v6.0.8

#vite

6.0.8 (2025-01-20)

● fix: avoid SSR HMR for HTML files (#19193) (3bd55bc), closes #19193
● fix: build time display 7m 60s (#19108) (cf0d2c8), closes #19108
● fix: don't resolve URL starting with double slash (#19059) (35942cd), closes #19059
● fix: ensure server.close() only called once (#19204) (db81c2d), closes #19204
● fix: resolve.conditions in ResolvedConfig was defaultServerConditions (#19174) (ad75c56), closes #19174
● fix: tree shake stringified JSON imports (#19189) (f2aed62), closes #19189
● fix: use shared sigterm callback (#19203) (47039f4), closes #19203
● fix(deps): update all non-major dependencies (#19098) (8639538), closes #19098
● fix(optimizer): use correct default install state path for yarn PnP (#19119) (e690d8b), closes #19119
● fix(types): improve ESBuildOptions.include / exclude type to allow readonly (string | RegExp)[] (ea53e70), closes #19146
● chore(deps): update dependency pathe to v2 (#19139) (71506f0), closes #19139

source

v2.3.1

#pinia #vue_pinia #vue3_pinia

Please refer to CHANGELOG.md for details.

source

v5.4.12

#vite

5.4.12 (2025-01-20)

● fix!: check host header to prevent DNS rebinding attacks and introduce server.allowedHosts (9da4abc)
● fix!: default server.cors: false to disallow fetching from untrusted origins (dfea38f)
● fix: verify token for HMR WebSocket connection (b71a5c8)
● chore: add deps update changelog (ecd2375)

5.4.11 (2024-11-11)

● fix(deps): update dependencies of postcss-modules (ceb15db), closes #18617

5.4.10 (2024-10-23)

● fix: backport #18367,augment hash for CSS files to prevent chromium erroring by loading previous fil (7d1a3bc), closes #18367 #18412

source

v6.0.9

#vite

6.0.9 (2025-01-20)

● fix!: check host header to prevent DNS rebinding attacks and introduce server.allowedHosts (bd896fb)
● fix!: default server.cors: false to disallow fetching from untrusted origins (b09572a)
● fix: verify token for HMR WebSocket connection (029dcd6)

source

#admin

Should be fixed in future posts.

v4.5.6

#vite

4.5.6 (2025-01-20)

● fix!: check host header to prevent DNS rebinding attacks and introduce server.allowedHosts (ef1049d)
● fix!: default server.cors: false to disallow fetching from untrusted origins (07b36d5)
● fix: verify token for HMR WebSocket connection (c065a77)

4.5.5 (2024-09-16)

4.5.4 (2024-09-16)

● fix: avoid DOM Clobbering gadget in getRelativeUrlFromDocument (#18115) (e812716), closes #18115
● fix: backport #18112, fs raw query (b901438), closes #18112

4.5.3 (2024-03-24)

● fix: fs.deny with globs with directories (#16250) (96a7f3a), closes #16250

source

v4.5.7

#vite

4.5.7 (2025-01-20)

● fix: crypto.getRandomValues is not available in old Node versions (#19237) (f4d3c46), closes #19237

4.5.6 (2025-01-20)

● fix!: check host header to prevent DNS rebinding attacks and introduce server.allowedHosts (ef1049d)
● fix!: default server.cors: false to disallow fetching from untrusted origins (07b36d5)
● fix: verify token for HMR WebSocket connection (c065a77)

4.5.5 (2024-09-16)

4.5.4 (2024-09-16)

● fix: avoid DOM Clobbering gadget in getRelativeUrlFromDocument (#18115) (e812716), closes #18115
● fix: backport #18112, fs raw query (b901438), closes #18112

source

v5.4.13

#vite

5.4.13 (2025-01-20)

● fix: try parse server.origin URL (#19241) (5946215), closes #19241

5.4.12 (2025-01-20)

● fix!: check host header to prevent DNS rebinding attacks and introduce server.allowedHosts (9da4abc)
● fix!: default server.cors: false to disallow fetching from untrusted origins (dfea38f)
● fix: verify token for HMR WebSocket connection (b71a5c8)
● chore: add deps update changelog (ecd2375)

5.4.11 (2024-11-11)

