions/pnpm/action-s...
  • 1337625 Bump pnpm/action-setup from 4.2.0 to 4.3.0
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump astro and astro-compress in /src/eventcatalog
e63d06d 
Bumps [astro](https://github.com/withastro/astro/tree/HEAD/packages/astro) and [astro-compress](https://github.com/PlayForm/Compress). These dependencies needed to be updated together.

Updates `astro` from 5.17.3 to 5.18.1
- [Release notes](https://github.com/withastro/astro/releases)
- [Changelog](https://github.com/withastro/astro/blob/astro@5.18.1/packages/astro/CHANGELOG.md)
- [Commits](https://github.com/withastro/astro/commits/astro@5.18.1/packages/astro)

Updates `astro-compress` from 2.3.9 to 2.4.0
- [Release notes](https://github.com/PlayForm/Compress/releases)
- [Changelog](https://github.com/PlayForm/Compress/blob/Current/CHANGELOG.md)
- [Commits](PlayForm/Compress@AstroCompress/v2.3.9...AstroCompress/v2.4.0)

---
updated-dependencies:
- dependency-name: astro
  dependency-version: 5.18.1
  dependency-type: indirect
- dependency-name: astro-compress
  dependency-version: 2.4.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Mar 26, 2026
@dependabot dependabot bot requested a review from a team as a code owner March 26, 2026 21:31
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Mar 26, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants