Skip to content

[pull] master from vuejs:master #81

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 130 commits into
base: master
Choose a base branch
from
Open

[pull] master from vuejs:master #81

wants to merge 130 commits into from

Conversation

pull[bot]
Copy link

@pull pull bot commented Jan 6, 2021
edited
Loading

See Commits and Changes for more details.

Created by pull[bot] (v2.0.0-alpha.1)

Can you help keep this open source service alive? 💖 Please sponsor : )

@dependabot-preview @meteorlxy
chore(deps-dev): bump textlint-rule-stop-words from 1.0.17 to 2.0.8
80c1355 
Bumps [textlint-rule-stop-words](https://github.com/sapegin/textlint-rule-stop-words) from 1.0.17 to 2.0.8.
- [Release notes](https://github.com/sapegin/textlint-rule-stop-words/releases)
- [Commits](sapegin/textlint-rule-stop-words@v1.0.17...v2.0.8)

Signed-off-by: dependabot-preview[bot] <[email protected]>
@dependabot-preview @meteorlxy
fix(deps): bump autoprefixer from 9.6.1 to 9.8.6
775b3de 
Bumps [autoprefixer](https://github.com/postcss/autoprefixer) from 9.6.1 to 9.8.6.
- [Release notes](https://github.com/postcss/autoprefixer/releases)
- [Changelog](https://github.com/postcss/autoprefixer/blob/master/CHANGELOG.md)
- [Commits](postcss/autoprefixer@9.6.1...9.8.6)

Signed-off-by: dependabot-preview[bot] <[email protected]>
@dependabot-preview @meteorlxy
fix(deps): [security] bump ini from 1.3.5 to 1.3.8
aeb8dce 
Bumps [ini](https://github.com/isaacs/ini) from 1.3.5 to 1.3.8. **This update includes security fixes.**
- [Release notes](https://github.com/isaacs/ini/releases)
- [Commits](npm/ini@v1.3.5...v1.3.8)

Signed-off-by: dependabot-preview[bot] <[email protected]>
@dependabot-preview @meteorlxy
chore(deps-dev): bump remark-cli from 7.0.0 to 9.0.0
77c63d0 
Bumps [remark-cli](https://github.com/remarkjs/remark) from 7.0.0 to 9.0.0.
- [Release notes](https://github.com/remarkjs/remark/releases)
- [Changelog](https://github.com/remarkjs/remark/blob/main/changelog.md)
- [Commits](https://github.com/remarkjs/remark/compare/[email protected]@9.0.0)

Signed-off-by: dependabot-preview[bot] <[email protected]>
@pull pull bot added ⤵️ pull merge-conflict Resolve conflicts manually labels Jan 6, 2021
dependabot-preview bot and others added 5 commits January 19, 2021 23:48
@dependabot-preview @meteorlxy
fix(deps): bump vue from 2.6.10 to 2.6.12
830dd4c 
Bumps [vue](https://github.com/vuejs/vue) from 2.6.10 to 2.6.12.
- [Release notes](https://github.com/vuejs/vue/releases)
- [Commits](vuejs/vue@v2.6.10...v2.6.12)

Signed-off-by: dependabot-preview[bot] <[email protected]>
@meteorlxy
docs: add version filter for algolia search
4893b41
@meteorlxy
fix($theme-default): override algoliaOptions correctly
ba89f39
@meteorlxy
build: bump vue-server-renderer from 2.6.10 to 2.6.12
50388d9
@d-pollard
fix($core): component CodeGroup loads correctly on clientfix #2711 (#…
51277f8 
…2794)

* fix($core): wrap code group in ClientOnly

* fix($core): component CodeGroup loads correctly on client

* fix($core): component CodeGroup loads correctly on client

* fix($core): activate codetabs whenever we update the arr
@guardrails
Copy link

guardrails bot commented Feb 10, 2021
edited
Loading

⚠️ We detected security issues in this pull request:
Mode: paranoid | Total findings: 84 | Considered vulnerability: 0

