@strapi/core 0.0.0-experimental.da76e83c9180ce7e4ab187aece17ea6bf19c783c → 0.0.0-experimental.da850ac6030a73229550aab5ce80ce47be683429

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of @strapi/core might be problematic. Click here for more details.

Files changed (115) hide show
  1. package/dist/Strapi.d.ts +1 -0
  2. package/dist/Strapi.d.ts.map +1 -1
  3. package/dist/Strapi.js +21 -2
  4. package/dist/Strapi.js.map +1 -1
  5. package/dist/Strapi.mjs +21 -2
  6. package/dist/Strapi.mjs.map +1 -1
  7. package/dist/constants.d.ts +3 -0
  8. package/dist/constants.d.ts.map +1 -0
  9. package/dist/constants.js +6 -0
  10. package/dist/constants.js.map +1 -0
  11. package/dist/constants.mjs +4 -0
  12. package/dist/constants.mjs.map +1 -0
  13. package/dist/core-api/controller/index.d.ts.map +1 -1
  14. package/dist/core-api/controller/index.js +2 -1
  15. package/dist/core-api/controller/index.js.map +1 -1
  16. package/dist/core-api/controller/index.mjs +2 -1
  17. package/dist/core-api/controller/index.mjs.map +1 -1
  18. package/dist/core-api/controller/transform.d.ts +3 -2
  19. package/dist/core-api/controller/transform.d.ts.map +1 -1
  20. package/dist/core-api/controller/transform.js +13 -3
  21. package/dist/core-api/controller/transform.js.map +1 -1
  22. package/dist/core-api/controller/transform.mjs +13 -3
  23. package/dist/core-api/controller/transform.mjs.map +1 -1
  24. package/dist/core-api/routes/validation/attributes.d.ts +1 -1
  25. package/dist/core-api/routes/validation/mappers.d.ts.map +1 -1
  26. package/dist/core-api/routes/validation/mappers.js +35 -0
  27. package/dist/core-api/routes/validation/mappers.js.map +1 -1
  28. package/dist/core-api/routes/validation/mappers.mjs +35 -0
  29. package/dist/core-api/routes/validation/mappers.mjs.map +1 -1
  30. package/dist/core-api/routes/validation/utils.d.ts.map +1 -1
  31. package/dist/core-api/routes/validation/utils.js +22 -6
  32. package/dist/core-api/routes/validation/utils.js.map +1 -1
  33. package/dist/core-api/routes/validation/utils.mjs +22 -6
  34. package/dist/core-api/routes/validation/utils.mjs.map +1 -1
  35. package/dist/loaders/plugins/index.js +1 -1
  36. package/dist/loaders/plugins/index.js.map +1 -1
  37. package/dist/loaders/plugins/index.mjs +1 -1
  38. package/dist/loaders/plugins/index.mjs.map +1 -1
  39. package/dist/middlewares/security.d.ts.map +1 -1
  40. package/dist/middlewares/security.js +2 -15
  41. package/dist/middlewares/security.js.map +1 -1
  42. package/dist/middlewares/security.mjs +2 -15
  43. package/dist/middlewares/security.mjs.map +1 -1
  44. package/dist/package.json.js +13 -11
  45. package/dist/package.json.js.map +1 -1
  46. package/dist/package.json.mjs +13 -11
  47. package/dist/package.json.mjs.map +1 -1
  48. package/dist/providers/index.d.ts.map +1 -1
  49. package/dist/providers/index.js +2 -0
  50. package/dist/providers/index.js.map +1 -1
  51. package/dist/providers/index.mjs +2 -0
  52. package/dist/providers/index.mjs.map +1 -1
  53. package/dist/providers/session-manager.d.ts +3 -0
  54. package/dist/providers/session-manager.d.ts.map +1 -0
  55. package/dist/providers/session-manager.js +23 -0
  56. package/dist/providers/session-manager.js.map +1 -0
  57. package/dist/providers/session-manager.mjs +21 -0
  58. package/dist/providers/session-manager.mjs.map +1 -0
  59. package/dist/services/content-api/index.d.ts +1 -1
  60. package/dist/services/content-api/index.d.ts.map +1 -1
  61. package/dist/services/content-api/index.js +1 -1
  62. package/dist/services/content-api/index.js.map +1 -1
  63. package/dist/services/content-api/index.mjs +2 -2
  64. package/dist/services/content-api/index.mjs.map +1 -1
  65. package/dist/services/content-source-maps.d.ts +13 -0
  66. package/dist/services/content-source-maps.d.ts.map +1 -0
  67. package/dist/services/content-source-maps.js +108 -0
  68. package/dist/services/content-source-maps.js.map +1 -0
  69. package/dist/services/content-source-maps.mjs +106 -0
  70. package/dist/services/content-source-maps.mjs.map +1 -0
  71. package/dist/services/document-service/components.d.ts +31 -1
  72. package/dist/services/document-service/components.d.ts.map +1 -1
  73. package/dist/services/document-service/components.js +109 -0
  74. package/dist/services/document-service/components.js.map +1 -1
  75. package/dist/services/document-service/components.mjs +107 -1
  76. package/dist/services/document-service/components.mjs.map +1 -1
  77. package/dist/services/document-service/repository.d.ts.map +1 -1
  78. package/dist/services/document-service/repository.js +4 -0
  79. package/dist/services/document-service/repository.js.map +1 -1
  80. package/dist/services/document-service/repository.mjs +5 -1
  81. package/dist/services/document-service/repository.mjs.map +1 -1
  82. package/dist/services/document-service/utils/clean-component-join-table.d.ts +7 -0
  83. package/dist/services/document-service/utils/clean-component-join-table.d.ts.map +1 -0
  84. package/dist/services/document-service/utils/clean-component-join-table.js +145 -0
  85. package/dist/services/document-service/utils/clean-component-join-table.js.map +1 -0
  86. package/dist/services/document-service/utils/clean-component-join-table.mjs +143 -0
  87. package/dist/services/document-service/utils/clean-component-join-table.mjs.map +1 -0
  88. package/dist/services/document-service/utils/unidirectional-relations.d.ts +19 -2
  89. package/dist/services/document-service/utils/unidirectional-relations.d.ts.map +1 -1
  90. package/dist/services/document-service/utils/unidirectional-relations.js +21 -6
  91. package/dist/services/document-service/utils/unidirectional-relations.js.map +1 -1
  92. package/dist/services/document-service/utils/unidirectional-relations.mjs +21 -6
  93. package/dist/services/document-service/utils/unidirectional-relations.mjs.map +1 -1
  94. package/dist/services/metrics/index.js +2 -1
  95. package/dist/services/metrics/index.js.map +1 -1
  96. package/dist/services/metrics/index.mjs +2 -1
  97. package/dist/services/metrics/index.mjs.map +1 -1
  98. package/dist/services/metrics/middleware.d.ts +2 -1
  99. package/dist/services/metrics/middleware.d.ts.map +1 -1
  100. package/dist/services/metrics/middleware.js +2 -2
  101. package/dist/services/metrics/middleware.js.map +1 -1
  102. package/dist/services/metrics/middleware.mjs +2 -2
  103. package/dist/services/metrics/middleware.mjs.map +1 -1
  104. package/dist/services/metrics/sender.d.ts.map +1 -1
  105. package/dist/services/metrics/sender.js +2 -1
  106. package/dist/services/metrics/sender.js.map +1 -1
  107. package/dist/services/metrics/sender.mjs +2 -1
  108. package/dist/services/metrics/sender.mjs.map +1 -1
  109. package/dist/services/session-manager.d.ts +167 -0
  110. package/dist/services/session-manager.d.ts.map +1 -0
  111. package/dist/services/session-manager.js +529 -0
  112. package/dist/services/session-manager.js.map +1 -0
  113. package/dist/services/session-manager.mjs +526 -0
  114. package/dist/services/session-manager.mjs.map +1 -0
  115. package/package.json +13 -11
package/dist/core-api/routes/validation/utils.mjs CHANGED
@@ -1,6 +1,7 @@
1
1
  import { transformUidToValidOpenApiName } from '@strapi/utils';
2
2
  import * as z from 'zod/v4';
3
3
 
4
+ // Schema generation happens on-demand when schemas don't exist in the registry
4
5
  /**
5
6
  * Safely adds or updates a schema in Zod's global registry.
6
7
  *
@@ -18,13 +19,13 @@ import * as z from 'zod/v4';
18
19
  try {
19
20
  const { _idmap: idMap } = z.globalRegistry;
20
21
  const transformedId = transformUidToValidOpenApiName(id);
21
- if (idMap.has(transformedId)) {
22
+ const isReplacing = idMap.has(transformedId);
23
+ if (isReplacing) {
22
24
  // Remove existing schema to prevent conflicts
23
- strapi.log.debug(`Removing existing schema ${transformedId} from registry`);
24
25
  idMap.delete(transformedId);
25
26
  }
26
27
  // Register the new schema with the transformed ID
27
- strapi.log.debug(`Registering schema ${transformedId} in global registry`);
28
+ strapi.log.debug(`${isReplacing ? 'Replacing' : 'Registering'} schema ${transformedId} in global registry`);
28
29
  z.globalRegistry.add(schema, {
29
30
  id: transformedId
30
31
  });
@@ -67,10 +68,20 @@ import * as z from 'zod/v4';
67
68
  // Return existing schema if already registered
68
69
  const mapItem = idMap.get(transformedId);
69
70
  if (mapItem) {
70
- strapi.log.debug(`Schema ${transformedId} found in registry, returning existing schema`);
71
+ // Schema already exists, return it silently
71
72
  return mapItem;
72
73
  }
73
- strapi.log.warn(`Schema ${transformedId} not found in global registry, creating an any placeholder`);
74
+ strapi.log.debug(`Schema ${transformedId} not found in registry, generating new schema`);
75
+ // Determine if this is a built-in schema or user content
76
+ const isBuiltInSchema = id.startsWith('plugin::') || id.startsWith('admin');
77
+ if (isBuiltInSchema) {
78
+ // Built-in schemas keep at debug level to avoid clutter
79
+ strapi.log.debug(`Initializing validation schema for ${transformedId}`);
80
+ } else {
81
+ // User content
82
+ const schemaName = transformedId.replace('Document', '').replace('Entry', '').replace(/([A-Z])/g, ' $1').trim();
83
+ strapi.log.debug(`📝 Generating validation schema for "${schemaName}"`);
84
+ }
74
85
  // Temporary any placeholder before replacing with the actual schema type
75
86
  // Used to prevent infinite loops in cyclical data structures
76
87
  safeGlobalRegistrySet(id, z.any());
@@ -78,7 +89,12 @@ import * as z from 'zod/v4';
78
89
  const schema = callback();
79
90
  // Replace the placeholder with the real schema
80
91
  safeGlobalRegistrySet(id, schema);
81
- strapi.log.debug(`Schema ${transformedId} successfully created and registered`);
92
+ // Show completion for user content only
93
+ if (!isBuiltInSchema) {
94
+ const fieldCount = Object.keys(schema?._def?.shape || {}).length || 0;
95
+ const schemaName = transformedId.replace('Document', '').replace('Entry', '').replace(/([A-Z])/g, ' $1').trim();
96
+ strapi.log.debug(` ✅ "${schemaName}" schema created with ${fieldCount} fields`);
97
+ }
82
98
  return schema;
83
99
  } catch (error) {
84
100
  strapi.log.error(`Schema creation failed: Failed to create schema ${id}`);
package/dist/core-api/routes/validation/utils.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"utils.mjs","sources":["../../../../src/core-api/routes/validation/utils.ts"],"sourcesContent":["import { transformUidToValidOpenApiName } from '@strapi/utils';\nimport type { Internal } from '@strapi/types';\nimport * as z from 'zod/v4';\n\n/**\n * Safely adds or updates a schema in Zod's global registry.\n *\n * If a schema with the given `id` already exists, it will be removed before adding the new one.\n *\n * This is useful for hot-reloading or preventing issues with cyclical dependencies.\n *\n * @param id - The unique identifier for the schema in the global registry.\n * @param schema - The Zod schema to register.\n * @example\n * ```typescript\n * safeGlobalRegistrySet(\"mySchema\", z.object({ name: z.string() }));\n * ```\n */\nexport const safeGlobalRegistrySet = (id: Internal.UID.Schema, schema: z.ZodType) => {\n try {\n const { _idmap: idMap } = z.globalRegistry;\n\n const transformedId = transformUidToValidOpenApiName(id);\n\n if (idMap.has(transformedId)) {\n // Remove existing schema to prevent conflicts\n strapi.log.debug(`Removing existing schema ${transformedId} from registry`);\n idMap.delete(transformedId);\n }\n\n // Register the new schema with the transformed ID\n strapi.log.debug(`Registering schema ${transformedId} in global registry`);\n z.globalRegistry.add(schema, { id: transformedId });\n } catch (error) {\n strapi.log.error(\n `Schema registration failed: Failed to register schema ${id} in global registry`\n );\n\n throw error;\n }\n};\n\n/**\n * Safely creates and registers a Zod schema in the global registry, particularly useful for handling cyclical data structures.\n *\n * If a schema with the given `id` already exists in the global registry, it returns the existing schema.\n *\n * Otherwise, it registers a temporary `z.any()` schema, calls the provided `callback` to create the actual schema,\n * and then replaces the temporary schema with the actual one in the registry.\n *\n * This prevents infinite loops in cases of cyclical dependencies.\n *\n * @param id - The unique identifier for the schema in the global registry.\n * @param callback - A function that returns the Zod schema to be created and registered.\n * @returns The created or retrieved Zod schema.\n * @example\n * ```typescript\n * const CategorySchema = safeSchemaCreation(\"Category\", () =>\n * z.object({\n * name: z.string(),\n * products: z.array(safeSchemaCreation(\"Product\", () =>\n * z.object({\n * name: z.string(),\n * category: z.lazy(() => CategorySchema) // Cyclical reference\n * })\n * ))\n * })\n * );\n * ```\n */\nexport const safeSchemaCreation = (id: Internal.UID.Schema, callback: () => z.ZodType) => {\n try {\n const { _idmap: idMap } = z.globalRegistry;\n\n const transformedId = transformUidToValidOpenApiName(id);\n\n // Return existing schema if already registered\n const mapItem = idMap.get(transformedId);\n if (mapItem) {\n strapi.log.debug(`Schema ${transformedId} found in registry, returning existing schema`);\n return mapItem;\n }\n\n strapi.log.warn(\n `Schema ${transformedId} not found in global registry, creating an any placeholder`\n );\n\n // Temporary any placeholder before replacing with the actual schema type\n // Used to prevent infinite loops in cyclical data structures\n safeGlobalRegistrySet(id, z.any());\n\n // Generate the actual schema using the callback\n const schema = callback();\n\n // Replace the placeholder with the real schema\n safeGlobalRegistrySet(id, schema);\n\n strapi.log.debug(`Schema ${transformedId} successfully created and registered`);\n\n return schema;\n } catch (error) {\n strapi.log.error(`Schema creation failed: Failed to create schema ${id}`);\n\n throw error;\n }\n};\n"],"names":["safeGlobalRegistrySet","id","schema","_idmap","idMap","z","globalRegistry","transformedId","transformUidToValidOpenApiName","has","strapi","log","debug","delete","add","error","safeSchemaCreation","callback","mapItem","get","warn","any"],"mappings":";;;AAIA;;;;;;;;;;;;;AAaC,IACM,MAAMA,qBAAwB,GAAA,CAACC,EAAyBC,EAAAA,MAAAA,GAAAA;IAC7D,IAAI;AACF,QAAA,MAAM,EAAEC,MAAQC,EAAAA,KAAK,EAAE,GAAGC,EAAEC,cAAc;AAE1C,QAAA,MAAMC,gBAAgBC,8BAA+BP,CAAAA,EAAAA,CAAAA;QAErD,IAAIG,KAAAA,CAAMK,GAAG,CAACF,aAAgB,CAAA,EAAA;;YAE5BG,MAAOC,CAAAA,GAAG,CAACC,KAAK,CAAC,CAAC,yBAAyB,EAAEL,aAAc,CAAA,cAAc,CAAC,CAAA;AAC1EH,YAAAA,KAAAA,CAAMS,MAAM,CAACN,aAAAA,CAAAA;AACf;;QAGAG,MAAOC,CAAAA,GAAG,CAACC,KAAK,CAAC,CAAC,mBAAmB,EAAEL,aAAc,CAAA,mBAAmB,CAAC,CAAA;AACzEF,QAAAA,CAAAA,CAAEC,cAAc,CAACQ,GAAG,CAACZ,MAAQ,EAAA;YAAED,EAAIM,EAAAA;AAAc,SAAA,CAAA;AACnD,KAAA,CAAE,OAAOQ,KAAO,EAAA;QACdL,MAAOC,CAAAA,GAAG,CAACI,KAAK,CACd,CAAC,sDAAsD,EAAEd,EAAG,CAAA,mBAAmB,CAAC,CAAA;QAGlF,MAAMc,KAAAA;AACR;AACF;AAEA;;;;;;;;;;;;;;;;;;;;;;;;;;;AA2BC,IACM,MAAMC,kBAAqB,GAAA,CAACf,EAAyBgB,EAAAA,QAAAA,GAAAA;IAC1D,IAAI;AACF,QAAA,MAAM,EAAEd,MAAQC,EAAAA,KAAK,EAAE,GAAGC,EAAEC,cAAc;AAE1C,QAAA,MAAMC,gBAAgBC,8BAA+BP,CAAAA,EAAAA,CAAAA;;QAGrD,MAAMiB,OAAAA,GAAUd,KAAMe,CAAAA,GAAG,CAACZ,aAAAA,CAAAA;AAC1B,QAAA,IAAIW,OAAS,EAAA;YACXR,MAAOC,CAAAA,GAAG,CAACC,KAAK,CAAC,CAAC,OAAO,EAAEL,aAAc,CAAA,6CAA6C,CAAC,CAAA;YACvF,OAAOW,OAAAA;AACT;QAEAR,MAAOC,CAAAA,GAAG,CAACS,IAAI,CACb,CAAC,OAAO,EAAEb,aAAc,CAAA,0DAA0D,CAAC,CAAA;;;QAKrFP,qBAAsBC,CAAAA,EAAAA,EAAII,EAAEgB,GAAG,EAAA,CAAA;;AAG/B,QAAA,MAAMnB,MAASe,GAAAA,QAAAA,EAAAA;;AAGfjB,QAAAA,qBAAAA,CAAsBC,EAAIC,EAAAA,MAAAA,CAAAA;QAE1BQ,MAAOC,CAAAA,GAAG,CAACC,KAAK,CAAC,CAAC,OAAO,EAAEL,aAAc,CAAA,oCAAoC,CAAC,CAAA;QAE9E,OAAOL,MAAAA;AACT,KAAA,CAAE,OAAOa,KAAO,EAAA;QACdL,MAAOC,CAAAA,GAAG,CAACI,KAAK,CAAC,CAAC,gDAAgD,EAAEd,GAAG,CAAC,CAAA;QAExE,MAAMc,KAAAA;AACR;AACF;;;;"}
1
+ {"version":3,"file":"utils.mjs","sources":["../../../../src/core-api/routes/validation/utils.ts"],"sourcesContent":["import { transformUidToValidOpenApiName } from '@strapi/utils';\nimport type { Internal } from '@strapi/types';\nimport * as z from 'zod/v4';\n\n// Schema generation happens on-demand when schemas don't exist in the registry\n\n/**\n * Safely adds or updates a schema in Zod's global registry.\n *\n * If a schema with the given `id` already exists, it will be removed before adding the new one.\n *\n * This is useful for hot-reloading or preventing issues with cyclical dependencies.\n *\n * @param id - The unique identifier for the schema in the global registry.\n * @param schema - The Zod schema to register.\n * @example\n * ```typescript\n * safeGlobalRegistrySet(\"mySchema\", z.object({ name: z.string() }));\n * ```\n */\nexport const safeGlobalRegistrySet = (id: Internal.UID.Schema, schema: z.ZodType) => {\n try {\n const { _idmap: idMap } = z.globalRegistry;\n\n const transformedId = transformUidToValidOpenApiName(id);\n\n const isReplacing = idMap.has(transformedId);\n\n if (isReplacing) {\n // Remove existing schema to prevent conflicts\n idMap.delete(transformedId);\n }\n\n // Register the new schema with the transformed ID\n strapi.log.debug(\n `${isReplacing ? 'Replacing' : 'Registering'} schema ${transformedId} in global registry`\n );\n z.globalRegistry.add(schema, { id: transformedId });\n } catch (error) {\n strapi.log.error(\n `Schema registration failed: Failed to register schema ${id} in global registry`\n );\n\n throw error;\n }\n};\n\n/**\n * Safely creates and registers a Zod schema in the global registry, particularly useful for handling cyclical data structures.\n *\n * If a schema with the given `id` already exists in the global registry, it returns the existing schema.\n *\n * Otherwise, it registers a temporary `z.any()` schema, calls the provided `callback` to create the actual schema,\n * and then replaces the temporary schema with the actual one in the registry.\n *\n * This prevents infinite loops in cases of cyclical dependencies.\n *\n * @param id - The unique identifier for the schema in the global registry.\n * @param callback - A function that returns the Zod schema to be created and registered.\n * @returns The created or retrieved Zod schema.\n * @example\n * ```typescript\n * const CategorySchema = safeSchemaCreation(\"Category\", () =>\n * z.object({\n * name: z.string(),\n * products: z.array(safeSchemaCreation(\"Product\", () =>\n * z.object({\n * name: z.string(),\n * category: z.lazy(() => CategorySchema) // Cyclical reference\n * })\n * ))\n * })\n * );\n * ```\n */\nexport const safeSchemaCreation = (id: Internal.UID.Schema, callback: () => z.ZodType) => {\n try {\n const { _idmap: idMap } = z.globalRegistry;\n\n const transformedId = transformUidToValidOpenApiName(id);\n\n // Return existing schema if already registered\n const mapItem = idMap.get(transformedId);\n if (mapItem) {\n // Schema already exists, return it silently\n return mapItem;\n }\n\n strapi.log.debug(`Schema ${transformedId} not found in registry, generating new schema`);\n\n // Determine if this is a built-in schema or user content\n const isBuiltInSchema = id.startsWith('plugin::') || id.startsWith('admin');\n\n if (isBuiltInSchema) {\n // Built-in schemas keep at debug level to avoid clutter\n strapi.log.debug(`Initializing validation schema for ${transformedId}`);\n } else {\n // User content\n const schemaName = transformedId\n .replace('Document', '')\n .replace('Entry', '')\n .replace(/([A-Z])/g, ' $1')\n .trim();\n strapi.log.debug(`📝 Generating validation schema for \"${schemaName}\"`);\n }\n\n // Temporary any placeholder before replacing with the actual schema type\n // Used to prevent infinite loops in cyclical data structures\n safeGlobalRegistrySet(id, z.any());\n\n // Generate the actual schema using the callback\n const schema = callback();\n\n // Replace the placeholder with the real schema\n safeGlobalRegistrySet(id, schema);\n\n // Show completion for user content only\n if (!isBuiltInSchema) {\n const fieldCount = Object.keys((schema as any)?._def?.shape || {}).length || 0;\n const schemaName = transformedId\n .replace('Document', '')\n .replace('Entry', '')\n .replace(/([A-Z])/g, ' $1')\n .trim();\n strapi.log.debug(` \"${schemaName}\" schema created with ${fieldCount} fields`);\n }\n\n return schema;\n } catch (error) {\n strapi.log.error(`Schema creation failed: Failed to create schema ${id}`);\n\n throw error;\n }\n};\n"],"names":["safeGlobalRegistrySet","id","schema","_idmap","idMap","z","globalRegistry","transformedId","transformUidToValidOpenApiName","isReplacing","has","delete","strapi","log","debug","add","error","safeSchemaCreation","callback","mapItem","get","isBuiltInSchema","startsWith","schemaName","replace","trim","any","fieldCount","Object","keys","_def","shape","length"],"mappings":";;;AAIA;AAEA;;;;;;;;;;;;;AAaC,IACM,MAAMA,qBAAwB,GAAA,CAACC,EAAyBC,EAAAA,MAAAA,GAAAA;IAC7D,IAAI;AACF,QAAA,MAAM,EAAEC,MAAQC,EAAAA,KAAK,EAAE,GAAGC,EAAEC,cAAc;AAE1C,QAAA,MAAMC,gBAAgBC,8BAA+BP,CAAAA,EAAAA,CAAAA;QAErD,MAAMQ,WAAAA,GAAcL,KAAMM,CAAAA,GAAG,CAACH,aAAAA,CAAAA;AAE9B,QAAA,IAAIE,WAAa,EAAA;;AAEfL,YAAAA,KAAAA,CAAMO,MAAM,CAACJ,aAAAA,CAAAA;AACf;;AAGAK,QAAAA,MAAAA,CAAOC,GAAG,CAACC,KAAK,CACd,CAAC,EAAEL,WAAc,GAAA,WAAA,GAAc,aAAc,CAAA,QAAQ,EAAEF,aAAAA,CAAc,mBAAmB,CAAC,CAAA;AAE3FF,QAAAA,CAAAA,CAAEC,cAAc,CAACS,GAAG,CAACb,MAAQ,EAAA;YAAED,EAAIM,EAAAA;AAAc,SAAA,CAAA;AACnD,KAAA,CAAE,OAAOS,KAAO,EAAA;QACdJ,MAAOC,CAAAA,GAAG,CAACG,KAAK,CACd,CAAC,sDAAsD,EAAEf,EAAG,CAAA,mBAAmB,CAAC,CAAA;QAGlF,MAAMe,KAAAA;AACR;AACF;AAEA;;;;;;;;;;;;;;;;;;;;;;;;;;;AA2BC,IACM,MAAMC,kBAAqB,GAAA,CAAChB,EAAyBiB,EAAAA,QAAAA,GAAAA;IAC1D,IAAI;AACF,QAAA,MAAM,EAAEf,MAAQC,EAAAA,KAAK,EAAE,GAAGC,EAAEC,cAAc;AAE1C,QAAA,MAAMC,gBAAgBC,8BAA+BP,CAAAA,EAAAA,CAAAA;;QAGrD,MAAMkB,OAAAA,GAAUf,KAAMgB,CAAAA,GAAG,CAACb,aAAAA,CAAAA;AAC1B,QAAA,IAAIY,OAAS,EAAA;;YAEX,OAAOA,OAAAA;AACT;QAEAP,MAAOC,CAAAA,GAAG,CAACC,KAAK,CAAC,CAAC,OAAO,EAAEP,aAAc,CAAA,6CAA6C,CAAC,CAAA;;AAGvF,QAAA,MAAMc,kBAAkBpB,EAAGqB,CAAAA,UAAU,CAAC,UAAerB,CAAAA,IAAAA,EAAAA,CAAGqB,UAAU,CAAC,OAAA,CAAA;AAEnE,QAAA,IAAID,eAAiB,EAAA;;YAEnBT,MAAOC,CAAAA,GAAG,CAACC,KAAK,CAAC,CAAC,mCAAmC,EAAEP,cAAc,CAAC,CAAA;SACjE,MAAA;;AAEL,YAAA,MAAMgB,UAAahB,GAAAA,aAAAA,CAChBiB,OAAO,CAAC,YAAY,EACpBA,CAAAA,CAAAA,OAAO,CAAC,OAAA,EAAS,EACjBA,CAAAA,CAAAA,OAAO,CAAC,UAAA,EAAY,OACpBC,IAAI,EAAA;YACPb,MAAOC,CAAAA,GAAG,CAACC,KAAK,CAAC,CAAC,qCAAqC,EAAES,UAAW,CAAA,CAAC,CAAC,CAAA;AACxE;;;QAIAvB,qBAAsBC,CAAAA,EAAAA,EAAII,EAAEqB,GAAG,EAAA,CAAA;;AAG/B,QAAA,MAAMxB,MAASgB,GAAAA,QAAAA,EAAAA;;AAGflB,QAAAA,qBAAAA,CAAsBC,EAAIC,EAAAA,MAAAA,CAAAA;;AAG1B,QAAA,IAAI,CAACmB,eAAiB,EAAA;YACpB,MAAMM,UAAAA,GAAaC,MAAOC,CAAAA,IAAI,CAAE3B,MAAgB4B,EAAAA,IAAAA,EAAMC,KAAS,IAAA,EAAIC,CAAAA,CAAAA,MAAM,IAAI,CAAA;AAC7E,YAAA,MAAMT,UAAahB,GAAAA,aAAAA,CAChBiB,OAAO,CAAC,YAAY,EACpBA,CAAAA,CAAAA,OAAO,CAAC,OAAA,EAAS,EACjBA,CAAAA,CAAAA,OAAO,CAAC,UAAA,EAAY,OACpBC,IAAI,EAAA;AACPb,YAAAA,MAAAA,CAAOC,GAAG,CAACC,KAAK,CAAC,CAAC,MAAM,EAAES,UAAAA,CAAW,sBAAsB,EAAEI,UAAW,CAAA,OAAO,CAAC,CAAA;AAClF;QAEA,OAAOzB,MAAAA;AACT,KAAA,CAAE,OAAOc,KAAO,EAAA;QACdJ,MAAOC,CAAAA,GAAG,CAACG,KAAK,CAAC,CAAC,gDAAgD,EAAEf,GAAG,CAAC,CAAA;QAExE,MAAMe,KAAAA;AACR;AACF;;;;"}
package/dist/loaders/plugins/index.js CHANGED
@@ -117,7 +117,7 @@ async function loadPlugins(strapi1) {
117
117
  try {
118
118
  serverEntrypointPath = path.join(enabledPlugin.pathToPlugin, resolvedExport);
119
119
  } catch (e) {
120
- throw new Error(`Error loading the plugin ${pluginName} because ${pluginName} is not installed. Please either install the plugin or remove it's configuration.`);
120
+ throw new Error(`Error loading the plugin ${pluginName} because ${pluginName} is not installed. Please either install the plugin or remove its configuration.`);
121
121
  }
122
122
  // only load plugins with a server entrypoint
123
123
  if (!await fse.pathExists(serverEntrypointPath)) {
package/dist/loaders/plugins/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sources":["../../../src/loaders/plugins/index.ts"],"sourcesContent":["import { join } from 'path';\nimport fse from 'fs-extra';\nimport { defaultsDeep, defaults, getOr, get } from 'lodash/fp';\nimport * as resolve from 'resolve.exports';\n\nimport { env } from '@strapi/utils';\nimport type { Core, Plugin, Struct } from '@strapi/types';\nimport { loadConfigFile } from '../../utils/load-config-file';\nimport { loadFiles } from '../../utils/load-files';\nimport { getEnabledPlugins } from './get-enabled-plugins';\nimport { getUserPluginsConfig } from './get-user-plugins-config';\nimport { getGlobalId } from '../../domain/content-type';\n\ninterface Plugins {\n [key: string]: Plugin.LoadedPlugin;\n}\n\nconst defaultPlugin = {\n bootstrap() {},\n destroy() {},\n register() {},\n config: {\n default: {},\n validator() {},\n },\n routes: [],\n controllers: {},\n services: {},\n policies: {},\n middlewares: {},\n contentTypes: {},\n};\n\nconst applyUserExtension = async (plugins: Plugins) => {\n const extensionsDir = strapi.dirs.dist.extensions;\n if (!(await fse.pathExists(extensionsDir))) {\n return;\n }\n\n const extendedSchemas = await loadFiles(extensionsDir, '**/content-types/**/schema.json');\n const strapiServers = await loadFiles(extensionsDir, '**/strapi-server.js');\n\n for (const pluginName of Object.keys(plugins)) {\n const plugin = plugins[pluginName];\n // first: load json schema\n for (const ctName of Object.keys(plugin.contentTypes)) {\n const extendedSchema = get([pluginName, 'content-types', ctName, 'schema'], extendedSchemas);\n if (extendedSchema) {\n plugin.contentTypes[ctName].schema = {\n ...plugin.contentTypes[ctName].schema,\n ...extendedSchema,\n };\n }\n }\n // second: execute strapi-server extension\n const strapiServer = get([pluginName, 'strapi-server'], strapiServers);\n if (strapiServer) {\n plugins[pluginName] = await strapiServer(plugin);\n }\n }\n};\n\nconst applyUserConfig = async (plugins: Plugins) => {\n const userPluginsConfig = await getUserPluginsConfig();\n\n for (const pluginName of Object.keys(plugins)) {\n const plugin = plugins[pluginName];\n const userPluginConfig = getOr({}, `${pluginName}.config`, userPluginsConfig);\n const defaultConfig =\n typeof plugin.config.default === 'function'\n ? plugin.config.default({ env })\n : plugin.config.default;\n\n const config = defaultsDeep(defaultConfig, userPluginConfig);\n try {\n plugin.config.validator(config);\n } catch (e) {\n if (e instanceof Error) {\n throw new Error(`Error regarding ${pluginName} config: ${e.message}`);\n }\n\n throw e;\n }\n plugin.config = config;\n }\n};\n\nexport default async function loadPlugins(strapi: Core.Strapi) {\n const plugins: Plugins = {};\n\n const enabledPlugins = await getEnabledPlugins(strapi);\n\n strapi.config.set('enabledPlugins', enabledPlugins);\n\n for (const pluginName of Object.keys(enabledPlugins)) {\n const enabledPlugin = enabledPlugins[pluginName];\n\n let serverEntrypointPath;\n let resolvedExport = './strapi-server.js';\n\n try {\n resolvedExport = (\n resolve.exports(enabledPlugin.packageInfo, 'strapi-server', {\n require: true,\n }) ?? './strapi-server.js'\n ).toString();\n } catch (e) {\n // no export map or missing strapi-server export => fallback to default\n }\n\n try {\n serverEntrypointPath = join(enabledPlugin.pathToPlugin, resolvedExport);\n } catch (e) {\n throw new Error(\n `Error loading the plugin ${pluginName} because ${pluginName} is not installed. Please either install the plugin or remove it's configuration.