Changes

This PR marks the start of writing and running test files using TypeScript, by using the Node.js --experimental-strip-types

• I created two new test: commands so that we can migrate the files progressively.
• I added a new tsconfig.test.json specifically for the tests
• I added a new typecheck:tests job to make sure that the test files correctly use types

Let me know what you think

Testing

Existing tests should pass. Green CI

Docs

N/A

Summary

• make watch extension resolution robust when root file names do not include extensions
• filter out empty extensions and use a safe fallback extension set for watch mode
• avoid writing terminal clear control codes when stdout is not a TTY, improving CI/log readability
• add targeted tests for extension deduplication and fallback behavior

Why

Some projects can surface root file names without extensions (for example, Dockerfile-style entries). In those cases, watch filtering can become ineffective and miss relevant updates. This change ensures watch mode remains reliable across more project layouts and runtime environments.

Changes

• add resolveWatchExtensions(rootFileNames) in @astrojs/check to centralize and harden extension selection
• update watch setup to use the resolved extension list
• gate screen-clear behavior behind process.stdout.isTTY
• add watchExtensions.test.ts covering:
  - unique extension extraction
  - fallback behavior when no valid extensions are present

Test plan

• Run corepack pnpm --filter @astrojs/check build
• Run corepack pnpm --filter @astrojs/check test
• Validate watch mode behavior in a project with extensionless root files

Changes

• Fixes astro preview static server to merge user Vite config from astro.config.mjs (config.vite) before starting Vite preview.

• Keeps preview defaults/overrides on top (configFile: false, Astro-managed preview fields, Astro preview plugin).

• Applies allowedHosts after merge to avoid Vite array-concatenation behavior.

• Preserves precedence:

  • explicit Astro server.allowedHosts (true or non-empty array) wins
  • otherwise merged vite.preview.allowedHosts is used

• Fixes #16088.

Changes

This PR adds more unit tests to some functions that didn't have any coverage.

It also refactors isLocalsSerializable to use a stack-based approach. I applied the refactor after I added the tests.

Testing

Green CI

Docs

Changes

Fixes .meta properties applied to a top-level content collection not being rendered into JSON Schema. See withastro/roadmap#1327 (reply in thread) for discussion and original bug report.

Testing

I've added a new passing test for this.

Docs

I don't believe new docs are needed, this feels like what the expected behavior should have been with the bump to Zod 4.

Changes

• Replaces the optimize-deps skill with reference/optimize-deps.md
• Removes the unreliable "Load Domain-Specific Skills" step from diagnose.md and fix.md in the triage pipelin
• Adds a "Deep Dives" section to AGENTS.md with a short summary of the optimizeDeps bug category and a pointer to the full reference doc.
  • Idea here is future deep dives will go in the reference/ folder.

Testing

• N/A

Docs

• N/A

Changes

In Dev mode, Vite client changes styles on the fly, for example to transform :deep() in scoped styles in Vue components. The client router replaced those styles during swap with the untransformed versions, which are no valid CSS for the browser.
Auto persisting styles with data-vite-dev-id attributes keeps the transformed versions.

Fixes: #15898

Testing

Added new test case

Docs

n.a., bug fix

Changes

• The diagnose and fix triage sub-skills now include a step to check .agents/skills/ for relevant domain-specific skills and load them before starting their work.
• Each sub-agent runs in a fresh isolated context with no memory of prior steps, so domain skills that would normally auto-trigger in an interactive session were never loaded. This adds an explicit instruction to bridge that gap.

Testing

• Really hard to test these things, ran triage locally and it did pick up the issue, although I might have steered it by mistake.

Docs

• N/A

Changes

This PR adds many unit tests to our runtime/rendering utilities. Some utilities weren't exported, but now they are.

It also moves some integration tests to unit tests, and remove unused fixtures in the process.

Closes AST-16

Testing

Green CI

Docs

Changes

• Guards the buildStart hook in the astro:scripts Vite plugin to skip this.emitFile() when Vite is running in serve mode (astro dev).
• emitFile() is a Rollup build-time API that Vite stubs out during dev, producing a spurious warning:

  [WARN] [vite] [plugin:astro:scripts] context method emitFile() is not supported in serve mode.
  

• The fix captures the Vite command via the config hook and returns early from buildStart when command === 'serve'. The emitFile() call still runs during build as intended, ensuring before-hydration script chunks are correctly emitted for production builds.

Closes #16026
Closes #15975

Testing

• before-hydration.test.js — All 7 tests pass, covering both SSG and SSR scenarios, in dev and build modes, with and without hydration scripts injected by integrations. This validates that the before-hydration chunk is still correctly emitted during builds while the warning is suppressed during dev.
• astro-scripts.test.js — All 11 tests pass, covering script rendering, hoisting, inlining, and injectScript in both dev and build modes.

Docs

• No docs update needed — this is a bug fix removing a spurious warning, with no change to user-facing APIs or behavior.

Changes

Closes AST-6
Closes #16053

Testing

Added a new test

Docs

N/A

Changes

Fix a bug which prevented pages from being served by ISR by the vercel adapter.

This PR introduced a bug with the vercel adaptor which made any route served by ISR result in a 404. This is due to an intricacy with how vercel ISR works, in that we need to change the request path when serving an ISR path. This was noticed by a commenter in the PR.

Testing

No additional test cases added. Manual e2e tests performed on a test vercel project (note this includes other code from another PR I am working on, but the upshot is that it is a ISR page, which does not 404, as opposed to an earlier deployment without this fix which does 404).

Docs

No docs needed as a bug fix for internal adapter logic

Changes

Closes AST-13

• increased testing coverage for redirects
• moved some redirects tests to unit tests
• increased testing coverage for content collection image reference
• moved prerender flag to unit tests instead of integration tests

Testing

Green CI

Docs

N/A

Changes

With Astro v6, we deprecated constants for event names.
The client router code itself was still using those.
This change replaces them with their string literals.

Testing

covered by existing tests

Docs

n.a. internal refactor.

Changes

• Closes #16023

Testing

Manually + new unit test

Docs

Changeset

Changes

• Removes alertdialog and application from the aria_non_interactive_roles array in the dev toolbar. Per WAI-ARIA, these are interactive widget roles, not document structure roles.
• Fixes a minor trailing space in the a11y-missing-attribute error message.

Testing

This is a static data array update, so no new tests were added. The existing a11y-no-interactive-element-to-noninteractive-role and a11y-no-noninteractive-element-to-interactive-role rules automatically pick up the corrected classifications. Verified locally that the test suite passes.

Docs

No documentation updates needed. This strictly fixes internal dev toolbar audit behavior to align with the WAI-ARIA spec and does not affect public APIs.

THANK YOU

Changes

• The a11y-missing-attribute dev toolbar audit incorrectly required all listed attributes on <area> and <object> elements (AND logic). Per the WAI-ARIA spec, these elements only need at least one of their alternative labeling attributes (alt, aria-label, or aria-labelledby for <area>; title, aria-label, or aria-labelledby for <object>).
• Added OR logic so these elements are only flagged when none of the listed attributes are present. Updated the error message to use "or" instead of "," for these elements.

Testing

• The fix is a minimal logic branch in the existing match function. Elements with a single required attribute (a, html, iframe, img) are completely unaffected since AND/OR is equivalent for a single item.
• Verified the fix passes pnpm format and pnpm lint with no new issues.

Docs

• No docs update needed — this is an internal dev toolbar audit rule fix with no user-facing API change.

Changes

We have some deps in the monorepo that relies on things added in 20.12.0, updating the VS Code version by two makes our minimum Node version be 20.14.0 now, fixing builds in CI. People are typically up to date on VS Code versions, and this version is going on two years old at this point, so should be fine, really.

Testing

Tests should pass

Docs

This is shown in VS Code itself, with a prompt to upgrade your VS Code version IIRC.

Changes

• menuitemradio was incorrectly listed in the aria_non_interactive_roles array used by the dev toolbar's a11y audit rules.
• Per the WAI-ARIA spec, menuitemradio is a widget role (interactive) — it represents a checkable menu item in a radio group. This matches how eslint-plugin-jsx-a11y classifies it.
• This misclassification caused false positives on a11y-no-interactive-element-to-noninteractive-role (e.g. <button role="menuitemradio"> incorrectly flagged) and missed violations on a11y-no-noninteractive-element-to-interactive-role (e.g. <div role="menuitemradio"> not flagged).

Testing

• This is a data-level fix (removing one incorrect entry from a static array). The audit rule logic is unchanged, so existing tests continue to validate correctness.

Docs

• No docs update needed — this is an internal dev toolbar behavior fix with no user-facing API change.

Changes

• Adds a new agent skill at .agents/skills/optimize-deps/SKILL.md documenting tribal knowledge about Vite's dep optimizer as it applies to the Astro dev server.
• Covers how optimizeDeps works (scan phase vs bundle phase), why non-JS files like .astro require special handling, the roles of vitefu, vite-plugin-environment, and astroFrontmatterScanPlugin, and a debugging playbook with logging techniques and potential fix patterns.

Testing

• No code changes — this is documentation/tooling only.

Docs

• This IS the docs. No other changes needed.

Changes

Updates svgo to the latest

Testing

Green CI

Docs

Changes

• Server Islands (server:defer) now work correctly in Netlify production deployments when using output: 'static' (the default). Previously the /_server-islands/* endpoint returned 404.
• The bug was in astro:config:done: buildOutput was destructured from the hook params before setAdapter() was called, capturing a stale 'static' snapshot. Since buildOutput is a getter on settings.buildOutput, and setAdapter() upgrades it to 'server', the fix is to read params.buildOutput after setAdapter() rather than destructuring it upfront.

Testing

• Added a regression test in test/static/static-headers.test.js that asserts the SSR function directory is created after building a output: 'static' project with a server:defer island — the exact scenario from the bug report.
• The existing static-headers fixture already had this setup, so no new fixture was needed.

Docs

No docs update needed — this is a bug fix restoring already-documented behavior.

Closes #16049

Changes

• When astro dev starts, Astro now checks if vite@8 is installed at the top level of the user's project and emits a warning directing them to add "overrides": { "vite": "^7" } to their package.json. Vite 8 at the top level causes subtle breakage with the Cloudflare adapter because @cloudflare/vite-plugin resolves vite via Node's normal module resolution (no nested copy of its own), so it picks up the user's hoisted Vite 8 instead of Astro's Vite 7 — leading to a require_dist is not a function crash in workerd's CustomModuleRunner.
• astro add cloudflare now prompts the user to add "overrides": { "vite": "^7" } to their package.json automatically. This prevents the issue from being introduced later (e.g. if the user installs @tailwindcss/vite after adding the Cloudflare adapter, which hoists Vite 8 to the top level).

Testing

• Reproduced the crash manually: npm create astro@latest with --add cloudflare --add tailwind, delete node_modules + package-lock.json, reinstall — astro build fails with require_dist is not a function. Adding "overrides": { "vite": "^7" } resolves it.

Docs

No docs update needed — the warning itself is user-facing guidance, and the astro add prompt explains the change inline.

Closes #16029

Changes

• Adds a Changesets section to the astro-pr-writer skill covering when changesets are required, file format, bump type rules, and CI restrictions on major/minor core bumps
• Documents the Astro changeset message writing conventions from https://contribute.docs.astro.build/docs-for-code-changes/changesets/ — verb-first present tense, user-facing framing, and type-specific guidance (patch, minor, breaking)
• Instructs agents to always write the changeset file manually rather than offering the interactive CLI wizard, which agents cannot use
• Adds a self-check item to verify a changeset exists before posting any package-modifying PR

Testing

• Manual review of the updated skill content against the Astro contribution docs and the existing changeset files in the repo

Docs

• No docs update needed; this change is to an agent skill, not user-facing Astro documentation.

Changes

Closes AST-14

More unit tests, less integration tests, more test coverage.

• encoded params are now unit tested in the build, removed their fixture
• extracted the logic that creates the fallback routes to its own function, so that it's exported and tested
• removed some tests from rewrite.test.js as they are already covered from unit tests
• improved test cases of in-memory cache
• many fixtures have been removed, as they aren't used anymore

Testing

Green CI

Docs

N/A

Changes

• What does this change?
• Be short and concise. Bullet points can help!
• Before/after screenshots can help as well.
• Don't forget a changeset! Run pnpm changeset.
• See https://contribute.docs.astro.build/docs-for-code-changes/changesets/ for more info on writing changesets.

Testing

Docs

Closes #15993

Changes

Middleware changes were not picked up during development without a full server restart. Now it's fixed and editing middleware during astro dev takes effect on the next request. Based on proposed Copilot changes.

Testing

Added a new e2e test that verifies a response header set by middleware updates after editing the middleware file without server restart.

Docs

No docs are required.

Changes

The issue is caused by upstream, this patch only provides a workaround to prevent Astro projects from build failure and runtime 500 error (if it's a server) instead of actually fixing.

The issue happens because a piece of code from "fdir" uses require(), and it would be compiled to a call to the function returned by createRequire(import.meta.url). However, import.meta.url is undefined in workerd runtime.

[ERROR] TypeError: The argument 'path' The argument must be a file URL object, a file URL string, or an absolute path string.. Received 'undefined'
    at createRequire (node:module:34:15)
    at .../dist/server/chunks/index_DJvu3f_r.mjs:11716:33

See also:

• vitejs/vite#21969
• https://github.com/thecodrr/fdir/blob/790c182eb54809ea7bc14f1bcb40acce89506bb4/src/builder/index.ts#L17

Similar issues:

• better-auth/better-auth#6690
• nitrojs/nitro#4132

Testing

It's just a small fix.

Docs

It doesn't add or change any documented behavior but makes it work as expected.

Closes #14669

Changes

When a Svelte component uses generic type parameters (<script generics="T extends ...">), the editor integration now preserves the generics in the generated TypeScript, so props are correctly inferred and intellisense works in .astro files.

Testing

Added several astro check tests in svelte/test/check.test.js

• Single-param generic with conditional type constraint
• Multi-param generic with nested angle brackets (Record<string, unknown>)
• Arrow function type in generic constraint ((val: string) => boolean)

To check this manually:

1. Create a Svelte component with generics attribute:

<script lang="ts" generics="T extends boolean = false">
  interface Props { flag?: T; items: T extends true ? number[] : string[] }
  let { flag, items }: Props = $props();
</script>

2. Import and use it in an .astro file
3. Before the fix: TypeScript errors and no intellisense
4. After the fix: props are correctly inferred with generic constraints

Docs

No docs changes are required.

Changes

• Server islands no longer crash with this.result.serverIslandNameMap.get is not a function in dev when using an adapter that adds a separate prerender Vite environment
• The bug was triggered by a specific navigation order: visiting any page without a server island first caused the virtual:astro:server-island-manifest module to be cached in the prerender environment with placeholder string values. When a page with a server island was then visited, the plugin invalidated the module only in the ssr environment — the prerender environment kept its stale cached module. At render time, the truthy placeholder string passed through ?? new Map() and calling .get() on it threw.
• The fix updates configureServer to collect all server-side environments (ssr, prerender, astro) and invalidates the manifest module in all of them when server islands are first discovered.

Testing

• Confirmed manually with the reproduction from #16045: visiting / (no island) then /with-island now renders correctly instead of returning HTTP 500.
• No automated test added: the bug only manifests with a prerender environment, which requires the Cloudflare adapter's workerd runtime and cannot be exercised in the standard fixture test suite. The fix is a targeted behavioral change in the plugin's invalidation loop.

Docs

No docs update needed — this is a bug fix with no API or behavior changes visible to users beyond the crash being resolved.

Fixes #16045

Changes

• ssrAssetsPerEnvironment is a recently added property that's used to know what to copy over to the client folder
• This iterates over them and adds them to the manifest so the Node adapter knows to serve them.

Testing

• Added a new fixture packages/integrations/node/test/fixtures/ssr-assets-middleware/ with an index.astro that imports a CSS file and a [...path].astro catch-all page — the minimal setup required to reproduce the bug.
• Added a regression test in node-middleware.test.js (middleware with fastify and catch-all route: SSR assets in manifest) that builds with assetsInlineLimit: 0, starts a Fastify server, and asserts that requesting the CSS asset URL returns text/css rather than text/html from the catch-all. The test fails on unfixed code and passes with the fix.

Docs

No docs update needed — this is a bug fix restoring documented behavior with no API changes.

Fixes #16039

Description

This PR reverts the revert of the usage of the fork interaction action, as HiDeoo originally implemented it. As it turns out, the official action still has quite some weird bugs (which might get fixed), but I'd say: never change a running system.

Related

• #1139
• #3769
• #3774

Changes

Closes #16042

• When astro dev runs behind a TLS-terminating reverse proxy (Caddy, nginx, Traefik, etc.), the proxy connects to Vite over plain HTTP while the browser communicates over HTTPS. The dev server was always constructing the request URL with http:// because it only checked whether Vite itself was configured with TLS (vite.server.https). The CSRF origin check then compared http://host (server-side URL) against Origin: https://host (browser header) and returned 403 for every non-GET form submission.
• The dev server now calls validateForwardedHeaders to derive the protocol from X-Forwarded-Proto, gated on security.allowedDomains being non-empty — the same security guard used in production (core/app/node.ts). Without allowedDomains the header is untrusted and behaviour is identical to before.
• security.allowedDomains is now propagated into the dev manifest. It was previously absent, meaning the forwarded-header validation would always short-circuit even if the user had configured it.
• security.checkOrigin is now respected in dev unconditionally. The previous buildOutput === 'server' gate suppressed CSRF protection in dev regardless of the user's config.
• getFirstForwardedValue (previously an inline closure in node.ts) is extracted and exported from validate-headers.ts, the natural home for forwarded-header utilities, and reused in both node.ts and the dev server.

Testing

• 15 new unit tests in test/units/app/dev-url-construction.test.js cover the URL construction logic in isolation: no allowedDomains (header ignored), matching allowedDomains (header trusted), wildcard hostname patterns, multi-value comma-separated headers, malicious injection attempts (javascript:, URL-injection), isHttps fallback, and the end-to-end CSRF implication (constructed url.origin matches the browser Origin header iff and only if allowedDomains is configured).
• All 62 existing node.test.js tests and 35 csrf.test.js tests continue to pass with no changes.

Docs

N/A

Description

This PR fixes the configuration for our first-time contributor workflow.

This broke after #3769

(Note that it still fails on this PR because it runs on pull_request_target so the version on main is still being used.)

This PR was opened by the Changesets release GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated.

Releases

@astrojs/starlight@0.38.3

Patch Changes

• #3770 6e7bed1 Thanks @gameroman! - Adds examples to the inline documentation for title in the Starlight configuration object

Changes

Fixes #16028.

• Fixes unnecessary prerendering of redirect destinations
• Unnecessary files are no longer generated by static builds for redirected routes.
• Requests are no longer made at build time to external redirect destination URLs, which could cause builds to fail.

Testing

Two tests were added to the Cloudflare package: one for an internal redirect, and one for an external redirect. Both do a test build and check that the _redirects file is properly generated and that no unnecessary requests or files were made.

Docs

No documentation changes needed, as these fixes should not affect user behavior.

Summary

• switch Vitest config references to vitest/config so the Vite 8/Vitest 4 examples and fixture type-check again
• route Astro's SSR-only full reloads through the client hot environment and let headless Chrome settle before HMR assertions
• relax the Markdoc propagated-assets assertion to match minified Vite 8 CSS output

Validation

• cd packages/astro && CI=1 bunx nve 22 pnpm exec playwright test e2e/astro-component.test.js e2e/hmr.test.js --project="Chrome Stable" --workers=1 --retries=0
• cd packages/integrations/markdoc && bunx nve 24.14.0 pnpm run test

Notes

• I couldn't fully rerun test:check-examples locally because this checkout's linked @astrojs/check workspace package is missing its language-tools build output, but the original CI failure there was the Vitest config typing error fixed in this patch.

Changes

• Unpin fast-xml-parser from exact 5.4.1 to ^5.5.7

The pin was introduced in #15830 because v5.5.0 shipped with a broken dependency declaration ("fast-xml-builder": "file:../../fxp-builder"). The upstream issue (NaturalIntelligence/fast-xml-parser#799) is now closed and resolved.

The pinned v5.4.1 has open CVEs related to entity expansion limits (XXE prevention), which are fixed in v5.5.7+:

• CVE-2025-27098 — Prototype pollution via attribute parsing
• CVE-2025-27439 — Entity expansion (billion laughs) attack

No breaking API changes exist between 5.4.1 and 5.5.7. The options used by @astrojs/rss (ignoreAttributes, suppressEmptyNode, suppressBooleanAttributes) are unchanged. The fast-xml-builder transitive dependency moved from 1.0.0 to ^1.1.4 (same major version).

Testing

• All 21 existing @astrojs/rss tests pass with no changes needed
• Tests cover the full API surface: basic items, content encoding, custom data, stylesheets, self-closing tags, enclosures, sources, categories, and trailing slashes

Docs

No user-facing behavior changes — this is a transparent dependency update.

Changes

• closes #16030

Testing

• existing

Docs

• none bug fix

Changes

Resolves #16032.

• Adds image as a valid ARIA role.

Testing

Locally, by setting role="image" on an element and observing it not get flagged by the audit.

Docs

No documentation update needed.

Changes

• Add verifyOptions to catch invalid image configurations during the static build process.
• Added a regression test with a static build fixture to ensure the build properly fails when dimensions are missing.

issue : #15793

Testing

Test result in local before implementation :

Test result in local after implementation :

Docs

Changes

https://developer.mozilla.org/en-US/docs/Web/API/PopStateEvent/hasUAVisualTransition

• Skip document.startViewTransition() when PopStateEvent.hasUAVisualTransition is true
• Fixes #16024

Note

On iOS, repeated testing may reveal a remaining minor flicker caused by a separate issue. However, this PR eliminates the double-animation flicker by properly supporting the hasUAVisualTransition API.

Testing

Manually tested on macOS Safari and iOS Safari:

1. Navigate between pages using <ClientRouter />
2. Swipe back/forward with gesture
3. Confirm no flicker occurs

Docs

No docs needed. This is a bug fix with no API changes.

Description

In #1139 we decided to use a fork of actions/first-interaction because the Node version was outdated and the fork has more robust features in general (read the detailed benefits in HiDeoo's list in the PR).

Since then, the original action has been updated quite well, and seems to be maintained actively again, whereas now the fork has not been updated for about a year. I have not done a comparison performance- or feature-wise in depth. But I recommend using the original and actively maintained action.

Therefore, I reverted the commit and also removed the checkout step, as it is actually not necessary.

This PR was opened by the Changesets release GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated.

Releases

astro@6.1.0

Minor Changes

• #15804 a5e7232 Thanks @merlinnot! - Allows setting codec-specific defaults for Astro's built-in Sharp image service via image.service.config.

  You can now configure encoder-level options such as jpeg.mozjpeg, webp.effort, webp.alphaQuality, avif.effort, avif.chromaSubsampling, and png.compressionLevel when using astro/assets/services/sharp for compile-time image generation.

  These settings apply as defaults for the built-in Sharp pipeline, while per-image quality still takes precedence when set on <Image />, <Picture />, or getImage().

• #15455 babf57f Thanks @AhmadYasser1! - Adds fallbackRoutes to the IntegrationResolvedRoute type, exposing i18n fallback routes to integrations via the astro:routes:resolved hook for projects using fallbackType: 'rewrite'.

  This allows integrations such as the sitemap integration to properly include generated fallback routes in their output.

  {
    'astro:routes:resolved': ({ routes }) => {
      for (const route of routes) {
        for (const fallback of route.fallbackRoutes) {
          console.log(fallback.pathname) // e.g. /fr/about/
        }
      }
    }
  }

• #15340 10a1a5a Thanks @trueberryless! - Adds support for advanced configuration of SmartyPants in Markdown.

  You can now pass an options object to markdown.smartypants in your Astro configuration to fine-tune how punctuation, dashes, and quotes are transformed.

  This is helpful for projects that require specific typographic standards, such as "oldschool" dash handling or localized quotation marks.

  // astro.config.mjs
  export default defineConfig({
    markdown: {
      smartypants: {
        backticks: 'all',
        dashes: 'oldschool',
        ellipses: 'unspaced',
        openingQuotes: { double: '«', single: '‹' },
        closingQuotes: { double: '»', single: '›' },
        quotes: false,
      },
    },
  });

  See the retext-smartypants options for more information.

Patch Changes

• #16025 a09f319 Thanks @koji-1009! - Instructs the client router to skip view transition animations when the browser is already providing its own visual transition, such as a swipe gesture.

• #16055 ccecb8f Thanks @Gautam-Bharadwaj! - Fixes an issue where client:only components could have duplicate client:component-path attributes added in MDX in rare cases

• #16081 44fc340 Thanks @crazylogic03! - Fixes the emitFile() is not supported in serve mode warning that appears during astro dev when using integrations that inject before-hydration scripts (e.g. @astrojs/react)

• #16068 31d733b Thanks @Karthikeya1500! - Fixes the dev toolbar a11y audit incorrectly classifying menuitemradio as a non-interactive ARIA role.

• #16080 e80ac73 Thanks @ematipico! - Fixes experimental.queuedRendering incorrectly escaping the HTML output of .html page files, causing the page content to render as plain text instead of HTML in the browser.

• #16048 13b9d56 Thanks @matthewp! - Fixes a dev server crash (serverIslandNameMap.get is not a function) that occurred when navigating to a page with server:defer after first visiting a page without one, when using @astrojs/cloudflare

• #16093 336e086 Thanks @Snugug! - Fixes Zod meta not correctly being rendered on top-level schema when converted into JSON Schema

• #16043 d402485 Thanks @ematipico! - Fixes checkOrigin CSRF protection in astro dev behind a TLS-terminating reverse proxy. The dev server now reads X-Forwarded-Proto (gated on security.allowedDomains, matching production behaviour) so the constructed request origin matches the https:// origin the browser sends. Also ensures security.allowedDomains and security.checkOrigin are respected in dev.

• #16064 ba58e0d Thanks @ematipico! - Updates the dependency svgo to the latest, to fix a security issue.

• #16007 2dcd8d5 Thanks @florian-lefebvre! - Fixes a case where fonts files would unecessarily be copied several times during the build

• #16017 b089b90 Thanks @felmonon! - Fix the astro sync error message when getImage() is called while loading content collections.

• #16014 fa73fbb Thanks @matthewp! - Fixes a build error where using astro:config/client inside a <script> tag would cause Rollup to fail with "failed to resolve import virtual:astro:routes from virtual:astro:manifest"

• #16054 f74465a Thanks @seroperson! - Fixes an issue with the development server, where changes to the middleware weren't picked, and it required a full restart of the server.

