Release v1.7.18: fix Alpine.js SRI + CSP, add frontend modernization roadmap · 7639f5f69d - aoc

Release v1.7.18: fix Alpine.js SRI + CSP, add frontend modernization roadmap

Release / build-and-push (push) Successful in 1m23s

Details

CI / lint-and-test (push) Successful in 1m22s

Details

- Revert @alpinejs/csp (CSP build has no support for template literals,
  optional chaining, or x-html — all used in the app template); switch
  back to the regular alpinejs build
- Pin Alpine.js to 3.15.12 with a verified SRI hash (replaces the
  floating @3.x.x tag that caused the integrity check failure)
- Restore 'unsafe-eval' to script-src (required by Alpine.js's
  new Function() expression evaluator; inline script was already
  eliminated in v1.7.17 so 'unsafe-inline' stays removed)
- Add Phase 7.5 Frontend Modernization to ROADMAP: Vue 3 + Vite
  migration plan that will allow a clean CSP without unsafe-eval

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

This commit is contained in:

Tomas Kracmar

2026-05-29 08:01:57 +02:00

parent 79647d8962

commit 7639f5f69d

4 changed files with 33 additions and 3 deletions

VERSION

+1 -1

View File

@@ -1 +1 @@
 .7.17
 .7.18

Release v1.7.18: fix Alpine.js SRI + CSP, add frontend modernization roadmap Release / build-and-push (push) Successful in 1m23s Details CI / lint-and-test (push) Successful in 1m22s Details

Release v1.7.18: fix Alpine.js SRI + CSP, add frontend modernization roadmap

Release / build-and-push (push) Successful in 1m23s

Details

CI / lint-and-test (push) Successful in 1m22s

Details