`\n );\n }\n\n // only load plugins with a server entrypoint\n if (!(await fse.pathExists(serverEntrypointPath))) {\n continue;\n }\n\n const pluginServer = loadConfigFile(serverEntrypointPath);\n plugins[pluginName] = {\n ...defaultPlugin,\n ...pluginServer,\n contentTypes: formatContentTypes(pluginName, pluginServer.contentTypes ?? {}),\n config: defaults(defaultPlugin.config, pluginServer.config),\n routes: pluginServer.routes ?? defaultPlugin.routes,\n };\n }\n\n // TODO: validate plugin format\n await applyUserConfig(plugins);\n await applyUserExtension(plugins);\n\n for (const pluginName of Object.keys(plugins)) {\n strapi.get('plugins').add(pluginName, plugins[pluginName]);\n }\n}\n\nconst formatContentTypes = (\n pluginName: string,\n contentTypes: Record<string, { schema: Struct.ContentTypeSchema }>\n) => {\n Object.values(contentTypes).forEach((definition) => {\n const { schema } = definition;\n\n Object.assign(schema, {\n plugin: pluginName,\n collectionName:\n schema.collectionName || `${pluginName}_${schema.info.singularName}`.toLowerCase(),\n globalId: getGlobalId(schema, pluginName),\n });\n });\n\n return contentTypes;\n};\n"],"names":["defaultPlugin","bootstrap","destroy","register","config","default","validator","routes","controllers","services","policies","middlewares","contentTypes","applyUserExtension","plugins","extensionsDir","strapi","dirs","dist","extensions","fse","pathExists","extendedSchemas","loadFiles","strapiServers","pluginName","Object","keys","plugin","ctName","extendedSchema","get","schema","strapiServer","applyUserConfig","userPluginsConfig","getUserPluginsConfig","userPluginConfig","getOr","defaultConfig","env","defaultsDeep","e","Error","message","loadPlugins","enabledPlugins","getEnabledPlugins","set","enabledPlugin","serverEntrypointPath","resolvedExport","resolve","exports","packageInfo","require","toString","join","pathToPlugin","pluginServer","loadConfigFile","formatContentTypes","defaults","add","values","forEach","definition","assign","collectionName","info","singularName","toLowerCase","globalId","getGlobalId"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAiBA,MAAMA,aAAgB,GAAA;IACpBC,SAAa,CAAA,GAAA,EAAA;IACbC,OAAW,CAAA,GAAA,EAAA;IACXC,QAAY,CAAA,GAAA,EAAA;IACZC,MAAQ,EAAA;AACNC,QAAAA,OAAAA,EAAS,EAAC;QACVC,SAAa,CAAA,GAAA;AACf,KAAA;AACAC,IAAAA,MAAAA,EAAQ,EAAE;AACVC,IAAAA,WAAAA,EAAa,EAAC;AACdC,IAAAA,QAAAA,EAAU,EAAC;AACXC,IAAAA,QAAAA,EAAU,EAAC;AACXC,IAAAA,WAAAA,EAAa,EAAC;AACdC,IAAAA,YAAAA,EAAc;AAChB,CAAA;AAEA,MAAMC,qBAAqB,OAAOC,OAAAA,GAAAA;AAChC,IAAA,MAAMC,gBAAgBC,MAAOC,CAAAA,IAAI,CAACC,IAAI,CAACC,UAAU;AACjD,IAAA,IAAI,CAAE,MAAMC,GAAIC,CAAAA,UAAU,CAACN,aAAiB,CAAA,EAAA;AAC1C,QAAA;AACF;IAEA,MAAMO,eAAAA,GAAkB,MAAMC,mBAAAA,CAAUR,aAAe,EAAA,iCAAA,CAAA;IACvD,MAAMS,aAAAA,GAAgB,MAAMD,mBAAAA,CAAUR,aAAe,EAAA,qBAAA,CAAA;AAErD,IAAA,KAAK,MAAMU,UAAAA,IAAcC,MAAOC,CAAAA,IAAI,CAACb,OAAU,CAAA,CAAA;QAC7C,MAAMc,MAAAA,GAASd,OAAO,CAACW,UAAW,CAAA;;AAElC,QAAA,KAAK,MAAMI,MAAUH,IAAAA,MAAAA,CAAOC,IAAI,CAACC,MAAAA,CAAOhB,YAAY,CAAG,CAAA;AACrD,YAAA,MAAMkB,iBAAiBC,MAAI,CAAA;AAACN,gBAAAA,UAAAA;AAAY,gBAAA,eAAA;AAAiBI,gBAAAA,MAAAA;AAAQ,gBAAA;aAAS,EAAEP,eAAAA,CAAAA;AAC5E,YAAA,IAAIQ,cAAgB,EAAA;AAClBF,gBAAAA,MAAAA,CAAOhB,YAAY,CAACiB,MAAO,CAAA,CAACG,MAAM,GAAG;AACnC,oBAAA,GAAGJ,MAAOhB,CAAAA,YAAY,CAACiB,MAAAA,CAAO,CAACG,MAAM;AACrC,oBAAA,GAAGF;AACL,iBAAA;AACF;AACF;;AAEA,QAAA,MAAMG,eAAeF,MAAI,CAAA;AAACN,YAAAA,UAAAA;AAAY,YAAA;SAAgB,EAAED,aAAAA,CAAAA;AACxD,QAAA,IAAIS,YAAc,EAAA;AAChBnB,YAAAA,OAAO,CAACW,UAAAA,CAAW,GAAG,MAAMQ,YAAaL,CAAAA,MAAAA,CAAAA;AAC3C;AACF;AACF,CAAA;AAEA,MAAMM,kBAAkB,OAAOpB,OAAAA,GAAAA;AAC7B,IAAA,MAAMqB,oBAAoB,MAAMC,yCAAAA,EAAAA;AAEhC,IAAA,KAAK,MAAMX,UAAAA,IAAcC,MAAOC,CAAAA,IAAI,CAACb,OAAU,CAAA,CAAA;QAC7C,MAAMc,MAAAA,GAASd,OAAO,CAACW,UAAW,CAAA;QAClC,MAAMY,gBAAAA,GAAmBC,SAAM,EAAC,EAAG,CAAC,EAAEb,UAAAA,CAAW,OAAO,CAAC,EAAEU,iBAAAA,CAAAA;AAC3D,QAAA,MAAMI,aACJ,GAAA,OAAOX,MAAOxB,CAAAA,MAAM,CAACC,OAAO,KAAK,UAAA,GAC7BuB,MAAOxB,CAAAA,MAAM,CAACC,OAAO,CAAC;AAAEmC,iBAAAA;SACxBZ,CAAAA,GAAAA,MAAAA,CAAOxB,MAAM,CAACC,OAAO;QAE3B,MAAMD,MAAAA,GAASqC,gBAAaF,aAAeF,EAAAA,gBAAAA,CAAAA;QAC3C,IAAI;YACFT,MAAOxB,CAAAA,MAAM,CAACE,SAAS,CAACF,MAAAA,CAAAA;AAC1B,SAAA,CAAE,OAAOsC,CAAG,EAAA;AACV,YAAA,IAAIA,aAAaC,KAAO,EAAA;gBACtB,MAAM,IAAIA,KAAM,CAAA,CAAC,gBAAgB,EAAElB,UAAW,CAAA,SAAS,EAAEiB,CAAAA,CAAEE,OAAO,CAAC,CAAC,CAAA;AACtE;YAEA,MAAMF,CAAAA;AACR;AACAd,QAAAA,MAAAA,CAAOxB,MAAM,GAAGA,MAAAA;AAClB;AACF,CAAA;AAEe,eAAeyC,YAAY7B,OAAmB,EAAA;AAC3D,IAAA,MAAMF,UAAmB,EAAC;IAE1B,MAAMgC,cAAAA,GAAiB,MAAMC,mCAAkB/B,CAAAA,OAAAA,CAAAA;AAE/CA,IAAAA,OAAAA,CAAOZ,MAAM,CAAC4C,GAAG,CAAC,gBAAkBF,EAAAA,cAAAA,CAAAA;AAEpC,IAAA,KAAK,MAAMrB,UAAAA,IAAcC,MAAOC,CAAAA,IAAI,CAACmB,cAAiB,CAAA,CAAA;QACpD,MAAMG,aAAAA,GAAgBH,cAAc,CAACrB,UAAW,CAAA;QAEhD,IAAIyB,oBAAAA;AACJ,QAAA,IAAIC,cAAiB,GAAA,oBAAA;QAErB,IAAI;YACFA,cAAiB,GACfC,CAAAA,kBAAQC,CAAAA,OAAO,CAACJ,aAAcK,CAAAA,WAAW,EAAE,eAAiB,EAAA;gBAC1DC,OAAS,EAAA;aACL,CAAA,IAAA,oBAAmB,EACzBC,QAAQ,EAAA;AACZ,SAAA,CAAE,OAAOd,CAAG,EAAA;;AAEZ;QAEA,IAAI;YACFQ,oBAAuBO,GAAAA,SAAAA,CAAKR,aAAcS,CAAAA,YAAY,EAAEP,cAAAA,CAAAA;AAC1D,SAAA,CAAE,OAAOT,CAAG,EAAA;YACV,MAAM,IAAIC,KACR,CAAA,CAAC,yBAAyB,EAAElB,WAAW,SAAS,EAAEA,UAAW,CAAA,iFAAiF,CAAC,CAAA;AAEnJ;;AAGA,QAAA,IAAI,CAAE,MAAML,GAAIC,CAAAA,UAAU,CAAC6B,oBAAwB,CAAA,EAAA;AACjD,YAAA;AACF;AAEA,QAAA,MAAMS,eAAeC,6BAAeV,CAAAA,oBAAAA,CAAAA;QACpCpC,OAAO,CAACW,WAAW,GAAG;AACpB,YAAA,GAAGzB,aAAa;AAChB,YAAA,GAAG2D,YAAY;AACf/C,YAAAA,YAAAA,EAAciD,kBAAmBpC,CAAAA,UAAAA,EAAYkC,YAAa/C,CAAAA,YAAY,IAAI,EAAC,CAAA;AAC3ER,YAAAA,MAAAA,EAAQ0D,WAAS9D,CAAAA,aAAAA,CAAcI,MAAM,EAAEuD,aAAavD,MAAM,CAAA;AAC1DG,YAAAA,MAAAA,EAAQoD,YAAapD,CAAAA,MAAM,IAAIP,aAAAA,CAAcO;AAC/C,SAAA;AACF;;AAGA,IAAA,MAAM2B,eAAgBpB,CAAAA,OAAAA,CAAAA;AACtB,IAAA,MAAMD,kBAAmBC,CAAAA,OAAAA,CAAAA;AAEzB,IAAA,KAAK,MAAMW,UAAAA,IAAcC,MAAOC,CAAAA,IAAI,CAACb,OAAU,CAAA,CAAA;QAC7CE,OAAOe,CAAAA,GAAG,CAAC,SAAWgC,CAAAA,CAAAA,GAAG,CAACtC,UAAYX,EAAAA,OAAO,CAACW,UAAW,CAAA,CAAA;AAC3D;AACF;AAEA,MAAMoC,kBAAAA,GAAqB,CACzBpC,UACAb,EAAAA,YAAAA,GAAAA;AAEAc,IAAAA,MAAAA,CAAOsC,MAAM,CAACpD,YAAcqD,CAAAA,CAAAA,OAAO,CAAC,CAACC,UAAAA,GAAAA;QACnC,MAAM,EAAElC,MAAM,EAAE,GAAGkC,UAAAA;QAEnBxC,MAAOyC,CAAAA,MAAM,CAACnC,MAAQ,EAAA;YACpBJ,MAAQH,EAAAA,UAAAA;AACR2C,YAAAA,cAAAA,EACEpC,MAAOoC,CAAAA,cAAc,IAAI,CAAC,EAAE3C,UAAW,CAAA,CAAC,EAAEO,MAAAA,CAAOqC,IAAI,CAACC,YAAY,CAAC,CAAC,CAACC,WAAW,EAAA;AAClFC,YAAAA,QAAAA,EAAUC,kBAAYzC,MAAQP,EAAAA,UAAAA;AAChC,SAAA,CAAA;AACF,KAAA,CAAA;IAEA,OAAOb,YAAAA;AACT,CAAA;;;;"}
1
+ {"version":3,"file":"index.js","sources":["../../../src/loaders/plugins/index.ts"],"sourcesContent":["import { join } from 'path';\nimport fse from 'fs-extra';\nimport { defaultsDeep, defaults, getOr, get } from 'lodash/fp';\nimport * as resolve from 'resolve.exports';\n\nimport { env } from '@strapi/utils';\nimport type { Core, Plugin, Struct } from '@strapi/types';\nimport { loadConfigFile } from '../../utils/load-config-file';\nimport { loadFiles } from '../../utils/load-files';\nimport { getEnabledPlugins } from './get-enabled-plugins';\nimport { getUserPluginsConfig } from './get-user-plugins-config';\nimport { getGlobalId } from '../../domain/content-type';\n\ninterface Plugins {\n [key: string]: Plugin.LoadedPlugin;\n}\n\nconst defaultPlugin = {\n bootstrap() {},\n destroy() {},\n register() {},\n config: {\n default: {},\n validator() {},\n },\n routes: [],\n controllers: {},\n services: {},\n policies: {},\n middlewares: {},\n contentTypes: {},\n};\n\nconst applyUserExtension = async (plugins: Plugins) => {\n const extensionsDir = strapi.dirs.dist.extensions;\n if (!(await fse.pathExists(extensionsDir))) {\n return;\n }\n\n const extendedSchemas = await loadFiles(extensionsDir, '**/content-types/**/schema.json');\n const strapiServers = await loadFiles(extensionsDir, '**/strapi-server.js');\n\n for (const pluginName of Object.keys(plugins)) {\n const plugin = plugins[pluginName];\n // first: load json schema\n for (const ctName of Object.keys(plugin.contentTypes)) {\n const extendedSchema = get([pluginName, 'content-types', ctName, 'schema'], extendedSchemas);\n if (extendedSchema) {\n plugin.contentTypes[ctName].schema = {\n ...plugin.contentTypes[ctName].schema,\n ...extendedSchema,\n };\n }\n }\n // second: execute strapi-server extension\n const strapiServer = get([pluginName, 'strapi-server'], strapiServers);\n if (strapiServer) {\n plugins[pluginName] = await strapiServer(plugin);\n }\n }\n};\n\nconst applyUserConfig = async (plugins: Plugins) => {\n const userPluginsConfig = await getUserPluginsConfig();\n\n for (const pluginName of Object.keys(plugins)) {\n const plugin = plugins[pluginName];\n const userPluginConfig = getOr({}, `${pluginName}.config`, userPluginsConfig);\n const defaultConfig =\n typeof plugin.config.default === 'function'\n ? plugin.config.default({ env })\n : plugin.config.default;\n\n const config = defaultsDeep(defaultConfig, userPluginConfig);\n try {\n plugin.config.validator(config);\n } catch (e) {\n if (e instanceof Error) {\n throw new Error(`Error regarding ${pluginName} config: ${e.message}`);\n }\n\n throw e;\n }\n plugin.config = config;\n }\n};\n\nexport default async function loadPlugins(strapi: Core.Strapi) {\n const plugins: Plugins = {};\n\n const enabledPlugins = await getEnabledPlugins(strapi);\n\n strapi.config.set('enabledPlugins', enabledPlugins);\n\n for (const pluginName of Object.keys(enabledPlugins)) {\n const enabledPlugin = enabledPlugins[pluginName];\n\n let serverEntrypointPath;\n let resolvedExport = './strapi-server.js';\n\n try {\n resolvedExport = (\n resolve.exports(enabledPlugin.packageInfo, 'strapi-server', {\n require: true,\n }) ?? './strapi-server.js'\n ).toString();\n } catch (e) {\n // no export map or missing strapi-server export => fallback to default\n }\n\n try {\n serverEntrypointPath = join(enabledPlugin.pathToPlugin, resolvedExport);\n } catch (e) {\n throw new Error(\n `Error loading the plugin ${pluginName} because ${pluginName} is not installed. Please either install the plugin or remove its configuration.`\n );\n }\n\n // only load plugins with a server entrypoint\n if (!(await fse.pathExists(serverEntrypointPath))) {\n continue;\n }\n\n const pluginServer = loadConfigFile(serverEntrypointPath);\n plugins[pluginName] = {\n ...defaultPlugin,\n ...pluginServer,\n contentTypes: formatContentTypes(pluginName, pluginServer.contentTypes ?? {}),\n config: defaults(defaultPlugin.config, pluginServer.config),\n routes: pluginServer.routes ?? defaultPlugin.routes,\n };\n }\n\n // TODO: validate plugin format\n await applyUserConfig(plugins);\n await applyUserExtension(plugins);\n\n for (const pluginName of Object.keys(plugins)) {\n strapi.get('plugins').add(pluginName, plugins[pluginName]);\n }\n}\n\nconst formatContentTypes = (\n pluginName: string,\n contentTypes: Record<string, { schema: Struct.ContentTypeSchema }>\n) => {\n Object.values(contentTypes).forEach((definition) => {\n const { schema } = definition;\n\n Object.assign(schema, {\n plugin: pluginName,\n collectionName:\n schema.collectionName || `${pluginName}_${schema.info.singularName}`.toLowerCase(),\n globalId: getGlobalId(schema, pluginName),\n });\n });\n\n return contentTypes;\n};\n"],"names":["defaultPlugin","bootstrap","destroy","register","config","default","validator","routes","controllers","services","policies","middlewares","contentTypes","applyUserExtension","plugins","extensionsDir","strapi","dirs","dist","extensions","fse","pathExists","extendedSchemas","loadFiles","strapiServers","pluginName","Object","keys","plugin","ctName","extendedSchema","get","schema","strapiServer","applyUserConfig","userPluginsConfig","getUserPluginsConfig","userPluginConfig","getOr","defaultConfig","env","defaultsDeep","e","Error","message","loadPlugins","enabledPlugins","getEnabledPlugins","set","enabledPlugin","serverEntrypointPath","resolvedExport","resolve","exports","packageInfo","require","toString","join","pathToPlugin","pluginServer","loadConfigFile","formatContentTypes","defaults","add","values","forEach","definition","assign","collectionName","info","singularName","toLowerCase","globalId","getGlobalId"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAiBA,MAAMA,aAAgB,GAAA;IACpBC,SAAa,CAAA,GAAA,EAAA;IACbC,OAAW,CAAA,GAAA,EAAA;IACXC,QAAY,CAAA,GAAA,EAAA;IACZC,MAAQ,EAAA;AACNC,QAAAA,OAAAA,EAAS,EAAC;QACVC,SAAa,CAAA,GAAA;AACf,KAAA;AACAC,IAAAA,MAAAA,EAAQ,EAAE;AACVC,IAAAA,WAAAA,EAAa,EAAC;AACdC,IAAAA,QAAAA,EAAU,EAAC;AACXC,IAAAA,QAAAA,EAAU,EAAC;AACXC,IAAAA,WAAAA,EAAa,EAAC;AACdC,IAAAA,YAAAA,EAAc;AAChB,CAAA;AAEA,MAAMC,qBAAqB,OAAOC,OAAAA,GAAAA;AAChC,IAAA,MAAMC,gBAAgBC,MAAOC,CAAAA,IAAI,CAACC,IAAI,CAACC,UAAU;AACjD,IAAA,IAAI,CAAE,MAAMC,GAAIC,CAAAA,UAAU,CAACN,aAAiB,CAAA,EAAA;AAC1C,QAAA;AACF;IAEA,MAAMO,eAAAA,GAAkB,MAAMC,mBAAAA,CAAUR,aAAe,EAAA,iCAAA,CAAA;IACvD,MAAMS,aAAAA,GAAgB,MAAMD,mBAAAA,CAAUR,aAAe,EAAA,qBAAA,CAAA;AAErD,IAAA,KAAK,MAAMU,UAAAA,IAAcC,MAAOC,CAAAA,IAAI,CAACb,OAAU,CAAA,CAAA;QAC7C,MAAMc,MAAAA,GAASd,OAAO,CAACW,UAAW,CAAA;;AAElC,QAAA,KAAK,MAAMI,MAAUH,IAAAA,MAAAA,CAAOC,IAAI,CAACC,MAAAA,CAAOhB,YAAY,CAAG,CAAA;AACrD,YAAA,MAAMkB,iBAAiBC,MAAI,CAAA;AAACN,gBAAAA,UAAAA;AAAY,gBAAA,eAAA;AAAiBI,gBAAAA,MAAAA;AAAQ,gBAAA;aAAS,EAAEP,eAAAA,CAAAA;AAC5E,YAAA,IAAIQ,cAAgB,EAAA;AAClBF,gBAAAA,MAAAA,CAAOhB,YAAY,CAACiB,MAAO,CAAA,CAACG,MAAM,GAAG;AACnC,oBAAA,GAAGJ,MAAOhB,CAAAA,YAAY,CAACiB,MAAAA,CAAO,CAACG,MAAM;AACrC,oBAAA,GAAGF;AACL,iBAAA;AACF;AACF;;AAEA,QAAA,MAAMG,eAAeF,MAAI,CAAA;AAACN,YAAAA,UAAAA;AAAY,YAAA;SAAgB,EAAED,aAAAA,CAAAA;AACxD,QAAA,IAAIS,YAAc,EAAA;AAChBnB,YAAAA,OAAO,CAACW,UAAAA,CAAW,GAAG,MAAMQ,YAAaL,CAAAA,MAAAA,CAAAA;AAC3C;AACF;AACF,CAAA;AAEA,MAAMM,kBAAkB,OAAOpB,OAAAA,GAAAA;AAC7B,IAAA,MAAMqB,oBAAoB,MAAMC,yCAAAA,EAAAA;AAEhC,IAAA,KAAK,MAAMX,UAAAA,IAAcC,MAAOC,CAAAA,IAAI,CAACb,OAAU,CAAA,CAAA;QAC7C,MAAMc,MAAAA,GAASd,OAAO,CAACW,UAAW,CAAA;QAClC,MAAMY,gBAAAA,GAAmBC,SAAM,EAAC,EAAG,CAAC,EAAEb,UAAAA,CAAW,OAAO,CAAC,EAAEU,iBAAAA,CAAAA;AAC3D,QAAA,MAAMI,aACJ,GAAA,OAAOX,MAAOxB,CAAAA,MAAM,CAACC,OAAO,KAAK,UAAA,GAC7BuB,MAAOxB,CAAAA,MAAM,CAACC,OAAO,CAAC;AAAEmC,iBAAAA;SACxBZ,CAAAA,GAAAA,MAAAA,CAAOxB,MAAM,CAACC,OAAO;QAE3B,MAAMD,MAAAA,GAASqC,gBAAaF,aAAeF,EAAAA,gBAAAA,CAAAA;QAC3C,IAAI;YACFT,MAAOxB,CAAAA,MAAM,CAACE,SAAS,CAACF,MAAAA,CAAAA;AAC1B,SAAA,CAAE,OAAOsC,CAAG,EAAA;AACV,YAAA,IAAIA,aAAaC,KAAO,EAAA;gBACtB,MAAM,IAAIA,KAAM,CAAA,CAAC,gBAAgB,EAAElB,UAAW,CAAA,SAAS,EAAEiB,CAAAA,CAAEE,OAAO,CAAC,CAAC,CAAA;AACtE;YAEA,MAAMF,CAAAA;AACR;AACAd,QAAAA,MAAAA,CAAOxB,MAAM,GAAGA,MAAAA;AAClB;AACF,CAAA;AAEe,eAAeyC,YAAY7B,OAAmB,EAAA;AAC3D,IAAA,MAAMF,UAAmB,EAAC;IAE1B,MAAMgC,cAAAA,GAAiB,MAAMC,mCAAkB/B,CAAAA,OAAAA,CAAAA;AAE/CA,IAAAA,OAAAA,CAAOZ,MAAM,CAAC4C,GAAG,CAAC,gBAAkBF,EAAAA,cAAAA,CAAAA;AAEpC,IAAA,KAAK,MAAMrB,UAAAA,IAAcC,MAAOC,CAAAA,IAAI,CAACmB,cAAiB,CAAA,CAAA;QACpD,MAAMG,aAAAA,GAAgBH,cAAc,CAACrB,UAAW,CAAA;QAEhD,IAAIyB,oBAAAA;AACJ,QAAA,IAAIC,cAAiB,GAAA,oBAAA;QAErB,IAAI;YACFA,cAAiB,GACfC,CAAAA,kBAAQC,CAAAA,OAAO,CAACJ,aAAcK,CAAAA,WAAW,EAAE,eAAiB,EAAA;gBAC1DC,OAAS,EAAA;aACL,CAAA,IAAA,oBAAmB,EACzBC,QAAQ,EAAA;AACZ,SAAA,CAAE,OAAOd,CAAG,EAAA;;AAEZ;QAEA,IAAI;YACFQ,oBAAuBO,GAAAA,SAAAA,CAAKR,aAAcS,CAAAA,YAAY,EAAEP,cAAAA,CAAAA;AAC1D,SAAA,CAAE,OAAOT,CAAG,EAAA;YACV,MAAM,IAAIC,KACR,CAAA,CAAC,yBAAyB,EAAElB,WAAW,SAAS,EAAEA,UAAW,CAAA,gFAAgF,CAAC,CAAA;AAElJ;;AAGA,QAAA,IAAI,CAAE,MAAML,GAAIC,CAAAA,UAAU,CAAC6B,oBAAwB,CAAA,EAAA;AACjD,YAAA;AACF;AAEA,QAAA,MAAMS,eAAeC,6BAAeV,CAAAA,oBAAAA,CAAAA;QACpCpC,OAAO,CAACW,WAAW,GAAG;AACpB,YAAA,GAAGzB,aAAa;AAChB,YAAA,GAAG2D,YAAY;AACf/C,YAAAA,YAAAA,EAAciD,kBAAmBpC,CAAAA,UAAAA,EAAYkC,YAAa/C,CAAAA,YAAY,IAAI,EAAC,CAAA;AAC3ER,YAAAA,MAAAA,EAAQ0D,WAAS9D,CAAAA,aAAAA,CAAcI,MAAM,EAAEuD,aAAavD,MAAM,CAAA;AAC1DG,YAAAA,MAAAA,EAAQoD,YAAapD,CAAAA,MAAM,IAAIP,aAAAA,CAAcO;AAC/C,SAAA;AACF;;AAGA,IAAA,MAAM2B,eAAgBpB,CAAAA,OAAAA,CAAAA;AACtB,IAAA,MAAMD,kBAAmBC,CAAAA,OAAAA,CAAAA;AAEzB,IAAA,KAAK,MAAMW,UAAAA,IAAcC,MAAOC,CAAAA,IAAI,CAACb,OAAU,CAAA,CAAA;QAC7CE,OAAOe,CAAAA,GAAG,CAAC,SAAWgC,CAAAA,CAAAA,GAAG,CAACtC,UAAYX,EAAAA,OAAO,CAACW,UAAW,CAAA,CAAA;AAC3D;AACF;AAEA,MAAMoC,kBAAAA,GAAqB,CACzBpC,UACAb,EAAAA,YAAAA,GAAAA;AAEAc,IAAAA,MAAAA,CAAOsC,MAAM,CAACpD,YAAcqD,CAAAA,CAAAA,OAAO,CAAC,CAACC,UAAAA,GAAAA;QACnC,MAAM,EAAElC,MAAM,EAAE,GAAGkC,UAAAA;QAEnBxC,MAAOyC,CAAAA,MAAM,CAACnC,MAAQ,EAAA;YACpBJ,MAAQH,EAAAA,UAAAA;AACR2C,YAAAA,cAAAA,EACEpC,MAAOoC,CAAAA,cAAc,IAAI,CAAC,EAAE3C,UAAW,CAAA,CAAC,EAAEO,MAAAA,CAAOqC,IAAI,CAACC,YAAY,CAAC,CAAC,CAACC,WAAW,EAAA;AAClFC,YAAAA,QAAAA,EAAUC,kBAAYzC,MAAQP,EAAAA,UAAAA;AAChC,SAAA,CAAA;AACF,KAAA,CAAA;IAEA,OAAOb,YAAAA;AACT,CAAA;;;;"}
package/dist/loaders/plugins/index.mjs CHANGED
@@ -96,7 +96,7 @@ async function loadPlugins(strapi1) {
96
96
  try {
97
97
  serverEntrypointPath = join(enabledPlugin.pathToPlugin, resolvedExport);
98
98
  } catch (e) {
99
- throw new Error(`Error loading the plugin ${pluginName} because ${pluginName} is not installed. Please either install the plugin or remove it's configuration.`);
99
+ throw new Error(`Error loading the plugin ${pluginName} because ${pluginName} is not installed. Please either install the plugin or remove its configuration.`);
100
100
  }
101
101
  // only load plugins with a server entrypoint
102
102
  if (!await fse.pathExists(serverEntrypointPath)) {
package/dist/loaders/plugins/index.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.mjs","sources":["../../../src/loaders/plugins/index.ts"],"sourcesContent":["import { join } from 'path';\nimport fse from 'fs-extra';\nimport { defaultsDeep, defaults, getOr, get } from 'lodash/fp';\nimport * as resolve from 'resolve.exports';\n\nimport { env } from '@strapi/utils';\nimport type { Core, Plugin, Struct } from '@strapi/types';\nimport { loadConfigFile } from '../../utils/load-config-file';\nimport { loadFiles } from '../../utils/load-files';\nimport { getEnabledPlugins } from './get-enabled-plugins';\nimport { getUserPluginsConfig } from './get-user-plugins-config';\nimport { getGlobalId } from '../../domain/content-type';\n\ninterface Plugins {\n [key: string]: Plugin.LoadedPlugin;\n}\n\nconst defaultPlugin = {\n bootstrap() {},\n destroy() {},\n register() {},\n config: {\n default: {},\n validator() {},\n },\n routes: [],\n controllers: {},\n services: {},\n policies: {},\n middlewares: {},\n contentTypes: {},\n};\n\nconst applyUserExtension = async (plugins: Plugins) => {\n const extensionsDir = strapi.dirs.dist.extensions;\n if (!(await fse.pathExists(extensionsDir))) {\n return;\n }\n\n const extendedSchemas = await loadFiles(extensionsDir, '**/content-types/**/schema.json');\n const strapiServers = await loadFiles(extensionsDir, '**/strapi-server.js');\n\n for (const pluginName of Object.keys(plugins)) {\n const plugin = plugins[pluginName];\n // first: load json schema\n for (const ctName of Object.keys(plugin.contentTypes)) {\n const extendedSchema = get([pluginName, 'content-types', ctName, 'schema'], extendedSchemas);\n if (extendedSchema) {\n plugin.contentTypes[ctName].schema = {\n ...plugin.contentTypes[ctName].schema,\n ...extendedSchema,\n };\n }\n }\n // second: execute strapi-server extension\n const strapiServer = get([pluginName, 'strapi-server'], strapiServers);\n if (strapiServer) {\n plugins[pluginName] = await strapiServer(plugin);\n }\n }\n};\n\nconst applyUserConfig = async (plugins: Plugins) => {\n const userPluginsConfig = await getUserPluginsConfig();\n\n for (const pluginName of Object.keys(plugins)) {\n const plugin = plugins[pluginName];\n const userPluginConfig = getOr({}, `${pluginName}.config`, userPluginsConfig);\n const defaultConfig =\n typeof plugin.config.default === 'function'\n ? plugin.config.default({ env })\n : plugin.config.default;\n\n const config = defaultsDeep(defaultConfig, userPluginConfig);\n try {\n plugin.config.validator(config);\n } catch (e) {\n if (e instanceof Error) {\n throw new Error(`Error regarding ${pluginName} config: ${e.message}`);\n }\n\n throw e;\n }\n plugin.config = config;\n }\n};\n\nexport default async function loadPlugins(strapi: Core.Strapi) {\n const plugins: Plugins = {};\n\n const enabledPlugins = await getEnabledPlugins(strapi);\n\n strapi.config.set('enabledPlugins', enabledPlugins);\n\n for (const pluginName of Object.keys(enabledPlugins)) {\n const enabledPlugin = enabledPlugins[pluginName];\n\n let serverEntrypointPath;\n let resolvedExport = './strapi-server.js';\n\n try {\n resolvedExport = (\n resolve.exports(enabledPlugin.packageInfo, 'strapi-server', {\n require: true,\n }) ?? './strapi-server.js'\n ).toString();\n } catch (e) {\n // no export map or missing strapi-server export => fallback to default\n }\n\n try {\n serverEntrypointPath = join(enabledPlugin.pathToPlugin, resolvedExport);\n } catch (e) {\n throw new Error(\n `Error loading the plugin ${pluginName} because ${pluginName} is not installed. Please either install the plugin or remove it's configuration.`\n );\n }\n\n // only load plugins with a server entrypoint\n if (!(await fse.pathExists(serverEntrypointPath))) {\n continue;\n }\n\n const pluginServer = loadConfigFile(serverEntrypointPath);\n plugins[pluginName] = {\n ...defaultPlugin,\n ...pluginServer,\n contentTypes: formatContentTypes(pluginName, pluginServer.contentTypes ?? {}),\n config: defaults(defaultPlugin.config, pluginServer.config),\n routes: pluginServer.routes ?? defaultPlugin.routes,\n };\n }\n\n // TODO: validate plugin format\n await applyUserConfig(plugins);\n await applyUserExtension(plugins);\n\n for (const pluginName of Object.keys(plugins)) {\n strapi.get('plugins').add(pluginName, plugins[pluginName]);\n }\n}\n\nconst formatContentTypes = (\n pluginName: string,\n contentTypes: Record<string, { schema: Struct.ContentTypeSchema }>\n) => {\n Object.values(contentTypes).forEach((definition) => {\n const { schema } = definition;\n\n Object.assign(schema, {\n plugin: pluginName,\n collectionName:\n schema.collectionName || `${pluginName}_${schema.info.singularName}`.toLowerCase(),\n globalId: getGlobalId(schema, pluginName),\n });\n });\n\n return contentTypes;\n};\n"],"names":["defaultPlugin","bootstrap","destroy","register","config","default","validator","routes","controllers","services","policies","middlewares","contentTypes","applyUserExtension","plugins","extensionsDir","strapi","dirs","dist","extensions","fse","pathExists","extendedSchemas","loadFiles","strapiServers","pluginName","Object","keys","plugin","ctName","extendedSchema","get","schema","strapiServer","applyUserConfig","userPluginsConfig","getUserPluginsConfig","userPluginConfig","getOr","defaultConfig","env","defaultsDeep","e","Error","message","loadPlugins","enabledPlugins","getEnabledPlugins","set","enabledPlugin","serverEntrypointPath","resolvedExport","resolve","exports","packageInfo","require","toString","join","pathToPlugin","pluginServer","loadConfigFile","formatContentTypes","defaults","add","values","forEach","definition","assign","collectionName","info","singularName","toLowerCase","globalId","getGlobalId"],"mappings":";;;;;;;;;;;AAiBA,MAAMA,aAAgB,GAAA;IACpBC,SAAa,CAAA,GAAA,EAAA;IACbC,OAAW,CAAA,GAAA,EAAA;IACXC,QAAY,CAAA,GAAA,EAAA;IACZC,MAAQ,EAAA;AACNC,QAAAA,OAAAA,EAAS,EAAC;QACVC,SAAa,CAAA,GAAA;AACf,KAAA;AACAC,IAAAA,MAAAA,EAAQ,EAAE;AACVC,IAAAA,WAAAA,EAAa,EAAC;AACdC,IAAAA,QAAAA,EAAU,EAAC;AACXC,IAAAA,QAAAA,EAAU,EAAC;AACXC,IAAAA,WAAAA,EAAa,EAAC;AACdC,IAAAA,YAAAA,EAAc;AAChB,CAAA;AAEA,MAAMC,qBAAqB,OAAOC,OAAAA,GAAAA;AAChC,IAAA,MAAMC,gBAAgBC,MAAOC,CAAAA,IAAI,CAACC,IAAI,CAACC,UAAU;AACjD,IAAA,IAAI,CAAE,MAAMC,GAAIC,CAAAA,UAAU,CAACN,aAAiB,CAAA,EAAA;AAC1C,QAAA;AACF;IAEA,MAAMO,eAAAA,GAAkB,MAAMC,SAAAA,CAAUR,aAAe,EAAA,iCAAA,CAAA;IACvD,MAAMS,aAAAA,GAAgB,MAAMD,SAAAA,CAAUR,aAAe,EAAA,qBAAA,CAAA;AAErD,IAAA,KAAK,MAAMU,UAAAA,IAAcC,MAAOC,CAAAA,IAAI,CAACb,OAAU,CAAA,CAAA;QAC7C,MAAMc,MAAAA,GAASd,OAAO,CAACW,UAAW,CAAA;;AAElC,QAAA,KAAK,MAAMI,MAAUH,IAAAA,MAAAA,CAAOC,IAAI,CAACC,MAAAA,CAAOhB,YAAY,CAAG,CAAA;AACrD,YAAA,MAAMkB,iBAAiBC,GAAI,CAAA;AAACN,gBAAAA,UAAAA;AAAY,gBAAA,eAAA;AAAiBI,gBAAAA,MAAAA;AAAQ,gBAAA;aAAS,EAAEP,eAAAA,CAAAA;AAC5E,YAAA,IAAIQ,cAAgB,EAAA;AAClBF,gBAAAA,MAAAA,CAAOhB,YAAY,CAACiB,MAAO,CAAA,CAACG,MAAM,GAAG;AACnC,oBAAA,GAAGJ,MAAOhB,CAAAA,YAAY,CAACiB,MAAAA,CAAO,CAACG,MAAM;AACrC,oBAAA,GAAGF;AACL,iBAAA;AACF;AACF;;AAEA,QAAA,MAAMG,eAAeF,GAAI,CAAA;AAACN,YAAAA,UAAAA;AAAY,YAAA;SAAgB,EAAED,aAAAA,CAAAA;AACxD,QAAA,IAAIS,YAAc,EAAA;AAChBnB,YAAAA,OAAO,CAACW,UAAAA,CAAW,GAAG,MAAMQ,YAAaL,CAAAA,MAAAA,CAAAA;AAC3C;AACF;AACF,CAAA;AAEA,MAAMM,kBAAkB,OAAOpB,OAAAA,GAAAA;AAC7B,IAAA,MAAMqB,oBAAoB,MAAMC,oBAAAA,EAAAA;AAEhC,IAAA,KAAK,MAAMX,UAAAA,IAAcC,MAAOC,CAAAA,IAAI,CAACb,OAAU,CAAA,CAAA;QAC7C,MAAMc,MAAAA,GAASd,OAAO,CAACW,UAAW,CAAA;QAClC,MAAMY,gBAAAA,GAAmBC,MAAM,EAAC,EAAG,CAAC,EAAEb,UAAAA,CAAW,OAAO,CAAC,EAAEU,iBAAAA,CAAAA;AAC3D,QAAA,MAAMI,aACJ,GAAA,OAAOX,MAAOxB,CAAAA,MAAM,CAACC,OAAO,KAAK,UAAA,GAC7BuB,MAAOxB,CAAAA,MAAM,CAACC,OAAO,CAAC;AAAEmC,YAAAA;SACxBZ,CAAAA,GAAAA,MAAAA,CAAOxB,MAAM,CAACC,OAAO;QAE3B,MAAMD,MAAAA,GAASqC,aAAaF,aAAeF,EAAAA,gBAAAA,CAAAA;QAC3C,IAAI;YACFT,MAAOxB,CAAAA,MAAM,CAACE,SAAS,CAACF,MAAAA,CAAAA;AAC1B,SAAA,CAAE,OAAOsC,CAAG,EAAA;AACV,YAAA,IAAIA,aAAaC,KAAO,EAAA;gBACtB,MAAM,IAAIA,KAAM,CAAA,CAAC,gBAAgB,EAAElB,UAAW,CAAA,SAAS,EAAEiB,CAAAA,CAAEE,OAAO,CAAC,CAAC,CAAA;AACtE;YAEA,MAAMF,CAAAA;AACR;AACAd,QAAAA,MAAAA,CAAOxB,MAAM,GAAGA,MAAAA;AAClB;AACF,CAAA;AAEe,eAAeyC,YAAY7B,OAAmB,EAAA;AAC3D,IAAA,MAAMF,UAAmB,EAAC;IAE1B,MAAMgC,cAAAA,GAAiB,MAAMC,iBAAkB/B,CAAAA,OAAAA,CAAAA;AAE/CA,IAAAA,OAAAA,CAAOZ,MAAM,CAAC4C,GAAG,CAAC,gBAAkBF,EAAAA,cAAAA,CAAAA;AAEpC,IAAA,KAAK,MAAMrB,UAAAA,IAAcC,MAAOC,CAAAA,IAAI,CAACmB,cAAiB,CAAA,CAAA;QACpD,MAAMG,aAAAA,GAAgBH,cAAc,CAACrB,UAAW,CAAA;QAEhD,IAAIyB,oBAAAA;AACJ,QAAA,IAAIC,cAAiB,GAAA,oBAAA;QAErB,IAAI;YACFA,cAAiB,GACfC,CAAAA,OAAQC,CAAAA,OAAO,CAACJ,aAAcK,CAAAA,WAAW,EAAE,eAAiB,EAAA;gBAC1DC,OAAS,EAAA;aACL,CAAA,IAAA,oBAAmB,EACzBC,QAAQ,EAAA;AACZ,SAAA,CAAE,OAAOd,CAAG,EAAA;;AAEZ;QAEA,IAAI;YACFQ,oBAAuBO,GAAAA,IAAAA,CAAKR,aAAcS,CAAAA,YAAY,EAAEP,cAAAA,CAAAA;AAC1D,SAAA,CAAE,OAAOT,CAAG,EAAA;YACV,MAAM,IAAIC,KACR,CAAA,CAAC,yBAAyB,EAAElB,WAAW,SAAS,EAAEA,UAAW,CAAA,iFAAiF,CAAC,CAAA;AAEnJ;;AAGA,QAAA,IAAI,CAAE,MAAML,GAAIC,CAAAA,UAAU,CAAC6B,oBAAwB,CAAA,EAAA;AACjD,YAAA;AACF;AAEA,QAAA,MAAMS,eAAeC,cAAeV,CAAAA,oBAAAA,CAAAA;QACpCpC,OAAO,CAACW,WAAW,GAAG;AACpB,YAAA,GAAGzB,aAAa;AAChB,YAAA,GAAG2D,YAAY;AACf/C,YAAAA,YAAAA,EAAciD,kBAAmBpC,CAAAA,UAAAA,EAAYkC,YAAa/C,CAAAA,YAAY,IAAI,EAAC,CAAA;AAC3ER,YAAAA,MAAAA,EAAQ0D,QAAS9D,CAAAA,aAAAA,CAAcI,MAAM,EAAEuD,aAAavD,MAAM,CAAA;AAC1DG,YAAAA,MAAAA,EAAQoD,YAAapD,CAAAA,MAAM,IAAIP,aAAAA,CAAcO;AAC/C,SAAA;AACF;;AAGA,IAAA,MAAM2B,eAAgBpB,CAAAA,OAAAA,CAAAA;AACtB,IAAA,MAAMD,kBAAmBC,CAAAA,OAAAA,CAAAA;AAEzB,IAAA,KAAK,MAAMW,UAAAA,IAAcC,MAAOC,CAAAA,IAAI,CAACb,OAAU,CAAA,CAAA;QAC7CE,OAAOe,CAAAA,GAAG,CAAC,SAAWgC,CAAAA,CAAAA,GAAG,CAACtC,UAAYX,EAAAA,OAAO,CAACW,UAAW,CAAA,CAAA;AAC3D;AACF;AAEA,MAAMoC,kBAAAA,GAAqB,CACzBpC,UACAb,EAAAA,YAAAA,GAAAA;AAEAc,IAAAA,MAAAA,CAAOsC,MAAM,CAACpD,YAAcqD,CAAAA,CAAAA,OAAO,CAAC,CAACC,UAAAA,GAAAA;QACnC,MAAM,EAAElC,MAAM,EAAE,GAAGkC,UAAAA;QAEnBxC,MAAOyC,CAAAA,MAAM,CAACnC,MAAQ,EAAA;YACpBJ,MAAQH,EAAAA,UAAAA;AACR2C,YAAAA,cAAAA,EACEpC,MAAOoC,CAAAA,cAAc,IAAI,CAAC,EAAE3C,UAAW,CAAA,CAAC,EAAEO,MAAAA,CAAOqC,IAAI,CAACC,YAAY,CAAC,CAAC,CAACC,WAAW,EAAA;AAClFC,YAAAA,QAAAA,EAAUC,YAAYzC,MAAQP,EAAAA,UAAAA;AAChC,SAAA,CAAA;AACF,KAAA,CAAA;IAEA,OAAOb,YAAAA;AACT,CAAA;;;;"}
1
+ {"version":3,"file":"index.mjs","sources":["../../../src/loaders/plugins/index.ts"],"sourcesContent":["import { join } from 'path';\nimport fse from 'fs-extra';\nimport { defaultsDeep, defaults, getOr, get } from 'lodash/fp';\nimport * as resolve from 'resolve.exports';\n\nimport { env } from '@strapi/utils';\nimport type { Core, Plugin, Struct } from '@strapi/types';\nimport { loadConfigFile } from '../../utils/load-config-file';\nimport { loadFiles } from '../../utils/load-files';\nimport { getEnabledPlugins } from './get-enabled-plugins';\nimport { getUserPluginsConfig } from './get-user-plugins-config';\nimport { getGlobalId } from '../../domain/content-type';\n\ninterface Plugins {\n [key: string]: Plugin.LoadedPlugin;\n}\n\nconst defaultPlugin = {\n bootstrap() {},\n destroy() {},\n register() {},\n config: {\n default: {},\n validator() {},\n },\n routes: [],\n controllers: {},\n services: {},\n policies: {},\n middlewares: {},\n contentTypes: {},\n};\n\nconst applyUserExtension = async (plugins: Plugins) => {\n const extensionsDir = strapi.dirs.dist.extensions;\n if (!(await fse.pathExists(extensionsDir))) {\n return;\n }\n\n const extendedSchemas = await loadFiles(extensionsDir, '**/content-types/**/schema.json');\n const strapiServers = await loadFiles(extensionsDir, '**/strapi-server.js');\n\n for (const pluginName of Object.keys(plugins)) {\n const plugin = plugins[pluginName];\n // first: load json schema\n for (const ctName of Object.keys(plugin.contentTypes)) {\n const extendedSchema = get([pluginName, 'content-types', ctName, 'schema'], extendedSchemas);\n if (extendedSchema) {\n plugin.contentTypes[ctName].schema = {\n ...plugin.contentTypes[ctName].schema,\n ...extendedSchema,\n };\n }\n }\n // second: execute strapi-server extension\n const strapiServer = get([pluginName, 'strapi-server'], strapiServers);\n if (strapiServer) {\n plugins[pluginName] = await strapiServer(plugin);\n }\n }\n};\n\nconst applyUserConfig = async (plugins: Plugins) => {\n const userPluginsConfig = await getUserPluginsConfig();\n\n for (const pluginName of Object.keys(plugins)) {\n const plugin = plugins[pluginName];\n const userPluginConfig = getOr({}, `${pluginName}.config`, userPluginsConfig);\n const defaultConfig =\n typeof plugin.config.default === 'function'\n ? plugin.config.default({ env })\n : plugin.config.default;\n\n const config = defaultsDeep(defaultConfig, userPluginConfig);\n try {\n plugin.config.validator(config);\n } catch (e) {\n if (e instanceof Error) {\n throw new Error(`Error regarding ${pluginName} config: ${e.message}`);\n }\n\n throw e;\n }\n plugin.config = config;\n }\n};\n\nexport default async function loadPlugins(strapi: Core.Strapi) {\n const plugins: Plugins = {};\n\n const enabledPlugins = await getEnabledPlugins(strapi);\n\n strapi.config.set('enabledPlugins', enabledPlugins);\n\n for (const pluginName of Object.keys(enabledPlugins)) {\n const enabledPlugin = enabledPlugins[pluginName];\n\n let serverEntrypointPath;\n let resolvedExport = './strapi-server.js';\n\n try {\n resolvedExport = (\n resolve.exports(enabledPlugin.packageInfo, 'strapi-server', {\n require: true,\n }) ?? './strapi-server.js'\n ).toString();\n } catch (e) {\n // no export map or missing strapi-server export => fallback to default\n }\n\n try {\n serverEntrypointPath = join(enabledPlugin.pathToPlugin, resolvedExport);\n } catch (e) {\n throw new Error(\n `Error loading the plugin ${pluginName} because ${pluginName} is not installed. Please either install the plugin or remove its configuration.`\n );\n }\n\n // only load plugins with a server entrypoint\n if (!(await fse.pathExists(serverEntrypointPath))) {\n continue;\n }\n\n const pluginServer = loadConfigFile(serverEntrypointPath);\n plugins[pluginName] = {\n ...defaultPlugin,\n ...pluginServer,\n contentTypes: formatContentTypes(pluginName, pluginServer.contentTypes ?? {}),\n config: defaults(defaultPlugin.config, pluginServer.config),\n routes: pluginServer.routes ?? defaultPlugin.routes,\n };\n }\n\n // TODO: validate plugin format\n await applyUserConfig(plugins);\n await applyUserExtension(plugins);\n\n for (const pluginName of Object.keys(plugins)) {\n strapi.get('plugins').add(pluginName, plugins[pluginName]);\n }\n}\n\nconst formatContentTypes = (\n pluginName: string,\n contentTypes: Record<string, { schema: Struct.ContentTypeSchema }>\n) => {\n Object.values(contentTypes).forEach((definition) => {\n const { schema } = definition;\n\n Object.assign(schema, {\n plugin: pluginName,\n collectionName:\n schema.collectionName || `${pluginName}_${schema.info.singularName}`.toLowerCase(),\n globalId: getGlobalId(schema, pluginName),\n });\n });\n\n return contentTypes;\n};\n"],"names":["defaultPlugin","bootstrap","destroy","register","config","default","validator","routes","controllers","services","policies","middlewares","contentTypes","applyUserExtension","plugins","extensionsDir","strapi","dirs","dist","extensions","fse","pathExists","extendedSchemas","loadFiles","strapiServers","pluginName","Object","keys","plugin","ctName","extendedSchema","get","schema","strapiServer","applyUserConfig","userPluginsConfig","getUserPluginsConfig","userPluginConfig","getOr","defaultConfig","env","defaultsDeep","e","Error","message","loadPlugins","enabledPlugins","getEnabledPlugins","set","enabledPlugin","serverEntrypointPath","resolvedExport","resolve","exports","packageInfo","require","toString","join","pathToPlugin","pluginServer","loadConfigFile","formatContentTypes","defaults","add","values","forEach","definition","assign","collectionName","info","singularName","toLowerCase","globalId","getGlobalId"],"mappings":";;;;;;;;;;;AAiBA,MAAMA,aAAgB,GAAA;IACpBC,SAAa,CAAA,GAAA,EAAA;IACbC,OAAW,CAAA,GAAA,EAAA;IACXC,QAAY,CAAA,GAAA,EAAA;IACZC,MAAQ,EAAA;AACNC,QAAAA,OAAAA,EAAS,EAAC;QACVC,SAAa,CAAA,GAAA;AACf,KAAA;AACAC,IAAAA,MAAAA,EAAQ,EAAE;AACVC,IAAAA,WAAAA,EAAa,EAAC;AACdC,IAAAA,QAAAA,EAAU,EAAC;AACXC,IAAAA,QAAAA,EAAU,EAAC;AACXC,IAAAA,WAAAA,EAAa,EAAC;AACdC,IAAAA,YAAAA,EAAc;AAChB,CAAA;AAEA,MAAMC,qBAAqB,OAAOC,OAAAA,GAAAA;AAChC,IAAA,MAAMC,gBAAgBC,MAAOC,CAAAA,IAAI,CAACC,IAAI,CAACC,UAAU;AACjD,IAAA,IAAI,CAAE,MAAMC,GAAIC,CAAAA,UAAU,CAACN,aAAiB,CAAA,EAAA;AAC1C,QAAA;AACF;IAEA,MAAMO,eAAAA,GAAkB,MAAMC,SAAAA,CAAUR,aAAe,EAAA,iCAAA,CAAA;IACvD,MAAMS,aAAAA,GAAgB,MAAMD,SAAAA,CAAUR,aAAe,EAAA,qBAAA,CAAA;AAErD,IAAA,KAAK,MAAMU,UAAAA,IAAcC,MAAOC,CAAAA,IAAI,CAACb,OAAU,CAAA,CAAA;QAC7C,MAAMc,MAAAA,GAASd,OAAO,CAACW,UAAW,CAAA;;AAElC,QAAA,KAAK,MAAMI,MAAUH,IAAAA,MAAAA,CAAOC,IAAI,CAACC,MAAAA,CAAOhB,YAAY,CAAG,CAAA;AACrD,YAAA,MAAMkB,iBAAiBC,GAAI,CAAA;AAACN,gBAAAA,UAAAA;AAAY,gBAAA,eAAA;AAAiBI,gBAAAA,MAAAA;AAAQ,gBAAA;aAAS,EAAEP,eAAAA,CAAAA;AAC5E,YAAA,IAAIQ,cAAgB,EAAA;AAClBF,gBAAAA,MAAAA,CAAOhB,YAAY,CAACiB,MAAO,CAAA,CAACG,MAAM,GAAG;AACnC,oBAAA,GAAGJ,MAAOhB,CAAAA,YAAY,CAACiB,MAAAA,CAAO,CAACG,MAAM;AACrC,oBAAA,GAAGF;AACL,iBAAA;AACF;AACF;;AAEA,QAAA,MAAMG,eAAeF,GAAI,CAAA;AAACN,YAAAA,UAAAA;AAAY,YAAA;SAAgB,EAAED,aAAAA,CAAAA;AACxD,QAAA,IAAIS,YAAc,EAAA;AAChBnB,YAAAA,OAAO,CAACW,UAAAA,CAAW,GAAG,MAAMQ,YAAaL,CAAAA,MAAAA,CAAAA;AAC3C;AACF;AACF,CAAA;AAEA,MAAMM,kBAAkB,OAAOpB,OAAAA,GAAAA;AAC7B,IAAA,MAAMqB,oBAAoB,MAAMC,oBAAAA,EAAAA;AAEhC,IAAA,KAAK,MAAMX,UAAAA,IAAcC,MAAOC,CAAAA,IAAI,CAACb,OAAU,CAAA,CAAA;QAC7C,MAAMc,MAAAA,GAASd,OAAO,CAACW,UAAW,CAAA;QAClC,MAAMY,gBAAAA,GAAmBC,MAAM,EAAC,EAAG,CAAC,EAAEb,UAAAA,CAAW,OAAO,CAAC,EAAEU,iBAAAA,CAAAA;AAC3D,QAAA,MAAMI,aACJ,GAAA,OAAOX,MAAOxB,CAAAA,MAAM,CAACC,OAAO,KAAK,UAAA,GAC7BuB,MAAOxB,CAAAA,MAAM,CAACC,OAAO,CAAC;AAAEmC,YAAAA;SACxBZ,CAAAA,GAAAA,MAAAA,CAAOxB,MAAM,CAACC,OAAO;QAE3B,MAAMD,MAAAA,GAASqC,aAAaF,aAAeF,EAAAA,gBAAAA,CAAAA;QAC3C,IAAI;YACFT,MAAOxB,CAAAA,MAAM,CAACE,SAAS,CAACF,MAAAA,CAAAA;AAC1B,SAAA,CAAE,OAAOsC,CAAG,EAAA;AACV,YAAA,IAAIA,aAAaC,KAAO,EAAA;gBACtB,MAAM,IAAIA,KAAM,CAAA,CAAC,gBAAgB,EAAElB,UAAW,CAAA,SAAS,EAAEiB,CAAAA,CAAEE,OAAO,CAAC,CAAC,CAAA;AACtE;YAEA,MAAMF,CAAAA;AACR;AACAd,QAAAA,MAAAA,CAAOxB,MAAM,GAAGA,MAAAA;AAClB;AACF,CAAA;AAEe,eAAeyC,YAAY7B,OAAmB,EAAA;AAC3D,IAAA,MAAMF,UAAmB,EAAC;IAE1B,MAAMgC,cAAAA,GAAiB,MAAMC,iBAAkB/B,CAAAA,OAAAA,CAAAA;AAE/CA,IAAAA,OAAAA,CAAOZ,MAAM,CAAC4C,GAAG,CAAC,gBAAkBF,EAAAA,cAAAA,CAAAA;AAEpC,IAAA,KAAK,MAAMrB,UAAAA,IAAcC,MAAOC,CAAAA,IAAI,CAACmB,cAAiB,CAAA,CAAA;QACpD,MAAMG,aAAAA,GAAgBH,cAAc,CAACrB,UAAW,CAAA;QAEhD,IAAIyB,oBAAAA;AACJ,QAAA,IAAIC,cAAiB,GAAA,oBAAA;QAErB,IAAI;YACFA,cAAiB,GACfC,CAAAA,OAAQC,CAAAA,OAAO,CAACJ,aAAcK,CAAAA,WAAW,EAAE,eAAiB,EAAA;gBAC1DC,OAAS,EAAA;aACL,CAAA,IAAA,oBAAmB,EACzBC,QAAQ,EAAA;AACZ,SAAA,CAAE,OAAOd,CAAG,EAAA;;AAEZ;QAEA,IAAI;YACFQ,oBAAuBO,GAAAA,IAAAA,CAAKR,aAAcS,CAAAA,YAAY,EAAEP,cAAAA,CAAAA;AAC1D,SAAA,CAAE,OAAOT,CAAG,EAAA;YACV,MAAM,IAAIC,KACR,CAAA,CAAC,yBAAyB,EAAElB,WAAW,SAAS,EAAEA,UAAW,CAAA,gFAAgF,CAAC,CAAA;AAElJ;;AAGA,QAAA,IAAI,CAAE,MAAML,GAAIC,CAAAA,UAAU,CAAC6B,oBAAwB,CAAA,EAAA;AACjD,YAAA;AACF;AAEA,QAAA,MAAMS,eAAeC,cAAeV,CAAAA,oBAAAA,CAAAA;QACpCpC,OAAO,CAACW,WAAW,GAAG;AACpB,YAAA,GAAGzB,aAAa;AAChB,YAAA,GAAG2D,YAAY;AACf/C,YAAAA,YAAAA,EAAciD,kBAAmBpC,CAAAA,UAAAA,EAAYkC,YAAa/C,CAAAA,YAAY,IAAI,EAAC,CAAA;AAC3ER,YAAAA,MAAAA,EAAQ0D,QAAS9D,CAAAA,aAAAA,CAAcI,MAAM,EAAEuD,aAAavD,MAAM,CAAA;AAC1DG,YAAAA,MAAAA,EAAQoD,YAAapD,CAAAA,MAAM,IAAIP,aAAAA,CAAcO;AAC/C,SAAA;AACF;;AAGA,IAAA,MAAM2B,eAAgBpB,CAAAA,OAAAA,CAAAA;AACtB,IAAA,MAAMD,kBAAmBC,CAAAA,OAAAA,CAAAA;AAEzB,IAAA,KAAK,MAAMW,UAAAA,IAAcC,MAAOC,CAAAA,IAAI,CAACb,OAAU,CAAA,CAAA;QAC7CE,OAAOe,CAAAA,GAAG,CAAC,SAAWgC,CAAAA,CAAAA,GAAG,CAACtC,UAAYX,EAAAA,OAAO,CAACW,UAAW,CAAA,CAAA;AAC3D;AACF;AAEA,MAAMoC,kBAAAA,GAAqB,CACzBpC,UACAb,EAAAA,YAAAA,GAAAA;AAEAc,IAAAA,MAAAA,CAAOsC,MAAM,CAACpD,YAAcqD,CAAAA,CAAAA,OAAO,CAAC,CAACC,UAAAA,GAAAA;QACnC,MAAM,EAAElC,MAAM,EAAE,GAAGkC,UAAAA;QAEnBxC,MAAOyC,CAAAA,MAAM,CAACnC,MAAQ,EAAA;YACpBJ,MAAQH,EAAAA,UAAAA;AACR2C,YAAAA,cAAAA,EACEpC,MAAOoC,CAAAA,cAAc,IAAI,CAAC,EAAE3C,UAAW,CAAA,CAAC,EAAEO,MAAAA,CAAOqC,IAAI,CAACC,YAAY,CAAC,CAAC,CAACC,WAAW,EAAA;AAClFC,YAAAA,QAAAA,EAAUC,YAAYzC,MAAQP,EAAAA,UAAAA;AAChC,SAAA,CAAA;AACF,KAAA,CAAA;IAEA,OAAOb,YAAAA;AACT,CAAA;;;;"}
package/dist/middlewares/security.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"security.d.ts","sourceRoot":"","sources":["../../src/middlewares/security.ts"],"names":[],"mappings":"AACA,OAAe,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAE/C,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,eAAe,CAAC;AAE1C,MAAM,MAAM,MAAM,GAAG,WAAW,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAkC3D,eAAO,MAAM,QAAQ,EAAE,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAmEjD,CAAC"}
1
+ {"version":3,"file":"security.d.ts","sourceRoot":"","sources":["../../src/middlewares/security.ts"],"names":[],"mappings":"AACA,OAAe,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAG/C,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,eAAe,CAAC;AAE1C,MAAM,MAAM,MAAM,GAAG,WAAW,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAgC3D,eAAO,MAAM,QAAQ,EAAE,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAkEjD,CAAC"}
package/dist/middlewares/security.js CHANGED
@@ -2,6 +2,7 @@
2
2
 
3
3
  var fp = require('lodash/fp');
4
4
  var helmet = require('koa-helmet');
5
+ var strapiUtils = require('@strapi/utils');
5
6
 
6
7
  const defaults = {
7
8
  crossOriginEmbedderPolicy: false,
@@ -11,21 +12,7 @@ const defaults = {
11
12
  contentSecurityPolicy: {
12
13
  useDefaults: true,
13
14
  directives: {
14
- 'connect-src': [
15
- "'self'",
16
- 'https:'
17
- ],
18
- 'img-src': [
19
- "'self'",
20
- 'data:',
21
- 'blob:',
22
- 'https://market-assets.strapi.io'
23
- ],
24
- 'media-src': [
25
- "'self'",
26
- 'data:',
27
- 'blob:'
28
- ],
15
+ ...strapiUtils.CSP_DEFAULTS,
29
16
  upgradeInsecureRequests: null
30
17
  }
31
18
  },
package/dist/middlewares/security.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"security.js","sources":["../../src/middlewares/security.ts"],"sourcesContent":["import { defaultsDeep, mergeWith } from 'lodash/fp';\nimport helmet, { KoaHelmet } from 'koa-helmet';\n\nimport type { Core } from '@strapi/types';\n\nexport type Config = NonNullable<Parameters<KoaHelmet>[0]>;\n\nconst defaults: Config = {\n crossOriginEmbedderPolicy: false,\n crossOriginOpenerPolicy: false,\n crossOriginResourcePolicy: false,\n originAgentCluster: false,\n contentSecurityPolicy: {\n useDefaults: true,\n directives: {\n 'connect-src': [\"'self'\", 'https:'],\n 'img-src': [\"'self'\", 'data:', 'blob:', 'https://market-assets.strapi.io'],\n 'media-src': [\"'self'\", 'data:', 'blob:'],\n upgradeInsecureRequests: null,\n },\n },\n xssFilter: false,\n hsts: {\n maxAge: 31536000,\n includeSubDomains: true,\n },\n frameguard: {\n action: 'sameorigin',\n },\n};\n\nconst mergeConfig = (existingConfig: Config, newConfig: Config) => {\n return mergeWith(\n (obj, src) => (Array.isArray(obj) && Array.isArray(src) ? obj.concat(src) : undefined),\n existingConfig,\n newConfig\n );\n};\n\nexport const security: Core.MiddlewareFactory<Config> =\n (config, { strapi }) =>\n (ctx, next) => {\n let helmetConfig: Config = defaultsDeep(defaults, config);\n\n const specialPaths = ['/documentation'];\n\n const directives: {\n 'script-src': string[];\n 'img-src': string[];\n 'manifest-src': string[];\n 'frame-src': string[];\n } = {\n 'script-src': [\"'self'\", \"'unsafe-inline'\", 'cdn.jsdelivr.net'],\n 'img-src': [\"'self'\", 'data:', 'cdn.jsdelivr.net', 'strapi.io'],\n 'manifest-src': [],\n 'frame-src': [],\n };\n\n // if apollo graphql playground is enabled, add exceptions for it\n if (strapi.plugin('graphql')?.service('utils').playground.isEnabled()) {\n const { config: gqlConfig } = strapi.plugin('graphql');\n specialPaths.push(gqlConfig('endpoint'));\n\n directives['script-src'].push(`https: 'unsafe-inline'`);\n directives['img-src'].push(`'apollo-server-landing-page.cdn.apollographql.com'`);\n directives['manifest-src'].push(`'self'`);\n directives['manifest-src'].push('apollo-server-landing-page.cdn.apollographql.com');\n directives['frame-src'].push(`'self'`);\n directives['frame-src'].push('sandbox.embed.apollographql.com');\n }\n\n // TODO: we shouldn't combine playground exceptions with documentation for all routes, we should first check the path and then return exceptions specific to that\n if (ctx.method === 'GET' && specialPaths.some((str) => ctx.path.startsWith(str))) {\n helmetConfig = mergeConfig(helmetConfig, {\n crossOriginEmbedderPolicy: false, // TODO: only use this for graphql playground\n contentSecurityPolicy: {\n directives,\n },\n });\n }\n\n /**\n * These are for vite's watch mode so it can accurately\n * connect to the HMR websocket & reconnect on failure\n * or when the server restarts.\n *\n * It only applies in development, and only on GET requests\n * that are part of the admin route.\n */\n\n if (\n ['development', 'test'].includes(process.env.NODE_ENV ?? '') &&\n ctx.method === 'GET' &&\n ctx.path.startsWith(strapi.config.get('admin.path'))\n ) {\n helmetConfig = mergeConfig(helmetConfig, {\n contentSecurityPolicy: {\n directives: {\n 'script-src': [\"'self'\", \"'unsafe-inline'\"],\n 'connect-src': [\"'self'\", 'http:', 'https:', 'ws:'],\n },\n },\n });\n }\n\n return helmet(helmetConfig)(ctx, next);\n };\n"],"names":["defaults","crossOriginEmbedderPolicy","crossOriginOpenerPolicy","crossOriginResourcePolicy","originAgentCluster","contentSecurityPolicy","useDefaults","directives","upgradeInsecureRequests","xssFilter","hsts","maxAge","includeSubDomains","frameguard","action","mergeConfig","existingConfig","newConfig","mergeWith","obj","src","Array","isArray","concat","undefined","security","config","strapi","ctx","next","helmetConfig","defaultsDeep","specialPaths","plugin","service","playground","isEnabled","gqlConfig","push","method","some","str","path","startsWith","includes","process","env","NODE_ENV","get","helmet"],"mappings":";;;;;AAOA,MAAMA,QAAmB,GAAA;IACvBC,yBAA2B,EAAA,KAAA;IAC3BC,uBAAyB,EAAA,KAAA;IACzBC,yBAA2B,EAAA,KAAA;IAC3BC,kBAAoB,EAAA,KAAA;IACpBC,qBAAuB,EAAA;QACrBC,WAAa,EAAA,IAAA;QACbC,UAAY,EAAA;YACV,aAAe,EAAA;AAAC,gBAAA,QAAA;AAAU,gBAAA;AAAS,aAAA;YACnC,SAAW,EAAA;AAAC,gBAAA,QAAA;AAAU,gBAAA,OAAA;AAAS,gBAAA,OAAA;AAAS,gBAAA;AAAkC,aAAA;YAC1E,WAAa,EAAA;AAAC,gBAAA,QAAA;AAAU,gBAAA,OAAA;AAAS,gBAAA;AAAQ,aAAA;YACzCC,uBAAyB,EAAA;AAC3B;AACF,KAAA;IACAC,SAAW,EAAA,KAAA;IACXC,IAAM,EAAA;QACJC,MAAQ,EAAA,QAAA;QACRC,iBAAmB,EAAA;AACrB,KAAA;IACAC,UAAY,EAAA;QACVC,MAAQ,EAAA;AACV;AACF,CAAA;AAEA,MAAMC,WAAAA,GAAc,CAACC,cAAwBC,EAAAA,SAAAA,GAAAA;AAC3C,IAAA,OAAOC,aACL,CAACC,GAAAA,EAAKC,GAASC,GAAAA,KAAAA,CAAMC,OAAO,CAACH,GAAAA,CAAAA,IAAQE,KAAMC,CAAAA,OAAO,CAACF,GAAOD,CAAAA,GAAAA,GAAAA,CAAII,MAAM,CAACH,GAAAA,CAAAA,GAAOI,WAC5ER,cACAC,EAAAA,SAAAA,CAAAA;AAEJ,CAAA;AAEO,MAAMQ,WACX,CAACC,MAAAA,EAAQ,EAAEC,MAAM,EAAE,GACnB,CAACC,GAAKC,EAAAA,IAAAA,GAAAA;QACJ,IAAIC,YAAAA,GAAuBC,gBAAa/B,QAAU0B,EAAAA,MAAAA,CAAAA;AAElD,QAAA,MAAMM,YAAe,GAAA;AAAC,YAAA;AAAiB,SAAA;AAEvC,QAAA,MAAMzB,UAKF,GAAA;YACF,YAAc,EAAA;AAAC,gBAAA,QAAA;AAAU,gBAAA,iBAAA;AAAmB,gBAAA;AAAmB,aAAA;YAC/D,SAAW,EAAA;AAAC,gBAAA,QAAA;AAAU,gBAAA,OAAA;AAAS,gBAAA,kBAAA;AAAoB,gBAAA;AAAY,aAAA;AAC/D,YAAA,cAAA,EAAgB,EAAE;AAClB,YAAA,WAAA,EAAa;AACf,SAAA;;AAGA,QAAA,IAAIoB,OAAOM,MAAM,CAAC,YAAYC,OAAQ,CAAA,OAAA,CAAA,CAASC,WAAWC,SAAa,EAAA,EAAA;AACrE,YAAA,MAAM,EAAEV,MAAQW,EAAAA,SAAS,EAAE,GAAGV,MAAAA,CAAOM,MAAM,CAAC,SAAA,CAAA;YAC5CD,YAAaM,CAAAA,IAAI,CAACD,SAAU,CAAA,UAAA,CAAA,CAAA;AAE5B9B,YAAAA,UAAU,CAAC,YAAa,CAAA,CAAC+B,IAAI,CAAC,CAAC,sBAAsB,CAAC,CAAA;AACtD/B,YAAAA,UAAU,CAAC,SAAU,CAAA,CAAC+B,IAAI,CAAC,CAAC,kDAAkD,CAAC,CAAA;AAC/E/B,YAAAA,UAAU,CAAC,cAAe,CAAA,CAAC+B,IAAI,CAAC,CAAC,MAAM,CAAC,CAAA;AACxC/B,YAAAA,UAAU,CAAC,cAAA,CAAe,CAAC+B,IAAI,CAAC,kDAAA,CAAA;AAChC/B,YAAAA,UAAU,CAAC,WAAY,CAAA,CAAC+B,IAAI,CAAC,CAAC,MAAM,CAAC,CAAA;AACrC/B,YAAAA,UAAU,CAAC,WAAA,CAAY,CAAC+B,IAAI,CAAC,iCAAA,CAAA;AAC/B;;AAGA,QAAA,IAAIV,GAAIW,CAAAA,MAAM,KAAK,KAAA,IAASP,aAAaQ,IAAI,CAAC,CAACC,GAAAA,GAAQb,GAAIc,CAAAA,IAAI,CAACC,UAAU,CAACF,GAAO,CAAA,CAAA,EAAA;AAChFX,YAAAA,YAAAA,GAAef,YAAYe,YAAc,EAAA;gBACvC7B,yBAA2B,EAAA,KAAA;gBAC3BI,qBAAuB,EAAA;AACrBE,oBAAAA;AACF;AACF,aAAA,CAAA;AACF;AAEA;;;;;;;AAOC,QAED,IACE;AAAC,YAAA,aAAA;AAAe,YAAA;SAAO,CAACqC,QAAQ,CAACC,OAAQC,CAAAA,GAAG,CAACC,QAAQ,IAAI,EACzDnB,CAAAA,IAAAA,GAAAA,CAAIW,MAAM,KAAK,SACfX,GAAIc,CAAAA,IAAI,CAACC,UAAU,CAAChB,OAAOD,MAAM,CAACsB,GAAG,CAAC,YACtC,CAAA,CAAA,EAAA;AACAlB,YAAAA,YAAAA,GAAef,YAAYe,YAAc,EAAA;gBACvCzB,qBAAuB,EAAA;oBACrBE,UAAY,EAAA;wBACV,YAAc,EAAA;AAAC,4BAAA,QAAA;AAAU,4BAAA;AAAkB,yBAAA;wBAC3C,aAAe,EAAA;AAAC,4BAAA,QAAA;AAAU,4BAAA,OAAA;AAAS,4BAAA,QAAA;AAAU,4BAAA;AAAM;AACrD;AACF;AACF,aAAA,CAAA;AACF;QAEA,OAAO0C,MAAAA,CAAOnB,cAAcF,GAAKC,EAAAA,IAAAA,CAAAA;;;;;"}
1
+ {"version":3,"file":"security.js","sources":["../../src/middlewares/security.ts"],"sourcesContent":["import { defaultsDeep, mergeWith } from 'lodash/fp';\nimport helmet, { KoaHelmet } from 'koa-helmet';\nimport { CSP_DEFAULTS } from '@strapi/utils';\n\nimport type { Core } from '@strapi/types';\n\nexport type Config = NonNullable<Parameters<KoaHelmet>[0]>;\n\nconst defaults: Config = {\n crossOriginEmbedderPolicy: false,\n crossOriginOpenerPolicy: false,\n crossOriginResourcePolicy: false,\n originAgentCluster: false,\n contentSecurityPolicy: {\n useDefaults: true,\n directives: {\n ...CSP_DEFAULTS,\n upgradeInsecureRequests: null,\n },\n },\n xssFilter: false,\n hsts: {\n maxAge: 31536000,\n includeSubDomains: true,\n },\n frameguard: {\n action: 'sameorigin',\n },\n};\n\nconst mergeConfig = (existingConfig: Config, newConfig: Config) => {\n return mergeWith(\n (obj, src) => (Array.isArray(obj) && Array.isArray(src) ? obj.concat(src) : undefined),\n existingConfig,\n newConfig\n );\n};\n\nexport const security: Core.MiddlewareFactory<Config> =\n (config, { strapi }) =>\n (ctx, next) => {\n let helmetConfig: Config = defaultsDeep(defaults, config);\n const specialPaths = ['/documentation'];\n\n const directives: {\n 'script-src': string[];\n 'img-src': string[];\n 'manifest-src': string[];\n 'frame-src': string[];\n } = {\n 'script-src': [\"'self'\", \"'unsafe-inline'\", 'cdn.jsdelivr.net'],\n 'img-src': [\"'self'\", 'data:', 'cdn.jsdelivr.net', 'strapi.io'],\n 'manifest-src': [],\n 'frame-src': [],\n };\n\n // if apollo graphql playground is enabled, add exceptions for it\n if (strapi.plugin('graphql')?.service('utils').playground.isEnabled()) {\n const { config: gqlConfig } = strapi.plugin('graphql');\n specialPaths.push(gqlConfig('endpoint'));\n\n directives['script-src'].push(`https: 'unsafe-inline'`);\n directives['img-src'].push(`'apollo-server-landing-page.cdn.apollographql.com'`);\n directives['manifest-src'].push(`'self'`);\n directives['manifest-src'].push('apollo-server-landing-page.cdn.apollographql.com');\n directives['frame-src'].push(`'self'`);\n directives['frame-src'].push('sandbox.embed.apollographql.com');\n }\n\n // TODO: we shouldn't combine playground exceptions with documentation for all routes, we should first check the path and then return exceptions specific to that\n if (ctx.method === 'GET' && specialPaths.some((str) => ctx.path.startsWith(str))) {\n helmetConfig = mergeConfig(helmetConfig, {\n crossOriginEmbedderPolicy: false, // TODO: only use this for graphql playground\n contentSecurityPolicy: {\n directives,\n },\n });\n }\n\n /**\n * These are for vite's watch mode so it can accurately\n * connect to the HMR websocket & reconnect on failure\n * or when the server restarts.\n *\n * It only applies in development, and only on GET requests\n * that are part of the admin route.\n */\n\n if (\n ['development', 'test'].includes(process.env.NODE_ENV ?? '') &&\n ctx.method === 'GET' &&\n ctx.path.startsWith(strapi.config.get('admin.path'))\n ) {\n helmetConfig = mergeConfig(helmetConfig, {\n contentSecurityPolicy: {\n directives: {\n 'script-src': [\"'self'\", \"'unsafe-inline'\"],\n 'connect-src': [\"'self'\", 'http:', 'https:', 'ws:'],\n },\n },\n });\n }\n\n return helmet(helmetConfig)(ctx, next);\n };\n"],"names":["defaults","crossOriginEmbedderPolicy","crossOriginOpenerPolicy","crossOriginResourcePolicy","originAgentCluster","contentSecurityPolicy","useDefaults","directives","CSP_DEFAULTS","upgradeInsecureRequests","xssFilter","hsts","maxAge","includeSubDomains","frameguard","action","mergeConfig","existingConfig","newConfig","mergeWith","obj","src","Array","isArray","concat","undefined","security","config","strapi","ctx","next","helmetConfig","defaultsDeep","specialPaths","plugin","service","playground","isEnabled","gqlConfig","push","method","some","str","path","startsWith","includes","process","env","NODE_ENV","get","helmet"],"mappings":";;;;;;AAQA,MAAMA,QAAmB,GAAA;IACvBC,yBAA2B,EAAA,KAAA;IAC3BC,uBAAyB,EAAA,KAAA;IACzBC,yBAA2B,EAAA,KAAA;IAC3BC,kBAAoB,EAAA,KAAA;IACpBC,qBAAuB,EAAA;QACrBC,WAAa,EAAA,IAAA;QACbC,UAAY,EAAA;AACV,YAAA,GAAGC,wBAAY;YACfC,uBAAyB,EAAA;AAC3B;AACF,KAAA;IACAC,SAAW,EAAA,KAAA;IACXC,IAAM,EAAA;QACJC,MAAQ,EAAA,QAAA;QACRC,iBAAmB,EAAA;AACrB,KAAA;IACAC,UAAY,EAAA;QACVC,MAAQ,EAAA;AACV;AACF,CAAA;AAEA,MAAMC,WAAAA,GAAc,CAACC,cAAwBC,EAAAA,SAAAA,GAAAA;AAC3C,IAAA,OAAOC,aACL,CAACC,GAAAA,EAAKC,GAASC,GAAAA,KAAAA,CAAMC,OAAO,CAACH,GAAAA,CAAAA,IAAQE,KAAMC,CAAAA,OAAO,CAACF,GAAOD,CAAAA,GAAAA,GAAAA,CAAII,MAAM,CAACH,GAAAA,CAAAA,GAAOI,WAC5ER,cACAC,EAAAA,SAAAA,CAAAA;AAEJ,CAAA;AAEO,MAAMQ,WACX,CAACC,MAAAA,EAAQ,EAAEC,MAAM,EAAE,GACnB,CAACC,GAAKC,EAAAA,IAAAA,GAAAA;QACJ,IAAIC,YAAAA,GAAuBC,gBAAahC,QAAU2B,EAAAA,MAAAA,CAAAA;AAClD,QAAA,MAAMM,YAAe,GAAA;AAAC,YAAA;AAAiB,SAAA;AAEvC,QAAA,MAAM1B,UAKF,GAAA;YACF,YAAc,EAAA;AAAC,gBAAA,QAAA;AAAU,gBAAA,iBAAA;AAAmB,gBAAA;AAAmB,aAAA;YAC/D,SAAW,EAAA;AAAC,gBAAA,QAAA;AAAU,gBAAA,OAAA;AAAS,gBAAA,kBAAA;AAAoB,gBAAA;AAAY,aAAA;AAC/D,YAAA,cAAA,EAAgB,EAAE;AAClB,YAAA,WAAA,EAAa;AACf,SAAA;;AAGA,QAAA,IAAIqB,OAAOM,MAAM,CAAC,YAAYC,OAAQ,CAAA,OAAA,CAAA,CAASC,WAAWC,SAAa,EAAA,EAAA;AACrE,YAAA,MAAM,EAAEV,MAAQW,EAAAA,SAAS,EAAE,GAAGV,MAAAA,CAAOM,MAAM,CAAC,SAAA,CAAA;YAC5CD,YAAaM,CAAAA,IAAI,CAACD,SAAU,CAAA,UAAA,CAAA,CAAA;AAE5B/B,YAAAA,UAAU,CAAC,YAAa,CAAA,CAACgC,IAAI,CAAC,CAAC,sBAAsB,CAAC,CAAA;AACtDhC,YAAAA,UAAU,CAAC,SAAU,CAAA,CAACgC,IAAI,CAAC,CAAC,kDAAkD,CAAC,CAAA;AAC/EhC,YAAAA,UAAU,CAAC,cAAe,CAAA,CAACgC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAA;AACxChC,YAAAA,UAAU,CAAC,cAAA,CAAe,CAACgC,IAAI,CAAC,kDAAA,CAAA;AAChChC,YAAAA,UAAU,CAAC,WAAY,CAAA,CAACgC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAA;AACrChC,YAAAA,UAAU,CAAC,WAAA,CAAY,CAACgC,IAAI,CAAC,iCAAA,CAAA;AAC/B;;AAGA,QAAA,IAAIV,GAAIW,CAAAA,MAAM,KAAK,KAAA,IAASP,aAAaQ,IAAI,CAAC,CAACC,GAAAA,GAAQb,GAAIc,CAAAA,IAAI,CAACC,UAAU,CAACF,GAAO,CAAA,CAAA,EAAA;AAChFX,YAAAA,YAAAA,GAAef,YAAYe,YAAc,EAAA;gBACvC9B,yBAA2B,EAAA,KAAA;gBAC3BI,qBAAuB,EAAA;AACrBE,oBAAAA;AACF;AACF,aAAA,CAAA;AACF;AAEA;;;;;;;AAOC,QAED,IACE;AAAC,YAAA,aAAA;AAAe,YAAA;SAAO,CAACsC,QAAQ,CAACC,OAAQC,CAAAA,GAAG,CAACC,QAAQ,IAAI,EACzDnB,CAAAA,IAAAA,GAAAA,CAAIW,MAAM,KAAK,SACfX,GAAIc,CAAAA,IAAI,CAACC,UAAU,CAAChB,OAAOD,MAAM,CAACsB,GAAG,CAAC,YACtC,CAAA,CAAA,EAAA;AACAlB,YAAAA,YAAAA,GAAef,YAAYe,YAAc,EAAA;gBACvC1B,qBAAuB,EAAA;oBACrBE,UAAY,EAAA;wBACV,YAAc,EAAA;AAAC,4BAAA,QAAA;AAAU,4BAAA;AAAkB,yBAAA;wBAC3C,aAAe,EAAA;AAAC,4BAAA,QAAA;AAAU,4BAAA,OAAA;AAAS,4BAAA,QAAA;AAAU,4BAAA;AAAM;AACrD;AACF;AACF,aAAA,CAAA;AACF;QAEA,OAAO2C,MAAAA,CAAOnB,cAAcF,GAAKC,EAAAA,IAAAA,CAAAA;;;;;"}
package/dist/middlewares/security.mjs CHANGED
@@ -1,5 +1,6 @@
1
1
  import { defaultsDeep, mergeWith } from 'lodash/fp';
2
2
  import helmet from 'koa-helmet';
3
+ import { CSP_DEFAULTS } from '@strapi/utils';
3
4
 
4
5
  const defaults = {
5
6
  crossOriginEmbedderPolicy: false,
@@ -9,21 +10,7 @@ const defaults = {
9
10
  contentSecurityPolicy: {
10
11
  useDefaults: true,
11
12
  directives: {
12
- 'connect-src': [
13
- "'self'",
14
- 'https:'
15
- ],
16
- 'img-src': [
17
- "'self'",
18
- 'data:',
19
- 'blob:',
20
- 'https://market-assets.strapi.io'
21
- ],
22
- 'media-src': [
23
- "'self'",
24
- 'data:',
25
- 'blob:'
26
- ],
13
+ ...CSP_DEFAULTS,
27
14
  upgradeInsecureRequests: null
28
15
  }
29
16
  },
package/dist/middlewares/security.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"security.mjs","sources":["../../src/middlewares/security.ts"],"sourcesContent":["import { defaultsDeep, mergeWith } from 'lodash/fp';\nimport helmet, { KoaHelmet } from 'koa-helmet';\n\nimport type { Core } from '@strapi/types';\n\nexport type Config = NonNullable<Parameters<KoaHelmet>[0]>;\n\nconst defaults: Config = {\n crossOriginEmbedderPolicy: false,\n crossOriginOpenerPolicy: false,\n crossOriginResourcePolicy: false,\n originAgentCluster: false,\n contentSecurityPolicy: {\n useDefaults: true,\n directives: {\n 'connect-src': [\"'self'\", 'https:'],\n 'img-src': [\"'self'\", 'data:', 'blob:', 'https://market-assets.strapi.io'],\n 'media-src': [\"'self'\", 'data:', 'blob:'],\n upgradeInsecureRequests: null,\n },\n },\n xssFilter: false,\n hsts: {\n maxAge: 31536000,\n includeSubDomains: true,\n },\n frameguard: {\n action: 'sameorigin',\n },\n};\n\nconst mergeConfig = (existingConfig: Config, newConfig: Config) => {\n return mergeWith(\n (obj, src) => (Array.isArray(obj) && Array.isArray(src) ? obj.concat(src) : undefined),\n existingConfig,\n newConfig\n );\n};\n\nexport const security: Core.MiddlewareFactory<Config> =\n (config, { strapi }) =>\n (ctx, next) => {\n let helmetConfig: Config = defaultsDeep(defaults, config);\n\n const specialPaths = ['/documentation'];\n\n const directives: {\n 'script-src': string[];\n 'img-src': string[];\n 'manifest-src': string[];\n 'frame-src': string[];\n } = {\n 'script-src': [\"'self'\", \"'unsafe-inline'\", 'cdn.jsdelivr.net'],\n 'img-src': [\"'self'\", 'data:', 'cdn.jsdelivr.net', 'strapi.io'],\n 'manifest-src': [],\n 'frame-src': [],\n };\n\n // if apollo graphql playground is enabled, add exceptions for it\n if (strapi.plugin('graphql')?.service('utils').playground.isEnabled()) {\n const { config: gqlConfig } = strapi.plugin('graphql');\n specialPaths.push(gqlConfig('endpoint'));\n\n directives['script-src'].push(`https: 'unsafe-inline'`);\n directives['img-src'].push(`'apollo-server-landing-page.cdn.apollographql.com'`);\n directives['manifest-src'].push(`'self'`);\n directives['manifest-src'].push('apollo-server-landing-page.cdn.apollographql.com');\n directives['frame-src'].push(`'self'`);\n directives['frame-src'].push('sandbox.embed.apollographql.com');\n }\n\n // TODO: we shouldn't combine playground exceptions with documentation for all routes, we should first check the path and then return exceptions specific to that\n if (ctx.method === 'GET' && specialPaths.some((str) => ctx.path.startsWith(str))) {\n helmetConfig = mergeConfig(helmetConfig, {\n crossOriginEmbedderPolicy: false, // TODO: only use this for graphql playground\n contentSecurityPolicy: {\n directives,\n },\n });\n }\n\n /**\n * These are for vite's watch mode so it can accurately\n * connect to the HMR websocket & reconnect on failure\n * or when the server restarts.\n *\n * It only applies in development, and only on GET requests\n * that are part of the admin route.\n */\n\n if (\n ['development', 'test'].includes(process.env.NODE_ENV ?? '') &&\n ctx.method === 'GET' &&\n ctx.path.startsWith(strapi.config.get('admin.path'))\n ) {\n helmetConfig = mergeConfig(helmetConfig, {\n contentSecurityPolicy: {\n directives: {\n 'script-src': [\"'self'\", \"'unsafe-inline'\"],\n 'connect-src': [\"'self'\", 'http:', 'https:', 'ws:'],\n },\n },\n });\n }\n\n return helmet(helmetConfig)(ctx, next);\n };\n"],"names":["defaults","crossOriginEmbedderPolicy","crossOriginOpenerPolicy","crossOriginResourcePolicy","originAgentCluster","contentSecurityPolicy","useDefaults","directives","upgradeInsecureRequests","xssFilter","hsts","maxAge","includeSubDomains","frameguard","action","mergeConfig","existingConfig","newConfig","mergeWith","obj","src","Array","isArray","concat","undefined","security","config","strapi","ctx","next","helmetConfig","defaultsDeep","specialPaths","plugin","service","playground","isEnabled","gqlConfig","push","method","some","str","path","startsWith","includes","process","env","NODE_ENV","get","helmet"],"mappings":";;;AAOA,MAAMA,QAAmB,GAAA;IACvBC,yBAA2B,EAAA,KAAA;IAC3BC,uBAAyB,EAAA,KAAA;IACzBC,yBAA2B,EAAA,KAAA;IAC3BC,kBAAoB,EAAA,KAAA;IACpBC,qBAAuB,EAAA;QACrBC,WAAa,EAAA,IAAA;QACbC,UAAY,EAAA;YACV,aAAe,EAAA;AAAC,gBAAA,QAAA;AAAU,gBAAA;AAAS,aAAA;YACnC,SAAW,EAAA;AAAC,gBAAA,QAAA;AAAU,gBAAA,OAAA;AAAS,gBAAA,OAAA;AAAS,gBAAA;AAAkC,aAAA;YAC1E,WAAa,EAAA;AAAC,gBAAA,QAAA;AAAU,gBAAA,OAAA;AAAS,gBAAA;AAAQ,aAAA;YACzCC,uBAAyB,EAAA;AAC3B;AACF,KAAA;IACAC,SAAW,EAAA,KAAA;IACXC,IAAM,EAAA;QACJC,MAAQ,EAAA,QAAA;QACRC,iBAAmB,EAAA;AACrB,KAAA;IACAC,UAAY,EAAA;QACVC,MAAQ,EAAA;AACV;AACF,CAAA;AAEA,MAAMC,WAAAA,GAAc,CAACC,cAAwBC,EAAAA,SAAAA,GAAAA;AAC3C,IAAA,OAAOC,UACL,CAACC,GAAAA,EAAKC,GAASC,GAAAA,KAAAA,CAAMC,OAAO,CAACH,GAAAA,CAAAA,IAAQE,KAAMC,CAAAA,OAAO,CAACF,GAAOD,CAAAA,GAAAA,GAAAA,CAAII,MAAM,CAACH,GAAAA,CAAAA,GAAOI,WAC5ER,cACAC,EAAAA,SAAAA,CAAAA;AAEJ,CAAA;AAEO,MAAMQ,WACX,CAACC,MAAAA,EAAQ,EAAEC,MAAM,EAAE,GACnB,CAACC,GAAKC,EAAAA,IAAAA,GAAAA;QACJ,IAAIC,YAAAA,GAAuBC,aAAa/B,QAAU0B,EAAAA,MAAAA,CAAAA;AAElD,QAAA,MAAMM,YAAe,GAAA;AAAC,YAAA;AAAiB,SAAA;AAEvC,QAAA,MAAMzB,UAKF,GAAA;YACF,YAAc,EAAA;AAAC,gBAAA,QAAA;AAAU,gBAAA,iBAAA;AAAmB,gBAAA;AAAmB,aAAA;YAC/D,SAAW,EAAA;AAAC,gBAAA,QAAA;AAAU,gBAAA,OAAA;AAAS,gBAAA,kBAAA;AAAoB,gBAAA;AAAY,aAAA;AAC/D,YAAA,cAAA,EAAgB,EAAE;AAClB,YAAA,WAAA,EAAa;AACf,SAAA;;AAGA,QAAA,IAAIoB,OAAOM,MAAM,CAAC,YAAYC,OAAQ,CAAA,OAAA,CAAA,CAASC,WAAWC,SAAa,EAAA,EAAA;AACrE,YAAA,MAAM,EAAEV,MAAQW,EAAAA,SAAS,EAAE,GAAGV,MAAAA,CAAOM,MAAM,CAAC,SAAA,CAAA;YAC5CD,YAAaM,CAAAA,IAAI,CAACD,SAAU,CAAA,UAAA,CAAA,CAAA;AAE5B9B,YAAAA,UAAU,CAAC,YAAa,CAAA,CAAC+B,IAAI,CAAC,CAAC,sBAAsB,CAAC,CAAA;AACtD/B,YAAAA,UAAU,CAAC,SAAU,CAAA,CAAC+B,IAAI,CAAC,CAAC,kDAAkD,CAAC,CAAA;AAC/E/B,YAAAA,UAAU,CAAC,cAAe,CAAA,CAAC+B,IAAI,CAAC,CAAC,MAAM,CAAC,CAAA;AACxC/B,YAAAA,UAAU,CAAC,cAAA,CAAe,CAAC+B,IAAI,CAAC,kDAAA,CAAA;AAChC/B,YAAAA,UAAU,CAAC,WAAY,CAAA,CAAC+B,IAAI,CAAC,CAAC,MAAM,CAAC,CAAA;AACrC/B,YAAAA,UAAU,CAAC,WAAA,CAAY,CAAC+B,IAAI,CAAC,iCAAA,CAAA;AAC/B;;AAGA,QAAA,IAAIV,GAAIW,CAAAA,MAAM,KAAK,KAAA,IAASP,aAAaQ,IAAI,CAAC,CAACC,GAAAA,GAAQb,GAAIc,CAAAA,IAAI,CAACC,UAAU,CAACF,GAAO,CAAA,CAAA,EAAA;AAChFX,YAAAA,YAAAA,GAAef,YAAYe,YAAc,EAAA;gBACvC7B,yBAA2B,EAAA,KAAA;gBAC3BI,qBAAuB,EAAA;AACrBE,oBAAAA;AACF;AACF,aAAA,CAAA;AACF;AAEA;;;;;;;AAOC,QAED,IACE;AAAC,YAAA,aAAA;AAAe,YAAA;SAAO,CAACqC,QAAQ,CAACC,OAAQC,CAAAA,GAAG,CAACC,QAAQ,IAAI,EACzDnB,CAAAA,IAAAA,GAAAA,CAAIW,MAAM,KAAK,SACfX,GAAIc,CAAAA,IAAI,CAACC,UAAU,CAAChB,OAAOD,MAAM,CAACsB,GAAG,CAAC,YACtC,CAAA,CAAA,EAAA;AACAlB,YAAAA,YAAAA,GAAef,YAAYe,YAAc,EAAA;gBACvCzB,qBAAuB,EAAA;oBACrBE,UAAY,EAAA;wBACV,YAAc,EAAA;AAAC,4BAAA,QAAA;AAAU,4BAAA;AAAkB,yBAAA;wBAC3C,aAAe,EAAA;AAAC,4BAAA,QAAA;AAAU,4BAAA,OAAA;AAAS,4BAAA,QAAA;AAAU,4BAAA;AAAM;AACrD;AACF;AACF,aAAA,CAAA;AACF;QAEA,OAAO0C,MAAAA,CAAOnB,cAAcF,GAAKC,EAAAA,IAAAA,CAAAA;;;;;"}
1
+ {"version":3,"file":"security.mjs","sources":["../../src/middlewares/security.ts"],"sourcesContent":["import { defaultsDeep, mergeWith } from 'lodash/fp';\nimport helmet, { KoaHelmet } from 'koa-helmet';\nimport { CSP_DEFAULTS } from '@strapi/utils';\n\nimport type { Core } from '@strapi/types';\n\nexport type Config = NonNullable<Parameters<KoaHelmet>[0]>;\n\nconst defaults: Config = {\n crossOriginEmbedderPolicy: false,\n crossOriginOpenerPolicy: false,\n crossOriginResourcePolicy: false,\n originAgentCluster: false,\n contentSecurityPolicy: {\n useDefaults: true,\n directives: {\n ...CSP_DEFAULTS,\n upgradeInsecureRequests: null,\n },\n },\n xssFilter: false,\n hsts: {\n maxAge: 31536000,\n includeSubDomains: true,\n },\n frameguard: {\n action: 'sameorigin',\n },\n};\n\nconst mergeConfig = (existingConfig: Config, newConfig: Config) => {\n return mergeWith(\n (obj, src) => (Array.isArray(obj) && Array.isArray(src) ? obj.concat(src) : undefined),\n existingConfig,\n newConfig\n );\n};\n\nexport const security: Core.MiddlewareFactory<Config> =\n (config, { strapi }) =>\n (ctx, next) => {\n let helmetConfig: Config = defaultsDeep(defaults, config);\n const specialPaths = ['/documentation'];\n\n const directives: {\n 'script-src': string[];\n 'img-src': string[];\n 'manifest-src': string[];\n 'frame-src': string[];\n } = {\n 'script-src': [\"'self'\", \"'unsafe-inline'\", 'cdn.jsdelivr.net'],\n 'img-src': [\"'self'\", 'data:', 'cdn.jsdelivr.net', 'strapi.io'],\n 'manifest-src': [],\n 'frame-src': [],\n };\n\n // if apollo graphql playground is enabled, add exceptions for it\n if (strapi.plugin('graphql')?.service('utils').playground.isEnabled()) {\n const { config: gqlConfig } = strapi.plugin('graphql');\n specialPaths.push(gqlConfig('endpoint'));\n\n directives['script-src'].push(`https: 'unsafe-inline'`);\n directives['img-src'].push(`'apollo-server-landing-page.cdn.apollographql.com'`);\n directives['manifest-src'].push(`'self'`);\n directives['manifest-src'].push('apollo-server-landing-page.cdn.apollographql.com');\n directives['frame-src'].push(`'self'`);\n directives['frame-src'].push('sandbox.embed.apollographql.com');\n }\n\n // TODO: we shouldn't combine playground exceptions with documentation for all routes, we should first check the path and then return exceptions specific to that\n if (ctx.method === 'GET' && specialPaths.some((str) => ctx.path.startsWith(str))) {\n helmetConfig = mergeConfig(helmetConfig, {\n crossOriginEmbedderPolicy: false, // TODO: only use this for graphql playground\n contentSecurityPolicy: {\n directives,\n },\n });\n }\n\n /**\n * These are for vite's watch mode so it can accurately\n * connect to the HMR websocket & reconnect on failure\n * or when the server restarts.\n *\n * It only applies in development, and only on GET requests\n * that are part of the admin route.\n */\n\n if (\n ['development', 'test'].includes(process.env.NODE_ENV ?? '') &&\n ctx.method === 'GET' &&\n ctx.path.startsWith(strapi.config.get('admin.path'))\n ) {\n helmetConfig = mergeConfig(helmetConfig, {\n contentSecurityPolicy: {\n directives: {\n 'script-src': [\"'self'\", \"'unsafe-inline'\"],\n 'connect-src': [\"'self'\", 'http:', 'https:', 'ws:'],\n },\n },\n });\n }\n\n return helmet(helmetConfig)(ctx, next);\n };\n"],"names":["defaults","crossOriginEmbedderPolicy","crossOriginOpenerPolicy","crossOriginResourcePolicy","originAgentCluster","contentSecurityPolicy","useDefaults","directives","CSP_DEFAULTS","upgradeInsecureRequests","xssFilter","hsts","maxAge","includeSubDomains","frameguard","action","mergeConfig","existingConfig","newConfig","mergeWith","obj","src","Array","isArray","concat","undefined","security","config","strapi","ctx","next","helmetConfig","defaultsDeep","specialPaths","plugin","service","playground","isEnabled","gqlConfig","push","method","some","str","path","startsWith","includes","process","env","NODE_ENV","get","helmet"],"mappings":";;;;AAQA,MAAMA,QAAmB,GAAA;IACvBC,yBAA2B,EAAA,KAAA;IAC3BC,uBAAyB,EAAA,KAAA;IACzBC,yBAA2B,EAAA,KAAA;IAC3BC,kBAAoB,EAAA,KAAA;IACpBC,qBAAuB,EAAA;QACrBC,WAAa,EAAA,IAAA;QACbC,UAAY,EAAA;AACV,YAAA,GAAGC,YAAY;YACfC,uBAAyB,EAAA;AAC3B;AACF,KAAA;IACAC,SAAW,EAAA,KAAA;IACXC,IAAM,EAAA;QACJC,MAAQ,EAAA,QAAA;QACRC,iBAAmB,EAAA;AACrB,KAAA;IACAC,UAAY,EAAA;QACVC,MAAQ,EAAA;AACV;AACF,CAAA;AAEA,MAAMC,WAAAA,GAAc,CAACC,cAAwBC,EAAAA,SAAAA,GAAAA;AAC3C,IAAA,OAAOC,UACL,CAACC,GAAAA,EAAKC,GAASC,GAAAA,KAAAA,CAAMC,OAAO,CAACH,GAAAA,CAAAA,IAAQE,KAAMC,CAAAA,OAAO,CAACF,GAAOD,CAAAA,GAAAA,GAAAA,CAAII,MAAM,CAACH,GAAAA,CAAAA,GAAOI,WAC5ER,cACAC,EAAAA,SAAAA,CAAAA;AAEJ,CAAA;AAEO,MAAMQ,WACX,CAACC,MAAAA,EAAQ,EAAEC,MAAM,EAAE,GACnB,CAACC,GAAKC,EAAAA,IAAAA,GAAAA;QACJ,IAAIC,YAAAA,GAAuBC,aAAahC,QAAU2B,EAAAA,MAAAA,CAAAA;AAClD,QAAA,MAAMM,YAAe,GAAA;AAAC,YAAA;AAAiB,SAAA;AAEvC,QAAA,MAAM1B,UAKF,GAAA;YACF,YAAc,EAAA;AAAC,gBAAA,QAAA;AAAU,gBAAA,iBAAA;AAAmB,gBAAA;AAAmB,aAAA;YAC/D,SAAW,EAAA;AAAC,gBAAA,QAAA;AAAU,gBAAA,OAAA;AAAS,gBAAA,kBAAA;AAAoB,gBAAA;AAAY,aAAA;AAC/D,YAAA,cAAA,EAAgB,EAAE;AAClB,YAAA,WAAA,EAAa;AACf,SAAA;;AAGA,QAAA,IAAIqB,OAAOM,MAAM,CAAC,YAAYC,OAAQ,CAAA,OAAA,CAAA,CAASC,WAAWC,SAAa,EAAA,EAAA;AACrE,YAAA,MAAM,EAAEV,MAAQW,EAAAA,SAAS,EAAE,GAAGV,MAAAA,CAAOM,MAAM,CAAC,SAAA,CAAA;YAC5CD,YAAaM,CAAAA,IAAI,CAACD,SAAU,CAAA,UAAA,CAAA,CAAA;AAE5B/B,YAAAA,UAAU,CAAC,YAAa,CAAA,CAACgC,IAAI,CAAC,CAAC,sBAAsB,CAAC,CAAA;AACtDhC,YAAAA,UAAU,CAAC,SAAU,CAAA,CAACgC,IAAI,CAAC,CAAC,kDAAkD,CAAC,CAAA;AAC/EhC,YAAAA,UAAU,CAAC,cAAe,CAAA,CAACgC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAA;AACxChC,YAAAA,UAAU,CAAC,cAAA,CAAe,CAACgC,IAAI,CAAC,kDAAA,CAAA;AAChChC,YAAAA,UAAU,CAAC,WAAY,CAAA,CAACgC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAA;AACrChC,YAAAA,UAAU,CAAC,WAAA,CAAY,CAACgC,IAAI,CAAC,iCAAA,CAAA;AAC/B;;AAGA,QAAA,IAAIV,GAAIW,CAAAA,MAAM,KAAK,KAAA,IAASP,aAAaQ,IAAI,CAAC,CAACC,GAAAA,GAAQb,GAAIc,CAAAA,IAAI,CAACC,UAAU,CAACF,GAAO,CAAA,CAAA,EAAA;AAChFX,YAAAA,YAAAA,GAAef,YAAYe,YAAc,EAAA;gBACvC9B,yBAA2B,EAAA,KAAA;gBAC3BI,qBAAuB,EAAA;AACrBE,oBAAAA;AACF;AACF,aAAA,CAAA;AACF;AAEA;;;;;;;AAOC,QAED,IACE;AAAC,YAAA,aAAA;AAAe,YAAA;SAAO,CAACsC,QAAQ,CAACC,OAAQC,CAAAA,GAAG,CAACC,QAAQ,IAAI,EACzDnB,CAAAA,IAAAA,GAAAA,CAAIW,MAAM,KAAK,SACfX,GAAIc,CAAAA,IAAI,CAACC,UAAU,CAAChB,OAAOD,MAAM,CAACsB,GAAG,CAAC,YACtC,CAAA,CAAA,EAAA;AACAlB,YAAAA,YAAAA,GAAef,YAAYe,YAAc,EAAA;gBACvC1B,qBAAuB,EAAA;oBACrBE,UAAY,EAAA;wBACV,YAAc,EAAA;AAAC,4BAAA,QAAA;AAAU,4BAAA;AAAkB,yBAAA;wBAC3C,aAAe,EAAA;AAAC,4BAAA,QAAA;AAAU,4BAAA,OAAA;AAAS,4BAAA,QAAA;AAAU,4BAAA;AAAM;AACrD;AACF;AACF,aAAA,CAAA;AACF;QAEA,OAAO2C,MAAAA,CAAOnB,cAAcF,GAAKC,EAAAA,IAAAA,CAAAA;;;;;"}
package/dist/package.json.js CHANGED
@@ -3,7 +3,7 @@
3
3
  Object.defineProperty(exports, '__esModule', { value: true });
4
4
 
5
5
  var name = "@strapi/core";
6
- var version = "0.0.0-experimental.da76e83c9180ce7e4ab187aece17ea6bf19c783c";
6
+ var version = "0.0.0-experimental.da850ac6030a73229550aab5ce80ce47be683429";
7
7
  var description = "Core of Strapi";
8
8
  var homepage = "https://strapi.io";
9
9
  var bugs = {
@@ -59,14 +59,15 @@ var dependencies = {
59
59
  "@koa/cors": "5.0.0",
60
60
  "@koa/router": "12.0.2",
61
61
  "@paralleldrive/cuid2": "2.2.2",
62
- "@strapi/admin": "0.0.0-experimental.da76e83c9180ce7e4ab187aece17ea6bf19c783c",
63
- "@strapi/database": "0.0.0-experimental.da76e83c9180ce7e4ab187aece17ea6bf19c783c",
64
- "@strapi/generators": "0.0.0-experimental.da76e83c9180ce7e4ab187aece17ea6bf19c783c",
65
- "@strapi/logger": "0.0.0-experimental.da76e83c9180ce7e4ab187aece17ea6bf19c783c",
66
- "@strapi/permissions": "0.0.0-experimental.da76e83c9180ce7e4ab187aece17ea6bf19c783c",
67
- "@strapi/types": "0.0.0-experimental.da76e83c9180ce7e4ab187aece17ea6bf19c783c",
68
- "@strapi/typescript-utils": "0.0.0-experimental.da76e83c9180ce7e4ab187aece17ea6bf19c783c",
69
- "@strapi/utils": "0.0.0-experimental.da76e83c9180ce7e4ab187aece17ea6bf19c783c",
62
+ "@strapi/admin": "0.0.0-experimental.da850ac6030a73229550aab5ce80ce47be683429",
63
+ "@strapi/database": "0.0.0-experimental.da850ac6030a73229550aab5ce80ce47be683429",
64
+ "@strapi/generators": "0.0.0-experimental.da850ac6030a73229550aab5ce80ce47be683429",
65
+ "@strapi/logger": "0.0.0-experimental.da850ac6030a73229550aab5ce80ce47be683429",
66
+ "@strapi/permissions": "0.0.0-experimental.da850ac6030a73229550aab5ce80ce47be683429",
67
+ "@strapi/types": "0.0.0-experimental.da850ac6030a73229550aab5ce80ce47be683429",
68
+ "@strapi/typescript-utils": "0.0.0-experimental.da850ac6030a73229550aab5ce80ce47be683429",
69
+ "@strapi/utils": "0.0.0-experimental.da850ac6030a73229550aab5ce80ce47be683429",
70
+ "@vercel/stega": "0.1.2",
70
71
  bcryptjs: "2.4.3",
71
72
  boxen: "5.1.2",
72
73
  chalk: "4.1.2",
@@ -86,6 +87,7 @@ var dependencies = {
86
87
  inquirer: "8.2.5",
87
88
  "is-docker": "2.2.1",
88
89
  "json-logic-js": "2.0.5",
90
+ jsonwebtoken: "9.0.0",
89
91
  koa: "2.16.1",
90
92
  "koa-body": "6.0.1",
91
93
  "koa-compose": "4.1.0",
@@ -132,9 +134,9 @@ var devDependencies = {
132
134
  "@types/node": "18.19.24",
133
135
  "@types/node-schedule": "2.1.7",
134
136
  "@types/statuses": "2.0.1",
135
- "eslint-config-custom": "0.0.0-experimental.da76e83c9180ce7e4ab187aece17ea6bf19c783c",
137
+ "eslint-config-custom": "0.0.0-experimental.da850ac6030a73229550aab5ce80ce47be683429",
136
138
  supertest: "6.3.3",
137
- tsconfig: "0.0.0-experimental.da76e83c9180ce7e4ab187aece17ea6bf19c783c"
139
+ tsconfig: "0.0.0-experimental.da850ac6030a73229550aab5ce80ce47be683429"
138
140
  };
139
141
  var engines = {
140
142
  node: ">=18.0.0 <=22.x.x",
package/dist/package.json.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"package.json.js","sources":[],"sourcesContent":[],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;"}
1
+ {"version":3,"file":"package.json.js","sources":[],"sourcesContent":[],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;"}
package/dist/package.json.mjs CHANGED
@@ -1,5 +1,5 @@
1
1
  var name = "@strapi/core";
2
- var version = "0.0.0-experimental.da76e83c9180ce7e4ab187aece17ea6bf19c783c";
2
+ var version = "0.0.0-experimental.da850ac6030a73229550aab5ce80ce47be683429";
3
3
  var description = "Core of Strapi";
4
4
  var homepage = "https://strapi.io";
5
5
  var bugs = {
@@ -55,14 +55,15 @@ var dependencies = {
55
55
  "@koa/cors": "5.0.0",
56
56
  "@koa/router": "12.0.2",
57
57
  "@paralleldrive/cuid2": "2.2.2",
58
- "@strapi/admin": "0.0.0-experimental.da76e83c9180ce7e4ab187aece17ea6bf19c783c",
59
- "@strapi/database": "0.0.0-experimental.da76e83c9180ce7e4ab187aece17ea6bf19c783c",
60
- "@strapi/generators": "0.0.0-experimental.da76e83c9180ce7e4ab187aece17ea6bf19c783c",
61
- "@strapi/logger": "0.0.0-experimental.da76e83c9180ce7e4ab187aece17ea6bf19c783c",
62
- "@strapi/permissions": "0.0.0-experimental.da76e83c9180ce7e4ab187aece17ea6bf19c783c",
63
- "@strapi/types": "0.0.0-experimental.da76e83c9180ce7e4ab187aece17ea6bf19c783c",
64
- "@strapi/typescript-utils": "0.0.0-experimental.da76e83c9180ce7e4ab187aece17ea6bf19c783c",
65
- "@strapi/utils": "0.0.0-experimental.da76e83c9180ce7e4ab187aece17ea6bf19c783c",
58
+ "@strapi/admin": "0.0.0-experimental.da850ac6030a73229550aab5ce80ce47be683429",
59
+ "@strapi/database": "0.0.0-experimental.da850ac6030a73229550aab5ce80ce47be683429",
60
+ "@strapi/generators": "0.0.0-experimental.da850ac6030a73229550aab5ce80ce47be683429",
61
+ "@strapi/logger": "0.0.0-experimental.da850ac6030a73229550aab5ce80ce47be683429",
62
+ "@strapi/permissions": "0.0.0-experimental.da850ac6030a73229550aab5ce80ce47be683429",
63
+ "@strapi/types": "0.0.0-experimental.da850ac6030a73229550aab5ce80ce47be683429",
64
+ "@strapi/typescript-utils": "0.0.0-experimental.da850ac6030a73229550aab5ce80ce47be683429",
65
+ "@strapi/utils": "0.0.0-experimental.da850ac6030a73229550aab5ce80ce47be683429",
66
+ "@vercel/stega": "0.1.2",
66
67
  bcryptjs: "2.4.3",
67
68
  boxen: "5.1.2",
68
69
  chalk: "4.1.2",
@@ -82,6 +83,7 @@ var dependencies = {
82
83
  inquirer: "8.2.5",
83
84
  "is-docker": "2.2.1",
84
85
  "json-logic-js": "2.0.5",
86
+ jsonwebtoken: "9.0.0",
85
87
  koa: "2.16.1",
86
88
  "koa-body": "6.0.1",
87
89
  "koa-compose": "4.1.0",
@@ -128,9 +130,9 @@ var devDependencies = {
128
130
  "@types/node": "18.19.24",
129
131
  "@types/node-schedule": "2.1.7",
130
132
  "@types/statuses": "2.0.1",
131
- "eslint-config-custom": "0.0.0-experimental.da76e83c9180ce7e4ab187aece17ea6bf19c783c",
133
+ "eslint-config-custom": "0.0.0-experimental.da850ac6030a73229550aab5ce80ce47be683429",
132
134
  supertest: "6.3.3",
133
- tsconfig: "0.0.0-experimental.da76e83c9180ce7e4ab187aece17ea6bf19c783c"
135
+ tsconfig: "0.0.0-experimental.da850ac6030a73229550aab5ce80ce47be683429"
134
136
  };
135
137
  var engines = {
136
138
  node: ">=18.0.0 <=22.x.x",
package/dist/package.json.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"package.json.mjs","sources":[],"sourcesContent":[],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;"}
1
+ {"version":3,"file":"package.json.mjs","sources":[],"sourcesContent":[],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;"}
package/dist/providers/index.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/providers/index.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC;AAE3C,eAAO,MAAM,SAAS,EAAE,QAAQ,EAA8D,CAAC"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/providers/index.ts"],"names":[],"mappings":"AAQA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC;AAE3C,eAAO,MAAM,SAAS,EAAE,QAAQ,EAQ/B,CAAC"}
package/dist/providers/index.js CHANGED
@@ -4,6 +4,7 @@ var admin = require('./admin.js');
4
4
  var coreStore = require('./coreStore.js');
5
5
  var cron = require('./cron.js');
6
6
  var registries = require('./registries.js');
7
+ var sessionManager = require('./session-manager.js');
7
8
  var telemetry = require('./telemetry.js');
8
9
  var webhooks = require('./webhooks.js');
9
10
 
@@ -11,6 +12,7 @@ const providers = [
11
12
  registries,
12
13
  admin,
13
14
  coreStore,
15
+ sessionManager,
14
16
  webhooks,
15
17
  telemetry,
16
18
  cron
package/dist/providers/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sources":["../../src/providers/index.ts"],"sourcesContent":["import admin from './admin';\nimport coreStore from './coreStore';\nimport cron from './cron';\nimport registries from './registries';\nimport telemetry from './telemetry';\nimport webhooks from './webhooks';\n\nimport type { Provider } from './provider';\n\nexport const providers: Provider[] = [registries, admin, coreStore, webhooks, telemetry, cron];\n"],"names":["providers","registries","admin","coreStore","webhooks","telemetry","cron"],"mappings":";;;;;;;;;MASaA,SAAwB,GAAA;AAACC,IAAAA,UAAAA;AAAYC,IAAAA,KAAAA;AAAOC,IAAAA,SAAAA;AAAWC,IAAAA,QAAAA;AAAUC,IAAAA,SAAAA;AAAWC,IAAAA;;;;;"}
1
+ {"version":3,"file":"index.js","sources":["../../src/providers/index.ts"],"sourcesContent":["import admin from './admin';\nimport coreStore from './coreStore';\nimport cron from './cron';\nimport registries from './registries';\nimport sessionManager from './session-manager';\nimport telemetry from './telemetry';\nimport webhooks from './webhooks';\n\nimport type { Provider } from './provider';\n\nexport const providers: Provider[] = [\n registries,\n admin,\n coreStore,\n sessionManager,\n webhooks,\n telemetry,\n cron,\n];\n"],"names":["providers","registries","admin","coreStore","sessionManager","webhooks","telemetry","cron"],"mappings":";;;;;;;;;;MAUaA,SAAwB,GAAA;AACnCC,IAAAA,UAAAA;AACAC,IAAAA,KAAAA;AACAC,IAAAA,SAAAA;AACAC,IAAAA,cAAAA;AACAC,IAAAA,QAAAA;AACAC,IAAAA,SAAAA;AACAC,IAAAA;;;;;"}
package/dist/providers/index.mjs CHANGED
@@ -2,6 +2,7 @@ import admin from './admin.mjs';
2
2
  import coreStore from './coreStore.mjs';
3
3
  import cron from './cron.mjs';
4
4
  import registries from './registries.mjs';
5
+ import sessionManager from './session-manager.mjs';
5
6
  import telemetry from './telemetry.mjs';
6
7
  import webhooks from './webhooks.mjs';
7
8
 
@@ -9,6 +10,7 @@ const providers = [
9
10
  registries,
10
11
  admin,
11
12
  coreStore,
13
+ sessionManager,
12
14
  webhooks,
13
15
  telemetry,
14
16
  cron
package/dist/providers/index.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.mjs","sources":["../../src/providers/index.ts"],"sourcesContent":["import admin from './admin';\nimport coreStore from './coreStore';\nimport cron from './cron';\nimport registries from './registries';\nimport telemetry from './telemetry';\nimport webhooks from './webhooks';\n\nimport type { Provider } from './provider';\n\nexport const providers: Provider[] = [registries, admin, coreStore, webhooks, telemetry, cron];\n"],"names":["providers","registries","admin","coreStore","webhooks","telemetry","cron"],"mappings":";;;;;;;MASaA,SAAwB,GAAA;AAACC,IAAAA,UAAAA;AAAYC,IAAAA,KAAAA;AAAOC,IAAAA,SAAAA;AAAWC,IAAAA,QAAAA;AAAUC,IAAAA,SAAAA;AAAWC,IAAAA;;;;;"}
1
+ {"version":3,"file":"index.mjs","sources":["../../src/providers/index.ts"],"sourcesContent":["import admin from './admin';\nimport coreStore from './coreStore';\nimport cron from './cron';\nimport registries from './registries';\nimport sessionManager from './session-manager';\nimport telemetry from './telemetry';\nimport webhooks from './webhooks';\n\nimport type { Provider } from './provider';\n\nexport const providers: Provider[] = [\n registries,\n admin,\n coreStore,\n sessionManager,\n webhooks,\n telemetry,\n cron,\n];\n"],"names":["providers","registries","admin","coreStore","sessionManager","webhooks","telemetry","cron"],"mappings":";;;;;;;;MAUaA,SAAwB,GAAA;AACnCC,IAAAA,UAAAA;AACAC,IAAAA,KAAAA;AACAC,IAAAA,SAAAA;AACAC,IAAAA,cAAAA;AACAC,IAAAA,QAAAA;AACAC,IAAAA,SAAAA;AACAC,IAAAA;;;;;"}
package/dist/providers/session-manager.d.ts ADDED
@@ -0,0 +1,3 @@
1
+ declare const _default: import("./provider").Provider;
2
+ export default _default;
3
+ //# sourceMappingURL=session-manager.d.ts.map
package/dist/providers/session-manager.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"session-manager.d.ts","sourceRoot":"","sources":["../../src/providers/session-manager.ts"],"names":[],"mappings":";AAYA,wBAoBG"}
package/dist/providers/session-manager.js ADDED
@@ -0,0 +1,23 @@
1
+ 'use strict';
2
+
3
+ var provider = require('./provider.js');
4
+ var sessionManager$1 = require('../services/session-manager.js');
5
+
6
+ var sessionManager = provider.defineProvider({
7
+ init (strapi) {
8
+ strapi.add('sessionManager', ()=>sessionManager$1.createSessionManager({
9
+ db: strapi.db
10
+ }));
11
+ },
12
+ async register (strapi) {
13
+ // Get JWT secret from admin auth settings (same as admin token service)
14
+ const adminAuth = strapi.config.get('admin.auth', {});
15
+ const jwtSecret = adminAuth.secret;
16
+ if (!jwtSecret) {
17
+ throw new Error('Missing admin.auth.secret configuration. The SessionManager requires a JWT secret');
18
+ }
19
+ }
20
+ });
21
+
22
+ module.exports = sessionManager;
23
+ //# sourceMappingURL=session-manager.js.map
package/dist/providers/session-manager.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"session-manager.js","sources":["../../src/providers/session-manager.ts"],"sourcesContent":["import type { Algorithm } from 'jsonwebtoken';\nimport { defineProvider } from './provider';\nimport { createSessionManager } from '../services/session-manager';\n\ninterface AdminAuthConfig {\n secret?: string;\n options?: {\n algorithm?: Algorithm;\n [key: string]: unknown;\n };\n}\n\nexport default defineProvider({\n init(strapi) {\n strapi.add('sessionManager', () =>\n createSessionManager({\n db: strapi.db,\n })\n );\n },\n\n async register(strapi) {\n // Get JWT secret from admin auth settings (same as admin token service)\n const adminAuth = strapi.config.get<AdminAuthConfig>('admin.auth', {});\n const jwtSecret = adminAuth.secret;\n\n if (!jwtSecret) {\n throw new Error(\n 'Missing admin.auth.secret configuration. The SessionManager requires a JWT secret'\n );\n }\n },\n});\n"],"names":["defineProvider","init","strapi","add","createSessionManager","db","register","adminAuth","config","get","jwtSecret","secret","Error"],"mappings":";;;;;AAYA,qBAAeA,uBAAe,CAAA;AAC5BC,IAAAA,IAAAA,CAAAA,CAAKC,MAAM,EAAA;AACTA,QAAAA,MAAAA,CAAOC,GAAG,CAAC,gBAAkB,EAAA,IAC3BC,qCAAqB,CAAA;AACnBC,gBAAAA,EAAAA,EAAIH,OAAOG;AACb,aAAA,CAAA,CAAA;AAEJ,KAAA;AAEA,IAAA,MAAMC,UAASJ,MAAM,EAAA;;AAEnB,QAAA,MAAMK,YAAYL,MAAOM,CAAAA,MAAM,CAACC,GAAG,CAAkB,cAAc,EAAC,CAAA;QACpE,MAAMC,SAAAA,GAAYH,UAAUI,MAAM;AAElC,QAAA,IAAI,CAACD,SAAW,EAAA;AACd,YAAA,MAAM,IAAIE,KACR,CAAA,mFAAA,CAAA;AAEJ;AACF;AACF,CAAG,CAAA;;;;"}