vite 4.5.11 → 4.5.13
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/node/chunks/{dep-4f6e688c.js → dep-42dae6ba.js} +47 -7
- package/dist/node/chunks/{dep-d570726f.js → dep-6e2b5186.js} +1 -1
- package/dist/node/chunks/{dep-65a29f02.js → dep-e967375e.js} +1 -1
- package/dist/node/cli.js +5 -5
- package/dist/node/index.d.ts +1 -0
- package/dist/node/index.js +2 -2
- package/package.json +1 -1
|
@@ -38995,8 +38995,8 @@ function createCachedImport(imp) {
|
|
|
38995
38995
|
return cached;
|
|
38996
38996
|
};
|
|
38997
38997
|
}
|
|
38998
|
-
const importPostcssImport = createCachedImport(() => import('./dep-
|
|
38999
|
-
const importPostcssModules = createCachedImport(() => import('./dep-
|
|
38998
|
+
const importPostcssImport = createCachedImport(() => import('./dep-6e2b5186.js').then(function (n) { return n.i; }));
|
|
38999
|
+
const importPostcssModules = createCachedImport(() => import('./dep-e967375e.js').then(function (n) { return n.i; }));
|
|
39000
39000
|
const importPostcss = createCachedImport(() => import('postcss'));
|
|
39001
39001
|
/**
|
|
39002
39002
|
* @experimental
|
|
@@ -42412,6 +42412,7 @@ function serializeDefine(define) {
|
|
|
42412
42412
|
}
|
|
42413
42413
|
|
|
42414
42414
|
const wasmHelperId = '\0vite/wasm-helper';
|
|
42415
|
+
const wasmInitRE = /(?<![?#].*)\.wasm\?init/;
|
|
42415
42416
|
const wasmHelper = async (opts = {}, url) => {
|
|
42416
42417
|
let result;
|
|
42417
42418
|
if (url.startsWith('data:')) {
|
|
@@ -42464,7 +42465,7 @@ const wasmHelperPlugin = (config) => {
|
|
|
42464
42465
|
if (id === wasmHelperId) {
|
|
42465
42466
|
return `export default ${wasmHelperCode}`;
|
|
42466
42467
|
}
|
|
42467
|
-
if (!
|
|
42468
|
+
if (!wasmInitRE.test(id)) {
|
|
42468
42469
|
return;
|
|
42469
42470
|
}
|
|
42470
42471
|
const url = await fileToUrl(id, config, this);
|
|
@@ -54853,6 +54854,7 @@ function setClientErrorHandler(server, logger) {
|
|
|
54853
54854
|
|
|
54854
54855
|
const ERR_LOAD_URL = 'ERR_LOAD_URL';
|
|
54855
54856
|
const ERR_LOAD_PUBLIC_URL = 'ERR_LOAD_PUBLIC_URL';
|
|
54857
|
+
const ERR_DENIED_ID = 'ERR_DENIED_ID';
|
|
54856
54858
|
const debugLoad = createDebugger('vite:load');
|
|
54857
54859
|
const debugTransform = createDebugger('vite:transform');
|
|
54858
54860
|
const debugCache$1 = createDebugger('vite:cache');
|
|
@@ -54950,6 +54952,11 @@ async function loadAndTransform(id, url, server, options, timestamp, mod, resolv
|
|
|
54950
54952
|
const prettyUrl = debugLoad || debugTransform ? prettifyUrl(url, config.root) : '';
|
|
54951
54953
|
const ssr = !!options.ssr;
|
|
54952
54954
|
const file = cleanUrl(id);
|
|
54955
|
+
if (options.allowId && !options.allowId(id)) {
|
|
54956
|
+
const err = new Error(`Denied ID ${id}`);
|
|
54957
|
+
err.code = ERR_DENIED_ID;
|
|
54958
|
+
throw err;
|
|
54959
|
+
}
|
|
54953
54960
|
let code = null;
|
|
54954
54961
|
let map = null;
|
|
54955
54962
|
// load
|
|
@@ -64494,6 +64501,14 @@ const trailingQuerySeparatorsRE = /[?&]+$/;
|
|
|
64494
64501
|
const urlRE = /[?&]url\b/;
|
|
64495
64502
|
const rawRE = /[?&]raw\b/;
|
|
64496
64503
|
const inlineRE = /[?&]inline\b/;
|
|
64504
|
+
const svgRE = /\.svg\b/;
|
|
64505
|
+
function deniedServingAccessForTransform(url, server, res, next) {
|
|
64506
|
+
return ((rawRE.test(url) ||
|
|
64507
|
+
urlRE.test(url) ||
|
|
64508
|
+
inlineRE.test(url) ||
|
|
64509
|
+
svgRE.test(url)) &&
|
|
64510
|
+
!ensureServingAccess(url, server, res, next));
|
|
64511
|
+
}
|
|
64497
64512
|
function transformMiddleware(server) {
|
|
64498
64513
|
const { config: { root, logger }, moduleGraph, } = server;
|
|
64499
64514
|
// Keep the named function. The name is visible in debug logs via `DEBUG=connect:dispatcher ...`
|
|
@@ -64590,10 +64605,7 @@ function transformMiddleware(server) {
|
|
|
64590
64605
|
}
|
|
64591
64606
|
}
|
|
64592
64607
|
const urlWithoutTrailingQuerySeparators = url.replace(trailingQuerySeparatorsRE, '');
|
|
64593
|
-
if ((
|
|
64594
|
-
urlRE.test(urlWithoutTrailingQuerySeparators) ||
|
|
64595
|
-
inlineRE.test(urlWithoutTrailingQuerySeparators)) &&
|
|
64596
|
-
!ensureServingAccess(urlWithoutTrailingQuerySeparators, server, res, next)) {
|
|
64608
|
+
if (deniedServingAccessForTransform(urlWithoutTrailingQuerySeparators, server, res, next)) {
|
|
64597
64609
|
return;
|
|
64598
64610
|
}
|
|
64599
64611
|
if (isJSRequest(url) ||
|
|
@@ -64624,6 +64636,9 @@ function transformMiddleware(server) {
|
|
|
64624
64636
|
// resolve, load and transform using the plugin container
|
|
64625
64637
|
const result = await transformRequest(url, server, {
|
|
64626
64638
|
html: req.headers.accept?.includes('text/html'),
|
|
64639
|
+
allowId(id) {
|
|
64640
|
+
return !deniedServingAccessForTransform(id, server, res, next);
|
|
64641
|
+
},
|
|
64627
64642
|
});
|
|
64628
64643
|
if (result) {
|
|
64629
64644
|
const depsOptimizer = getDepsOptimizer(server.config, false); // non-ssr
|
|
@@ -64685,6 +64700,10 @@ function transformMiddleware(server) {
|
|
|
64685
64700
|
// Let other middleware handle if we can't load the url via transformRequest
|
|
64686
64701
|
return next();
|
|
64687
64702
|
}
|
|
64703
|
+
if (e?.code === ERR_DENIED_ID) {
|
|
64704
|
+
// next() is called in ensureServingAccess
|
|
64705
|
+
return;
|
|
64706
|
+
}
|
|
64688
64707
|
return next(e);
|
|
64689
64708
|
}
|
|
64690
64709
|
next();
|
|
@@ -65239,6 +65258,25 @@ class ModuleGraph {
|
|
|
65239
65258
|
}
|
|
65240
65259
|
}
|
|
65241
65260
|
|
|
65261
|
+
function rejectInvalidRequestMiddleware() {
|
|
65262
|
+
// Keep the named function. The name is visible in debug logs via `DEBUG=connect:dispatcher ...`
|
|
65263
|
+
return function viteRejectInvalidRequestMiddleware(req, res, next) {
|
|
65264
|
+
// HTTP spec does not allow `#` in the request-target
|
|
65265
|
+
// (HTTP 1.1: https://datatracker.ietf.org/doc/html/rfc9112#section-3.2)
|
|
65266
|
+
// (HTTP 2: https://datatracker.ietf.org/doc/html/rfc9113#section-8.3.1-2.4.1)
|
|
65267
|
+
// But Node.js allows those requests.
|
|
65268
|
+
// Our middlewares don't expect `#` to be included in `req.url`, especially the `server.fs.deny` checks.
|
|
65269
|
+
if (req.url?.includes('#')) {
|
|
65270
|
+
// HTTP 1.1 spec recommends sending 400 Bad Request
|
|
65271
|
+
// (https://datatracker.ietf.org/doc/html/rfc9112#section-3.2-4)
|
|
65272
|
+
res.writeHead(400);
|
|
65273
|
+
res.end();
|
|
65274
|
+
return;
|
|
65275
|
+
}
|
|
65276
|
+
return next();
|
|
65277
|
+
};
|
|
65278
|
+
}
|
|
65279
|
+
|
|
65242
65280
|
function createServer(inlineConfig = {}) {
|
|
65243
65281
|
return _createServer(inlineConfig, { ws: true });
|
|
65244
65282
|
}
|
|
@@ -65454,6 +65492,8 @@ async function _createServer(inlineConfig = {}, options) {
|
|
|
65454
65492
|
if (process.env.DEBUG) {
|
|
65455
65493
|
middlewares.use(timeMiddleware(root));
|
|
65456
65494
|
}
|
|
65495
|
+
// disallows request that contains `#` in the URL
|
|
65496
|
+
middlewares.use(rejectInvalidRequestMiddleware());
|
|
65457
65497
|
// cors
|
|
65458
65498
|
const { cors } = serverConfig;
|
|
65459
65499
|
if (cors !== false) {
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { F as commonjsGlobal, E as getDefaultExportFromCjs } from './dep-
|
|
1
|
+
import { F as commonjsGlobal, E as getDefaultExportFromCjs } from './dep-42dae6ba.js';
|
|
2
2
|
import require$$0__default from 'fs';
|
|
3
3
|
import require$$0 from 'postcss';
|
|
4
4
|
import require$$0$1 from 'path';
|
package/dist/node/cli.js
CHANGED
|
@@ -2,7 +2,7 @@ import path from 'node:path';
|
|
|
2
2
|
import fs from 'node:fs';
|
|
3
3
|
import { performance } from 'node:perf_hooks';
|
|
4
4
|
import { EventEmitter } from 'events';
|
|
5
|
-
import { C as colors, D as bindShortcuts, x as createLogger, h as resolveConfig } from './chunks/dep-
|
|
5
|
+
import { C as colors, D as bindShortcuts, x as createLogger, h as resolveConfig } from './chunks/dep-42dae6ba.js';
|
|
6
6
|
import { VERSION } from './constants.js';
|
|
7
7
|
import 'node:fs/promises';
|
|
8
8
|
import 'node:url';
|
|
@@ -759,7 +759,7 @@ cli
|
|
|
759
759
|
filterDuplicateOptions(options);
|
|
760
760
|
// output structure is preserved even after bundling so require()
|
|
761
761
|
// is ok here
|
|
762
|
-
const { createServer } = await import('./chunks/dep-
|
|
762
|
+
const { createServer } = await import('./chunks/dep-42dae6ba.js').then(function (n) { return n.I; });
|
|
763
763
|
try {
|
|
764
764
|
const server = await createServer({
|
|
765
765
|
root,
|
|
@@ -837,7 +837,7 @@ cli
|
|
|
837
837
|
.option('-w, --watch', `[boolean] rebuilds when modules have changed on disk`)
|
|
838
838
|
.action(async (root, options) => {
|
|
839
839
|
filterDuplicateOptions(options);
|
|
840
|
-
const { build } = await import('./chunks/dep-
|
|
840
|
+
const { build } = await import('./chunks/dep-42dae6ba.js').then(function (n) { return n.H; });
|
|
841
841
|
const buildOptions = cleanOptions(options);
|
|
842
842
|
try {
|
|
843
843
|
await build({
|
|
@@ -865,7 +865,7 @@ cli
|
|
|
865
865
|
.option('--force', `[boolean] force the optimizer to ignore the cache and re-bundle`)
|
|
866
866
|
.action(async (root, options) => {
|
|
867
867
|
filterDuplicateOptions(options);
|
|
868
|
-
const { optimizeDeps } = await import('./chunks/dep-
|
|
868
|
+
const { optimizeDeps } = await import('./chunks/dep-42dae6ba.js').then(function (n) { return n.G; });
|
|
869
869
|
try {
|
|
870
870
|
const config = await resolveConfig({
|
|
871
871
|
root,
|
|
@@ -892,7 +892,7 @@ cli
|
|
|
892
892
|
.option('--outDir <dir>', `[string] output directory (default: dist)`)
|
|
893
893
|
.action(async (root, options) => {
|
|
894
894
|
filterDuplicateOptions(options);
|
|
895
|
-
const { preview } = await import('./chunks/dep-
|
|
895
|
+
const { preview } = await import('./chunks/dep-42dae6ba.js').then(function (n) { return n.J; });
|
|
896
896
|
try {
|
|
897
897
|
const server = await preview({
|
|
898
898
|
root,
|
package/dist/node/index.d.ts
CHANGED
package/dist/node/index.js
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import { i as isInNodeModules } from './chunks/dep-
|
|
2
|
-
export { b as build, e as buildErrorMessage, v as createFilter, x as createLogger, c as createServer, g as defineConfig, f as formatPostcssSourceMap, k as getDepOptimizationConfig, m as isDepsOptimizerEnabled, z as isFileServingAllowed, l as loadConfigFromFile, A as loadEnv, u as mergeAlias, q as mergeConfig, n as normalizePath, o as optimizeDeps, a as preprocessCSS, p as preview, j as resolveBaseUrl, h as resolveConfig, B as resolveEnvPrefix, d as resolvePackageData, r as resolvePackageEntry, y as searchForWorkspaceRoot, w as send, s as sortUserPlugins, t as transformWithEsbuild } from './chunks/dep-
|
|
1
|
+
import { i as isInNodeModules } from './chunks/dep-42dae6ba.js';
|
|
2
|
+
export { b as build, e as buildErrorMessage, v as createFilter, x as createLogger, c as createServer, g as defineConfig, f as formatPostcssSourceMap, k as getDepOptimizationConfig, m as isDepsOptimizerEnabled, z as isFileServingAllowed, l as loadConfigFromFile, A as loadEnv, u as mergeAlias, q as mergeConfig, n as normalizePath, o as optimizeDeps, a as preprocessCSS, p as preview, j as resolveBaseUrl, h as resolveConfig, B as resolveEnvPrefix, d as resolvePackageData, r as resolvePackageEntry, y as searchForWorkspaceRoot, w as send, s as sortUserPlugins, t as transformWithEsbuild } from './chunks/dep-42dae6ba.js';
|
|
3
3
|
export { VERSION as version } from './constants.js';
|
|
4
4
|
export { version as esbuildVersion } from 'esbuild';
|
|
5
5
|
export { VERSION as rollupVersion } from 'rollup';
|