Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(deps): update sirv to 2.0.3 #13057

Merged
merged 4 commits into from
Jun 7, 2023
Merged

Conversation

sapphi-red
Copy link
Member

Description

This PR updates sirv from 2.0.2 to 2.0.3.
The update includes two bug fixes (lukeed/sirv#147, lukeed/sirv#149).

lukeed/sirv#149 requires changes in code around the static middleware. This PR also includes that.
Related PRs around that code: #8804 #8979 #9173

Additional context


What is the purpose of this pull request?

  • Bug fix
  • New Feature
  • Documentation update
  • Other

Before submitting the PR, please make sure you do the following

  • Read the Contributing Guidelines.
  • Read the Pull Request Guidelines and follow the PR Title Convention.
  • Check that there isn't already a PR that solves the problem the same way to avoid creating a duplicate.
  • Provide a description in this PR that addresses what the PR is solving, or reference the issue that it solves (e.g. fixes #123).
  • Ideally, include relevant tests that fail without this PR but pass with it.

@sapphi-red sapphi-red added dependencies Pull requests that update a dependency file p3-minor-bug An edge case that only affects very specific usage (priority) labels Apr 30, 2023
@stackblitz
Copy link

stackblitz bot commented Apr 30, 2023

Review PR in StackBlitz Codeflow Run & review this pull request in StackBlitz Codeflow.

url.pathname = encodeURIComponent(newPathname)
url.pathname = encodeURI(newPathname)
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This part was returning %2Ffoo%2Fbar when url.pathname was /foo/bar. But because lukeed/sirv#149 changed decodeURIComponent to decodeURI, this no longer works.

The reason why this part was using encodeURIComponent is #8979. In that time, we weren't able to use decodeURI in line 162 because of #8804.

Comment on lines -53 to +51
expect(await page.textContent('.unsafe-fetch-8498-2')).toMatch('')
expect(await page.textContent('.unsafe-fetch-8498-2')).toBe('')
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IIUC This line wasn't testing anything. 😅 .toMatch('') returns always true.
https://stackblitz.com/edit/vitest-dev-vitest-byvrxk?file=test%2Fbasic.test.ts

@patak-dev
Copy link
Member

/ecosystem-ci run

@vite-ecosystem-ci
Copy link

vite-ecosystem-ci bot commented Apr 30, 2023

📝 Ran ecosystem CI: Open

suite result
astro ✅ success
histoire ✅ success
iles ✅ success
ladle ✅ success
laravel ✅ success
marko ✅ success
nuxt ✅ success
previewjs ✅ success
qwik ✅ success
rakkas ✅ success
sveltekit ✅ success
vite-plugin-ssr ✅ success
vite-plugin-react ✅ success
vite-plugin-react-pages ✅ success
vite-plugin-react-swc ✅ success
vite-plugin-svelte ✅ success
vite-plugin-vue ✅ success
vite-setup-catalogue ✅ success
vitepress ✅ success
vitest ✅ success
windicss ✅ success

bluwy
bluwy previously approved these changes Apr 30, 2023
patak-dev
patak-dev previously approved these changes Apr 30, 2023
Copy link
Member

@patak-dev patak-dev left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me! But given that this touches code paths that are security sensitive, I think we should merge it once we start the beta for the next minor.

@patak-dev patak-dev added this to the 4.4 milestone Apr 30, 2023
sapphi-red added a commit to sapphi-red/vite-plugin-static-copy that referenced this pull request May 12, 2023
@patak-dev
Copy link
Member

@sapphi-red feel free to merge this PR after resolving the conflicts, and we can try it out during the 4.4 beta. And then we could merge #13059

@sapphi-red sapphi-red dismissed stale reviews from patak-dev and bluwy via f66bd1a June 7, 2023 09:49
@sapphi-red sapphi-red requested review from patak-dev and bluwy June 7, 2023 10:03
@patak-dev patak-dev merged commit d814d6c into vitejs:main Jun 7, 2023
@sapphi-red sapphi-red deleted the fix/update-sirv branch June 7, 2023 10:19
sapphi-red added a commit to sapphi-red/vite-plugin-static-copy that referenced this pull request Jul 15, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file p3-minor-bug An edge case that only affects very specific usage (priority)
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants