npm - @strapi/core - Versions diffs - 0.0.0-experimental.d23c1d5b0e45dd06ef09977f526c85468be05403 → 0.0.0-experimental.d325780feab1caf1b9e4423588eb1cc73b74c376 - Mend

@strapi/core 0.0.0-experimental.d23c1d5b0e45dd06ef09977f526c85468be05403 → 0.0.0-experimental.d325780feab1caf1b9e4423588eb1cc73b74c376

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of @strapi/core might be problematic. Click here for more details.

Files changed (521) hide show

package/dist/middlewares/body.mjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"body.mjs","sources":["../../src/middlewares/body.ts"],"sourcesContent":["import fse from 'fs-extra';\nimport { defaultsDeep } from 'lodash/fp';\nimport body, { KoaBodyMiddlewareOptions } from 'koa-body';\nimport mime from 'mime-types';\nimport type Koa from 'koa';\nimport type { Core } from '@strapi/types';\n\nexport type Config = KoaBodyMiddlewareOptions;\n\nconst defaults = {\n multipart: true,\n patchKoa: true,\n};\n\nfunction ensureFileMimeType(file: any): void {\n if (!file.type) {\n file.type = mime.lookup(file.name) \|\| 'application/octet-stream';\n }\n}\n\nfunction getFiles(ctx: Koa.Context) {\n return ctx?.request?.files?.files;\n}\n\nconst bodyMiddleware: Core.MiddlewareFactory<Config> = (config, { strapi }) => {\n const bodyConfig: Config = defaultsDeep(defaults, config);\n\n let gqlEndpoint: string \| undefined;\n if (strapi.plugin('graphql')) {\n const { config: gqlConfig } = strapi.plugin('graphql');\n gqlEndpoint = gqlConfig('endpoint');\n }\n\n return async (ctx, next) => {\n // TODO: find a better way later\n if (gqlEndpoint && ctx.url === gqlEndpoint) {\n await next();\n } else {\n try {\n await body(bodyConfig)(ctx, async () => {});\n\n const files = getFiles(ctx);\n\n /*\n in case the mime-type wasn't sent, Strapi tries to guess it\n * from the file extension, to avoid a corrupt database state\n */\n if (files) {\n if (Array.isArray(files)) {\n files.forEach(ensureFileMimeType);\n } else {\n ensureFileMimeType(files);\n }\n }\n\n await next();\n } catch (error) {\n if (\n error instanceof Error &&\n error.message &&\n error.message.includes('maxFileSize exceeded')\n ) {\n return ctx.payloadTooLarge('FileTooBig');\n }\n\n throw error;\n }\n }\n\n const files = getFiles(ctx);\n\n // clean any file that was uploaded\n if (files) {\n if (Array.isArray(files)) {\n // not awaiting to not slow the request\n Promise.all(files.map((file) => fse.remove(file.filepath)));\n } else if (files && files.filepath) {\n // not awaiting to not slow the request\n fse.remove(files.filepath);\n }\n delete ctx.request.files;\n }\n };\n};\n\nexport { bodyMiddleware as body };\n"],"names":["files"],"mappings":";;;;AASA,MAAM,WAAW;AAAA,EACf,WAAW;AAAA,EACX,UAAU;AACZ;AAEA,SAAS,mBAAmB,MAAiB;AACvC,MAAA,CAAC,KAAK,MAAM;AACd,SAAK,OAAO,KAAK,OAAO,KAAK,IAAI,KAAK;AAAA,~~EACxC~~;~~AACF~~;AAEA,SAAS,SAAS,KAAkB;AAC3B,SAAA,KAAK,SAAS,OAAO;AAC9B;AAEA,MAAM,iBAAiD,CAAC,QAAQ,EAAE,aAAa;AACvE,QAAA,aAAqB,aAAa,UAAU,MAAM;AAEpD,MAAA;AACA,MAAA,OAAO,OAAO,SAAS,GAAG;AAC5B,UAAM,EAAE,QAAQ,UAAA,IAAc,OAAO,OAAO,SAAS;AACrD,kBAAc,UAAU,UAAU;AAAA,~~EACpC~~;~~AAEO~~,SAAA,OAAO,KAAK,SAAS;AAEtB,QAAA,eAAe,IAAI,QAAQ,aAAa;AAC1C,YAAM,KAAK;AAAA,IAAA,OACN;AACD,UAAA;AACF,cAAM,KAAK,UAAU,EAAE,KAAK,YAAY;AAAA,QAAA,CAAE;AAEpCA,cAAAA,SAAQ,SAAS,GAAG;AAM1B,YAAIA,QAAO;AACL,cAAA,MAAM,QAAQA,MAAK,GAAG;AACxBA,mBAAM,QAAQ,kBAAkB;AAAA,UAAA,OAC3B;AACL,+BAAmBA,MAAK;AAAA,~~UAC1B~~;AAAA,~~QACF~~;~~AAEA~~,cAAM,KAAK;AAAA,eACJ,OAAO;AAEZ,YAAA,iBAAiB,SACjB,MAAM,WACN,MAAM,QAAQ,SAAS,sBAAsB,GAC7C;AACO,iBAAA,IAAI,gBAAgB,YAAY;AAAA,~~QACzC~~;~~AAEM~~,cAAA;AAAA,~~MACR~~;AAAA,~~IACF~~;~~AAEM~~,UAAA,QAAQ,SAAS,GAAG;AAG1B,QAAI,OAAO;AACL,UAAA,MAAM,QAAQ,KAAK,GAAG;AAEhB,gBAAA,IAAI,MAAM,IAAI,CAAC,SAAS,IAAI,OAAO,KAAK,QAAQ,CAAC,CAAC;AAAA,MAAA,WACjD,SAAS,MAAM,UAAU;AAE9B,YAAA,OAAO,MAAM,QAAQ;AAAA,~~MAC3B~~;~~AACA~~,aAAO,IAAI,QAAQ;AAAA,~~IACrB~~;AAAA,~~EAAA~~;~~AAEJ~~;"}
1	+ {"version":3,"file":"body.mjs","sources":["../../src/middlewares/body.ts"],"sourcesContent":["import fse from 'fs-extra';\nimport { defaultsDeep } from 'lodash/fp';\nimport body, { KoaBodyMiddlewareOptions } from 'koa-body';\nimport mime from 'mime-types';\nimport type Koa from 'koa';\nimport type { Core } from '@strapi/types';\n\nexport type Config = KoaBodyMiddlewareOptions;\n\nconst defaults = {\n multipart: true,\n patchKoa: true,\n};\n\nfunction ensureFileMimeType(file: any): void {\n if (!file.type) {\n file.type = mime.lookup(file.name) \|\| 'application/octet-stream';\n }\n}\n\nfunction getFiles(ctx: Koa.Context) {\n return ctx?.request?.files?.files;\n}\n\nconst bodyMiddleware: Core.MiddlewareFactory<Config> = (config, { strapi }) => {\n const bodyConfig: Config = defaultsDeep(defaults, config);\n\n let gqlEndpoint: string \| undefined;\n if (strapi.plugin('graphql')) {\n const { config: gqlConfig } = strapi.plugin('graphql');\n gqlEndpoint = gqlConfig('endpoint');\n }\n\n return async (ctx, next) => {\n // TODO: find a better way later\n if (gqlEndpoint && ctx.url === gqlEndpoint) {\n await next();\n } else {\n try {\n await body(bodyConfig)(ctx, async () => {});\n\n const files = getFiles(ctx);\n\n /*\n in case the mime-type wasn't sent, Strapi tries to guess it\n * from the file extension, to avoid a corrupt database state\n */\n if (files) {\n if (Array.isArray(files)) {\n files.forEach(ensureFileMimeType);\n } else {\n ensureFileMimeType(files);\n }\n }\n\n await next();\n } catch (error) {\n if (\n error instanceof Error &&\n error.message &&\n error.message.includes('maxFileSize exceeded')\n ) {\n return ctx.payloadTooLarge('FileTooBig');\n }\n\n throw error;\n }\n }\n\n const files = getFiles(ctx);\n\n // clean any file that was uploaded\n if (files) {\n if (Array.isArray(files)) {\n // not awaiting to not slow the request\n Promise.all(files.map((file) => fse.remove(file.filepath)));\n } else if (files && files.filepath) {\n // not awaiting to not slow the request\n fse.remove(files.filepath);\n }\n delete ctx.request.files;\n }\n };\n};\n\nexport { bodyMiddleware as body };\n"],"names":["files"],"mappings":";;;;AASA,MAAM,WAAW;AAAA,EACf,WAAW;AAAA,EACX,UAAU;AACZ;AAEA,SAAS,mBAAmB,MAAiB;AACvC,MAAA,CAAC,KAAK,MAAM;AACd,SAAK,OAAO,KAAK,OAAO,KAAK,IAAI,KAAK;AAAA,EAAA;AAE1C;AAEA,SAAS,SAAS,KAAkB;AAC3B,SAAA,KAAK,SAAS,OAAO;AAC9B;AAEA,MAAM,iBAAiD,CAAC,QAAQ,EAAE,aAAa;AACvE,QAAA,aAAqB,aAAa,UAAU,MAAM;AAEpD,MAAA;AACA,MAAA,OAAO,OAAO,SAAS,GAAG;AAC5B,UAAM,EAAE,QAAQ,UAAA,IAAc,OAAO,OAAO,SAAS;AACrD,kBAAc,UAAU,UAAU;AAAA,EAAA;AAG7B,SAAA,OAAO,KAAK,SAAS;AAEtB,QAAA,eAAe,IAAI,QAAQ,aAAa;AAC1C,YAAM,KAAK;AAAA,IAAA,OACN;AACD,UAAA;AACF,cAAM,KAAK,UAAU,EAAE,KAAK,YAAY;AAAA,QAAA,CAAE;AAEpCA,cAAAA,SAAQ,SAAS,GAAG;AAM1B,YAAIA,QAAO;AACL,cAAA,MAAM,QAAQA,MAAK,GAAG;AACxBA,mBAAM,QAAQ,kBAAkB;AAAA,UAAA,OAC3B;AACL,+BAAmBA,MAAK;AAAA,UAAA;AAAA,QAC1B;AAGF,cAAM,KAAK;AAAA,eACJ,OAAO;AAEZ,YAAA,iBAAiB,SACjB,MAAM,WACN,MAAM,QAAQ,SAAS,sBAAsB,GAC7C;AACO,iBAAA,IAAI,gBAAgB,YAAY;AAAA,QAAA;AAGnC,cAAA;AAAA,MAAA;AAAA,IACR;AAGI,UAAA,QAAQ,SAAS,GAAG;AAG1B,QAAI,OAAO;AACL,UAAA,MAAM,QAAQ,KAAK,GAAG;AAEhB,gBAAA,IAAI,MAAM,IAAI,CAAC,SAAS,IAAI,OAAO,KAAK,QAAQ,CAAC,CAAC;AAAA,MAAA,WACjD,SAAS,MAAM,UAAU;AAE9B,YAAA,OAAO,MAAM,QAAQ;AAAA,MAAA;AAE3B,aAAO,IAAI,QAAQ;AAAA,IAAA;AAAA,EAEvB;AACF;"}

package/dist/middlewares/cors.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"cors.d.ts","sourceRoot":"","sources":["../../src/middlewares/cors.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,eAAe,CAAC;AAE1C,MAAM,MAAM,MAAM,GAAG;IACnB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,GAAG,KAAK,MAAM,GAAG,MAAM,EAAE,CAAC,CAAC;IAC9D,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC3B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,OAAO,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC5B,OAAO,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC5B,kBAAkB,CAAC,EAAE,OAAO,CAAC;CAC9B,CAAC;AAWF,eAAO,MAAM,IAAI,EAAE,IAAI,CAAC,iBAAiB,CAAC,MAAM,~~CA2C~~/C,CAAC"}
1	+ {"version":3,"file":"cors.d.ts","sourceRoot":"","sources":["../../src/middlewares/cors.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,eAAe,CAAC;AAE1C,MAAM,MAAM,MAAM,GAAG;IACnB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,GAAG,KAAK,MAAM,GAAG,MAAM,EAAE,CAAC,CAAC;IAC9D,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC3B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,OAAO,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC5B,OAAO,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC5B,kBAAkB,CAAC,EAAE,OAAO,CAAC;CAC9B,CAAC;AAWF,eAAO,MAAM,IAAI,EAAE,IAAI,CAAC,iBAAiB,CAAC,MAAM,CA8C/C,CAAC"}

package/dist/middlewares/cors.js CHANGED Viewed

@@ -23,21 +23,23 @@ const cors = (config) => {
   }
   return koaCors__default.default({
     async origin(ctx) {
+      if (!ctx.get("Origin")) {
+        return "*";
+      }
       let originList;
       if (typeof origin === "function") {
         originList = await origin(ctx);
       } else {
         originList = origin;
       }
-      const whitelist = Array.isArray(originList) ? originList : originList.split(/\s*,\s*/);
-      const requestOrigin = ctx.headers.origin ?? "";
-      if (whitelist.includes("*")) {
-        return credentials ? requestOrigin : "*";
+      if (Array.isArray(originList)) {
+        return originList.includes(ctx.get("Origin")) ? ctx.get("Origin") : "";
       }
-      if (!whitelist.includes(requestOrigin)) {
-        return ctx.throw(`${requestOrigin} is not a valid origin`);
+      const parsedOrigin = originList.split(",").map((origin2) => origin2.trim());
+      if (parsedOrigin.length > 1) {
+        return parsedOrigin.includes(ctx.get("Origin")) ? ctx.get("Origin") : "";
       }
-      return requestOrigin;
+      return originList;
     },
     exposeHeaders: expose,
     maxAge,

