starred/gitea-mirror

Fork 0

mirror of https://github.com/RayLabsHQ/gitea-mirror.git synced 2026-04-25 07:15:57 +03:00

[PR #81] [CLOSED] Bump the npm_and_yarn group across 1 directory with 3 updates #126

New issue

Closed

opened 2026-02-27 15:55:14 +03:00 by kerem · 0 comments

kerem commented

2026-02-27 15:55:14 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/RayLabsHQ/gitea-mirror/pull/81
Author: @dependabot[bot]
Created: 8/28/2025
Status: ❌ Closed

Base: main ← Head: dependabot/npm_and_yarn/www/npm_and_yarn-6bc1d39538

📝 Commits (1)

37fc352 Bump the npm_and_yarn group across 1 directory with 3 updates

📊 Changes

2 files changed (+407 additions, -368 deletions)

View changed files

📝 www/package.json (+1 -1)
📝 www/pnpm-lock.yaml (+406 -367)

📄 Description

Bumps the npm_and_yarn group with 1 update in the /www directory: astro.

Updates astro from 5.12.8 to 5.13.4

Release notes

Sourced from astro's releases.

astro@5.13.4

Patch Changes

#14260 86a1e40 Thanks @jp-knj! - Fixes Astro.url.pathname to respect trailingSlash: 'never' configuration when using a base path. Previously, the root path with a base would incorrectly return /base/ instead of /base when trailingSlash was set to 'never'.

#14248 e81c4bd Thanks @julesyoungberg! - Fixes a bug where actions named 'apply' do not work due to being a function prototype method.

astro@5.13.3

Patch Changes

#14239 d7d93e1 Thanks @wtchnm! - Fixes a bug where the types for the live content collections were not being generated correctly in dev mode

#14221 eadc9dd Thanks @delucis! - Fixes JSON schema support for content collections using the file() loader

#14229 1a9107a Thanks @jonmichaeldarby! - Ensures Astro.currentLocale returns the correct locale during SSG for pages that use a locale param (such as [locale].astro or [locale]/index.astro, which produce [locale].html)

astro@5.13.2

Patch Changes

4d16de7 Thanks @ematipico! - Improves the detection of remote paths in the _image endpoint. Now href parameters that start with // are considered remote paths.

Updated dependencies [4d16de7]:

@astrojs/internal-helpers@0.7.2

@astrojs/markdown-remark@6.3.6

astro@5.13.1

Patch Changes

#14225 f2490ab Thanks @delucis! - Fixes the experimental.chromeDevtoolsWorkspace feature.

astro@5.13.0

Minor Changes
#14173 39911b8 Thanks @florian-lefebvre! - Adds an experimental flag staticImportMetaEnv to disable the replacement of import.meta.env values with process.env calls and their coercion of environment variable values. This supersedes the rawEnvValues experimental flag, which is now removed.

Astro allows you to configure a type-safe schema for your environment variables, and converts variables imported via astro:env into the expected type. This is the recommended way to use environment variables in Astro, as it allows you to easily see and manage whether your variables are public or secret, available on the client or only on the server at build time, and the data type of your values.

However, you can still access environment variables through process.env and import.meta.env directly when needed. This was the only way to use environment variables in Astro before astro:env was added in Astro 5.0, and Astro's default handling of import.meta.env includes some logic that was only needed for earlier versions of Astro.

The experimental.staticImportMetaEnv flag updates the behavior of import.meta.env to align with Vite's handling of environment variables and for better ease of use with Astro's current implementations and features. This will become the default behavior in Astro 6.0, and this early preview is introduced as an experimental feature.

Currently, non-public import.meta.env environment variables are replaced by a reference to process.env. Additionally, Astro may also convert the value type of your environment variables used through import.meta.env, which can prevent access to some values such as the strings "true" (which is converted to a boolean value), and "1" (which is converted to a number).

The experimental.staticImportMetaEnv flag simplifies Astro's default behavior, making it easier to understand and use. Astro will no longer replace any import.meta.env environment variables with a process.env call, nor will it coerce values.

To enable this feature, add the experimental flag in your Astro config and remove rawEnvValues if it was enabled:
// astro.config.mjs
import { defineConfig } from "astro/config";

... (truncated)

Changelog

Sourced from astro's changelog.

5.13.4

Patch Changes

#14260 86a1e40 Thanks @jp-knj! - Fixes Astro.url.pathname to respect trailingSlash: 'never' configuration when using a base path. Previously, the root path with a base would incorrectly return /base/ instead of /base when trailingSlash was set to 'never'.

#14248 e81c4bd Thanks @julesyoungberg! - Fixes a bug where actions named 'apply' do not work due to being a function prototype method.

5.13.3

Patch Changes

#14239 d7d93e1 Thanks @wtchnm! - Fixes a bug where the types for the live content collections were not being generated correctly in dev mode

#14221 eadc9dd Thanks @delucis! - Fixes JSON schema support for content collections using the file() loader

#14229 1a9107a Thanks @jonmichaeldarby! - Ensures Astro.currentLocale returns the correct locale during SSG for pages that use a locale param (such as [locale].astro or [locale]/index.astro, which produce [locale].html)

5.13.2

Patch Changes

4d16de7 Thanks @ematipico! - Improves the detection of remote paths in the _image endpoint. Now href parameters that start with // are considered remote paths.

Updated dependencies [4d16de7]:

@astrojs/internal-helpers@0.7.2

@astrojs/markdown-remark@6.3.6

5.13.1

Patch Changes

#14225 f2490ab Thanks @delucis! - Fixes the experimental.chromeDevtoolsWorkspace feature.

5.13.0

Minor Changes

#14173 39911b8 Thanks @florian-lefebvre! - Adds an experimental flag staticImportMetaEnv to disable the replacement of import.meta.env values with process.env calls and their coercion of environment variable values. This supersedes the rawEnvValues experimental flag, which is now removed.

Astro allows you to configure a type-safe schema for your environment variables, and converts variables imported via astro:env into the expected type. This is the recommended way to use environment variables in Astro, as it allows you to easily see and manage whether your variables are public or secret, available on the client or only on the server at build time, and the data type of your values.

However, you can still access environment variables through process.env and import.meta.env directly when needed. This was the only way to use environment variables in Astro before astro:env was added in Astro 5.0, and Astro's default handling of import.meta.env includes some logic that was only needed for earlier versions of Astro.

The experimental.staticImportMetaEnv flag updates the behavior of import.meta.env to align with Vite's handling of environment variables and for better ease of use with Astro's current implementations and features. This will become the default behavior in Astro 6.0, and this early preview is introduced as an experimental feature.

Currently, non-public import.meta.env environment variables are replaced by a reference to process.env. Additionally, Astro may also convert the value type of your environment variables used through import.meta.env, which can prevent access to some values such as the strings "true" (which is converted to a boolean value), and "1" (which is converted to a number).

The experimental.staticImportMetaEnv flag simplifies Astro's default behavior, making it easier to understand and use. Astro will no longer replace any import.meta.env environment variables with a process.env call, nor will it coerce values.

... (truncated)

Commits

24b04c1 [ci] release (#14267)
4823c42 feat(netlify): dev context (#14269)
73bf284 [ci] format
86a1e40 fix(astro): Astro.url.pathname respects trailingSlash: 'never' with base path...
e81c4bd fix(astro): action named apply (#14248)
d471be5 [ci] release (#14242)
d7d93e1 fix(sync): add missing live check for generating content collections types (#...
682d8b8 [ci] format
1a9107a Properly compute currentLocale when path segment contains .html (#14229)
eadc9dd Fix file() loader JSON schema (#14221)
Additional commits viewable in compare view

Updates devalue from 5.1.1 to 5.3.2

Release notes

Sourced from devalue's releases.

v5.3.2

Patch Changes

0623a47: fix: disallow array method access when parsing

0623a47: fix: disallow __proto__ properties on objects

v5.3.1

Patch Changes

ae904c5: fix: correctly differentiate between +0 and -0

v5.3.0

Minor Changes

2896e7b: feat: support Temporal

fec694d: feat: support URL and URLSearchParams objects

Changelog

Sourced from devalue's changelog.

5.3.2

Patch Changes

0623a47: fix: disallow array method access when parsing

0623a47: fix: disallow __proto__ properties on objects

5.3.1

Patch Changes

ae904c5: fix: correctly differentiate between +0 and -0

5.3.0

Minor Changes

2896e7b: feat: support Temporal

fec694d: feat: support URL and URLSearchParams objects

5.2.1

Patch Changes

e46f4c8: fix: handle repeated array buffers and subarrays

2dfa504: fix: handle custom classes with null proto as pojo

5.2.0

Handle custom classes with null proto as pojo (#95)

Commits

86a6a66 Version Packages (#109)
0623a47 Merge commit from fork
02d20e8 Version Packages (#108)
ae904c5 fix stringify not picking up negative zero if a normal zero has appeared befo...
e95b87a fix pkg.repository
8300172 fix changeset config
434d8ae Version Packages (#106)
67c8334 mention support for URL/URLSearchParams/Temporal in README
fec694d feat: support URL and URLSearchParams (#92)
2896e7b Add support for Temporal objects (#98)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by svelte-admin, a new releaser for devalue since your current version.

Updates esbuild from 0.25.6 to 0.25.9

Release notes

Sourced from esbuild's releases.

v0.25.9
Better support building projects that use Yarn on Windows (#3131, #3663)

With this release, you can now use esbuild to bundle projects that use Yarn Plug'n'Play on Windows on drives other than the C: drive. The problem was as follows:

Yarn in Plug'n'Play mode on Windows stores its global module cache on the C: drive

Some developers put their projects on the D: drive

Yarn generates relative paths that use ../.. to get from the project directory to the cache directory

Windows-style paths don't support directory traversal between drives via .. (so D:\.. is just D:)

I didn't have access to a Windows machine for testing this edge case

Yarn works around this edge case by pretending Windows-style paths beginning with C:\ are actually Unix-style paths beginning with /C:/, so the ../.. path segments are able to navigate across drives inside Yarn's implementation. This was broken for a long time in esbuild but I finally got access to a Windows machine and was able to debug and fix this edge case. So you should now be able to bundle these projects with esbuild.
Preserve parentheses around function expressions (#4252)

The V8 JavaScript VM uses parentheses around function expressions as an optimization hint to immediately compile the function. Otherwise the function would be lazily-compiled, which has additional overhead if that function is always called immediately as lazy compilation involves parsing the function twice. You can read V8's blog post about this for more details.

Previously esbuild did not represent parentheses around functions in the AST so they were lost during compilation. With this change, esbuild will now preserve parentheses around function expressions when they are present in the original source code. This means these optimization hints will not be lost when bundling with esbuild. In addition, esbuild will now automatically add this optimization hint to immediately-invoked function expressions. Here's an example:
// Original code
const fn0 = () => 0
const fn1 = (() => 1)
console.log(fn0, function() { return fn1() }())
// Old output

const fn0 = () => 0;

const fn1 = () => 1;

console.log(fn0, function() {

return fn1();

}());
// New output

const fn0 = () => 0;

const fn1 = (() => 1);

console.log(fn0, (function() {

return fn1();

})());
Note that you do not want to wrap all function expressions in parentheses. This optimization hint should only be used for functions that are called on initial load. Using this hint for functions that are not called on initial load will unnecessarily delay the initial load. Again, see V8's blog post linked above for details.
Update Go from 1.23.10 to 1.23.12 (#4257, #4258)

This should have no effect on existing code as this version change does not change Go's operating system support. It may remove certain false positive reports (specifically CVE-2025-4674 and CVE-2025-47907) from vulnerability scanners that only detect which version of the Go compiler esbuild uses.
v0.25.8

Fix another TypeScript parsing edge case (#4248)

This fixes a regression with a change in the previous release that tries to more accurately parse TypeScript arrow functions inside the ?: operator. The regression specifically involves parsing an arrow function containing a #private identifier inside the middle of a ?: ternary operator inside a class body. This was fixed by propagating private identifier state into the parser clone used to speculatively parse the arrow function body. Here is an example of some affected code:

... (truncated)

Changelog

Sourced from esbuild's changelog.

0.25.9
Better support building projects that use Yarn on Windows (#3131, #3663)

With this release, you can now use esbuild to bundle projects that use Yarn Plug'n'Play on Windows on drives other than the C: drive. The problem was as follows:

Yarn in Plug'n'Play mode on Windows stores its global module cache on the C: drive

Some developers put their projects on the D: drive

Yarn generates relative paths that use ../.. to get from the project directory to the cache directory

Windows-style paths don't support directory traversal between drives via .. (so D:\.. is just D:)

I didn't have access to a Windows machine for testing this edge case

Yarn works around this edge case by pretending Windows-style paths beginning with C:\ are actually Unix-style paths beginning with /C:/, so the ../.. path segments are able to navigate across drives inside Yarn's implementation. This was broken for a long time in esbuild but I finally got access to a Windows machine and was able to debug and fix this edge case. So you should now be able to bundle these projects with esbuild.
Preserve parentheses around function expressions (#4252)

The V8 JavaScript VM uses parentheses around function expressions as an optimization hint to immediately compile the function. Otherwise the function would be lazily-compiled, which has additional overhead if that function is always called immediately as lazy compilation involves parsing the function twice. You can read V8's blog post about this for more details.

Previously esbuild did not represent parentheses around functions in the AST so they were lost during compilation. With this change, esbuild will now preserve parentheses around function expressions when they are present in the original source code. This means these optimization hints will not be lost when bundling with esbuild. In addition, esbuild will now automatically add this optimization hint to immediately-invoked function expressions. Here's an example:
// Original code
const fn0 = () => 0
const fn1 = (() => 1)
console.log(fn0, function() { return fn1() }())
// Old output

const fn0 = () => 0;

const fn1 = () => 1;

console.log(fn0, function() {

return fn1();

}());
// New output

const fn0 = () => 0;

const fn1 = (() => 1);

console.log(fn0, (function() {

return fn1();

})());
Note that you do not want to wrap all function expressions in parentheses. This optimization hint should only be used for functions that are called on initial load. Using this hint for functions that are not called on initial load will unnecessarily delay the initial load. Again, see V8's blog post linked above for details.
Update Go from 1.23.10 to 1.23.12 (#4257, #4258)

This should have no effect on existing code as this version change does not change Go's operating system support. It may remove certain false positive reports (specifically CVE-2025-4674 and CVE-2025-47907) from vulnerability scanners that only detect which version of the Go compiler esbuild uses.
0.25.8

Fix another TypeScript parsing edge case (#4248)

... (truncated)

Commits

195e05c publish 0.25.9 to npm
3dac33f fix #3131, fix #3663: yarnpnp + windows + D drive
0f2c5c8 mock fs now supports multiple volumes on windows
100a51e split out yarnpnp snapshot tests
13aace3 remove C: assumption from windows snapshot tests
f1f413f fix #4252: preserve parentheses around functions
1bc8091 fix #4257, close #4258: go 1.23.10 => 1.23.12
bc52135 move the go compiler version to go.version
a0af5d1 makefile: use ESBUILD_VERSION consistently
8c71947 publish 0.25.8 to npm
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
You can disable automated security fix PRs for this repo from the Security Alerts page.

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/RayLabsHQ/gitea-mirror/pull/81 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 8/28/2025 **Status:** ❌ Closed **Base:** `main` ← **Head:** `dependabot/npm_and_yarn/www/npm_and_yarn-6bc1d39538` --- ### 📝 Commits (1) - [`37fc352`](https://github.com/RayLabsHQ/gitea-mirror/commit/37fc3523e1e167d6a6ede25596b19068a14acc50) Bump the npm_and_yarn group across 1 directory with 3 updates ### 📊 Changes **2 files changed** (+407 additions, -368 deletions) <details> <summary>View changed files</summary> 📝 `www/package.json` (+1 -1) 📝 `www/pnpm-lock.yaml` (+406 -367) </details> ### 📄 Description Bumps the npm_and_yarn group with 1 update in the /www directory: [astro](https://github.com/withastro/astro/tree/HEAD/packages/astro). Updates `astro` from 5.12.8 to 5.13.4 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/withastro/astro/releases">astro's releases</a>.</em></p> <blockquote> <h2>astro@5.13.4</h2> <h3>Patch Changes</h3> <ul> <li> <p><a href="https://redirect.github.com/withastro/astro/pull/14260">#14260</a> <a href="https://github.com/withastro/astro/commit/86a1e40ce21b629a956057b059d06ba78bd89402"><code>86a1e40</code></a> Thanks <a href="https://github.com/jp-knj"><code>@jp-knj</code></a>! - Fixes <code>Astro.url.pathname</code> to respect <code>trailingSlash: 'never'</code> configuration when using a base path. Previously, the root path with a base would incorrectly return <code>/base/</code> instead of <code>/base</code> when <code>trailingSlash</code> was set to 'never'.</p> </li> <li> <p><a href="https://redirect.github.com/withastro/astro/pull/14248">#14248</a> <a href="https://github.com/withastro/astro/commit/e81c4bd1cca6739192d33068cbfb2c9e4ced1ffe"><code>e81c4bd</code></a> Thanks <a href="https://github.com/julesyoungberg"><code>@julesyoungberg</code></a>! - Fixes a bug where actions named 'apply' do not work due to being a function prototype method.</p> </li> </ul> <h2>astro@5.13.3</h2> <h3>Patch Changes</h3> <ul> <li> <p><a href="https://redirect.github.com/withastro/astro/pull/14239">#14239</a> <a href="https://github.com/withastro/astro/commit/d7d93e19fbfa52cf74dee40f5af6b7ea6a7503d2"><code>d7d93e1</code></a> Thanks <a href="https://github.com/wtchnm"><code>@wtchnm</code></a>! - Fixes a bug where the types for the live content collections were not being generated correctly in dev mode</p> </li> <li> <p><a href="https://redirect.github.com/withastro/astro/pull/14221">#14221</a> <a href="https://github.com/withastro/astro/commit/eadc9dd277d0075d7bff0e33c7a86f3fb97fdd61"><code>eadc9dd</code></a> Thanks <a href="https://github.com/delucis"><code>@delucis</code></a>! - Fixes JSON schema support for content collections using the <code>file()</code> loader</p> </li> <li> <p><a href="https://redirect.github.com/withastro/astro/pull/14229">#14229</a> <a href="https://github.com/withastro/astro/commit/1a9107a4049f43c1e4e9f40e07033f6bfe4398e4"><code>1a9107a</code></a> Thanks <a href="https://github.com/jonmichaeldarby"><code>@jonmichaeldarby</code></a>! - Ensures <code>Astro.currentLocale</code> returns the correct locale during SSG for pages that use a locale param (such as <code>[locale].astro</code> or <code>[locale]/index.astro</code>, which produce <code>[locale].html</code>)</p> </li> </ul> <h2>astro@5.13.2</h2> <h3>Patch Changes</h3> <ul> <li> <p><a href="https://github.com/withastro/astro/commit/4d16de7f95db5d1ec1ce88610d2a95e606e83820"><code>4d16de7</code></a> Thanks <a href="https://github.com/ematipico"><code>@ematipico</code></a>! - Improves the detection of remote paths in the <code>_image</code> endpoint. Now <code>href</code> parameters that start with <code>//</code> are considered remote paths.</p> </li> <li> <p>Updated dependencies [<a href="https://github.com/withastro/astro/commit/4d16de7f95db5d1ec1ce88610d2a95e606e83820"><code>4d16de7</code></a>]:</p> <ul> <li><code>@astrojs/internal-helpers</code><a href="https://github.com/0"><code>@0</code></a>.7.2</li> <li><code>@astrojs/markdown-remark</code><a href="https://github.com/6"><code>@6</code></a>.3.6</li> </ul> </li> </ul> <h2>astro@5.13.1</h2> <h3>Patch Changes</h3> <ul> <li><a href="https://redirect.github.com/withastro/astro/pull/14225">#14225</a> <a href="https://github.com/withastro/astro/commit/f2490aba420a8999c0e8d12b9e1e69d4e33ae29e"><code>f2490ab</code></a> Thanks <a href="https://github.com/delucis"><code>@delucis</code></a>! - Fixes the <code>experimental.chromeDevtoolsWorkspace</code> feature.</li> </ul> <h2>astro@5.13.0</h2> <h3>Minor Changes</h3> <ul> <li> <p><a href="https://redirect.github.com/withastro/astro/pull/14173">#14173</a> <a href="https://github.com/withastro/astro/commit/39911b823d4617d99cc95e4b7584e9e4b7b90038"><code>39911b8</code></a> Thanks <a href="https://github.com/florian-lefebvre"><code>@florian-lefebvre</code></a>! - Adds an experimental flag <code>staticImportMetaEnv</code> to disable the replacement of <code>import.meta.env</code> values with <code>process.env</code> calls and their coercion of environment variable values. This supersedes the <code>rawEnvValues</code> experimental flag, which is now removed.</p> <p>Astro allows you to configure a <a href="https://docs.astro.build/en/guides/environment-variables/#type-safe-environment-variables">type-safe schema for your environment variables</a>, and converts variables imported via <code>astro:env</code> into the expected type. This is the recommended way to use environment variables in Astro, as it allows you to easily see and manage whether your variables are public or secret, available on the client or only on the server at build time, and the data type of your values.</p> <p>However, you can still access environment variables through <code>process.env</code> and <code>import.meta.env</code> directly when needed. This was the only way to use environment variables in Astro before <code>astro:env</code> was added in Astro 5.0, and Astro's default handling of <code>import.meta.env</code> includes some logic that was only needed for earlier versions of Astro.