serverless-offline 10.3.2 → 11.0.1

package/README.md

@@ -108,13 +108,6 @@ to list all the options for the plugin run:
 
 All CLI options are optional:
 
-#### apiKey
-
-_This option is deprecated and will be removed in the next major version. If you want to specify the apiKey value yourself, please define it under 'provider.apiGateway.apiKeys' in the serverless config._
-
-Defines the API key value to be used for endpoints marked as private.<br />
-Defaults to a random value.
-
 #### corsAllowHeaders
 
 Used as default Access-Control-Allow-Headers header value for responses. Delimit multiple values with commas.<br />
@@ -139,12 +132,6 @@ Default: 'WWW-Authenticate,Server-Authorization'
 
 Used to disable cookie-validation on hapi.js-server.
 
-#### disableScheduledEvents
-
-_This option is deprecated and will be removed in the next major version. If you want to disable the event, please define it in the 'events.schedule.enabled' section of the serverless config._
-
-Disables all scheduled events. Overrides configurations in serverless.yml.
-
 #### dockerHost
 
 The host name of Docker.<br />
@@ -183,7 +170,7 @@ Default: 3000
 
 #### ignoreJWTSignature
 
-When using HttpApi with a JWT authorizer, don't check the signature of the JWT token. This should only be used for local development.
+When using HttpApi with a JWT authorizer, don't check the signature of the JWT token.
 
 #### lambdaPort
 
@@ -484,7 +471,7 @@ By default layers are downloaded on a per-project basis, however, if you want to
 
 As defined in the [Serverless Documentation](https://serverless.com/framework/docs/providers/aws/events/apigateway/#setting-api-keys-for-your-rest-api) you can use API Keys as a simple authentication method.
 
-Serverless-offline will emulate the behaviour of APIG and create a random token that's printed on the screen. With this token you can access your private methods adding `x-api-key: generatedToken` to your request header. All api keys will share the same token. To specify a custom token use the `--apiKey` cli option.
+Serverless-offline will emulate the behaviour of APIG and create a random token that's printed on the screen. With this token you can access your private methods adding `x-api-key: generatedToken` to your request header. All api keys will share the same token.
 
 ### Custom authorizers
 

package/package.json

@@ -1,7 +1,7 @@
 {
   "dedicatedTo": "Blue, a great migrating bird.",
   "name": "serverless-offline",
-  "version": "10.3.2",
+  "version": "11.0.1",
   "description": "Emulate AWS λ and API Gateway locally when developing your Serverless project",
   "license": "MIT",
   "exports": {
@@ -86,13 +86,13 @@
     "@hapi/h2o2": "^10.0.0",
     "@hapi/hapi": "^20.2.2",
     "@serverless/utils": "^6.7.0",
-    "aws-sdk": "^2.1224.0",
+    "aws-sdk": "^2.1225.0",
     "boxen": "^7.0.0",
     "chalk": "^5.0.1",
     "execa": "^6.1.0",
     "fs-extra": "^10.1.0",
     "java-invoke-local": "0.0.6",
-    "jose": "^4.9.3",
+    "jose": "^4.10.0",
     "js-string-escape": "^1.0.1",
     "jsonpath-plus": "^7.2.0",
     "jsonschema": "^1.4.1",

package/src/ServerlessOffline.js

@@ -6,7 +6,7 @@ import {
   defaultOptions,
   SERVER_SHUTDOWN_TIMEOUT,
 } from './config/index.js'
-import { gray, orange } from './config/colors.js'
+import { gray } from './config/colors.js'
 
 export default class ServerlessOffline {
   #cliOptions = null
@@ -61,16 +61,6 @@ export default class ServerlessOffline {
   async start() {
     this.#mergeOptions()
 
-    if (this.#options.disableScheduledEvents) {
-      log.notice()
-      log.warning(
-        orange(`'--disableScheduledEvents' is deprecated and will be removed in the next major version.
-Please disable the event in the 'events.schedule.enabled' section of the serverless config.
-If you are experiencing any issues please let us know: https://github.com/dherault/serverless-offline/issues`),
-      )
-      log.notice()
-    }
-
     const { httpEvents, lambdas, scheduleEvents, webSocketEvents } =
       this.#getEvents()
 
@@ -84,7 +74,7 @@ If you are experiencing any issues please let us know: https://github.com/dherau
       eventModules.push(this.#createHttp(httpEvents))
     }
 
-    if (!this.#options.disableScheduledEvents && scheduleEvents.length > 0) {
+    if (scheduleEvents.length > 0) {
       eventModules.push(this.#createSchedule(scheduleEvents))
     }
 

package/src/config/commandOptions.js

@@ -1,9 +1,4 @@
 export default {
-  apiKey: {
-    type: 'string',
-    usage:
-      '[This option is deprecated] Defines the API key value to be used for endpoints marked as private. Defaults to a random hash.',
-  },
   corsAllowHeaders: {
     type: 'string',
     usage:
@@ -28,11 +23,6 @@ export default {
     type: 'boolean',
     usage: 'Used to disable cookie-validation on hapi.js-server.',
   },
-  disableScheduledEvents: {
-    type: 'boolean',
-    usage:
-      '[This option is deprecated] Disables all scheduled events. Overrides configurations in serverless.yml. Default: false.',
-  },
   dockerHost: {
     type: 'string',
     usage: 'The host name of Docker. Default: localhost.',
@@ -72,7 +62,7 @@ export default {
   ignoreJWTSignature: {
     type: 'boolean',
     usage:
-      "When using HttpApi with a JWT authorizer, don't check the signature of the JWT token. This should only be used for local development.",
+      "When using HttpApi with a JWT authorizer, don't check the signature of the JWT token.",
   },
   lambdaPort: {
     type: 'string',

package/src/config/defaultOptions.js

@@ -1,11 +1,9 @@
 export default {
-  apiKey: null,
   corsAllowHeaders: 'accept,content-type,x-api-key,authorization',
   corsAllowOrigin: '*',
   corsDisallowCredentials: true,
   corsExposedHeaders: 'WWW-Authenticate,Server-Authorization',
   disableCookieValidation: false,
-  disableScheduledEvents: false,
   dockerHost: 'localhost',
   dockerHostServicePath: null,
   dockerNetwork: null,

package/src/events/http/HttpServer.js

@@ -20,7 +20,6 @@ import {
 import LambdaProxyIntegrationEventV2 from './lambda-events/LambdaProxyIntegrationEventV2.js'
 import parseResources from './parseResources.js'
 import payloadSchemaValidator from './payloadSchemaValidator.js'
-import { orange } from '../../config/colors.js'
 import logRoutes from '../../utils/logRoutes.js'
 import {
   createApiKey,
@@ -895,16 +894,6 @@ export default class HttpServer {
     if (!this.#hasPrivateHttpEvent && httpEvent.private) {
       this.#hasPrivateHttpEvent = true
 
-      if (this.#options.apiKey) {
-        log.notice()
-        log.warning(
-          orange(`'--apiKey' is deprecated and will be removed in the next major version.
-  Please define the apiKey value in the 'provider.apiGateway.apiKeys' section of the serverless config.
-  If you are experiencing any issues please let us know: https://github.com/dherault/serverless-offline/issues`),
-        )
-        log.notice()
-      }
-
       if (this.#options.noAuth) {
         log.notice(
           `Authorizers are turned off. You do not need to use 'x-api-key' header.`,
@@ -914,15 +903,17 @@ export default class HttpServer {
       }
 
       if (this.#apiKeysValues == null) {
-        const apiKey = this.#options.apiKey ?? createApiKey()
-
-        log.notice(`Key with token: ${apiKey}`)
-
         this.#apiKeysValues = getApiKeysValues(
           this.#serverless.service.provider.apiGateway?.apiKeys ?? [],
         )
 
-        this.#apiKeysValues.add(apiKey)
+        if (this.#apiKeysValues.size === 0) {
+          const apiKey = createApiKey()
+
+          this.#apiKeysValues.add(apiKey)
+
+          log.notice(`Key with token: ${apiKey}`)
+        }
       }
     }