feat(core): use virtual file system for SRI

[vejja]

Types of changes

• [x] Bug fix (a non-breaking change which fixes an issue)
• [ ] New feature (a non-breaking change which adds functionality)
• [ ] Breaking change (fix or feature that would cause existing functionality to change)

Description

This PR brings a technical rewrite of the way we save SRI hashes at build time.

Previously, the way we saved SRI hashes was hacky. We were writing the hashes on the drive under the .nuxt build-time directory, which was necessary for SSG rendering of integrity hashes. But because this directory is not available in the server context in SSR mode, we also copied them to the server assets output folder. Then we relied on useStorage to retrieve the hashes, and depending whether the context was SSR or SSG, we had to look either into the build folder or assets folder. Because the output was in JSON format, we encountered issues when Nitropack changed the format of raw assets in JSON format (most notably #395).

With this rewrite, we now use the native Nuxt Virtual File System to inject SRI hashes at build time. In practice, this means that the SRI hashes are now directly bundled into the Nitro server runtime. We do not need useStorage to read them from the disk anymore.

This closes #395 definitively as we remove the dependency from useStorage raw format.

Checklist:

• [ ] My change requires a change to the documentation.
• [ ] I have updated the documentation accordingly.
• [ ] I have added tests to cover my changes (if not applicable, please state why)

[vercel[bot]]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
nuxt-security	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Apr 26, 2024 6:47am

[vejja]

It can be a patch, this is really small

[Baroshem]

Published as 1.4.3 :)