[Snyk] Fix for 7 vulnerabilities

[heyfirst]

Snyk has created this PR to fix 7 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

• package.json

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Server-side Request Forgery (SSRF) SNYK-JS-ASTRO-13961342	738
	Directory Traversal SNYK-JS-ASTRO-14059661	738
	Cross-site Scripting (XSS) SNYK-JS-ASTRO-14059122	708
	Relative Path Traversal SNYK-JS-ASTRO-14059139	648
	Relative Path Traversal SNYK-JS-ASTROJSINTERNALHELPERS-14059142	648
	Cross-site Scripting (XSS) SNYK-JS-ASTROJSINTERNALHELPERS-14059660	648
	Cross-site Scripting (XSS) SNYK-JS-ASTRO-13961435	483

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Server-side Request Forgery (SSRF)
🦉 Cross-site Scripting (XSS)
🦉 Relative Path Traversal

---

Note

Bumps astro, @astrojs/mdx, and @astrojs/vercel versions in package.json.

• Dependencies:
  • Upgrade astro from 5.12.9 to 5.15.9 in package.json.
  • Upgrade @astrojs/mdx from 4.3.3 to 4.3.11.
  • Upgrade @astrojs/vercel from 8.2.5 to 9.0.1.

^{Written by Cursor Bugbot for commit 93d7317. This will update automatically on new commits. Configure here.}

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Comments	Updated (UTC)
heyfirst-co	Error			Nov 21, 2025 7:04am