Hard-Coded Secrets (4)

vuepress/packages/@vuepress/shared-utils/__tests__/slugify.spec.ts

Line 23 in 11eed0f

'ABCDEFGHIJKLMNOPQRSTUVWXYZé': 'abcdefghijklmnopqrstuvwxyze'

vuepress/packages/docs/docs/.vuepress/config.js

Line 35 in 11eed0f

apiKey: '3a539aab83105f01761a137c61004d85',

vuepress/packages/docs/docs/theme/default-theme-config.md

Line 395 in 11eed0f

apiKey: '<API_KEY>',

vuepress/packages/docs/docs/zh/theme/default-theme-config.md

Line 387 in 11eed0f

apiKey: '<API_KEY>',

More info on how to fix Hard-Coded Secrets in General.

Insecure File Management (54)

vuepress/packages/@vuepress/core/lib/node/App.js

Line 45 in 11eed0f

if (!fs.existsSync(this.sourceDir)) {

vuepress/packages/@vuepress/core/lib/node/App.js

Line 392 in 11eed0f

if (fs.existsSync(current)) {

vuepress/packages/@vuepress/core/lib/node/App.js

Line 397 in 11eed0f

if (fs.existsSync(parent)) {

vuepress/packages/@vuepress/core/lib/node/Page.js

Line 96 in 11eed0f

this._content = await fs.readFile(this._filePath, 'utf-8')

vuepress/packages/@vuepress/core/lib/node/__tests__/prepare/App.spec.js

Line 5 in 11eed0f

const docsModeNames = fs.readdirSync(docsBaseDir)

vuepress/packages/@vuepress/core/lib/node/__tests__/prepare/util.js

Line 15 in 11eed0f

const readFile = async filePath => await fs.readFile(filePath, 'utf-8')

vuepress/packages/@vuepress/core/lib/node/build/index.js

Line 76 in 11eed0f

template: await fs.readFile(this.context.ssrTemplate, 'utf-8')

vuepress/packages/@vuepress/core/lib/node/build/index.js

Line 158 in 11eed0f

await fs.writeFile(filePath, html)

vuepress/packages/@vuepress/core/lib/node/build/index.js

Line 237 in 11eed0f

const styleChunkContent = await fs.readFile(styleChunkPath, 'utf-8')

vuepress/packages/@vuepress/core/lib/node/build/index.js

Line 245 in 11eed0f

const appChunkContent = await fs.readFile(appChunkPath, 'utf-8')

vuepress/packages/@vuepress/core/lib/node/build/index.js

Line 246 in 11eed0f

await fs.writeFile(appChunkPath, styleChunkContent + appChunkContent)

vuepress/packages/@vuepress/core/lib/node/createTemp.js

Line 30 in 11eed0f

if (!fs.existsSync(tempPath)) {

vuepress/packages/@vuepress/core/lib/node/createTemp.js

Line 46 in 11eed0f

await fs.writeFile(destPath, content)

vuepress/packages/@vuepress/core/lib/node/dev/index.js

Line 69 in 11eed0f

this.pagesWatcher = chokidar.watch([

vuepress/packages/@vuepress/core/lib/node/dev/index.js

Line 98 in 11eed0f

this.configWatcher = chokidar.watch(this.watchFiles, {

vuepress/packages/@vuepress/core/lib/node/dev/index.js

Line 228 in 11eed0f

if (fs.existsSync(contentBase)) {

vuepress/packages/@vuepress/core/lib/node/internal-plugins/palette/index.js

Line 26 in 11eed0f

const themePaletteContent = fs.existsSync(themePalette)

vuepress/packages/@vuepress/core/lib/node/internal-plugins/palette/index.js

Line 30 in 11eed0f

const userPaletteContent = fs.existsSync(userPalette)

vuepress/packages/@vuepress/core/lib/node/internal-plugins/palette/index.js

Line 44 in 11eed0f

const parentThemePaletteContent = fs.existsSync(parentThemePalette)

vuepress/packages/@vuepress/core/lib/node/internal-plugins/style/index.js

Line 16 in 11eed0f

const hasUserOverride = fs.existsSync(overridePath)

vuepress/packages/@vuepress/core/lib/node/internal-plugins/style/index.js

Line 25 in 11eed0f

const themeStyleContent = fs.existsSync(themeStyle)

vuepress/packages/@vuepress/core/lib/node/internal-plugins/style/index.js

Line 29 in 11eed0f

const userStyleContent = fs.existsSync(userStyle)

vuepress/packages/@vuepress/core/lib/node/internal-plugins/style/index.js

Line 43 in 11eed0f

const parentThemeStyleContent = fs.existsSync(parentThemeStyle)

vuepress/packages/@vuepress/core/lib/node/internal-plugins/transformModule.js

Line 19 in 11eed0f

let content = await fs.readFile(file, 'utf-8')

vuepress/packages/@vuepress/core/lib/node/loadConfig.js

Line 26 in 11eed0f

if (fs.existsSync(configYmlPath)) {

vuepress/packages/@vuepress/core/lib/node/loadConfig.js

Line 28 in 11eed0f

} else if (fs.existsSync(configTomlPath)) {

vuepress/packages/@vuepress/core/lib/node/loadConfig.js

Line 30 in 11eed0f

} else if (fs.existsSync(configPath)) {

vuepress/packages/@vuepress/core/lib/node/loadConfig.js

Line 38 in 11eed0f

const content = fs.readFileSync(file, 'utf-8')

vuepress/packages/@vuepress/core/lib/node/loadTheme.js

Line 88 in 11eed0f

&& !fs.existsSync(theme)

vuepress/packages/@vuepress/core/lib/node/loadTheme.js

Line 89 in 11eed0f

&& fs.existsSync(localThemePath)

vuepress/packages/@vuepress/core/lib/node/loadTheme.js

Line 90 in 11eed0f

&& fs.readdirSync(localThemePath).length > 0

vuepress/packages/@vuepress/core/lib/node/plugin-api/override/EnhanceAppFilesOption.js

Line 53 in 11eed0f

if (fs.existsSync(enhanceAppFile)) {

vuepress/packages/@vuepress/core/lib/node/plugin-api/override/EnhanceAppFilesOption.js

Line 54 in 11eed0f

const content = await fs.readFile(enhanceAppFile, 'utf-8')

vuepress/packages/@vuepress/core/lib/node/theme-api/index.js

Line 6 in 11eed0f

const readdirSync = dir => (fs.existsSync(dir) && fs.readdirSync(dir)) || []

vuepress/packages/@vuepress/core/lib/node/webpack/createServerConfig.js

Line 40 in 11eed0f

if (fs.existsSync(publicDir)) {

vuepress/packages/@vuepress/markdown-loader/index.js

Line 100 in 11eed0f

if (!fs.existsSync(file) && (!altfile || !fs.existsSync(altfile))) {

vuepress/packages/@vuepress/markdown/lib/snippet.js

Line 84 in 11eed0f

const isAFile = fs.lstatSync(src).isFile()

vuepress/packages/@vuepress/markdown/lib/snippet.js

Line 85 in 11eed0f

if (fs.existsSync(src) && isAFile) {

vuepress/packages/@vuepress/markdown/lib/snippet.js

Line 86 in 11eed0f

let content = fs.readFileSync(src, 'utf8')

vuepress/packages/@vuepress/plugin-pwa/index.js

Line 39 in 11eed0f

await fs.writeFile(

vuepress/packages/@vuepress/plugin-pwa/index.js

Line 41 in 11eed0f

await fs.readFile(path.resolve(__dirname, 'lib/skip-waiting.js'), 'utf8'),

vuepress/packages/@vuepress/plugin-register-components/index.js

Line 8 in 11eed0f

if (!fs.existsSync(componentDir)) {

vuepress/packages/@vuepress/shared-utils/scripts/update-index.js

Line 7 in 11eed0f

const modules = fs.readdirSync(source)

vuepress/packages/@vuepress/shared-utils/scripts/update-index.js

Line 33 in 11eed0f

fs.writeFileSync(target, code, 'utf-8')

