Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Version Packages #51

Merged
merged 1 commit into from
Jul 24, 2022
Merged

Version Packages #51

merged 1 commit into from
Jul 24, 2022

Conversation

github-actions[bot]
Copy link
Contributor

@github-actions github-actions bot commented Jul 24, 2022
edited
Loading

This PR was opened by the Changesets release GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated.

Releases

@next-safe/middleware@0.9.0

Minor Changes

  • #47 071f993 Thanks @nibtime! - provide gsspWithNonceAppliedToCsp and gipWithNonceAppliedToCsp wrappers to inject nonce into pages with getServerSideProps / getInitialProps.

    BREAKING CHANGE: nonce doesn't get applied to CSP automatically anymore. This extra step is neccessary
    as there is no longer a way of reliably do that with Next 12.2.

    BREAKING CHANGE: drop enhanceAppWithNonce, it's no longer needed as nonce is injected though getServerSideProps of routes/pages now. That's actually a good thing, because customizing renderPage is discouranged

  • #47 f9ecbe3 Thanks @nibtime! - 💥 changes to ChainableMiddleware decrease resource utilization (fixes #45)

    • new MiddlewareChainContext interface

    perf: decrease CPU utilization

    • use ctx.cache.get and ctx.cache.set for caching CSP in middleware chain (no serialize/deserialize)
    • write to repsonse only once from chain cache at the end
    • remove unnecessary some double ops

    perf: decrease deployed size

    • use new built-in userAgent from next/server

    BREAKING CHANGE: supports only Stable middleware from now on (needs next >= 12.2, as is specified in peerDeps)

    BREAKING CHANGE: replace ua-parser-js with userAgent from next/server available since 12.2

    BREAKING CHANGE: ChainableMiddleware with (ctx: MiddlewareChainContext) as 3rd parameter.

    BREAKING CHANGE: turn positional params into named params for Configinitializer

Patch Changes

  • #47 f9ecbe3 Thanks @nibtime! - fix(document): use any type (children and return value) for components of provideComponents(fixes #46)

  • #47 071f993 Thanks @nibtime! - fix(document): support new script insertion behavior

    • handle getPreloadDynamicChunks and getPreloadMainLinks in <Head>
    • hash beforeInteractiveInlineScripts in <Head>
    • handle scripts also in drop-in component for <NextScript>
    • trustify scripts in initialProps.head

  • #47 071f993 Thanks @nibtime! - fix(document): prevent application of nonce in production builds (fixes #49)

  • #47 f9ecbe3 Thanks @nibtime! - provide base logical operators for chain matchers (request predicates): matchNot, matchAnd, matchOr

  • #47 071f993 Thanks @nibtime! - fix(strictDynamic): exclude Safari from Hash-based Strict CSP

  • #47 071f993 Thanks @nibtime! - fix: consider basePath from next.config.js for writing and fetching hashes (fixes #48)

  • #47 f9ecbe3 Thanks @nibtime! - fix: better isPageRequest matcher

    • exclude only basepaths /_next and /api
    • exclude all paths with file endings
    • exclude isPreviewModeRequest and isNextJsDataRequest (new matchers)

  • #47 071f993 Thanks @nibtime! - perf(middleware): telemetry wrapper to log basic measurements and infos from middleware execution

  • #47 f9ecbe3 Thanks @nibtime! - fix(csp): handle boolean directives correctly

docs@0.1.0

Minor Changes

Patch Changes

e2e@0.6.1

Patch Changes

@vercel
Copy link

vercel bot commented Jul 24, 2022
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Updated
docs-next-safe-middleware ✅ Ready (Inspect) Visit Preview Jul 24, 2022 at 2:56AM (UTC)
e2e-next-safe-middleware ✅ Ready (Inspect) Visit Preview Jul 24, 2022 at 2:56AM (UTC)

@github-actions github-actions bot force-pushed the changeset-release/main branch from 0b2b0dd to 82c84d1 Compare July 24, 2022 02:51
@nibtime nibtime closed this Jul 24, 2022
@nibtime nibtime force-pushed the changeset-release/main branch from 82c84d1 to f501354 Compare July 24, 2022 02:56
@nibtime nibtime reopened this Jul 24, 2022
@nibtime nibtime closed this Jul 24, 2022
@nibtime nibtime force-pushed the changeset-release/main branch from 82c84d1 to f501354 Compare July 24, 2022 03:16
@nibtime nibtime reopened this Jul 24, 2022
@nibtime nibtime merged commit d660b41 into main Jul 24, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
1 participant
@nibtime