chore(deps): bump the all group with 5 updates (#1868)

Bumps the all group with 5 updates:

| Package | From | To |
| --- | --- | --- |
|
[@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser)
| `8.45.0` | `8.46.0` |
|
[typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint)
| `8.45.0` | `8.46.0` |
|
[@astrojs/mdx](https://github.com/withastro/astro/tree/HEAD/packages/integrations/mdx)
| `4.3.6` | `4.3.7` |
| [asciinema-player](https://github.com/asciinema/asciinema-player) |
`3.11.0` | `3.12.1` |
| [astro](https://github.com/withastro/astro/tree/HEAD/packages/astro) |
`5.14.1` | `5.14.4` |

Updates `@typescript-eslint/parser` from 8.45.0 to 8.46.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/typescript-eslint/typescript-eslint/releases"><code>@​typescript-eslint/parser</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v8.46.0</h2>
<h2>8.46.0 (2025-10-06)</h2>
<h3>🚀 Features</h3>
<ul>
<li><strong>eslint-plugin:</strong> [no-unsafe-member-access] add
allowOptionalChaining option (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11659">#11659</a>)</li>
<li><strong>eslint-plugin-internal:</strong> [no-dynamic-tests] new
internal Lint rule to ban dynamic syntax in generating tests (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11323">#11323</a>)</li>
<li><strong>rule-schema-to-typescript-types:</strong> clean up and make
public (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11633">#11633</a>)</li>
<li><strong>typescript-eslint:</strong> export util types (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/10848">#10848</a>,
<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/10849">#10849</a>)</li>
<li><strong>typescript-estree:</strong> mention file specifics in
project service allowDefaultProject error (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11635">#11635</a>)</li>
<li><strong>typescript-estree:</strong> private identifiers can only
appear on LHS of in expressions (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/9232">#9232</a>)</li>
</ul>
<h3>🩹 Fixes</h3>
<ul>
<li><strong>eslint-plugin:</strong> [no-floating-promises] remove excess
parentheses in suggestions (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11487">#11487</a>)</li>
<li><strong>eslint-plugin:</strong> [unbound-method] improve wording
around <code>this: void</code> and binding (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11634">#11634</a>)</li>
<li><strong>eslint-plugin:</strong> [no-deprecated] ignore deprecated
<code>export import</code>s (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11603">#11603</a>)</li>
<li><strong>eslint-plugin:</strong> removed error type previously
deprecated (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11674">#11674</a>)</li>
<li><strong>eslint-plugin:</strong> [prefer-readonly-parameter-types]
ignore tagged primitives (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11660">#11660</a>)</li>
<li><strong>rule-tester:</strong> deprecate TestCaseError#type and
LintMessage#nodeType (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11628">#11628</a>)</li>
<li><strong>typescript-estree:</strong> forbid <code>abstract</code>
modifier in object methods (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11656">#11656</a>)</li>
<li><strong>typescript-estree:</strong> forbid abstract method and
accessor to have implementation (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11657">#11657</a>)</li>
</ul>
<h3>❤️ Thank You</h3>
<ul>
<li>fisker Cheung <a
href="https://github.com/fisker"><code>@​fisker</code></a></li>
<li>Josh Goldberg ✨</li>
<li>Joshua Chen</li>
<li>Kirk Waiblinger <a
href="https://github.com/kirkwaiblinger"><code>@​kirkwaiblinger</code></a></li>
<li>Mark de Dios <a
href="https://github.com/peanutenthusiast"><code>@​peanutenthusiast</code></a></li>
<li>Mister-Hope <a
href="https://github.com/Mister-Hope"><code>@​Mister-Hope</code></a></li>
<li>Richard Torres <a
href="https://github.com/richardtorres314"><code>@​richardtorres314</code></a></li>
<li>Victor Genaev <a
href="https://github.com/mainframev"><code>@​mainframev</code></a></li>
<li>Younsang Na <a
href="https://github.com/nayounsang"><code>@​nayounsang</code></a></li>
</ul>
<p>You can read about our <a
href="https://typescript-eslint.io/users/versioning">versioning
strategy</a> and <a
href="https://typescript-eslint.io/users/releases">releases</a> on our
website.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md"><code>@​typescript-eslint/parser</code>'s
changelog</a>.</em></p>
<blockquote>
<h2>8.46.0 (2025-10-06)</h2>
<p>This was a version bump only for parser to align it with other
