@forge/api 2.19.5-next.0 → 2.20.0-next.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +12 -0
- package/out/index.d.ts.map +1 -1
- package/out/properties/index.d.ts.map +1 -1
- package/out/properties/index.js +1 -0
- package/out/safeUrl.d.ts.map +1 -1
- package/out/safeUrl.js +5 -2
- package/package.json +1 -1
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,17 @@
|
|
|
1
1
|
# @forge/api
|
|
2
2
|
|
|
3
|
+
## 2.20.0-next.2
|
|
4
|
+
|
|
5
|
+
### Patch Changes
|
|
6
|
+
|
|
7
|
+
- 189720f: Notice of deprecation for properties API
|
|
8
|
+
|
|
9
|
+
## 2.20.0-next.1
|
|
10
|
+
|
|
11
|
+
### Minor Changes
|
|
12
|
+
|
|
13
|
+
- 2764115: Prevent forward traversal in route
|
|
14
|
+
|
|
3
15
|
## 2.19.5-next.0
|
|
4
16
|
|
|
5
17
|
### Patch Changes
|
package/out/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC;AACnD,OAAO,EAA8C,QAAQ,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAExG,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAG5C,OAAO,EAAE,KAAK,EAAE,MAAM,WAAW,CAAC;AAClC,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAC1C,OAAO,EAAe,0BAA0B,EAAiB,MAAM,6BAA6B,CAAC;AAErG,MAAM,MAAM,WAAW,GAAG,IAAI,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,GAAG,aAAa,GAAG,IAAI,GAAG,QAAQ,GAAG,YAAY,GAAG,SAAS,CAAC,CAAC;AACvH,MAAM,MAAM,WAAW,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,WAAW,KAAK,OAAO,CAAC,WAAW,CAAC,CAAC;AACpF,MAAM,MAAM,wBAAwB,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,KAAK,EAAE,IAAI,CAAC,EAAE,WAAW,KAAK,OAAO,CAAC,WAAW,CAAC,CAAC;AACzG,MAAM,MAAM,oBAAoB,GAAG,CAAC,GAAG,EAAE,KAAK,EAAE,IAAI,CAAC,EAAE,WAAW,KAAK,OAAO,CAAC,WAAW,CAAC,CAAC;AAC5F,MAAM,MAAM,YAAY,GAAG,WAAW,CAAC;AAEvC,MAAM,WAAW,qBAAqB;IACpC,WAAW,EAAE,oBAAoB,CAAC;IAClC,iBAAiB,EAAE,oBAAoB,CAAC;IACxC,gBAAgB,EAAE,oBAAoB,CAAC;CACxC;AAED,MAAM,WAAW,mBAAmB;IAClC,YAAY,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC,EAAE,GAAG,EAAE,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,KAAK,OAAO,CAAC,WAAW,CAAC,CAAC;CACvG;AAED,MAAM,WAAW,wBAAwB;IACvC,cAAc,EAAE,MAAM,OAAO,CAAC,OAAO,CAAC,CAAC;IACvC,kBAAkB,EAAE,MAAM,OAAO,CAAC,OAAO,CAAC,CAAC;IAC3C,eAAe,EAAE,MAAM,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;IACzC,KAAK,EAAE,wBAAwB,CAAC;CACjC;AAED,MAAM,WAAW,gCAAgC;IAC/C,YAAY,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,KAAK,wBAAwB,CAAC;CACrG;AAED,MAAM,WAAW,cAAc;IAC7B,GAAG,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,CAAC,GAAG,CAAC,CAAC;IACnC,GAAG,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAChD,MAAM,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;CACxC;AAED,MAAM,WAAW,aAAa;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC;AACnD,OAAO,EAA8C,QAAQ,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAExG,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAG5C,OAAO,EAAE,KAAK,EAAE,MAAM,WAAW,CAAC;AAClC,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAC1C,OAAO,EAAe,0BAA0B,EAAiB,MAAM,6BAA6B,CAAC;AAErG,MAAM,MAAM,WAAW,GAAG,IAAI,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,GAAG,aAAa,GAAG,IAAI,GAAG,QAAQ,GAAG,YAAY,GAAG,SAAS,CAAC,CAAC;AACvH,MAAM,MAAM,WAAW,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,WAAW,KAAK,OAAO,CAAC,WAAW,CAAC,CAAC;AACpF,MAAM,MAAM,wBAAwB,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,KAAK,EAAE,IAAI,CAAC,EAAE,WAAW,KAAK,OAAO,CAAC,WAAW,CAAC,CAAC;AACzG,MAAM,MAAM,oBAAoB,GAAG,CAAC,GAAG,EAAE,KAAK,EAAE,IAAI,CAAC,EAAE,WAAW,KAAK,OAAO,CAAC,WAAW,CAAC,CAAC;AAC5F,MAAM,MAAM,YAAY,GAAG,WAAW,CAAC;AAEvC,MAAM,WAAW,qBAAqB;IACpC,WAAW,EAAE,oBAAoB,CAAC;IAClC,iBAAiB,EAAE,oBAAoB,CAAC;IACxC,gBAAgB,EAAE,oBAAoB,CAAC;CACxC;AAED,MAAM,WAAW,mBAAmB;IAClC,YAAY,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC,EAAE,GAAG,EAAE,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,KAAK,OAAO,CAAC,WAAW,CAAC,CAAC;CACvG;AAED,MAAM,WAAW,wBAAwB;IACvC,cAAc,EAAE,MAAM,OAAO,CAAC,OAAO,CAAC,CAAC;IACvC,kBAAkB,EAAE,MAAM,OAAO,CAAC,OAAO,CAAC,CAAC;IAC3C,eAAe,EAAE,MAAM,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;IACzC,KAAK,EAAE,wBAAwB,CAAC;CACjC;AAED,MAAM,WAAW,gCAAgC;IAC/C,YAAY,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,KAAK,wBAAwB,CAAC;CACrG;AAED,MAAM,WAAW,cAAc;IAC7B,GAAG,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,CAAC,GAAG,CAAC,CAAC;IACnC,GAAG,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAChD,MAAM,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;CACxC;AAED,MAAM,WAAW,aAAa;IAI5B,aAAa,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,cAAc,CAAC;IAInD,WAAW,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,cAAc,CAAC;IAIjD,gBAAgB,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,cAAc,CAAC;IAItD,iBAAiB,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,cAAc,CAAC;CACxD;AAED,MAAM,WAAW,UAAW,SAAQ,cAAc,EAAE,QAAQ,EAAE,gBAAgB;CAAG;AAEjF,MAAM,WAAW,eAAgB,SAAQ,UAAU;IACjD,SAAS,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,CAAC,GAAG,CAAC,CAAC;IACzC,SAAS,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IACtD,YAAY,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;CAC9C;AAMD,MAAM,WAAW,QAAS,SAAQ,aAAa;IAK7C,aAAa,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,cAAc,CAAC;IAMnD,WAAW,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,cAAc,CAAC;IAMjD,gBAAgB,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,cAAc,CAAC;IAMtD,iBAAiB,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,cAAc,CAAC;CACxD;AAED,MAAM,WAAW,QAAS,SAAQ,qBAAqB;IACrD,MAAM,IAAI,qBAAqB,GAAG,mBAAmB,GAAG,gCAAgC,CAAC;IACzF,KAAK,IAAI,qBAAqB,GAAG,mBAAmB,CAAC;IACrD,KAAK,EAAE,wBAAwB,CAAC;CACjC;AAED,MAAM,WAAW,QAAS,SAAQ,QAAQ;IACxC,KAAK,EAAE,QAAQ,CAAC;CACjB;AAaD,QAAA,MAAM,MAAM,QApBA,qBAAqB,GAAG,mBAAmB,GAAG,gCAoB5B,CAAC;AAC/B,QAAA,MAAM,KAAK,QApBA,qBAAqB,GAAG,mBAoBP,CAAC;AAC7B,QAAA,MAAM,KAAK,0BAAiB,CAAC;AAC7B,QAAA,MAAM,WAAW,sBAAuB,CAAC;AACzC,QAAA,MAAM,iBAAiB,sBAA6B,CAAC;AACrD,QAAA,MAAM,gBAAgB,sBAA4B,CAAC;AAenD,QAAA,MAAM,KAAK,eAA0B,CAAC;AAEtC,QAAA,MAAM,OAAO,EAAE,eAEd,CAAC;AAEF,QAAA,MAAM,UAAU,EAAE,aAA6B,CAAC;AAEhD,QAAA,MAAM,GAAG,EAAE,QAGV,CAAC;AAEF,eAAO,MAAM,OAAO;;CAEnB,CAAC;AAEF,eAAe,GAAG,CAAC;AACnB,OAAO,EACL,MAAM,EACN,KAAK,EACL,SAAS,EACT,KAAK,EACL,WAAW,EACX,iBAAiB,EACjB,gBAAgB,EAChB,KAAK,EACL,OAAO,EACP,UAAU,EACV,UAAU,EACV,0BAA0B,EAC3B,CAAC;AACF,OAAO,EACL,YAAY,EACZ,QAAQ,EACR,gBAAgB,EAChB,SAAS,EACT,UAAU,EACV,SAAS,EACT,MAAM,EACN,KAAK,EACL,cAAc,EACd,eAAe,EACf,UAAU,EACV,eAAe,EACf,gBAAgB,EAChB,SAAS,EACV,MAAM,gBAAgB,CAAC;AAExB,OAAO,EAAE,KAAK,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,KAAK,EAAE,MAAM,WAAW,CAAC;AAChF,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AACzD,OAAO,EACL,wBAAwB,EACxB,iBAAiB,EACjB,UAAU,EACV,+BAA+B,EAC/B,8BAA8B,EAC9B,6BAA6B,EAC7B,eAAe,EACf,8BAA8B,EAC9B,SAAS,EACT,YAAY,EACZ,oBAAoB,EACpB,iBAAiB,EAClB,MAAM,cAAc,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/properties/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAS,cAAc,EAAE,MAAM,UAAU,CAAC;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/properties/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAS,cAAc,EAAE,MAAM,UAAU,CAAC;AAmBjD,eAAO,MAAM,aAAa;4BACA,MAAM;gCAEF,MAAM;+BACP,MAAM;iCAEJ,MAAM;CAEpC,CAAC"}
|
package/out/properties/index.js
CHANGED
|
@@ -8,6 +8,7 @@ const confluence_page_1 = require("./confluence-page");
|
|
|
8
8
|
const confluence_space_1 = require("./confluence-space");
|
|
9
9
|
const sanitized_key_1 = require("./sanitized-key");
|
|
10
10
|
const getPropertiesInstance = (adapter) => {
|
|
11
|
+
console.warn('The @forge/api Properties API is deprecated, you shoud now call product REST APIs directly.');
|
|
11
12
|
const storage = {
|
|
12
13
|
get: (key) => adapter.get((0, sanitized_key_1.sanitizedKey)(key)),
|
|
13
14
|
set: (key, value) => adapter.set((0, sanitized_key_1.sanitizedKey)(key), value),
|
package/out/safeUrl.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"safeUrl.d.ts","sourceRoot":"","sources":["../src/safeUrl.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,KAAK,GAAG;IAClB,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;CACxB,CAAC;AAcF,wBAAgB,OAAO,CAAC,CAAC,EAAE,OAAO,GAAG,CAAC,IAAI,KAAK,CAE9C;AAED,wBAAgB,iBAAiB,CAAC,YAAY,EAAE,MAAM,GAAG,KAAK,CAG7D;
|
|
1
|
+
{"version":3,"file":"safeUrl.d.ts","sourceRoot":"","sources":["../src/safeUrl.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,KAAK,GAAG;IAClB,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;CACxB,CAAC;AAcF,wBAAgB,OAAO,CAAC,CAAC,EAAE,OAAO,GAAG,CAAC,IAAI,KAAK,CAE9C;AAED,wBAAgB,iBAAiB,CAAC,YAAY,EAAE,MAAM,GAAG,KAAK,CAG7D;AA6DD,wBAAgB,KAAK,CACnB,QAAQ,EAAE,oBAAoB,EAC9B,GAAG,UAAU,EAAE,CAAC,MAAM,GAAG,MAAM,GAAG,eAAe,GAAG,KAAK,CAAC,EAAE,GAC3D,KAAK,CAoBP;AAED,wBAAgB,cAAc,CAAC,GAAG,EAAE,OAAO,GAAG,KAAK,CASlD;AAED,wBAAgB,kBAAkB,CAAC,KAAK,EAAE,MAAM,GAAG,KAAK,CAEvD"}
|
package/out/safeUrl.js
CHANGED
|
@@ -22,6 +22,7 @@ function routeFromAbsolute(absolutePath) {
|
|
|
22
22
|
}
|
|
23
23
|
exports.routeFromAbsolute = routeFromAbsolute;
|
|
24
24
|
const DOUBLE_DOT = ['..', '.%2e', '%2e.', '%2e%2e', '.%2E', '%2E.', '%2E%2e'];
|
|
25
|
+
const DIRECTORY_PATH = ['/', '\\'];
|
|
25
26
|
const ENDS_PATH = ['?', '#'];
|
|
26
27
|
function containsOneOf(needles, haystack) {
|
|
27
28
|
return needles.some((needle) => haystack.includes(needle));
|
|
@@ -33,8 +34,10 @@ function escapeParameter(parameter, mode) {
|
|
|
33
34
|
return parameter.value;
|
|
34
35
|
}
|
|
35
36
|
parameter = String(parameter);
|
|
36
|
-
if (containsOneOf(DOUBLE_DOT, parameter) ||
|
|
37
|
-
|
|
37
|
+
if (containsOneOf(DOUBLE_DOT, parameter) ||
|
|
38
|
+
containsOneOf(ENDS_PATH, parameter) ||
|
|
39
|
+
containsOneOf(DIRECTORY_PATH, parameter)) {
|
|
40
|
+
throw new Error('Disallowing path manipulation attempt. For more information see: https://developer.atlassian.com/platform/forge/runtime-reference/product-fetch-api/#route');
|
|
38
41
|
}
|
|
39
42
|
return parameter;
|
|
40
43
|
case 'query':
|