SAP / ui5-webcomponents-react / 17607235346
89%

DEFAULT BRANCH: main
Ran
Jobs 6
Files 221
Run time 1min
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
coverage: 89.321% (-0.02%) from 89.338%
17607235346

push

github

web-flow 
chore(deps): update dependency vite to v7.1.5 [security] (#7747)

This PR contains the following updates:

| Package | Change | Age | Confidence |
|---|---|---|---|
| [vite](https://vite.dev)
([source](https://redirect.github.com/vitejs/vite/tree/HEAD/packages/vite))
| [`7.1.4` ->
`7.1.5`](https://renovatebot.com/diffs/npm/vite/7.1.4/7.1.5) |
[![age](https://developer.mend.io/api/mc/badges/age/npm/vite/7.1.5?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/vite/7.1.4/7.1.5?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

### GitHub Vulnerability Alerts

####
[CVE-2025-58752](https://redirect.github.com/vitejs/vite/security/advisories/GHSA-jqfw-vq24-v9c3)

### Summary
Any HTML files on the machine were served regardless of the `server.fs`
settings.

### Impact

Only apps that match the following conditions are affected:

- explicitly exposes the Vite dev server to the network (using --host or
[server.host config
option](https://vitejs.dev/config/server-options.html#server-host))
- `appType: 'spa'` (default) or `appType: 'mpa'` is used

This vulnerability also affects the preview server. The preview server
allowed HTML files not under the output directory to be served.

### Details
The
[serveStaticMiddleware](https://redirect.github.com/vitejs/vite/blob/<a class=hub.com/SAP/ui5-webcomponents-react/commit/<a class="double-link" href="https://git"><a class=hub.com/SAP/ui5-webcomponents-react/commit/9719497adec4ad5ead21cafa19a324bb1d480194">9719497ad/packages/vite/src/node/server/middlewares/static.ts#L123)
function is in charge of serving static files from the server. It
returns the
[viteServeStaticMiddleware](https://redirect.github.com/vitejs/vite/blob/9719497adec4ad5ead21cafa19a324bb1d480194/packages/vite/src/node/server/middlewares/static.ts#L136)
function which runs the needed tests and serves the page. The
viteServeStaticMiddleware function [checks if the extension of the
requested file is
".html"](https://redirect.github.com/vitejs/vite/blob/9719497adec4ad5ead21cafa19a324bb1d480194/packages/vite/src/node/se... (continued)

3183 of 4089 branches covered (77.84%)

5529 of 6190 relevant lines covered (89.32%)

140219.56 hits per line

Uncovered Existing Lines

Lines Coverage File
1
89.19
 -2.7% packages/charts/src/components/ColumnChart/index.tsx
Subprojects
ID Flag name Job ID Ran Files Coverage
1 main/src/components 17607235346.1 152
87.3
 GitHub Action Run
2 compat 17607235346.2 163
17.97
 GitHub Action Run
3 charts 17607235346.3 210
26.54
 GitHub Action Run
4 main/src/internal 17607235346.4 152
14.59
 GitHub Action Run
5 base 17607235346.5 152
16.13
 GitHub Action Run
6 cypress-commands 17607235346.6 152
14.82
 GitHub Action Run
Source Files on build 17607235346