csp-html-webpack-plugin
csp-html-webpack-plugin copied to clipboard
slackhq
A plugin which, when combined with HTMLWebpackPlugin, adds CSP tags to the HTML output.
### Summary So I've read the Contributing Guidelines and signed the CLA, then created a pull request and found that I had not signed the CLA. Turns out it links...
### Description Describe your issue here. ### What type of issue is this? (place an `x` in one of the `[ ]`) - [ ] bug - [x] enhancement (feature...
### Nonce reuse I have a question in regard to `nonceEnabled`: I assume that the `csp-html-webpack-plugin` is only invoked at build time and not for every http request. If this...
### Description At @productboard we plan to use this plugin (thanks for that!). We use script preloads to optimize loading experience. I propose that nonces should be also added on...
Bumps [word-wrap](https://github.com/jonschlinkert/word-wrap) from 1.2.3 to 1.2.4. Release notes Sourced from word-wrap's releases. 1.2.4 What's Changed Remove default indent by @mohd-akram in jonschlinkert/word-wrap#24 🔒fix: CVE 2023 26115 (2) by @OlafConijn in...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [tough-cookie](https://github.com/salesforce/tough-cookie) and [jsdom](https://github.com/jsdom/jsdom). These dependencies needed to be updated together. Updates `tough-cookie` from 2.5.0 to 4.1.3 Release notes Sourced from tough-cookie's releases. 4.1.3 Security fix for Prototype Pollution discovery...
Bumps [json-schema](https://github.com/kriszyp/json-schema) and [jsprim](https://github.com/joyent/node-jsprim). These dependencies needed to be updated together. Updates `json-schema` from 0.2.3 to 0.4.0 Commits f6f6a3b Use a little more robust method of checking instances ef60987 Update...
Bumps [ansi-regex](https://github.com/chalk/ansi-regex) from 5.0.0 to 5.0.1. Release notes Sourced from ansi-regex's releases. v5.0.1 Fixes (backport of 6.0.1 to v5) This is a backport of the minor ReDos vulnerability in ansi-regex@<6.0.1,...
Bumps [webpack](https://github.com/webpack/webpack) from 5.10.1 to 5.76.0. Release notes Sourced from webpack's releases. v5.76.0 Bugfixes Avoid cross-realm object access by @Jack-Works in webpack/webpack#16500 Improve hash performance via conditional initialization by @lvivski...
Bumps [minimist](https://github.com/minimistjs/minimist) from 1.2.5 to 1.2.8. Changelog Sourced from minimist's changelog. v1.2.8 - 2023-02-09 Merged [Fix] Fix long option followed by single dash [#17](https://github.com/minimistjs/minimist/issues/17) [Tests] Remove duplicate test [#12](https://github.com/minimistjs/minimist/issues/12) [Fix]...