package/dist/middlewares/cors.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"cors.js","sources":["../../src/middlewares/cors.ts"],"sourcesContent":["import koaCors from '@koa/cors';\n\nimport type { Core } from '@strapi/types';\n\nexport type Config = {\n enabled?: boolean;\n origin: string \| string[] \| ((ctx: any) => string \| string[]);\n expose?: string \| string[];\n maxAge?: number;\n credentials?: boolean;\n methods?: string \| string[];\n headers?: string \| string[];\n keepHeadersOnError?: boolean;\n};\n\nconst defaults: Config = {\n origin: '',\n maxAge: 31536000,\n credentials: true,\n methods: ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'HEAD', 'OPTIONS'],\n headers: ['Content-Type', 'Authorization', 'Origin', 'Accept'],\n keepHeadersOnError: false,\n};\n\nexport const cors: Core.MiddlewareFactory<Config> = (config) => {\n const { origin, expose, maxAge, credentials, methods, headers, keepHeadersOnError } = {\n ...defaults,\n ...config,\n };\n\n if (config.enabled !== undefined) {\n strapi.log.warn(\n 'The strapi::cors middleware no longer supports the `enabled` option. Using it' +\n ' to conditionally enable CORS might cause an insecure default. To disable strapi::cors, remove it from' +\n ' the exported array in config/middleware.js'\n );\n }\n\n return koaCors({\n async origin(ctx) {\n let originList: string \| string[];\n\n if (typeof origin === 'function') {\n originList = await origin(ctx);\n } else {\n originList = origin;\n }\n\n ~~const~~ ~~whitelist =~~ Array.isArray(originList) ? originList : ~~originList~~.~~split~~(~~/\\s,\\s/~~);\n\n const ~~requestOrigin~~ = ~~ctx~~.~~headers~~.origin ?? '';\n if (~~whitelist~~.~~includes(''~~)) {\n return ~~credentials ? requestOrigin : '*';\n }\n\n if (!whitelist~~.includes(~~requestOrigin~~)) ~~{\n return~~ ctx.~~throw~~(~~`${requestOrigin}~~ is ~~not a valid origin`)~~;\n }\n return ~~requestOrigin~~;\n },\n exposeHeaders: expose,\n maxAge,\n credentials,\n allowMethods: methods,\n allowHeaders: headers,\n keepHeadersOnError,\n });\n};\n"],"names":["koaCors"],"mappings":";;;;;AAeA,MAAM,WAAmB;AAAA,EACvB,QAAQ;AAAA,EACR,QAAQ;AAAA,EACR,aAAa;AAAA,EACb,SAAS,CAAC,OAAO,QAAQ,OAAO,SAAS,UAAU,QAAQ,SAAS;AAAA,EACpE,SAAS,CAAC,gBAAgB,iBAAiB,UAAU,QAAQ;AAAA,EAC7D,oBAAoB;AACtB;AAEa,MAAA,OAAuC,CAAC,WAAW;AACxD,QAAA,EAAE,QAAQ,QAAQ,QAAQ,aAAa,SAAS,SAAS,uBAAuB;AAAA,IACpF,GAAG;AAAA,IACH,GAAG;AAAA,~~EAAA~~;~~AAGD~~,MAAA,OAAO,YAAY,QAAW;AAChC,WAAO,IAAI;AAAA,MACT;AAAA,~~IAAA~~;AAAA,~~EAIJ~~;~~AAEA~~,SAAOA,yBAAQ;AAAA,IACb,MAAM,OAAO,KAAK;~~AACZ~~,UAAA;AAEA,UAAA,OAAO,WAAW,YAAY;AACnB,qBAAA,MAAM,OAAO,GAAG;AAAA,MAAA,OACxB;AACQ,qBAAA;AAAA,~~MACf~~;~~AAEM~~,~~YAAA~~,~~YAAY,~~MAAM,QAAQ,UAAU,~~IAAI~~,~~aAAa~~,WAAW,~~MAAM,~~SAAS~~;AAE/E~~,~~YAAA~~,~~gBAAgB~~,IAAI,QAAQ,~~UAAU~~;~~AACxC~~,~~UAAA~~,~~UAAU~~,~~SAAS~~,~~GAAG~~,GAAG~~;AAC3B~~,~~eAAO~~,~~cAAc~~,~~gBAAgB;AAAA~~,~~MACvC~~;~~AAEA~~,~~UAAI~~,~~CAAC~~,~~UAAU,~~SAAS,~~aAAa,~~GAAG;~~AACtC~~,~~eAAO~~,IAAI,~~MAAM~~,~~GAAG~~,~~aAAa~~,~~wBAAwB~~;AAAA,~~MAC3D~~;~~AACO~~,aAAA;AAAA,IACT;AAAA,IACA,eAAe;AAAA,IACf;AAAA,IACA;AAAA,IACA,cAAc;AAAA,IACd,cAAc;AAAA,IACd;AAAA,EAAA,CACD;AACH;;"}
1	+ {"version":3,"file":"cors.js","sources":["../../src/middlewares/cors.ts"],"sourcesContent":["import koaCors from '@koa/cors';\n\nimport type { Core } from '@strapi/types';\n\nexport type Config = {\n enabled?: boolean;\n origin: string \| string[] \| ((ctx: any) => string \| string[]);\n expose?: string \| string[];\n maxAge?: number;\n credentials?: boolean;\n methods?: string \| string[];\n headers?: string \| string[];\n keepHeadersOnError?: boolean;\n};\n\nconst defaults: Config = {\n origin: '',\n maxAge: 31536000,\n credentials: true,\n methods: ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'HEAD', 'OPTIONS'],\n headers: ['Content-Type', 'Authorization', 'Origin', 'Accept'],\n keepHeadersOnError: false,\n};\n\nexport const cors: Core.MiddlewareFactory<Config> = (config) => {\n const { origin, expose, maxAge, credentials, methods, headers, keepHeadersOnError } = {\n ...defaults,\n ...config,\n };\n\n if (config.enabled !== undefined) {\n strapi.log.warn(\n 'The strapi::cors middleware no longer supports the `enabled` option. Using it' +\n ' to conditionally enable CORS might cause an insecure default. To disable strapi::cors, remove it from' +\n ' the exported array in config/middleware.js'\n );\n }\n\n return koaCors({\n async origin(ctx) {\n if (!ctx.get('Origin')) {\n return '';\n }\n\n let originList: string \| string[];\n\n if (typeof origin === 'function') {\n originList = await origin(ctx);\n } else {\n originList = origin;\n }\n\n if (Array.isArray(originList)) {\n return originList.includes(ctx.get('Origin')) ? ctx.get('Origin') : '';\n }\n\n const parsedOrigin = originList.split(',').map((origin) => origin.trim());\n if (parsedOrigin.length > 1) {\n return parsedOrigin.includes(ctx.get('Origin')) ? ctx.get('Origin') : '';\n }\n\n return originList;\n },\n exposeHeaders: expose,\n maxAge,\n credentials,\n allowMethods: methods,\n allowHeaders: headers,\n keepHeadersOnError,\n });\n};\n"],"names":["koaCors","origin"],"mappings":";;;;;AAeA,MAAM,WAAmB;AAAA,EACvB,QAAQ;AAAA,EACR,QAAQ;AAAA,EACR,aAAa;AAAA,EACb,SAAS,CAAC,OAAO,QAAQ,OAAO,SAAS,UAAU,QAAQ,SAAS;AAAA,EACpE,SAAS,CAAC,gBAAgB,iBAAiB,UAAU,QAAQ;AAAA,EAC7D,oBAAoB;AACtB;AAEa,MAAA,OAAuC,CAAC,WAAW;AACxD,QAAA,EAAE,QAAQ,QAAQ,QAAQ,aAAa,SAAS,SAAS,uBAAuB;AAAA,IACpF,GAAG;AAAA,IACH,GAAG;AAAA,EACL;AAEI,MAAA,OAAO,YAAY,QAAW;AAChC,WAAO,IAAI;AAAA,MACT;AAAA,IAGF;AAAA,EAAA;AAGF,SAAOA,yBAAQ;AAAA,IACb,MAAM,OAAO,KAAK;AAChB,UAAI,CAAC,IAAI,IAAI,QAAQ,GAAG;AACf,eAAA;AAAA,MAAA;AAGL,UAAA;AAEA,UAAA,OAAO,WAAW,YAAY;AACnB,qBAAA,MAAM,OAAO,GAAG;AAAA,MAAA,OACxB;AACQ,qBAAA;AAAA,MAAA;AAGX,UAAA,MAAM,QAAQ,UAAU,GAAG;AACtB,eAAA,WAAW,SAAS,IAAI,IAAI,QAAQ,CAAC,IAAI,IAAI,IAAI,QAAQ,IAAI;AAAA,MAAA;AAGhE,YAAA,eAAe,WAAW,MAAM,GAAG,EAAE,IAAI,CAACC,YAAWA,QAAO,MAAM;AACpE,UAAA,aAAa,SAAS,GAAG;AACpB,eAAA,aAAa,SAAS,IAAI,IAAI,QAAQ,CAAC,IAAI,IAAI,IAAI,QAAQ,IAAI;AAAA,MAAA;AAGjE,aAAA;AAAA,IACT;AAAA,IACA,eAAe;AAAA,IACf;AAAA,IACA;AAAA,IACA,cAAc;AAAA,IACd,cAAc;AAAA,IACd;AAAA,EAAA,CACD;AACH;;"}

package/dist/middlewares/cors.mjs CHANGED Viewed

@@ -19,21 +19,23 @@ const cors = (config) => {
   }
   return koaCors({
     async origin(ctx) {
+      if (!ctx.get("Origin")) {
+        return "*";
+      }
       let originList;
       if (typeof origin === "function") {
         originList = await origin(ctx);
       } else {
         originList = origin;
       }
-      const whitelist = Array.isArray(originList) ? originList : originList.split(/\s*,\s*/);
-      const requestOrigin = ctx.headers.origin ?? "";
-      if (whitelist.includes("*")) {
-        return credentials ? requestOrigin : "*";
+      if (Array.isArray(originList)) {
+        return originList.includes(ctx.get("Origin")) ? ctx.get("Origin") : "";
       }
-      if (!whitelist.includes(requestOrigin)) {
-        return ctx.throw(`${requestOrigin} is not a valid origin`);
+      const parsedOrigin = originList.split(",").map((origin2) => origin2.trim());
+      if (parsedOrigin.length > 1) {
+        return parsedOrigin.includes(ctx.get("Origin")) ? ctx.get("Origin") : "";
       }
-      return requestOrigin;
+      return originList;
     },
     exposeHeaders: expose,
     maxAge,

package/dist/middlewares/cors.mjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"cors.mjs","sources":["../../src/middlewares/cors.ts"],"sourcesContent":["import koaCors from '@koa/cors';\n\nimport type { Core } from '@strapi/types';\n\nexport type Config = {\n enabled?: boolean;\n origin: string \| string[] \| ((ctx: any) => string \| string[]);\n expose?: string \| string[];\n maxAge?: number;\n credentials?: boolean;\n methods?: string \| string[];\n headers?: string \| string[];\n keepHeadersOnError?: boolean;\n};\n\nconst defaults: Config = {\n origin: '',\n maxAge: 31536000,\n credentials: true,\n methods: ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'HEAD', 'OPTIONS'],\n headers: ['Content-Type', 'Authorization', 'Origin', 'Accept'],\n keepHeadersOnError: false,\n};\n\nexport const cors: Core.MiddlewareFactory<Config> = (config) => {\n const { origin, expose, maxAge, credentials, methods, headers, keepHeadersOnError } = {\n ...defaults,\n ...config,\n };\n\n if (config.enabled !== undefined) {\n strapi.log.warn(\n 'The strapi::cors middleware no longer supports the `enabled` option. Using it' +\n ' to conditionally enable CORS might cause an insecure default. To disable strapi::cors, remove it from' +\n ' the exported array in config/middleware.js'\n );\n }\n\n return koaCors({\n async origin(ctx) {\n let originList: string \| string[];\n\n if (typeof origin === 'function') {\n originList = await origin(ctx);\n } else {\n originList = origin;\n }\n\n ~~const~~ ~~whitelist =~~ Array.isArray(originList) ? originList : ~~originList~~.~~split~~(~~/\\s,\\s/~~);\n\n const ~~requestOrigin~~ = ~~ctx~~.~~headers~~.origin ?? '';\n if (~~whitelist~~.~~includes(''~~)) {\n return ~~credentials ? requestOrigin : '*';\n }\n\n if (!whitelist~~.includes(~~requestOrigin~~)) ~~{\n return~~ ctx.~~throw~~(~~`${requestOrigin}~~ is ~~not a valid origin`)~~;\n }\n return ~~requestOrigin~~;\n },\n exposeHeaders: expose,\n maxAge,\n credentials,\n allowMethods: methods,\n allowHeaders: headers,\n keepHeadersOnError,\n });\n};\n"],"names":[],"mappings":";AAeA,MAAM,WAAmB;AAAA,EACvB,QAAQ;AAAA,EACR,QAAQ;AAAA,EACR,aAAa;AAAA,EACb,SAAS,CAAC,OAAO,QAAQ,OAAO,SAAS,UAAU,QAAQ,SAAS;AAAA,EACpE,SAAS,CAAC,gBAAgB,iBAAiB,UAAU,QAAQ;AAAA,EAC7D,oBAAoB;AACtB;AAEa,MAAA,OAAuC,CAAC,WAAW;AACxD,QAAA,EAAE,QAAQ,QAAQ,QAAQ,aAAa,SAAS,SAAS,uBAAuB;AAAA,IACpF,GAAG;AAAA,IACH,GAAG;AAAA,~~EAAA~~;~~AAGD~~,MAAA,OAAO,YAAY,QAAW;AAChC,WAAO,IAAI;AAAA,MACT;AAAA,~~IAAA~~;AAAA,~~EAIJ~~;~~AAEA~~,SAAO,QAAQ;AAAA,IACb,MAAM,OAAO,KAAK;~~AACZ~~,UAAA;AAEA,UAAA,OAAO,WAAW,YAAY;AACnB,qBAAA,MAAM,OAAO,GAAG;AAAA,MAAA,OACxB;AACQ,qBAAA;AAAA,~~MACf~~;~~AAEM~~,~~YAAA~~,~~YAAY,~~MAAM,QAAQ,UAAU,~~IAAI~~,~~aAAa~~,WAAW,~~MAAM,~~SAAS~~;AAE/E~~,~~YAAA~~,~~gBAAgB~~,IAAI,QAAQ,~~UAAU~~;~~AACxC~~,~~UAAA~~,~~UAAU~~,~~SAAS~~,~~GAAG~~,GAAG~~;AAC3B~~,~~eAAO~~,~~cAAc~~,~~gBAAgB;AAAA~~,~~MACvC~~;~~AAEA~~,~~UAAI~~,~~CAAC~~,~~UAAU,~~SAAS,~~aAAa,~~GAAG;~~AACtC~~,~~eAAO~~,IAAI,~~MAAM~~,~~GAAG~~,~~aAAa~~,~~wBAAwB~~;AAAA,~~MAC3D~~;~~AACO~~,aAAA;AAAA,IACT;AAAA,IACA,eAAe;AAAA,IACf;AAAA,IACA;AAAA,IACA,cAAc;AAAA,IACd,cAAc;AAAA,IACd;AAAA,EAAA,CACD;AACH;"}
1	+ {"version":3,"file":"cors.mjs","sources":["../../src/middlewares/cors.ts"],"sourcesContent":["import koaCors from '@koa/cors';\n\nimport type { Core } from '@strapi/types';\n\nexport type Config = {\n enabled?: boolean;\n origin: string \| string[] \| ((ctx: any) => string \| string[]);\n expose?: string \| string[];\n maxAge?: number;\n credentials?: boolean;\n methods?: string \| string[];\n headers?: string \| string[];\n keepHeadersOnError?: boolean;\n};\n\nconst defaults: Config = {\n origin: '',\n maxAge: 31536000,\n credentials: true,\n methods: ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'HEAD', 'OPTIONS'],\n headers: ['Content-Type', 'Authorization', 'Origin', 'Accept'],\n keepHeadersOnError: false,\n};\n\nexport const cors: Core.MiddlewareFactory<Config> = (config) => {\n const { origin, expose, maxAge, credentials, methods, headers, keepHeadersOnError } = {\n ...defaults,\n ...config,\n };\n\n if (config.enabled !== undefined) {\n strapi.log.warn(\n 'The strapi::cors middleware no longer supports the `enabled` option. Using it' +\n ' to conditionally enable CORS might cause an insecure default. To disable strapi::cors, remove it from' +\n ' the exported array in config/middleware.js'\n );\n }\n\n return koaCors({\n async origin(ctx) {\n if (!ctx.get('Origin')) {\n return '';\n }\n\n let originList: string \| string[];\n\n if (typeof origin === 'function') {\n originList = await origin(ctx);\n } else {\n originList = origin;\n }\n\n if (Array.isArray(originList)) {\n return originList.includes(ctx.get('Origin')) ? ctx.get('Origin') : '';\n }\n\n const parsedOrigin = originList.split(',').map((origin) => origin.trim());\n if (parsedOrigin.length > 1) {\n return parsedOrigin.includes(ctx.get('Origin')) ? ctx.get('Origin') : '';\n }\n\n return originList;\n },\n exposeHeaders: expose,\n maxAge,\n credentials,\n allowMethods: methods,\n allowHeaders: headers,\n keepHeadersOnError,\n });\n};\n"],"names":["origin"],"mappings":";AAeA,MAAM,WAAmB;AAAA,EACvB,QAAQ;AAAA,EACR,QAAQ;AAAA,EACR,aAAa;AAAA,EACb,SAAS,CAAC,OAAO,QAAQ,OAAO,SAAS,UAAU,QAAQ,SAAS;AAAA,EACpE,SAAS,CAAC,gBAAgB,iBAAiB,UAAU,QAAQ;AAAA,EAC7D,oBAAoB;AACtB;AAEa,MAAA,OAAuC,CAAC,WAAW;AACxD,QAAA,EAAE,QAAQ,QAAQ,QAAQ,aAAa,SAAS,SAAS,uBAAuB;AAAA,IACpF,GAAG;AAAA,IACH,GAAG;AAAA,EACL;AAEI,MAAA,OAAO,YAAY,QAAW;AAChC,WAAO,IAAI;AAAA,MACT;AAAA,IAGF;AAAA,EAAA;AAGF,SAAO,QAAQ;AAAA,IACb,MAAM,OAAO,KAAK;AAChB,UAAI,CAAC,IAAI,IAAI,QAAQ,GAAG;AACf,eAAA;AAAA,MAAA;AAGL,UAAA;AAEA,UAAA,OAAO,WAAW,YAAY;AACnB,qBAAA,MAAM,OAAO,GAAG;AAAA,MAAA,OACxB;AACQ,qBAAA;AAAA,MAAA;AAGX,UAAA,MAAM,QAAQ,UAAU,GAAG;AACtB,eAAA,WAAW,SAAS,IAAI,IAAI,QAAQ,CAAC,IAAI,IAAI,IAAI,QAAQ,IAAI;AAAA,MAAA;AAGhE,YAAA,eAAe,WAAW,MAAM,GAAG,EAAE,IAAI,CAACA,YAAWA,QAAO,MAAM;AACpE,UAAA,aAAa,SAAS,GAAG;AACpB,eAAA,aAAa,SAAS,IAAI,IAAI,QAAQ,CAAC,IAAI,IAAI,IAAI,QAAQ,IAAI;AAAA,MAAA;AAGjE,aAAA;AAAA,IACT;AAAA,IACA,eAAe;AAAA,IACf;AAAA,IACA;AAAA,IACA,cAAc;AAAA,IACd,cAAc;AAAA,IACd;AAAA,EAAA,CACD;AACH;"}

package/dist/middlewares/errors.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"errors.js","sources":["../../src/middlewares/errors.ts"],"sourcesContent":["import { errors } from '@strapi/utils';\nimport type { Core } from '@strapi/types';\n\nimport { formatApplicationError, formatHttpError, formatInternalError } from '../services/errors';\n\nconst errorMiddleware: Core.MiddlewareFactory = (/* _, { strapi } */) => {\n return async (ctx, next) => {\n try {\n await next();\n\n if (!ctx.response._explicitStatus) {\n return ctx.notFound();\n }\n } catch (error) {\n if (error instanceof errors.ApplicationError) {\n const { status, body } = formatApplicationError(error);\n ctx.status = status;\n ctx.body = body;\n return;\n }\n\n if (error instanceof errors.HttpError) {\n const { status, body } = formatHttpError(error);\n ctx.status = status;\n ctx.body = body;\n return;\n }\n\n strapi.log.error(error);\n\n const { status, body } = formatInternalError(error);\n ctx.status = status;\n ctx.body = body;\n }\n };\n};\n\nexport { errorMiddleware as errors };\n"],"names":["errors","status","body","formatApplicationError","formatHttpError","formatInternalError"],"mappings":";;;;AAKA,MAAM,kBAA0C,MAAyB;AAChE,SAAA,OAAO,KAAK,SAAS;AACtB,QAAA;AACF,YAAM,KAAK;AAEP,UAAA,CAAC,IAAI,SAAS,iBAAiB;AACjC,eAAO,IAAI;~~MACb~~;AAAA,~~aACO~~,OAAO;AACV,UAAA,iBAAiBA,mBAAO,kBAAkB;AAC5C,cAAM,EAAE,QAAAC,SAAQ,MAAAC,~~UAASC~~,~~OAAAA~~,~~uBAAuB~~,KAAK;AACrD,YAAI,SAASF;AACb,YAAI,OAAOC;AACX;AAAA,~~MACF~~;~~AAEI~~,UAAA,iBAAiBF,mBAAO,WAAW;AACrC,cAAM,EAAE,QAAAC,SAAQ,MAAAC,~~UAASE~~,~~OAAAA~~,~~gBAAgB~~,KAAK;AAC9C,YAAI,SAASH;AACb,YAAI,OAAOC;AACX;AAAA,~~MACF~~;~~AAEO~~,aAAA,IAAI,MAAM,KAAK;AAEtB,YAAM,EAAE,QAAQ,~~KAAK~~,~~IAAIG~~,~~2BAAoB~~,KAAK;AAClD,UAAI,SAAS;AACb,UAAI,OAAO;AAAA,~~IACb~~;AAAA,~~EAAA~~;~~AAEJ~~;;"}
1	+ {"version":3,"file":"errors.js","sources":["../../src/middlewares/errors.ts"],"sourcesContent":["import { errors } from '@strapi/utils';\nimport type { Core } from '@strapi/types';\n\nimport { formatApplicationError, formatHttpError, formatInternalError } from '../services/errors';\n\nconst errorMiddleware: Core.MiddlewareFactory = (/* _, { strapi } */) => {\n return async (ctx, next) => {\n try {\n await next();\n\n if (!ctx.response._explicitStatus) {\n return ctx.notFound();\n }\n } catch (error) {\n if (error instanceof errors.ApplicationError) {\n const { status, body } = formatApplicationError(error);\n ctx.status = status;\n ctx.body = body;\n return;\n }\n\n if (error instanceof errors.HttpError) {\n const { status, body } = formatHttpError(error);\n ctx.status = status;\n ctx.body = body;\n return;\n }\n\n strapi.log.error(error);\n\n const { status, body } = formatInternalError(error);\n ctx.status = status;\n ctx.body = body;\n }\n };\n};\n\nexport { errorMiddleware as errors };\n"],"names":["errors","status","body","formatApplicationError","formatHttpError","formatInternalError"],"mappings":";;;;AAKA,MAAM,kBAA0C,MAAyB;AAChE,SAAA,OAAO,KAAK,SAAS;AACtB,QAAA;AACF,YAAM,KAAK;AAEP,UAAA,CAAC,IAAI,SAAS,iBAAiB;AACjC,eAAO,IAAI,SAAS;AAAA,MAAA;AAAA,aAEf,OAAO;AACV,UAAA,iBAAiBA,mBAAO,kBAAkB;AAC5C,cAAM,EAAE,QAAAC,SAAQ,MAAAC,MAAK,IAAIC,8BAAuB,KAAK;AACrD,YAAI,SAASF;AACb,YAAI,OAAOC;AACX;AAAA,MAAA;AAGE,UAAA,iBAAiBF,mBAAO,WAAW;AACrC,cAAM,EAAE,QAAAC,SAAQ,MAAAC,MAAK,IAAIE,uBAAgB,KAAK;AAC9C,YAAI,SAASH;AACb,YAAI,OAAOC;AACX;AAAA,MAAA;AAGK,aAAA,IAAI,MAAM,KAAK;AAEtB,YAAM,EAAE,QAAQ,SAASG,OAAAA,oBAAoB,KAAK;AAClD,UAAI,SAAS;AACb,UAAI,OAAO;AAAA,IAAA;AAAA,EAEf;AACF;;"}

package/dist/middlewares/errors.mjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"errors.mjs","sources":["../../src/middlewares/errors.ts"],"sourcesContent":["import { errors } from '@strapi/utils';\nimport type { Core } from '@strapi/types';\n\nimport { formatApplicationError, formatHttpError, formatInternalError } from '../services/errors';\n\nconst errorMiddleware: Core.MiddlewareFactory = (/* _, { strapi } */) => {\n return async (ctx, next) => {\n try {\n await next();\n\n if (!ctx.response._explicitStatus) {\n return ctx.notFound();\n }\n } catch (error) {\n if (error instanceof errors.ApplicationError) {\n const { status, body } = formatApplicationError(error);\n ctx.status = status;\n ctx.body = body;\n return;\n }\n\n if (error instanceof errors.HttpError) {\n const { status, body } = formatHttpError(error);\n ctx.status = status;\n ctx.body = body;\n return;\n }\n\n strapi.log.error(error);\n\n const { status, body } = formatInternalError(error);\n ctx.status = status;\n ctx.body = body;\n }\n };\n};\n\nexport { errorMiddleware as errors };\n"],"names":["status","body"],"mappings":";;AAKA,MAAM,kBAA0C,MAAyB;AAChE,SAAA,OAAO,KAAK,SAAS;AACtB,QAAA;AACF,YAAM,KAAK;AAEP,UAAA,CAAC,IAAI,SAAS,iBAAiB;AACjC,eAAO,IAAI;~~MACb~~;AAAA,~~aACO~~,OAAO;AACV,UAAA,iBAAiB,OAAO,kBAAkB;AAC5C,cAAM,EAAE,QAAAA,SAAQ,MAAAC,~~UAAS~~,uBAAuB,KAAK;AACrD,YAAI,SAASD;AACb,YAAI,OAAOC;AACX;AAAA,~~MACF~~;~~AAEI~~,UAAA,iBAAiB,OAAO,WAAW;AACrC,cAAM,EAAE,QAAAD,SAAQ,MAAAC,~~UAAS~~,gBAAgB,KAAK;AAC9C,YAAI,SAASD;AACb,YAAI,OAAOC;AACX;AAAA,~~MACF~~;~~AAEO~~,aAAA,IAAI,MAAM,KAAK;AAEtB,YAAM,EAAE,QAAQ,~~KAAK~~,~~IAAI,~~oBAAoB,KAAK;AAClD,UAAI,SAAS;AACb,UAAI,OAAO;AAAA,~~IACb~~;AAAA,~~EAAA~~;~~AAEJ~~;"}
1	+ {"version":3,"file":"errors.mjs","sources":["../../src/middlewares/errors.ts"],"sourcesContent":["import { errors } from '@strapi/utils';\nimport type { Core } from '@strapi/types';\n\nimport { formatApplicationError, formatHttpError, formatInternalError } from '../services/errors';\n\nconst errorMiddleware: Core.MiddlewareFactory = (/* _, { strapi } */) => {\n return async (ctx, next) => {\n try {\n await next();\n\n if (!ctx.response._explicitStatus) {\n return ctx.notFound();\n }\n } catch (error) {\n if (error instanceof errors.ApplicationError) {\n const { status, body } = formatApplicationError(error);\n ctx.status = status;\n ctx.body = body;\n return;\n }\n\n if (error instanceof errors.HttpError) {\n const { status, body } = formatHttpError(error);\n ctx.status = status;\n ctx.body = body;\n return;\n }\n\n strapi.log.error(error);\n\n const { status, body } = formatInternalError(error);\n ctx.status = status;\n ctx.body = body;\n }\n };\n};\n\nexport { errorMiddleware as errors };\n"],"names":["status","body"],"mappings":";;AAKA,MAAM,kBAA0C,MAAyB;AAChE,SAAA,OAAO,KAAK,SAAS;AACtB,QAAA;AACF,YAAM,KAAK;AAEP,UAAA,CAAC,IAAI,SAAS,iBAAiB;AACjC,eAAO,IAAI,SAAS;AAAA,MAAA;AAAA,aAEf,OAAO;AACV,UAAA,iBAAiB,OAAO,kBAAkB;AAC5C,cAAM,EAAE,QAAAA,SAAQ,MAAAC,MAAK,IAAI,uBAAuB,KAAK;AACrD,YAAI,SAASD;AACb,YAAI,OAAOC;AACX;AAAA,MAAA;AAGE,UAAA,iBAAiB,OAAO,WAAW;AACrC,cAAM,EAAE,QAAAD,SAAQ,MAAAC,MAAK,IAAI,gBAAgB,KAAK;AAC9C,YAAI,SAASD;AACb,YAAI,OAAOC;AACX;AAAA,MAAA;AAGK,aAAA,IAAI,MAAM,KAAK;AAEtB,YAAM,EAAE,QAAQ,SAAS,oBAAoB,KAAK;AAClD,UAAI,SAAS;AACb,UAAI,OAAO;AAAA,IAAA;AAAA,EAEf;AACF;"}

package/dist/middlewares/favicon.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"favicon.js","sources":["../../src/middlewares/favicon.ts"],"sourcesContent":["import { existsSync } from 'fs';\nimport { resolve } from 'path';\nimport koaFavicon from 'koa-favicon';\nimport type { Core } from '@strapi/types';\n\nexport type Config = NonNullable<Parameters<typeof koaFavicon>[1]>;\n\nconst defaults = {\n path: 'favicon.png',\n maxAge: 86400000,\n};\n\nexport const favicon: Core.MiddlewareFactory<Config> = (config, { strapi }) => {\n const { maxAge, path: faviconDefaultPath } = { ...defaults, ...config };\n const { root: appRoot } = strapi.dirs.app;\n let faviconPath = faviconDefaultPath;\n\n /** TODO (v5): Updating the favicon to use a png caused\n * https://github.com/strapi/strapi/issues/14693\n \n This check ensures backwards compatibility until\n * the next major version\n */\n if (!existsSync(resolve(appRoot, faviconPath))) {\n faviconPath = 'favicon.ico';\n }\n\n return koaFavicon(resolve(appRoot, faviconPath), { maxAge });\n};\n"],"names":["existsSync","resolve","koaFavicon"],"mappings":";;;;;;;AAOA,MAAM,WAAW;AAAA,EACf,MAAM;AAAA,EACN,QAAQ;AACV;AAEO,MAAM,UAA0C,CAAC,QAAQ,EAAE,aAAa;AACvE,QAAA,EAAE,QAAQ,MAAM,~~mBAAA~~,~~IAAuB,~~EAAE,GAAG,UAAU,GAAG;~~AAC/D~~,QAAM,EAAE,MAAM,QAAQ,IAAI,OAAO,KAAK;AACtC,MAAI,cAAc;AAQlB,MAAI,CAACA,GAAAA,WAAWC,KAAAA,QAAQ,SAAS,WAAW,CAAC,GAAG;AAChC,kBAAA;AAAA,~~EAChB~~;~~AAEA~~,SAAOC,oBAAAA,QAAWD,KAAAA,QAAQ,SAAS,WAAW,GAAG,EAAE,QAAQ;AAC7D;;"}
1	+ {"version":3,"file":"favicon.js","sources":["../../src/middlewares/favicon.ts"],"sourcesContent":["import { existsSync } from 'fs';\nimport { resolve } from 'path';\nimport koaFavicon from 'koa-favicon';\nimport type { Core } from '@strapi/types';\n\nexport type Config = NonNullable<Parameters<typeof koaFavicon>[1]>;\n\nconst defaults = {\n path: 'favicon.png',\n maxAge: 86400000,\n};\n\nexport const favicon: Core.MiddlewareFactory<Config> = (config, { strapi }) => {\n const { maxAge, path: faviconDefaultPath } = { ...defaults, ...config };\n const { root: appRoot } = strapi.dirs.app;\n let faviconPath = faviconDefaultPath;\n\n /** TODO (v5): Updating the favicon to use a png caused\n * https://github.com/strapi/strapi/issues/14693\n \n This check ensures backwards compatibility until\n * the next major version\n */\n if (!existsSync(resolve(appRoot, faviconPath))) {\n faviconPath = 'favicon.ico';\n }\n\n return koaFavicon(resolve(appRoot, faviconPath), { maxAge });\n};\n"],"names":["existsSync","resolve","koaFavicon"],"mappings":";;;;;;;AAOA,MAAM,WAAW;AAAA,EACf,MAAM;AAAA,EACN,QAAQ;AACV;AAEO,MAAM,UAA0C,CAAC,QAAQ,EAAE,aAAa;AACvE,QAAA,EAAE,QAAQ,MAAM,uBAAuB,EAAE,GAAG,UAAU,GAAG,OAAO;AACtE,QAAM,EAAE,MAAM,QAAQ,IAAI,OAAO,KAAK;AACtC,MAAI,cAAc;AAQlB,MAAI,CAACA,GAAAA,WAAWC,KAAAA,QAAQ,SAAS,WAAW,CAAC,GAAG;AAChC,kBAAA;AAAA,EAAA;AAGhB,SAAOC,oBAAAA,QAAWD,KAAAA,QAAQ,SAAS,WAAW,GAAG,EAAE,QAAQ;AAC7D;;"}

package/dist/middlewares/favicon.mjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"favicon.mjs","sources":["../../src/middlewares/favicon.ts"],"sourcesContent":["import { existsSync } from 'fs';\nimport { resolve } from 'path';\nimport koaFavicon from 'koa-favicon';\nimport type { Core } from '@strapi/types';\n\nexport type Config = NonNullable<Parameters<typeof koaFavicon>[1]>;\n\nconst defaults = {\n path: 'favicon.png',\n maxAge: 86400000,\n};\n\nexport const favicon: Core.MiddlewareFactory<Config> = (config, { strapi }) => {\n const { maxAge, path: faviconDefaultPath } = { ...defaults, ...config };\n const { root: appRoot } = strapi.dirs.app;\n let faviconPath = faviconDefaultPath;\n\n /** TODO (v5): Updating the favicon to use a png caused\n * https://github.com/strapi/strapi/issues/14693\n \n This check ensures backwards compatibility until\n * the next major version\n */\n if (!existsSync(resolve(appRoot, faviconPath))) {\n faviconPath = 'favicon.ico';\n }\n\n return koaFavicon(resolve(appRoot, faviconPath), { maxAge });\n};\n"],"names":[],"mappings":";;;AAOA,MAAM,WAAW;AAAA,EACf,MAAM;AAAA,EACN,QAAQ;AACV;AAEO,MAAM,UAA0C,CAAC,QAAQ,EAAE,aAAa;AACvE,QAAA,EAAE,QAAQ,MAAM,~~mBAAA~~,~~IAAuB,~~EAAE,GAAG,UAAU,GAAG;~~AAC/D~~,QAAM,EAAE,MAAM,QAAQ,IAAI,OAAO,KAAK;AACtC,MAAI,cAAc;AAQlB,MAAI,CAAC,WAAW,QAAQ,SAAS,WAAW,CAAC,GAAG;AAChC,kBAAA;AAAA,~~EAChB~~;~~AAEA~~,SAAO,WAAW,QAAQ,SAAS,WAAW,GAAG,EAAE,QAAQ;AAC7D;"}
1	+ {"version":3,"file":"favicon.mjs","sources":["../../src/middlewares/favicon.ts"],"sourcesContent":["import { existsSync } from 'fs';\nimport { resolve } from 'path';\nimport koaFavicon from 'koa-favicon';\nimport type { Core } from '@strapi/types';\n\nexport type Config = NonNullable<Parameters<typeof koaFavicon>[1]>;\n\nconst defaults = {\n path: 'favicon.png',\n maxAge: 86400000,\n};\n\nexport const favicon: Core.MiddlewareFactory<Config> = (config, { strapi }) => {\n const { maxAge, path: faviconDefaultPath } = { ...defaults, ...config };\n const { root: appRoot } = strapi.dirs.app;\n let faviconPath = faviconDefaultPath;\n\n /** TODO (v5): Updating the favicon to use a png caused\n * https://github.com/strapi/strapi/issues/14693\n \n This check ensures backwards compatibility until\n * the next major version\n */\n if (!existsSync(resolve(appRoot, faviconPath))) {\n faviconPath = 'favicon.ico';\n }\n\n return koaFavicon(resolve(appRoot, faviconPath), { maxAge });\n};\n"],"names":[],"mappings":";;;AAOA,MAAM,WAAW;AAAA,EACf,MAAM;AAAA,EACN,QAAQ;AACV;AAEO,MAAM,UAA0C,CAAC,QAAQ,EAAE,aAAa;AACvE,QAAA,EAAE,QAAQ,MAAM,uBAAuB,EAAE,GAAG,UAAU,GAAG,OAAO;AACtE,QAAM,EAAE,MAAM,QAAQ,IAAI,OAAO,KAAK;AACtC,MAAI,cAAc;AAQlB,MAAI,CAAC,WAAW,QAAQ,SAAS,WAAW,CAAC,GAAG;AAChC,kBAAA;AAAA,EAAA;AAGhB,SAAO,WAAW,QAAQ,SAAS,WAAW,GAAG,EAAE,QAAQ;AAC7D;"}

package/dist/middlewares/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.js","sources":["../../src/middlewares/index.ts"],"sourcesContent":["import type { Core } from '@strapi/types';\nimport { compression } from './compression';\nimport { cors } from './cors';\nimport { errors } from './errors';\nimport { favicon } from './favicon';\nimport { ip } from './ip';\nimport { logger } from './logger';\nimport { poweredBy } from './powered-by';\nimport { body } from './body';\nimport { query } from './query';\nimport { responseTime } from './response-time';\nimport { responses } from './responses';\nimport { security } from './security';\nimport { session } from './session';\nimport { publicStatic } from './public';\n\nexport const middlewares: Record<string, Core.MiddlewareFactory> = {\n compression,\n cors,\n errors,\n favicon,\n ip,\n logger,\n poweredBy,\n body,\n query,\n responseTime,\n responses,\n security,\n session,\n public: publicStatic,\n};\n"],"names":["compression","cors","errors","favicon","ip","logger","poweredBy","body","query","responseTime","responses","security","session","publicStatic"],"mappings":";;;;;;;;;;;;;;;;AAgBO,MAAM,cAAsD;AAAA,EAAA,aACjEA,YAAA;AAAA,EAAA,MACAC,KAAA;AAAA,EAAA,QACAC,OAAA;AAAA,EAAA,SACAC,QAAA;AAAA,EAAA,IACAC,GAAA;AAAA,EAAA,QACAC,OAAA;AAAA,EAAA,WACAC,UAAA;AAAA,EAAA,MACAC,KAAA;AAAA,EAAA,OACAC,MAAA;AAAA,EAAA,cACAC,aAAA;AAAA,EAAA,WACAC,UAAA;AAAA,EAAA,UACAC,SAAA;AAAA,EAAA,SACAC,QAAA;AAAA,EACA,QAAQC,~~QAAA~~;AACV;;"}
1	+ {"version":3,"file":"index.js","sources":["../../src/middlewares/index.ts"],"sourcesContent":["import type { Core } from '@strapi/types';\nimport { compression } from './compression';\nimport { cors } from './cors';\nimport { errors } from './errors';\nimport { favicon } from './favicon';\nimport { ip } from './ip';\nimport { logger } from './logger';\nimport { poweredBy } from './powered-by';\nimport { body } from './body';\nimport { query } from './query';\nimport { responseTime } from './response-time';\nimport { responses } from './responses';\nimport { security } from './security';\nimport { session } from './session';\nimport { publicStatic } from './public';\n\nexport const middlewares: Record<string, Core.MiddlewareFactory> = {\n compression,\n cors,\n errors,\n favicon,\n ip,\n logger,\n poweredBy,\n body,\n query,\n responseTime,\n responses,\n security,\n session,\n public: publicStatic,\n};\n"],"names":["compression","cors","errors","favicon","ip","logger","poweredBy","body","query","responseTime","responses","security","session","publicStatic"],"mappings":";;;;;;;;;;;;;;;;AAgBO,MAAM,cAAsD;AAAA,EAAA,aACjEA,YAAA;AAAA,EAAA,MACAC,KAAA;AAAA,EAAA,QACAC,OAAA;AAAA,EAAA,SACAC,QAAA;AAAA,EAAA,IACAC,GAAA;AAAA,EAAA,QACAC,OAAA;AAAA,EAAA,WACAC,UAAA;AAAA,EAAA,MACAC,KAAA;AAAA,EAAA,OACAC,MAAA;AAAA,EAAA,cACAC,aAAA;AAAA,EAAA,WACAC,UAAA;AAAA,EAAA,UACAC,SAAA;AAAA,EAAA,SACAC,QAAA;AAAA,EACA,QAAQC,QAAAA;AACV;;"}

