npm - @digitraffic/common - Versions diffs - 2024.8.14-1 → 2024.8.16-1 - Mend

@digitraffic/common 2024.8.14-1 → 2024.8.16-1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/aws/infra/acl-builder.d.mts +4 -1
package/dist/aws/infra/acl-builder.mjs +13 -10
package/package.json +1 -1

package/dist/aws/infra/acl-builder.d.mts CHANGED Viewed

@@ -1,6 +1,9 @@
 import { CfnWebACL } from "aws-cdk-lib/aws-wafv2";
 import type { Construct } from "constructs";
 export type AWSManagedWafRule = "CommonRuleSet" | "AmazonIpReputationList" | "KnownBadInputsRuleSet" | "SQLiRuleSet";
+export type ExcludedAWSRules = {
+    [key in AWSManagedWafRule]?: string[];
+};
 /**
  * Builder class for building CfnWebACL.
  *
@@ -16,7 +19,7 @@ export declare class AclBuilder {
     _customResponseBodies: Record<string, CfnWebACL.CustomResponseBodyProperty>;
     constructor(construct: Construct, name?: string);
     isRuleDefined(rules: AWSManagedWafRule[] | "all", rule: AWSManagedWafRule): boolean;
-    withAWSManagedRules(rules?: AWSManagedWafRule[] | "all"): AclBuilder;
+    withAWSManagedRules(rules?: AWSManagedWafRule[] | "all", excludedRules?: ExcludedAWSRules): AclBuilder;
     withIpRestrictionRule(addresses: string[]): AclBuilder;
     withThrottleRule(name: string, priority: number, limit: number, customResponseBodyKey: string, isHeaderRequired: boolean, isBasedOnIpAndUriPath: boolean): AclBuilder;
     withCustomResponseBody(key: string, customResponseBody: CfnWebACL.CustomResponseBodyProperty): this;

package/dist/aws/infra/acl-builder.mjs CHANGED Viewed

@@ -20,18 +20,18 @@ export class AclBuilder {
     isRuleDefined(rules, rule) {
         return rules === "all" || rules.includes(rule);
     }
-    withAWSManagedRules(rules = "all") {
+    withAWSManagedRules(rules = "all", excludedRules = {}) {
         if (this.isRuleDefined(rules, "CommonRuleSet")) {
-            this._rules.push(createAWSCommonRuleSet());
+            this._rules.push(createAWSCommonRuleSet(excludedRules?.CommonRuleSet));
         }
         if (this.isRuleDefined(rules, "AmazonIpReputationList")) {
-            this._rules.push(createAWSReputationList());
+            this._rules.push(createAWSReputationList(excludedRules?.AmazonIpReputationList));
         }
         if (this.isRuleDefined(rules, "KnownBadInputsRuleSet")) {
-            this._rules.push(createAWSKnownBadInput());
+            this._rules.push(createAWSKnownBadInput(excludedRules?.KnownBadInputsRuleSet));
         }
         if (this.isRuleDefined(rules, "SQLiRuleSet")) {
-            this._rules.push(createAWSAntiSQLInjection());
+            this._rules.push(createAWSAntiSQLInjection(excludedRules?.SQLiRuleSet));
         }
         return this;
     }
@@ -228,7 +228,7 @@ function createThrottleStatement(limit, isHeaderRequired, isBasedOnIpAndUriPath)
         },
     };
 }
-function createAWSCommonRuleSet() {
+function createAWSCommonRuleSet(excludedRules = []) {
     return createRuleProperty("AWS-AWSManagedRulesCommonRuleSet", 70, {
         statement: {
             managedRuleGroupStatement: {
@@ -238,37 +238,40 @@ function createAWSCommonRuleSet() {
                     { name: "NoUserAgent_HEADER" },
                     { name: "SizeRestrictions_BODY" },
                     { name: "GenericRFI_BODY" },
-                ],
+                ].concat((excludedRules ?? []).map(rule => ({ name: rule }))),
             },
         },
     });
 }
-function createAWSReputationList() {
+function createAWSReputationList(excludedRules = []) {
     return createRuleProperty("AWS-AWSManagedRulesAmazonIpReputationList", 80, {
         statement: {
             managedRuleGroupStatement: {
                 vendorName: "AWS",
                 name: "AWSManagedRulesAmazonIpReputationList",
+                excludedRules: (excludedRules ?? []).map(rule => ({ name: rule }))
             },
         },
     });
 }
-function createAWSKnownBadInput() {
+function createAWSKnownBadInput(excludedRules = []) {
     return createRuleProperty("AWS-AWSManagedRulesKnownBadInputsRuleSet", 90, {
         statement: {
             managedRuleGroupStatement: {
                 vendorName: "AWS",
                 name: "AWSManagedRulesKnownBadInputsRuleSet",
+                excludedRules: (excludedRules ?? []).map(rule => ({ name: rule }))
             },
         },
     });
 }
-function createAWSAntiSQLInjection() {
+function createAWSAntiSQLInjection(excludedRules = []) {
     return createRuleProperty("AWS-AWSManagedRulesSQLiRuleSet", 100, {
         statement: {
             managedRuleGroupStatement: {
                 vendorName: "AWS",
                 name: "AWSManagedRulesSQLiRuleSet",
+                excludedRules: (excludedRules ?? []).map(rule => ({ name: rule }))
             },
         },
     });

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@digitraffic/common",
-  "version": "2024.8.14-1",
+  "version": "2024.8.16-1",
   "description": "",
   "type": "module",
   "repository": {