@forge/manifest 8.9.0-next.9 → 9.0.0-next.13
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +28 -0
- package/out/processor/full-validation-processor.d.ts.map +1 -1
- package/out/processor/full-validation-processor.js +2 -0
- package/out/processor/remote-compute-validation-processor.d.ts.map +1 -1
- package/out/processor/remote-compute-validation-processor.js +2 -0
- package/out/schema/basic-manifest-schema.json +5 -0
- package/out/schema/basic-manifest.d.ts +5 -0
- package/out/schema/manifest-schema.json +99 -14
- package/out/schema/manifest.d.ts +30 -11
- package/out/text/errors.d.ts +1 -0
- package/out/text/errors.d.ts.map +1 -1
- package/out/text/errors.js +2 -1
- package/out/types/constants.d.ts +3 -0
- package/out/types/constants.d.ts.map +1 -1
- package/out/types/constants.js +4 -1
- package/out/validators/modules-validator.d.ts.map +1 -1
- package/out/validators/modules-validator.js +12 -14
- package/out/validators/permissions-validator.d.ts.map +1 -1
- package/out/validators/permissions-validator.js +25 -9
- package/out/validators/providers-validator.d.ts.map +1 -1
- package/out/validators/providers-validator.js +9 -1
- package/out/validators/remote-auth-scopes-validator.d.ts +9 -0
- package/out/validators/remote-auth-scopes-validator.d.ts.map +1 -0
- package/out/validators/remote-auth-scopes-validator.js +47 -0
- package/package.json +1 -1
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,33 @@
|
|
|
1
1
|
# @forge/manifest
|
|
2
2
|
|
|
3
|
+
## 9.0.0-next.13
|
|
4
|
+
|
|
5
|
+
### Major Changes
|
|
6
|
+
|
|
7
|
+
- 2d5a0e6: Add lint rule to check scopes for remote apps with auth enabled
|
|
8
|
+
|
|
9
|
+
### Patch Changes
|
|
10
|
+
|
|
11
|
+
- 99739ec: Update manifest definitions
|
|
12
|
+
|
|
13
|
+
## 8.9.0-next.12
|
|
14
|
+
|
|
15
|
+
### Minor Changes
|
|
16
|
+
|
|
17
|
+
- 8c34ca3: Changed manifest to allow egress objects to be a list of string, egress objects containing at least the 'address' field, or a remote reference
|
|
18
|
+
|
|
19
|
+
## 8.9.0-next.11
|
|
20
|
+
|
|
21
|
+
### Patch Changes
|
|
22
|
+
|
|
23
|
+
- 0dfb15d: Revert CustomUITunnellingResourceHandler change
|
|
24
|
+
|
|
25
|
+
## 8.9.0-next.10
|
|
26
|
+
|
|
27
|
+
### Patch Changes
|
|
28
|
+
|
|
29
|
+
- b51be39: allow app developer to specify function memory allocation
|
|
30
|
+
|
|
3
31
|
## 8.9.0-next.9
|
|
4
32
|
|
|
5
33
|
### Patch Changes
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"full-validation-processor.d.ts","sourceRoot":"","sources":["../../src/processor/full-validation-processor.ts"],"names":[],"mappings":"AAmBA,OAAO,EAAE,2BAA2B,EAAE,MAAM,iCAAiC,CAAC;AAC9E,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;
|
|
1
|
+
{"version":3,"file":"full-validation-processor.d.ts","sourceRoot":"","sources":["../../src/processor/full-validation-processor.ts"],"names":[],"mappings":"AAmBA,OAAO,EAAE,2BAA2B,EAAE,MAAM,iCAAiC,CAAC;AAC9E,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AASpD,qBAAa,uBAAwB,SAAQ,2BAA2B,CAAC,cAAc,CAAC;;CA2BvF"}
|
|
@@ -11,6 +11,7 @@ const jql_function_validator_1 = require("../validators/jql-function-validator")
|
|
|
11
11
|
const app_features_validator_1 = require("../validators/app-features-validator");
|
|
12
12
|
const data_classification_validator_1 = require("../validators/data-classification-validator");
|
|
13
13
|
const remote_regions_validator_1 = require("../validators/remote-regions-validator");
|
|
14
|
+
const remote_auth_scopes_validator_1 = require("../validators/remote-auth-scopes-validator");
|
|
14
15
|
const runtime_version_validator_1 = require("../validators/runtime-version-validator");
|
|
15
16
|
class FullValidationProcessor extends abstract_validation_processor_1.AbstractValidationProcessor {
|
|
16
17
|
constructor() {
|
|
@@ -35,6 +36,7 @@ class FullValidationProcessor extends abstract_validation_processor_1.AbstractVa
|
|
|
35
36
|
new data_classification_validator_1.DataClassificationValidator(),
|
|
36
37
|
new validators_1.TranslationsValidator(),
|
|
37
38
|
new remote_regions_validator_1.RemoteRegionsValidator(),
|
|
39
|
+
new remote_auth_scopes_validator_1.RemoteAuthScopesValidator(),
|
|
38
40
|
new runtime_version_validator_1.RuntimeVersionValidator()
|
|
39
41
|
]);
|
|
40
42
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"remote-compute-validation-processor.d.ts","sourceRoot":"","sources":["../../src/processor/remote-compute-validation-processor.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,2BAA2B,EAAE,MAAM,iCAAiC,CAAC;AAC9E,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;
|
|
1
|
+
{"version":3,"file":"remote-compute-validation-processor.d.ts","sourceRoot":"","sources":["../../src/processor/remote-compute-validation-processor.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,2BAA2B,EAAE,MAAM,iCAAiC,CAAC;AAC9E,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAKpD,qBAAa,gCAAiC,SAAQ,2BAA2B,CAAC,cAAc,CAAC;;CAWhG"}
|
|
@@ -6,6 +6,7 @@ const validators_1 = require("../validators");
|
|
|
6
6
|
const abstract_validation_processor_1 = require("./abstract-validation-processor");
|
|
7
7
|
const FULL_SCHEMA = tslib_1.__importStar(require("../schema/manifest-schema.json"));
|
|
8
8
|
const remote_regions_validator_1 = require("../validators/remote-regions-validator");
|
|
9
|
+
const remote_auth_scopes_validator_1 = require("../validators/remote-auth-scopes-validator");
|
|
9
10
|
class RemoteComputeValidationProcessor extends abstract_validation_processor_1.AbstractValidationProcessor {
|
|
10
11
|
constructor() {
|
|
11
12
|
super([
|
|
@@ -13,6 +14,7 @@ class RemoteComputeValidationProcessor extends abstract_validation_processor_1.A
|
|
|
13
14
|
new validators_1.YamlValidator(),
|
|
14
15
|
new validators_1.SchemaValidator(FULL_SCHEMA),
|
|
15
16
|
new remote_regions_validator_1.RemoteRegionsValidator(),
|
|
17
|
+
new remote_auth_scopes_validator_1.RemoteAuthScopesValidator(),
|
|
16
18
|
new validators_1.ModulesValidator()
|
|
17
19
|
]);
|
|
18
20
|
}
|
|
@@ -45,6 +45,11 @@
|
|
|
45
45
|
"x86_64",
|
|
46
46
|
"arm64"
|
|
47
47
|
]
|
|
48
|
+
},
|
|
49
|
+
"memoryMB": {
|
|
50
|
+
"description": "The default amount of memory available to all functions at runtime. Increasing the function memory also increases its CPU allocation. You can configure memory between 128 MB and 512 MB in 1-MB increments. The default value is 512 MB.",
|
|
51
|
+
"title": "memoryMB",
|
|
52
|
+
"type": "number"
|
|
48
53
|
}
|
|
49
54
|
},
|
|
50
55
|
"title": "runtime",
|
|
@@ -25,6 +25,10 @@ export type Name = 'sandbox' | 'nodejs18.x' | 'nodejs20.x' | 'nodejs22.x';
|
|
|
25
25
|
* Lambda architecture, its value can be either 'x86_64' or 'arm64'. Default value is 'x86_64'.
