		@@ -9,3 +9,3 @@ import type { LambdaEnvironment } from '@forge/cli-shared';
		private getFrameAncestors;
		getInjectableCSP: ({ existingCSPDetails, microsEnv, tunnelCSPReporterUri, hostname }: {
		getInjectableCSP: ({ existingCSPDetails, microsEnv, tunnelCSPReporterUri, hostname, isFedRAMP }: {
		existingCSPDetails: CSPDetails;
		@@ -15,4 +15,5 @@ microsEnv: LambdaEnvironment;
		hostname?: string \| undefined;
		isFedRAMP?: boolean \| undefined;
		}) => string[];
		}
		//# sourceMappingURL=csp-injection-service.d.ts.map

out/csp/csp-injection-service.js

		@@ -9,3 +9,5 @@ "use strict";
		prod: 'https://api.atlassian.com',
		fex: 'https://api.atlassian-fex.com'
		fex: 'https://api.atlassian-fex.com',
		'fedramp-stg': 'https://api.stg.atlassian-us-gov-mod.com',
		'fedramp-prod': 'https://api.atlassian-us-gov-mod.com'
		};
		@@ -16,3 +18,11 @@ const atlassianImageHosts = {
		prod: ['https://avatar-management--avatars.us-west-2.prod.public.atl-paas.net', apiGatewayHost['prod']],
		fex: ['https://avatar-management--avatars.us-west-2.staging.public.atl-paas.net', apiGatewayHost['fex']]
		fex: ['https://avatar-management--avatars.us-west-2.staging.public.atl-paas.net', apiGatewayHost['fex']],
		'fedramp-stg': [
		'https://avatar-management--avatars.us-east-1.stg.public.atl-paas-us-gov-mod.net',
		apiGatewayHost['fedramp-stg']
		],
		'fedramp-prod': [
		'https://avatar-management--avatars.us-east-1.prod.public.atl-paas-us-gov-mod.net',
		apiGatewayHost['fedramp-prod']
		]
		};
		@@ -22,3 +32,3 @@ const gravatarUrl = 'https://secure.gravatar.com';
		constructor() {
		this.getInjectableCSP = ({ existingCSPDetails, microsEnv, tunnelCSPReporterUri, hostname }) => {
		this.getInjectableCSP = ({ existingCSPDetails, microsEnv, tunnelCSPReporterUri, hostname, isFedRAMP }) => {
		const reportUri = tunnelCSPReporterUri \|\| this.getCSPReportUri(microsEnv);
		@@ -53,3 +63,3 @@ const defaultSrc = `'self'`;
		"'self'",
		this.getForgeGlobalCSP(microsEnv),
		this.getForgeGlobalCSP(microsEnv, isFedRAMP),
		...this.getExistingCSPDetails(types_1.ExternalCspType.SCRIPT_SRC, existingCSPDetails)
		@@ -59,3 +69,3 @@ ].join(' ');
		"'self'",
		this.getForgeGlobalCSP(microsEnv),
		this.getForgeGlobalCSP(microsEnv, isFedRAMP),
		...this.getExistingCSPDetails(types_1.ExternalCspType.STYLE_SRC, existingCSPDetails)
		@@ -86,4 +96,6 @@ ].join(' ');
		}
		getForgeGlobalCSP(microsEnv) {
		return `https://forge.cdn.${microsEnv}.atlassian-dev.net`;
		getForgeGlobalCSP(microsEnv, isFedRAMP = false) {
		return isFedRAMP
		? `https://forge.cdn.${microsEnv.split('-')[1]}.atlassian-dev-us-gov-mod.net`
		: `https://forge.cdn.${microsEnv}.atlassian-dev.net`;
		}
		@@ -121,2 +133,8 @@ getExistingCSPDetails(cspType, cspDetails) {
		}
		else if (microsEnv === 'fedramp-stg') {
		frameAncestors = ['*.atlassian-stg-fedm.net'];
		}
		else if (microsEnv === 'fedramp-prod') {
		frameAncestors = ['*.atlassian-us-gov-mod.net'];
		}
		else {
		@@ -123,0 +141,0 @@ frameAncestors = ['.atlassian.net', 'bitbucket.org', '.jira.com', '*.atlassian.com'];

package.json

		{
		"name": "@forge/csp",
		"version": "3.1.6",
		"version": "3.2.0-next.0",
		"description": "Contains the CSP configuration for Custom UI resources in Forge",
		@@ -14,4 +14,4 @@ "main": "out/index.js",
		"devDependencies": {
		"@forge/cli-shared": "3.23.3",
		"@forge/manifest": "5.5.3",
		"@forge/cli-shared": "3.25.0-next.1",
		"@forge/manifest": "6.2.0-next.0",
		"@types/jest": "^29.5.12",
		@@ -18,0 +18,0 @@ "@types/node": "14.18.63"

out/csp/csp-injection-service.d.ts.map

Sorry, the diff of this file is not supported yet

@forge/csp - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Worsened metrics