@adobe/helix-config 2.18.2 → 3.0.0

package/CHANGELOG.md

@@ -1,3 +1,15 @@
+# [3.0.0](https://github.com/adobe/helix-config/compare/v2.18.2...v3.0.0) (2024-05-16)
+
+
+### Features
+
+* remove unused option and enforce scope ([#86](https://github.com/adobe/helix-config/issues/86)) ([4c9d26d](https://github.com/adobe/helix-config/commit/4c9d26d5579b289adb593b2ccfeae97d5ff5e3b6))
+
+
+### BREAKING CHANGES
+
+* ConfigContext.withFetch() was removed
+
 ## [2.18.2](https://github.com/adobe/helix-config/compare/v2.18.1...v2.18.2) (2024-05-13)
 
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@adobe/helix-config",
-  "version": "2.18.2",
+  "version": "3.0.0",
   "description": "Helix Config",
   "main": "src/index.js",
   "types": "src/index.d.ts",
@@ -61,7 +61,7 @@
     "@adobe/fetch": "4.1.2",
     "@adobe/helix-shared-config": "10.4.4",
     "@adobe/helix-shared-git": "3.0.9",
-    "@adobe/helix-shared-storage": "1.0.0",
+    "@adobe/helix-shared-storage": "1.0.1",
     "@adobe/helix-shared-utils": "3.0.2",
     "ajv": "8.13.0",
     "ajv-formats": "3.0.1",

package/src/ConfigContext.d.ts

@@ -11,8 +11,6 @@
  */
 import {S3Loader} from "./S3Loader";
 
-type Fetch = (url: string|Request, options?: RequestOptions) => Promise<Response>;
-
 export declare enum ConfigScope {
   delivery = 'delivery',
   pipeline = 'pipeline',
@@ -24,6 +22,5 @@ export declare class ConfigContext {
   withLog(log: Console): ConfigContext;
   withEnv(env: object): ConfigContext;
   withS3Loader(loader: S3Loader): ConfigContext;
-  withFetch(fetch: Fetch): ConfigContext;
 }
 

package/src/ConfigContext.js

@@ -39,7 +39,6 @@ export const SCOPE_RAW = 'raw';
  * Public / Custom Configs: Sidekick, Production Host, Custom Preview Page / Live Host, Custom JSON.
  * @type {string}
  */
-// eslint-disable-next-line no-unused-vars
 export const SCOPE_PUBLIC = 'public';
 
 /**
@@ -68,9 +67,4 @@ export class ConfigContext {
     this.loader = loader;
     return this;
   }
-
-  withFetch(fetch) {
-    this.fetch = fetch;
-    return this;
-  }
 }

package/src/config-view.js

@@ -17,7 +17,7 @@ import {
   SCOPE_ADMIN,
   SCOPE_PIPELINE,
   SCOPE_DELIVERY,
-  SCOPE_RAW,
+  SCOPE_RAW, SCOPE_PUBLIC,
 } from './ConfigContext.js';
 import { resolveLegacyConfig, fetchRobotsTxt, toArray } from './config-legacy.js';
 import { getMergedConfig } from './config-merge.js';
@@ -47,6 +47,14 @@ const HELIX_CONFIG_BUS = 'helix-config-bus';
 
 const HELIX_CONTENT_BUS = 'helix-content-bus';
 
+const VALID_SCOPES = [
+  SCOPE_ADMIN,
+  SCOPE_PIPELINE,
+  SCOPE_DELIVERY,
+  SCOPE_RAW,
+  SCOPE_PUBLIC,
+];
+
 /**
  * Creates a string representation of the given array that is suitable for substring matching by
  * delimiting each entry with `,` eg: ,foo@adobe.com,bar@adobe.com,
@@ -263,6 +271,15 @@ export async function getConfigResponse(ctx, opts) {
   const {
     ref, site, org, scope,
   } = opts;
+  if (!VALID_SCOPES.includes(scope)) {
+    return new PipelineResponse('', {
+      status: 400,
+      headers: {
+        'x-error': 'invalid scope',
+      },
+    });
+  }
+
   const rso = { ref, site, org };
   const config = await resolveConfig(ctx, rso, scope);
   const surrogateHeaders = {