|
|
26
26
|
*/
|
|
27
27
|
export type Architecture = 'x86_64' | 'arm64';
|
|
28
|
+
/**
|
|
29
|
+
* The default amount of memory available to all functions at runtime. Increasing the function memory also increases its CPU allocation. You can configure memory between 128 MB and 512 MB in 1-MB increments. The default value is 512 MB.
|
|
30
|
+
*/
|
|
31
|
+
export type MemoryMB = number;
|
|
28
32
|
/**
|
|
29
33
|
* This property is deprecated.
|
|
30
34
|
*/
|
|
@@ -211,6 +215,7 @@ export interface Runtime {
|
|
|
211
215
|
snapshots?: Snapshots;
|
|
212
216
|
name: Name;
|
|
213
217
|
architecture?: Architecture;
|
|
218
|
+
memoryMB?: MemoryMB;
|
|
214
219
|
}
|
|
215
220
|
/**
|
|
216
221
|
* Options related to paid app licensing
|
|
@@ -45,6 +45,11 @@
|
|
|
45
45
|
"x86_64",
|
|
46
46
|
"arm64"
|
|
47
47
|
]
|
|
48
|
+
},
|
|
49
|
+
"memoryMB": {
|
|
50
|
+
"description": "The default amount of memory available to all functions at runtime. Increasing the function memory also increases its CPU allocation. You can configure memory between 128 MB and 512 MB in 1-MB increments. The default value is 512 MB.",
|
|
51
|
+
"title": "memoryMB",
|
|
52
|
+
"type": "number"
|
|
48
53
|
}
|
|
49
54
|
},
|
|
50
55
|
"title": "runtime",
|
|
@@ -26427,6 +26432,9 @@
|
|
|
26427
26432
|
"type": "string",
|
|
26428
26433
|
"maxLength": 1000
|
|
26429
26434
|
},
|
|
26435
|
+
{
|
|
26436
|
+
"$ref": "#/definitions/EgressPermission"
|
|
26437
|
+
},
|
|
26430
26438
|
{
|
|
26431
26439
|
"type": "object",
|
|
26432
26440
|
"description": "References a Remote",
|
|
@@ -26455,6 +26463,9 @@
|
|
|
26455
26463
|
"type": "string",
|
|
26456
26464
|
"maxLength": 1000
|
|
26457
26465
|
},
|
|
26466
|
+
{
|
|
26467
|
+
"$ref": "#/definitions/EgressPermission"
|
|
26468
|
+
},
|
|
26458
26469
|
{
|
|
26459
26470
|
"type": "object",
|
|
26460
26471
|
"description": "References a Remote",
|
|
@@ -26480,8 +26491,15 @@
|
|
|
26480
26491
|
},
|
|
26481
26492
|
"fonts": {
|
|
26482
26493
|
"items": {
|
|
26483
|
-
"
|
|
26484
|
-
|
|
26494
|
+
"oneOf": [
|
|
26495
|
+
{
|
|
26496
|
+
"type": "string",
|
|
26497
|
+
"maxLength": 1000
|
|
26498
|
+
},
|
|
26499
|
+
{
|
|
26500
|
+
"$ref": "#/definitions/EgressPermission"
|
|
26501
|
+
}
|
|
26502
|
+
]
|
|
26485
26503
|
},
|
|
26486
26504
|
"title": "fonts",
|
|
26487
26505
|
"type": "array",
|
|
@@ -26489,8 +26507,15 @@
|
|
|
26489
26507
|
},
|
|
26490
26508
|
"frames": {
|
|
26491
26509
|
"items": {
|
|
26492
|
-
"
|
|
26493
|
-
|
|
26510
|
+
"oneOf": [
|
|
26511
|
+
{
|
|
26512
|
+
"type": "string",
|
|
26513
|
+
"maxLength": 1000
|
|
26514
|
+
},
|
|
26515
|
+
{
|
|
26516
|
+
"$ref": "#/definitions/EgressPermission"
|
|
26517
|
+
}
|
|
26518
|
+
]
|
|
26494
26519
|
},
|
|
26495
26520
|
"title": "frames",
|
|
26496
26521
|
"type": "array",
|
|
@@ -26498,8 +26523,15 @@
|
|
|
26498
26523
|
},
|
|
26499
26524
|
"navigation": {
|
|
26500
26525
|
"items": {
|
|
26501
|
-
"
|
|
26502
|
-
|
|
26526
|
+
"oneOf": [
|
|
26527
|
+
{
|
|
26528
|
+
"type": "string",
|
|
26529
|
+
"maxLength": 1000
|
|
26530
|
+
},
|
|
26531
|
+
{
|
|
26532
|
+
"$ref": "#/definitions/EgressPermission"
|
|
26533
|
+
}
|
|
26534
|
+
]
|
|
26503
26535
|
},
|
|
26504
26536
|
"title": "navigation",
|
|
26505
26537
|
"type": "array",
|
|
@@ -26507,8 +26539,15 @@
|
|
|
26507
26539
|
},
|
|
26508
26540
|
"images": {
|
|
26509
26541
|
"items": {
|
|
26510
|
-
"
|
|
26511
|
-
|
|
26542
|
+
"oneOf": [
|
|
26543
|
+
{
|
|
26544
|
+
"type": "string",
|
|
26545
|
+
"maxLength": 1000
|
|
26546
|
+
},
|
|
26547
|
+
{
|
|
26548
|
+
"$ref": "#/definitions/EgressPermission"
|
|
26549
|
+
}
|
|
26550
|
+
]
|
|
26512
26551
|
},
|
|
26513
26552
|
"title": "images",
|
|
26514
26553
|
"type": "array",
|
|
@@ -26516,8 +26555,15 @@
|
|
|
26516
26555
|
},
|
|
26517
26556
|
"media": {
|
|
26518
26557
|
"items": {
|
|
26519
|
-
"
|
|
26520
|
-
|
|
26558
|
+
"oneOf": [
|
|
26559
|
+
{
|
|
26560
|
+
"type": "string",
|
|
26561
|
+
"maxLength": 1000
|
|
26562
|
+
},
|
|
26563
|
+
{
|
|
26564
|
+
"$ref": "#/definitions/EgressPermission"
|
|
26565
|
+
}
|
|
26566
|
+
]
|
|
26521
26567
|
},
|
|
26522
26568
|
"title": "media",
|
|
26523
26569
|
"type": "array",
|
|
@@ -26525,8 +26571,15 @@
|
|
|
26525
26571
|
},
|
|
26526
26572
|
"scripts": {
|
|
26527
26573
|
"items": {
|
|
26528
|
-
"
|
|
26529
|
-
|
|
26574
|
+
"oneOf": [
|
|
26575
|
+
{
|
|
26576
|
+
"type": "string",
|
|
26577
|
+
"maxLength": 1000
|
|
26578
|
+
},
|
|
26579
|
+
{
|
|
26580
|
+
"$ref": "#/definitions/EgressPermission"
|
|
26581
|
+
}
|
|
26582
|
+
]
|
|
26530
26583
|
},
|
|
26531
26584
|
"title": "scripts",
|
|
26532
26585
|
"type": "array",
|
|
@@ -26534,8 +26587,15 @@
|
|
|
26534
26587
|
},
|
|
26535
26588
|
"styles": {
|
|
26536
26589
|
"items": {
|
|
26537
|
-
"
|
|
26538
|
-
|
|
26590
|
+
"oneOf": [
|
|
26591
|
+
{
|
|
26592
|
+
"type": "string",
|
|
26593
|
+
"maxLength": 1000
|
|
26594
|
+
},
|
|
26595
|
+
{
|
|
26596
|
+
"$ref": "#/definitions/EgressPermission"
|
|
26597
|
+
}
|
|
26598
|
+
]
|
|
26539
26599
|
},
|
|
26540
26600
|
"title": "styles",
|
|
26541
26601
|
"type": "array",
|
|
@@ -26846,6 +26906,31 @@
|
|
|
26846
26906
|
"type": "string",
|
|
26847
26907
|
"pattern": "^[^\\s]+$"
|
|
26848
26908
|
},
|
|
26909
|
+
"EgressPermission": {
|
|
26910
|
+
"type": "object",
|
|
26911
|
+
"additionalProperties": false,
|
|
26912
|
+
"required": [
|
|
26913
|
+
"address"
|
|
26914
|
+
],
|
|
26915
|
+
"properties": {
|
|
26916
|
+
"address": {
|
|
26917
|
+
"type": "string",
|
|
26918
|
+
"description": "The URL for external egress",
|
|
26919
|
+
"maxLength": 1000
|
|
26920
|
+
},
|
|
26921
|
+
"category": {
|
|
26922
|
+
"type": "string",
|
|
26923
|
+
"description": "The category of egress, e.g. analytics",
|
|
26924
|
+
"enum": [
|
|
26925
|
+
"analytics"
|
|
26926
|
+
]
|
|
26927
|
+
},
|
|
26928
|
+
"inScopeEUD": {
|
|
26929
|
+
"type": "boolean",
|
|
26930
|
+
"description": "Weather or not any user data is in egressed via this address"
|
|
26931
|
+
}
|
|
26932
|
+
}
|
|
26933
|
+
},
|
|
26849
26934
|
"AuthProviderPredefined": {
|
|
26850
26935
|
"type": "object",
|
|
26851
26936
|
"additionalProperties": false,
|
package/out/schema/manifest.d.ts
CHANGED
|
@@ -25,6 +25,10 @@ export type Name = 'sandbox' | 'nodejs18.x' | 'nodejs20.x' | 'nodejs22.x';
|
|
|
25
25
|
* Lambda architecture, its value can be either 'x86_64' or 'arm64'. Default value is 'x86_64'.
|
|
26
26
|
*/
|
|
27
27
|
export type Architecture = 'x86_64' | 'arm64';
|
|
28
|
+
/**
|
|
29
|
+
* The default amount of memory available to all functions at runtime. Increasing the function memory also increases its CPU allocation. You can configure memory between 128 MB and 512 MB in 1-MB increments. The default value is 512 MB.
|
|
30
|
+
*/
|
|
31
|
+
export type MemoryMB = number;
|
|
28
32
|
/**
|
|
29
33
|
* This property is deprecated.
|
|
30
34
|
*/
|
|
@@ -175,7 +179,7 @@ export type TimeoutSeconds = number;
|
|
|
175
179
|
/**
|
|
176
180
|
* The amount of memory available to this function at runtime. Increasing the function memory also increases its CPU allocation. You can configure memory between 128 MB and 512 MB in 1-MB increments. The default value is 512 MB.
|
|
177
181
|
*/
|
|
178
|
-
export type
|
|
182
|
+
export type MemoryMB1 = number;
|
|
179
183
|
/**
|
|
180
184
|
* Name of the key of the function that will handle this action.
|
|
181
185
|
*/
|
|
@@ -649,15 +653,15 @@ export type Function7 = string;
|
|
|
649
653
|
export type Scopes = string[];
|
|
650
654
|
export type Scripts = string[];
|
|
651
655
|
export type Styles = 'unsafe-inline'[];
|
|
652
|
-
export type Backend = (string | Remote)[];
|
|
653
|
-
export type Client = (string | Remote1)[];
|
|
654
|
-
export type Fonts = string[];
|
|
655
|
-
export type Frames = string[];
|
|
656
|
-
export type Navigation = string[];
|
|
657
|
-
export type Images = string[];
|
|
658
|
-
export type Media = string[];
|
|
659
|
-
export type Scripts1 = string[];
|
|
660
|
-
export type Styles1 = string[];
|
|
656
|
+
export type Backend = (string | EgressPermission | Remote)[];
|
|
657
|
+
export type Client = (string | EgressPermission | Remote1)[];
|
|
658
|
+
export type Fonts = (string | EgressPermission)[];
|
|
659
|
+
export type Frames = (string | EgressPermission)[];
|
|
660
|
+
export type Navigation = (string | EgressPermission)[];
|
|
661
|
+
export type Images = (string | EgressPermission)[];
|
|
662
|
+
export type Media = (string | EgressPermission)[];
|
|
663
|
+
export type Scripts1 = (string | EgressPermission)[];
|
|
664
|
+
export type Styles1 = (string | EgressPermission)[];
|
|
661
665
|
export type Resources = HostedResourcesSchema[];
|
|
662
666
|
export type Remotes = RemotesSchema[];
|
|
663
667
|
export type BearerMethodSchema =
|
|
@@ -865,6 +869,7 @@ export interface Runtime {
|
|
|
865
869
|
snapshots?: Snapshots;
|
|
866
870
|
name: Name;
|
|
867
871
|
architecture?: Architecture;
|
|
872
|
+
memoryMB?: MemoryMB;
|
|
868
873
|
}
|
|
869
874
|
/**
|
|
870
875
|
* Options related to paid app licensing
|
|
@@ -12200,7 +12205,7 @@ export interface ExternalAuthFunctionProvider {
|
|
|
12200
12205
|
* Function Runtime configuration
|
|
12201
12206
|
*/
|
|
12202
12207
|
export interface Runtime1 {
|
|
12203
|
-
memoryMB?:
|
|
12208
|
+
memoryMB?: MemoryMB1;
|
|
12204
12209
|
}
|
|
12205
12210
|
export interface ActionInput {
|
|
12206
12211
|
title: string;
|
|
@@ -60969,6 +60974,20 @@ export interface Fetch {
|
|
|
60969
60974
|
backend?: Backend;
|
|
60970
60975
|
client?: Client;
|
|
60971
60976
|
}
|
|
60977
|
+
export interface EgressPermission {
|
|
60978
|
+
/**
|
|
60979
|
+
* The URL for external egress
|
|
60980
|
+
*/
|
|
60981
|
+
address: string;
|
|
60982
|
+
/**
|
|
60983
|
+
* The category of egress, e.g. analytics
|
|
60984
|
+
*/
|
|
60985
|
+
category?: 'analytics';
|
|
60986
|
+
/**
|
|
60987
|
+
* Weather or not any user data is in egressed via this address
|
|
60988
|
+
*/
|
|
60989
|
+
inScopeEUD?: boolean;
|
|
60990
|
+
}
|
|
60972
60991
|
/**
|
|
60973
60992
|
* References a Remote
|
|
60974
60993
|
*/
|
package/out/text/errors.d.ts
CHANGED
package/out/text/errors.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../../src/text/errors.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,KAAK,wBAAwB,EAAE,MAAM,oBAAoB,CAAC;AAC5E,OAAO,EAAE,cAAc,EAAE,MAAM,UAAU,CAAC;AAG1C,eAAO,MAAM,MAAM;8BACS,MAAM,KAAG,MAAM;2BACpB,MAAM;yBAEN,MAAM,GAAG,SAAS,QAAQ,MAAM,EAAE,UAAU,MAAM,GAAG,SAAS,KAAG,MAAM;;uBAO3E,MAAM,EAAE,EAAE,GAAG,SAAS,KAAG,MAAM;4BAI1B,MAAM,EAAE,KAAG,MAAM;mCACV,MAAM,SAAS,MAAM,mBAAmB,MAAM,KAAG,MAAM;mDAIvC,MAAM,KAAG,MAAM;4BAEtC,MAAM,EAAE,GAAG,SAAS,KAAG,MAAM;+CAIV,MAAM;6CACR,MAAM,gBAAgB,MAAM;qCAEpC,MAAM;2CACA,MAAM;6CACJ,MAAM;;;qCAGd,MAAM,SAAS,MAAM,KAAG,MAAM;4CAEvB,MAAM,SAAS,MAAM,KAAG,MAAM;oDAEtB,MAAM,OAAO,MAAM,KAAG,MAAM;kDAE9B,MAAM,OAAO,MAAM,KAAG,MAAM;wCAEtC,MAAM,SAAS,MAAM,EAAE,KAAG,MAAM;2CAI7B,MAAM,KAAG,MAAM;0CAEhB,MAAM,SAAS,MAAM,KAAG,MAAM;+CAEzB,MAAM,KAAG,MAAM;;;uCAIvB,MAAM,KAAG,MAAM;0CACZ,MAAM,KAAG,MAAM;;;gCAGzB,MAAM,KAAG,MAAM;6BACpB,MAAM;+BACJ,MAAM;iCACF,MAAM,KAAG,MAAM;yCACP,MAAM,eAAe,MAAM,KAAG,MAAM;yCAEpC,MAAM,eAAe,MAAM,KAAG,MAAM;yCAEpC,MAAM,eAAe,MAAM,KAAG,MAAM;oCAEzC,MAAM;6CACG,MAAM,KAAG,MAAM;0EAEc,MAAM,KAAG,MAAM;4DAE7B,MAAM,KAAG,MAAM;6DAEd,MAAM,KAAG,MAAM;;yCAGrC,MAAM,KAAG,MAAM;iCAEvB,MAAM,KAAG,MAAM;4CACJ,MAAM,gBAAgB,MAAM,KAAG,MAAM;sCAE3C,MAAM,gBAAgB,MAAM,gBAAgB,MAAM,KAAG,MAAM;;;wDAIzC,MAAM,qBAAqB,MAAM,KAAG,MAAM;4CAEtD,MAAM,qBAAqB,MAAM,KAAG,MAAM;;;yCAI7C,MAAM,aAAa,MAAM,QAAQ,MAAM,EAAE,KAAG,MAAM;2CAIhD,MAAM,aAAa,MAAM,QAAQ,MAAM,EAAE,KAAG,MAAM;sDAEvC,MAAM,QAAQ,MAAM,EAAE,KAAG,MAAM;8DAEvB,MAAM,aAAa,MAAM,cAAc,MAAM,KAAG,MAAM;6EAEvC,MAAM,qBAAqB,MAAM,KAAG,MAAM;yEAE9C,MAAM,qBAAqB,MAAM,KAAG,MAAM;;wCAG/E,MAAM;sDACU,MAAM,KAAG,MAAM;iDAEpB,MAAM,KAAG,MAAM;2DAEL,MAAM,KAAG,MAAM;0CAEhC,MAAM,OAAO,MAAM,KAAG,MAAM;yDAEb,MAAM,KAAG,MAAM;uEAED,MAAM,KAAG,MAAM;;;sDAIhC,MAAM,WAAW,MAAM,SAAS,MAAM,KAAG,MAAM;6CAExD,MAAM,KAAG,MAAM;;;;mCAKvB,MAAM,KAAG,MAAM;mCAEf,MAAM,KAAG,MAAM;;;qCAIb,MAAM,KAAG,MAAM;;;0CAIV,MAAM,KAAG,MAAM;;;4CAIb,MAAM,EAAE,KAAG,MAAM;;;wCAIrB,cAAc,OAAO,MAAM,UAAU,MAAM,EAAE,KAAG,MAAM;;;mCAI3D,MAAM,EAAE,KAAG,MAAM;;;4DAIQ,MAAM,KAAG,MAAM;qCAEtC,MAAM,KAAG,MAAM;2CAET,MAAM,KAAG,MAAM;;;oCAGtB,MAAM,KAAG,MAAM;;oCAEjB,MAAM,SAAS,MAAM,KAAG,MAAM;qCAI7B,MAAM,YAAY,MAAM,KAAG,MAAM;;;;;iCAQrC,MAAM,KAAG,MAAM;;;;8DAKc,MAAM;8DAEJ,MAAM,qBAAqB,MAAM,KAAG,MAAM;kDAEtD,MAAM,qBAAqB,MAAM,KAAG,MAAM;;;wDAIpC,MAAM,KAAG,MAAM;yCAE9B,MAAM,KAAG,MAAM;;;oDAGJ,MAAM,aAAa,MAAM,KAAG,MAAM;yCAE7C,MAAM,KAAG,MAAM;0CACd,MAAM,KAAG,MAAM;;;kCAIvB,MAAM,KAAG,MAAM;qCAEd,MAAM;iCACV,MAAM;;;;kCAID,MAAM,OAAO,MAAM,KAAG,MAAM;iCAE7B,MAAM,OAAO,MAAM,KAAG,MAAM;oCAEzB,MAAM,OAAO,MAAM,KAAG,MAAM;gDAEhB,MAAM,KAAG,MAAM;uCAExB,MAAM,KAAG,MAAM;+BACvB,MAAM,OAAO,MAAM,KAAG,MAAM;;;;;;;;kCASzB,MAAM,UAAU,MAAM,KAAG,MAAM;gCAEjC,MAAM,KAAG,MAAM;2CAEJ,MAAM,eAAe,MAAM,KAAG,MAAM;kCAE7C,MAAM,UAAU,MAAM,KAAG,MAAM;;;uCAI5B,MAAM;uCAEJ,MAAM,KAAG,MAAM;qCAEnB,MAAM;;6CAGA,MAAM;;;mDAIE,MAAM,KAAG,MAAM;;;;
|
|
1
|
+
{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../../src/text/errors.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,KAAK,wBAAwB,EAAE,MAAM,oBAAoB,CAAC;AAC5E,OAAO,EAAE,cAAc,EAAE,MAAM,UAAU,CAAC;AAG1C,eAAO,MAAM,MAAM;8BACS,MAAM,KAAG,MAAM;2BACpB,MAAM;yBAEN,MAAM,GAAG,SAAS,QAAQ,MAAM,EAAE,UAAU,MAAM,GAAG,SAAS,KAAG,MAAM;;uBAO3E,MAAM,EAAE,EAAE,GAAG,SAAS,KAAG,MAAM;4BAI1B,MAAM,EAAE,KAAG,MAAM;mCACV,MAAM,SAAS,MAAM,mBAAmB,MAAM,KAAG,MAAM;mDAIvC,MAAM,KAAG,MAAM;4BAEtC,MAAM,EAAE,GAAG,SAAS,KAAG,MAAM;+CAIV,MAAM;6CACR,MAAM,gBAAgB,MAAM;qCAEpC,MAAM;2CACA,MAAM;6CACJ,MAAM;;;qCAGd,MAAM,SAAS,MAAM,KAAG,MAAM;4CAEvB,MAAM,SAAS,MAAM,KAAG,MAAM;oDAEtB,MAAM,OAAO,MAAM,KAAG,MAAM;kDAE9B,MAAM,OAAO,MAAM,KAAG,MAAM;wCAEtC,MAAM,SAAS,MAAM,EAAE,KAAG,MAAM;2CAI7B,MAAM,KAAG,MAAM;0CAEhB,MAAM,SAAS,MAAM,KAAG,MAAM;+CAEzB,MAAM,KAAG,MAAM;;;uCAIvB,MAAM,KAAG,MAAM;0CACZ,MAAM,KAAG,MAAM;;;gCAGzB,MAAM,KAAG,MAAM;6BACpB,MAAM;+BACJ,MAAM;iCACF,MAAM,KAAG,MAAM;yCACP,MAAM,eAAe,MAAM,KAAG,MAAM;yCAEpC,MAAM,eAAe,MAAM,KAAG,MAAM;yCAEpC,MAAM,eAAe,MAAM,KAAG,MAAM;oCAEzC,MAAM;6CACG,MAAM,KAAG,MAAM;0EAEc,MAAM,KAAG,MAAM;4DAE7B,MAAM,KAAG,MAAM;6DAEd,MAAM,KAAG,MAAM;;yCAGrC,MAAM,KAAG,MAAM;iCAEvB,MAAM,KAAG,MAAM;4CACJ,MAAM,gBAAgB,MAAM,KAAG,MAAM;sCAE3C,MAAM,gBAAgB,MAAM,gBAAgB,MAAM,KAAG,MAAM;;;wDAIzC,MAAM,qBAAqB,MAAM,KAAG,MAAM;4CAEtD,MAAM,qBAAqB,MAAM,KAAG,MAAM;;;yCAI7C,MAAM,aAAa,MAAM,QAAQ,MAAM,EAAE,KAAG,MAAM;2CAIhD,MAAM,aAAa,MAAM,QAAQ,MAAM,EAAE,KAAG,MAAM;sDAEvC,MAAM,QAAQ,MAAM,EAAE,KAAG,MAAM;8DAEvB,MAAM,aAAa,MAAM,cAAc,MAAM,KAAG,MAAM;6EAEvC,MAAM,qBAAqB,MAAM,KAAG,MAAM;yEAE9C,MAAM,qBAAqB,MAAM,KAAG,MAAM;;wCAG/E,MAAM;sDACU,MAAM,KAAG,MAAM;iDAEpB,MAAM,KAAG,MAAM;2DAEL,MAAM,KAAG,MAAM;0CAEhC,MAAM,OAAO,MAAM,KAAG,MAAM;yDAEb,MAAM,KAAG,MAAM;uEAED,MAAM,KAAG,MAAM;;;sDAIhC,MAAM,WAAW,MAAM,SAAS,MAAM,KAAG,MAAM;6CAExD,MAAM,KAAG,MAAM;;;;mCAKvB,MAAM,KAAG,MAAM;mCAEf,MAAM,KAAG,MAAM;;;qCAIb,MAAM,KAAG,MAAM;;;0CAIV,MAAM,KAAG,MAAM;;;4CAIb,MAAM,EAAE,KAAG,MAAM;;;wCAIrB,cAAc,OAAO,MAAM,UAAU,MAAM,EAAE,KAAG,MAAM;;;mCAI3D,MAAM,EAAE,KAAG,MAAM;;;4DAIQ,MAAM,KAAG,MAAM;qCAEtC,MAAM,KAAG,MAAM;2CAET,MAAM,KAAG,MAAM;;;oCAGtB,MAAM,KAAG,MAAM;;oCAEjB,MAAM,SAAS,MAAM,KAAG,MAAM;qCAI7B,MAAM,YAAY,MAAM,KAAG,MAAM;;;;;iCAQrC,MAAM,KAAG,MAAM;;;;8DAKc,MAAM;8DAEJ,MAAM,qBAAqB,MAAM,KAAG,MAAM;kDAEtD,MAAM,qBAAqB,MAAM,KAAG,MAAM;;;wDAIpC,MAAM,KAAG,MAAM;yCAE9B,MAAM,KAAG,MAAM;;;oDAGJ,MAAM,aAAa,MAAM,KAAG,MAAM;yCAE7C,MAAM,KAAG,MAAM;0CACd,MAAM,KAAG,MAAM;;;kCAIvB,MAAM,KAAG,MAAM;qCAEd,MAAM;iCACV,MAAM;;;;kCAID,MAAM,OAAO,MAAM,KAAG,MAAM;iCAE7B,MAAM,OAAO,MAAM,KAAG,MAAM;oCAEzB,MAAM,OAAO,MAAM,KAAG,MAAM;gDAEhB,MAAM,KAAG,MAAM;uCAExB,MAAM,KAAG,MAAM;+BACvB,MAAM,OAAO,MAAM,KAAG,MAAM;;;;;;;;kCASzB,MAAM,UAAU,MAAM,KAAG,MAAM;gCAEjC,MAAM,KAAG,MAAM;2CAEJ,MAAM,eAAe,MAAM,KAAG,MAAM;kCAE7C,MAAM,UAAU,MAAM,KAAG,MAAM;;;uCAI5B,MAAM;uCAEJ,MAAM,KAAG,MAAM;qCAEnB,MAAM;;6CAGA,MAAM;;;mDAIE,MAAM,KAAG,MAAM;iDAEnB,MAAM;;;;4CAKX,MAAM,SAAS,MAAM,KAAG,MAAM;4CAE9B,MAAM,KAAG,MAAM;4CACf,MAAM,SAAS,MAAM,KAAG,MAAM;+CAE3B,MAAM,aAAa,MAAM,SAAS,MAAM,KAAG,MAAM;yCAEvD,MAAM,SAAS,MAAM,KAAG,MAAM;4CAE3B,MAAM,SAAS,MAAM,KAAG,MAAM;gDAE1B,MAAM,aAAa,MAAM,KAAG,MAAM;4CAEtC,MAAM,SAAS,MAAM,KAAG,MAAM;;;2CAI7B,MAAM;;;gCAInB,MAAM;;;;yCAIK,OAAO,CAAC,MAAM,CAAC,KAAG,MAAM;;;;0DAaL,wBAAwB,KAAG,MAAM;sDAErC,wBAAwB,KAAG,MAAM;kDAErC,wBAAwB,QAAQ,MAAM,KAAG,MAAM;mDAE9C,wBAAwB,KAAG,MAAM;mCAEjD,MAAM,KAAG,MAAM;;oDAEE,MAAM,aAAa,MAAM,KAAG,MAAM;4CAE1C,MAAM,sBAAsB,wBAAwB,YAAY,MAAM;;CAG7G,CAAC;AAEF,oBAAY,UAAU;IACpB,eAAe,2BAA2B;IAC1C,eAAe,wBAAwB;IACvC,WAAW,4BAA4B;IACvC,WAAW,+BAA+B;IAC1C,aAAa,8BAA8B;IAC3C,OAAO,0BAA0B;IACjC,cAAc,kCAAkC;IAChD,SAAS,4BAA4B;IACrC,SAAS,4BAA4B;IACrC,UAAU,wBAAwB;IAClC,GAAG,8BAA8B;IACjC,eAAe,0BAA0B;CAC1C"}
|
package/out/text/errors.js
CHANGED
|
@@ -169,7 +169,8 @@ exports.errors = {
|
|
|
169
169
|
deprecatedAutoUserConsent: () => 'The autoUserConsent feature flag is no longer required to use automatic user consent and should be removed from the manifest.'
|
|
170
170
|
},
|
|
171
171
|
remotes: {
|
|
172
|
-
missingRemotesStorageInScopeEUD: (key) => `missing storage.inScopeEUD in remote ${key}. storage.inScopeEUD is required if storage is present in operations
|
|
172
|
+
missingRemotesStorageInScopeEUD: (key) => `missing storage.inScopeEUD in remote ${key}. storage.inScopeEUD is required if storage is present in operations.`,
|
|
173
|
+
missingAppScopesForRemoteAuth: () => 'Missing app scopes. If OAuth tokens are required, add valid scopes in addition to OAuth token config scopes (see https://go.atlassian.com/forgescopes). Otherwise, remove OAuth token config.'
|
|
173
174
|
},
|
|
174
175
|
storage: {
|
|
175
176
|
entities: {
|
package/out/types/constants.d.ts
CHANGED
|
@@ -1,2 +1,5 @@
|
|
|
1
1
|
export declare const MANIFEST_FILE = "manifest.yml";
|
|
2
|
+
export declare const SYSTEM_TOKEN_SCOPE = "read:app-system-token";
|
|
3
|
+
export declare const USER_TOKEN_SCOPE = "read:app-user-token";
|
|
4
|
+
export declare const REMOTE_AUTH_SCOPES: string[];
|
|
2
5
|
//# sourceMappingURL=constants.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../../src/types/constants.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,aAAa,iBAAiB,CAAC"}
|
|
1
|
+
{"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../../src/types/constants.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,aAAa,iBAAiB,CAAC;AAE5C,eAAO,MAAM,kBAAkB,0BAA0B,CAAC;AAC1D,eAAO,MAAM,gBAAgB,wBAAwB,CAAC;AACtD,eAAO,MAAM,kBAAkB,UAAyC,CAAC"}
|
package/out/types/constants.js
CHANGED
|
@@ -1,4 +1,7 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.MANIFEST_FILE = void 0;
|
|
3
|
+
exports.REMOTE_AUTH_SCOPES = exports.USER_TOKEN_SCOPE = exports.SYSTEM_TOKEN_SCOPE = exports.MANIFEST_FILE = void 0;
|
|
4
4
|
exports.MANIFEST_FILE = 'manifest.yml';
|
|
5
|
+
exports.SYSTEM_TOKEN_SCOPE = 'read:app-system-token';
|
|
6
|
+
exports.USER_TOKEN_SCOPE = 'read:app-user-token';
|
|
7
|
+
exports.REMOTE_AUTH_SCOPES = [exports.SYSTEM_TOKEN_SCOPE, exports.USER_TOKEN_SCOPE];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"modules-validator.d.ts","sourceRoot":"","sources":["../../src/validators/modules-validator.ts"],"names":[],"mappings":"AAAA,OAAO,
|
|
1
|
+
{"version":3,"file":"modules-validator.d.ts","sourceRoot":"","sources":["../../src/validators/modules-validator.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,cAAc,EACd,wBAAwB,EAKzB,MAAM,UAAU,CAAC;AAGlB,OAAO,EAAkB,cAAc,EAAqC,MAAM,oBAAoB,CAAC;AACvG,OAAO,EAAE,kBAAkB,EAAE,MAAM,uBAAuB,CAAC;AAqB3D,qBAAa,gBACX,YAAW,kBAAkB,CAAC,cAAc,CAAC,cAAc,CAAC,GAAG,SAAS,EAAE,cAAc,CAAC;IAGzF,OAAO,CAAC,oBAAoB,CAAsE;IAE5F,QAAQ,CACZ,QAAQ,EAAE,cAAc,CAAC,cAAc,CAAC,GAAG,SAAS,GACnD,OAAO,CAAC,wBAAwB,CAAC,cAAc,CAAC,CAAC;IA4DpD,OAAO,CAAC,uBAAuB;IAO/B,OAAO,CAAC,iBAAiB;IAkBzB,OAAO,CAAC,4BAA4B;IAapC,OAAO,CAAC,uBAAuB;IAe/B,OAAO,CAAC,uBAAuB;IAiB/B,OAAO,CAAC,4BAA4B;IA0BpC,OAAO,CAAC,mBAAmB;IAyG3B,OAAO,CAAC,4BAA4B;IA2BpC,OAAO,CAAC,yBAAyB;CAkClC"}
|
|
@@ -127,8 +127,6 @@ class ModulesValidator {
|
|
|
127
127
|
}
|
|
128
128
|
endpointValidations(modules, yamlContentByLine, remotes, scopes) {
|
|
129
129
|
const validationErrors = [];
|
|
130
|
-
const SYSTEM_TOKEN_SCOPE = 'read:app-system-token';
|
|
131
|
-
const USER_TOKEN_SCOPE = 'read:app-user-token';
|
|
132
130
|
const _checkRemoteExists = (remoteKey) => {
|
|
133
131
|
return remotes?.find((remote) => remote.key === remoteKey) !== undefined;
|
|
134
132
|
};
|
|
@@ -164,48 +162,48 @@ class ModulesValidator {
|
|
|
164
162
|
...(0, utils_1.findPosition)(endpoint.remote, yamlContentByLine)
|
|
165
163
|
});
|
|
166
164
|
}
|
|
167
|
-
if (endpoint.auth?.appUserToken?.enabled && !scopes.includes(USER_TOKEN_SCOPE)) {
|
|
165
|
+
if (endpoint.auth?.appUserToken?.enabled && !scopes.includes(types_1.USER_TOKEN_SCOPE)) {
|
|
168
166
|
validationErrors.push({
|
|
169
|
-
message: text_1.errors.permissions.missingEndpointPermissionFromScope(USER_TOKEN_SCOPE, endpoint.key),
|
|
167
|
+
message: text_1.errors.permissions.missingEndpointPermissionFromScope(types_1.USER_TOKEN_SCOPE, endpoint.key),
|
|
170
168
|
reference: text_1.References.MissingScopes,
|
|
171
169
|
level: 'error',
|
|
172
170
|
metadata: {
|
|
173
|
-
missingPermission: USER_TOKEN_SCOPE
|
|
171
|
+
missingPermission: types_1.USER_TOKEN_SCOPE
|
|
174
172
|
},
|
|
175
173
|
...(0, utils_1.findPosition)('scopes', yamlContentByLine)
|
|
176
174
|
});
|
|
177
175
|
}
|
|
178
|
-
if (endpoint.auth?.appSystemToken?.enabled && !scopes.includes(SYSTEM_TOKEN_SCOPE)) {
|
|
176
|
+
if (endpoint.auth?.appSystemToken?.enabled && !scopes.includes(types_1.SYSTEM_TOKEN_SCOPE)) {
|
|
179
177
|
validationErrors.push({
|
|
180
|
-
message: text_1.errors.permissions.missingEndpointPermissionFromScope(SYSTEM_TOKEN_SCOPE, endpoint.key),
|
|
178
|
+
message: text_1.errors.permissions.missingEndpointPermissionFromScope(types_1.SYSTEM_TOKEN_SCOPE, endpoint.key),
|
|
181
179
|
reference: text_1.References.MissingScopes,
|
|
182
180
|
level: 'error',
|
|
183
181
|
metadata: {
|
|
184
|
-
missingPermission: SYSTEM_TOKEN_SCOPE
|
|
182
|
+
missingPermission: types_1.SYSTEM_TOKEN_SCOPE
|
|
185
183
|
},
|
|
186
184
|
...(0, utils_1.findPosition)('scopes', yamlContentByLine)
|
|
187
185
|
});
|
|
188
186
|
}
|
|
189
187
|
});
|
|
190
188
|
remotes?.forEach((remote) => {
|
|
191
|
-
if (remote.auth?.appUserToken?.enabled && !scopes.includes(USER_TOKEN_SCOPE)) {
|
|
189
|
+
if (remote.auth?.appUserToken?.enabled && !scopes.includes(types_1.USER_TOKEN_SCOPE)) {
|
|
192
190
|
validationErrors.push({
|
|
193
|
-
message: text_1.errors.permissions.missingRemotePermissionFromScope(USER_TOKEN_SCOPE, remote.key),
|
|
191
|
+
message: text_1.errors.permissions.missingRemotePermissionFromScope(types_1.USER_TOKEN_SCOPE, remote.key),
|
|
194
192
|
reference: text_1.References.MissingScopes,
|
|
195
193
|
level: 'error',
|
|
196
194
|
metadata: {
|
|
197
|
-
missingPermission: USER_TOKEN_SCOPE
|
|
195
|
+
missingPermission: types_1.USER_TOKEN_SCOPE
|
|
198
196
|
},
|
|
199
197
|
...(0, utils_1.findPosition)('scopes', yamlContentByLine)
|
|
200
198
|
});
|
|
201
199
|
}
|
|
202
|
-
if (remote.auth?.appSystemToken?.enabled && !scopes.includes(SYSTEM_TOKEN_SCOPE)) {
|
|
200
|
+