• #16033 198d31b Thanks @adampage! - Fixes a bug where the the role image was incorrectly reported by audit tool bar.

• #15935 278828c Thanks @oliverlynch! - Fixes cached assets failing to revalidate due to redirect check mishandling Not Modified responses.

• #16075 2c1ae85 Thanks @florian-lefebvre! - Fixes a case where invalid URLs would be generated in development when using font families with an oblique style and angles

• #16062 87fd6a4 Thanks @matthewp! - Warns on dev server startup when Vite 8 is detected at the top level of the user's project, and automatically adds a "overrides": { "vite": "^7" } entry to package.json when running astro add cloudflare. This prevents a require_dist is not a function crash caused by a Vite version split between Astro (requires Vite 7) and packages like @tailwindcss/vite that hoist Vite 8.

• Updated dependencies [10a1a5a]:

  • @astrojs/markdown-remark@7.1.0

@astrojs/preact@5.1.0

Minor Changes

• #15862 06fba3a Thanks @crutchcorn! - Adds support for passing a Babel config to the Preact Vite Plugin:

  // astro.config.mjs
  import { defineConfig } from 'astro/config';
  import preact from '@astrojs/preact';
  
  export default defineConfig({
    integrations: [
      preact({
        babel: {
          generatorOpts: {
            importAttributesKeyword: 'with',
          },
        },
      }),
    ],
  });

@astrojs/markdown-remark@7.1.0

Minor Changes

• #15340 10a1a5a Thanks @trueberryless! - Updates createMarkdownProcessor to support advanced SmartyPants options.

  The smartypants property in AstroMarkdownOptions now accepts Smartypants options, allowing fine-grained control over typography transformations (backticks, dashes, ellipses, and quotes).

  import { createMarkdownProcessor } from '@astrojs/markdown-remark';
  
  const processor = await createMarkdownProcessor({
    smartypants: {
      backticks: 'all',
      dashes: 'oldschool',
      ellipses: 'unspaced',
      openingQuotes: { double: '«', single: '‹' },
      closingQuotes: { double: '»', single: '›' },
      quotes: false,
    },
  });

  For the up-to-date supported properties, check out the retext-smartypants options.

@astrojs/rss@4.0.18

Patch Changes

• #16037 fdd2c5a Thanks @blimmer! - Unpin fast-xml-parser to ^5.5.7 to resolve entity expansion CVEs

@astrojs/cloudflare@13.1.4

Patch Changes

• #16041 56d2bde Thanks @kylemclean! - Fixes unnecessary prerendering of redirect destinations

  Unnecessary files are no longer generated by static builds for redirected routes.

  Requests are no longer made at build time to external redirect destination URLs, which could cause builds to fail.

• Updated dependencies []:

  • @astrojs/underscore-redirects@1.0.2

@astrojs/markdoc@1.0.3

Patch Changes

• Updated dependencies [10a1a5a]:
  • @astrojs/markdown-remark@7.1.0

@astrojs/mdx@5.0.3

Patch Changes

• Updated dependencies [10a1a5a]:
  • @astrojs/markdown-remark@7.1.0

@astrojs/netlify@7.0.5

Patch Changes

• #16063 ccb6a9c Thanks @matthewp! - Fixes server islands returning 404 in production when using output: 'static' (the default)

• Updated dependencies []:

  • @astrojs/underscore-redirects@1.0.2

@astrojs/node@10.0.4

Patch Changes

• #16002 846f27f Thanks @buley! - Fixes file descriptor leaks from read streams that were not destroyed on client disconnect or read errors

• #15941 f41584a Thanks @ematipico! - Fixes an infinite loop in resolveClientDir() when the server entry point is bundled with esbuild or similar tools. The function now throws a descriptive error instead of hanging indefinitely when the expected server directory segment is not found in the file path.

@astrojs/partytown@2.1.6

Patch Changes

• #16002 846f27f Thanks @buley! - Fixes file descriptor leaks from read streams that were not destroyed on client disconnect or read errors

@astrojs/react@5.0.2

Patch Changes

• #15378 a8a926e Thanks @dmgawel! - Fix React hydration errors when using conditional slot rendering

• #15146 f771f75 Thanks @kedarvartak! - Fixes hydration mismatch when using experimentalReactChildren

• #14917 769265b Thanks @sanjaiyan-dev! - Refactors to improve the performance of rendering static HTML content in React

@astrojs/sitemap@3.7.2

Patch Changes

• #15455 babf57f Thanks @AhmadYasser1! - Fixes i18n fallback pages missing from the generated sitemap when using fallbackType: 'rewrite'.

@astrojs/svelte@8.0.4

Patch Changes

• #15604 3e1ac66 Thanks @pierreeurope! - Adds a temporary workaround for a Svelte bug causing empty class attributes in SSR output.

• #16050 89a7250 Thanks @seroperson! - Using a Svelte component with generic type parameters now correctly infer props in .astro files

@astrojs/vercel@10.0.3

Patch Changes

• #16079 aa26636 Thanks @empoulter-uclan! - Fix vercel ISR path rewrite

astro-vscode@2.16.14

Patch Changes

• #16069 c9a5807 Thanks @Princesseuh! - Updates the minimum supported version of VS Code to 1.92.0 (July 2024)

Fixes #16012.

Summary

• align the default LiveLoader data type with its existing Record<string, any> constraint
• update the related live content public types to use the same default
• add a type regression covering defineLiveCollection() with a LiveLoader whose data shape is declared as an interface

Verification

• pnpm run build:ci
• pnpm exec tsc --noEmit --moduleResolution bundler --module esnext --target es2022 --types node ./test/types/define-live-collection.ts

Summary

• construct the astro:assets sync-time getImage() error using the public AstroUserError signature
• add a CLI regression for astro sync so the thrown content-types error stays descriptive
• include a patch changeset for the astro package

Testing

• pnpm run build:ci
• pnpm exec astro-scripts test "test/astro-sync.test.js"

Fixes #16015

Summary

• use text content instead of innerText for dev-toolbar a11y name checks
• cover anchors inside closed
  Details

  so hidden-but-valid text is not flagged
• reuse the same text-content check for label and aria-labelledby paths

Testing

• pnpm run build:ci
• pnpm exec playwright test e2e/dev-toolbar-audits.test.js

Fixes #16009

Changes

• Fixes a build error where importing astro:config/client inside a <script> tag (client environment) caused Rollup to fail with failed to resolve import "virtual:astro:routes" from "virtual:astro:manifest".
• Refactored astro:config/client in virtual-module.ts to inline config values directly from AstroSettings at plugin creation time, instead of generating code that imports from virtual:astro:manifest.

Testing

• Added a regression test in test/serializeManifest.test.js with a new fixture (astro-manifest-client-script) that imports astro:config/client inside a <script> tag in an SSR project (using output: 'server' + test adapter). The test asserts the build succeeds — it fails on main with the exact Rollup error from the issue and passes with the fix applied.

Docs

N/A, bug fix

Fixes #15991

Changes

• Fixes a permanent hang on the first HTTP request when using @astrojs/cloudflare in dev mode. The server would start successfully but every request would time out with no response.
• The root cause was in ensureModulesLoaded() (added in #15988): it traversed into virtual:astro:dev-css-all, which statically imports all per-route virtual:astro:dev-css:* modules. So basically it hangs because of a circular import call.
• The fix skips virtual:astro:dev-css, virtual:astro:dev-css-all, and virtual:astro:dev-css:* modules during the traversal. These are CSS collector virtuals that contain no CSS themselves, so skipping them has no effect on CSS injection — collectCSSWithOrder() handles that separately.

Testing

• Manually verified against a multi-route Cloudflare adapter project where the hang was reliably reproducible.
• The existing css-dynamic-import-dev test (added in #15988) continues to cover the original fix for dynamic import CSS injection on first load.

Docs

• No docs update needed — this restores expected dev server behavior with no user-facing API changes.

Fixes #16010

Changes

• Font files would be copied several times during the build because it would run for each environment
• This PR fixes it by making sure it runs once during the build

Testing

Manually, tests should pass

Docs

Changeset

Changes

This PR attempts to start moving some build tests (SSG mainly) to be unit testable. Not all tests can be unit testable, but there are many that can be. In this PR, few i18n tests were moved as a starting point (and a fixture were removed in the process).

• The Astro build pipeline now accepts a fsMod instance, so that we can pass a virtual file system
• The build pipeline has been broken down into generate and renderPath. renderPath doesn't save anything to disk. The caller is responsible for that (in our case, the generate function)
• We have now a mocked AstroPrerender that does the minimum: it accepts the request and attempts to render the component associated to it.
• The testing suite uses the real function createRoutesList, which crawls the file system and returns the final RouteList

Testing

Green CI.

To give some numbers, the previous integration test took ~1.6s, the new one takes ~400ms

Docs

Yes, for the new parameter added to the public interface

Changes

This PR moves some of the getImage assertions to be unit testable. In order to do, we create a small wrapper around our base image service, just for our tests. I had to do so because the production image service relies on import.meta.env.BASE_URL.

The only caveat of the testing image service is that it has pollute globalThis, so that we can bypass the vite virtual module.

Testing

Removed some integration tests. Added new unit tests.

Docs

N/A

Summary

Two createReadStream() file descriptor leaks found via static analysis of the control flow graph:

1. packages/integrations/partytown/src/sirv.ts:129

fs.createReadStream(file, opts).pipe(res) leaks the file descriptor when the HTTP response is closed prematurely (e.g. client disconnect, timeout). Node's .pipe() does not automatically destroy the source stream when the destination closes.

Fix: Captured the stream reference and added res.on('close', () => stream.destroy()).

2. packages/integrations/node/src/serve-app.ts:24

createReadStream(fullPath) in readErrorPageFromDisk() was never destroyed in the catch block. If the stream partially opened before the error event fired (e.g. permission change between open and error), the fd leaked across retry iterations as the loop tries the next file path pattern.

Fix: Moved stream declaration outside try so it can be destroyed in catch via stream?.destroy().

Test Plan

• Both fixes only affect cleanup paths and do not change normal control flow
• Manual: serve a large static file via partytown integration, disconnect mid-download, verify no leaked fds with lsof -p <pid>

Changes

• Refactors head propagation runtime logic into focused units (resolver, buffer, policy) and routes call sites through a dedicated runtime facade so registration, buffering, and instruction gating use a single orchestration path.
• Extracts static-analysis decisions used by head metadata propagation into reusable domain helpers (graph bubbling and marker detection), then updates vite-plugin-head to use those helpers in both dev and build flows.
• Centralizes propagated-asset boundary detection into a shared head-propagation unit and wires both dev crawl and build CSS graph traversal through it, so stop-boundary behavior is computed consistently.
• Replaces fixture-heavy head propagation tests with unit and app-level tests, including removal of old fixture suites and addition of focused tests that cover runtime contracts, bubbling rules, marker detection behavior, and boundary handling.

Testing

• Added a dedicated unit suite under packages/astro/test/units/render/head-propagation/ that validates resolver precedence, live propagator iteration semantics, head/maybe-head policy matrix behavior, graph bubbling, marker detection, boundary checks, and runtime adapter contracts.
• Added packages/astro/test/units/render/head-injection-app.test.js to keep lightweight app-level coverage for key glue scenarios (page-level propagation, nested layout propagation, and slot-render buffering) without relying on full fixture pipelines.
• Verified regression safety by running head-focused unit suites and content-collections test suites after rebuild; all executed suites passed.

Test Checklist

• packages/astro/test/head-injection.test.js Markdown dedupe behavior is covered by policy/runtime unit tests and existing head render unit assertions.
• packages/astro/test/head-injection.test.js slot/slots.render fixture scenarios are covered by packages/astro/test/units/render/head-injection-app.test.js and packages/astro/test/units/render/head.test.js.
• packages/astro/test/units/dev/head-injection.test.js page-scope dynamic injection is covered by packages/astro/test/units/render/head-injection-app.test.js.
• packages/astro/test/units/dev/head-injection.test.js nested layout dynamic injection is covered by packages/astro/test/units/render/head-injection-app.test.js.
• packages/astro/test/content-collections-render.test.js propagation stopping-point behavior is covered by packages/astro/test/units/render/head-propagation/boundary.test.js and packages/astro/test/units/render/head-propagation/graph.test.js.
• packages/astro/test/content-collections.test.js propagation style application is covered by runtime facade/adapter tests plus app-level head injection tests.
• New domain units have direct unit coverage: resolver, buffer, policy, graph, comment, boundary, runtime facade, and runtime adapters.

Docs

• No docs update needed, because this change is internal refactoring and test strategy migration without user-facing API or behavior changes.

This PR was opened by the Changesets release GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated.

Releases

astro@6.0.8

Patch Changes

• #15978 6d182fe Thanks @seroperson! - Fixes a bug where Astro Actions didn't properly support nested object properties, causing problems when users used zod functions such as superRefine or discriminatedUnion.

• #16011 e752170 Thanks @matthewp! - Fixes a dev server hang on the first request when using the Cloudflare adapter

• #15997 1fddff7 Thanks @ematipico! - Fixes Astro.rewrite() failing when the target path contains duplicate slashes (e.g. //about). The duplicate slashes are now collapsed before URL parsing, preventing them from being interpreted as a protocol-relative URL.

@astrojs/cloudflare@13.1.3

Patch Changes

• Updated dependencies [3b8d473]:
  • @astrojs/underscore-redirects@1.0.2

@astrojs/netlify@7.0.4

Patch Changes

• Updated dependencies [3b8d473]:
  • @astrojs/underscore-redirects@1.0.2

@astrojs/underscore-redirects@1.0.2

Patch Changes

• #15979 3b8d473 Thanks @alexanderniebuhr! - Fixes an issue where redirects in _redirects file where not correctly created with trailing slashes.

Description

• Closes #3760
• Closes #3761 which it supersedes

This PR refactors our sidebar generation logic to avoid using structuredClone() each time a sidebar is created. Especially on large sidebars, the clone can be expensive.

#2252 added the current sidebar approach and introduced the structured clone partially to defend against user mutations in component overrides. Since then, we refactored our route data system in #2390, which introduced klona to create a clone of the entire route data object. This means it is now safe to remove the extra structuredClone() in the sidebar logic.

The new strategy tracks the sidebar entries with isCurrent manually so we can patch those in a performant way on a single persistent object without relying on the structured clone to avoid mutations.

I haven’t tested on Cloudflare’s docs (mentioned in #3760) but I tested in Starlight’s docs:

• Starlight docs: 1% performance increase (~178ms)
• Starlight docs modified to add several thousand extra sidebar entries: 6% performance increase (~2.8s)

I would assume the increase should be even more significant in the CF docs given their high page count and sidebar size. And the fix here is essentially the same as the one tested in cloudflare/cloudflare-docs#28970 — structuredClone() was removed in both — this PR just avoids introducing some unnecessary code duplication and forking of code paths.

Changes

This PR moves the tests for rewrites. From 54 integration tests, we now have only 20 tests. Many had to stay because:

• they test some particular behaviour that belongs to the server (we have middleware that normalises slashes)
• build file system
• build errors

This PR also fixes an issue with rewrites where rewriting to a //about path, would result in an error. Now we normalise the paths.

This PR also refactors the createTestApp to be less verbose

Testing

Green CI

Docs

Changes

• normalizeFilename in vite-plugin-utils now handles relative paths starting with . (e.g. ./src/components/Foo.astro). On certain environments (Windows + newer Node.js), Vite can produce a relative virtual module ID for style sub-requests when the parent component is imported via a TypeScript path alias. The previous code had no branch for this case, so the relative path was passed unchanged to the compile metadata cache lookup — which was stored with an absolute path — causing a cache miss and a build error.
• The fix resolves relative paths against config.root, consistent with how /@fs and /path variants are already handled.

Testing

• Added a new test fixture (alias-path-alias-style) with a minimal Astro project: a tsconfig.json @/* path alias importing an Astro component that has a scoped <style> tag.
• The build test (test/alias-path-alias-style.test.js) verifies the build succeeds and that the scoped CSS from the aliased component appears in the output — directly covering the regression path.

Docs

• No docs update needed. This is an internal path normalization fix with no user-facing API change.

Fixes #15963

Changes

• In v6, runHookBuildSetup was called once with target: 'server', causing integrations that conditionally set define globals based on vite.build.ssr (e.g. @analogjs/astro-angular setting ngServerMode: "true") to place those values at the top level of the Vite config. Because Vite merges the top-level define into every environment's resolved config, server-only values leaked into the client bundle and broke hydration.
• The fix calls runHookBuildSetup for both 'server' and 'client' targets. The client call receives build.ssr: false so integrations that inspect this flag behave correctly. Server-only defines (present in the server result but absent from the client result) are moved out of the top level and pushed into the ssr and prerender environment configs. The client environment is also explicitly marked ssr: false.

Testing

• Added a unit test that simulates an integration which sets a define only when build.ssr is truthy. Asserts the define is present for the server hook call and absent for the client hook call with ssr: false.
• All existing build unit tests pass.

Docs

No docs update needed — this is a bug fix restoring v5 build isolation behavior.

Fixes #15911

Changes

Closes #12385

In this case, the value of the locale isn't stored in the URL, but in the Astro.params because the value is provided via /[locale].

The fix: if computeCurrentLocale returns undefined and we have 1 or more params, then we match the locale against the value of the params.

Closes #15098

Here, the bug was caused by the fact that when we return /404, the route /[locale] was matching it before 404 route, causing returning a response with 404 status code, but the body of the /[locale] route.

The fix: in rewrite AND renderError, when matching the route, we give priority to 404 and 500 routes. This should be safe.

This PR also moves many other tests around i18n to unit tests. It increases the coverage of some internal functions, and it also adds testing for i18n domains, something we lacked until now!

Testing

Green CI

Docs

N/A

Changes

• Styles from components loaded via await import() in frontmatter are now injected on the first page request in dev mode. Previously they only appeared after a file save triggered HMR — a regression from Astro 5.
• The root cause was in collectCSSWithOrder(): dynamically imported modules are registered in the Vite module graph by Vite's import analysis but not yet transformed, so their importedModules set is empty and the CSS walk terminates early. Added ensureModulesLoaded() which recursively walks the graph and eagerly fetches any untransformed modules via env.fetchModule() before the CSS collection walk runs.
• ensureModulesLoaded() mirrors the same PROPAGATED_ASSET_QUERY_PARAM stopping point used by collectCSSWithOrder(), so it won't descend into propagated asset modules that the CSS walk would intentionally skip — avoiding unnecessary fetches in content collection graphs.

Testing

• Added a dev mode integration test (test/css-dynamic-import-dev.test.js) with a fixture whose index page dynamically imports a layout component containing a <style> block. The test starts a dev server, fetches / on first load, and asserts the style is present in the HTML — directly covering the reported regression.
• Existing css-order-import tests (including the dynamic import build scenario) continue to pass.

Docs

• No docs update needed — dynamic imports in frontmatter were already a supported pattern; this restores the expected behavior.

Fixes #15983

This PR was opened by the Changesets release GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated.

Releases

astro@6.0.7

Patch Changes

• #15950 acce5e8 Thanks @matthewp! - Fixes a build regression in projects with multiple frontend integrations where server:defer server islands could fail at runtime when all pages are prerendered.

• #15988 c93b4a0 Thanks @ossaidqadri! - Fix styles from dynamically imported components not being injected on first dev server load.

• #15968 3e7a9d5 Thanks @chasemccoy! - Fixes renderMarkdown in custom content loaders not resolving images in markdown content. Images referenced in markdown processed by renderMarkdown are now correctly optimized, matching the behavior of the built-in glob() loader.

• #15990 1e6017f Thanks @ematipico! - Fixes an issue where Astro.currentLocale would always be the default locale instead of the actual one when using a dynamic route like [locale].astro or [locale]/index.astro. It now resolves to the correct locale from the URL.

• #15990 1e6017f Thanks @ematipico! - Fixes an issue where visiting an invalid locale URL (e.g. /asdf/) would show the content of a dynamic [locale] page with a 404 status code, instead of showing your custom 404 page. Now, the correct 404 page is rendered when the locale in the URL doesn't match any configured locale.

• #15960 1d84020 Thanks @matthewp! - Fixes Cloudflare dev server islands with prerenderEnvironment: 'node' by sharing the serialized manifest encryption key across dev environments and routing server island requests through the SSR runtime.

• #15735 9685e2d Thanks @fa-sharp! - Fixes an EventEmitter memory leak when serving static pages from Node.js middleware.

  When using the middleware handler, requests that were being passed on to Express / Fastify (e.g. static files / pre-rendered pages / etc.) weren't cleaning up socket listeners before calling next(), causing a memory leak warning. This fix makes sure to run the cleanup before calling next().

create-astro@5.0.3

Patch Changes

• #15967 8db1f62 Thanks @matthewp! - Warn when --yes is used with a third-party template to clarify that dependency installation may run lifecycle scripts.

@astrojs/node@10.0.3

Patch Changes

• #15735 9685e2d Thanks @fa-sharp! - Fixes an EventEmitter memory leak when serving static pages from Node.js middleware.

  When using the middleware handler, requests that were being passed on to Express / Fastify (e.g. static files / pre-rendered pages / etc.) weren't cleaning up socket listeners before calling next(), causing a memory leak warning. This fix makes sure to run the cleanup before calling next().

@astrojs/svelte@8.0.3

Patch Changes

• #15961 7e8d0ee Thanks @matthewp! - Fix Cloudflare dev SSR dependency optimization to compile .svelte.js and .svelte.ts dependency modules that use Svelte runes.

@astrojs/vercel@10.0.2

Patch Changes

• #15959 335a204 Thanks @matthewp! - Fix Vercel serverless path override handling so override values are only applied when the trusted middleware secret is present.

Changes

This PR removes many integration tests from:

• actions
• params
• CSRF
• class list

### Actions

There are still some tests that need the full pipeline e.g. errors, but many of them have been moved to unit tests using new mock infrastructure.

Additionally, we have now unit tests for the proxy, serialization/deserialisation, etc.

Params

The only integration tests left are the ones that use the build -> static files.

CSRF

Fully moved to unit tests, since it's a middleware

Class list

Fully moved to unit tests. We just need some compiled components, no need for a full pipeline.

Mocks

We have many mocking functions now, which will help to with other tests.

Testing

Green CI

Docs

Description

Fixes issue #15976 - Content collection validation errors in v6 are no longer human-readable.

Changes

Previously, validation errors showed raw zod error output like:

**: [{"expected": "object", "code": "invalid_type", "path": ["label"], "message": "label: Required"}]

Now they show human-readable format:

  - label: Required

The fix formats error.issues to show each validation issue with its path and message.

This PR was opened by the Changesets release GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated.

Releases

@astrojs/starlight@0.38.2

Patch Changes

• #3759 f24ce99 Thanks @MilesChou! - Fixes an issue where monolingual sites using a region-specific locale (e.g., zh-TW) as the default would incorrectly display base language translations (e.g., zh Simplified Chinese) instead of the region-specific ones (e.g., zh-TW Traditional Chinese).

• #3768 a4c6c20 Thanks @delucis! - Improves performance of sidebar generation for sites with very large sidebars

Fixes #15976

Since the Zod v3 → v4 migration (#14956), $ZodError.message returns a JSON-stringified array instead of a human-readable string. The three content error definitions in errors-data.ts used error.message directly, producing output like:

  **: [
  {
    "expected": "object",
    "code": "invalid_type",
    ...
  }
]

This iterates over error.issues instead, producing:

  **label**: Required

This matches the pattern already used in content/loaders/errors.ts and content/utils.ts.

Closes #15389,
Closed #13795

When a component with a script was first used inside a <template>, Astro's deduplication prevented the script from rendering outside the template, breaking non-template instances. This PR makes such scripts are not deduplicated. Should be merged after withastro/compiler#1156.

Changes

• Adds templateEnter / templateExit functions to be inlined by compiler inside of <template> tags. These functions add instructions that track <template> nesting depth during rendering.
• stringifyChunk skips dedup for scripts when templateDepth > 0. The script still renders inside the template but is also rendered outside for non-template instances.

Testing

Added astro-script-template-dedup integration test with four cases:

• Component used inside <template> first, then outside: verifies script appears in both places
• Component used outside first, then inside: verifies normal dedup still works
• Two components outside, then inside: verifies normal dedup still works x2
• Nested <template> elements: verifies depth tracking handles nesting

Docs

Docs aren't required as it's a bugfix.

Changes

• makes sure that trailing slashes are preserved if users configured redirects with them in their config
• closes #13165

Testing

• existing tests
• should we make the tests for advanced, currently they only test if the length is equal?
• how should we make the test, snapshot match?

Docs

• internal, so I don't think needed

Closes #14387

Changes

• Added support for nested objects with dot notation in form data parsing
• formDataToObject now recursively processes nested ZodObject schemas, converting dot-notation form keys (like bc.b) into nested object structures ({ bc: { b: ... } })

Testing

• Covering most of cases I could imagine in form-data-to-object.test.js: nested objects, superRefine wrapping, deeper 3-level nesting, optional/nullable/default nested objects, nested discriminatedUnion
• Several new integration tests in actions.test.js: nested form objects, superRefine validation, nested discriminatedUnion

Docs

No new API was introduced, so likely no docs changes are required

/cc @withastro/maintainers-docs

Summary

This fixes a bug where SSR catch-all routes in dev would try to handle Vite’s own internal dev/HMR URLs.

• Update astroDevHandler to use the same Vite internal path filter as astroDevPrerenderHandler
• Skip requests for /@*, /__*, and /node_modules/ in the dev SSR middleware so they fall through to Vite
• Add a focused unit test to lock in the behavior for a representative Vite internal path

Motivation

When running with an SSR catch-all like [...slug].astro, Vite internal URLs (for example the dev toolbar entrypoint) could be picked up by the SSR handler. That meant dev-only paths could render the catch-all page instead of being handled by Vite, which is surprising and can break tooling.

Aligning the dev SSR handler with the prerender handler keeps Vite internals out of user routes and matches the existing intent of the middleware.

Testing

• pnpm -C packages/astro exec astro-scripts test "test/units/dev/dev.test.js" -m "Vite internal paths"
• (Optional) Manually verify that visiting a Vite internal URL in dev no longer hits the catch-all route

Summary

renderMarkdown from LoaderContext returns image paths as metadata.localImagePaths and metadata.remoteImagePaths (separate arrays), but the runtime's renderEntry function checks for a combined metadata.imagePaths to decide whether to resolve __ASTRO_IMAGE_ placeholders into optimized <img> tags.

