Update vite (CVE-2025-24010)

open-pioneer · Jan 22, 2025 · a5ff590 · a5ff590
1 parent 05b04a1
commit a5ff590
Show file tree

Hide file tree

Showing 4 changed files with 40 additions and 31 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,9 @@
 # Changelog
 
+## 2025-01-22
+
+-   Update Vite to version 5.4.14 due to CVE-2025-24010 ([GHSA-vg6x-rcgg-rjx6](https://github.com/vitejs/vite/security/advisories/GHSA-vg6x-rcgg-rjx6))
+
 ## 2024-12-05
 
 -   Update Open Pioneer Trails dependencies to latest version.

diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
diff --git a/pnpm-workspace.yaml b/pnpm-workspace.yaml
@@ -94,5 +94,5 @@ catalog:
   typedoc: ^0.26.10
   typescript: ~5.6.3
   vite-plugin-eslint: ^1.8.1
-  vite: ^5.4.9
+  vite: ^5.4.14
   vitest: ^2.1.3
diff --git a/vite.config.ts b/vite.config.ts
@@ -89,13 +89,18 @@ export default defineConfig(({ mode }) => {
                     inline: [/@open-pioneer[/\\]/]
                 }
             }
-        }
+        },
 
-        // disable hot reloading
-        // in dev mode press "r" to trigger reload and make changes active
-        // See also: https://vitejs.dev/config/server-options.html#server-hmr
-        /*server: {
-            hmr: false
-        }*/
+        // prettier-ignore
+        server: {
+            // Use this option if your development setup uses hostnames other than localhost.
+            // See also https://vite.dev/config/server-options.html#server-allowedhosts
+            // allowedHosts: [".example.com"],
+
+            // disable hot reloading
+            // in dev mode press "r" to trigger reload and make changes active
+            // See also: https://vitejs.dev/config/server-options.html#server-hmr
+            // hmr: false
+        }
     };
 });