</p> <p>The <code>experimental.staticImportMetaEnv</code> flag updates the behavior of <code>import.meta.env</code> to align with <a href="https://vite.dev/guide/env-and-mode.html#env-variables">Vite's handling of environment variables</a> and for better ease of use with Astro's current implementations and features. <strong>This will become the default behavior in Astro 6.0</strong>, and this early preview is introduced as an experimental feature.</p> <p>Currently, non-public <code>import.meta.env</code> environment variables are replaced by a reference to <code>process.env</code>. Additionally, Astro may also convert the value type of your environment variables used through <code>import.meta.env</code>, which can prevent access to some values such as the strings <code>"true"</code> (which is converted to a boolean value), and <code>"1"</code> (which is converted to a number).</p> <p>The <code>experimental.staticImportMetaEnv</code> flag simplifies Astro's default behavior, making it easier to understand and use. Astro will no longer replace any <code>import.meta.env</code> environment variables with a <code>process.env</code> call, nor will it coerce values.</p> <p>To enable this feature, add the experimental flag in your Astro config and remove <code>rawEnvValues</code> if it was enabled:</p> <pre lang="diff"><code>// astro.config.mjs import { defineConfig } from "astro/config"; </code></pre> </li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/withastro/astro/blob/main/packages/astro/CHANGELOG.md">astro's changelog</a>.</em></p> <blockquote> <h2>5.13.4</h2> <h3>Patch Changes</h3> <ul> <li> <p><a href="https://redirect.github.com/withastro/astro/pull/14260">#14260</a> <a href="https://github.com/withastro/astro/commit/86a1e40ce21b629a956057b059d06ba78bd89402"><code>86a1e40</code></a> Thanks <a href="https://github.com/jp-knj"><code>@jp-knj</code></a>! - Fixes <code>Astro.url.pathname</code> to respect <code>trailingSlash: 'never'</code> configuration when using a base path. Previously, the root path with a base would incorrectly return <code>/base/</code> instead of <code>/base</code> when <code>trailingSlash</code> was set to 'never'.</p> </li> <li> <p><a href="https://redirect.github.com/withastro/astro/pull/14248">#14248</a> <a href="https://github.com/withastro/astro/commit/e81c4bd1cca6739192d33068cbfb2c9e4ced1ffe"><code>e81c4bd</code></a> Thanks <a href="https://github.com/julesyoungberg"><code>@julesyoungberg</code></a>! - Fixes a bug where actions named 'apply' do not work due to being a function prototype method.</p> </li> </ul> <h2>5.13.3</h2> <h3>Patch Changes</h3> <ul> <li> <p><a href="https://redirect.github.com/withastro/astro/pull/14239">#14239</a> <a href="https://github.com/withastro/astro/commit/d7d93e19fbfa52cf74dee40f5af6b7ea6a7503d2"><code>d7d93e1</code></a> Thanks <a href="https://github.com/wtchnm"><code>@wtchnm</code></a>! - Fixes a bug where the types for the live content collections were not being generated correctly in dev mode</p> </li> <li> <p><a href="https://redirect.github.com/withastro/astro/pull/14221">#14221</a> <a href="https://github.com/withastro/astro/commit/eadc9dd277d0075d7bff0e33c7a86f3fb97fdd61"><code>eadc9dd</code></a> Thanks <a href="https://github.com/delucis"><code>@delucis</code></a>! - Fixes JSON schema support for content collections using the <code>file()</code> loader</p> </li> <li> <p><a href="https://redirect.github.com/withastro/astro/pull/14229">#14229</a> <a href="https://github.com/withastro/astro/commit/1a9107a4049f43c1e4e9f40e07033f6bfe4398e4"><code>1a9107a</code></a> Thanks <a href="https://github.com/jonmichaeldarby"><code>@jonmichaeldarby</code></a>! - Ensures <code>Astro.currentLocale</code> returns the correct locale during SSG for pages that use a locale param (such as <code>[locale].astro</code> or <code>[locale]/index.astro</code>, which produce <code>[locale].html</code>)</p> </li> </ul> <h2>5.13.2</h2> <h3>Patch Changes</h3> <ul> <li> <p><a href="https://github.com/withastro/astro/commit/4d16de7f95db5d1ec1ce88610d2a95e606e83820"><code>4d16de7</code></a> Thanks <a href="https://github.com/ematipico"><code>@ematipico</code></a>! - Improves the detection of remote paths in the <code>_image</code> endpoint. Now <code>href</code> parameters that start with <code>//</code> are considered remote paths.</p> </li> <li> <p>Updated dependencies [<a href="https://github.com/withastro/astro/commit/4d16de7f95db5d1ec1ce88610d2a95e606e83820"><code>4d16de7</code></a>]:</p> <ul> <li><code>@astrojs/internal-helpers</code><a href="https://github.com/0"><code>@0</code></a>.7.2</li> <li><code>@astrojs/markdown-remark</code><a href="https://github.com/6"><code>@6</code></a>.3.6</li> </ul> </li> </ul> <h2>5.13.1</h2> <h3>Patch Changes</h3> <ul> <li><a href="https://redirect.github.com/withastro/astro/pull/14225">#14225</a> <a href="https://github.com/withastro/astro/commit/f2490aba420a8999c0e8d12b9e1e69d4e33ae29e"><code>f2490ab</code></a> Thanks <a href="https://github.com/delucis"><code>@delucis</code></a>! - Fixes the <code>experimental.chromeDevtoolsWorkspace</code> feature.</li> </ul> <h2>5.13.0</h2> <h3>Minor Changes</h3> <ul> <li> <p><a href="https://redirect.github.com/withastro/astro/pull/14173">#14173</a> <a href="https://github.com/withastro/astro/commit/39911b823d4617d99cc95e4b7584e9e4b7b90038"><code>39911b8</code></a> Thanks <a href="https://github.com/florian-lefebvre"><code>@florian-lefebvre</code></a>! - Adds an experimental flag <code>staticImportMetaEnv</code> to disable the replacement of <code>import.meta.env</code> values with <code>process.env</code> calls and their coercion of environment variable values. This supersedes the <code>rawEnvValues</code> experimental flag, which is now removed.</p> <p>Astro allows you to configure a <a href="https://docs.astro.build/en/guides/environment-variables/#type-safe-environment-variables">type-safe schema for your environment variables</a>, and converts variables imported via <code>astro:env</code> into the expected type. This is the recommended way to use environment variables in Astro, as it allows you to easily see and manage whether your variables are public or secret, available on the client or only on the server at build time, and the data type of your values.