astro 4.11.4 → 4.11.6

package/dist/@types/astro.d.ts

@@ -4,7 +4,7 @@ import type { MarkdownHeading, MarkdownVFile, RehypePlugins, RemarkPlugins, Rema
 import type * as babel from '@babel/core';
 import type * as rollup from 'rollup';
 import type * as vite from 'vite';
-import type { Accept, ActionClient, InputSchema } from '../actions/runtime/virtual/server.js';
+import type { ActionAccept, ActionClient, ActionInputSchema } from '../actions/runtime/virtual/server.js';
 import type { RemotePattern } from '../assets/utils/remotePattern.js';
 import type { AssetsPrefix, SerializedSSRManifest } from '../core/app/types.js';
 import type { PageBuildData } from '../core/build/types.js';
@@ -2025,6 +2025,36 @@ export interface AstroUserConfig {
              * ```
              */
             schema?: EnvSchema;
+            /**
+             * @docs
+             * @name experimental.env.validateSecrets
+             * @kind h4
+             * @type {boolean}
+             * @default `false`
+             * @version 4.11.6
+             * @description
+             *
+             * Whether or not to validate secrets on the server when starting the dev server or running a build.
+             *
+             * By default, only public variables are validated on the server when starting the dev server or a build, and private variables are validated at runtime only. If enabled, private variables will also be checked on start. This is useful in some continuous integration (CI) pipelines to make sure all your secrets are correctly set before deploying.
+             *
+             * ```js
+             * // astro.config.mjs
+             * import { defineConfig, envField } from "astro/config"
+             *
+             * export default defineConfig({
+             *   experimental: {
+             *     env: {
+             *       schema: {
+             *         // ...
+             *       },
+             *       validateSecrets: true
+             *     }
+             *   }
+             * })
+             * ```
+             */
+            validateSecrets?: boolean;
         };
     };
 }
@@ -2492,7 +2522,7 @@ interface AstroSharedContext<Props extends Record<string, any> = Record<string,
     /**
      * Get action result on the server when using a form POST.
      */
-    getActionResult: <TAccept extends Accept, TInputSchema extends InputSchema<TAccept>, TAction extends ActionClient<unknown, TAccept, TInputSchema>>(action: TAction) => Awaited<ReturnType<TAction['safe']>> | undefined;
+    getActionResult: <TAccept extends ActionAccept, TInputSchema extends ActionInputSchema<TAccept>, TAction extends ActionClient<unknown, TAccept, TInputSchema>>(action: TAction) => Awaited<ReturnType<TAction['safe']>> | undefined;
     /**
      * Route parameters for this request if this is a dynamic route.
      */

package/dist/actions/runtime/utils.d.ts

@@ -7,3 +7,13 @@ export type MaybePromise<T> = T | Promise<T>;
  * the user's `src/actions/index.ts` file at build-time.
  */
 export declare function getAction(path: string): Promise<((param: unknown) => MaybePromise<unknown>) | undefined>;
+/**
+ * Used to preserve the input schema type in the error object.
+ * This allows for type inference on the `fields` property
+ * when type narrowed to an `ActionInputError`.
+ *
+ * Example: Action has an input schema of `{ name: z.string() }`.
+ * When calling the action and checking `isInputError(result.error)`,
+ * `result.error.fields` will be typed with the `name` field.
+ */
+export type ErrorInferenceObject = Record<string, any>;

package/dist/actions/runtime/virtual/server.d.ts

@@ -1,23 +1,24 @@
 import { z } from 'zod';
 import { type ActionAPIContext, getApiContext as _getApiContext } from '../store.js';
-import { type MaybePromise } from '../utils.js';
-import { type ErrorInferenceObject, type SafeResult } from './shared.js';
+import type { ErrorInferenceObject, MaybePromise } from '../utils.js';
+import { type SafeResult } from './shared.js';
 export * from './shared.js';
 export { z } from 'zod';
 /** @deprecated Access context from the second `handler()` parameter. */
 export declare const getApiContext: typeof _getApiContext;
-export type Accept = 'form' | 'json';
-export type InputSchema<T extends Accept> = T extends 'form' ? z.AnyZodObject | z.ZodType<FormData> : z.ZodType;
-type Handler<TInputSchema, TOutput> = TInputSchema extends z.ZodType ? (input: z.infer<TInputSchema>, context: ActionAPIContext) => MaybePromise<TOutput> : (input: any, context: ActionAPIContext) => MaybePromise<TOutput>;
-export type ActionClient<TOutput, TAccept extends Accept, TInputSchema extends InputSchema<TAccept> | undefined> = TInputSchema extends z.ZodType ? ((input: TAccept extends 'form' ? FormData : z.input<TInputSchema>) => Promise<Awaited<TOutput>>) & {
+export type ActionAccept = 'form' | 'json';
+export type ActionInputSchema<T extends ActionAccept | undefined> = T extends 'form' ? z.AnyZodObject | z.ZodType<FormData> : z.ZodType;
+export type ActionHandler<TInputSchema, TOutput> = TInputSchema extends z.ZodType ? (input: z.infer<TInputSchema>, context: ActionAPIContext) => MaybePromise<TOutput> : (input: any, context: ActionAPIContext) => MaybePromise<TOutput>;
+export type ActionReturnType<T extends ActionHandler<any, any>> = Awaited<ReturnType<T>>;
+export type ActionClient<TOutput, TAccept extends ActionAccept | undefined, TInputSchema extends ActionInputSchema<TAccept> | undefined> = TInputSchema extends z.ZodType ? ((input: TAccept extends 'form' ? FormData : z.input<TInputSchema>) => Promise<Awaited<TOutput>>) & {
     safe: (input: TAccept extends 'form' ? FormData : z.input<TInputSchema>) => Promise<SafeResult<z.input<TInputSchema> extends ErrorInferenceObject ? z.input<TInputSchema> : ErrorInferenceObject, Awaited<TOutput>>>;
 } : ((input?: any) => Promise<Awaited<TOutput>>) & {
     safe: (input?: any) => Promise<SafeResult<never, Awaited<TOutput>>>;
 };
-export declare function defineAction<TOutput, TAccept extends Accept = 'json', TInputSchema extends InputSchema<Accept> | undefined = TAccept extends 'form' ? z.ZodType<FormData> : undefined>({ accept, input: inputSchema, handler, }: {
+export declare function defineAction<TOutput, TAccept extends ActionAccept | undefined = undefined, TInputSchema extends ActionInputSchema<ActionAccept> | undefined = TAccept extends 'form' ? z.ZodType<FormData> : undefined>({ accept, input: inputSchema, handler, }: {
     input?: TInputSchema;
     accept?: TAccept;
-    handler: Handler<TInputSchema, TOutput>;
+    handler: ActionHandler<TInputSchema, TOutput>;
 }): ActionClient<TOutput, TAccept, TInputSchema>;
 /** Transform form data to an object based on a Zod schema. */
 export declare function formDataToObject<T extends z.AnyZodObject>(formData: FormData, schema: T): Record<string, unknown>;

package/dist/actions/runtime/virtual/server.js

@@ -1,11 +1,6 @@
 import { z } from "zod";
 import { getApiContext as _getApiContext } from "../store.js";
-import {} from "../utils.js";
-import {
-  ActionError,
-  ActionInputError,
-  callSafely
-} from "./shared.js";
+import { ActionError, ActionInputError, callSafely } from "./shared.js";
 export * from "./shared.js";
 import { z as z2 } from "zod";
 const getApiContext = _getApiContext;
@@ -58,8 +53,8 @@ function formDataToObject(formData, schema) {
   const obj = {};
   for (const [key, baseValidator] of Object.entries(schema.shape)) {
     let validator = baseValidator;
-    if (baseValidator instanceof z.ZodOptional || baseValidator instanceof z.ZodNullable) {
-      validator = baseValidator._def.innerType;
+    while (validator instanceof z.ZodOptional || validator instanceof z.ZodNullable) {
+      validator = validator._def.innerType;
     }
     if (validator instanceof z.ZodBoolean) {
       obj[key] = formData.has(key);

package/dist/actions/runtime/virtual/shared.d.ts

@@ -1,7 +1,7 @@
 import type { z } from 'zod';
-import type { MaybePromise } from '../utils.js';
-type ActionErrorCode = 'BAD_REQUEST' | 'UNAUTHORIZED' | 'FORBIDDEN' | 'NOT_FOUND' | 'TIMEOUT' | 'CONFLICT' | 'PRECONDITION_FAILED' | 'PAYLOAD_TOO_LARGE' | 'UNSUPPORTED_MEDIA_TYPE' | 'UNPROCESSABLE_CONTENT' | 'TOO_MANY_REQUESTS' | 'CLIENT_CLOSED_REQUEST' | 'INTERNAL_SERVER_ERROR';
-export type ErrorInferenceObject = Record<string, any>;
+import type { ErrorInferenceObject, MaybePromise } from '../utils.js';
+export declare const ACTION_ERROR_CODES: readonly ["BAD_REQUEST", "UNAUTHORIZED", "FORBIDDEN", "NOT_FOUND", "TIMEOUT", "CONFLICT", "PRECONDITION_FAILED", "PAYLOAD_TOO_LARGE", "UNSUPPORTED_MEDIA_TYPE", "UNPROCESSABLE_CONTENT", "TOO_MANY_REQUESTS", "CLIENT_CLOSED_REQUEST", "INTERNAL_SERVER_ERROR"];
+export type ActionErrorCode = (typeof ACTION_ERROR_CODES)[number];
 export declare class ActionError<T extends ErrorInferenceObject = ErrorInferenceObject> extends Error {
     type: string;
     code: ActionErrorCode;
@@ -16,6 +16,7 @@ export declare class ActionError<T extends ErrorInferenceObject = ErrorInference
     static fromResponse(res: Response): Promise<ActionError<ErrorInferenceObject>>;
 }
 export declare function isInputError<T extends ErrorInferenceObject>(error?: ActionError<T>): error is ActionInputError<T>;
+export declare function isInputError(error?: unknown): error is ActionInputError<ErrorInferenceObject>;
 export type SafeResult<TInput extends ErrorInferenceObject, TOutput> = {
     data: TOutput;
     error: undefined;
@@ -35,4 +36,3 @@ export declare function getActionProps<T extends (args: FormData) => MaybePromis
     readonly name: "_astroAction";
     readonly value: string;
 };
-export {};

package/dist/actions/runtime/virtual/shared.js

@@ -1,3 +1,18 @@
+const ACTION_ERROR_CODES = [
+  "BAD_REQUEST",
+  "UNAUTHORIZED",
+  "FORBIDDEN",
+  "NOT_FOUND",
+  "TIMEOUT",
+  "CONFLICT",
+  "PRECONDITION_FAILED",
+  "PAYLOAD_TOO_LARGE",
+  "UNSUPPORTED_MEDIA_TYPE",
+  "UNPROCESSABLE_CONTENT",
+  "TOO_MANY_REQUESTS",
+  "CLIENT_CLOSED_REQUEST",
+  "INTERNAL_SERVER_ERROR"
+];
 const codeToStatusMap = {
   // Implemented from tRPC error code table
   // https://trpc.io/docs/server/error-handling#error-codes
@@ -103,6 +118,7 @@ function getActionProps(action) {
   };
 }
 export {
+  ACTION_ERROR_CODES,
   ActionError,
   ActionInputError,
   callSafely,

package/dist/core/app/index.js

@@ -216,9 +216,9 @@ class App {
     }
     const pathname = this.#getPathnameFromRequest(request);
     const defaultStatus = this.#getDefaultStatusCode(routeData, pathname);
-    const mod = await this.#pipeline.getModuleForRoute(routeData);
     let response;
     try {
+      const mod = await this.#pipeline.getModuleForRoute(routeData);
       const renderContext = RenderContext.create({
         pipeline: this.#pipeline,
         locals,

package/dist/core/build/plugins/plugin-pages.js

@@ -37,8 +37,8 @@ function vitePluginPages(opts, internals) {
         for (const pageData of pageDatas) {
           const resolvedPage = await this.resolve(pageData.moduleSpecifier);
           if (resolvedPage) {
-            imports.push(`const page = () => import(${JSON.stringify(pageData.moduleSpecifier)});`);
-            exports.push(`export { page }`);
+            imports.push(`import * as _page from ${JSON.stringify(pageData.moduleSpecifier)};`);
+            exports.push(`export const page = () => _page`);
             imports.push(`import { renderers } from "${RENDERERS_MODULE_ID}";`);
             exports.push(`export { renderers };`);
             return `${imports.join("\n")}${exports.join("\n")}`;

package/dist/core/build/plugins/plugin-prerender.js

@@ -26,7 +26,7 @@ function getNonPrerenderOnlyChunks(bundle, internals) {
   const prerenderOnlyEntryChunks = /* @__PURE__ */ new Set();
   const nonPrerenderOnlyEntryChunks = /* @__PURE__ */ new Set();
   for (const chunk of chunks) {
-    if (chunk.type === "chunk" && (chunk.isEntry || chunk.isDynamicEntry)) {
+    if (chunk.type === "chunk" && chunk.isEntry) {
       if (chunk.facadeModuleId?.startsWith(ASTRO_PAGE_RESOLVED_MODULE_ID)) {
         const pageDatas = getPagesFromVirtualModulePageName(
           internals,

