@eggjs/security 5.0.0-beta.18 → 5.0.0-beta.19

package/dist/config/config.default.d.ts

@@ -218,8 +218,8 @@ declare const SecurityConfig: z.ZodObject<{
     ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
     cookieDomain?: string | ((args_0: Context, ...args: unknown[]) => string) | undefined;
   }, {
-    type?: "ctoken" | "referer" | "all" | "any" | undefined;
     match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
+    type?: "ctoken" | "referer" | "all" | "any" | undefined;
     ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
     enable?: boolean | undefined;
     ignoreJSON?: boolean | undefined;
@@ -288,8 +288,8 @@ declare const SecurityConfig: z.ZodObject<{
     match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
     ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
   }, {
-    value?: string | undefined;
     match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
+    value?: string | undefined;
     ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
     enable?: boolean | undefined;
   }>>;
@@ -407,8 +407,8 @@ declare const SecurityConfig: z.ZodObject<{
     match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
     ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
   }, {
-    value?: string | undefined;
     match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
+    value?: string | undefined;
     ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
     enable?: boolean | undefined;
   }>>;
@@ -471,8 +471,8 @@ declare const SecurityConfig: z.ZodObject<{
     match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
     ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
   }, {
-    value?: string | undefined;
     match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
+    value?: string | undefined;
     ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
     enable?: boolean | undefined;
   }>>;
@@ -642,6 +642,7 @@ declare const SecurityConfig: z.ZodObject<{
   ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
   __protocolWhiteListSet?: ReadonlySet<string> | undefined;
 }, {
+  match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
   csrf?: unknown;
   hsts?: {
     match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
@@ -674,14 +675,14 @@ declare const SecurityConfig: z.ZodObject<{
     supportIE?: boolean | undefined;
   } | undefined;
   xssProtection?: {
-    value?: string | undefined;
     match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
+    value?: string | undefined;
     ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
     enable?: boolean | undefined;
   } | undefined;
   xframe?: {
-    value?: string | undefined;
     match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
+    value?: string | undefined;
     ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
     enable?: boolean | undefined;
   } | undefined;
@@ -693,11 +694,10 @@ declare const SecurityConfig: z.ZodObject<{
   domainWhiteList?: string[] | undefined;
   protocolWhiteList?: string[] | undefined;
   defaultMiddleware?: string | ("csrf" | "hsts" | "methodnoallow" | "noopen" | "nosniff" | "csp" | "xssProtection" | "xframe" | "dta")[] | undefined;
-  match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
   ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
   referrerPolicy?: {
-    value?: string | undefined;
     match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
+    value?: string | undefined;
     ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
     enable?: boolean | undefined;
   } | undefined;

package/dist/lib/extend/safe_curl.d.ts

@@ -1,5 +1,5 @@
 import { SSRFCheckAddressFunction } from "../../config/config.default.js";
-import * as egg0 from "egg";
+import * as egg10 from "egg";
 import { EggApplicationCore } from "egg";
 
 //#region src/lib/extend/safe_curl.d.ts
@@ -15,6 +15,6 @@ type HttpClientResponse<T = any> = Awaited<ReturnType<HttpClient['prototype']['r
 /**
  * safe curl with ssrf protection
  */
-declare function safeCurlForApplication<T = any>(app: EggApplicationCore, url: HttpClientRequestURL, options?: HttpClientOptions): Promise<egg0.HttpClientResponse<T>>;
+declare function safeCurlForApplication<T = any>(app: EggApplicationCore, url: HttpClientRequestURL, options?: HttpClientOptions): Promise<egg10.HttpClientResponse<T>>;
 //#endregion
 export { HttpClientOptions, HttpClientRequestURL, HttpClientResponse, safeCurlForApplication };

package/dist/lib/middlewares/index.d.ts

@@ -1,18 +1,18 @@
 import { SecurityConfig } from "../../config/config.default.js";
-import * as egg1 from "egg";
+import * as egg0 from "egg";
 
 //#region src/lib/middlewares/index.d.ts
 declare const _default: {
-  csp: (options: SecurityConfig["csp"]) => egg1.MiddlewareFunc;
-  csrf: (options: SecurityConfig["csrf"]) => egg1.MiddlewareFunc;
-  dta: () => egg1.MiddlewareFunc;
-  hsts: (options: SecurityConfig["hsts"]) => egg1.MiddlewareFunc;
-  methodnoallow: () => egg1.MiddlewareFunc;
-  noopen: (options: SecurityConfig["noopen"]) => egg1.MiddlewareFunc;
-  nosniff: (options: SecurityConfig["nosniff"]) => egg1.MiddlewareFunc;
-  referrerPolicy: (options: SecurityConfig["referrerPolicy"]) => egg1.MiddlewareFunc;
-  xframe: (options: SecurityConfig["xframe"]) => egg1.MiddlewareFunc;
-  xssProtection: (options: SecurityConfig["xssProtection"]) => egg1.MiddlewareFunc;
+  csp: (options: SecurityConfig["csp"]) => egg0.MiddlewareFunc;
+  csrf: (options: SecurityConfig["csrf"]) => egg0.MiddlewareFunc;
+  dta: () => egg0.MiddlewareFunc;
+  hsts: (options: SecurityConfig["hsts"]) => egg0.MiddlewareFunc;
+  methodnoallow: () => egg0.MiddlewareFunc;
+  noopen: (options: SecurityConfig["noopen"]) => egg0.MiddlewareFunc;
+  nosniff: (options: SecurityConfig["nosniff"]) => egg0.MiddlewareFunc;
+  referrerPolicy: (options: SecurityConfig["referrerPolicy"]) => egg0.MiddlewareFunc;
+  xframe: (options: SecurityConfig["xframe"]) => egg0.MiddlewareFunc;
+  xssProtection: (options: SecurityConfig["xssProtection"]) => egg0.MiddlewareFunc;
 };
 //#endregion
 export { _default as default };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@eggjs/security",
-  "version": "5.0.0-beta.18",
+  "version": "5.0.0-beta.19",
   "type": "module",
   "publishConfig": {
     "access": "public"
@@ -84,25 +84,25 @@
     "zod": "^3.24.1"
   },
   "peerDependencies": {
-    "egg": "4.1.0-beta.18"
+    "egg": "4.1.0-beta.19"
   },
   "devDependencies": {
     "@types/escape-html": "^1.0.4",
     "@types/extend": "^3.0.4",
     "@types/koa-compose": "^3.2.8",
     "@types/mocha": "^10.0.10",
-    "@types/node": "24.5.2",
+    "@types/node": "^24.6.2",
     "@types/type-is": "^1.6.6",
     "beautify-benchmark": "^0.2.4",
     "benchmark": "^2.1.4",
     "egg-view-nunjucks": "^2.3.0",
     "spy": "^1.0.0",
     "tsdown": "^0.15.4",
-    "typescript": "5.9.2",
-    "vitest": "4.0.0-beta.13",
-    "@eggjs/mock": "7.0.0-beta.18",
-    "@eggjs/supertest": "9.0.0-beta.18",
-    "@eggjs/tsconfig": "3.1.0-beta.18"
+    "typescript": "^5.9.3",
+    "vitest": "4.0.0-beta.16",
+    "@eggjs/mock": "7.0.0-beta.19",
+    "@eggjs/supertest": "9.0.0-beta.19",
+    "@eggjs/tsconfig": "3.1.0-beta.19"
   },
   "files": [
     "dist"