v5.4.12
#vite
5.4.12 (2025-01-20)
β fix!: check host header to prevent DNS rebinding attacks and introduce
β fix!: default
β fix: verify token for HMR WebSocket connection (b71a5c8)
β chore: add deps update changelog (ecd2375)
5.4.11 (2024-11-11)
β fix(deps): update dependencies of postcss-modules (ceb15db), closes #18617
5.4.10 (2024-10-23)
β fix: backport #18367,augment hash for CSS files to prevent chromium erroring by loading previous fil (7d1a3bc), closes #18367 #18412
source
#vite
5.4.12 (2025-01-20)
β fix!: check host header to prevent DNS rebinding attacks and introduce
server.allowedHosts (9da4abc)β fix!: default
server.cors: false to disallow fetching from untrusted origins (dfea38f)β fix: verify token for HMR WebSocket connection (b71a5c8)
β chore: add deps update changelog (ecd2375)
5.4.11 (2024-11-11)
β fix(deps): update dependencies of postcss-modules (ceb15db), closes #18617
5.4.10 (2024-10-23)
β fix: backport #18367,augment hash for CSS files to prevent chromium erroring by loading previous fil (7d1a3bc), closes #18367 #18412
source
v4.5.6
#vite
4.5.6 (2025-01-20)
β fix!: check host header to prevent DNS rebinding attacks and introduce
β fix!: default
β fix: verify token for HMR WebSocket connection (c065a77)
4.5.5 (2024-09-16)
4.5.4 (2024-09-16)
β fix: avoid DOM Clobbering gadget in
β fix: backport #18112, fs raw query (b901438), closes #18112
4.5.3 (2024-03-24)
β fix:
source
#vite
4.5.6 (2025-01-20)
β fix!: check host header to prevent DNS rebinding attacks and introduce
server.allowedHosts (ef1049d)β fix!: default
server.cors: false to disallow fetching from untrusted origins (07b36d5)β fix: verify token for HMR WebSocket connection (c065a77)
4.5.5 (2024-09-16)
4.5.4 (2024-09-16)
β fix: avoid DOM Clobbering gadget in
getRelativeUrlFromDocument (#18115) (e812716), closes #18115β fix: backport #18112, fs raw query (b901438), closes #18112
4.5.3 (2024-03-24)
β fix:
fs.deny with globs with directories (#16250) (96a7f3a), closes #16250source
v4.5.7
#vite
4.5.7 (2025-01-20)
β fix:
4.5.6 (2025-01-20)
β fix!: check host header to prevent DNS rebinding attacks and introduce
β fix!: default
β fix: verify token for HMR WebSocket connection (c065a77)
4.5.5 (2024-09-16)
4.5.4 (2024-09-16)
β fix: avoid DOM Clobbering gadget in
β fix: backport #18112, fs raw query (b901438), closes #18112
source
#vite
4.5.7 (2025-01-20)
β fix:
crypto.getRandomValues is not available in old Node versions (#19237) (f4d3c46), closes #192374.5.6 (2025-01-20)
β fix!: check host header to prevent DNS rebinding attacks and introduce
server.allowedHosts (ef1049d)β fix!: default
server.cors: false to disallow fetching from untrusted origins (07b36d5)β fix: verify token for HMR WebSocket connection (c065a77)
4.5.5 (2024-09-16)
4.5.4 (2024-09-16)
β fix: avoid DOM Clobbering gadget in
getRelativeUrlFromDocument (#18115) (e812716), closes #18115β fix: backport #18112, fs raw query (b901438), closes #18112
source
v5.4.13
#vite
5.4.13 (2025-01-20)
β fix: try parse
5.4.12 (2025-01-20)
β fix!: check host header to prevent DNS rebinding attacks and introduce
β fix!: default
β fix: verify token for HMR WebSocket connection (b71a5c8)
β chore: add deps update changelog (ecd2375)
5.4.11 (2024-11-11)
β fix(deps): update dependencies of postcss-modules (ceb15db), closes #18617
5.4.10 (2024-10-23)
β fix: backport #18367,augment hash for CSS files to prevent chromium erroring by loading previous fil (7d1a3bc), closes #18367 #18412
source
#vite
5.4.13 (2025-01-20)
β fix: try parse
server.origin URL (#19241) (5946215), closes #192415.4.12 (2025-01-20)
β fix!: check host header to prevent DNS rebinding attacks and introduce
server.allowedHosts (9da4abc)β fix!: default
server.cors: false to disallow fetching from untrusted origins (dfea38f)β fix: verify token for HMR WebSocket connection (b71a5c8)
β chore: add deps update changelog (ecd2375)
5.4.11 (2024-11-11)
β fix(deps): update dependencies of postcss-modules (ceb15db), closes #18617
5.4.10 (2024-10-23)
β fix: backport #18367,augment hash for CSS files to prevent chromium erroring by loading previous fil (7d1a3bc), closes #18367 #18412
source
v4.5.8
#vite
4.5.8 (2025-01-20)
β fix: try parse
4.5.7 (2025-01-20)
β fix:
4.5.6 (2025-01-20)
β fix!: check host header to prevent DNS rebinding attacks and introduce
β fix!: default
β fix: verify token for HMR WebSocket connection (c065a77)
4.5.5 (2024-09-16)
4.5.4 (2024-09-16)
β fix: avoid DOM Clobbering gadget in
β fix: backport #18112, fs raw query (b901438), closes #18112
4.5.3 (2024-03-24)
β fix:
source
#vite
4.5.8 (2025-01-20)
β fix: try parse
server.origin URL (#19241) (3680bad), closes #192414.5.7 (2025-01-20)
β fix:
crypto.getRandomValues is not available in old Node versions (#19237) (f4d3c46), closes #192374.5.6 (2025-01-20)
β fix!: check host header to prevent DNS rebinding attacks and introduce
server.allowedHosts (ef1049d)β fix!: default
server.cors: false to disallow fetching from untrusted origins (07b36d5)β fix: verify token for HMR WebSocket connection (c065a77)
4.5.5 (2024-09-16)
4.5.4 (2024-09-16)
β fix: avoid DOM Clobbering gadget in
getRelativeUrlFromDocument (#18115) (e812716), closes #18115β fix: backport #18112, fs raw query (b901438), closes #18112
4.5.3 (2024-03-24)
β fix:
fs.deny with globs with directories (#16250) (96a7f3a), closes #16250source
v4.5.9
#vite
4.5.9 (2025-01-21)
β fix:
β fix: allow CORS from loopback addresses by default (#19249) (8f63cd6), closes #19249
4.5.8 (2025-01-20)
β fix: try parse
4.5.7 (2025-01-20)
β fix:
source
#vite
4.5.9 (2025-01-21)
β fix:
preview.allowedHosts with specific values was not respected (#19246) (0bc52e0), closes #19246β fix: allow CORS from loopback addresses by default (#19249) (8f63cd6), closes #19249
4.5.8 (2025-01-20)
β fix: try parse
server.origin URL (#19241) (3680bad), closes #192414.5.7 (2025-01-20)
β fix:
crypto.getRandomValues is not available in old Node versions (#19237) (f4d3c46), closes #19237source
v5.4.14
#vite
5.4.14 (2025-01-21)
β fix:
β fix: allow CORS from loopback addresses by default (#19249) (7d1699c), closes #19249
5.4.13 (2025-01-20)
β fix: try parse
source
#vite
5.4.14 (2025-01-21)
β fix:
preview.allowedHosts with specific values was not respected (#19246) (9df6e6b), closes #19246β fix: allow CORS from loopback addresses by default (#19249) (7d1699c), closes #19249
5.4.13 (2025-01-20)
β fix: try parse
server.origin URL (#19241) (5946215), closes #19241source
@quasar-extras-v1.16.16
#quasar
Changes
β feat(extras): feat(extras): update fontawesome => v6.7.2
β feat(extras): updated roboto fonts => CDN v47
Fix
β n/a
Donations
Quasar Framework is an open-source MIT-licensed project made possible due to the generous contributions by sponsors and backers. If you are interested in supporting this project, please consider the following:
β Becoming a sponsor on Github
β One-off donation via PayPal
source
#quasar
Changes
β feat(extras): feat(extras): update fontawesome => v6.7.2
β feat(extras): updated roboto fonts => CDN v47
Fix
β n/a
Donations
Quasar Framework is an open-source MIT-licensed project made possible due to the generous contributions by sponsors and backers. If you are interested in supporting this project, please consider the following:
β Becoming a sponsor on Github
β One-off donation via PayPal
source
v3.15.4
#nuxt
β Upgrading
As usual, our recommendation for upgrading is to run:
This will refresh your lockfile as well, and ensures that you pull in updates from other dependencies that Nuxt relies on, particularly in the unjs ecosystem.
π Changelog
compare changes
π©Ή Fixes
β nuxt: Improve error logging when parsing with
β nuxt: Clear island uid before saving into the payload (#30767)
β kit: Load
β nuxt: Allow restarting nuxt on paths outside
β nuxt: Don't warn about calling
β webpack: Disallow cross-site requests in no-cors mode (#30757)
β vite: Restore
π Refactors
β vite: Use new rollup
β€οΈ Contributors
β Daniel Roe (@danielroe)
β Peter Radko (@Gwynerva)
β Lansi (@lansi951)
β Julien Huang (@huang-julien)
β Norbiros (@Norbiros)
source
#nuxt
3.15.4 is the next patch release.
β Upgrading
As usual, our recommendation for upgrading is to run:
npx nuxi@latest upgrade --force
This will refresh your lockfile as well, and ensures that you pull in updates from other dependencies that Nuxt relies on, particularly in the unjs ecosystem.
π Changelog
compare changes
π©Ή Fixes
β nuxt: Improve error logging when parsing with
acorn (#30754)β nuxt: Clear island uid before saving into the payload (#30767)
β kit: Load
@nuxt/schema from nuxt package dir (#30774)β nuxt: Allow restarting nuxt on paths outside
srcDir (#30771)β nuxt: Don't warn about calling
useRoute in SFC setup (#30788)β webpack: Disallow cross-site requests in no-cors mode (#30757)
β vite: Restore
externality for dev server externals (#30802)π Refactors
β vite: Use new rollup
chunk.names for asset names (#30780)β€οΈ Contributors
β Daniel Roe (@danielroe)
β Peter Radko (@Gwynerva)
β Lansi (@lansi951)
β Julien Huang (@huang-julien)
β Norbiros (@Norbiros)
source
v11.1.0
#vue_i18n #i18n #vue_i18n_next
What's Changed
π Features
β feat: configurable
ποΈ Documentations
β fix: vue-i18n v8 EOL by @kazupon in #2060
Full Changelog: v11.0.1...v11.1.0
source
#vue_i18n #i18n #vue_i18n_next
What's Changed
π Features
β feat: configurable
ComponentCustomProperties['$i18n'] type by @BobbieGoede in #2094ποΈ Documentations
β fix: vue-i18n v8 EOL by @kazupon in #2060
Full Changelog: v11.0.1...v11.1.0
source