chore(deps-dev): bump astro from 4.8.6 to 4.9.1

[dependabot[bot]]

Bumps astro from 4.8.6 to 4.9.1.

Release notes

Sourced from astro's releases.

astro@4.9.1

Patch Changes

• #11129 4bb9269 Thanks @​matthewp! - Prevent errors from adapters when i18n domains is not used

astro@4.9.0

Minor Changes

• #11051 12a1bcc Thanks @​ematipico! - Introduces an experimental Container API to render .astro components in isolation.

  This API introduces three new functions to allow you to create a new container and render an Astro component returning either a string or a Response:

  • create(): creates a new instance of the container.
  • renderToString(): renders a component and return a string.
  • renderToResponse(): renders a component and returns the Response emitted by the rendering phase.

  The first supported use of this new API is to enable unit testing. For example, with vitest, you can create a container to render your component with test data and check the result:

  import { experimental_AstroContainer as AstroContainer } from 'astro/container';
  import { expect, test } from 'vitest';
  import Card from '../src/components/Card.astro';
  test('Card with slots', async () => {
  const container = await AstroContainer.create();
  const result = await container.renderToString(Card, {
  slots: {
  default: 'Card content',
  },
  });
  expect(result).toContain('This is a card');
  expect(result).toContain('Card content');
  });
  

  For a complete reference, see the Container API docs.

  For a feature overview, and to give feedback on this experimental API, see the Container API roadmap discussion.

• #11021 2d4c8fa Thanks @​ematipico! - The CSRF protection feature that was introduced behind a flag in v4.6.0 is no longer experimental and is available for general use.

  To enable the stable version, add the new top-level security option in astro.config.mjs. If you were previously using the experimental version of this feature, also delete the experimental flag:

  export default defineConfig({
  -  experimental: {
  -    security: {
  -      csrfProtection: {
  -        origin: true
  

... (truncated)

Changelog

Sourced from astro's changelog.

4.9.1

Patch Changes

• #11129 4bb9269 Thanks @​matthewp! - Prevent errors from adapters when i18n domains is not used

4.9.0

Minor Changes

• #11051 12a1bcc Thanks @​ematipico! - Introduces an experimental Container API to render .astro components in isolation.

  This API introduces three new functions to allow you to create a new container and render an Astro component returning either a string or a Response:

  • create(): creates a new instance of the container.
  • renderToString(): renders a component and return a string.
  • renderToResponse(): renders a component and returns the Response emitted by the rendering phase.

  The first supported use of this new API is to enable unit testing. For example, with vitest, you can create a container to render your component with test data and check the result:

  import { experimental_AstroContainer as AstroContainer } from 'astro/container';
  import { expect, test } from 'vitest';
  import Card from '../src/components/Card.astro';
  test('Card with slots', async () => {
  const container = await AstroContainer.create();
  const result = await container.renderToString(Card, {
  slots: {
  default: 'Card content',
  },
  });
  expect(result).toContain('This is a card');
  expect(result).toContain('Card content');
  });
  

  For a complete reference, see the Container API docs.

  For a feature overview, and to give feedback on this experimental API, see the Container API roadmap discussion.

• #11021 2d4c8fa Thanks @​ematipico! - The CSRF protection feature that was introduced behind a flag in v4.6.0 is no longer experimental and is available for general use.

  To enable the stable version, add the new top-level security option in astro.config.mjs. If you were previously using the experimental version of this feature, also delete the experimental flag:

  export default defineConfig({
  -  experimental: {
  -    security: {
  

... (truncated)

Commits

• 4c7949d [ci] release (#11132)
• 4bb9269 Prevent errors from adapters when i18n domains is not used (#11129)
• 5077592 [ci] release (#11116)
• 9566fa0 Actions: Allow actions to be called on the server (#11088)
• e71348e [docs] fix config reference code formatting (#11119)
• 7bfe8aa [ci] format
• c7386ef [docs] update heading level in config reference (#11118)
• ae42bf3 [ci] format
• 5cb68d8 [docs] updates security.checkOrigin config reference (#11117)
• 7be7b1a [ci] format
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)