Update dependency preact to v10.28.3

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence
preact (source)	10.19.2 → 10.28.3

---

Release Notes

preactjs/preact (preact)

v10.28.3

Compare Source

Fixes

• Avoid scheduling suspense state udpates (#​5006, thanks @​JoviDeCroock)
• Resolve some suspense crashes (#​4999, thanks @​JoviDeCroock)
• Support inheriting namespace through portals (#​4993, thanks @​JoviDeCroock)

Maintenance

• Update test with addition of _original (#​4989, thanks @​JoviDeCroock)

v10.28.2

Compare Source

Fixes

• Enforce strict equality for VNode object constructors

v10.28.1

Compare Source

Fixes

• Fix erroneous diffing w/ growing list (#​4975, thanks @​JoviDeCroock)

v10.28.0

Compare Source

Types

• Updates dangerouslySetInnerHTML type so future TS will accept Trusted… (#​4931, thanks @​lukewarlow)
• Adds snap events (#​4947, thanks @​argyleink)
• Remove missed jsx duplicates (#​4950, thanks @​rschristian)
• Fix scroll events (#​4949, thanks @​rschristian)

Fixes

• Fix cascading renders with signals (#​4966, thanks @​JoviDeCroock)
• add commpat/server.browser entry (#​4941 & #​4940, thanks @​marvinhagemeister)
• Avoid lazy components without result going in throw loop (#​4937, thanks @​JoviDeCroock)

Performance

• Backport some v11 optimizations (#​4967, thanks @​JoviDeCroock)

v10.27.3

Compare Source

Fixes

• Enforce strict equality for VNode object constructors

v10.27.2

Compare Source

Types

• Mirror non-JSX types to the 'preact' namespace (#​4904, thanks @​rschristian)

Fixes

• Address memory leak (#​4906, thanks @​JoviDeCroock)

v10.27.1

Compare Source

Performance

• Avoid re-inserting children during bailout (#​4890, thanks @​vasylenkoval)

Types

• add missing React.Key (#​4864, thanks @​shyguy1412)
• make React.SVGAttributes generic (#​4863, thanks @​shyguy1412)

Fixes

• Add .render property referencing original render function (#​4870, thanks @​upupming)
• Add .type property referencing original component (#​4869, thanks @​upupming)

Maintenance

• Fix benchmarks for v10.x (#​4891, thanks @​rschristian)
• Correct contributing docs (#​4861, thanks @​JoviDeCroock)

v10.27.0

Compare Source

Features

• Update refcallback type to reflect possibility of returning cleanup function and add debug helper exports (#​4860, thanks @​rschristian)
  • Backport of #​4830 and #​4801

Fixes

• Ensure we rerender after a suspensefully hydrating boundary throws an… (#​4856, thanks @​JoviDeCroock)

Maintenance

• Update 'replaceNode' deprecation comment to point at new shim (#​4844, thanks @​rschristian)
• Reduce some repeated logic (#​4814) (#​4821, thanks @​JoviDeCroock)

v10.26.10

Compare Source

Fixes

• Enforce strict equality for VNode object constructors

v10.26.9

Compare Source

Fixes

• Export test-utils from compat by @​rawrmonstar in #​4783
• Escape style object value in precompile transform by @​marvinhagemeister in #​4795
• Fix signal attribute values not working with precompile transform by @​marvinhagemeister in #​4798

Maintenance

• Bump browserslist by @​rschristian in #​4785
• Avoid caching so file-saves work first try by @​JoviDeCroock in #​4786
• Make previous benchmark results not required by @​marvinhagemeister in #​4796
• Point release workflow to 10.x by @​marvinhagemeister in #​4797

v10.26.8

Compare Source

Fixes

• Fix defaultProps applying on null values (#​4775, thanks @​JoviDeCroock)

v10.26.7

Compare Source

Types

• Add name to <details> (#​4766, thanks @​marvinhagemeister)

Improvements

• Reduce raf timeout to 35ms (#​4750, thanks @​JoviDeCroock)
• Only one toLowerCase invoke during props diffing (#​4764, thanks @​JoviDeCroock)
• Golf some portal bytes (#​4763, thanks @​JoviDeCroock)

