Bump the minor group across 5 directories with 8 updates

[dependabot]

Bumps the minor group with 8 updates in the / directory:

Package	From	To
@changesets/get-github-info	0.7.0	0.8.0
gunshi	0.28.2	0.29.3
@modelcontextprotocol/sdk	1.20.2	1.27.1
agents	0.2.35	0.8.0
@astrojs/starlight	0.37.7	0.38.2
astro-og-canvas	0.7.2	0.10.1
canvaskit-wasm	0.40.0	0.41.0
starlight-llms-txt	0.6.1	0.8.0

Bumps the minor group with 1 update in the /packages/changeset-changelog directory: @changesets/get-github-info.
Bumps the minor group with 1 update in the /packages/varlock directory: gunshi.
Bumps the minor group with 2 updates in the /packages/varlock-docs-mcp directory: @modelcontextprotocol/sdk and agents.
Bumps the minor group with 4 updates in the /packages/varlock-website directory: @astrojs/starlight, astro-og-canvas, canvaskit-wasm and starlight-llms-txt.

Updates @changesets/get-github-info from 0.7.0 to 0.8.0

Release notes

Sourced from @​changesets/get-github-info's releases.

@​changesets/get-github-info@​0.8.0

Minor Changes

• #1758 e462d89 Thanks @​jdeniau! - Add scopes automatically in the GitHub new token link in the printed error message

Patch Changes

• #1781 d4b8ad8 Thanks @​bluwy! - Improve error messages when fail to fetch data from GitHub

Commits

• See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​changesets/get-github-info since your current version.

Updates gunshi from 0.28.2 to 0.29.3

Release notes

Sourced from gunshi's releases.

v0.29.3

Full Changelog: kazupon/gunshi@v0.29.2...v0.29.3

v0.29.2

Full Changelog: kazupon/gunshi@v0.29.1...v0.29.2

v0.29.1

Full Changelog: kazupon/gunshi@v0.29.0...v0.29.1

v0.29.0

What's Changed

🌟 Features

• feat(gunshi): support parser combinators for argment schema (experimental) by @​kazupon in kazupon/gunshi#496

Full Changelog: kazupon/gunshi@v0.28.2...v0.29.0

Changelog

Sourced from gunshi's changelog.

v0.29.3 (2026-03-11T08:53:31Z)

This changelog is generated by GitHub Releases

Full Changelog: kazupon/gunshi@v0.29.2...v0.29.3

v0.29.2 (2026-02-21T14:05:58Z)

This changelog is generated by GitHub Releases

Full Changelog: kazupon/gunshi@v0.29.1...v0.29.2

v0.29.1 (2026-02-21T14:00:47Z)

This changelog is generated by GitHub Releases

Full Changelog: kazupon/gunshi@v0.29.0...v0.29.1

v0.29.0 (2026-02-21T13:53:41Z)

This changelog is generated by GitHub Releases

What's Changed

🌟 Features

• feat(gunshi): support parser combinators for argment schema (experimental) by @​kazupon in kazupon/gunshi#496

Full Changelog: kazupon/gunshi@v0.28.2...v0.29.0

Commits

• c90a2a3 release: v0.29.3
• 3b4277b chore: bump deps
• b4ea0b2 release: v0.29.2
• f165be2 release: v0.29.1
• 9e3341b release: v0.29.0
• a95db15 feat(gunshi): support parser combinators for argment schema (experimental) (#...
• See full diff in compare view

Updates @modelcontextprotocol/sdk from 1.20.2 to 1.27.1

Release notes

Sourced from @​modelcontextprotocol/sdk's releases.

v1.27.1

What's Changed

• feat: implement auth/pre-registration conformance scenario by @​felixweinberger in modelcontextprotocol/typescript-sdk#1545
• docs: add governance documentation for SEP-1730 by @​felixweinberger in modelcontextprotocol/typescript-sdk#1547
• docs: comprehensive feature documentation for SEP-1730 Tier 1 by @​felixweinberger in modelcontextprotocol/typescript-sdk#1548
• fix: prevent command injection in example URL opening (v1.x backport) by @​maxisbey in modelcontextprotocol/typescript-sdk#1579
• fix: call onerror for silently swallowed transport errors by @​qing-ant in modelcontextprotocol/typescript-sdk#1580
• chore: bump version to 1.27.1 by @​felixweinberger in modelcontextprotocol/typescript-sdk#1581

New Contributors

• @​qing-ant made their first contribution in modelcontextprotocol/typescript-sdk#1580

Full Changelog: modelcontextprotocol/typescript-sdk@v1.27.0...v1.27.1

v1.27.0

What's Changed

• feat: add conformance test infrastructure for v1.x by @​felixweinberger in modelcontextprotocol/typescript-sdk#1518
• feat: backport discoverOAuthServerInfo() and discovery caching to v1.x by @​felixweinberger in modelcontextprotocol/typescript-sdk#1533
• feat: add url property to RequestInfo interface by @​valentinbeggi in modelcontextprotocol/typescript-sdk#1353
• [v1.x] feat(tasks): add streaming methods for elicitation and sampling by @​LucaButBoring in modelcontextprotocol/typescript-sdk#1528
• chore: bump version for v1.27.0 by @​felixweinberger in modelcontextprotocol/typescript-sdk#1541

New Contributors

• @​valentinbeggi made their first contribution in modelcontextprotocol/typescript-sdk#1353

Full Changelog: modelcontextprotocol/typescript-sdk@v1.26.0...v1.27.0

v1.26.0

Addresses "Sharing server/transport instances can leak cross-client response data" in this GHSA GHSA-345p-7cg4-v4c7

What's Changed

• chore: bump v1.25.3 for backport fixes by @​pcarleton in modelcontextprotocol/typescript-sdk#1412
• fix(deps): resolve npm audit vulnerabilities and bump dependencies (v1.x backport) by @​samuv in modelcontextprotocol/typescript-sdk#1382
• Fix #1430: Client Credentials providers scopes support (backported) by @​NSeydoux in modelcontextprotocol/typescript-sdk#1442
• chore: bump version to 1.26.0 by @​pcarleton in modelcontextprotocol/typescript-sdk#1479

New Contributors

• @​samuv made their first contribution in modelcontextprotocol/typescript-sdk#1382
• @​NSeydoux made their first contribution in modelcontextprotocol/typescript-sdk#1442

Full Changelog: modelcontextprotocol/typescript-sdk@v1.25.3...v1.26.0

v1.25.3

What's Changed

• [v1.x backport] Use correct schema for client sampling validation when tools are present by @​olaservo in modelcontextprotocol/typescript-sdk#1407
• fix: prevent Hono from overriding global Response object (v1.x) by @​mattzcarey in modelcontextprotocol/typescript-sdk#1411

Full Changelog: modelcontextprotocol/typescript-sdk@v1.25.2...v1.25.3

... (truncated)

Commits

• 4faa8c8 chore: bump version to 1.27.1 (#1581)
• 09a85a8 fix: call onerror for silently swallowed transport errors (#1580)
• e79d14a fix: prevent command injection in example URL opening (v1.x backport) (#1579)
• 342ea39 docs: comprehensive feature documentation for SEP-1730 Tier 1 (#1548)
• 2084a22 docs: add governance documentation for SEP-1730 (#1547)
• f2d2145 feat: implement auth/pre-registration conformance scenario (#1545)
• 8cbc658 chore: bump version for v1.27.0 (#1541)
• 5c16ae3 [v1.x] feat(tasks): add streaming methods for elicitation and sampling (#1528)
• 97ab379 feat: add url property to RequestInfo interface (#1353)
• 825e9ab feat: backport discoverOAuthServerInfo() and discovery caching to v1.x (#1533)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by pcarleton, a new releaser for @​modelcontextprotocol/sdk since your current version.

Updates agents from 0.2.35 to 0.8.0

Release notes

Sourced from agents's releases.

agents@0.8.0

Minor Changes

• #1152 16cc622 Thanks @​threepointone! - feat: expose readable state property on useAgent and AgentClient

  Both useAgent (React) and AgentClient (vanilla JS) now expose a state property that tracks the current agent state. Previously, state was write-only via setState() — reading state required manually tracking it through the onStateUpdate callback.

