1
0
mirror of https://github.com/verdaccio/verdaccio.git synced 2024-12-20 17:05:52 +01:00

feat: trustProxy property (#3691)

This commit is contained in:
Juan Picado 2023-03-18 21:54:09 +01:00 committed by GitHub
parent 6ffb0091bd
commit 16e38df8ae
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
9 changed files with 36 additions and 7 deletions

@ -0,0 +1,9 @@
---
'@verdaccio/config': minor
'@verdaccio/core': minor
'@verdaccio/types': minor
'@verdaccio/server': minor
'@verdaccio/store': minor
---
feat: trustProxy property

@ -106,6 +106,9 @@ server:
# A regex for the password validation /.{3}$/ (3 characters min)
# An example to limit to 10 characters minimum
# passwordValidationRegex: /.{10}$/
# Allow `req.ip` to resolve properly when Verdaccio is behind a proxy or load-balancer
# See: https://expressjs.com/en/guide/behind-proxies.html
# trustProxy: '127.0.0.1'
# https://verdaccio.org/docs/configuration#offline-publish
# publish:

@ -112,6 +112,9 @@ server:
# A regex for the password validation /.{3}$/ (3 characters min)
# An example to limit to 10 characters minimum
# passwordValidationRegex: /.{10}$/
# Allow `req.ip` to resolve properly when Verdaccio is behind a proxy or load-balancer
# See: https://expressjs.com/en/guide/behind-proxies.html
# trustProxy: '127.0.0.1'
# https://verdaccio.org/docs/configuration#offline-publish
# publish:

@ -170,5 +170,5 @@ export interface IBasicAuth {
}
export interface ManifestFilter<T> extends Plugin<T> {
filterMetadata(packageInfo: Manifest): Promise<Manifest>;
filter_metadata(packageInfo: Manifest): Promise<Manifest>;
}

@ -30,14 +30,14 @@
"publishConfig": {
"access": "public"
},
"main": "build/types.d.ts",
"types": "build/types.d.ts",
"main": "src/types.ts",
"types": "src/types.ts",
"scripts": {
"clean": "rimraf ./build",
"test": "pnpm type-check",
"build:docs": "typedoc --options ./typedoc.json --tsconfig tsconfig.build.json",
"type-check": "tsc --noEmit -p tsconfig.build.json",
"build": "tsc --emitDeclarationOnly -p tsconfig.build.json"
"build": "echo 0"
},
"devDependencies": {
"@types/node": "16.18.10",

@ -226,6 +226,8 @@ export type ServerSettingsConf = {
*/
pluginPrefix?: string;
passwordValidationRegex?: RegExp;
// docs on `trustProxy` can be found at: https://expressjs.com/en/guide/behind-proxies.html
trustProxy?: string;
};
/**

@ -89,6 +89,12 @@ export interface Tags {
[key: string]: Version;
}
export interface PeerDependenciesMeta {
[dependencyName: string]: {
optional?: boolean;
};
}
export interface Version {
name: string;
version: string;
@ -116,6 +122,7 @@ export interface Version {
peerDependencies?: Dependencies;
devDependencies?: Dependencies;
optionalDependencies?: Dependencies;
peerDependenciesMeta?: PeerDependenciesMeta;
bundleDependencies?: Dependencies;
keywords?: string | string[];
nodeVersion?: string;
@ -127,6 +134,8 @@ export interface Version {
funding?: { type: string; url: string };
engines?: Engines;
hasInstallScript?: boolean;
cpu?: string[];
os?: string[];
}
export interface Dependencies {

@ -31,6 +31,9 @@ const defineAPI = async function (config: IConfig, storage: Storage): Promise<an
// run in production mode by default, just in case
// it shouldn't make any difference anyway
app.set('env', process.env.NODE_ENV || 'production');
if (config.server?.trustProxy) {
app.set('trust proxy', config.server.trustProxy);
}
app.use(cors());
app.use(rateLimit(config.serverSettings.rateLimit));

@ -670,8 +670,8 @@ class Storage {
config: this.config,
logger: this.logger,
},
(plugin) => {
return typeof plugin.filterMetadata !== 'undefined';
(plugin: pluginUtils.ManifestFilter<Config>) => {
return typeof plugin.filter_metadata !== 'undefined';
},
this.config?.serverSettings?.pluginPrefix
);
@ -1786,7 +1786,7 @@ class Storage {
// and return it directly for
// performance (i.e. need not be pure)
try {
filteredManifest = await filter.filterMetadata(manifest);
filteredManifest = await filter.filter_metadata(manifest);
} catch (err: any) {
this.logger.error({ err: err.message }, 'filter has failed @{err}');
filterPluginErrors.push(err);