@sp-days-framework/docusaurus-plugin-slidev 1.1.1-beta1 → 1.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/docs/changelog.mdx +16 -9
- package/package.json +8 -4
package/docs/changelog.mdx
CHANGED
|
@@ -19,27 +19,29 @@ All packages within `@sp-days-framework` use the same version number. In some ca
|
|
|
19
19
|
|
|
20
20
|
---
|
|
21
21
|
|
|
22
|
-
## Version 1.1.
|
|
22
|
+
## Version 1.1.2 
|
|
23
23
|
|
|
24
|
-
|
|
24
|
+
Security updates and dependency upgrades
|
|
25
25
|
|
|
26
26
|
<details>
|
|
27
|
-
<summary><strong>
|
|
27
|
+
<summary><strong>Details</strong> (2026 March 11)</summary>
|
|
28
28
|
|
|
29
|
-
###
|
|
29
|
+
### Bug Fixes
|
|
30
30
|
|
|
31
|
-
-
|
|
31
|
+
- **Security**: Fixed RCE vulnerability in `serialize-javascript` by overriding to ^7.0.4 (GHSA-5c6j-r48x-rmvq)
|
|
32
|
+
- **Security**: Fixed source code theft vulnerability in `webpack-dev-server` by overriding to ^5.2.3 (GHSA-9jgg-88mc-972h, GHSA-4v9v-hfq4-rm2v)
|
|
33
|
+
- **Dependencies**: Upgraded transitive dependencies including `ajv`, `markdown-it`, `minimatch`, `nanotar`, `qs`, `rollup`, `svgo`, and more via Dependabot
|
|
32
34
|
|
|
33
35
|
</details>
|
|
34
36
|
|
|
35
37
|
---
|
|
36
38
|
|
|
37
|
-
## Version 1.1.1
|
|
39
|
+
## Version 1.1.1 
|
|
38
40
|
|
|
39
|
-
Asset handling support
|
|
41
|
+
Asset handling support and security updates
|
|
40
42
|
|
|
41
|
-
<details
|
|
42
|
-
<summary><strong>Details</strong> (2026
|
|
43
|
+
<details>
|
|
44
|
+
<summary><strong>Details</strong> (2026 February 09)</summary>
|
|
43
45
|
|
|
44
46
|
### New Features
|
|
45
47
|
|
|
@@ -48,6 +50,11 @@ Asset handling support for presentations
|
|
|
48
50
|
- **Asset Filtering**: New plugin options `assetExcludePatterns`, `assetIncludePatterns`, and `assetCopyRecursive` for fine-grained control over asset copying behavior
|
|
49
51
|
- **Large File Warning**: Warns when more than 100 files are copied for a single presentation, suggesting use of explicit assets
|
|
50
52
|
|
|
53
|
+
### Improvements
|
|
54
|
+
|
|
55
|
+
- **Security**: Added `lodash-es` and `chevrotain` overrides to fix prototype pollution vulnerability (CVE in lodash-es < 4.17.23)
|
|
56
|
+
- **Dependencies**: Upgraded all dependencies to latest versions — Slidev 52.11.5, React 19.2.4, @types/node 24.10.12, and more
|
|
57
|
+
|
|
51
58
|
### Important Notes
|
|
52
59
|
|
|
53
60
|
- **Relative Path Syntax**: Always use `./` prefix for relative asset paths (e.g., `./image.png` not `image.png`). Slidev requires explicit relative paths to resolve assets correctly
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@sp-days-framework/docusaurus-plugin-slidev",
|
|
3
|
-
"version": "1.1.
|
|
3
|
+
"version": "1.1.2",
|
|
4
4
|
"description": "A Docusaurus plugin to integrate Slidev presentations into your Docusaurus site.",
|
|
5
5
|
"repository": {
|
|
6
6
|
"type": "git",
|
|
@@ -47,8 +47,8 @@
|
|
|
47
47
|
"copy:watch": "node ./copyUntypedFiles.js --watch"
|
|
48
48
|
},
|
|
49
49
|
"dependencies": {
|
|
50
|
-
"@slidev/cli": "^52.
|
|
51
|
-
"@slidev/types": "^52.
|
|
50
|
+
"@slidev/cli": "^52.11.5",
|
|
51
|
+
"@slidev/types": "^52.11.5",
|
|
52
52
|
"gray-matter": "^4.0.3",
|
|
53
53
|
"unified": "^11.0.5"
|
|
54
54
|
},
|
|
@@ -75,7 +75,11 @@
|
|
|
75
75
|
"react-dom": "^18.0.0 || ^19.0.0"
|
|
76
76
|
},
|
|
77
77
|
"overrides": {
|
|
78
|
-
"dompurify": "^3.2.4"
|
|
78
|
+
"dompurify": "^3.2.4",
|
|
79
|
+
"lodash-es": ">=4.17.23",
|
|
80
|
+
"chevrotain": ">=11.1.1",
|
|
81
|
+
"serialize-javascript": "^7.0.4",
|
|
82
|
+
"webpack-dev-server": "^5.2.3"
|
|
79
83
|
},
|
|
80
84
|
"engines": {
|
|
81
85
|
"node": ">=18.0"
|