  React (useAgent)

  const agent = useAgent<GameAgent, GameState>({
    agent: "game-agent",
    name: "room-123",
  });
  // Read state directly — no need for separate useState + onStateUpdate
  return <div>Score: {agent.state?.score}</div>;
  // Spread for partial updates — works correctly now
  agent.setState({ ...agent.state, score: agent.state.score + 10 });

  agent.state is reactive — the component re-renders when state changes from either the server or client-side setState().

  Vanilla JS (AgentClient)

  const client = new AgentClient<GameAgent>({
    agent: "game-agent",
    name: "room-123",
    host: "your-worker.workers.dev",
  });
  // State updates synchronously on setState and server broadcasts
  client.setState({ score: 100 });
  console.log(client.state); // { score: 100 }

  Backward compatible

  The onStateUpdate callback continues to work exactly as before. The new state property is additive — it provides a simpler alternative to manual state tracking for the common case.

  Type: State | undefined

  State starts as undefined and is populated when the server sends state on connect (from initialState) or when setState() is called. Use optional chaining (agent.state?.field) for safe access.

• #1154 74a018a Thanks @​threepointone! - feat: idempotent schedule() to prevent row accumulation across DO restarts

  schedule() now supports an idempotent option that deduplicates by (type, callback, payload), preventing duplicate rows from accumulating when called repeatedly (e.g., in onStart()).

... (truncated)

Changelog

Sourced from agents's changelog.

0.8.0

Minor Changes

• #1152 16cc622 Thanks @​threepointone! - feat: expose readable state property on useAgent and AgentClient

  Both useAgent (React) and AgentClient (vanilla JS) now expose a state property that tracks the current agent state. Previously, state was write-only via setState() — reading state required manually tracking it through the onStateUpdate callback.

  React (useAgent)

  const agent = useAgent<GameAgent, GameState>({
    agent: "game-agent",
    name: "room-123",
  });
  // Read state directly — no need for separate useState + onStateUpdate
  return <div>Score: {agent.state?.score}</div>;
  // Spread for partial updates — works correctly now
  agent.setState({ ...agent.state, score: agent.state.score + 10 });

  agent.state is reactive — the component re-renders when state changes from either the server or client-side setState().

  Vanilla JS (AgentClient)

  const client = new AgentClient<GameAgent>({
    agent: "game-agent",
    name: "room-123",
    host: "your-worker.workers.dev",
  });
  // State updates synchronously on setState and server broadcasts
  client.setState({ score: 100 });
  console.log(client.state); // { score: 100 }

  Backward compatible

  The onStateUpdate callback continues to work exactly as before. The new state property is additive — it provides a simpler alternative to manual state tracking for the common case.

  Type: State | undefined

  State starts as undefined and is populated when the server sends state on connect (from initialState) or when setState() is called. Use optional chaining (agent.state?.field) for safe access.

• #1154 74a018a Thanks @​threepointone! - feat: idempotent schedule() to prevent row accumulation across DO restarts

  schedule() now supports an idempotent option that deduplicates by (type, callback, payload), preventing duplicate rows from accumulating when called repeatedly (e.g., in onStart()).

... (truncated)

Commits

• 0b97e62 Version Packages (#1140)
• 74a018a fix: prevent schedule() row accumulation across DO restarts (#1154)
• 16cc622 feat: expose readable state property on useAgent and AgentClient (#1152)
• 1f85b06 keepAlive: ref-counted in-memory alarms (#1147)
• b74e108 Add typed AgentClient, stub proxy, and types (#1146)
• 94fac05 worker-bundler: host-side assets, no DO wrapper, SW preview proxy (#1145)
• c78ff5d update deps
• 3ac4b22 Bump workers-ai-provider to 3.1.5 and fix test
• 36e2020 Upgrade to Vitest 4.1, Vite 8, and @​cloudflare/vitest-pool-workers 0.13 (#1138)
• a4836f2 Version Packages (#1129)
• Additional commits viewable in compare view

Updates @astrojs/starlight from 0.37.7 to 0.38.2

Release notes

Sourced from @​astrojs/starlight's releases.

@​astrojs/starlight@​0.38.2

Patch Changes

• #3759 f24ce99 Thanks @​MilesChou! - Fixes an issue where monolingual sites using a region-specific locale (e.g., zh-TW) as the default would incorrectly display base language translations (e.g., zh Simplified Chinese) instead of the region-specific ones (e.g., zh-TW Traditional Chinese).

• #3768 a4c6c20 Thanks @​delucis! - Improves performance of sidebar generation for sites with very large sidebars

@​astrojs/starlight@​0.38.1

Patch Changes

• #3751 fb955ff Thanks @​pyxelr! - Fixes a regression causing global tableOfContents config to be ignored

@​astrojs/starlight@​0.38.0

Minor Changes

• #3644 0d2e7ed Thanks @​HiDeoo! - Adds support for Astro v6, drops support for Astro v5.

  Upgrade Astro and dependencies

  ⚠️ BREAKING CHANGE: Astro v5 is no longer supported. Make sure you update Astro and any other official integrations at the same time as updating Starlight:

  npx @astrojs/upgrade

  Community Starlight plugins and Astro integrations may also need to be manually updated to work with Astro v6. If you encounter any issues, please reach out to the plugin or integration author to see if it is a known issue or if an updated version is being worked on.

  Update your collections

  ⚠️ BREAKING CHANGE: Drops support for content collections backwards compatibility.

  In Astro 5.x, projects could delay upgrading to the new Content Layer API introduced for content collections because of some existing automatic backwards compatibility that was not previously behind a flag. This meant that it was possible to upgrade from Astro 4 to Astro 5 without updating your content collections, even if you had not enabled the legacy.collections flag. Projects would continue to build, and no errors or warnings would be displayed.

  Astro v6.0 now removes this automatic legacy content collections support, along with the legacy.collections flag.

  If you experience content collections errors after updating to v6, check your project for any removed legacy features that may need updating to the Content Layer API. See the Starlight v0.30.0 upgrade guide for detailed instructions on upgrading legacy collections to the new Content Layer API.

  If you are unable to make any changes to your collections at this time, including Starlight's default docs and i18n collections, you can enable the legacy.collectionsBackwardsCompat flag to upgrade to v6 without updating your collections. This temporary flag preserves some legacy v4 content collections features, and will allow you to keep your collections in their current state until the legacy flag is no longer supported.

• #3704 375edcc Thanks @​florian-lefebvre! - Fixes autocomplete for components exported from @astrojs/starlight/components/*

  ⚠️ Potentially breaking change: This change moves some files used in Starlight’s component internals out of the components/ directory. Direct use of these files was not and is not officially supported. If you previously imported TableOfContents/starlight-toc.ts, TableOfContents/TableOfContentsList.astro, Icons.ts, or SidebarPersistState.ts, please review your code when updating.

• #3729 3642625 Thanks @​delucis! - Improves Starlight’s default body font stack to better support languages such as Chinese, Japanese, and Korean on Windows. For most users there should be no visible change.

  If you would prefer to keep the previous font stack, you can add the following custom CSS to your site:

  :root {

... (truncated)

Changelog

Sourced from @​astrojs/starlight's changelog.

0.38.2

Patch Changes

• #3759 f24ce99 Thanks @​MilesChou! - Fixes an issue where monolingual sites using a region-specific locale (e.g., zh-TW) as the default would incorrectly display base language translations (e.g., zh Simplified Chinese) instead of the region-specific ones (e.g., zh-TW Traditional Chinese).

• #3768 a4c6c20 Thanks @​delucis! - Improves performance of sidebar generation for sites with very large sidebars

0.38.1

Patch Changes

• #3751 fb955ff Thanks @​pyxelr! - Fixes a regression causing global tableOfContents config to be ignored

0.38.0

Minor Changes

• #3644 0d2e7ed Thanks @​HiDeoo! - Adds support for Astro v6, drops support for Astro v5.

  Upgrade Astro and dependencies

  ⚠️ BREAKING CHANGE: Astro v5 is no longer supported. Make sure you update Astro and any other official integrations at the same time as updating Starlight:

  npx @astrojs/upgrade

  Community Starlight plugins and Astro integrations may also need to be manually updated to work with Astro v6. If you encounter any issues, please reach out to the plugin or integration author to see if it is a known issue or if an updated version is being worked on.

  Update your collections

  ⚠️ BREAKING CHANGE: Drops support for content collections backwards compatibility.

  In Astro 5.x, projects could delay upgrading to the new Content Layer API introduced for content collections because of some existing automatic backwards compatibility that was not previously behind a flag. This meant that it was possible to upgrade from Astro 4 to Astro 5 without updating your content collections, even if you had not enabled the legacy.collections flag. Projects would continue to build, and no errors or warnings would be displayed.

  Astro v6.0 now removes this automatic legacy content collections support, along with the legacy.collections flag.

  If you experience content collections errors after updating to v6, check your project for any removed legacy features that may need updating to the Content Layer API. See the Starlight v0.30.0 upgrade guide for detailed instructions on upgrading legacy collections to the new Content Layer API.

  If you are unable to make any changes to your collections at this time, including Starlight's default docs and i18n collections, you can enable the legacy.collectionsBackwardsCompat flag to upgrade to v6 without updating your collections. This temporary flag preserves some legacy v4 content collections features, and will allow you to keep your collections in their current state until the legacy flag is no longer supported.

• #3704 375edcc Thanks @​florian-lefebvre! - Fixes autocomplete for components exported from @astrojs/starlight/components/*

  ⚠️ Potentially breaking change: This change moves some files used in Starlight’s component internals out of the components/ directory. Direct use of these files was not and is not officially supported. If you previously imported TableOfContents/starlight-toc.ts, TableOfContents/TableOfContentsList.astro, Icons.ts, or SidebarPersistState.ts, please review your code when updating.

• #3729 3642625 Thanks @​delucis! - Improves Starlight’s default body font stack to better support languages such as Chinese, Japanese, and Korean on Windows. For most users there should be no visible change.

  If you would prefer to keep the previous font stack, you can add the following custom CSS to your site:

... (truncated)

Commits

• d871021 [ci] release (#3766)
• a4c6c20 Improve performance of sidebar generation logic (#3768)
• f24ce99 fix: use region-specific translations for default locale (#3759)
• 1a87ed4 Update to Vitest 4.1 (#3757)
• ac64c72 [ci] release (#3752)
• fb955ff fix: respect global tableOfContents config with zod v4 (#3751)
• eb7abe2 [ci] release (#3745)
• fff38d5 Tweak header hover effects (#3598)
• 375edcc feat: improve components exports with wildcard (#3704)
• 047dd32 [ci] format
• Additional commits viewable in compare view

Updates astro-og-canvas from 0.7.2 to 0.10.1

Release notes

Sourced from astro-og-canvas's releases.

astro-og-canvas@0.10.1

Patch Changes

• #128 dd829f9 Thanks @​renovate! - Updates dependency entities to ^7.0.1

astro-og-canvas@0.10.0

Minor Changes

• #119 151edd2 Thanks @​delucis! - Makes OGImageRoute() asynchronous.

  ⚠️ BREAKING CHANGE: You must now await the result of OGImageRoute():

  import { OGImageRoute } from 'astro-og-canvas';
  
  export const { getStaticPaths, GET } = OGImageRoute({
  
  
  export const { getStaticPaths, GET } = await OGImageRoute({

Patch Changes

• #119 151edd2 Thanks @​delucis! - Fixes using the built-in getSlug() for OG images with format: "JPEG" or format: "WEBP"

astro-og-canvas@0.9.0

Minor Changes

• #117 b94a123 Thanks @​delucis! - Adds type safety to OGImageRoute. The page parameter in getSlug() and getImageOptions() is now correctly inferred from the value passed to pages instead of being typed as any.

  OGImageRoute({
    pages: {
      example: {
        title: 'Example Page',
        description: 'Description of this page shown in smaller text',
      },
    },
    getImageOptions: (path, page) => {
      page;
      // ^? { title: string; description: string }
    },
  });

  ⚠️ Potentially breaking change: If you are type checking your code base, you may see type errors if you are accessing page in getSlug() or getImageOptions() in a non-type-safe way and will need to either update that code or add some additional types.

