[Docs Site] bump the non-major group with 18 updates

[dependabot]

Bumps the non-major group with 18 updates:

Package	From	To
@astrojs/mdx	5.0.4	5.0.6
@astrojs/react	5.0.4	5.0.5
@base-ui/react	1.4.1	1.5.0
@cloudflare/vitest-pool-workers	0.16.4	0.16.7
@cloudflare/workers-types	4.20260511.1	4.20260520.1
@types/node	25.7.0	25.9.1
@typescript-eslint/parser	8.59.3	8.59.4
agents	0.12.3	0.13.0
astro	6.3.1	6.3.5
cidr-tools	12.0.0	12.0.1
date-fns	4.1.0	4.2.1
just-bash	3.0.0	3.0.1
marked	18.0.3	18.0.4
rulesync	8.16.0	8.18.0
starlight-image-zoom	0.14.1	0.14.2
tsx	4.21.0	4.22.3
typescript-eslint	8.59.3	8.59.4
wrangler	4.92.0	4.93.0

Updates @astrojs/mdx from 5.0.4 to 5.0.6

Release notes

Sourced from @​astrojs/mdx's releases.

@​astrojs/mdx@​5.0.6

Patch Changes

• #16579 49e10e3 Thanks @​igor-koop! - Fixes an issue where the smartypants option was ignored.

@​astrojs/mdx@​5.0.5

Patch Changes

• Updated dependencies [9256345]:
  • @​astrojs/markdown-remark@​7.1.2

Changelog

Sourced from @​astrojs/mdx's changelog.

5.0.6

Patch Changes

• #16579 49e10e3 Thanks @​igor-koop! - Fixes an issue where the smartypants option was ignored.

5.0.5

Patch Changes

• Updated dependencies [9256345]:
  • @​astrojs/markdown-remark@​7.1.2

Commits

• 5ec95d0 [ci] release (#16736)
• 0f868b0 chore: remove redundant server assertions (#16721)
• 49e10e3 fix(mdx): support smartypants option objects (#16579)
• e345bcd [ci] release (#16653)
• 5a8cd09 refactor: update tsconfig to use TypeScript project references (#16505)
• 28fb3e1 feat: experimental logger (#16477)
• 5c543c5 refactor(astro): add internal entry points for test (#16473)
• f1fb559 refactor(astro): migrate test helpers to TypeScript (#16474)
• See full diff in compare view

Updates @astrojs/react from 5.0.4 to 5.0.5

Release notes

Sourced from @​astrojs/react's releases.

@​astrojs/react@​5.0.5

Patch Changes

• Updated dependencies [d365c97]:
  • @​astrojs/internal-helpers@​0.9.1

Changelog

Sourced from @​astrojs/react's changelog.

5.0.5

Patch Changes

• Updated dependencies [d365c97]:
  • @​astrojs/internal-helpers@​0.9.1

Commits

• e345bcd [ci] release (#16653)
• 5a8cd09 refactor: update tsconfig to use TypeScript project references (#16505)
• 5c543c5 refactor(astro): add internal entry points for test (#16473)
• See full diff in compare view

Updates @base-ui/react from 1.4.1 to 1.5.0

Release notes

Sourced from @​base-ui/react's releases.

v1.5.0

General changes

• Improve mount performance with interaction splitting, including closed popup mount performance by up to 50% and unmounting performance by up to 85% (#4661) by @​atomiks
• Use local document for virtual arrow (#4662) by @​lyzno1
• Fix macOS Safari and Firefox minimizing fullscreen when closing popups with Esc (#4695) by @​arturbien
• Drop unnecessary memoization (#4693) by @​flaviendelangle
• Do not use Math.random() in useStableCallback() (#4732) by @​michaldudak
• Fix return focus when reference disconnects (#4655) by @​atomiks
• Don't steal initial focus if focus already moved inside a popup (#4775) by @​stefee