package/dist/core/config/schema.d.ts

@@ -58,6 +58,9 @@ export declare const ASTRO_CONFIG_DEFAULTS: {
         clientPrerender: false;
         globalRoutePriority: false;
         rewriting: false;
+        env: {
+            validateSecrets: false;
+        };
     };
 };
 export declare const AstroConfigSchema: z.ZodObject<{
@@ -398,7 +401,7 @@ export declare const AstroConfigSchema: z.ZodObject<{
         globalRoutePriority: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
         rewriting: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
         env: z.ZodOptional<z.ZodObject<{
-            schema: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodIntersection<z.ZodUnion<[z.ZodObject<{
+            schema: z.ZodOptional<z.ZodRecord<z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>, z.ZodIntersection<z.ZodUnion<[z.ZodObject<{
                 context: z.ZodLiteral<"client">;
                 access: z.ZodLiteral<"public">;
             }, "strip", z.ZodTypeAny, {
@@ -523,7 +526,9 @@ export declare const AstroConfigSchema: z.ZodObject<{
                 default?: string | undefined;
                 optional?: boolean | undefined;
             }>]>>>>;
+            validateSecrets: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
         }, "strict", z.ZodTypeAny, {
+            validateSecrets: boolean;
             schema?: Record<string, ({
                 context: "client";
                 access: "public";
@@ -564,6 +569,7 @@ export declare const AstroConfigSchema: z.ZodObject<{
                 optional?: boolean | undefined;
             })> | undefined;
         }, {
+            validateSecrets?: boolean | undefined;
             schema?: Record<string, ({
                 context: "client";
                 access: "public";
@@ -613,6 +619,7 @@ export declare const AstroConfigSchema: z.ZodObject<{
         globalRoutePriority: boolean;
         rewriting: boolean;
         env?: {
+            validateSecrets: boolean;
             schema?: Record<string, ({
                 context: "client";
                 access: "public";
@@ -662,6 +669,7 @@ export declare const AstroConfigSchema: z.ZodObject<{
         globalRoutePriority?: boolean | undefined;
         rewriting?: boolean | undefined;
         env?: {
+            validateSecrets?: boolean | undefined;
             schema?: Record<string, ({
                 context: "client";
                 access: "public";
@@ -788,6 +796,7 @@ export declare const AstroConfigSchema: z.ZodObject<{
         globalRoutePriority: boolean;
         rewriting: boolean;
         env?: {
+            validateSecrets: boolean;
             schema?: Record<string, ({
                 context: "client";
                 access: "public";
@@ -950,6 +959,7 @@ export declare const AstroConfigSchema: z.ZodObject<{
         globalRoutePriority?: boolean | undefined;
         rewriting?: boolean | undefined;
         env?: {
+            validateSecrets?: boolean | undefined;
             schema?: Record<string, ({
                 context: "client";
                 access: "public";
@@ -1332,7 +1342,7 @@ export declare function createRelativeSchema(cmd: string, fileProtocolRoot: stri
         globalRoutePriority: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
         rewriting: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
         env: z.ZodOptional<z.ZodObject<{
-            schema: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodIntersection<z.ZodUnion<[z.ZodObject<{
+            schema: z.ZodOptional<z.ZodRecord<z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>, z.ZodIntersection<z.ZodUnion<[z.ZodObject<{
                 context: z.ZodLiteral<"client">;
                 access: z.ZodLiteral<"public">;
             }, "strip", z.ZodTypeAny, {
@@ -1457,7 +1467,9 @@ export declare function createRelativeSchema(cmd: string, fileProtocolRoot: stri
                 default?: string | undefined;
                 optional?: boolean | undefined;
             }>]>>>>;
+            validateSecrets: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
         }, "strict", z.ZodTypeAny, {
+            validateSecrets: boolean;
             schema?: Record<string, ({
                 context: "client";
                 access: "public";
@@ -1498,6 +1510,7 @@ export declare function createRelativeSchema(cmd: string, fileProtocolRoot: stri
                 optional?: boolean | undefined;
             })> | undefined;
         }, {
+            validateSecrets?: boolean | undefined;
             schema?: Record<string, ({
                 context: "client";
                 access: "public";
@@ -1547,6 +1560,7 @@ export declare function createRelativeSchema(cmd: string, fileProtocolRoot: stri
         globalRoutePriority: boolean;
         rewriting: boolean;
         env?: {
+            validateSecrets: boolean;
             schema?: Record<string, ({
                 context: "client";
                 access: "public";
@@ -1596,6 +1610,7 @@ export declare function createRelativeSchema(cmd: string, fileProtocolRoot: stri
         globalRoutePriority?: boolean | undefined;
         rewriting?: boolean | undefined;
         env?: {
+            validateSecrets?: boolean | undefined;
             schema?: Record<string, ({
                 context: "client";
                 access: "public";
@@ -1797,6 +1812,7 @@ export declare function createRelativeSchema(cmd: string, fileProtocolRoot: stri
         globalRoutePriority: boolean;
         rewriting: boolean;
         env?: {
+            validateSecrets: boolean;
             schema?: Record<string, ({
                 context: "client";
                 access: "public";
@@ -1959,6 +1975,7 @@ export declare function createRelativeSchema(cmd: string, fileProtocolRoot: stri
         globalRoutePriority?: boolean | undefined;
         rewriting?: boolean | undefined;
         env?: {
+            validateSecrets?: boolean | undefined;
             schema?: Record<string, ({
                 context: "client";
                 access: "public";
@@ -2086,6 +2103,7 @@ export declare function createRelativeSchema(cmd: string, fileProtocolRoot: stri
         globalRoutePriority: boolean;
         rewriting: boolean;
         env?: {
+            validateSecrets: boolean;
             schema?: Record<string, ({
                 context: "client";
                 access: "public";
@@ -2248,6 +2266,7 @@ export declare function createRelativeSchema(cmd: string, fileProtocolRoot: stri
         globalRoutePriority?: boolean | undefined;
         rewriting?: boolean | undefined;
         env?: {
+            validateSecrets?: boolean | undefined;
             schema?: Record<string, ({
                 context: "client";
                 access: "public";
@@ -2375,6 +2394,7 @@ export declare function createRelativeSchema(cmd: string, fileProtocolRoot: stri
         globalRoutePriority: boolean;
         rewriting: boolean;
         env?: {
+            validateSecrets: boolean;
             schema?: Record<string, ({
                 context: "client";
                 access: "public";
@@ -2537,6 +2557,7 @@ export declare function createRelativeSchema(cmd: string, fileProtocolRoot: stri
         globalRoutePriority?: boolean | undefined;
         rewriting?: boolean | undefined;
         env?: {
+            validateSecrets?: boolean | undefined;
             schema?: Record<string, ({
                 context: "client";
                 access: "public";
@@ -2664,6 +2685,7 @@ export declare function createRelativeSchema(cmd: string, fileProtocolRoot: stri
         globalRoutePriority: boolean;
         rewriting: boolean;
         env?: {
+            validateSecrets: boolean;
             schema?: Record<string, ({
                 context: "client";
                 access: "public";
@@ -2826,6 +2848,7 @@ export declare function createRelativeSchema(cmd: string, fileProtocolRoot: stri
         globalRoutePriority?: boolean | undefined;
         rewriting?: boolean | undefined;
         env?: {
+            validateSecrets?: boolean | undefined;
             schema?: Record<string, ({
                 context: "client";
                 access: "public";

package/dist/core/config/schema.js

@@ -47,7 +47,10 @@ const ASTRO_CONFIG_DEFAULTS = {
     contentCollectionJsonSchema: false,
     clientPrerender: false,
     globalRoutePriority: false,
-    rewriting: false
+    rewriting: false,
+    env: {
+      validateSecrets: false
+    }
   }
 };
 const AstroConfigSchema = z.object({
@@ -328,7 +331,8 @@ const AstroConfigSchema = z.object({
     globalRoutePriority: z.boolean().optional().default(ASTRO_CONFIG_DEFAULTS.experimental.globalRoutePriority),
     rewriting: z.boolean().optional().default(ASTRO_CONFIG_DEFAULTS.experimental.rewriting),
     env: z.object({
-      schema: EnvSchema.optional()
+      schema: EnvSchema.optional(),
+      validateSecrets: z.boolean().optional().default(ASTRO_CONFIG_DEFAULTS.experimental.env.validateSecrets)
     }).strict().optional()
   }).strict(
     `Invalid or outdated experimental feature.

package/dist/core/constants.js

@@ -1,4 +1,4 @@
-const ASTRO_VERSION = "4.11.4";
+const ASTRO_VERSION = "4.11.6";
 const REROUTE_DIRECTIVE_HEADER = "X-Astro-Reroute";
 const ROUTE_TYPE_HEADER = "X-Astro-Route-Type";
 const DEFAULT_404_COMPONENT = "astro-default-404.astro";

package/dist/core/create-vite.js

@@ -90,17 +90,8 @@ async function createVite(commandConfig, { settings, logger, mode, command, fs =
     customLogger: createViteLogger(logger, settings.config.vite.logLevel),
     appType: "custom",
     optimizeDeps: {
-      // Scan all files within `srcDir` except for known server-code (e.g endpoints)
-      entries: [
-        `${srcDirPattern}!(pages)/**/*`,
-        // All files except for pages
-        `${srcDirPattern}pages/**/!(*.js|*.mjs|*.ts|*.mts)`,
-        // All pages except for endpoints
-        `${srcDirPattern}pages/**/_*.{js,mjs,ts,mts}`,
-        // Remaining JS/TS files prefixed with `_` (not endpoints)
-        `${srcDirPattern}pages/**/_*/**/*.{js,mjs,ts,mts}`
-        // Remaining JS/TS files within directories prefixed with `_` (not endpoints)
-      ],
+      // Scan for component code within `srcDir`
+      entries: [`${srcDirPattern}**/*.{jsx,tsx,vue,svelte,html,astro}`],
       exclude: ["astro", "node-fetch"]
     },
     plugins: [

package/dist/core/dev/container.js

@@ -28,7 +28,9 @@ async function createContainer({
     base,
     server: { host, headers, open: serverOpen }
   } = settings.config;
-  const open = typeof serverOpen == "string" ? serverOpen : serverOpen ? base : false;
+  const isServerOpenURL = typeof serverOpen == "string" && !isRestart;
+  const isServerOpenBoolean = serverOpen && !isRestart;
+  const open = isServerOpenURL ? serverOpen : isServerOpenBoolean ? base : false;
   const rendererClientEntries = settings.renderers.map((r) => r.clientEntrypoint).filter(Boolean);
   const viteConfig = await createVite(
     {

package/dist/core/dev/dev.js

@@ -19,7 +19,7 @@ async function dev(inlineConfig) {
   await telemetry.record([]);
   const restart = await createContainerWithAutomaticRestart({ inlineConfig, fs });
   const logger = restart.container.logger;
-  const currentVersion = "4.11.4";
+  const currentVersion = "4.11.6";
   const isPrerelease = currentVersion.includes("-");
   if (!isPrerelease) {
     try {

package/dist/core/errors/errors-data.d.ts

@@ -1106,7 +1106,7 @@ export declare const RouteNotFound: {
 export declare const EnvInvalidVariables: {
     name: string;
     title: string;
-    message: (variables: string) => string;
+    message: (errors: Array<string>) => string;
 };
 /**
  * @docs

package/dist/core/errors/errors-data.js

@@ -399,9 +399,9 @@ const RouteNotFound = {
 const EnvInvalidVariables = {
   name: "EnvInvalidVariables",
   title: "Invalid Environment Variables",
-  message: (variables) => `The following environment variables do not match the data type and/or properties defined in \`experimental.env.schema\`:
+  message: (errors) => `The following environment variables defined in \`experimental.env.schema\` are invalid:
 
-${variables}
+${errors.map((err) => `- ${err}`).join("\n")}
 `
 };
 const EnvInvalidVariable = {

package/dist/core/messages.js

@@ -37,7 +37,7 @@ function serverStart({
   host,
   base
 }) {
-  const version = "4.11.4";
+  const version = "4.11.6";
   const localPrefix = `${dim("\u2503")} Local    `;
   const networkPrefix = `${dim("\u2503")} Network  `;
   const emptyPrefix = " ".repeat(11);
@@ -269,7 +269,7 @@ function printHelp({
     message.push(
       linebreak(),
       `  ${bgGreen(black(` ${commandName} `))} ${green(
-        `v${"4.11.4"}`
+        `v${"4.11.6"}`
       )} ${headline}`
     );
   }

package/dist/env/schema.d.ts

@@ -220,7 +220,7 @@ declare const EnvFieldMetadata: z.ZodUnion<[z.ZodObject<{
     context: "server";
     access: "secret";
 }>]>;
-export declare const EnvSchema: z.ZodRecord<z.ZodString, z.ZodIntersection<z.ZodUnion<[z.ZodObject<{
+export declare const EnvSchema: z.ZodRecord<z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>, z.ZodIntersection<z.ZodUnion<[z.ZodObject<{
     context: z.ZodLiteral<"client">;
     access: z.ZodLiteral<"public">;
 }, "strip", z.ZodTypeAny, {

package/dist/env/schema.js

@@ -69,13 +69,12 @@ const EnvFieldMetadata = z.union([
   PublicServerEnvFieldMetadata,
   SecretServerEnvFieldMetadata
 ]);
-const KEY_REGEX = /^[A-Z_]+$/;
-const EnvSchema = z.record(
-  z.string().regex(KEY_REGEX, {
-    message: "A valid variable name can only contain uppercase letters and underscores."
-  }),
-  z.intersection(EnvFieldMetadata, EnvFieldType)
-);
+const EnvSchemaKey = z.string().min(1).refine(([firstChar]) => isNaN(Number.parseInt(firstChar)), {
+  message: "A valid variable name cannot start with a number."
+}).refine((str) => /^[A-Z0-9_]+$/.test(str), {
+  message: "A valid variable name can only contain uppercase letters, numbers and underscores."
+});
+const EnvSchema = z.record(EnvSchemaKey, z.intersection(EnvFieldMetadata, EnvFieldType));
 export {
   EnvSchema
 };

package/dist/env/validators.d.ts

@@ -1,12 +1,12 @@
 import type { EnvFieldType } from './schema.js';
 export type ValidationResultValue = EnvFieldType['default'];
+export type ValidationResultErrors = ['missing'] | ['type'] | Array<string>;
 type ValidationResult = {
     ok: true;
-    type: string;
     value: ValidationResultValue;
 } | {
     ok: false;
-    type: string;
+    errors: ValidationResultErrors;
 };
 export declare function getEnvFieldType(options: EnvFieldType): string;
 export declare function validateEnvVariable(value: string | undefined, options: EnvFieldType): ValidationResult;

package/dist/env/validators.js

@@ -9,72 +9,106 @@ function getEnvFieldType(options) {
   return `${type}${optional ? " | undefined" : ""}`;
 }
 const stringValidator = ({ max, min, length, url, includes, startsWith, endsWith }) => (input) => {
-  let valid = typeof input === "string";
-  if (valid && max !== void 0) {
-    valid = input.length <= max;
+  if (typeof input !== "string") {
+    return {
+      ok: false,
+      errors: ["type"]
+    };
   }
-  if (valid && min !== void 0) {
-    valid = input.length >= min;
+  const errors = [];
+  if (max !== void 0 && !(input.length <= max)) {
+    errors.push("max");
   }
-  if (valid && length !== void 0) {
-    valid = input.length === length;
+  if (min !== void 0 && !(input.length >= min)) {
+    errors.push("min");
   }
-  if (valid && url !== void 0) {
-    try {
-      new URL(input);
-    } catch (_) {
-      valid = false;
-    }
+  if (length !== void 0 && !(input.length === length)) {
+    errors.push("length");
+  }
+  if (url !== void 0 && !URL.canParse(input)) {
+    errors.push("url");
   }
-  if (valid && includes !== void 0) {
-    valid = input.includes(includes);
+  if (includes !== void 0 && !input.includes(includes)) {
+    errors.push("includes");
   }
-  if (valid && startsWith !== void 0) {
-    valid = input.startsWith(startsWith);
+  if (startsWith !== void 0 && !input.startsWith(startsWith)) {
+    errors.push("startsWith");
   }
-  if (valid && endsWith !== void 0) {
-    valid = input.endsWith(endsWith);
+  if (endsWith !== void 0 && !input.endsWith(endsWith)) {
+    errors.push("endsWith");
+  }
+  if (errors.length > 0) {
+    return {
+      ok: false,
+      errors
+    };
   }
   return {
-    valid,
-    parsed: input
+    ok: true,
+    value: input
   };
 };
 const numberValidator = ({ gt, min, lt, max, int }) => (input) => {
   const num = parseFloat(input ?? "");
-  let valid = !isNaN(num);
-  if (valid && gt !== void 0) {
-    valid = num > gt;
+  if (isNaN(num)) {
+    return {
+      ok: false,
+      errors: ["type"]
+    };
   }
-  if (valid && min !== void 0) {
-    valid = num >= min;
+  const errors = [];
+  if (gt !== void 0 && !(num > gt)) {
+    errors.push("gt");
   }
-  if (valid && lt !== void 0) {
-    valid = num < lt;
+  if (min !== void 0 && !(num >= min)) {
+    errors.push("min");
   }
-  if (valid && max !== void 0) {
-    valid = num <= max;
+  if (lt !== void 0 && !(num < lt)) {
+    errors.push("lt");
   }
-  if (valid && int !== void 0) {
+  if (max !== void 0 && !(num <= max)) {
+    errors.push("max");
+  }
+  if (int !== void 0) {
     const isInt = Number.isInteger(num);
-    valid = int ? isInt : !isInt;
+    if (!(int ? isInt : !isInt)) {
+      errors.push("int");
+    }
+  }
+  if (errors.length > 0) {
+    return {
+      ok: false,
+      errors
+    };
   }
   return {
-    valid,
-    parsed: num
+    ok: true,
+    value: num
   };
 };
 const booleanValidator = (input) => {
   const bool = input === "true" ? true : input === "false" ? false : void 0;
+  if (typeof bool !== "boolean") {
+    return {
+      ok: false,
+      errors: ["type"]
+    };
+  }
   return {
-    valid: typeof bool === "boolean",
-    parsed: bool
+    ok: true,
+    value: bool
   };
 };
 const enumValidator = ({ values }) => (input) => {
+  if (!(typeof input === "string" ? values.includes(input) : false)) {
+    return {
+      ok: false,
+      errors: ["type"]
+    };
+  }
   return {
-    valid: typeof input === "string" ? values.includes(input) : false,
-    parsed: input
+    ok: true,
+    value: input
   };
 };
 function selectValidator(options) {
@@ -90,29 +124,20 @@ function selectValidator(options) {
   }
 }
 function validateEnvVariable(value, options) {
-  const validator = selectValidator(options);
-  const type = getEnvFieldType(options);
-  if (options.optional || options.default !== void 0) {
-    if (value === void 0) {
-      return {
-        ok: true,
-        value: options.default,
-        type
-      };
-    }
-  }
-  const { valid, parsed } = validator(value);
-  if (valid) {
+  const isOptional = options.optional || options.default !== void 0;
+  if (isOptional && value === void 0) {
     return {
       ok: true,
-      value: parsed,
-      type
+      value: options.default
     };
   }
-  return {
-    ok: false,
-    type
-  };
+  if (!isOptional && value === void 0) {
+    return {
+      ok: false,
+      errors: ["missing"]
+    };
+  }
+  return selectValidator(options)(value);
 }
 export {
   getEnvFieldType,

package/dist/env/vite-plugin-env.js

@@ -6,7 +6,7 @@ import {
   VIRTUAL_MODULES_IDS,
   VIRTUAL_MODULES_IDS_VALUES
 } from "./constants.js";
-import { validateEnvVariable } from "./validators.js";
+import { getEnvFieldType, validateEnvVariable } from "./validators.js";
 function astroEnv({
   settings,
   mode,
@@ -32,7 +32,11 @@ function astroEnv({
           process.env[key] = value;
         }
       }
-      const validatedVariables = validatePublicVariables({ schema, loadedEnv });
+      const validatedVariables = validatePublicVariables({
+        schema,
+        loadedEnv,
+        validateSecrets: settings.config.experimental.env?.validateSecrets ?? false
+      });
       templates = {
         ...getTemplates(schema, fs, validatedVariables),
         internal: `export const schema = ${JSON.stringify(schema)};`
@@ -70,28 +74,38 @@ function resolveVirtualModuleId(id) {
 }
 function validatePublicVariables({
   schema,
-  loadedEnv
+  loadedEnv,
+  validateSecrets
 }) {
   const valid = [];
   const invalid = [];
   for (const [key, options] of Object.entries(schema)) {
-    if (options.access !== "public") {
+    const variable = loadedEnv[key] === "" ? void 0 : loadedEnv[key];
+    if (options.access === "secret" && !validateSecrets) {
       continue;
     }
-    const variable = loadedEnv[key];
-    const result = validateEnvVariable(variable === "" ? void 0 : variable, options);
-    if (result.ok) {
-      valid.push({ key, value: result.value, type: result.type, context: options.context });
-    } else {
-      invalid.push({ key, type: result.type });
+    const result = validateEnvVariable(variable, options);
+    const type = getEnvFieldType(options);
+    if (!result.ok) {
+      invalid.push({ key, type, errors: result.errors });
+    } else if (options.access === "public") {
+      valid.push({ key, value: result.value, type, context: options.context });
     }
   }
   if (invalid.length > 0) {
+    const _errors = [];
+    for (const { key, type, errors } of invalid) {
+      if (errors[0] === "missing") {
+        _errors.push(`${key} is missing`);
+      } else if (errors[0] === "type") {
+        _errors.push(`${key}'s type is invalid, expected: ${type}`);
+      } else {
+        _errors.push(`The following constraints for ${key} are not met: ${errors.join(", ")}`);
+      }
+    }
     throw new AstroError({
       ...AstroErrorData.EnvInvalidVariables,
-      message: AstroErrorData.EnvInvalidVariables.message(
-        invalid.map(({ key, type }) => `Variable ${key} is not of type: ${type}.`).join("\n")
-      )
+      message: AstroErrorData.EnvInvalidVariables.message(_errors)
     });
   }
   return valid;

package/dist/runtime/client/dev-toolbar/apps/audit/rules/a11y.js

@@ -91,6 +91,7 @@ const aria_non_interactive_roles = [
   "rowheader",
   "search",
   "status",
+  "tabpanel",
   "term",
   "timer",
   "toolbar",
@@ -422,7 +423,7 @@ const a11y = [
     title: "Invalid `tabindex` on non-interactive element",
     description: 'The `tabindex` attribute should only be used on interactive elements, as it can be confusing for keyboard-only users to navigate through non-interactive elements. If your element is only conditionally interactive, consider using `tabindex="-1"` to make it focusable only when it is actually interactive.',
     message: (element) => `${element.localName} elements should not have \`tabindex\` attribute`,
-    selector: "[tabindex]",
+    selector: '[tabindex]:not([role="tabpanel"])',
     match(element) {
       const isScrollable = element.scrollHeight > element.clientHeight || element.scrollWidth > element.clientWidth;
       if (isScrollable) return false;

package/dist/runtime/server/render/util.js

@@ -2,6 +2,8 @@ import { clsx } from "clsx";
 import { HTMLString, markHTMLString } from "../escape.js";
 const voidElementNames = /^(area|base|br|col|command|embed|hr|img|input|keygen|link|meta|param|source|track|wbr)$/i;
 const htmlBooleanAttributes = /^(?:allowfullscreen|async|autofocus|autoplay|controls|default|defer|disabled|disablepictureinpicture|disableremoteplayback|formnovalidate|hidden|loop|nomodule|novalidate|open|playsinline|readonly|required|reversed|scoped|seamless|itemscope)$/i;
+const htmlEnumAttributes = /^(?:contenteditable|draggable|spellcheck|value)$/i;
+const svgEnumAttributes = /^(?:autoReverse|externalResourcesRequired|focusable|preserveAlpha)$/i;
 const AMPERSAND_REGEX = /&/g;
 const DOUBLE_QUOTE_REGEX = /"/g;
 const STATIC_DIRECTIVES = /* @__PURE__ */ new Set(["set:html", "set:text"]);
@@ -36,6 +38,12 @@ function addAttribute(value, key, shouldEscape = true) {
   if (value == null) {
     return "";
   }
+  if (value === false) {
+    if (htmlEnumAttributes.test(key) || svgEnumAttributes.test(key)) {
+      return markHTMLString(` ${key}="false"`);
+    }
+    return "";
+  }
   if (STATIC_DIRECTIVES.has(key)) {
     console.warn(`[astro] The "${key}" directive cannot be applied dynamically at runtime. It will not be rendered as an attribute.
 
@@ -65,13 +73,11 @@ Make sure to use the static attribute syntax (\`${key}={value}\`) instead of the
   if (typeof value === "string" && value.includes("&") && isHttpUrl(value)) {
     return markHTMLString(` ${key}="${toAttributeString(value, false)}"`);
   }
-  if (htmlBooleanAttributes.test(key)) {
-    return markHTMLString(value ? ` ${key}` : "");
-  }
-  if (value === "") {
+  if (value === true && (key.startsWith("data-") || htmlBooleanAttributes.test(key))) {
     return markHTMLString(` ${key}`);
+  } else {
+    return markHTMLString(` ${key}="${toAttributeString(value, shouldEscape)}"`);
   }
-  return markHTMLString(` ${key}="${toAttributeString(value, shouldEscape)}"`);
 }
 function internalSpreadAttributes(values, shouldEscape = true) {
   let output = "";

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "astro",
-  "version": "4.11.4",
+  "version": "4.11.6",
   "description": "Astro is a modern site builder with web best practices, performance, and DX front-of-mind.",
   "type": "module",
   "author": "withastro",
@@ -109,19 +109,19 @@
     "vendor"
   ],
   "dependencies": {
-    "@astrojs/compiler": "^2.8.1",
-    "@babel/core": "^7.24.7",
-    "@babel/generator": "^7.24.7",
-    "@babel/parser": "^7.24.7",
+    "@astrojs/compiler": "^2.8.2",
+    "@babel/core": "^7.24.9",
+    "@babel/generator": "^7.24.10",
+    "@babel/parser": "^7.24.8",
     "@babel/plugin-transform-react-jsx": "^7.24.7",
-    "@babel/traverse": "^7.24.7",
-    "@babel/types": "^7.24.7",
+    "@babel/traverse": "^7.24.8",
+    "@babel/types": "^7.24.9",
     "@types/babel__core": "^7.20.5",
     "@types/cookie": "^0.6.0",
-    "acorn": "^8.12.0",
+    "acorn": "^8.12.1",
     "aria-query": "^5.3.0",
-    "axobject-query": "^4.0.0",
-    "boxen": "^7.1.1",
+    "axobject-query": "^4.1.0",
+    "boxen": "^8.0.0",
     "chokidar": "^3.6.0",
     "ci-info": "^4.0.0",
     "clsx": "^2.1.1",
@@ -149,22 +149,22 @@
     "magic-string": "^0.30.10",
     "mrmime": "^2.0.0",
     "ora": "^8.0.1",
-    "p-limit": "^5.0.0",
+    "p-limit": "^6.1.0",
     "p-queue": "^8.0.1",
     "path-to-regexp": "^6.2.2",
-    "preferred-pm": "^3.1.3",
+    "preferred-pm": "^4.0.0",
     "prompts": "^2.4.2",
     "rehype": "^13.0.1",
     "semver": "^7.6.2",
-    "shiki": "^1.10.0",
+    "shiki": "^1.10.3",
     "string-width": "^7.2.0",
     "strip-ansi": "^7.1.0",
     "tsconfck": "^3.1.1",
     "unist-util-visit": "^5.0.0",
-    "vfile": "^6.0.1",
-    "vite": "^5.3.2",
+    "vfile": "^6.0.2",
+    "vite": "^5.3.4",
     "vitefu": "^0.2.5",
-    "which-pm": "^2.2.0",
+    "which-pm": "^3.0.0",
     "yargs-parser": "^21.1.1",
     "zod": "^3.23.8",
     "zod-to-json-schema": "^3.23.1",
@@ -176,8 +176,8 @@
     "sharp": "^0.33.3"
   },
   "devDependencies": {
-    "@astrojs/check": "^0.7.0",
-    "@playwright/test": "^1.45.0",
+    "@astrojs/check": "^0.8.1",
+    "@playwright/test": "^1.45.2",
     "@types/aria-query": "^5.0.4",
     "@types/babel__generator": "^7.6.8",
     "@types/babel__traverse": "^7.20.6",
@@ -200,6 +200,7 @@
     "@types/yargs-parser": "^21.0.3",
     "cheerio": "1.0.0-rc.12",
     "eol": "^0.9.1",
+    "expect-type": "^0.19.0",
     "mdast-util-mdx": "^3.0.0",
     "mdast-util-mdx-jsx": "^3.1.2",
     "memfs": "^4.9.3",
@@ -209,8 +210,8 @@
     "rehype-slug": "^6.0.0",
     "rehype-toc": "^3.0.2",
     "remark-code-titles": "^0.1.2",
-    "rollup": "^4.18.0",
-    "sass": "^1.77.6",
+    "rollup": "^4.18.1",
+    "sass": "^1.77.8",
     "srcset-parse": "^1.1.0",
     "undici": "^6.19.2",
     "unified": "^11.0.5",
@@ -230,12 +231,13 @@
     "build:ci": "pnpm run prebuild && astro-scripts build \"src/**/*.{ts,js}\" && pnpm run postbuild",
     "dev": "astro-scripts dev --copy-wasm --prebuild \"src/runtime/server/astro-island.ts\" --prebuild \"src/runtime/client/{idle,load,media,only,visible}.ts\" \"src/**/*.{ts,js}\"",
     "postbuild": "astro-scripts copy \"src/**/*.astro\" && astro-scripts copy \"src/**/*.wasm\"",
-    "test": "pnpm run test:node",
+    "test": "pnpm run test:node && pnpm run test:types",
     "test:match": "pnpm run test:node --match",
     "test:e2e": "pnpm test:e2e:chrome && pnpm test:e2e:firefox",
     "test:e2e:match": "playwright test -g",
     "test:e2e:chrome": "playwright test",
     "test:e2e:firefox": "playwright test --config playwright.firefox.config.js",
+    "test:types": "tsc --project tsconfig.tests.json",
     "test:node": "astro-scripts test \"test/**/*.test.js\""
   }
 }