• #117 b94a123 Thanks @​delucis! - Exports OGImageOptions type

astro-og-canvas@0.8.0

Minor Changes

... (truncated)

Changelog

Sourced from astro-og-canvas's changelog.

0.10.1

Patch Changes

• #128 dd829f9 Thanks @​renovate! - Updates dependency entities to ^7.0.1

0.10.0

Minor Changes

• #119 151edd2 Thanks @​delucis! - Makes OGImageRoute() asynchronous.

  ⚠️ BREAKING CHANGE: You must now await the result of OGImageRoute():

  import { OGImageRoute } from 'astro-og-canvas';
  
  export const { getStaticPaths, GET } = OGImageRoute({
  
  
  export const { getStaticPaths, GET } = await OGImageRoute({

Patch Changes

• #119 151edd2 Thanks @​delucis! - Fixes using the built-in getSlug() for OG images with format: "JPEG" or format: "WEBP"

0.9.0

Minor Changes

• #117 b94a123 Thanks @​delucis! - Adds type safety to OGImageRoute. The page parameter in getSlug() and getImageOptions() is now correctly inferred from the value passed to pages instead of being typed as any.

  OGImageRoute({
    pages: {
      example: {
        title: 'Example Page',
        description: 'Description of this page shown in smaller text',
      },
    },
    getImageOptions: (path, page) => {
      page;
      // ^? { title: string; description: string }
    },
  });

  ⚠️ Potentially breaking change: If you are type checking your code base, you may see type errors if you are accessing page in getSlug() or getImageOptions() in a non-type-safe way and will need to either update that code or add some additional types.

• #117 b94a123 Thanks @​delucis! - Exports OGImageOptions type

... (truncated)

Commits

• 9ec89cf Version Packages (#131)
• dd829f9 Update dependency entities to ^7.0.1 (#128)
• 9f8a1fd Update dependency astro to ^5.16.15 (#127)
• 4bf4c8d Update dependency astro to ^5.16.9 (#124)
• 83dba33 Update dependency astro to ^5.16.8 (#122)
• e316dc1 Version Packages (#120)
• 151edd2 Fix default getSlug() for non-PNG image formats (#119)
• 6f50853 Version Packages (#118)
• b94a123 Improve OGImageRoute typing (#117)
• c5e0a30 Add type checking to CI (#116)
• Additional commits viewable in compare view

Updates canvaskit-wasm from 0.40.0 to 0.41.0

Commits

• cf5c369 Release CanvasKit v0.41.0
• a85f5be Migrate Mock stuff out of GrBackendSurface
• 4bbcf0d Fix viewer with Dawn Graphite backend on Linux
• f636aef Reland "Delete staging functions for serialization and deserialization"
• 2721053 Roll Expat from e49998f0 to 154446fc (322 commits)
• 5901323 Graphite: Add finish proc to Context::submit
• f0a13e5 Roll recipe dependencies (trivial).
• e295663 Roll vulkan-deps from 98fee6234d16 to 7c625f80e8cc (4 revisions)
• 2fb5fa7 Roll ANGLE from 599125448d7a to f7571cf4c526 (9 revisions)
• 02ba2ea Roll Skia Infra from 6336d62b8859 to f041daad5584 (11 revisions)
• Additional commits viewable in compare view

Updates starlight-llms-txt from 0.6.1 to 0.8.0

Release notes

Sourced from starlight-llms-txt's releases.

starlight-llms-txt@0.8.0

Minor Changes

• #80 dea7b22 Thanks @​nonoakij! - Adds support for Astro v6 and Starlight v0.38, drops support for lower versions.

starlight-llms-txt@0.7.0

Minor Changes

• #43 1db4591 Thanks @​sanscontext! - Enforces llms.txt files to be prerendered at build time. Previously, sites using Astro’s output: server configuration would generate llms.txt files on-demand, which can be slow, and additionally was incompatible with the custom sets feature. This change means that llms.txt files are statically generated even for sites using output: server.

  ⚠️ Potentially breaking change: If you were relying on on-demand rendered llms.txt files, for example by using middleware to gate access, this may be a breaking change. Please share your use case to let us know if you need this.

Changelog

Sourced from starlight-llms-txt's changelog.