● fix(deps): update dependencies of postcss-modules (ceb15db), closes #18617

5.4.10 (2024-10-23)

● fix: backport #18367,augment hash for CSS files to prevent chromium erroring by loading previous fil (7d1a3bc), closes #18367 #18412

source

v6.0.10

#vite

6.0.10 (2025-01-20)

● fix: try parse server.origin URL (#19241) (2495022), closes #19241

source

v4.5.8

#vite

4.5.8 (2025-01-20)

● fix: try parse server.origin URL (#19241) (3680bad), closes #19241

4.5.7 (2025-01-20)

● fix: crypto.getRandomValues is not available in old Node versions (#19237) (f4d3c46), closes #19237

4.5.6 (2025-01-20)

● fix!: check host header to prevent DNS rebinding attacks and introduce server.allowedHosts (ef1049d)
● fix!: default server.cors: false to disallow fetching from untrusted origins (07b36d5)
● fix: verify token for HMR WebSocket connection (c065a77)

4.5.5 (2024-09-16)

4.5.4 (2024-09-16)

● fix: avoid DOM Clobbering gadget in getRelativeUrlFromDocument (#18115) (e812716), closes #18115
● fix: backport #18112, fs raw query (b901438), closes #18112

4.5.3 (2024-03-24)

● fix: fs.deny with globs with directories (#16250) (96a7f3a), closes #16250

source

v6.0.11

#vite

6.0.11 (2025-01-21)

● fix: preview.allowedHosts with specific values was not respected (#19246) (aeb3ec8), closes #19246
● fix: allow CORS from loopback addresses by default (#19249) (3d03899), closes #19249

source

v4.5.9

#vite

4.5.9 (2025-01-21)

● fix: preview.allowedHosts with specific values was not respected (#19246) (0bc52e0), closes #19246
● fix: allow CORS from loopback addresses by default (#19249) (8f63cd6), closes #19249

4.5.8 (2025-01-20)

● fix: try parse server.origin URL (#19241) (3680bad), closes #19241

4.5.7 (2025-01-20)

● fix: crypto.getRandomValues is not available in old Node versions (#19237) (f4d3c46), closes #19237

source

v5.4.14

#vite

5.4.14 (2025-01-21)

● fix: preview.allowedHosts with specific values was not respected (#19246) (9df6e6b), closes #19246
● fix: allow CORS from loopback addresses by default (#19249) (7d1699c), closes #19249

5.4.13 (2025-01-20)

● fix: try parse server.origin URL (#19241) (5946215), closes #19241

source

@quasar-extras-v1.16.16

#quasar

Changes

● feat(extras): feat(extras): update fontawesome => v6.7.2
● feat(extras): updated roboto fonts => CDN v47

Fix

● n/a

Donations

Quasar Framework is an open-source MIT-licensed project made possible due to the generous contributions by sponsors and backers. If you are interested in supporting this project, please consider the following:

● Becoming a sponsor on Github
● One-off donation via PayPal

source

v3.15.4

#nuxt

3.15.4 is the next patch release.

✅ Upgrading

As usual, our recommendation for upgrading is to run:

npx nuxi@latest upgrade --force

This will refresh your lockfile as well, and ensures that you pull in updates from other dependencies that Nuxt relies on, particularly in the unjs ecosystem.

👉 Changelog

compare changes

🩹 Fixes

● nuxt: Improve error logging when parsing with acorn (#30754)
● nuxt: Clear island uid before saving into the payload (#30767)
● kit: Load @nuxt/schema from nuxt package dir (#30774)
● nuxt: Allow restarting nuxt on paths outside srcDir (#30771)
● nuxt: Don't warn about calling useRoute in SFC setup (#30788)
● webpack: Disallow cross-site requests in no-cors mode (#30757)
● vite: Restore externality for dev server externals (#30802)

💅 Refactors

● vite: Use new rollup chunk.names for asset names (#30780)

❤️ Contributors

● Daniel Roe (@danielroe)
● Peter Radko (@Gwynerva)
● Lansi (@lansi951)
● Julien Huang (@huang-julien)
● Norbiros (@Norbiros)

source

v3.7.9

#vuetify

Other Commmits

● 3.7.9 (b659a4d)

source