Skip to content

Bump the non-major group across 1 directory with 9 updates#44

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/non-major-1134482624
Closed

Bump the non-major group across 1 directory with 9 updates#44
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/non-major-1134482624

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 11, 2026

Copy link
Copy Markdown
Contributor

Bumps the non-major group with 9 updates in the / directory:

Package From To
@astrojs/sitemap 3.4.1 3.7.3
@astrojs/starlight 0.34.8 0.41.2
astro 5.11.2 5.18.2
astro-og-canvas 0.5.6 0.13.0
js-cookie 3.0.5 3.0.8
sharp 0.33.5 0.35.3
starlight-llms-txt 0.5.1 0.11.0
starlight-openapi 0.22.1 0.26.0
openapi-to-postmanv2 6.0.1 6.2.0

Updates @astrojs/sitemap from 3.4.1 to 3.7.3

Changelog

Sourced from @​astrojs/sitemap's changelog.

3.7.3

Patch Changes

  • #16837 783c4a6 Thanks @​jdevalk! - Improves <lastmod> accuracy in the sitemap index. Each <sitemap> entry in sitemap-index.xml is now stamped with the most recent lastmod of the URLs in the child sitemap it points to, instead of repeating a single global date on every entry. When a child sitemap has no per-URL lastmod, the entry falls back to the lastmod option as before. This gives search engines a per-file freshness signal, so they can tell which child sitemaps actually changed without refetching all of them.

3.7.2

Patch Changes

3.7.1

Patch Changes

3.6.1-beta.3

Patch Changes

3.6.1-beta.2

Patch Changes

3.6.1-alpha.1

Patch Changes

3.6.1-alpha.0

Patch Changes

3.7.0

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​astrojs/sitemap since your current version.


Updates @astrojs/starlight from 0.34.8 to 0.41.2

Release notes

Sourced from @​astrojs/starlight's releases.

@​astrojs/starlight@​0.41.2

Patch Changes

  • #4008 58a3520 Thanks @​FrancoKaddour! - Fixes the table of contents overflowing the right edge of the viewport when a custom --sl-content-width value exceeds available space

  • #4015 bdbfffc Thanks @​delucis! - Fixes an issue where aside icons were rendered incorrectly in projects where Astro’s MDX integration had optimization disabled

@​astrojs/starlight@​0.41.1

Patch Changes

@​astrojs/starlight@​0.41.0

Minor Changes

  • #3951 1202dd4 Thanks @​HiDeoo! - Adds support for Astro v7, drops support for Astro v6.

    Upgrade Astro and dependencies

    ⚠️ BREAKING CHANGE: Astro v6 is no longer supported. Make sure you update Astro and any other official integrations at the same time as updating Starlight:

    npx @astrojs/upgrade

    Community Starlight plugins and Astro integrations may also need to be manually updated to work with Astro v7. If you encounter any issues, please reach out to the plugin or integration author to see if it is a known issue or if an updated version is being worked on.

    ⚠️ BREAKING CHANGE: This release drops official support for Chromium-based browsers prior to version 111 (released 07 March 2023) and Safari-based browsers prior to version 16.4 (released 27 March 2023). You can find a list of currently supported browsers and their versions using this browserslist query.

Patch Changes

  • #3953 a935d33 Thanks @​HiDeoo! - Fixes Starlight Markdown processing being potentially applied to files that should not be processed.

@​astrojs/starlight@​0.40.0

Minor Changes

  • #3923 edf2e6b Thanks @​Princesseuh! - Adds support for Astro 6.4 and the new Sätteri Markdown processor.

    It is now possible to opt into using Astro's 6.4 Sätteri Markdown processor by installing the @astrojs/markdown-satteri package and configuring it in your astro.config.mjs file:

    // astro.config.mjs
    import { defineConfig } from 'astro/config';
    import { satteri } from '@​astrojs/markdown-satteri';

... (truncated)

Changelog

Sourced from @​astrojs/starlight's changelog.

0.41.2

Patch Changes

  • #4008 58a3520 Thanks @​FrancoKaddour! - Fixes the table of contents overflowing the right edge of the viewport when a custom --sl-content-width value exceeds available space

  • #4015 bdbfffc Thanks @​delucis! - Fixes an issue where aside icons were rendered incorrectly in projects where Astro’s MDX integration had optimization disabled

0.41.1

Patch Changes

0.41.0

Minor Changes

  • #3951 1202dd4 Thanks @​HiDeoo! - Adds support for Astro v7, drops support for Astro v6.

    Upgrade Astro and dependencies

    ⚠️ BREAKING CHANGE: Astro v6 is no longer supported. Make sure you update Astro and any other official integrations at the same time as updating Starlight:

    npx @astrojs/upgrade

    Community Starlight plugins and Astro integrations may also need to be manually updated to work with Astro v7. If you encounter any issues, please reach out to the plugin or integration author to see if it is a known issue or if an updated version is being worked on.

    ⚠️ BREAKING CHANGE: This release drops official support for Chromium-based browsers prior to version 111 (released 07 March 2023) and Safari-based browsers prior to version 16.4 (released 27 March 2023). You can find a list of currently supported browsers and their versions using this browserslist query.

Patch Changes

  • #3953 a935d33 Thanks @​HiDeoo! - Fixes Starlight Markdown processing being potentially applied to files that should not be processed.

0.40.0

Minor Changes

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​astrojs/starlight since your current version.


Updates astro from 5.11.2 to 5.18.2

Changelog

Sourced from astro's changelog.

5.18.2

Patch Changes

  • #16813 8f7d8c4 Thanks @​matthewp! - Populates styles in the SSR manifest for prerendered routes. Previously, prerendered routes had styles: [] in the manifest, making it impossible for workers or middleware to discover which CSS files a prerendered page uses.

5.18.1

Patch Changes

  • Updated dependencies [c2cd371]:
    • @​astrojs/internal-helpers@​0.7.6
    • @​astrojs/markdown-remark@​6.3.11

5.18.0

Minor Changes

  • #15589 b7dd447 Thanks @​qzio! - Adds a new security.actionBodySizeLimit option to configure the maximum size of Astro Actions request bodies.

    This lets you increase the default 1 MB limit when your actions need to accept larger payloads. For example, actions that handle file uploads or large JSON payloads can now opt in to a higher limit.

    If you do not set this option, Astro continues to enforce the 1 MB default to help prevent abuse.

    // astro.config.mjs
    export default defineConfig({
      security: {
        actionBodySizeLimit: 10 * 1024 * 1024, // set to 10 MB
      },
    });

Patch Changes

  • #15594 efae11c Thanks @​qzio! - Fix X-Forwarded-Proto validation when allowedDomains includes both protocol and hostname fields. The protocol check no longer fails due to hostname mismatch against the hardcoded test URL.

5.17.3

Patch Changes

  • #15564 522f880 Thanks @​matthewp! - Add a default body size limit for server actions to prevent oversized requests from exhausting memory.

  • #15569 e01e98b Thanks @​matthewp! - Respect image allowlists when inferring remote image sizes and reject remote redirects.

5.17.2

Patch Changes

  • c13b536 Thanks @​matthewp! - Improves Host header handling for SSR deployments behind proxies

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for astro since your current version.


Updates astro-og-canvas from 0.5.6 to 0.13.0

Release notes

Sourced from astro-og-canvas's releases.

astro-og-canvas@0.13.0

Minor Changes

  • #189 8186730 Thanks @​delucis! - Adds auto-detection for the route parameter name to OGImageRoute().

    ⚠️ BREAKING CHANGE: The param option to OGImageRoute() has been removed and your code should be updated to remove it:

    export const { getStaticPaths, GET } = await OGImageRoute({
    - param: 'slug',
      pages: {
        // ...
      },
      getImageOptions: () => {/* ... */},
    });

    astro-og-canvas now detects the param value from your image endpoint’s filename automatically.

astro-og-canvas@0.12.0

Minor Changes

astro-og-canvas@0.11.1

Patch Changes

astro-og-canvas@0.11.0

Minor Changes

  • #157 91ac061 Thanks @​renovate! - Updates dependency entities to v8

    ⚠️ Potentially breaking change: The minimum supported Node version is now 20.19.0

Patch Changes

astro-og-canvas@0.10.1

Patch Changes

astro-og-canvas@0.10.0

Minor Changes

... (truncated)

Changelog

Sourced from astro-og-canvas's changelog.

0.13.0

Minor Changes

  • #189 8186730 Thanks @​delucis! - Adds auto-detection for the route parameter name to OGImageRoute().

    ⚠️ BREAKING CHANGE: The param option to OGImageRoute() has been removed and your code should be updated to remove it:

    export const { getStaticPaths, GET } = await OGImageRoute({
    - param: 'slug',
      pages: {
        // ...
      },
      getImageOptions: () => {/* ... */},
    });

    astro-og-canvas now detects the param value from your image endpoint’s filename automatically.

0.12.0

Minor Changes

0.11.1

Patch Changes

0.11.0

Minor Changes

  • #157 91ac061 Thanks @​renovate! - Updates dependency entities to v8

    ⚠️ Potentially breaking change: The minimum supported Node version is now 20.19.0

Patch Changes

0.10.1

Patch Changes

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for astro-og-canvas since your current version.

Install script changes

This version modifies prepublish script that runs during installation. Review the package contents before updating.


Updates js-cookie from 3.0.5 to 3.0.8

Release notes

Sourced from js-cookie's releases.

v3.0.8

  • Restore ES5 compatibility, inadvertently broken in 3.0.7 - #959
  • Lift Node version restriction, inadvertently restricted to >= 20 in 3.0.7 - #956

v3.0.7

  • Prevent cookie attribute injection: CVE-2026-46625 (eb3c40e)
  • Add Partitioned attribute to readme (b994768)
  • Publish to npm registry via trusted publisher exclusively (4dc71be)
  • Ensure consistent behaviour for get('name') + get() (1953d30)
Commits
  • d7a1096 Craft v3.0.8 release
  • 248e685 Use existing Chrome with puppeteer
  • fc04269 Remove QUnit related workaround in Grunt config
  • 265a685 Tidy up package lock file
  • 478e591 Disable Node deprecation DEP0044 for release workflow
  • 331d524 Fix node version config for E2E test job
  • 11d773d Ensure ECMAScript compatibility
  • d788646 Remove engines property from package
  • e7d9a4d Fix typo in test assertion message
  • b5fca24 Make credentials use explicit in release workflow
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for js-cookie since your current version.


Updates sharp from 0.33.5 to 0.35.3

Release notes

Sourced from sharp's releases.

v0.35.3

  • Tighten verification of text dimensions, TIFF tile dimensions and extend values.

  • Improve code bundler support by resolving path to libvips binary.

  • Increase default concurrency when use of MALLOC_ARENA_MAX is detected.

  • Emit warning about binaries provided by Electron for use on Linux.

  • Add hasAlpha property to output info. #4500

  • TypeScript: Return more precise Buffer<ArrayBuffer> from toBuffer. #4520 @​Andarist

  • Bound clahe width and height to avoid signed overflow. #4551 @​metsw24-max

  • Bound trim margin to avoid signed overflow. #4552 @​metsw24-max

  • Reject infinite values when validating numbers. #4553 @​metsw24-max

  • Bound extract region to libvips coordinate limit. #4555 @​metsw24-max

  • Verify background colour values are numbers. #4556 @​metsw24-max

  • Bound create and raw input dimensions to coordinate limit. #4558 @​metsw24-max

  • Tighten recomb and affine matrix verification. #4560 @​chatman-media

  • Verify cache memory limit to avoid overflow. #4561 @​metsw24-max

v0.35.3-rc.2

  • Tighten verification of text dimensions, TIFF tile dimensions and extend values.

... (truncated)

Commits
  • 1018449 Release v0.35.3
  • ba303a7 Prerelease v0.35.3-rc.2
  • 4f94fc5 Upgrade to sharp-libvips v1.3.2
  • c5e7a3f Bump devDeps, fix Deno/Windows smoke tests
  • 9a8d002 Docs: Add changelog entry and note about transferable #4520
  • 8694db0 TypeScript: Return more precise Buffer\<ArrayBuffer> from toBuffer (#4520)
  • e000d0b Prerelease v0.35.3-rc.1
  • 9554ca9 Prerelease v0.35.3-rc.0
  • 6a29fd5 Emit warning about native binaries on Linux Electron
  • 540d2ea Increase default concurrency when use of MALLOC_ARENA_MAX detected
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for sharp since your current version.


Updates starlight-llms-txt from 0.5.1 to 0.11.0

Release notes

Sourced from starlight-llms-txt's releases.

starlight-llms-txt@0.11.0

Minor Changes

  • #127 bf986de Thanks @​funkadelic! - Updates to support Astro 7. The astro peer dependency is now ^7.0.0 and the @astrojs/starlight peer dependency is now >=0.41.0.

    Support for Astro 6 and Starlight versions below 0.41 has been dropped. Existing projects on Astro 6 can continue using the previous release until they are ready to upgrade to Astro 7.

starlight-llms-txt@0.10.0

Minor Changes

  • #105 aa7f8cf Thanks @​IEvangelist! - Extend the customSelectors option to support per-output control.

    The option is now exposed at the top level of the plugin configuration and accepts either of two shapes:

    • Array (legacy) — selectors apply to llms-small.txt only, matching the existing scope of minify.customSelectors.
    • Object with optional small, full, and all arrays — small applies to llms-small.txt, full applies to llms-full.txt and any customSets outputs, and all applies to both (merged with small and full).

    The deprecated minify.customSelectors option keeps working: selectors listed there are merged additively into the small bucket so existing configurations are unaffected.

    Use the new object shape to strip transient HTML injected by docs-site rendering plugins (for example, hover popovers from expressive-code-twoslash) from every generated output:

    starlightLlmsTxt({
      customSelectors: {
        all: ['.twoslash-popup-container', '.twoslash-error-box'],
      },
    }),

starlight-llms-txt@0.9.0

Minor Changes

  • #104 3f6c45b Thanks @​davidfowl! - Preserves the contents of code blocks when collapsing whitespace in llms-small.txt.

    Previously, the minify.whitespace option collapsed every whitespace run — including newlines inside fenced code blocks — into a single space, so multi-line code samples ended up on one line. Now, fenced code blocks keep their original newlines and indentation while whitespace in prose still collapses for token efficiency.

    A new minify.collapseCodeBlocks option controls this behavior. Set it to true to restore the previous flatten-everything output.

starlight-llms-txt@0.8.1

Patch Changes

  • 29e5efb Thanks @​mvanhorn! - Strips HTML comments from llms.txt files. <!-- ... --> style comments in .md files are no longer emitted in the generated files.

starlight-llms-txt@0.8.0

Minor Changes

  • #80 dea7b22 Thanks @​nonoakij! - Adds support for Astro v6 and Starlight v0.38, drops support for lower versions.

starlight-llms-txt@0.7.0

Minor Changes

... (truncated)

Changelog

Sourced from starlight-llms-txt's changelog.

0.11.0

Minor Changes

  • #127 bf986de Thanks @​funkadelic! - Updates to support Astro 7. The astro peer dependency is now ^7.0.0 and the @astrojs/starlight peer dependency is now >=0.41.0.

    Support for Astro 6 and Starlight versions below 0.41 has been dropped. Existing projects on Astro 6 can continue using the previous release until they are ready to upgrade to Astro 7.

0.10.0

Minor Changes

  • #105 aa7f8cf Thanks @​IEvangelist! - Extend the customSelectors option to support per-output control.

    The option is now exposed at the top level of the plugin configuration and accepts either of two shapes:

    • Array (legacy) — selectors apply to llms-small.txt only, matching the existing scope of minify.customSelectors.
    • Object with optional small, full, and all arrays — small applies to llms-small.txt, full applies to llms-full.txt and any customSets outputs, and all applies to both (merged with small and full).

    The deprecated minify.customSelectors option keeps working: selectors listed there are merged additively into the small bucket so existing configurations are unaffected.

    Use the new object shape to strip transient HTML injected by docs-site rendering plugins (for example, hover popovers from expressive-code-twoslash) from every generated output:

    starlightLlmsTxt({
      customSelectors: {
        all: ['.twoslash-popup-container', '.twoslash-error-box'],
      },
    }),

0.9.0

Minor Changes

  • #104 3f6c45b Thanks @​davidfowl! - Preserves the contents of code blocks when collapsing whitespace in llms-small.txt.

    Previously, the minify.whitespace option collapsed every whitespace run — including newlines inside fenced code blocks — into a single space, so multi-line code samples ended up on one line. Now, fenced code blocks keep their original newlines and indentation while whitespace in prose still collapses for token efficiency.

    A new minify.collapseCodeBlocks option controls this behavior. Set it to true to restore the previous flatten-everything output.

0.8.1

Patch Changes

  • 29e5efb Thanks @​mvanhorn! - Strips HTML comments from llms.txt files. <!-- ... --> style comments in .md files are no longer emitted in the generated files.

0.8.0

Minor Changes

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for starlight-llms-txt since your current version.


