npm - @forge/manifest - Versions diffs - 3.3.0-next.4 → 3.3.0-next.7 - Mend

@forge/manifest 3.3.0-next.4 → 3.3.0-next.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/CHANGELOG.md +22 -0
package/out/schema/manifest-schema.json +311 -147
package/out/schema/manifest.d.ts +260 -160
package/out/types/egress-types.d.ts +1 -1
package/out/types/egress-types.d.ts.map +1 -1
package/out/types/egress-types.js +3 -1
package/out/validators/permissions-validator.d.ts +6 -0
package/out/validators/permissions-validator.d.ts.map +1 -1
package/out/validators/permissions-validator.js +76 -73
package/package.json +1 -1

package/out/validators/permissions-validator.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"permissions-validator.d.ts","sourceRoot":"","sources":["../../src/validators/permissions-validator.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,wBAAwB,EAAmB,MAAM,UAAU,CAAC;AAGrF,OAAO,EAAE,cAAc,EAAU,MAAM,oBAAoB,CAAC;AAC5D,OAAO,EAAE,kBAAkB,EAAE,MAAM,uBAAuB,CAAC;AAM3D,qBAAa,oBACX,YAAW,kBAAkB,CAAC,cAAc,CAAC,cAAc,CAAC,GAAG,SAAS,EAAE,cAAc,CAAC;IACzF,QAAQ,CAAC,QAAQ,EAAE,cAAc,CAAC,cAAc,CAAC,GAAG,SAAS,GAAG,wBAAwB,CAAC,cAAc,CAAC;~~CAkIzG~~"}
1	+ {"version":3,"file":"permissions-validator.d.ts","sourceRoot":"","sources":["../../src/validators/permissions-validator.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,wBAAwB,EAAmB,MAAM,UAAU,CAAC;AAGrF,OAAO,EAAE,cAAc,EAAU,MAAM,oBAAoB,CAAC;AAC5D,OAAO,EAAE,kBAAkB,EAAE,MAAM,uBAAuB,CAAC;AAM3D,qBAAa,oBACX,YAAW,kBAAkB,CAAC,cAAc,CAAC,cAAc,CAAC,GAAG,SAAS,EAAE,cAAc,CAAC;IACzF,OAAO,CAAC,gBAAgB,CAAoB;;IAM5C,OAAO,CAAC,UAAU;IA+BlB,OAAO,CAAC,WAAW;IAUnB,OAAO,CAAC,mBAAmB;IAW3B,OAAO,CAAC,8BAA8B;IAWtC,QAAQ,CAAC,QAAQ,EAAE,cAAc,CAAC,cAAc,CAAC,GAAG,SAAS,GAAG,wBAAwB,CAAC,cAAc,CAAC;CA8FzG"}

package/out/validators/permissions-validator.js CHANGED Viewed

@@ -9,97 +9,100 @@ const url_1 = require("url");
 const shipyard_scopes_json_1 = tslib_1.__importDefault(require("../scopes/shipyard-scopes.json"));
 const deprecated_shipyard_scopes_json_1 = tslib_1.__importDefault(require("../scopes/deprecated-shipyard-scopes.json"));
 class PermissionsValidator {
-    validate(manifest) {
-        var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k, _l, _m, _o, _p, _q, _r, _s, _t, _u, _v, _w, _x, _y, _z;
-        if (!manifest || !manifest.typedContent || !manifest.typedContent.permissions) {
-            return {
-                success: false,
-                manifestObject: manifest
-            };
+    constructor() {
+        this.validationErrors = [];
+    }
+    isValidURL(inputURL) {
+        const protocolRegex = /^(.*?:\/\/)/;
+        const validURI = /^(\*\.)?[.a-zA-Z0-9_\-\/:~#%?=&]+$/;
+        const allowedProtocols = ['https:', 'wss:'];
+        const MAX_URL_LENGTH = 1000;
+        if (inputURL.length > MAX_URL_LENGTH) {
+            return false;
         }
-        const validationErrors = [];
-        function addValidationError(element, value, manifest) {
-            validationErrors.push(Object.assign({ message: text_1.errors.permissions.invalidPermission(element, value), reference: text_1.References.Permissions, level: 'error' }, utils_1.findPosition(value, manifest.yamlContentByLine)));
+        if (inputURL === '*') {
+            return true;
         }
+        if (!inputURL.includes('.') || inputURL.includes(' ')) {
+            return false;
+        }
+        try {
+            const domainOrUrlWithProtocol = protocolRegex.test(inputURL) ? inputURL : `https://${inputURL}`;
+            const parsedUrl = new url_1.URL(domainOrUrlWithProtocol);
+            if (!allowedProtocols.includes(parsedUrl.protocol)) {
+                return false;
+            }
+            return validURI.test(parsedUrl.hostname);
+        }
+        catch (_) {
+            return false;
+        }
+    }
+    isValidHash(cspString) {
         const BASE_64_HASH_PATTERNS = [
             /^sha256-[a-zA-Z0-9=+/]{44}$/,
             /^sha384-[a-zA-Z0-9=+/]{64}$/,
             /^sha512-[a-zA-Z0-9=+/]{88}$/
         ];
-        function isValidHash(cspString) {
-            return BASE_64_HASH_PATTERNS.some((pattern) => pattern.test(cspString));
+        return BASE_64_HASH_PATTERNS.some((pattern) => pattern.test(cspString));
+    }
+    addValidationErrors(element, values, manifest) {
+        values.forEach((value) => {
+            this.validationErrors.push(Object.assign({ message: text_1.errors.permissions.invalidPermission(element, value), reference: text_1.References.Permissions, level: 'error' }, utils_1.findPosition(value, manifest.yamlContentByLine)));
+        });
+    }
+    validateExternalPermissionURLs(extPermType, perms, manifest) {
+        const invalidPerms = perms === null || perms === void 0 ? void 0 : perms.filter((key) => !this.isValidURL(key));
+        if (invalidPerms === null || invalidPerms === void 0 ? void 0 : invalidPerms.length) {
+            this.addValidationErrors(extPermType, invalidPerms, manifest);
         }
-        const validURI = /^(\*\.)?[.a-zA-Z0-9_\-\/:~#%?=&]+$/;
-        const protocolRegex = /^(.*?:\/\/)/;
-        const allowedProtocols = ['https:', 'wss:'];
-        const MAX_URL_LENGTH = 1000;
-        function isValidURL(inputURL) {
-            if (inputURL.length > MAX_URL_LENGTH) {
-                return false;
-            }
-            if (inputURL === '*') {
-                return true;
-            }
-            if (!inputURL.includes('.') || inputURL.includes(' ')) {
-                return false;
-            }
-            try {
-                const domainOrUrlWithProtocol = protocolRegex.test(inputURL) ? inputURL : `https://${inputURL}`;
-                const parsedUrl = new url_1.URL(domainOrUrlWithProtocol);
-                if (!allowedProtocols.includes(parsedUrl.protocol)) {
-                    return false;
-                }
-                return validURI.test(parsedUrl.hostname);
-            }
-            catch (_) {
-                return false;
-            }
+    }
+    validate(manifest) {
+        var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k, _l, _m, _o, _p, _q, _r, _s, _t, _u, _v, _w, _x, _y;
+        if (!manifest || !manifest.typedContent || !manifest.typedContent.permissions) {
+            return {
+                success: false,
+                manifestObject: manifest
+            };
         }
         const ALL_SCOPES = shipyard_scopes_json_1.default.concat(deprecated_shipyard_scopes_json_1.default);
-        const invalidScope = (_a = manifest.typedContent.permissions.scopes) === null || _a === void 0 ? void 0 : _a.find((key) => !ALL_SCOPES.includes(key));
-        if (invalidScope) {
-            addValidationError('scopes', invalidScope, manifest);
+        const invalidScopes = (_a = manifest.typedContent.permissions.scopes) === null || _a === void 0 ? void 0 : _a.filter((key) => !ALL_SCOPES.includes(key));
+        if (invalidScopes === null || invalidScopes === void 0 ? void 0 : invalidScopes.length) {
+            this.addValidationErrors('scopes', invalidScopes, manifest);
         }
-        const invalidScripts = (_c = (_b = manifest.typedContent.permissions.content) === null || _b === void 0 ? void 0 : _b.scripts) === null || _c === void 0 ? void 0 : _c.find((key) => !egress_types_1.EGRESS_TYPES.EGRESS_SCRIPTS.includes(key) && !isValidHash(key));
-        if (invalidScripts) {
-            addValidationError('content.scripts', invalidScripts, manifest);
+        const invalidScripts = (_c = (_b = manifest.typedContent.permissions.content) === null || _b === void 0 ? void 0 : _b.scripts) === null || _c === void 0 ? void 0 : _c.filter((key) => !egress_types_1.EGRESS_TYPES.ALLOWED_CSP_TYPES.includes(key) && !this.isValidHash(key));
+        if (invalidScripts === null || invalidScripts === void 0 ? void 0 : invalidScripts.length) {
+            this.addValidationErrors('content.scripts', invalidScripts, manifest);
         }
-        const invalidBackendString = (_f = (_e = (_d = manifest.typedContent.permissions.external) === null || _d === void 0 ? void 0 : _d.fetch) === null || _e === void 0 ? void 0 : _e.backend) === null || _f === void 0 ? void 0 : _f.filter((item) => typeof item === 'string').find((key) => !isValidURL(key));
-        if (invalidBackendString) {
-            addValidationError('external.fetch.backend', invalidBackendString, manifest);
+        const invalidBackendStrings = (_f = (_e = (_d = manifest.typedContent.permissions.external) === null || _d === void 0 ? void 0 : _d.fetch) === null || _e === void 0 ? void 0 : _e.backend) === null || _f === void 0 ? void 0 : _f.filter((item) => typeof item === 'string' && !this.isValidURL(item));
+        if (invalidBackendStrings === null || invalidBackendStrings === void 0 ? void 0 : invalidBackendStrings.length) {
+            this.addValidationErrors('external.fetch.backend', invalidBackendStrings, manifest);
         }
         const remoteMap = (_g = manifest.typedContent.remotes) === null || _g === void 0 ? void 0 : _g.reduce((prev, item) => prev.set(item.key, item.baseUrl), new Map());
-        const invalidBackendRemote = (_k = (_j = (_h = manifest.typedContent.permissions.external) === null || _h === void 0 ? void 0 : _h.fetch) === null || _j === void 0 ? void 0 : _j.backend) === null || _k === void 0 ? void 0 : _k.filter((item) => typeof item === 'object').find((item) => !remoteMap || !remoteMap.has(item.remote) || !isValidURL(remoteMap.get(item.remote)));
-        if (invalidBackendRemote) {
-            addValidationError('external.fetch.backend', invalidBackendRemote.remote, manifest);
-        }
-        const invalidClientString = (_o = (_m = (_l = manifest.typedContent.permissions.external) === null || _l === void 0 ? void 0 : _l.fetch) === null || _m === void 0 ? void 0 : _m.client) === null || _o === void 0 ? void 0 : _o.filter((item) => typeof item === 'string').find((key) => !isValidURL(key));
-        if (invalidClientString) {
-            addValidationError('external.fetch.client', invalidClientString, manifest);
-        }
-        const invalidClient = (_r = (_q = (_p = manifest.typedContent.permissions.external) === null || _p === void 0 ? void 0 : _p.fetch) === null || _q === void 0 ? void 0 : _q.client) === null || _r === void 0 ? void 0 : _r.filter((item) => typeof item === 'object').find((item) => !remoteMap || !remoteMap.has(item.remote) || !isValidURL(remoteMap.get(item.remote)));
-        if (invalidClient) {
-            addValidationError('external.fetch.client', invalidClient.remote, manifest);
-        }
-        const invalidNavigation = (_t = (_s = manifest.typedContent.permissions.external) === null || _s === void 0 ? void 0 : _s.navigation) === null || _t === void 0 ? void 0 : _t.find((key) => !isValidURL(key));
-        if (invalidNavigation) {
-            addValidationError('external.navigation', invalidNavigation, manifest);
-        }
-        const invalidImages = (_v = (_u = manifest.typedContent.permissions.external) === null || _u === void 0 ? void 0 : _u.images) === null || _v === void 0 ? void 0 : _v.find((key) => !isValidURL(key));
-        if (invalidImages) {
-            addValidationError('external.images', invalidImages, manifest);
+        const invalidBackendRemotes = (_k = (_j = (_h = manifest.typedContent.permissions.external) === null || _h === void 0 ? void 0 : _h.fetch) === null || _j === void 0 ? void 0 : _j.backend) === null || _k === void 0 ? void 0 : _k.filter((item) => typeof item === 'object' &&
+            (!remoteMap || !remoteMap.has(item.remote) || !this.isValidURL(remoteMap.get(item.remote)))).map((item) => item.remote);
+        if (invalidBackendRemotes === null || invalidBackendRemotes === void 0 ? void 0 : invalidBackendRemotes.length) {
+            this.addValidationErrors('external.fetch.backend', invalidBackendRemotes, manifest);
         }
-        const invalidMedia = (_x = (_w = manifest.typedContent.permissions.external) === null || _w === void 0 ? void 0 : _w.media) === null || _x === void 0 ? void 0 : _x.find((key) => !isValidURL(key));
-        if (invalidMedia) {
-            addValidationError('external.media', invalidMedia, manifest);
+        const invalidClientStrings = (_o = (_m = (_l = manifest.typedContent.permissions.external) === null || _l === void 0 ? void 0 : _l.fetch) === null || _m === void 0 ? void 0 : _m.client) === null || _o === void 0 ? void 0 : _o.filter((item) => typeof item === 'string' && !this.isValidURL(item));
+        if (invalidClientStrings) {
+            this.addValidationErrors('external.fetch.client', invalidClientStrings, manifest);
         }
-        const invalidExternalScripts = (_z = (_y = manifest.typedContent.permissions.external) === null || _y === void 0 ? void 0 : _y.scripts) === null || _z === void 0 ? void 0 : _z.find((key) => !isValidURL(key));
-        if (invalidExternalScripts) {
-            addValidationError('external.scripts', invalidExternalScripts, manifest);
+        const invalidClients = (_r = (_q = (_p = manifest.typedContent.permissions.external) === null || _p === void 0 ? void 0 : _p.fetch) === null || _q === void 0 ? void 0 : _q.client) === null || _r === void 0 ? void 0 : _r.filter((item) => typeof item === 'object' &&
+            (!remoteMap || !remoteMap.has(item.remote) || !this.isValidURL(remoteMap.get(item.remote)))).map((item) => item.remote);
+        if (invalidClients) {
+            this.addValidationErrors('external.fetch.client', invalidClients, manifest);
         }
+        this.validateExternalPermissionURLs('external.navigation', (_s = manifest.typedContent.permissions.external) === null || _s === void 0 ? void 0 : _s.navigation, manifest);
+        this.validateExternalPermissionURLs('external.images', (_t = manifest.typedContent.permissions.external) === null || _t === void 0 ? void 0 : _t.images, manifest);
+        this.validateExternalPermissionURLs('external.frames', (_u = manifest.typedContent.permissions.external) === null || _u === void 0 ? void 0 : _u.frames, manifest);
+        this.validateExternalPermissionURLs('external.scripts', (_v = manifest.typedContent.permissions.external) === null || _v === void 0 ? void 0 : _v.scripts, manifest);
+        this.validateExternalPermissionURLs('external.styles', (_w = manifest.typedContent.permissions.external) === null || _w === void 0 ? void 0 : _w.styles, manifest);
+        this.validateExternalPermissionURLs('external.media', (_x = manifest.typedContent.permissions.external) === null || _x === void 0 ? void 0 : _x.media, manifest);
+        this.validateExternalPermissionURLs('external.fonts', (_y = manifest.typedContent.permissions.external) === null || _y === void 0 ? void 0 : _y.fonts, manifest);
         return {
-            success: validationErrors.length === 0,
-            errors: validationErrors
+            success: this.validationErrors.length === 0,
+            errors: this.validationErrors
         };
     }
 }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@forge/manifest",
-  "version": "3.3.0-next.4",
+  "version": "3.3.0-next.7",
   "description": "Definitions and validations of the Forge manifest",
   "main": "out/index.js",
   "scripts": {