0.8.0

Minor Changes

• #80 dea7b22 Thanks @​nonoakij! - Adds support for Astro v6 and Starlight v0.38, drops support for lower versions.

0.7.0

Minor Changes

• #43 1db4591 Thanks @​sanscontext! - Enforces llms.txt files to be prerendered at build time. Previously, sites using Astro’s output: server configuration would generate llms.txt files on-demand, which can be slow, and additionally was incompatible with the custom sets feature. This change means that llms.txt files are statically generated even for sites using output: server.

  ⚠️ Potentially breaking change: If you were relying on on-demand rendered llms.txt files, for example by using middleware to gate access, this may be a breaking change. Please share your use case to let us know if you need this.

Commits

• 9aee078 [ci] release (#81)
• dea7b22 feat: add Astro v6 support (#80)
• dd75e0f fix(deps): update dependency astro to ^5.18.0 (#78)
• 1de38ec fix(deps): update dependency astro to ^5.17.3 (#75)
• 7dcab69 fix(deps): update astro (#73)
• 122c34d fix(deps): update dependency astro to ^5.17.1 (#71)
• bed47ed fix(deps): update dependency astro to ^5.17.0 (#70)
• fbaa340 fix(deps): update dependency astro to ^5.16.16 (#69)
• c52dcb7 fix(deps): update astro (#68)
• 3654bc8 fix(deps): update dependency astro to ^5.16.9 (#62)
• Additional commits viewable in compare view

Updates @changesets/get-github-info from 0.7.0 to 0.8.0

Release notes

Sourced from @​changesets/get-github-info's releases.

@​changesets/get-github-info@​0.8.0

Minor Changes

• #1758 e462d89 Thanks @​jdeniau! - Add scopes automatically in the GitHub new token link in the printed error message

Patch Changes

• #1781 d4b8ad8 Thanks @​bluwy! - Improve error messages when fail to fetch data from GitHub

Commits

• See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​changesets/get-github-info since your current version.

Updates gunshi from 0.28.2 to 0.29.3

Release notes

Sourced from gunshi's releases.

v0.29.3

Full Changelog: kazupon/gunshi@v0.29.2...v0.29.3

v0.29.2

Full Changelog: kazupon/gunshi@v0.29.1...v0.29.2

v0.29.1

Full Changelog: kazupon/gunshi@v0.29.0...v0.29.1

v0.29.0

What's Changed

🌟 Features

• feat(gunshi): support parser combinators for argment schema (experimental) by @​kazupon in kazupon/gunshi#496

Full Changelog: kazupon/gunshi@v0.28.2...v0.29.0

Changelog

Sourced from gunshi's changelog.

v0.29.3 (2026-03-11T08:53:31Z)Description has been truncated

[cloudflare-workers-and-pages]

Deploying with    Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status	Name	Latest Commit	Updated (UTC)
🔵 In progress View logs	varlock-website	a328850	Mar 23 2026, 01:40 PM

[cloudflare-workers-and-pages]

Deploying with    Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status	Name	Latest Commit	Updated (UTC)
❌ Deployment failed View logs	varlock-docs-mcp	fef5c51	Mar 23 2026, 09:04 PM

[changeset-bot]

⚠️ No Changeset found

Latest commit: fef5c51

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	remark-custom-header-id@​1.0.0
	starlight-llms-txt@​0.8.0
	astro-iconify@​1.2.0
	astro-robots-txt@​1.0.0
	@​astrojs/​partytown@​2.1.5
	@​astrojs/​vue@​5.1.4
	@​astrojs/​sitemap@​3.7.1
	@​astrojs/​mdx@​4.3.14
	@​astrojs/​starlight@​0.38.2
	astro-og-canvas@​0.10.1
	vue@​3.5.30
	canvaskit-wasm@​0.41.0

View full report

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Warn		Obfuscated code: npm svgo is 91.0% likely obfuscated Confidence: 0.91 Location: Package overview From: ? → npm/astro-iconify@1.2.0 → npm/svgo@3.3.3 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/svgo@3.3.3. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm vite is 91.0% likely obfuscated Confidence: 0.91 Location: Package overview From: ? → npm/@astrojs/vue@5.1.4 → npm/vite@6.4.1 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/vite@6.4.1. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report