From d814d6c56765696f766b32b5fce604acf715bf3c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=BF=A0=20/=20green?= Date: Wed, 7 Jun 2023 19:15:23 +0900 Subject: [PATCH] fix(deps): update sirv to 2.0.3 (#13057) --- package.json | 4 +- packages/vite/package.json | 2 +- .../src/node/server/middlewares/static.ts | 8 ++-- .../{sirv@2.0.2.patch => sirv@2.0.3.patch} | 8 ++-- .../fs-serve/__tests__/fs-serve.spec.ts | 10 ++--- playground/lib/package.json | 3 ++ playground/package.json | 3 +- pnpm-lock.yaml | 39 ++++++++++++------- 8 files changed, 45 insertions(+), 32 deletions(-) rename patches/{sirv@2.0.2.patch => sirv@2.0.3.patch} (89%) diff --git a/package.json b/package.json index 6669066afd2767..dc01b6adbcc5d9 100644 --- a/package.json +++ b/package.json @@ -128,8 +128,8 @@ }, "patchedDependencies": { "dotenv-expand@9.0.0": "patches/dotenv-expand@9.0.0.patch", - "sirv@2.0.2": "patches/sirv@2.0.2.patch", - "chokidar@3.5.3": "patches/chokidar@3.5.3.patch" + "chokidar@3.5.3": "patches/chokidar@3.5.3.patch", + "sirv@2.0.3": "patches/sirv@2.0.3.patch" } }, "stackblitz": { diff --git a/packages/vite/package.json b/packages/vite/package.json index 4a89dcee89e711..6c9d6f9f7b8b58 100644 --- a/packages/vite/package.json +++ b/packages/vite/package.json @@ -123,7 +123,7 @@ "postcss-modules": "^6.0.0", "resolve.exports": "^2.0.2", "rollup-plugin-license": "^3.0.1", - "sirv": "^2.0.2", + "sirv": "^2.0.3", "source-map-support": "^0.5.21", "strip-ansi": "^7.0.1", "strip-literal": "^1.0.1", diff --git a/packages/vite/src/node/server/middlewares/static.ts b/packages/vite/src/node/server/middlewares/static.ts index 387ea96b6df78f..b0c7c83d619f4a 100644 --- a/packages/vite/src/node/server/middlewares/static.ts +++ b/packages/vite/src/node/server/middlewares/static.ts @@ -102,7 +102,7 @@ export function serveStaticMiddleware( } const url = new URL(req.url!.replace(/^\/+/, '/'), 'http://example.com') - const pathname = decodeURIComponent(url.pathname) + const pathname = decodeURI(url.pathname) // apply aliases to static requests as well let redirectedPathname: string | undefined @@ -136,7 +136,7 @@ export function serveStaticMiddleware( } if (redirectedPathname) { - url.pathname = encodeURIComponent(redirectedPathname) + url.pathname = encodeURI(redirectedPathname) req.url = url.href.slice(url.origin.length) } @@ -160,7 +160,7 @@ export function serveRawFsMiddleware( // the paths are rewritten to `/@fs/` prefixed paths and must be served by // searching based from fs root. if (url.pathname.startsWith(FS_PREFIX)) { - const pathname = decodeURIComponent(url.pathname) + const pathname = decodeURI(url.pathname) // restrict files outside of `fs.allow` if ( !ensureServingAccess( @@ -176,7 +176,7 @@ export function serveRawFsMiddleware( let newPathname = pathname.slice(FS_PREFIX.length) if (isWindows) newPathname = newPathname.replace(/^[A-Z]:/i, '') - url.pathname = encodeURIComponent(newPathname) + url.pathname = encodeURI(newPathname) req.url = url.href.slice(url.origin.length) serveFromRoot(req, res, next) } else { diff --git a/patches/sirv@2.0.2.patch b/patches/sirv@2.0.3.patch similarity index 89% rename from patches/sirv@2.0.2.patch rename to patches/sirv@2.0.3.patch index 051c1292da455e..0a758e89369c9c 100644 --- a/patches/sirv@2.0.2.patch +++ b/patches/sirv@2.0.3.patch @@ -1,5 +1,5 @@ diff --git a/build.js b/build.js -index b046ee138b1f9047c70beaeea7279d3476d7e8cd..574ce1410a1344a4db292803d05c303f8c03767c 100644 +index 0884d9ffaa24d0ae3ec020a6faff12b3125b2071..85b82c90346e829bbf723e913f282c80096df061 100644 --- a/build.js +++ b/build.js @@ -35,7 +35,7 @@ function viaCache(cache, uri, extns) { @@ -19,7 +19,7 @@ index b046ee138b1f9047c70beaeea7279d3476d7e8cd..574ce1410a1344a4db292803d05c303f headers = toHeaders(name, stats, isEtag); headers['Cache-Control'] = isEtag ? 'no-cache' : 'no-store'; return { abs, stats, headers }; -@@ -172,7 +173,7 @@ module.exports = function (dir, opts={}) { +@@ -176,7 +177,7 @@ module.exports = function (dir, opts={}) { catch (err) { /* malform uri */ } } @@ -29,7 +29,7 @@ index b046ee138b1f9047c70beaeea7279d3476d7e8cd..574ce1410a1344a4db292803d05c303f if (isEtag && req.headers['if-none-match'] === data.headers['ETag']) { diff --git a/build.mjs b/build.mjs -index fe01068d0dd3f788a0978802db1747dd83c5825e..fb099c38cc2cbd59300471e7307625e2fc127f0c 100644 +index c93bbe6bdfb7ad13ee20f0c44d80d6aacdd64087..3dc3e22f09abcae51aef7b75c34dc08b1f6e6abd 100644 --- a/build.mjs +++ b/build.mjs @@ -35,7 +35,7 @@ function viaCache(cache, uri, extns) { @@ -49,7 +49,7 @@ index fe01068d0dd3f788a0978802db1747dd83c5825e..fb099c38cc2cbd59300471e7307625e2 headers = toHeaders(name, stats, isEtag); headers['Cache-Control'] = isEtag ? 'no-cache' : 'no-store'; return { abs, stats, headers }; -@@ -172,7 +173,7 @@ export default function (dir, opts={}) { +@@ -176,7 +177,7 @@ export default function (dir, opts={}) { catch (err) { /* malform uri */ } } diff --git a/playground/fs-serve/__tests__/fs-serve.spec.ts b/playground/fs-serve/__tests__/fs-serve.spec.ts index 9713e57850228a..8fab74d1bed7e3 100644 --- a/playground/fs-serve/__tests__/fs-serve.spec.ts +++ b/playground/fs-serve/__tests__/fs-serve.spec.ts @@ -43,14 +43,12 @@ describe.runIf(isServe)('main', () => { }) test('unsafe fetch with special characters (#8498)', async () => { - expect(await page.textContent('.unsafe-fetch-8498')).toMatch( - '403 Restricted', - ) - expect(await page.textContent('.unsafe-fetch-8498-status')).toBe('403') + expect(await page.textContent('.unsafe-fetch-8498')).toBe('') + expect(await page.textContent('.unsafe-fetch-8498-status')).toBe('404') }) test('unsafe fetch with special characters 2 (#8498)', async () => { - expect(await page.textContent('.unsafe-fetch-8498-2')).toMatch('') + expect(await page.textContent('.unsafe-fetch-8498-2')).toBe('') expect(await page.textContent('.unsafe-fetch-8498-2-status')).toBe('404') }) @@ -78,7 +76,7 @@ describe.runIf(isServe)('main', () => { test('unsafe fs fetch with special characters (#8498)', async () => { expect(await page.textContent('.unsafe-fs-fetch-8498')).toBe('') - expect(await page.textContent('.unsafe-fs-fetch-8498-status')).toBe('403') + expect(await page.textContent('.unsafe-fs-fetch-8498-status')).toBe('404') }) test('unsafe fs fetch with special characters 2 (#8498)', async () => { diff --git a/playground/lib/package.json b/playground/lib/package.json index bde63a70b2a6b2..a38060db5e43f2 100644 --- a/playground/lib/package.json +++ b/playground/lib/package.json @@ -8,5 +8,8 @@ "build": "vite build", "debug": "node --inspect-brk ../../packages/vite/bin/vite", "preview": "vite preview" + }, + "devDependencies": { + "sirv": "^2.0.3" } } diff --git a/playground/package.json b/playground/package.json index e2a97366ce470f..e0c5e6c2879392 100644 --- a/playground/package.json +++ b/playground/package.json @@ -10,7 +10,6 @@ "convert-source-map": "^2.0.0", "css-color-names": "^1.0.1", "kill-port": "^1.6.1", - "node-fetch": "^3.3.1", - "sirv": "^2.0.2" + "node-fetch": "^3.3.1" } } diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 98a02dffad4a93..4f378f0d4668c0 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -12,9 +12,9 @@ patchedDependencies: dotenv-expand@9.0.0: hash: dccccn23nvejzy75sgiosdt2au path: patches/dotenv-expand@9.0.0.patch - sirv@2.0.2: - hash: hmoqtj4vy3i7wnpchga2a2mu3y - path: patches/sirv@2.0.2.patch + sirv@2.0.3: + hash: z45f224eewh2pgpijxcc3aboqm + path: patches/sirv@2.0.3.patch importers: @@ -390,8 +390,8 @@ importers: specifier: ^3.0.1 version: 3.0.1(rollup@3.21.0) sirv: - specifier: ^2.0.2 - version: 2.0.2(patch_hash=hmoqtj4vy3i7wnpchga2a2mu3y) + specifier: ^2.0.3 + version: 2.0.3(patch_hash=z45f224eewh2pgpijxcc3aboqm) source-map-support: specifier: ^0.5.21 version: 0.5.21 @@ -431,9 +431,6 @@ importers: node-fetch: specifier: ^3.3.1 version: 3.3.1 - sirv: - specifier: ^2.0.2 - version: 2.0.2(patch_hash=hmoqtj4vy3i7wnpchga2a2mu3y) playground/alias: dependencies: @@ -693,7 +690,11 @@ importers: specifier: ^5.17.1 version: 5.17.1 - playground/lib: {} + playground/lib: + devDependencies: + sirv: + specifier: ^2.0.3 + version: 2.0.3(patch_hash=z45f224eewh2pgpijxcc3aboqm) playground/minify: {} @@ -4009,6 +4010,7 @@ packages: '@vue/shared': 3.3.4 estree-walker: 2.0.2 source-map-js: 1.0.2 + dev: true /@vue/compiler-dom@3.2.47: resolution: {integrity: sha512-dBBnEHEPoftUiS03a4ggEig74J2YBZ2UIeyfpcRM2tavgMWo4bsEfgCGsu+uJIL/vax9S+JztH8NmQerUo7shQ==} @@ -4021,6 +4023,7 @@ packages: dependencies: '@vue/compiler-core': 3.3.4 '@vue/shared': 3.3.4 + dev: true /@vue/compiler-sfc@3.2.47: resolution: {integrity: sha512-rog05W+2IFfxjMcFw10tM9+f7i/+FFpZJJ5XHX72NP9eC2uRD+42M3pYcQqDXVYoj74kHMSEdQ/WmCjt8JFksQ==} @@ -4049,6 +4052,7 @@ packages: magic-string: 0.30.0 postcss: 8.4.23 source-map-js: 1.0.2 + dev: true /@vue/compiler-ssr@3.2.47: resolution: {integrity: sha512-wVXC+gszhulcMD8wpxMsqSOpvDZ6xKXSVWkf50Guf/S+28hTAXPDYRTbLQ3EDkOP5Xz/+SY37YiwDquKbJOgZw==} @@ -4061,6 +4065,7 @@ packages: dependencies: '@vue/compiler-dom': 3.3.4 '@vue/shared': 3.3.4 + dev: true /@vue/devtools-api@6.4.5: resolution: {integrity: sha512-JD5fcdIuFxU4fQyXUu3w2KpAJHzTVdN+p4iOX2lMWSHMOoQdMAcpFLZzm9Z/2nmsoZ1a96QEhZ26e50xLBsgOQ==} @@ -4086,6 +4091,7 @@ packages: '@vue/shared': 3.3.4 estree-walker: 2.0.2 magic-string: 0.30.0 + dev: true /@vue/reactivity@3.2.47: resolution: {integrity: sha512-7khqQ/75oyyg+N/e+iwV6lpy1f5wq759NdlS1fpAhFXa8VeAIKGgk2E/C4VF59lx5b+Ezs5fpp/5WsRYXQiKxQ==} @@ -4096,6 +4102,7 @@ packages: resolution: {integrity: sha512-kLTDLwd0B1jG08NBF3R5rqULtv/f8x3rOFByTDz4J53ttIQEDmALqKqXY0J+XQeN0aV2FBxY8nJDf88yvOPAqQ==} dependencies: '@vue/shared': 3.3.4 + dev: true /@vue/runtime-core@3.2.47: resolution: {integrity: sha512-RZxbLQIRB/K0ev0K9FXhNbBzT32H9iRtYbaXb0ZIz2usLms/D55dJR2t6cIEUn6vyhS3ALNvNthI+Q95C+NOpA==} @@ -4108,6 +4115,7 @@ packages: dependencies: '@vue/reactivity': 3.3.4 '@vue/shared': 3.3.4 + dev: true /@vue/runtime-dom@3.2.47: resolution: {integrity: sha512-ArXrFTjS6TsDei4qwNvgrdmHtD930KgSKGhS5M+j8QxXrDJYLqYw4RRcDy1bz1m1wMmb6j+zGLifdVHtkXA7gA==} @@ -4122,6 +4130,7 @@ packages: '@vue/runtime-core': 3.3.4 '@vue/shared': 3.3.4 csstype: 3.1.2 + dev: true /@vue/server-renderer@3.2.47(vue@3.2.47): resolution: {integrity: sha512-dN9gc1i8EvmP9RCzvneONXsKfBRgqFeFZLurmHOveL7oH6HiFXJw5OGu294n1nHc/HMgTy6LulU/tv5/A7f/LA==} @@ -4140,12 +4149,14 @@ packages: '@vue/compiler-ssr': 3.3.4 '@vue/shared': 3.3.4 vue: 3.3.4 + dev: true /@vue/shared@3.2.47: resolution: {integrity: sha512-BHGyyGN3Q97EZx0taMQ+OLNuZcW3d37ZEVmEAyeoA9ERdGvm9Irc/0Fua8SNyOtV1w6BS4q25wbMzJujO9HIfQ==} /@vue/shared@3.3.4: resolution: {integrity: sha512-7OjdcV8vQ74eiz1TZLzZP4JwqM5fA94K6yntPS5Z25r9HDuGNzaGdgvwKYq6S+MxwF0TFRwe50fIR/MYnakdkQ==} + dev: true /@vueuse/core@10.1.2(vue@3.3.4): resolution: {integrity: sha512-roNn8WuerI56A5uiTyF/TEYX0Y+VKlhZAF94unUfdhbDUI+NfwQMn4FUnUscIRUhv3344qvAghopU4bzLPNFlA==} @@ -5236,6 +5247,7 @@ packages: /csstype@3.1.2: resolution: {integrity: sha512-I7K1Uu0MBPzaFKg4nI5Q7Vs2t+3gWWW648spaF+Rg7pI9ds18Ugn+lvg4SHczUdKlHI5LWBXyqfS8+DufyBsgQ==} + dev: true /d@1.0.1: resolution: {integrity: sha512-m62ShEObQ39CfralilEQRjH6oAMtNCV1xJyEx5LpRYUVN+EviphDgUc/F3hnYbADmkiNs67Y+3ylmlG7Lnu+FA==} @@ -9270,8 +9282,8 @@ packages: requiresBuild: true dev: true - /sirv@2.0.2(patch_hash=hmoqtj4vy3i7wnpchga2a2mu3y): - resolution: {integrity: sha512-4Qog6aE29nIjAOKe/wowFTxOdmbEZKb+3tsLljaBRzJwtqto0BChD2zzH0LhgCSXiI+V7X+Y45v14wBZQ1TK3w==} + /sirv@2.0.3(patch_hash=z45f224eewh2pgpijxcc3aboqm): + resolution: {integrity: sha512-O9jm9BsID1P+0HOi81VpXPoDxYP374pkOLzACAoyUQ/3OUVndNpsz6wMnY2z+yOxzbllCKZrM+9QrWsv4THnyA==} engines: {node: '>= 10'} dependencies: '@polka/url': 1.0.0-next.21 @@ -10291,6 +10303,7 @@ packages: '@vue/runtime-dom': 3.3.4 '@vue/server-renderer': 3.3.4(vue@3.3.4) '@vue/shared': 3.3.4 + dev: true /vuex@4.1.0(vue@3.2.47): resolution: {integrity: sha512-hmV6UerDrPcgbSy9ORAtNXDr9M4wlNP4pEFKye4ujJF8oqgFFuxDCdOLS3eNoRTtq5O3hoBDh9Doj1bQMYHRbQ==} @@ -10591,7 +10604,7 @@ packages: dependencies: slash3: /slash@3.0.0 slash5: /slash@5.0.0 - vue: 3.3.4 + vue: 3.2.47 dev: false file:playground/external/dep-that-requires: @@ -10601,7 +10614,7 @@ packages: dependencies: slash3: /slash@3.0.0 slash5: /slash@5.0.0 - vue: 3.3.4 + vue: 3.2.47 dev: false file:playground/import-assertion/import-assertion-dep: