Bump the major group across 4 directories with 6 updates

[dependabot]

Bumps the major group with 6 updates in the / directory:

Package	From	To
ai	5.0.158	6.0.137
typescript	5.9.3	6.0.2
@astrojs/mdx	4.3.14	5.0.2
@astrojs/vue	5.1.4	6.0.1
astro	5.18.1	6.0.8
vite	7.3.1	8.0.2

Bumps the major group with 1 update in the /packages/integrations/vite directory: vite.
Bumps the major group with 2 updates in the /packages/varlock-docs-mcp directory: ai and typescript.
Bumps the major group with 3 updates in the /packages/varlock-website directory: @astrojs/mdx, @astrojs/vue and astro.

Updates ai from 5.0.158 to 6.0.137

Release notes

Sourced from ai's releases.

ai@6.0.137

Patch Changes

• Updated dependencies [3caa544]
  • @​ai-sdk/gateway@​3.0.79

ai@6.0.136

Patch Changes

• Updated dependencies [763e178]
  • @​ai-sdk/gateway@​3.0.78

ai@6.0.135

Patch Changes

• df6a330: chore(ai): remove all experimental agent events

ai@6.0.134

Patch Changes

• ed6876b: chore(ai): remove all experimental embed events

ai@6.0.133

Patch Changes

• 055cd68: fix: publish v6 to latest npm dist tag
• Updated dependencies [d99eb91]
• Updated dependencies [055cd68]
  • @​ai-sdk/gateway@​3.0.77
  • @​ai-sdk/provider-utils@​4.0.21

Commits

• d0a7e0e Version Packages (#13772)
• 3caa544 Backport: fix(xai): update model list - add GA models, remove beta variants (...
• c77352d Version Packages (#13765)
• 2e5adff Backport: chore(provider/google): remove obsolete Google image model (#13759)
• a141a1e Version Packages (#13762)
• 9c548de Backport: feat(openai): add additional GPT-5.4 models (#13755)
• bcb04df Backport: feat: add support for response.failed event type with finish reason...
• 7f19779 Version Packages (#13740)
• 763e178 Backport: chore(provider/gateway): update gateway model settings files v6 (#1...
• be357d5 Version Packages (#13734)
• Additional commits viewable in compare view

Updates typescript from 5.9.3 to 6.0.2

Release notes

Sourced from typescript's releases.

TypeScript 6.0

For release notes, check out the release announcement blog post.

• fixed issues query for TypeScript 6.0.0 (Beta).
• fixed issues query for TypeScript 6.0.1 (RC).
• fixed issues query for TypeScript 6.0.2 (Stable).

Downloads are available on:

• npm

TypeScript 6.0 Beta

For release notes, check out the release announcement.

• fixed issues query for Typescript 6.0.0 (Beta).

Downloads are available on:

• npm

Commits

• 607a22a Bump version to 6.0.2 and LKG
• 9e72ab7 🤖 Pick PR #63239 (Fix missing lib files in reused pro...) into release-6.0 (#...
• 35ff23d 🤖 Pick PR #63163 (Port anyFunctionType subtype fix an...) into release-6.0 (#...
• e175b69 Bump version to 6.0.1-rc and LKG
• af4caac Update LKG
• 8efd7e8 Merge remote-tracking branch 'origin/main' into release-6.0
• 206ed1a Deprecate assert in import() (#63172)
• e688ac8 Update dependencies (#63156)
• 29b300d Bump the github-actions group across 1 directory with 2 updates (#63205)
• 0c2c7a3 DOM update (#63183)
• Additional commits viewable in compare view

Updates @astrojs/mdx from 4.3.14 to 5.0.2

Release notes

Sourced from @​astrojs/mdx's releases.

@​astrojs/mdx@​5.0.2

Patch Changes

• #15864 d3c7de9 Thanks @​florian-lefebvre! - Removes temporary support for Node >=20.19.1 because Stackblitz now uses Node 22 by default

• Updated dependencies []:

  • @​astrojs/markdown-remark@​7.0.1

@​astrojs/mdx@​5.0.1

Patch Changes

• #15934 6f8f0bc Thanks @​ematipico! - Updates the Astro peerDependencies#astro to be 6.0.0.

@​astrojs/mdx@​5.0.0

Major Changes

• #14494 727b0a2 Thanks @​florian-lefebvre! - Updates Markdown heading ID generation - (v6 upgrade guidance)

• #14427 e131261 Thanks @​florian-lefebvre! - Increases minimum Node.js version to 22.12.0 - (v6 upgrade guidance)

• #14445 ecb0b98 Thanks @​florian-lefebvre! - Astro v6.0 upgrades to Vite v7.0 as the development server and production bundler - (v6 upgrade guidance)

Patch Changes

• #15187 bbb5811 Thanks @​matthewp! - Update to Astro 6 beta

• #15475 36fc0e0 Thanks @​delucis! - Fixes edge cases where an export const components = {...} declaration would fail to be detected with the optimize option enabled

• #15264 11efb05 Thanks @​florian-lefebvre! - Lower the Node version requirement to allow running on Stackblitz until it supports v22

• Updated dependencies [bbb5811, cb99214, 80f0225, 727b0a2, 1fa4177, 7c55f80, 6f19ecc, f94d3c5]:

  • @​astrojs/markdown-remark@​7.0.0

@​astrojs/mdx@​5.0.0-beta.12

Patch Changes

• Updated dependencies []:
  • @​astrojs/markdown-remark@​7.0.0-beta.11

@​astrojs/mdx@​5.0.0-beta.11

Patch Changes

• Updated dependencies []:
  • @​astrojs/markdown-remark@​7.0.0-beta.10

Changelog

Sourced from @​astrojs/mdx's changelog.

5.0.2

Patch Changes

• #15864 d3c7de9 Thanks @​florian-lefebvre! - Removes temporary support for Node >=20.19.1 because Stackblitz now uses Node 22 by default

• Updated dependencies []:

  • @​astrojs/markdown-remark@​7.0.1

5.0.1

Patch Changes

• #15934 6f8f0bc Thanks @​ematipico! - Updates the Astro peerDependencies#astro to be 6.0.0.

5.0.0

Major Changes

• #14494 727b0a2 Thanks @​florian-lefebvre! - Updates Markdown heading ID generation - (v6 upgrade guidance)

• #14427 e131261 Thanks @​florian-lefebvre! - Increases minimum Node.js version to 22.12.0 - (v6 upgrade guidance)

• #14445 ecb0b98 Thanks @​florian-lefebvre! - Astro v6.0 upgrades to Vite v7.0 as the development server and production bundler - (v6 upgrade guidance)

Patch Changes

• #15187 bbb5811 Thanks @​matthewp! - Update to Astro 6 beta

• #15475 36fc0e0 Thanks @​delucis! - Fixes edge cases where an export const components = {...} declaration would fail to be detected with the optimize option enabled

• #15264 11efb05 Thanks @​florian-lefebvre! - Lower the Node version requirement to allow running on Stackblitz until it supports v22

• Updated dependencies [bbb5811, cb99214, 80f0225, 727b0a2, 1fa4177, 7c55f80, 6f19ecc, f94d3c5]:

  • @​astrojs/markdown-remark@​7.0.0

5.0.0-beta.12

Patch Changes

• Updated dependencies []:
  • @​astrojs/markdown-remark@​7.0.0-beta.11

5.0.0-beta.11

Patch Changes

• Updated dependencies []:
  • @​astrojs/markdown-remark@​7.0.0-beta.10

... (truncated)

Commits

• efcd607 [ci] release (#15938)
• d3c7de9 feat: drop node 20 support (#15864)
• 09ecdd7 [ci] release (#15889)
• 6f8f0bc fix: update peer dependency range (#15934)
• 48e5c4d [ci] release (#15808)
• 2ce9e74 chore: update docs links (#15732)
• 25560db [ci] release (beta) (#15773)
• 6414732 Spelling (#15601)
• 9b0def6 [ci] release (beta) (#15758)
• 3885e8d [ci] release (beta) (#15687)
• Additional commits viewable in compare view

Updates @astrojs/vue from 5.1.4 to 6.0.1

Release notes

Sourced from @​astrojs/vue's releases.

@​astrojs/vue@​6.0.1

Patch Changes

• #15934 6f8f0bc Thanks @​ematipico! - Updates the Astro peerDependencies#astro to be 6.0.0.

@​astrojs/vue@​6.0.0

Major Changes

• #14445 ecb0b98 Thanks @​florian-lefebvre! - Astro v6.0 upgrades to Vite v7.0 as the development server and production bundler - (v6 upgrade guidance)

Minor Changes

• #15425 0317e99 Thanks @​ocavue! - Updates @vitejs/plugin-vue to v6, @vitejs/plugin-vue-jsx to v5, and vite-plugin-vue-devtools to v8. No changes are needed from users.

Patch Changes

• #15125 6feb0d7 Thanks @​florian-lefebvre! - Adds support for arbitrary HTML attributes on Vue components

• #15045 31074fc Thanks @​ematipico! - Fixes an issue where using the Vue integration with the Cloudflare adapter resulted in some runtime errors.

Changelog

Sourced from @​astrojs/vue's changelog.

6.0.1

Patch Changes

• #15934 6f8f0bc Thanks @​ematipico! - Updates the Astro peerDependencies#astro to be 6.0.0.

6.0.0

Major Changes

• #14445 ecb0b98 Thanks @​florian-lefebvre! - Astro v6.0 upgrades to Vite v7.0 as the development server and production bundler - (v6 upgrade guidance)

Minor Changes

• #15425 0317e99 Thanks @​ocavue! - Updates @vitejs/plugin-vue to v6, @vitejs/plugin-vue-jsx to v5, and vite-plugin-vue-devtools to v8. No changes are needed from users.

Patch Changes

• #15125 6feb0d7 Thanks @​florian-lefebvre! - Adds support for arbitrary HTML attributes on Vue components

• #15045 31074fc Thanks @​ematipico! - Fixes an issue where using the Vue integration with the Cloudflare adapter resulted in some runtime errors.

6.0.0-beta.1

Minor Changes

• #15425 0317e99 Thanks @​ocavue! - Updates @vitejs/plugin-vue to v6, @vitejs/plugin-vue-jsx to v5, and vite-plugin-vue-devtools to v8. No changes are needed from users.

6.0.0-beta.0

Patch Changes

• #15125 6feb0d7 Thanks @​florian-lefebvre! - Adds support for arbitrary HTML attributes on Vue components

6.0.0-alpha.1

Patch Changes

• #15045 31074fc Thanks @​ematipico! - Fixes an issue where using the Vue integration with the Cloudflare adapter resulted in some runtime errors.

6.0.0-alpha.0

Major Changes

• #14445 ecb0b98 Thanks @​florian-lefebvre! - Astro v6.0 upgrades to Vite v7.0 as the development server and production bundler - (v6 upgrade guidance)

Patch Changes

• Updated dependencies [ece667a, 861b9cc, ece667a, 9fdfd4c, 91780cf, 9fdfd4c, b1d87ec, 049da87, 727b0a2, 55a1a91, 669ca5b, df6d2d7, 9fdfd4c, e131261, c69c7de, 666d5a7, 4f11510, 25fe093, 9c282b5, ecb0b98, 6f67c6e, 36a461b, 3bda3ce]:
  • astro@6.0.0-alpha.0

Commits

• 09ecdd7 [ci] release (#15889)
• 6f8f0bc fix: update peer dependency range (#15934)
• 48e5c4d [ci] release (#15808)
• 2ce9e74 chore: update docs links (#15732)
• 3963855 fix(deps): update astro client runtimes (#15720)
• 1118ac4 feat: update tsconfig template to prepare for TS 6 (#15668)
• b958dc9 chore: move vue jsx test (#15666)
• 6c93201 fix(deps): update astro client runtimes (#15530)
• f6ebad7 [ci] release (beta) (#15426)
• 2440f3e fix(deps): lock file maintenance astro client runtimes (#15404)
• Additional commits viewable in compare view

Updates astro from 5.18.1 to 6.0.8

Release notes

Sourced from astro's releases.

astro@6.0.8

Patch Changes

• #15978 6d182fe Thanks @​seroperson! - Fixes a bug where Astro Actions didn't properly support nested object properties, causing problems when users used zod functions such as superRefine or discriminatedUnion.

• #16011 e752170 Thanks @​matthewp! - Fixes a dev server hang on the first request when using the Cloudflare adapter

• #15997 1fddff7 Thanks @​ematipico! - Fixes Astro.rewrite() failing when the target path contains duplicate slashes (e.g. //about). The duplicate slashes are now collapsed before URL parsing, preventing them from being interpreted as a protocol-relative URL.

astro@6.0.7

Patch Changes

• #15950 acce5e8 Thanks @​matthewp! - Fixes a build regression in projects with multiple frontend integrations where server:defer server islands could fail at runtime when all pages are prerendered.

• #15988 c93b4a0 Thanks @​ossaidqadri! - Fix styles from dynamically imported components not being injected on first dev server load.

• #15968 3e7a9d5 Thanks @​chasemccoy! - Fixes renderMarkdown in custom content loaders not resolving images in markdown content. Images referenced in markdown processed by renderMarkdown are now correctly optimized, matching the behavior of the built-in glob() loader.

• #15990 1e6017f Thanks @​ematipico! - Fixes an issue where Astro.currentLocale would always be the default locale instead of the actual one when using a dynamic route like [locale].astro or [locale]/index.astro. It now resolves to the correct locale from the URL.

• #15990 1e6017f Thanks @​ematipico! - Fixes an issue where visiting an invalid locale URL (e.g. /asdf/) would show the content of a dynamic [locale] page with a 404 status code, instead of showing your custom 404 page. Now, the correct 404 page is rendered when the locale in the URL doesn't match any configured locale.

• #15960 1d84020 Thanks @​matthewp! - Fixes Cloudflare dev server islands with prerenderEnvironment: 'node' by sharing the serialized manifest encryption key across dev environments and routing server island requests through the SSR runtime.

• #15735 9685e2d Thanks @​fa-sharp! - Fixes an EventEmitter memory leak when serving static pages from Node.js middleware.

  When using the middleware handler, requests that were being passed on to Express / Fastify (e.g. static files / pre-rendered pages / etc.) weren't cleaning up socket listeners before calling next(), causing a memory leak warning. This fix makes sure to run the cleanup before calling next().

astro@6.0.6

Patch Changes

• #15965 2dca307 Thanks @​matthewp! - Fixes client hydration for components imported through Node.js subpath imports (package.json#imports, e.g. #components/*), for example when using the Cloudflare adapter in development.

• #15770 6102ca2 Thanks @​jpc-ae! - Updates the create astro welcome message to highlight the graceful dev/preview server quit command rather than the kill process shortcut

• #15953 7eddf22 Thanks @​Desel72! - fix(hmr): eagerly recompile on style-only change to prevent stale slots render

• #15916 5201ed4 Thanks @​trueberryless! - Fixes InferLoaderSchema type inference for content collections defined with a loader that includes a schema

• #15864 d3c7de9 Thanks @​florian-lefebvre! - Removes temporary support for Node >=20.19.1 because Stackblitz now uses Node 22 by default

• #15944 a5e1acd Thanks @​fkatsuhiro! - Fixes SSR dynamic routes with .html extension (e.g. [slug].html.astro) not working

• #15937 d236245 Thanks @​ematipico! - Fixes an issue where HMR didn't correctly work on Windows when adding/changing/deleting routes in pages/.

• #15931 98dfb61 Thanks @​Strernd! - Fix skew protection query params not being applied to island hydration component-url and renderer-url, and ensure query params are appended safely for asset URLs with existing search/hash parts.

• Updated dependencies []:

  • @​astrojs/markdown-remark@​7.0.1

... (truncated)

Changelog

Sourced from astro's changelog.

6.0.8

Patch Changes

• #15978 6d182fe Thanks @​seroperson! - Fixes a bug where Astro Actions didn't properly support nested object properties, causing problems when users used zod functions such as superRefine or discriminatedUnion.

• #16011 e752170 Thanks @​matthewp! - Fixes a dev server hang on the first request when using the Cloudflare adapter

• #15997 1fddff7 Thanks @​ematipico! - Fixes Astro.rewrite() failing when the target path contains duplicate slashes (e.g. //about). The duplicate slashes are now collapsed before URL parsing, preventing them from being interpreted as a protocol-relative URL.

6.0.7

Patch Changes

• #15950 acce5e8 Thanks @​matthewp! - Fixes a build regression in projects with multiple frontend integrations where server:defer server islands could fail at runtime when all pages are prerendered.

• #15988 c93b4a0 Thanks @​ossaidqadri! - Fix styles from dynamically imported components not being injected on first dev server load.

• #15968 3e7a9d5 Thanks @​chasemccoy! - Fixes renderMarkdown in custom content loaders not resolving images in markdown content. Images referenced in markdown processed by renderMarkdown are now correctly optimized, matching the behavior of the built-in glob() loader.

• #15990 1e6017f Thanks @​ematipico! - Fixes an issue where Astro.currentLocale would always be the default locale instead of the actual one when using a dynamic route like [locale].astro or [locale]/index.astro. It now resolves to the correct locale from the URL.

• #15990 1e6017f Thanks @​ematipico! - Fixes an issue where visiting an invalid locale URL (e.g. /asdf/) would show the content of a dynamic [locale] page with a 404 status code, instead of showing your custom 404 page. Now, the correct 404 page is rendered when the locale in the URL doesn't match any configured locale.

• #15960 1d84020 Thanks @​matthewp! - Fixes Cloudflare dev server islands with prerenderEnvironment: 'node' by sharing the serialized manifest encryption key across dev environments and routing server island requests through the SSR runtime.

• #15735 9685e2d Thanks @​fa-sharp! - Fixes an EventEmitter memory leak when serving static pages from Node.js middleware.

  When using the middleware handler, requests that were being passed on to Express / Fastify (e.g. static files / pre-rendered pages / etc.) weren't cleaning up socket listeners before calling next(), causing a memory leak warning. This fix makes sure to run the cleanup before calling next().

6.0.6

Patch Changes

• #15965 2dca307 Thanks @​matthewp! - Fixes client hydration for components imported through Node.js subpath imports (package.json#imports, e.g. #components/*), for example when using the Cloudflare adapter in development.

• #15770 6102ca2 Thanks @​jpc-ae! - Updates the create astro welcome message to highlight the graceful dev/preview server quit command rather than the kill process shortcut

• #15953 7eddf22 Thanks @​Desel72! - fix(hmr): eagerly recompile on style-only change to prevent stale slots render

• #15916 5201ed4 Thanks @​trueberryless! - Fixes InferLoaderSchema type inference for content collections defined with a loader that includes a schema

• #15864 d3c7de9 Thanks @​florian-lefebvre! - Removes temporary support for Node >=20.19.1 because Stackblitz now uses Node 22 by default

• #15944 a5e1acd Thanks @​fkatsuhiro! - Fixes SSR dynamic routes with .html extension (e.g. [slug].html.astro) not working

• #15937 d236245 Thanks @​ematipico! - Fixes an issue where HMR didn't correctly work on Windows when adding/changing/deleting routes in pages/.

• #15931 98dfb61 Thanks @​Strernd! - Fix skew protection query params not being applied to island hydration component-url and renderer-url, and ensure query params are appended safely for asset URLs with existing search/hash parts.

... (truncated)

Commits

• b47897c [ci] release (#15998)
• e752170 fix(css): skip dev-css virtual modules in ensureModulesLoaded to prevent Clou...
• 6d182fe fix(actions): support for nested objects in form (#15978)
• 1fddff7 fix(rewrite): collapse leading slashes when doing a redirect (#15997)
• 878791f [ci] release (#15985)
• 3e7a9d5 fix(content-layer): populate imagePaths in renderMarkdown metadata (#15968)
• acce5e8 Preserve renderers for discovered server islands (#15950)
• 1e6017f Refactor/unit tests part2 (#15990)
• 4741b09 test: actions, params and csrf to unit test (#15984)
• c93b4a0 Inject styles from dynamically imported components on first dev server load (...
• Additional commits viewable in compare view

Updates vite from 7.3.1 to 8.0.2

Release notes

Sourced from vite's releases.

create-vite@8.0.2

Please refer to CHANGELOG.md for details.

v8.0.2

Please refer to CHANGELOG.md for details.

create-vite@8.0.1

Please refer to CHANGELOG.md for details.

v8.0.1

Please refer to CHANGELOG.md for details.

create-vite@8.0.0

Please refer to CHANGELOG.md for details.

plugin-legacy@8.0.0

Please refer to CHANGELOG.md for details.

v8.0.0

Please refer to CHANGELOG.md for details.

v8.0.0-beta.18

Please refer to CHANGELOG.md for details.

v8.0.0-beta.17

Please refer to CHANGELOG.md for details.

v8.0.0-beta.16

Please refer to CHANGELOG.md for details.

v8.0.0-beta.15

Please refer to CHANGELOG.md for details.

v8.0.0-beta.14

Please refer to CHANGELOG.md for details.

v8.0.0-beta.13

Please refer to CHANGELOG.md for details.

v8.0.0-beta.12

Please refer to CHANGELOG.md for details.

v8.0.0-beta.11

Please refer to CHANGELOG.md for details.

v8.0.0-beta.10

Please refer to CHANGELOG.md for details.

v8.0.0-beta.9

Please refer to CHANGELOG.md for details.

... (truncated)

Changelog

Sourced from vite's changelog.

8.0.2 (2026-03-23)

Features

• update rolldown to 1.0.0-rc.11 (#21998) (ff91c31)

Bug Fixes

• deps: update all non-major dependencies (#21988) (9b7d150)

Miscellaneous Chores

• deps: update dependency @​vitejs/devtools to ^0.1.5 (#21992) (b2dd65b)

8.0.1 (2026-03-19)

Features

• update rolldown to 1.0.0-rc.10 (#21932) (b3c067d)

Bug Fixes

• bundled-dev: properly disable inlineConst optimization (#21865) (6d97142)
• css: lightningcss minify failed when build.target: 'es6' (#21933) (5fcce46)
• deps: update all non-major dependencies (#21878) (6dbbd7f)
• dev: always use ESM Oxc runtime (#21829) (d323ed7)
• dev: handle concurrent restarts in _createServer (#21810) (40bc729)
• handle + symbol in package subpath exports during dep optimization (#21886) (86db93d)
• improve no-cors request block error (#21902) (5ba688b)
• use precise regexes for transform filter to avoid backtracking (#21800) (dbe41bd)
• worker: require(json) result should not be wrapped (#21847) (0672fd2)
• worker: make worker output consistent with client and SSR (#21871) (69454d7)

Miscellaneous Chores

• add changelog rearrange script (#21835) (efef073)
• deps: bump required @vitejs/devtools version to 0.1+ (#21925) (12932f5)
• deps: update rolldown-related dependencies (#21787) (1af1d3a)
• rearrange 8.0 changelog (8e05b61)
• rearrange 8.0 changelog (#21834) (86edeee)

8.0.0 (2026-03-12)

Today, we're thrilled to announce the release of the next Vite major:

• Vite 8.0 announcement blog post
• Docs (translations:

[changeset-bot]

⚠️ No Changeset found

Latest commit: b3563cc

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[cloudflare-workers-and-pages]

Deploying with    Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status	Name	Latest Commit	Updated (UTC)
🔵 In progress View logs	varlock-docs-mcp	b3563cc	Mar 23 2026, 09:05 PM

[cloudflare-workers-and-pages]

Deploying with    Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status	Name	Latest Commit	Updated (UTC)
❌ Deployment failed View logs	varlock-docs-mcp	b3563cc	Mar 23 2026, 09:05 PM

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	astro-iconify@​1.2.0
	astro-robots-txt@​1.0.0
	@​astrojs/​partytown@​2.1.5
	@​astrojs/​vue@​6.0.1
	@​astrojs/​sitemap@​3.7.1
	@​astrojs/​mdx@​5.0.2
	@​astrojs/​starlight@​0.37.7
	canvaskit-wasm@​0.40.0
	astro-og-canvas@​0.7.2
	astro@​6.0.8

View full report

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Warn		Obfuscated code: npm svgo is 91.0% likely obfuscated Confidence: 0.91 Location: Package overview From: ? → npm/astro-iconify@1.2.0 → npm/svgo@3.3.3 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/svgo@3.3.3. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report