The Wire · Showcase
DEVTOOLS 8.1.2 SHIPS WITH VAPOR SUPPORT AND CSP HARDENING
By RepoJournal · Filed · About Vue.js
Vue DevTools locked down Trusted Types CSP injection while expanding to support Vapor apps in the latest release.
DevTools v8.1.2 [1] landed with two critical moves: a security-first fix [2] that replaces raw script injection with TrustedScriptURL under strict Content Security Policy, and expanded framework coverage via `vite-plugin-vue-inspector` bumped to handle Vapor [3]. The release also cleaned house by removing the broken AssetDropZone.vue file [4] that was dragging TypeScript checks down, and fixed Router object introspection that was causing noise in the state inspector [1]. For teams running CSP: strict or shipping Vapor codebases, this is your upgrade path.
Action items
- → Upgrade DevTools to v8.1.2 if using Trusted Types CSP vuejs/devtools [immediate]
- → Test Vapor app debugging with new `vite-plugin-vue-inspector` support vuejs/devtools [plan]
References
- [1] v8.1.2 ↗ vuejs/devtools
- [2] fix(vite): use TrustedScriptURL for overlay injection under Trusted Types CSP (#1094) vuejs/devtools
- [3] feat: bump `vite-plugin-vue-inspector` to support vapor app (#1096) vuejs/devtools
- [4] chore(client): remove unused file AssetDropZone.vue ↗ vuejs/devtools
FAQ
- What changed in Vue.js on May 8, 2026?
- Vue DevTools locked down Trusted Types CSP injection while expanding to support Vapor apps in the latest release.
- What should Vue.js teams do about it?
- Upgrade DevTools to v8.1.2 if using Trusted Types CSP • Test Vapor app debugging with new `vite-plugin-vue-inspector` support
- Which Vue.js repositories shipped on May 8, 2026?
- vuejs/devtools