build(deps): Bump the patch-minor group with 6 updates

[dependabot]

Bumps the patch-minor group with 6 updates:

Package	From	To
@astrojs/check	0.9.5	0.9.6
@astrojs/netlify	6.6.2	6.6.3
@types/react	19.2.6	19.2.7
astro	5.16.0	5.16.3
@biomejs/biome	2.3.7	2.3.8
@playwright/test	1.56.1	1.57.0

Updates @astrojs/check from 0.9.5 to 0.9.6

Release notes

Sourced from @​astrojs/check's releases.

@​astrojs/check@​0.9.6

Patch Changes

• #14740 abfed97 Thanks @​ArmandPhilippot! - Fixes link targets in documentation following repository relocation.

• Updated dependencies [abfed97]:

  • @​astrojs/language-server@​2.16.1

Changelog

Sourced from @​astrojs/check's changelog.

0.9.6

Patch Changes

• #14740 abfed97 Thanks @​ArmandPhilippot! - Fixes link targets in documentation following repository relocation.

• Updated dependencies [abfed97]:

  • @​astrojs/language-server@​2.16.1

Commits

• 7523a1f [ci] release (#14907)
• abfed97 fix: replace withastro/language-tools mentions (#14740)
• f3bc8b2 fix: binary path
• b35983b fix(check): make the binary work in dev mode
• 372b7c3 feat(language-tools): Match monorepo coding style and cleanup
• 820a866 Update from language-tools
• 474f300 fix: tsconfig
• See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​astrojs/check since your current version.

Updates @astrojs/netlify from 6.6.2 to 6.6.3

Release notes

Sourced from @​astrojs/netlify's releases.

@​astrojs/netlify@​6.6.3

Patch Changes

• #14807 c17767a Thanks @​jmgala! - Fixes a case where disabling the local image CDN wasn't possible

• Updated dependencies []:

  • @​astrojs/underscore-redirects@​1.0.0

Changelog

Sourced from @​astrojs/netlify's changelog.

6.6.3

Patch Changes

• #14807 c17767a Thanks @​jmgala! - Fixes a case where disabling the local image CDN wasn't possible

• Updated dependencies []:

  • @​astrojs/underscore-redirects@​1.0.0

Commits

• 09bbdbb [ci] release (#14845)
• c17767a allow turning the local Netlify Image CDN on/off in dev (#14807)
• 4db7902 fix(deps): update astro adapters (#14880)
• See full diff in compare view

Updates @types/react from 19.2.6 to 19.2.7

Commits

• See full diff in compare view

Updates astro from 5.16.0 to 5.16.3

Release notes

Sourced from astro's releases.

astro@5.16.3

Patch Changes

• #14889 4bceeb0 Thanks @​florian-lefebvre! - Fixes actions types when using specific TypeScript configurations

• #14929 e0f277d Thanks @​matthewp! - Fixes authentication bypass via double URL encoding in middleware

  Prevents attackers from bypassing path-based authentication checks using multi-level URL encoding (e.g., /%2561dmin instead of /%61dmin). Pathnames are now validated after decoding to ensure no additional encoding remains.

astro@5.16.2

Patch Changes

• #14876 b43dc7f Thanks @​florian-lefebvre! - Fixes a vite warning log during builds when using npm

• #14884 10273e0 Thanks @​florian-lefebvre! - Fixes a case where setting the status of a page to 404 in ssr would show an empty page (or 404.astro page if provided) instead of using the current page

astro@5.16.1

Patch Changes

• #14769 b43ee71 Thanks @​adriandlam! - Fixes an unhandled rejection issue when using Astro with Vercel Workflow DevKit

• #14761 345eb22 Thanks @​ooga! - Updates button attributes types to allow command and commandfor

• #14866 65e214b Thanks @​GameRoMan! - Fixes Astro.glob to be correctly marked as deprecated

• #14894 1ad9a5b Thanks @​delucis! - Fixes support for Astro component rendering in Vitest test suites using a “client” environment such as happy-dom or jsdom

• #14782 abed929 Thanks @​florian-lefebvre! - Improves syncing

Changelog

Sourced from astro's changelog.

5.16.3

Patch Changes

• #14889 4bceeb0 Thanks @​florian-lefebvre! - Fixes actions types when using specific TypeScript configurations

• #14929 e0f277d Thanks @​matthewp! - Fixes authentication bypass via double URL encoding in middleware

  Prevents attackers from bypassing path-based authentication checks using multi-level URL encoding (e.g., /%2561dmin instead of /%61dmin). Pathnames are now validated after decoding to ensure no additional encoding remains.

5.16.2

Patch Changes

• #14876 b43dc7f Thanks @​florian-lefebvre! - Fixes a vite warning log during builds when using npm

• #14884 10273e0 Thanks @​florian-lefebvre! - Fixes a case where setting the status of a page to 404 in ssr would show an empty page (or 404.astro page if provided) instead of using the current page

5.16.1

Patch Changes

• #14769 b43ee71 Thanks @​adriandlam! - Fixes an unhandled rejection issue when using Astro with Vercel Workflow DevKit

• #14761 345eb22 Thanks @​ooga! - Updates button attributes types to allow command and commandfor

• #14866 65e214b Thanks @​GameRoMan! - Fixes Astro.glob to be correctly marked as deprecated

• #14894 1ad9a5b Thanks @​delucis! - Fixes support for Astro component rendering in Vitest test suites using a “client” environment such as happy-dom or jsdom

• #14782 abed929 Thanks @​florian-lefebvre! - Improves syncing

Commits

• 33333e8 [ci] release (#14922)
• aa58d05 [ci] format
• e0f277d fix: prevent authentication bypass via double URL encoding in middleware (#14...
• 4bceeb0 fix: actions infer symbol (#14889)
• e82358c [ci] release (#14918)
• 0a2fe43 [ci] format
• b43dc7f fix(astro): assets vite build log (#14876)
• 10273e0 fix: 404 status in ssr (#14884)
• 6751a2e chore(cli): classes (#14897)
• 09bbdbb [ci] release (#14845)
• Additional commits viewable in compare view

Updates @biomejs/biome from 2.3.7 to 2.3.8

Release notes

Sourced from @​biomejs/biome's releases.

Biome CLI v2.3.8

2.3.8

Patch Changes

• #8188 4ca088c Thanks @​ematipico! - Fixed #7390, where Biome couldn't apply the correct configuration passed via --config-path.

  If you have multiple root configuration files, running any command with --config-path will now apply the chosen configuration file.

• #8171 79adaea Thanks @​dibashthapa! - Added the new rule noLeakedRender. This rule helps prevent potential leaks when rendering components that use binary expressions or ternaries.

  For example, the following code triggers the rule because the component would render 0:

  const Component = () => {
    const count = 0;
    return <div>{count && <span>Count: {count}</span>}</div>;
  };

• #8116 b537918 Thanks @​Netail! - Added the nursery rule noDuplicatedSpreadProps. Disallow JSX prop spreading the same identifier multiple times.

  Invalid:

  <div {...props} something="else" {...props} />

• #8256 f1e4696 Thanks @​cormacrelf! - Fixed a bug where logs were discarded (the kind from --log-level=info etc.). This is a regression introduced after an internal refactor that wasn't adequately tested.

• #8226 3f19b52 Thanks @​dyc3! - Fixed #8222: The HTML parser, with Vue directives enabled, can now parse v-slot shorthand syntax, e.g. \<template #foo>.

• #8007 182ecdc Thanks @​brandonmcconnell! - Added support for dollar-sign-prefixed filenames in the useFilenamingConvention rule.

  Biome now allows filenames starting with the dollar-sign (e.g. $postId.tsx) by default to support naming conventions used by frameworks such as TanStack Start for file-based-routing.

• #8218 91484d1 Thanks @​hirokiokada77! - Added the noMultiStr rule, which disallows creating multiline strings by escaping newlines.

  Invalid:

  const foo =
    "Line 1\n\
  Line 2";

  Valid:

... (truncated)

Changelog

Sourced from @​biomejs/biome's changelog.

2.3.8

Patch Changes

• #8188 4ca088c Thanks @​ematipico! - Fixed #7390, where Biome couldn't apply the correct configuration passed via --config-path.

  If you have multiple root configuration files, running any command with --config-path will now apply the chosen configuration file.

• #8171 79adaea Thanks @​dibashthapa! - Added the new rule noLeakedRender. This rule helps prevent potential leaks when rendering components that use binary expressions or ternaries.

  For example, the following code triggers the rule because the component would render 0:

  const Component = () => {
    const count = 0;
    return <div>{count && <span>Count: {count}</span>}</div>;
  };

• #8116 b537918 Thanks @​Netail! - Added the nursery rule noDuplicatedSpreadProps. Disallow JSX prop spreading the same identifier multiple times.

  Invalid:

  <div {...props} something="else" {...props} />

• #8256 f1e4696 Thanks @​cormacrelf! - Fixed a bug where logs were discarded (the kind from --log-level=info etc.). This is a regression introduced after an internal refactor that wasn't adequately tested.

• #8226 3f19b52 Thanks @​dyc3! - Fixed #8222: The HTML parser, with Vue directives enabled, can now parse v-slot shorthand syntax, e.g. \<template #foo>.

• #8007 182ecdc Thanks @​brandonmcconnell! - Added support for dollar-sign-prefixed filenames in the useFilenamingConvention rule.

  Biome now allows filenames starting with the dollar-sign (e.g. $postId.tsx) by default to support naming conventions used by frameworks such as TanStack Start for file-based-routing.

• #8218 91484d1 Thanks @​hirokiokada77! - Added the noMultiStr rule, which disallows creating multiline strings by escaping newlines.

  Invalid:

  const foo =
    "Line 1\n\
  Line 2";

  Valid:

  const foo = "Line 1\nLine 2";
  const bar = `Line 1

... (truncated)

Commits

• 0a6b6fb chore: restore version and yaml how they were
• 5d15cd5 chore: revert version
• 59fa146 ci: release (#8263)
• f7e836f feat(biome_js_analyze): implement noProto rule (#8276)
• b537918 feat(js_biome_analyze): implement noDuplicatedSpreadProps (#8116)
• 91484d1 feat(biome_js_analyze): implement noMultiStr rule (#8218)
• 68c052e feat(biome_js_analyze): implement noEqualsToNull rule (#8214)
• 79adaea feat(lint): added new rule no-leaked-render from eslint-react (#8171)
• cd2edd7 feat(js_analyze): implement noTernary (#8201)
• See full diff in compare view

Updates @playwright/test from 1.56.1 to 1.57.0

Release notes

Sourced from @​playwright/test's releases.

v1.57.0

Speedboard

In HTML reporter, there's a new tab we call "Speedboard":

It shows you all your executed tests sorted by slowness, and can help you understand where your test suite is taking longer than expected. Take a look at yours - maybe you'll find some tests that are spending a longer time waiting than they should!

Chrome for Testing

Starting with this release, Playwright switches from Chromium, to using Chrome for Testing builds. Both headed and headless browsers are subject to this. Your tests should still be passing after upgrading to Playwright 1.57.

We're expecting no functional changes to come from this switch. The biggest change is the new icon and title in your toolbar.

If you still see an unexpected behaviour change, please file an issue.

On Arm64 Linux, Playwright continues to use Chromium.

Waiting for webserver output

testConfig.webServer added a wait field. Pass a regular expression, and Playwright will wait until the webserver logs match it.

import { defineConfig } from '@playwright/test';
export default defineConfig({
webServer: {
command: 'npm run start',
wait: {
stdout: '/Listening on port (?<my_server_port>\d+)/'
},
},
});

If you include a named capture group into the expression, then Playwright will provide the capture group contents via environment variables:

import { test, expect } from '@playwright/test';
test.use({ baseUrl: http://localhost:${process.env.MY_SERVER_PORT ?? 3000} });
test('homepage', async ({ page }) => {
await page.goto('/');
});
</tr></table>

... (truncated)

Commits

• 8058197 cherry-pick(#38328): docs: update 1.57 release notes
• 54818c5 chore: mark 1.57.0 (#38320)
• 414c4f5 cherry-pick(#38301): fix(android): dont pass "--disable-sync" (#38301)
• ae3da48 cherry-pick(#38124): feat(firefox): roll to latest firefox and firefox-beta (...
• 3756978 chore: fix lint warning about useEffect (#38285)
• 019900f chore: update browser_patches (#38286)
• 483b722 docs: 1.57 release notes (#38267)
• 46d5ea0 Revert "feat: add request.body async getters (#38179)" (#38281)
• 0778fcf chore: hide run-server command (#38277)
• bf6a60f chore: default to ubuntu 24.04 for unsupported distros (#38269)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[netlify]

✅ Deploy Preview for eva-town ready!

Name	Link
🔨 Latest commit	53a2719
🔍 Latest deploy log	https://app.netlify.com/projects/eva-town/deploys/692d5bc3a37fd40008db7c24
😎 Deploy Preview	https://deploy-preview-659--eva-town.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.
Lighthouse	1 paths audited Performance: 99 Accessibility: 100 Best Practices: 100 SEO: 100 PWA: 70 View the detailed breakdown and full score reports

---

To edit notification comments on pull requests, go to your Netlify project configuration.