Skip to content

@vitejs/plugin-legacy CSP hashes outdated #12112

New issue
New issue
Closed
#12118
Closed
@vitejs/plugin-legacy CSP hashes outdated#12112
#12118
Labels
documentationImprovements or additions to documentation
@anderskiaer

Description

@anderskiaer
anderskiaer
opened on Feb 19, 2023

Documentation is

  • Outdated

Explain in Detail

The last two hashes listed in https://github.com/vitejs/vite/tree/main/packages/plugin-legacy#content-security-policy, which comes from

vite/packages/plugin-legacy/README.md

Lines 160 to 163 in 6c50119

- `sha256-MS6/3FCg4WjP9gwgaBGwLpRCY6fZBgwmhVCdrPrNf3E=`
- `sha256-tQjf8gvb2ROOMapIxFvFAYBeUJ0v1HCbOcSmDNXGtDo=`
- `sha256-BoFUHKsYhJ9tbsHugtNQCmnkBbZ11pcW6kZguu+T+EU=`
- `sha256-A18HC3jLpyEc9B8oyxq/NBFCyFBJFSsRLt0gmT9kft8=`
appears to be outdated.

The hashes returned from import { cspHashes } from '@vitejs/plugin-legacy' using v4.0.1:

[
  'MS6/3FCg4WjP9gwgaBGwLpRCY6fZBgwmhVCdrPrNf3E=',
  'tQjf8gvb2ROOMapIxFvFAYBeUJ0v1HCbOcSmDNXGtDo=',
  'p7PoC97FO+Lu90RNjGWxhbm13yALSR4xzV8vaDhaQBo=',
  '+5XkZFazzJo8n0iOP4ti/cLCMUudTf//Mzkb7xNPXIc='
]

Your Suggestion for Changes

  • Update the README.md file in @vitejs/plugin-legacy to have correct hashes.
  • Should there also be added an automatic CI test that e.g. checks that the hashes in cspHashes from @vitejs/plugin-legacy exists in the README.md in order to ensure it does not get outdated again?

Reproduction

No response

Steps to reproduce

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    documentationImprovements or additions to documentation

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions