This version is covered by your current version range, but I could not detect automated tests for this project. Without a test suite I can not really tell whether your project still works.
I was looking at the latest commit of your default branch, but GitHub said there is no status attached to it.
Do you have any ideas how I could improve these pull requests? Did I report anything you think isn’t right?
Are you unsure about how things are supposed to work?
There is a collection of frequently asked questions and while I’m just a bot, there is a group of people who are happy to teach me new things. Let them know.
This version contains a security fix, which is also breaking change if you have an insecure configuration.
We are releasing this breaking change as patch version to protect you from attacks.
Sorry if this breaks your setup, but the fix is easy.
We removed setting Access-Control-Allow-Origin to * be default. This allowed evil websites to access your assets.
Instead we ask you to set Access-Control-Allow-Origin manually to your host if required in your setup.
Use the headers option to do so.
With Integrationsfirst-class bot support landed on GitHub and we’ve rewritten Greenkeeper to take full advantage of it. Simpler setup, fewer pull-requests, faster than ever.
Screencast Try it today. Free for private repositories during beta.
Hello lovely humans,
webpack-dev-middleware just published its new version 1.10.2.
This version is covered by your current version range, but I could not detect automated tests for this project. Without a test suite I can not really tell whether your project still works.
I was looking at the latest commit of your default branch, but GitHub said there is no status attached to it.
Do you have any ideas how I could improve these pull requests? Did I report anything you think isn’t right? Are you unsure about how things are supposed to work?
There is a collection of frequently asked questions and while I’m just a bot, there is a group of people who are happy to teach me new things. Let them know.
Good luck with your project :sparkles:
You rock!
:palm_tree:
GitHub Release
Security fix:
This version contains a security fix, which is also breaking change if you have an insecure configuration.
We are releasing this breaking change as patch version to protect you from attacks.
Sorry if this breaks your setup, but the fix is easy.
We removed setting
Access-Control-Allow-Origin
to*
be default. This allowed evil websites to access your assets.Instead we ask you to set
Access-Control-Allow-Origin
manually to your host if required in your setup.Use the
headers
option to do so.Read more about CORS here: https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS
Bugfixes:
Access-Control-Allow-Origin
=*
defaultThe new version differs by 12 commits .
9b03d79
1.10.2
c59b3b3
Merge remote-tracking branch 'remotes/origin/add-node-7-travis'
626a35a
remove security risk
798b2f1
Avoid setting http status code explicitly (#175)
1e01626
adding node 7 to travis config (#185)
d986c2e
Merge pull request #176 from piperchester/patch-1
9b9ffee
fixing some number typos in the tests
d3dfe67
adding node 7 to travis config
0ce28c7
Fix link to Kees
bd6a593
use decodeURIComponent for getFilenameFromUrl final output (#173)
8e870fd
1.10.1
6c1b473
Fix files with non-ascii names not getting served
See the full diff.
Screencast
Try it today. Free for private repositories during beta.