</p> <p>However, you can still access environment variables through <code>process.env</code> and <code>import.meta.env</code> directly when needed. This was the only way to use environment variables in Astro before <code>astro:env</code> was added in Astro 5.0, and Astro's default handling of <code>import.meta.env</code> includes some logic that was only needed for earlier versions of Astro.</p> <p>The <code>experimental.staticImportMetaEnv</code> flag updates the behavior of <code>import.meta.env</code> to align with <a href="https://vite.dev/guide/env-and-mode.html#env-variables">Vite's handling of environment variables</a> and for better ease of use with Astro's current implementations and features. <strong>This will become the default behavior in Astro 6.0</strong>, and this early preview is introduced as an experimental feature.</p> <p>Currently, non-public <code>import.meta.env</code> environment variables are replaced by a reference to <code>process.env</code>. Additionally, Astro may also convert the value type of your environment variables used through <code>import.meta.env</code>, which can prevent access to some values such as the strings <code>"true"</code> (which is converted to a boolean value), and <code>"1"</code> (which is converted to a number).</p> <p>The <code>experimental.staticImportMetaEnv</code> flag simplifies Astro's default behavior, making it easier to understand and use. Astro will no longer replace any <code>import.meta.env</code> environment variables with a <code>process.env</code> call, nor will it coerce values.</p> </li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/withastro/astro/commit/24b04c159ff2e5e1b15efcf8f3a77a131b5a9f92"><code>24b04c1</code></a> [ci] release (<a href="https://github.com/withastro/astro/tree/HEAD/packages/astro/issues/14267">#14267</a>)</li> <li><a href="https://github.com/withastro/astro/commit/4823c426c4e3c63765098f53c93fcb1bb3a4faaf"><code>4823c42</code></a> feat(netlify): dev context (<a href="https://github.com/withastro/astro/tree/HEAD/packages/astro/issues/14269">#14269</a>)</li> <li><a href="https://github.com/withastro/astro/commit/73bf284372823f26357251515a4e5405549929fe"><code>73bf284</code></a> [ci] format</li> <li><a href="https://github.com/withastro/astro/commit/86a1e40ce21b629a956057b059d06ba78bd89402"><code>86a1e40</code></a> fix(astro): Astro.url.pathname respects trailingSlash: 'never' with base path...</li> <li><a href="https://github.com/withastro/astro/commit/e81c4bd1cca6739192d33068cbfb2c9e4ced1ffe"><code>e81c4bd</code></a> fix(astro): action named apply (<a href="https://github.com/withastro/astro/tree/HEAD/packages/astro/issues/14248">#14248</a>)</li> <li><a href="https://github.com/withastro/astro/commit/d471be562fee507887426302ef8df9500c8b18c8"><code>d471be5</code></a> [ci] release (<a href="https://github.com/withastro/astro/tree/HEAD/packages/astro/issues/14242">#14242</a>)</li> <li><a href="https://github.com/withastro/astro/commit/d7d93e19fbfa52cf74dee40f5af6b7ea6a7503d2"><code>d7d93e1</code></a> fix(sync): add missing live check for generating content collections types (#...</li> <li><a href="https://github.com/withastro/astro/commit/682d8b8b0ec303135addd047d6b9ce144e855896"><code>682d8b8</code></a> [ci] format</li> <li><a href="https://github.com/withastro/astro/commit/1a9107a4049f43c1e4e9f40e07033f6bfe4398e4"><code>1a9107a</code></a> Properly compute <code>currentLocale</code> when <code>path</code> segment contains <code>.html</code> (<a href="https://github.com/withastro/astro/tree/HEAD/packages/astro/issues/14229">#14229</a>)</li> <li><a href="https://github.com/withastro/astro/commit/eadc9dd277d0075d7bff0e33c7a86f3fb97fdd61"><code>eadc9dd</code></a> Fix <code>file()</code> loader JSON schema (<a href="https://github.com/withastro/astro/tree/HEAD/packages/astro/issues/14221">#14221</a>)</li> <li>Additional commits viewable in <a href="https://github.com/withastro/astro/commits/astro@5.13.4/packages/astro">compare view</a></li> </ul> </details> <br /> Updates `devalue` from 5.1.1 to 5.3.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sveltejs/devalue/releases">devalue's releases</a>.</em></p> <blockquote> <h2>v5.3.2</h2> <h3>Patch Changes</h3> <ul> <li>0623a47: fix: disallow array method access when parsing</li> <li>0623a47: fix: disallow <code>__proto__</code> properties on objects</li> </ul> <h2>v5.3.1</h2> <h3>Patch Changes</h3> <ul> <li>ae904c5: fix: correctly differentiate between +0 and -0</li> </ul> <h2>v5.3.0</h2> <h3>Minor Changes</h3> <ul> <li>2896e7b: feat: support Temporal</li> <li>fec694d: feat: support <code>URL</code> and <code>URLSearchParams</code> objects</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/sveltejs/devalue/blob/main/CHANGELOG.md">devalue's changelog</a>.</em></p> <blockquote> <h2>5.3.2</h2> <h3>Patch Changes</h3> <ul> <li>0623a47: fix: disallow array method access when parsing</li> <li>0623a47: fix: disallow <code>__proto__</code> properties on objects</li> </ul> <h2>5.3.1</h2> <h3>Patch Changes</h3> <ul> <li>ae904c5: fix: correctly differentiate between +0 and -0</li> </ul> <h2>5.3.0</h2> <h3>Minor Changes</h3> <ul> <li>2896e7b: feat: support Temporal</li> <li>fec694d: feat: support <code>URL</code> and <code>URLSearchParams</code> objects</li> </ul> <h2>5.2.1</h2> <h3>Patch Changes</h3> <ul> <li>e46f4c8: fix: handle repeated array buffers and subarrays</li> <li>2dfa504: fix: handle custom classes with null proto as pojo</li> </ul> <h2>5.2.0</h2> <ul> <li>Handle custom classes with null proto as pojo (<a href="https://redirect.github.com/sveltejs/devalue/pull/95">#95</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sveltejs/devalue/commit/86a6a66d2c830514e94326a0f8fa2d8d670eac8a"><code>86a6a66</code></a> Version Packages (<a href="https://redirect.github.com/sveltejs/devalue/issues/109">#109</a>)</li> <li><a href="https://github.com/sveltejs/devalue/commit/0623a47c9555b639c03ff1baea82951b2d9d1132"><code>0623a47</code></a> Merge commit from fork</li> <li><a href="https://github.com/sveltejs/devalue/commit/02d20e8a792e5daa387b23816aba0170fec7437e"><code>02d20e8</code></a> Version Packages (<a href="https://redirect.github.com/sveltejs/devalue/issues/108">#108</a>)</li> <li><a href="https://github.com/sveltejs/devalue/commit/ae904c5b189b5c2c3b7b969f70064dbc59196b58"><code>ae904c5</code></a> fix stringify not picking up negative zero if a normal zero has appeared befo...</li> <li><a href="https://github.com/sveltejs/devalue/commit/e95b87a6cc86bf116bada5ff28faead87df69920"><code>e95b87a</code></a> fix pkg.repository</li> <li><a href="https://github.com/sveltejs/devalue/commit/8300172d1d222e60f14cdec712ff0650756e9002"><code>8300172</code></a> fix changeset config</li> <li><a href="https://github.com/sveltejs/devalue/commit/434d8aefb9d67ec7bd9664a29599770cd22a3e3b"><code>434d8ae</code></a> Version Packages (<a href="https://redirect.github.com/sveltejs/devalue/issues/106">#106</a>)</li> <li><a href="https://github.com/sveltejs/devalue/commit/67c8334b82ec0fcf44543e39cc5f37f00bbd1f2f"><code>67c8334</code></a> mention support for URL/URLSearchParams/Temporal in README</li> <li><a href="https://github.com/sveltejs/devalue/commit/fec694d87e3f7f0cc764776bb91fd47095be1371"><code>fec694d</code></a> feat: support URL and URLSearchParams (<a href="https://redirect.github.com/sveltejs/devalue/issues/92">#92</a>)</li> <li><a href="https://github.com/sveltejs/devalue/commit/2896e7bef2d4b7f810a5df02652ffce5dfb76b64"><code>2896e7b</code></a> Add support for Temporal objects (<a href="https://redirect.github.com/sveltejs/devalue/issues/98">#98</a>)</li> <li>Additional commits viewable in <a href="https://github.com/sveltejs/devalue/compare/v5.1.1...v5.3.2">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~svelte-admin">svelte-admin</a>, a new releaser for devalue since your current version.</p> </details> <br /> Updates `esbuild` from 0.25.6 to 0.25.9 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/evanw/esbuild/releases">esbuild's releases</a>.</em></p> <blockquote> <h2>v0.25.9</h2> <ul> <li> <p>Better support building projects that use Yarn on Windows (<a href="https://redirect.github.com/evanw/esbuild/issues/3131">#3131</a>, <a href="https://redirect.github.com/evanw/esbuild/issues/3663">#3663</a>)</p> <p>With this release, you can now use esbuild to bundle projects that use Yarn Plug'n'Play on Windows on drives other than the <code>C:</code> drive. The problem was as follows:</p> <ol> <li>Yarn in Plug'n'Play mode on Windows stores its global module cache on the <code>C:</code> drive</li> <li>Some developers put their projects on the <code>D:</code> drive</li> <li>Yarn generates relative paths that use <code>../..</code> to get from the project directory to the cache directory</li> <li>Windows-style paths don't support directory traversal between drives via <code>..</code> (so <code>D:\..</code> is just <code>D:</code>)</li> <li>I didn't have access to a Windows machine for testing this edge case</li> </ol> <p>Yarn works around this edge case by pretending Windows-style paths beginning with <code>C:\</code> are actually Unix-style paths beginning with <code>/C:/</code>, so the <code>../..</code> path segments are able to navigate across drives inside Yarn's implementation. This was broken for a long time in esbuild but I finally got access to a Windows machine and was able to debug and fix this edge case. So you should now be able to bundle these projects with esbuild.</p> </li> <li> <p>Preserve parentheses around function expressions (<a href="https://redirect.github.com/evanw/esbuild/issues/4252">#4252</a>)</p> <p>The V8 JavaScript VM uses parentheses around function expressions as an optimization hint to immediately compile the function. Otherwise the function would be lazily-compiled, which has additional overhead if that function is always called immediately as lazy compilation involves parsing the function twice. You can read <a href="https://v8.dev/blog/preparser">V8's blog post about this</a> for more details.</p> <p>Previously esbuild did not represent parentheses around functions in the AST so they were lost during compilation. With this change, esbuild will now preserve parentheses around function expressions when they are present in the original source code. This means these optimization hints will not be lost when bundling with esbuild. In addition, esbuild will now automatically add this optimization hint to immediately-invoked function expressions. Here's an example:</p> <pre lang="js"><code>// Original code const fn0 = () => 0 const fn1 = (() => 1) console.log(fn0, function() { return fn1() }()) <p>// Old output<br /> const fn0 = () => 0;<br /> const fn1 = () => 1;<br /> console.log(fn0, function() {<br /> return fn1();<br /> }());</p> <p>// New output<br /> const fn0 = () => 0;<br /> const fn1 = (() => 1);<br /> console.log(fn0, (function() {<br /> return fn1();<br /> })());<br /> </code></pre></p> <p>Note that you do not want to wrap all function expressions in parentheses. This optimization hint should only be used for functions that are called on initial load. Using this hint for functions that are not called on initial load will unnecessarily delay the initial load. Again, see V8's blog post linked above for details.</p> </li> <li> <p>Update Go from 1.23.10 to 1.23.12 (<a href="https://redirect.github.com/evanw/esbuild/issues/4257">#4257</a>, <a href="https://redirect.github.com/evanw/esbuild/pull/4258">#4258</a>)</p> <p>This should have no effect on existing code as this version change does not change Go's operating system support. It may remove certain false positive reports (specifically CVE-2025-4674 and CVE-2025-47907) from vulnerability scanners that only detect which version of the Go compiler esbuild uses.</p> </li> </ul> <h2>v0.25.8</h2> <ul> <li> <p>Fix another TypeScript parsing edge case (<a href="https://redirect.github.com/evanw/esbuild/issues/4248">#4248</a>)</p> <p>This fixes a regression with a change in the previous release that tries to more accurately parse TypeScript arrow functions inside the <code>?:</code> operator. The regression specifically involves parsing an arrow function containing a <code>#private</code> identifier inside the middle of a <code>?:</code> ternary operator inside a class body. This was fixed by propagating private identifier state into the parser clone used to speculatively parse the arrow function body. Here is an example of some affected code:</p> </li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/evanw/esbuild/blob/main/CHANGELOG.md">esbuild's changelog</a>.