@gaias/basenode 1.0.12 → 1.0.13
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CLAUDE.md +757 -0
- package/SECURITY.md +296 -0
- package/dist/index.d.ts +1 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/libs/apisix/ApisixTemplate.d.ts +1 -0
- package/dist/libs/apisix/ApisixTemplate.d.ts.map +1 -0
- package/dist/libs/apisix/ApisixTemplate.js +120 -74
- package/dist/libs/apisix/ApisixTemplate.js.map +1 -1
- package/dist/libs/apisix/HttpPutter.d.ts +11 -1
- package/dist/libs/apisix/HttpPutter.d.ts.map +1 -0
- package/dist/libs/apisix/HttpPutter.js +44 -31
- package/dist/libs/apisix/HttpPutter.js.map +1 -1
- package/dist/libs/apisix/index.d.ts +1 -0
- package/dist/libs/apisix/index.d.ts.map +1 -0
- package/dist/libs/cache/CacheService.d.ts +1 -0
- package/dist/libs/cache/CacheService.d.ts.map +1 -0
- package/dist/libs/cache/CacheService.js +79 -109
- package/dist/libs/cache/CacheService.js.map +1 -1
- package/dist/libs/cache/Timer.d.ts +1 -0
- package/dist/libs/cache/Timer.d.ts.map +1 -0
- package/dist/libs/cache/Timer.js +1 -1
- package/dist/libs/cache/Timer.js.map +1 -1
- package/dist/libs/cache/index.d.ts +1 -0
- package/dist/libs/cache/index.d.ts.map +1 -0
- package/dist/libs/configure/ApplicationConfig.d.ts +4 -1
- package/dist/libs/configure/ApplicationConfig.d.ts.map +1 -0
- package/dist/libs/configure/ConfigManager.d.ts +1 -0
- package/dist/libs/configure/ConfigManager.d.ts.map +1 -0
- package/dist/libs/configure/ConfigManager.js.map +1 -1
- package/dist/libs/configure/index.d.ts +1 -0
- package/dist/libs/configure/index.d.ts.map +1 -0
- package/dist/libs/deps/Libs.d.ts +5 -5
- package/dist/libs/deps/Libs.d.ts.map +1 -0
- package/dist/libs/deps/Libs.js +5 -6
- package/dist/libs/deps/Libs.js.map +1 -1
- package/dist/libs/deps/index.d.ts +1 -0
- package/dist/libs/deps/index.d.ts.map +1 -0
- package/dist/libs/error/BizError.d.ts +1 -0
- package/dist/libs/error/BizError.d.ts.map +1 -0
- package/dist/libs/error/BizError.js.map +1 -1
- package/dist/libs/error/index.d.ts +1 -0
- package/dist/libs/error/index.d.ts.map +1 -0
- package/dist/libs/gateway/ApiGatewayLoader.d.ts +4 -2
- package/dist/libs/gateway/ApiGatewayLoader.d.ts.map +1 -0
- package/dist/libs/gateway/ApiGatewayLoader.js +114 -42
- package/dist/libs/gateway/ApiGatewayLoader.js.map +1 -1
- package/dist/libs/gateway/index.d.ts +1 -0
- package/dist/libs/gateway/index.d.ts.map +1 -0
- package/dist/libs/generator/IdGenerator.d.ts +1 -0
- package/dist/libs/generator/IdGenerator.d.ts.map +1 -0
- package/dist/libs/generator/IdGenerator.js +6 -1
- package/dist/libs/generator/IdGenerator.js.map +1 -1
- package/dist/libs/generator/IndexCreator.d.ts +2 -0
- package/dist/libs/generator/IndexCreator.d.ts.map +1 -0
- package/dist/libs/generator/IndexCreator.js +49 -17
- package/dist/libs/generator/IndexCreator.js.map +1 -1
- package/dist/libs/generator/index.d.ts +1 -0
- package/dist/libs/generator/index.d.ts.map +1 -0
- package/dist/libs/healthcheck/HealthCheckController.d.ts +1 -0
- package/dist/libs/healthcheck/HealthCheckController.d.ts.map +1 -0
- package/dist/libs/healthcheck/HealthCheckController.js +30 -41
- package/dist/libs/healthcheck/HealthCheckController.js.map +1 -1
- package/dist/libs/healthcheck/index.d.ts +1 -0
- package/dist/libs/healthcheck/index.d.ts.map +1 -0
- package/dist/libs/index.d.ts +1 -0
- package/dist/libs/index.d.ts.map +1 -0
- package/dist/libs/koa/KoaControllerReturnHandler.d.ts +1 -0
- package/dist/libs/koa/KoaControllerReturnHandler.d.ts.map +1 -0
- package/dist/libs/koa/KoaControllerReturnHandler.js +35 -23
- package/dist/libs/koa/KoaControllerReturnHandler.js.map +1 -1
- package/dist/libs/koa/KoaLoader.d.ts +1 -0
- package/dist/libs/koa/KoaLoader.d.ts.map +1 -0
- package/dist/libs/koa/KoaLoader.js +21 -27
- package/dist/libs/koa/KoaLoader.js.map +1 -1
- package/dist/libs/koa/KoaLoaderOption.d.ts +1 -0
- package/dist/libs/koa/KoaLoaderOption.d.ts.map +1 -0
- package/dist/libs/koa/KoaLoaderOption.js.map +1 -1
- package/dist/libs/koa/index.d.ts +1 -0
- package/dist/libs/koa/index.d.ts.map +1 -0
- package/dist/libs/koa/setupRestfulControllers.d.ts +1 -0
- package/dist/libs/koa/setupRestfulControllers.d.ts.map +1 -0
- package/dist/libs/koa/setupRestfulControllers.js +59 -58
- package/dist/libs/koa/setupRestfulControllers.js.map +1 -1
- package/dist/libs/koa/setupSocketControllers.d.ts +1 -0
- package/dist/libs/koa/setupSocketControllers.d.ts.map +1 -0
- package/dist/libs/koa/setupSocketControllers.js +56 -33
- package/dist/libs/koa/setupSocketControllers.js.map +1 -1
- package/dist/libs/leader/Leader.d.ts +1 -0
- package/dist/libs/leader/Leader.d.ts.map +1 -0
- package/dist/libs/leader/Leader.js +46 -63
- package/dist/libs/leader/Leader.js.map +1 -1
- package/dist/libs/leader/LeaderOptions.d.ts +1 -0
- package/dist/libs/leader/LeaderOptions.d.ts.map +1 -0
- package/dist/libs/leader/index.d.ts +1 -0
- package/dist/libs/leader/index.d.ts.map +1 -0
- package/dist/libs/logger/Logger.d.ts +2 -1
- package/dist/libs/logger/Logger.d.ts.map +1 -0
- package/dist/libs/logger/Logger.js +9 -3
- package/dist/libs/logger/Logger.js.map +1 -1
- package/dist/libs/logger/index.d.ts +1 -0
- package/dist/libs/logger/index.d.ts.map +1 -0
- package/dist/libs/network/getLocalIpAddress.d.ts +1 -0
- package/dist/libs/network/getLocalIpAddress.d.ts.map +1 -0
- package/dist/libs/network/getLocalIpAddress.js +18 -19
- package/dist/libs/network/getLocalIpAddress.js.map +1 -1
- package/dist/libs/network/index.d.ts +1 -0
- package/dist/libs/network/index.d.ts.map +1 -0
- package/dist/libs/orm/BaseRepository.d.ts +1 -0
- package/dist/libs/orm/BaseRepository.d.ts.map +1 -0
- package/dist/libs/orm/BaseRepository.js +12 -33
- package/dist/libs/orm/BaseRepository.js.map +1 -1
- package/dist/libs/orm/TypeormLoader.d.ts +1 -0
- package/dist/libs/orm/TypeormLoader.d.ts.map +1 -0
- package/dist/libs/orm/TypeormLoader.js +6 -15
