Published on

Fixing Vite's Outside Allow List Error in pnpm Monorepo

Authors
  • Name
    Ripal & Zalak
    Twitter

Fixing Vite's "The request URL is outside of Vite serving allow list" Error in pnpm Monorepo

When you set up a pnpm monorepo, your node_modules directory is usually placed at the workspace root, not inside individual project directories. This setup works well until you initialize a git repository inside one of your projects. Vite may then start detecting your project folder as the root (instead of the workspace root), causing it to block access to certain files and display the error:

The request URL * is outside of Vite serving allow list

Root Cause

Vite's auto workspace root detection considers the node_modules location and git repositories to determine the project root. When you add a new git submodule, Vite may incorrectly assume the submodule directory as the root instead of the overall monorepo, creating file access restrictions.

Solution

To fix this issue, you need to explicitly allow Vite to serve files from the workspace root. Here's how to do it:

1. Update Vite Configuration

Add the following configuration to your Vite setup (e.g., in vite.config.ts or nuxt.config.ts if you're using Nuxt):

import { defineConfig, searchForWorkspaceRoot } from 'vite'

export default defineConfig({
  server: {
    fs: {
      allow: [
        // Allow serving files from the workspace root
        searchForWorkspaceRoot(process.cwd()),
        // Optionally, add additional custom paths if needed
        '/path/to/custom/allow',
      ],
    },
  },
})

2. Nuxt-Specific Fix

If you're working with Nuxt, use the following configuration in your nuxt.config.ts:

export default defineNuxtConfig({
  vite: {
    server: {
      fs: {
        allow: ['/path/to/your/workspace/root'],
      },
    },
  },
})

Replace /path/to/your/workspace/root with the absolute path to your workspace directory.

3. Allow Relative Paths (Optional)

If you want to allow relative paths (e.g., for team collaboration), you can modify the configuration like this:

server: {
  fs: {
    allow: ['..'], // Serve files from one level up from the project root
  },
},

4. Disable Strict Mode (Not Recommended)

For a quick but less secure solution, you can disable strict file serving restrictions entirely:

viteConf.server = {
  ...viteConf.server,
  fs: {
    strict: false, // Disable strict file serving restrictions
  },
}

However, this is not recommended for production environments.

Additional Notes

  • Ensure your workspace directory is correctly set up and matches the configuration paths.
  • Use searchForWorkspaceRoot(process.cwd()) to dynamically determine the workspace root.
  • Avoid disabling strict mode unless absolutely necessary.

FAQs

Q: Why did this issue occur only after initializing a git repository?

A: Vite uses both the node_modules location and git repositories to detect the project root. Adding a new git repository changes its detection logic, leading to this error.

Q: Can I use relative paths for fs.allow?

A: Yes, you can use relative paths (e.g., ['..']), but absolute paths are more reliable and reduce potential misconfigurations.

Q: Is disabling strict mode safe?

A: Disabling strict mode can expose your project to security vulnerabilities, as it allows unrestricted file serving. Use it only as a last resort.