npm - @forge/manifest - Versions diffs - 10.2.0-next.5 → 10.2.1-next.0 - Mend

@forge/manifest 10.2.0-next.5 → 10.2.1-next.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/CHANGELOG.md +21 -0
package/out/validators/modules-validators/confluence/validateMacroAutoConvert.js +1 -1
package/out/validators/permissions-validator.d.ts +1 -0
package/out/validators/permissions-validator.d.ts.map +1 -1
package/out/validators/permissions-validator.js +21 -1
package/package.json +1 -1

package/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,26 @@
 # @forge/manifest
+## 10.2.1-next.0
+### Patch Changes
+- 10c0bc6: Add egress support for custom URL schemes. Allow custom custom URL schemes as autoconvert patterns.
+## 10.2.0
+### Minor Changes
+- 5144b15: Adding validation for undefined actions under automation:actionProvider module
+### Patch Changes
+- 5069c3c: Forge manifest linter now includes devops:developmentInfoProvider, devops:featureFlagInfoProvider, devops:deploymentInfoProvider, devops:buildInfoProvider, and devops:remoteLinkInfoProvider
+- 8e9a8b5: Got rid of FG
+- 5bfa872: Update manifest definitions
+- 13e5daa: Update manifest definitions
+- e029de1: Update manifest definitions
+- 426dfe1: Update manifest definitions
 ## 10.2.0-next.5
 ### Patch Changes

package/out/validators/modules-validators/confluence/validateMacroAutoConvert.js CHANGED Viewed

@@ -3,7 +3,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.validateMacroAutoConvert = void 0;
 const text_1 = require("../../../text");
 const utils_1 = require("../../../utils");
-const VALID_MATCHER_PATTERN = new RegExp(/^(?=.{1,1024}$)https?:\/\/(?:[a-zA-Z0-9-\*]+\.)*[a-zA-Z0-9-\*]+(?:\.[a-zA-Z\*]{1,})?(?:\/.*)?$/);
+const VALID_MATCHER_PATTERN = new RegExp(/^(?=.{1,1024}$)[a-zA-Z]+:(\/\/)?(\\\\)?(?:[a-zA-Z0-9-\*]+[\.:])*[a-zA-Z0-9-\*]+(?:\.:[a-zA-Z\*]{1,})?(?:\/.*)?$/);
 const errorMessages = text_1.errors.modules.confluence.autoConvert;
 const mapToAutoConvertError = (validationErrors, moduleKey) => validationErrors.map((message) => ({ moduleKey, message }));
 const validateEmpty = (matchers, moduleKey) => {

package/out/validators/permissions-validator.d.ts CHANGED Viewed

@@ -1,6 +1,7 @@
 import { ManifestObject, ManifestValidationResult } from '../types';
 import { ManifestSchema } from '../schema/manifest';
 import { ValidatorInterface } from './validator-interface';
+export declare const PROTOCOL_BLOCKLIST: string[];
 export declare class PermissionsValidator implements ValidatorInterface<ManifestObject<ManifestSchema> | undefined, ManifestSchema> {
     private isValidURL;
     private isValidHash;

package/out/validators/permissions-validator.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"permissions-validator.d.ts","sourceRoot":"","sources":["../../src/validators/permissions-validator.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,wBAAwB,EAAmB,MAAM,UAAU,CAAC;AAGrF,OAAO,EAAE,cAAc,EAAU,MAAM,oBAAoB,CAAC;AAC5D,OAAO,EAAE,kBAAkB,EAAE,MAAM,uBAAuB,CAAC;AAO3D,qBAAa,oBACX,YAAW,kBAAkB,CAAC,cAAc,CAAC,cAAc,CAAC,GAAG,SAAS,EAAE,cAAc,CAAC;IAEzF,OAAO,CAAC,UAAU;~~IA+BlB~~,OAAO,CAAC,WAAW;IAUnB,OAAO,CAAC,mBAAmB;IAgB3B,OAAO,CAAC,8BAA8B;IA6ChC,QAAQ,CACZ,QAAQ,EAAE,cAAc,CAAC,cAAc,CAAC,GAAG,SAAS,GACnD,OAAO,CAAC,wBAAwB,CAAC,cAAc,CAAC,CAAC;CA+JrD"}
1	+ {"version":3,"file":"permissions-validator.d.ts","sourceRoot":"","sources":["../../src/validators/permissions-validator.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,wBAAwB,EAAmB,MAAM,UAAU,CAAC;AAGrF,OAAO,EAAE,cAAc,EAAU,MAAM,oBAAoB,CAAC;AAC5D,OAAO,EAAE,kBAAkB,EAAE,MAAM,uBAAuB,CAAC;AAO3D,eAAO,MAAM,kBAAkB,UAa9B,CAAC;AAEF,qBAAa,oBACX,YAAW,kBAAkB,CAAC,cAAc,CAAC,cAAc,CAAC,GAAG,SAAS,EAAE,cAAc,CAAC;IAEzF,OAAO,CAAC,UAAU;IAwClB,OAAO,CAAC,WAAW;IAUnB,OAAO,CAAC,mBAAmB;IAgB3B,OAAO,CAAC,8BAA8B;IA6ChC,QAAQ,CACZ,QAAQ,EAAE,cAAc,CAAC,cAAc,CAAC,GAAG,SAAS,GACnD,OAAO,CAAC,wBAAwB,CAAC,cAAc,CAAC,CAAC;CA+JrD"}

package/out/validators/permissions-validator.js CHANGED Viewed

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.PermissionsValidator = void 0;
+exports.PermissionsValidator = exports.PROTOCOL_BLOCKLIST = void 0;
 const tslib_1 = require("tslib");
 const utils_1 = require("../utils");
 const text_1 = require("../text");
@@ -9,6 +9,20 @@ const url_1 = require("url");
 const shipyard_scopes_json_1 = tslib_1.__importDefault(require("../scopes/shipyard-scopes.json"));
 const deprecated_shipyard_scopes_json_1 = tslib_1.__importDefault(require("../scopes/deprecated-shipyard-scopes.json"));
 const scopes_1 = require("../utils/scopes");
+exports.PROTOCOL_BLOCKLIST = [
+    'javascript:',
+    'data:',
+    'vbscript:',
+    'view-source:',
+    'resource:',
+    'about:',
+    'chrome:',
+    'livescript:',
+    'mocha:',
+    'file:',
+    'mhtml:',
+    'smb:'
+];
 class PermissionsValidator {
     isValidURL(inputURL) {
         const protocolRegex = /^(.*?:\/\/)/;
@@ -21,6 +35,12 @@ class PermissionsValidator {
         if (inputURL === '*') {
             return true;
         }
+        const customURLSchemeRegex = /^[a-zA-Z]+:(\\\\)?/;
+        if (customURLSchemeRegex.test(inputURL) &&
+            ![...exports.PROTOCOL_BLOCKLIST, 'http'].some((protocol) => inputURL.startsWith(protocol)) &&
+            !allowedProtocols.some((protocol) => inputURL.startsWith(protocol))) {
+            return true;
+        }
         if (!inputURL.includes('.') || inputURL.includes(' ')) {
             return false;
         }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@forge/manifest",
-  "version": "10.2.0-next.5",
+  "version": "10.2.1-next.0",
   "description": "Definitions and validations of the Forge manifest",
   "main": "out/index.js",
   "scripts": {