Updates starlight-openapi from 0.22.1 to 0.26.0

Release notes

Sourced from starlight-openapi's releases.

starlight-openapi@0.26.0

Minor Changes

  • #166 ab3d189 Thanks @​HiDeoo! - Adds support for Astro v7, drops support for Astro v6.

    ⚠️ BREAKING CHANGE: The minimum supported version of Starlight is now 0.41.0.

    Please follow the upgrade guide to update your project.

starlight-openapi@0.25.3

Patch Changes

starlight-openapi@0.25.2

Patch Changes

  • #159 79e0e12 Thanks @​HiDeoo! - Fixes required schema property tags being omitted when combined with allOf, oneOf, anyOf, or not.

starlight-openapi@0.25.1

Patch Changes

starlight-openapi@0.25.0

Minor Changes

  • #152 26194b9 Thanks @​HiDeoo! - Adds support for operation snippets, including autogenerated code examples and authored x-codeSamples, showing how to execute operations.

  • #153 c49f237 Thanks @​HiDeoo! - Adds support for autogenerated request body snippets for JSON-like and URL-encoded form request body media types.

  • #153 c49f237 Thanks @​HiDeoo! - Adds support for autogenerated response snippets for JSON-like response media types.

  • #150 0f21458 Thanks @​HiDeoo! - Adds a list of operations to overview pages.

  • #146 817f809 Thanks @​HiDeoo! - Adds support for on-demand rendered OpenAPI documentation pages by respecting Starlight's prerender configuration option.

  • #149 12b522b Thanks @​HiDeoo! - Improves the generated OpenAPI markup to provide more consistent CSS selectors for custom styling and theming.

    ⚠️ Potentially breaking change: If you have custom CSS targeting generated OpenAPI markup, you may want to double check the visual appearance of the generated pages when updating.

  • #153 c49f237 Thanks @​HiDeoo! - Unifies the response example UI across OpenAPI v2 and v3.

@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jun 11, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jun 11, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: frontend. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@netlify

netlify Bot commented Jun 11, 2026

Copy link
Copy Markdown

Deploy Preview for deluxe-meerkat-8daf24 failed.

Name Link
🔨 Latest commit 9c6e3dc
🔍 Latest deploy log https://app.netlify.com/projects/deluxe-meerkat-8daf24/deploys/6a46de420fc88300081c5018

@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/non-major-1134482624 branch 2 times, most recently from 0c2b0b1 to a2aa271 Compare June 25, 2026 21:55
Bumps the non-major group with 9 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@astrojs/sitemap](https://github.com/withastro/astro/tree/HEAD/packages/integrations/sitemap) | `3.4.1` | `3.7.3` |
| [@astrojs/starlight](https://github.com/withastro/starlight/tree/HEAD/packages/starlight) | `0.34.8` | `0.41.2` |
| [astro](https://github.com/withastro/astro/tree/HEAD/packages/astro) | `5.11.2` | `5.18.2` |
| [astro-og-canvas](https://github.com/delucis/astro-og-canvas/tree/HEAD/packages/astro-og-canvas) | `0.5.6` | `0.13.0` |
| [js-cookie](https://github.com/js-cookie/js-cookie) | `3.0.5` | `3.0.8` |
| [sharp](https://github.com/lovell/sharp) | `0.33.5` | `0.35.3` |
| [starlight-llms-txt](https://github.com/delucis/starlight-llms-txt/tree/HEAD/packages/starlight-llms-txt) | `0.5.1` | `0.11.0` |
| [starlight-openapi](https://github.com/HiDeoo/starlight-openapi/tree/HEAD/packages/starlight-openapi) | `0.22.1` | `0.26.0` |
| [openapi-to-postmanv2](https://github.com/postmanlabs/openapi-to-postman) | `6.0.1` | `6.2.0` |



Updates `@astrojs/sitemap` from 3.4.1 to 3.7.3
- [Release notes](https://github.com/withastro/astro/releases)
- [Changelog](https://github.com/withastro/astro/blob/main/packages/integrations/sitemap/CHANGELOG.md)
- [Commits](https://github.com/withastro/astro/commits/@astrojs/sitemap@3.7.3/packages/integrations/sitemap)

Updates `@astrojs/starlight` from 0.34.8 to 0.41.2
- [Release notes](https://github.com/withastro/starlight/releases)
- [Changelog](https://github.com/withastro/starlight/blob/main/packages/starlight/CHANGELOG.md)
- [Commits](https://github.com/withastro/starlight/commits/@astrojs/starlight@0.41.2/packages/starlight)

Updates `astro` from 5.11.2 to 5.18.2
- [Release notes](https://github.com/withastro/astro/releases)
- [Changelog](https://github.com/withastro/astro/blob/astro@5.18.2/packages/astro/CHANGELOG.md)
- [Commits](https://github.com/withastro/astro/commits/astro@5.18.2/packages/astro)

Updates `astro-og-canvas` from 0.5.6 to 0.13.0
- [Release notes](https://github.com/delucis/astro-og-canvas/releases)
- [Changelog](https://github.com/delucis/astro-og-canvas/blob/latest/packages/astro-og-canvas/CHANGELOG.md)
- [Commits](https://github.com/delucis/astro-og-canvas/commits/astro-og-canvas@0.13.0/packages/astro-og-canvas)

Updates `js-cookie` from 3.0.5 to 3.0.8
- [Release notes](https://github.com/js-cookie/js-cookie/releases)
- [Commits](js-cookie/js-cookie@v3.0.5...v3.0.8)

Updates `sharp` from 0.33.5 to 0.35.3
- [Release notes](https://github.com/lovell/sharp/releases)
- [Commits](lovell/sharp@v0.33.5...v0.35.3)

Updates `starlight-llms-txt` from 0.5.1 to 0.11.0
- [Release notes](https://github.com/delucis/starlight-llms-txt/releases)
- [Changelog](https://github.com/delucis/starlight-llms-txt/blob/main/packages/starlight-llms-txt/CHANGELOG.md)
- [Commits](https://github.com/delucis/starlight-llms-txt/commits/starlight-llms-txt@0.11.0/packages/starlight-llms-txt)

Updates `starlight-openapi` from 0.22.1 to 0.26.0
- [Release notes](https://github.com/HiDeoo/starlight-openapi/releases)
- [Changelog](https://github.com/HiDeoo/starlight-openapi/blob/main/packages/starlight-openapi/CHANGELOG.md)
- [Commits](https://github.com/HiDeoo/starlight-openapi/commits/starlight-openapi@0.26.0/packages/starlight-openapi)

Updates `openapi-to-postmanv2` from 6.0.1 to 6.2.0
- [Release notes](https://github.com/postmanlabs/openapi-to-postman/releases)
- [Changelog](https://github.com/postmanlabs/openapi-to-postman/blob/develop/CHANGELOG.md)
- [Commits](postmanlabs/openapi-to-postman@v6.0.1...v6.2.0)

---
updated-dependencies:
- dependency-name: "@astrojs/sitemap"
  dependency-version: 3.7.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: non-major
- dependency-name: "@astrojs/starlight"
  dependency-version: 0.40.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: non-major
- dependency-name: astro
  dependency-version: 5.18.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: non-major
- dependency-name: astro-og-canvas
  dependency-version: 0.11.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: non-major
- dependency-name: js-cookie
  dependency-version: 3.0.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: non-major
- dependency-name: openapi-to-postmanv2
  dependency-version: 6.1.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: non-major
- dependency-name: sharp
  dependency-version: 0.35.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: non-major
- dependency-name: starlight-llms-txt
  dependency-version: 0.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: non-major
- dependency-name: starlight-openapi
  dependency-version: 0.25.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: non-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/non-major-1134482624 branch from a2aa271 to 9c6e3dc Compare July 2, 2026 21:55
@ejntaylor

Copy link
Copy Markdown
Contributor

Closing — this group can't be merged as-is. Verified locally: npm install fails with ERESOLVE:

```
peer astro@"^7.0.2" from @astrojs/starlight@0.41.2
```

Dependabot grouped @astrojs/starlight 0.41.2 (which requires Astro 7) with an astro that stays on 5.x — incompatible. The committed lockfile was evidently generated with --legacy-peer-deps, but a clean CI/Netlify install fails (matching the red checks).

The Starlight / starlight-openapi / starlight-llms-txt bumps are tied to an Astro major and shouldn't ship on Astro 5. Once #37 lands (Astro 6), Dependabot can regenerate; the 0.41 line requires Astro 7, so that's a separate future coordinated major upgrade.

@ejntaylor ejntaylor closed this Jul 8, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jul 8, 2026

Copy link
Copy Markdown
Contributor Author

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/non-major-1134482624 branch July 8, 2026 09:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant