build(deps): Bump the patch-minor group across 1 directory with 6 updates

[dependabot]

Bumps the patch-minor group with 5 updates in the / directory:

Package	From	To
@astrojs/db	0.21.1	0.21.2
motion	12.38.0	12.39.0
@types/howler	2.2.12	2.2.13
@types/node	25.8.0	25.9.0
knip	6.13.1	6.14.1

Updates @astrojs/db from 0.21.1 to 0.21.2

Release notes

Sourced from @​astrojs/db's releases.

@​astrojs/db@​0.21.2

Patch Changes

• #16661 03b8f7f Thanks @​ocavue! - Updates typescript to v6. No changes are needed from users.

Changelog

Sourced from @​astrojs/db's changelog.

0.21.2

Patch Changes

• #16661 03b8f7f Thanks @​ocavue! - Updates typescript to v6. No changes are needed from users.

Commits

• 45b7fa9 [ci] release (#16742)
• 03b8f7f chore: update typescript to v6 (#16661)
• 1be2583 chore: remove unused ticketing-example test fixture (#16734)
• 33b54c4 [ci] format
• 0f868b0 chore: remove redundant server assertions (#16721)
• 5a8cd09 refactor: update tsconfig to use TypeScript project references (#16505)
• 8dcaf38 refactor(db): remove tsconfig.virtual.json (#16557)
• See full diff in compare view

Updates astro from 5.18.1 to 6.3.5

Release notes

Sourced from astro's releases.

[email protected]

Patch Changes

• #16771 07c8805 Thanks @​ematipico! - Fixes position prop on <Image> and <Picture> components breaking Content Security Policy (CSP).

• #16593 50924ce Thanks @​yanthomasdev! - Improves error messages with more consistent and correct writing.

• #16757 5d661cd Thanks @​astrobot-houston! - Fixes dev server serving stale content when SSR-only modules change (e.g. .astro files outside the project root in a monorepo, or dynamically imported components).

  Previously, the astro:hmr-reload plugin returned an empty array after detecting SSR-only module changes, which prevented Vite's updateModules from propagating the invalidation to the SSR module runner. The runner's evaluated module cache stayed stale, so subsequent requests continued returning old content.

  Now the plugin returns the SSR-only modules so Vite can process them through updateModules, which properly invalidates the module runner's cache and ensures fresh content on the next request.

[email protected]

Patch Changes

• #16723 0f10bfe Thanks @​matthewp! - Adds fetchFile option to experimental.advancedRouting to customize or disable the entrypoint file

  export default defineConfig({
    experimental: {
      advancedRouting: {
        fetchFile: 'fetch.ts',
      },
    },
  });

• #16723 0f10bfe Thanks @​matthewp! - Fixes Hono cache() middleware to follow the standard wrapper pattern

• #16723 0f10bfe Thanks @​matthewp! - Adds App.Providers interface for typing custom context providers on Astro and ctx

  declare namespace App {
    interface Providers {
      oauth: import('./lib/oauth').OAuthSession;
    }
  }

• #16723 0f10bfe Thanks @​matthewp! - Adds FetchState.response property, set automatically after pages() or middleware() completes

  const response = await middleware(state, (s) => pages(s));
  console.log(state.response === response); // true

• #16723 0f10bfe Thanks @​matthewp! - Adds Fetchable type export for typing the advanced routing entrypoint

... (truncated)

Changelog

Sourced from astro's changelog.

6.3.5

Patch Changes

• #16771 07c8805 Thanks @​ematipico! - Fixes position prop on <Image> and <Picture> components breaking Content Security Policy (CSP).

• #16593 50924ce Thanks @​yanthomasdev! - Improves error messages with more consistent and correct writing.

• #16757 5d661cd Thanks @​astrobot-houston! - Fixes dev server serving stale content when SSR-only modules change (e.g. .astro files outside the project root in a monorepo, or dynamically imported components).

  Previously, the astro:hmr-reload plugin returned an empty array after detecting SSR-only module changes, which prevented Vite's updateModules from propagating the invalidation to the SSR module runner. The runner's evaluated module cache stayed stale, so subsequent requests continued returning old content.

  Now the plugin returns the SSR-only modules so Vite can process them through updateModules, which properly invalidates the module runner's cache and ensures fresh content on the next request.

6.3.4

Patch Changes

• #16723 0f10bfe Thanks @​matthewp! - Adds fetchFile option to experimental.advancedRouting to customize or disable the entrypoint file

  export default defineConfig({
    experimental: {
      advancedRouting: {
        fetchFile: 'fetch.ts',
      },
    },
  });

• #16723 0f10bfe Thanks @​matthewp! - Fixes Hono cache() middleware to follow the standard wrapper pattern

• #16723 0f10bfe Thanks @​matthewp! - Adds App.Providers interface for typing custom context providers on Astro and ctx

  declare namespace App {
    interface Providers {
      oauth: import('./lib/oauth').OAuthSession;
    }
  }

• #16723 0f10bfe Thanks @​matthewp! - Adds FetchState.response property, set automatically after pages() or middleware() completes

  const response = await middleware(state, (s) => pages(s));
  console.log(state.response === response); // true

• #16723 0f10bfe Thanks @​matthewp! - Adds Fetchable type export for typing the advanced routing entrypoint

... (truncated)

Commits

• 5b4122e [ci] release (#16772)
• 5d661cd Fix dev server serving stale content for files outside project root (#16757)
• be5ad21 [ci] format
• 50924ce Overhaul errors for consistency and correctness (#16593)
• 23c0bda [ci] format
• 07c8805 fix: position prop with CSP (#16771)
• 45b7fa9 [ci] release (#16742)
• 67a1016 [ci] format
• 0f10bfe feat: advanced routing types and config gaps (#16723)
• 904d19a Fix actions and server islands in dev mode with prerendered catch-all routes ...
• Additional commits viewable in compare view

Updates motion from 12.38.0 to 12.39.0

Changelog

Sourced from motion's changelog.

[12.39.0] 2026-05-18

Added

• Support for repeatType and repeatDelay in animation sequences.

Fixed

• Variants: Re-run keyframe animations when switching between variant labels even when they share identical keyframe arrays.
• Drag: Preserve in-flight motion value animations across React 19 reorder unmount/remount so dragSnapToOrigin no longer leaves the drag transform stranded after a layout swap.
• LazyMotion: Share React contexts between the framer-motion and framer-motion/m (and therefore motion/react and motion/react-m) CJS bundles so that <m.div> from the /m subpath picks up features loaded by <LazyMotion> from the main entry point.
• useScroll: Support hydrating target and container refs from anywhere in the tree.
• Drag: Gesture no longer starts from incorrect start point when rendered inside <AnimatePresence initial={false} />.
• Drag: dragConstraints, when set as viewport-relative ref, no longer break on scroll.§
• Updated visualElement hydration order.
• useAnimate: Now respects skipAnimations.
• AnimatePresence: Fix object-form initial values not applied on re-entry after exit completes.
• scroll: Fixed callback progress when tracking an element.
• useScroll: Fix hardware acceleration when tracking an element.

Commits

• b607391 v12.39.0
• cd53178 Updating changelog
• bd07642 Merge pull request #3716 from motiondivision/worktree-fix-issue-3315
• 3f053b6 Merge branch 'main' into worktree-fix-issue-3315
• f434c42 Merge pull request #3718 from motiondivision/dependabot/npm_and_yarn/next-15....
• 5973dfb Merge pull request #3722 from motiondivision/worktree-fix-issue-2829
• cfccb03 fix(drag): Refresh root scroll before measuring ref constraints
• 16aa417 Updating changelog
• 5d627a4 Merge pull request #3720 from motiondivision/worktree-fix-issue-2831
• 63cf0d0 Merge pull request #3721 from motiondivision/worktree-fix-issue-2833
• Additional commits viewable in compare view

Updates @types/howler from 2.2.12 to 2.2.13

Commits

• See full diff in compare view

Updates @types/node from 25.8.0 to 25.9.0

Commits

• See full diff in compare view

Updates knip from 6.13.1 to 6.14.1

Release notes

Sourced from knip's releases.

Release 6.14.1

• Detect dynamic imports in Svelte compiler (#1747) (e1c1b1705f96ed7d6ac537a7969cbd07d238246a) - thanks @​jinhyuk9714!
• Detect dynamic import attributes; share import matcher with Astro-MDX (9dae64166bbc45be1abeb8d741127d109d48d351)
• Work the docs (close #1746) (919cba2f11d1979b854c7abaaca8992ee8b08e23)

Release 6.14.0

• Resolve imports satisfied via transitive peerDeps (d654ec74d)
• Don't flag undeclared sibling workspace imports as unlisted (#1742) (e7122a1ae)
• Update github-actions reporter snapshots (2308b5a42)
• Cache syncGlob() results like defaultGlob() does (6c34287a5)
• Trim redundant statSync calls in FileEntryCache (eee3b899b)
• Cache parsed .gitignore patterns across --cache runs (7ffdc2ff3)
• Tighten cache module callsites (64e507265)
• Extract shared disk-cache helper used by glob and gitignore caches (0987421d9)
• Simplify CacheConsultant: replace trampoline with default arrow methods (bebe750d3)
• Pin pnpm minimumReleaseAge and trustPolicy (77efb32e5)
• Eliminate rescanFrontier polling in walkAndAnalyze (38d91b6e3)
• Reduce findWorkspaceByFilePath per-call overhead (91494378f)
• Memoize DependencyDeputy.getDependencies (a661a2142)
• Tighten module-graph map helpers (drop double-lookup + optional chains) (c11d62fb0)
• Add --duration flag for zero-overhead duration measurement (d4b59d89b)
• Cover analysis pipeline with --performance timerify (694dbf44d)
• Align --help text (6f12997b1)
• Add cli arg shorthands: -p, -s, -w, -D, -f, -F, -u (f21a58710)
• Format (8db5346e4)
• This one's okay (662ceaf46)

Commits

• b99f1a5 Release [email protected]
• 919cba2 Work the docs (close #1746)
• 9dae641 Detect dynamic import attributes; share import matcher with Astro-MDX
• e1c1b17 Detect dynamic imports in Svelte compiler (#1747)
• f7b9cc5 Release [email protected]
• 8db5346 Format
• f21a587 Add cli arg shorthands: -p, -s, -w, -D, -f, -F, -u
• 6f12997 Align --help text
• 694dbf4 Cover analysis pipeline with --performance timerify
• d4b59d8 Add --duration flag for zero-overhead duration measurement
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[netlify]

❌ Deploy Preview for ky-fyi failed.

Name	Link
🔨 Latest commit	822da88
🔍 Latest deploy log	https://app.netlify.com/projects/ky-fyi/deploys/6a0b55a8811d340008f9599e