if (remote.auth?.appSystemToken?.enabled && !scopes.includes(types_1.SYSTEM_TOKEN_SCOPE)) {
|
|
203
201
|
validationErrors.push({
|
|
204
|
-
message: text_1.errors.permissions.missingRemotePermissionFromScope(SYSTEM_TOKEN_SCOPE, remote.key),
|
|
202
|
+
message: text_1.errors.permissions.missingRemotePermissionFromScope(types_1.SYSTEM_TOKEN_SCOPE, remote.key),
|
|
205
203
|
reference: text_1.References.MissingScopes,
|
|
206
204
|
level: 'error',
|
|
207
205
|
metadata: {
|
|
208
|
-
missingPermission: SYSTEM_TOKEN_SCOPE
|
|
206
|
+
missingPermission: types_1.SYSTEM_TOKEN_SCOPE
|
|
209
207
|
},
|
|
210
208
|
...(0, utils_1.findPosition)('scopes', yamlContentByLine)
|
|
211
209
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"permissions-validator.d.ts","sourceRoot":"","sources":["../../src/validators/permissions-validator.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,wBAAwB,EAAmB,MAAM,UAAU,CAAC;AAGrF,OAAO,EAAE,cAAc,EAAU,MAAM,oBAAoB,CAAC;AAC5D,OAAO,EAAE,kBAAkB,EAAE,MAAM,uBAAuB,CAAC;AAM3D,qBAAa,oBACX,YAAW,kBAAkB,CAAC,cAAc,CAAC,cAAc,CAAC,GAAG,SAAS,EAAE,cAAc,CAAC;IAEzF,OAAO,CAAC,UAAU;IA+BlB,OAAO,CAAC,WAAW;IAUnB,OAAO,CAAC,mBAAmB;IAgB3B,OAAO,CAAC,8BAA8B;IA6ChC,QAAQ,CACZ,QAAQ,EAAE,cAAc,CAAC,cAAc,CAAC,GAAG,SAAS,GACnD,OAAO,CAAC,wBAAwB,CAAC,cAAc,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"permissions-validator.d.ts","sourceRoot":"","sources":["../../src/validators/permissions-validator.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,wBAAwB,EAAmB,MAAM,UAAU,CAAC;AAGrF,OAAO,EAAE,cAAc,EAAU,MAAM,oBAAoB,CAAC;AAC5D,OAAO,EAAE,kBAAkB,EAAE,MAAM,uBAAuB,CAAC;AAM3D,qBAAa,oBACX,YAAW,kBAAkB,CAAC,cAAc,CAAC,cAAc,CAAC,GAAG,SAAS,EAAE,cAAc,CAAC;IAEzF,OAAO,CAAC,UAAU;IA+BlB,OAAO,CAAC,WAAW;IAUnB,OAAO,CAAC,mBAAmB;IAgB3B,OAAO,CAAC,8BAA8B;IA6ChC,QAAQ,CACZ,QAAQ,EAAE,cAAc,CAAC,cAAc,CAAC,GAAG,SAAS,GACnD,OAAO,CAAC,wBAAwB,CAAC,cAAc,CAAC,CAAC;CA8HrD"}
|
|
@@ -109,39 +109,53 @@ class PermissionsValidator {
|
|
|
109
109
|
const mapping = [
|
|
110
110
|
{
|
|
111
111
|
element: 'external.fetch.backend',
|
|
112
|
-
perms: manifest.typedContent.permissions.external?.fetch?.backend
|
|
112
|
+
perms: manifest.typedContent.permissions.external?.fetch?.backend
|
|
113
|
+
?.map((key) => {
|
|
114
|
+
if (typeof key === 'object' && 'address' in key) {
|
|
115
|
+
return key.address;
|
|
116
|
+
}
|
|
117
|
+
return key;
|
|
118
|
+
})
|
|
119
|
+
.filter((key) => typeof key === 'string')
|
|
113
120
|
},
|
|
114
121
|
{
|
|
115
122
|
element: 'external.fetch.client',
|
|
116
|
-
perms: manifest.typedContent.permissions.external?.fetch?.client
|
|
123
|
+
perms: manifest.typedContent.permissions.external?.fetch?.client
|
|
124
|
+
?.map((key) => {
|
|
125
|
+
if (typeof key === 'object' && 'address' in key) {
|
|
126
|
+
return key.address;
|
|
127
|
+
}
|
|
128
|
+
return key;
|
|
129
|
+
})
|
|
130
|
+
.filter((key) => typeof key === 'string')
|
|
117
131
|
},
|
|
118
132
|
{
|
|
119
133
|
element: 'external.navigation',
|
|
120
|
-
perms: manifest.typedContent.permissions.external?.navigation
|
|
134
|
+
perms: manifest.typedContent.permissions.external?.navigation?.map((key) => typeof key === 'object' ? key.address : key)
|
|
121
135
|
},
|
|
122
136
|
{
|
|
123
137
|
element: 'external.styles',
|
|
124
|
-
perms: manifest.typedContent.permissions.external?.styles
|
|
138
|
+
perms: manifest.typedContent.permissions.external?.styles?.map((key) => typeof key === 'object' ? key.address : key)
|
|
125
139
|
},
|
|
126
140
|
{
|
|
127
141
|
element: 'external.frames',
|
|
128
|
-
perms: manifest.typedContent.permissions.external?.frames
|
|
142
|
+
perms: manifest.typedContent.permissions.external?.frames?.map((key) => typeof key === 'object' ? key.address : key)
|
|
129
143
|
},
|
|
130
144
|
{
|
|
131
145
|
element: 'external.fonts',
|
|
132
|
-
perms: manifest.typedContent.permissions.external?.fonts
|
|
146
|
+
perms: manifest.typedContent.permissions.external?.fonts?.map((key) => typeof key === 'object' ? key.address : key)
|
|
133
147
|
},
|
|
134
148
|
{
|
|
135
149
|
element: 'external.images',
|
|
136
|
-
perms: manifest.typedContent.permissions.external?.images
|
|
150
|
+
perms: manifest.typedContent.permissions.external?.images?.map((key) => typeof key === 'object' ? key.address : key)
|
|
137
151
|
},
|
|
138
152
|
{
|
|
139
153
|
element: 'external.media',
|
|
140
|
-
perms: manifest.typedContent.permissions.external?.media
|
|
154
|
+
perms: manifest.typedContent.permissions.external?.media?.map((key) => typeof key === 'object' ? key.address : key)
|
|
141
155
|
},
|
|
142
156
|
{
|
|
143
157
|
element: 'external.scripts',
|
|
144
|
-
perms: manifest.typedContent.permissions.external?.scripts
|
|
158
|
+
perms: manifest.typedContent.permissions.external?.scripts?.map((key) => typeof key === 'object' ? key.address : key)
|
|
145
159
|
}
|
|
146
160
|
];
|
|
147
161
|
mapping.forEach((item) => this.validateExternalPermissionURLs(errors, item.element, item.perms, manifest));
|
|
@@ -151,6 +165,7 @@ class PermissionsValidator {
|
|
|
151
165
|
}, new Map());
|
|
152
166
|
const invalidBackendRemotes = manifest.typedContent.permissions.external?.fetch?.backend
|
|
153
167
|
?.filter((item) => typeof item === 'object' &&
|
|
168
|
+
'remote' in item &&
|
|
154
169
|
(!remoteMap || !remoteMap.has(item.remote) || !this.isValidURL(remoteMap.get(item.remote))))
|
|
155
170
|
.map((item) => item.remote);
|
|
156
171
|
if (invalidBackendRemotes?.length) {
|
|
@@ -158,6 +173,7 @@ class PermissionsValidator {
|
|
|
158
173
|
}
|
|
159
174
|
const invalidClientRemotes = manifest.typedContent.permissions.external?.fetch?.client
|
|
160
175
|
?.filter((item) => typeof item === 'object' &&
|
|
176
|
+
'remote' in item &&
|
|
161
177
|
(!remoteMap || !remoteMap.has(item.remote) || !this.isValidURL(remoteMap.get(item.remote))))
|
|
162
178
|
.map((item) => item.remote);
|
|
163
179
|
if (invalidClientRemotes?.length) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"providers-validator.d.ts","sourceRoot":"","sources":["../../src/validators/providers-validator.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,wBAAwB,EAAmB,MAAM,UAAU,CAAC;AAGrF,OAAO,KAAK,EAGV,cAAc,EAGf,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAAE,kBAAkB,EAAE,MAAM,uBAAuB,CAAC;AAG3D,qBAAa,kBACX,YAAW,kBAAkB,CAAC,cAAc,CAAC,cAAc,CAAC,GAAG,SAAS,EAAE,cAAc,CAAC;IAEnF,QAAQ,CACZ,QAAQ,EAAE,cAAc,CAAC,cAAc,CAAC,GAAG,SAAS,GACnD,OAAO,CAAC,wBAAwB,CAAC,cAAc,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"providers-validator.d.ts","sourceRoot":"","sources":["../../src/validators/providers-validator.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,wBAAwB,EAAmB,MAAM,UAAU,CAAC;AAGrF,OAAO,KAAK,EAGV,cAAc,EAGf,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAAE,kBAAkB,EAAE,MAAM,uBAAuB,CAAC;AAG3D,qBAAa,kBACX,YAAW,kBAAkB,CAAC,cAAc,CAAC,cAAc,CAAC,GAAG,SAAS,EAAE,cAAc,CAAC;IAEnF,QAAQ,CACZ,QAAQ,EAAE,cAAc,CAAC,cAAc,CAAC,GAAG,SAAS,GACnD,OAAO,CAAC,wBAAwB,CAAC,cAAc,CAAC,CAAC;IAqFpD,OAAO,CAAC,mBAAmB;IAiB3B,OAAO,CAAC,+BAA+B;IAkBvC,OAAO,CAAC,iBAAiB;CAoC1B"}
|
|
@@ -30,7 +30,15 @@ class ProvidersValidator {
|
|
|
30
30
|
const missingEgressPermission = provider.remotes?.find((key) => {
|
|
31
31
|
const remote = remotes?.find((item) => item.key === key);
|
|
32
32
|
if (remote) {
|
|
33
|
-
const egressPermission = permissions?.external?.fetch?.backend?.find((item) =>
|
|
33
|
+
const egressPermission = permissions?.external?.fetch?.backend?.find((item) => {
|
|
34
|
+
if (typeof item === 'string') {
|
|
35
|
+
return item === remote.baseUrl;
|
|
36
|
+
}
|
|
37
|
+
if ('remote' in item) {
|
|
38
|
+
return item.remote === remote.key;
|
|
39
|
+
}
|
|
40
|
+
return item.address === remote.baseUrl;
|
|
41
|
+
});
|
|
34
42
|
return !egressPermission;
|
|
35
43
|
}
|
|
36
44
|
return false;
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
import { ValidatorInterface } from './validator-interface';
|
|
2
|
+
import { ManifestObject, ManifestValidationResult } from '../types';
|
|
3
|
+
import { ManifestSchema } from '../schema/manifest';
|
|
4
|
+
export declare class RemoteAuthScopesValidator implements ValidatorInterface<ManifestObject<ManifestSchema> | undefined, ManifestSchema> {
|
|
5
|
+
validate(manifest: ManifestObject<ManifestSchema> | undefined): Promise<ManifestValidationResult<ManifestSchema>>;
|
|
6
|
+
private appUserTokenEnabled;
|
|
7
|
+
private appSystemTokenEnabled;
|
|
8
|
+
}
|
|
9
|
+
//# sourceMappingURL=remote-auth-scopes-validator.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"remote-auth-scopes-validator.d.ts","sourceRoot":"","sources":["../../src/validators/remote-auth-scopes-validator.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,uBAAuB,CAAC;AAC3D,OAAO,EAAE,cAAc,EAAE,wBAAwB,EAAsB,MAAM,UAAU,CAAC;AACxF,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAapD,qBAAa,yBACX,YAAW,kBAAkB,CAAC,cAAc,CAAC,cAAc,CAAC,GAAG,SAAS,EAAE,cAAc,CAAC;IAEnF,QAAQ,CACZ,QAAQ,EAAE,cAAc,CAAC,cAAc,CAAC,GAAG,SAAS,GACnD,OAAO,CAAC,wBAAwB,CAAC,cAAc,CAAC,CAAC;IA4CpD,OAAO,CAAC,mBAAmB,CAA+D;IAC1F,OAAO,CAAC,qBAAqB,CAAiE;CAC/F"}
|
|
@@ -0,0 +1,47 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.RemoteAuthScopesValidator = void 0;
|
|
4
|
+
const types_1 = require("../types");
|
|
5
|
+
const text_1 = require("../text");
|
|
6
|
+
const utils_1 = require("../utils");
|
|
7
|
+
class RemoteAuthScopesValidator {
|
|
8
|
+
async validate(manifest) {
|
|
9
|
+
if (!manifest?.typedContent?.remotes && !manifest?.typedContent?.modules?.endpoint) {
|
|
10
|
+
return {
|
|
11
|
+
success: true,
|
|
12
|
+
manifestObject: manifest
|
|
13
|
+
};
|
|
14
|
+
}
|
|
15
|
+
const remotes = manifest.typedContent.remotes;
|
|
16
|
+
const endpoints = manifest.typedContent.modules?.endpoint ?? [];
|
|
17
|
+
const hasAppUserToken = endpoints.some((endpoint) => this.appUserTokenEnabled(endpoint.auth)) ||
|
|
18
|
+
remotes?.some((remote) => this.appUserTokenEnabled(remote.auth));
|
|
19
|
+
const hasAppSystemToken = endpoints.some((endpoint) => this.appSystemTokenEnabled(endpoint.auth)) ||
|
|
20
|
+
remotes?.some((remote) => this.appSystemTokenEnabled(remote.auth));
|
|
21
|
+
if (hasAppUserToken || hasAppSystemToken) {
|
|
22
|
+
const scopes = manifest.typedContent.permissions?.scopes ?? [];
|
|
23
|
+
const filteredScopes = scopes.filter((scope) => !types_1.REMOTE_AUTH_SCOPES.includes(scope));
|
|
24
|
+
if (filteredScopes.length === 0) {
|
|
25
|
+
return {
|
|
26
|
+
success: false,
|
|
27
|
+
manifestObject: manifest,
|
|
28
|
+
errors: [
|
|
29
|
+
{
|
|
30
|
+
message: text_1.errors.app.remotes.missingAppScopesForRemoteAuth(),
|
|
31
|
+
reference: text_1.References.App,
|
|
32
|
+
level: 'error',
|
|
33
|
+
...(0, utils_1.findPosition)('scopes', manifest.yamlContentByLine)
|
|
34
|
+
}
|
|
35
|
+
]
|
|
36
|
+
};
|
|
37
|
+
}
|
|
38
|
+
}
|
|
39
|
+
return {
|
|
40
|
+
success: true,
|
|
41
|
+
manifestObject: manifest
|
|
42
|
+
};
|
|
43
|
+
}
|
|
44
|
+
appUserTokenEnabled = (auth) => auth?.appUserToken?.enabled === true;
|
|
45
|
+
appSystemTokenEnabled = (auth) => auth?.appSystemToken?.enabled === true;
|
|
46
|
+
}
|
|
47
|
+
exports.RemoteAuthScopesValidator = RemoteAuthScopesValidator;
|