Because imagePaths is never set by renderMarkdown, images in custom loaders that use it are never resolved — the __ASTRO_IMAGE_ attributes remain in the final HTML.

The built-in glob() loader avoids this because it uses entryType.getRenderFunction(config), which explicitly combines the two arrays:

return {
  html: result.code,
  metadata: {
    ...result.metadata,
    imagePaths: result.metadata.localImagePaths.concat(result.metadata.remoteImagePaths),
  },
};

This PR applies the same combination in #processMarkdown (which backs the renderMarkdown context helper), so custom loaders get the same image optimization behavior as the built-in glob() loader.

Changes

• packages/astro/src/content/content-layer.ts: In #processMarkdown, spread metadata and add a combined imagePaths field from localImagePaths + remoteImagePaths.

Notes

Custom loaders also need to pass assetImports to store.set() for the images to be registered with Vite's asset pipeline. This is required alongside the imagePaths metadata fix. It may be worth documenting this in the Content Loader API reference, or having store.set() automatically extract imagePaths from rendered.metadata when assetImports isn't explicitly provided.

Test plan

• Create a custom object loader that uses renderMarkdown with markdown containing relative image paths
• Verify images render correctly (no __ASTRO_IMAGE_ placeholders in output)
• Verify existing glob() loader behavior is unchanged

Made with Cursor

Changes

• Add a warning when --yes is used with a third-party template, clarifying that dependency installation may run lifecycle scripts.
• Keep behavior unchanged for interactive installs and non-third-party templates.
• Closes #15939.

Testing

• Test added

Docs

• No docs update needed. This is CLI warning text for an existing workflow.

Changes

• Remove pull request-writing guidance from astro-developer so it stays focused on coding architecture, debugging, constraints, and testing context.
• Add a dedicated astro-pr-writer skill with explicit trigger language for PR tasks (create/open PR, draft PR, update PR title/body, and PR summaries), plus clear title/body quality rules.
• Move PR-writing standards into the new skill so PR behavior is isolated and easier to trigger reliably.

Testing

• Manually, used to create this pull request.

Docs

• No external docs update needed; this change only reorganizes internal agent skill behavior and prompt-triggering guidance.

Changes

• Resolve #... specifiers in the client
• resolvePath is called for client hydration paths, uses the importer to resolve # to that package import.
• Fixes #15922

Testing

• Add a Cloudflare fixture that imports a React island through package imports (#components/*) to verify

Docs

• No docs update needed; this is an internal resolver/hydration compatibility fix for Cloudflare adapter behavior.

Changes

• Add server optimizeDeps esbuild plugins in @astrojs/svelte to compile .svelte and .svelte.js/.svelte.ts dependency files for non-client environments.
• This is necesary since in CF deps need to be prebundled.
• Add a Cloudflare test fixture that imports a dependency published as .svelte.js using $state runes.
• Fixes #15906.

Testing

• Added packages/integrations/cloudflare/test/svelte-rune-deps.test.js.

Docs

N/A bug fix

Summary

• Share the serialized manifest encryption key across dev environments so prerender and SSR handlers use the same server-island encryption context.
• This fixes #15946
• aka, so now the islands run in both prerendered and ssred pages.

Testing

• Added test to verify that prerendered pages' server islands are built with workerd features.

Changes

• Require the middleware secret when resolving serverless path overrides.
• Remove unused ISR secret plumbing from the Vercel serverless entrypoint.
• Add regression tests to ensure untrusted override query/header values are ignored.

Testing

• New tests added

Docs

• No docs update needed; this is an internal Vercel adapter bug fix.

Just updating the readme for the Cloudflare adapter which now targets Cloudflare Workers instead of Pages functions

Changes

• Some logic was working but not tested so I added a test case
• The diff is messed up, easier to review without whitespace changes

Testing

Updated, should pass

Docs

N/A

Changes

• When a style-only change triggers HMR, eagerly recompile the Astro file instead of deleting its compile metadata
• Previously, deleting the metadata caused the next SSR request (page refresh) to re-compile via Vite's plugin pipeline, which returned stale/transformed code — breaking Astro.slots.render() with callback args
• Components using Astro.slots.render("default", [...args]) now render correctly after style edits + page refresh

Fixes #15925

Testing

• Added hmr-slots-render.test.js with a fixture that reproduces the exact scenario: a component using Astro.slots.render with callback args, style-only edits, and page refresh
• Verifies rendered output contains no raw HTML source (data-astro-cid) after multiple style changes

Docs

No docs needed — this is a bug fix for existing behavior.

Changes

• Fixes a regression where prerender-only projects using server:defer with framework components could fail at runtime due to SSR renderers being stripped.
• Refactors server-island tracking into a shared ServerIslandsState class used by both server-islands and renderer plugins.
• Fixes #15945

Testing

• Test in cloudflare
• Added unit tests for discovery deduplication, name collision handling, and import/name map generation in ServerIslandsState.

Docs

• No docs update needed. This is an internal bug fix/refactor with no API or config changes.

Changes

Fixes #15914: public assets in astro dev are now served under the configured base path when using the @astrojs/cloudflare adapter.

Problem

With base: "/docs/" and the Cloudflare adapter enabled:

• The page correctly renders URLs like /docs/test.svg.
• GET /docs/test.svg returns 404.
• GET /test.svg returns 200.

Without the adapter, /docs/test.svg works as expected. The bug is adapter-specific.

Root cause

Astro’s dev server uses custom middleware (baseMiddleware, etc.) to strip the base prefix from requests before Vite’s static middleware serves files from public/. That middleware is only registered when at least one runnable SSR/prerender environment exists.

With @astrojs/cloudflare, the SSR environment is a workerd-backed CloudflareDevEnvironment, which is not “runnable” in Node. So configureServer returned early and never registered the middleware stack. As a result, requests like /docs/test.svg reached Vite with the base prefix intact, and Vite looked for public/docs/test.svg → 404.

Solution

• Always return the post-hook from configureServer and always register the core dev middleware (baseMiddleware, trailingSlashMiddleware, routeGuardMiddleware, secFetchMiddleware), regardless of whether the SSR/prerender environments are runnable.
• SSR/prerender request handlers remain conditional on ssrHandler / prerenderHandler, so Cloudflare’s workerd still handles those requests; only the base-path and security middleware are now applied in all cases.
• The unhandledRejection listener is only registered when at least one runnable handler exists, to avoid attaching it when no handlers are present.

Testing

• Reproduced the issue with the minimal repro from #15914 (Cloudflare adapter + base: "/docs/").
• After the fix, GET /docs/test.svg returns 200 when public/test.svg exists.
• Verified astro dev without the Cloudflare adapter still behaves as before.

Changes

• Improved tolerance for dynamic .html routes: Updated the routing logic to support .html.astro files.
• Defined routing priority: index.html > [hogehoge].html.astro.
• issue : #15930

Test

Changes

Update VS Code extension file template snippets to be scoped to astro files.

Without this change, VS Code will recommend the astro file templates inside the svelte (or any) file.

Info about file pattern scope

VS Code added file pattern scope to their snippets engine in v1.109. (latest is v1.111). File templates can be glob scoped to their correct file type for better UX/DX.

This change won't affect VS Code forks like Kiro, Cursor, or Antigravity or VS Code versions older than v1.109 until they update to v1.109+.

Testing

I tested the change locally in the dev environment. I couldn't get the automated test runner to work on my MacBook, and it doesn't look like there are automated tests that need updated.

Docs

Added bullet point readme item for snippets and file templates. File templates are provided by the edited .code-snippets file and snippets from language server installed with the extension

Changes

Closes #15709

The function didn't have a guard against infinite loops.

Now it does, and it returns an error message.

Testing

Added a unit test

Docs

N/A

This PR was opened by the Changesets release GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated.

Releases

astro@6.0.6

Patch Changes

• #15965 2dca307 Thanks @matthewp! - Fixes client hydration for components imported through Node.js subpath imports (package.json#imports, e.g. #components/*), for example when using the Cloudflare adapter in development.

• #15770 6102ca2 Thanks @jpc-ae! - Updates the create astro welcome message to highlight the graceful dev/preview server quit command rather than the kill process shortcut

• #15953 7eddf22 Thanks @Desel72! - fix(hmr): eagerly recompile on style-only change to prevent stale slots render

• #15916 5201ed4 Thanks @trueberryless! - Fixes InferLoaderSchema type inference for content collections defined with a loader that includes a schema

• #15864 d3c7de9 Thanks @florian-lefebvre! - Removes temporary support for Node >=20.19.1 because Stackblitz now uses Node 22 by default

• #15944 a5e1acd Thanks @fkatsuhiro! - Fixes SSR dynamic routes with .html extension (e.g. [slug].html.astro) not working

• #15937 d236245 Thanks @ematipico! - Fixes an issue where HMR didn't correctly work on Windows when adding/changing/deleting routes in pages/.

• #15931 98dfb61 Thanks @Strernd! - Fix skew protection query params not being applied to island hydration component-url and renderer-url, and ensure query params are appended safely for asset URLs with existing search/hash parts.

• Updated dependencies []:

  • @astrojs/markdown-remark@7.0.1

@astrojs/prism@4.0.1

Patch Changes

• #15864 d3c7de9 Thanks @florian-lefebvre! - Removes temporary support for Node >=20.19.1 because Stackblitz now uses Node 22 by default

create-astro@5.0.2

Patch Changes

• #15864 d3c7de9 Thanks @florian-lefebvre! - Removes temporary support for Node >=20.19.1 because Stackblitz now uses Node 22 by default

@astrojs/db@0.20.1

Patch Changes

• #15364 948b693 Thanks @VagnoDev! - Replace deprecated deep-diff with microdiff and resolve subdependency warnings.

@astrojs/markdoc@1.0.2

Patch Changes

• #15864 d3c7de9 Thanks @florian-lefebvre! - Removes temporary support for Node >=20.19.1 because Stackblitz now uses Node 22 by default

• Updated dependencies [d3c7de9]:

  • @astrojs/prism@4.0.1
  • @astrojs/markdown-remark@7.0.1

@astrojs/mdx@5.0.2

Patch Changes

• #15864 d3c7de9 Thanks @florian-lefebvre! - Removes temporary support for Node >=20.19.1 because Stackblitz now uses Node 22 by default

• Updated dependencies []:

  • @astrojs/markdown-remark@7.0.1

@astrojs/preact@5.0.2

Patch Changes

• #15864 d3c7de9 Thanks @florian-lefebvre! - Removes temporary support for Node >=20.19.1 because Stackblitz now uses Node 22 by default

@astrojs/react@5.0.1

Patch Changes

• #15864 d3c7de9 Thanks @florian-lefebvre! - Removes temporary support for Node >=20.19.1 because Stackblitz now uses Node 22 by default

@astrojs/solid-js@6.0.1

Patch Changes

• #15864 d3c7de9 Thanks @florian-lefebvre! - Removes temporary support for Node >=20.19.1 because Stackblitz now uses Node 22 by default

@astrojs/svelte@8.0.2

Patch Changes

• #15864 d3c7de9 Thanks @florian-lefebvre! - Removes temporary support for Node >=20.19.1 because Stackblitz now uses Node 22 by default

@astrojs/language-server@2.16.6

Patch Changes

• #15927 421e8de Thanks @FelmonFekadu! - Fixes completions sometimes not working inside the href attribute

astro-vscode@2.16.13

Patch Changes

• #15943 1a627e2 Thanks @alexanderdombroski! - Improves astro file templates to be scoped to .astro file extensions

• #15927 421e8de Thanks @FelmonFekadu! - Fixes completions sometimes not working inside the href attribute

• #15602 7832dfe Thanks @0xRozier! - Fix syntax highlighting for script and style tags inside expressions (e.g. ternaries and logical operators)

@astrojs/markdown-remark@7.0.1

Patch Changes

• Updated dependencies [d3c7de9]:
  • @astrojs/prism@4.0.1

@astrojs/upgrade@0.7.1

Patch Changes

• #15864 d3c7de9 Thanks @florian-lefebvre! - Removes temporary support for Node >=20.19.1 because Stackblitz now uses Node 22 by default

Changes

Closes #15909

In HMR, when checking if we need to reload the manifest, we now normalise paths.

Using Node.js and vite is safe, we're inside a vite plugin.

Testing

I don't have windows and we skip these tests on windows. Will probably use a preview release.

Docs

N/A

Summary

• Fix default locale buildResources using stripLangRegion result as a separate layer that overwrites region-specific translations
• For example, a monolingual site with lang: 'zh-TW' gets Simplified Chinese (zh) UI strings instead of Traditional Chinese (zh-TW)

Root Cause

In createTranslationSystem.ts, the default locale translation loading passes both builtinTranslations[defaultLocale] and builtinTranslations[stripLangRegion(defaultLocale)] as separate arguments to buildResources. Since buildResources applies later layers over earlier ones, zh (Simplified Chinese) overwrites zh-TW (Traditional Chinese).

The locales loop (line 37) correctly uses || as a fallback, but the default locale path (line 25-26) does not.

Fix

Align the default locale behavior with the locales loop by using || so the stripLangRegion result is only used as a fallback when the specific locale has no built-in translations:

-  builtinTranslations[defaultLocale],
-  builtinTranslations[stripLangRegion(defaultLocale)],
+  builtinTranslations[defaultLocale] || builtinTranslations[stripLangRegion(defaultLocale)],

Test plan

• Added test case for zh-TW monolingual site verifying search.label returns 搜尋 (Traditional Chinese) instead of 搜索 (Simplified Chinese)
• All existing i18n tests pass

Reproduction

// astro.config.mjs
starlight({
  locales: {
    root: {
      label: '繁體中文',
      lang: 'zh-TW',
    },
  },
})

The UI strings (search, theme selector, etc.) incorrectly show Simplified Chinese instead of Traditional Chinese.

🤖 Generated with Claude Code

Changes

Fix bug #15920 introduced in 35bc814 by skipping the redirect check for Not Modified status 304

A few other small improvements

• replace double awaits with Promise.all
• explicitly return null data from revalidateRemoteImage when there is no change - before this relied on the response body for unchanged assets being empty, and it was confusing.
• explicitly write cache file in utf-8, as we are reading it in utf-8
• reword a few comments

Testing

I ran pnpm run test:match "assets" with 0 errors, however the full pnpm run test fails on my machine.

I don't believe there is any test coverage of the revalidation feature as it depends on remote servers, however I quickly tested the fix by loading a remote image and editing the cache file and it seems to work as expected.

Docs

No user facing changes - no docs changes required.

Changes

Updates our integrations to point to 6.0.0 as a peer dep

Testing

Green CI

Docs

Changes

Closes #15838

We now track the style tags inside the SVG elements, and we pass them to createSvgComponent.

If there are styles, we pass the propagation hint so that we can write styles in the end, and correctly generate and track CSP hashes.

Testing

Added a new test, existing tests should pass

Docs

N/A

Summary

This fixes a Vercel skew protection bug: astro-island hydration URLs were missing adapter assetQueryParams (for example ?dpl=), so island JS was not pinned to the active deployment.

Reproduction

I validated this against the reproduction project (repro-skew-protection) and Astro core changes from this branch:

VERCEL_DEPLOYMENT_ID=dpl_test123 VERCEL_SKEW_PROTECTION_ENABLED=1 npx astro build

Before this fix, rendered islands had:

• component-url="/_astro/...js" (no dpl)
• renderer-url="/_astro/...js" (no dpl)

With this fix, rendered islands have:

• component-url="/_astro/...js?dpl=dpl_test123"
• renderer-url="/_astro/...js?dpl=dpl_test123"

Changes

• packages/astro/src/core/build/plugins/plugin-manifest.ts

  • Serialize entryModules with appendAssetQuery(...) so island URL resolution gets assetQueryParams.
  • Keep raw entry module values for static file tracking and page script handling to avoid double-appending.

• packages/astro/src/core/render/ssr-element.ts

  • Make createAssetLink() query/hash-aware:
    • extension detection now uses pathname without query/hash
    • query params are appended safely (? vs &, before hash)
  • This preserves extension-based assetsPrefix routing when URLs already contain query params.

• packages/astro/test/asset-query-params.test.js

  • Add island coverage asserting component-url and renderer-url include ?dpl=test-deploy-id.
  • Add regression coverage for assetsPrefix map (js/css/fallback) + assetQueryParams, ensuring island URLs still use JS CDN prefix.

Testing

pnpm -C packages/astro run build:ci
pnpm -C packages/astro exec astro-scripts test "test/asset-query-params.test.js"
pnpm -C packages/astro exec astro-scripts test "test/astro-assets-prefix-multi-cdn.test.js"

All pass.

Context

Related: #14545, #14543, #14627, #14853

This PR contains the following updates:

Package	Change	Age	Confidence
svelte (source)	^5.53.8 → ^5.54.1
yaml (source)	^2.8.2 → ^2.8.3

Release Notes

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

• If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

This PR contains the following updates:

Package	Change	Age	Confidence
@preact/preset-vite	^2.10.3 → ^2.10.5
@preact/signals (source)	^2.8.1 → ^2.8.2
@vitejs/plugin-react (source)	^5.1.4 → ^5.2.0
@vitejs/plugin-vue (source)	^6.0.4 → ^6.0.5
@vitejs/plugin-vue-jsx (source)	^5.1.4 → ^5.1.5
@vue/compiler-sfc (source)	^3.5.29 → ^3.5.30
devalue	^5.6.3 → ^5.6.4
preact (source)	^10.28.4 → ^10.29.0
svelte (source)	^5.53.6 → ^5.54.1
svelte2tsx (source)	^0.7.51 → ^0.7.52
vite-plugin-solid	^2.11.10 → ^2.11.11
vite-plugin-vue-devtools (source)	^8.0.6 → ^8.1.0
vite-svg-loader	5.1.0 → 5.1.1
vue (source)	^3.5.29 → ^3.5.30

Release Notes

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

• If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

Summary

• let the HTML plugin return null when completion is requested inside a brace expression so the TypeScript service can handle it
• add a regression test covering completions in HTML attribute expressions like href={some}
• add a changeset for the language server fix

Fixes #14671.

Testing

• pnpm -C packages/language-tools/language-server build
• pnpm -C packages/language-tools/language-server exec astro-scripts test test/typescript/completions.test.ts --teardown-test ./test/misc/teardown.ts --tsx true --setup ./test/setup.js
• pnpm -C packages/language-tools/language-server exec astro-scripts test test/html/completions.test.ts --teardown-test ./test/misc/teardown.ts --tsx true --setup ./test/setup.js
• pnpm -C packages/language-tools/language-server exec astro-scripts test test/{html/completions.test.ts,typescript/completions.test.ts} --teardown-test ./test/misc/teardown.ts --tsx true --setup ./test/setup.js

Changes

• Apply patch suggestion from Houston and verify that it indeed works in this minimal repro: https://github.com/trueberryless/HiDeoo-astro-6-cc-loader-schema-types-repro/tree/fix
• Closes #15905

Testing

Added a fixture with a type-check.ts and a new test file. I wasn't sure how to best test this, so feel free to make adjustments!

Docs

No. Bug fix.

This PR contains the following updates:

Package	Change	Age	Confidence
@astrojs/compiler (source)	^3.0.0 → ^3.0.1
@astrojs/compiler-rs (source)	^0.1.4 → ^0.1.6
@clack/prompts (source)	^1.0.1 → ^1.1.0
@preact/signals (source)	2.8.1 → 2.8.2
@shikijs/rehype (source)	^4.0.0 → ^4.0.2
@shikijs/twoslash (source)	^4.0.0 → ^4.0.2
@solidjs/router	^0.15.4 → ^0.16.1
@tailwindcss/vite (source)	^4.2.1 → ^4.2.2
@vitejs/plugin-vue (source)	^6.0.4 → ^6.0.5
postcss (source)	^8.5.6 → ^8.5.8
preact (source)	^10.28.4 → ^10.29.0
rehype-pretty-code (source)	^0.14.1 → ^0.14.3
sass	^1.97.3 → ^1.98.0
shiki (source)	^4.0.0 → ^4.0.2
svelte (source)	^5.53.6 → ^5.54.0
tailwindcss (source)	^4.2.1 → ^4.2.2
tinyclip	^0.1.6 → ^0.1.12
tinyexec	^1.0.2 → ^1.0.4
vue (source)	^3.5.29 → ^3.5.30

Release Notes

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

• If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

Summary

• keep generated AstroComponent suffixes in the internal TSX output used by the language server
• rewrite .astro auto-import completion labels and resolved import edits back to the expected component name
• add regression coverage for the .astro auto-import completion path and the shared import-text rewrite helpers

Fixes #14683.

Testing

• pnpm -C packages/language-tools/language-server build
• pnpm -C packages/language-tools/ts-plugin build
• pnpm -C packages/language-tools/language-server exec astro-scripts test "test/{typescript/completions.test.ts,typescript/diagnostics.test.ts,units/utils.test.ts}" --teardown-test ./test/misc/teardown.ts --tsx true --setup ./test/setup.js
• pnpm -C packages/language-tools/language-server test (fails locally in existing AstroCheck fixture tests because @astrojs/svelte and @astrojs/vue are not installed in this environment; the TypeScript/completion suites above pass)

Overview

Production builds don't emit the before-hydration script chunk to the client output, causing a 404 when islands attempt to load it. This breaks hydration for any integration using injectScript('before-hydration')

Changes

• Add ASTRO_VITE_ENVIRONMENT_NAMES.client to the environment guard in buildStart() of vite-plugin-scripts
• Add test verifying the before-hydration chunk file exists in the build output

The before-hydration chunk is only emitted for prerender and ssr environments, but not client — which is the environment that produces browser-served JS.

This was introduced in #14306 (Vite Environment API migration), where the original !isSsrBuild condition was changed to ['prerender', 'ssr'].includes(this.environment.name) which mistakenly inverted the original intent.

Testing

Existing tests only assert the attribute is present in HTML, not that the referenced file exists in the client output.

• Confirmed all tests pass
• Added new test asserting the before-hydration-url resolves in the build output (this test fails without bug fix)

Docs

No docs changes needed — restores existing injectScript('before-hydration', ...) behavior.

Changes

• Closes #15900
• Zod 4’s .toJSONSchema() method outputs a schema matching the output shape of the Zod schema by default. However, our JSON schemas should reflect the input shape as they are used on documents before they are processed.
• This PR fixes our JSON schema generation use the input shape using Zod’s io option.

Testing

• Added a new test that failed before my change to confirm this fixes things.
• Removed additionalProperties: false from two schemas we were expecting in tests. This property is set on output schemas because the full shape is known, but for inputs it is only set when using z.strictObject()
• Other existing tests should pass.

Docs

n/a — bug fix

Changes

Closes #15897

I applied a custom resolver solely for CSS files.

Testing

Added a new test

Docs

N/A

Description

In #3644, Vitest was updated to version 4.1.0-beta.6. Now that 4.1.0 is released, this PR updates to the stable version.

The migration in #3644 was also made in the less disruptive way possible considering the amount of changes in the PR. This PR uses some of the new APIs, removes some now deprecated APIs, etc. from the version 4.0 and 4.1.

Each change are in dedicated commits, where the commit message contains a link to the relevant section of the Vitest changelog, if any.

Summary

On macOS, cp -rc uses clonefile(2) (APFS copy-on-write) which is ~3x faster than
Node.js cpSync for large directories. This PR applies that optimization to three
file copy operations in the Vercel adapter, and adds a persistent cache for the NFT
dependency trace.

Changes

APFS clone for large file copies (index.ts)

• Static output copy (dist/client/ → .vercel/output/static/): was cpSync, now cp -rc on macOS
• Server output copy (dist/server/ → .vercel/output/_functions/): same

NFT dependency cache (lib/nft.ts)

• Caches the list of node_modules/ files traced by @vercel/nft, keyed by sha256(package-lock.json)
• On cache hit, skips nodeFileTrace entirely (saves ~1-2s)
• Separately caches the function's assembled node_modules/ dir using APFS CoW clone
• On full cache hit: restores func node_modules/ via clone (~50ms vs ~900ms) and clones dist/server/ into the bundle

Benchmark (last9/last9.io — 273 pages, hybrid output)

All changes fall back gracefully on non-macOS platforms or when cp is unavailable.

Non-goals

• No behavior change on Linux/Windows (falls back to existing cpSync path)
• Cache is keyed conservatively (package-lock.json hash) — any dep change invalidates it

Changes

A previous lint fix removed the main and I think it's causing the load to fail, but I could not reproduce this myself neither on macOS or on Linux, in both cases it worked just fine.

Fixes #15842

Testing

This is impossible to test in the monorepo

Docs

N/A

Changes

• Route /_server-islands/* through the Astro core prerender dev handler by treating server island routes as prerender-handler eligible.
• This prevents it from being forwarded to the workerd environment which does not have the key.

Testing

• Add a Cloudflare prerenderEnvironment: 'node' dev regression test that reproduces and verifies server:defer island fetches return 200.

Docs

• No docs changes needed. This is a dev routing bug fix and test coverage update.

Changes

• move Astro Actions server-output validation from astro:config:done to astro:routes:resolved so it runs after prerender resolution
• add a shared routing helper to detect non-prerendered project routes and reuse it in the renderers plugin

Testing

• add a regression fixture/test for static projects with a prerender = false route, and include a patch changeset

Docs

N/A, bug fix

This PR was opened by the Changesets release GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated.

Releases

astro@6.0.5

Patch Changes

• #15891 b889231 Thanks @matthewp! - Fix dev routing for server:defer islands when adapters opt into handling prerendered routes in Astro core. Server island requests are now treated as prerender-handler eligible so prerendered pages using prerenderEnvironment: 'node' can load island content without 400 errors.

• #15890 765a887 Thanks @matthewp! - Fixes astro:actions validation to check resolved routes, so projects using default static output with at least one prerender = false page or endpoint no longer fail during startup.

• #15884 dcd2c8e Thanks @matthewp! - Avoid a MaxListenersExceededWarning during astro dev startup by increasing the shared Vite watcher listener limit when attaching content server listeners.

• #15904 23d5244 Thanks @jlukic! - Emit the before-hydration script chunk for the client Vite environment. The chunk was only emitted for prerender and ssr environments, causing a 404 when browsers tried to load it. This broke hydration for any integration using injectScript('before-hydration', ...), including Lit SSR.

• #15933 325901e Thanks @ematipico! - Fixes an issue where <style> tags inside SVG components weren't correctly tracked when enabling CSP.

• #15875 c43ef8a Thanks @matthewp! - Ensure custom prerenderers are always torn down during build, even when getStaticPaths() throws.

• #15887 1861fed Thanks @ematipico! - Fixes an issue where the build incorrectly leaked server entrypoint into the client environment, causing adapters to emit warnings during the build.