</em></p> <blockquote> <h2>0.25.9</h2> <ul> <li> <p>Better support building projects that use Yarn on Windows (<a href="https://redirect.github.com/evanw/esbuild/issues/3131">#3131</a>, <a href="https://redirect.github.com/evanw/esbuild/issues/3663">#3663</a>)</p> <p>With this release, you can now use esbuild to bundle projects that use Yarn Plug'n'Play on Windows on drives other than the <code>C:</code> drive. The problem was as follows:</p> <ol> <li>Yarn in Plug'n'Play mode on Windows stores its global module cache on the <code>C:</code> drive</li> <li>Some developers put their projects on the <code>D:</code> drive</li> <li>Yarn generates relative paths that use <code>../..</code> to get from the project directory to the cache directory</li> <li>Windows-style paths don't support directory traversal between drives via <code>..</code> (so <code>D:\..</code> is just <code>D:</code>)</li> <li>I didn't have access to a Windows machine for testing this edge case</li> </ol> <p>Yarn works around this edge case by pretending Windows-style paths beginning with <code>C:\</code> are actually Unix-style paths beginning with <code>/C:/</code>, so the <code>../..</code> path segments are able to navigate across drives inside Yarn's implementation. This was broken for a long time in esbuild but I finally got access to a Windows machine and was able to debug and fix this edge case. So you should now be able to bundle these projects with esbuild.</p> </li> <li> <p>Preserve parentheses around function expressions (<a href="https://redirect.github.com/evanw/esbuild/issues/4252">#4252</a>)</p> <p>The V8 JavaScript VM uses parentheses around function expressions as an optimization hint to immediately compile the function. Otherwise the function would be lazily-compiled, which has additional overhead if that function is always called immediately as lazy compilation involves parsing the function twice. You can read <a href="https://v8.dev/blog/preparser">V8's blog post about this</a> for more details.</p> <p>Previously esbuild did not represent parentheses around functions in the AST so they were lost during compilation. With this change, esbuild will now preserve parentheses around function expressions when they are present in the original source code. This means these optimization hints will not be lost when bundling with esbuild. In addition, esbuild will now automatically add this optimization hint to immediately-invoked function expressions. Here's an example:</p> <pre lang="js"><code>// Original code const fn0 = () => 0 const fn1 = (() => 1) console.log(fn0, function() { return fn1() }()) <p>// Old output<br /> const fn0 = () => 0;<br /> const fn1 = () => 1;<br /> console.log(fn0, function() {<br /> return fn1();<br /> }());</p> <p>// New output<br /> const fn0 = () => 0;<br /> const fn1 = (() => 1);<br /> console.log(fn0, (function() {<br /> return fn1();<br /> })());<br /> </code></pre></p> <p>Note that you do not want to wrap all function expressions in parentheses. This optimization hint should only be used for functions that are called on initial load. Using this hint for functions that are not called on initial load will unnecessarily delay the initial load. Again, see V8's blog post linked above for details.</p> </li> <li> <p>Update Go from 1.23.10 to 1.23.12 (<a href="https://redirect.github.com/evanw/esbuild/issues/4257">#4257</a>, <a href="https://redirect.github.com/evanw/esbuild/pull/4258">#4258</a>)</p> <p>This should have no effect on existing code as this version change does not change Go's operating system support. It may remove certain false positive reports (specifically CVE-2025-4674 and CVE-2025-47907) from vulnerability scanners that only detect which version of the Go compiler esbuild uses.</p> </li> </ul> <h2>0.25.8</h2> <ul> <li>Fix another TypeScript parsing edge case (<a href="https://redirect.github.com/evanw/esbuild/issues/4248">#4248</a>)</li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/evanw/esbuild/commit/195e05c16f03a341390feef38b8ebf17d3075e14"><code>195e05c</code></a> publish 0.25.9 to npm</li> <li><a href="https://github.com/evanw/esbuild/commit/3dac33f2a2ba60387fb9aaca96b3e80b9e0512e0"><code>3dac33f</code></a> fix <a href="https://redirect.github.com/evanw/esbuild/issues/3131">#3131</a>, fix <a href="https://redirect.github.com/evanw/esbuild/issues/3663">#3663</a>: yarnpnp + windows + D drive</li> <li><a href="https://github.com/evanw/esbuild/commit/0f2c5c8c11dc3fa2a4e9e82df202d0b607e59de4"><code>0f2c5c8</code></a> mock fs now supports multiple volumes on windows</li> <li><a href="https://github.com/evanw/esbuild/commit/100a51e791ce714a1a90557bc9e5133fa0d38692"><code>100a51e</code></a> split out yarnpnp snapshot tests</li> <li><a href="https://github.com/evanw/esbuild/commit/13aace38bd1243e440061d1611e90a46ef55029c"><code>13aace3</code></a> remove <code>C:</code> assumption from windows snapshot tests</li> <li><a href="https://github.com/evanw/esbuild/commit/f1f413f18bce15a53fa4251f11a4747be94075e0"><code>f1f413f</code></a> fix <a href="https://redirect.github.com/evanw/esbuild/issues/4252">#4252</a>: preserve parentheses around functions</li> <li><a href="https://github.com/evanw/esbuild/commit/1bc809190bdb68ad27fc0a6e6d385b4f635c90e2"><code>1bc8091</code></a> fix <a href="https://redirect.github.com/evanw/esbuild/issues/4257">#4257</a>, close <a href="https://redirect.github.com/evanw/esbuild/issues/4258">#4258</a>: go 1.23.10 => 1.23.12</li> <li><a href="https://github.com/evanw/esbuild/commit/bc52135d02f794f28777c8e00db91997e0d98cab"><code>bc52135</code></a> move the go compiler version to <code>go.version</code></li> <li><a href="https://github.com/evanw/esbuild/commit/a0af5d1037c6e2509531151d153e875093f426b6"><code>a0af5d1</code></a> makefile: use <code>ESBUILD_VERSION</code> consistently</li> <li><a href="https://github.com/evanw/esbuild/commit/8c71947edbe5a158fec3a6d1cbfea1e8d5cdee70"><code>8c71947</code></a> publish 0.25.8 to npm</li> <li>Additional commits viewable in <a href="https://github.com/evanw/esbuild/compare/v0.25.6...v0.25.9">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/RayLabsHQ/gitea-mirror/network/alerts). </details> --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>