[pull] dev from vuejs:dev #26

pull · 2021-02-03T15:32:27Z

See Commits and Changes for more details.

Created by pull[bot] (v2.0.0-alpha.1)

Can you help keep this open source service alive? 💖 Please sponsor : )

guardrails · 2021-02-03T15:36:11Z

⚠️ We detected 285 security issues in this pull request:
Mode: paranoid | Total findings: 285 | Considered vulnerability: 2

Hard-Coded Secrets (5)

vue-cli/docs/.vuepress/config.js

Line 58 in 2d3116e

apiKey: 'f6df220f7d246aff64a56300b7f19f21',

vue-cli/docs/ru/guide/browser-compatibility.md

Line 77 in 2d3116e

    
           Content-Security-Policy: script-src 'self' 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='

vue-cli/docs/zh/guide/mode-and-env.md

Line 106 in 2d3116e

    
           在构建过程中，`process.env.VUE_APP_SECRET` 将会被相应的值所取代。在 `VUE_APP_SECRET=secret` 的情况下，它会被替换为 `"secret"`。

vue-cli/packages/@vue/cli-ui/src/components/dependency/NpmPackageSearch.vue

Line 6 in 2d3116e

api-key="db283631f89b5b8a10707311f911fd00"

vue-cli/packages/@vue/cli-ui/src/components/prompt/PromptsList.vue

Line 33 in 2d3116e

password: 'input'

More info on how to fix Hard-Coded Secrets in General.

Insecure Use of Regular Expressions (31)

vue-cli/packages/@vue/babel-preset-app/__tests__/babel-preset.spec.js

Line 12 in 2d3116e

    
           return new RegExp(`"${['.*node_modules', 'core-js', 'modules', mod].join(`[\\${path.sep}]+`)}`)

vue-cli/packages/@vue/cli-plugin-babel/index.js

Line 18 in 2d3116e

return deps.length ? new RegExp(deps.join('|')) : null

vue-cli/packages/@vue/cli-plugin-e2e-cypress/index.js

Line 58 in 2d3116e

const matchRE = new RegExp(`^--${argToRemove}$`)

vue-cli/packages/@vue/cli-plugin-e2e-cypress/index.js

Line 59 in 2d3116e

const equalRE = new RegExp(`^--${argToRemove}=`)

vue-cli/packages/@vue/cli-plugin-e2e-nightwatch/index.js

Line 174 in 2d3116e

const matchRE = new RegExp(`^--${argToRemove}`)

vue-cli/packages/@vue/cli-plugin-e2e-nightwatch/index.js

Line 175 in 2d3116e

const equalRE = new RegExp(`^--${argToRemove}=`)

vue-cli/packages/@vue/cli-service/lib/commands/build/setPublicPath.js

Line 16 in 2d3116e

var src = currentScript && currentScript.src.match(/(.+\/)[^/]+\.js(\?.*)?$/)

vue-cli/packages/@vue/cli-service/lib/commands/serve.js

Line 375 in 2d3116e

from: new RegExp(`^/${name}`),

vue-cli/packages/@vue/cli-service/lib/config/assets.js

Line 39 in 2d3116e

.test(/\.(png|jpe?g|gif|webp)(\?.*)?$/)

vue-cli/packages/@vue/cli-service/lib/config/assets.js

Line 48 in 2d3116e

.test(/\.(svg)(\?.*)?$/)

vue-cli/packages/@vue/cli-service/lib/config/assets.js

Line 58 in 2d3116e

.test(/\.(mp4|webm|ogg|mp3|wav|flac|aac)(\?.*)?$/)

vue-cli/packages/@vue/cli-service/lib/config/assets.js

Line 65 in 2d3116e

.test(/\.(woff2?|eot|ttf|otf)(\?.*)?$/i)

vue-cli/packages/@vue/cli-service/lib/util/isAbsoluteUrl.js

Line 3 in 2d3116e

return /^([a-z][a-z\d+\-.]*:)?\/\//i.test(url)

