Skip to content

Releases: waysact/webpack-subresource-integrity

v5.2.0-rc.1

22 Feb 17:12
@jscheid jscheid
v5.2.0-rc.1
48644cf
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v5.2.0-rc.1 Pre-release
Pre-release
  • Performance optimizations for big projects (#189)
  • Add ES module distribution (CommonJS still available)
  • Internal refactoring
  • Dev dependency upgrades
Assets 2
Loading

v5.1.0

12 Jan 23:16
@jscheid jscheid
v5.1.0
ad9265e
This commit was signed with the committer’s verified signature. The key has expired.
jscheid Julian Scheid
GPG key ID: 2B652F46316BF327
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v5.1.0 Latest
Latest
  • Allow deferred loading of hashes. Specifying the new option hashLoading: "lazy" will cause integrity hashes for any given asset to be defined in its direct parents in the chunk graph. This can lead to duplication of hashes across assets, but can significantly reduce the size of entry chunk(s) when there are a large number of async chunks. (#171)
Assets 2
Loading

v5.0.0

24 Aug 20:47
@jscheid jscheid
v5.0.0
40ec3ce
Compare
Choose a tag to compare
v5.0.0

No changes compared to v5.0.0-rc.1.

Changes compared to v1.5.2:

BREAKING CHANGES

(See migrating from v1 to v5.)

  • Drop compatibility with Webpack < 5.12.0.
  • Drop compatibility with Node < 10.
  • Drop compatibility with html-webpack-plugin < 5.0.0-beta.1.
  • Drop default export, new named export SubresourceIntegrityPlugin.
  • When integrity for an asset cannot be determined this now emits an error. Previously, a warning was emitted.
  • Option enabled now defaults to "auto", which enables the plugin in all Webpack modes except for development. Previously, the plugin was disabled by default in all modes.

Other Changes

  • Compatibility with html-webpack-plugin 5 and new Webpack 5 asset processing pipeline.
  • Option hashFuncNames now has a default: ["sha384"].
  • All code has been rewritten in TypeScript. We now include TypeScript type definitions inside the package.
  • No longer imports webpack (#150)
  • Warn when using dangerous filename hashes (#162)
Assets 2
Loading

v5.0.0-rc.1

02 Aug 10:53
@jscheid jscheid
v5.0.0-rc.1
061d9b0
Compare
Choose a tag to compare
v5.0.0-rc.1 Pre-release
Pre-release
  • Warn when using dangerous filename hashes (#162)
  • Minor non-functional changes
Assets 2
Loading

v5.0.0-alpha.5

03 Mar 06:59
@jscheid jscheid
v5.0.0-alpha.5
8911318
This commit was signed with the committer’s verified signature. The key has expired.
jscheid Julian Scheid
GPG key ID: CC0C70CFA3A654CD
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v5.0.0-alpha.5 Pre-release
Pre-release
  • Fix handling of chunks with multiple files (#154)
  • Fix stats factory when using real content hash
Assets 2
Loading

v5.0.0-alpha.4

24 Feb 23:39
@jscheid jscheid
v5.0.0-alpha.4
50e743e
This commit was signed with the committer’s verified signature. The key has expired.
jscheid Julian Scheid
GPG key ID: CC0C70CFA3A654CD
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v5.0.0-alpha.4 Pre-release
Pre-release
  • Fix real content hash generation (#152)
Assets 2
Loading

v5.0.0-alpha.3

10 Feb 05:02
@jscheid jscheid
v5.0.0-alpha.3
cc0bc1a
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v5.0.0-alpha.3 Pre-release
Pre-release

  • Do not import webpack (#150)

    Adds compatibility with Next.js 10.0.6. Please note that installing this plugin in Next.js is not enough to gain integrity since top-level assets will remain unprotected.

Assets 2
Loading

v5.0.0-alpha.2

10 Feb 00:48
@jscheid jscheid
v5.0.0-alpha.2
c7ef9d6
This commit was signed with the committer’s verified signature. The key has expired.
jscheid Julian Scheid
GPG key ID: CC0C70CFA3A654CD
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v5.0.0-alpha.2 Pre-release
Pre-release
  • Fix error when a processed tag has no attributes (#147)
Assets 2
Loading

v5.0.0-alpha.1

19 Jan 22:03
@jscheid jscheid
v5.0.0-alpha.1
b7e6371
This commit was signed with the committer’s verified signature. The key has expired.
jscheid Julian Scheid
GPG key ID: CC0C70CFA3A654CD
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v5.0.0-alpha.1 Pre-release
Pre-release

BREAKING CHANGES

  • Drop compatibility with Webpack < 5.12.0.
  • Drop compatibility with Node < 10.
  • Drop compatibility with html-webpack-plugin < 5.0.0-beta.1.
  • Drop default export, new named export SubresourceIntegrityPlugin.
  • When integrity for an asset cannot be determined this now emits an error. Previously, a warning was emitted.
  • Option enabled now defaults to "auto", which enables the plugin in all Webpack modes except for development. Previously, the plugin was disabled by default in all modes.

Other Changes

  • Compatibility with html-webpack-plugin 5 and new Webpack 5 asset processing pipeline.
  • Option hashFuncNames now has a default: ["sha384"].
  • All code has been rewritten in TypeScript. We now include TypeScript type definitions inside the package.
Assets 2
Loading

v1.5.2

05 Nov 08:57
@jscheid jscheid
v1.5.2
4c965fc
This commit was signed with the committer’s verified signature. The key has expired.
jscheid Julian Scheid
GPG key ID: CC0C70CFA3A654CD
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.5.2
  • Fix dynamic loading of named chunks in Webpack 5 (#135)
  • Fix bogus warnings about non-Web builds with some of Webpack 5's new target types (#134)
Assets 2
Loading