chore(deps): bump the all-docs-site-dependencies group across 1 directory with 2 updates

[dependabot]

Bumps the all-docs-site-dependencies group with 2 updates in the /docs-site directory: astro and astro-mermaid.

Updates astro from 5.17.1 to 5.18.0

Release notes

Sourced from astro's releases.

astro@5.18.0

Minor Changes

• #15589 b7dd447 Thanks @​qzio! - Adds a new security.actionBodySizeLimit option to configure the maximum size of Astro Actions request bodies.

  This lets you increase the default 1 MB limit when your actions need to accept larger payloads. For example, actions that handle file uploads or large JSON payloads can now opt in to a higher limit.

  If you do not set this option, Astro continues to enforce the 1 MB default to help prevent abuse.

  // astro.config.mjs
  export default defineConfig({
    security: {
      actionBodySizeLimit: 10 * 1024 * 1024, // set to 10 MB
    },
  });

Patch Changes

• #15594 efae11c Thanks @​qzio! - Fix X-Forwarded-Proto validation when allowedDomains includes both protocol and hostname fields. The protocol check no longer fails due to hostname mismatch against the hardcoded test URL.

astro@5.17.3

Patch Changes

• #15564 522f880 Thanks @​matthewp! - Add a default body size limit for server actions to prevent oversized requests from exhausting memory.

• #15569 e01e98b Thanks @​matthewp! - Respect image allowlists when inferring remote image sizes and reject remote redirects.

astro@5.17.2

Patch Changes

• c13b536 Thanks @​matthewp! - Improves Host header handling for SSR deployments behind proxies

Changelog

Sourced from astro's changelog.

5.18.0

Minor Changes

• #15589 b7dd447 Thanks @​qzio! - Adds a new security.actionBodySizeLimit option to configure the maximum size of Astro Actions request bodies.

  This lets you increase the default 1 MB limit when your actions need to accept larger payloads. For example, actions that handle file uploads or large JSON payloads can now opt in to a higher limit.

  If you do not set this option, Astro continues to enforce the 1 MB default to help prevent abuse.

  // astro.config.mjs
  export default defineConfig({
    security: {
      actionBodySizeLimit: 10 * 1024 * 1024, // set to 10 MB
    },
  });

Patch Changes

• #15594 efae11c Thanks @​qzio! - Fix X-Forwarded-Proto validation when allowedDomains includes both protocol and hostname fields. The protocol check no longer fails due to hostname mismatch against the hardcoded test URL.

5.17.3

Patch Changes

• #15564 522f880 Thanks @​matthewp! - Add a default body size limit for server actions to prevent oversized requests from exhausting memory.

• #15569 e01e98b Thanks @​matthewp! - Respect image allowlists when inferring remote image sizes and reject remote redirects.

5.17.2

Patch Changes

• c13b536 Thanks @​matthewp! - Improves Host header handling for SSR deployments behind proxies

Commits

• 011f061 [ci] release (#15597)
• efae11c fix: X-Forwarded-Proto rejected when allowedDomains includes protocol… (#15594)
• 751ccf0 Update actionBodySizeLimit changeset and make minor (#15600)
• b7dd447 make actionBodySizeLimit configurable (#15589)
• e0f1a2b [ci] release (#15571)
• 522f880 Limit action request body size (#15564)
• 436962a chore: Upgrade Vite and esbuild (#15554)
• e01e98b Respect remote image allowlists (#15569)
• f2955fb [ci] release (#15474)
• c13b536 Validate Host header against allowedDomains
• Additional commits viewable in compare view

Updates astro-mermaid from 1.1.0 to 1.3.1

Release notes

Sourced from astro-mermaid's releases.

v1.3.1 - Security Updates and Bug Fixes

What's Changed

Security

• 🔒 Resolved 35+ Dependabot security alerts by updating dependencies

Improvements

• ♻️ Refactored mermaid.js loading and initialization (#22)
• ⬆️ Fixed lockfile dependencies (#29)
• 🧹 Removed anthropic dev dependency

Commits

• fix: update dependencies to resolve 35+ Dependabot security alerts
• Refactor mermaid.js loading and initialization (#22)
• Fix lockfile dependencies (#29)
• Update demo dependency and remove anthropic dev dependency

Full Changelog: joesaby/astro-mermaid@v1.2.1...v1.3.1

Commits

• 77fe2ff chore: bump version to 1.3.1
• 94c0d84 fix: update dependencies to resolve 35+ Dependabot security alerts
• 4e35af0 Update demo dependency to 1.3.0 and also remove anthropic dev depdenency
• fc7ed08 chore: bump version to 1.3.0
• f22f28e Refactor mermaid.js loading and initialization (#22)
• 24e5609 ⬆️ Fix lockfile dependencies (#29)
• 863d900 chore: bump version to 1.2.1 (#32)
• 7e7ce49 Update README.md (update latest version)
• 08bbf09 fix: update @​anthropic-ai/claude-code to fix securities report (#25)
• c5aef0b chore: bump version to 1.2.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

✅ Coverage Check Passed

Overall Coverage

Metric	Base	PR	Delta
Lines	82.03%	82.18%	📈 +0.15%
Statements	82.01%	82.15%	📈 +0.14%
Functions	82.50%	82.50%	➡️ +0.00%
Branches	74.20%	74.29%	📈 +0.09%

📁 Per-file Coverage Changes (1 files)

File	Lines (Before → After)	Statements (Before → After)
src/docker-manager.ts	83.1% → 83.7% (+0.56%)	82.4% → 83.0% (+0.54%)

---

Coverage comparison generated by scripts/ci/compare-coverage.ts