vue-cli/packages/@vue/cli-ui/apollo-server/util/parse-diff.js

Line 128 in 2d3116e

[/^index\s[\da-zA-Z]+\.\.[\da-zA-Z]+(\s(\d+))?$/, index],

vue-cli/packages/@vue/cli-ui/apollo-server/util/parse-diff.js

Line 131 in 2d3116e

[/^@@\s+-(\d+),?(\d+)?\s+\+(\d+),?(\d+)?\s@@/, chunk],

vue-cli/packages/@vue/cli-ui/apollo-server/util/parse-diff.js

Line 169 in 2d3116e

    
           const t = (/\t.*|\d{4}-\d\d-\d\d\s\d\d:\d\d:\d\d(.\d+)?\s(\+|-)\d\d\d\d/).exec(s)

vue-cli/packages/@vue/cli-ui/apollo-server/util/parse-diff.js

Line 179 in 2d3116e

return s.replace(new RegExp(`^${chars}+`), '')

vue-cli/packages/@vue/cli-ui/src/util/search.js

Line 2 in 2d3116e

return text && new RegExp(text.trim().replace(/\s+/g, '.{0,5}'), 'i')

vue-cli/packages/@vue/cli-ui/ui-defaults/tasks.js

Line 165 in 2d3116e

match: /vue-cli-service serve(\s+--\S+(\s+\S+)?)*$/,

vue-cli/packages/@vue/cli-ui/ui-defaults/tasks.js

Line 243 in 2d3116e

match: /vue-cli-service build(\s+--\S+(\s+\S+)?)*$/,

vue-cli/packages/@vue/cli/lib/add.js

Line 37 in 2d3116e

const pluginRe = /^(@?[^@]+)(?:@(.+))?$/

vue-cli/packages/@vue/cli/lib/options.js

Line 53 in 2d3116e

latestVersion: joi.string().regex(/^\d+\.\d+\.\d+(-(alpha|beta|rc)\.\d+)?$/),

vue-cli/packages/@vue/cli/lib/ui.js

Line 10 in 2d3116e

    
           const hostRegExp = new RegExp(`^https?://(${host}|${allowedHost}|localhost)(:\\d+)?$`)

vue-cli/packages/@vue/cli/lib/util/ProjectPackageManager.js

Line 78 in 2d3116e

const nameRegExp = /^(@?[^@]+)(@.*)?$/

vue-cli/scripts/syncDeps.js

Line 152 in 2d3116e

    
           const updatedRE = new RegExp(`'(${Array.from(updatedDeps).join('|')})': '\\^(\\d+\\.\\d+\\.\\d+[^']*)'`)

vue-cli/scripts/verifyCommitMsg.js

Line 5 in 2d3116e

    
           const commitRE = /^(v\d+\.\d+\.\d+(-(alpha|beta|rc.\d+))?)|((revert: )?(feat|fix|docs|style|refactor|perf|test|workflow|ci|chore|types)(\(.+\))?!?: .{1,50})/

vue-cli/packages/@vue/cli/lib/Creator.js

Line 342 in 2d3116e

    
           } else if (name.endsWith('.json') || /^\./.test(name) || path.isAbsolute(name)) {

vue-cli/packages/@vue/cli-ui/apollo-server/util/highlight.js

Line 30 in 2d3116e

language = languages.find(l => l.test.test(filename))

vue-cli/packages/@vue/cli-service/lib/util/prepareProxy.js

Line 106 in 2d3116e

if (!/^http(s)?:\/\//.test(proxy)) {

vue-cli/packages/@vue/cli-plugin-e2e-cypress/index.js

Line 63 in 2d3116e

rawArgs.splice(i, offset + (equalRE.test(rawArgs[i]) ? 0 : 1))

vue-cli/packages/@vue/cli-plugin-e2e-nightwatch/index.js

Line 178 in 2d3116e

rawArgs.splice(i, offset + (equalRE.test(rawArgs[i]) ? 0 : 1))

More info on how to fix Insecure Use of Regular Expressions in Javascript.

Insecure File Management (188)

vue-cli/packages/@vue/cli-plugin-babel/__tests__/transpileDependencies.spec.js

Line 11 in 2d3116e

const files = await fs.readdir(path.join(project.dir, 'dist/js'))

vue-cli/packages/@vue/cli-plugin-babel/__tests__/transpileDependencies.spec.js

Line 17 in 2d3116e

const files = await fs.readdir(path.join(project.dir, 'dist/js'))

vue-cli/packages/@vue/cli-plugin-e2e-nightwatch/index.js

Line 125 in 2d3116e

userOptions = require(userOptionsPath)

vue-cli/packages/@vue/cli-plugin-e2e-nightwatch/index.js

Line 163 in 2d3116e

fs.stat(source, function (err, stat) {

vue-cli/packages/@vue/cli-plugin-e2e-webdriverio/index.js

Line 37 in 2d3116e

const isTS = fs.existsSync(path.join(api.getCwd(), 'tsconfig.json'))

vue-cli/packages/@vue/cli-plugin-eslint/generator/index.js

Line 17 in 2d3116e

if (fs.existsSync(editorConfigTemplatePath)) {

vue-cli/packages/@vue/cli-plugin-eslint/generator/index.js

Line 18 in 2d3116e

if (fs.existsSync(api.resolve('.editorconfig'))) {

vue-cli/packages/@vue/cli-plugin-eslint/generator/index.js

Line 21 in 2d3116e

const editorconfig = fs.readFileSync(editorConfigTemplatePath, 'utf-8')

vue-cli/packages/@vue/cli-plugin-eslint/lint.js

Line 40 in 2d3116e

if (!fs.existsSync(api.resolve('.eslintignore')) && !config.ignorePattern) {

vue-cli/packages/@vue/cli-plugin-eslint/lint.js

Line 90 in 2d3116e

fs.writeFileSync(outputFilePath, formatter(report.results))

vue-cli/packages/@vue/cli-plugin-eslint/migrator/index.js

Line 5 in 2d3116e

const pkg = require(api.resolve('package.json'))

vue-cli/packages/@vue/cli-plugin-pwa/index.js

Line 8 in 2d3116e

if (fs.existsSync(manifestPath)) {

vue-cli/packages/@vue/cli-plugin-pwa/index.js

Line 10 in 2d3116e

userOptions.manifestOptions = require(manifestPath)

vue-cli/packages/@vue/cli-plugin-pwa/lib/noopServiceWorkerMiddleware.js

Line 14 in 2d3116e

    
           const resetScript = fs.readFileSync(path.resolve(__dirname, 'noopServiceWorker.js'), 'utf-8')

vue-cli/packages/@vue/cli-plugin-webpack-4/index.js

Line 80 in 2d3116e

if (!isLegacyBundle && fs.existsSync(publicDir)) {

vue-cli/packages/@vue/cli-service/__tests__/Service.spec.js

Line 134 in 2d3116e

    
           fs.writeFileSync(path.resolve('/', 'vue.config.js'), '') // only to ensure fs.existsSync returns true

vue-cli/packages/@vue/cli-service/__tests__/Service.spec.js

Line 147 in 2d3116e

fs.writeFileSync(path.resolve('/', 'vue.config.js'), '')

vue-cli/packages/@vue/cli-service/__tests__/ServiceESM.spec.js

Line 16 in 2d3116e

    
           fs.renameSync(path.resolve(project.dir, 'babel.config.js'), path.resolve(project.dir, 'babel.config.cjs'))

vue-cli/packages/@vue/cli-service/__tests__/ServiceESM.spec.js

Line 36 in 2d3116e

fs.writeFileSync(configPath, 'module.exports = { lintOnSave: true }')

vue-cli/packages/@vue/cli-service/__tests__/ServiceESM.spec.js

Line 39 in 2d3116e

await fs.unlinkSync(configPath)

vue-cli/packages/@vue/cli-service/__tests__/ServiceESM.spec.js

Line 44 in 2d3116e

    
           fs.writeFileSync(configPath, 'module.exports = function () { return { lintOnSave: true } }')

