@backstage/backend-app-api 0.5.12 → 0.6.0-next.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/CHANGELOG.md +21 -8
  2. package/alpha/package.json +1 -1
  3. package/config.d.ts +20 -0
  4. package/dist/index.cjs.js +669 -197
  5. package/dist/index.cjs.js.map +1 -1
  6. package/dist/index.d.ts +11 -2
  7. package/package.json +16 -13
package/CHANGELOG.md CHANGED
@@ -1,17 +1,30 @@
1
1
  # @backstage/backend-app-api
2
2
 
3
- ## 0.5.12
3
+ ## 0.6.0-next.0
4
+
5
+ ### Minor Changes
6
+
7
+ - 4a3d434: **BREAKING**: For users that have migrated to the new backend system, incoming requests will now be rejected if they are not properly authenticated (e.g. with a Backstage bearer token or a backend token). Please see the [Auth Service Migration tutorial](https://backstage.io/docs/tutorials/auth-service-migration) for more information on how to circumvent this behavior in the short term and how to properly leverage it in the longer term.
8
+
9
+ Added service factories for the new [`auth`](https://backstage.io/docs/backend-system/core-services/auth/), [`httpAuth`](https://backstage.io/docs/backend-system/core-services/http-auth), and [`userInfo`](https://backstage.io/docs/backend-system/core-services/user-info) services that were created as part of [BEP-0003](https://github.com/backstage/backstage/tree/master/beps/0003-auth-architecture-evolution).
4
10
 
5
11
  ### Patch Changes
6
12
 
13
+ - 999224f: Bump dependency `minimatch` to v9
14
+ - 0502d82: Updated the `permissionsServiceFactory` to forward the `AuthService` to the implementation.
15
+ - 9802004: Made the `DefaultUserInfoService` claims check stricter
7
16
  - Updated dependencies
8
- - @backstage/backend-common@0.21.1
9
- - @backstage/backend-tasks@0.5.16
10
- - @backstage/plugin-auth-node@0.4.6
11
- - @backstage/plugin-permission-node@0.7.22
12
- - @backstage/backend-plugin-api@0.6.11
13
- - @backstage/cli-node@0.2.3
14
- - @backstage/config-loader@1.6.2
17
+ - @backstage/backend-common@0.21.3-next.0
18
+ - @backstage/plugin-auth-node@0.4.8-next.0
19
+ - @backstage/errors@1.2.4-next.0
20
+ - @backstage/backend-plugin-api@0.6.13-next.0
21
+ - @backstage/backend-tasks@0.5.18-next.0
22
+ - @backstage/plugin-permission-node@0.7.24-next.0
23
+ - @backstage/cli-node@0.2.4-next.0
24
+ - @backstage/config-loader@1.6.3-next.0
25
+ - @backstage/config@1.1.2-next.0
26
+ - @backstage/cli-common@0.1.13
27
+ - @backstage/types@1.1.1
15
28
 
16
29
  ## 0.5.11
17
30
 
package/alpha/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@backstage/backend-app-api",
3
- "version": "0.5.12",
3
+ "version": "0.6.0-next.0",
4
4
  "main": "../dist/alpha.cjs.js",
5
5
  "types": "../dist/alpha.d.ts"
6
6
  }
package/config.d.ts CHANGED
@@ -15,6 +15,26 @@
15
15
  */
16
16
 
17
17
  export interface Config {
18
+ backend?: {
19
+ auth?: {
20
+ /**
21
+ * This disables the otherwise default auth policy, which requires all
22
+ * requests to be authenticated with either user or service credentials.
23
+ *
24
+ * Disabling this check means that the backend will no longer block
25
+ * unauthenticated requests, but instead allow them to pass through to
26
+ * plugins.
27
+ *
28
+ * If permissions are enabled, unauthenticated requests will be treated
29
+ * exactly as such, leaving it to the permission policy to determine what
30
+ * permissions should be allowed for an unauthenticated identity. Note
31
+ * that this will also apply to service-to-service calls between plugins
32
+ * unless you configure credentials for service calls.
33
+ */
34
+ dangerouslyDisableDefaultAuthPolicy?: boolean;
35
+ };
36
+ };
37
+
18
38
  /** Discovery options. */
19
39
  discovery?: {
20
40
  /**