• #15888 925252e Thanks @matthewp! - Fix a bug where server:defer could fail at runtime in prerendered pages for some adapters (including Cloudflare), causing errors like serverIslandMap?.get is not a function.

• #15901 07c1002 Thanks @delucis! - Fixes JSON schema generation for content collection schemas that have differences between their input and output shapes.

• #15882 759f946 Thanks @matthewp! - Fix Astro.url.pathname for the root page when using build.format: "file" so it resolves to /index.html instead of /.html during builds.

create-astro@5.0.1

Patch Changes

• #15885 817afb6 Thanks @matthewp! - Avoid spawning package manager commands with shell: true to prevent Node.js DEP0190 warnings during create-astro runs on newer Node versions.

@astrojs/cloudflare@13.1.2

Patch Changes

• #15888 925252e Thanks @matthewp! - Fixes a bug where dependencies imported by prerender-only server:defer islands could remain as bare imports in server output, causing module resolution failures in preview and Cloudflare Workers.

• #15934 6f8f0bc Thanks @ematipico! - Updates the Astro peerDependencies#astro to be 6.0.0.

• #15875 c43ef8a Thanks @matthewp! - Include workerd response details in Cloudflare prerenderer errors to make getStaticPaths() failures easier to diagnose.

• Updated dependencies []:

  • @astrojs/underscore-redirects@1.0.1

@astrojs/markdoc@1.0.1

Patch Changes

• #15934 6f8f0bc Thanks @ematipico! - Updates the Astro peerDependencies#astro to be 6.0.0.

@astrojs/mdx@5.0.1

Patch Changes

• #15934 6f8f0bc Thanks @ematipico! - Updates the Astro peerDependencies#astro to be 6.0.0.

@astrojs/netlify@7.0.3

Patch Changes

• #15934 6f8f0bc Thanks @ematipico! - Updates the Astro peerDependencies#astro to be 6.0.0.

• Updated dependencies []:

  • @astrojs/underscore-redirects@1.0.1

@astrojs/node@10.0.2

Patch Changes

• #15934 6f8f0bc Thanks @ematipico! - Updates the Astro peerDependencies#astro to be 6.0.0.

@astrojs/preact@5.0.1

Patch Changes

• #15881 de2860c Thanks @matthewp! - Fix useId() collisions across multiple Astro islands by seeding a unique per-island root mask for Preact SSR and hydration.

@astrojs/svelte@8.0.1

Patch Changes

• #15934 6f8f0bc Thanks @ematipico! - Updates the Astro peerDependencies#astro to be 6.0.0.

@astrojs/vercel@10.0.1

Patch Changes

• #15934 6f8f0bc Thanks @ematipico! - Updates the Astro peerDependencies#astro to be 6.0.0.

@astrojs/vue@6.0.1

Patch Changes

• #15934 6f8f0bc Thanks @ematipico! - Updates the Astro peerDependencies#astro to be 6.0.0.

@astrojs/check@0.9.8

Patch Changes

• #15892 a2f597d Thanks @Princesseuh! - Fixes Astro not being able to find astro check sometimes

• Updated dependencies [7b4b254]:

  • @astrojs/language-server@2.16.5

@astrojs/language-server@2.16.5

Patch Changes

• #15895 7b4b254 Thanks @Princesseuh! - Updates Volar services to 0.0.70. This updates notably mean that the transitive dependency yaml-language-server no longer depends on a vulnerable version of lodash, causing warnings to show when installing the language server.

astro-vscode@2.16.12

Patch Changes

• #15895 7b4b254 Thanks @Princesseuh! - Updates Volar services to 0.0.70. This updates notably mean that the transitive dependency yaml-language-server no longer depends on a vulnerable version of lodash, causing warnings to show when installing the language server.

Changes

• Fix server island manifest placeholder replacement when generated chunks use double-quoted string literals.
• Use quote-agnostic matching for detection and replacement in server-island build hooks.
• Fixes #15886

Testing

• Add a regression unit test that simulates quote-style conversion and asserts the output contains materialized serverIslandMap/serverIslandNameMap maps.

Docs

• No docs update needed; this is a bug fix for incorrect runtime behavior.

Changes

Closes #15839

This was hard to find. AI helped a lot here.

The problem was caused by how entrypoints were calculated. We used a mix of hoisted input and configResovled (the correct hook), which didn't work in a environment-aware situation, because the input gets overridden continuously, and eventually creating the incorrect entrypoint.

Testing

Manually tested, again. I'll do another preview release

Docs

Changes

• Remove shell: true from create-astro process spawning.
• Avoid Node.js DEP0190 warnings during create astro runs.
• This is no longer supported when using args.
• I couldn't find a need for shell: true which is to support stuff like && which is not part of using create-astro
• fixes #15835

Testing

No

Docs

• No docs update needed; internal CLI behavior fix.

Changes

• Raise the Vite watcher max listener limit in attachContentServerListeners() when it is below 50 (and not unlimited), preventing noisy MaxListenersExceededWarning on astro dev startup.
• Fixes #15883

Testing

• Add a unit regression test that verifies the watcher max listener value is increased during content listener attachment.

Docs

• No docs update needed; this is an internal dev-server warning fix with no user-facing API changes.

Changes

• fix root Astro.url.pathname in build.format: \"file\" builds to return /index.html instead of /.html

Testing

• add integration assertions for root and non-root Astro.url.pathname behavior in page-format tests

Docs

N/A, bug fix

Closes #15866

Changes

• seed Preact root vnode masks per island so useId() values are unique across Astro islands
• persist the per-island id to data-preact-island-id and reuse it during hydration/client-only render paths
• This is necessary because useId in Preact is only scoped to the root.
• Fixes #15831

Testing

• add a Preact fixture + test that verifies unique useId output across multiple islands

Docs

N/A, bug fix

Changes

• Add a dedicated PR writing guide at .agents/skills/astro-developer/pull-requests.md that defines section-by-section rules for Changes, Testing, and Docs, including reviewer-useful implementation detail expectations.
• Update the skill decision matrix in .agents/skills/astro-developer/SKILL.md to route PR authoring tasks to the new guide so agents consistently apply the same rubric.

Testing

• Validated the guide content against the provided bad/good Cloudflare PR example and review notes so the rubric now explicitly rejects command-list testing sections, routine changeset callouts, and task-log style Changes bullets.
• Checked the template and self-check list align with the same constraints (behavior + how it works in Changes, scenario-based validation in Testing, docs PR link requirement when docs updates are needed).

Docs

• No additional docs PR needed; this change is itself a documentation update inside the astro-developer skill.

Changes

• Surface Cloudflare prerenderer response body details in error messages for getStaticPaths() and static image collection failures.
• Ensure prerenderer teardown always runs by moving teardown into a finally block in Astro build generation.
• Fixes #15860.

Testing

• Add a Cloudflare integration test fixture with a dynamic route missing getStaticPaths() and assert the surfaced error details.

Docs

• No docs update needed; this is error reporting and teardown reliability.

Changes

Closes #15836

Testing

Manually tested. No more warning

Docs

Changes

• Fix dev-only CSS missing on newly created pages until server restart.
• Invalidate virtual:astro:dev-css-all when routes are rebuilt so the route-to-CSS map is regenerated.
• Fixes #15863

Testing

• Tested manually. Patched an example app, created a new page, new log was shown.

Docs

• N/A (bug fix).

Changes

There's no dev mode way to make this work, so we should use the passthrough service in dev.

Fixes #15848

Testing

Updated the test

Docs

N/A

Fixes #15857.

Changes

• Add astro/toolbar to optimizeDeps.include in the dev toolbar Vite plugin.
• Only include it when custom dev toolbar apps are registered (settings.devToolbarApps.length > 0).

Testing

• Not run locally for this small config change.

Docs

• N/A, bug fix

Changes

• Update the unknown file extension error hint to recommend vite.resolve.noExternal instead of vite.ssr.noExternal.
• Aligns guidance with Astro 6 / Vite 7 config behavior.
• Fixes #15856

Testing

N/A

Docs

N/A bug fix

Changes

Closes #15839

• Applies noExternal using the proper configEnvrionment hook for node and netlify adapters
• Added a missing configuration to the node adapter

Testing

Manually tested. It was the only way. I'll do a preview release too

Docs

Changes

• We officially support node >=22.12.0 but we had to support node 20 because of stackblitz
• It now runs on node 22 by default so we can update it accordingly (stackblitz/webcontainer-core#560 (comment))

Testing

N/A

Docs

Changeset

Changes

This PR adds the ability to pass Babel options to the Preact adapter since the underlying Preact Vite plugin does not support Babel config files: https://github.com/preactjs/preset-vite/blob/main/src/index.ts#L132

Context

When adding Preact to our project, we found that adding an import attribute:

import * as languages from "../../content/data/languages.json" with { type: "json" };

Broke our project with the error:

You are using import attributes, without specifying the desired output syntax.
Please specify the "importAttributesKeyword" generator option, whose value can be one of:
 - "with"        : `import { a } from "b" with { type: "json" };`
 - "assert"      : `import { a } from "b" assert { type: "json" };`
 - "with-legacy" : `import { a } from "b" with type: "json";`

22:56:23 [ERROR] Expected "{" but found "type"

And the only way we could fix this was to add:

{ "generatorOpts": { "importAttributesKeyword": "with" } }

As the Babel options in the Preact plugin.

Testing

This was pulled into the Playful Programming project branch having this issue and validated the fix there.

Docs

No changes should be required to merge this, but happy to write new docs to explain how one can leverage this functionality.

This PR was opened by the Changesets release GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated.

Releases

@astrojs/starlight@0.38.1

Patch Changes

• #3751 fb955ff Thanks @pyxelr! - Fixes a regression causing global tableOfContents config to be ignored

This PR was opened by the Changesets release GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated.

Releases

astro@6.0.4

Patch Changes

• #15870 920f10b Thanks @matthewp! - Prebundle astro/toolbar in dev when custom dev toolbar apps are registered, preventing re-optimization reloads that can hide or break the toolbar.

• #15876 f47ac53 Thanks @ematipico! - Fixes redirectToDefaultLocale producing a protocol-relative URL (//locale) instead of an absolute path (/locale) when base is '/'.

• #15767 e0042f7 Thanks @matthewp! - Fixes server islands (server:defer) not working when only used in prerendered pages with output: 'server'.

• #15873 35841ed Thanks @matthewp! - Fix a dev server bug where newly created pages could miss layout-imported CSS until restart.

• #15874 ce0669d Thanks @ematipico! - Fixes a warning when using prefetchAll

• #15754 58f1d63 Thanks @rururux! - Fixes a bug where a directory at the project root sharing the same name as a page route would cause the dev server to return a 404 instead of serving the page.

• #15869 76b3a5e Thanks @matthewp! - Update the unknown file extension error hint to recommend vite.resolve.noExternal, which is the correct Vite 7 config key.

@astrojs/cloudflare@13.1.1

Patch Changes

• #15815 d1872ee Thanks @matthewp! - Prebundle additional Astro runtime dependencies for Cloudflare development server, speeding up initial start time and preventing required restarts.

• #15872 3b47b89 Thanks @Princesseuh! - Fixes images not working in dev mode when using the cloudflare option

• Updated dependencies []:

  • @astrojs/underscore-redirects@1.0.1

@astrojs/netlify@7.0.2

Patch Changes

• #15868 bb2b8f5 Thanks @ematipico! - Fixes an issue where the adapter would cause a series of warnings during the build.

• Updated dependencies []:

  • @astrojs/underscore-redirects@1.0.1

@astrojs/node@10.0.1

Patch Changes

• #15868 bb2b8f5 Thanks @ematipico! - Fixes an issue where the adapter would cause a series of warnings during the build.

Description

• Closes #3748
• With zod v4, .default(value).optional() returns the default value for undefined input instead of undefined itself. This caused the frontmatter tableOfContents field to always resolve to the schema default ({ minHeadingLevel: 2, maxHeadingLevel: 3 }), preventing the global Starlight config from being used as a fallback.

Changes

• schemas/tableOfContents.ts: Extracted a shared TableOfContentsBaseSchema and created two separate exports:
  • UserConfigTableOfContentsSchema() — wraps the base with .default(defaults) for the user config.
  • FrontmatterTableOfContentsSchema() — wraps the base with .optional() so undefined is preserved when frontmatter does not set the field.
• schema.ts: Updated the frontmatter schema to use FrontmatterTableOfContentsSchema().
• utils/user-config.ts: Updated to use UserConfigTableOfContentsSchema().

Testing

All 511 existing unit tests pass. The fix can be verified by setting a global tableOfContents config (e.g., maxHeadingLevel: 4) and confirming it applies to pages that do not override it in frontmatter.

A StackBlitz reproduction is available in the linked issue.

Description

• Removes the temporary patch for the starlight-links-validator plugin that was temporarily added in #3644
• Updates the starlight-links-validator plugin from version 0.14.0 to 0.20.0 which includes support for Astro v6
• Fixes a link issue in a hero action link (feature introduced in version 0.19.0 of the plugin)

Changes

Found a bug where distURL was empty. We didn't catch it because our tests were weak.

Testing

The existing tests now checks for their length too

Docs

N/A

This PR was opened by the Changesets release GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated.

Releases

@astrojs/cloudflare@13.1.0

Minor Changes

• #15711 b2bd27b Thanks @OliverSpeir! - Adds a prerenderEnvironment option to the Cloudflare adapter.

  By default, Cloudflare uses its workerd runtime for prerendering static pages. Set prerenderEnvironment to 'node' to use Astro's built-in Node.js prerender environment instead, giving prerendered pages access to the full Node.js ecosystem during both build and dev. This is useful when your prerendered pages depend on Node.js-specific APIs or NPM packages that aren't compatible with workerd.

  // astro.config.mjs
  import cloudflare from '@astrojs/cloudflare';
  import { defineConfig } from 'astro/config';
  
  export default defineConfig({
    adapter: cloudflare({
      prerenderEnvironment: 'node',
    }),
  });

Patch Changes

• #15845 50fcc8b Thanks @aqiray! - fix: show actionable error when running astro preview without prior build

• #15794 d1ac58e Thanks @OliverSpeir! - Fixes image serving in passthrough mode by using the Cloudflare ASSETS binding instead of generic fetch, which does not work in Workers for local assets

• #15850 660da74 Thanks @tristanbes! - fix(cloudflare): forward configPath and other PluginConfig options to the Cloudflare Vite Plugin

  Options like configPath, inspectorPort, persistState, remoteBindings, and auxiliaryWorkers were accepted by the type system but never forwarded to cfVitePlugin(), making them silently ignored.

  Also fixes addWatchFile for configPath which resolved the path relative to the adapter's node_modules directory instead of the project root.

• #15843 fcd237d Thanks @Calvin-LL! - fix cloudflare image transform ignoring quality parameter

• Updated dependencies []:

  • @astrojs/underscore-redirects@1.0.1

astro@6.0.3

Patch Changes

• #15711 b2bd27b Thanks @OliverSpeir! - Improves Astro core's dev environment handling for prerendered routes by ensuring route/CSS updates and prerender middleware behavior work correctly across both SSR and prerender environments.

  This enables integrations that use Astro's prerender dev environment (such as Cloudflare with prerenderEnvironment: 'node') to get consistent route matching and HMR behavior during development.

• #15852 1cdaf9f Thanks @ematipico! - Fixes a regression where the the routes emitted by the astro:build:done hook didn't have the distURL array correctly populated.

• #15765 ca76ff1 Thanks @matthewp! - Hardens server island POST endpoint validation to use own-property checks for improved consistency

Summary

Fixes #15846

• Forward cloudflareOptions to cfVitePlugin() — Options like configPath, inspectorPort, persistState, remoteBindings, and auxiliaryWorkers are accepted by the type system (via Pick<PluginConfig, ...> in the Options type) but were never spread into the cfVitePlugin() call, making them silently ignored.

• Fix addWatchFile path resolution for configPath — createRequire(import.meta.url).resolve(configPath) resolves relative to the adapter's own node_modules/@astrojs/cloudflare/dist/ directory instead of the project root, causing a Cannot find module error. Replaced with new URL(configPath, config.root) to match how the other wrangler config watch files are resolved.

Reproduction

// astro.config.ts — with wrangler-review.jsonc at project root, no wrangler.jsonc
export default defineConfig({
  adapter: cloudflare({
    configPath: "./wrangler-review.jsonc",
  }),
});

Running astro dev crashes with:

Cannot find module './wrangler-review.jsonc'
Require stack:
- node_modules/@astrojs/cloudflare/dist/index.js

Changes

3-line diff in packages/integrations/cloudflare/src/index.ts:

1. Spread cloudflareOptions into cfVitePlugin() so all PluginConfig options are forwarded
2. Use new URL(configPath, config.root) instead of createRequire(import.meta.url).resolve(configPath)
3. Remove unused createRequire import

Use case

Projects using separate wrangler configs per environment (wrangler-review.jsonc for dev/staging, wrangler-prod.jsonc for production) with CI renaming the appropriate file at deploy time. In @astrojs/cloudflare v12, platformProxy.configPath handled this. After migrating to v13, configPath is the documented replacement but doesn't work.

Closes #15837

Changes

• Running astro preview with the Cloudflare adapter without a prior astro build threw a cryptic ENOENT error with a long stack trace
• Added an explicit check for .wrangler/deploy/config.json before starting the preview server
• If the file is missing, a clear error message is shown: No build output found. Run astro build before running astro preview.

Testing

• Verified the cryptic ENOENT error is replaced with a clear actionable message when running astro preview without a prior build
• Verified that astro preview works correctly after running astro build
• Changeset added ✅

Docs

No docs update needed. The error message itself is self-explanatory.

Changes

• the image-transform-endpoint used in imageService: 'cloudflare-binding' ignores the q search param, this PR fixes that. the qualityTable is from @astrojs/vercel

  astro/packages/integrations/vercel/src/image/shared.ts

  Line 56 in a7cc437

  const qualityTable: Record<ImageQualityPreset, number> = {

Testing

pnpm run test in packages/integrations/cloudflare/

I tried to add a test locally but the local workerd doesn't actually change the image quality when passing in the quality field. It returned two files with identical hashes when I pass in two different quality values. I can confirm that the quality does indeed change on cloudflare.

Docs

bug fix doesn't need doc change

Description

• #3644 introduced an update to Prettier which is breaking some of our formatting
• This PR reverts the formatting commits this caused and pins Prettier to the old version to unblock us
• We can revisit updating Prettier when we’re not trying to release stuff

This PR was opened by the Changesets release GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated.

Releases

@astrojs/starlight-tailwind@5.0.0

Major Changes

• #3644 0d2e7ed Thanks @HiDeoo! - ⚠️ BREAKING CHANGE: The minimum supported version of Starlight is now 0.38.0

  Please use the @astrojs/upgrade command to upgrade your project:

  npx @astrojs/upgrade

@astrojs/starlight-docsearch@0.7.0

Minor Changes

• #3644 0d2e7ed Thanks @HiDeoo! - ⚠️ BREAKING CHANGE: The minimum supported version of Starlight is now 0.38.0

  Please use the @astrojs/upgrade command to upgrade your project:

  npx @astrojs/upgrade

@astrojs/starlight-markdoc@0.6.0

Minor Changes

• #3644 0d2e7ed Thanks @HiDeoo! - ⚠️ BREAKING CHANGE: The minimum supported version of Starlight is now 0.38.0

  Please use the @astrojs/upgrade command to upgrade your project:

  npx @astrojs/upgrade

@astrojs/starlight@0.38.0

Minor Changes

• #3644 0d2e7ed Thanks @HiDeoo! - Adds support for Astro v6, drops support for Astro v5.

  Upgrade Astro and dependencies

  ⚠️ BREAKING CHANGE: Astro v5 is no longer supported. Make sure you update Astro and any other official integrations at the same time as updating Starlight:

  npx @astrojs/upgrade

  Community Starlight plugins and Astro integrations may also need to be manually updated to work with Astro v6. If you encounter any issues, please reach out to the plugin or integration author to see if it is a known issue or if an updated version is being worked on.

  Update your collections

  ⚠️ BREAKING CHANGE: Drops support for content collections backwards compatibility.

  In Astro 5.x, projects could delay upgrading to the new Content Layer API introduced for content collections because of some existing automatic backwards compatibility that was not previously behind a flag. This meant that it was possible to upgrade from Astro 4 to Astro 5 without updating your content collections, even if you had not enabled the legacy.collections flag. Projects would continue to build, and no errors or warnings would be displayed.

  Astro v6.0 now removes this automatic legacy content collections support, along with the legacy.collections flag.

  If you experience content collections errors after updating to v6, check your project for any removed legacy features that may need updating to the Content Layer API. See the Starlight v0.30.0 upgrade guide for detailed instructions on upgrading legacy collections to the new Content Layer API.

  If you are unable to make any changes to your collections at this time, including Starlight's default docs and i18n collections, you can enable the legacy.collectionsBackwardsCompat flag to upgrade to v6 without updating your collections. This temporary flag preserves some legacy v4 content collections features, and will allow you to keep your collections in their current state until the legacy flag is no longer supported.

• #3704 375edcc Thanks @florian-lefebvre! - Fixes autocomplete for components exported from @astrojs/starlight/components/*

  ⚠️ Potentially breaking change: This change moves some files used in Starlight’s component internals out of the components/ directory. Direct use of these files was not and is not officially supported. If you previously imported TableOfContents/starlight-toc.ts, TableOfContents/TableOfContentsList.astro, Icons.ts, or SidebarPersistState.ts, please review your code when updating.

• #3729 3642625 Thanks @delucis! - Improves Starlight’s default body font stack to better support languages such as Chinese, Japanese, and Korean on Windows.
  For most users there should be no visible change.

  If you would prefer to keep the previous font stack, you can add the following custom CSS to your site:

  :root {
    --sl-font-system: ui-sans-serif, system-ui, 'Segoe UI', Roboto,
      'Helvetica Neue', Arial, 'Noto Sans', sans-serif, 'Apple Color Emoji',
      'Segoe UI Emoji', 'Segoe UI Symbol', 'Noto Color Emoji';
  }

• #3598 fff38d5 Thanks @HiDeoo! - Makes hover styles consistent in Starlight’s navigation bar

  Previously, the social icon links and language/theme switchers in Starlight’s navigation bar, dimmed on hover.
  After this change, they now increase in contrast on hover instead.
  This matches hover behavior elsewhere, for example in the sidebar, table of contents, or search button.

  ⚠️ Potentially breaking change: this is a subtle change to the hover style colors.
  If you want to preserve the previous styling, you can add the following custom CSS to your site:

  starlight-theme-select label,
  starlight-lang-select label {
    color: var(--sl-color-gray-1);
  
    &:hover {
      color: var(--sl-color-white);
    }
  }
  
  .social-icons a:hover {
    color: var(--sl-color-text-accent);
    opacity: 0.66;
  }

This PR was opened by the Changesets release GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated.

Releases

astro@6.0.2

Patch Changes

• #15832 95e12a2 Thanks @Princesseuh! - Fixes return; syntax not working in the frontmatter correctly in certain contexts

@astrojs/cloudflare@13.0.2

Patch Changes

• #15832 95e12a2 Thanks @Princesseuh! - Fixes return; syntax not working in the frontmatter correctly in certain contexts

• #15803 e42b015 Thanks @merlinnot! - Fixes the Cloudflare adapter adding a SESSION KV binding even when sessions are explicitly configured to use a different driver, such as unstorage/drivers/null.

• Updated dependencies []:

  • @astrojs/underscore-redirects@1.0.1

Changes

For import analysis, we have to remove top-level returns from Astro files in the Cloudflare adapter, we do this using a pretty naive replace, but it's fine. However, we didn't handle bare returns, i.e. return; so this fixes that.

The same code is also present in Astro for better errors during compile errors, so fixed that there too.

Testing

Added a test to the CF adapter

Docs

N/A

Changes

fast-xml-parser's 5.5.0 is broken and causes install to fail NaturalIntelligence/fast-xml-parser#799

Testing

N/A

Docs

N/A

This PR was opened by the Changesets release GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to 5-legacy, this PR will be updated.

Releases

astro@5.18.1

Patch Changes

• Updated dependencies [c2cd371]:
  • @astrojs/internal-helpers@0.7.6
  • @astrojs/markdown-remark@6.3.11

@astrojs/cloudflare@12.6.13

Patch Changes

• Updated dependencies [c2cd371]:
  • @astrojs/internal-helpers@0.7.6
  • @astrojs/underscore-redirects@1.0.0

@astrojs/markdoc@0.15.11

Patch Changes

• Updated dependencies [c2cd371]:
  • @astrojs/internal-helpers@0.7.6
  • @astrojs/markdown-remark@6.3.11

@astrojs/mdx@4.3.14

Patch Changes

• Updated dependencies []:
  • @astrojs/markdown-remark@6.3.11

@astrojs/netlify@6.6.5

Patch Changes

• Updated dependencies [c2cd371]:
  • @astrojs/internal-helpers@0.7.6
  • @astrojs/underscore-redirects@1.0.0

@astrojs/node@9.5.5

Patch Changes

• Updated dependencies [c2cd371]:
  • @astrojs/internal-helpers@0.7.6

@astrojs/vercel@9.0.5

Patch Changes

• Updated dependencies [c2cd371]:
  • @astrojs/internal-helpers@0.7.6

@astrojs/internal-helpers@0.7.6

Patch Changes

• #15828 c2cd371 Thanks @Princesseuh! - Fixes glob matching of remote patterns matching more paths than intended in select situations

@astrojs/markdown-remark@6.3.11

Patch Changes

• Updated dependencies [c2cd371]:
  • @astrojs/internal-helpers@0.7.6

Changes

Backport of #15779

Testing

Updated tests

Docs

N/A

Changes

• Restore tsconfig preview output in astro add by rendering the computed diff before the confirmation prompt.

Testing

There isn't existing test infrastructure for astro add, and this was confirmed manually.

Docs

N/A, bug fix

This PR was opened by the Changesets release GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated.

Releases

astro@6.0.1

Patch Changes

• #15827 a4c0d0b Thanks @matthewp! - Fixes astro add so the tsconfig preview shows the actual pending changes before confirmation

@astrojs/rss@4.0.17

Patch Changes

• #15830 8d3f3aa Thanks @Princesseuh! - Pin fast-xml-parser to 5.4.1 in order to fix an upstream bug

astro-vscode@2.16.11

Patch Changes

• #15825 2cfe935 Thanks @Princesseuh! - Fixes failed publish for 2.16.11.

Changes

A previous merge reverted this by accident, bringing it back to fix VS Code publishing.

Testing

N/A

Docs

N/A