Bump vite and astro

[dependabot]

Bumps vite and astro. These dependencies needed to be updated together.
Updates vite from 4.2.1 to 8.0.7

Release notes

Sourced from vite's releases.

v8.0.7

Please refer to CHANGELOG.md for details.

v8.0.6

Please refer to CHANGELOG.md for details.

v8.0.5

Please refer to CHANGELOG.md for details.

v8.0.4

Please refer to CHANGELOG.md for details.

create-vite@8.0.3

Please refer to CHANGELOG.md for details.

v8.0.3

Please refer to CHANGELOG.md for details.

create-vite@8.0.2

Please refer to CHANGELOG.md for details.

v8.0.2

Please refer to CHANGELOG.md for details.

create-vite@8.0.1

Please refer to CHANGELOG.md for details.

v8.0.1

Please refer to CHANGELOG.md for details.

plugin-legacy@8.0.1

Please refer to CHANGELOG.md for details.

create-vite@8.0.0

Please refer to CHANGELOG.md for details.

plugin-legacy@8.0.0

Please refer to CHANGELOG.md for details.

v8.0.0

Please refer to CHANGELOG.md for details.

v8.0.0-beta.18

Please refer to CHANGELOG.md for details.

v8.0.0-beta.17

Please refer to CHANGELOG.md for details.

v8.0.0-beta.16

Please refer to CHANGELOG.md for details.

... (truncated)

Changelog

Sourced from vite's changelog.

8.0.7 (2026-04-07)

Bug Fixes

• use sync dns.getDefaultResultOrder instead of dns.promises (#22185) (5c05b04)

8.0.6 (2026-04-07)

Features

• update rolldown to 1.0.0-rc.13 (#22097) (51d3e48)

Bug Fixes

• css: avoid mutating sass error multiple times (#22115) (d5081c2)
• optimize-deps: hoist CJS interop assignment (#22156) (17a8f9e)

Performance Improvements

• early return in getLocalhostAddressIfDiffersFromDNS when DNS order is verbatim (#22151) (56ec256)

Miscellaneous Chores

• create-vite: remove unnecessary DOM.Iterable (#22168) (bdc53ab)
• replace remaining prettier script (#22179) (af71fb2)

8.0.5 (2026-04-06)

Bug Fixes

• apply server.fs check to env transport (#22159) (f02d9fd)
• avoid path traversal with optimize deps sourcemap handler (#22161) (79f002f)
• check server.fs after stripping query as well (#22160) (a9a3df2)
• disallow referencing files outside the package from sourcemap (#22158) (f05f501)

8.0.4 (2026-04-06)

Features

• allow esbuild 0.28 as peer deps (#22155) (b0da973)
• hmr: truncate list of files on hmr update (#21535) (d00e806)
• optimizer: log when dependency scanning or bundling takes over 1s (#21797) (f61a1ab)

Bug Fixes

• hasBothRollupOptionsAndRolldownOptions should return false for proxy case (#22043) (99897d2)
• add types for vite/modulepreload-polyfill (#22126) (17330d2)
• deps: update all non-major dependencies (#22073) (6daa10f)
• deps: update all non-major dependencies (#22143) (22b0166)
• resolve: resolve tsconfig paths starting with # (#22038) (3460fc5)
• ssr: use browser platform for webworker SSR builds (fix #21969) (#21963) (364c227)

Documentation

... (truncated)

Commits

• fdb2e6f release: v8.0.7
• 5c05b04 fix: use sync dns.getDefaultResultOrder instead of dns.promises (#22185)
• 7b3086f release: v8.0.6
• af71fb2 chore: replace remaining prettier script (#22179)
• 51d3e48 feat: update rolldown to 1.0.0-rc.13 (#22097)
• 17a8f9e fix(optimize-deps): hoist CJS interop assignment (#22156)
• d5081c2 fix(css): avoid mutating sass error multiple times (#22115)
• 56ec256 perf: early return in getLocalhostAddressIfDiffersFromDNS when DNS order is...
• bdc53ab chore(create-vite): remove unnecessary DOM.Iterable (#22168)
• 1a12d4c release: v8.0.5
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for vite since your current version.

Updates astro from 2.2.3 to 6.1.4

Release notes

Sourced from astro's releases.

astro@6.1.4

Patch Changes

• #16197 21f9fe2 Thanks @​SchahinRohani! - Remove unused re-exports from assets/utils barrel file to fix Vite build warning

• #16059 6d5469e Thanks @​matthewp! - Fixes Expected 'miniflare' to be defined errors and 404 responses in dev mode when using the Cloudflare adapter and the config file changes. Instead of creating a brand new Vite server on config changes, Astro now performs a Vite in-place restart, allowing the Cloudflare adapter to reuse its existing miniflare instance across restarts.

• #16154 7610ba4 Thanks @​Desel72! - Fixes pages with dots in their filenames (e.g. hello.world.astro) returning 404 when accessed with a trailing slash in the dev server. The trailingSlashForPath function now only forces trailingSlash: 'never' for endpoints with file extensions, allowing pages to correctly respect the user's trailingSlash config.

• #16193 23425e2 Thanks @​matthewp! - Fixes trailingSlash: "always" producing redirect HTML instead of the actual response for extensionless endpoints during static builds

astro@6.1.3

Patch Changes

• #16161 b51f297 Thanks @​matthewp! - Fixes a dev rendering issue with the Cloudflare adapter where head metadata could be missing and dev CSS/scripts could be injected in the wrong place

• #16110 de669f0 Thanks @​tmimmanuel! - Fixes skew protection query parameters not being appended to inter-chunk JavaScript imports in client bundles, which could cause version mismatches during rolling deployments on Vercel

• #16162 a0a49e9 Thanks @​rururux! - Fixes an issue where HMR would not trigger when modifying files while using @​astrojs/cloudflare with prerenderEnvironment: 'node' enabled.

• #16142 7454854 Thanks @​rururux! - Fixes HTML content being incorrectly escaped as plain text when rendering a MDX component using the AstroContainer APIs.

• #16116 12602a9 Thanks @​riderx! - Fixes a bug where page-level CSS could leak between unrelated pages when traversing style parents across top-level route boundaries

• #16178 a7e7567 Thanks @​matthewp! - Fixes SSR builds failing with "No matching renderer found" when a project only has injected routes and no src/pages/ directory

astro@6.1.2

Patch Changes

• #16104 47a394d Thanks @​matthewp! - Fixes astro preview ignoring vite.preview.allowedHosts set in astro.config.mjs

• #16047 711f837 Thanks @​matthewp! - Fixes catch-all routes incorrectly intercepting requests for static assets when using the @astrojs/node adapter in middleware mode.

• #15981 a60cbb6 Thanks @​moktamd! - Fix Zod v4 validation error formatting to show human-readable messages instead of raw JSON

astro@6.1.1

Patch Changes

• #16105 23d60de Thanks @​matthewp! - Fix dev toolbar audit crash when encountering the image ARIA role

• #16089 999c875 Thanks @​martrapp! - Fixes an issue with the client router where Vue's :deep() notation was ignored in dev mode.

astro@6.1.0

Minor Changes

• #15804 a5e7232 Thanks @​merlinnot! - Allows setting codec-specific defaults for Astro's built-in Sharp image service via image.service.config.

  You can now configure encoder-level options such as jpeg.mozjpeg, webp.effort, webp.alphaQuality, avif.effort, avif.chromaSubsampling, and png.compressionLevel when using astro/assets/services/sharp for compile-time image generation.

  These settings apply as defaults for the built-in Sharp pipeline, while per-image quality still takes precedence when set on <Image />, <Picture />, or getImage().

... (truncated)

Changelog

Sourced from astro's changelog.

2.10.14

Patch Changes

• #8206 52606a390 Thanks @​martrapp! - fix: View Transition: swap attributes of document's root element

2.10.13

Patch Changes

• #8152 582132328 Thanks @​andremralves! - Displays a new config error if outDir is placed within publicDir.

• #8166 fddd4dc71 Thanks @​martrapp! - ViewTransitions: Fixes in the client-side router

• #8182 cfc465dde Thanks @​martrapp! - View Transitions: self link (href="") does not trigger page reload

• #8171 95120efbe Thanks @​Princesseuh! - Fix missing type for imageConfig export from astro:assets

• #8187 273335cb0 Thanks @​bluwy! - Fix Astro components parent-child render order

• #8184 9142178b1 Thanks @​martrapp! - Fix: The scrolling behavior of ViewTransitions is now more similar to the expected browser behavior

• #8163 179796405 Thanks @​delucis! - Make typing of defineCollection more permissive to support advanced union and intersection types

2.10.12

Patch Changes

• #8144 04caa99c4 Thanks @​lilnasy! - Fixed an issue where data entries' id included backslashes instead of forward slashes on Windows.

2.10.11

Patch Changes

• #8136 97c8760d7 Thanks @​andremralves! - Fix 404 response leading to an infinite loop when there is no 404 page.

2.10.10

Patch Changes

• #8127 b12c8471f Thanks @​natemoo-re! - Do not throw Error when users pass an object with a "type" property

• #8092 7177f7579 Thanks @​natemoo-re! - Ensure dotfiles are cleaned during static builds

• #8122 fa6b68a77 Thanks @​natemoo-re! - Improve fidelity of time stats when running astro build

• #8070 097a8e4e9 Thanks @​lilnasy! - Fix a handful of edge cases with prerendered 404/500 pages

• #8123 1f6497c33 Thanks @​natemoo-re! - Open to configured base when astro dev --open runs

... (truncated)

Commits

• 2c9bf5e [ci] release (#16182)
• 5557dca feat: erasableSyntaxOnly (#15719)
• 23425e2 Fix trailingSlash for extensionless endpoints in static builds (#16193)
• 21f9fe2 fix(astro): remove unused re-exports causing Vite build warning (#16197)
• 6d5469e Preserve Cloudflare miniflare instance across dev server config restarts (#16...
• 604f939 [ci] format
• 080d867 test: increase testing coverage (#16189)
• 3cd1b16 fix(e2e): remove bogus Node.js import breaking actions-blog tests (#16183)
• 7610ba4 Fix periods in URLs with trailing slashes causing 404s in dev server (#16154)
• b5b8093 [ci] release (#16159)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for astro since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.