Skip to content

build(deps): bump the npm_and_yarn group across 8 directories with 4 updates#286

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/examples/astro/npm_and_yarn-a5b3318c50
Open

build(deps): bump the npm_and_yarn group across 8 directories with 4 updates#286
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/examples/astro/npm_and_yarn-a5b3318c50

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Feb 28, 2026

Bumps the npm_and_yarn group with 1 update in the /examples/astro directory: @astrojs/node.
Bumps the npm_and_yarn group with 1 update in the /examples/next-js directory: next.
Bumps the npm_and_yarn group with 1 update in the /examples/next-js-15 directory: next.
Bumps the npm_and_yarn group with 1 update in the /examples/vite directory: vite.
Bumps the npm_and_yarn group with 1 update in the /integration-tests/test-apps/astro-4 directory: @astrojs/node.
Bumps the npm_and_yarn group with 1 update in the /integration-tests/test-apps/nextjs directory: next.
Bumps the npm_and_yarn group with 1 update in the /packages/bundle-analyzer directory: vite.
Bumps the npm_and_yarn group with 1 update in the /packages/rollup-plugin directory: rollup.

Updates @astrojs/node from 8.3.4 to 9.5.4

Release notes

Sourced from @​astrojs/node's releases.

@​astrojs/node@​9.5.4

Patch Changes

  • #15564 522f880 Thanks @​matthewp! - Add a default body size limit for server actions to prevent oversized requests from exhausting memory.

  • #15572 ef851bf Thanks @​matthewp! - Upgrade astro package support

    astro@5.17.3 includes a fix to prevent Action payloads from exhausting memory. @​astrojs/node now depends on this version of Astro as a minimum requirement.

@​astrojs/node@​9.5.3

Patch Changes

  • c13b536 Thanks @​matthewp! - Improves error page loading to read from disk first before falling back to configured host
Changelog

Sourced from @​astrojs/node's changelog.

9.5.4

Patch Changes

  • #15564 522f880 Thanks @​matthewp! - Add a default body size limit for server actions to prevent oversized requests from exhausting memory.

  • #15572 ef851bf Thanks @​matthewp! - Upgrade astro package support

    astro@5.17.3 includes a fix to prevent Action payloads from exhausting memory. @​astrojs/node now depends on this version of Astro as a minimum requirement.

9.5.3

Patch Changes

  • c13b536 Thanks @​matthewp! - Improves error page loading to read from disk first before falling back to configured host

9.5.2

Patch Changes

  • #15196 a8317c1 Thanks @​ematipico! - Fixes an issue where some prendered pages weren't correctly rendered when using the Node.js adapter in middleware mode.

  • #15169 b803d8b Thanks @​rururux! - fix: fix image 500 error when moving dist directory in standalone Node

9.5.1

Patch Changes

9.5.0

Minor Changes

  • #14441 62ec8ea Thanks @​upsuper! - Updates redirect handling to be consistent across static and server output, aligning with the behavior of other adapters.

    Previously, the Node.js adapter used default HTML files with meta refresh tags when in static output. This often resulted in an extra flash of the page on redirect, while also not applying the proper status code for redirections. It's also likely less friendly to search engines.

    This update ensures that configured redirects are always handled as HTTP redirects regardless of output mode, and the default HTML files for the redirects are no longer generated in static output. It makes the Node.js adapter more consistent with the other official adapters.

    No change to your project is required to take advantage of this new adapter functionality. It is not expected to cause any breaking changes. However, if you relied on the previous redirecting behavior, you may need to handle your redirects differently now. Otherwise you should notice smoother redirects, with more accurate HTTP status codes, and may potentially see some SEO gains.

9.4.6

Patch Changes

  • #14514 66a26d7 Thanks @​matthewp! - Fixes compatibility issue with older versions of Astro by making getAllowedDomains() call optional and updating peer dependency to require astro@^5.14.3

9.4.5

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​astrojs/node since your current version.


Updates next from 14.2.25 to 15.5.10

Release notes

Sourced from next's releases.

v15.5.10

Please refer the following changelogs for more information about this security release:

v15.4.11

Please see this changelog for more information about this security patch.

v15.3.9

Please see this changelog for more information about this security patch.

v15.2.9

Please see this changelog for more information about this security patch.

v15.1.12

Please see this changelog for more information about this security patch.

v15.0.8

Please see this changelog for more information about this security patch.

