Skip to content

chore(deps): bump @astrojs/node from 10.0.1 to 10.0.5 in the npm_and_yarn group across 1 directory#130

Merged
chris-c-thomas merged 1 commit intomainfrom
dependabot/npm_and_yarn/npm_and_yarn-63e2739d23
Apr 24, 2026
Merged

chore(deps): bump @astrojs/node from 10.0.1 to 10.0.5 in the npm_and_yarn group across 1 directory#130
chris-c-thomas merged 1 commit intomainfrom
dependabot/npm_and_yarn/npm_and_yarn-63e2739d23

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 23, 2026

Bumps the npm_and_yarn group with 1 update in the / directory: @astrojs/node.

Updates @astrojs/node from 10.0.1 to 10.0.5

Release notes

Sourced from @​astrojs/node's releases.

@​astrojs/node@​10.0.5

Patch Changes

  • #16319 940afd5 Thanks @​matthewp! - Fixes static asset error responses incorrectly including immutable cache headers. Conditional request failures (e.g. If-Match mismatch) now return the correct status code without far-future cache directives.

@​astrojs/node@​10.0.4

Patch Changes

  • #16002 846f27f Thanks @​buley! - Fixes file descriptor leaks from read streams that were not destroyed on client disconnect or read errors

  • #15941 f41584a Thanks @​ematipico! - Fixes an infinite loop in resolveClientDir() when the server entry point is bundled with esbuild or similar tools. The function now throws a descriptive error instead of hanging indefinitely when the expected server directory segment is not found in the file path.

@​astrojs/node@​10.0.3

Patch Changes

  • #15735 9685e2d Thanks @​fa-sharp! - Fixes an EventEmitter memory leak when serving static pages from Node.js middleware.

    When using the middleware handler, requests that were being passed on to Express / Fastify (e.g. static files / pre-rendered pages / etc.) weren't cleaning up socket listeners before calling next(), causing a memory leak warning. This fix makes sure to run the cleanup before calling next().

@​astrojs/node@​10.0.2

Patch Changes

Changelog

Sourced from @​astrojs/node's changelog.

10.0.5

Patch Changes

  • #16319 940afd5 Thanks @​matthewp! - Fixes static asset error responses incorrectly including immutable cache headers. Conditional request failures (e.g. If-Match mismatch) now return the correct status code without far-future cache directives.

10.0.4

Patch Changes

  • #16002 846f27f Thanks @​buley! - Fixes file descriptor leaks from read streams that were not destroyed on client disconnect or read errors

  • #15941 f41584a Thanks @​ematipico! - Fixes an infinite loop in resolveClientDir() when the server entry point is bundled with esbuild or similar tools. The function now throws a descriptive error instead of hanging indefinitely when the expected server directory segment is not found in the file path.

10.0.3

Patch Changes

  • #15735 9685e2d Thanks @​fa-sharp! - Fixes an EventEmitter memory leak when serving static pages from Node.js middleware.

    When using the middleware handler, requests that were being passed on to Express / Fastify (e.g. static files / pre-rendered pages / etc.) weren't cleaning up socket listeners before calling next(), causing a memory leak warning. This fix makes sure to run the cleanup before calling next().

10.0.2

Patch Changes

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
chore(deps): bump @astrojs/node
0386fb1 
Bumps the npm_and_yarn group with 1 update in the / directory: [@astrojs/node](https://github.com/withastro/astro/tree/HEAD/packages/integrations/node).


Updates `@astrojs/node` from 10.0.1 to 10.0.5
- [Release notes](https://github.com/withastro/astro/releases)
- [Changelog](https://github.com/withastro/astro/blob/main/packages/integrations/node/CHANGELOG.md)
- [Commits](https://github.com/withastro/astro/commits/@astrojs/node@10.0.5/packages/integrations/node)

---
updated-dependencies:
- dependency-name: "@astrojs/node"
  dependency-version: 10.0.5
  dependency-type: direct:production
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Apr 23, 2026
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented Apr 23, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@chris-c-thomas chris-c-thomas self-assigned this Apr 24, 2026
@chris-c-thomas chris-c-thomas requested a review from Copilot April 24, 2026 20:47
Copilot AI reviewed Apr 24, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates the Astro Node adapter dependency used by the apps/astro application, aligning the lockfile with the new adapter version and its updated peer dependency requirements.

Changes:

  • Bump @astrojs/node in apps/astro/package.json from ^10.0.1 to ^10.0.5.
  • Update pnpm-lock.yaml entries for @astrojs/node to 10.0.5, including updated integrity and peer dependency metadata (astro: ^6.0.0).

Reviewed changes

Copilot reviewed 1 out of 2 changed files in this pull request and generated no comments.

File Description
apps/astro/package.json Updates the direct dependency version for the Astro Node adapter.
pnpm-lock.yaml Regenerates lockfile entries to reflect @astrojs/node@10.0.5 and its peer dependency range.
Files not reviewed (1)
  • pnpm-lock.yaml: Language not supported

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@chris-c-thomas chris-c-thomas merged commit 6773756 into main Apr 24, 2026
11 checks passed
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/npm_and_yarn-63e2739d23 branch April 24, 2026 20:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

@chris-c-thomas chris-c-thomas

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@chris-c-thomas