chore(deps): bump the npm_and_yarn group across 1 directory with 4 updates

[dependabot]

Bumps the npm_and_yarn group with 3 updates in the /docs directory: astro, @babel/runtime and tar-fs.

Updates astro from 5.4.3 to 5.13.1

Release notes

Sourced from astro's releases.

[email protected]

Patch Changes

• #14225 f2490ab Thanks @​delucis! - Fixes the experimental.chromeDevtoolsWorkspace feature.

[email protected]

Minor Changes

• #14173 39911b8 Thanks @​florian-lefebvre! - Adds an experimental flag staticImportMetaEnv to disable the replacement of import.meta.env values with process.env calls and their coercion of environment variable values. This supersedes the rawEnvValues experimental flag, which is now removed.

  Astro allows you to configure a type-safe schema for your environment variables, and converts variables imported via astro:env into the expected type. This is the recommended way to use environment variables in Astro, as it allows you to easily see and manage whether your variables are public or secret, available on the client or only on the server at build time, and the data type of your values.

  However, you can still access environment variables through process.env and import.meta.env directly when needed. This was the only way to use environment variables in Astro before astro:env was added in Astro 5.0, and Astro's default handling of import.meta.env includes some logic that was only needed for earlier versions of Astro.

  The experimental.staticImportMetaEnv flag updates the behavior of import.meta.env to align with Vite's handling of environment variables and for better ease of use with Astro's current implementations and features. This will become the default behavior in Astro 6.0, and this early preview is introduced as an experimental feature.

  Currently, non-public import.meta.env environment variables are replaced by a reference to process.env. Additionally, Astro may also convert the value type of your environment variables used through import.meta.env, which can prevent access to some values such as the strings "true" (which is converted to a boolean value), and "1" (which is converted to a number).

  The experimental.staticImportMetaEnv flag simplifies Astro's default behavior, making it easier to understand and use. Astro will no longer replace any import.meta.env environment variables with a process.env call, nor will it coerce values.

  To enable this feature, add the experimental flag in your Astro config and remove rawEnvValues if it was enabled:

  // astro.config.mjs
  import { defineConfig } from "astro/config";
  export default defineConfig({
  
  experimental: {
  staticImportMetaEnv: true
  
  
  rawEnvValues: false
  
  
  }
  });

Updating your project

If you were relying on Astro's default coercion, you may need to update your project code to apply it manually:

// src/components/MyComponent.astro
- const enabled: boolean = import.meta.env.ENABLED;
+ const enabled: boolean = import.meta.env.ENABLED === "true";

If you were relying on the transformation into process.env calls, you may need to update your project code to apply it manually:

// src/components/MyComponent.astro
- const enabled: boolean = import.meta.env.DB_PASSWORD;
+ const enabled: boolean = process.env.DB_PASSWORD;

... (truncated)

Changelog

Sourced from astro's changelog.

5.13.1

Patch Changes

• #14225 f2490ab Thanks @​delucis! - Fixes the experimental.chromeDevtoolsWorkspace feature.

5.13.0

Minor Changes

• #14173 39911b8 Thanks @​florian-lefebvre! - Adds an experimental flag staticImportMetaEnv to disable the replacement of import.meta.env values with process.env calls and their coercion of environment variable values. This supersedes the rawEnvValues experimental flag, which is now removed.

  Astro allows you to configure a type-safe schema for your environment variables, and converts variables imported via astro:env into the expected type. This is the recommended way to use environment variables in Astro, as it allows you to easily see and manage whether your variables are public or secret, available on the client or only on the server at build time, and the data type of your values.

  However, you can still access environment variables through process.env and import.meta.env directly when needed. This was the only way to use environment variables in Astro before astro:env was added in Astro 5.0, and Astro's default handling of import.meta.env includes some logic that was only needed for earlier versions of Astro.

  The experimental.staticImportMetaEnv flag updates the behavior of import.meta.env to align with Vite's handling of environment variables and for better ease of use with Astro's current implementations and features. This will become the default behavior in Astro 6.0, and this early preview is introduced as an experimental feature.

  Currently, non-public import.meta.env environment variables are replaced by a reference to process.env. Additionally, Astro may also convert the value type of your environment variables used through import.meta.env, which can prevent access to some values such as the strings "true" (which is converted to a boolean value), and "1" (which is converted to a number).

  The experimental.staticImportMetaEnv flag simplifies Astro's default behavior, making it easier to understand and use. Astro will no longer replace any import.meta.env environment variables with a process.env call, nor will it coerce values.

  To enable this feature, add the experimental flag in your Astro config and remove rawEnvValues if it was enabled:

  // astro.config.mjs
  import { defineConfig } from "astro/config";
  export default defineConfig({
  
  experimental: {
  staticImportMetaEnv: true
  
  
  rawEnvValues: false
  
  
  }
  });

Updating your project

If you were relying on Astro's default coercion, you may need to update your project code to apply it manually:

// src/components/MyComponent.astro
- const enabled: boolean = import.meta.env.ENABLED;
+ const enabled: boolean = import.meta.env.ENABLED === "true";

If you were relying on the transformation into process.env calls, you may need to update your project code to apply it manually:

// src/components/MyComponent.astro

... (truncated)

Commits

• 1591bc7 [ci] release (#14227)
• f2490ab Fix automatic Chrome DevTools workspace feature (#14225)
• a186848 [ci] release (#14217)
• b33780d [ci] format
• 39911b8 feat: experimental static import.meta.env (#14173)
• 41ed3ac feat: add automatic chrome workspace handling (#14122)
• 806d2dc chore: add additional contributor to changelog (#14203)
• dc9e35c [ci] release (#14189)
• 3e4cb8e fix: fix HMR for styles (#14199)
• 9518975 fix(astro): prevent double-prefixed output paths (#14020)
• Additional commits viewable in compare view

Updates @babel/runtime from 7.26.9 to 7.28.3

Release notes

Sourced from @​babel/runtime's releases.

v7.28.3 (2025-08-14)

👓 Spec Compliance

• babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-transform-class-static-block, babel-preset-env
  • #17443 [static blocks] Do not inject new static fields after static code (@​nicolo-ribaudo)

🐛 Bug Fix

• babel-parser
  • #17465 fix(parser/typescript): parse import("./a", {with:{},}) (@​easrng)
  • #17478 fix(parser): stop subscript parsing on async arrow (@​JLHwung)

💅 Polish

• babel-plugin-transform-regenerator, babel-plugin-transform-runtime
  • #17363 Do not save last yield in call in temp var (@​nicolo-ribaudo)

📝 Documentation

• #17448 move eslint-{parser,plugin} docs to the website (@​JLHwung)

🏠 Internal

• #17454 Enable type checking for scripts and babel-worker.cjs (@​JLHwung)

🔬 Output optimization

• babel-plugin-proposal-destructuring-private, babel-plugin-proposal-do-expressions
  • #17444 Optimize do expression output (@​JLHwung)

Committers: 5

• Babel Bot (@​babel-bot)
• Huáng Jùnliàng (@​JLHwung)
• Jam Balaya (@​JamBalaya56562)
• Nicolò Ribaudo (@​nicolo-ribaudo)
• easrng (@​easrng)

v7.28.2 (2025-07-24)

Thanks @​souhailaS for your first PR!

🐛 Bug Fix

• babel-types
  • #17445 [babel 7] Make operator param in t.tsTypeOperator optional (@​nicolo-ribaudo)
• babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator, babel-preset-env, babel-runtime-corejs3
  • #17441 fix: regeneratorDefine compatibility with es5 strict mode (@​liuxingbaoyu)

Committers: 4

• Babel Bot (@​babel-bot)
• Nicolò Ribaudo (@​nicolo-ribaudo)
• SOUHAILA SERBOUT (@​souhailaS)
• @​liuxingbaoyu

v7.28.1 (2025-07-12)

... (truncated)

Changelog

Sourced from @​babel/runtime's changelog.

v7.28.3 (2025-08-14)

👓 Spec Compliance

• babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-transform-class-static-block, babel-preset-env
  • #17443 [static blocks] Do not inject new static fields after static code (@​nicolo-ribaudo)

🐛 Bug Fix

• babel-parser
  • #17465 fix(parser/typescript): parse import("./a", {with:{},}) (@​easrng)
  • #17478 fix(parser): stop subscript parsing on async arrow (@​JLHwung)

💅 Polish

• babel-plugin-transform-regenerator, babel-plugin-transform-runtime
  • #17363 Do not save last yield in call in temp var (@​nicolo-ribaudo)

📝 Documentation

• #17448 move eslint-{parser,plugin} docs to the website (@​JLHwung)

🏠 Internal

• #17454 Enable type checking for scripts and babel-worker.cjs (@​JLHwung)

🔬 Output optimization

• babel-plugin-proposal-destructuring-private, babel-plugin-proposal-do-expressions
  • #17444 Optimize do expression output (@​JLHwung)

v7.28.2 (2025-07-24)

🐛 Bug Fix

• babel-types
  • #17445 [babel 7] Make operator param in t.tsTypeOperator optional (@​nicolo-ribaudo)
• babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator, babel-preset-env, babel-runtime-corejs3
  • #17441 fix: regeneratorDefine compatibility with es5 strict mode (@​liuxingbaoyu)

v7.28.1 (2025-07-12)

🐛 Bug Fix

• babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator
  • #17426 fix: regenerator correctly handles throw outside of try (@​liuxingbaoyu)

📝 Documentation

• babel-types
  • #17422 Add missing FunctionParameter docs (@​JLHwung)

↩️ Revert

• babel-plugin-proposal-destructuring-private, babel-plugin-proposal-do-expressions, babel-types
  • #17432 Do not mark OptionalMemberExpresion as LVal (@​JLHwung)

v7.28.0 (2025-07-02)

🚀 New Feature

• babel-node
  • #17147 Support top level await in node repl (@​liuxingbaoyu)
• babel-types

... (truncated)

Commits

• ef155f5 v7.28.3
• cac0ff4 v7.28.2
• f68ac51 chore: Avoid CITGM errors (#17382)
• baa4cb8 v7.27.6
• 7d06930 v7.27.4
• 5b9468d Reduce regenerator size more (#17287)
• cb78b5b [babel 8] Do not replace global regeneratorRuntime references in regenerato...
• a0690e3 Split regeneratorRuntime into multiple helpers (#17238)
• da5e371 v7.27.3
• eebd3a0 v7.27.1
• Additional commits viewable in compare view

Updates tar-fs from 2.1.2 to 2.1.3

Commits

• 4b7e868 2.1.3
• 266194b hardlink tweak from main
• See full diff in compare view

Updates vite from 6.2.1 to 6.3.5

Release notes

Sourced from vite's releases.

v6.3.5

Please refer to CHANGELOG.md for details.

v6.3.4

Please refer to CHANGELOG.md for details.

v6.3.3

Please refer to CHANGELOG.md for details.

v6.3.2

Please refer to CHANGELOG.md for details.

[email protected]

Please refer to CHANGELOG.md for details.

v6.3.1

Please refer to CHANGELOG.md for details.

[email protected]

Please refer to CHANGELOG.md for details.

v6.3.0

Please refer to CHANGELOG.md for details.

v6.3.0-beta.2

Please refer to CHANGELOG.md for details.

v6.3.0-beta.1

Please refer to CHANGELOG.md for details.

v6.3.0-beta.0

Please refer to CHANGELOG.md for details.

v6.2.7

Please refer to CHANGELOG.md for details.

v6.2.6

Please refer to CHANGELOG.md for details.

v6.2.5

Please refer to CHANGELOG.md for details.

v6.2.4

Please refer to CHANGELOG.md for details.

v6.2.3

Please refer to CHANGELOG.md for details.

v6.2.2

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

6.3.5 (2025-05-05)

Bug Fixes

• ssr: handle uninitialized export access as undefined (#19959) (fd38d07)

6.3.4 (2025-04-30)

Bug Fixes

• check static serve file inside sirv (#19965) (c22c43d)
• optimizer: return plain object when using require to import externals in optimized dependencies (#19940) (efc5eab)

Code Refactoring

• remove duplicate plugin context type (#19935) (d6d01c2)

6.3.3 (2025-04-24)

Bug Fixes

• assets: ensure ?no-inline is not included in the asset url in the production environment (#19496) (16a73c0)
• css: resolve relative imports in sass properly on Windows (#19920) (ffab442)
• deps: update all non-major dependencies (#19899) (a4b500e)
• ignore malformed uris in tranform middleware (#19853) (e4d5201)
• ssr: fix execution order of re-export (#19841) (ed29dee)
• ssr: fix live binding of default export declaration and hoist exports getter (#19842) (80a91ff)

Performance Improvements

• skip sourcemap generation for renderChunk hook of import-analysis-build plugin (#19921) (55cfd04)

Tests

• ssr: test ssrTransform re-export deps and test stacktrace with first line (#19629) (9399cda)

6.3.2 (2025-04-18)

Features

• css: improve lightningcss messages (#19880) (c713f79)

Bug Fixes

• css: respect css.lightningcss option in css minification process (#19879) (b5055e0)
• deps: update all non-major dependencies (#19698) (bab4cb9)
• match default asserts case insensitive (#19852) (cbdab1d)
• open first url if host does not match any urls (#19886) (6abbdce)

6.3.1 (2025-04-17)

Bug Fixes

• avoid using Promise.allSettled in preload function (#19805) (35c7f35)
• backward compat for internal plugin transform calls (#19878) (a152b7c)

... (truncated)

Commits

• 84e4647 release: v6.3.5
• fd38d07 fix(ssr): handle uninitialized export access as undefined (#19959)
• b040d54 release: v6.3.4
• c22c43d fix: check static serve file inside sirv (#19965)
• efc5eab fix(optimizer): return plain object when using require to import externals ...
• d6d01c2 refactor: remove duplicate plugin context type (#19935)
• db9eb97 release: v6.3.3
• e4d5201 fix: ignore malformed uris in tranform middleware (#19853)
• 55cfd04 perf: skip sourcemap generation for renderChunk hook of import-analysis-build...
• ffab442 fix(css): resolve relative imports in sass properly on Windows (#19920)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Join our Discord community for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Status, Documentation and Community

• Visit our Status Page to check the current availability of CodeRabbit.
• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.