Update astro monorepo (major)

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@astrojs/mdx (source)	^0.19.7 -> ^4.0.0
@astrojs/partytown (source)	^1.2.3 -> ^2.0.0
@astrojs/rss (source)	^2.4.4 -> ^4.0.0
@astrojs/sitemap (source)	^2.0.1 -> ^3.0.0
astro (source)	^2.10.3 -> ^5.0.0

---

Release Notes

withastro/astro (@​astrojs/mdx)

v4.0.1

Compare Source

Patch Changes

• #​12594 4f2fd0a Thanks @​Princesseuh! - Fixes compatibility with Astro 5

v4.0.0

Compare Source

Major Changes

• #​12231 90ae100 Thanks @​bluwy! - Handles the breaking change in Astro where content pages (including .mdx pages located within src/pages/) no longer respond with charset=utf-8 in the Content-Type header.

  For MDX pages without layouts, @astrojs/mdx will automatically add the <meta charset="utf-8"> tag to the page by default. This reduces the boilerplate needed to write with non-ASCII characters. If your MDX pages have a layout, the layout component should include the <meta charset="utf-8"> tag.

  If you require charset=utf-8 to render your page correctly, make sure that your layout components have the <meta charset="utf-8"> tag added.

• #​12008 5608338 Thanks @​Princesseuh! - Welcome to the Astro 5 beta! This release has no changes from the latest alpha of this package, but it does bring us one step closer to the final, stable release.

  Starting from this release, no breaking changes will be introduced unless absolutely necessary.

  To learn how to upgrade, check out the Astro v5.0 upgrade guide in our beta docs site.

Minor Changes

• #​12539 827093e Thanks @​bluwy! - Drops node 21 support

• #​11741 6617491 Thanks @​bluwy! - Updates adapter server entrypoint to use @astrojs/mdx/server.js

  This is an internal change. Handling JSX in your .mdx files has been moved from Astro internals and is now the responsibility of this integration. You should not notice a change in your project, and no update to your code is required.

Patch Changes

• #​12075 a19530e Thanks @​bluwy! - Parses frontmatter ourselves

• #​11861 3ab3b4e Thanks @​bluwy! - Updates @astrojs/markdown-remark and handle its breaking changes

• #​12533 1b61fdf Thanks @​ematipico! - Fixes a case where the MDX renderer couldn't be loaded when used as a direct dependency of an Astro integration.

• Updated dependencies [3ab3b4e, 5608338, 560ef15, 83a2a64, 3ab3b4e, a19530e]:

  • @​astrojs/markdown-remark@​6.0.0

v3.1.9

Compare Source

Patch Changes

• #​12245 1d4f6a4 Thanks @​bmenant! - Add components property to MDXInstance type definition (RenderResult and module import)

v3.1.8

Compare Source

Patch Changes

• Updated dependencies [710a1a1]:
  • @​astrojs/markdown-remark@​5.3.0

v3.1.7

Compare Source

Patch Changes

• #​12026 40e7a1b Thanks @​bluwy! - Initializes the MDX processor only when there's .mdx files

v3.1.6

Compare Source

Patch Changes

• #​11975 c9ae7b1 Thanks @​bluwy! - Handles nested root hast node when optimizing MDX

v3.1.5

Compare Source

Patch Changes

• #​11818 88ef1d0 Thanks @​bluwy! - Fixes CSS in the layout component to be ordered first before any other components in the MDX file

v3.1.4

Compare Source

Patch Changes

• #​11717 423614e Thanks @​bluwy! - Fixes stack trace location when failed to parse an MDX file with frontmatter

v3.1.3

Compare Source

Patch Changes

• Updated dependencies [49b5145]:
  • @​astrojs/markdown-remark@​5.2.0

v3.1.2

Compare Source

Patch Changes

• Updated dependencies [b6afe6a]:
  • @​astrojs/markdown-remark@​5.1.1

v3.1.1

Compare Source

Patch Changes

• #​11263 7d59750 Thanks @​wackbyte! - Refactor to use Astro's integration logger for logging

v3.1.0

Compare Source

Minor Changes

• #​11144 803dd80 Thanks @​ematipico! - The integration now exposes a function called getContainerRenderer, that can be used inside the Container APIs to load the relative renderer.

  import { experimental_AstroContainer as AstroContainer } from 'astro/container';
  import ReactWrapper from '../src/components/ReactWrapper.astro';
  import { loadRenderers } from 'astro:container';
  import { getContainerRenderer } from '@​astrojs/react';
  
  test('ReactWrapper with react renderer', async () => {
    const renderers = await loadRenderers([getContainerRenderer()]);
    const container = await AstroContainer.create({
      renderers,
    });
    const result = await container.renderToString(ReactWrapper);
  
    expect(result).toContain('Counter');
    expect(result).toContain('Count: <!-- -->5');
  });

v3.0.1

Compare Source

Patch Changes

• #​10813 3cc3e2c Thanks @​Xetera! - Omitting compiler-internal symbol from user components to fix breaking error messages

v3.0.0

Compare Source

Major Changes

• #​10935 ddd8e49 Thanks @​bluwy! - Refactors the MDX transformation to rely only on the unified pipeline. Babel and esbuild transformations are removed, which should result in faster build times. The refactor requires using Astro v4.8.0 but no other changes are necessary.

• #​10935 ddd8e49 Thanks @​bluwy! - Allows integrations after the MDX integration to update markdown.remarkPlugins and markdown.rehypePlugins, and have the plugins work in MDX too.

  If your integration relies on Astro's previous behavior that prevents integrations from adding remark/rehype plugins for MDX, you will now need to configure @astrojs/mdx with extendMarkdownConfig: false and explicitly specify any remarkPlugins and rehypePlugins options instead.

• #​10935 ddd8e49 Thanks @​bluwy! - Renames the optimize.customComponentNames option to optimize.ignoreElementNames to better reflect its usecase. Its behaviour is not changed and should continue to work as before.

• #​10935 ddd8e49 Thanks @​bluwy! - Replaces the internal remark-images-to-component plugin with rehype-images-to-component to let users use additional rehype plugins for images

Patch Changes

• #​10935 ddd8e49 Thanks @​bluwy! - Simplifies plain MDX components as hast element nodes to further improve HTML string inlining for the optimize option

• #​10935 ddd8e49 Thanks @​bluwy! - Allows Vite plugins to transform .mdx files before the MDX plugin transforms it

• #​10935 ddd8e49 Thanks @​bluwy! - Updates the optimize option to group static sibling nodes as a <Fragment />. This reduces the number of AST nodes and simplifies runtime rendering of MDX pages.

• #​10935 ddd8e49 Thanks @​bluwy! - Tags the MDX component export for quicker component checks while rendering

• #​10935 ddd8e49 Thanks @​bluwy! - Fixes export const components keys detection for the optimize option

• #​10935 ddd8e49 Thanks @​bluwy! - Improves optimize handling for MDX components with attributes and inline MDX components

v2.3.1

Compare Source

Patch Changes

• #​10754 3e7a12c8532411e580fcfdb8445cad8fc8499291 Thanks @​rishi-raj-jain! - Fixes an issue where images in MDX required a relative specifier (e.g. ./)

  Now, you can use the standard ![](img.png) syntax in MDX files for images colocated in the same folder: no relative specifier required!

  There is no need to update your project; your existing images will still continue to work. However, you may wish to remove any relative specifiers from these MDX images as they are no longer necessary:

  - ![A cute dog](./dog.jpg)
  + ![A cute dog](dog.jpg)
  <!-- This dog lives in the same folder as my article! -->

• #​10770 88ee63a3ba4488c60348cb821034e6d4a057efd0 Thanks @​bluwy! - Removes internal MDX processor on buildEnd to free up memory

v2.3.0

Compare Source

Minor Changes

• #​10689 683d51a5eecafbbfbfed3910a3f1fbf0b3531b99 Thanks @​ematipico! - Deprecate support for versions of Node.js older than v18.17.1 for Node.js 18, older than v20.0.3 for Node.js 20, and the complete Node.js v19 release line.

  This change is in line with Astro's Node.js support policy.

Patch Changes

• Updated dependencies [ccafa8d230f65c9302421a0ce0a0adc5824bfd55]:
  • @​astrojs/markdown-remark@​5.1.0

v2.2.4

Compare Source

Patch Changes

• #​10673 db7f9c87035a0de780536d95cdd9facff00c3c08 Thanks @​bluwy! - Removes unnecessary internal recmaInjectImportMetaEnv plugin

v2.2.3

Compare Source

Patch Changes

• Updated dependencies [2cf116f80cb5e421ab5cc5eb4a654e7b78c1b8de, 374efcdff9625ca43309d89e3b9cfc9174351512]:
  • @​astrojs/markdown-remark@​5.0.0

