Skip to content

chore(deps): bump @astrojs/node from 8.3.4 to 10.0.5 in /dev-packages/e2e-tests/test-applications/astro-4#20468

Open
dependabot[bot] wants to merge 1 commit intodevelopfrom
dependabot/npm_and_yarn/dev-packages/e2e-tests/test-applications/astro-4/astrojs/node-10.0.5
Open

chore(deps): bump @astrojs/node from 8.3.4 to 10.0.5 in /dev-packages/e2e-tests/test-applications/astro-4#20468
dependabot[bot] wants to merge 1 commit intodevelopfrom
dependabot/npm_and_yarn/dev-packages/e2e-tests/test-applications/astro-4/astrojs/node-10.0.5

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 23, 2026

Bumps @astrojs/node from 8.3.4 to 10.0.5.

Release notes

Sourced from @​astrojs/node's releases.

@​astrojs/node@​10.0.5

Patch Changes

  • #16319 940afd5 Thanks @​matthewp! - Fixes static asset error responses incorrectly including immutable cache headers. Conditional request failures (e.g. If-Match mismatch) now return the correct status code without far-future cache directives.

@​astrojs/node@​10.0.4

Patch Changes

  • #16002 846f27f Thanks @​buley! - Fixes file descriptor leaks from read streams that were not destroyed on client disconnect or read errors

  • #15941 f41584a Thanks @​ematipico! - Fixes an infinite loop in resolveClientDir() when the server entry point is bundled with esbuild or similar tools. The function now throws a descriptive error instead of hanging indefinitely when the expected server directory segment is not found in the file path.

@​astrojs/node@​10.0.3

Patch Changes

  • #15735 9685e2d Thanks @​fa-sharp! - Fixes an EventEmitter memory leak when serving static pages from Node.js middleware.

    When using the middleware handler, requests that were being passed on to Express / Fastify (e.g. static files / pre-rendered pages / etc.) weren't cleaning up socket listeners before calling next(), causing a memory leak warning. This fix makes sure to run the cleanup before calling next().

@​astrojs/node@​10.0.2

Patch Changes

@​astrojs/node@​10.0.1

Patch Changes

Changelog

Sourced from @​astrojs/node's changelog.

10.0.5

Patch Changes

  • #16319 940afd5 Thanks @​matthewp! - Fixes static asset error responses incorrectly including immutable cache headers. Conditional request failures (e.g. If-Match mismatch) now return the correct status code without far-future cache directives.

10.0.4

Patch Changes

  • #16002 846f27f Thanks @​buley! - Fixes file descriptor leaks from read streams that were not destroyed on client disconnect or read errors

  • #15941 f41584a Thanks @​ematipico! - Fixes an infinite loop in resolveClientDir() when the server entry point is bundled with esbuild or similar tools. The function now throws a descriptive error instead of hanging indefinitely when the expected server directory segment is not found in the file path.

10.0.3

Patch Changes

  • #15735 9685e2d Thanks @​fa-sharp! - Fixes an EventEmitter memory leak when serving static pages from Node.js middleware.

    When using the middleware handler, requests that were being passed on to Express / Fastify (e.g. static files / pre-rendered pages / etc.) weren't cleaning up socket listeners before calling next(), causing a memory leak warning. This fix makes sure to run the cleanup before calling next().

10.0.2

Patch Changes

10.0.1

Patch Changes

10.0.0

Major Changes

  • #15654 a32aee6 Thanks @​florian-lefebvre! - Removes the experimentalErrorPageHost option

    This option allowed fetching a prerendered error page from a different host than the server is currently running on.

    However, there can be security implications with prefetching from other hosts, and often more customization was required to do this safely. This has now been removed as a built-in option so that you can implement your own secure solution as needed and appropriate for your project via middleware.

    What should I do?

    If you were previously using this feature, you must remove the option from your adapter configuration as it no longer exists:

    // astro.config.mjs

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​astrojs/node since your current version.


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
chore(deps): bump @astrojs/node
cd6067a 
Bumps [@astrojs/node](https://github.com/withastro/astro/tree/HEAD/packages/integrations/node) from 8.3.4 to 10.0.5.
- [Release notes](https://github.com/withastro/astro/releases)
- [Changelog](https://github.com/withastro/astro/blob/main/packages/integrations/node/CHANGELOG.md)
- [Commits](https://github.com/withastro/astro/commits/@astrojs/node@10.0.5/packages/integrations/node)

---
updated-dependencies:
- dependency-name: "@astrojs/node"
  dependency-version: 10.0.5
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Apr 23, 2026
cursor[bot]
cursor Bot reviewed Apr 23, 2026
View reviewed changes
Copy link
Copy Markdown

@cursor cursor Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes and found 1 potential issue.

Fix All in Cursor

❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.

Reviewed by Cursor Bugbot for commit cd6067a. Configure here.

Comment thread dev-packages/e2e-tests/test-applications/astro-4/package.json
"dependencies": {
"@astrojs/check": "0.9.2",
"@astrojs/node": "8.3.4",
"@astrojs/node": "10.0.5",
Copy link
Copy Markdown

@cursor cursor Bot Apr 23, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Incompatible @astrojs/node 10.x requires Astro 6, not 4

High Severity

@astrojs/node is bumped from 8.3.4 to 10.0.5, but astro remains at 4.16.19. According to the release notes, @astrojs/node@10.0.2 sets peerDependencies#astro to 6.0.0, making 10.x incompatible with Astro 4. The astro-6 test app correctly pairs @astrojs/node: ^10.0.0 with astro: ^6.0.6, while astro-5 uses @astrojs/node: ^9.0.0 with astro: ^5.0.3. This mismatch will likely cause build or runtime failures in the astro-4 E2E tests.

Additional Locations (1)
Fix in Cursor Fix in Web

Reviewed by Cursor Bugbot for commit cd6067a. Configure here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cursor cursor[bot] cursor[bot] left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants