New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@forge/csp

Package Overview
Dependencies
Maintainers
1
Versions
175
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@forge/csp - npm Package Compare versions

Comparing version 3.5.0 to 3.6.0-next.0

6

CHANGELOG.md
# @forge/csp
## 3.6.0-next.0
### Minor Changes
- 3493ddf: Export image host allowlist
## 3.5.0

@@ -4,0 +10,0 @@

4

out/csp/csp-injection-service.d.ts
import type { LambdaEnvironment } from '@forge/cli-shared';
import { CSPDetails } from '../types';
export declare const ATLASSIAN_IMAGES_HOSTS: {
[microsEnv in LambdaEnvironment]: string[];
};
export declare const EXTERNAL_ALLOW_LISTED_IMAGES_HOSTS: string[];
export declare class CSPInjectionService {

@@ -4,0 +8,0 @@ private getCSPReportUri;

10

out/csp/csp-injection-service.js
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.CSPInjectionService = void 0;
exports.CSPInjectionService = exports.EXTERNAL_ALLOW_LISTED_IMAGES_HOSTS = exports.ATLASSIAN_IMAGES_HOSTS = void 0;
const types_1 = require("../types");

@@ -33,3 +33,3 @@ const ATLASSIAN_API_GATEWAY_HOST = {

};
const ATLASSIAN_IMAGES_HOSTS = {
exports.ATLASSIAN_IMAGES_HOSTS = {
dev: [

@@ -71,3 +71,3 @@ `https://${ATLASSIAN_AVATAR_HOST['dev']}`,

};
const EXTERNAL_ALLOW_LISTED_IMAGES_HOSTS = ['https://secure.gravatar.com', 'https://images.unsplash.com'];
exports.EXTERNAL_ALLOW_LISTED_IMAGES_HOSTS = ['https://secure.gravatar.com', 'https://images.unsplash.com'];
class CSPInjectionService {

@@ -135,4 +135,4 @@ getCSPReportUri(microsEnv) {

hostname,
...EXTERNAL_ALLOW_LISTED_IMAGES_HOSTS,
...ATLASSIAN_IMAGES_HOSTS[microsEnv],
...exports.EXTERNAL_ALLOW_LISTED_IMAGES_HOSTS,
...exports.ATLASSIAN_IMAGES_HOSTS[microsEnv],
...this.getExistingCSPDetails(types_1.ExternalCspType.IMG_SRC, existingCSPDetails)

@@ -139,0 +139,0 @@ ]

6

package.json
{
"name": "@forge/csp",
"version": "3.5.0",
"version": "3.6.0-next.0",
"description": "Contains the CSP configuration for Custom UI resources in Forge",

@@ -14,4 +14,4 @@ "main": "out/index.js",

"devDependencies": {
"@forge/cli-shared": "6.5.0",
"@forge/manifest": "8.3.0",
"@forge/cli-shared": "6.5.1-next.2",
"@forge/manifest": "8.3.1-next.2",
"@types/jest": "^29.5.12",

@@ -18,0 +18,0 @@ "@types/node": "14.18.63"

out/csp/csp-injection-service.d.ts.map

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc