[Snyk] Upgrade @adonisjs/vite from 2.0.2 to 3.0.0 #23
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Snyk has created this PR to upgrade @adonisjs/vite from 2.0.2 to 3.0.0. See this package in npm: @adonisjs/vite See this project in Snyk: https://app.snyk.io/org/thetutlage/project/97c9d306-d15a-4e6f-82f0-dc82d520dee3?utm_source=github&utm_medium=referral&page=upgrade-pr
Deploying vinejs-dev with
|
| Latest commit: |
3dc8a22
|
| Status: | ✅ Deploy successful! |
| Preview URL: | https://337c4e4f.vinejs-dev.pages.dev |
| Branch Preview URL: | https://snyk-upgrade-1bfba8454ec1cd7.vinejs-dev.pages.dev |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade @adonisjs/vite from 2.0.2 to 3.0.0.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 13 versions ahead of your current version.
The recommended version was released on 2 months ago.
Release notes
Package name: @adonisjs/vite
-
3.0.0 - 2024-06-02
- Documentation: https://docs.adonisjs.com/guides/experimental-vite
- Blog post: https://adonisjs.com/blog/future-plans-for-adonisjs-6 and https://adonisjs.com/blog/experimental-release-for-inertia
-
+ () => import('@ adonisjs/vite/vite_middleware'),
-
-
-
+ assetsBundler: false,
- chore: move from np to release-it (facfc61)
- feat: add assetsBundler: false through codemods (7e059c4)
- chore: update missing dependencies (29a7177)
- feat(configure): add assembler hook automatically (7b16ac5)
- chore: update dependencies (ef6751b)
- chore(release): 3.0.0-11 (39cf324)
- fix: handle cors issue (#14) (864659e)
- chore(release): 3.0.0-10 (20bd446)
- refactor: remove hardcoded hmr port (b5e8170)
- fix: move to warmupRequest (859ec25)
- chore(release): 3.0.0-9 (29f812c)
- feat: prevent fouc in development (#12) (5936fb9)
- fix: config/vite.stub file not found (9b84d3f)
- perf: improve boot time of the provider (116d615)
- refactor!: remove vite config builtin aliases (55447d4)
- chore(release): 3.0.0-8 (1b57843)
- fix: aliases not flattened (60aafa7)
- chore(release): 3.0.0-7 (c48b294)
- fix: enforce
- chore(release): 3.0.0-6 (0973495)
- feat: allow options to be passed to createDevServer (6c6080c)
- chore(release): 3.0.0-5 (bce1201)
- fix: createRuntime (b627136)
- fix: create a new runtime instead of caching one (3ed37db)
- chore(release): 3.0.0-4 (fec9128)
- test: fix failing test (32b4a93)
- feat: add support for preloading assets in production (ab0a13b)
- chore: add japa snapshot plugin (1126e0f)
- feat: csp support (d06e72b)
- chore: middleware typo (1e596b7)
- chore(release): 3.0.0-3 (e15289c)
- chore: doc provider (6413d8b)
- refactor: run dev server only in test & web environments (754ebcd)
- refactor: register vite middleware in boot method (f1b112e)
- refactor: add back edge plugin entrypoint (00f435e)
- chore: restore gitignore and prettierignore (c4a53a4)
- refactor: remove application dev dependency (eb6f51d)
- fix: register edge in production (2b473a8)
- chore(release): 3.0.0-2 (42930fb)
- fix: tsup published files (edec6f1)
- chore(release): 3.0.0-1 (ee15318)
- chore: update shield peer dep version (2b40db1)
- chore: update dependencies (7e61998)
- chore: bundle using tsup-node (1dd8901)
- chore: add funding (58fa144)
- fix: build hook module (5c36641)
- chore(release): 3.0.0-0 (30dc8e1)
- chore: update version (f21ac99)
- chore: update publish config (78ce80a)
- feat: new vite ingration (ffeca7f)
- chore: update dependencies (a67c8ac)
-
3.0.0-11 - 2024-03-30
// file: kernel.ts
- fix: handle cors issue (#14) b9f444a
-
3.0.0-10 - 2024-03-27
- refactor: remove hardcoded hmr port bcaf3cb
- fix: move to warmupRequest e277ffd
-
3.0.0-9 - 2024-03-25
- Prevent fouc in development. We initially have a patch for this in adonisjs/inertia. The patch has been moved to the adonisjs/vite package directly with a more generic implementation. thanks to this, fouc will be avoided on adonisjs+tsx, adonisjs+edge, adonisjs+inertia stacks.
- Attempt to improve the start-up time of the Vite provider
- feat: prevent fouc in development (#12) 15bef87
- fix: config/vite.stub file not found b8dc984
- perf: improve boot time of the provider 76016e4
- refactor!: remove vite config builtin aliases 9b6f1b9
-
3.0.0-8 - 2024-03-06
- fix: aliases not flattened c270352
-
3.0.0-7 - 2024-03-04
-
3.0.0-6 - 2024-03-04
-
3.0.0-5 - 2024-03-04
- Remove the
- fix: createRuntime c8a5629
- fix: create a new runtime instead of caching one 6d9d685
-
3.0.0-4 - 2024-03-02
- We specify
- This file imports other files, such as our
- The browser must discover and parse the .HTML.
- Discover the
- Discover the
- Then, signals the browser to then load
- The entry points and the CSS imported by them.
- The JavaScript imported by these entry points.
- The CSS imported by the JavaScript imported by the entrypoints
- test: fix failing test b5db462
- feat: add support for preloading assets in production 5045c81
- chore: add japa snapshot plugin ba88a39
- feat: csp support 0bd9bc0
- chore: middleware typo a08281a
-
3.0.0-3 - 2024-02-27
- chore: doc provider c739008
- refactor: run dev server only in test & web environments 51ef82e
- refactor: register vite middleware in boot method 8e65616
- refactor: add back edge plugin entrypoint cd12fbb
- chore: restore gitignore and prettierignore f034b33
- refactor: remove application dev dependency 60536ec
- fix: register edge in production 6f63be8
-
3.0.0-2 - 2024-02-26
-
3.0.0-1 - 2024-02-26
-
3.0.0-0 - 2024-02-26
-
2.0.2 - 2024-01-09
from @adonisjs/vite GitHub release notesChanges
V3 of @ adonisjs/vite is finally available in stable version. The changes have been fully explained in the following documents:
Migration Guide
To migrate your application you will need to make the following changes:
You will need to add the vite server middleware to your
kernel.tsfile :])
generateEntryPointsTagsmethod is now async.Our implementation is based on the new Vite Runtime API, available only since version 5.1. So make sure you have at least this version of
vitein your package.json.You'll need the latest version of adonisjs/assembler and adonisjs/core. Then make sure to have
assetsBundler: falseand the assembler hook defined in youradonisrc.tsfile :+ hooks: {
+ onBuildStarting: [() => import('@ adonisjs/vite/build_hook')],
+ },
})
Commits
postfor config plugin (7fd9e77)Changes
This new release has a breaking change: the Vite middleware must be added in your own
kernel.tslike this :// ...
server.use([
// ...
() => import('@ adonisjs/cors/cors_middleware'),
() => import('@ adonisjs/vite/vite_middleware'),
])
This was needed because otherwise Vite's CORS settings and
@ adonisjs/corscould conflict. See #14 and #13 for more detailed explanations.Commits
v3.0.0-10...v3.0.0-11
v3.0.0-9...v3.0.0-10
Breaking Changes
generateEntryPointsTagsmethod is now async.Changes
Commits
v3.0.0-8...v3.0.0-9
Fixed a configuration resolving problem that caused Solid x Inertia apps to sometimes get a "
find.testis not a function`Commits
v3.0.0-7...v3.0.0-8
chore(release): 3.0.0-7
chore(release): 3.0.0-6
Breaking changes
getRuntimein favor of acreateRuntimemethod that returns a fresh instanceCommits
v3.0.0-4...v3.0.0-5
Assets preloading
This release introduces built-in support for asset preloading.
By default, Vite does code splitting, resulting in the generation of multiple small bundles that are loaded progressively as the user navigates the site. While beneficial, this can sometimes lead to a "waterfall" effect:
@ vite(['resources/js/app.js'])in our Edge template..vueor.tsxcomponents, and sometimes CSS as well.As a result, this will result in a waterfall of requests :
app.jsscriptapp.jsscript in the HTML, parse itcomponents/home.vueandapp.css.This process can be optimized using preload and modulepreload attributes.
In production, Vite generates a Manifest outlining the relationships between our application's various scripts and styles. Using this manifest, we can generate preload tags for assets and inject them into the HTML.
Preload tags are generated for:
This behavior will be enabled by default with the new
adonisjs/viteversion.CSP Support
CSP support has been simplified compared with version 2.x.x. Now that we only have one dev server, using
selfas a CSP directive will be enough. However, there's an exception when using anassetUrlpointing to a CDN. We therefore retain only the keyword@ viteUrlwhich can be used as a CSP directive, exactly as before.Commits
Full Changelog: v3.0.0-3...v3.0.0-4
v3.0.0-2...v3.0.0-3
Full Changelog: v3.0.0-1...v3.0.0-3
Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information: