Skip to content

[pull] dev from vuejs:dev#26

Open
pull[bot] wants to merge 304 commits intoturkdevops:devfrom
vuejs:dev
Open

[pull] dev from vuejs:dev#26
pull[bot] wants to merge 304 commits intoturkdevops:devfrom
vuejs:dev

Conversation

@pull
Copy link

@pull pull bot commented Feb 3, 2021
edited
Loading

See Commits and Changes for more details.

Created by pull[bot] (v2.0.0-alpha.4)

Can you help keep this open source service alive? 💖 Please sponsor : )

@pull pull bot added the ⤵️ pull label Feb 3, 2021
@guardrails
Copy link

guardrails bot commented Feb 3, 2021
edited
Loading

⚠️ We detected 285 security issues in this pull request:
Mode: paranoid | Total findings: 285 | Considered vulnerability: 2

Hard-Coded Secrets (5)

vue-cli/docs/.vuepress/config.js

Line 58 in 2d3116e

apiKey: 'f6df220f7d246aff64a56300b7f19f21',

vue-cli/docs/ru/guide/browser-compatibility.md

Line 77 in 2d3116e

Content-Security-Policy: script-src 'self' 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI='

vue-cli/docs/zh/guide/mode-and-env.md

Line 106 in 2d3116e

在构建过程中,`process.env.VUE_APP_SECRET` 将会被相应的值所取代。在 `VUE_APP_SECRET=secret` 的情况下,它会被替换为 `"secret"`

vue-cli/packages/@vue/cli-ui/src/components/dependency/NpmPackageSearch.vue

Line 6 in 2d3116e

api-key="db283631f89b5b8a10707311f911fd00"

vue-cli/packages/@vue/cli-ui/src/components/prompt/PromptsList.vue

Line 33 in 2d3116e

password: 'input'

More info on how to fix Hard-Coded Secrets in General.

Insecure Use of Regular Expressions (31)

vue-cli/packages/@vue/babel-preset-app/__tests__/babel-preset.spec.js

Line 12 in 2d3116e

return new RegExp(`"${['.*node_modules', 'core-js', 'modules', mod].join(`[\\${path.sep}]+`)}`)

vue-cli/packages/@vue/cli-plugin-babel/index.js

Line 18 in 2d3116e

return deps.length ? new RegExp(deps.join('|')) : null

vue-cli/packages/@vue/cli-plugin-e2e-cypress/index.js

Line 58 in 2d3116e

const matchRE = new RegExp(`^--${argToRemove}$`)

vue-cli/packages/@vue/cli-plugin-e2e-cypress/index.js

Line 59 in 2d3116e

const equalRE = new RegExp(`^--${argToRemove}=`)

vue-cli/packages/@vue/cli-plugin-e2e-nightwatch/index.js

Line 174 in 2d3116e

const matchRE = new RegExp(`^--${argToRemove}`)

vue-cli/packages/@vue/cli-plugin-e2e-nightwatch/index.js

Line 175 in 2d3116e

const equalRE = new RegExp(`^--${argToRemove}=`)

vue-cli/packages/@vue/cli-service/lib/commands/build/setPublicPath.js

Line 16 in 2d3116e

var src = currentScript && currentScript.src.match(/(.+\/)[^/]+\.js(\?.*)?$/)

vue-cli/packages/@vue/cli-service/lib/commands/serve.js

Line 375 in 2d3116e

from: new RegExp(`^/${name}`),

vue-cli/packages/@vue/cli-service/lib/config/assets.js

Line 39 in 2d3116e

.test(/\.(png|jpe?g|gif|webp)(\?.*)?$/)

vue-cli/packages/@vue/cli-service/lib/config/assets.js

Line 48 in 2d3116e

.test(/\.(svg)(\?.*)?$/)

vue-cli/packages/@vue/cli-service/lib/config/assets.js

Line 58 in 2d3116e

.test(/\.(mp4|webm|ogg|mp3|wav|flac|aac)(\?.*)?$/)

vue-cli/packages/@vue/cli-service/lib/config/assets.js

Line 65 in 2d3116e

.test(/\.(woff2?|eot|ttf|otf)(\?.*)?$/i)

vue-cli/packages/@vue/cli-service/lib/util/isAbsoluteUrl.js

Line 3 in 2d3116e

return /^([a-z][a-z\d+\-.]*:)?\/\//i.test(url)

vue-cli/packages/@vue/cli-ui/apollo-server/util/parse-diff.js

Line 128 in 2d3116e

[/^index\s[\da-zA-Z]+\.\.[\da-zA-Z]+(\s(\d+))?$/, index],

vue-cli/packages/@vue/cli-ui/apollo-server/util/parse-diff.js

Line 131 in 2d3116e

[/^@@\s+-(\d+),?(\d+)?\s+\+(\d+),?(\d+)?\s@@/, chunk],

vue-cli/packages/@vue/cli-ui/apollo-server/util/parse-diff.js

Line 169 in 2d3116e

const t = (/\t.*|\d{4}-\d\d-\d\d\s\d\d:\d\d:\d\d(.\d+)?\s(\+|-)\d\d\d\d/).exec(s)

vue-cli/packages/@vue/cli-ui/apollo-server/util/parse-diff.js

Line 179 in 2d3116e

return s.replace(new RegExp(`^${chars}+`), '')

vue-cli/packages/@vue/cli-ui/src/util/search.js

Line 2 in 2d3116e

return text && new RegExp(text.trim().replace(/\s+/g, '.{0,5}'), 'i')

vue-cli/packages/@vue/cli-ui/ui-defaults/tasks.js

Line 165 in 2d3116e

match: /vue-cli-service serve(\s+--\S+(\s+\S+)?)*$/,

vue-cli/packages/@vue/cli-ui/ui-defaults/tasks.js

Line 243 in 2d3116e

match: /vue-cli-service build(\s+--\S+(\s+\S+)?)*$/,

vue-cli/packages/@vue/cli/lib/add.js

Line 37 in 2d3116e

const pluginRe = /^(@?[^@]+)(?:@(.+))?$/

vue-cli/packages/@vue/cli/lib/options.js

Line 53 in 2d3116e

latestVersion: joi.string().regex(/^\d+\.\d+\.\d+(-(alpha|beta|rc)\.\d+)?$/),

vue-cli/packages/@vue/cli/lib/ui.js

Line 10 in 2d3116e

const hostRegExp = new RegExp(`^https?://(${host}|${allowedHost}|localhost)(:\\d+)?$`)

vue-cli/packages/@vue/cli/lib/util/ProjectPackageManager.js

Line 78 in 2d3116e

const nameRegExp = /^(@?[^@]+)(@.*)?$/

vue-cli/scripts/syncDeps.js

Line 152 in 2d3116e

const updatedRE = new RegExp(`'(${Array.from(updatedDeps).join('|')})': '\\^(\\d+\\.\\d+\\.\\d+[^']*)'`)

vue-cli/scripts/verifyCommitMsg.js

Line 5 in 2d3116e

const commitRE = /^(v\d+\.\d+\.\d+(-(alpha|beta|rc.\d+))?)|((revert: )?(feat|fix|docs|style|refactor|perf|test|workflow|ci|chore|types)(\(.+\))?!?: .{1,50})/

vue-cli/packages/@vue/cli/lib/Creator.js

Line 342 in 2d3116e

} else if (name.endsWith('.json') || /^\./.test(name) || path.isAbsolute(name)) {

vue-cli/packages/@vue/cli-ui/apollo-server/util/highlight.js

Line 30 in 2d3116e

language = languages.find(l => l.test.test(filename))

vue-cli/packages/@vue/cli-service/lib/util/prepareProxy.js

Line 106 in 2d3116e

if (!/^http(s)?:\/\//.test(proxy)) {

vue-cli/packages/@vue/cli-plugin-e2e-cypress/index.js

Line 63 in 2d3116e

rawArgs.splice(i, offset + (equalRE.test(rawArgs[i]) ? 0 : 1))

vue-cli/packages/@vue/cli-plugin-e2e-nightwatch/index.js

Line 178 in 2d3116e

rawArgs.splice(i, offset + (equalRE.test(rawArgs[i]) ? 0 : 1))

More info on how to fix Insecure Use of Regular Expressions in Javascript.

Insecure File Management (188)

vue-cli/packages/@vue/cli-plugin-babel/__tests__/transpileDependencies.spec.js

Line 11 in 2d3116e

const files = await fs.readdir(path.join(project.dir, 'dist/js'))

vue-cli/packages/@vue/cli-plugin-babel/__tests__/transpileDependencies.spec.js

Line 17 in 2d3116e

const files = await fs.readdir(path.join(project.dir, 'dist/js'))

vue-cli/packages/@vue/cli-plugin-e2e-nightwatch/index.js

Line 125 in 2d3116e

userOptions = require(userOptionsPath)

vue-cli/packages/@vue/cli-plugin-e2e-nightwatch/index.js

Line 163 in 2d3116e

fs.stat(source, function (err, stat) {

vue-cli/packages/@vue/cli-plugin-e2e-webdriverio/index.js

Line 37 in 2d3116e

const isTS = fs.existsSync(path.join(api.getCwd(), 'tsconfig.json'))

vue-cli/packages/@vue/cli-plugin-eslint/generator/index.js

Line 17 in 2d3116e

if (fs.existsSync(editorConfigTemplatePath)) {

vue-cli/packages/@vue/cli-plugin-eslint/generator/index.js

Line 18 in 2d3116e

if (fs.existsSync(api.resolve('.editorconfig'))) {

vue-cli/packages/@vue/cli-plugin-eslint/generator/index.js

Line 21 in 2d3116e

const editorconfig = fs.readFileSync(editorConfigTemplatePath, 'utf-8')

vue-cli/packages/@vue/cli-plugin-eslint/lint.js

Line 40 in 2d3116e

if (!fs.existsSync(api.resolve('.eslintignore')) && !config.ignorePattern) {

vue-cli/packages/@vue/cli-plugin-eslint/lint.js

Line 90 in 2d3116e

fs.writeFileSync(outputFilePath, formatter(report.results))

vue-cli/packages/@vue/cli-plugin-eslint/migrator/index.js

Line 5 in 2d3116e

const pkg = require(api.resolve('package.json'))

vue-cli/packages/@vue/cli-plugin-pwa/index.js

Line 8 in 2d3116e

if (fs.existsSync(manifestPath)) {

vue-cli/packages/@vue/cli-plugin-pwa/index.js

Line 10 in 2d3116e

userOptions.manifestOptions = require(manifestPath)

vue-cli/packages/@vue/cli-plugin-pwa/lib/noopServiceWorkerMiddleware.js

Line 14 in 2d3116e

const resetScript = fs.readFileSync(path.resolve(__dirname, 'noopServiceWorker.js'), 'utf-8')

vue-cli/packages/@vue/cli-plugin-webpack-4/index.js

Line 80 in 2d3116e

if (!isLegacyBundle && fs.existsSync(publicDir)) {

vue-cli/packages/@vue/cli-service/__tests__/Service.spec.js

Line 134 in 2d3116e

fs.writeFileSync(path.resolve('/', 'vue.config.js'), '') // only to ensure fs.existsSync returns true

vue-cli/packages/@vue/cli-service/__tests__/Service.spec.js

Line 147 in 2d3116e

fs.writeFileSync(path.resolve('/', 'vue.config.js'), '')

vue-cli/packages/@vue/cli-service/__tests__/ServiceESM.spec.js

Line 16 in 2d3116e

fs.renameSync(path.resolve(project.dir, 'babel.config.js'), path.resolve(project.dir, 'babel.config.cjs'))

vue-cli/packages/@vue/cli-service/__tests__/ServiceESM.spec.js

Line 36 in 2d3116e

fs.writeFileSync(configPath, 'module.exports = { lintOnSave: true }')

vue-cli/packages/@vue/cli-service/__tests__/ServiceESM.spec.js

Line 39 in 2d3116e

await fs.unlinkSync(configPath)

vue-cli/packages/@vue/cli-service/__tests__/ServiceESM.spec.js

Line 44 in 2d3116e

fs.writeFileSync(configPath, 'module.exports = function () { return { lintOnSave: true } }')

vue-cli/packages/@vue/cli-service/__tests__/ServiceESM.spec.js

Line 47 in 2d3116e

await fs.unlinkSync(configPath)

vue-cli/packages/@vue/cli-service/__tests__/ServiceESM.spec.js

Line 52 in 2d3116e

fs.writeFileSync(configPath, 'export default { lintOnSave: true }')

vue-cli/packages/@vue/cli-service/__tests__/ServiceESM.spec.js

Line 55 in 2d3116e

await fs.unlinkSync(configPath)

vue-cli/packages/@vue/cli-service/__tests__/ServiceESM.spec.js

Line 60 in 2d3116e

fs.writeFileSync(configPath, 'export default { lintOnSave: true }')

vue-cli/packages/@vue/cli-service/__tests__/ServiceESM.spec.js

Line 63 in 2d3116e

await fs.unlinkSync(configPath)

vue-cli/packages/@vue/cli-service/__tests__/buildWcAsync.spec.js

Line 23 in 2d3116e

const files = await fs.readdir(path.resolve(project.dir, 'dist'))

vue-cli/packages/@vue/cli-service/__tests__/modernMode.spec.js

Line 19 in 2d3116e

const files = await fs.readdir(path.join(project.dir, 'dist/js'))

vue-cli/packages/@vue/cli-service/__tests__/modernMode.spec.js

Line 92 in 2d3116e

const files = await fs.readdir(path.join(project.dir, 'dist/js'))

vue-cli/packages/@vue/cli-service/__tests__/modernMode.spec.js

Line 107 in 2d3116e

const files = await fs.readdir(path.join(project.dir, 'dist/js'))

vue-cli/packages/@vue/cli-service/__tests__/modernMode.spec.js

Line 123 in 2d3116e

const files = await fs.readdir(path.join(project.dir, 'dist/js'))

vue-cli/packages/@vue/cli-service/__tests__/modernMode.spec.js

Line 134 in 2d3116e

const jsFiles = (await fs.readdir(path.join(project.dir, 'dist/js'))).filter(f => f.endsWith('.js'))

vue-cli/packages/@vue/cli-service/__tests__/modernMode.spec.js

Line 153 in 2d3116e

const files = await fs.readdir(path.join(project.dir, 'dist/js'))

vue-cli/packages/@vue/cli-service/lib/PluginAPI.js

Line 191 in 2d3116e

if (!fs.existsSync(absolutePath)) {

vue-cli/packages/@vue/cli-service/lib/PluginAPI.js

Line 198 in 2d3116e

return JSON.stringify(require(absolutePath))

vue-cli/packages/@vue/cli-service/lib/PluginAPI.js

Line 200 in 2d3116e

return fs.readFileSync(absolutePath, 'utf-8')

vue-cli/packages/@vue/cli-service/lib/PluginAPI.js

Line 203 in 2d3116e

return fs.readFileSync(absolutePath, 'utf-8')

vue-cli/packages/@vue/cli-service/lib/Service.js

Line 159 in 2d3116e

apply: require(absolutePath || id)

vue-cli/packages/@vue/cli-service/lib/commands/build/formatStats.js

Line 48 in 2d3116e

const buffer = fs.readFileSync(filepath)

vue-cli/packages/@vue/cli-service/lib/commands/build/resolveLibConfig.js

Line 16 in 2d3116e

if (!fs.existsSync(fullEntryPath)) {

vue-cli/packages/@vue/cli-service/lib/commands/build/resolveLibConfig.js

Line 93 in 2d3116e

const entryContent = fs.readFileSync(fullEntryPath, 'utf-8')

vue-cli/packages/@vue/cli-service/lib/commands/serve.js

Line 361 in 2d3116e

if (fs.existsSync(`/proc/1/cgroup`)) {

vue-cli/packages/@vue/cli-service/lib/commands/serve.js

Line 362 in 2d3116e

const content = fs.readFileSync(`/proc/1/cgroup`, 'utf-8')

vue-cli/packages/@vue/cli-service/lib/config/app.js

Line 115 in 2d3116e

htmlOptions.template = fs.existsSync(htmlPath)

vue-cli/packages/@vue/cli-service/lib/config/app.js

Line 181 in 2d3116e

const hasDedicatedTemplate = fs.existsSync(api.resolve(templateWithoutLoader))

vue-cli/packages/@vue/cli-service/lib/config/app.js

Line 184 in 2d3116e

: fs.existsSync(htmlPath)

vue-cli/packages/@vue/cli-service/lib/config/app.js

Line 253 in 2d3116e

if (!isLegacyBundle && fs.existsSync(publicDir)) {

vue-cli/packages/@vue/cli-service/lib/config/css.js

Line 8 in 2d3116e

if (fs.existsSync(path.join(context, file))) {

vue-cli/packages/@vue/cli-service/lib/util/loadFileConfig.js

Line 18 in 2d3116e

if (resolvedPath && fs.existsSync(resolvedPath)) {

vue-cli/packages/@vue/cli-service/lib/util/prepareProxy.js

Line 52 in 2d3116e

const isPublicFileRequest = fs.existsSync(maybePublicPath) && fs.statSync(maybePublicPath).isFile()

vue-cli/packages/@vue/cli-service/lib/webpack/DashboardPlugin.js

Line 161 in 2d3116e

const buf = webpackFs.readFileSync(fullPath)

vue-cli/packages/@vue/cli-service/lib/webpack/ModernModePlugin.js

Line 34 in 2d3116e

await fs.writeFile(tempFilename, JSON.stringify(tags))

vue-cli/packages/@vue/cli-service/lib/webpack/ModernModePlugin.js

Line 70 in 2d3116e

const legacyAssets = JSON.parse(await fs.readFile(tempFilename, 'utf-8'))

vue-cli/packages/@vue/cli-service/lib/webpack/MovePlugin.js

Line 11 in 2d3116e

if (fs.existsSync(this.from)) {

vue-cli/packages/@vue/cli-shared-utils/index.js

Line 16 in 2d3116e

Object.assign(exports, require(`./lib/${m}`))

vue-cli/packages/@vue/cli-shared-utils/lib/env.js

Line 40 in 2d3116e

const result = fs.existsSync(lockFile)

vue-cli/packages/@vue/cli-shared-utils/lib/env.js

Line 121 in 2d3116e

const result = fs.existsSync(lockFile)

vue-cli/packages/@vue/cli-shared-utils/lib/env.js

Line 143 in 2d3116e

const result = fs.existsSync(lockFile)

vue-cli/packages/@vue/cli-shared-utils/lib/module.js

Line 75 in 2d3116e

return require(request)

vue-cli/packages/@vue/cli-shared-utils/lib/module.js

Line 86 in 2d3116e

return require(resolvedPath)

vue-cli/packages/@vue/cli-shared-utils/lib/pkg.js

Line 6 in 2d3116e

if (fs.existsSync(path.join(context, 'package.json'))) {

vue-cli/packages/@vue/cli-shared-utils/lib/pluginResolution.js

Line 75 in 2d3116e

pkg = require(`${id}/package.json`)

vue-cli/packages/@vue/cli-test-utils/createTestProject.js

Line 13 in 2d3116e

return fs.readFile(path.resolve(projectRoot, file), 'utf-8')

vue-cli/packages/@vue/cli-test-utils/createTestProject.js

Line 17 in 2d3116e

return fs.existsSync(path.resolve(projectRoot, file))

vue-cli/packages/@vue/cli-test-utils/createTestProject.js

Line 27 in 2d3116e

return fs.ensureDir(dir).then(() => fs.writeFile(targetPath, content))

vue-cli/packages/@vue/cli-test-utils/createUpgradableProject.js

Line 17 in 2d3116e

if (!fs.existsSync(outsideTestFolder)) {

vue-cli/packages/@vue/cli-test-utils/createUpgradableProject.js

Line 18 in 2d3116e

fs.mkdirSync(outsideTestFolder)

vue-cli/packages/@vue/cli-ui/apollo-server/api/PluginApi.js

Line 493 in 2d3116e

sharedData.watch({ id, projectId: this.project.id }, handler)

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/configurations.js

Line 43 in 2d3116e

if (fs.existsSync(resolvedFile)) {

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/configurations.js

Line 76 in 2d3116e

const rawContent = fs.readFileSync(file.path, { encoding: 'utf8' })

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/configurations.js

Line 126 in 2d3116e

const source = fs.readFileSync(file.path, { encoding: 'utf8' })

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/configurations.js

Line 138 in 2d3116e

fs.writeFileSync(file.path, rawContent, { encoding: 'utf8' })

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/cwd.js

Line 20 in 2d3116e

if (!fs.existsSync(value)) return

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/dependencies.js

Line 73 in 2d3116e

return resolvedPath && fs.existsSync(resolvedPath)

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/folders.js

Line 19 in 2d3116e

return fs.stat(file).then((x) => x.isDirectory())

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/folders.js

Line 33 in 2d3116e

const files = await fs.readdir(dir, 'utf8')

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/folders.js

Line 117 in 2d3116e

return fs.existsSync(path.join(file, 'package.json'))

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/folders.js

Line 132 in 2d3116e

if (fs.existsSync(pkgFile)) {

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/git.js

Line 51 in 2d3116e

const highlightedContentTo = highlightCode(fileDiff.to, fs.readFileSync(path.resolve(cwd.get(), fileDiff.to), { encoding: 'utf8' })).split('\n')

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/locales.js

Line 50 in 2d3116e

if (process.env.VUE_APP_CLI_UI_DEV && !watchedTrees.get(root) && fs.existsSync(folder)) {

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/plugins.js

Line 105 in 2d3116e

installed: fs.existsSync(dependencies.getPath({ id, file })),

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/plugins.js

Line 216 in 2d3116e

if (currentView) views.open(currentView.id)

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/plugins.js

Line 263 in 2d3116e

const folder = fs.existsSync(id) ? id : dependencies.getPath({ id, file: pluginApi.cwd })

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/plugins.js

Line 289 in 2d3116e

if (fs.existsSync(file)) {

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/plugins.js

Line 497 in 2d3116e

let data = require(path.join(dependencies.getPath({ id, file: cwd.get() }), 'prompts'))

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/projects.js

Line 54 in 2d3116e

if (fs.existsSync(project.path)) {

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/projects.js

Line 66 in 2d3116e

if (currentProject && !fs.existsSync(currentProject.path)) {

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/projects.js

Line 371 in 2d3116e

if (!input.force && !fs.existsSync(path.join(input.path, 'node_modules'))) {

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/projects.js

Line 395 in 2d3116e

if (!fs.existsSync(project.path)) {

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/projects.js

Line 458 in 2d3116e

if (fs.existsSync(gitConfigPath)) {

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/shared-data.js

Line 31 in 2d3116e

if (fs.existsSync(path.resolve(rootFolder, projectId, `${id}.json`))) {

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/shared-data.js

Line 49 in 2d3116e

if (await fs.exists(file)) {

vue-cli/packages/@vue/cli-ui/apollo-server/resolvers.js

Line 94 in 2d3116e

const { resolvers: r } = require(file)

vue-cli/packages/@vue/cli-ui/apollo-server/schema/folder.js

Line 46 in 2d3116e

folderOpen: (root, { path }, context) => folders.open(path, context),

vue-cli/packages/@vue/cli-ui/apollo-server/schema/project.js

Line 105 in 2d3116e

projectOpen: (root, { id }, context) => projects.open(id, context),

vue-cli/packages/@vue/cli-ui/apollo-server/schema/project.js

Line 109 in 2d3116e

projectRename: (root, args, context) => projects.rename(args, context),

vue-cli/packages/@vue/cli-ui/apollo-server/schema/task.js

Line 89 in 2d3116e

taskOpen: (root, { id }, context) => tasks.open(id, context),

vue-cli/packages/@vue/cli-ui/apollo-server/schema/view.js

Line 56 in 2d3116e

viewOpen: (root, { id }, context) => views.open(id, context)

vue-cli/packages/@vue/cli-ui/apollo-server/type-defs.js

Line 90 in 2d3116e

const { types } = require(file)

vue-cli/packages/@vue/cli-ui/graphql-server.js

Line 188 in 2d3116e

const module = require(file)

vue-cli/packages/@vue/cli-ui/src/i18n.js

Line 64 in 2d3116e

[i18n.locale]: require(`date-fns/locale/${dateFnsLocale}/index.js`)

vue-cli/packages/@vue/cli/__tests__/Generator.spec.js

Line 12 in 2d3116e

fs.writeFileSync(path.resolve(templateDir, 'foo.js'), 'foo(<%- options.n %>)')

vue-cli/packages/@vue/cli/__tests__/Generator.spec.js

Line 14 in 2d3116e

fs.writeFileSync(path.resolve(templateDir, 'bar/bar.js'), 'bar(<%- m %>)')

vue-cli/packages/@vue/cli/__tests__/Generator.spec.js

Line 15 in 2d3116e

fs.writeFileSync(path.resolve(templateDir, 'bar/_bar.js'), '.bar(<%- m %>)')

vue-cli/packages/@vue/cli/__tests__/Generator.spec.js

Line 16 in 2d3116e

fs.writeFileSync(path.resolve(templateDir, 'entry.js'), `

vue-cli/packages/@vue/cli/__tests__/Generator.spec.js

Line 25 in 2d3116e

fs.writeFileSync(path.resolve(templateDir, 'empty-entry.js'), `;`)

vue-cli/packages/@vue/cli/__tests__/Generator.spec.js

Line 26 in 2d3116e

fs.writeFileSync(path.resolve(templateDir, 'main.ts'), `const a: string = 'hello';`)

vue-cli/packages/@vue/cli/__tests__/Generator.spec.js

Line 27 in 2d3116e

fs.writeFileSync(path.resolve(templateDir, 'hello.vue'), `

vue-cli/packages/@vue/cli/__tests__/Generator.spec.js

Line 42 in 2d3116e

fs.writeFileSync(path.resolve(templateDir, 'replace.js'), `

vue-cli/packages/@vue/cli/__tests__/Generator.spec.js

Line 50 in 2d3116e

fs.writeFileSync(path.resolve(templateDir, 'multi-replace-source.js'), `

vue-cli/packages/@vue/cli/__tests__/Generator.spec.js

Line 55 in 2d3116e

fs.writeFileSync(path.resolve(templateDir, 'multi-replace.js'), `

vue-cli/packages/@vue/cli/__tests__/Generator.spec.js

Line 73 in 2d3116e

fs.writeFileSync(path.resolve(templateDir, '_vscode/config.json'), `{}`)

vue-cli/packages/@vue/cli/__tests__/Generator.spec.js

Line 74 in 2d3116e

fs.writeFileSync(path.resolve(templateDir, '_gitignore'), 'foo')

vue-cli/packages/@vue/cli/__tests__/options.spec.js

Line 13 in 2d3116e

fs.writeFileSync(rcPath, JSON.stringify({

vue-cli/packages/@vue/cli/__tests__/preset.spec.js

Line 27 in 2d3116e

const testFile = await fs.readFile(path.resolve(cwd, name, 'test.js'), 'utf-8')

vue-cli/packages/@vue/cli/__tests__/preset.spec.js

Line 30 in 2d3116e

const pkg = require(path.resolve(cwd, name, 'package.json'))

vue-cli/packages/@vue/cli/__tests__/preset.spec.js

Line 53 in 2d3116e

const testFile = await fs.readFile(path.resolve(cwd, name, 'test.js'), 'utf-8')

vue-cli/packages/@vue/cli/__tests__/preset.spec.js

Line 56 in 2d3116e

const pkg = require(path.resolve(cwd, name, 'package.json'))

vue-cli/packages/@vue/cli/__tests__/preset.spec.js

Line 79 in 2d3116e

const testFile = await fs.readFile(path.resolve(cwd, name, 'test.js'), 'utf-8')

vue-cli/packages/@vue/cli/__tests__/preset.spec.js

Line 82 in 2d3116e

const pkg = require(path.resolve(cwd, name, 'package.json'))

vue-cli/packages/@vue/cli/__tests__/preset.spec.js

Line 105 in 2d3116e

const readme = await fs.readFile(path.resolve(cwd, name, 'README.md'), 'utf-8')

vue-cli/packages/@vue/cli/__tests__/preset.spec.js

Line 108 in 2d3116e

const pkg = require(path.resolve(cwd, name, 'package.json'))

vue-cli/packages/@vue/cli/bin/vue.js

Line 30 in 2d3116e

fs.existsSync(path.resolve(process.cwd(), '../@vue')) ||

vue-cli/packages/@vue/cli/bin/vue.js

Line 31 in 2d3116e

fs.existsSync(path.resolve(process.cwd(), '../../@vue'))

vue-cli/packages/@vue/cli/lib/GeneratorAPI.js

Line 445 in 2d3116e

return (this._entryFile = fs.existsSync(this.resolve('src/main.ts')) ? 'src/main.ts' : 'src/main.js')

vue-cli/packages/@vue/cli/lib/GeneratorAPI.js

Line 482 in 2d3116e

return fs.readFileSync(name) // return buffer

vue-cli/packages/@vue/cli/lib/GeneratorAPI.js

Line 484 in 2d3116e

const template = fs.readFileSync(name, 'utf-8')

vue-cli/packages/@vue/cli/lib/GeneratorAPI.js

Line 519 in 2d3116e

finalTemplate = fs.readFileSync(extendPath, 'utf-8')

vue-cli/packages/@vue/cli/lib/Upgrader.js

Line 102 in 2d3116e

fs.writeFileSync(path.resolve(this.context, 'package.json'), JSON.stringify(this.pkg, null, 2))

vue-cli/packages/@vue/cli/lib/config.js

Line 35 in 2d3116e

await fs.writeFile(file, JSON.stringify(config, null, 2), 'utf-8')

vue-cli/packages/@vue/cli/lib/config.js

Line 68 in 2d3116e

await fs.writeFile(file, JSON.stringify(config, null, 2), 'utf-8')

vue-cli/packages/@vue/cli/lib/create.js

Line 32 in 2d3116e

if (fs.existsSync(targetDir) && !options.merge) {

vue-cli/packages/@vue/cli/lib/inspect.js

Line 21 in 2d3116e

if (fs.existsSync(binPath)) {

vue-cli/packages/@vue/cli/lib/options.js

Line 94 in 2d3116e

if (fs.existsSync(rcPath)) {

vue-cli/packages/@vue/cli/lib/options.js

Line 96 in 2d3116e

cachedOptions = JSON.parse(fs.readFileSync(rcPath, 'utf-8'))

vue-cli/packages/@vue/cli/lib/options.js

Line 127 in 2d3116e

fs.writeFileSync(rcPath, JSON.stringify(options, null, 2))

vue-cli/packages/@vue/cli/lib/util/ProjectPackageManager.js

Line 213 in 2d3116e

if (fs.existsSync(loc)) {

vue-cli/packages/@vue/cli/lib/util/ProjectPackageManager.js

Line 216 in 2d3116e

npmConfig = Object.assign({}, ini.parse(fs.readFileSync(loc, 'utf-8')), npmConfig)

vue-cli/packages/@vue/cli/lib/util/ProjectPackageManager.js

Line 423 in 2d3116e

await fs.symlink(src, dest, 'dir')

vue-cli/packages/@vue/cli/lib/util/createTools.js

Line 13 in 2d3116e

].map(file => require(`../promptModules/${file}`))

vue-cli/packages/@vue/cli/lib/util/getPkg.js

Line 12 in 2d3116e

packageJson = fs.readFileSync(packagePath, 'utf-8')

vue-cli/packages/@vue/cli/lib/util/linkBin.js

Line 18 in 2d3116e

await fs.symlink(src, dest)

vue-cli/packages/@vue/cli/lib/util/linkBin.js

Line 19 in 2d3116e

await fs.chmod(dest, '755')

vue-cli/packages/@vue/cli/lib/util/loadCommand.js

Line 9 in 2d3116e

return require(moduleName)

vue-cli/packages/@vue/cli/lib/util/loadLocalPreset.js

Line 5 in 2d3116e

const stats = fs.statSync(path)

vue-cli/packages/@vue/cli/lib/util/loadPresetFromDir.js

Line 6 in 2d3116e

if (!fs.existsSync(presetPath)) {

vue-cli/packages/@vue/cli/lib/util/loadPresetFromDir.js

Line 13 in 2d3116e

const hasGenerator = fs.existsSync(path.join(dir, 'generator.js')) || fs.existsSync(path.join(dir, 'generator/index.js'))

vue-cli/packages/@vue/cli/lib/util/rcPath.js

Line 9 in 2d3116e

if (!fs.existsSync(rcDir)) {

vue-cli/packages/@vue/cli/lib/util/rcPath.js

Line 28 in 2d3116e

if (fs.existsSync(rcFile)) {

vue-cli/packages/@vue/cli/lib/util/rcPath.js

Line 30 in 2d3116e

if (fs.existsSync(properRcFile)) {

vue-cli/packages/@vue/cli/lib/util/readFiles.js

Line 20 in 2d3116e

? fs.readFileSync(name)

vue-cli/packages/@vue/cli/lib/util/readFiles.js

Line 21 in 2d3116e

: fs.readFileSync(name, 'utf-8')

vue-cli/packages/@vue/cli/lib/util/writeFileTree.js

Line 11 in 2d3116e

return fs.unlink(path.join(directory, filename))

vue-cli/packages/@vue/cli/lib/util/writeFileTree.js

Line 33 in 2d3116e

fs.writeFileSync(filePath, files[name])

vue-cli/scripts/bootstrap.js

Line 8 in 2d3116e

const files = fs.readdirSync(packagesDir)

vue-cli/scripts/bootstrap.js

Line 19 in 2d3116e

if (!fs.existsSync(pkgPath)) {

vue-cli/scripts/bootstrap.js

Line 43 in 2d3116e

fs.writeFileSync(pkgPath, JSON.stringify(json, null, 2))

vue-cli/scripts/bootstrap.js

Line 47 in 2d3116e

if (!fs.existsSync(readmePath)) {

vue-cli/scripts/bootstrap.js

Line 48 in 2d3116e

fs.writeFileSync(readmePath, `# @vue/${pkg}\n\n> ${desc}`)

vue-cli/scripts/bootstrap.js

Line 52 in 2d3116e

if (!fs.existsSync(npmIgnorePath)) {

vue-cli/scripts/bootstrap.js

Line 53 in 2d3116e

fs.writeFileSync(npmIgnorePath, `__tests__\n__mocks__`)

vue-cli/scripts/buildEditorConfig.js

Line 96 in 2d3116e

const configList = fs.readdirSync(path.resolve(__dirname, '../packages/@vue/'))

vue-cli/scripts/buildEditorConfig.js

Line 118 in 2d3116e

if (!fs.existsSync(templateDir)) {

vue-cli/scripts/buildEditorConfig.js

Line 119 in 2d3116e

fs.mkdirSync(templateDir)

vue-cli/scripts/buildEditorConfig.js

Line 121 in 2d3116e

fs.writeFileSync(`${templateDir}/_editorconfig`, content)

vue-cli/scripts/checkLinks.js

Line 23 in 2d3116e

const contents = fs.readFileSync(file, { encoding: 'utf8' })

vue-cli/scripts/checkLinks.js

Line 36 in 2d3116e

const files = fs.readdirSync(folder)

vue-cli/scripts/checkLinks.js

Line 41 in 2d3116e

} else if (fs.statSync(fullPath).isDirectory()) {

vue-cli/scripts/genChangelog.js

Line 23 in 2d3116e

newRelease + '\n\n\n' + fs.readFileSync(changelogPath, { encoding: 'utf8' })

vue-cli/scripts/genChangelog.js

Line 24 in 2d3116e

fs.writeFileSync(changelogPath, newChangelog)

vue-cli/scripts/genDocs.js

Line 9 in 2d3116e

const entryContent = fs.readFileSync(entryPath)

vue-cli/scripts/genDocs.js

Line 11 in 2d3116e

fs.writeFile(docPath, entryContent, () => { })

vue-cli/scripts/genDocs.js

Line 15 in 2d3116e

fs.readdir(pluginsDirPath, (_, files) => {

vue-cli/scripts/patchChromedriver.js

Line 14 in 2d3116e

fs.writeFileSync(path.resolve(__dirname, '../package.json'), JSON.stringify(pkg, null, 2))

vue-cli/scripts/syncDeps.js

Line 90 in 2d3116e

fs.writeFileSync(file, writeCache[file])

vue-cli/scripts/syncDeps.js

Line 104 in 2d3116e

const pkg = require(path.resolve(__dirname, '../', filePath))

vue-cli/scripts/syncDeps.js

Line 173 in 2d3116e

return require(`../packages/${pkg}/package.json`).version

vue-cli/scripts/syncDeps.js

Line 181 in 2d3116e

return version || require(`../packages/${pkg}/package.json`).version

vue-cli/scripts/syncDeps.js

Line 188 in 2d3116e

const updated = fs.readFileSync(filePath, 'utf-8')

vue-cli/scripts/verifyCommitMsg.js

Line 3 in 2d3116e

const msg = require('fs').readFileSync(msgPath, 'utf-8').trim()

vue-cli/packages/@vue/cli-plugin-pwa/index.js

Line 13 in 2d3116e

`The ${chalk.red('public/manifest.json')} file will be ignored in favor of ${chalk.cyan('pwa.manifestOptions')}`

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/files.js

Line 13 in 2d3116e

query = path.resolve(cwd.get(), input.file)

vue-cli/packages/@vue/cli-service/lib/util/getAssetPath.js

Line 5 in 2d3116e

? path.posix.join(options.assetsDir, filePath)

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/projects.js

Line 269 in 2d3116e

const targetDir = path.join(cwd.get(), input.folder)

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/projects.js

Line 457 in 2d3116e

const gitConfigPath = path.join(project.path, '.git', 'config')

vue-cli/packages/@vue/cli-service/lib/config/app.js

Line 102 in 2d3116e

])

vue-cli/packages/@vue/cli-plugin-e2e-webdriverio/index.js

Line 40 in 2d3116e

: path.join(api.getCwd(), 'wdio.sauce.conf.' + (isTS ? 'ts' : 'js'))

vue-cli/packages/@vue/cli-plugin-e2e-webdriverio/index.js

Line 39 in 2d3116e

? path.join(api.getCwd(), 'wdio.local.conf.' + (isTS ? 'ts' : 'js'))

More info on how to fix Insecure File Management in Javascript.

Information Disclosure (17)

vue-cli/packages/@vue/cli-plugin-e2e-cypress/generator/template/tests/e2e/_eslintrc.js

Line 1 in 2d3116e

<%_ if (hasESLint) { _%>

vue-cli/packages/@vue/cli-plugin-e2e-cypress/generator/template/tests/e2e/specs/test.js

Line 6 in 2d3116e

cy.contains('h1', 'Welcome to Your Vue.js <%- hasTS ? '+ TypeScript ' : '' %>App')

vue-cli/packages/@vue/cli-plugin-e2e-nightwatch/generator/template/tests/e2e/_eslintrc.js

Line 1 in 2d3116e

<%_ if (hasESLint) { _%>

vue-cli/packages/@vue/cli-plugin-e2e-nightwatch/generator/template/tests/e2e/specs/test.js

Line 10 in 2d3116e

.assert.containsText('h1', 'Welcome to Your Vue.js <%- hasTS ? '+ TypeScript ' : '' %>App')

vue-cli/packages/@vue/cli-plugin-e2e-webdriverio/generator/template/tests/e2e/_eslintrc.js

Line 1 in 2d3116e

<%_ if (hasESLint) { _%>

vue-cli/packages/@vue/cli-plugin-e2e-webdriverio/generator/template/tests/e2e/pageobjects/app.page.js

Line 15 in 2d3116e

<%- hasTS ? 'export default new App()' : 'module.exports = new App()' %>

vue-cli/packages/@vue/cli-plugin-e2e-webdriverio/generator/template/tests/e2e/specs/app.spec.js

Line 1 in 2d3116e

<%- hasTS ? 'import App from \'../pageobjects/app.page\'' : 'const App = require(\'../pageobjects/app.page\')' %>

vue-cli/packages/@vue/cli-plugin-e2e-webdriverio/generator/template/wdio.local.conf.js

Line 1 in 2d3116e

<%- hasTS ? 'const { config } = require(\'./wdio.shared.conf.ts\')' : 'const { config } = require(\'./wdio.shared.conf\')' %>

vue-cli/packages/@vue/cli-plugin-e2e-webdriverio/generator/template/wdio.sauce.conf.js

Line 1 in 2d3116e

<%- hasTS ? 'import { config } from \'./wdio.shared.conf.ts\'' : 'const { config } = require(\'./wdio.shared.conf\')' %>

vue-cli/packages/@vue/cli-plugin-e2e-webdriverio/generator/template/wdio.shared.conf.js

Line 14 in 2d3116e

<%_ if (hasTS) { _%>

vue-cli/packages/@vue/cli-plugin-router/generator/template-vue3/src/router/index.js

Line 1 in 2d3116e

import { createRouter<%

vue-cli/packages/@vue/cli-plugin-router/generator/template/src/router/index.js

Line 2 in 2d3116e

<%_ if (hasTypeScript) { _%>

vue-cli/packages/@vue/cli-plugin-unit-jest/generator/template/tests/unit/example.spec.js

Line 1 in 2d3116e

<%_ if (!hasTS) { _%>

vue-cli/packages/@vue/cli-plugin-unit-mocha/generator/template/tests/unit/example.spec.js

Line 1 in 2d3116e

<%_ if (!hasTS) { _%>

vue-cli/packages/@vue/cli-service/generator/template/src/main.js

Line 1 in 2d3116e

<%_ if (rootOptions.vueVersion === '3') { _%>

vue-cli/packages/@vue/cli/__tests__/mock-preset-with-async-generator/generator/template/test.js

Line 1 in 2d3116e

<%= ok %>

vue-cli/packages/@vue/cli/__tests__/mock-preset-with-template/generator/template/test.js

Line 1 in 2d3116e

<%= ok %>

More info on how to fix Information Disclosure in Javascript.

Insecure Use of Dangerous Function (18)

vue-cli/packages/@vue/cli-shared-utils/lib/env.js

Line 1 in 2d3116e

const { execSync } = require('child_process')

vue-cli/packages/@vue/cli-shared-utils/lib/openBrowser.js

Line 12 in 2d3116e

const execSync = require('child_process').execSync

vue-cli/packages/@vue/cli-ui/apollo-server/util/parse-diff.js

Line 158 in 2d3116e

const result = /\sa\/(.*)\sb\/(.*)/.exec(s)

vue-cli/packages/@vue/cli-ui/apollo-server/util/parse-diff.js

Line 169 in 2d3116e

const t = (/\t.*|\d{4}-\d\d-\d\d\s\d\d:\d\d:\d\d(.\d+)?\s(\+|-)\d\d\d\d/).exec(s)

vue-cli/packages/@vue/cli-ui/apollo-server/util/terminate.js

Line 2 in 2d3116e

const cp = require('child_process')

vue-cli/packages/@vue/cli-ui/src/util/theme.js

Line 4 in 2d3116e

const result = /\?theme=(\w+)/.exec(window.location.href)

vue-cli/scripts/buildEditorConfig.js

Line 98 in 2d3116e

const matched = /eslint-config-(\w+)/.exec(name)

vue-cli/scripts/patchChromedriver.js

Line 8 in 2d3116e

const versionString = require('child_process').execSync('wmic datafile where name="C:\\\\Program Files (x86)\\\\Google\\\\Chrome\\\\Application\\\\chrome.exe" get Version /value').toString()

vue-cli/scripts/syncDeps.js

Line 11 in 2d3116e

const { execSync } = require('child_process')

vue-cli/scripts/syncDeps.js

Line 41 in 2d3116e

const version = execSync(`npm view ${pkg} version`).toString().trim()

vue-cli/packages/@vue/cli-shared-utils/lib/openBrowser.js

Line 75 in 2d3116e

execSync('ps cax | grep "Google Chrome"')

vue-cli/packages/@vue/cli-shared-utils/lib/openBrowser.js

Line 78 in 2d3116e

stdio: 'ignore'

vue-cli/packages/@vue/cli-shared-utils/lib/env.js

Line 27 in 2d3116e

execSync('yarn --version', { stdio: 'ignore' })

vue-cli/packages/@vue/cli-shared-utils/lib/env.js

Line 58 in 2d3116e

execSync('git --version', { stdio: 'ignore' })

vue-cli/packages/@vue/cli-shared-utils/lib/env.js

Line 72 in 2d3116e

execSync('git status', { stdio: 'ignore', cwd })

vue-cli/packages/@vue/cli-shared-utils/lib/env.js

Line 94 in 2d3116e

stdio: ['pipe', 'pipe', 'ignore']

vue-cli/packages/@vue/cli-shared-utils/lib/env.js

Line 160 in 2d3116e

timeout: 10000

vue-cli/packages/@vue/cli-service/lib/commands/serve.js

Line 118 in 2d3116e

const publicHost = publicUrl ? /^[a-zA-Z]+:\/\/([^/?#]+)/.exec(publicUrl)[1] : undefined

More info on how to fix Insecure Use of Dangerous Function in Javascript.

Insecure Processing of Data (20)

vue-cli/packages/@vue/cli/__tests__/Generator.spec.js

Line 12 in 2d3116e

fs.writeFileSync(path.resolve(templateDir, 'foo.js'), 'foo(<%- options.n %>)')

vue-cli/packages/@vue/cli/__tests__/Generator.spec.js

Line 14 in 2d3116e

fs.writeFileSync(path.resolve(templateDir, 'bar/bar.js'), 'bar(<%- m %>)')

vue-cli/packages/@vue/cli/__tests__/Generator.spec.js

Line 15 in 2d3116e

fs.writeFileSync(path.resolve(templateDir, 'bar/_bar.js'), '.bar(<%- m %>)')

vue-cli/packages/@vue/cli/__tests__/Generator.spec.js

Line 640 in 2d3116e

files['foo2.js'] = render('foo(<%- n %>)', options)

vue-cli/packages/@vue/cli/__tests__/Generator.spec.js

Line 641 in 2d3116e

files['bar/bar2.js'] = render('bar(<%- n %>)', options)

vue-cli/packages/@vue/cli-service/lib/commands/build/demo-wc.html

Line 3 in 2d3116e

<title><%- htmlWebpackPlugin.options.libName %> demo</title>

vue-cli/packages/@vue/cli-service/lib/commands/build/demo-wc.html

Line 5 in 2d3116e

<script src="./<%- htmlWebpackPlugin.options.libName %>.js"></script>

vue-cli/packages/@vue/cli-service/lib/commands/build/demo-lib-js.html

Line 3 in 2d3116e

<title><%- htmlWebpackPlugin.options.libName %> demo</title>

vue-cli/packages/@vue/cli-service/lib/commands/build/demo-lib-js.html

Line 4 in 2d3116e

<script src="./<%- htmlWebpackPlugin.options.assetsFileName %>.umd.js"></script>

vue-cli/packages/@vue/cli-service/lib/commands/build/demo-lib-js.html

Line 6 in 2d3116e

<link rel="stylesheet" href="./<%- htmlWebpackPlugin.options.assetsFileName %>.css">

vue-cli/packages/@vue/cli-service/lib/commands/build/demo-lib-js.html

Line 10 in 2d3116e

console.log(<%- htmlWebpackPlugin.options.libName %>)

vue-cli/packages/@vue/cli-service/lib/commands/build/demo-lib.html

Line 3 in 2d3116e

<title><%- htmlWebpackPlugin.options.libName %> demo</title>

vue-cli/packages/@vue/cli-service/lib/commands/build/demo-lib.html

Line 4 in 2d3116e

<script src="//unpkg.com/vue@<%- htmlWebpackPlugin.options.vueMajor %>"></script>

vue-cli/packages/@vue/cli-service/lib/commands/build/demo-lib.html

Line 5 in 2d3116e

<script src="./<%- htmlWebpackPlugin.options.assetsFileName %>.umd.js"></script>

vue-cli/packages/@vue/cli-service/lib/commands/build/demo-lib.html

Line 7 in 2d3116e

<link rel="stylesheet" href="./<%- htmlWebpackPlugin.options.assetsFileName %>.css">

vue-cli/packages/@vue/cli-service/lib/commands/build/demo-lib.html

Line 18 in 2d3116e

demo: <%- htmlWebpackPlugin.options.libName %>

vue-cli/packages/@vue/cli-service/lib/commands/build/demo-lib.html

Line 24 in 2d3116e

demo: <%- htmlWebpackPlugin.options.libName %>

vue-cli/packages/@vue/cli/lib/util/configTransforms.js

Line 51 in 2d3116e

read: ({ source }) => require('js-yaml').load(source),

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/configurations.js

Line 80 in 2d3116e

fileData = yaml.load(rawContent)

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/client-addons.js

Line 66 in 2d3116e

res.send(`Addon ${id} not found in loaded addons. Try opening a vue-cli project first?`)

More info on how to fix Insecure Processing of Data in Javascript.

Insecure Use of SQL Queries (6)

vue-cli/packages/@vue/cli-ui/apollo-server/schema/plugin.js

Line 81 in 2d3116e

plugin: (root, { id }, context) => plugins.findOne({ id, file: cwd.get() }, context)

vue-cli/packages/@vue/cli-ui/apollo-server/schema/task.js

Line 76 in 2d3116e

plugin: (task, args, context) => plugins.findOne({ id: task.pluginId, file: task.path }, context),

vue-cli/packages/@vue/cli-ui/apollo-server/schema/configuration.js

Line 39 in 2d3116e

plugin: (configuration, args, context) => plugins.findOne({ id: configuration.pluginId, file: cwd.get() }, context)

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/widgets.js

Line 59 in 2d3116e

const plugin = plugins.findOne({ id: definition.pluginId, file: cwd.get() }, context)

vue-cli/packages/@vue/cli-ui/apollo-server/connectors/views.js

Line 75 in 2d3116e

const plugin = plugins.findOne({ id: view.pluginId, file: cwd.get() }, context)

vue-cli/packages/@vue/cli-ui/src/util/shared-data.js

Line 89 in 2d3116e

const projectId = await this.$getProjectId()

More info on how to fix Insecure Use of SQL Queries in Javascript.

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

@pull pull bot added the merge-conflict Resolve conflicts manually label Feb 22, 2021
haoqunjiang and others added 27 commits March 24, 2021 14:04
@haoqunjiang
feat: when transpileDependencies is set to true, transpile all de…
d64e7d3 
…pendencies in `node_modules` (#6354)
@haoqunjiang
chore: lockfile maintenance
bb01585
@haoqunjiang
fix: check hoisted postcss version (#6372)
fa46ed4 
Also reverts #6358
@haoqunjiang
chore: pre release sync
a5f822c
@haoqunjiang
v5.0.0-alpha.8
89af6c5
@ylc395
feat(cli-service): add inline loader support for html-webpack-plugin (#…
de175d4 
…5997)

Close #2697
@fangbinwei
fix(mocha): workaround the SVGElement issue in Vue (#6400)
7838c0d 
related to vuejs/core#2929
@fangbinwei
fix(cli-service): respect the existing 'devtool' (#6402)
8654e82 
Respect the existing 'devtool' when running dev server

Fixes #6398
@haoqunjiang
chore: de-prioritize "Mocha + Chai" option as it requires webpack 4 f…
ae967f7 
…or now (#6401)
@yoyo930021
feat(cli-service): provide jsconfig.json in no-ts template (#6285)
0dc604c
@haoqunjiang
feat: support vue.config.mjs (#6405)
dd217b2
@Alex-Sokolov
docs: [RU] Translation update (#6417)
6563bc7 
* docs: (ru) config/readme.md update

* docs: (ru) eslint.md update

* docs: (ru) cli-service.md update

* docs: (ru) css.md update

* docs: (ru) mode-and-env.md update

* docs: (ru) deployment.md update

Co-authored-by: Alex Sokolov <4497128+Alex-Sokolov@users.noreply.github.com>
@haoqunjiang
feat!: turn on modern mode by default, and provide a --no-module op…
cd78376 
…tion (#6416)
@haoqunjiang
fix: disable realContentHash optimization in app target
448ab96 
It's messing with the html-webpack-plugin, telling it the wrong hash of
the legacy bundle, therefore making the modern mode fallback unusable.

(TODO: add a test later)
@haoqunjiang
fixup! fix: disable realContentHash optimization in app target
8a3dfa4
@m0ksem
fix: show fallback message for typescript jest preset if ts-jest is n…
2f5ced3 
…ot installed (#6418)

Co-authored-by: Haoqun Jiang <haoqunjiang@gmail.com>

closes #6383
@haoqunjiang
test: use explicit targets in babel tests
f782fa3 
Fixes the issue caused by babel/babel#12989
@haoqunjiang
chore: add notes about upcoming Babel 8 esmodules change [skip ci]
3b851a8
@haoqunjiang
feat: only needs one bundle if all targets support es module (#6419)
aad72cf
@haoqunjiang
chore: should output meaningful error message for missing vue-jest dep
791fa28 
follow up of #6418
@haoqunjiang
feat!: always inject safari-nomodule-fix as an external script; drop …
0aa8a55 
…`--no-unsafe-inline` flag (#6422)
@jamesgeorge007
chore: rely on default arg parser behavior (#6413)
a16b017
@haoqunjiang
feat!: upgrade to css-minimizer-webpack-plugin v2 (#6420)
e661a92
@MowlCoder
docs: fix master to main in heroku deployment (#6359)
ad213f0
@haoqunjiang
chore: some dependency version bumps (#6430)
4473ca2 
Default Cypress version is now v7
@IndexXuan
feat(plugin-typescript): add all recommended tsconfig (#6428)
3f3d036
@haoqunjiang
fix: should not include IE11 target in Vue 3 projects (#6437)
a1979bd 
As Vue 3 does not, and likely will not support IE11.

vuejs/rfcs#294
haoqunjiang and others added 30 commits June 15, 2022 20:35
@haoqunjiang
docs: fix 404 links
619965b
@blzsaa
fix: eliminate calling deprecated function in cli-plugin-e2e-cypress …
27dba1a 
…and cli-plugin-e2e-nightwatch (#7158)

Co-authored-by: blzsaa <blzsaa@users.noreply.github.com>
@blzsaa
feat(upgrade): prevent changing the structure of package.json file du…
64446e0 
…ring upgrade (#7167)

Co-authored-by: blzsaa <blzsaa@users.noreply.github.com>
@haoqunjiang
v5.0.5
98c66c9
@haoqunjiang
fix: compatibility with Vue 2.7
a648958
@haoqunjiang
fixup! fix: compatibility with Vue 2.7
fcf27e3
@haoqunjiang
chore: fix lint errors
6b163f2
@haoqunjiang
v5.0.6
ef08a08
@backrunner
fix: optimize the judgment on whether HTTPS has been set in options (#…
bddd64d 
…7202)
@haoqunjiang
fix: support devServer.server option, avoid deprecation warning
558dea2 
Closes #7024
Fixes #7118

I choose to not merge the PR because I don't want add additional ways
to configure https for dev server (`--http2` command line argument,
`process.env.HTTPS`, etc.)

In the current implementation, `spdy` can only be configured by setting
`{ devServer: server: { type: 'spdy' } }`.
This is a deliberate choice, because SPDY support in Node.js 15+ is
broken anyway. I don't want bother refactoring the old code to
accommodate this broken feature.
@haoqunjiang
fix: allow disabling progress plugin via devServer.client.progress
beffe8a
@haoqunjiang
chore: upgrade to apollo-server-express 3.x (#7210)
23fa20f
@haoqunjiang
chore: update fallback chromedriver version
6f9b6ec 
It is only served as a fallback version number when local Chrome version
detection failed. Updating the version to the latest may reduce
user frustrations when such rare scenarios are encountered.

Closes #7203
@haoqunjiang
v5.0.7
4a0655f
@haoqunjiang
chore: update changelog
a5a893e
@haoqunjiang
fix: Vue CLI UI graphql subscription server error
07052c4 
Fixes #7221

`subscriptions-transport-ws` is also deprecated, we need to move to
`graphql-ws` one day.
But better deprecatedthan broken.
@backrunner
fix: add devServer.server.type to useHttps judgement (#7222)
0260e4d
@haoqunjiang
ci: bump appveyor node version
4e024b7 
The dev dependency `@graphql-eslint/eslint-plugin` is causing CI
failures in Node.js 12
@haoqunjiang
v5.0.8
b154dbd
@yyx990803
chore: update readme [ci skip]
bc1c0bc
@yyx990803
docs: bump vitepress
95ad425
@yyx990803
docs: add recommendation for create-vue in docs
7c0134e
@yyx990803
docs: simplify message wording + message on landing page
248f770
@yyx990803
docs: revert vitepress version
e636817
@lvqq
fix: pnpm v7 install error (#7265)
ea4c98a
@dependabot
chore(deps): bump loader-utils from 1.4.0 to 1.4.1 (#7324)
f0f254e 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@haoqunjiang
docs: fix a broken link [skip ci]
cb4477f 
vuejs/eslint-config-prettier#11

I would recommend using the ESLint CLI directly over
`@vue/cli-plugin-eslint` at this point.
But for users who are stuck with old versions and still read this
migration guide, they deserve a working link.
@haoqunjiang
docs: add --no flag to npx command to avoid downloading the incor…
f36a4ed 
…rect package from npm

Thanks to @alxndrsn for finding this issue and the insightful blog post.
https://www.alxndrsn.com/2024-08-01-npx-binary-confusion/

Also thanks to @lirantal for his newsletter that brought this issue to
my attention.
https://www.nodejs-security.com/newsletter/npm-supply-chain-security-prisma-orm-security-fun-nodejs-security-challenges
@bobvandevijver
fix: add missing default __VUE_PROD_HYDRATION_MISMATCH_DETAILS__ (#…
c21c156 
…7443)

Fixes vue v3.5.19 compatibility
@haoqunjiang
v5.0.9
7eb93c1
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

⤵️ pull merge-conflict Resolve conflicts manually

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.