@adobe/helix-html-pipeline 3.8.12 → 3.10.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/CHANGELOG.md +14 -0
  2. package/package.json +8 -8
  3. package/src/PipelineState.d.ts +4 -0
  4. package/src/html-pipe.js +5 -2
  5. package/src/steps/authenticate.js +39 -0
  6. package/src/steps/create-pictures.js +1 -1
package/CHANGELOG.md CHANGED
@@ -1,3 +1,17 @@
1
+ # [3.10.0](https://github.com/adobe/helix-html-pipeline/compare/v3.9.0...v3.10.0) (2023-03-28)
2
+
3
+
4
+ ### Features
5
+
6
+ * **picture:** update mobile breakpoint to 600px ([#280](https://github.com/adobe/helix-html-pipeline/issues/280)) ([6c72cba](https://github.com/adobe/helix-html-pipeline/commit/6c72cbaead55fb69b1c7d4c102052cc09a330b50))
7
+
8
+ # [3.9.0](https://github.com/adobe/helix-html-pipeline/compare/v3.8.12...v3.9.0) (2023-03-23)
9
+
10
+
11
+ ### Features
12
+
13
+ * restrict repositories ([#281](https://github.com/adobe/helix-html-pipeline/issues/281)) ([ba7e670](https://github.com/adobe/helix-html-pipeline/commit/ba7e670a0c2fe5e331c37000d0c023cfb79961ce)), closes [#277](https://github.com/adobe/helix-html-pipeline/issues/277)
14
+
1
15
  ## [3.8.12](https://github.com/adobe/helix-html-pipeline/compare/v3.8.11...v3.8.12) (2023-03-10)
2
16
 
3
17
 
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@adobe/helix-html-pipeline",
3
- "version": "3.8.12",
3
+ "version": "3.10.0",
4
4
  "description": "Helix HTML Pipeline",
5
5
  "main": "src/index.js",
6
6
  "types": "src/index.d.ts",
@@ -79,24 +79,24 @@
79
79
  "devDependencies": {
80
80
  "@adobe/eslint-config-helix": "2.0.2",
81
81
  "@markedjs/html-differ": "4.0.2",
82
- "@semantic-release/changelog": "6.0.2",
82
+ "@semantic-release/changelog": "6.0.3",
83
83
  "@semantic-release/git": "10.0.1",
84
- "@semantic-release/npm": "9.0.2",
84
+ "@semantic-release/npm": "10.0.2",
85
85
  "c8": "7.13.0",
86
- "eslint": "8.35.0",
86
+ "eslint": "8.36.0",
87
87
  "eslint-import-resolver-exports": "1.0.0-beta.5",
88
88
  "eslint-plugin-header": "3.1.1",
89
89
  "eslint-plugin-import": "2.27.5",
90
- "esmock": "2.1.0",
90
+ "esmock": "2.2.0",
91
91
  "husky": "8.0.3",
92
92
  "js-yaml": "4.1.0",
93
- "jsdom": "21.1.0",
93
+ "jsdom": "21.1.1",
94
94
  "junit-report-builder": "3.0.1",
95
- "lint-staged": "13.1.2",
95
+ "lint-staged": "13.2.0",
96
96
  "mocha": "10.2.0",
97
97
  "mocha-multi-reporters": "1.5.1",
98
98
  "remark-gfm": "3.0.1",
99
- "semantic-release": "20.1.1"
99
+ "semantic-release": "21.0.0"
100
100
  },
101
101
  "lint-staged": {
102
102
  "*.js": "eslint",
package/src/PipelineState.d.ts CHANGED
@@ -23,6 +23,10 @@ type Fetch = (url: string|Request, options?: RequestOptions) => Promise<Response
23
23
 
24
24
  declare interface AccessConfig {
25
25
  allow:(string|string[]);
26
+
27
+ require: {
28
+ repository:(string|string[]);
29
+ };
26
30
  }
27
31
 
28
32
  declare interface HelixConfigAll {
package/src/html-pipe.js CHANGED
@@ -10,7 +10,7 @@
10
10
  * governing permissions and limitations under the License.
11
11
  */
12
12
  import { cleanupHeaderValue } from '@adobe/helix-shared-utils';
13
- import { authenticate } from './steps/authenticate.js';
13
+ import { authenticate, requireProject } from './steps/authenticate.js';
14
14
  import addHeadingIds from './steps/add-heading-ids.js';
15
15
  import createPageBlocks from './steps/create-page-blocks.js';
16
16
  import createPictures from './steps/create-pictures.js';
@@ -91,7 +91,10 @@ export async function htmlPipe(state, req) {
91
91
  fetchContent(state, req, res),
92
92
  ]);
93
93
 
94
- await authenticate(state, req, res);
94
+ await requireProject(state, req, res);
95
+ if (!res.error) {
96
+ await authenticate(state, req, res);
97
+ }
95
98
 
96
99
  if (res.error) {
97
100
  // if content loading produced an error, we're done.
package/src/steps/authenticate.js CHANGED
@@ -82,3 +82,42 @@ export async function authenticate(state, req, res) {
82
82
  res.headers.set('x-hlx-auth-key', authInfo.profile.pem);
83
83
  }
84
84
  }
85
+
86
+ /**
87
+ * Checks if the given owner repo is alloed
88
+ * @param {string} owner
89
+ * @param {string} repo
90
+ * @param {string[]} allows
91
+ * @returns {boolean}
92
+ */
93
+ export function isOwnerRepoAllowed(owner, repo, allows = []) {
94
+ if (allows.length === 0) {
95
+ return true;
96
+ }
97
+ return allows
98
+ .map((ownerRepo) => ownerRepo.split('/'))
99
+ .findIndex(([o, r]) => owner === o && (repo === r || r === '*')) >= 0;
100
+ }
101
+
102
+ /**
103
+ * Checks if the
104
+ * @type PipelineStep
105
+ * @param {PipelineState} state
106
+ * @param {PipelineRequest} req
107
+ * @param {PipelineResponse} res
108
+ * @returns {Promise<void>}
109
+ */
110
+ export async function requireProject(state, req, res) {
111
+ // if not restricted, do nothing
112
+ const ownerRepo = state.config?.access?.require?.repository;
113
+ if (!ownerRepo) {
114
+ return;
115
+ }
116
+ const ownerRepos = Array.isArray(ownerRepo) ? ownerRepo : [ownerRepo];
117
+ const { log, owner, repo } = state;
118
+ if (!isOwnerRepoAllowed(owner, repo, ownerRepos)) {
119
+ log.warn(`${owner}/${repo} not allowed for ${ownerRepos}`);
120
+ res.status = 403;
121
+ res.error = 'forbidden.';
122
+ }
123
+ }
package/src/steps/create-pictures.js CHANGED
@@ -14,7 +14,7 @@ import { h } from 'hastscript';
14
14
  import { visitParents } from 'unist-util-visit-parents';
15
15
 
16
16
  const BREAK_POINTS = [
17
- { media: '(min-width: 400px)', width: '2000' },
17
+ { media: '(min-width: 600px)', width: '2000' },
18
18
  { width: '750' },
19
19
  ];
20
20