public-backup/astro
1
0
Fork 0
mirror of https://github.com/withastro/astro.git synced 2025-12-05 18:56:38 -06:00
Code Issues Packages Projects Releases Wiki Activity
13,072 Commits 360 Branches 2,738 Tags
main
Commit Graph

5404 Commits

Author SHA1 Message Date
Antony Faris
4264a36571 fix: svelte 5 prop types (#14934) 2025-12-05 11:05:28 +01:00
Darknab
ef53716f93 fix(content): warn on duplicate Markdown content entry IDs (#14901) 2025-12-05 09:04:27 +01:00
Matt Kane
70eb542f3b feat: print a more helpful error message for output: hybrid (#14958) 
* feat: print a more helpful error message for `output: hybrid`

* Add type predicate
 2025-12-04 12:02:43 +00:00
五月七日千緒
d8305f8abd fix: preserve HAST properties in image processing (#14902) 
Co-authored-by: Florian Lefebvre <contact@florian-lefebvre.dev>
 2025-12-04 10:01:50 +01:00
Houston (Bot)
141c676df1 [ci] release (#14930) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-12-03 17:01:59 +00:00
Danilo Velasquez Urrutia
385be1bc6e fix: updates to 0.0.67 which fixes #14544 (#14950) 2025-12-03 10:22:29 +01:00
Emanuele Stoppa
2cf79c23c2 fix(csp): deduplicate CSP resources (#14940) 
Co-authored-by: Florian Lefebvre <contact@florian-lefebvre.dev>
Co-authored-by: Sarah Rainsberger <5098874+sarah11918@users.noreply.github.com>
 2025-12-02 14:22:05 +00:00
Houston (Bot)
33333e8ca1 [ci] release (#14922) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-11-29 13:55:24 -05:00
Matthew Phillips
e0f277d924 fix: prevent authentication bypass via double URL encoding in middleware (#14929) 
* fix: prevent authentication bypass via double URL encoding in middleware

Validates that URL pathnames are not multi-level encoded, preventing attackers from bypassing path-based auth checks like `/%2561dmin` to access protected routes. Returns 404 consistently in both dev and prod.

* PR comment stuff

* fix tests

* fix linting

* linting
 2025-11-29 13:53:06 -05:00
Florian Lefebvre
4bceeb0c71 fix: actions infer symbol (#14889) 2025-11-28 09:19:41 +01:00
Houston (Bot)
e82358cf7e [ci] release (#14918) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-11-27 17:34:03 +01:00
Erika
f00aa2bf16 fix(ci): Try building package before deleting dependencies for vscode (#14916) 
* fix(ci): Do not prebuild ts-plugin after deleting node_modules in vscode publishing

* fix: try another strategy
 2025-11-27 17:22:18 +01:00
Florian Lefebvre
b43dc7f28d fix(astro): assets vite build log (#14876) 2025-11-27 09:24:17 +01:00
Florian Lefebvre
10273e0135 fix: 404 status in ssr (#14884) 2025-11-27 09:23:53 +01:00
Houston (Bot)
63943934c3 [ci] release (#14913) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-11-26 17:18:54 +01:00
Erika
fcdf52fe0e chore: changeset (#14911) 2025-11-26 17:11:08 +01:00
Houston (Bot)
86faf3f77a [ci] release (#14910) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-11-26 16:24:03 +01:00
Erika
629d86b827 chore: changeset (#14909) 2025-11-26 16:11:46 +01:00
Houston (Bot)
7523a1f187 [ci] release (#14907) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-11-26 15:03:35 +01:00
Roman Hauksson
c6903cd6ce Fix description for "Content-intellisense" VSC extension setting (#14710) 
* Fix description for "Content-intellisense" VSC extension setting

* Add changeset

* Update changeset description
 2025-11-26 14:58:37 +01:00
Armand Philippot
abfed97d45 fix: replace withastro/language-tools mentions (#14740) 
* fix: replace `withastro/language-tools` mentions

* docs: add changeset
 2025-11-26 14:58:29 +01:00
Houston (Bot)
09bbdbb1e6 [ci] release (#14845) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-11-26 11:30:07 +01:00
Chris Swithinbank
1ad9a5b3e7 Fix AstroContainer usage in Vitest client environments (#14894) 2025-11-25 16:01:17 +01:00
jmgala
c17767a07c allow turning the local Netlify Image CDN on/off in dev (#14807) 
Co-authored-by: Florian Lefebvre <contact@florian-lefebvre.dev>
 2025-11-25 15:27:29 +01:00
Florian Lefebvre
abed9294ce fix: sync override settings (#14782) 2025-11-25 09:05:39 +01:00
Ibim Braide
9720b7009c fix(cloudflare): eliminate duplicate import warnings during build (#14777) 
Co-authored-by: Florian Lefebvre <contact@florian-lefebvre.dev>
 2025-11-24 11:28:07 +01:00
Adrian
b43ee71bd0 fix(errors): add type check to error (#14769) 
Co-authored-by: Emanuele Stoppa <my.burning@gmail.com>
 2025-11-24 11:13:09 +01:00
Johan Rouve
345eb22bbe fix: add missing button attribute command & commandfor (#14761) 
Co-authored-by: Florian Lefebvre <contact@florian-lefebvre.dev>
 2025-11-24 11:09:37 +01:00
Roman
65e214b07b fix: Correctly mark Astro.glob as deprecated (#14866) 
Co-authored-by: Florian Lefebvre <contact@florian-lefebvre.dev>
 2025-11-24 09:17:24 +01:00
Drew Powers
9a284cd1de fix: Allow node: prefix for Node builtins for Vercel middleware (#14839) 2025-11-20 16:10:56 -05:00
Houston (Bot)
e8786795fc [ci] release (#14808) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-11-20 08:16:08 -05:00
Azat S.
1a2ed01c92 feat: add SVGO optimization support for SVG assets (#13880) 
Co-authored-by: Sarah Rainsberger <5098874+sarah11918@users.noreply.github.com>
Co-authored-by: Florian Lefebvre <contact@florian-lefebvre.dev>
 2025-11-19 18:05:16 +01:00
Emanuele Stoppa
e1dd377398 fix: remove picocolors (#14813) 2025-11-19 15:44:45 +00:00
Jacob Lamb
4356485b0f feat(cli): Add preview shortcuts (#14574) 
Co-authored-by: Emanuele Stoppa <my.burning@gmail.com>
Co-authored-by: Sarah Rainsberger <5098874+sarah11918@users.noreply.github.com>
Co-authored-by: Florian Lefebvre <contact@florian-lefebvre.dev>
 2025-11-19 16:32:04 +01:00
Philippe Serhal
0419985d94 fix(deps): bump to @netlify/functions v5 to shave 82 MB from @astrojs/netlify (#14716) 
Co-authored-by: Florian Lefebvre <contact@florian-lefebvre.dev>
 2025-11-19 16:29:32 +01:00
Matt Kane
2e845fe56d feat: add hint about astro add --yes flag (#14810) 
Co-authored-by: Sarah Rainsberger <5098874+sarah11918@users.noreply.github.com>
Co-authored-by: Florian Lefebvre <contact@florian-lefebvre.dev>
 2025-11-19 16:29:11 +01:00
Maurici Abad Gutierrez
f42ff9bd5b feat: Add ActionInputSchema utility type (#14698) 
Co-authored-by: Sarah Rainsberger <5098874+sarah11918@users.noreply.github.com>
Co-authored-by: Florian Lefebvre <contact@florian-lefebvre.dev>
 2025-11-19 16:28:22 +01:00
Florian Lefebvre
c29a785d57 feat(fonts)!: update default subsets (#14796) 2025-11-19 15:11:03 +01:00
Florian Lefebvre
d774306c51 refactor(cli): info (#14609) 2025-11-19 11:29:37 +01:00
Houston (Bot)
7a07f0244c [ci] release (#14788) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-11-17 14:26:07 -05:00
Mehdi El Fadil
758a891112 fix(astro): handle invalid encrypted props in server island (#14786) 
* fix(astro): handle invalid encrypted props in server island #14768

* adjust changelog content to format guidelines

* remove unused err variable

as per linter analysis

* set a value in encryptedProps which triggers the right error

 rather than .

* be nice to linter and typescript checks

(attempt to)

* send a 400 bad response when encrypted slots are invalid

* Add type to decryptedSlots
 2025-11-17 14:14:56 -05:00
ktym4a
3537876fde fix: passthroughImageService generate webp (#14776) 
* test: Add passthrough-image-service fixture with config, assets, and page

* test: Add tests to verify passthrough image service preserves formats and tags

* fix: Add validateOptions to noopService to handle transform images

* chore: Add changeset

* chore: Fix changeset

* fix: Simplify noop service by removing ESM image check and format field
 2025-11-17 19:50:13 +01:00
Erika
9e9c528191 fix: require explicit authorization to use data urls (#14791) 
* fix: require explicit authorization to use data urls

* chore: changeset

* fix: extend tests

* fix: tests

* fix: test
 2025-11-17 19:15:23 +01:00
Matthew Phillips
0f75f6bc63 Fix wildcard hostname matching to reject hostnames without dots (#14787) 
* Fix wildcard hostname matching to reject hostnames without dots

* Update .changeset/fix-wildcard-hostname-matching.md

Co-authored-by: Florian Lefebvre <contact@florian-lefebvre.dev>

---------

Co-authored-by: Florian Lefebvre <contact@florian-lefebvre.dev>
 2025-11-17 10:18:27 -05:00
Florian Lefebvre
504958fe7f feat(fonts): log number of downloaded files (#14783) 2025-11-17 15:21:39 +01:00
Houston (Bot)
60af4d0a1a [ci] release (#14773) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-11-15 09:21:37 -05:00
Matthew Phillips
00c579a233 server islands - encrypted slots (#14772) 
* fix(server-islands): require encrypted slots

Encrypt slots client-side and decrypt server-side to prevent injection attacks, matching the security model used for props.

* Update packages/astro/src/core/server-islands/endpoint.ts

Co-authored-by: Emanuele Stoppa <my.burning@gmail.com>

* lame changeset thing

* another

* linting

* update another test

---------

Co-authored-by: Emanuele Stoppa <my.burning@gmail.com>
 2025-11-15 09:10:53 -05:00
Matthew Phillips
6f80081351 Fix middleware pathname matching by normalizing URL-encoded paths (#14771) 
* Fix middleware pathname matching by normalizing URL-encoded paths

Middleware now receives normalized pathname values, ensuring that encoded paths like /%61dmin are properly decoded to /admin before middleware checks. This prevents potential security issues where middleware checks might be bypassed through URL encoding.

- Normalize pathnames in dev server request handling (request.ts)
- Normalize pathnames in SSR render context (render-context.ts)
- Add tests for path encoding in middleware

* fix actions test

* use try/finally

* we don't actually need the actions change after all
 2025-11-15 09:07:04 -05:00
Houston (Bot)
ebc4b1cde8 [ci] release (#14764) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-11-14 12:04:36 +01:00
Florian Lefebvre
03fb47c010 fix(astro): populate process.env during build (#14765) 2025-11-14 12:02:17 +01:00