vue-cli/packages/@vue/cli-service/__tests__/ServiceESM.spec.js

Line 47 in 2d3116e

await fs.unlinkSync(configPath)

vue-cli/packages/@vue/cli-service/__tests__/ServiceESM.spec.js

Line 52 in 2d3116e

fs.writeFileSync(configPath, 'export default { lintOnSave: true }')

vue-cli/packages/@vue/cli-service/__tests__/ServiceESM.spec.js

Line 55 in 2d3116e

await fs.unlinkSync(configPath)

vue-cli/packages/@vue/cli-service/__tests__/ServiceESM.spec.js

Line 60 in 2d3116e

fs.writeFileSync(configPath, 'export default { lintOnSave: true }')

vue-cli/packages/@vue/cli-service/__tests__/ServiceESM.spec.js

Line 63 in 2d3116e

await fs.unlinkSync(configPath)

vue-cli/packages/@vue/cli-service/__tests__/buildWcAsync.spec.js

Line 23 in 2d3116e

const files = await fs.readdir(path.resolve(project.dir, 'dist'))

vue-cli/packages/@vue/cli-service/__tests__/modernMode.spec.js

Line 19 in 2d3116e

const files = await fs.readdir(path.join(project.dir, 'dist/js'))

vue-cli/packages/@vue/cli-service/__tests__/modernMode.spec.js

Line 92 in 2d3116e

const files = await fs.readdir(path.join(project.dir, 'dist/js'))

vue-cli/packages/@vue/cli-service/__tests__/modernMode.spec.js

Line 107 in 2d3116e

const files = await fs.readdir(path.join(project.dir, 'dist/js'))

vue-cli/packages/@vue/cli-service/__tests__/modernMode.spec.js

Line 123 in 2d3116e

const files = await fs.readdir(path.join(project.dir, 'dist/js'))

vue-cli/packages/@vue/cli-service/__tests__/modernMode.spec.js

Line 134 in 2d3116e

    
           const jsFiles = (await fs.readdir(path.join(project.dir, 'dist/js'))).filter(f => f.endsWith('.js'))

vue-cli/packages/@vue/cli-service/__tests__/modernMode.spec.js

Line 153 in 2d3116e

const files = await fs.readdir(path.join(project.dir, 'dist/js'))

vue-cli/packages/@vue/cli-service/lib/PluginAPI.js

Line 191 in 2d3116e

if (!fs.existsSync(absolutePath)) {

vue-cli/packages/@vue/cli-service/lib/PluginAPI.js

Line 198 in 2d3116e

return JSON.stringify(require(absolutePath))

vue-cli/packages/@vue/cli-service/lib/PluginAPI.js

Line 200 in 2d3116e

return fs.readFileSync(absolutePath, 'utf-8')

vue-cli/packages/@vue/cli-service/lib/PluginAPI.js

Line 203 in 2d3116e

return fs.readFileSync(absolutePath, 'utf-8')

vue-cli/packages/@vue/cli-service/lib/Service.js

Line 159 in 2d3116e

apply: require(absolutePath || id)

vue-cli/packages/@vue/cli-service/lib/commands/build/formatStats.js

Line 48 in 2d3116e

const buffer = fs.readFileSync(filepath)

vue-cli/packages/@vue/cli-service/lib/commands/build/resolveLibConfig.js

Line 16 in 2d3116e

if (!fs.existsSync(fullEntryPath)) {

vue-cli/packages/@vue/cli-service/lib/commands/build/resolveLibConfig.js

Line 93 in 2d3116e

const entryContent = fs.readFileSync(fullEntryPath, 'utf-8')

vue-cli/packages/@vue/cli-service/lib/commands/serve.js

Line 361 in 2d3116e

if (fs.existsSync(`/proc/1/cgroup`)) {

vue-cli/packages/@vue/cli-service/lib/commands/serve.js

Line 362 in 2d3116e

const content = fs.readFileSync(`/proc/1/cgroup`, 'utf-8')

vue-cli/packages/@vue/cli-service/lib/config/app.js

Line 115 in 2d3116e

htmlOptions.template = fs.existsSync(htmlPath)

vue-cli/packages/@vue/cli-service/lib/config/app.js

Line 181 in 2d3116e

const hasDedicatedTemplate = fs.existsSync(api.resolve(templateWithoutLoader))

vue-cli/packages/@vue/cli-service/lib/config/app.js

Line 184 in 2d3116e

: fs.existsSync(htmlPath)

vue-cli/packages/@vue/cli-service/lib/config/app.js

Line 253 in 2d3116e

if (!isLegacyBundle && fs.existsSync(publicDir)) {

vue-cli/packages/@vue/cli-service/lib/config/css.js

Line 8 in 2d3116e

if (fs.existsSync(path.join(context, file))) {

vue-cli/packages/@vue/cli-service/lib/util/loadFileConfig.js

Line 18 in 2d3116e

if (resolvedPath && fs.existsSync(resolvedPath)) {

vue-cli/packages/@vue/cli-service/lib/util/prepareProxy.js

Line 52 in 2d3116e

    
           const isPublicFileRequest = fs.existsSync(maybePublicPath) && fs.statSync(maybePublicPath).isFile()

vue-cli/packages/@vue/cli-service/lib/webpack/DashboardPlugin.js

Line 161 in 2d3116e

const buf = webpackFs.readFileSync(fullPath)

vue-cli/packages/@vue/cli-service/lib/webpack/ModernModePlugin.js

Line 34 in 2d3116e

await fs.writeFile(tempFilename, JSON.stringify(tags))

vue-cli/packages/@vue/cli-service/lib/webpack/ModernModePlugin.js

Line 70 in 2d3116e

const legacyAssets = JSON.parse(await fs.readFile(tempFilename, 'utf-8'))

vue-cli/packages/@vue/cli-service/lib/webpack/MovePlugin.js

Line 11 in 2d3116e

if (fs.existsSync(this.from)) {

vue-cli/packages/@vue/cli-shared-utils/index.js

Line 16 in 2d3116e

Object.assign(exports, require(`./lib/${m}`))

vue-cli/packages/@vue/cli-shared-utils/lib/env.js

Line 40 in 2d3116e

const result = fs.existsSync(lockFile)

vue-cli/packages/@vue/cli-shared-utils/lib/env.js

Line 121 in 2d3116e

const result = fs.existsSync(lockFile)

vue-cli/packages/@vue/cli-shared-utils/lib/env.js

Line 143 in 2d3116e

const result = fs.existsSync(lockFile)

vue-cli/packages/@vue/cli-shared-utils/lib/module.js

Line 75 in 2d3116e

return require(request)

vue-cli/packages/@vue/cli-shared-utils/lib/module.js

Line 86 in 2d3116e

return require(resolvedPath)

vue-cli/packages/@vue/cli-shared-utils/lib/pkg.js

Line 6 in 2d3116e

if (fs.existsSync(path.join(context, 'package.json'))) {

vue-cli/packages/@vue/cli-shared-utils/lib/pluginResolution.js

Line 75 in 2d3116e

pkg = require(`${id}/package.json`)

vue-cli/packages/@vue/cli-test-utils/createTestProject.js

Line 13 in 2d3116e

return fs.readFile(path.resolve(projectRoot, file), 'utf-8')

vue-cli/packages/@vue/cli-test-utils/createTestProject.js

Line 17 in 2d3116e

return fs.existsSync(path.resolve(projectRoot, file))

vue-cli/packages/@vue/cli-test-utils/createTestProject.js

Line 27 in 2d3116e

return fs.ensureDir(dir).then(() => fs.writeFile(targetPath, content))

vue-cli/packages/@vue/cli-test-utils/createUpgradableProject.js

Line 17 in 2d3116e

if (!fs.existsSync(outsideTestFolder)) {

vue-cli/packages/@vue/cli-test-utils/createUpgradableProject.js

Line 18 in 2d3116e

fs.mkdirSync(outsideTestFolder)

vue-cli/packages/@vue/cli-ui/apollo-server/api/PluginApi.js

Line 493 in 2d3116e

sharedData.watch({ id, projectId: this.project.id }, handler)

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/configurations.js

Line 43 in 2d3116e

if (fs.existsSync(resolvedFile)) {

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/configurations.js

Line 76 in 2d3116e

const rawContent = fs.readFileSync(file.path, { encoding: 'utf8' })

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/configurations.js

Line 126 in 2d3116e

const source = fs.readFileSync(file.path, { encoding: 'utf8' })

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/configurations.js

Line 138 in 2d3116e

fs.writeFileSync(file.path, rawContent, { encoding: 'utf8' })

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/cwd.js

Line 20 in 2d3116e

if (!fs.existsSync(value)) return

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/dependencies.js

Line 73 in 2d3116e

return resolvedPath && fs.existsSync(resolvedPath)

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/folders.js

Line 19 in 2d3116e

return fs.stat(file).then((x) => x.isDirectory())

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/folders.js

Line 33 in 2d3116e

const files = await fs.readdir(dir, 'utf8')

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/folders.js

Line 117 in 2d3116e

return fs.existsSync(path.join(file, 'package.json'))

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/folders.js

Line 132 in 2d3116e

if (fs.existsSync(pkgFile)) {

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/git.js

Line 51 in 2d3116e

    
           const highlightedContentTo = highlightCode(fileDiff.to, fs.readFileSync(path.resolve(cwd.get(), fileDiff.to), { encoding: 'utf8' })).split('\n')

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/locales.js

Line 50 in 2d3116e

    
           if (process.env.VUE_APP_CLI_UI_DEV && !watchedTrees.get(root) && fs.existsSync(folder)) {

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/plugins.js

Line 105 in 2d3116e

installed: fs.existsSync(dependencies.getPath({ id, file })),

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/plugins.js

Line 216 in 2d3116e

if (currentView) views.open(currentView.id)

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/plugins.js

Line 263 in 2d3116e

    
           const folder = fs.existsSync(id) ? id : dependencies.getPath({ id, file: pluginApi.cwd })

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/plugins.js

Line 289 in 2d3116e

if (fs.existsSync(file)) {

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/plugins.js

Line 497 in 2d3116e

    
           let data = require(path.join(dependencies.getPath({ id, file: cwd.get() }), 'prompts'))

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/projects.js

Line 54 in 2d3116e

if (fs.existsSync(project.path)) {

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/projects.js

Line 66 in 2d3116e

if (currentProject && !fs.existsSync(currentProject.path)) {

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/projects.js

Line 371 in 2d3116e

if (!input.force && !fs.existsSync(path.join(input.path, 'node_modules'))) {

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/projects.js

Line 395 in 2d3116e

if (!fs.existsSync(project.path)) {

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/projects.js

Line 458 in 2d3116e

if (fs.existsSync(gitConfigPath)) {

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/shared-data.js

Line 31 in 2d3116e

if (fs.existsSync(path.resolve(rootFolder, projectId, `${id}.json`))) {

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/shared-data.js

Line 49 in 2d3116e

if (await fs.exists(file)) {

vue-cli/packages/@vue/cli-ui/apollo-server/resolvers.js

Line 94 in 2d3116e

const { resolvers: r } = require(file)

vue-cli/packages/@vue/cli-ui/apollo-server/schema/folder.js

Line 46 in 2d3116e

folderOpen: (root, { path }, context) => folders.open(path, context),

vue-cli/packages/@vue/cli-ui/apollo-server/schema/project.js

Line 105 in 2d3116e

projectOpen: (root, { id }, context) => projects.open(id, context),

vue-cli/packages/@vue/cli-ui/apollo-server/schema/project.js

Line 109 in 2d3116e

projectRename: (root, args, context) => projects.rename(args, context),

Closes #6342

…support in `vue.config.js` (#6355)

…pendencies in `node_modules` (#6354)

Also reverts #6358

…5997) Close #2697

related to vuejs/core#2929

Respect the existing 'devtool' when running dev server Fixes #6398

…or now (#6401)

* docs: (ru) config/readme.md update * docs: (ru) eslint.md update * docs: (ru) cli-service.md update * docs: (ru) css.md update * docs: (ru) mode-and-env.md update * docs: (ru) deployment.md update Co-authored-by: Alex Sokolov <4497128+Alex-Sokolov@users.noreply.github.com>

…tion (#6416)

It's messing with the html-webpack-plugin, telling it the wrong hash of the legacy bundle, therefore making the modern mode fallback unusable. (TODO: add a test later)

…ot installed (#6418) Co-authored-by: Haoqun Jiang <haoqunjiang@gmail.com> closes #6383

Fixes the issue caused by babel/babel#12989

follow up of #6418

…`--no-unsafe-inline` flag (#6422)

Default Cypress version is now v7

Fixes #7194

…and cli-plugin-e2e-nightwatch (#7158) Co-authored-by: blzsaa <blzsaa@users.noreply.github.com>

…ring upgrade (#7167) Co-authored-by: blzsaa <blzsaa@users.noreply.github.com>

…7202)

Closes #7024 Fixes #7118 I choose to not merge the PR because I don't want add additional ways to configure https for dev server (`--http2` command line argument, `process.env.HTTPS`, etc.) In the current implementation, `spdy` can only be configured by setting `{ devServer: server: { type: 'spdy' } }`. This is a deliberate choice, because SPDY support in Node.js 15+ is broken anyway. I don't want bother refactoring the old code to accommodate this broken feature.

It is only served as a fallback version number when local Chrome version detection failed. Updating the version to the latest may reduce user frustrations when such rare scenarios are encountered. Closes #7203

Fixes #7221 `subscriptions-transport-ws` is also deprecated, we need to move to `graphql-ws` one day. But better deprecatedthan broken.

The dev dependency `@graphql-eslint/eslint-plugin` is causing CI failures in Node.js 12

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

vuejs/eslint-config-prettier#11 I would recommend using the ESLint CLI directly over `@vue/cli-plugin-eslint` at this point. But for users who are stuck with old versions and still read this migration guide, they deserve a working link.

@alxndrsn

…rect package from npm Thanks to @alxndrsn for finding this issue and the insightful blog post. https://www.alxndrsn.com/2024-08-01-npx-binary-confusion/ Also thanks to @lirantal for his newsletter that brought this issue to my attention. https://www.nodejs-security.com/newsletter/npm-supply-chain-security-prisma-orm-security-fun-nodejs-security-challenges

pull bot added the ⤵️ pull label Feb 3, 2021

pull bot added the merge-conflict Resolve conflicts manually label Feb 22, 2021

haoqunjiang and others added 27 commits March 24, 2021 13:55

fix: work around npm6/postcss8 hoisting issue (#6358)

27b4263

Closes #6342

feat: a defineConfig API from @vue/cli-service for better typing …

54d5f78

…support in `vue.config.js` (#6355)

feat: when transpileDependencies is set to true, transpile all de…

d64e7d3

…pendencies in `node_modules` (#6354)

chore: lockfile maintenance

bb01585

fix: check hoisted postcss version (#6372)

fa46ed4

Also reverts #6358

chore: pre release sync

a5f822c

v5.0.0-alpha.8

89af6c5

feat(cli-service): add inline loader support for html-webpack-plugin (#…

de175d4

…5997) Close #2697

fix(mocha): workaround the SVGElement issue in Vue (#6400)

7838c0d

related to vuejs/core#2929

fix(cli-service): respect the existing 'devtool' (#6402)

8654e82

Respect the existing 'devtool' when running dev server Fixes #6398

chore: de-prioritize "Mocha + Chai" option as it requires webpack 4 f…

ae967f7

…or now (#6401)

feat(cli-service): provide jsconfig.json in no-ts template (#6285)

0dc604c

feat: support vue.config.mjs (#6405)

dd217b2

feat!: turn on modern mode by default, and provide a --no-module op…

cd78376

…tion (#6416)

fix: disable realContentHash optimization in app target

448ab96

It's messing with the html-webpack-plugin, telling it the wrong hash of the legacy bundle, therefore making the modern mode fallback unusable. (TODO: add a test later)

fixup! fix: disable realContentHash optimization in app target

8a3dfa4

fix: show fallback message for typescript jest preset if ts-jest is n…

2f5ced3

…ot installed (#6418) Co-authored-by: Haoqun Jiang <haoqunjiang@gmail.com> closes #6383

test: use explicit targets in babel tests

f782fa3

Fixes the issue caused by babel/babel#12989

chore: add notes about upcoming Babel 8 esmodules change [skip ci]

3b851a8

feat: only needs one bundle if all targets support es module (#6419)

aad72cf

chore: should output meaningful error message for missing vue-jest dep

791fa28

follow up of #6418

feat!: always inject safari-nomodule-fix as an external script; drop …

0aa8a55

…`--no-unsafe-inline` flag (#6422)

chore: rely on default arg parser behavior (#6413)

a16b017

feat!: upgrade to css-minimizer-webpack-plugin v2 (#6420)

e661a92

docs: fix master to main in heroku deployment (#6359)

ad213f0

chore: some dependency version bumps (#6430)

4473ca2

Default Cypress version is now v7

haoqunjiang and others added 30 commits June 15, 2022 16:17

chore: run yarn-audit-fix

b2b07a5

fix: should correctly resolve cypress bin path for Cypress 10

697bb44

Fixes #7194

docs: fix 404 links

619965b

fix: eliminate calling deprecated function in cli-plugin-e2e-cypress …

27dba1a

…and cli-plugin-e2e-nightwatch (#7158) Co-authored-by: blzsaa <blzsaa@users.noreply.github.com>

feat(upgrade): prevent changing the structure of package.json file du…

64446e0

…ring upgrade (#7167) Co-authored-by: blzsaa <blzsaa@users.noreply.github.com>

v5.0.5

98c66c9

fix: compatibility with Vue 2.7

a648958

fixup! fix: compatibility with Vue 2.7

fcf27e3

chore: fix lint errors

6b163f2

v5.0.6

ef08a08

fix: optimize the judgment on whether HTTPS has been set in options (#…

bddd64d

…7202)

fix: allow disabling progress plugin via devServer.client.progress

beffe8a

chore: upgrade to apollo-server-express 3.x (#7210)

23fa20f

chore: update fallback chromedriver version

6f9b6ec

It is only served as a fallback version number when local Chrome version detection failed. Updating the version to the latest may reduce user frustrations when such rare scenarios are encountered. Closes #7203

v5.0.7

4a0655f

chore: update changelog

a5a893e

fix: Vue CLI UI graphql subscription server error

07052c4

Fixes #7221 `subscriptions-transport-ws` is also deprecated, we need to move to `graphql-ws` one day. But better deprecatedthan broken.

fix: add devServer.server.type to useHttps judgement (#7222)

0260e4d

ci: bump appveyor node version

4e024b7

The dev dependency `@graphql-eslint/eslint-plugin` is causing CI failures in Node.js 12

v5.0.8

b154dbd

chore: update readme [ci skip]

bc1c0bc

docs: bump vitepress

95ad425

docs: add recommendation for create-vue in docs

7c0134e

docs: simplify message wording + message on landing page

248f770

docs: revert vitepress version

e636817

fix: pnpm v7 install error (#7265)

ea4c98a

chore(deps): bump loader-utils from 1.4.0 to 1.4.1 (#7324)

f0f254e

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

docs: fix a broken link [skip ci]

cb4477f

vuejs/eslint-config-prettier#11 I would recommend using the ESLint CLI directly over `@vue/cli-plugin-eslint` at this point. But for users who are stuck with old versions and still read this migration guide, they deserve a working link.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[pull] dev from vuejs:dev #26

[pull] dev from vuejs:dev #26

Uh oh!

Uh oh!

Uh oh!

Uh oh!

[pull] dev from vuejs:dev #26

Are you sure you want to change the base?

[pull] dev from vuejs:dev #26

Uh oh!

Conversation

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!