- package/dist/libs/orm/TypeormLoader.js.map +1 -1
- package/dist/libs/orm/index.d.ts +1 -0
- package/dist/libs/orm/index.d.ts.map +1 -0
- package/dist/libs/pagination/Pagination.d.ts +1 -0
- package/dist/libs/pagination/Pagination.d.ts.map +1 -0
- package/dist/libs/pagination/Pagination.js +1 -2
- package/dist/libs/pagination/Pagination.js.map +1 -1
- package/dist/libs/pagination/index.d.ts +1 -0
- package/dist/libs/pagination/index.d.ts.map +1 -0
- package/dist/libs/rabbitmq/DistributedEvents.d.ts +1 -0
- package/dist/libs/rabbitmq/DistributedEvents.d.ts.map +1 -0
- package/dist/libs/rabbitmq/DistributedEvents.js +49 -63
- package/dist/libs/rabbitmq/DistributedEvents.js.map +1 -1
- package/dist/libs/rabbitmq/DistributedEventsLoader.d.ts +1 -0
- package/dist/libs/rabbitmq/DistributedEventsLoader.d.ts.map +1 -0
- package/dist/libs/rabbitmq/DistributedEventsLoader.js +2 -11
- package/dist/libs/rabbitmq/DistributedEventsLoader.js.map +1 -1
- package/dist/libs/rabbitmq/EventsManager.d.ts +5 -4
- package/dist/libs/rabbitmq/EventsManager.d.ts.map +1 -0
- package/dist/libs/rabbitmq/EventsManager.js +17 -26
- package/dist/libs/rabbitmq/EventsManager.js.map +1 -1
- package/dist/libs/rabbitmq/index.d.ts +1 -0
- package/dist/libs/rabbitmq/index.d.ts.map +1 -0
- package/dist/libs/redis/RedisClient.d.ts +1 -0
- package/dist/libs/redis/RedisClient.d.ts.map +1 -0
- package/dist/libs/redis/RedisClient.js +41 -62
- package/dist/libs/redis/RedisClient.js.map +1 -1
- package/dist/libs/redis/RedisLoader.d.ts +1 -0
- package/dist/libs/redis/RedisLoader.d.ts.map +1 -0
- package/dist/libs/redis/RedisLoader.js +1 -10
- package/dist/libs/redis/RedisLoader.js.map +1 -1
- package/dist/libs/redis/index.d.ts +1 -0
- package/dist/libs/redis/index.d.ts.map +1 -0
- package/dist/libs/register/ApiRegisterController.d.ts +1 -0
- package/dist/libs/register/ApiRegisterController.d.ts.map +1 -0
- package/dist/libs/register/ApiRegisterController.js +73 -98
- package/dist/libs/register/ApiRegisterController.js.map +1 -1
- package/dist/libs/register/Converter.d.ts +1 -0
- package/dist/libs/register/Converter.d.ts.map +1 -0
- package/dist/libs/register/Converter.js.map +1 -1
- package/dist/libs/register/HttpMethods.d.ts +1 -0
- package/dist/libs/register/HttpMethods.d.ts.map +1 -0
- package/dist/libs/register/HttpMethods.js +8 -3
- package/dist/libs/register/HttpMethods.js.map +1 -1
- package/dist/libs/register/ResRegTypes.d.ts +1 -0
- package/dist/libs/register/ResRegTypes.d.ts.map +1 -0
- package/dist/libs/register/index.d.ts +1 -0
- package/dist/libs/register/index.d.ts.map +1 -0
- package/dist/libs/type/builder.d.ts +1 -0
- package/dist/libs/type/builder.d.ts.map +1 -0
- package/dist/libs/type/builder.js.map +1 -1
- package/dist/libs/type/index.d.ts +1 -0
- package/dist/libs/type/index.d.ts.map +1 -0
- package/dist/libs/type/types.d.ts +1 -0
- package/dist/libs/type/types.d.ts.map +1 -0
- package/dist/libs/universal/UniversalController.d.ts +1 -0
- package/dist/libs/universal/UniversalController.d.ts.map +1 -0
- package/dist/libs/universal/UniversalController.js.map +1 -1
- package/dist/libs/universal/UniversalService.d.ts +1 -0
- package/dist/libs/universal/UniversalService.d.ts.map +1 -0
- package/dist/libs/universal/UniversalService.js +126 -138
- package/dist/libs/universal/UniversalService.js.map +1 -1
- package/dist/libs/universal/index.d.ts +1 -0
- package/dist/libs/universal/index.d.ts.map +1 -0
- package/dist/libs/validator/SafeUrlValidator.d.ts +17 -0
- package/dist/libs/validator/SafeUrlValidator.d.ts.map +1 -0
- package/dist/libs/validator/SafeUrlValidator.js +88 -0
- package/dist/libs/validator/SafeUrlValidator.js.map +1 -0
- package/dist/libs/validator/ValidationHelper.d.ts +1 -0
- package/dist/libs/validator/ValidationHelper.d.ts.map +1 -0
- package/dist/libs/validator/ValidationHelper.js +40 -57
- package/dist/libs/validator/ValidationHelper.js.map +1 -1
- package/dist/libs/validator/i18nValidator.d.ts +1 -0
- package/dist/libs/validator/i18nValidator.d.ts.map +1 -0
- package/dist/libs/validator/i18nValidator.js +1 -1
- package/dist/libs/validator/i18nValidator.js.map +1 -1
- package/dist/libs/validator/index.d.ts +2 -0
- package/dist/libs/validator/index.d.ts.map +1 -0
- package/dist/libs/validator/index.js +1 -0
- package/dist/libs/validator/index.js.map +1 -1
- package/dist/server/BootstrapLoader.d.ts +1 -0
- package/dist/server/BootstrapLoader.d.ts.map +1 -0
- package/dist/server/BootstrapOption.d.ts +1 -0
- package/dist/server/BootstrapOption.d.ts.map +1 -0
- package/dist/server/bootstrap.d.ts +1 -0
- package/dist/server/bootstrap.d.ts.map +1 -0
- package/dist/server/bootstrap.js +5 -14
- package/dist/server/bootstrap.js.map +1 -1
- package/dist/server/index.d.ts +1 -0
- package/dist/server/index.d.ts.map +1 -0
- package/dist/utils/YamlUtil.d.ts +1 -0
- package/dist/utils/YamlUtil.d.ts.map +1 -0
- package/dist/utils/YamlUtil.js +12 -3
- package/dist/utils/YamlUtil.js.map +1 -1
- package/dist/utils/crypto.d.ts +1 -0
- package/dist/utils/crypto.d.ts.map +1 -0
- package/dist/utils/crypto.js.map +1 -1
- package/dist/utils/index.d.ts +1 -0
- package/dist/utils/index.d.ts.map +1 -0
- package/dist/utils/jwtUtil.d.ts +1 -0
- package/dist/utils/jwtUtil.d.ts.map +1 -0
- package/dist/utils/jwtUtil.js.map +1 -1
- package/dist/utils/transformer.d.ts +1 -0
- package/dist/utils/transformer.d.ts.map +1 -0
- package/dist/utils/transformer.js.map +1 -1
- package/package.json +50 -28
- package/.dockerignore +0 -12
- package/.drone.yml +0 -54
- package/.eslintignore +0 -4
- package/.github/workflows/docker-image.yml +0 -69
- package/.ncurc.json +0 -8
- package/Dockerfile +0 -47
- package/gen_db.json +0 -7
- package/open.json +0 -104
package/SECURITY.md
ADDED
|
@@ -0,0 +1,296 @@
|
|
|
1
|
+
# Security Guidelines
|
|
2
|
+
|
|
3
|
+
This document outlines security practices and tools for the @gaias/basenode project.
|
|
4
|
+
|
|
5
|
+
## Security Audit Tools
|
|
6
|
+
|
|
7
|
+
### Quick Commands
|
|
8
|
+
|
|
9
|
+
```bash
|
|
10
|
+
# Run basic security audit
|
|
11
|
+
yarn security
|
|
12
|
+
|
|
13
|
+
# Show vulnerability summary
|
|
14
|
+
yarn security:summary
|
|
15
|
+
|
|
16
|
+
# Generate detailed security report
|
|
17
|
+
yarn security:report
|
|
18
|
+
|
|
19
|
+
# View raw JSON audit data
|
|
20
|
+
yarn security:json
|
|
21
|
+
```
|
|
22
|
+
|
|
23
|
+
### Security Report Features
|
|
24
|
+
|
|
25
|
+
The `yarn security:report` command provides:
|
|
26
|
+
|
|
27
|
+
- ✅ **Comprehensive Summary**: Overview of all vulnerabilities by severity
|
|
28
|
+
- ✅ **Detailed Information**: Full details for each vulnerability including CVE, path, and versions
|
|
29
|
+
- ✅ **Mitigation Status**: Tracks which vulnerabilities have been addressed
|
|
30
|
+
- ✅ **Actionable Recommendations**: Clear next steps for addressing issues
|
|
31
|
+
- ✅ **Color-coded Output**: Easy-to-read terminal output with severity-based colors
|
|
32
|
+
|
|
33
|
+
### Security Configuration
|
|
34
|
+
|
|
35
|
+
The `security-audit.config.js` file tracks:
|
|
36
|
+
|
|
37
|
+
1. **Known Issues**: Vulnerabilities that have been reviewed and mitigated
|
|
38
|
+
2. **Accepted Risks**: Low-severity issues accepted with justification
|
|
39
|
+
3. **Scheduled Replacements**: Packages planned for replacement
|
|
40
|
+
4. **Audit Settings**: CI/CD thresholds and notification preferences
|
|
41
|
+
|
|
42
|
+
## Current Security Status
|
|
43
|
+
|
|
44
|
+
As of 2025-10-18:
|
|
45
|
+
|
|
46
|
+
- **Total Vulnerabilities**: 1 (down from 12)
|
|
47
|
+
- **Critical**: 0 ✅
|
|
48
|
+
- **High**: 0 ✅
|
|
49
|
+
- **Moderate**: 1 (mitigated)
|
|
50
|
+
- **Low**: 0 ✅
|
|
51
|
+
|
|
52
|
+
### Mitigated Vulnerabilities
|
|
53
|
+
|
|
54
|
+
#### CVE-2025-56200: validator.js URL Validation Bypass
|
|
55
|
+
|
|
56
|
+
**Status**: ✅ MITIGATED
|
|
57
|
+
|
|
58
|
+
**Issue**: validator.js uses '://' as protocol delimiter instead of ':', allowing bypass attacks.
|
|
59
|
+
|
|
60
|
+
**Solution**: Custom SafeUrlValidator using Node.js built-in URL class (WHATWG standard).
|
|
61
|
+
|
|
62
|
+
**Implementation**: `src/libs/validator/SafeUrlValidator.ts`
|
|
63
|
+
|
|
64
|
+
**Usage**:
|
|
65
|
+
```typescript
|
|
66
|
+
import { IsSafeUrl } from '@/libs/validator';
|
|
67
|
+
|
|
68
|
+
class UserDto {
|
|
69
|
+
@IsSafeUrl()
|
|
70
|
+
website: string;
|
|
71
|
+
|
|
72
|
+
@IsSafeUrl({ protocols: ['https'] })
|
|
73
|
+
secureUrl: string;
|
|
74
|
+
}
|
|
75
|
+
```
|
|
76
|
+
|
|
77
|
+
**Important**: Use `@IsSafeUrl()` instead of `@IsUrl()` to avoid the vulnerability.
|
|
78
|
+
|
|
79
|
+
## Security Best Practices
|
|
80
|
+
|
|
81
|
+
### 1. Regular Audits
|
|
82
|
+
|
|
83
|
+
Run security audits regularly:
|
|
84
|
+
|
|
85
|
+
```bash
|
|
86
|
+
# Weekly security check
|
|
87
|
+
yarn security:report
|
|
88
|
+
|
|
89
|
+
# Before each release
|
|
90
|
+
yarn security:report
|
|
91
|
+
```
|
|
92
|
+
|
|
93
|
+
### 2. Dependency Updates
|
|
94
|
+
|
|
95
|
+
Keep dependencies up to date:
|
|
96
|
+
|
|
97
|
+
```bash
|
|
98
|
+
# Check for available updates
|
|
99
|
+
yarn deps:check
|
|
100
|
+
|
|
101
|
+
# Update dependencies
|
|
102
|
+
yarn deps:update
|
|
103
|
+
|
|
104
|
+
# Run security audit after updates
|
|
105
|
+
yarn security:report
|
|
106
|
+
```
|
|
107
|
+
|
|
108
|
+
### 3. Code Review Checklist
|
|
109
|
+
|
|
110
|
+
When reviewing code:
|
|
111
|
+
|
|
112
|
+
- [ ] No hardcoded secrets or credentials
|
|
113
|
+
- [ ] Input validation using `@IsSafeUrl()` for URLs
|
|
114
|
+
- [ ] Use `i18n()` decorator for all validation
|
|
115
|
+
- [ ] No SQL injection vulnerabilities (use TypeORM properly)
|
|
116
|
+
- [ ] Authentication and authorization checks in place
|
|
117
|
+
- [ ] Sensitive data properly encrypted
|
|
118
|
+
|
|
119
|
+
### 4. URL Validation
|
|
120
|
+
|
|
121
|
+
**❌ Don't use** (vulnerable):
|
|
122
|
+
```typescript
|
|
123
|
+
import { IsUrl } from 'class-validator';
|
|
124
|
+
|
|
125
|
+
class Dto {
|
|
126
|
+
@IsUrl() // Vulnerable to CVE-2025-56200
|
|
127
|
+
website: string;
|
|
128
|
+
}
|
|
129
|
+
```
|
|
130
|
+
|
|
131
|
+
**✅ Do use** (secure):
|
|
132
|
+
```typescript
|
|
133
|
+
import { IsSafeUrl } from '@/libs/validator';
|
|
134
|
+
|
|
135
|
+
class Dto {
|
|
136
|
+
@IsSafeUrl()
|
|
137
|
+
website: string;
|
|
138
|
+
|
|
139
|
+
@IsSafeUrl({ protocols: ['https'] })
|
|
140
|
+
apiEndpoint: string;
|
|
141
|
+
|
|
142
|
+
@IsSafeUrl({ host_whitelist: ['trusted.com'] })
|
|
143
|
+
trustedUrl: string;
|
|
144
|
+
}
|
|
145
|
+
```
|
|
146
|
+
|
|
147
|
+
### 5. Database Queries
|
|
148
|
+
|
|
149
|
+
Always use TypeORM's query builder or repository methods. Never concatenate user input into SQL queries:
|
|
150
|
+
|
|
151
|
+
**❌ Don't do**:
|
|
152
|
+
```typescript
|
|
153
|
+
// Vulnerable to SQL injection
|
|
154
|
+
const users = await connection.query(
|
|
155
|
+
`SELECT * FROM users WHERE id = ${userId}`
|
|
156
|
+
);
|
|
157
|
+
```
|
|
158
|
+
|
|
159
|
+
**✅ Do this**:
|
|
160
|
+
```typescript
|
|
161
|
+
// Safe - uses parameterized queries
|
|
162
|
+
const users = await userRepository.find({
|
|
163
|
+
where: { id: userId }
|
|
164
|
+
});
|
|
165
|
+
|
|
166
|
+
// Or use query builder
|
|
167
|
+
const users = await userRepository
|
|
168
|
+
.createQueryBuilder('user')
|
|
169
|
+
.where('user.id = :id', { id: userId })
|
|
170
|
+
.getMany();
|
|
171
|
+
```
|
|
172
|
+
|
|
173
|
+
### 6. Environment Variables
|
|
174
|
+
|
|
175
|
+
Never commit sensitive data:
|
|
176
|
+
|
|
177
|
+
- Use `.env` files for local development (already in `.gitignore`)
|
|
178
|
+
- Use environment-specific config files: `cfg/*.{env}.yml`
|
|
179
|
+
- Never log sensitive information
|
|
180
|
+
- Use secrets management in production (AWS Secrets Manager, Vault, etc.)
|
|
181
|
+
|
|
182
|
+
### 7. Authentication & Authorization
|
|
183
|
+
|
|
184
|
+
```typescript
|
|
185
|
+
import { Authorized, JsonController, Get } from 'routing-controllers';
|
|
186
|
+
|
|
187
|
+
@JsonController('/admin')
|
|
188
|
+
class AdminController {
|
|
189
|
+
@Get('/users')
|
|
190
|
+
@Authorized(['admin']) // Role-based access control
|
|
191
|
+
async getUsers() {
|
|
192
|
+
return this.userService.getAllUsers();
|
|
193
|
+
}
|
|
194
|
+
}
|
|
195
|
+
```
|
|
196
|
+
|
|
197
|
+
## Reporting Security Issues
|
|
198
|
+
|
|
199
|
+
If you discover a security vulnerability:
|
|
200
|
+
|
|
201
|
+
1. **Do NOT** create a public GitHub issue
|
|
202
|
+
2. Email the security team: security@example.com
|
|
203
|
+
3. Include:
|
|
204
|
+
- Description of the vulnerability
|
|
205
|
+
- Steps to reproduce
|
|
206
|
+
- Potential impact
|
|
207
|
+
- Suggested fix (if any)
|
|
208
|
+
|
|
209
|
+
We aim to respond within 48 hours.
|
|
210
|
+
|
|
211
|
+
## Security Updates
|
|
212
|
+
|
|
213
|
+
### Dependency Resolutions
|
|
214
|
+
|
|
215
|
+
The project uses Yarn resolutions to enforce secure versions of nested dependencies:
|
|
216
|
+
|
|
217
|
+
```json
|
|
218
|
+
{
|
|
219
|
+
"resolutions": {
|
|
220
|
+
"xml2js": "^0.6.2",
|
|
221
|
+
"tmp": "^0.2.4",
|
|
222
|
+
"typeorm-model-generator/typeorm": "^0.3.27",
|
|
223
|
+
"typeorm-model-generator/mysql2": "^3.15.2",
|
|
224
|
+
"typeorm-model-generator/**/axios": "^1.8.2"
|
|
225
|
+
}
|
|
226
|
+
}
|
|
227
|
+
```
|
|
228
|
+
|
|
229
|
+
### Adding New Dependencies
|
|
230
|
+
|
|
231
|
+
Before adding a new dependency:
|
|
232
|
+
|
|
233
|
+
```bash
|
|
234
|
+
# Check the package for known vulnerabilities
|
|
235
|
+
npm info <package-name>
|
|
236
|
+
|
|
237
|
+
# Install the package
|
|
238
|
+
yarn add <package-name>
|
|
239
|
+
|
|
240
|
+
# Run security audit
|
|
241
|
+
yarn security:report
|
|
242
|
+
|
|
243
|
+
# Review any new vulnerabilities
|
|
244
|
+
```
|
|
245
|
+
|
|
246
|
+
## CI/CD Integration
|
|
247
|
+
|
|
248
|
+
### Pre-commit Hook
|
|
249
|
+
|
|
250
|
+
Security checks run automatically before commits:
|
|
251
|
+
|
|
252
|
+
```bash
|
|
253
|
+
# Configured in package.json
|
|
254
|
+
"precommit": "yarn lint"
|
|
255
|
+
```
|
|
256
|
+
|
|
257
|
+
### Recommended CI/CD Checks
|
|
258
|
+
|
|
259
|
+
Add to your CI/CD pipeline:
|
|
260
|
+
|
|
261
|
+
```yaml
|
|
262
|
+
# Example GitHub Actions
|
|
263
|
+
- name: Security Audit
|
|
264
|
+
run: yarn security:report
|
|
265
|
+
|
|
266
|
+
- name: Lint and Type Check
|
|
267
|
+
run: yarn lint
|
|
268
|
+
|
|
269
|
+
- name: Run Tests
|
|
270
|
+
run: yarn test
|
|
271
|
+
```
|
|
272
|
+
|
|
273
|
+
## Security Checklist for Releases
|
|
274
|
+
|
|
275
|
+
Before each release:
|
|
276
|
+
|
|
277
|
+
- [ ] Run `yarn security:report` - ensure all critical/high issues are addressed
|
|
278
|
+
- [ ] Run `yarn deps:update` - update dependencies
|
|
279
|
+
- [ ] Run `yarn test` - ensure all tests pass
|
|
280
|
+
- [ ] Run `yarn lint` - no linting errors
|
|
281
|
+
- [ ] Review `CHANGELOG.md` for security-related changes
|
|
282
|
+
- [ ] Update security documentation if needed
|
|
283
|
+
- [ ] Tag release with version number
|
|
284
|
+
|
|
285
|
+
## Resources
|
|
286
|
+
|
|
287
|
+
- [OWASP Top 10](https://owasp.org/www-project-top-ten/)
|
|
288
|
+
- [Node.js Security Best Practices](https://nodejs.org/en/docs/guides/security/)
|
|
289
|
+
- [TypeORM Security](https://typeorm.io/#/security)
|
|
290
|
+
- [Yarn Audit Documentation](https://classic.yarnpkg.com/en/docs/cli/audit/)
|
|
291
|
+
|
|
292
|
+
## Contact
|
|
293
|
+
|
|
294
|
+
Security Team: security@example.com
|
|
295
|
+
|
|
296
|
+
Last Updated: 2025-10-18
|
package/dist/index.d.ts
CHANGED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAEA,cAAc,QAAQ,CAAC;AACvB,cAAc,UAAU,CAAC;AACzB,cAAc,SAAS,CAAC"}
|
|
@@ -4,3 +4,4 @@ export declare const serviceUriTemplate: (appName: string) => string;
|
|
|
4
4
|
export declare const serviceTemplate: (appName: string, enableApiGatewayAuth?: boolean) => string;
|
|
5
5
|
export declare const routeUriTemplate: (appName: string) => string;
|
|
6
6
|
export declare const routeTemplate: (appName: string, domains: string[], apiVersion: string, build: string, version: string) => string;
|
|
7
|
+
//# sourceMappingURL=ApisixTemplate.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"ApisixTemplate.d.ts","sourceRoot":"","sources":["../../../../src/libs/apisix/ApisixTemplate.ts"],"names":[],"mappings":"AAiGA,eAAO,MAAM,mBAAmB,GAAI,SAAS,MAAM,KAAG,MAErD,CAAC;AA+BF,eAAO,MAAM,gBAAgB,GAAI,SAAS,MAAM,EAAE,SAAS,MAAM,EAAE,MAAM,MAAM,KAAG,MAgDjF,CAAC;AAgBF,eAAO,MAAM,kBAAkB,GAAI,SAAS,MAAM,KAAG,MAEpD,CAAC;AAgCF,eAAO,MAAM,eAAe,GAAI,SAAS,MAAM,EAAE,8BAA4B,KAAG,MAkC/E,CAAC;AAgBF,eAAO,MAAM,gBAAgB,GAAI,SAAS,MAAM,KAAG,MAElD,CAAC;AAuCF,eAAO,MAAM,aAAa,GACxB,SAAS,MAAM,EACf,SAAS,MAAM,EAAE,EACjB,YAAY,MAAM,EAClB,OAAO,MAAM,EACb,SAAS,MAAM,KACd,MAyBF,CAAC"}
|
|
@@ -2,87 +2,133 @@
|
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.routeTemplate = exports.routeUriTemplate = exports.serviceTemplate = exports.serviceUriTemplate = exports.upstreamTemplate = exports.upstreamUriTemplate = void 0;
|
|
4
4
|
const crypto_1 = require("../../utils/crypto");
|
|
5
|
-
const
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
5
|
+
const APISIX_CONFIG = {
|
|
6
|
+
ADMIN_BASE_PATH: '/apisix/admin',
|
|
7
|
+
UPSTREAM: {
|
|
8
|
+
TYPE: 'roundrobin',
|
|
9
|
+
NODE_WEIGHT: 1,
|
|
10
|
+
RETRIES: 1,
|
|
11
|
+
TIMEOUT_CONNECT: 500,
|
|
12
|
+
TIMEOUT_SEND: 500,
|
|
13
|
+
TIMEOUT_READ: 500,
|
|
14
|
+
ENABLE_WEBSOCKET: true,
|
|
12
15
|
},
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
16
|
+
HEALTH_CHECK: {
|
|
17
|
+
ACTIVE_TIMEOUT: 5,
|
|
18
|
+
HEALTHY_INTERVAL: 2,
|
|
19
|
+
HEALTHY_SUCCESSES: 1,
|
|
20
|
+
UNHEALTHY_INTERVAL: 1,
|
|
21
|
+
UNHEALTHY_HTTP_FAILURES: 2,
|
|
22
|
+
PASSIVE_HEALTHY_STATUSES: [200, 201],
|
|
23
|
+
PASSIVE_HEALTHY_SUCCESSES: 3,
|
|
24
|
+
PASSIVE_UNHEALTHY_STATUSES: [500],
|
|
25
|
+
PASSIVE_UNHEALTHY_HTTP_FAILURES: 3,
|
|
26
|
+
PASSIVE_UNHEALTHY_TCP_FAILURES: 3,
|
|
18
27
|
},
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
28
|
+
RATE_LIMIT: {
|
|
29
|
+
COUNT: 200,
|
|
30
|
+
TIME_WINDOW: 10,
|
|
31
|
+
REJECTED_CODE: 503,
|
|
32
|
+
KEY: 'remote_addr',
|
|
33
|
+
},
|
|
34
|
+
};
|
|
35
|
+
const generateResourceId = (resourceType, appName) => {
|
|
36
|
+
return crypto_1.crypto.md5(`${resourceType}_${appName}`);
|
|
37
|
+
};
|
|
38
|
+
const upstreamUriTemplate = (appName) => {
|
|
39
|
+
return `${APISIX_CONFIG.ADMIN_BASE_PATH}/upstreams/${generateResourceId('upstream', appName)}`;
|
|
40
|
+
};
|
|
41
|
+
exports.upstreamUriTemplate = upstreamUriTemplate;
|
|
42
|
+
const upstreamTemplate = (appName, version, port) => {
|
|
43
|
+
const config = {
|
|
44
|
+
name: appName,
|
|
45
|
+
type: APISIX_CONFIG.UPSTREAM.TYPE,
|
|
46
|
+
nodes: {
|
|
47
|
+
[`${appName}:${port}`]: APISIX_CONFIG.UPSTREAM.NODE_WEIGHT,
|
|
48
|
+
},
|
|
49
|
+
retries: APISIX_CONFIG.UPSTREAM.RETRIES,
|
|
50
|
+
timeout: {
|
|
51
|
+
connect: APISIX_CONFIG.UPSTREAM.TIMEOUT_CONNECT,
|
|
52
|
+
send: APISIX_CONFIG.UPSTREAM.TIMEOUT_SEND,
|
|
53
|
+
read: APISIX_CONFIG.UPSTREAM.TIMEOUT_READ,
|
|
34
54
|
},
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
55
|
+
enable_websocket: APISIX_CONFIG.UPSTREAM.ENABLE_WEBSOCKET,
|
|
56
|
+
checks: {
|
|
57
|
+
active: {
|
|
58
|
+
timeout: APISIX_CONFIG.HEALTH_CHECK.ACTIVE_TIMEOUT,
|
|
59
|
+
http_path: `/api/v${version}/${appName}/_healthcheck`,
|
|
60
|
+
host: appName,
|
|
61
|
+
port,
|
|
62
|
+
healthy: {
|
|
63
|
+
interval: APISIX_CONFIG.HEALTH_CHECK.HEALTHY_INTERVAL,
|
|
64
|
+
successes: APISIX_CONFIG.HEALTH_CHECK.HEALTHY_SUCCESSES,
|
|
65
|
+
},
|
|
66
|
+
unhealthy: {
|
|
67
|
+
interval: APISIX_CONFIG.HEALTH_CHECK.UNHEALTHY_INTERVAL,
|
|
68
|
+
http_failures: APISIX_CONFIG.HEALTH_CHECK.UNHEALTHY_HTTP_FAILURES,
|
|
69
|
+
},
|
|
42
70
|
},
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
}
|
|
71
|
+
passive: {
|
|
72
|
+
healthy: {
|
|
73
|
+
http_statuses: APISIX_CONFIG.HEALTH_CHECK.PASSIVE_HEALTHY_STATUSES,
|
|
74
|
+
successes: APISIX_CONFIG.HEALTH_CHECK.PASSIVE_HEALTHY_SUCCESSES,
|
|
75
|
+
},
|
|
76
|
+
unhealthy: {
|
|
77
|
+
http_statuses: APISIX_CONFIG.HEALTH_CHECK.PASSIVE_UNHEALTHY_STATUSES,
|
|
78
|
+
http_failures: APISIX_CONFIG.HEALTH_CHECK.PASSIVE_UNHEALTHY_HTTP_FAILURES,
|
|
79
|
+
tcp_failures: APISIX_CONFIG.HEALTH_CHECK.PASSIVE_UNHEALTHY_TCP_FAILURES,
|
|
80
|
+
},
|
|
81
|
+
},
|
|
82
|
+
},
|
|
83
|
+
};
|
|
84
|
+
return JSON.stringify(config, null, 2);
|
|
85
|
+
};
|
|
53
86
|
exports.upstreamTemplate = upstreamTemplate;
|
|
54
|
-
const serviceUriTemplate = (appName) =>
|
|
87
|
+
const serviceUriTemplate = (appName) => {
|
|
88
|
+
return `${APISIX_CONFIG.ADMIN_BASE_PATH}/services/${generateResourceId('service', appName)}`;
|
|
89
|
+
};
|
|
55
90
|
exports.serviceUriTemplate = serviceUriTemplate;
|
|
56
|
-
const serviceTemplate = (appName, enableApiGatewayAuth = false) =>
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
91
|
+
const serviceTemplate = (appName, enableApiGatewayAuth = false) => {
|
|
92
|
+
const plugins = {
|
|
93
|
+
prometheus: {},
|
|
94
|
+
cors: {},
|
|
95
|
+
};
|
|
96
|
+
if (enableApiGatewayAuth) {
|
|
97
|
+
plugins['fot-usercenter-auth'] = {};
|
|
98
|
+
}
|
|
99
|
+
plugins['limit-count'] = {
|
|
100
|
+
count: APISIX_CONFIG.RATE_LIMIT.COUNT,
|
|
101
|
+
time_window: APISIX_CONFIG.RATE_LIMIT.TIME_WINDOW,
|
|
102
|
+
rejected_code: APISIX_CONFIG.RATE_LIMIT.REJECTED_CODE,
|
|
103
|
+
key: APISIX_CONFIG.RATE_LIMIT.KEY,
|
|
104
|
+
};
|
|
105
|
+
const config = {
|
|
106
|
+
name: appName,
|
|
107
|
+
plugins,
|
|
108
|
+
enable_websocket: true,
|
|
109
|
+
upstream_id: generateResourceId('upstream', appName),
|
|
110
|
+
};
|
|
111
|
+
return JSON.stringify(config, null, 2);
|
|
112
|
+
};
|
|
72
113
|
exports.serviceTemplate = serviceTemplate;
|
|
73
|
-
const routeUriTemplate = (appName) =>
|
|
114
|
+
const routeUriTemplate = (appName) => {
|
|
115
|
+
return `${APISIX_CONFIG.ADMIN_BASE_PATH}/routes/${generateResourceId('route', appName)}`;
|
|
116
|
+
};
|
|
74
117
|
exports.routeUriTemplate = routeUriTemplate;
|
|
75
|
-
const routeTemplate = (appName, domains, apiVersion, build, version) =>
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
}
|
|
118
|
+
const routeTemplate = (appName, domains, apiVersion, build, version) => {
|
|
119
|
+
const config = {
|
|
120
|
+
name: appName,
|
|
121
|
+
uri: `/api/v${apiVersion}/${appName}/*`,
|
|
122
|
+
hosts: domains,
|
|
123
|
+
enable_websocket: true,
|
|
124
|
+
service_id: generateResourceId('service', appName),
|
|
125
|
+
labels: {
|
|
126
|
+
API_VERSION: `v${apiVersion}`,
|
|
127
|
+
build,
|
|
128
|
+
version,
|
|
129
|
+
},
|
|
130
|
+
};
|
|
131
|
+
return JSON.stringify(config, null, 2);
|
|
132
|
+
};
|
|
87
133
|
exports.routeTemplate = routeTemplate;
|
|
88
134
|
//# sourceMappingURL=ApisixTemplate.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ApisixTemplate.js","sourceRoot":"","sources":["../../../../src/libs/apisix/ApisixTemplate.ts"],"names":[],"mappings":";;;AAAA,+CAA4C;
|
|
1
|
+
{"version":3,"file":"ApisixTemplate.js","sourceRoot":"","sources":["../../../../src/libs/apisix/ApisixTemplate.ts"],"names":[],"mappings":";;;AAAA,+CAA4C;AAM5C,MAAM,aAAa,GAAG;IAEpB,eAAe,EAAE,eAAe;IAGhC,QAAQ,EAAE;QAER,IAAI,EAAE,YAAY;QAElB,WAAW,EAAE,CAAC;QAEd,OAAO,EAAE,CAAC;QAEV,eAAe,EAAE,GAAG;QAEpB,YAAY,EAAE,GAAG;QAEjB,YAAY,EAAE,GAAG;QAEjB,gBAAgB,EAAE,IAAI;KACvB;IAGD,YAAY,EAAE;QAEZ,cAAc,EAAE,CAAC;QAEjB,gBAAgB,EAAE,CAAC;QAEnB,iBAAiB,EAAE,CAAC;QAEpB,kBAAkB,EAAE,CAAC;QAErB,uBAAuB,EAAE,CAAC;QAE1B,wBAAwB,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC;QAEpC,yBAAyB,EAAE,CAAC;QAE5B,0BAA0B,EAAE,CAAC,GAAG,CAAC;QAEjC,+BAA+B,EAAE,CAAC;QAElC,8BAA8B,EAAE,CAAC;KAClC;IAGD,UAAU,EAAE;QAEV,KAAK,EAAE,GAAG;QAEV,WAAW,EAAE,EAAE;QAEf,aAAa,EAAE,GAAG;QAElB,GAAG,EAAE,aAAa;KACnB;CACO,CAAC;AAUX,MAAM,kBAAkB,GAAG,CAAC,YAA8C,EAAE,OAAe,EAAU,EAAE;IACrG,OAAO,eAAM,CAAC,GAAG,CAAC,GAAG,YAAY,IAAI,OAAO,EAAE,CAAC,CAAC;AAClD,CAAC,CAAC;AAsBK,MAAM,mBAAmB,GAAG,CAAC,OAAe,EAAU,EAAE;IAC7D,OAAO,GAAG,aAAa,CAAC,eAAe,cAAc,kBAAkB,CAAC,UAAU,EAAE,OAAO,CAAC,EAAE,CAAC;AACjG,CAAC,CAAC;AAFW,QAAA,mBAAmB,uBAE9B;AA+BK,MAAM,gBAAgB,GAAG,CAAC,OAAe,EAAE,OAAe,EAAE,IAAY,EAAU,EAAE;IACzF,MAAM,MAAM,GAAG;QACb,IAAI,EAAE,OAAO;QACb,IAAI,EAAE,aAAa,CAAC,QAAQ,CAAC,IAAI;QACjC,KAAK,EAAE;YACL,CAAC,GAAG,OAAO,IAAI,IAAI,EAAE,CAAC,EAAE,aAAa,CAAC,QAAQ,CAAC,WAAW;SAC3D;QACD,OAAO,EAAE,aAAa,CAAC,QAAQ,CAAC,OAAO;QACvC,OAAO,EAAE;YACP,OAAO,EAAE,aAAa,CAAC,QAAQ,CAAC,eAAe;YAC/C,IAAI,EAAE,aAAa,CAAC,QAAQ,CAAC,YAAY;YACzC,IAAI,EAAE,aAAa,CAAC,QAAQ,CAAC,YAAY;SAC1C;QACD,gBAAgB,EAAE,aAAa,CAAC,QAAQ,CAAC,gBAAgB;QACzD,MAAM,EAAE;YAGN,MAAM,EAAE;gBACN,OAAO,EAAE,aAAa,CAAC,YAAY,CAAC,cAAc;gBAClD,SAAS,EAAE,SAAS,OAAO,IAAI,OAAO,eAAe;gBACrD,IAAI,EAAE,OAAO;gBACb,IAAI;gBACJ,OAAO,EAAE;oBACP,QAAQ,EAAE,aAAa,CAAC,YAAY,CAAC,gBAAgB;oBACrD,SAAS,EAAE,aAAa,CAAC,YAAY,CAAC,iBAAiB;iBACxD;gBACD,SAAS,EAAE;oBACT,QAAQ,EAAE,aAAa,CAAC,YAAY,CAAC,kBAAkB;oBACvD,aAAa,EAAE,aAAa,CAAC,YAAY,CAAC,uBAAuB;iBAClE;aACF;YAGD,OAAO,EAAE;gBACP,OAAO,EAAE;oBACP,aAAa,EAAE,aAAa,CAAC,YAAY,CAAC,wBAAwB;oBAClE,SAAS,EAAE,aAAa,CAAC,YAAY,CAAC,yBAAyB;iBAChE;gBACD,SAAS,EAAE;oBACT,aAAa,EAAE,aAAa,CAAC,YAAY,CAAC,0BAA0B;oBACpE,aAAa,EAAE,aAAa,CAAC,YAAY,CAAC,+BAA+B;oBACzE,YAAY,EAAE,aAAa,CAAC,YAAY,CAAC,8BAA8B;iBACxE;aACF;SACF;KACF,CAAC;IAEF,OAAO,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;AACzC,CAAC,CAAC;AAhDW,QAAA,gBAAgB,oBAgD3B;AAgBK,MAAM,kBAAkB,GAAG,CAAC,OAAe,EAAU,EAAE;IAC5D,OAAO,GAAG,aAAa,CAAC,eAAe,aAAa,kBAAkB,CAAC,SAAS,EAAE,OAAO,CAAC,EAAE,CAAC;AAC/F,CAAC,CAAC;AAFW,QAAA,kBAAkB,sBAE7B;AAgCK,MAAM,eAAe,GAAG,CAAC,OAAe,EAAE,oBAAoB,GAAG,KAAK,EAAU,EAAE;IACvF,MAAM,OAAO,GAAwB;QAGnC,UAAU,EAAE,EAAE;QAId,IAAI,EAAE,EAAE;KACT,CAAC;IAIF,IAAI,oBAAoB,EAAE,CAAC;QACzB,OAAO,CAAC,qBAAqB,CAAC,GAAG,EAAE,CAAC;IACtC,CAAC;IAID,OAAO,CAAC,aAAa,CAAC,GAAG;QACvB,KAAK,EAAE,aAAa,CAAC,UAAU,CAAC,KAAK;QACrC,WAAW,EAAE,aAAa,CAAC,UAAU,CAAC,WAAW;QACjD,aAAa,EAAE,aAAa,CAAC,UAAU,CAAC,aAAa;QACrD,GAAG,EAAE,aAAa,CAAC,UAAU,CAAC,GAAG;KAClC,CAAC;IAEF,MAAM,MAAM,GAAG;QACb,IAAI,EAAE,OAAO;QACb,OAAO;QACP,gBAAgB,EAAE,IAAI;QACtB,WAAW,EAAE,kBAAkB,CAAC,UAAU,EAAE,OAAO,CAAC;KACrD,CAAC;IAEF,OAAO,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;AACzC,CAAC,CAAC;AAlCW,QAAA,eAAe,mBAkC1B;AAgBK,MAAM,gBAAgB,GAAG,CAAC,OAAe,EAAU,EAAE;IAC1D,OAAO,GAAG,aAAa,CAAC,eAAe,WAAW,kBAAkB,CAAC,OAAO,EAAE,OAAO,CAAC,EAAE,CAAC;AAC3F,CAAC,CAAC;AAFW,QAAA,gBAAgB,oBAE3B;AAuCK,MAAM,aAAa,GAAG,CAC3B,OAAe,EACf,OAAiB,EACjB,UAAkB,EAClB,KAAa,EACb,OAAe,EACP,EAAE;IACV,MAAM,MAAM,GAAG;QACb,IAAI,EAAE,OAAO;QAGb,GAAG,EAAE,SAAS,UAAU,IAAI,OAAO,IAAI;QAGvC,KAAK,EAAE,OAAO;QAGd,gBAAgB,EAAE,IAAI;QAGtB,UAAU,EAAE,kBAAkB,CAAC,SAAS,EAAE,OAAO,CAAC;QAGlD,MAAM,EAAE;YACN,WAAW,EAAE,IAAI,UAAU,EAAE;YAC7B,KAAK;YACL,OAAO;SACR;KACF,CAAC;IAEF,OAAO,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;AACzC,CAAC,CAAC;AA/BW,QAAA,aAAa,iBA+BxB"}
|
|
@@ -1 +1,11 @@
|
|
|
1
|
-
export
|
|
1
|
+
export interface HttpPutOptions {
|
|
2
|
+
hostname: string;
|
|
3
|
+
port: number;
|
|
4
|
+
path: string;
|
|
5
|
+
data: string;
|
|
6
|
+
xApiKey: string;
|
|
7
|
+
log?: boolean;
|
|
8
|
+
}
|
|
9
|
+
export declare function httpPut(options: HttpPutOptions): Promise<number>;
|
|
10
|
+
export declare function httpPut(hostname: string, port: number, path: string, data: string, xApiKey: string, log?: boolean): Promise<number>;
|
|
11
|
+
//# sourceMappingURL=HttpPutter.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"HttpPutter.d.ts","sourceRoot":"","sources":["../../../../src/libs/apisix/HttpPutter.ts"],"names":[],"mappings":"AAMA,MAAM,WAAW,cAAc;IAE7B,QAAQ,EAAE,MAAM,CAAC;IAEjB,IAAI,EAAE,MAAM,CAAC;IAEb,IAAI,EAAE,MAAM,CAAC;IAEb,IAAI,EAAE,MAAM,CAAC;IAEb,OAAO,EAAE,MAAM,CAAC;IAEhB,GAAG,CAAC,EAAE,OAAO,CAAC;CACf;AAiDD,wBAAgB,OAAO,CAAC,OAAO,EAAE,cAAc,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;AAiClE,wBAAgB,OAAO,CACrB,QAAQ,EAAE,MAAM,EAChB,IAAI,EAAE,MAAM,EACZ,IAAI,EAAE,MAAM,EACZ,IAAI,EAAE,MAAM,EACZ,OAAO,EAAE,MAAM,EACf,GAAG,CAAC,EAAE,OAAO,GACZ,OAAO,CAAC,MAAM,CAAC,CAAC"}
|
|
@@ -1,51 +1,64 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
-
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
3
|
-
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
4
|
-
return new (P || (P = Promise))(function (resolve, reject) {
|
|
5
|
-
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
6
|
-
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
7
|
-
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
8
|
-
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
9
|
-
});
|
|
10
|
-
};
|
|
11
2
|
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
12
3
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
13
4
|
};
|
|
14
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
15
|
-
exports.httpPut =
|
|
6
|
+
exports.httpPut = httpPut;
|
|
16
7
|
const http_1 = __importDefault(require("http"));
|
|
17
|
-
const
|
|
8
|
+
const DEFAULT_CONFIG = {
|
|
9
|
+
DEFAULT_STATUS_CODE: 200,
|
|
10
|
+
DEFAULT_ERROR_STATUS_CODE: 500,
|
|
11
|
+
CONTENT_TYPE: 'application/json',
|
|
12
|
+
};
|
|
13
|
+
function httpPut(optionsOrHostname, port, path, data, xApiKey, log) {
|
|
14
|
+
let options;
|
|
15
|
+
if (typeof optionsOrHostname === 'string') {
|
|
16
|
+
options = {
|
|
17
|
+
hostname: optionsOrHostname,
|
|
18
|
+
port: port,
|
|
19
|
+
path: path,
|
|
20
|
+
data: data,
|
|
21
|
+
xApiKey: xApiKey,
|
|
22
|
+
log: log ?? false,
|
|
23
|
+
};
|
|
24
|
+
}
|
|
25
|
+
else {
|
|
26
|
+
options = optionsOrHostname;
|
|
27
|
+
}
|
|
28
|
+
const { hostname, port: targetPort, path: requestPath, data: requestData, xApiKey: apiKey, log: enableLog = false } = options;
|
|
18
29
|
return new Promise((resolve, reject) => {
|
|
19
|
-
const
|
|
30
|
+
const requestOptions = {
|
|
20
31
|
hostname,
|
|
21
|
-
port,
|
|
22
|
-
path,
|
|
32
|
+
port: targetPort,
|
|
33
|
+
path: requestPath,
|
|
23
34
|
method: 'PUT',
|
|
24
35
|
headers: {
|
|
25
|
-
'X-API-KEY':
|
|
26
|
-
'Content-Type':
|
|
27
|
-
'Content-Length':
|
|
36
|
+
'X-API-KEY': apiKey,
|
|
37
|
+
'Content-Type': DEFAULT_CONFIG.CONTENT_TYPE,
|
|
38
|
+
'Content-Length': Buffer.byteLength(requestData),
|
|
28
39
|
},
|
|
29
40
|
};
|
|
30
|
-
let statusCode =
|
|
31
|
-
const req = http_1.default.request(
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
process.stdout.write(d);
|
|
41
|
+
let statusCode = DEFAULT_CONFIG.DEFAULT_STATUS_CODE;
|
|
42
|
+
const req = http_1.default.request(requestOptions, (res) => {
|
|
43
|
+
statusCode = res.statusCode ?? DEFAULT_CONFIG.DEFAULT_ERROR_STATUS_CODE;
|
|
44
|
+
if (enableLog) {
|
|
45
|
+
console.log(`[HTTP PUT] ${requestPath} - Status: ${statusCode}`);
|
|
46
|
+
res.on('data', (chunk) => {
|
|
47
|
+
process.stdout.write(chunk);
|
|
38
48
|
});
|
|
39
49
|
}
|
|
50
|
+
res.on('end', () => {
|
|
51
|
+
resolve(statusCode);
|
|
52
|
+
});
|
|
40
53
|
});
|
|
41
54
|
req.on('error', (error) => {
|
|
55
|
+
if (enableLog) {
|
|
56
|
+
console.error(`[HTTP PUT Error] ${requestPath}:`, error.message);
|
|
57
|
+
}
|
|
42
58
|
reject(error);
|
|
43
59
|
});
|
|
44
|
-
req.write(
|
|
45
|
-
req.end(
|
|
46
|
-
resolve(statusCode);
|
|
47
|
-
});
|
|
60
|
+
req.write(requestData);
|
|
61
|
+
req.end();
|
|
48
62
|
});
|
|
49
|
-
}
|
|
50
|
-
exports.httpPut = httpPut;
|
|
63
|
+
}
|
|
51
64
|
//# sourceMappingURL=HttpPutter.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"HttpPutter.js","sourceRoot":"","sources":["../../../../src/libs/apisix/HttpPutter.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"HttpPutter.js","sourceRoot":"","sources":["../../../../src/libs/apisix/HttpPutter.ts"],"names":[],"mappings":";;;;;AAmHA,0BA2FC;AA9MD,gDAAwB;AAyBxB,MAAM,cAAc,GAAG;IAErB,mBAAmB,EAAE,GAAG;IAExB,yBAAyB,EAAE,GAAG;IAE9B,YAAY,EAAE,kBAAkB;CACxB,CAAC;AAmFX,SAAgB,OAAO,CACrB,iBAA0C,EAC1C,IAAa,EACb,IAAa,EACb,IAAa,EACb,OAAgB,EAChB,GAAa;IAIb,IAAI,OAAuB,CAAC;IAE5B,IAAI,OAAO,iBAAiB,KAAK,QAAQ,EAAE,CAAC;QAG1C,OAAO,GAAG;YACR,QAAQ,EAAE,iBAAiB;YAC3B,IAAI,EAAE,IAAK;YACX,IAAI,EAAE,IAAK;YACX,IAAI,EAAE,IAAK;YACX,OAAO,EAAE,OAAQ;YACjB,GAAG,EAAE,GAAG,IAAI,KAAK;SAClB,CAAC;IACJ,CAAC;SAAM,CAAC;QAGN,OAAO,GAAG,iBAAiB,CAAC;IAC9B,CAAC;IAED,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,WAAW,EAAE,IAAI,EAAE,WAAW,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,SAAS,GAAG,KAAK,EAAE,GAAG,OAAO,CAAC;IAE9H,OAAO,IAAI,OAAO,CAAS,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QAG7C,MAAM,cAAc,GAAwB;YAC1C,QAAQ;YACR,IAAI,EAAE,UAAU;YAChB,IAAI,EAAE,WAAW;YACjB,MAAM,EAAE,KAAK;YACb,OAAO,EAAE;gBACP,WAAW,EAAE,MAAM;gBACnB,cAAc,EAAE,cAAc,CAAC,YAAY;gBAC3C,gBAAgB,EAAE,MAAM,CAAC,UAAU,CAAC,WAAW,CAAC;aACjD;SACF,CAAC;QAIF,IAAI,UAAU,GAAW,cAAc,CAAC,mBAAmB,CAAC;QAI5D,MAAM,GAAG,GAAG,cAAI,CAAC,OAAO,CAAC,cAAc,EAAE,CAAC,GAAG,EAAE,EAAE;YAC/C,UAAU,GAAG,GAAG,CAAC,UAAU,IAAI,cAAc,CAAC,yBAAyB,CAAC;YAIxE,IAAI,SAAS,EAAE,CAAC;gBACd,OAAO,CAAC,GAAG,CAAC,cAAc,WAAW,cAAc,UAAU,EAAE,CAAC,CAAC;gBAIjE,GAAG,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE;oBACvB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;gBAC9B,CAAC,CAAC,CAAC;YACL,CAAC;YAID,GAAG,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE;gBACjB,OAAO,CAAC,UAAU,CAAC,CAAC;YACtB,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAIH,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE;YACxB,IAAI,SAAS,EAAE,CAAC;gBACd,OAAO,CAAC,KAAK,CAAC,oBAAoB,WAAW,GAAG,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;YACnE,CAAC;YACD,MAAM,CAAC,KAAK,CAAC,CAAC;QAChB,CAAC,CAAC,CAAC;QAIH,GAAG,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QAIvB,GAAG,CAAC,GAAG,EAAE,CAAC;IACZ,CAAC,CAAC,CAAC;AACL,CAAC"}
|