Describe the bug
I am following the https://mui.com/material-ui/getting-started/installation/#roboto-font to install roboto font through package manager because the CDN is blocked by a firewall.
After the installation is completed, the project still cannot serve the fonts correctly.
It appears relative url access for woff2 files from a css file in @fontsource/roboto is blocked by Vite dev server when using yarn PnP.
The woff2 file should be a safe file included in safeModulesPath
|
if (server.moduleGraph.safeModulesPath.has(file)) return true |
It has a workaround to change server.fs.strict to false but this will be less safe.
Reproduction
https://stackblitz.com/edit/github-tmpxuz-g4gr11?file=src%2FApp.jsx
Steps to reproduce
Clone the repo in reproduction url.
When the project is launched with $npm i && npm run dev no problem raised when the browser is opened
When the project is launched with $yarn set version berry && yarn && yarn dev it will raise an issue about The request url "~/.yarn/berry/cache/@fontsource-roboto-npm-5.0.8-35f6bafae2-10c0.zip/node_modules/@fontsource/roboto/files/roboto-latin-500-normal.woff" is outside of Vite serving allow list when opened from browser. The fonts cannot be displayed correctly.
Vite dev server's file system access rules should be consistent across package managers.
System Info
System:
OS: macOS 14.2
CPU: (8) arm64 Apple M2
Memory: 32.42 MB / 16.00 GB
Shell: 5.9 - /bin/zsh
Binaries:
Node: 20.10.0 - /usr/local/bin/node
Yarn: 4.1.0 - /usr/local/bin/yarn
npm: 10.2.3 - /usr/local/bin/npm
Browsers:
Safari: 17.2
npmPackages:
@vitejs/plugin-react: ^4.2.1 => 4.2.1
vite: ^5.1.1 => 5.1.3
Used Package Manager
yarn
Logs
No response
Validations
Describe the bug
I am following the https://mui.com/material-ui/getting-started/installation/#roboto-font to install roboto font through package manager because the CDN is blocked by a firewall.
After the installation is completed, the project still cannot serve the fonts correctly.
It appears relative url access for woff2 files from a css file in
@fontsource/robotois blocked by Vite dev server when using yarn PnP.The woff2 file should be a safe file included in safeModulesPath
vite/packages/vite/src/node/server/middlewares/static.ts
Line 218 in 71dc6a6
It has a workaround to change server.fs.strict to false but this will be less safe.
Reproduction
https://stackblitz.com/edit/github-tmpxuz-g4gr11?file=src%2FApp.jsx
Steps to reproduce
Clone the repo in reproduction url.
When the project is launched with
$npm i && npm run devno problem raised when the browser is openedWhen the project is launched with
$yarn set version berry && yarn && yarn devit will raise an issue about The request url "~/.yarn/berry/cache/@fontsource-roboto-npm-5.0.8-35f6bafae2-10c0.zip/node_modules/@fontsource/roboto/files/roboto-latin-500-normal.woff" is outside of Vite serving allow list when opened from browser. The fonts cannot be displayed correctly.Vite dev server's file system access rules should be consistent across package managers.
System Info
System: OS: macOS 14.2 CPU: (8) arm64 Apple M2 Memory: 32.42 MB / 16.00 GB Shell: 5.9 - /bin/zsh Binaries: Node: 20.10.0 - /usr/local/bin/node Yarn: 4.1.0 - /usr/local/bin/yarn npm: 10.2.3 - /usr/local/bin/npm Browsers: Safari: 17.2 npmPackages: @vitejs/plugin-react: ^4.2.1 => 4.2.1 vite: ^5.1.1 => 5.1.3Used Package Manager
yarn
Logs
No response
Validations