Releases: webpack/webpack-dev-middleware
v3.1.0
v3.0.0
Updates
- Webpack 4 (#267)
- remove watchOffset option in favor of time-fix-plugin
Breaking Changes
- Introduces full support for webpack v4 and removes support for lesser versions.
- The
watchOffset
option has been removed and the README has been updated with alternative means of accomplishing the same result for this module and webpack v4. middleware.webpack
now returns aPromise
that should be handled with.then
when needing to perform other actions, like adding additional middleware.
v2.0.2
Updates
- Implemented
webpack-log
, removed dependencies related to the previous logging implementation.
v2.0.1
Publish to correct package.json
.
v2.0.0
This major release introduces a comprehensive refactor of the codebase and move to leverage more ES6 as supported by Node 6+. It also introduced a number of breaking changes, as outlined below.
Node Version Support
webpack-dev-middleware version 2 and higher will only support Node 6.x and higher. Active
LTS for Node 4.x ended October 31st, 2017 and entered maintenance on that date.
Likewise, the version 1.x branch of webpack-dev-middleware will enter maintenance on
that date.
Informative Changes
- logging is now handled by
log-level
and follows the same patterns as
webpack-dev-server
.
Breaking Changes
watchDelay
option was previous deprecated and has now been removed.reportTime
option renamed tologTime
noInfo
option removed in favor of setting alogLevel
higher than'info'
quiet
option removed in favor oflogLevel: 'silent'
reporter
signature changed toreporter(middlewareOptions, reporterOptions)
v1.12.2
v1.12.1
v1.12.0
Updates
- Test updates for Node 8 and Sinon
Features
- Added optional time output for logging
Bugfixes
- Stop serving index.html if options.index is falsy
- Use querystring.unescape to fallback to safer equivalent that does not throw on malformed URIs
v1.11.0
Updates
- Webpack@3 Support
- Koa@2 Support
Features
- add
mimeTypes
option
Bugfixes
- Use options.log, warn and error for messages
- serverSideRendering example corrected
- added support for multi-compiler configuration
v1.10.2
Security fix:
This version contains a security fix, which is also breaking change if you have an insecure configuration.
We are releasing this breaking change as patch version to protect you from attacks.
Sorry if this breaks your setup, but the fix is easy.
We removed setting Access-Control-Allow-Origin
to *
be default. This allowed evil websites to access your assets.
Instead we ask you to set Access-Control-Allow-Origin
manually to your host if required in your setup.
Use the headers
option to do so.
middleware(compiler, {
headers: {
"Access-Control-Allow-Origin": "your-host"
}
})
Read more about CORS here: https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS
Bugfixes:
- Remove
Access-Control-Allow-Origin
=*
default