astro 6.1.9 → 6.1.10

package/dist/cli/infra/build-time-astro-version-provider.js

@@ -1,6 +1,6 @@
 class BuildTimeAstroVersionProvider {
   // Injected during the build through esbuild define
-  version = "6.1.9";
+  version = "6.1.10";
 }
 export {
   BuildTimeAstroVersionProvider

package/dist/content/content-layer.js

@@ -192,7 +192,7 @@ ${contentConfig.error.message}`
       logger.info("Content config changed");
       shouldClear = true;
     }
-    if (previousAstroVersion && previousAstroVersion !== "6.1.9") {
+    if (previousAstroVersion && previousAstroVersion !== "6.1.10") {
       logger.info("Astro version changed");
       shouldClear = true;
     }
@@ -200,8 +200,8 @@ ${contentConfig.error.message}`
       logger.info("Clearing content store");
       this.#store.clearAll();
     }
-    if ("6.1.9") {
-      this.#store.metaStore().set("astro-version", "6.1.9");
+    if ("6.1.10") {
+      this.#store.metaStore().set("astro-version", "6.1.10");
     }
     if (currentConfigDigest) {
       this.#store.metaStore().set("content-config-digest", currentConfigDigest);

package/dist/core/app/manifest.js

@@ -64,6 +64,8 @@ function deserializeRouteData(rawRouteData) {
   return {
     route: rawRouteData.route,
     type: rawRouteData.type,
+    // nosemgrep: javascript.lang.security.audit.detect-non-literal-regexp.detect-non-literal-regexp
+    // This pattern is serialized from Astro's own route manifest.
     pattern: new RegExp(rawRouteData.pattern),
     params: rawRouteData.params,
     component: rawRouteData.component,

package/dist/core/constants.js

@@ -1,4 +1,4 @@
-const ASTRO_VERSION = "6.1.9";
+const ASTRO_VERSION = "6.1.10";
 const ASTRO_GENERATOR = `Astro v${ASTRO_VERSION}`;
 const REROUTE_DIRECTIVE_HEADER = "X-Astro-Reroute";
 const REWRITE_DIRECTIVE_HEADER_KEY = "X-Astro-Rewrite";

package/dist/core/dev/dev.js

@@ -37,7 +37,7 @@ async function dev(inlineConfig) {
   await telemetry.record([]);
   const restart = await createContainerWithAutomaticRestart({ inlineConfig, fs });
   const logger = restart.container.logger;
-  const currentVersion = "6.1.9";
+  const currentVersion = "6.1.10";
   const isPrerelease = currentVersion.includes("-");
   if (!isPrerelease) {
     try {
@@ -89,7 +89,7 @@ async function dev(inlineConfig) {
     });
     contentLayer.watchContentConfig();
     await contentLayer.sync();
-  } else {
+  } else if (config.status !== "does-not-exist") {
     logger.warn("content", "Content config not loaded");
   }
   const devServerAddressInfo = await startContainer(restart.container);

package/dist/core/encryption.d.ts

@@ -22,12 +22,16 @@ export declare function encodeKey(key: CryptoKey): Promise<string>;
 export declare function decodeKey(encoded: string): Promise<CryptoKey>;
 /**
  * Using a CryptoKey, encrypt a string into a base64 string.
+ * @param additionalData Optional authenticated context (e.g. "props:ComponentName") that is
+ *   verified during decryption but not included in the ciphertext. Both sides must agree on
+ *   the same value or decryption will fail.
  */
-export declare function encryptString(key: CryptoKey, raw: string): Promise<string>;
+export declare function encryptString(key: CryptoKey, raw: string, additionalData?: string): Promise<string>;
 /**
  * Takes a base64 encoded string, decodes it and returns the decrypted text.
+ * @param additionalData Must match the value used during encryption, or decryption will fail.
  */
-export declare function decryptString(key: CryptoKey, encoded: string): Promise<string>;
+export declare function decryptString(key: CryptoKey, encoded: string, additionalData?: string): Promise<string>;
 /**
  * Generates an SHA-256 digest of the given string.
  * @param {string} data The string to hash.

package/dist/core/encryption.js

@@ -43,30 +43,24 @@ async function decodeKey(encoded) {
 const encoder = new TextEncoder();
 const decoder = new TextDecoder();
 const IV_LENGTH = 24;
-async function encryptString(key, raw) {
+async function encryptString(key, raw, additionalData) {
   const iv = crypto.getRandomValues(new Uint8Array(IV_LENGTH / 2));
   const data = encoder.encode(raw);
-  const buffer = await crypto.subtle.encrypt(
-    {
-      name: ALGORITHM,
-      iv
-    },
-    key,
-    data
-  );
+  const params = { name: ALGORITHM, iv };
+  if (additionalData) {
+    params.additionalData = encoder.encode(additionalData);
+  }
+  const buffer = await crypto.subtle.encrypt(params, key, data);
   return encodeHexUpperCase(iv) + encodeBase64(new Uint8Array(buffer));
 }
-async function decryptString(key, encoded) {
+async function decryptString(key, encoded, additionalData) {
   const iv = decodeHex(encoded.slice(0, IV_LENGTH));
   const dataArray = decodeBase64(encoded.slice(IV_LENGTH));
-  const decryptedBuffer = await crypto.subtle.decrypt(
-    {
-      name: ALGORITHM,
-      iv
-    },
-    key,
-    dataArray
-  );
+  const params = { name: ALGORITHM, iv };
+  if (additionalData) {
+    params.additionalData = encoder.encode(additionalData);
+  }
+  const decryptedBuffer = await crypto.subtle.decrypt(params, key, dataArray);
   const decryptedString = decoder.decode(decryptedBuffer);
   return decryptedString;
 }

package/dist/core/messages/runtime.js

@@ -276,7 +276,7 @@ function printHelp({
     message.push(
       linebreak(),
       `  ${bgGreen(black(` ${commandName} `))} ${green(
-        `v${"6.1.9"}`
+        `v${"6.1.10"}`
       )} ${headline}`
     );
   }

package/dist/core/server-islands/endpoint.js

@@ -112,7 +112,11 @@ function createEndpoint(manifest) {
     const key = await manifest.key;
     let componentExport;
     try {
-      componentExport = await decryptString(key, data.encryptedComponentExport);
+      componentExport = await decryptString(
+        key,
+        data.encryptedComponentExport,
+        `export:${componentId}`
+      );
     } catch (_e) {
       return badRequest("Encrypted componentExport value is invalid.");
     }
@@ -120,7 +124,7 @@ function createEndpoint(manifest) {
     let props = {};
     if (encryptedProps !== "") {
       try {
-        const propString = await decryptString(key, encryptedProps);
+        const propString = await decryptString(key, encryptedProps, `props:${componentId}`);
         props = JSON.parse(propString);
       } catch (_e) {
         return badRequest("Encrypted props value is invalid.");
@@ -130,7 +134,7 @@ function createEndpoint(manifest) {
     const encryptedSlots = data.encryptedSlots;
     if (encryptedSlots !== "") {
       try {
-        const slotsString = await decryptString(key, encryptedSlots);
+        const slotsString = await decryptString(key, encryptedSlots, `slots:${componentId}`);
         decryptedSlots = JSON.parse(slotsString);
       } catch (_e) {
         return badRequest("Encrypted slots value is invalid.");

package/dist/runtime/client/dev-toolbar/apps/audit/index.js

@@ -147,7 +147,10 @@ var audit_default = {
         return;
       }
       if (originalElement.nodeName === "IMG" && !originalElement.complete) {
-        return;
+        await new Promise((resolve) => {
+          originalElement.addEventListener("load", () => resolve(), { once: true });
+          originalElement.addEventListener("error", () => resolve(), { once: true });
+        });
       }
       audits.push({
         auditedElement: originalElement,

package/dist/runtime/server/render/server-islands.js

@@ -126,9 +126,13 @@ class ServerIslandComponent {
       }
     }
     const key = await this.result.key;
-    const componentExportEncrypted = await encryptString(key, componentExport);
-    const propsEncrypted = Object.keys(this.props).length === 0 ? "" : await encryptString(key, JSON.stringify(this.props));
-    const slotsEncrypted = Object.keys(renderedSlots).length === 0 ? "" : await encryptString(key, JSON.stringify(renderedSlots));
+    const componentExportEncrypted = await encryptString(
+      key,
+      componentExport,
+      `export:${componentId}`
+    );
+    const propsEncrypted = Object.keys(this.props).length === 0 ? "" : await encryptString(key, JSON.stringify(this.props), `props:${componentId}`);
+    const slotsEncrypted = Object.keys(renderedSlots).length === 0 ? "" : await encryptString(key, JSON.stringify(renderedSlots), `slots:${componentId}`);
     const hostId = await this.getHostId();
     const slash = this.result.base.endsWith("/") ? "" : "/";
     let serverIslandUrl = `${this.result.base}${slash}_server-islands/${componentId}${this.result.trailingSlash === "always" ? "/" : ""}`;

package/dist/toolbar/vite-plugin-dev-toolbar.js

@@ -1,3 +1,4 @@
+import { readFileSync, writeFileSync } from "node:fs";
 import { telemetry } from "../events/index.js";
 import { eventAppToggled } from "../events/toolbar.js";
 const VIRTUAL_MODULE_ID = "astro:toolbar:internal";
@@ -14,7 +15,28 @@ function astroDevToolbar({ settings, logger }) {
             "astro > aria-query",
             "astro > axobject-query",
             ...settings.devToolbarApps.length > 0 ? ["astro/toolbar"] : []
-          ]
+          ],
+          esbuildOptions: {
+            plugins: [
+              {
+                name: "astro:strip-toolbar-sourcemap",
+                setup(build) {
+                  build.onEnd((result) => {
+                    if (!result.metafile) return;
+                    for (const outputPath of Object.keys(result.metafile.outputs)) {
+                      if (!outputPath.includes("entrypoint") || !outputPath.endsWith(".js"))
+                        continue;
+                      const code = readFileSync(outputPath, "utf-8");
+                      const stripped = code.replace(/\/\/# sourceMappingURL=.*$/m, "");
+                      if (stripped !== code) {
+                        writeFileSync(outputPath, stripped);
+                      }
+                    }
+                  });
+                }
+              }
+            ]
+          }
         }
       };
     },

package/dist/vite-plugin-environment/index.js

@@ -60,7 +60,8 @@ function vitePluginEnvironment({
         finalEnvironmentOptions.optimizeDeps = {
           include: [
             // For the dev toolbar
-            "astro > html-escaper"
+            "astro > html-escaper",
+            "astro/runtime/client/dev-toolbar/entrypoint.js"
           ],
           exclude: ["astro:*", "virtual:astro:*", "astro/virtual-modules/prefetch.js"],
           // Astro files can't be rendered on the client

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "astro",
-  "version": "6.1.9",
+  "version": "6.1.10",
   "description": "Astro is a modern site builder with web best practices, performance, and DX front-of-mind.",
   "type": "module",
   "author": "withastro",
@@ -189,7 +189,7 @@
     "undici": "^7.22.0",
     "unified": "^11.0.5",
     "vitest": "^4.1.0",
-    "@astrojs/check": "0.9.8",
+    "@astrojs/check": "0.9.9",
     "astro-scripts": "0.0.14"
   },
   "engines": {