@backstage/backend-app-api 0.7.3-next.1 → 0.7.4

package/CHANGELOG.md

@@ -1,5 +1,38 @@
 # @backstage/backend-app-api
 
+## 0.7.4
+
+### Patch Changes
+
+- ce87d0e: Fixed a potential crash when passing an object with a `null` prototype as log meta.
+
+## 0.7.3
+
+### Patch Changes
+
+- 4cd5ff0: Add ability to configure the Node.js HTTP Server when configuring the root HTTP Router service
+- e8199b1: Move the JWKS registration outside of the lifecycle middleware
+- d229dc4: Move path utilities from `backend-common` to the `backend-plugin-api` package.
+- dc8c5dd: The default `TokenManager` implementation no longer requires keys to be configured in production, but it will throw an errors when generating or authenticating tokens. The default `AuthService` implementation will now also provide additional context if such an error is throw when falling back to using the `TokenManager` service to generate tokens for outgoing requests.
+- 025641b: Redact `meta` fields too with the logger
+- 09f8988: Remove explicit `alg` check for user tokens in `verifyToken`
+- 5863e02: Internal refactor to only create one external token handler
+- a1dc547: Added support for camel case CSP directives in app-config. For example:
+
+  ```yaml
+  backend:
+    csp:
+      upgradeInsecureRequests: false
+  ```
+
+- 329cc34: Added logging of all plugins being initialized, periodic status, and completion.
+- Updated dependencies
+  - @backstage/backend-common@0.22.0
+  - @backstage/backend-plugin-api@0.6.18
+  - @backstage/backend-tasks@0.5.23
+  - @backstage/plugin-auth-node@0.4.13
+  - @backstage/plugin-permission-node@0.7.29
+
 ## 0.7.2-next.1
 
 ### Patch Changes

package/alpha/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@backstage/backend-app-api",
-  "version": "0.7.3-next.1",
+  "version": "0.7.4",
   "main": "../dist/alpha.cjs.js",
   "types": "../dist/alpha.d.ts"
 }

package/dist/index.cjs.js

@@ -15,6 +15,7 @@ var cors = require('cors');
 var helmet = require('helmet');
 var morgan = require('morgan');
 var compression = require('compression');
+var kebabCase = require('lodash/kebabCase');
 var minimatch = require('minimatch');
 var errors = require('@backstage/errors');
 var crypto = require('crypto');
@@ -22,11 +23,11 @@ var winston = require('winston');
 var backendPluginApi = require('@backstage/backend-plugin-api');
 var alpha = require('@backstage/backend-plugin-api/alpha');
 var luxon = require('luxon');
-var backendCommon = require('@backstage/backend-common');
 var jose = require('jose');
 var uuid = require('uuid');
 var pluginAuthNode = require('@backstage/plugin-auth-node');
 var types = require('@backstage/types');
+var backendCommon = require('@backstage/backend-common');
 var backendAppApi = require('@backstage/backend-app-api');
 var cookie = require('cookie');
 var Router = require('express-promise-router');
@@ -66,6 +67,7 @@ var cors__default = /*#__PURE__*/_interopDefaultCompat(cors);
 var helmet__default = /*#__PURE__*/_interopDefaultCompat(helmet);
 var morgan__default = /*#__PURE__*/_interopDefaultCompat(morgan);
 var compression__default = /*#__PURE__*/_interopDefaultCompat(compression);
+var kebabCase__default = /*#__PURE__*/_interopDefaultCompat(kebabCase);
 var Router__default = /*#__PURE__*/_interopDefaultCompat(Router);
 var express__default = /*#__PURE__*/_interopDefaultCompat(express);
 var trimEnd__default = /*#__PURE__*/_interopDefaultCompat(trimEnd);
@@ -536,10 +538,11 @@ function applyCspDirectives(directives) {
   delete result["form-action"];
   if (directives) {
     for (const [key, value] of Object.entries(directives)) {
+      const kebabCaseKey = kebabCase__default.default(key);
       if (value === false) {
-        delete result[key];
+        delete result[kebabCaseKey];
       } else {
-        result[key] = value;
+        result[kebabCaseKey] = value;
       }
     }
   }
@@ -860,11 +863,14 @@ const _WinstonLogger = class _WinstonLogger {
     const replace = (obj) => {
       var _a;
       for (const key in obj) {
-        if (obj.hasOwnProperty(key)) {
+        if (Object.hasOwn(obj, key)) {
           if (typeof obj[key] === "object") {
             obj[key] = replace(obj[key]);
           } else if (typeof obj[key] === "string") {
-            obj[key] = (_a = obj[key]) == null ? void 0 : _a.replace(redactionPattern, "[REDACTED]");
+            try {
+              obj[key] = (_a = obj[key]) == null ? void 0 : _a.replace(redactionPattern, "[REDACTED]");
+            } catch {
+            }
           }
         }
       }
@@ -1564,6 +1570,52 @@ checkForMissingDeps_fn = function(factory, pluginId) {
 };
 let ServiceRegistry = _ServiceRegistry;
 
+const LOGGER_INTERVAL_MAX = 6e4;
+function joinIds(ids) {
+  return [...ids].map((id) => `'${id}'`).join(", ");
+}
+function createInitializationLogger(pluginIds, rootLogger) {
+  const logger = rootLogger == null ? void 0 : rootLogger.child({ type: "initialization" });
+  const starting = new Set(pluginIds);
+  const started = /* @__PURE__ */ new Set();
+  logger == null ? void 0 : logger.info(`Plugin initialization started: ${joinIds(pluginIds)}`);
+  const getInitStatus = () => {
+    let status = "";
+    if (started.size > 0) {
+      status = `, newly initialized: ${joinIds(started)}`;
+      started.clear();
+    }
+    if (starting.size > 0) {
+      status += `, still initializing: ${joinIds(starting)}`;
+    }
+    return status;
+  };
+  let interval = 1e3;
+  let prevInterval = 0;
+  let timeout;
+  const onTimeout = () => {
+    logger == null ? void 0 : logger.info(`Plugin initialization in progress${getInitStatus()}`);
+    const nextInterval = Math.min(interval + prevInterval, LOGGER_INTERVAL_MAX);
+    prevInterval = interval;
+    interval = nextInterval;
+    timeout = setTimeout(onTimeout, nextInterval);
+  };
+  timeout = setTimeout(onTimeout, interval);
+  return {
+    onPluginStarted(pluginId) {
+      starting.delete(pluginId);
+      started.add(pluginId);
+    },
+    onAllStarted() {
+      logger == null ? void 0 : logger.info(`Plugin initialization complete${getInitStatus()}`);
+      if (timeout) {
+        clearTimeout(timeout);
+        timeout = void 0;
+      }
+    }
+  };
+}
+
 var __accessCheck$8 = (obj, member, msg) => {
   if (!member.has(obj))
     throw TypeError("Cannot " + msg);
@@ -1768,6 +1820,10 @@ doStart_fn = async function() {
     }
   }
   const allPluginIds = [...pluginInits.keys()];
+  const initLogger = createInitializationLogger(
+    allPluginIds,
+    await __privateGet$6(this, _serviceRegistry).get(backendPluginApi.coreServices.rootLogger, "root")
+  );
   await Promise.all(
     allPluginIds.map(async (pluginId) => {
       await __privateGet$6(this, _serviceRegistry).initializeEagerServicesWithScope(
@@ -1814,12 +1870,14 @@ doStart_fn = async function() {
           );
         });
       }
+      initLogger.onPluginStarted(pluginId);
       const lifecycleService2 = await __privateMethod$5(this, _getPluginLifecycleImpl, getPluginLifecycleImpl_fn).call(this, pluginId);
       await lifecycleService2.startup();
     })
   );
   const lifecycleService = await __privateMethod$5(this, _getRootLifecycleImpl, getRootLifecycleImpl_fn).call(this);
   await lifecycleService.startup();
+  initLogger.onAllStarted();
   if (process.env.NODE_ENV !== "test") {
     const rootLogger = await __privateGet$6(this, _serviceRegistry).get(
       backendPluginApi.coreServices.rootLogger,
@@ -1948,7 +2006,7 @@ function createSpecializedBackend(options) {
 const MIGRATIONS_TABLE = "backstage_backend_public_keys__knex_migrations";
 const TABLE = "backstage_backend_public_keys__keys";
 function applyDatabaseMigrations(knex) {
-  const migrationsDir = backendCommon.resolvePackagePath(
+  const migrationsDir = backendPluginApi.resolvePackagePath(
     "@backstage/backend-app-api",
     "migrations"
   );