search

Computerization / Enspire

Make "Creativity, Activity, Service (CAS)" Great Again at SWFLA
https://enspire.one
MIT License
5 stars 7 forks source link

chore(deps): update dependency nuxt-security to v2.0.0-rc.7 - autoclosed #587

Closed renovate[bot] closed 3 months ago

renovate[bot] commented 3 months ago

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
nuxt-security (source) 2.0.0-rc.6 -> 2.0.0-rc.7 age adoption passing confidence

Release Notes

Baroshem/nuxt-security (nuxt-security) ### [`v2.0.0-rc.7`](https://togithub.com/Baroshem/nuxt-security/releases/tag/v2.0.0-rc.7): 2.0.0-rc.7 [Compare Source](https://togithub.com/Baroshem/nuxt-security/compare/v2.0.0-rc.6...v2.0.0-rc.7) Support for [https://github.com/Baroshem/nuxt-security/pull/478](https://togithub.com/Baroshem/nuxt-security/pull/478) This new version updates the regular expressions in the 30-cspSsgHashes.ts file. The previous regular expression was not correctly capturing the content of inline script and style tags in all scenarios. The old regular expression for inline scripts: const INLINE_SCRIPT_RE = /\]*?\bsrc="\[\w:.-\\/]+")\[^>]*>(.\*?)\/gi The updated regular expression: const INLINE_SCRIPT_RE = /\]*?\bsrc="\[\w:.-\\/]+")\[^>]*>(\[\s\S]*?)\/gi; The change from (.*?) to (\[\s\S]\*?) ensures that the regular expression matches any character, including newlines, between the tags. This change improves the accuracy of inline script content capture, ensuring that our CSP security hashes are correctly generated for all inline scripts. #### What's Changed - add per route csrf to docs by [@​moshetanzer](https://togithub.com/moshetanzer) in [https://github.com/Baroshem/nuxt-security/pull/471](https://togithub.com/Baroshem/nuxt-security/pull/471) - fix(csp): inline script/style have whitespace character by [@​hlhc](https://togithub.com/hlhc) in [https://github.com/Baroshem/nuxt-security/pull/478](https://togithub.com/Baroshem/nuxt-security/pull/478) #### New Contributors - [@​moshetanzer](https://togithub.com/moshetanzer) made their first contribution in [https://github.com/Baroshem/nuxt-security/pull/471](https://togithub.com/Baroshem/nuxt-security/pull/471) - [@​hlhc](https://togithub.com/hlhc) made their first contribution in [https://github.com/Baroshem/nuxt-security/pull/478](https://togithub.com/Baroshem/nuxt-security/pull/478) **Full Changelog**: https://github.com/Baroshem/nuxt-security/compare/v2.0.0-rc.6...v2.0.0-rc.7

Configuration

πŸ“… Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

β™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

πŸ”• Ignore: Close this PR and you won't be reminded about this update again.

This PR has been generated by Mend Renovate. View repository job log here.

vercel[bot] commented 3 months ago

The latest updates on your projects. Learn more about Vercel for Git β†—οΈŽ

Name Status Preview Comments Updated (UTC)
enspire βœ… Ready (Inspect) Visit Preview πŸ’¬ Add feedback Jun 24, 2024 2:10pm