Added support for Private Network Access. To enable, set the --cors.private-network-access flag.
v5.1.0
New features since v5.0.0
Support extended back to Node.js v12.20
This is because support for exports, conditional exports and exports patterns have been retro-fitted back to v12 (see the Package module history)
Upgrade notes
Users of Node.js v12.20 and above may now use local-web-server (previously, you needed a minimum of node v14). There are no further changes.
v5.0.0
This is a refresher release - there are no functional or behavioural changes to the web server itself.
Breaking changes since v4.2.1
Dropped support for Node.js < v14
Dropped support for CommonJS in general
Dropped support for plugin prefixes
Previously, you could omit the lws- in plugin names, (i.e. you could use --stack static instead of --stack lws-static). This was ambigious and introduced the risk of incorrectly loading a module named static, if it existed.
Several of the API methods have changed from sync to async, most importantly the Lws.create method. You now need to await the result.
const lws = await Lws.create()
New feature
The default config file lws.config.js may now also be named lws.config.mjs or lws.config.cjs if preferred.
Other improvements
All source code converted from CommonJS to ECMAScript modules.
All dependencies upgraded.
Upgrade notes
If you previously used shortened plugin names (e.g. --stack static) please use the full name (e.g. --stack lws-static)
If you launch a server using Lws.create you must now await the result.
Lws can now only be used programmatically from ECMAScript modules - you must use import to load the library.
v4.2.0
New features since v4.1.0
Added a command-line tool to help develop and debug --rewrite rules. This greatly speeds up the development of custom rewrites. Full documentation here.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/macchina-io/macchina.io/network/alerts).
Bumps @koa/cors to 5.0.0 and updates ancestor dependency local-web-server. These dependencies need to be updated together.
Updates
@koa/cors
from 2.2.2 to 5.0.0Changelog
Sourced from
@koa/cors
's changelog.... (truncated)
Commits
c33bd69
Release 5.0.0f31dac9
Merge pull request from GHSA-qxrj-hx23-xp820f3f948
Release 4.0.0d19090f
refactor: [BREAKING] drop node 8, 10, 12 support (#88)7358ab3
fix: Calling all options even if origin header is not present (#87)b49b085
Release 3.4.3208b86c
Revert "fix: Calling all options even if origin header is not present (#87)"d5456f7
Release 3.4.22e8da5b
fix: Calling all options even if origin header is not present (#87)ea0ca7b
Release 3.4.1Updates
local-web-server
from 2.6.0 to 5.3.1Release notes
Sourced from local-web-server's releases.
... (truncated)
Commits
9f45cc4
5.3.11f30517
upgrade@koa/cors
to address security advisory88839a0
5.3.0c5750e6
add --cors.private-network-access optione94cea0
add node v19 to CI1afdc57
5.2.13a01457
upgrade deps to fix a couple of issues introduced by node v185e6580c
5.2.09f9fb49
add node v17 to CI25c2d74
lws-cors: support 'Cross-Origin-Opener-Policy' and 'Cross-Origin-Embedder-Pol...Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show