vuepress/packages/@vuepress/test-utils/lib/getFragment.js

Line 12 in 11eed0f

content = fs.readFileSync(target, 'utf-8')

vuepress/packages/@vuepress/test-utils/lib/getFragments.js

Line 5 in 11eed0f

const names = fs.readdirSync(path.join(dirname, fragmentsDir))

vuepress/scripts/bootstrap.js

Line 8 in 11eed0f

const files = fs.readdirSync(packagesDir)

vuepress/scripts/bootstrap.js

Line 19 in 11eed0f

if (!fs.existsSync(pkgPath)) {

vuepress/scripts/bootstrap.js

Line 45 in 11eed0f

fs.writeFileSync(pkgPath, JSON.stringify(json, null, 2))

vuepress/scripts/bootstrap.js

Line 49 in 11eed0f

if (!fs.existsSync(readmePath)) {

vuepress/scripts/bootstrap.js

Line 50 in 11eed0f

fs.writeFileSync(readmePath, `# @vuepress/${pkg}\n\n> ${desc}`)

vuepress/scripts/bootstrap.js

Line 54 in 11eed0f

if (!fs.existsSync(npmIgnorePath)) {

vuepress/scripts/bootstrap.js

Line 55 in 11eed0f

fs.writeFileSync(npmIgnorePath, `__tests__\n__mocks__`)

vuepress/packages/@vuepress/shared-utils/src/fallback.ts

Line 4 in 11eed0f

for (const file of files) {

More info on how to fix Insecure File Management in Javascript and Typescript.

Insecure Use of Dangerous Function (6)

vuepress/packages/@vuepress/core/lib/node/build/index.js

Line 55 in 11eed0f

const serverBundle = require(path.resolve(this.outDir, 'manifest/server.json'))

vuepress/packages/@vuepress/core/lib/node/build/index.js

Line 56 in 11eed0f

const clientManifest = require(path.resolve(this.outDir, 'manifest/client.json'))

vuepress/packages/@vuepress/core/lib/node/loadConfig.js

Line 31 in 11eed0f

siteConfig = require(configPath)

vuepress/packages/@vuepress/shared-utils/__tests__/moduleResolver.spec.ts

Line 19 in 11eed0f

function loadMockModule (name: string) {

vuepress/packages/@vuepress/shared-utils/src/moduleLoader.ts

Line 68 in 11eed0f

}

vuepress/packages/@vuepress/shared-utils/src/moduleResolver.ts

Line 170 in 11eed0f

try {

More info on how to fix Insecure Use of Dangerous Function in Javascript and Typescript.

Insecure Use of Regular Expressions (13)

vuepress/packages/@vuepress/core/lib/node/util/index.js

Line 54 in 11eed0f

const DATE_RE = /(\d{4}-\d{1,2}(-\d{1,2})?)-(.*)/

vuepress/packages/@vuepress/core/lib/node/webpack/ClientPlugin.js

Line 5 in 11eed0f

var isJS = function (file) { return /\.js(\?[^.]+)?$/.test(file) }

vuepress/packages/@vuepress/core/lib/node/webpack/ClientPlugin.js

Line 7 in 11eed0f

var isCSS = function (file) { return /\.css(\?[^.]+)?$/.test(file) }

vuepress/packages/@vuepress/core/lib/node/webpack/createBaseConfig.js

Line 193 in 11eed0f

.test(/\.(png|jpe?g|gif)(\?.*)?$/)

vuepress/packages/@vuepress/core/lib/node/webpack/createBaseConfig.js

Line 205 in 11eed0f

.test(/\.(svg)(\?.*)?$/)

vuepress/packages/@vuepress/core/lib/node/webpack/createBaseConfig.js

Line 214 in 11eed0f

.test(/\.(mp4|webm|ogg|mp3|wav|flac|aac)(\?.*)?$/)

vuepress/packages/@vuepress/core/lib/node/webpack/createBaseConfig.js

Line 224 in 11eed0f

.test(/\.(woff2?|eot|ttf|otf)(\?.*)?$/i)

vuepress/packages/@vuepress/markdown/lib/component.js

Line 19 in 11eed0f

[new RegExp('^</?(' + blockNames.join('|') + ')(?=(\\s|/?>|$))', 'i'), /^$/, true],

vuepress/packages/@vuepress/markdown/lib/component.js

Line 20 in 11eed0f

[new RegExp(HTML_OPEN_CLOSE_TAG_RE.source + '\\s*$'), /^$/, false]

vuepress/packages/@vuepress/markdown/lib/link.js

Line 21 in 11eed0f

const isSourceLink = /(\/|\.md|\.html)(#.*)?$/.test(href)

vuepress/packages/@vuepress/markdown/lib/snippet.js

Line 22 in 11eed0f

new RegExp(`^[ \t]{${minIndentLength}}(.*)`, 'gm'),

vuepress/packages/@vuepress/markdown/lib/snippet.js

Line 140 in 11eed0f

const rawPathRegexp = /^(.+?(?:\.([a-z]+))?)(?:(#[\w-]+))?(?: ?({\d+(?:[,-]\d+)*}))?$/

vuepress/packages/@vuepress/plugin-search/match-query.js

Line 32 in 11eed0f

const searchRegex = new RegExp(

More info on how to fix Insecure Use of Regular Expressions in Javascript.

Insecure Access Control (1)

vuepress/packages/@vuepress/shared-utils/src/logger.ts

Line 92 in 11eed0f

}

More info on how to fix Insecure Access Control in Typescript.

Insecure Processing of Data (6)

vuepress/packages/@vuepress/core/lib/client/index.ssr.html

Line 8 in 11eed0f

{{{ userHeadTags }}}

vuepress/packages/@vuepress/core/lib/client/index.ssr.html

Line 9 in 11eed0f

{{{ pageMeta }}}

vuepress/packages/@vuepress/core/lib/client/index.ssr.html

Line 10 in 11eed0f

{{{ canonicalLink }}}

vuepress/packages/@vuepress/core/lib/client/index.ssr.html

Line 11 in 11eed0f

{{{ renderResourceHints() }}}

vuepress/packages/@vuepress/core/lib/client/index.ssr.html

Line 12 in 11eed0f

{{{ renderStyles() }}}

vuepress/packages/@vuepress/core/lib/client/index.ssr.html

Line 16 in 11eed0f

{{{ renderScripts() }}}

More info on how to fix Insecure Processing of Data in Javascript.

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

bencodezen and others added 18 commits February 11, 2021 09:12
@bencodezen
build: release version 1.8.1
84649fb
@bencodezen
chore: version 1.8.1 changelog
3e1f5d8
@hong4rc
refactor($core): use some instead of filter when checking route e…
1aceca1 
…xistence (#2751)
@adam0x01
docs: fix broken link for out-of-box plugin references (#2797)
ce85580
@gtn1024
docs($zh): translate register plugin description (#2788)
843c943
@sshine
docs: fix typo in Custom Page Class of default theme config (#2725)
f23028e 
remove first slash in `./vuepress/styles/index.styl`
docs($zh): update custom page class for default theme config (#2719)
e79c8b7
@echojoshchen
fix($default-theme): sidebar groups are not opened when directly navi…
3ab9fca 
…gating to these pages (fix #2564) (#2565)
@mitjat
fix($markdown): support path without file extension when importing co…
bb4ae4e 
…de snippets (#2677)
@billyyyyy3320
build: release version 1.8.2
11eed0f
@billyyyyy3320
chore: version 1.8.2 changelog
38e9863
fix($core): escape meta tags correctly (fix #2831) (#2832)
b877b3b 
Fixes #2831
@bencodezen @meteorlxy
docs: remove sponsor
5a15b1a
@meteorlxy
docs: add version navigation
f74a6ec
@waldyrious
docs: improve getting started guide (#2710)
f077f71 
Co-authored-by: Waldir Pimenta <[email protected]>
@ulivz
docs: clean all invalid links (close #2955) (#2956)
dceb2fe
@yyx990803
update readme
1c20094
@ulivz
docs: remove beta state for theme inheritance
aef643d
bencodezen and others added 30 commits February 17, 2022 09:20
@bencodezen
docs: update readme team members
89440ce
@Force1ess
docs: fix deploy.md (#3060)
99294be
@ivancheban
docs: fix clean-urls link (#3032)
d2f5b07 
Fixed clean-urls link.
@rojvv
chore: add missing space (#3030)
a048ef0
@peterroe
chore: replace zh-cn (#3014)
d692cc8
@ThorNissen
chore: fix dead Algolia DocSearch links (#3097)
f6430ac
@ulivz
fix(cli): .vuepress/config.ts does not respect custom command (close:
7cd8b30 
#3113) (#3114)
@ulivz
build: release version 1.9.8
cb87096
@ulivz
chore(all): 1.9.8 changelog
1dee30f
@niknetniko
fix: remove non-existing :blur css pseudo selector (#3118)
5e3a5a0 
There is no `:blur` CSS pseudo selector, meaning this generates invalid CSS.
@ulivz
fix(types): missing types for nested sidebar group (close: #3127) (#3128
74d5eec 
)

Currently we are allowed to config nested sub group<sup>[1]</sup>, but the types are missing:

[1] https://vuepress.vuejs.org/theme/default-theme-config.html#sidebar-groups
@ulivz
chore: using export default at config.ts
970526f 
Current `target` is `es2018`, using `export =` (export assignment) will trigger `ts(1203)`<sub>1</sub> error:

    Export assignment cannot be used when targeting ECMAScript modules.
    Consider using 'export default' or another module format instead.

[1] https://github.com/microsoft/TypeScript/blob/e9868e96e87996df46a13b4323866acc639e71ce/src/compiler/diagnosticMessages.json#L634
@ulivz
fix(types): missing types for initialOpenGroupIndex (close: #3129) (#…
9049d48 
…3130)
@ulivz
chore(types): allow algolia to be null
5895594
@Michael18811380328
docs: update typescript-as-config.md (#3101)
5b74b51
@neuralpain
chore: fixed broken anchor tag (#3081)
dacb7a8 
Fixed a fixed broken anchor tag at README:

  - anchor tag for downloads counter/shield only had closing tag
  - added `<a href="#">` at beginning for non-clickable
@evinma
docs: duplicate text (#2803)
af79757
@ramiy
fix(theme-default): headings anchor should not be selectable (#3063)
e5915a8 
Currently, when users select the page content to copy & paste the text, it also selects the headings # anchors. This PR removes the headings anchor-selection by defining the anchors as not selectable (user-select: none;).
@ulivz
build: release version 1.9.9
f1cbdb6
@ulivz
chore(all): 1.9.9 changelog
8f48b69
@ulivz
chore: changelog
6343a8c
@ulivz
workflow: using monoo
df1fc26
@ulivz
docs: tweak zh/guide/typescript-as-config.md
9044f14
@spencerHT
fix(markdown): replace double quotation marks in classname(fix #3152) (
cef64e6 
…#3154)

Co-authored-by: xuze <[email protected]>
@LooseLi @loose-li
docs: fix a typo in the palette in the faq documentation (#3143)
3bcd4d0 
* docs: fix a typo in the palette in the faq documentation

* Revert "docs: fix a typo in the palette in the faq documentation"

This reverts commit e89d6b5.

* docs: fix a typo in the palette in the faq documentation

---------

Co-authored-by: loose.li <[email protected]>
@Lete114
docs: Wrong "comma" position in the Algolia configuration sample code (
355e73a 
…#3016)
@ulivz
fix(core): failed to resolve theme components when using theme inheri…
546499b 
…tance (close: #3163) (#3164)
@ulivz
build: release version 1.9.10
a3e4bba
@ulivz
chore(all): 1.9.10 changelog
087f8a1
@meteorlxy
docs: update project status
9fb4bb0
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
⤵️ pull merge-conflict Resolve conflicts manually
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.