Maintenance

• Add node prefix + script string args for deno compatability in demo (#​4759, thanks @​marvinhagemeister)

v10.26.6

Compare Source

Fixes

• Ensure useId works in portals (#​4752, thanks @​JoviDeCroock)

Types

• Change HTMLMediaElement.controlsList type to string (DOMTokenList) (#​4744, thanks @​piotr-cz)

Maintenance

• Switch testing from karma to vitest (#​4687, thanks @​JoviDeCroock)
• Dedupe preact in vitest setup (#​4702, thanks @​sheremet-va)

v10.26.5

Compare Source

Types

• Return 'AllHTMLAttributes' to manually including all attrs (#​4728, thanks @​rschristian)
• Correct hydrateRoot return type (#​4735, thanks @​plesiecki)
• Update CommandEventHandler type to use EventHandler (#​4740, thanks @​robertknight)

Fixes

• Avoid cloning reused nodes (#​4733, thanks @​JoviDeCroock)
• Bring back strict-equality bailout for children even w/ context updates (#​4724, thanks @​rschristian)
• Effect in memoed boundary should be re-executed when the lazy boundary resolves (#​4711, thanks @​CaptainWang98)

Maintenance

• Add case for context w/ strictly-equal children (#​4725, thanks @​rschristian)
• Golf down unnecessary strict equality checks (#​4723, thanks @​rschristian)

v10.26.4

Compare Source

Fixes

• Address context fragments issue (#​4717, thanks @​JoviDeCroock)

v10.26.3

Compare Source

Fixes

• Keyed nullish placeholders cause re-mounts (#​4700, thanks @​JoviDeCroock)

Types

• Add command invoker types (#​4692, thanks @​lukewarlow)
• Flesh out HTMLMediaElement types (#​4705, thanks @​rschristian)
• Add onBeforeToggle event handler type (#​4694, thanks @​lukewarlow)
• Add dialog closedby types (#​4693, thanks @​lukewarlow)
• Add fetchPriority to img (#​4713, thanks @​JoviDeCroock)
• Refactor AllHTMLAttributes interface (#​4706, thanks @​rschristian)

Maintenance

• Remove console log in debug package (#​4709, thanks @​rschristian)
• Remove unused deps (#​4707, thanks @​JoviDeCroock)
• Fix mocha in Node v22+ (#​4701, thanks @​rschristian)
• Fix TS lang server support in our .d.ts files (#​4698, thanks @​rschristian)

v10.26.2

Compare Source

This is a hotfix release! If you are encountering bundling issues with regards to unallowed import syntax, this will fix it!

Fixes

• Remove pkg type (#​4689, thanks @​rschristian)

Maintenance

• Skip benches during release workflows (#​4686, thanks @​rschristian)

v10.26.1

Compare Source

Fixes

• Fixes memory leak when wrapping Fragment is captured by an effect closure (#​4680, thanks @​JoviDeCroock)

Optimization

• Created NULL constant (#​4682, thanks @​Ben-Brady)

Maintenance

• Simplify compat build script (#​4677, thanks @​rschristian)
• Add renderToReadableStream export (#​4678, thanks @​JoviDeCroock)
• Fix mocha in Node v22+ (#​4629, thanks @​rschristian)

v10.26.0

Compare Source

Features

• Support the template tag (#​4639, thanks @​JoviDeCroock)
• Allow for Context as JSX (#​4618, thanks @​JoviDeCroock)

Fixes

• Typo in _hasScuFromHooks mangle (#​4645, thanks @​rschristian)
• Switch _contextRef and _id (#​4632, thanks @​JoviDeCroock)
• Add hasScuFromHooks to mangle (#​4627, thanks @​JoviDeCroock)
• Ref unmount imperative handle (#​4625, thanks @​JoviDeCroock)

Types

• Correct HTMLProps to extend all known props (#​4651, thanks @​rschristian)
• Fix ComponentProps type (#​4634, thanks @​rschristian)
• Remove generic aria role from types (#​4610, thanks @​rschristian)
• Add FowardRefRenderFunction type to compat (#​4675, thanks @​rschristian)
• Expose EventHandler from compat (#​4674, thanks @​rschristian)
• Expose AriaAttributes from compat (#​4673, thanks @​rschristian)
• Add auxClick event types (#​4672, thanks @​rschristian)

Maintenance

• Silence Karma warning over node:stream from RTS (#​4660, thanks @​rschristian)
• Fix path filter in reporter workflow (#​4654, thanks @​rschristian)
• Fix path filter in PR Reporter action (#​4644, thanks @​rschristian)
• Run PR Reporter even against PRs from forks (#​4643, thanks @​rschristian)
• Update http:// links to https:// (#​4638, thanks @​jviide)
• Refactor component.js process() (#​4637, thanks @​jviide)

v10.25.4

Compare Source

Types

• Incorrect onToggle event type (#​4615, thanks @​rschristian)

Fixes

• Support multiple synchronous timings for act (#​4619, thanks @​rock-57blocks)

v10.25.3

Compare Source

Fixes

• Wrap hydration debug message node types in quotes (#​4609, thanks @​rschristian)
• Revert "Improve performance and reduce memory allocation" (#​4611, thanks @​JoviDeCroock)

Types

• Add default event target types for HTML attribute interfaces (#​4606, thanks @​rschristian)

v10.25.2

Compare Source

Notable

Revert unkeyed no-search (#​4604, thanks @​JoviDeCroock)

We noticed that there's a few unpleasant scenario's that could form from this change, we wanted to be on the safe side here and revert this for the time being. if you run into issues with swapping components placement wise in a list use the key property.

Fixes

• Add missing space in hydration mismatch message (#​4602, thanks @​sirreal)

Types

• fix max and min type definition to allow number (#​4598, thanks @​devlux)

Performance

• Use == where possible and precompute .length (#​4599, thanks @​JoviDeCroock)
• Check preallocate new children array perf (#​4595, thanks @​JoviDeCroock)

Maintenance

• Replace npm-run-all and lint-staged (#​4600, thanks @​JoviDeCroock)
• Remove benches folder (#​4592, thanks @​JoviDeCroock)
• Dependency maintenance (#​4594, thanks @​JoviDeCroock)

v10.25.1

Compare Source

Fixes

• Revert handle event (#​4584, thanks @​JoviDeCroock) we had to revert this due to an inherent type incompatibility, apologies for missing this!
• Fix portal children ordering (#​4573, thanks @​JoviDeCroock)
• Handle errors during hydration (#​4563, thanks @​JoviDeCroock)

Types

• Ensure resolution of core types goes through typesVersions resolution (#​4576, thanks @​rschristian)
• Correct defaultValue property types for inputs, selects, & textareas (#​4585, thanks @​rschristian)
• Add missing SVG type attribute (#​4582, thanks @​rschristian)
• createElement & h types (#​4578, thanks @​rschristian)
• href & hreflang attribute types (#​4575, thanks @​rschristian)
• Mark datetime on <del> as optional (#​4570, thanks @​marvinhagemeister)
• max and min properties on input element types (#​4568, thanks @​rschristian)
• Add missing ElementRef type to compat (#​4557, thanks @​rschristian)

Maintenance

• Correct some internal test types (#​4588, thanks @​rschristian)
• Reduce byte-size by reducing bit-flag size (#​4586, thanks @​JoviDeCroock)
• Remove declare global from internal types (#​4583, thanks @​rschristian)
• Move some frequently used things to constants (#​4579, thanks @​JoviDeCroock)
• Remove _nextDom usage (#​4553, thanks @​JoviDeCroock)

v10.25.0

Compare Source

Features

Move per-element type interfaces into core and more strictly type IntrinsicElements (#​4546, thanks @​rschristian)

This adds per-element typings for every DOM-node type, this means that our types might become slightly stricter when you are using DOM attributes/properties where they are not allowed, an example of this might be <div src="x" />.

If you notice any issues when upgrading tell us about them, we can evaluate whether we have missed a case.

Recreate unkeyed functional components when they change position. (#​4550, thanks @​JoviDeCroock)

This is a long time bugfix, when we have elements that look like

return (
	{condition ? <Element /> : null}
	{condition ? null : <Element />
)

We would reuse the state of the first VNode to render the second one when the condition switches. When you are using key, this issue was not present.

Support { handleEvent() {} } object interface as a listener (#​4538, thanks @​lilnasy)

We've added support for attaching object/class event-handlers

let handler = {
	onclick,
	handleEvent() {
		this.onclick()
	}
}

<div onClick={handler} />

Fixes

• Ensure state updates work in signals (#​4560, thanks @​JoviDeCroock)
• Ensure SVGAttributes includes height & width (#​4556, thanks @​rschristian)
• Fork types for TS 5.1 and beyond (#​4548, thanks @​JoviDeCroock)
• Re-add missing properties & property casings (#​4554, thanks @​rschristian)
• Ensure we unwrap custom .then() (#​4547, thanks @​JoviDeCroock)
• Fix error message when nesting invalid elements within <p> tags (#​4534, thanks @​jubalm)

Maintenance

• Try constant for undefined (#​4552, thanks @​JoviDeCroock)
• Fix demo (#​4551, thanks @​JoviDeCroock)
• Use Signalish helper to reduce verbosity (#​4545, thanks @​rschristian)
• Re-export ErrorInfo type (#​4541, thanks @​jose-torres-marin)
• Skip PR reporter action on non-pull request triggers (#​4536, thanks @​rschristian)
• upgrade biome to 1.9.4 (#​4535, thanks @​unvalley)
• oxlint violation of react/iframe-missing-sandbox (#​4533, thanks @​DonIsaac)

v10.24.3

Compare Source

Fixes

• We should not always set to hydration when suspending (#​4529, thanks @​JoviDeCroock)
• refactor: Warn on NaN in dep arrays instead of throwing (#​4527, thanks @​rschristian)

Performance

• Context consumer unmounting perf (#​4526, thanks @​JoviDeCroock)

Maintenance

• ci: Fix PR reporter (#​4531, thanks @​rschristian)
• ci: Remove saucelabs (#​4530, thanks @​rschristian)
• ci: Ensure paths-filter action works on push events (#​4528, thanks @​rschristian)
• ci: Unify workflows into singular pipeline (#​4520, thanks @​rschristian)

v10.24.2

Compare Source

Performance

• Improve performance and reduce memory allocation (#​4521, thanks @​JoviDeCroock)

Types

• Re-export types for events and event handlers (#​4512, thanks @​jose-torres-marin)

Maintenance

• Merge upload actions to fix usage in v4 (#​4515, thanks @​rschristian)
• Update Tachometer reporter glob to support subdirs (#​4519, thanks @​rschristian)
• Fix download artifact regexp (#​4517, thanks @​rschristian)
• Switch to regexp for download-artifact action (#​4516, thanks @​rschristian)
• Bump upload/download-artifact action versions (#​4511, thanks @​rschristian)

v10.24.1

Compare Source

Fixes

• Prevent debug crash when analyzing hydration mismatches (#​4507, thanks @​JoviDeCroock)

Types

• Correct some missing & incorrect SVG types (#​4505, thanks @​rschristian)
• Remove incorrect spellCheck type (#​4497, thanks @​rschristian)
• React props with children didn't allow for multiple children (#​4493, thanks @​hesxenon)

Maintenance

• Bump to oxlint v0.9.6 (#​4503, thanks @​Boshen)

v10.24.0

Compare Source

Features

• Warn our user for hydration mismatches (#​4490, thanks @​JoviDeCroock)

Fixes

• Avoid setting value for progress with nullish value (#​4492, thanks @​JoviDeCroock)
• Fix skewedIndex becoming outrageously big and document tradeoffs of our decisions (#​4483, thanks @​JoviDeCroock)

Types

• AnyComponent type to support classes (#​4479, thanks @​rschristian)

Maintenance

• Fix typo in comment (#​4494, thanks @​rburgst)
• Update fake compat version (#​4488, thanks @​rschristian)
• Remove impossible branch (#​4491, thanks @​JoviDeCroock)
• Golf down diffChildren (#​4485, thanks @​JoviDeCroock)
• Get rid of eager unmounting (#​4484, thanks @​JoviDeCroock)

v10.23.2

Compare Source

Fixes

• Fix shifting VNode children to the front (#​4472, thanks @​JoviDeCroock)

Types

• Add TypeScript support for Container.contains (#​4471, thanks @​sjoerdmulder)
• Add AriaRole types export (#​4466, thanks @​kuronijin)

Maintenance

• Bump to oxlint v0.7.0 (#​4469, thanks @​Boshen)
• General performance improvements for folks using compat (#​4459, thanks @​JoviDeCroock)
• Prepare for no-unused-vars (#​4462, thanks @​DonIsaac)

v10.23.1

Compare Source

Fixes

• Fix debug-issue in testing libraries where there might not be a DOM node (#​4454, thanks @​JoviDeCroock)

v10.23.0

Compare Source

Features

• Support ref cleanup functions (#​4436, thanks @​marvinhagemeister)

This adds support for returning a function in functional refs, example

<input
  ref={(ref) => {
    // Assign ref, do something with it
    return () => {
      // ref cleanup, when the element unmounts
      // we run the cleanup
    };
  }}
/>

Fixes

• Child-diffing should shift keyed fragmented lists (#​4448, thanks @​JoviDeCroock)
• Invalid DOM check not firing when p/a/button have a parent (#​4449, thanks @​JoviDeCroock)
• Support comments for streaming renders (#​4446, thanks @​JoviDeCroock)
• Import renderToPipeableStream in server.mjs for re-exporting (#​4440, thanks @​3846masa)

Types

• Add missing types ElementType and ComponentPropsWithoutRef (#​4433, thanks @​hamza0867)
• Add html attributes types #​4099 (#​4100, thanks @​samsam-ahmadi)

Maintenance

• Dependency maintenance (#​4431, thanks @​JoviDeCroock)
• Fix coveralls reporting on PRs (#​4430, thanks @​JoviDeCroock)

v10.22.1

Compare Source

Fixes

• Only check is connected for dom nodes (#​4409, thanks @​JoviDeCroock)
• Prevent useMemo from being too lazy with repeated renders (#​4426, thanks @​JoviDeCroock)
• Replace isConnected with parentDom.contains (#​4421, thanks @​JoviDeCroock)
• Graciously handle array shuffling (#​4413, thanks @​JoviDeCroock)
• Support popover boolean attribute (#​4393, thanks @​JoviDeCroock)

Types

• Improve React compatibility for Ref type. (#​4403, thanks @​maxbrieiev)
• Expose stream render from preact-render-to-string (#​4395, thanks @​Austaras)

Maintenance

• Prefer globalThis over window if available (#​4401, thanks @​marvinhagemeister)
• Bump lockfile version to v3 (#​4398, thanks @​rschristian)

Performance

• Improve perf by skipping some lifecycle hooks for perf (#​4366, thanks @​JoviDeCroock)
• Create hot path for unmounting a tree of context (#​4396, thanks @​JoviDeCroock)
• Migrate husky v9 (#​4390, thanks @​castrogarciajs)
• Migrate to oxlint (#​4387, thanks @​JoviDeCroock)
• Migrate to biome (#​4386, thanks @​JoviDeCroock)

v10.22.0

Compare Source

Features

• Support MathML namespace (#​4364, thanks @​rschristian)

Types

• Add popover types (#​4378, thanks @​rschristian)

Maintenance

• Skip running compressed-size builds twice (#​4377, thanks @​rschristian)
• Test types and warnings (#​4369, thanks @​rschristian)
• Bump compressed-size-action (#​4368, thanks @​rschristian)

Fixes

• Allow the same component to render many times across different phases (#​4382, thanks @​JoviDeCroock)
• Provide error for illegal nesting of <button> and <a> (#​4376, thanks @​rschristian)
• Disallow <tr> as a child of <table> (#​4375, thanks @​rschristian)
• Change syntax in compat/client for IE11 support (#​4372, thanks @​rschristian)

v10.21.0

Compare Source

Features

• Debug throw on too many rerenders (#​4349, thanks @​rschristian)
• Add compat/client types (#​4345, thanks @​rschristian)

Fixes

• Expose hooks through compat's ReactCurrentDispatcher (#​4342, thanks @​rschristian)
• Respect default value (#​4341, thanks @​JoviDeCroock)
• Incorrect "missing transform-jsx-source" warning (#​4350, thanks @​rschristian)

Types

• Support ComponentChild(ren) in compat render/hydrate/createPortal (#​4346, thanks @​rschristian)
• Import and re-export PreactElement (#​3228, thanks @​henryqdineen)

Maintenance

• Add zustand and redux-toolkit to the demo. (#​3523, thanks @​MortezaMirjavadi)
• Optimise jsx runtime (#​4337, thanks @​JoviDeCroock)

v10.20.2

Compare Source

Fixes

• Check whether oldDom is present in the DOM (#​4318, thanks @​JoviDeCroock)
• Simplify the logic introduced in #​4322 & use eventClock for capture events too (#​4324, thanks @​jviide)
• Use a virtual clock instead of Date.now() for event dispatch times (#​4322, thanks @​jviide)

Types

• Add template tag JSX type (#​4334, thanks @​marvinhagemeister)

Maintenance

• Integrate the new benchmarks repo and update (#​4310, thanks @​andrewiggins)
• Some byte improvements (#​4321, thanks @​JoviDeCroock)

v10.20.1

Compare Source

Fixes

• Add special case for focusIn and focusOut (#​4316, thanks @​JoviDeCroock)

v10.20.0

Compare Source

Features

• Add isMemo to compact to allow compatibility with react-is dependant libraries (#​4302, thanks @​ziongh)

Fixes

• Fix case where shrinking a list would cause an exception (#​4312, thanks @​JoviDeCroock)

v10.19.7

Compare Source

Types

• Bring consistency to our focus-event types (#​4307, thanks @​JoviDeCroock)
• Add onScrollend listener type (#​4305, thanks @​JoviDeCroock)
• Align state updater type with Raeect (#​4306, thanks @​JoviDeCroock)

Fixes

• Revert batch commit callbacks from all components in the render queue (#​4297, thanks @​JoviDeCroock)

v10.19.6

Compare Source

tl;dr: This release contains bug fixes for incorrect ordering of unkeyed children.

Fixes

• Match null placeholders using skewed index (#​4290, thanks @​andrewiggins)
• Fix increment skew when we aren't removing the first pointer (#​4284, thanks @​JoviDeCroock)
• Fix invalid vnode internal id for text nodes (#​4291, thanks @​marvinhagemeister)
• Fix unkeyed reconciliation order in certain scenarios (#​4287, thanks @​marvinhagemeister, thanks @​JoviDeCroock)

Full Changelog: preactjs/preact@10.19.5...10.19.6

v10.19.5

Compare Source

Fixes

• Address scenario where we would crash when replacing a matched vnode with null (#​4281, thanks @​JoviDeCroock)
• Correctly restore _original (#​4280, thanks @​JoviDeCroock)
• Protect against nullish render (#​4278, thanks @​JoviDeCroock)
• Support setting translate through direct access (#​3800, thanks @​JoviDeCroock)

Types

• Add dpub aria 1.0 role JSX types (#​4276, thanks @​novari)

v10.19.4

Compare Source

Fixes

• event-listeners in safari 12.3 fix (#​4253, thanks @​JoviDeCroock)
• support passing context into pure component (#​4269, thanks @​JoviDeCroock)
• retain masks across render invocations (#​4245, thanks @​JoviDeCroock)
• skip comment nodes for placeChild (#​4128, thanks @​JoviDeCroock)
• ensure we are able to support capture events from compat (#​4243, thanks @​JoviDeCroock)
• batch commit callbacks from all components in the render queue (#​4234, thanks @​developit)

Types

• improve preact compat types adding a few missing @​types/react used by styled-components (#​4271, thanks @​jduthon)
• add ComponentType to preact/compat (#​4239, thanks @​ianobermiller)
• add missing contenteditable "inh

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[bolt-new-by-stackblitz]

Run & review this pull request in StackBlitz Codeflow.

[netlify]

❌ Deploy Preview for astro-docs failed.

Name	Link
🔨 Latest commit	3d21ad1
🔍 Latest deploy log	https://app.netlify.com/projects/astro-docs/deploys/6980caa9b348490008398b09

[netlify]

❌ Deploy Preview for advanced-astro-docs failed.

Name	Link
🔨 Latest commit	3d21ad1
🔍 Latest deploy log	https://app.netlify.com/projects/advanced-astro-docs/deploys/6980caa995ded70008b82b0c

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	preact@​10.19.2 ⏵ 10.28.3	+1		+1	+1

View full report

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Warn		Obfuscated code: npm vite is 91.0% likely obfuscated Confidence: 0.91 Location: Package overview From: pnpm-lock.yaml → npm/@astrojs/[email protected] → npm/@astrojs/[email protected] → npm/[email protected] ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report