From 43d422397aec2e10beeffdd5da6d3081faa54e71 Mon Sep 17 00:00:00 2001 From: "Noggling[bot]" Date: Wed, 29 Oct 2025 08:24:59 +0000 Subject: [PATCH] Version Packages --- .changeset/honest-bats-pay.md | 33 ----------------- cookbooks/poc-portal/CHANGELOG.md | 34 ++++++++++++++++++ cookbooks/poc-portal/package.json | 2 +- cookbooks/portal/CHANGELOG.md | 7 ++++ cookbooks/portal/package.json | 2 +- packages/cli/CHANGELOG.md | 35 +++++++++++++++++++ packages/cli/package.json | 2 +- packages/dev-portal/CHANGELOG.md | 31 ++++++++++++++++ packages/dev-portal/package.json | 2 +- packages/dev-server/CHANGELOG.md | 35 +++++++++++++++++++ packages/dev-server/package.json | 2 +- .../vite-plugins/api-service/CHANGELOG.md | 31 ++++++++++++++++ .../vite-plugins/api-service/package.json | 2 +- packages/vite-plugins/spa/CHANGELOG.md | 31 ++++++++++++++++ packages/vite-plugins/spa/package.json | 2 +- 15 files changed, 211 insertions(+), 40 deletions(-) delete mode 100644 .changeset/honest-bats-pay.md diff --git a/.changeset/honest-bats-pay.md b/.changeset/honest-bats-pay.md deleted file mode 100644 index 43dd364e4b..0000000000 --- a/.changeset/honest-bats-pay.md +++ /dev/null @@ -1,33 +0,0 @@ ---- -"@equinor/fusion-framework-vite-plugin-api-service": patch -"@equinor/fusion-framework-vite-plugin-spa": patch -"poc-portal": patch -"@equinor/fusion-framework-dev-portal": patch -"@equinor/fusion-framework-dev-server": patch -"@equinor/fusion-framework-cli": patch ---- - -**Security:** Update Vite to v7.1.12 - -This update addresses a security vulnerability in Vite's development server and includes bug fixes for improved compatibility. The update ensures secure development environments and better plugin ecosystem compatibility. - -**Changes:** -- Updated Vite from v7.1.10 to v7.1.12 -- Includes security fix for development server file system checks -- Includes compatibility fix for CommonJS plugin -- No breaking changes or API modifications - -**Security Fix (v7.1.11):** -- **dev**: trim trailing slash before `server.fs.deny` check ([#20968](https://github.com/vitejs/vite/issues/20968)) - - Prevents potential path traversal vulnerability in development server - - Only affects development environment, not production builds - -**Bug Fix (v7.1.12):** -- **deps**: downgrade commonjs plugin to 28.0.6 to avoid rollup/plugins issues ([#20990](https://github.com/vitejs/vite/issues/20990)) - - Improves compatibility with Rollup plugin ecosystem - - Prevents potential build issues - -All packages using Vite as a development dependency are updated to the latest secure version. This is a patch-level security and bug fix update that maintains full compatibility with existing functionality. - - -closes: https://github.com/equinor/fusion/issues/723 \ No newline at end of file diff --git a/cookbooks/poc-portal/CHANGELOG.md b/cookbooks/poc-portal/CHANGELOG.md index 824e45b533..e4e1238e3a 100644 --- a/cookbooks/poc-portal/CHANGELOG.md +++ b/cookbooks/poc-portal/CHANGELOG.md @@ -1,5 +1,39 @@ # poc-portal +## 1.1.15 + +### Patch Changes + +- [#3652](https://github.com/equinor/fusion-framework/pull/3652) [`8d50adc`](https://github.com/equinor/fusion-framework/commit/8d50adc17e81fc46da81795125832af8add5f678) Thanks [@dependabot](https://github.com/apps/dependabot)! - **Security:** Update Vite to v7.1.12 + + This update addresses a security vulnerability in Vite's development server and includes bug fixes for improved compatibility. The update ensures secure development environments and better plugin ecosystem compatibility. + + **Changes:** + + - Updated Vite from v7.1.10 to v7.1.12 + - Includes security fix for development server file system checks + - Includes compatibility fix for CommonJS plugin + - No breaking changes or API modifications + + **Security Fix (v7.1.11):** + + - **dev**: trim trailing slash before `server.fs.deny` check ([#20968](https://github.com/vitejs/vite/issues/20968)) + - Prevents potential path traversal vulnerability in development server + - Only affects development environment, not production builds + + **Bug Fix (v7.1.12):** + + - **deps**: downgrade commonjs plugin to 28.0.6 to avoid rollup/plugins issues ([#20990](https://github.com/vitejs/vite/issues/20990)) + - Improves compatibility with Rollup plugin ecosystem + - Prevents potential build issues + + All packages using Vite as a development dependency are updated to the latest secure version. This is a patch-level security and bug fix update that maintains full compatibility with existing functionality. + + closes: https://github.com/equinor/fusion/issues/723 + +- Updated dependencies [[`8d50adc`](https://github.com/equinor/fusion-framework/commit/8d50adc17e81fc46da81795125832af8add5f678)]: + - @equinor/fusion-framework-cli@12.3.6 + ## 1.1.14 ### Patch Changes diff --git a/cookbooks/poc-portal/package.json b/cookbooks/poc-portal/package.json index 0b78f61f89..5e41cb2dc8 100644 --- a/cookbooks/poc-portal/package.json +++ b/cookbooks/poc-portal/package.json @@ -1,6 +1,6 @@ { "name": "poc-portal", - "version": "1.1.14", + "version": "1.1.15", "description": "", "main": "src/index.tsx", "private": true, diff --git a/cookbooks/portal/CHANGELOG.md b/cookbooks/portal/CHANGELOG.md index e4253284be..f973085498 100644 --- a/cookbooks/portal/CHANGELOG.md +++ b/cookbooks/portal/CHANGELOG.md @@ -1,5 +1,12 @@ # portal +## 0.1.5 + +### Patch Changes + +- Updated dependencies [[`8d50adc`](https://github.com/equinor/fusion-framework/commit/8d50adc17e81fc46da81795125832af8add5f678)]: + - @equinor/fusion-framework-cli@12.3.6 + ## 0.1.4 ### Patch Changes diff --git a/cookbooks/portal/package.json b/cookbooks/portal/package.json index 170e2ad606..35616739fe 100644 --- a/cookbooks/portal/package.json +++ b/cookbooks/portal/package.json @@ -1,6 +1,6 @@ { "name": "portal", - "version": "0.1.4", + "version": "0.1.5", "description": "", "main": "dist/index.js", "private": true, diff --git a/packages/cli/CHANGELOG.md b/packages/cli/CHANGELOG.md index d8cb3f9c66..715052470b 100644 --- a/packages/cli/CHANGELOG.md +++ b/packages/cli/CHANGELOG.md @@ -1,5 +1,40 @@ # Change Log +## 12.3.6 + +### Patch Changes + +- [#3652](https://github.com/equinor/fusion-framework/pull/3652) [`8d50adc`](https://github.com/equinor/fusion-framework/commit/8d50adc17e81fc46da81795125832af8add5f678) Thanks [@dependabot](https://github.com/apps/dependabot)! - **Security:** Update Vite to v7.1.12 + + This update addresses a security vulnerability in Vite's development server and includes bug fixes for improved compatibility. The update ensures secure development environments and better plugin ecosystem compatibility. + + **Changes:** + + - Updated Vite from v7.1.10 to v7.1.12 + - Includes security fix for development server file system checks + - Includes compatibility fix for CommonJS plugin + - No breaking changes or API modifications + + **Security Fix (v7.1.11):** + + - **dev**: trim trailing slash before `server.fs.deny` check ([#20968](https://github.com/vitejs/vite/issues/20968)) + - Prevents potential path traversal vulnerability in development server + - Only affects development environment, not production builds + + **Bug Fix (v7.1.12):** + + - **deps**: downgrade commonjs plugin to 28.0.6 to avoid rollup/plugins issues ([#20990](https://github.com/vitejs/vite/issues/20990)) + - Improves compatibility with Rollup plugin ecosystem + - Prevents potential build issues + + All packages using Vite as a development dependency are updated to the latest secure version. This is a patch-level security and bug fix update that maintains full compatibility with existing functionality. + + closes: https://github.com/equinor/fusion/issues/723 + +- Updated dependencies [[`8d50adc`](https://github.com/equinor/fusion-framework/commit/8d50adc17e81fc46da81795125832af8add5f678)]: + - @equinor/fusion-framework-dev-portal@1.2.3 + - @equinor/fusion-framework-dev-server@1.1.9 + ## 12.3.5 ### Patch Changes diff --git a/packages/cli/package.json b/packages/cli/package.json index 4b466c49ec..63151bff39 100644 --- a/packages/cli/package.json +++ b/packages/cli/package.json @@ -1,6 +1,6 @@ { "name": "@equinor/fusion-framework-cli", - "version": "12.3.5", + "version": "12.3.6", "keywords": [ "Fusion", "Fusion Framework", diff --git a/packages/dev-portal/CHANGELOG.md b/packages/dev-portal/CHANGELOG.md index 6c30171ca2..8fd658a021 100644 --- a/packages/dev-portal/CHANGELOG.md +++ b/packages/dev-portal/CHANGELOG.md @@ -1,5 +1,36 @@ # @equinor/fusion-framework-dev-portal +## 1.2.3 + +### Patch Changes + +- [#3652](https://github.com/equinor/fusion-framework/pull/3652) [`8d50adc`](https://github.com/equinor/fusion-framework/commit/8d50adc17e81fc46da81795125832af8add5f678) Thanks [@dependabot](https://github.com/apps/dependabot)! - **Security:** Update Vite to v7.1.12 + + This update addresses a security vulnerability in Vite's development server and includes bug fixes for improved compatibility. The update ensures secure development environments and better plugin ecosystem compatibility. + + **Changes:** + + - Updated Vite from v7.1.10 to v7.1.12 + - Includes security fix for development server file system checks + - Includes compatibility fix for CommonJS plugin + - No breaking changes or API modifications + + **Security Fix (v7.1.11):** + + - **dev**: trim trailing slash before `server.fs.deny` check ([#20968](https://github.com/vitejs/vite/issues/20968)) + - Prevents potential path traversal vulnerability in development server + - Only affects development environment, not production builds + + **Bug Fix (v7.1.12):** + + - **deps**: downgrade commonjs plugin to 28.0.6 to avoid rollup/plugins issues ([#20990](https://github.com/vitejs/vite/issues/20990)) + - Improves compatibility with Rollup plugin ecosystem + - Prevents potential build issues + + All packages using Vite as a development dependency are updated to the latest secure version. This is a patch-level security and bug fix update that maintains full compatibility with existing functionality. + + closes: https://github.com/equinor/fusion/issues/723 + ## 1.2.2 ### Patch Changes diff --git a/packages/dev-portal/package.json b/packages/dev-portal/package.json index a71b96c67f..22a4bcbd81 100644 --- a/packages/dev-portal/package.json +++ b/packages/dev-portal/package.json @@ -1,6 +1,6 @@ { "name": "@equinor/fusion-framework-dev-portal", - "version": "1.2.2", + "version": "1.2.3", "description": "", "type": "module", "module": "./dist/main.js", diff --git a/packages/dev-server/CHANGELOG.md b/packages/dev-server/CHANGELOG.md index a42c932e45..876f8a04f8 100644 --- a/packages/dev-server/CHANGELOG.md +++ b/packages/dev-server/CHANGELOG.md @@ -1,5 +1,40 @@ # @equinor/fusion-framework-dev-server +## 1.1.9 + +### Patch Changes + +- [#3652](https://github.com/equinor/fusion-framework/pull/3652) [`8d50adc`](https://github.com/equinor/fusion-framework/commit/8d50adc17e81fc46da81795125832af8add5f678) Thanks [@dependabot](https://github.com/apps/dependabot)! - **Security:** Update Vite to v7.1.12 + + This update addresses a security vulnerability in Vite's development server and includes bug fixes for improved compatibility. The update ensures secure development environments and better plugin ecosystem compatibility. + + **Changes:** + + - Updated Vite from v7.1.10 to v7.1.12 + - Includes security fix for development server file system checks + - Includes compatibility fix for CommonJS plugin + - No breaking changes or API modifications + + **Security Fix (v7.1.11):** + + - **dev**: trim trailing slash before `server.fs.deny` check ([#20968](https://github.com/vitejs/vite/issues/20968)) + - Prevents potential path traversal vulnerability in development server + - Only affects development environment, not production builds + + **Bug Fix (v7.1.12):** + + - **deps**: downgrade commonjs plugin to 28.0.6 to avoid rollup/plugins issues ([#20990](https://github.com/vitejs/vite/issues/20990)) + - Improves compatibility with Rollup plugin ecosystem + - Prevents potential build issues + + All packages using Vite as a development dependency are updated to the latest secure version. This is a patch-level security and bug fix update that maintains full compatibility with existing functionality. + + closes: https://github.com/equinor/fusion/issues/723 + +- Updated dependencies [[`8d50adc`](https://github.com/equinor/fusion-framework/commit/8d50adc17e81fc46da81795125832af8add5f678)]: + - @equinor/fusion-framework-vite-plugin-api-service@1.2.3 + - @equinor/fusion-framework-vite-plugin-spa@2.0.1 + ## 1.1.8 ### Patch Changes diff --git a/packages/dev-server/package.json b/packages/dev-server/package.json index 549acfc95a..7c384a68b8 100644 --- a/packages/dev-server/package.json +++ b/packages/dev-server/package.json @@ -1,6 +1,6 @@ { "name": "@equinor/fusion-framework-dev-server", - "version": "1.1.8", + "version": "1.1.9", "description": "Package for running a development server for fusion-framework", "type": "module", "exports": { diff --git a/packages/vite-plugins/api-service/CHANGELOG.md b/packages/vite-plugins/api-service/CHANGELOG.md index 5d1afea6bd..0f2f58de8f 100644 --- a/packages/vite-plugins/api-service/CHANGELOG.md +++ b/packages/vite-plugins/api-service/CHANGELOG.md @@ -1,5 +1,36 @@ # @equinor/fusion-framework-vite-plugin-api-service +## 1.2.3 + +### Patch Changes + +- [#3652](https://github.com/equinor/fusion-framework/pull/3652) [`8d50adc`](https://github.com/equinor/fusion-framework/commit/8d50adc17e81fc46da81795125832af8add5f678) Thanks [@dependabot](https://github.com/apps/dependabot)! - **Security:** Update Vite to v7.1.12 + + This update addresses a security vulnerability in Vite's development server and includes bug fixes for improved compatibility. The update ensures secure development environments and better plugin ecosystem compatibility. + + **Changes:** + + - Updated Vite from v7.1.10 to v7.1.12 + - Includes security fix for development server file system checks + - Includes compatibility fix for CommonJS plugin + - No breaking changes or API modifications + + **Security Fix (v7.1.11):** + + - **dev**: trim trailing slash before `server.fs.deny` check ([#20968](https://github.com/vitejs/vite/issues/20968)) + - Prevents potential path traversal vulnerability in development server + - Only affects development environment, not production builds + + **Bug Fix (v7.1.12):** + + - **deps**: downgrade commonjs plugin to 28.0.6 to avoid rollup/plugins issues ([#20990](https://github.com/vitejs/vite/issues/20990)) + - Improves compatibility with Rollup plugin ecosystem + - Prevents potential build issues + + All packages using Vite as a development dependency are updated to the latest secure version. This is a patch-level security and bug fix update that maintains full compatibility with existing functionality. + + closes: https://github.com/equinor/fusion/issues/723 + ## 1.2.2 ### Patch Changes diff --git a/packages/vite-plugins/api-service/package.json b/packages/vite-plugins/api-service/package.json index 57122c189b..6d5a64faf8 100644 --- a/packages/vite-plugins/api-service/package.json +++ b/packages/vite-plugins/api-service/package.json @@ -1,6 +1,6 @@ { "name": "@equinor/fusion-framework-vite-plugin-api-service", - "version": "1.2.2", + "version": "1.2.3", "description": "Vite plugin for proxying service discovery and mocking", "type": "module", "exports": { diff --git a/packages/vite-plugins/spa/CHANGELOG.md b/packages/vite-plugins/spa/CHANGELOG.md index d735a1403d..18bfc8e9c9 100644 --- a/packages/vite-plugins/spa/CHANGELOG.md +++ b/packages/vite-plugins/spa/CHANGELOG.md @@ -1,5 +1,36 @@ # @equinor/fusion-framework-vite-plugin-spa +## 2.0.1 + +### Patch Changes + +- [#3652](https://github.com/equinor/fusion-framework/pull/3652) [`8d50adc`](https://github.com/equinor/fusion-framework/commit/8d50adc17e81fc46da81795125832af8add5f678) Thanks [@dependabot](https://github.com/apps/dependabot)! - **Security:** Update Vite to v7.1.12 + + This update addresses a security vulnerability in Vite's development server and includes bug fixes for improved compatibility. The update ensures secure development environments and better plugin ecosystem compatibility. + + **Changes:** + + - Updated Vite from v7.1.10 to v7.1.12 + - Includes security fix for development server file system checks + - Includes compatibility fix for CommonJS plugin + - No breaking changes or API modifications + + **Security Fix (v7.1.11):** + + - **dev**: trim trailing slash before `server.fs.deny` check ([#20968](https://github.com/vitejs/vite/issues/20968)) + - Prevents potential path traversal vulnerability in development server + - Only affects development environment, not production builds + + **Bug Fix (v7.1.12):** + + - **deps**: downgrade commonjs plugin to 28.0.6 to avoid rollup/plugins issues ([#20990](https://github.com/vitejs/vite/issues/20990)) + - Improves compatibility with Rollup plugin ecosystem + - Prevents potential build issues + + All packages using Vite as a development dependency are updated to the latest secure version. This is a patch-level security and bug fix update that maintains full compatibility with existing functionality. + + closes: https://github.com/equinor/fusion/issues/723 + ## 2.0.0 ### Patch Changes diff --git a/packages/vite-plugins/spa/package.json b/packages/vite-plugins/spa/package.json index 67d036626c..85fdf02454 100644 --- a/packages/vite-plugins/spa/package.json +++ b/packages/vite-plugins/spa/package.json @@ -1,6 +1,6 @@ { "name": "@equinor/fusion-framework-vite-plugin-spa", - "version": "2.0.0", + "version": "2.0.1", "description": "Vite plugin for SPA development", "type": "module", "types": "dist/types/index.d.ts",