@sanlam-fintech-digital/mfe-platform-cli 0.2.7 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/dist/nuget/manager.js +1 -3
  2. package/dist/types/config.d.ts +6 -6
  3. package/dist/types/config.js +37 -1
  4. package/package.json +1 -1
package/dist/nuget/manager.js CHANGED
@@ -103,9 +103,7 @@ async function addNuGetFeeds(feeds, tokenMap, configPath) {
103
103
  // Add credentials if token provided
104
104
  const token = tokenMap?.get(feed.url);
105
105
  if (token) {
106
- // Normalize credential key (replace invalid XML chars)
107
- const credKey = sourceName.replace(/[^a-zA-Z0-9_]/g, '_');
108
- credentials[credKey] = {
106
+ credentials[sourceName] = {
109
107
  add: [
110
108
  { '@_key': 'Username', '@_value': 'PersonalAccessToken' },
111
109
  { '@_key': 'ClearTextPassword', '@_value': token }
package/dist/types/config.d.ts CHANGED
@@ -12,7 +12,7 @@ export type FeedType = z.infer<typeof FeedTypeSchema>;
12
12
  */
13
13
  declare const RegistryEntrySchema: z.ZodObject<{
14
14
  scope: z.ZodString;
15
- url: z.ZodURL;
15
+ url: z.ZodPipe<z.ZodURL, z.ZodTransform<string, string>>;
16
16
  feedType: z.ZodOptional<z.ZodDefault<z.ZodEnum<{
17
17
  npm: "npm";
18
18
  nuget: "nuget";
@@ -27,7 +27,7 @@ declare const AuthGroupSchema: z.ZodUnion<readonly [z.ZodObject<{
27
27
  tenantId: z.ZodString;
28
28
  registries: z.ZodArray<z.ZodObject<{
29
29
  scope: z.ZodString;
30
- url: z.ZodURL;
30
+ url: z.ZodPipe<z.ZodURL, z.ZodTransform<string, string>>;
31
31
  feedType: z.ZodOptional<z.ZodDefault<z.ZodEnum<{
32
32
  npm: "npm";
33
33
  nuget: "nuget";
@@ -40,7 +40,7 @@ declare const AuthGroupSchema: z.ZodUnion<readonly [z.ZodObject<{
40
40
  tenantId: z.ZodOptional<z.ZodNever>;
41
41
  registries: z.ZodArray<z.ZodObject<{
42
42
  scope: z.ZodString;
43
- url: z.ZodURL;
43
+ url: z.ZodPipe<z.ZodURL, z.ZodTransform<string, string>>;
44
44
  feedType: z.ZodOptional<z.ZodDefault<z.ZodEnum<{
45
45
  npm: "npm";
46
46
  nuget: "nuget";
@@ -58,7 +58,7 @@ export declare const RegistryConfigSchema: z.ZodObject<{
58
58
  tenantId: z.ZodString;
59
59
  registries: z.ZodArray<z.ZodObject<{
60
60
  scope: z.ZodString;
61
- url: z.ZodURL;
61
+ url: z.ZodPipe<z.ZodURL, z.ZodTransform<string, string>>;
62
62
  feedType: z.ZodOptional<z.ZodDefault<z.ZodEnum<{
63
63
  npm: "npm";
64
64
  nuget: "nuget";
@@ -71,7 +71,7 @@ export declare const RegistryConfigSchema: z.ZodObject<{
71
71
  tenantId: z.ZodOptional<z.ZodNever>;
72
72
  registries: z.ZodArray<z.ZodObject<{
73
73
  scope: z.ZodString;
74
- url: z.ZodURL;
74
+ url: z.ZodPipe<z.ZodURL, z.ZodTransform<string, string>>;
75
75
  feedType: z.ZodOptional<z.ZodDefault<z.ZodEnum<{
76
76
  npm: "npm";
77
77
  nuget: "nuget";
@@ -80,7 +80,7 @@ export declare const RegistryConfigSchema: z.ZodObject<{
80
80
  }, z.core.$strip>]>>>;
81
81
  registries: z.ZodOptional<z.ZodArray<z.ZodObject<{
82
82
  scope: z.ZodString;
83
- url: z.ZodURL;
83
+ url: z.ZodPipe<z.ZodURL, z.ZodTransform<string, string>>;
84
84
  feedType: z.ZodOptional<z.ZodDefault<z.ZodEnum<{
85
85
  npm: "npm";
86
86
  nuget: "nuget";
package/dist/types/config.js CHANGED
@@ -6,13 +6,49 @@ const zod_1 = require("zod");
6
6
  * Package feed type
7
7
  */
8
8
  const FeedTypeSchema = zod_1.z.enum(['npm', 'nuget']).default('npm');
9
+ /**
10
+ * Validates if a string is a valid XML element name.
11
+ * XML 1.0 specification (https://www.w3.org/TR/xml/#NT-Name):
12
+ * - Must start with a letter (A-Z, a-z) or underscore (_)
13
+ * - Can contain letters, digits, hyphens (-), underscores (_), and periods (.)
14
+ * - Cannot start with "xml" (case-insensitive)
15
+ * - Cannot contain spaces or special characters like @, $, %, etc.
16
+ */
17
+ function isValidXmlElementName(name) {
18
+ // Empty string is invalid
19
+ if (!name)
20
+ return false;
21
+ // Must start with letter or underscore (not digit, hyphen, or period)
22
+ if (!/^[A-Za-z_]/.test(name))
23
+ return false;
24
+ // Can only contain letters, digits, hyphens, underscores, and periods
25
+ if (!/^[A-Za-z_][A-Za-z0-9._-]*$/.test(name))
26
+ return false;
27
+ // Cannot start with "xml" (case-insensitive)
28
+ if (/^xml/i.test(name))
29
+ return false;
30
+ return true;
31
+ }
9
32
  /**
10
33
  * Individual registry entry (npm or NuGet feed)
11
34
  */
12
35
  const RegistryEntrySchema = zod_1.z.object({
13
36
  scope: zod_1.z.string().describe('npm scope (e.g., "@org/package") or NuGet source name'),
14
- url: zod_1.z.url().describe('Registry/Feed URL (Azure DevOps, GitHub, or public)'),
37
+ url: zod_1.z.url().describe('Registry/Feed URL (Azure DevOps, GitHub, or public)').transform((url) => url.replace(/\/+$/, '')),
15
38
  feedType: FeedTypeSchema.optional().describe('Package feed type (defaults to npm for backward compatibility)'),
39
+ }).superRefine((data, ctx) => {
40
+ // For NuGet feeds, the scope becomes an XML element name in NuGet.Config
41
+ // Validate it meets XML element name requirements
42
+ const feedType = data.feedType || 'npm';
43
+ if (feedType === 'nuget' && !isValidXmlElementName(data.scope)) {
44
+ ctx.addIssue({
45
+ code: zod_1.z.ZodIssueCode.custom,
46
+ message: `NuGet source name "${data.scope}" is not a valid XML element name. ` +
47
+ `It must start with a letter or underscore, contain only letters, digits, hyphens, underscores, and periods, ` +
48
+ `and cannot start with "xml" (case-insensitive).`,
49
+ path: ['scope'],
50
+ });
51
+ }
16
52
  });
17
53
  /**
18
54
  * Azure DevOps auth group (requires tenantId)
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@sanlam-fintech-digital/mfe-platform-cli",
3
- "version": "0.2.7",
3
+ "version": "0.3.0",
4
4
  "description": "Bootstrapping and orchestration CLI for the Sanlam Fintech Digital platform",
5
5
  "main": "dist/index.js",
6
6
  "bin": {