chore(astro): Update dependency astro to ^5.15.3

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
astro (source)	^5.14.8 -> ^5.15.3

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

withastro/astro (astro)

v5.15.3

Compare Source

Patch Changes

• #​14627 b368de0 Thanks @​matthewp! - Fixes skew protection support for images and font URLs

  Adapter-level query parameters (assetQueryParams) are now applied to all image and font asset URLs, including:

  • Dynamic optimized images via /_image endpoint
  • Static optimized image files
  • Font preload tags and font requests when using the experimental Fonts API

• #​14631 3ad33f9 Thanks @​KurtGokhan! - Adds the astro/jsx-dev-runtime export as an alias for astro/jsx-runtime

v5.15.2

Compare Source

Patch Changes

• #​14623 c5fe295 Thanks @​delucis! - Fixes a leak of server runtime code when importing SVGs in client-side code. Previously, when importing an SVG file in client code, Astro could end up adding code for rendering SVGs on the server to the client bundle.

• #​14621 e3175d9 Thanks @​GameRoMan! - Updates vite version to fix CVE

---

Configuration

📅 Schedule: Branch creation - "before 7am on the first day of the week" in timezone GMT, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 9f1660f

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

1 Skipped Deployment

Project	Deployment	Preview	Comments	Updated (UTC)
clerk-js-sandbox	Skipped			Nov 9, 2025 2:41am

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[pkg-pr-new]

Open in StackBlitz

@clerk/agent-toolkit

npm i https://pkg.pr.new/@clerk/agent-toolkit@7180

@clerk/astro

npm i https://pkg.pr.new/@clerk/astro@7180

@clerk/backend

npm i https://pkg.pr.new/@clerk/backend@7180

@clerk/chrome-extension

npm i https://pkg.pr.new/@clerk/chrome-extension@7180

@clerk/clerk-js

npm i https://pkg.pr.new/@clerk/clerk-js@7180

@clerk/dev-cli

npm i https://pkg.pr.new/@clerk/dev-cli@7180

@clerk/elements

npm i https://pkg.pr.new/@clerk/elements@7180

@clerk/clerk-expo

npm i https://pkg.pr.new/@clerk/clerk-expo@7180

@clerk/expo-passkeys

npm i https://pkg.pr.new/@clerk/expo-passkeys@7180

@clerk/express

npm i https://pkg.pr.new/@clerk/express@7180

@clerk/fastify

npm i https://pkg.pr.new/@clerk/fastify@7180

@clerk/localizations

npm i https://pkg.pr.new/@clerk/localizations@7180

@clerk/nextjs

npm i https://pkg.pr.new/@clerk/nextjs@7180

@clerk/nuxt

npm i https://pkg.pr.new/@clerk/nuxt@7180

@clerk/clerk-react

npm i https://pkg.pr.new/@clerk/clerk-react@7180

@clerk/react-router

npm i https://pkg.pr.new/@clerk/react-router@7180

@clerk/remix

npm i https://pkg.pr.new/@clerk/remix@7180

@clerk/shared

npm i https://pkg.pr.new/@clerk/shared@7180

@clerk/tanstack-react-start

npm i https://pkg.pr.new/@clerk/tanstack-react-start@7180

@clerk/testing

npm i https://pkg.pr.new/@clerk/testing@7180

@clerk/themes

npm i https://pkg.pr.new/@clerk/themes@7180

@clerk/types

npm i https://pkg.pr.new/@clerk/types@7180

@clerk/upgrade

npm i https://pkg.pr.new/@clerk/upgrade@7180

@clerk/vue

npm i https://pkg.pr.new/@clerk/vue@7180

commit: 9f1660f

[blacksmith-sh]

Found 7 test failures on Blacksmith runners:

Test	View Logs
[chrome] › integration/tests/ handshake.test.ts:1304:9 › Client handshake with organization activation @nextjs › Acti ve session, org A active in session, but org B is requested by ID => attempts to activate org B	View Logs
[chrome] › integration/tests/ session-tasks-multi-session.test.ts:33:9 › session tasks multi-session flow @nextjs › l ong-running--next.appRouter.withSessionTasks › when switching sessions, navigate to tas k	View Logs
[chrome] › integration/tests/ sign-in-flow.test.ts:137:7 › sign in flow @generic @nextjs › long-running--next.appRout er.withEmailCodes › cannot sign in with wrong password but can sign in with email	View Logs
[chrome] › integration/tests/ sign-in-flow.test.ts:26:7 › sign in flow @generic @nextjs › long-running--next.appRoute r.withEmailCodes › sign in with email and password	View Logs
[chrome] › integration/tests/ sign-in-or-up-flow.test.ts:29:9 › sign-in-or-up flow @nextjs › long-running--next.appRo uter.withSignInOrUpFlow › sign-in › flows are combined	View Logs
[chrome] › integration/tests/ sign-in-or-up-flow.test.ts:88:9 › sign-in-or-up flow @nextjs › long-running--next.appRo uter.withSignInOrUpFlow › sign-in › sign in only with phone number	View Logs
[chrome] › integration/tests/ unsafeMetadata.test.ts:13:7 › unsafeMetadata @nextjs › long-running--next.appRouter.wit hEmailCodes › sign up persists unsafeMetadata	View Logs