Commits

Updates next from 15.1.0 to 15.5.10

Release notes

Sourced from next's releases.

v15.5.10

Please refer the following changelogs for more information about this security release:

v15.4.11

Please see this changelog for more information about this security patch.

v15.3.9

Please see this changelog for more information about this security patch.

v15.2.9

Please see this changelog for more information about this security patch.

v15.1.12

Please see this changelog for more information about this security patch.

v15.0.8

Please see this changelog for more information about this security patch.

Commits

Updates vite from 6.3.5 to 6.4.1

Release notes

Sourced from vite's releases.

v6.4.1

Please refer to CHANGELOG.md for details.

v6.4.0

Please refer to CHANGELOG.md for details.

v6.3.7

Please refer to CHANGELOG.md for details.

v6.3.6

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

8.0.0-beta.16 (2026-02-27)

Features

Bug Fixes

  • deps: update all non-major dependencies (#21691) (521fdc0)
  • optimizer: avoid duplicate modules when preserveSymlinks is enabled (#21720) (72165e0)

Code Refactoring

Tests

8.0.0-beta.15 (2026-02-19)

Features

Bug Fixes

  • dev: only treat EADDRINUSE as port conflict in wildcard pre-check (#21642) (e54e25f)
  • dev: prevent concurrent server restarts (#21636) (8ce23a3)
  • dev: return "502 Bad Gateway" on proxy failures instead of 500 (#21652) (e240df2)

Performance Improvements

  • ssr: skip circular import check for already-evaluated modules (#21632) (235140b)
  • use tsconfig cache for oxc transform in dev (#21643) (57ff177)

Miscellaneous Chores

  • deps: remove fdir and @rollup/plugin-commonjs (#21639) (5abffd5)
  • deps: update dependency @​rollup/plugin-alias to v6 (#21097) (44b5bdf)

8.0.0-beta.14 (2026-02-12)

Features

Bug Fixes

... (truncated)

Commits
  • 0a0c50a refactor: simplify pluginFilter implementation (#19828)
  • 59d0b35 perf(css): avoid constructing renderedModules (#19775)
  • 175a839 fix: reject requests with # in request-target (#19830)
  • e2e11b1 fix(module-runner): allow already resolved id as entry (#19768)
  • 7200dee fix: correct the behavior when multiple transform filter options are specifie...
  • b125172 fix(css): remove empty chunk imports correctly when chunk file name contained...
  • 8fe3538 test: tweak generateCodeFrame test (#19812)
  • 36935b5 fix(types): remove the keepProcessEnv from the DefaultEnvironmentOptions ...
  • a0e1a04 docs(vite): fix description of transformIndexHtml hook (#19799)
  • 71227be fix: unbundle fdir to fix commonjsOptions.dynamicRequireTargets (#19791)
  • Additional commits viewable in compare view

Updates @astrojs/node from 8.3.4 to 9.5.4

Release notes

Sourced from @​astrojs/node's releases.

@​astrojs/node@​9.5.4

Patch Changes

  • #15564 522f880 Thanks @​matthewp! - Add a default body size limit for server actions to prevent oversized requests from exhausting memory.

  • #15572 ef851bf Thanks @​matthewp! - Upgrade astro package support

    astro@5.17.3 includes a fix to prevent Action payloads from exhausting memory. @​astrojs/node now depends on this version of Astro as a minimum requirement.

@​astrojs/node@​9.5.3

Patch Changes

  • c13b536 Thanks @​matthewp! - Improves error page loading to read from disk first before falling back to configured host
Changelog

Sourced from @​astrojs/node's changelog.

9.5.4

Patch Changes

  • #15564 522f880 Thanks @​matthewp! - Add a default body size limit for server actions to prevent oversized requests from exhausting memory.

  • #15572 ef851bf Thanks @​matthewp! - Upgrade astro package support

    astro@5.17.3 includes a fix to prevent Action payloads from exhausting memory. @​astrojs/node now depends on this version of Astro as a minimum requirement.

9.5.3

Patch Changes

  • c13b536 Thanks @​matthewp! - Improves error page loading to read from disk first before falling back to configured host

9.5.2

Patch Changes

  • #15196 a8317c1 Thanks @​ematipico! - Fixes an issue where some prendered pages weren't correctly rendered when using the Node.js adapter in middleware mode.

