chore(site-deps): bump the site-dependencies group across 1 directory with 5 updates

[dependabot]

Bumps the site-dependencies group with 5 updates in the /site directory:

Package	From	To
@astrojs/starlight	0.38.2	0.38.4
astro	6.1.1	6.1.10
@astrojs/check	0.9.8	0.9.9
prettier	3.8.1	3.8.3
typescript	5.9.3	6.0.3

Updates @astrojs/starlight from 0.38.2 to 0.38.4

Release notes

Sourced from @​astrojs/starlight's releases.

@​astrojs/starlight@​0.38.4

Patch Changes

• #3828 342038b Thanks @​MangelMaxime! - Fixes aside styling when used without any content

• #3853 563e11b Thanks @​delucis! - Fixes a type-checking issue for users on newer versions of TypeScript

@​astrojs/starlight@​0.38.3

Patch Changes

• #3799 313611b Thanks @​JosefJezek! - Improves Czech UI translations

• #3770 6e7bed1 Thanks @​gameroman! - Adds examples to the inline documentation for title in the Starlight configuration object

• #3801 fedd48b Thanks @​delucis! - Fixes missing draft content warning in dev on pages using the hero layout

Changelog

Sourced from @​astrojs/starlight's changelog.

0.38.4

Patch Changes

• #3828 342038b Thanks @​MangelMaxime! - Fixes aside styling when used without any content

• #3853 563e11b Thanks @​delucis! - Fixes a type-checking issue for users on newer versions of TypeScript

0.38.3

Patch Changes

• #3799 313611b Thanks @​JosefJezek! - Improves Czech UI translations

• #3770 6e7bed1 Thanks @​gameroman! - Adds examples to the inline documentation for title in the Starlight configuration object

• #3801 fedd48b Thanks @​delucis! - Fixes missing draft content warning in dev on pages using the hero layout

Commits

• d986558 [ci] release (#3844)
• 563e11b Ignore type error in i18n util with newer TypeScript versions (#3853)
• 04fcec0 [ci] format
• 342038b fix: empty aside alignment (#3828)
• 7a59b9a [ci] release (#3773)
• 313611b Update Czech translations for consistency (#3799)
• fedd48b Include draft content notice on pages with hero component (#3801)
• d940845 [ci] format
• 6e7bed1 docs: update jsdoc for UserConfigSchema.title with example (#3770)
• See full diff in compare view

Updates astro from 6.1.1 to 6.1.10

Release notes

Sourced from astro's releases.

astro@6.1.10

Patch Changes

• #16479 1058428 Thanks @​matthewp! - Fixes a spurious [WARN] [content] Content config not loaded warning during astro dev for projects that don't use content collections

• #16457 3d82220 Thanks @​matthewp! - Hardens server island encryption to prevent encrypted data from one island component being replayed against a different one

• #16481 152700e Thanks @​matthewp! - Fixes a spurious 404 request for a dev toolbar sourcemap during astro dev caused by the browser mis-resolving a relative sourceMappingURL from the /@id/ URL prefix

• #16480 1bcb43b Thanks @​matthewp! - Fixes an unnecessary full page reload on first navigation during dev

astro@6.1.9

Patch Changes

• #16448 99464ed Thanks @​matthewp! - Updates vite, picomatch, and unstorage to latest patch versions

• #16422 a3951d7 Thanks @​matthewp! - Hardens astro-island export resolution and hydration error handling for malformed component metadata

• #16420 e21de1d Thanks @​matthewp! - Hardens Astro's error overlay and server logging paths to avoid unsafe HTML insertion and format-string interpolation

• #16419 f3485c3 Thanks @​matthewp! - Hardens nested object and package metadata lookups to ignore prototype keys in content handling and project scaffolding

• #16022 a002540 Thanks @​mathieumaf! - Fixes an issue where i18n domains would return 404 when trailingSlash is set to never.

• Updated dependencies [99464ed, f3485c3]:

  • @​astrojs/internal-helpers@​0.9.0
  • @​astrojs/markdown-remark@​7.1.1

astro@6.1.8

Patch Changes

• #16367 a6866a7 Thanks @​ematipico! - Fixes an issue where build output files could contain special characters (!, ~, {, }) in their names, causing deploy failures on platforms like Netlify.

• #16381 217c5b3 Thanks @​ematipico! - Slightly improved the performance of the dev server by caching the internal crawling of the dependencies of a project.

• #16348 7d26cd7 Thanks @​ocavue! - Fixes a bug where emitted assets during a client build would contain always fresh, new hashes in their name. Now the build should be more stable.

• #16317 d012bfe Thanks @​das-peter! - Fixes a bug where allowedDomains weren't correctly propagated when using the development server.

• #16379 5a84551 Thanks @​martrapp! - Improves Vue scoped style handling in DEV mode during client router navigation.

• #16317 d012bfe Thanks @​das-peter! - Adds tests to verify settings are properly propagated when using the development server.

• #16282 5b0fdaa Thanks @​jmurty! - Fixes build errors on platforms with skew protection enabled (e.g. Vercel, Netlify) for inter-chunk Javascript using dynamic imports

• Updated dependencies [e0b240e]:

  • @​astrojs/telemetry@​3.3.1

astro@6.1.7

Patch Changes

... (truncated)

Changelog

Sourced from astro's changelog.

Commits

• c1f2e4f [ci] release (#16467)
• 345fb9e chore: fix flaky dev toolbar render time test (#16500)
• 5120ecd [ci] format
• 3d82220 Add AEAD context binding to server island encryption (#16457)
• 1bcb43b Prebundle dev toolbar entrypoint in client environment (#16480)
• 93101cc [ci] format
• 152700e fix: strip sourceMappingURL from dev toolbar entrypoint during dep optimizati...
• bc83041 refactor(astro): migrate test utils to typescript (#16492)
• 5c543c5 refactor(astro): add internal entry points for test (#16473)
• 1058428 Suppress content config warning for projects without content collections (#16...
• Additional commits viewable in compare view

Updates @astrojs/check from 0.9.8 to 0.9.9

Release notes

Sourced from @​astrojs/check's releases.

@​astrojs/check@​0.9.9

Patch Changes

• #16471 f56bb3f Thanks @​delucis! - Adds support for TypeScript v6 to peer dependencies range

• Updated dependencies [8c62159]:

  • @​astrojs/language-server@​2.16.7

Changelog

Sourced from @​astrojs/check's changelog.

0.9.9

Patch Changes

• #16471 f56bb3f Thanks @​delucis! - Adds support for TypeScript v6 to peer dependencies range

• Updated dependencies [8c62159]:

  • @​astrojs/language-server@​2.16.7

Commits

• c1f2e4f [ci] release (#16467)
• f56bb3f Widen typescript peer dependency range to allow v6 (#16471)
• 184700c fix(deps): update language tools (#16230)
• 88fcc98 fix integrations links across docs (#16098)
• b9e96da fix(deps): update dependency vitest to v4 (#15372)
• See full diff in compare view

Updates prettier from 3.8.1 to 3.8.3

Release notes

Sourced from prettier's releases.

3.8.3

• SCSS: Prevent trailing comma in if() function (prettier/prettier#18471 by @​kovsu)

🔗 Changelog

3.8.2

• Support Angular v21.2

🔗 Changelog

Changelog

Sourced from prettier's changelog.

3.8.3

diff

SCSS: Prevent trailing comma in if() function (#18471 by @​kovsu)

// Input
$value: if(sass(false): 1; else: -1);
// Prettier 3.8.2
$value: if(
sass(false): 1; else: -1,
);
// Prettier 3.8.3
$value: if(sass(false): 1; else: -1);

3.8.2

diff

Angular: Support Angular v21.2 (#18722, #19034 by @​fisker)

Exhaustive typechecking with @default never;

<!-- Input -->
@switch (foo) {
  @case (1) {}
  @default never;
}
<!-- Prettier 3.8.1 -->
SyntaxError: Incomplete block "default never". If you meant to write the @ character, you should use the "&#64;" HTML entity instead. (3:3)
<!-- Prettier 3.8.2 -->
@​switch (foo) {
@​case (1) {}
@​default never;
}

arrow function and instanceof expressions.

</tr></table> 

... (truncated)

Commits

• d7108a7 Release 3.8.3
• 177f908 Prevent trailing comma in SCSS if() function (#18471)
• 1cd4066 Release @​prettier/plugin-oxc@​0.1.4
• a8700e2 Update oxc-parser to v0.125.0
• 752157c Fix tests
• 053fd41 Bump Prettier dependency to 3.8.2
• 904c636 Clean changelog_unreleased
• dc1f7fc Update dependents count
• b31557c Release 3.8.2
• 96bbaed Support Angular v21.2 (#18722)
• Additional commits viewable in compare view

Updates typescript from 5.9.3 to 6.0.3

Release notes

Sourced from typescript's releases.

TypeScript 6.0.3

For release notes, check out the release announcement blog post.

• fixed issues query for TypeScript 6.0.0 (Beta).
• fixed issues query for TypeScript 6.0.1 (RC).
• fixed issues query for TypeScript 6.0.2 (Stable).
• fixed issues query for TypeScript 6.0.3 (Stable).

Downloads are available on:

• npm

TypeScript 6.0

For release notes, check out the release announcement blog post.

• fixed issues query for TypeScript 6.0.0 (Beta).
• fixed issues query for TypeScript 6.0.1 (RC).
• fixed issues query for TypeScript 6.0.2 (Stable).

Downloads are available on:

• npm

TypeScript 6.0 Beta

For release notes, check out the release announcement.

• fixed issues query for Typescript 6.0.0 (Beta).

Downloads are available on:

• npm

Commits

• 050880c Bump version to 6.0.3 and LKG
• eeae9dd 🤖 Pick PR #63401 (Also check package name validity in...) into release-6.0 (#...
• ad1c695 🤖 Pick PR #63368 (Harden ATA package name filtering) into release-6.0 (#63372)
• 0725fb4 🤖 Pick PR #63310 (Mark class property initializers as...) into release-6.0 (#...
• 607a22a Bump version to 6.0.2 and LKG
• 9e72ab7 🤖 Pick PR #63239 (Fix missing lib files in reused pro...) into release-6.0 (#...
• 35ff23d 🤖 Pick PR #63163 (Port anyFunctionType subtype fix an...) into release-6.0 (#...
• e175b69 Bump version to 6.0.1-rc and LKG
• af4caac Update LKG
• 8efd7e8 Merge remote-tracking branch 'origin/main' into release-6.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: dependencies, security. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
npm/@astrojs/check	0.9.9	Unknown	Unknown
npm/@astrojs/starlight	0.38.4	Unknown	Unknown
npm/astro	6.1.10	Unknown	Unknown
npm/prettier	3.8.3	🟢 6.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 4 Found 7/17 approved changesets -- score normalized to 4 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 10 security policy file detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Pinned-Dependencies 🟢 8 dependency not pinned by hash detected -- score normalized to 8 Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 9 SAST tool detected but not run on all commits
npm/typescript	6.0.3	🟢 8.7	Details Check Score Reason Code-Review 🟢 7 Found 15/19 approved changesets -- score normalized to 7 Maintained 🟢 10 30 commit(s) and 18 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Dependency-Update-Tool 🟢 10 update tool detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected Token-Permissions 🟢 9 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Vulnerabilities 🟢 6 4 existing vulnerabilities detected Signed-Releases ⚠️ -1 no releases found License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo SAST 🟢 10 SAST tool is run on all commits Branch-Protection 🟢 8 branch protection is not maximal on development and all release branches Pinned-Dependencies 🟢 6 dependency not pinned by hash detected -- score normalized to 6 Fuzzing 🟢 10 project is fuzzed CI-Tests 🟢 10 26 out of 26 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 38 contributing companies or organizations

Scanned Files

• site/package.json