Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

support subresource integrity for bootstrapScripts and bootstrapModules #25104

Merged
merged 1 commit into from
Aug 17, 2022
Merged

support subresource integrity for bootstrapScripts and bootstrapModules #25104

merged 1 commit into from
Aug 17, 2022

Conversation

gnoff
Copy link
Collaborator

@gnoff gnoff commented Aug 16, 2022

This change adds support for subresource integrity on bootstrapScripts and bootstrapModules.

if you provide an object like { src: string, integrity?: string } in either bootstrap option it will escape and emit the integrity value (if provided) in the integrity attribute of the script tag.

@gnoff gnoff requested a review from sebmarkbage August 16, 2022 17:55
@sizebot
Copy link

sizebot commented Aug 16, 2022
edited
Loading

Comparing: 6ef466c...6aaf498

Critical size changes

Includes critical production bundles, as well as any change greater than 2%:

Name +/- Base Current +/- gzip Base gzip Current gzip
oss-stable/react-dom/cjs/react-dom.production.min.js = 134.28 kB 134.28 kB = 42.94 kB 42.94 kB
oss-experimental/react-dom/cjs/react-dom.production.min.js = 140.35 kB 140.35 kB = 44.74 kB 44.74 kB
facebook-www/ReactDOM-prod.classic.js = 474.44 kB 474.44 kB = 84.87 kB 84.88 kB
facebook-www/ReactDOM-prod.modern.js = 459.68 kB 459.68 kB = 82.63 kB 82.63 kB
facebook-www/ReactDOMForked-prod.classic.js = 474.44 kB 474.44 kB = 84.88 kB 84.88 kB

Significant size changes

Includes any change greater than 0.2%:

Expand to show
Name +/- Base Current +/- gzip Base gzip Current gzip
facebook-www/ReactDOMServerStreaming-prod.modern.js +1.04% 84.74 kB 85.62 kB +0.72% 17.78 kB 17.91 kB
oss-stable-semver/react-dom/umd/react-dom-server.browser.production.min.js +0.64% 36.20 kB 36.43 kB +0.55% 12.57 kB 12.64 kB
oss-stable/react-dom/umd/react-dom-server.browser.production.min.js +0.63% 36.23 kB 36.46 kB +0.54% 12.59 kB 12.66 kB
oss-stable-semver/react-dom/cjs/react-dom-server.browser.production.min.js +0.63% 36.10 kB 36.33 kB +0.65% 12.43 kB 12.51 kB
oss-stable/react-dom/cjs/react-dom-server.browser.production.min.js +0.63% 36.12 kB 36.35 kB +0.64% 12.45 kB 12.53 kB
oss-experimental/react-dom/cjs/react-dom-static.browser.production.min.js +0.63% 36.57 kB 36.80 kB +0.62% 12.62 kB 12.70 kB
oss-experimental/react-dom/cjs/react-dom-server.browser.production.min.js +0.62% 36.69 kB 36.92 kB +0.61% 12.67 kB 12.74 kB
oss-experimental/react-dom/umd/react-dom-server.browser.production.min.js +0.62% 36.79 kB 37.02 kB +0.43% 12.78 kB 12.83 kB
oss-stable-semver/react-dom/cjs/react-dom-server.node.production.min.js +0.56% 39.64 kB 39.86 kB +0.50% 13.47 kB 13.54 kB
oss-stable/react-dom/cjs/react-dom-server.node.production.min.js +0.55% 39.66 kB 39.88 kB +0.50% 13.50 kB 13.56 kB
oss-experimental/react-dom/cjs/react-dom-static.node.production.min.js +0.55% 40.25 kB 40.47 kB +0.50% 13.73 kB 13.79 kB
oss-experimental/react-dom/cjs/react-dom-server.node.production.min.js +0.55% 40.28 kB 40.50 kB +0.52% 13.72 kB 13.80 kB
facebook-www/ReactDOMServerStreaming-dev.modern.js +0.35% 249.38 kB 250.26 kB +0.27% 59.22 kB 59.38 kB
facebook-www/ReactDOMServer-dev.modern.js +0.35% 253.80 kB 254.68 kB +0.25% 60.24 kB 60.39 kB
facebook-www/ReactDOMServer-dev.classic.js +0.34% 260.45 kB 261.34 kB +0.25% 61.65 kB 61.80 kB
oss-stable-semver/react-dom/cjs/react-dom-server.browser.development.js +0.33% 246.47 kB 247.27 kB +0.24% 59.73 kB 59.88 kB
oss-stable/react-dom/cjs/react-dom-server.browser.development.js +0.33% 246.49 kB 247.30 kB +0.24% 59.76 kB 59.90 kB
oss-stable-semver/react-dom/cjs/react-dom-server-legacy.browser.development.js +0.32% 247.46 kB 248.26 kB +0.27% 59.59 kB 59.74 kB
oss-stable/react-dom/cjs/react-dom-server-legacy.browser.development.js +0.32% 247.48 kB 248.28 kB +0.26% 59.61 kB 59.77 kB
oss-experimental/react-dom/cjs/react-dom-static.browser.development.js +0.32% 247.54 kB 248.34 kB +0.24% 59.98 kB 60.13 kB
oss-stable-semver/react-dom/cjs/react-dom-server.node.development.js +0.32% 247.71 kB 248.51 kB +0.25% 59.65 kB 59.80 kB
oss-stable/react-dom/cjs/react-dom-server.node.development.js +0.32% 247.73 kB 248.54 kB +0.25% 59.67 kB 59.82 kB
oss-experimental/react-dom/cjs/react-dom-server.browser.development.js +0.32% 248.23 kB 249.04 kB +0.25% 60.18 kB 60.33 kB
oss-stable-semver/react-dom/umd/react-dom-server.browser.development.js +0.32% 258.51 kB 259.35 kB +0.25% 60.42 kB 60.58 kB
oss-stable/react-dom/umd/react-dom-server.browser.development.js +0.32% 258.54 kB 259.37 kB +0.25% 60.45 kB 60.60 kB
oss-stable-semver/react-dom/cjs/react-dom-server-legacy.node.development.js +0.32% 249.16 kB 249.97 kB +0.25% 60.05 kB 60.21 kB
oss-stable/react-dom/cjs/react-dom-server-legacy.node.development.js +0.32% 249.19 kB 249.99 kB +0.25% 60.08 kB 60.23 kB
oss-experimental/react-dom/cjs/react-dom-server-legacy.browser.development.js +0.32% 249.22 kB 250.03 kB +0.26% 60.04 kB 60.19 kB
oss-experimental/react-dom/cjs/react-dom-static.node.development.js +0.32% 249.43 kB 250.24 kB +0.24% 60.19 kB 60.34 kB
oss-experimental/react-dom/cjs/react-dom-server.node.development.js +0.32% 249.47 kB 250.28 kB +0.24% 60.09 kB 60.24 kB
oss-stable-semver/react-dom/umd/react-dom-server-legacy.browser.development.js +0.32% 259.52 kB 260.36 kB +0.26% 60.31 kB 60.46 kB
oss-stable/react-dom/umd/react-dom-server-legacy.browser.development.js +0.32% 259.54 kB 260.38 kB +0.26% 60.33 kB 60.48 kB
oss-experimental/react-dom/umd/react-dom-server.browser.development.js +0.32% 260.38 kB 261.22 kB +0.24% 60.86 kB 61.00 kB
oss-experimental/react-dom/cjs/react-dom-server-legacy.node.development.js +0.32% 250.93 kB 251.73 kB +0.26% 60.51 kB 60.66 kB
oss-experimental/react-dom/umd/react-dom-server-legacy.browser.development.js +0.32% 261.39 kB 262.22 kB +0.26% 60.73 kB 60.89 kB

Generated by 🚫 dangerJS against 6aaf498

@gnoff gnoff merged commit 1e5245d into facebook:main Aug 17, 2022
@gnoff gnoff deleted the fizz-sri branch August 17, 2022 07:31
Biki-das added a commit to Biki-das/react-1 that referenced this pull request Aug 18, 2022
@Biki-das
Revert "support subresource integrity for bootstrapScripts and bootst…
931d7de 
…rapModules (facebook#25104)"

This reverts commit 1e5245d.
@Biki-das Biki-das mentioned this pull request Aug 18, 2022
Closed
GrinZero added a commit to GrinZero/react that referenced this pull request Aug 31, 2022
@GrinZero
Merge branch 'main' of ssh://github.com/GrinZero/react
ca0bdeb 
* 'main' of ssh://github.com/GrinZero/react: (26 commits)
  [devtools][easy] Fix flow type (facebook#25147)
  Remove Symbol Polyfill (again) (facebook#25144)
  Remove ReactFiberFlags MountLayoutDev and MountPassiveDev (facebook#25091)
  experimental_use(promise) (facebook#25084)
  [Transition Tracing] onMarkerIncomplete - Tracing Marker/Suspense Boundary Deletions (facebook#24885)
  [Flight] Add support for Webpack Async Modules (facebook#25138)
  Fix typo: supportsMicrotask -> supportsMicrotasks (facebook#25142)
  Allow functions to be used as module references (facebook#25137)
  Test the node-register hooks in unit tests (facebook#25132)
  Return closestInstance in `getInspectorDataForViewAtPoint` (facebook#25118)
  [DevTools] Highlight RN elements on hover (facebook#25106)
  Update fixtures/flight to webpack 5 (facebook#25115)
  Align StrictMode behaviour with production (facebook#25049)
  Scaffolding for useMemoCache hook (facebook#25123)
  devtools: Fix typo from directores to directories (facebook#25124)
  fixture: Fix typo from perfomrance to performance (facebook#25100)
  [DevTools] Add events necessary for click to inspect on RN (facebook#25111)
  Add missing createServerContext for experimental shared subset (facebook#25114)
  support subresource integrity for bootstrapScripts and bootstrapModules (facebook#25104)
  make preamble and postamble types explicit and fix typo (facebook#25102)
  ...
rickhanlonii pushed a commit that referenced this pull request Oct 6, 2022
@gnoff @rickhanlonii
support subresource integrity for bootstrapScripts and bootstrapModul…
360a6c4 
…es (#25104)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sebmarkbage sebmarkbage sebmarkbage approved these changes

Assignees
No one assigned
Labels
CLA Signed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@gnoff @sizebot @sebmarkbage @facebook-github-bot