v2.2.2

Compare Source

Patch Changes

• Updated dependencies [c585528f446ccca3d4c643f4af5d550b93c18902]:
  • @​astrojs/markdown-remark@​4.3.2

v2.2.1

Compare Source

Patch Changes

• Updated dependencies [19e42c368184013fc30d1e46753b9e9383bb2bdf]:
  • @​astrojs/markdown-remark@​4.3.1

v2.2.0

Compare Source

Minor Changes

• #​10104 a31bbd7ff8f3ec62ee507f72d1d25140b82ffc18 Thanks @​remcohaszing! - Changes Astro's internal syntax highlighting to use rehype plugins instead of remark plugins. This provides better interoperability with other rehype plugins that deal with code blocks, in particular with third party syntax highlighting plugins and rehype-mermaid.

  This may be a breaking change if you are currently using:

  • a remark plugin that relies on nodes of type html
  • a rehype plugin that depends on nodes of type raw.

  Please review your rendered code samples carefully, and if necessary, consider using a rehype plugin that deals with the generated element nodes instead. You can transform the AST of raw HTML strings, or alternatively use hast-util-to-html to get a string from a raw node.

Patch Changes

• Updated dependencies [c081adf998d30419fed97d8fccc11340cdc512e0, 5a9528741fa98d017b269c7e4f013058028bdc5d, a31bbd7ff8f3ec62ee507f72d1d25140b82ffc18]:
  • @​astrojs/markdown-remark@​4.3.0

v2.1.1

Compare Source

Patch Changes

• Updated dependencies [44c957f893c6bf5f5b7c78301de7b21c5975584d]:
  • @​astrojs/markdown-remark@​4.2.1

v2.1.0

Compare Source

Minor Changes

• #​9753 df37366556d46f7abdf82b09e33b08bd94e631b3 Thanks @​OliverSpeir! - Allows remark plugins to pass options specifying how images in .mdx files will be optimized

v2.0.6

Compare Source

Patch Changes

• Updated dependencies [53c69dcc82cdf4000aff13a6c11fffe19096cf45, 2f81cffa9da9db0e2802d303f94feaee8d2f54ec, a505190933365268d48139a5f197a3cfb5570870]:
  • @​astrojs/markdown-remark@​4.2.0

v2.0.5

Compare Source

Patch Changes

• #​9706 1539e04a8e5865027b3a8718c6f142885e7c8d88 Thanks @​bluwy! - Removes redundant HMR handling code

• Updated dependencies [165cfc154be477337037185c32b308616d1ed6fa, e9a72d9a91a3741566866bcaab11172cb0dc7d31]:

  • @​astrojs/markdown-remark@​4.1.0

v2.0.4

Compare Source

Patch Changes

• #​9652 e72efd6a9a1e2a70488fd225529617ffd8418534 Thanks @​bluwy! - Removes environment variables workaround that broke project builds with sourcemaps

v2.0.3

Compare Source

Patch Changes

• #​9479 1baf0b0d3cbd0564954c2366a7278794fad6726e Thanks @​sarah11918! - Updates README

v2.0.2

Compare Source

Patch Changes

• #​9452 e83b5095f Thanks @​florian-lefebvre! - Upgrades vite to latest

v2.0.1

Compare Source

Patch Changes

• #​9366 1b4e91898 Thanks @​lilnasy! - Updates NPM package to refer to the stable Astro version instead of a beta.

• Updated dependencies [270c6cc27]:

  • @​astrojs/markdown-remark@​4.0.1

v2.0.0

Compare Source

Major Changes

• #​9138 abf601233 Thanks @​bluwy! - Updates the unified, remark, and rehype dependencies to latest. Make sure to update your custom remark and rehype plugins as well to be compatible with the latest versions.

  Potentially breaking change: The default value of markdown.remarkRehype.footnoteBackLabel is changed from "Back to content" to "Back to reference 1". See the mdast-util-to-hast commit for more information.

Patch Changes

• Updated dependencies [abf601233, addb57c8e, c7953645e]:
  • @​astrojs/markdown-remark@​4.0.0

v1.1.5

Compare Source

Patch Changes

• Updated dependencies [4537ecf0d]:
  • @​astrojs/markdown-remark@​3.5.0

v1.1.4

Compare Source

Patch Changes

• Updated dependencies [c5010aad3]:
  • @​astrojs/markdown-remark@​3.4.0

v1.1.3

Compare Source

Patch Changes

• #​8897 5a3d46da1 Thanks @​remcohaszing! - Update the README to suggest that users install the official MDX extension for VS Code.

