Skip to content

chore(deps): bump astro-pagefind from 1.8.5 to 1.8.6#26

Merged
Psycomy merged 1 commit intomainfrom
dependabot/npm_and_yarn/astro-pagefind-1.8.6
Apr 1, 2026
Merged

chore(deps): bump astro-pagefind from 1.8.5 to 1.8.6#26
Psycomy merged 1 commit intomainfrom
dependabot/npm_and_yarn/astro-pagefind-1.8.6

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 30, 2026
edited
Loading

Bumps astro-pagefind from 1.8.5 to 1.8.6.

Release notes

Sourced from astro-pagefind's releases.

v1.8.6

1.8.6 (2026-03-25)

Bug Fixes

  • deps: update astro (72b91c2)
  • deps: update astro (f2882e4)
  • deps: update dependency @​astrojs/vercel to v9 (9992597)
  • deps: update dependency sirv to v3.0.2 (6f3afc6)
  • deps: update pagefind to v1.4.0 (3f1ecb0)
Commits
  • 9e928c7 chore(release): 1.8.6 [skip ci]
  • 20e1538 chore: release action
  • 3a03974 chore: update astro peer version
  • b02c55f chore(deps): update astro
  • a0a7631 chore(deps): update pnpm/action-setup action to v5
  • 3bc1a5f chore(deps): update devdependencies
  • 3519876 chore(deps): update astro
  • 7b63a0d chore(deps): lock file maintenance
  • 72b91c2 fix(deps): update astro
  • 04faaf6 chore(deps): update devdependencies
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for astro-pagefind since your current version.

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot bot commented on behalf of github Mar 30, 2026

Labels

The following labels could not be found: dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@cloudflare-workers-and-pages
Copy link
Copy Markdown

cloudflare-workers-and-pages bot commented Mar 30, 2026
edited
Loading

Deploying with  Cloudflare Workers  Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status Name Latest Commit Preview URL Updated (UTC)
✅ Deployment successful!
View logs		 tengoping-com caca323 Commit Preview URL

Branch Preview URL		 Apr 01 2026, 02:22 PM

Psycomy added a commit that referenced this pull request Apr 1, 2026
@Psycomy @claude
fix: patch prod security vulnerabilities via npm audit fix
ace7263 
Fixes 3 production vulnerabilities detected by CI:
- picomatch ≤2.3.1/4.0.0-4.0.3 (high): ReDoS + Method Injection
- smol-toml <1.6.1 (moderate): DoS via TOML
- yaml 2.0.0-2.8.2 (moderate): Stack Overflow

Only package-lock.json updated (transitive dep bumps, no direct dep changes).
Unblocks 4 pending Dependabot PRs (#23, #24, #25, #26).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@Psycomy
Copy link
Copy Markdown
Owner

Psycomy commented Apr 1, 2026

@dependabot rebase

@dependabot
chore(deps): bump astro-pagefind from 1.8.5 to 1.8.6
caca323 
Bumps [astro-pagefind](https://github.com/shishkin/astro-pagefind) from 1.8.5 to 1.8.6.
- [Release notes](https://github.com/shishkin/astro-pagefind/releases)
- [Commits](shishkin/astro-pagefind@v1.8.5...v1.8.6)

---
updated-dependencies:
- dependency-name: astro-pagefind
  dependency-version: 1.8.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/astro-pagefind-1.8.6 branch from 6583a1f to caca323 Compare April 1, 2026 14:19
@Psycomy Psycomy merged commit 1c69bd5 into main Apr 1, 2026
2 checks passed
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/astro-pagefind-1.8.6 branch April 1, 2026 14:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Psycomy