vuejs/vue-cli
### [`v4.5.17`](https://togithub.com/vuejs/vue-cli/blob/HEAD/CHANGELOG.md#4517-2022-03-23)
[Compare Source](https://togithub.com/vuejs/vue-cli/compare/v4.5.16...v4.5.17)
##### :bug: Bug Fix
- `@vue/cli-shared-utils`, `@vue/cli-ui`
- [d7a9881](https://togithub.com/vuejs/vue-cli/commit/d7a9881) fix: replace `node-ipc` with `@achrinza/node-ipc` to further secure the dependency chain
##### Committers: 1
- Haoqun Jiang ([@sodatea](https://togithub.com/sodatea))
### [`v4.5.16`](https://togithub.com/vuejs/vue-cli/blob/HEAD/CHANGELOG.md#4516-2022-03-15)
[Compare Source](https://togithub.com/vuejs/vue-cli/compare/v4.5.15...v4.5.16)
##### :bug: Bug Fix
- `@vue/cli-service`
- Fix demo-lib.html and demo-wc.html for Vue 2
- `@vue/cli-shared-utils`, `@vue/cli-ui`
- Lock `node-ipc` to v9.2.1
### [`v4.5.15`](https://togithub.com/vuejs/vue-cli/blob/HEAD/CHANGELOG.md#4515-2021-10-28)
[Compare Source](https://togithub.com/vuejs/vue-cli/compare/v4.5.14...v4.5.15)
##### Bug Fixes
- fix: set `.mjs` file type to `javascript/auto` [\[15b1e1b\]](https://togithub.com/vuejs/vue-cli/commit/15b1e1b6bfa40fe0b69db304a2439c66ff9ba65f)
This change allows an `.mjs` file to import named exports from `.cjs` and plain `.js` files.
Fixes compatibility with `pinia`.
### [`v4.5.14`](https://togithub.com/vuejs/vue-cli/blob/HEAD/CHANGELOG.md#4514-2021-10-14)
[Compare Source](https://togithub.com/vuejs/vue-cli/compare/v4.5.13...v4.5.14)
##### Security Fixes
This version fixed a CORS vulnerability and an XSS vulnerability in Vue CLI UI.
We recommend all users of `vue ui` to upgrade to this version as soon as possible.
##### Credits:
Ngo Wei Lin ([@Creastery](https://twitter.com/creastery)) of STAR Labs ([@starlabs_sg](https://twitter.com/starlabs_sg))
Configuration
š Schedule: At any time (no schedule defined).
š¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
ā» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
š Ignore: Close this PR and you won't be reminded about this update again.
[ ] If you want to rebase/retry this PR, click this checkbox.
This PR contains the following updates:
4.5.13->4.5.17Release Notes
vuejs/vue-cli
### [`v4.5.17`](https://togithub.com/vuejs/vue-cli/blob/HEAD/CHANGELOG.md#4517-2022-03-23) [Compare Source](https://togithub.com/vuejs/vue-cli/compare/v4.5.16...v4.5.17) ##### :bug: Bug Fix - `@vue/cli-shared-utils`, `@vue/cli-ui` - [d7a9881](https://togithub.com/vuejs/vue-cli/commit/d7a9881) fix: replace `node-ipc` with `@achrinza/node-ipc` to further secure the dependency chain ##### Committers: 1 - Haoqun Jiang ([@sodatea](https://togithub.com/sodatea)) ### [`v4.5.16`](https://togithub.com/vuejs/vue-cli/blob/HEAD/CHANGELOG.md#4516-2022-03-15) [Compare Source](https://togithub.com/vuejs/vue-cli/compare/v4.5.15...v4.5.16) ##### :bug: Bug Fix - `@vue/cli-service` - Fix demo-lib.html and demo-wc.html for Vue 2 - `@vue/cli-shared-utils`, `@vue/cli-ui` - Lock `node-ipc` to v9.2.1 ### [`v4.5.15`](https://togithub.com/vuejs/vue-cli/blob/HEAD/CHANGELOG.md#4515-2021-10-28) [Compare Source](https://togithub.com/vuejs/vue-cli/compare/v4.5.14...v4.5.15) ##### Bug Fixes - fix: set `.mjs` file type to `javascript/auto` [\[15b1e1b\]](https://togithub.com/vuejs/vue-cli/commit/15b1e1b6bfa40fe0b69db304a2439c66ff9ba65f) This change allows an `.mjs` file to import named exports from `.cjs` and plain `.js` files. Fixes compatibility with `pinia`. ### [`v4.5.14`](https://togithub.com/vuejs/vue-cli/blob/HEAD/CHANGELOG.md#4514-2021-10-14) [Compare Source](https://togithub.com/vuejs/vue-cli/compare/v4.5.13...v4.5.14) ##### Security Fixes This version fixed a CORS vulnerability and an XSS vulnerability in Vue CLI UI. We recommend all users of `vue ui` to upgrade to this version as soon as possible. ##### Credits: Ngo Wei Lin ([@Creastery](https://twitter.com/creastery)) of STAR Labs ([@starlabs_sg](https://twitter.com/starlabs_sg))Configuration
š Schedule: At any time (no schedule defined).
š¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
ā» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
š Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by WhiteSource Renovate. View repository job log here.