@dargmuesli/nuxt-vio 9.0.2 → 9.0.4
Sign up to get free protection for your applications and to get access to all the features.
- package/nuxt.config.ts +22 -19
- package/package.json +17 -17
package/nuxt.config.ts
CHANGED
|
@@ -162,7 +162,7 @@ export default defineNuxtConfig(
|
|
|
162
162
|
locales: ['en', 'de'],
|
|
163
163
|
},
|
|
164
164
|
htmlValidator: {
|
|
165
|
-
failOnError: true,
|
|
165
|
+
// failOnError: true, // TODO: enable once headers match requirements (https://github.com/unjs/unhead/issues/199#issuecomment-1815728703)
|
|
166
166
|
logLevel: 'warning',
|
|
167
167
|
},
|
|
168
168
|
i18n: {
|
|
@@ -182,9 +182,7 @@ export default defineNuxtConfig(
|
|
|
182
182
|
...(process.env.NODE_ENV === 'production'
|
|
183
183
|
? {
|
|
184
184
|
'connect-src': ["'self'"], // `${SITE_URL}/cdn-cgi/rum`
|
|
185
|
-
'script-src
|
|
186
|
-
'https://static.cloudflareinsights.com',
|
|
187
|
-
],
|
|
185
|
+
'script-src': ['https://static.cloudflareinsights.com'], // TODO: replace with `script-src-elem` once Webkit supports it (https://caniuse.com/mdn-http_headers_content-security-policy_script-src-elem)
|
|
188
186
|
}
|
|
189
187
|
: {}),
|
|
190
188
|
},
|
|
@@ -199,15 +197,15 @@ export default defineNuxtConfig(
|
|
|
199
197
|
'https://*.google-analytics.com',
|
|
200
198
|
'https://*.googletagmanager.com',
|
|
201
199
|
],
|
|
202
|
-
'script-src
|
|
200
|
+
'script-src': ['https://*.googletagmanager.com'], // TODO: replace with `script-src-elem` once Webkit supports it (https://caniuse.com/mdn-http_headers_content-security-policy_script-src-elem)
|
|
203
201
|
},
|
|
204
202
|
{
|
|
205
203
|
// vio
|
|
206
204
|
'connect-src': ["'self'"], // `${SITE_URL}/api/healthcheck`
|
|
207
205
|
'manifest-src': [`${SITE_URL}/site.webmanifest`],
|
|
208
|
-
'script-src
|
|
206
|
+
'script-src': [
|
|
209
207
|
'https://polyfill.io/v3/polyfill.min.js', // ESLint plugin compat
|
|
210
|
-
],
|
|
208
|
+
], // TODO: replace with `script-src-elem` once Webkit supports it (https://caniuse.com/mdn-http_headers_content-security-policy_script-src-elem)
|
|
211
209
|
},
|
|
212
210
|
{
|
|
213
211
|
// @nuxt/devtools
|
|
@@ -219,6 +217,14 @@ export default defineNuxtConfig(
|
|
|
219
217
|
}
|
|
220
218
|
: {}),
|
|
221
219
|
},
|
|
220
|
+
{
|
|
221
|
+
// nuxt-i18n
|
|
222
|
+
...(process.env.NODE_ENV === 'development'
|
|
223
|
+
? {}
|
|
224
|
+
: {
|
|
225
|
+
'script-src': ["'self'"], // 'http://localhost:3000/_nuxt/i18n.config.*.js' // TOD: add with subresource integrity?
|
|
226
|
+
}),
|
|
227
|
+
},
|
|
222
228
|
{
|
|
223
229
|
// nuxt-link-checker
|
|
224
230
|
...(process.env.NODE_ENV === 'development'
|
|
@@ -234,7 +240,7 @@ export default defineNuxtConfig(
|
|
|
234
240
|
'font-src': ['https://fonts.gstatic.com/s/inter/'],
|
|
235
241
|
'frame-ancestors': ["'self'"],
|
|
236
242
|
'frame-src': ["'self'"],
|
|
237
|
-
'script-src
|
|
243
|
+
'script-src': ['https://cdn.tailwindcss.com/'], // TODO: replace with `script-src-elem` once Webkit supports it (https://caniuse.com/mdn-http_headers_content-security-policy_script-src-elem)
|
|
238
244
|
'style-src': [
|
|
239
245
|
// TODO: replace with `style-src-elem` once Webkit supports it
|
|
240
246
|
'https://cdn.jsdelivr.net/npm/gardevoir https://fonts.googleapis.com/css2',
|
|
@@ -244,7 +250,7 @@ export default defineNuxtConfig(
|
|
|
244
250
|
},
|
|
245
251
|
{
|
|
246
252
|
// nuxt-simple-sitemap
|
|
247
|
-
'script-src
|
|
253
|
+
'script-src': [`${SITE_URL}/__sitemap__/style.xsl`], // TODO: replace with `script-src-elem` once Webkit supports it (https://caniuse.com/mdn-http_headers_content-security-policy_script-src-elem)
|
|
248
254
|
},
|
|
249
255
|
{
|
|
250
256
|
// nuxt
|
|
@@ -262,7 +268,7 @@ export default defineNuxtConfig(
|
|
|
262
268
|
"'self'", // TODO: replace with `"'nonce-{{nonce}}'",`
|
|
263
269
|
'data:', // external link icon
|
|
264
270
|
],
|
|
265
|
-
'script-src
|
|
271
|
+
'script-src': ["'nonce-{{nonce}}'"], // TODO: replace with `script-src-elem` once Webkit supports it (https://caniuse.com/mdn-http_headers_content-security-policy_script-src-elem)
|
|
266
272
|
'style-src': [
|
|
267
273
|
// TODO: replace with `style-src-elem` once Webkit supports it
|
|
268
274
|
"'self'", // TODO: replace with `"'nonce-{{nonce}}'",` (https://github.com/vitejs/vite/pull/11864)
|
|
@@ -274,9 +280,9 @@ export default defineNuxtConfig(
|
|
|
274
280
|
'connect-src': ["'self'"] /* swagger
|
|
275
281
|
'http://localhost:3000/_nitro/openapi.json',
|
|
276
282
|
'http://localhost:3000/_nitro/swagger', */,
|
|
277
|
-
'script-src
|
|
283
|
+
'script-src': [
|
|
278
284
|
'https://cdn.jsdelivr.net/npm/', // swagger // TODO: increase precision (https://github.com/unjs/nitro/issues/1757)
|
|
279
|
-
],
|
|
285
|
+
], // TODO: replace with `script-src-elem` once Webkit supports it (https://caniuse.com/mdn-http_headers_content-security-policy_script-src-elem)
|
|
280
286
|
'style-src': [
|
|
281
287
|
'https://cdn.jsdelivr.net/npm/', // swagger // TODO: increase precision (https://github.com/unjs/nitro/issues/1757)
|
|
282
288
|
],
|
|
@@ -302,11 +308,11 @@ export default defineNuxtConfig(
|
|
|
302
308
|
// 'require-trusted-types-for': ["'script'"], // csp-evaluator
|
|
303
309
|
sandbox: [],
|
|
304
310
|
'script-src': [],
|
|
305
|
-
'script-src-attr':
|
|
306
|
-
'script-src-elem':
|
|
311
|
+
'script-src-attr': false as const, // TODO: enable once Webkit supports it (https://caniuse.com/mdn-http_headers_content-security-policy_script-src-attr)
|
|
312
|
+
'script-src-elem': false as const, // TODO: enable once Webkit supports it (https://caniuse.com/mdn-http_headers_content-security-policy_script-src-elem)
|
|
307
313
|
'style-src': [],
|
|
308
|
-
'style-src-attr':
|
|
309
|
-
'style-src-elem':
|
|
314
|
+
'style-src-attr': false as const, // TODO: enable once Webkit supports it (https://caniuse.com/mdn-http_headers_content-security-policy_style-src-attr)
|
|
315
|
+
'style-src-elem': false as const, // TODO: enable once Webkit supports it (https://caniuse.com/mdn-http_headers_content-security-policy_style-src-elem)
|
|
310
316
|
'upgrade-insecure-requests': false, // TODO: set to `process.env.NODE_ENV === 'production'` or `true` when tests run on https
|
|
311
317
|
'worker-src': [],
|
|
312
318
|
},
|
|
@@ -322,9 +328,6 @@ export default defineNuxtConfig(
|
|
|
322
328
|
: false,
|
|
323
329
|
xXSSProtection: '1; mode=block', // TODO: set back to `0` once CSP does not use `unsafe-*` anymore (https://github.com/maevsi/maevsi/issues/1047)
|
|
324
330
|
},
|
|
325
|
-
nonce: {
|
|
326
|
-
enabled: true,
|
|
327
|
-
},
|
|
328
331
|
},
|
|
329
332
|
seo: {
|
|
330
333
|
splash: false,
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@dargmuesli/nuxt-vio",
|
|
3
|
-
"version": "9.0.
|
|
3
|
+
"version": "9.0.4",
|
|
4
4
|
"repository": {
|
|
5
5
|
"type": "git",
|
|
6
6
|
"url": "git+https://github.com/dargmuesli/vio.git"
|
|
@@ -12,7 +12,7 @@
|
|
|
12
12
|
"engines": {
|
|
13
13
|
"node": "20"
|
|
14
14
|
},
|
|
15
|
-
"packageManager": "pnpm@8.
|
|
15
|
+
"packageManager": "pnpm@8.11.0",
|
|
16
16
|
"files": [
|
|
17
17
|
"assets",
|
|
18
18
|
"components",
|
|
@@ -34,28 +34,28 @@
|
|
|
34
34
|
],
|
|
35
35
|
"main": "nuxt.config.ts",
|
|
36
36
|
"dependencies": {
|
|
37
|
-
"@dargmuesli/nuxt-cookie-control": "7.1.
|
|
37
|
+
"@dargmuesli/nuxt-cookie-control": "7.1.3",
|
|
38
38
|
"@heroicons/vue": "2.0.18",
|
|
39
39
|
"@http-util/status-i18n": "0.8.1",
|
|
40
|
-
"@nuxt/devtools": "1.0.
|
|
41
|
-
"@nuxt/image": "1.
|
|
40
|
+
"@nuxt/devtools": "1.0.3",
|
|
41
|
+
"@nuxt/image": "1.1.0",
|
|
42
42
|
"@nuxtjs/color-mode": "3.3.2",
|
|
43
43
|
"@nuxtjs/html-validator": "1.5.2",
|
|
44
|
-
"@nuxtjs/i18n": "npm:@nuxtjs/i18n-edge@8.0.0-rc.5-
|
|
45
|
-
"@nuxtjs/tailwindcss": "6.
|
|
46
|
-
"@nuxtseo/module": "2.0.0-beta.
|
|
44
|
+
"@nuxtjs/i18n": "npm:@nuxtjs/i18n-edge@8.0.0-rc.5-28345873.8e3fab2",
|
|
45
|
+
"@nuxtjs/tailwindcss": "6.10.1",
|
|
46
|
+
"@nuxtseo/module": "2.0.0-beta.45",
|
|
47
47
|
"@pinia/nuxt": "0.5.1",
|
|
48
48
|
"@tailwindcss/forms": "0.5.7",
|
|
49
49
|
"@tailwindcss/typography": "0.5.10",
|
|
50
|
-
"@types/lodash-es": "4.17.
|
|
50
|
+
"@types/lodash-es": "4.17.12",
|
|
51
51
|
"@urql/core": "4.2.0",
|
|
52
52
|
"@vuelidate/core": "2.0.3",
|
|
53
53
|
"@vuelidate/validators": "2.0.4",
|
|
54
54
|
"clipboardy": "4.0.0",
|
|
55
55
|
"dayjs": "2.0.0-alpha.4",
|
|
56
56
|
"jose": "5.1.1",
|
|
57
|
-
"nuxt-security": "1.0.0-rc.
|
|
58
|
-
"sweetalert2": "11.10.
|
|
57
|
+
"nuxt-security": "1.0.0-rc.4",
|
|
58
|
+
"sweetalert2": "11.10.1",
|
|
59
59
|
"vue-gtag": "2.0.1"
|
|
60
60
|
},
|
|
61
61
|
"devDependencies": {
|
|
@@ -63,7 +63,7 @@
|
|
|
63
63
|
"@intlify/eslint-plugin-vue-i18n": "3.0.0-next.4",
|
|
64
64
|
"@nuxtjs/eslint-config-typescript": "12.1.0",
|
|
65
65
|
"@playwright/test": "1.40.0",
|
|
66
|
-
"@unhead/vue": "1.8.
|
|
66
|
+
"@unhead/vue": "1.8.8",
|
|
67
67
|
"@urql/devtools": "2.0.3",
|
|
68
68
|
"@urql/exchange-graphcache": "6.3.3",
|
|
69
69
|
"@urql/vue": "1.1.2",
|
|
@@ -71,17 +71,17 @@
|
|
|
71
71
|
"cookie-es": "1.0.0",
|
|
72
72
|
"cross-env": "7.0.3",
|
|
73
73
|
"defu": "6.1.3",
|
|
74
|
-
"eslint": "8.
|
|
74
|
+
"eslint": "8.54.0",
|
|
75
75
|
"eslint-config-prettier": "9.0.0",
|
|
76
76
|
"eslint-plugin-compat": "4.2.0",
|
|
77
77
|
"eslint-plugin-nuxt": "4.0.0",
|
|
78
78
|
"eslint-plugin-prettier": "5.0.1",
|
|
79
79
|
"eslint-plugin-yml": "1.10.0",
|
|
80
|
-
"h3": "1.
|
|
80
|
+
"h3": "1.9.0",
|
|
81
81
|
"jiti": "1.21.0",
|
|
82
82
|
"lint-staged": "15.1.0",
|
|
83
83
|
"lodash-es": "4.17.21",
|
|
84
|
-
"nuxt": "3.8.
|
|
84
|
+
"nuxt": "3.8.2",
|
|
85
85
|
"pinia": "2.1.7",
|
|
86
86
|
"prettier": "3.1.0",
|
|
87
87
|
"prettier-plugin-tailwindcss": "0.5.7",
|
|
@@ -92,13 +92,13 @@
|
|
|
92
92
|
"stylelint-no-unsupported-browser-features": "7.0.0",
|
|
93
93
|
"tailwindcss": "3.3.5",
|
|
94
94
|
"ufo": "1.3.2",
|
|
95
|
-
"unhead": "1.8.
|
|
95
|
+
"unhead": "1.8.8",
|
|
96
96
|
"vue": "3.3.8",
|
|
97
97
|
"vue-router": "4.2.5",
|
|
98
98
|
"vue-tsc": "1.8.22"
|
|
99
99
|
},
|
|
100
100
|
"peerDependencies": {
|
|
101
|
-
"nuxt": "3.8.
|
|
101
|
+
"nuxt": "3.8.2",
|
|
102
102
|
"playwright-core": "1.40.0",
|
|
103
103
|
"vue": "3.3.8",
|
|
104
104
|
"vue-router": "4.2.5"
|