Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(deps): update sirv to 2.0.3 #13057

Merged
merged 4 commits into from
Jun 7, 2023
Merged

fix(deps): update sirv to 2.0.3 #13057

merged 4 commits into from
Jun 7, 2023

Conversation

sapphi-red
Copy link
Member

Description

This PR updates sirv from 2.0.2 to 2.0.3.
The update includes two bug fixes (lukeed/sirv#147, lukeed/sirv#149).

lukeed/sirv#149 requires changes in code around the static middleware. This PR also includes that.
Related PRs around that code: #8804 #8979 #9173

Additional context

What is the purpose of this pull request?

  • Bug fix
  • New Feature
  • Documentation update
  • Other

Before submitting the PR, please make sure you do the following

  • Read the Contributing Guidelines.
  • Read the Pull Request Guidelines and follow the PR Title Convention.
  • Check that there isn't already a PR that solves the problem the same way to avoid creating a duplicate.
  • Provide a description in this PR that addresses what the PR is solving, or reference the issue that it solves (e.g. fixes #123).
  • Ideally, include relevant tests that fail without this PR but pass with it.

@sapphi-red sapphi-red added dependencies Pull requests that update a dependency file p3-minor-bug An edge case that only affects very specific usage (priority) labels Apr 30, 2023
@stackblitz
Copy link

stackblitz bot commented Apr 30, 2023

Review PR in StackBlitz Codeflow Run & review this pull request in StackBlitz Codeflow.

sapphi-red
sapphi-red commented Apr 30, 2023
View reviewed changes
packages/vite/src/node/server/middlewares/static.ts
url.pathname = encodeURIComponent(newPathname)
url.pathname = encodeURI(newPathname)
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This part was returning %2Ffoo%2Fbar when url.pathname was /foo/bar. But because lukeed/sirv#149 changed decodeURIComponent to decodeURI, this no longer works.

The reason why this part was using encodeURIComponent is #8979. In that time, we weren't able to use decodeURI in line 162 because of #8804.

playground/fs-serve/__tests__/fs-serve.spec.ts
Comment on lines -53 to +51
expect(await page.textContent('.unsafe-fetch-8498-2')).toMatch('')
expect(await page.textContent('.unsafe-fetch-8498-2')).toBe('')
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IIUC This line wasn't testing anything. 😅 .toMatch('') returns always true.
https://stackblitz.com/edit/vitest-dev-vitest-byvrxk?file=test%2Fbasic.test.ts

@patak-dev
Copy link
Member

/ecosystem-ci run

@vite-ecosystem-ci
Copy link

vite-ecosystem-ci bot commented Apr 30, 2023
edited
Loading

📝 Ran ecosystem CI: Open

suite result
astro ✅ success
histoire ✅ success
iles ✅ success
ladle ✅ success
laravel ✅ success
marko ✅ success
nuxt ✅ success
previewjs ✅ success
qwik ✅ success
rakkas ✅ success
sveltekit ✅ success
vite-plugin-ssr ✅ success
vite-plugin-react ✅ success
vite-plugin-react-pages ✅ success
vite-plugin-react-swc ✅ success
vite-plugin-svelte ✅ success
vite-plugin-vue ✅ success
vite-setup-catalogue ✅ success
vitepress ✅ success
vitest ✅ success
windicss ✅ success

bluwy
bluwy previously approved these changes Apr 30, 2023
View reviewed changes
patak-dev
patak-dev previously approved these changes Apr 30, 2023
View reviewed changes
Copy link
Member

@patak-dev patak-dev left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me! But given that this touches code paths that are security sensitive, I think we should merge it once we start the beta for the next minor.

@patak-dev patak-dev added this to the 4.4 milestone Apr 30, 2023
@bluwy bluwy mentioned this pull request May 8, 2023
Merged
1 task
sapphi-red added a commit to sapphi-red/vite-plugin-static-copy that referenced this pull request May 12, 2023
@sapphi-red
fix: decode path correctly
12dab24 
refs vitejs/vite#13057
@sapphi-red sapphi-red mentioned this pull request May 12, 2023
Merged
@patak-dev
Copy link
Member

@sapphi-red feel free to merge this PR after resolving the conflicts, and we can try it out during the 4.4 beta. And then we could merge #13059

@sapphi-red sapphi-red dismissed stale reviews from patak-dev and bluwy via f66bd1a June 7, 2023 09:49
@patak-dev patak-dev merged commit d814d6c into vitejs:main Jun 7, 2023
@sapphi-red sapphi-red deleted the fix/update-sirv branch June 7, 2023 10:19
sapphi-red added a commit to sapphi-red/vite-plugin-static-copy that referenced this pull request Jul 15, 2023
@sapphi-red
fix: decode path correctly (#55)
e883c15 
refs vitejs/vite#13057
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bluwy bluwy bluwy approved these changes

@patak-dev patak-dev patak-dev approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file p3-minor-bug An edge case that only affects very specific usage (priority)
Projects
None yet
Milestone
4.4
Development

Successfully merging this pull request may close these issues.
3 participants
@sapphi-red @patak-dev @bluwy