package/dist/middlewares/logger.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"logger.js","sources":["../../src/middlewares/logger.ts"],"sourcesContent":["import type { Core } from '@strapi/types';\n\nexport const logger: Core.MiddlewareFactory = (_, { strapi }) => {\n return async (ctx, next) => {\n const start = Date.now();\n await next();\n const delta = Math.ceil(Date.now() - start);\n\n strapi.log.http(`${ctx.method} ${ctx.url} (${delta} ms) ${ctx.status}`);\n };\n};\n"],"names":[],"mappings":";;AAEO,MAAM,SAAiC,CAAC,GAAG,EAAE,aAAa;AACxD,SAAA,OAAO,KAAK,SAAS;AACpB,UAAA,QAAQ,KAAK;~~AACnB~~,UAAM,KAAK;AACX,UAAM,QAAQ,KAAK,KAAK,KAAK,~~IAAA~~,~~IAAQ,~~KAAK;AAE1C,WAAO,IAAI,KAAK,GAAG,IAAI,MAAM,IAAI,IAAI,GAAG,KAAK,KAAK,QAAQ,IAAI,MAAM,EAAE;AAAA,~~EAAA~~;~~AAE1E~~;;"}
1	+ {"version":3,"file":"logger.js","sources":["../../src/middlewares/logger.ts"],"sourcesContent":["import type { Core } from '@strapi/types';\n\nexport const logger: Core.MiddlewareFactory = (_, { strapi }) => {\n return async (ctx, next) => {\n const start = Date.now();\n await next();\n const delta = Math.ceil(Date.now() - start);\n\n strapi.log.http(`${ctx.method} ${ctx.url} (${delta} ms) ${ctx.status}`);\n };\n};\n"],"names":[],"mappings":";;AAEO,MAAM,SAAiC,CAAC,GAAG,EAAE,aAAa;AACxD,SAAA,OAAO,KAAK,SAAS;AACpB,UAAA,QAAQ,KAAK,IAAI;AACvB,UAAM,KAAK;AACX,UAAM,QAAQ,KAAK,KAAK,KAAK,QAAQ,KAAK;AAE1C,WAAO,IAAI,KAAK,GAAG,IAAI,MAAM,IAAI,IAAI,GAAG,KAAK,KAAK,QAAQ,IAAI,MAAM,EAAE;AAAA,EACxE;AACF;;"}

package/dist/middlewares/logger.mjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"logger.mjs","sources":["../../src/middlewares/logger.ts"],"sourcesContent":["import type { Core } from '@strapi/types';\n\nexport const logger: Core.MiddlewareFactory = (_, { strapi }) => {\n return async (ctx, next) => {\n const start = Date.now();\n await next();\n const delta = Math.ceil(Date.now() - start);\n\n strapi.log.http(`${ctx.method} ${ctx.url} (${delta} ms) ${ctx.status}`);\n };\n};\n"],"names":[],"mappings":"AAEO,MAAM,SAAiC,CAAC,GAAG,EAAE,aAAa;AACxD,SAAA,OAAO,KAAK,SAAS;AACpB,UAAA,QAAQ,KAAK;~~AACnB~~,UAAM,KAAK;AACX,UAAM,QAAQ,KAAK,KAAK,KAAK,~~IAAA~~,~~IAAQ,~~KAAK;AAE1C,WAAO,IAAI,KAAK,GAAG,IAAI,MAAM,IAAI,IAAI,GAAG,KAAK,KAAK,QAAQ,IAAI,MAAM,EAAE;AAAA,~~EAAA~~;~~AAE1E~~;"}
1	+ {"version":3,"file":"logger.mjs","sources":["../../src/middlewares/logger.ts"],"sourcesContent":["import type { Core } from '@strapi/types';\n\nexport const logger: Core.MiddlewareFactory = (_, { strapi }) => {\n return async (ctx, next) => {\n const start = Date.now();\n await next();\n const delta = Math.ceil(Date.now() - start);\n\n strapi.log.http(`${ctx.method} ${ctx.url} (${delta} ms) ${ctx.status}`);\n };\n};\n"],"names":[],"mappings":"AAEO,MAAM,SAAiC,CAAC,GAAG,EAAE,aAAa;AACxD,SAAA,OAAO,KAAK,SAAS;AACpB,UAAA,QAAQ,KAAK,IAAI;AACvB,UAAM,KAAK;AACX,UAAM,QAAQ,KAAK,KAAK,KAAK,QAAQ,KAAK;AAE1C,WAAO,IAAI,KAAK,GAAG,IAAI,MAAM,IAAI,IAAI,GAAG,KAAK,KAAK,QAAQ,IAAI,MAAM,EAAE;AAAA,EACxE;AACF;"}

package/dist/middlewares/powered-by.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"powered-by.js","sources":["../../src/middlewares/powered-by.ts"],"sourcesContent":["import type { Core } from '@strapi/types';\n\nexport interface Config {\n poweredBy: string;\n}\n\nconst defaults: Config = {\n poweredBy: 'Strapi <strapi.io>',\n};\n\nexport const poweredBy: Core.MiddlewareFactory<Partial<Config>> = (config) => {\n const { poweredBy } = { ...defaults, ...config };\n\n return async (ctx, next) => {\n await next();\n\n ctx.set('X-Powered-By', poweredBy);\n };\n};\n"],"names":["poweredBy"],"mappings":";;AAMA,MAAM,WAAmB;AAAA,EACvB,WAAW;AACb;AAEa,MAAA,YAAqD,CAAC,WAAW;AACtE,QAAA,EAAE,WAAAA,WAAU,IAAI,EAAE,GAAG,UAAU,GAAG;~~AAEjC~~,SAAA,OAAO,KAAK,SAAS;AAC1B,UAAM,KAAK;AAEP,QAAA,IAAI,gBAAgBA,UAAS;AAAA,~~EAAA~~;~~AAErC~~;;"}
1	+ {"version":3,"file":"powered-by.js","sources":["../../src/middlewares/powered-by.ts"],"sourcesContent":["import type { Core } from '@strapi/types';\n\nexport interface Config {\n poweredBy: string;\n}\n\nconst defaults: Config = {\n poweredBy: 'Strapi <strapi.io>',\n};\n\nexport const poweredBy: Core.MiddlewareFactory<Partial<Config>> = (config) => {\n const { poweredBy } = { ...defaults, ...config };\n\n return async (ctx, next) => {\n await next();\n\n ctx.set('X-Powered-By', poweredBy);\n };\n};\n"],"names":["poweredBy"],"mappings":";;AAMA,MAAM,WAAmB;AAAA,EACvB,WAAW;AACb;AAEa,MAAA,YAAqD,CAAC,WAAW;AACtE,QAAA,EAAE,WAAAA,WAAU,IAAI,EAAE,GAAG,UAAU,GAAG,OAAO;AAExC,SAAA,OAAO,KAAK,SAAS;AAC1B,UAAM,KAAK;AAEP,QAAA,IAAI,gBAAgBA,UAAS;AAAA,EACnC;AACF;;"}

package/dist/middlewares/powered-by.mjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"powered-by.mjs","sources":["../../src/middlewares/powered-by.ts"],"sourcesContent":["import type { Core } from '@strapi/types';\n\nexport interface Config {\n poweredBy: string;\n}\n\nconst defaults: Config = {\n poweredBy: 'Strapi <strapi.io>',\n};\n\nexport const poweredBy: Core.MiddlewareFactory<Partial<Config>> = (config) => {\n const { poweredBy } = { ...defaults, ...config };\n\n return async (ctx, next) => {\n await next();\n\n ctx.set('X-Powered-By', poweredBy);\n };\n};\n"],"names":["poweredBy"],"mappings":"AAMA,MAAM,WAAmB;AAAA,EACvB,WAAW;AACb;AAEa,MAAA,YAAqD,CAAC,WAAW;AACtE,QAAA,EAAE,WAAAA,WAAU,IAAI,EAAE,GAAG,UAAU,GAAG;~~AAEjC~~,SAAA,OAAO,KAAK,SAAS;AAC1B,UAAM,KAAK;AAEP,QAAA,IAAI,gBAAgBA,UAAS;AAAA,~~EAAA~~;~~AAErC~~;"}
1	+ {"version":3,"file":"powered-by.mjs","sources":["../../src/middlewares/powered-by.ts"],"sourcesContent":["import type { Core } from '@strapi/types';\n\nexport interface Config {\n poweredBy: string;\n}\n\nconst defaults: Config = {\n poweredBy: 'Strapi <strapi.io>',\n};\n\nexport const poweredBy: Core.MiddlewareFactory<Partial<Config>> = (config) => {\n const { poweredBy } = { ...defaults, ...config };\n\n return async (ctx, next) => {\n await next();\n\n ctx.set('X-Powered-By', poweredBy);\n };\n};\n"],"names":["poweredBy"],"mappings":"AAMA,MAAM,WAAmB;AAAA,EACvB,WAAW;AACb;AAEa,MAAA,YAAqD,CAAC,WAAW;AACtE,QAAA,EAAE,WAAAA,WAAU,IAAI,EAAE,GAAG,UAAU,GAAG,OAAO;AAExC,SAAA,OAAO,KAAK,SAAS;AAC1B,UAAM,KAAK;AAEP,QAAA,IAAI,gBAAgBA,UAAS;AAAA,EACnC;AACF;"}

package/dist/middlewares/public.js CHANGED Viewed

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
-const _ = require("lodash/fp");
+const fp = require("lodash/fp");
 const koaStatic = require("koa-static");
 const _interopDefault = (e) => e && e.__esModule ? e : { default: e };
 const koaStatic__default = /* @__PURE__ */ _interopDefault(koaStatic);
@@ -8,7 +8,7 @@ const defaults = {
   maxAge: 6e4
 };
 const publicStatic = (config, { strapi }) => {
-  const { maxAge } = _.defaultsDeep(defaults, config);
+  const { maxAge } = fp.defaultsDeep(defaults, config);
   strapi.server.routes([
     {
       method: "GET",

package/dist/middlewares/public.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"public.js","sources":["../../src/middlewares/public.ts"],"sourcesContent":["import { defaultsDeep } from 'lodash/fp';\nimport koaStatic from 'koa-static';\nimport type { Core } from '@strapi/types';\n\ntype Config = koaStatic.Options;\n\nconst defaults = {\n maxAge: 60000,\n};\n\nexport const publicStatic: Core.MiddlewareFactory = (\n config: Config,\n { strapi }: { strapi: Core.Strapi }\n) => {\n const { maxAge } = defaultsDeep(defaults, config);\n\n strapi.server.routes([\n {\n method: 'GET',\n path: '/',\n handler(ctx) {\n ctx.redirect(strapi.config.get('admin.url', '/admin'));\n },\n config: { auth: false },\n },\n // All other public GET-routes except /uploads/(.*) which is handled in upload middleware\n {\n method: 'GET',\n path: '/((?!uploads/).+)',\n handler: koaStatic(strapi.dirs.static.public, {\n maxage: maxAge,\n defer: true,\n }),\n config: { auth: false },\n },\n ]);\n};\n"],"names":["defaultsDeep","koaStatic"],"mappings":";;;;;;AAMA,MAAM,WAAW;AAAA,EACf,QAAQ;AACV;AAEO,MAAM,eAAuC,CAClD,QACA,EAAE,aACC;AACH,QAAM,EAAE,OAAW,IAAAA,~~EAAA~~,~~aAAa,~~UAAU,MAAM;AAEhD,SAAO,OAAO,OAAO;AAAA,IACnB;AAAA,MACE,QAAQ;AAAA,MACR,MAAM;AAAA,MACN,QAAQ,KAAK;AACX,YAAI,SAAS,OAAO,OAAO,IAAI,aAAa,QAAQ,CAAC;AAAA,MACvD;AAAA,MACA,QAAQ,EAAE,MAAM,MAAM;AAAA,IACxB;AAAA;AAAA,IAEA;AAAA,MACE,QAAQ;AAAA,MACR,MAAM;AAAA,MACN,SAASC,mBAAAA,QAAU,OAAO,KAAK,OAAO,QAAQ;AAAA,QAC5C,QAAQ;AAAA,QACR,OAAO;AAAA,MAAA,CACR;AAAA,MACD,QAAQ,EAAE,MAAM,MAAM;AAAA,~~IACxB~~;AAAA,~~EAAA~~,CACD;AACH;;"}
1	+ {"version":3,"file":"public.js","sources":["../../src/middlewares/public.ts"],"sourcesContent":["import { defaultsDeep } from 'lodash/fp';\nimport koaStatic from 'koa-static';\nimport type { Core } from '@strapi/types';\n\ntype Config = koaStatic.Options;\n\nconst defaults = {\n maxAge: 60000,\n};\n\nexport const publicStatic: Core.MiddlewareFactory = (\n config: Config,\n { strapi }: { strapi: Core.Strapi }\n) => {\n const { maxAge } = defaultsDeep(defaults, config);\n\n strapi.server.routes([\n {\n method: 'GET',\n path: '/',\n handler(ctx) {\n ctx.redirect(strapi.config.get('admin.url', '/admin'));\n },\n config: { auth: false },\n },\n // All other public GET-routes except /uploads/(.*) which is handled in upload middleware\n {\n method: 'GET',\n path: '/((?!uploads/).+)',\n handler: koaStatic(strapi.dirs.static.public, {\n maxage: maxAge,\n defer: true,\n }),\n config: { auth: false },\n },\n ]);\n};\n"],"names":["defaultsDeep","koaStatic"],"mappings":";;;;;;AAMA,MAAM,WAAW;AAAA,EACf,QAAQ;AACV;AAEO,MAAM,eAAuC,CAClD,QACA,EAAE,aACC;AACH,QAAM,EAAE,OAAW,IAAAA,gBAAa,UAAU,MAAM;AAEhD,SAAO,OAAO,OAAO;AAAA,IACnB;AAAA,MACE,QAAQ;AAAA,MACR,MAAM;AAAA,MACN,QAAQ,KAAK;AACX,YAAI,SAAS,OAAO,OAAO,IAAI,aAAa,QAAQ,CAAC;AAAA,MACvD;AAAA,MACA,QAAQ,EAAE,MAAM,MAAM;AAAA,IACxB;AAAA;AAAA,IAEA;AAAA,MACE,QAAQ;AAAA,MACR,MAAM;AAAA,MACN,SAASC,mBAAAA,QAAU,OAAO,KAAK,OAAO,QAAQ;AAAA,QAC5C,QAAQ;AAAA,QACR,OAAO;AAAA,MAAA,CACR;AAAA,MACD,QAAQ,EAAE,MAAM,MAAM;AAAA,IAAA;AAAA,EACxB,CACD;AACH;;"}

package/dist/middlewares/public.mjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"public.mjs","sources":["../../src/middlewares/public.ts"],"sourcesContent":["import { defaultsDeep } from 'lodash/fp';\nimport koaStatic from 'koa-static';\nimport type { Core } from '@strapi/types';\n\ntype Config = koaStatic.Options;\n\nconst defaults = {\n maxAge: 60000,\n};\n\nexport const publicStatic: Core.MiddlewareFactory = (\n config: Config,\n { strapi }: { strapi: Core.Strapi }\n) => {\n const { maxAge } = defaultsDeep(defaults, config);\n\n strapi.server.routes([\n {\n method: 'GET',\n path: '/',\n handler(ctx) {\n ctx.redirect(strapi.config.get('admin.url', '/admin'));\n },\n config: { auth: false },\n },\n // All other public GET-routes except /uploads/(.*) which is handled in upload middleware\n {\n method: 'GET',\n path: '/((?!uploads/).+)',\n handler: koaStatic(strapi.dirs.static.public, {\n maxage: maxAge,\n defer: true,\n }),\n config: { auth: false },\n },\n ]);\n};\n"],"names":[],"mappings":";;AAMA,MAAM,WAAW;AAAA,EACf,QAAQ;AACV;AAEO,MAAM,eAAuC,CAClD,QACA,EAAE,aACC;AACH,QAAM,EAAE,OAAW,IAAA,aAAa,UAAU,MAAM;AAEhD,SAAO,OAAO,OAAO;AAAA,IACnB;AAAA,MACE,QAAQ;AAAA,MACR,MAAM;AAAA,MACN,QAAQ,KAAK;AACX,YAAI,SAAS,OAAO,OAAO,IAAI,aAAa,QAAQ,CAAC;AAAA,MACvD;AAAA,MACA,QAAQ,EAAE,MAAM,MAAM;AAAA,IACxB;AAAA;AAAA,IAEA;AAAA,MACE,QAAQ;AAAA,MACR,MAAM;AAAA,MACN,SAAS,UAAU,OAAO,KAAK,OAAO,QAAQ;AAAA,QAC5C,QAAQ;AAAA,QACR,OAAO;AAAA,MAAA,CACR;AAAA,MACD,QAAQ,EAAE,MAAM,MAAM;AAAA,~~IACxB~~;AAAA,~~EAAA~~,CACD;AACH;"}
1	+ {"version":3,"file":"public.mjs","sources":["../../src/middlewares/public.ts"],"sourcesContent":["import { defaultsDeep } from 'lodash/fp';\nimport koaStatic from 'koa-static';\nimport type { Core } from '@strapi/types';\n\ntype Config = koaStatic.Options;\n\nconst defaults = {\n maxAge: 60000,\n};\n\nexport const publicStatic: Core.MiddlewareFactory = (\n config: Config,\n { strapi }: { strapi: Core.Strapi }\n) => {\n const { maxAge } = defaultsDeep(defaults, config);\n\n strapi.server.routes([\n {\n method: 'GET',\n path: '/',\n handler(ctx) {\n ctx.redirect(strapi.config.get('admin.url', '/admin'));\n },\n config: { auth: false },\n },\n // All other public GET-routes except /uploads/(.*) which is handled in upload middleware\n {\n method: 'GET',\n path: '/((?!uploads/).+)',\n handler: koaStatic(strapi.dirs.static.public, {\n maxage: maxAge,\n defer: true,\n }),\n config: { auth: false },\n },\n ]);\n};\n"],"names":[],"mappings":";;AAMA,MAAM,WAAW;AAAA,EACf,QAAQ;AACV;AAEO,MAAM,eAAuC,CAClD,QACA,EAAE,aACC;AACH,QAAM,EAAE,OAAW,IAAA,aAAa,UAAU,MAAM;AAEhD,SAAO,OAAO,OAAO;AAAA,IACnB;AAAA,MACE,QAAQ;AAAA,MACR,MAAM;AAAA,MACN,QAAQ,KAAK;AACX,YAAI,SAAS,OAAO,OAAO,IAAI,aAAa,QAAQ,CAAC;AAAA,MACvD;AAAA,MACA,QAAQ,EAAE,MAAM,MAAM;AAAA,IACxB;AAAA;AAAA,IAEA;AAAA,MACE,QAAQ;AAAA,MACR,MAAM;AAAA,MACN,SAAS,UAAU,OAAO,KAAK,OAAO,QAAQ;AAAA,QAC5C,QAAQ;AAAA,QACR,OAAO;AAAA,MAAA,CACR;AAAA,MACD,QAAQ,EAAE,MAAM,MAAM;AAAA,IAAA;AAAA,EACxB,CACD;AACH;"}

package/dist/middlewares/query.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"query.d.ts","sourceRoot":"","sources":["../../src/middlewares/query.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,eAAe,CAAC;~~AA2C1C~~,eAAO,MAAM,KAAK,EAAE,IAAI,CAAC,iBAKxB,CAAC"}
1	+ {"version":3,"file":"query.d.ts","sourceRoot":"","sources":["../../src/middlewares/query.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,eAAe,CAAC;AA4C1C,eAAO,MAAM,KAAK,EAAE,IAAI,CAAC,iBAKxB,CAAC"}

package/dist/middlewares/query.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"query.js","sources":["../../src/middlewares/query.ts"],"sourcesContent":["import qs, ~~{ IParseOptions }~~ from 'qs';\nimport type Koa from 'koa';\nimport type { Core } from '@strapi/types';\n\ntype Config = ~~IParseOptions~~;\n\nconst defaults: Config = {\n strictNullHandling: true,\n arrayLimit: 100,\n depth: 20,\n};\n\n/*\n Body parser hook\n /\nconst addQsParser = (app: Koa, settings: Config) => {\n Object.defineProperty(app.request, 'query', {\n configurable: false,\n enumerable: true,\n /\n * Get parsed query-string.\n /\n get() {\n const qstr = this.querystring;\n this._querycache = this._querycache \|\| {};\n const cache = this._querycache;\n\n if (!cache[qstr]) {\n cache[qstr] = qs.parse(qstr, settings);\n }\n\n return cache[qstr];\n },\n\n /\n * Set query-string as an object.\n */\n set(obj) {\n this.querystring = qs.stringify(obj);\n },\n });\n\n return app;\n};\n\nexport const query: Core.MiddlewareFactory = (\n config: Partial<Config>,\n { strapi }: { strapi: Core.Strapi }\n) => {\n addQsParser(strapi.server.app, { ...defaults, ...config });\n};\n"],"names":["qs"],"mappings":";;;;;AAMA,MAAM,WAAmB;AAAA,EACvB,oBAAoB;AAAA,EACpB,YAAY;AAAA,EACZ,OAAO;AACT;AAKA,MAAM,cAAc,CAAC,KAAU,aAAqB;AAC3C,SAAA,eAAe,IAAI,SAAS,SAAS;AAAA,IAC1C,cAAc;AAAA,IACd,YAAY;AAAA;AAAA;AAAA;AAAA,IAIZ,MAAM;AACJ,YAAM,OAAO,KAAK;~~AACb~~,WAAA,cAAc,KAAK,eAAe,~~CAAA~~;~~AACvC~~,YAAM,QAAQ,KAAK;AAEf,UAAA,CAAC,MAAM,IAAI,GAAG;AAChB,cAAM,IAAI,IAAIA,YAAAA,QAAG,MAAM,MAAM,QAAQ;AAAA,~~MACvC~~;~~AAEA~~,aAAO,MAAM,IAAI;AAAA,IACnB;AAAA;AAAA;AAAA;AAAA,IAKA,IAAI,KAAK;AACF,WAAA,cAAcA,~~YAAAA~~,~~QAAG,~~UAAU,GAAG;AAAA,~~IACrC~~;AAAA,~~EAAA~~,~~CACD~~;~~AAEM~~,SAAA;AACT;AAEO,MAAM,QAAgC,CAC3C,QACA,EAAE,aACC;AACS,cAAA,OAAO,OAAO,KAAK,EAAE,GAAG,UAAU,GAAG,~~QAAQ~~;~~AAC3D~~;;"}
1	+ {"version":3,"file":"query.js","sources":["../../src/middlewares/query.ts"],"sourcesContent":["import qs from 'qs';\nimport type Koa from 'koa';\nimport type { Core } from '@strapi/types';\n\ntype Config = Parameters<typeof qs.parse>[1];\n\nconst defaults: Config = {\n strictNullHandling: true,\n arrayLimit: 100,\n depth: 20,\n};\n\n/*\n Body parser hook\n /\nconst addQsParser = (app: Koa, settings: Config) => {\n Object.defineProperty(app.request, 'query', {\n configurable: false,\n enumerable: true,\n /\n * Get parsed query-string.\n /\n get() {\n const qstr = this.querystring;\n\n this._querycache = this._querycache \|\| {};\n const cache = this._querycache;\n\n if (!cache[qstr]) {\n cache[qstr] = qs.parse(qstr, settings);\n }\n\n return cache[qstr];\n },\n\n /\n * Set query-string as an object.\n */\n set(obj) {\n this.querystring = qs.stringify(obj);\n },\n } satisfies PropertyDescriptor & ThisType<Koa.BaseRequest>);\n\n return app;\n};\n\nexport const query: Core.MiddlewareFactory = (\n config: Partial<Config>,\n { strapi }: { strapi: Core.Strapi }\n) => {\n addQsParser(strapi.server.app, { ...defaults, ...config } as Config);\n};\n"],"names":["qs"],"mappings":";;;;;AAMA,MAAM,WAAmB;AAAA,EACvB,oBAAoB;AAAA,EACpB,YAAY;AAAA,EACZ,OAAO;AACT;AAKA,MAAM,cAAc,CAAC,KAAU,aAAqB;AAC3C,SAAA,eAAe,IAAI,SAAS,SAAS;AAAA,IAC1C,cAAc;AAAA,IACd,YAAY;AAAA;AAAA;AAAA;AAAA,IAIZ,MAAM;AACJ,YAAM,OAAO,KAAK;AAEb,WAAA,cAAc,KAAK,eAAe,CAAC;AACxC,YAAM,QAAQ,KAAK;AAEf,UAAA,CAAC,MAAM,IAAI,GAAG;AAChB,cAAM,IAAI,IAAIA,YAAAA,QAAG,MAAM,MAAM,QAAQ;AAAA,MAAA;AAGvC,aAAO,MAAM,IAAI;AAAA,IACnB;AAAA;AAAA;AAAA;AAAA,IAKA,IAAI,KAAK;AACF,WAAA,cAAcA,oBAAG,UAAU,GAAG;AAAA,IAAA;AAAA,EACrC,CACwD;AAEnD,SAAA;AACT;AAEO,MAAM,QAAgC,CAC3C,QACA,EAAE,aACC;AACS,cAAA,OAAO,OAAO,KAAK,EAAE,GAAG,UAAU,GAAG,QAAkB;AACrE;;"}

package/dist/middlewares/query.mjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"query.mjs","sources":["../../src/middlewares/query.ts"],"sourcesContent":["import qs, ~~{ IParseOptions }~~ from 'qs';\nimport type Koa from 'koa';\nimport type { Core } from '@strapi/types';\n\ntype Config = ~~IParseOptions~~;\n\nconst defaults: Config = {\n strictNullHandling: true,\n arrayLimit: 100,\n depth: 20,\n};\n\n/*\n Body parser hook\n /\nconst addQsParser = (app: Koa, settings: Config) => {\n Object.defineProperty(app.request, 'query', {\n configurable: false,\n enumerable: true,\n /\n * Get parsed query-string.\n /\n get() {\n const qstr = this.querystring;\n this._querycache = this._querycache \|\| {};\n const cache = this._querycache;\n\n if (!cache[qstr]) {\n cache[qstr] = qs.parse(qstr, settings);\n }\n\n return cache[qstr];\n },\n\n /\n * Set query-string as an object.\n */\n set(obj) {\n this.querystring = qs.stringify(obj);\n },\n });\n\n return app;\n};\n\nexport const query: Core.MiddlewareFactory = (\n config: Partial<Config>,\n { strapi }: { strapi: Core.Strapi }\n) => {\n addQsParser(strapi.server.app, { ...defaults, ...config });\n};\n"],"names":[],"mappings":";AAMA,MAAM,WAAmB;AAAA,EACvB,oBAAoB;AAAA,EACpB,YAAY;AAAA,EACZ,OAAO;AACT;AAKA,MAAM,cAAc,CAAC,KAAU,aAAqB;AAC3C,SAAA,eAAe,IAAI,SAAS,SAAS;AAAA,IAC1C,cAAc;AAAA,IACd,YAAY;AAAA;AAAA;AAAA;AAAA,IAIZ,MAAM;AACJ,YAAM,OAAO,KAAK;~~AACb~~,WAAA,cAAc,KAAK,eAAe,~~CAAA~~;~~AACvC~~,YAAM,QAAQ,KAAK;AAEf,UAAA,CAAC,MAAM,IAAI,GAAG;AAChB,cAAM,IAAI,IAAI,GAAG,MAAM,MAAM,QAAQ;AAAA,~~MACvC~~;~~AAEA~~,aAAO,MAAM,IAAI;AAAA,IACnB;AAAA;AAAA;AAAA;AAAA,IAKA,IAAI,KAAK;AACF,WAAA,cAAc,GAAG,UAAU,GAAG;AAAA,~~IACrC~~;AAAA,~~EAAA~~,~~CACD~~;~~AAEM~~,SAAA;AACT;AAEO,MAAM,QAAgC,CAC3C,QACA,EAAE,aACC;AACS,cAAA,OAAO,OAAO,KAAK,EAAE,GAAG,UAAU,GAAG,~~QAAQ~~;~~AAC3D~~;"}
1	+ {"version":3,"file":"query.mjs","sources":["../../src/middlewares/query.ts"],"sourcesContent":["import qs from 'qs';\nimport type Koa from 'koa';\nimport type { Core } from '@strapi/types';\n\ntype Config = Parameters<typeof qs.parse>[1];\n\nconst defaults: Config = {\n strictNullHandling: true,\n arrayLimit: 100,\n depth: 20,\n};\n\n/*\n Body parser hook\n /\nconst addQsParser = (app: Koa, settings: Config) => {\n Object.defineProperty(app.request, 'query', {\n configurable: false,\n enumerable: true,\n /\n * Get parsed query-string.\n /\n get() {\n const qstr = this.querystring;\n\n this._querycache = this._querycache \|\| {};\n const cache = this._querycache;\n\n if (!cache[qstr]) {\n cache[qstr] = qs.parse(qstr, settings);\n }\n\n return cache[qstr];\n },\n\n /\n * Set query-string as an object.\n */\n set(obj) {\n this.querystring = qs.stringify(obj);\n },\n } satisfies PropertyDescriptor & ThisType<Koa.BaseRequest>);\n\n return app;\n};\n\nexport const query: Core.MiddlewareFactory = (\n config: Partial<Config>,\n { strapi }: { strapi: Core.Strapi }\n) => {\n addQsParser(strapi.server.app, { ...defaults, ...config } as Config);\n};\n"],"names":[],"mappings":";AAMA,MAAM,WAAmB;AAAA,EACvB,oBAAoB;AAAA,EACpB,YAAY;AAAA,EACZ,OAAO;AACT;AAKA,MAAM,cAAc,CAAC,KAAU,aAAqB;AAC3C,SAAA,eAAe,IAAI,SAAS,SAAS;AAAA,IAC1C,cAAc;AAAA,IACd,YAAY;AAAA;AAAA;AAAA;AAAA,IAIZ,MAAM;AACJ,YAAM,OAAO,KAAK;AAEb,WAAA,cAAc,KAAK,eAAe,CAAC;AACxC,YAAM,QAAQ,KAAK;AAEf,UAAA,CAAC,MAAM,IAAI,GAAG;AAChB,cAAM,IAAI,IAAI,GAAG,MAAM,MAAM,QAAQ;AAAA,MAAA;AAGvC,aAAO,MAAM,IAAI;AAAA,IACnB;AAAA;AAAA;AAAA;AAAA,IAKA,IAAI,KAAK;AACF,WAAA,cAAc,GAAG,UAAU,GAAG;AAAA,IAAA;AAAA,EACrC,CACwD;AAEnD,SAAA;AACT;AAEO,MAAM,QAAgC,CAC3C,QACA,EAAE,aACC;AACS,cAAA,OAAO,OAAO,KAAK,EAAE,GAAG,UAAU,GAAG,QAAkB;AACrE;"}

package/dist/middlewares/response-time.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"response-time.js","sources":["../../src/middlewares/response-time.ts"],"sourcesContent":["import type { Core } from '@strapi/types';\n\nexport const responseTime: Core.MiddlewareFactory = () => {\n return async (ctx, next) => {\n const start = Date.now();\n\n await next();\n\n const delta = Math.ceil(Date.now() - start);\n ctx.set('X-Response-Time', `${delta}ms`);\n };\n};\n"],"names":[],"mappings":";;AAEO,MAAM,eAAuC,MAAM;AACjD,SAAA,OAAO,KAAK,SAAS;AACpB,UAAA,QAAQ,KAAK;~~AAEnB~~,UAAM,KAAK;AAEX,UAAM,QAAQ,KAAK,KAAK,KAAK,~~IAAA~~,~~IAAQ,~~KAAK;AAC1C,QAAI,IAAI,mBAAmB,GAAG,KAAK,IAAI;AAAA,~~EAAA~~;~~AAE3C~~;;"}
1	+ {"version":3,"file":"response-time.js","sources":["../../src/middlewares/response-time.ts"],"sourcesContent":["import type { Core } from '@strapi/types';\n\nexport const responseTime: Core.MiddlewareFactory = () => {\n return async (ctx, next) => {\n const start = Date.now();\n\n await next();\n\n const delta = Math.ceil(Date.now() - start);\n ctx.set('X-Response-Time', `${delta}ms`);\n };\n};\n"],"names":[],"mappings":";;AAEO,MAAM,eAAuC,MAAM;AACjD,SAAA,OAAO,KAAK,SAAS;AACpB,UAAA,QAAQ,KAAK,IAAI;AAEvB,UAAM,KAAK;AAEX,UAAM,QAAQ,KAAK,KAAK,KAAK,QAAQ,KAAK;AAC1C,QAAI,IAAI,mBAAmB,GAAG,KAAK,IAAI;AAAA,EACzC;AACF;;"}

package/dist/middlewares/response-time.mjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"response-time.mjs","sources":["../../src/middlewares/response-time.ts"],"sourcesContent":["import type { Core } from '@strapi/types';\n\nexport const responseTime: Core.MiddlewareFactory = () => {\n return async (ctx, next) => {\n const start = Date.now();\n\n await next();\n\n const delta = Math.ceil(Date.now() - start);\n ctx.set('X-Response-Time', `${delta}ms`);\n };\n};\n"],"names":[],"mappings":"AAEO,MAAM,eAAuC,MAAM;AACjD,SAAA,OAAO,KAAK,SAAS;AACpB,UAAA,QAAQ,KAAK;~~AAEnB~~,UAAM,KAAK;AAEX,UAAM,QAAQ,KAAK,KAAK,KAAK,~~IAAA~~,~~IAAQ,~~KAAK;AAC1C,QAAI,IAAI,mBAAmB,GAAG,KAAK,IAAI;AAAA,~~EAAA~~;~~AAE3C~~;"}
1	+ {"version":3,"file":"response-time.mjs","sources":["../../src/middlewares/response-time.ts"],"sourcesContent":["import type { Core } from '@strapi/types';\n\nexport const responseTime: Core.MiddlewareFactory = () => {\n return async (ctx, next) => {\n const start = Date.now();\n\n await next();\n\n const delta = Math.ceil(Date.now() - start);\n ctx.set('X-Response-Time', `${delta}ms`);\n };\n};\n"],"names":[],"mappings":"AAEO,MAAM,eAAuC,MAAM;AACjD,SAAA,OAAO,KAAK,SAAS;AACpB,UAAA,QAAQ,KAAK,IAAI;AAEvB,UAAM,KAAK;AAEX,UAAM,QAAQ,KAAK,KAAK,KAAK,QAAQ,KAAK;AAC1C,QAAI,IAAI,mBAAmB,GAAG,KAAK,IAAI;AAAA,EACzC;AACF;"}

package/dist/middlewares/responses.js CHANGED Viewed

@@ -1,12 +1,12 @@
 "use strict";
 Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
-const _ = require("lodash/fp");
+const fp = require("lodash/fp");
 const responses = (config = {}) => {
   return async (ctx, next) => {
     await next();
     const { status } = ctx;
     const handler = config?.handlers?.[status];
-    if (_.isFunction(handler)) {
+    if (fp.isFunction(handler)) {
       await handler(ctx, next);
     }
   };

