deps: bump the npm-root group with 2 updates

[dependabot]

Bumps the npm-root group with 2 updates: nx and astro.

Updates nx from 22.7.1 to 22.7.2

Release notes

Sourced from nx's releases.

22.7.2 (2026-05-14)

🚀 Features

• gradle: stream batch task results to nx as they finish (#35487)
• nx-dev: track docs analytics for code copy, LLM prompt, YouTube (#35526)
• testing: add migration for Jest 30 snapshot guide link (#35629)

🩹 Fixes

• angular: disable vitest watch by default (#35493)
• angular-rspack: keep root-scoped assets out of per-locale i18n emit (#35621)
• bundling: include tsconfig solution input for rollup (#35476)
• bundling: include tsconfig solution input for webpack (#35477, #35476)
• core: bump axios to 1.16.0 for all packages (#35568)
• core: add provenance check in nx console status path (#35485)
• core: remove access control header from graph app (#35494)
• core: ensure verbose logs go to stderr and daemon logs are properly decorated (#34358)
• core: show flaky-task count in run summary (#35491)
• core: unique telemetry user_id; expose workspace_id dimension (#35553)
• core: update minimatch to 10.2.5 (#35569, #34660)
• core: restore use-legacy-versioning shim for @​nx/js@​21 ensurePackage path (#35574)
• core: isolate NX_PARALLEL env var in parallel-related specs (#35579)
• core: skip handleimport miss path when nx key packages are absent (#35596)
• core: use gethostuuid(3) instead of ioreg on macOS (#35599)
• core: isolate cache env vars in splitArgs spec (#35584)
• core: enable node's native v8 compile cache support (#35415, #20454)
• core: support skipped batch tasks end-to-end and fix TUI double logs (#35617)
• core: keep TUI task selection on the in-progress section (#35640)
• core: allow nx mcp to run outside of an Nx workspace (#35655)
• core: cast perf entries to PerformanceMeasure for detail access (43c0c821ba)
• devkit: exclude dist from jest module path scan (#35615)
• devkit: expand @​nx/devkit/internal re-exports for cherry-picked v23 deep-import migration (#35541)
• dotnet: correct output paths for Web SDK and centralized dist setups (#35398)
• gradle: exclude batch-runner from jest haste-map crawl (#35501)
• gradle: exclude project-graph from jest module path scan (#35609)
• gradle: support Windows file paths (#35184, #34987)
• js: strip glob from inferred outputs before resolving as path (#35463, #35452)
• js: reference vitest.config in eslint dep-checks for vitest libs (#35460, #33670, #35450)
• js: include transitive workspace deps in pruned pnpm lockfile (#35532, #35347, #34655)
• linter: prevent ENOENT crash in getRelativeImportPath for unresolvable paths (#35007, #13872, #34066, #30491, #16716, #35006, #21889, #32190)
• maven: skip attached artifacts that fail to materialize in batch record (#35473)
• maven: serialize Maven 4 build state recording (#35555)
• maven: widen runCLI timeout for --no-batch maven.test.ts cases (#35589)
• nx-dev: document nested CLI subcommands beyond two levels (#35519)
• nx-dev: short-circuit bot probes in framer rewrite edge function (#35527)
• react: withSvgr migration preserves other properties (#35484)
• repo: clear NX_INVOCATION_ROOT_PID in run-native-target to avoid recursion false-positive (443dee0b22)
• repo: revert deep-import rewrites that targeted v23-only @​nx/devkit/internal entry (ac8187963d)
• repo: unblock 22.7.x cargo tests and nx-build e2e (#34285)

... (truncated)

Commits

• 4e9ea1b chore(core): refresh stale TUI snapshots on 22.7.x
• d02dc54 fix(repo): unblock 22.7.x cargo tests and nx-build e2e
• 7e4bce9 feat(testing): add migration for Jest 30 snapshot guide link (#35629)
• 43c0c82 fix(core): cast perf entries to PerformanceMeasure for detail access
• 0cfc6bc fix(core): allow nx mcp to run outside of an Nx workspace (#35655)
• df0e414 chore(core): remove dead TUI selection lifecycle helpers (#35649)
• a0f7a52 fix(core): keep TUI task selection on the in-progress section (#35640)
• 93813e9 fix(core): support skipped batch tasks end-to-end and fix TUI double logs (#3...
• c514039 fix(core): enable node's native v8 compile cache support (#35415)
• 75e3498 fix(core): isolate cache env vars in splitArgs spec (#35584)
• Additional commits viewable in compare view

Updates astro from 6.3.1 to 6.3.5

Release notes

Sourced from astro's releases.

astro@6.3.5

Patch Changes

• #16771 07c8805 Thanks @​ematipico! - Fixes position prop on <Image> and <Picture> components breaking Content Security Policy (CSP).

• #16593 50924ce Thanks @​yanthomasdev! - Improves error messages with more consistent and correct writing.

• #16757 5d661cd Thanks @​astrobot-houston! - Fixes dev server serving stale content when SSR-only modules change (e.g. .astro files outside the project root in a monorepo, or dynamically imported components).

  Previously, the astro:hmr-reload plugin returned an empty array after detecting SSR-only module changes, which prevented Vite's updateModules from propagating the invalidation to the SSR module runner. The runner's evaluated module cache stayed stale, so subsequent requests continued returning old content.

  Now the plugin returns the SSR-only modules so Vite can process them through updateModules, which properly invalidates the module runner's cache and ensures fresh content on the next request.

astro@6.3.4

Patch Changes

• #16723 0f10bfe Thanks @​matthewp! - Adds fetchFile option to experimental.advancedRouting to customize or disable the entrypoint file

  export default defineConfig({
    experimental: {
      advancedRouting: {
        fetchFile: 'fetch.ts',
      },
    },
  });

• #16723 0f10bfe Thanks @​matthewp! - Fixes Hono cache() middleware to follow the standard wrapper pattern

• #16723 0f10bfe Thanks @​matthewp! - Adds App.Providers interface for typing custom context providers on Astro and ctx

  declare namespace App {
    interface Providers {
      oauth: import('./lib/oauth').OAuthSession;
    }
  }

• #16723 0f10bfe Thanks @​matthewp! - Adds FetchState.response property, set automatically after pages() or middleware() completes

  const response = await middleware(state, (s) => pages(s));
  console.log(state.response === response); // true

• #16723 0f10bfe Thanks @​matthewp! - Adds Fetchable type export for typing the advanced routing entrypoint

... (truncated)

Changelog

Sourced from astro's changelog.

6.3.5

Patch Changes

• #16771 07c8805 Thanks @​ematipico! - Fixes position prop on <Image> and <Picture> components breaking Content Security Policy (CSP).

• #16593 50924ce Thanks @​yanthomasdev! - Improves error messages with more consistent and correct writing.

• #16757 5d661cd Thanks @​astrobot-houston! - Fixes dev server serving stale content when SSR-only modules change (e.g. .astro files outside the project root in a monorepo, or dynamically imported components).

  Previously, the astro:hmr-reload plugin returned an empty array after detecting SSR-only module changes, which prevented Vite's updateModules from propagating the invalidation to the SSR module runner. The runner's evaluated module cache stayed stale, so subsequent requests continued returning old content.

  Now the plugin returns the SSR-only modules so Vite can process them through updateModules, which properly invalidates the module runner's cache and ensures fresh content on the next request.

6.3.4

Patch Changes

• #16723 0f10bfe Thanks @​matthewp! - Adds fetchFile option to experimental.advancedRouting to customize or disable the entrypoint file

  export default defineConfig({
    experimental: {
      advancedRouting: {
        fetchFile: 'fetch.ts',
      },
    },
  });

• #16723 0f10bfe Thanks @​matthewp! - Fixes Hono cache() middleware to follow the standard wrapper pattern

• #16723 0f10bfe Thanks @​matthewp! - Adds App.Providers interface for typing custom context providers on Astro and ctx

  declare namespace App {
    interface Providers {
      oauth: import('./lib/oauth').OAuthSession;
    }
  }

• #16723 0f10bfe Thanks @​matthewp! - Adds FetchState.response property, set automatically after pages() or middleware() completes

  const response = await middleware(state, (s) => pages(s));
  console.log(state.response === response); // true

• #16723 0f10bfe Thanks @​matthewp! - Adds Fetchable type export for typing the advanced routing entrypoint

... (truncated)

Commits

• 5b4122e [ci] release (#16772)
• 5d661cd Fix dev server serving stale content for files outside project root (#16757)
• be5ad21 [ci] format
• 50924ce Overhaul errors for consistency and correctness (#16593)
• 23c0bda [ci] format
• 07c8805 fix: position prop with CSP (#16771)
• 45b7fa9 [ci] release (#16742)
• 67a1016 [ci] format
• 0f10bfe feat: advanced routing types and config gaps (#16723)
• 904d19a Fix actions and server islands in dev mode with prerendered catch-all routes ...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions