Astro: [email protected] Release

Release date:
June 5, 2025
Previous version:
[email protected] (released June 4, 2025)
Magnitude:
1,839 Diff Delta
Contributors:
2 total committers
Data confidence:
Commits:

Top Contributors in [email protected]

ematipico
github-actions[bot]

Directory Browser for [email protected]

We haven't yet finished calculating and confirming the files and directories changed in this release. Please check back soon.

Release Notes Published

Minor Changes

  • #13802 0eafe14 Thanks @ematipico! - Adds experimental Content Security Policy (CSP) support

    CSP is an important feature to provide fine-grained control over resources that can or cannot be downloaded and executed by a document. In particular, it can help protect against cross-site scripting (XSS) attacks.

    Enabling this feature adds additional security to Astro's handling of processed and bundled scripts and styles by default, and allows you to further configure these, and additional, content types. This new experimental feature has been designed to work in every Astro rendering environment (static pages, dynamic pages and single page applications), while giving you maximum flexibility and with type-safety in mind.

    It is compatible with most of Astro's features such as client islands, and server islands, although Astro's view transitions using the <ClientRouter /> are not yet fully supported. Inline scripts are not supported out of the box, but you can provide your own hashes for external and inline scripts.

    To enable this feature, add the experimental flag in your Astro config:

    // astro.config.mjs
    import { defineConfig } from 'astro/config';
    
    export default defineConfig({
      experimental: {
        csp: true,
      },
    });
    

    For more information on enabling and using this feature in your project, see the Experimental CSP docs.

    For a complete overview, and to give feedback on this experimental API, see the Content Security Policy RFC.

  • #13850 1766d22 Thanks @ascorbic! - Provides a Markdown renderer to content loaders

    When creating a content loader, you will now have access to a renderMarkdown function that allows you to render Markdown content directly within your loaders. It uses the same settings and plugins as the renderer used for Markdown files in Astro, and follows any Markdown settings you have configured in your Astro project.

    This allows you to render Markdown content from various sources, such as a CMS or other data sources, directly in your loaders without needing to preprocess the Markdown content separately.

    import type { Loader } from 'astro/loaders';
    import { loadFromCMS } from './cms';
    
    export function myLoader(settings): Loader {
      return {
        name: 'my-loader',
        async load({ renderMarkdown, store }) {
          const entries = await loadFromCMS();
    
          store.clear();
    
          for (const entry of entries) {
            // Assume each entry has a 'content' field with markdown content
            store.set(entry.id, {
              id: entry.id,
              data: entry,
              rendered: await renderMarkdown(entry.content),
            });
          }
        },
      };
    }
    

    The return value of renderMarkdown is an object with two properties: html and metadata. These match the rendered property of content entries in content collections, so you can use them to render the content in your components or pages.

    ---
    import { getEntry, render } from 'astro:content';
    const entry = await getEntry('my-collection', Astro.params.id);
    const { Content } = await render(entry);
    ---
    
    <Content />
    

    For more information, see the Content Loader API docs.

  • #13887 62f0668 Thanks @yanthomasdev! - Adds an option for integration authors to suppress adapter warning/errors in supportedAstroFeatures. This is useful when either an warning/error isn't applicable in a specific context or the default one might conflict and confuse users.

    To do so, you can add suppress: "all" (to suppress both the default and custom message) or suppress: "default" (to only suppress the default one):

    setAdapter({
      name: 'my-astro-integration',
      supportedAstroFeatures: {
        staticOutput: 'stable',
        hybridOutput: 'stable',
        sharpImageService: {
          support: 'limited',
          message:
            "The sharp image service isn't available in the deploy environment, but will be used by prerendered pages on build.",
          suppress: 'default',
        },
      },
    });
    

    For more information, see the Adapter API reference docs.