package/dist/middlewares/responses.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"responses.js","sources":["../../src/middlewares/responses.ts"],"sourcesContent":["import { isFunction } from 'lodash/fp';\nimport type { Core } from '@strapi/types';\n\nexport interface Config {\n handlers?: Record<number, Core.MiddlewareHandler>;\n}\n\nexport const responses: Core.MiddlewareFactory<Config> = (config = {}) => {\n return async (ctx, next) => {\n await next();\n\n const { status } = ctx;\n const handler = config?.handlers?.[status];\n\n if (isFunction(handler)) {\n await handler(ctx, next);\n }\n };\n};\n"],"names":["isFunction"],"mappings":";;;AAOO,MAAM,YAA4C,CAAC,SAAS,OAAO;AACjE,SAAA,OAAO,KAAK,SAAS;AAC1B,UAAM,KAAK;AAEL,UAAA,EAAE,~~OAAW,IAAA~~;AACb,UAAA,UAAU,QAAQ,WAAW,MAAM;AAErC,QAAAA,~~EAAAA~~,WAAW,OAAO,GAAG;AACjB,YAAA,QAAQ,KAAK,IAAI;AAAA,~~IACzB~~;AAAA,~~EAAA~~;~~AAEJ~~;;"}
1	+ {"version":3,"file":"responses.js","sources":["../../src/middlewares/responses.ts"],"sourcesContent":["import { isFunction } from 'lodash/fp';\nimport type { Core } from '@strapi/types';\n\nexport interface Config {\n handlers?: Record<number, Core.MiddlewareHandler>;\n}\n\nexport const responses: Core.MiddlewareFactory<Config> = (config = {}) => {\n return async (ctx, next) => {\n await next();\n\n const { status } = ctx;\n const handler = config?.handlers?.[status];\n\n if (isFunction(handler)) {\n await handler(ctx, next);\n }\n };\n};\n"],"names":["isFunction"],"mappings":";;;AAOO,MAAM,YAA4C,CAAC,SAAS,OAAO;AACjE,SAAA,OAAO,KAAK,SAAS;AAC1B,UAAM,KAAK;AAEL,UAAA,EAAE,WAAW;AACb,UAAA,UAAU,QAAQ,WAAW,MAAM;AAErC,QAAAA,GAAAA,WAAW,OAAO,GAAG;AACjB,YAAA,QAAQ,KAAK,IAAI;AAAA,IAAA;AAAA,EAE3B;AACF;;"}

package/dist/middlewares/responses.mjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"responses.mjs","sources":["../../src/middlewares/responses.ts"],"sourcesContent":["import { isFunction } from 'lodash/fp';\nimport type { Core } from '@strapi/types';\n\nexport interface Config {\n handlers?: Record<number, Core.MiddlewareHandler>;\n}\n\nexport const responses: Core.MiddlewareFactory<Config> = (config = {}) => {\n return async (ctx, next) => {\n await next();\n\n const { status } = ctx;\n const handler = config?.handlers?.[status];\n\n if (isFunction(handler)) {\n await handler(ctx, next);\n }\n };\n};\n"],"names":[],"mappings":";AAOO,MAAM,YAA4C,CAAC,SAAS,OAAO;AACjE,SAAA,OAAO,KAAK,SAAS;AAC1B,UAAM,KAAK;AAEL,UAAA,EAAE,~~OAAW,IAAA~~;AACb,UAAA,UAAU,QAAQ,WAAW,MAAM;AAErC,QAAA,WAAW,OAAO,GAAG;AACjB,YAAA,QAAQ,KAAK,IAAI;AAAA,~~IACzB~~;AAAA,~~EAAA~~;~~AAEJ~~;"}
1	+ {"version":3,"file":"responses.mjs","sources":["../../src/middlewares/responses.ts"],"sourcesContent":["import { isFunction } from 'lodash/fp';\nimport type { Core } from '@strapi/types';\n\nexport interface Config {\n handlers?: Record<number, Core.MiddlewareHandler>;\n}\n\nexport const responses: Core.MiddlewareFactory<Config> = (config = {}) => {\n return async (ctx, next) => {\n await next();\n\n const { status } = ctx;\n const handler = config?.handlers?.[status];\n\n if (isFunction(handler)) {\n await handler(ctx, next);\n }\n };\n};\n"],"names":[],"mappings":";AAOO,MAAM,YAA4C,CAAC,SAAS,OAAO;AACjE,SAAA,OAAO,KAAK,SAAS;AAC1B,UAAM,KAAK;AAEL,UAAA,EAAE,WAAW;AACb,UAAA,UAAU,QAAQ,WAAW,MAAM;AAErC,QAAA,WAAW,OAAO,GAAG;AACjB,YAAA,QAAQ,KAAK,IAAI;AAAA,IAAA;AAAA,EAE3B;AACF;"}

package/dist/middlewares/security.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"security.d.ts","sourceRoot":"","sources":["../../src/middlewares/security.ts"],"names":[],"mappings":"AACA,OAAe,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAE/C,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,eAAe,CAAC;AAE1C,MAAM,MAAM,MAAM,GAAG,WAAW,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;~~AA0B3D~~,eAAO,MAAM,QAAQ,EAAE,IAAI,CAAC,iBAAiB,CAAC,MAAM,~~CAkEjD~~,CAAC"}
1	+ {"version":3,"file":"security.d.ts","sourceRoot":"","sources":["../../src/middlewares/security.ts"],"names":[],"mappings":"AACA,OAAe,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAE/C,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,eAAe,CAAC;AAE1C,MAAM,MAAM,MAAM,GAAG,WAAW,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAkC3D,eAAO,MAAM,QAAQ,EAAE,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAmEjD,CAAC"}

package/dist/middlewares/security.js CHANGED Viewed

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
-const _ = require("lodash/fp");
+const fp = require("lodash/fp");
 const helmet = require("koa-helmet");
 const _interopDefault = (e) => e && e.__esModule ? e : { default: e };
 const helmet__default = /* @__PURE__ */ _interopDefault(helmet);
@@ -27,8 +27,15 @@ const defaults = {
     action: "sameorigin"
   }
 };
+const mergeConfig = (existingConfig, newConfig) => {
+  return fp.mergeWith(
+    (obj, src) => Array.isArray(obj) && Array.isArray(src) ? obj.concat(src) : void 0,
+    existingConfig,
+    newConfig
+  );
+};
 const security = (config, { strapi }) => (ctx, next) => {
-  let helmetConfig = _.defaultsDeep(defaults, config);
+  let helmetConfig = fp.defaultsDeep(defaults, config);
   const specialPaths = ["/documentation"];
   const directives = {
     "script-src": ["'self'", "'unsafe-inline'", "cdn.jsdelivr.net"],
@@ -47,7 +54,7 @@ const security = (config, { strapi }) => (ctx, next) => {
     directives["frame-src"].push("sandbox.embed.apollographql.com");
   }
   if (ctx.method === "GET" && specialPaths.some((str) => ctx.path.startsWith(str))) {
-    helmetConfig = _.merge(helmetConfig, {
+    helmetConfig = mergeConfig(helmetConfig, {
       crossOriginEmbedderPolicy: false,
       // TODO: only use this for graphql playground
       contentSecurityPolicy: {
@@ -55,8 +62,8 @@ const security = (config, { strapi }) => (ctx, next) => {
       }
     });
   }
-  if (process.env.NODE_ENV === "development" && ctx.method === "GET" && ["/admin"].some((str) => ctx.path.startsWith(str))) {
-    helmetConfig = _.merge(helmetConfig, {
+  if (["development", "test"].includes(process.env.NODE_ENV ?? "") && ctx.method === "GET" && ctx.path.startsWith(strapi.config.get("admin.path"))) {
+    helmetConfig = mergeConfig(helmetConfig, {
       contentSecurityPolicy: {
         directives: {
           "script-src": ["'self'", "'unsafe-inline'"],

package/dist/middlewares/security.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"security.js","sources":["../../src/middlewares/security.ts"],"sourcesContent":["import { defaultsDeep, ~~merge~~ } from 'lodash/fp';\nimport helmet, { KoaHelmet } from 'koa-helmet';\n\nimport type { Core } from '@strapi/types';\n\nexport type Config = NonNullable<Parameters<KoaHelmet>[0]>;\n\nconst defaults: Config = {\n crossOriginEmbedderPolicy: false,\n crossOriginOpenerPolicy: false,\n crossOriginResourcePolicy: false,\n originAgentCluster: false,\n contentSecurityPolicy: {\n useDefaults: true,\n directives: {\n 'connect-src': [\"'self'\", 'https:'],\n 'img-src': [\"'self'\", 'data:', 'blob:', 'https://market-assets.strapi.io'],\n 'media-src': [\"'self'\", 'data:', 'blob:'],\n upgradeInsecureRequests: null,\n },\n },\n xssFilter: false,\n hsts: {\n maxAge: 31536000,\n includeSubDomains: true,\n },\n frameguard: {\n action: 'sameorigin',\n },\n};\n\nexport const security: Core.MiddlewareFactory<Config> =\n (config, { strapi }) =>\n (ctx, next) => {\n let helmetConfig: Config = defaultsDeep(defaults, config);\n\n const specialPaths = ['/documentation'];\n\n const directives: {\n 'script-src': string[];\n 'img-src': string[];\n 'manifest-src': string[];\n 'frame-src': string[];\n } = {\n 'script-src': [\"'self'\", \"'unsafe-inline'\", 'cdn.jsdelivr.net'],\n 'img-src': [\"'self'\", 'data:', 'cdn.jsdelivr.net', 'strapi.io'],\n 'manifest-src': [],\n 'frame-src': [],\n };\n\n // if apollo graphql playground is enabled, add exceptions for it\n if (strapi.plugin('graphql')?.service('utils').playground.isEnabled()) {\n const { config: gqlConfig } = strapi.plugin('graphql');\n specialPaths.push(gqlConfig('endpoint'));\n\n directives['script-src'].push(`https: 'unsafe-inline'`);\n directives['img-src'].push(`'apollo-server-landing-page.cdn.apollographql.com'`);\n directives['manifest-src'].push(`'self'`);\n directives['manifest-src'].push('apollo-server-landing-page.cdn.apollographql.com');\n directives['frame-src'].push(`'self'`);\n directives['frame-src'].push('sandbox.embed.apollographql.com');\n }\n\n // TODO: we shouldn't combine playground exceptions with documentation for all routes, we should first check the path and then return exceptions specific to that\n if (ctx.method === 'GET' && specialPaths.some((str) => ctx.path.startsWith(str))) {\n helmetConfig = ~~merge~~(helmetConfig, {\n crossOriginEmbedderPolicy: false, // TODO: only use this for graphql playground\n contentSecurityPolicy: {\n directives,\n },\n });\n }\n\n /*\n These are for vite's watch mode so it can accurately\n * connect to the HMR websocket & reconnect on failure\n * or when the server restarts.\n \n It only applies in development, and only on GET requests\n * that are part of the admin route.\n */\n if (\n process.env.NODE_ENV ~~===~~ '~~development~~' &&\n ctx.method === 'GET' &&\n ~~['/admin'].some((str) =>~~ ctx.path.startsWith(~~str~~))\n ) {\n helmetConfig = ~~merge~~(helmetConfig, {\n contentSecurityPolicy: {\n directives: {\n 'script-src': [\"'self'\", \"'unsafe-inline'\"],\n 'connect-src': [\"'self'\", 'http:', 'https:', 'ws:'],\n },\n },\n });\n }\n\n return helmet(helmetConfig)(ctx, next);\n };\n"],"names":["~~defaultsDeep~~","~~merge~~","helmet"],"mappings":";;;;;;AAOA,MAAM,WAAmB;AAAA,EACvB,2BAA2B;AAAA,EAC3B,yBAAyB;AAAA,EACzB,2BAA2B;AAAA,EAC3B,oBAAoB;AAAA,EACpB,uBAAuB;AAAA,IACrB,aAAa;AAAA,IACb,YAAY;AAAA,MACV,eAAe,CAAC,UAAU,QAAQ;AAAA,MAClC,WAAW,CAAC,UAAU,SAAS,SAAS,iCAAiC;AAAA,MACzE,aAAa,CAAC,UAAU,SAAS,OAAO;AAAA,MACxC,yBAAyB;AAAA,~~IAC3B~~;AAAA,~~EACF~~;AAAA,EACA,WAAW;AAAA,EACX,MAAM;AAAA,IACJ,QAAQ;AAAA,IACR,mBAAmB;AAAA,EACrB;AAAA,EACA,YAAY;AAAA,IACV,QAAQ;AAAA,~~EACV~~;AACF;AAEa,MAAA,WACX,CAAC,QAAQ,EAAE,aACX,CAAC,KAAK,SAAS;AACT,MAAA,~~eAAuBA~~,~~EAAAA~~,aAAa,UAAU,MAAM;AAElD,QAAA,eAAe,CAAC,gBAAgB;AAEtC,QAAM,aAKF;AAAA,IACF,cAAc,CAAC,UAAU,mBAAmB,kBAAkB;AAAA,IAC9D,WAAW,CAAC,UAAU,SAAS,oBAAoB,WAAW;AAAA,IAC9D,gBAAgB,CAAC;AAAA,IACjB,aAAa,~~CAAC~~;AAAA,~~EAAA~~;~~AAIZ~~,MAAA,OAAO,OAAO,SAAS,GAAG,QAAQ,OAAO,EAAE,WAAW,aAAa;AACrE,UAAM,EAAE,QAAQ,UAAA,IAAc,OAAO,OAAO,SAAS;AACxC,iBAAA,KAAK,UAAU,UAAU,CAAC;AAE5B,eAAA,YAAY,EAAE,KAAK,wBAAwB;AAC3C,eAAA,SAAS,EAAE,KAAK,oDAAoD;AACpE,eAAA,cAAc,EAAE,KAAK,QAAQ;AAC7B,eAAA,cAAc,EAAE,KAAK,kDAAkD;AACvE,eAAA,WAAW,EAAE,KAAK,QAAQ;AAC1B,eAAA,WAAW,EAAE,KAAK,iCAAiC;AAAA,~~EAChE~~;~~AAGA~~,MAAI,IAAI,WAAW,SAAS,aAAa,KAAK,CAAC,QAAQ,IAAI,KAAK,WAAW,GAAG,CAAC,GAAG;AAChF,~~mBAAeC~~,~~QAAM~~,cAAc;AAAA,~~MACjC~~,2BAA2B;AAAA;AAAA,MAC3B,uBAAuB;AAAA,QACrB;AAAA,~~MACF~~;AAAA,~~IAAA~~,CACD;AAAA,~~EACH~~;~~AAUA~~,~~MACE~~,QAAQ,IAAI,~~aAAa~~,~~iBACzB~~,IAAI,WAAW,SACf,~~CAAC~~,~~QAAQ~~,~~EAAE~~,~~KAAK~~,~~CAAC~~,~~QAAQ,~~IAAI,~~KAAK~~,~~WAAW,GAAG,~~CAAC,~~GACjD~~;AACA,~~mBAAeA~~,~~QAAM~~,cAAc;AAAA,~~MACjC~~,uBAAuB;AAAA,QACrB,YAAY;AAAA,UACV,cAAc,CAAC,UAAU,iBAAiB;AAAA,UAC1C,eAAe,CAAC,UAAU,SAAS,UAAU,KAAK;AAAA,~~QACpD~~;AAAA,~~MACF~~;AAAA,~~IAAA~~,CACD;AAAA,~~EACH~~;~~AAEA~~,SAAOC,~~gBAAO~~,~~QAAA,~~YAAY,EAAE,KAAK,IAAI;AACvC;;"}
1	+ {"version":3,"file":"security.js","sources":["../../src/middlewares/security.ts"],"sourcesContent":["import { defaultsDeep, mergeWith } from 'lodash/fp';\nimport helmet, { KoaHelmet } from 'koa-helmet';\n\nimport type { Core } from '@strapi/types';\n\nexport type Config = NonNullable<Parameters<KoaHelmet>[0]>;\n\nconst defaults: Config = {\n crossOriginEmbedderPolicy: false,\n crossOriginOpenerPolicy: false,\n crossOriginResourcePolicy: false,\n originAgentCluster: false,\n contentSecurityPolicy: {\n useDefaults: true,\n directives: {\n 'connect-src': [\"'self'\", 'https:'],\n 'img-src': [\"'self'\", 'data:', 'blob:', 'https://market-assets.strapi.io'],\n 'media-src': [\"'self'\", 'data:', 'blob:'],\n upgradeInsecureRequests: null,\n },\n },\n xssFilter: false,\n hsts: {\n maxAge: 31536000,\n includeSubDomains: true,\n },\n frameguard: {\n action: 'sameorigin',\n },\n};\n\nconst mergeConfig = (existingConfig: Config, newConfig: Config) => {\n return mergeWith(\n (obj, src) => (Array.isArray(obj) && Array.isArray(src) ? obj.concat(src) : undefined),\n existingConfig,\n newConfig\n );\n};\n\nexport const security: Core.MiddlewareFactory<Config> =\n (config, { strapi }) =>\n (ctx, next) => {\n let helmetConfig: Config = defaultsDeep(defaults, config);\n\n const specialPaths = ['/documentation'];\n\n const directives: {\n 'script-src': string[];\n 'img-src': string[];\n 'manifest-src': string[];\n 'frame-src': string[];\n } = {\n 'script-src': [\"'self'\", \"'unsafe-inline'\", 'cdn.jsdelivr.net'],\n 'img-src': [\"'self'\", 'data:', 'cdn.jsdelivr.net', 'strapi.io'],\n 'manifest-src': [],\n 'frame-src': [],\n };\n\n // if apollo graphql playground is enabled, add exceptions for it\n if (strapi.plugin('graphql')?.service('utils').playground.isEnabled()) {\n const { config: gqlConfig } = strapi.plugin('graphql');\n specialPaths.push(gqlConfig('endpoint'));\n\n directives['script-src'].push(`https: 'unsafe-inline'`);\n directives['img-src'].push(`'apollo-server-landing-page.cdn.apollographql.com'`);\n directives['manifest-src'].push(`'self'`);\n directives['manifest-src'].push('apollo-server-landing-page.cdn.apollographql.com');\n directives['frame-src'].push(`'self'`);\n directives['frame-src'].push('sandbox.embed.apollographql.com');\n }\n\n // TODO: we shouldn't combine playground exceptions with documentation for all routes, we should first check the path and then return exceptions specific to that\n if (ctx.method === 'GET' && specialPaths.some((str) => ctx.path.startsWith(str))) {\n helmetConfig = mergeConfig(helmetConfig, {\n crossOriginEmbedderPolicy: false, // TODO: only use this for graphql playground\n contentSecurityPolicy: {\n directives,\n },\n });\n }\n\n /*\n These are for vite's watch mode so it can accurately\n * connect to the HMR websocket & reconnect on failure\n * or when the server restarts.\n \n It only applies in development, and only on GET requests\n * that are part of the admin route.\n */\n\n if (\n ['development', 'test'].includes(process.env.NODE_ENV ?? '') &&\n ctx.method === 'GET' &&\n ctx.path.startsWith(strapi.config.get('admin.path'))\n ) {\n helmetConfig = mergeConfig(helmetConfig, {\n contentSecurityPolicy: {\n directives: {\n 'script-src': [\"'self'\", \"'unsafe-inline'\"],\n 'connect-src': [\"'self'\", 'http:', 'https:', 'ws:'],\n },\n },\n });\n }\n\n return helmet(helmetConfig)(ctx, next);\n };\n"],"names":["mergeWith","defaultsDeep","helmet"],"mappings":";;;;;;AAOA,MAAM,WAAmB;AAAA,EACvB,2BAA2B;AAAA,EAC3B,yBAAyB;AAAA,EACzB,2BAA2B;AAAA,EAC3B,oBAAoB;AAAA,EACpB,uBAAuB;AAAA,IACrB,aAAa;AAAA,IACb,YAAY;AAAA,MACV,eAAe,CAAC,UAAU,QAAQ;AAAA,MAClC,WAAW,CAAC,UAAU,SAAS,SAAS,iCAAiC;AAAA,MACzE,aAAa,CAAC,UAAU,SAAS,OAAO;AAAA,MACxC,yBAAyB;AAAA,IAAA;AAAA,EAE7B;AAAA,EACA,WAAW;AAAA,EACX,MAAM;AAAA,IACJ,QAAQ;AAAA,IACR,mBAAmB;AAAA,EACrB;AAAA,EACA,YAAY;AAAA,IACV,QAAQ;AAAA,EAAA;AAEZ;AAEA,MAAM,cAAc,CAAC,gBAAwB,cAAsB;AAC1D,SAAAA,GAAA;AAAA,IACL,CAAC,KAAK,QAAS,MAAM,QAAQ,GAAG,KAAK,MAAM,QAAQ,GAAG,IAAI,IAAI,OAAO,GAAG,IAAI;AAAA,IAC5E;AAAA,IACA;AAAA,EACF;AACF;AAEa,MAAA,WACX,CAAC,QAAQ,EAAE,aACX,CAAC,KAAK,SAAS;AACT,MAAA,eAAuBC,GAAAA,aAAa,UAAU,MAAM;AAElD,QAAA,eAAe,CAAC,gBAAgB;AAEtC,QAAM,aAKF;AAAA,IACF,cAAc,CAAC,UAAU,mBAAmB,kBAAkB;AAAA,IAC9D,WAAW,CAAC,UAAU,SAAS,oBAAoB,WAAW;AAAA,IAC9D,gBAAgB,CAAC;AAAA,IACjB,aAAa,CAAA;AAAA,EACf;AAGI,MAAA,OAAO,OAAO,SAAS,GAAG,QAAQ,OAAO,EAAE,WAAW,aAAa;AACrE,UAAM,EAAE,QAAQ,UAAA,IAAc,OAAO,OAAO,SAAS;AACxC,iBAAA,KAAK,UAAU,UAAU,CAAC;AAE5B,eAAA,YAAY,EAAE,KAAK,wBAAwB;AAC3C,eAAA,SAAS,EAAE,KAAK,oDAAoD;AACpE,eAAA,cAAc,EAAE,KAAK,QAAQ;AAC7B,eAAA,cAAc,EAAE,KAAK,kDAAkD;AACvE,eAAA,WAAW,EAAE,KAAK,QAAQ;AAC1B,eAAA,WAAW,EAAE,KAAK,iCAAiC;AAAA,EAAA;AAIhE,MAAI,IAAI,WAAW,SAAS,aAAa,KAAK,CAAC,QAAQ,IAAI,KAAK,WAAW,GAAG,CAAC,GAAG;AAChF,mBAAe,YAAY,cAAc;AAAA,MACvC,2BAA2B;AAAA;AAAA,MAC3B,uBAAuB;AAAA,QACrB;AAAA,MAAA;AAAA,IACF,CACD;AAAA,EAAA;AAaD,MAAA,CAAC,eAAe,MAAM,EAAE,SAAS,QAAQ,IAAI,YAAY,EAAE,KAC3D,IAAI,WAAW,SACf,IAAI,KAAK,WAAW,OAAO,OAAO,IAAI,YAAY,CAAC,GACnD;AACA,mBAAe,YAAY,cAAc;AAAA,MACvC,uBAAuB;AAAA,QACrB,YAAY;AAAA,UACV,cAAc,CAAC,UAAU,iBAAiB;AAAA,UAC1C,eAAe,CAAC,UAAU,SAAS,UAAU,KAAK;AAAA,QAAA;AAAA,MACpD;AAAA,IACF,CACD;AAAA,EAAA;AAGH,SAAOC,wBAAO,YAAY,EAAE,KAAK,IAAI;AACvC;;"}

package/dist/middlewares/security.mjs CHANGED Viewed

@@ -1,4 +1,4 @@
-import { defaultsDeep, merge } from "lodash/fp";
+import { defaultsDeep, mergeWith } from "lodash/fp";
 import helmet from "koa-helmet";
 const defaults = {
   crossOriginEmbedderPolicy: false,
@@ -23,6 +23,13 @@ const defaults = {
     action: "sameorigin"
   }
 };
+const mergeConfig = (existingConfig, newConfig) => {
+  return mergeWith(
+    (obj, src) => Array.isArray(obj) && Array.isArray(src) ? obj.concat(src) : void 0,
+    existingConfig,
+    newConfig
+  );
+};
 const security = (config, { strapi }) => (ctx, next) => {
   let helmetConfig = defaultsDeep(defaults, config);
   const specialPaths = ["/documentation"];
@@ -43,7 +50,7 @@ const security = (config, { strapi }) => (ctx, next) => {
     directives["frame-src"].push("sandbox.embed.apollographql.com");
   }
   if (ctx.method === "GET" && specialPaths.some((str) => ctx.path.startsWith(str))) {
-    helmetConfig = merge(helmetConfig, {
+    helmetConfig = mergeConfig(helmetConfig, {
       crossOriginEmbedderPolicy: false,
       // TODO: only use this for graphql playground
       contentSecurityPolicy: {
@@ -51,8 +58,8 @@ const security = (config, { strapi }) => (ctx, next) => {
       }
     });
   }
-  if (process.env.NODE_ENV === "development" && ctx.method === "GET" && ["/admin"].some((str) => ctx.path.startsWith(str))) {
-    helmetConfig = merge(helmetConfig, {
+  if (["development", "test"].includes(process.env.NODE_ENV ?? "") && ctx.method === "GET" && ctx.path.startsWith(strapi.config.get("admin.path"))) {
+    helmetConfig = mergeConfig(helmetConfig, {
       contentSecurityPolicy: {
         directives: {
           "script-src": ["'self'", "'unsafe-inline'"],

package/dist/middlewares/security.mjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"security.mjs","sources":["../../src/middlewares/security.ts"],"sourcesContent":["import { defaultsDeep, ~~merge~~ } from 'lodash/fp';\nimport helmet, { KoaHelmet } from 'koa-helmet';\n\nimport type { Core } from '@strapi/types';\n\nexport type Config = NonNullable<Parameters<KoaHelmet>[0]>;\n\nconst defaults: Config = {\n crossOriginEmbedderPolicy: false,\n crossOriginOpenerPolicy: false,\n crossOriginResourcePolicy: false,\n originAgentCluster: false,\n contentSecurityPolicy: {\n useDefaults: true,\n directives: {\n 'connect-src': [\"'self'\", 'https:'],\n 'img-src': [\"'self'\", 'data:', 'blob:', 'https://market-assets.strapi.io'],\n 'media-src': [\"'self'\", 'data:', 'blob:'],\n upgradeInsecureRequests: null,\n },\n },\n xssFilter: false,\n hsts: {\n maxAge: 31536000,\n includeSubDomains: true,\n },\n frameguard: {\n action: 'sameorigin',\n },\n};\n\nexport const security: Core.MiddlewareFactory<Config> =\n (config, { strapi }) =>\n (ctx, next) => {\n let helmetConfig: Config = defaultsDeep(defaults, config);\n\n const specialPaths = ['/documentation'];\n\n const directives: {\n 'script-src': string[];\n 'img-src': string[];\n 'manifest-src': string[];\n 'frame-src': string[];\n } = {\n 'script-src': [\"'self'\", \"'unsafe-inline'\", 'cdn.jsdelivr.net'],\n 'img-src': [\"'self'\", 'data:', 'cdn.jsdelivr.net', 'strapi.io'],\n 'manifest-src': [],\n 'frame-src': [],\n };\n\n // if apollo graphql playground is enabled, add exceptions for it\n if (strapi.plugin('graphql')?.service('utils').playground.isEnabled()) {\n const { config: gqlConfig } = strapi.plugin('graphql');\n specialPaths.push(gqlConfig('endpoint'));\n\n directives['script-src'].push(`https: 'unsafe-inline'`);\n directives['img-src'].push(`'apollo-server-landing-page.cdn.apollographql.com'`);\n directives['manifest-src'].push(`'self'`);\n directives['manifest-src'].push('apollo-server-landing-page.cdn.apollographql.com');\n directives['frame-src'].push(`'self'`);\n directives['frame-src'].push('sandbox.embed.apollographql.com');\n }\n\n // TODO: we shouldn't combine playground exceptions with documentation for all routes, we should first check the path and then return exceptions specific to that\n if (ctx.method === 'GET' && specialPaths.some((str) => ctx.path.startsWith(str))) {\n helmetConfig = ~~merge~~(helmetConfig, {\n crossOriginEmbedderPolicy: false, // TODO: only use this for graphql playground\n contentSecurityPolicy: {\n directives,\n },\n });\n }\n\n /*\n These are for vite's watch mode so it can accurately\n * connect to the HMR websocket & reconnect on failure\n * or when the server restarts.\n \n It only applies in development, and only on GET requests\n * that are part of the admin route.\n */\n if (\n process.env.NODE_ENV ~~===~~ '~~development~~' &&\n ctx.method === 'GET' &&\n ~~['/admin'].some((str) =>~~ ctx.path.startsWith(~~str~~))\n ) {\n helmetConfig = ~~merge~~(helmetConfig, {\n contentSecurityPolicy: {\n directives: {\n 'script-src': [\"'self'\", \"'unsafe-inline'\"],\n 'connect-src': [\"'self'\", 'http:', 'https:', 'ws:'],\n },\n },\n });\n }\n\n return helmet(helmetConfig)(ctx, next);\n };\n"],"names":[],"mappings":";;AAOA,MAAM,WAAmB;AAAA,EACvB,2BAA2B;AAAA,EAC3B,yBAAyB;AAAA,EACzB,2BAA2B;AAAA,EAC3B,oBAAoB;AAAA,EACpB,uBAAuB;AAAA,IACrB,aAAa;AAAA,IACb,YAAY;AAAA,MACV,eAAe,CAAC,UAAU,QAAQ;AAAA,MAClC,WAAW,CAAC,UAAU,SAAS,SAAS,iCAAiC;AAAA,MACzE,aAAa,CAAC,UAAU,SAAS,OAAO;AAAA,MACxC,yBAAyB;AAAA,~~IAC3B~~;AAAA,~~EACF~~;AAAA,EACA,WAAW;AAAA,EACX,MAAM;AAAA,IACJ,QAAQ;AAAA,IACR,mBAAmB;AAAA,EACrB;AAAA,EACA,YAAY;AAAA,IACV,QAAQ;AAAA,~~EACV~~;AACF;AAEa,MAAA,WACX,CAAC,QAAQ,EAAE,aACX,CAAC,KAAK,SAAS;AACT,MAAA,eAAuB,aAAa,UAAU,MAAM;AAElD,QAAA,eAAe,CAAC,gBAAgB;AAEtC,QAAM,aAKF;AAAA,IACF,cAAc,CAAC,UAAU,mBAAmB,kBAAkB;AAAA,IAC9D,WAAW,CAAC,UAAU,SAAS,oBAAoB,WAAW;AAAA,IAC9D,gBAAgB,CAAC;AAAA,IACjB,aAAa,~~CAAC~~;AAAA,~~EAAA~~;~~AAIZ~~,MAAA,OAAO,OAAO,SAAS,GAAG,QAAQ,OAAO,EAAE,WAAW,aAAa;AACrE,UAAM,EAAE,QAAQ,UAAA,IAAc,OAAO,OAAO,SAAS;AACxC,iBAAA,KAAK,UAAU,UAAU,CAAC;AAE5B,eAAA,YAAY,EAAE,KAAK,wBAAwB;AAC3C,eAAA,SAAS,EAAE,KAAK,oDAAoD;AACpE,eAAA,cAAc,EAAE,KAAK,QAAQ;AAC7B,eAAA,cAAc,EAAE,KAAK,kDAAkD;AACvE,eAAA,WAAW,EAAE,KAAK,QAAQ;AAC1B,eAAA,WAAW,EAAE,KAAK,iCAAiC;AAAA,~~EAChE~~;~~AAGA~~,MAAI,IAAI,WAAW,SAAS,aAAa,KAAK,CAAC,QAAQ,IAAI,KAAK,WAAW,GAAG,CAAC,GAAG;AAChF,mBAAe,~~MAAM~~,cAAc;AAAA,~~MACjC~~,2BAA2B;AAAA;AAAA,MAC3B,uBAAuB;AAAA,QACrB;AAAA,~~MACF~~;AAAA,~~IAAA~~,CACD;AAAA,~~EACH~~;~~AAUA~~,~~MACE~~,QAAQ,IAAI,~~aAAa~~,~~iBACzB~~,IAAI,WAAW,SACf,~~CAAC~~,~~QAAQ~~,~~EAAE~~,~~KAAK~~,~~CAAC~~,~~QAAQ,~~IAAI,~~KAAK~~,~~WAAW,GAAG,~~CAAC,~~GACjD~~;AACA,mBAAe,~~MAAM~~,cAAc;AAAA,~~MACjC~~,uBAAuB;AAAA,QACrB,YAAY;AAAA,UACV,cAAc,CAAC,UAAU,iBAAiB;AAAA,UAC1C,eAAe,CAAC,UAAU,SAAS,UAAU,KAAK;AAAA,~~QACpD~~;AAAA,~~MACF~~;AAAA,~~IAAA~~,CACD;AAAA,~~EACH~~;~~AAEA~~,SAAO,OAAO,YAAY,EAAE,KAAK,IAAI;AACvC;"}
1	+ {"version":3,"file":"security.mjs","sources":["../../src/middlewares/security.ts"],"sourcesContent":["import { defaultsDeep, mergeWith } from 'lodash/fp';\nimport helmet, { KoaHelmet } from 'koa-helmet';\n\nimport type { Core } from '@strapi/types';\n\nexport type Config = NonNullable<Parameters<KoaHelmet>[0]>;\n\nconst defaults: Config = {\n crossOriginEmbedderPolicy: false,\n crossOriginOpenerPolicy: false,\n crossOriginResourcePolicy: false,\n originAgentCluster: false,\n contentSecurityPolicy: {\n useDefaults: true,\n directives: {\n 'connect-src': [\"'self'\", 'https:'],\n 'img-src': [\"'self'\", 'data:', 'blob:', 'https://market-assets.strapi.io'],\n 'media-src': [\"'self'\", 'data:', 'blob:'],\n upgradeInsecureRequests: null,\n },\n },\n xssFilter: false,\n hsts: {\n maxAge: 31536000,\n includeSubDomains: true,\n },\n frameguard: {\n action: 'sameorigin',\n },\n};\n\nconst mergeConfig = (existingConfig: Config, newConfig: Config) => {\n return mergeWith(\n (obj, src) => (Array.isArray(obj) && Array.isArray(src) ? obj.concat(src) : undefined),\n existingConfig,\n newConfig\n );\n};\n\nexport const security: Core.MiddlewareFactory<Config> =\n (config, { strapi }) =>\n (ctx, next) => {\n let helmetConfig: Config = defaultsDeep(defaults, config);\n\n const specialPaths = ['/documentation'];\n\n const directives: {\n 'script-src': string[];\n 'img-src': string[];\n 'manifest-src': string[];\n 'frame-src': string[];\n } = {\n 'script-src': [\"'self'\", \"'unsafe-inline'\", 'cdn.jsdelivr.net'],\n 'img-src': [\"'self'\", 'data:', 'cdn.jsdelivr.net', 'strapi.io'],\n 'manifest-src': [],\n 'frame-src': [],\n };\n\n // if apollo graphql playground is enabled, add exceptions for it\n if (strapi.plugin('graphql')?.service('utils').playground.isEnabled()) {\n const { config: gqlConfig } = strapi.plugin('graphql');\n specialPaths.push(gqlConfig('endpoint'));\n\n directives['script-src'].push(`https: 'unsafe-inline'`);\n directives['img-src'].push(`'apollo-server-landing-page.cdn.apollographql.com'`);\n directives['manifest-src'].push(`'self'`);\n directives['manifest-src'].push('apollo-server-landing-page.cdn.apollographql.com');\n directives['frame-src'].push(`'self'`);\n directives['frame-src'].push('sandbox.embed.apollographql.com');\n }\n\n // TODO: we shouldn't combine playground exceptions with documentation for all routes, we should first check the path and then return exceptions specific to that\n if (ctx.method === 'GET' && specialPaths.some((str) => ctx.path.startsWith(str))) {\n helmetConfig = mergeConfig(helmetConfig, {\n crossOriginEmbedderPolicy: false, // TODO: only use this for graphql playground\n contentSecurityPolicy: {\n directives,\n },\n });\n }\n\n /*\n These are for vite's watch mode so it can accurately\n * connect to the HMR websocket & reconnect on failure\n * or when the server restarts.\n \n It only applies in development, and only on GET requests\n * that are part of the admin route.\n */\n\n if (\n ['development', 'test'].includes(process.env.NODE_ENV ?? '') &&\n ctx.method === 'GET' &&\n ctx.path.startsWith(strapi.config.get('admin.path'))\n ) {\n helmetConfig = mergeConfig(helmetConfig, {\n contentSecurityPolicy: {\n directives: {\n 'script-src': [\"'self'\", \"'unsafe-inline'\"],\n 'connect-src': [\"'self'\", 'http:', 'https:', 'ws:'],\n },\n },\n });\n }\n\n return helmet(helmetConfig)(ctx, next);\n };\n"],"names":[],"mappings":";;AAOA,MAAM,WAAmB;AAAA,EACvB,2BAA2B;AAAA,EAC3B,yBAAyB;AAAA,EACzB,2BAA2B;AAAA,EAC3B,oBAAoB;AAAA,EACpB,uBAAuB;AAAA,IACrB,aAAa;AAAA,IACb,YAAY;AAAA,MACV,eAAe,CAAC,UAAU,QAAQ;AAAA,MAClC,WAAW,CAAC,UAAU,SAAS,SAAS,iCAAiC;AAAA,MACzE,aAAa,CAAC,UAAU,SAAS,OAAO;AAAA,MACxC,yBAAyB;AAAA,IAAA;AAAA,EAE7B;AAAA,EACA,WAAW;AAAA,EACX,MAAM;AAAA,IACJ,QAAQ;AAAA,IACR,mBAAmB;AAAA,EACrB;AAAA,EACA,YAAY;AAAA,IACV,QAAQ;AAAA,EAAA;AAEZ;AAEA,MAAM,cAAc,CAAC,gBAAwB,cAAsB;AAC1D,SAAA;AAAA,IACL,CAAC,KAAK,QAAS,MAAM,QAAQ,GAAG,KAAK,MAAM,QAAQ,GAAG,IAAI,IAAI,OAAO,GAAG,IAAI;AAAA,IAC5E;AAAA,IACA;AAAA,EACF;AACF;AAEa,MAAA,WACX,CAAC,QAAQ,EAAE,aACX,CAAC,KAAK,SAAS;AACT,MAAA,eAAuB,aAAa,UAAU,MAAM;AAElD,QAAA,eAAe,CAAC,gBAAgB;AAEtC,QAAM,aAKF;AAAA,IACF,cAAc,CAAC,UAAU,mBAAmB,kBAAkB;AAAA,IAC9D,WAAW,CAAC,UAAU,SAAS,oBAAoB,WAAW;AAAA,IAC9D,gBAAgB,CAAC;AAAA,IACjB,aAAa,CAAA;AAAA,EACf;AAGI,MAAA,OAAO,OAAO,SAAS,GAAG,QAAQ,OAAO,EAAE,WAAW,aAAa;AACrE,UAAM,EAAE,QAAQ,UAAA,IAAc,OAAO,OAAO,SAAS;AACxC,iBAAA,KAAK,UAAU,UAAU,CAAC;AAE5B,eAAA,YAAY,EAAE,KAAK,wBAAwB;AAC3C,eAAA,SAAS,EAAE,KAAK,oDAAoD;AACpE,eAAA,cAAc,EAAE,KAAK,QAAQ;AAC7B,eAAA,cAAc,EAAE,KAAK,kDAAkD;AACvE,eAAA,WAAW,EAAE,KAAK,QAAQ;AAC1B,eAAA,WAAW,EAAE,KAAK,iCAAiC;AAAA,EAAA;AAIhE,MAAI,IAAI,WAAW,SAAS,aAAa,KAAK,CAAC,QAAQ,IAAI,KAAK,WAAW,GAAG,CAAC,GAAG;AAChF,mBAAe,YAAY,cAAc;AAAA,MACvC,2BAA2B;AAAA;AAAA,MAC3B,uBAAuB;AAAA,QACrB;AAAA,MAAA;AAAA,IACF,CACD;AAAA,EAAA;AAaD,MAAA,CAAC,eAAe,MAAM,EAAE,SAAS,QAAQ,IAAI,YAAY,EAAE,KAC3D,IAAI,WAAW,SACf,IAAI,KAAK,WAAW,OAAO,OAAO,IAAI,YAAY,CAAC,GACnD;AACA,mBAAe,YAAY,cAAc;AAAA,MACvC,uBAAuB;AAAA,QACrB,YAAY;AAAA,UACV,cAAc,CAAC,UAAU,iBAAiB;AAAA,UAC1C,eAAe,CAAC,UAAU,SAAS,UAAU,KAAK;AAAA,QAAA;AAAA,MACpD;AAAA,IACF,CACD;AAAA,EAAA;AAGH,SAAO,OAAO,YAAY,EAAE,KAAK,IAAI;AACvC;"}

package/dist/middlewares/session.js CHANGED Viewed

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
-const _ = require("lodash/fp");
+const fp = require("lodash/fp");
 const koaSession = require("koa-session");
 const _interopDefault = (e) => e && e.__esModule ? e : { default: e };
 const koaSession__default = /* @__PURE__ */ _interopDefault(koaSession);
@@ -18,7 +18,7 @@ const defaultConfig = {
 };
 const session = (userConfig, { strapi }) => {
   const { keys } = strapi.server.app;
-  if (!_.isArray(keys) || _.isEmpty(keys) || keys.some(_.isEmpty)) {
+  if (!fp.isArray(keys) || fp.isEmpty(keys) || keys.some(fp.isEmpty)) {
     throw new Error(
       `App keys are required. Please set app.keys in config/server.js (ex: keys: ['myKeyA', 'myKeyB'])`
     );

package/dist/middlewares/session.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"session.js","sources":["../../src/middlewares/session.ts"],"sourcesContent":["import { isEmpty, isArray } from 'lodash/fp';\nimport koaSession from 'koa-session';\nimport type { Core } from '@strapi/types';\n\nconst defaultConfig = {\n key: 'koa.sess',\n maxAge: 86400000,\n autoCommit: true,\n overwrite: true,\n httpOnly: true,\n signed: true,\n rolling: false,\n renew: false,\n secure: process.env.NODE_ENV === 'production',\n sameSite: undefined,\n};\n\nexport const session: Core.MiddlewareFactory<Partial<koaSession.opts>> = (\n userConfig,\n { strapi }\n) => {\n const { keys } = strapi.server.app;\n if (!isArray(keys) \|\| isEmpty(keys) \|\| keys.some(isEmpty)) {\n throw new Error(\n `App keys are required. Please set app.keys in config/server.js (ex: keys: ['myKeyA', 'myKeyB'])`\n );\n }\n\n const config: Partial<koaSession.opts> = { ...defaultConfig, ...userConfig };\n\n strapi.server.use(koaSession(config, strapi.server.app));\n};\n"],"names":["isArray","isEmpty","koaSession"],"mappings":";;;;;;AAIA,MAAM,gBAAgB;AAAA,EACpB,KAAK;AAAA,EACL,QAAQ;AAAA,EACR,YAAY;AAAA,EACZ,WAAW;AAAA,EACX,UAAU;AAAA,EACV,QAAQ;AAAA,EACR,SAAS;AAAA,EACT,OAAO;AAAA,EACP,QAAQ,QAAQ,IAAI,aAAa;AAAA,EACjC,UAAU;AACZ;AAEO,MAAM,UAA4D,CACvE,YACA,EAAE,aACC;AACH,QAAM,EAAE,~~KAAS~~,~~IAAA~~,OAAO,OAAO;AAC3B,MAAA,CAACA,~~EAAAA~~,QAAQ,IAAI,KAAKC,~~EAAA~~,QAAQ,IAAI,KAAK,KAAK,KAAKA,~~EAAAA~~,OAAO,GAAG;AACzD,UAAM,IAAI;AAAA,MACR;AAAA,~~IAAA~~;AAAA,~~EAEJ~~;~~AAEA~~,QAAM,SAAmC,EAAE,GAAG,eAAe,GAAG,WAAW;AAE3E,SAAO,OAAO,IAAIC,oBAAA,QAAW,QAAQ,OAAO,OAAO,GAAG,CAAC;AACzD;;"}
1	+ {"version":3,"file":"session.js","sources":["../../src/middlewares/session.ts"],"sourcesContent":["import { isEmpty, isArray } from 'lodash/fp';\nimport koaSession from 'koa-session';\nimport type { Core } from '@strapi/types';\n\nconst defaultConfig = {\n key: 'koa.sess',\n maxAge: 86400000,\n autoCommit: true,\n overwrite: true,\n httpOnly: true,\n signed: true,\n rolling: false,\n renew: false,\n secure: process.env.NODE_ENV === 'production',\n sameSite: undefined,\n};\n\nexport const session: Core.MiddlewareFactory<Partial<koaSession.opts>> = (\n userConfig,\n { strapi }\n) => {\n const { keys } = strapi.server.app;\n if (!isArray(keys) \|\| isEmpty(keys) \|\| keys.some(isEmpty)) {\n throw new Error(\n `App keys are required. Please set app.keys in config/server.js (ex: keys: ['myKeyA', 'myKeyB'])`\n );\n }\n\n const config: Partial<koaSession.opts> = { ...defaultConfig, ...userConfig };\n\n strapi.server.use(koaSession(config, strapi.server.app));\n};\n"],"names":["isArray","isEmpty","koaSession"],"mappings":";;;;;;AAIA,MAAM,gBAAgB;AAAA,EACpB,KAAK;AAAA,EACL,QAAQ;AAAA,EACR,YAAY;AAAA,EACZ,WAAW;AAAA,EACX,UAAU;AAAA,EACV,QAAQ;AAAA,EACR,SAAS;AAAA,EACT,OAAO;AAAA,EACP,QAAQ,QAAQ,IAAI,aAAa;AAAA,EACjC,UAAU;AACZ;AAEO,MAAM,UAA4D,CACvE,YACA,EAAE,aACC;AACH,QAAM,EAAE,KAAA,IAAS,OAAO,OAAO;AAC3B,MAAA,CAACA,GAAAA,QAAQ,IAAI,KAAKC,GAAA,QAAQ,IAAI,KAAK,KAAK,KAAKA,GAAAA,OAAO,GAAG;AACzD,UAAM,IAAI;AAAA,MACR;AAAA,IACF;AAAA,EAAA;AAGF,QAAM,SAAmC,EAAE,GAAG,eAAe,GAAG,WAAW;AAE3E,SAAO,OAAO,IAAIC,oBAAA,QAAW,QAAQ,OAAO,OAAO,GAAG,CAAC;AACzD;;"}

package/dist/middlewares/session.mjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"session.mjs","sources":["../../src/middlewares/session.ts"],"sourcesContent":["import { isEmpty, isArray } from 'lodash/fp';\nimport koaSession from 'koa-session';\nimport type { Core } from '@strapi/types';\n\nconst defaultConfig = {\n key: 'koa.sess',\n maxAge: 86400000,\n autoCommit: true,\n overwrite: true,\n httpOnly: true,\n signed: true,\n rolling: false,\n renew: false,\n secure: process.env.NODE_ENV === 'production',\n sameSite: undefined,\n};\n\nexport const session: Core.MiddlewareFactory<Partial<koaSession.opts>> = (\n userConfig,\n { strapi }\n) => {\n const { keys } = strapi.server.app;\n if (!isArray(keys) \|\| isEmpty(keys) \|\| keys.some(isEmpty)) {\n throw new Error(\n `App keys are required. Please set app.keys in config/server.js (ex: keys: ['myKeyA', 'myKeyB'])`\n );\n }\n\n const config: Partial<koaSession.opts> = { ...defaultConfig, ...userConfig };\n\n strapi.server.use(koaSession(config, strapi.server.app));\n};\n"],"names":[],"mappings":";;AAIA,MAAM,gBAAgB;AAAA,EACpB,KAAK;AAAA,EACL,QAAQ;AAAA,EACR,YAAY;AAAA,EACZ,WAAW;AAAA,EACX,UAAU;AAAA,EACV,QAAQ;AAAA,EACR,SAAS;AAAA,EACT,OAAO;AAAA,EACP,QAAQ,QAAQ,IAAI,aAAa;AAAA,EACjC,UAAU;AACZ;AAEO,MAAM,UAA4D,CACvE,YACA,EAAE,aACC;AACH,QAAM,EAAE,~~KAAS~~,~~IAAA~~,OAAO,OAAO;AAC3B,MAAA,CAAC,QAAQ,IAAI,KAAK,QAAQ,IAAI,KAAK,KAAK,KAAK,OAAO,GAAG;AACzD,UAAM,IAAI;AAAA,MACR;AAAA,~~IAAA~~;AAAA,~~EAEJ~~;~~AAEA~~,QAAM,SAAmC,EAAE,GAAG,eAAe,GAAG,WAAW;AAE3E,SAAO,OAAO,IAAI,WAAW,QAAQ,OAAO,OAAO,GAAG,CAAC;AACzD;"}
1	+ {"version":3,"file":"session.mjs","sources":["../../src/middlewares/session.ts"],"sourcesContent":["import { isEmpty, isArray } from 'lodash/fp';\nimport koaSession from 'koa-session';\nimport type { Core } from '@strapi/types';\n\nconst defaultConfig = {\n key: 'koa.sess',\n maxAge: 86400000,\n autoCommit: true,\n overwrite: true,\n httpOnly: true,\n signed: true,\n rolling: false,\n renew: false,\n secure: process.env.NODE_ENV === 'production',\n sameSite: undefined,\n};\n\nexport const session: Core.MiddlewareFactory<Partial<koaSession.opts>> = (\n userConfig,\n { strapi }\n) => {\n const { keys } = strapi.server.app;\n if (!isArray(keys) \|\| isEmpty(keys) \|\| keys.some(isEmpty)) {\n throw new Error(\n `App keys are required. Please set app.keys in config/server.js (ex: keys: ['myKeyA', 'myKeyB'])`\n );\n }\n\n const config: Partial<koaSession.opts> = { ...defaultConfig, ...userConfig };\n\n strapi.server.use(koaSession(config, strapi.server.app));\n};\n"],"names":[],"mappings":";;AAIA,MAAM,gBAAgB;AAAA,EACpB,KAAK;AAAA,EACL,QAAQ;AAAA,EACR,YAAY;AAAA,EACZ,WAAW;AAAA,EACX,UAAU;AAAA,EACV,QAAQ;AAAA,EACR,SAAS;AAAA,EACT,OAAO;AAAA,EACP,QAAQ,QAAQ,IAAI,aAAa;AAAA,EACjC,UAAU;AACZ;AAEO,MAAM,UAA4D,CACvE,YACA,EAAE,aACC;AACH,QAAM,EAAE,KAAA,IAAS,OAAO,OAAO;AAC3B,MAAA,CAAC,QAAQ,IAAI,KAAK,QAAQ,IAAI,KAAK,KAAK,KAAK,OAAO,GAAG;AACzD,UAAM,IAAI;AAAA,MACR;AAAA,IACF;AAAA,EAAA;AAGF,QAAM,SAAmC,EAAE,GAAG,eAAe,GAAG,WAAW;AAE3E,SAAO,OAAO,IAAI,WAAW,QAAQ,OAAO,OAAO,GAAG,CAAC;AACzD;"}

package/dist/migrations/database/5.0.0-discard-drafts.d.ts ADDED Viewed

@@ -0,0 +1,33 @@
+/**
+ * This migration is responsible for creating the draft counterpart for all the entries that were in a published state.
+ *
+ * In v4, entries could either be in a draft or published state, but not both at the same time.
+ * In v5, we introduced the concept of document, and an entry can be in a draft or published state.
+ *
+ * This means the migration needs to create the draft counterpart if an entry was published.
+ *
+ * This migration performs the following steps:
+ * 1. Creates draft entries for all published entries, without it's components, dynamic zones or relations.
+ * 2. Using the document service, discard those same drafts to copy its relations.
+ */
+import type { Database, Migration } from '@strapi/database';
+type DocumentVersion = {
+    documentId: string;
+    locale: string;
+};
+type Knex = Parameters<Migration['up']>[0];
+/**
+ * Load a batch of versions to discard.
+ *
+ * Versions with only a draft version will be ignored.
+ * Only versions with a published version (which always have a draft version) will be discarded.
+ */
+export declare function getBatchToDiscard({ db, trx, uid, defaultBatchSize, }: {
+    db: Database;
+    trx: Knex;
+    uid: string;
+    defaultBatchSize?: number;
+}): AsyncGenerator<DocumentVersion[], void, unknown>;
+export declare const discardDocumentDrafts: Migration;
+export {};
+//# sourceMappingURL=5.0.0-discard-drafts.d.ts.map

package/dist/migrations/database/5.0.0-discard-drafts.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"5.0.0-discard-drafts.d.ts","sourceRoot":"","sources":["../../../src/migrations/database/5.0.0-discard-drafts.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAIH,OAAO,KAAK,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAI5D,KAAK,eAAe,GAAG;IAAE,UAAU,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,MAAM,CAAA;CAAE,CAAC;AAC9D,KAAK,IAAI,GAAG,UAAU,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAqF3C;;;;;GAKG;AACH,wBAAuB,iBAAiB,CAAC,EACvC,EAAE,EACF,GAAG,EACH,GAAG,EACH,gBAAuB,GACxB,EAAE;IACD,EAAE,EAAE,QAAQ,CAAC;IACb,GAAG,EAAE,IAAI,CAAC;IACV,GAAG,EAAE,MAAM,CAAC;IACZ,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B,oDAgCA;AA2DD,eAAO,MAAM,qBAAqB,EAAE,SAQnC,CAAC"}