projects, there were no code changes.</p>
<p>You can read about our <a
href="https://typescript-eslint.io/users/versioning">versioning
strategy</a> and <a
href="https://typescript-eslint.io/users/releases">releases</a> on our
website.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/typescript-eslint/typescript-eslint/commit/aec785e33d63b248231c3e68c9aeb792caf21acc"><code>aec785e</code></a>
chore(release): publish 8.46.0</li>
<li>See full diff in <a
href="https://github.com/typescript-eslint/typescript-eslint/commits/v8.46.0/packages/parser">compare
view</a></li>
</ul>
</details>
<br />

Updates `typescript-eslint` from 8.45.0 to 8.46.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/typescript-eslint/typescript-eslint/releases">typescript-eslint's
releases</a>.</em></p>
<blockquote>
<h2>v8.46.0</h2>
<h2>8.46.0 (2025-10-06)</h2>
<h3>🚀 Features</h3>
<ul>
<li><strong>eslint-plugin:</strong> [no-unsafe-member-access] add
allowOptionalChaining option (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11659">#11659</a>)</li>
<li><strong>eslint-plugin-internal:</strong> [no-dynamic-tests] new
internal Lint rule to ban dynamic syntax in generating tests (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11323">#11323</a>)</li>
<li><strong>rule-schema-to-typescript-types:</strong> clean up and make
public (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11633">#11633</a>)</li>
<li><strong>typescript-eslint:</strong> export util types (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/10848">#10848</a>,
<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/10849">#10849</a>)</li>
<li><strong>typescript-estree:</strong> mention file specifics in
project service allowDefaultProject error (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11635">#11635</a>)</li>
<li><strong>typescript-estree:</strong> private identifiers can only
appear on LHS of in expressions (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/9232">#9232</a>)</li>
</ul>
<h3>🩹 Fixes</h3>
<ul>
<li><strong>eslint-plugin:</strong> [no-floating-promises] remove excess
parentheses in suggestions (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11487">#11487</a>)</li>
<li><strong>eslint-plugin:</strong> [unbound-method] improve wording
around <code>this: void</code> and binding (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11634">#11634</a>)</li>
<li><strong>eslint-plugin:</strong> [no-deprecated] ignore deprecated
<code>export import</code>s (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11603">#11603</a>)</li>
<li><strong>eslint-plugin:</strong> removed error type previously
deprecated (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11674">#11674</a>)</li>
<li><strong>eslint-plugin:</strong> [prefer-readonly-parameter-types]
ignore tagged primitives (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11660">#11660</a>)</li>
<li><strong>rule-tester:</strong> deprecate TestCaseError#type and
LintMessage#nodeType (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11628">#11628</a>)</li>
<li><strong>typescript-estree:</strong> forbid <code>abstract</code>
modifier in object methods (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11656">#11656</a>)</li>
<li><strong>typescript-estree:</strong> forbid abstract method and
accessor to have implementation (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11657">#11657</a>)</li>
</ul>
<h3>❤️ Thank You</h3>
<ul>
<li>fisker Cheung <a
href="https://github.com/fisker"><code>@​fisker</code></a></li>
<li>Josh Goldberg ✨</li>
<li>Joshua Chen</li>
<li>Kirk Waiblinger <a
href="https://github.com/kirkwaiblinger"><code>@​kirkwaiblinger</code></a></li>
<li>Mark de Dios <a
href="https://github.com/peanutenthusiast"><code>@​peanutenthusiast</code></a></li>
<li>Mister-Hope <a
href="https://github.com/Mister-Hope"><code>@​Mister-Hope</code></a></li>
<li>Richard Torres <a
href="https://github.com/richardtorres314"><code>@​richardtorres314</code></a></li>
<li>Victor Genaev <a
href="https://github.com/mainframev"><code>@​mainframev</code></a></li>
<li>Younsang Na <a
href="https://github.com/nayounsang"><code>@​nayounsang</code></a></li>
</ul>
<p>You can read about our <a
href="https://typescript-eslint.io/users/versioning">versioning
strategy</a> and <a
href="https://typescript-eslint.io/users/releases">releases</a> on our
website.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md">typescript-eslint's
changelog</a>.</em></p>
<blockquote>
<h2>8.46.0 (2025-10-06)</h2>
<h3>🚀 Features</h3>
<ul>
<li><strong>typescript-eslint:</strong> export util types (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/10848">#10848</a>,
<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/10849">#10849</a>)</li>
</ul>
<h3>❤️ Thank You</h3>
<ul>
<li>Mister-Hope <a
href="https://github.com/Mister-Hope"><code>@​Mister-Hope</code></a></li>
</ul>
<p>You can read about our <a
href="https://typescript-eslint.io/users/versioning">versioning
strategy</a> and <a
href="https://typescript-eslint.io/users/releases">releases</a> on our
website.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/typescript-eslint/typescript-eslint/commit/aec785e33d63b248231c3e68c9aeb792caf21acc"><code>aec785e</code></a>
chore(release): publish 8.46.0</li>
<li><a
href="https://github.com/typescript-eslint/typescript-eslint/commit/5c1a1592ccb21868ddff8543988125af0219f831"><code>5c1a159</code></a>
feat(typescript-eslint): export util types (close <a
href="https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint/issues/10848">#10848</a>)
(<a
href="https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint/issues/10849">#10849</a>)</li>
<li>See full diff in <a
href="https://github.com/typescript-eslint/typescript-eslint/commits/v8.46.0/packages/typescript-eslint">compare
view</a></li>
</ul>
</details>
<br />

Updates `@astrojs/mdx` from 4.3.6 to 4.3.7
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/withastro/astro/releases"><code>@​astrojs/mdx</code>'s
releases</a>.</em></p>
<blockquote>
<h2><code>@​astrojs/mdx</code><a
href="https://github.com/4"><code>@​4</code></a>.3.7</h2>
<h3>Patch Changes</h3>
<ul>
<li>Updated dependencies []:
<ul>
<li><code>@​astrojs/markdown-remark</code><a
href="https://github.com/6"><code>@​6</code></a>.3.8</li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/withastro/astro/blob/main/packages/integrations/mdx/CHANGELOG.md"><code>@​astrojs/mdx</code>'s
changelog</a>.</em></p>
<blockquote>
<h2>4.3.7</h2>
<h3>Patch Changes</h3>
<ul>
<li>Updated dependencies []:
<ul>
<li><code>@​astrojs/markdown-remark</code><a
href="https://github.com/6"><code>@​6</code></a>.3.8</li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/withastro/astro/commit/3bb14b7dbbc236f55096631401703a290321031e"><code>3bb14b7</code></a>
[ci] release (<a
href="https://github.com/withastro/astro/tree/HEAD/packages/integrations/mdx/issues/14466">#14466</a>)</li>
<li>See full diff in <a
href="https://github.com/withastro/astro/commits/@astrojs/[email protected]/packages/integrations/mdx">compare
view</a></li>
</ul>
</details>
<br />

Updates `asciinema-player` from 3.11.0 to 3.12.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/asciinema/asciinema-player/releases">asciinema-player's
releases</a>.</em></p>
<blockquote>
<h2>3.12.1</h2>
<p>This version includes additional fix for seeking past the end of
recording and restarting the playback.</p>
<h2>3.12.0</h2>
<p>Notable changes:</p>
<ul>
<li>Live audio stream support for WebSocket sources (see below)</li>
<li>Improved adaptive buffer algorithm for WebSocket sources (see
below)</li>
<li>Fixed keyboard shortcuts issue (stopped working) caused by the new
mute/unmute icon</li>
<li>Fixed seeking after playback ended (<a
href="https://redirect.github.com/asciinema/asciinema-player/issues/282">#282</a>)</li>
</ul>
<h2>Live audio playback</h2>
<p>The <code>audioUrl</code> option, introduced in v3.11, can now also
be used with live (WebSocket) sources:</p>
<pre
lang="javascript"><code>AsciinemaPlayer.create(&quot;ws://example.com/ws/stream&quot;,
document.getElementById(&quot;demo&quot;), {
  audioUrl: &quot;http://example.com/icecast/stream.ogg&quot;
});
</code></pre>
<p>The URL should be a live audio source - either a direct HTTP audio
stream (.mp3, .aac, .ogg, etc) such as Icecast/Shoutcast endpoint, or
HLS playlist (.m3u8).</p>
<p>Note that it's not recommended to use <code>autoplay: true</code>
option together with <code>audioUrl</code> - browsers often require
explicit user activity (click, tap) to enable sound, which in the
player's case would be starting the playback by clicking on the play
button. Without user click the <code>autoplay</code> will start the
playback but the sound likely won't be there.</p>
<p>Also, for the audio playback to work a server that handles the audio
URL (e.g. Icecast) must be configured to allow CORS requests from the
page (URL) that hosts the player.</p>
<h2>New adaptive buffering</h2>
<p>The WebSocket driver uses adaptive buffer (expressed in time) to
ensure smooth, stutter free playback of live sessions with minimal
latency.</p>
<p>The previous algorithm used a moving average over a sliding window of
N recent latencies. It did ok-ish job, but given the sparse nature of
the event stream (no constant rate) it turned out to be not ideal.
Here's how it performed. Red dots are measured latencies, green line is
effective buffer time:</p>
<!-- raw HTML omitted -->
<p>The new algorithm uses time based EMA (exponential moving average),
which is much more relevant for sparse events, resulting in more stable
and overall lower buffer size when applied to a wide spectrum of
terminal activities (here applied to the same input latencies as the one
above):</p>
<!-- raw HTML omitted -->
<h2>3.11.1</h2>
<p>This release brings additional fixes for audio loading in Safari.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/asciinema/asciinema-player/commit/1072fee2fe7a6e4ab5b96103edd552ccc7306fbd"><code>1072fee</code></a>
Bump version</li>
<li><a
href="https://github.com/asciinema/asciinema-player/commit/db715d06ef2be8ac3fe7a9a5bf63f1c50ee0d30f"><code>db715d0</code></a>
Fix replay after double seek-forward at the end of the recording</li>
<li><a
href="https://github.com/asciinema/asciinema-player/commit/ca8fe039d58fed7bbc2ad5707cf43c2a472b251d"><code>ca8fe03</code></a>
Update links to the latest asciicast format version</li>
<li><a
href="https://github.com/asciinema/asciinema-player/commit/984db33884b2368775c498ff913eea16e141cff3"><code>984db33</code></a>
Bump version</li>
<li><a
href="https://github.com/asciinema/asciinema-player/commit/45e02fa238f55979c57fb6aea98faef7f8cf86da"><code>45e02fa</code></a>
Fix seeking after playback ended</li>
<li><a
href="https://github.com/asciinema/asciinema-player/commit/2fe3da79dae25a3e2c212e4ead56e5983b865626"><code>2fe3da7</code></a>
Improve adaptive buffer time algorithm</li>
<li><a
href="https://github.com/asciinema/asciinema-player/commit/589cd52f02372c667b1e537a211be8cb8867e5b5"><code>589cd52</code></a>
Fix keyboard focus issue caused by the mute/unmute icon</li>
<li><a
href="https://github.com/asciinema/asciinema-player/commit/d00a897e2cfee79648ab5fa6dd97ba250fcac788"><code>d00a897</code></a>
Audio support for Websocket driver</li>
<li><a
href="https://github.com/asciinema/asciinema-player/commit/44d97ac4a9e61ac3de897b6a0d2a47eab20bd0e5"><code>44d97ac</code></a>
Whitespace</li>
<li><a
href="https://github.com/asciinema/asciinema-player/commit/8c2218133019028bb7975cad459e2cf90d37ae53"><code>8c22181</code></a>
Add test for player initialization and playback start</li>
<li>Additional commits viewable in <a
href="https://github.com/asciinema/asciinema-player/compare/v3.11.0...v3.12.1">compare
view</a></li>
</ul>
</details>
<br />

Updates `astro` from 5.14.1 to 5.14.4
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/withastro/astro/releases">astro's
releases</a>.</em></p>
<blockquote>
<h2>[email protected]</h2>
<h3>Patch Changes</h3>
<ul>
<li><a
href="https://redirect.github.com/withastro/astro/pull/14509">#14509</a>
<a
href="https://github.com/withastro/astro/commit/7e04caf9a4a75c75f06c4207fae601a5fd251735"><code>7e04caf</code></a>
Thanks <a
href="https://github.com/ArmandPhilippot"><code>@​ArmandPhilippot</code></a>!
- Fixes an error in the docs that specified an incorrect version for the
<code>security.allowedDomains</code> release.</li>
</ul>
<h2>[email protected]</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/withastro/astro/pull/14505">#14505</a>
<a
href="https://github.com/withastro/astro/commit/28b2a1db4f3f265632f280b0dbc4c5f241c387e2"><code>28b2a1d</code></a>
Thanks <a
href="https://github.com/matthewp"><code>@​matthewp</code></a>! - Fixes
<code>Cannot set property manifest</code> error in test utilities by
adding a protected setter for the manifest property</p>
</li>
<li>
<p><a
href="https://redirect.github.com/withastro/astro/pull/14235">#14235</a>
<a
href="https://github.com/withastro/astro/commit/c4d84bb654c9a5064b243e971c3b5b280e2b3791"><code>c4d84bb</code></a>
Thanks <a href="https://github.com/toxeeec"><code>@​toxeeec</code></a>!
- Fixes a bug where the &quot;tap&quot; prefetch strategy worked only on
the first clicked link with view transitions enabled</p>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/withastro/astro/blob/main/packages/astro/CHANGELOG.md">astro's
changelog</a>.</em></p>
<blockquote>
<h2>5.14.4</h2>
<h3>Patch Changes</h3>
<ul>
<li><a
href="https://redirect.github.com/withastro/astro/pull/14509">#14509</a>
<a
href="https://github.com/withastro/astro/commit/7e04caf9a4a75c75f06c4207fae601a5fd251735"><code>7e04caf</code></a>
Thanks <a
href="https://github.com/ArmandPhilippot"><code>@​ArmandPhilippot</code></a>!
- Fixes an error in the docs that specified an incorrect version for the
<code>security.allowedDomains</code> release.</li>
</ul>
<h2>5.14.3</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/withastro/astro/pull/14505">#14505</a>
<a
href="https://github.com/withastro/astro/commit/28b2a1db4f3f265632f280b0dbc4c5f241c387e2"><code>28b2a1d</code></a>
Thanks <a
href="https://github.com/matthewp"><code>@​matthewp</code></a>! - Fixes
<code>Cannot set property manifest</code> error in test utilities by
adding a protected setter for the manifest property</p>
</li>
<li>
<p><a
href="https://redirect.github.com/withastro/astro/pull/14235">#14235</a>
<a
href="https://github.com/withastro/astro/commit/c4d84bb654c9a5064b243e971c3b5b280e2b3791"><code>c4d84bb</code></a>
Thanks <a href="https://github.com/toxeeec"><code>@​toxeeec</code></a>!
- Fixes a bug where the &quot;tap&quot; prefetch strategy worked only on
the first clicked link with view transitions enabled</p>
</li>
</ul>
<h2>5.14.2</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/withastro/astro/pull/14459">#14459</a>
<a
href="https://github.com/withastro/astro/commit/916f9c2e094f19562cfe722ca0a5fafb0f313c2e"><code>916f9c2</code></a>
Thanks <a
href="https://github.com/florian-lefebvre"><code>@​florian-lefebvre</code></a>!
- Improves font files URLs in development when using the experimental
fonts API by showing the subset if present</p>
</li>
<li>
<p><a
href="https://github.com/withastro/astro/commit/b8ca69b97149becefaf89bf21853de9c905cdbb7"><code>b8ca69b</code></a>
Thanks <a
href="https://github.com/ascorbic"><code>@​ascorbic</code></a>! - Aligns
dev image server file base with Vite rules</p>
</li>
<li>
<p><a
href="https://redirect.github.com/withastro/astro/pull/14469">#14469</a>
<a
href="https://github.com/withastro/astro/commit/1c090b00c1f5c3d8e938ac873fc63ab2f1ae37f1"><code>1c090b0</code></a>
Thanks <a href="https://github.com/delucis"><code>@​delucis</code></a>!
- Updates <code>tinyexec</code> dependency</p>
</li>
<li>
<p><a
href="https://redirect.github.com/withastro/astro/pull/14460">#14460</a>
<a
href="https://github.com/withastro/astro/commit/008dc75d860eadbb394e86dac68c7f4962e40489"><code>008dc75</code></a>
Thanks <a
href="https://github.com/florian-lefebvre"><code>@​florian-lefebvre</code></a>!
- Fixes a case where <code>astro:config/server</code> values typed as
URLs would be serialized as strings</p>
</li>
<li>
<p><a
href="https://redirect.github.com/withastro/astro/pull/13730">#13730</a>
<a
href="https://github.com/withastro/astro/commit/72603676818d1c433ac2751843a8a9b0cc9b48c9"><code>7260367</code></a>
Thanks <a
href="https://github.com/razonyang"><code>@​razonyang</code></a>! -
Fixes a bug in i18n, where Astro caused an infinite loop when a locale
that doesn't have an index, and Astro falls back to the index of the
default locale.</p>
</li>
<li>
<p><a
href="https://github.com/withastro/astro/commit/6ee63bfac4856f21b4d4633021b3d2ee059e553f"><code>6ee63bf</code></a>
Thanks <a
href="https://github.com/matthewp"><code>@​matthewp</code></a>! - Adds
<code>security.allowedDomains</code> configuration to validate
<code>X-Forwarded-Host</code> headers in SSR</p>
<p>The <code>X-Forwarded-Host</code> header will now only be trusted if
it matches one of the configured allowed host patterns. This prevents <a
href="https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/07-Input_Validation_Testing/17-Testing_for_Host_Header_Injection">host
header injection attacks</a> that can lead to cache poisoning and other
security vulnerabilities.</p>
<p>Configure allowed host patterns to enable
<code>X-Forwarded-Host</code> support:</p>
<pre lang="js"><code>// astro.config.mjs
export default defineConfig({
  output: 'server',
  adapter: node(),
  security: {
    allowedDomains: [
      { hostname: 'example.com' },
      { hostname: '*.example.com' },
      { hostname: 'cdn.example.com', port: '443' },
    ],
  },
});
</code></pre>
<p>The patterns support wildcards (<code>*</code> and <code>**</code>)
for flexible hostname matching and can optionally specify protocol and
port.</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/withastro/astro/commit/3412859d37b3282a967278eba86f22cdb373eac7"><code>3412859</code></a>
[ci] release (<a
href="https://github.com/withastro/astro/tree/HEAD/packages/astro/issues/14510">#14510</a>)</li>
<li><a
href="https://github.com/withastro/astro/commit/7e04caf9a4a75c75f06c4207fae601a5fd251735"><code>7e04caf</code></a>
docs: fix <code>security.allowedDomains</code> version (<a
href="https://github.com/withastro/astro/tree/HEAD/packages/astro/issues/14509">#14509</a>)</li>
<li><a
href="https://github.com/withastro/astro/commit/fe1d35cc950b16a6462102b98b48753d27395e03"><code>fe1d35c</code></a>
[ci] release (<a
href="https://github.com/withastro/astro/tree/HEAD/packages/astro/issues/14507">#14507</a>)</li>
<li><a
href="https://github.com/withastro/astro/commit/7926882013c2f493aeb2fe9b162e515e65e68e81"><code>7926882</code></a>
[ci] format</li>
<li><a
href="https://github.com/withastro/astro/commit/c4d84bb654c9a5064b243e971c3b5b280e2b3791"><code>c4d84bb</code></a>
fix(prefetch): Fix &quot;tap&quot; prefetch strategy when view
transitions are enabled ...</li>
<li><a
href="https://github.com/withastro/astro/commit/3bb14b7dbbc236f55096631401703a290321031e"><code>3bb14b7</code></a>
[ci] release (<a
href="https://github.com/withastro/astro/tree/HEAD/packages/astro/issues/14466">#14466</a>)</li>
<li><a
href="https://github.com/withastro/astro/commit/7a5aafff7b6d424164bf76d25c231d8860a26e25"><code>7a5aaff</code></a>
[ci] format</li>
<li><a
href="https://github.com/withastro/astro/commit/28b2a1db4f3f265632f280b0dbc4c5f241c387e2"><code>28b2a1d</code></a>
Fix failing x-forwarded-host tests (<a
href="https://github.com/withastro/astro/tree/HEAD/packages/astro/issues/14505">#14505</a>)</li>
<li><a
href="https://github.com/withastro/astro/commit/ec307b02e3e866fa53ea6715b5f6f05dbb323953"><code>ec307b0</code></a>
[ci] format</li>
<li><a
href="https://github.com/withastro/astro/commit/6ee63bfac4856f21b4d4633021b3d2ee059e553f"><code>6ee63bf</code></a>
Merge commit from fork</li>
<li>Additional commits viewable in <a
href="https://github.com/withastro/astro/commits/[email protected]/packages/astro">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Author: dependabot[bot]

core/package.json

@@ -13,16 +13,16 @@
     "linkcheck:full": "linkchecker http://localhost:4321"
   },
   "dependencies": {
-    "@astrojs/mdx": "^4.3.6",
+    "@astrojs/mdx": "^4.3.7",
     "@astrojs/rss": "^4.0.12",
     "@astrojs/sitemap": "^3.6.0",
     "@fontsource-variable/fira-code": "^5.2.7",
     "@fontsource-variable/overpass": "^5.2.8",
     "@fontsource-variable/roboto-flex": "^5.2.8",
     "@tailwindcss/vite": "^4.1.14",
     "@xmldom/xmldom": "^0.9.8",
-    "asciinema-player": "^3.11.0",
-    "astro": "^5.14.1",
+    "asciinema-player": "^3.12.1",
+    "astro": "^5.14.4",
     "astro-favicons": "^3.1.5",
     "astro-icon": "^1.1.5",
     "astro-seo": "^0.8.4",