chore: bump astro (security)

[ninetailedtori]

security:

• astro => ^5.0.4
• vite => ^8.0.5

update patches:

• content.config.ts
  • use z from zod (astro dep structure shift)
• vitest.config.ts
  • use defineConfig from vitest/config (astro structure shift)

[ninetailedtori]

Gonna fix the astro issue, not sure why it failed if it worked for me on my end, but it might be cached or smth o-o

[sgoudham]

Are there any breaking changes to do with SCSS loading?

[ninetailedtori]

Are there any breaking changes to do with SCSS loading?

Not afaik! That's what's weird to me...

[ninetailedtori]

FOUND IT, my bad, accidentally forgor when I redid the config to astro!

[uncenter]

The Sass issue is a known upstream bug in Astro: withastro/astro#15897, withastro/astro#15942. Is it worth upgrading here and adding this? What is the security vuln that this patches?

[ninetailedtori]

The Sass issue is a known upstream bug in Astro: withastro/astro#15897, withastro/astro#15942. Is it worth upgrading here and adding this? What is the security vuln that this patches?

https://www.mend.io/vulnerability-database/CVE-2026-41067/

[uncenter]

mend.io/vulnerability-database/CVE-2026-41067

I can't find any instances of the relevant <script> tag with define:vars attribute in this repository, so this shouldn't affect us.

[ninetailedtori]

mend.io/vulnerability-database/CVE-2026-41067

I can't find any instances of the relevant <script> tag with define:vars attribute in this repository, so this shouldn't affect us.

I can just bump vite, but it was moreso that if I was gonna bump, we could bump all that had a sec risk. We could separate it though, bump astro later on when the bug is fixed?