Upgrade @astrojs/sitemap to latest

[votemike]

Description

Upgrade sitemap package to fix Zod security issue.

[changeset-bot]

🦋 Changeset detected

Latest commit: db443ce

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 1 package

Name	Type
@astrojs/starlight	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Updated (UTC)
starlight	✅ Ready (Inspect)	Visit Preview	Nov 28, 2023 11:22am

[astrobot-houston]

Hello! Thank you for opening your first PR to Starlight! ✨

Here’s what will happen next:

1. Our GitHub bots will run to check your changes.
   If they spot any issues you will see some error messages on this PR.
   Don’t hesitate to ask any questions if you’re not sure what these mean!

2. In a few minutes, you’ll be able to see a preview of your changes on Vercel 🤩

3. One or more of our maintainers will take a look and may ask you to make changes.
   We try to be responsive, but don’t worry if this takes a few days.

[delucis]

Thanks for the PR @votemike. I assume this relates to GHSA-m95q-7qp3-xv42?

To be clear, this vulnerability does not impact Starlight — firstly because we do not parse any e-mails, and secondly because this is a DDoS vulnerability that would only apply if you were using Zod to parse unsanitized user input, for example in a server application, which is not the case with Starlight.

Still happy to update versions so people’s security analysis tools don’t complain, but wanted to mention this here for the record.

[votemike]

Yep. I guessed as much. But I thought other people's dependabots would be complaining.

Also, other parts of @astrojs/starlight seem to have already updated to 3.22.4, this seemed to be the only thing that hadn't.