Fix CSP

* update ember-cli-content-security-policy to the latest for [email protected] support * pin ember-cli to 3.25.1 pending a fix for adopted-ember-addons/ember-cli-content-security-policy#199 * disable the use of `eval()` in embroider scenarios to prevent violating the unsave-eval rule
bendemboski · May 2, 2021 · 6439150 · 6439150
1 parent fdcbd29
commit 6439150
Show file tree

Hide file tree

Showing 3 changed files with 27 additions and 20 deletions.
diff --git a/ember-cli-build.js b/ember-cli-build.js
@@ -20,5 +20,11 @@ module.exports = function (defaults) {
   */
 
   const { maybeEmbroider } = require('@embroider/test-setup');
-  return maybeEmbroider(app);
+  return maybeEmbroider(app, {
+    packagerOptions: {
+      webpackConfig: {
+        devtool: false,
+      },
+    },
+  });
 };
diff --git a/package.json b/package.json
@@ -64,10 +64,10 @@
     "babel-eslint": "^10.1.0",
     "broccoli-asset-rev": "^3.0.0",
     "ember-auto-import": "^1.11.2",
-    "ember-cli": "~3.26.0",
+    "ember-cli": "3.25.1",
     "ember-cli-addon-docs": "^1.0.0",
     "ember-cli-addon-docs-yuidoc": "^1.0.0",
-    "ember-cli-content-security-policy": "^2.0.0-1",
+    "ember-cli-content-security-policy": "^2.0.0-3",
     "ember-cli-dependency-checker": "^3.2.0",
     "ember-cli-deploy": "^1.0.2",
     "ember-cli-deploy-build": "^2.0.0",

diff --git a/yarn.lock b/yarn.lock
@@ -5736,7 +5736,7 @@ [email protected], debug@^2.1.0, debug@^2.1.1, debug@^2.1.3, debug@^2.2.0, debug@^2.3.
   dependencies:
     ms "2.0.0"
 
-debug@4, [email protected], debug@^4.0.0, debug@^4.0.1, debug@^4.1.0, debug@^4.1.1:
+debug@4, [email protected], debug@^4.0.0, debug@^4.0.1, debug@^4.1.0, debug@^4.1.1, debug@^4.3.1:
   version "4.3.1"
   resolved "https://registry.yarnpkg.com/debug/-/debug-4.3.1.tgz#f0d229c505e0c6d8c49ac553d1b13dc183f6b2ee"
   integrity sha512-doEwdvm4PCeK4K3RQN2ZC2BYUBaxwLARCqZmMjtF8a51J2Rb0xpVloFRnCODwqjpwnAoao4pelN8l3RJdv3gRQ==
@@ -5951,10 +5951,10 @@ detective@^5.2.0:
     defined "^1.0.0"
     minimist "^1.1.1"
 
-diff@^5.0.0:
-  version "5.0.0"
-  resolved "https://registry.yarnpkg.com/diff/-/diff-5.0.0.tgz#7ed6ad76d859d030787ec35855f5b1daf31d852b"
-  integrity sha512-/VTCrvm5Z0JGty/BWHljh+BAiw3IK+2j87NGMu8Nwc/f48WoDAC395uomO9ZD117ZOBaHmkX1oyLvkVM/aIT3w==
+diff@^4.0.2:
+  version "4.0.2"
+  resolved "https://registry.yarnpkg.com/diff/-/diff-4.0.2.tgz#60f3aecb89d5fae520c11aa19efc2bb982aade7d"
+  integrity sha512-58lmxKSA4BNyLz+HHMUzlOEpg09FV+ev6ZMe3vJihgdxzgcwZ8VoEEPmALCZG9LmqfVoNMMKpttIYTVG6uDY7A==
 
 diffie-hellman@^5.0.0:
   version "5.0.3"
@@ -6393,13 +6393,14 @@ ember-cli-clipboard@^0.15.0:
     ember-cli-babel "^7.20.2"
     ember-cli-htmlbars "^4.2.3"
 
-ember-cli-content-security-policy@^2.0.0-1:
-  version "2.0.0-1"
-  resolved "https://registry.yarnpkg.com/ember-cli-content-security-policy/-/ember-cli-content-security-policy-2.0.0-1.tgz#ed54e506cd51e9566b05ea1f5d3e886f47fd18ed"
-  integrity sha512-Iz2qFGZdNYQony/v1rp19ohAHE/JNoz4+MsK2E0XDLRTuFVeIOvpCLp+7On0915taQi+RkG8GyC46XM1IagMsQ==
+ember-cli-content-security-policy@^2.0.0-3:
+  version "2.0.0-3"
+  resolved "https://registry.yarnpkg.com/ember-cli-content-security-policy/-/ember-cli-content-security-policy-2.0.0-3.tgz#45e28d623688bf4ed773db6e6f4953229b83a7d1"
+  integrity sha512-Vf1q0gcWKwzxsPsaaA9ZE4csI4x3Cp9L1DQiJIN8V1KEXlrKMYe575SxDJHH54tgyNor3/0+7dRtKG5zIUdA3Q==
   dependencies:
     body-parser "^1.17.0"
     chalk "^4.0.0"
+    debug "^4.3.1"
     ember-cli-babel "^7.17.2"
     ember-cli-version-checker "^5.0.2"
 
@@ -6771,10 +6772,10 @@ ember-cli-version-checker@^5.1.0, ember-cli-version-checker@^5.1.1, ember-cli-ve
     semver "^7.3.4"
     silent-error "^1.1.1"
 
-ember-cli@~3.26.0:
-  version "3.26.0"
-  resolved "https://registry.yarnpkg.com/ember-cli/-/ember-cli-3.26.0.tgz#19b3b9701df7ab78a23f7d0f44bf26e78f031f71"
-  integrity sha512-zmwUS1i4w7nFIwNjPLNGPlH0lOZjbOfUt51FQsbS8zqRgbbA/oYGAfpiTzJfO3bONjiKy3irEQIqbdBQaXFA7w==
+ember-cli@3.25.1:
+  version "3.25.1"
+  resolved "https://registry.yarnpkg.com/ember-cli/-/ember-cli-3.25.1.tgz#d4f2529fc8447e1331b09bf4c4abc79075895f9d"
+  integrity sha512-LSLFZivV4LASFtw+4FeTy7t/tPrtO245FbHkDpWklJNov4jdCnV9ub38SWrWgi+WSRV+v3LRqROITxey1cEHqw==
   dependencies:
     "@babel/core" "^7.12.10"
     "@babel/plugin-transform-modules-amd" "^7.12.1"
@@ -6807,22 +6808,22 @@ ember-cli@~3.26.0:
     console-ui "^3.1.2"
     core-object "^3.1.5"
     dag-map "^2.0.2"
-    diff "^5.0.0"
+    diff "^4.0.2"
     ember-cli-is-package-missing "^1.0.0"
     ember-cli-lodash-subset "^2.0.1"
     ember-cli-normalize-entity-name "^1.0.0"
     ember-cli-preprocess-registry "^3.3.0"
     ember-cli-string-utils "^1.1.0"
     ember-source-channel-url "^3.0.0"
     ensure-posix-path "^1.1.1"
-    execa "^5.0.0"
+    execa "^4.1.0"
     exit "^0.1.2"
     express "^4.17.1"
     filesize "^6.1.0"
     find-up "^5.0.0"
     find-yarn-workspace-root "^2.0.0"
     fixturify-project "^2.1.0"
-    fs-extra "^9.1.0"
+    fs-extra "^9.0.1"
     fs-tree-diff "^2.0.1"
     get-caller-file "^2.0.5"
     git-repo-info "^2.1.1"
@@ -7886,7 +7887,7 @@ execa@^3.0.0:
     signal-exit "^3.0.2"
     strip-final-newline "^2.0.0"
 
-execa@^4.0.0, execa@^4.0.2, execa@^4.0.3:
+execa@^4.0.0, execa@^4.0.2, execa@^4.0.3, execa@^4.1.0:
   version "4.1.0"
   resolved "https://registry.yarnpkg.com/execa/-/execa-4.1.0.tgz#4e5491ad1572f2f17a77d388c6c857135b22847a"
   integrity sha512-j5W0//W7f8UxAn8hXVnwG8tLwdiUy4FJLcSupCg6maBYZDpyBvTApK7KyuI4bKj8KOh1r2YH+6ucuYtJv1bTZA==