Alert Dialog

• Fix handle defaults (#4834) by @​atomiks

Autocomplete

• Fix native FormData for popup inputs (#4725) by @​lunaxislu

Checkbox

• Submit the associated form when pressing Enter (#4713) by @​michaldudak

Combobox

• Expose clear visibility state (#4664) by @​atomiks
• Fix popup input form submit (#4687) by @​atomiks
• Preserve closeQuery when closing multiple input-inside-popup combobox (#4715) by @​mj12albert
• Fix RTL component behavior (#4840) by @​atomiks
• Ignore hidden-input changes while readonly or disabled (#4810) by @​lunaxislu

Dialog

• Consider the controlled open prop for open state detection (#4712) by @​michaldudak

Drawer

• Forward style prop in <Drawer.Viewport> (#4841) by @​atomiks

Field

• Avoid flushSync during validation (#4685) by @​atomiks

Form

• Avoid flushSync during validation (#4685) by @​atomiks

Menu

• Fix submenu pointer-events scope for keepMounted portals (#4723) by @​twillhorn

... (truncated)

Changelog

Sourced from @​base-ui/react's changelog.

v1.5.0

May 19, 2026

General changes

• Improve mount performance with interaction splitting, including closed popup mount performance by up to 50% and unmounting performance by up to 85% (#4661) by @​atomiks
• Use local document for virtual arrow (#4662) by @​lyzno1
• Fix macOS Safari and Firefox minimizing fullscreen when closing popups with Esc (#4695) by @​arturbien
• Drop unnecessary memoization (#4693) by @​flaviendelangle
• Do not use Math.random() in useStableCallback() (#4732) by @​michaldudak
• Fix return focus when reference disconnects (#4655) by @​atomiks
• Don't steal initial focus if focus already moved inside a popup (#4775) by @​stefee

Alert Dialog

• Fix handle defaults (#4834) by @​atomiks

Autocomplete

• Fix native FormData for popup inputs (#4725) by @​lunaxislu

Checkbox

• Submit the associated form when pressing Enter (#4713) by @​michaldudak

Combobox

• Expose clear visibility state (#4664) by @​atomiks
• Fix popup input form submit (#4687) by @​atomiks
• Preserve closeQuery when closing multiple input-inside-popup combobox (#4715) by @​mj12albert
• Fix RTL component behavior (#4840) by @​atomiks
• Ignore hidden-input changes while readonly or disabled (#4810) by @​lunaxislu

Dialog

• Consider the controlled open prop for open state detection (#4712) by @​michaldudak

Drawer

• Forward style prop in <Drawer.Viewport> (#4841) by @​atomiks

Field

• Avoid flushSync during validation (#4685) by @​atomiks

Form

• Avoid flushSync during validation (#4685) by @​atomiks

... (truncated)

Commits

• 2fdf1b0 [release] v1.5.0 (#4850)
• 8535638 [otp field] Fix vertical arrow slot navigation (#4844)
• 09ce83b [alert dialog] Fix handle defaults (#4834)
• 5e0f3e7 [menu] Support group labels in radio groups (#4826)
• 8db1aa9 [otp field] Fix RTL arrow navigation (#4847)
• ccb4b30 [otp field] Compose normalizeValue with validation (#4717)
• ad99b44 [direction provider] Fix RTL component behavior (#4840)
• 5579e7f [drawer] Forward style prop in \<Drawer.Viewport> (#4841)
• 8170336 [navigation menu] Fix keepMounted content sizing (#4817)
• 4a339d0 [otp field] Prevent locked hidden autofill validation (#4827)
• Additional commits viewable in compare view

Updates @cloudflare/vitest-pool-workers from 0.16.4 to 0.16.7

Release notes

Sourced from @​cloudflare/vitest-pool-workers's releases.

@​cloudflare/vitest-pool-workers@​0.16.7

Patch Changes

• #13961 2cb658c Thanks @​threepointone! - Preserve same-stub RPC call order for wrapped Worker and Durable Object entrypoints

  Previously, dynamically wrapped RPC methods could resolve and invoke out of order when many calls were fired without awaiting each individual call. This now queues method resolution per wrapper instance so calls begin in the order they were received.

• Updated dependencies [aac7ca0, b25dc0d, ae047ee, a4f22bc, f78d435, aac7ca0, c5c9e20, ebf4b24, b27eb18, 895baf5, 7bcdf45]:

  • wrangler@4.93.0
  • miniflare@4.20260518.0

@​cloudflare/vitest-pool-workers@​0.16.6

Patch Changes

• #13833 0e4a830 Thanks @​thegeekasteroid! - Filter benign disconnected: WebSocket peer disconnected workerd stderr noise during test runs.

  The ignoreMessages array in the pool already filters several benign workerd disconnect messages (e.g. disconnected: WebSocket was aborted). On recent workerd versions, tests that exercise the WebSocket API also surface disconnected: WebSocket peer disconnected warnings during normal teardown. These are not user-actionable and obscure real test failures. Add the message to the existing filter alongside the other disconnected: entries.

• Updated dependencies [19ed49a, 3ff0a50, bf688f7, 2e72c83, 802eaf4, 506aa02, 8f5cdb1, be8a98c]:

  • miniflare@4.20260515.0
  • wrangler@4.92.0

@​cloudflare/vitest-pool-workers@​0.16.5

Patch Changes

• Updated dependencies [d4794a8, 58b4403, 4352f87, a9e6741, da664d5, bdc398c, f781a2b, 1420f10, c8be316]:
  • wrangler@4.91.0
  • miniflare@4.20260511.0

Changelog

Sourced from @​cloudflare/vitest-pool-workers's changelog.

0.16.7

Patch Changes

• #13961 2cb658c Thanks @​threepointone! - Preserve same-stub RPC call order for wrapped Worker and Durable Object entrypoints

  Previously, dynamically wrapped RPC methods could resolve and invoke out of order when many calls were fired without awaiting each individual call. This now queues method resolution per wrapper instance so calls begin in the order they were received.

• Updated dependencies [aac7ca0, b25dc0d, ae047ee, a4f22bc, f78d435, aac7ca0, c5c9e20, ebf4b24, b27eb18, 895baf5, 7bcdf45]:

  • wrangler@4.93.0
  • miniflare@4.20260518.0

0.16.6

Patch Changes

• #13833 0e4a830 Thanks @​thegeekasteroid! - Filter benign disconnected: WebSocket peer disconnected workerd stderr noise during test runs.

  The ignoreMessages array in the pool already filters several benign workerd disconnect messages (e.g. disconnected: WebSocket was aborted). On recent workerd versions, tests that exercise the WebSocket API also surface disconnected: WebSocket peer disconnected warnings during normal teardown. These are not user-actionable and obscure real test failures. Add the message to the existing filter alongside the other disconnected: entries.

• Updated dependencies [19ed49a, 3ff0a50, bf688f7, 2e72c83, 802eaf4, 506aa02, 8f5cdb1, be8a98c]:

  • miniflare@4.20260515.0
  • wrangler@4.92.0

0.16.5

Patch Changes

• Updated dependencies [d4794a8, 58b4403, 4352f87, a9e6741, da664d5, bdc398c, f781a2b, 1420f10, c8be316]:
  • wrangler@4.91.0
  • miniflare@4.20260511.0

Commits

• ee8857f Version Packages (#13931)
• 2cb658c [vitest-pool-workers] Preserve wrapped RPC call ordering (#13961)
• a3fa623 Version Packages (#13918)
• 0e4a830 fix(vitest-pool-workers): filter benign "WebSocket peer disconnected" workerd...
• adbf8cb Version Packages (#13895)
• See full diff in compare view

Updates @cloudflare/workers-types from 4.20260511.1 to 4.20260520.1

Commits

• See full diff in compare view

Updates @types/node from 25.7.0 to 25.9.1

Commits

• See full diff in compare view

Updates @typescript-eslint/parser from 8.59.3 to 8.59.4

Release notes

Sourced from @​typescript-eslint/parser's releases.

v8.59.4

8.59.4 (2026-05-18)

🩹 Fixes

• eslint-plugin: [no-floating-promises] stack overflow when using recursive types (#12294)
• project-service: throw error cause in getParsedConfigFileFromTSServer (#12321)
• typescript-eslint: export Compatible* types from typescript-eslint to resolve pnpm TS error (#12340)

❤️ Thank You

• Evyatar Daud @​StyleShit
• Kirk Waiblinger @​kirkwaiblinger
• lumir

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/parser's changelog.

8.59.4 (2026-05-18)

This was a version bump only for parser to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Commits

• ca6ca14 chore(release): publish 8.59.4
• See full diff in compare view

Updates agents from 0.12.3 to 0.13.0

Release notes

Sourced from agents's releases.

agents@0.13.0

Minor Changes

• #1297 d151e6d Thanks @​mattzcarey! - Add experimental Postgres-backed session, context, and search providers for external session storage via Hyperdrive-compatible pg clients.

  Session APIs now consistently return promises so callers can use the same surface with local SQLite or external storage providers. Think's session integration has been updated for the async session API, including cache-aware handling for idempotent appends and compaction overlays.

Patch Changes

• #1532 0a2d6df Thanks @​threepointone! - Revert the Streamable HTTP server-to-client MCP routing change from PR #1514, which routed related messages such as elicitation requests over the originating POST response when no standalone SSE stream was open.

• #1546 c935d7c Thanks @​threepointone! - Fix nested sub-agent bootstrap so facet parents do not need to be bound as top-level Durable Object namespaces.

• #1533 8f699fe Thanks @​mattzcarey! - McpAgent.elicitInput now accepts an optional options.relatedRequestId, forwarded to the underlying transport so the elicitation request routes through the originating POST response stream per the Streamable HTTP spec. Callers should pass { relatedRequestId: extra.requestId } from inside a tool handler.

• #1548 ce2af34 Thanks @​threepointone! - Allow parentAgent() to resolve facet-only direct parents through a root RPC bridge.

agents@0.12.4

Patch Changes

• #1376 6561a3f Thanks @​hrushikeshdeshpande! - Avoid throwing when chat stream resume negotiation/replay races with a closed WebSocket connection.

• #1509 4aa4176 Thanks @​threepointone! - Prevent duplicate initial state frames during Agent WebSocket connection setup so client-originated state updates are not overwritten by stale initial state messages.

• #1476 3c48858 Thanks @​whoiskatrin! - Fixed a bug that could cause client state to drift from internal Durable Object state when agent tool calls spanned a Durable Object restart. Recovery now defers user finish hooks until after agent startup and isolates hook failures so one failed mirror write does not block other recovered runs from finalizing.

• #1514 0371a6f Thanks @​threepointone! - Route streamable HTTP server-to-client requests through the originating POST stream when no standalone SSE stream is available.

• #1500 7090e9e Thanks @​threepointone! - Preserve structured tool output shapes when truncating older messages or oversized persisted rows, preventing custom toModelOutput handlers from crashing or mis-replaying compacted results.

  Also harden Think's workspace read tool so legacy raw-string read outputs replay as text instead of stalling subsequent turns.

• #1504 5d27b71 Thanks @​threepointone! - Prune stale sub-agent schedule rows when their owning facet registry entry no longer exists.

• #1503 7b8ab51 Thanks @​threepointone! - Bump PartyServer to pick up transient Durable Object routing retries and expose routingRetry configuration through getAgentByName.

Changelog

Sourced from agents's changelog.

0.13.0

Minor Changes

• #1297 d151e6d Thanks @​mattzcarey! - Add experimental Postgres-backed session, context, and search providers for external session storage via Hyperdrive-compatible pg clients.

  Session APIs now consistently return promises so callers can use the same surface with local SQLite or external storage providers. Think's session integration has been updated for the async session API, including cache-aware handling for idempotent appends and compaction overlays.

Patch Changes

• #1532 0a2d6df Thanks @​threepointone! - Revert the Streamable HTTP server-to-client MCP routing change from PR #1514, which routed related messages such as elicitation requests over the originating POST response when no standalone SSE stream was open.

• #1546 c935d7c Thanks @​threepointone! - Fix nested sub-agent bootstrap so facet parents do not need to be bound as top-level Durable Object namespaces.

• #1533 8f699fe Thanks @​mattzcarey! - McpAgent.elicitInput now accepts an optional options.relatedRequestId, forwarded to the underlying transport so the elicitation request routes through the originating POST response stream per the Streamable HTTP spec. Callers should pass { relatedRequestId: extra.requestId } from inside a tool handler.

• #1548 ce2af34 Thanks @​threepointone! - Allow parentAgent() to resolve facet-only direct parents through a root RPC bridge.

0.12.4

Patch Changes

• #1376 6561a3f Thanks @​hrushikeshdeshpande! - Avoid throwing when chat stream resume negotiation/replay races with a closed WebSocket connection.

• #1509 4aa4176 Thanks @​threepointone! - Prevent duplicate initial state frames during Agent WebSocket connection setup so client-originated state updates are not overwritten by stale initial state messages.

• #1476 3c48858 Thanks @​whoiskatrin! - Fixed a bug that could cause client state to drift from internal Durable Object state when agent tool calls spanned a Durable Object restart. Recovery now defers user finish hooks until after agent startup and isolates hook failures so one failed mirror write does not block other recovered runs from finalizing.

• #1514 0371a6f Thanks @​threepointone! - Route streamable HTTP server-to-client requests through the originating POST stream when no standalone SSE stream is available.

• #1500 7090e9e Thanks @​threepointone! - Preserve structured tool output shapes when truncating older messages or oversized persisted rows, preventing custom toModelOutput handlers from crashing or mis-replaying compacted results.

  Also harden Think's workspace read tool so legacy raw-string read outputs replay as text instead of stalling subsequent turns.

• #1504 5d27b71 Thanks @​threepointone! - Prune stale sub-agent schedule rows when their owning facet registry entry no longer exists.

• #1503 7b8ab51 Thanks @​threepointone! - Bump PartyServer to pick up transient Durable Object routing retries and expose routingRetry configuration through getAgentByName.

Commits

• c043469 Version Packages (#1534)
• c4ed558 Bump deps and add accessibility labels
• f59ceca fix: correct broken relative doc links in packages/agents/README.md (#1552)
• d151e6d feat(experimental): Postgres session providers with Hyperdrive support (#1297)
• f739ec9 refactor(codemode): dispatch all tool calls positionally (#1547)
• ce2af34 Fix parentAgent for facet-only parents (#1548)
• c935d7c fix: bootstrap nested sub-agents from root namespace (#1546)
• 8f699fe fix(mcp): forward relatedRequestId through McpAgent.elicitInput (#1533)
• 0a2d6df Revert MCP POST routing and restore server examples (#1532)
• 16c8f11 chore(qol): speed up typechecking (#1524)
• Additional commits viewable in compare view

Updates astro from 6.3.1 to 6.3.5

Release notes

Sourced from astro's releases.

astro@6.3.5

Patch Changes

• #16771 07c8805 Thanks @​ematipico! - Fixes position prop on <Image> and <Picture> components breaking Content Security Policy (CSP).

• #16593 50924ce Thanks @​yanthomasdev! - Improves error messages with more consistent and correct writing.

• #16757 5d661cd Thanks @​astrobot-houston! - Fixes dev server serving stale content when SSR-only modules change (e.g. .astro files outside the project root in a monorepo, or dynamically imported components).

  Previously, the astro:hmr-reload plugin returned an empty array after detecting SSR-only module changes, which prevented Vite's updateModules from propagating the invalidation to the SSR module runner. The runner's evaluated module cache stayed stale, so subsequent requests continued returning old content.

  Now the plugin returns the SSR-only modules so Vite can process them through updateModules, which properly invalidates the module runner's cache and ensures fresh content on the next request.

astro@6.3.4

Patch Changes

• #16723 0f10bfe Thanks @​matthewp! - Adds fetchFile option to experimental.advancedRouting to customize or disable the entrypoint file

  export default defineConfig({
    experimental: {
      advancedRouting: {
        fetchFile: 'fetch.ts',
      },
    },
  });

• #16723 0f10bfe Thanks @​matthewp! - Fixes Hono cache() middleware to follow the standard wrapper pattern

• #16723 0f10bfe Thanks @​matthewp! - Adds App.Providers interface for typing custom context providers on Astro and ctx

  declare namespace App {
    interface Providers {
      oauth: import('./lib/oauth').OAuthSession;
    }
  }

• #16723 0f10bfe Thanks @​matthewp! - Adds FetchState.response property, set automatically after pages() or middleware() completes

  const response = await middleware(state, (s) => pages(s));
  console.log(state.response === response); // true

• #16723 0f10bfe Thanks @​matthewp! - Adds Fetchable type export for typing the advanced routing entrypoint

... (truncated)

Changelog

Sourced from astro's changelog.

6.3.5

Patch Changes

• #16771 07c8805 Thanks @​ematipico! - Fixes position prop on <Image> and <Picture> components breaking Content Security Policy (CSP).

• #16593 50924ce Thanks @​yanthomasdev! - Improves error messages with more consistent and correct writing.

• #16757 5d661cd Thanks @​astrobot-houston! - Fixes dev server serving stale content when SSR-only modules change (e.g. .astro files outside the project root in a monorepo, or dynamically imported components).

  Previously, the astro:hmr-reload plugin returned an empty array after detecting SSR-only module changes, which prevented Vite's updateModules from propagating the invalidation to the SSR module runner. The runner's evaluated module cache stayed stale, so subsequent requests continued returning old content.

  Now the plugin returns the SSR-only modules so Vite can process them through updateModules, which properly invalidates the module runner's cache and ensures fresh content on the next request.

6.3.4

Patch Changes

• #16723 0f10bfe Thanks @​matthewp! - Adds fetchFile option to experimental.advancedRouting to customize or disable the entrypoint file

  export default defineConfig({
    experimental: {
      advancedRouting: {
        fetchFile: 'fetch.ts',
      },
    },
  });

• #16723 0f10bfe Thanks @​matthewp! - Fixes Hono cache() middleware to follow the standard wrapper pattern

• #16723 0f10bfe Thanks @​matthewp! - Adds App.Providers interface for typing custom context providers on Astro and ctx

  declare namespace App {
    interface Providers {
      oauth: import('./lib/oauth').OAuthSession;
    }
  }

• #16723 0f10bfe Thanks @​matthewp! - Adds FetchState.response property, set automatically after pages() or middleware() completes

  const response = await middleware(state, (s) => pages(s));
  console.log(state.response === response); // true

• #16723 0f10bfe Thanks @​matthewp! - Adds Fetchable type export for typing the advanced routing entrypoint

... (truncated)

Commits

• 5b4122e [ci] release (#16772)
• 5d661cd Fix dev server serving stale content for files outside project root (#16757)
• be5ad21 [ci] format
• 50924ce Overhaul errors for consistency and correctness (#16593)
• 23c0bda [ci] format
• 07c8805 fix: position prop with CSP (#16771)
• 45b7fa9 [ci] release (#16742)
• 67a1016 [ci] format
• 0f10bfe feat: advanced routing types and config gaps (#16723)