wxt 0.18.2 → 0.18.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/dist/{chunk-7EUSM4KG.js → chunk-XAYX5BXI.js} +15 -7
  2. package/dist/cli.js +15 -7
  3. package/dist/index.cjs +15 -7
  4. package/dist/index.d.cts +1 -1
  5. package/dist/index.d.ts +1 -1
  6. package/dist/index.js +1 -1
  7. package/dist/testing.js +1 -1
  8. package/package.json +1 -1
package/dist/{chunk-7EUSM4KG.js → chunk-XAYX5BXI.js} RENAMED
@@ -12,7 +12,7 @@ import {
12
12
  } from "./chunk-VBXJIVYU.js";
13
13
 
14
14
  // package.json
15
- var version = "0.18.1";
15
+ var version = "0.18.2";
16
16
 
17
17
  // src/core/utils/paths.ts
18
18
  import systemPath from "node:path";
@@ -700,7 +700,7 @@ function safeVarName(str) {
700
700
  }
701
701
  function removeImportStatements(text) {
702
702
  return text.replace(
703
- /(import\s?[{\w][\s\S]*?from\s?["'][\s\S]*?["'];?|import\s?["'][\s\S]*?["'];?)/gm,
703
+ /(import\s?[\s\S]*?from\s?["'][\s\S]*?["'];?|import\s?["'][\s\S]*?["'];?)/gm,
704
704
  ""
705
705
  );
706
706
  }
@@ -2477,20 +2477,28 @@ function addDevModeCsp(manifest) {
2477
2477
  } else {
2478
2478
  addPermission(manifest, permission);
2479
2479
  }
2480
- const csp = new ContentSecurityPolicy(
2480
+ const extensionPagesCsp = new ContentSecurityPolicy(
2481
2481
  manifest.manifest_version === 3 ? (
2482
2482
  // @ts-expect-error: extension_pages is not typed
2483
2483
  manifest.content_security_policy?.extension_pages ?? "script-src 'self' 'wasm-unsafe-eval'; object-src 'self';"
2484
2484
  ) : manifest.content_security_policy ?? "script-src 'self'; object-src 'self';"
2485
2485
  // default CSP for MV2
2486
2486
  );
2487
- if (wxt.server)
2488
- csp.add("script-src", allowedCsp);
2487
+ const sandboxCsp = new ContentSecurityPolicy(
2488
+ // @ts-expect-error: sandbox is not typed
2489
+ manifest.content_security_policy?.sandbox ?? "sandbox allow-scripts allow-forms allow-popups allow-modals; script-src 'self' 'unsafe-inline' 'unsafe-eval'; child-src 'self';"
2490
+ // default sandbox CSP for MV3
2491
+ );
2492
+ if (wxt.server) {
2493
+ extensionPagesCsp.add("script-src", allowedCsp);
2494
+ sandboxCsp.add("script-src", allowedCsp);
2495
+ }
2489
2496
  if (manifest.manifest_version === 3) {
2490
2497
  manifest.content_security_policy ??= {};
2491
- manifest.content_security_policy.extension_pages = csp.toString();
2498
+ manifest.content_security_policy.extension_pages = extensionPagesCsp.toString();
2499
+ manifest.content_security_policy.sandbox = sandboxCsp.toString();
2492
2500
  } else {
2493
- manifest.content_security_policy = csp.toString();
2501
+ manifest.content_security_policy = extensionPagesCsp.toString();
2494
2502
  }
2495
2503
  }
2496
2504
  function addDevModePermissions(manifest) {
package/dist/cli.js CHANGED
@@ -930,7 +930,7 @@ function safeVarName(str) {
930
930
  }
931
931
  function removeImportStatements(text) {
932
932
  return text.replace(
933
- /(import\s?[{\w][\s\S]*?from\s?["'][\s\S]*?["'];?|import\s?["'][\s\S]*?["'];?)/gm,
933
+ /(import\s?[\s\S]*?from\s?["'][\s\S]*?["'];?|import\s?["'][\s\S]*?["'];?)/gm,
934
934
  ""
935
935
  );
936
936
  }
@@ -2515,7 +2515,7 @@ function getChunkSortWeight(filename) {
2515
2515
  import pc4 from "picocolors";
2516
2516
 
2517
2517
  // package.json
2518
- var version = "0.18.1";
2518
+ var version = "0.18.2";
2519
2519
 
2520
2520
  // src/core/utils/log/printHeader.ts
2521
2521
  function printHeader() {
@@ -2985,20 +2985,28 @@ function addDevModeCsp(manifest) {
2985
2985
  } else {
2986
2986
  addPermission(manifest, permission);
2987
2987
  }
2988
- const csp = new ContentSecurityPolicy(
2988
+ const extensionPagesCsp = new ContentSecurityPolicy(
2989
2989
  manifest.manifest_version === 3 ? (
2990
2990
  // @ts-expect-error: extension_pages is not typed
2991
2991
  manifest.content_security_policy?.extension_pages ?? "script-src 'self' 'wasm-unsafe-eval'; object-src 'self';"
2992
2992
  ) : manifest.content_security_policy ?? "script-src 'self'; object-src 'self';"
2993
2993
  // default CSP for MV2
2994
2994
  );
2995
- if (wxt.server)
2996
- csp.add("script-src", allowedCsp);
2995
+ const sandboxCsp = new ContentSecurityPolicy(
2996
+ // @ts-expect-error: sandbox is not typed
2997
+ manifest.content_security_policy?.sandbox ?? "sandbox allow-scripts allow-forms allow-popups allow-modals; script-src 'self' 'unsafe-inline' 'unsafe-eval'; child-src 'self';"
2998
+ // default sandbox CSP for MV3
2999
+ );
3000
+ if (wxt.server) {
3001
+ extensionPagesCsp.add("script-src", allowedCsp);
3002
+ sandboxCsp.add("script-src", allowedCsp);
3003
+ }
2997
3004
  if (manifest.manifest_version === 3) {
2998
3005
  manifest.content_security_policy ??= {};
2999
- manifest.content_security_policy.extension_pages = csp.toString();
3006
+ manifest.content_security_policy.extension_pages = extensionPagesCsp.toString();
3007
+ manifest.content_security_policy.sandbox = sandboxCsp.toString();
3000
3008
  } else {
3001
- manifest.content_security_policy = csp.toString();
3009
+ manifest.content_security_policy = extensionPagesCsp.toString();
3002
3010
  }
3003
3011
  }
3004
3012
  function addDevModePermissions(manifest) {
package/dist/index.cjs CHANGED
@@ -5208,7 +5208,7 @@ function safeVarName(str) {
5208
5208
  }
5209
5209
  function removeImportStatements(text2) {
5210
5210
  return text2.replace(
5211
- /(import\s?[{\w][\s\S]*?from\s?["'][\s\S]*?["'];?|import\s?["'][\s\S]*?["'];?)/gm,
5211
+ /(import\s?[\s\S]*?from\s?["'][\s\S]*?["'];?|import\s?["'][\s\S]*?["'];?)/gm,
5212
5212
  ""
5213
5213
  );
5214
5214
  }
@@ -6805,7 +6805,7 @@ function getChunkSortWeight(filename) {
6805
6805
  var import_picocolors4 = __toESM(require("picocolors"), 1);
6806
6806
 
6807
6807
  // package.json
6808
- var version = "0.18.1";
6808
+ var version = "0.18.2";
6809
6809
 
6810
6810
  // src/core/utils/building/internal-build.ts
6811
6811
  var import_fast_glob3 = __toESM(require("fast-glob"), 1);
@@ -7269,20 +7269,28 @@ function addDevModeCsp(manifest) {
7269
7269
  } else {
7270
7270
  addPermission(manifest, permission);
7271
7271
  }
7272
- const csp = new ContentSecurityPolicy(
7272
+ const extensionPagesCsp = new ContentSecurityPolicy(
7273
7273
  manifest.manifest_version === 3 ? (
7274
7274
  // @ts-expect-error: extension_pages is not typed
7275
7275
  manifest.content_security_policy?.extension_pages ?? "script-src 'self' 'wasm-unsafe-eval'; object-src 'self';"
7276
7276
  ) : manifest.content_security_policy ?? "script-src 'self'; object-src 'self';"
7277
7277
  // default CSP for MV2
7278
7278
  );
7279
- if (wxt.server)
7280
- csp.add("script-src", allowedCsp);
7279
+ const sandboxCsp = new ContentSecurityPolicy(
7280
+ // @ts-expect-error: sandbox is not typed
7281
+ manifest.content_security_policy?.sandbox ?? "sandbox allow-scripts allow-forms allow-popups allow-modals; script-src 'self' 'unsafe-inline' 'unsafe-eval'; child-src 'self';"
7282
+ // default sandbox CSP for MV3
7283
+ );
7284
+ if (wxt.server) {
7285
+ extensionPagesCsp.add("script-src", allowedCsp);
7286
+ sandboxCsp.add("script-src", allowedCsp);
7287
+ }
7281
7288
  if (manifest.manifest_version === 3) {
7282
7289
  manifest.content_security_policy ??= {};
7283
- manifest.content_security_policy.extension_pages = csp.toString();
7290
+ manifest.content_security_policy.extension_pages = extensionPagesCsp.toString();
7291
+ manifest.content_security_policy.sandbox = sandboxCsp.toString();
7284
7292
  } else {
7285
- manifest.content_security_policy = csp.toString();
7293
+ manifest.content_security_policy = extensionPagesCsp.toString();
7286
7294
  }
7287
7295
  }
7288
7296
  function addDevModePermissions(manifest) {
package/dist/index.d.cts CHANGED
@@ -65,6 +65,6 @@ declare function prepare(config: InlineConfig): Promise<void>;
65
65
  */
66
66
  declare function zip(config?: InlineConfig): Promise<string[]>;
67
67
 
68
- var version = "0.18.1";
68
+ var version = "0.18.2";
69
69
 
70
70
  export { BuildOutput, ExtensionRunnerConfig, InlineConfig, UserConfig, WxtDevServer, build, clean, createServer, defineConfig, defineRunnerConfig, initialize, prepare, version, zip };
package/dist/index.d.ts CHANGED
@@ -65,6 +65,6 @@ declare function prepare(config: InlineConfig): Promise<void>;
65
65
  */
66
66
  declare function zip(config?: InlineConfig): Promise<string[]>;
67
67
 
68
- var version = "0.18.1";
68
+ var version = "0.18.2";
69
69
 
70
70
  export { BuildOutput, ExtensionRunnerConfig, InlineConfig, UserConfig, WxtDevServer, build, clean, createServer, defineConfig, defineRunnerConfig, initialize, prepare, version, zip };
package/dist/index.js CHANGED
@@ -19,7 +19,7 @@ import {
19
19
  unnormalizePath,
20
20
  version,
21
21
  wxt
22
- } from "./chunk-7EUSM4KG.js";
22
+ } from "./chunk-XAYX5BXI.js";
23
23
  import "./chunk-5X3S6AWF.js";
24
24
  import {
25
25
  consola
package/dist/testing.js CHANGED
@@ -5,7 +5,7 @@ import {
5
5
  tsconfigPaths,
6
6
  unimport,
7
7
  webextensionPolyfillMock
8
- } from "./chunk-7EUSM4KG.js";
8
+ } from "./chunk-XAYX5BXI.js";
9
9
  import "./chunk-5X3S6AWF.js";
10
10
  import "./chunk-ZZCTFNQ5.js";
11
11
  import "./chunk-VBXJIVYU.js";
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "wxt",
3
3
  "type": "module",
4
- "version": "0.18.2",
4
+ "version": "0.18.3",
5
5
  "description": "Next gen framework for developing web extensions",
6
6
  "repository": {
7
7
  "type": "git",