deps: update astro to v6, starlight to v0.38, and related packages by Copilot · Pull Request #797 · arcjet/arcjet-docs

Copilot · 2026-03-30T17:26:47Z

Resolve merge conflicts with main (keep Astro 6 upgrades, take @clerk/nextjs@6.39.0 from main)
Update all arcjet/nosecone packages from 1.3.0 to 1.3.1 (root + snippet workspaces) — fixes @arcjet/astro peer dep to support astro@^6.0.0
Run npm install and verify install succeeds
Verify no security advisories for new versions
.npmrc legacy-peer-deps=true still required due to @sveltejs/vite-plugin-svelte@7 requiring vite@^8 while Astro 6 uses Vite 7

- astro: 5.18.1 → 6.1.2 - @astrojs/starlight: 0.37.6 → 0.38.2 - @astrojs/react: 4.4.2 → 5.0.2 - @astrojs/node: 9.5.5 → 10.0.4 - @astrojs/vercel: 9.0.4 → 10.0.3 - @astrojs/check: 0.9.6 → 0.9.8 - @expressive-code/plugin-collapsible-sections: 0.41.6 → 0.41.7 - @expressive-code/plugin-line-numbers: 0.41.6 → 0.41.7 - starlight-links-validator: 0.19.2 → 0.21.0 Migrate content config to use i18nLoader() and fix SCSS alias resolution for Vite 7 compatibility. Agent-Logs-Url: https://github.com/arcjet/arcjet-docs/sessions/cc52be0f-7b51-4bf0-8aa6-39ad4600e750 Co-authored-by: qw-in <19194187+qw-in@users.noreply.github.com>

Agent-Logs-Url: https://github.com/arcjet/arcjet-docs/sessions/cc52be0f-7b51-4bf0-8aa6-39ad4600e750 Co-authored-by: qw-in <19194187+qw-in@users.noreply.github.com>

vercel · 2026-03-30T17:26:54Z

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
arcjet-docs	Ready	Preview, Comment	Mar 31, 2026 1:00am

qw-in · 2026-03-30T17:27:42Z

src/content.config.ts

      // https://docs.astro.build/en/reference/content-loader-reference/#watcher
    },
    name: wrappedLoader.name,
-    schema: wrappedLoader.schema,


Why did the schema get removed?

qw-in · 2026-03-30T17:29:30Z

tests/screenshot.test.ts-snapshots/screenshot-bot-protection-dark-chromium-linux.png

Seems as though the only change is the Giscus comment box is silently removed rather than being replaced with explanation text.

…en, fix Vercel deploy - Wrap Comments.astro in .giscus-wrapper div for reliable test targeting - Update screenshot test to target .giscus-wrapper instead of div.giscus - Add .npmrc with legacy-peer-deps=true for Vercel deployment - Revert 74 unnecessary screenshot regenerations from previous commit - Regenerate only 26 screenshots with genuine Astro 6 rendering changes (nosecone-* and reference-* pages) All 163 tests pass. Agent-Logs-Url: https://github.com/arcjet/arcjet-docs/sessions/e4690fe7-0299-4cf8-b729-44ae37e03624 Co-authored-by: qw-in <19194187+qw-in@users.noreply.github.com>

…starlight-versions # Conflicts: # package-lock.json # package.json Co-authored-by: qw-in <19194187+qw-in@users.noreply.github.com>

socket-security · 2026-03-30T19:00:18Z

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance
	@arcjet/react-router@1.3.0 ⏵ 1.3.1	^-28			^-5
	@arcjet/deno@1.3.0 ⏵ 1.3.1	^-28			^-4
	@arcjet/fastify@1.3.0 ⏵ 1.3.1	^-28			^-5
	@arcjet/remix@1.3.0 ⏵ 1.3.1	^-27			^-4
	@nosecone/sveltekit@1.3.0 ⏵ 1.3.1	^-27		^-2	^-4
	@arcjet/sveltekit@1.3.0 ⏵ 1.3.1	^-27			^-4
	@arcjet/nuxt@1.3.0 ⏵ 1.3.1	^-27			^-5
	@arcjet/bun@1.3.0 ⏵ 1.3.1	^-27			^-4
	@arcjet/nest@1.3.0 ⏵ 1.3.1	^-26			^-4
	@arcjet/astro@1.1.0 ⏵ 1.3.1	⁺¹		⁺¹	^-1
	@arcjet/decorate@1.3.0 ⏵ 1.3.1	^-22			^-4
	@astrojs/check@0.9.6 ⏵ 0.9.8				⁺⁴
	@arcjet/redact@1.3.0 ⏵ 1.3.1			⁺⁵	⁺²
	starlight-links-validator@0.19.2 ⏵ 0.21.0	⁺¹		^-1	⁺⁸
	@arcjet/node@1.3.0 ⏵ 1.3.1	^-18			^-4
	@astrojs/node@9.5.5 ⏵ 10.0.4	⁺¹	⁺²	⁺¹	⁺¹
	@astrojs/react@4.4.2 ⏵ 5.0.2			⁺¹	⁺²
	@astrojs/vercel@9.0.5 ⏵ 10.0.3		⁺²		⁺¹
	@astrojs/starlight@0.37.6 ⏵ 0.38.2	⁺¹		⁺¹	⁺¹
	astro@5.18.1 ⏵ 6.1.2	⁺¹		⁺¹
	@arcjet/inspect@1.1.0 ⏵ 1.3.1	⁺¹		⁺¹
	@arcjet/body@1.1.0 ⏵ 1.3.1				⁺¹
	vue-tsc@3.2.2 ⏵ 3.2.5			⁺²²	^-1
	@arcjet/protocol@1.1.0 ⏵ 1.3.1	⁺¹		⁺¹	⁺²
	@arcjet/next@1.3.0 ⏵ 1.3.1	^-4			^-4
	@nosecone/next@1.3.0 ⏵ 1.3.1	^-3		^-3	^-4
	nosecone@1.3.0 ⏵ 1.3.1	^-3		^-3	^-4
	@arcjet/transport@1.1.0 ⏵ 1.3.1	⁺¹		⁺¹²	⁺²
	@arcjet/env@1.1.0 ⏵ 1.3.1			⁺⁵	⁺²
	@arcjet/headers@1.1.0 ⏵ 1.3.1			⁺¹⁰	⁺²
	@arcjet/ip@1.1.0 ⏵ 1.3.1	⁺¹			⁺²
	@arcjet/logger@1.1.0 ⏵ 1.3.1	⁺¹		⁺¹⁰	⁺²
See 1 more rows in the dashboard

View full report

socket-security · 2026-03-30T19:00:22Z

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert (click "▶" to expand/collapse)
Warn		License policy violation: npm `caniuse-lite` under CC-BY-4.0 License: CC-BY-4.0 - the applicable license policy does not allow this license (4) (npm metadata) License: CC-BY-4.0 - the applicable license policy does not allow this license (4) (package/package.json) License: CC-BY-4.0 - the applicable license policy does not allow this license (4) (package/LICENSE) From: package-lock.json → `npm/nuxt@4.3.1` → `npm/next@15.5.14` → `npm/@astrojs/react@5.0.2` → `npm/caniuse-lite@1.0.30001782` ℹ Read more on: This package \| This alert \| What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/caniuse-lite@1.0.30001782`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

qw-in · 2026-03-30T20:40:01Z

Waiting on Arcjet JS 1.3.1 for "official" astro@6 support here

Agent-Logs-Url: https://github.com/arcjet/arcjet-docs/sessions/0c13b6a6-f382-42b5-a5d8-1a1012f6fd64 Co-authored-by: qw-in <19194187+qw-in@users.noreply.github.com>

Copilot AI and others added 2 commits March 30, 2026 16:41

test: update screenshot baselines for Astro 6 rendering changes

7d02230

Agent-Logs-Url: https://github.com/arcjet/arcjet-docs/sessions/cc52be0f-7b51-4bf0-8aa6-39ad4600e750 Co-authored-by: qw-in <19194187+qw-in@users.noreply.github.com>

Copilot AI assigned Copilot and qw-in Mar 30, 2026

Copilot created this pull request from a session on behalf of qw-in March 30, 2026 17:26 View session

qw-in reviewed Mar 30, 2026

View reviewed changes

Copilot started work on behalf of qw-in March 30, 2026 17:32 View session

Copilot AI requested a review from qw-in March 30, 2026 18:31

Copilot finished work on behalf of qw-in March 30, 2026 18:31

vercel bot deployed to Preview March 30, 2026 18:32 View deployment

Copilot started work on behalf of qw-in March 30, 2026 18:46 View session

Merge remote-tracking branch 'origin/main' into copilot/update-astro-…

b7045b4

…starlight-versions # Conflicts: # package-lock.json # package.json Co-authored-by: qw-in <19194187+qw-in@users.noreply.github.com>

Copilot finished work on behalf of qw-in March 30, 2026 18:56

vercel bot deployed to Preview March 30, 2026 18:58 View deployment

Copilot started work on behalf of qw-in March 31, 2026 00:50 View session

deps: update arcjet and nosecone packages to 1.3.1

1f9ca63

Agent-Logs-Url: https://github.com/arcjet/arcjet-docs/sessions/0c13b6a6-f382-42b5-a5d8-1a1012f6fd64 Co-authored-by: qw-in <19194187+qw-in@users.noreply.github.com>

Copilot finished work on behalf of qw-in March 31, 2026 00:59

vercel bot deployed to Preview March 31, 2026 01:00 View deployment

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

deps: update astro to v6, starlight to v0.38, and related packages#797

deps: update astro to v6, starlight to v0.38, and related packages#797
Copilot wants to merge 5 commits intomainfrom
copilot/update-astro-starlight-versions

Copilot AI commented Mar 30, 2026 •

edited

Loading

Uh oh!

vercel bot commented Mar 30, 2026 •

edited

Loading

Uh oh!

qw-in Mar 30, 2026

Uh oh!

qw-in Mar 30, 2026

Uh oh!

socket-security bot commented Mar 30, 2026 •

edited

Loading

Uh oh!

socket-security bot commented Mar 30, 2026 •

edited

Loading

Uh oh!

qw-in commented Mar 30, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

Copilot AI commented Mar 30, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

vercel bot commented Mar 30, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

qw-in Mar 30, 2026

Choose a reason for hiding this comment

Uh oh!

qw-in Mar 30, 2026

Choose a reason for hiding this comment

Uh oh!

socket-security bot commented Mar 30, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

socket-security bot commented Mar 30, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

qw-in commented Mar 30, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Copilot AI commented Mar 30, 2026 •

edited

Loading

vercel bot commented Mar 30, 2026 •

edited

Loading

socket-security bot commented Mar 30, 2026 •

edited

Loading

socket-security bot commented Mar 30, 2026 •

edited

Loading