@shopify/cli-hydrogen 5.4.1 → 5.4.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/dist/generator-templates/starter/app/components/Search.tsx +1 -1
  2. package/dist/generator-templates/starter/app/routes/discount.$code.tsx +6 -1
  3. package/dist/generator-templates/starter/package.json +3 -3
  4. package/oclif.manifest.json +1 -1
  5. package/package.json +2 -2
package/dist/generator-templates/starter/app/components/Search.tsx CHANGED
@@ -151,7 +151,7 @@ export function SearchResults({
151
151
  function SearchResultsProductsGrid({products}: Pick<SearchQuery, 'products'>) {
152
152
  return (
153
153
  <div className="search-result">
154
- <h3>Products</h3>
154
+ <h2>Products</h2>
155
155
  <Pagination connection={products}>
156
156
  {({nodes, isLoading, NextLink, PreviousLink}) => {
157
157
  const itemsMarkup = nodes.map((product) => (
package/dist/generator-templates/starter/app/routes/discount.$code.tsx CHANGED
@@ -17,9 +17,14 @@ export async function loader({request, context, params}: LoaderArgs) {
17
17
 
18
18
  const url = new URL(request.url);
19
19
  const searchParams = new URLSearchParams(url.search);
20
- const redirectParam =
20
+ let redirectParam =
21
21
  searchParams.get('redirect') || searchParams.get('return_to') || '/';
22
22
 
23
+ if (redirectParam.includes('//')) {
24
+ // Avoid redirecting to external URLs to prevent phishing attacks
25
+ redirectParam = '/';
26
+ }
27
+
23
28
  searchParams.delete('redirect');
24
29
  searchParams.delete('return_to');
25
30
 
package/dist/generator-templates/starter/package.json CHANGED
@@ -15,9 +15,9 @@
15
15
  "dependencies": {
16
16
  "@remix-run/react": "1.19.1",
17
17
  "@shopify/cli": "3.49.2",
18
- "@shopify/cli-hydrogen": "^5.4.1",
19
- "@shopify/hydrogen": "^2023.7.9",
20
- "@shopify/remix-oxygen": "^1.1.5",
18
+ "@shopify/cli-hydrogen": "^5.4.2",
19
+ "@shopify/hydrogen": "^2023.7.10",
20
+ "@shopify/remix-oxygen": "^1.1.6",
21
21
  "graphql": "^16.6.0",
22
22
  "graphql-tag": "^2.12.6",
23
23
  "isbot": "^3.6.6",
package/oclif.manifest.json CHANGED
@@ -1,5 +1,5 @@
1
1
  {
2
- "version": "5.4.1",
2
+ "version": "5.4.2",
3
3
  "commands": {
4
4
  "hydrogen:build": {
5
5
  "id": "hydrogen:build",
package/package.json CHANGED
@@ -4,7 +4,7 @@
4
4
  "access": "public",
5
5
  "@shopify:registry": "https://registry.npmjs.org"
6
6
  },
7
- "version": "5.4.1",
7
+ "version": "5.4.2",
8
8
  "license": "MIT",
9
9
  "type": "module",
10
10
  "scripts": {
@@ -57,7 +57,7 @@
57
57
  "@remix-run/dev": "1.19.1",
58
58
  "@remix-run/react": "1.19.1",
59
59
  "@shopify/hydrogen-react": "^2023.7.4",
60
- "@shopify/remix-oxygen": "^1.1.5"
60
+ "@shopify/remix-oxygen": "^1.1.6"
61
61
  },
62
62
  "peerDependenciesMeta": {
63
63
  "@remix-run/dev": {