npm - @bgord/bun - Versions diffs - 1.8.2 → 1.8.4 - Mend

@bgord/bun 1.8.2 → 1.8.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (32) hide show

package/dist/index.d.ts +4 -0
package/dist/index.d.ts.map +1 -1
package/dist/index.js +4 -0
package/dist/index.js.map +1 -1
package/dist/nonce-provider-crypto.adapter.d.ts +5 -0
package/dist/nonce-provider-crypto.adapter.d.ts.map +1 -0
package/dist/nonce-provider-crypto.adapter.js +12 -0
package/dist/nonce-provider-crypto.adapter.js.map +1 -0
package/dist/nonce-provider-noop.adapter.d.ts +5 -0
package/dist/nonce-provider-noop.adapter.d.ts.map +1 -0
package/dist/nonce-provider-noop.adapter.js +7 -0
package/dist/nonce-provider-noop.adapter.js.map +1 -0
package/dist/nonce-provider.port.d.ts +5 -0
package/dist/nonce-provider.port.d.ts.map +1 -0
package/dist/nonce-provider.port.js +2 -0
package/dist/nonce-provider.port.js.map +1 -0
package/dist/nonce-value.vo.d.ts +8 -0
package/dist/nonce-value.vo.d.ts.map +1 -0
package/dist/nonce-value.vo.js +14 -0
package/dist/nonce-value.vo.js.map +1 -0
package/dist/setup.service.d.ts.map +1 -1
package/dist/setup.service.js +22 -7
package/dist/setup.service.js.map +1 -1
package/dist/tsconfig.tsbuildinfo +1 -1
package/package.json +1 -1
package/readme.md +4 -0
package/src/index.ts +4 -0
package/src/nonce-provider-crypto.adapter.ts +16 -0
package/src/nonce-provider-noop.adapter.ts +8 -0
package/src/nonce-provider.port.ts +5 -0
package/src/nonce-value.vo.ts +18 -0
package/src/setup.service.ts +22 -7

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@bgord/bun",
-  "version": "1.8.2",
+  "version": "1.8.4",
   "license": "MIT",
   "type": "module",
   "author": "Bartosz Gordon",

package/readme.md CHANGED Viewed

@@ -233,6 +233,10 @@ src/
 │           ├── passage-of-time-hourly.service.ts
 │           └── passage-of-time-minute.service.ts
 ├── node-env.vo.ts
+├── nonce-provider-crypto.adapter.ts
+├── nonce-provider-noop.adapter.ts
+├── nonce-provider.port.ts
+├── nonce-value.vo.ts
 ├── pdf-generator-noop.adapter.ts
 ├── pdf-generator.port.ts
 ├── port.vo.ts

package/src/index.ts CHANGED Viewed

@@ -168,6 +168,10 @@ export * as History from "./modules/history";
 export * as Preferences from "./modules/preferences";
 export * as System from "./modules/system";
 export * from "./node-env.vo";
+export * from "./nonce-provider.port";
+export * from "./nonce-provider-crypto.adapter";
+export * from "./nonce-provider-noop.adapter";
+export * from "./nonce-value.vo";
 export * from "./pdf-generator.port";
 export * from "./pdf-generator-noop.adapter";
 export * from "./port.vo";

package/src/nonce-provider-crypto.adapter.ts ADDED Viewed

@@ -0,0 +1,16 @@
+import type { NonceProviderPort } from "./nonce-provider.port";
+import { NonceValue } from "./nonce-value.vo";
+export class NonceProviderCryptoAdapter implements NonceProviderPort {
+  generate() {
+    const buffer = new Uint8Array(8);
+    crypto.getRandomValues(buffer);
+    const nonce = Array.from(buffer)
+      .map((byte) => byte.toString(16).padStart(2, "0"))
+      .join("");
+    return NonceValue.parse(nonce);
+  }
+}

package/src/nonce-provider-noop.adapter.ts ADDED Viewed

@@ -0,0 +1,8 @@
+import type { NonceProviderPort } from "./nonce-provider.port";
+import { NonceValue } from "./nonce-value.vo";
+export class NonceProviderNoopAdapter implements NonceProviderPort {
+  generate() {
+    return NonceValue.parse("0000000000000000");
+  }
+}

package/src/nonce-provider.port.ts ADDED Viewed

@@ -0,0 +1,5 @@
+import type { NonceValueType } from "./nonce-value.vo";
+export interface NonceProviderPort {
+  generate(): NonceValueType;
+}

package/src/nonce-value.vo.ts ADDED Viewed

@@ -0,0 +1,18 @@
+import { z } from "zod/v4";
+export const NonceValueError = {
+  Type: "nonce.value.type",
+  InvalidHex: "nonce.value.invalid.hex",
+};
+// 16 hex chars allowed
+const CHARS_WHITELIST = /^[a-fA-F0-9]{16}$/;
+// Stryker disable all
+export const NonceValue = z
+  // Stryker restore all
+  .string(NonceValueError.Type)
+  .regex(CHARS_WHITELIST, NonceValueError.InvalidHex)
+  .brand("NonceValue");
+export type NonceValueType = z.infer<typeof NonceValue>;

package/src/setup.service.ts CHANGED Viewed

@@ -42,16 +42,31 @@ export class Setup {
       MaintenanceMode.build(overrides?.maintenanceMode),
       secureHeaders({
         crossOriginResourcePolicy: "same-origin",
-        contentSecurityPolicy: {
-          defaultSrc: ["'none'"],
-          scriptSrc: ["'self'"],
-          styleSrc: ["'self'"],
-          imgSrc: ["'self'"],
-        },
+        crossOriginOpenerPolicy: "same-origin",
+        crossOriginEmbedderPolicy: "require-corp",
+        referrerPolicy: "no-referrer",
+        xContentTypeOptions: "nosniff",
+        strictTransportSecurity: `max-age=${tools.Duration.Days(180).seconds}; includeSubDomains`,
       }),
       bodyLimit({ maxSize: BODY_LIMIT_MAX_SIZE.toBytes() }),
       ApiVersion.build({ Clock: deps.Clock, FileReaderJson: deps.FileReaderJson }),
-      cors(overrides?.cors),
+      cors({
+        // Stryker disable all
+        origin: (origin, c) => {
+          // server-to-server, curl, same-origin navigation
+          if (!origin) return undefined;
+          // same-origin fetch
+          if (origin === new URL(c.req.url).origin) return origin;
+          // deny cross-origin
+          return null;
+        },
+        // Stryker restore all
+        credentials: false,
+        maxAge: tools.Duration.Minutes(10).seconds,
+        ...overrides?.cors,
+      }),
       languageDetector({
         supportedLanguages: Object.keys(deps.I18n.supportedLanguages),
         fallbackLanguage: deps.I18n.defaultLanguage,