@forge/egress - npm Package Compare versions

Comparing version 1.2.0 to 1.2.1-next.0

CHANGELOG.md

 # @forge/egress
 
+## 1.2.1-next.0
+
+### Patch Changes
+
+- f18ccd86: Fixed bug greedily extracting the protocol from provided egress domains
+
 ## 1.2.0
@@ -4,0 +10,0 @@

out/egress/egress-filtering-service.d.ts

@@ -5,3 +5,2 @@ export declare class EgressFilteringService {
     private readonly allowsEverything;
-    private readonly DEFAULT_PROTOCOL;
     constructor(allowList: string[]);
@@ -8,0 +7,0 @@ private parseUrl;

out/egress/egress-filtering-service.js

@@ -9,3 +9,2 @@ "use strict";
     constructor(allowList) {
-        this.DEFAULT_PROTOCOL = 'https://';
         this.URLs = allowList.filter((domainOrURL) => !domainOrURL.startsWith('*')).map((url) => this.parseUrl(url));
@@ -19,5 +18,3 @@ this.wildcardDomains = allowList
     parseUrl(url) {
-        const protocolRegex = /^(.*:\/\/)/;
-        const urlWithProtocol = protocolRegex.test(url) ? url : `${this.DEFAULT_PROTOCOL}${url}`;
-        return (0, url_parser_1.parseUrl)(urlWithProtocol);
+        return (0, url_parser_1.parseUrl)(url);
     }
@@ -24,0 +21,0 @@ isValidUrl(url) {

out/egress/url-parser.js

@@ -6,6 +6,9 @@ "use strict";
     var _a, _b;
-    const protocol = (_b = (_a = url.match(/^(.*:\/\/)/)) === null || _a === void 0 ? void 0 : _a[0]) !== null && _b !== void 0 ? _b : 'https://';
-    const hostname = url.replace(protocol, '').split(/[\/?]/)[0];
+    const protocol = (_b = (_a = url.match(/^(.*?:)/)) === null || _a === void 0 ? void 0 : _a[0]) !== null && _b !== void 0 ? _b : 'https:';
+    const hostname = url
+        .replace(protocol, '')
+        .replace(/^\/*/, '')
+        .split(/[\?\/]/)[0];
     return { protocol, hostname };
 }
 exports.parseUrl = parseUrl;

package.json

 {
   "name": "@forge/egress",
-  "version": "1.2.0",
+  "version": "1.2.1-next.0",
   "description": "Helpers and utils for egress implementation in Forge apps",
@@ -5,0 +5,0 @@ "main": "out/index.js",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Worsened metrics

Total package byte prevSize

7178

decreased by-1.43%

Lines of code

101

decreased by-0.98%

Number of low quality alerts

2

increased by100%

No dependency changes