  • #15169 b803d8b Thanks @​rururux! - fix: fix image 500 error when moving dist directory in standalone Node

9.5.1

Patch Changes

9.5.0

Minor Changes

  • #14441 62ec8ea Thanks @​upsuper! - Updates redirect handling to be consistent across static and server output, aligning with the behavior of other adapters.

    Previously, the Node.js adapter used default HTML files with meta refresh tags when in static output. This often resulted in an extra flash of the page on redirect, while also not applying the proper status code for redirections. It's also likely less friendly to search engines.

    This update ensures that configured redirects are always handled as HTTP redirects regardless of output mode, and the default HTML files for the redirects are no longer generated in static output. It makes the Node.js adapter more consistent with the other official adapters.

    No change to your project is required to take advantage of this new adapter functionality. It is not expected to cause any breaking changes. However, if you relied on the previous redirecting behavior, you may need to handle your redirects differently now. Otherwise you should notice smoother redirects, with more accurate HTTP status codes, and may potentially see some SEO gains.

9.4.6

Patch Changes

  • #14514 66a26d7 Thanks @​matthewp! - Fixes compatibility issue with older versions of Astro by making getAllowedDomains() call optional and updating peer dependency to require astro@^5.14.3

9.4.5

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​astrojs/node since your current version.


Updates next from 14.2.25 to 15.5.10

Release notes

Sourced from next's releases.

v15.5.10

Please refer the following changelogs for more information about this security release:

v15.4.11

Please see this changelog for more information about this security patch.

v15.3.9

Please see this changelog for more information about this security patch.

v15.2.9

Please see this changelog for more information about this security patch.

v15.1.12

Please see this changelog for more information about this security patch.

v15.0.8

Please see this changelog for more information about this security patch.

Commits

Updates vite from 6.3.5 to 6.4.1

Release notes

Sourced from vite's releases.

v6.4.1

Please refer to CHANGELOG.md for details.

v6.4.0

Please refer to CHANGELOG.md for details.

v6.3.7

Please refer to CHANGELOG.md for details.

v6.3.6

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

8.0.0-beta.16 (2026-02-27)

Features

Bug Fixes

  • deps: update all non-major dependencies (#21691) (521fdc0)
  • optimizer: avoid duplicate modules when preserveSymlinks is enabled (#21720) (72165e0)

Code Refactoring

Tests

8.0.0-beta.15 (2026-02-19)

Features

Bug Fixes

  • dev: only treat EADDRINUSE as port conflict in wildcard pre-check (#21642) (e54e25f)
  • dev: prevent concurrent server restarts (#21636) (8ce23a3)
  • dev: return "502 Bad Gateway" on proxy failures instead of 500 (#21652) (e240df2)

Performance Improvements

  • ssr: skip circular import check for already-evaluated modules (#21632) (235140b)
  • use tsconfig cache for oxc transform in dev (#21643) (57ff177)

Miscellaneous Chores

  • deps: remove fdir and @rollup/plugin-commonjs (#21639) (5abffd5)
  • deps: update dependency @​rollup/plugin-alias to v6 (#21097) (44b5bdf)

8.0.0-beta.14 (2026-02-12)

Features

Bug Fixes

... (truncated)

Commits
  • 0a0c50a refactor: simplify pluginFilter implementation (#19828)
  • 59d0b35 perf(css): avoid constructing renderedModules (#19775)
  • 175a839 fix: reject requests with # in request-target (#19830)
  • e2e11b1 fix(module-runner): allow already resolved id as entry (#19768)
  • 7200dee fix: correct the behavior when multiple transform filter options are specifie...
  • b125172 fix(css): remove empty chunk imports correctly when chunk file name contained...
  • 8fe3538 test: tweak generateCodeFrame test (#19812)
  • 36935b5 fix(types): remove the keepProcessEnv from the DefaultEnvironmentOptions ...
  • a0e1a04 docs(vite): fix description of transformIndexHtml hook (#19799)
  • 71227be fix: unbundle fdir to fix commonjsOptions.dynamicRequireTargets (#19791)
  • Additional commits viewable in compare view

Updates rollup from 4.22.4 to 4.59.0

Release notes

Sourced from rollup's releases.

v4.59.0

4.59.0

2026-02-22

Features

  • Throw when the generated bundle contains paths that would leave the output directory (#6276)

Pull Requests

v4.58.0

4.58.0

2026-02-20

Features

  • Also support __NO_SIDE_EFFECTS__ annotation before variable declarations declaring function expressions (#6272)

Pull Requests

v4.57.1

4.57.1

2026-01-30

Bug Fixes

  • Fix heap corruption issue in Windows (#6251)
  • Ensure exports of a dynamic import are fully included when called from a try...catch (#6254)

Pull Requests

... (truncated)

Changelog

Sourced from rollup's changelog.

4.59.0

2026-02-22

Features

  • Throw when the generated bundle contains paths that would leave the output directory (#6276)

Pull Requests

4.58.0

2026-02-20

Features

  • Also support __NO_SIDE_EFFECTS__ annotation before variable declarations declaring function expressions (#6272)

Pull Requests

4.57.1

2026-01-30

Bug Fixes

  • Fix heap corruption issue in Windows (#6251)
  • Ensure exports of a dynamic import are fully included when called from a try...catch (#6254)

Pull Requests

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for rollup since your current version.

Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
build(deps): bump the npm_and_yarn group across 8 directories with 4 …
4364354 
…updates

Bumps the npm_and_yarn group with 1 update in the /examples/astro directory: [@astrojs/node](https://github.com/withastro/astro/tree/HEAD/packages/integrations/node).
Bumps the npm_and_yarn group with 1 update in the /examples/next-js directory: [next](https://github.com/vercel/next.js).
Bumps the npm_and_yarn group with 1 update in the /examples/next-js-15 directory: [next](https://github.com/vercel/next.js).
Bumps the npm_and_yarn group with 1 update in the /examples/vite directory: [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite).
Bumps the npm_and_yarn group with 1 update in the /integration-tests/test-apps/astro-4 directory: [@astrojs/node](https://github.com/withastro/astro/tree/HEAD/packages/integrations/node).
Bumps the npm_and_yarn group with 1 update in the /integration-tests/test-apps/nextjs directory: [next](https://github.com/vercel/next.js).
Bumps the npm_and_yarn group with 1 update in the /packages/bundle-analyzer directory: [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite).
Bumps the npm_and_yarn group with 1 update in the /packages/rollup-plugin directory: [rollup](https://github.com/rollup/rollup).


Updates `@astrojs/node` from 8.3.4 to 9.5.4
- [Release notes](https://github.com/withastro/astro/releases)
- [Changelog](https://github.com/withastro/astro/blob/@astrojs/node@9.5.4/packages/integrations/node/CHANGELOG.md)
- [Commits](https://github.com/withastro/astro/commits/@astrojs/node@9.5.4/packages/integrations/node)

Updates `next` from 14.2.25 to 15.5.10
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](vercel/next.js@v14.2.25...v15.5.10)

Updates `next` from 15.1.0 to 15.5.10
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](vercel/next.js@v14.2.25...v15.5.10)

Updates `vite` from 6.3.5 to 6.4.1
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/create-vite@6.4.1/packages/vite)

Updates `@astrojs/node` from 8.3.4 to 9.5.4
- [Release notes](https://github.com/withastro/astro/releases)
- [Changelog](https://github.com/withastro/astro/blob/@astrojs/node@9.5.4/packages/integrations/node/CHANGELOG.md)
- [Commits](https://github.com/withastro/astro/commits/@astrojs/node@9.5.4/packages/integrations/node)

Updates `next` from 14.2.25 to 15.5.10
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](vercel/next.js@v14.2.25...v15.5.10)

Updates `vite` from 6.3.5 to 6.4.1
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/create-vite@6.4.1/packages/vite)

Updates `rollup` from 4.22.4 to 4.59.0
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](rollup/rollup@v4.22.4...v4.59.0)

---
updated-dependencies:
- dependency-name: "@astrojs/node"
  dependency-version: 9.5.4
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: next
  dependency-version: 15.5.10
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: next
  dependency-version: 15.5.10
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: vite
  dependency-version: 6.4.1
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: "@astrojs/node"
  dependency-version: 9.5.4
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: next
  dependency-version: 15.5.10
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: vite
  dependency-version: 6.4.1
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: rollup
  dependency-version: 4.59.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Feb 28, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants