search

aklinker1 / vite-plugin-web-extension

Vite plugin for developing Chrome/Web Extensions
https://vite-plugin-web-extension.aklinker1.io/
MIT License
537 stars 46 forks source link

Support for Vite 5.0 #149

Closed danielptv closed 7 months ago

danielptv commented 7 months ago

Summary

The plugin does not work with the newly released Vite 5.0. It would be great if you could adapt the plugin accordingly.

Reproduction

Upgrade vite to version 5.0 and execute npm run build.

Environment

 System:
    OS: Windows 11 10.0.22621
    CPU: (16) x64 AMD Ryzen 7 5800H with Radeon Graphics
    Memory: 412.93 MB / 13.86 GB
  Binaries:
    Node: 21.2.0 - C:\Program Files\nodejs\node.EXE
    npm: 10.2.4 - C:\User\npm-config\npm.CMD
  Browsers:
    Edge: Chromium (119.0.2151.72)
    Internet Explorer: 11.0.22621.1
aklinker1 commented 7 months ago

I started looking into vite 5 yesterday, I'll be adding support soon!

aklinker1 commented 7 months ago

@danielptv I released a new version for testing. Could you try it out with your extension and let me know if it works or not? Just follow Vite's 5.0 migration, you shouldn't have to do anything else for this plugin.

npm i -D vite-plugin-web-extension@next

I've fixed several edge-cases, but might have missed some, and would appreciate it if you or anyone else gave it a go.

danielptv commented 7 months ago

@aklinker1 thank you for your efforts and the quick implementation. I have migrated my extension and was able to successfully test it using vite-plugin-web-extension@next and vite@5.0.2. Feel free to check out my corresponding PR.

Note: My extension uses Vue and the Chrome API (not web-ext).

One last request: If possible, could you update the dependencies so that npm audit successfully passes? Current output of npm audit:

# npm audit report

postcss  <8.4.31
Severity: moderate
PostCSS line return parsing error - https://github.com/advisories/GHSA-7fh5-64p2-3v2j
No fix available
node_modules/addons-linter/node_modules/postcss
  addons-linter  <=6.14.0
  Depends on vulnerable versions of postcss
  node_modules/addons-linter
    web-ext  >=1.0.0
    Depends on vulnerable versions of addons-linter
    Depends on vulnerable versions of sign-addon
    node_modules/web-ext
      vite-plugin-web-extension  *
      Depends on vulnerable versions of web-ext
      node_modules/vite-plugin-web-extension

request  *
Severity: moderate
Server-Side Request Forgery in Request - https://github.com/advisories/GHSA-p8p7-x288-28g6
Depends on vulnerable versions of tough-cookie
No fix available
node_modules/request
  sign-addon  *
  Depends on vulnerable versions of request
  node_modules/sign-addon

tough-cookie  <4.1.3
Severity: moderate
tough-cookie Prototype Pollution vulnerability - https://github.com/advisories/GHSA-72xf-g2v4-qvf3
No fix available
node_modules/tough-cookie

7 moderate severity vulnerabilities

Some issues need review, and may require choosing
a different dependency.
aklinker1 commented 7 months ago

I've created a separate issue, #152, for the security vulnerabilities.

aklinker1 commented 7 months ago

Released in v4.0.0