chore: bump astro from 6.1.2 to 6.1.3 in /site in the all group by dependabot[bot] · Pull Request #988 · Aureliolo/synthorg

dependabot · 2026-04-02T07:28:28Z

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

Bumps the all group in /site with 1 update: astro.

Updates astro from 6.1.2 to 6.1.3

Release notes

astro@6.1.3

Patch Changes

#16161 b51f297 Thanks @matthewp! - Fixes a dev rendering issue with the Cloudflare adapter where head metadata could be missing and dev CSS/scripts could be injected in the wrong place

#16110 de669f0 Thanks @tmimmanuel! - Fixes skew protection query parameters not being appended to inter-chunk JavaScript imports in client bundles, which could cause version mismatches during rolling deployments on Vercel

#16162 a0a49e9 Thanks @rururux! - Fixes an issue where HMR would not trigger when modifying files while using @astrojs/cloudflare with prerenderEnvironment: 'node' enabled.

#16142 7454854 Thanks @rururux! - Fixes HTML content being incorrectly escaped as plain text when rendering a MDX component using the AstroContainer APIs.

#16116 12602a9 Thanks @riderx! - Fixes a bug where page-level CSS could leak between unrelated pages when traversing style parents across top-level route boundaries

#16178 a7e7567 Thanks @matthewp! - Fixes SSR builds failing with "No matching renderer found" when a project only has injected routes and no src/pages/ directory

Changelog

Sourced from astro's changelog.

6.1.3

Patch Changes

#16161 b51f297 Thanks @matthewp! - Fixes a dev rendering issue with the Cloudflare adapter where head metadata could be missing and dev CSS/scripts could be injected in the wrong place

#16110 de669f0 Thanks @tmimmanuel! - Fixes skew protection query parameters not being appended to inter-chunk JavaScript imports in client bundles, which could cause version mismatches during rolling deployments on Vercel

#16162 a0a49e9 Thanks @rururux! - Fixes an issue where HMR would not trigger when modifying files while using @astrojs/cloudflare with prerenderEnvironment: 'node' enabled.

#16142 7454854 Thanks @rururux! - Fixes HTML content being incorrectly escaped as plain text when rendering a MDX component using the AstroContainer APIs.

#16116 12602a9 Thanks @riderx! - Fixes a bug where page-level CSS could leak between unrelated pages when traversing style parents across top-level route boundaries

#16178 a7e7567 Thanks @matthewp! - Fixes SSR builds failing with "No matching renderer found" when a project only has injected routes and no src/pages/ directory

Commits

b5b8093 [ci] release (#16159)
7454854 fix(astro): Fix isHTMLString check failing in multi-realm environments (#16...
a7e7567 Include injected routes when determining whether renderers are needed in SSR ...
a0a49e9 fix(cloudflare): ensure HMR works when prerenderEnvironment is set to 'node...
b51f297 Preserve head metadata in Cloudflare dev rendering (#16161)
4eec0f1 test: don't use tmp fixtures (#16177)
a9138ab [ci] format
34b5f13 chore: move unit tests to ts (#16157)
6b6751d [ci] format
de669f0 fix(core): append assetQueryParams to inter-chunk JS imports (#15964) (#16110)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the all group in /site with 1 update: [astro](https://github.com/withastro/astro/tree/HEAD/packages/astro). Updates `astro` from 6.1.2 to 6.1.3 - [Release notes](https://github.com/withastro/astro/releases) - [Changelog](https://github.com/withastro/astro/blob/main/packages/astro/CHANGELOG.md) - [Commits](https://github.com/withastro/astro/commits/astro@6.1.3/packages/astro) --- updated-dependencies: - dependency-name: astro dependency-version: 6.1.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all ... Signed-off-by: dependabot[bot] <support@github.com>

socket-security · 2026-04-02T07:29:10Z

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Package	Supply Chain Security	Quality
npm/class-variance-authority@0.7.1
npm/@types/js-yaml@4.0.9
npm/@storybook/react-vite@10.3.3
npm/esbuild@0.27.3 ⏵ 0.27.4		⁺¹
npm/@types/d3-hierarchy@3.1.7
npm/@types/d3-force@3.0.10
npm/@storybook/react@10.3.3
npm/@storybook/addon-a11y@10.3.3
npm/@vitest/coverage-v8@4.1.2
npm/@types/node@24.12.0 ⏵ 25.5.0	⁺¹
npm/cross-env@10.1.0
npm/d3-force@3.0.0
npm/cmdk@1.1.1
npm/@testing-library/user-event@14.6.1
npm/@testing-library/dom@10.4.1
npm/eslint-plugin-security@4.0.0
npm/@tanstack/react-query@5.96.0
npm/@testing-library/react@16.3.2
npm/eslint-plugin-react-refresh@0.5.2
npm/@testing-library/jest-dom@6.9.1
npm/fast-check@4.6.0
npm/eslint@10.1.0
npm/axios@1.14.0
npm/@xyflow/react@12.10.2
npm/framer-motion@12.38.0
npm/@vitejs/plugin-react@5.2.0 ⏵ 6.0.1	⁺¹
npm/@storybook/addon-docs@10.3.3

View full report

github-actions · 2026-04-02T07:30:40Z

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA 16f5ce2.

Ensure that dependencies are being submitted on PR branches. Re-running this action after a short time may resolve the issue. See the documentation for more information and troubleshooting advice.

OpenSSF Scorecard

Package	Version	Score	Details
npm/astro	6.1.3	Unknown	Unknown

Scanned Files

site/package-lock.json

Aureliolo · 2026-04-02T08:07:09Z

@dependabot rebase

🤖 I have created a release *beep* *boop* --- ## [0.5.7](v0.5.6...v0.5.7) (2026-04-02) ### Features * comparison page -- SynthOrg vs agent orchestration frameworks ([#994](#994)) ([6f937ef](6f937ef)), closes [#981](#981) * event-driven and budget-driven ceremony scheduling strategies ([#995](#995)) ([f88e7b0](f88e7b0)), closes [#971](#971) [#972](#972) * template packs for post-setup additive team expansion ([#996](#996)) ([b45e14a](b45e14a)), closes [#727](#727) ### Performance * preload JetBrains Mono font, remove unused api.github.com preconnect ([#998](#998)) ([2a189c2](2a189c2)) * run only affected modules in pre-push hooks ([#992](#992)) ([7956e23](7956e23)) ### Maintenance * bump astro from 6.1.2 to 6.1.3 in /site in the all group ([#988](#988)) ([17b58db](17b58db)) * bump the all group across 1 directory with 2 updates ([#989](#989)) ([1ff462a](1ff462a)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).

dependabot bot added dependencies Pull requests that update a dependency file scope:site Landing page (Astro) type:chore Maintenance, cleanup, dependency updates labels Apr 2, 2026

dependabot bot requested a review from Aureliolo as a code owner April 2, 2026 07:28

dependabot bot had a problem deploying to cloudflare-preview April 2, 2026 07:29 Failure

Aureliolo merged commit 17b58db into main Apr 2, 2026
21 of 22 checks passed

Aureliolo deleted the dependabot/npm_and_yarn/site/all-7e0429bf5b branch April 2, 2026 08:07

Aureliolo temporarily deployed to cloudflare-preview April 2, 2026 08:07 — with GitHub Actions Inactive

Aureliolo mentioned this pull request Apr 2, 2026

chore(main): release 0.5.7 #991

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore: bump astro from 6.1.2 to 6.1.3 in /site in the all group#988

chore: bump astro from 6.1.2 to 6.1.3 in /site in the all group#988
Aureliolo merged 1 commit intomainfrom
dependabot/npm_and_yarn/site/all-7e0429bf5b

dependabot bot commented on behalf of github Apr 2, 2026 •

edited

Loading

Uh oh!

socket-security bot commented Apr 2, 2026

Uh oh!

github-actions bot commented Apr 2, 2026

Uh oh!

Aureliolo commented Apr 2, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot bot commented on behalf of github Apr 2, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

astro@6.1.3

Patch Changes

6.1.3

Patch Changes

Uh oh!

socket-security bot commented Apr 2, 2026

Uh oh!

github-actions bot commented Apr 2, 2026

Dependency Review

Snapshot Warnings

OpenSSF Scorecard

Scanned Files

Uh oh!

Aureliolo commented Apr 2, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

dependabot bot commented on behalf of github Apr 2, 2026 •

edited

Loading