• Updated dependencies [26b77b8fe]:

  • astro@3.3.4

v1.1.2

Compare Source

Patch Changes

• Updated dependencies [2993055be, c4270e476, bd5aa1cd3, f369fa250, 391729686, f999365b8, b2ae9ee0c, 0abff97fe, 3bef32f81]:
  • astro@3.3.0
  • @​astrojs/markdown-remark@​3.3.0

v1.1.1

Compare Source

Patch Changes

• #​8737 6f60da805 Thanks @​ematipico! - Add provenance statement when publishing the library from CI

• Updated dependencies [21f482657, 6f60da805, d78806dfe, d1c75fe15, aa265d730, 78adbc443, 21e0757ea, 357270f2a]:

  • @​astrojs/markdown-remark@​3.2.1
  • astro@3.2.3

v1.1.0

Compare Source

Minor Changes

• #​8468 a8d72ceae Thanks @​bholmesdev! - Support the img component export for optimized images. This allows you to customize how optimized images are styled and rendered.

  When rendering an optimized image, Astro will pass the ImageMetadata object to your img component as the src prop. For unoptimized images (i.e. images using URLs or absolute paths), Astro will continue to pass the src as a string.

  This example handles both cases and applies custom styling:

v1.0.3

Compare Source

Patch Changes

• #​8430 f3f62a5a2 Thanks @​bluwy! - Use exported remarkShiki and remarkPrism plugins from @astrojs/markdown-remark

• Updated dependencies [f3f62a5a2, f66053a1e, 0fa483283]:

  • @​astrojs/markdown-remark@​3.1.0
  • astro@3.0.11

v1.0.2

Compare Source

Patch Changes

• #​8438 6df4f3bd9 Thanks @​Princesseuh! - Fix errors not having a stacktrace

• Updated dependencies [b3cf1b327, b92d066b7]:

  • astro@3.0.10

v1.0.1

Compare Source

Patch Changes

• #​8405 93a1231f1 Thanks @​delucis! - Add location data to MDX compile errors

• Updated dependencies [7d95bd9ba, 1947ef7a9, 61ad70fdc, d2f2a11cd, 5126c6a40, 48ff7855b, 923a443cb, 8935b3b46]:

  • astro@3.0.9

v1.0.0

Compare Source

Major Changes

• #​8179 6011d52d3 Thanks @​matthewp! - Astro 3.0 Release Candidate

• #​8131 43140b87a Thanks @​matthewp! - Support Astro 3 JSX format

  This upgrades the MDX plugin to correctly work with the new JSX render API in Astro 3.

Minor Changes

• #​8188 d0679a666 Thanks @​ematipico! - Remove support for Node 16. The lowest supported version by Astro and all integrations is now v18.14.1. As a reminder, Node 16 will be deprecated on the 11th September 2023.

• #​8169 e79e3779d Thanks @​bluwy! - Remove pre-shiki v0.14 theme names for compatibility. Please rename to the new theme names to migrate:

  • material-darker -> material-theme-darker
  • material-default -> material-theme
  • material-lighter -> material-theme-lighter
  • material-ocean -> material-theme-ocean
  • material-palenight -> material-theme-palenight

• #​8188 84af8ed9d Thanks @​ematipico! - Add astro as peer dependency

Patch Changes

• #​8188 84af8ed9d Thanks @​ematipico! - Re-orders the MDX plugin to run before Astro's JSX plugin

• #​8188 32669cd47 Thanks @​ematipico! - Handle components exports handling itself

• Updated dependencies [d0679a666, db39206cb, adf9fccfd, 0c7b42dc6, 46c4c0e05, 364d861bd, 2484dc408, 81545197a, 6011d52d3, c2c71d90c, cd2d7e769, 80f1494cd, e45f30293, c0de7a7b0, 65c354969, 3c3100851, 34cb20021, a824863ab, 44f7a2872, 1048aca55, be6bbd2c8, 9e021a91c, 7511a4980, c37632a20, acf652fc1, 42785c7b7, 8450379db, dbc97b121, 7d2f311d4, 2540feedb, ea7ff5177, 68efd4a8b, 7bd1b86f8, 036388f66, 519a1c4e8, 1f58a7a1b, 2ae9d37f0, a8f35777e, 70f34f5a3, 5208a3c8f, 84af8ed9d, f003e7364, ffc9e2d3d, 732111cdc, 0f637c71e, 33b8910cf, 8a5b0c1f3, 148e61d24, e79e3779d, 632579dc2, 3674584e0, 1db4e92c1, e7f872e91, 16f09dfff, 4477bb41c, 55c10d1d5, 3e834293d, 96beb883a, 997a0db8a, 80f1494cd, 0f0625504, e1ae56e72, f32d093a2, f01eb585e, b76c166bd, a87cbe400, 866ed4098, 767eb6866, 32669cd47]:

  • @​astrojs/prism@​3.0.0
  • astro@3.0.0
  • @​astrojs/markdown-remark@​3.0.0

withastro/astro (@​astrojs/partytown)

v2.1.2

Compare Source

Patch Changes

• #​11829 f1df1b3 Thanks @​oosawy! - Prevent Partytown integration from inserting a 'null' string into the body

v2.1.1

Compare Source

Patch Changes

• #​11083 416c4ac Thanks @​V3RON! - Prevent Partytown from crashing when View Transitions are enabled

  When View Transitions are turned on, Partytown executes on every transition.
  It's not meant to be like that, and therefore it breaks the integration completely.
  Starting from now, Partytown will be executed only once.

v2.1.0

Compare Source

Minor Changes

• #​10833 8d5f3e8 Thanks @​renovate! - Updates the @builder.io/partytown dependency to v0.10. This should not affect projects in most cases.

v2.0.4

Compare Source

Patch Changes

• #​9666 cdf8ce06271b8b5e474186a3cd6d7925c423a4a6 Thanks @​martrapp! - Fixes an issue where Partytown scripts didn't execute after view transition

v2.0.3

Compare Source

Patch Changes

• #​9479 1baf0b0d3cbd0564954c2366a7278794fad6726e Thanks @​sarah11918! - Updates README

v2.0.2

Compare Source

Patch Changes

• #​8892 e21fef7da Thanks @​florian-lefebvre! - Adds the ability to override the lib option in astro.config.mjs

v2.0.1

Compare Source

Patch Changes

• #​8737 6f60da805 Thanks @​ematipico! - Add provenance statement when publishing the library from CI

• #​8740 [f277ba8b7](https://redirect.github.com/withastro/astro/commit/f277ba8b703

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[mergeable]

Thanks for creating a pull request! A maintainer will review your changes shortly. Please don't be discouraged if it takes a while.

[CLAassistant]

All committers have signed the CLA.

[netlify]

✅ Deploy Preview for velvety-klepon-8dcf0d ready!

Name	Link
🔨 Latest commit	57de9a1
🔍 Latest deploy log	https://app.netlify.com/sites/velvety-klepon-8dcf0d/deploys/67513ce760853400088da437
😎 Deploy Preview	https://deploy-preview-13--velvety-klepon-8dcf0d.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site configuration.

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@astrojs/mdx@4.0.1	Transitive: environment, filesystem, network	+182	22.1 MB	fredkschott, matthewp, natemoo-re
npm/@astrojs/partytown@2.1.2	None	+2	460 kB	fredkschott
npm/@astrojs/rss@4.0.9	None	+3	247 kB	fredkschott
npm/@astrojs/sitemap@3.2.1	Transitive: filesystem, shell	+7	2.64 MB	fredkschott
npm/astro@5.0.2	Transitive: environment, eval, filesystem, network, shell, unsafe	+356	744 MB	fredkschott

🚮 Removed packages: npm/@astrojs/mdx@0.19.7, npm/@astrojs/partytown@1.2.3, npm/@astrojs/rss@2.4.4, npm/@astrojs/sitemap@2.0.1, npm/astro@2.10.3

View full report↗︎

[socket-security]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source	CI
Possible typosquat attack	npm/camelcase@8.0.0	Did you mean: camel**-**case	package-lock.json package.json	🚫
Possible typosquat attack	npm/emoji-regex-xs@1.0.0	Did you mean: emoji-regex~~-xs~~	package-lock.json package.json	🚫
Install scripts	npm/sharp@0.33.5	Install script: install Source: node install/check	package-lock.json package.json	🚫

View full report↗︎

Next steps

What is a typosquat?

Package name is similar to other popular packages and may not be the package you want.

Use care when consuming similarly named packages and ensure that you did not intend to consume a different package. Malicious packages often publish using similar names as existing popular packages.

What is an install script?

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/foo@1.0.0 or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore npm/camelcase@8.0.0
• @SocketSecurity ignore npm/emoji-regex-xs@1.0.0
• @SocketSecurity ignore npm/sharp@0.33.5