npm package diff

Package: @forge/csp

Versions: 3.5.0 - 3.6.0-next.0

Modified: package/out/csp/csp-injection-service.js

Index: package/out/csp/csp-injection-service.js
===================================================================
--- package/out/csp/csp-injection-service.js
+++ package/out/csp/csp-injection-service.js
@@ -1,7 +1,7 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.CSPInjectionService = void 0;
+exports.CSPInjectionService = exports.EXTERNAL_ALLOW_LISTED_IMAGES_HOSTS = exports.ATLASSIAN_IMAGES_HOSTS = void 0;
 const types_1 = require("../types");
 const ATLASSIAN_API_GATEWAY_HOST = {
     dev: 'https://api.dev.atlassian.com',
     stg: 'https://api.stg.atlassian.com',
@@ -29,9 +29,9 @@
     prod: 'https://pf-emoji-service--cdn.us-east-1.prod.public.atl-paas.net',
     'fedramp-stg': 'https://pf-emoji-service--cdn.us-east-1.staging.cdn.atlassian-us-gov-mod.com',
     'fedramp-prod': 'https://pf-emoji-service--cdn.us-east-1.prod.cdn.atlassian-us-gov-mod.com'
 };
-const ATLASSIAN_IMAGES_HOSTS = {
+exports.ATLASSIAN_IMAGES_HOSTS = {
     dev: [
         `https://${ATLASSIAN_AVATAR_HOST['dev']}`,
         `https://*.wp.com/${ATLASSIAN_AVATAR_HOST['dev']}/`,
         ATLASSIAN_API_GATEWAY_HOST['dev'],
@@ -66,9 +66,9 @@
         ATLASSIAN_MEDIA_GATEWAY_HOST['fedramp-prod'],
         ATLASSIAN_EMOJIS_HOST['fedramp-prod']
     ]
 };
-const EXTERNAL_ALLOW_LISTED_IMAGES_HOSTS = ['https://secure.gravatar.com', 'https://images.unsplash.com'];
+exports.EXTERNAL_ALLOW_LISTED_IMAGES_HOSTS = ['https://secure.gravatar.com', 'https://images.unsplash.com'];
 class CSPInjectionService {
     getCSPReportUri(microsEnv) {
         if (microsEnv === 'dev' || microsEnv === 'stg')
             return 'https://web-security-reports.stg.services.atlassian.com/csp-report/forge-cdn';
@@ -129,10 +129,10 @@
             "'self'",
             'data:',
             'blob:',
             hostname,
-            ...EXTERNAL_ALLOW_LISTED_IMAGES_HOSTS,
-            ...ATLASSIAN_IMAGES_HOSTS[microsEnv],
+            ...exports.EXTERNAL_ALLOW_LISTED_IMAGES_HOSTS,
+            ...exports.ATLASSIAN_IMAGES_HOSTS[microsEnv],
             ...this.getExistingCSPDetails(types_1.ExternalCspType.IMG_SRC, existingCSPDetails)
         ]
             .filter((a) => a)
             .join(' ');

Modified: package/package.json

Index: package/package.json
===================================================================
--- package/package.json
+++ package/package.json
@@ -1,7 +1,7 @@
 {
   "name": "@forge/csp",
-  "version": "3.5.0",
+  "version": "3.6.0-next.0",
   "description": "Contains the CSP configuration for Custom UI resources in Forge",
   "main": "out/index.js",
   "author": "Atlassian",
   "license": "UNLICENSED",
@@ -10,10 +10,10 @@
     "compile": "tsc -b -v",
     "clean": "rm -rf ./out && rm -f tsconfig.tsbuildinfo"
   },
   "devDependencies": {
-    "@forge/cli-shared": "6.5.0",
-    "@forge/manifest": "8.3.0",
+    "@forge/cli-shared": "6.5.1-next.2",
+    "@forge/manifest": "8.3.1-next.2",
     "@types/jest": "^29.5.12",
     "@types/node": "14.18.63"
   },
   "dependencies": {

Modified: package/out/csp/csp-injection-service.d.ts.map

Index: package/out/csp/csp-injection-service.d.ts.map
===================================================================
--- package/out/csp/csp-injection-service.d.ts.map
+++ package/out/csp/csp-injection-service.d.ts.map
@@ -1,1 +1,1 @@
-{"version":3,"file":"csp-injection-service.d.ts","sourceRoot":"","sources":["../../src/csp/csp-injection-service.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAE3D,OAAO,EAAE,UAAU,EAAmB,MAAM,UAAU,CAAC;AAuFvD,qBAAa,mBAAmB;IAC9B,OAAO,CAAC,eAAe;IAOvB,OAAO,CAAC,iBAAiB;IAMzB,OAAO,CAAC,qBAAqB;IAI7B,OAAO,CAAC,aAAa;IAgBrB,OAAO,CAAC,iBAAiB;IA8BlB,gBAAgB;4BAOD,UAAU;mBACnB,iBAAiB;;;;UAI1B,MAAM,EAAE,CA6DV;CACH"}
\ No newline at end of file
+{"version":3,"file":"csp-injection-service.d.ts","sourceRoot":"","sources":["../../src/csp/csp-injection-service.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAE3D,OAAO,EAAE,UAAU,EAAmB,MAAM,UAAU,CAAC;AA2CvD,eAAO,MAAM,sBAAsB,EAAE;KAAG,SAAS,IAAI,iBAAiB,GAAG,MAAM,EAAE;CAoChF,CAAC;AAMF,eAAO,MAAM,kCAAkC,UAAiE,CAAC;AAEjH,qBAAa,mBAAmB;IAC9B,OAAO,CAAC,eAAe;IAOvB,OAAO,CAAC,iBAAiB;IAMzB,OAAO,CAAC,qBAAqB;IAI7B,OAAO,CAAC,aAAa;IAgBrB,OAAO,CAAC,iBAAiB;IA8BlB,gBAAgB;4BAOD,UAAU;mBACnB,iBAAiB;;;;UAI1B,MAAM,EAAE,CA6DV;CACH"}
\ No newline at end of file

Modified: package/CHANGELOG.md

Index: package/CHANGELOG.md
===================================================================
--- package/CHANGELOG.md
+++ package/CHANGELOG.md
@@ -1,6 +1,12 @@
 # @forge/csp
 
+## 3.6.0-next.0
+
+### Minor Changes
+
+- 3493ddf: Export image host allowlist
+
 ## 3.5.0
 
 ### Minor Changes

Modified: package/out/csp/csp-injection-service.d.ts

Index: package/out/csp/csp-injection-service.d.ts
===================================================================
--- package/out/csp/csp-injection-service.d.ts
+++ package/out/csp/csp-injection-service.d.ts
@@ -1,6 +1,10 @@
 import type { LambdaEnvironment } from '@forge/cli-shared';
 import { CSPDetails } from '../types';
+export declare const ATLASSIAN_IMAGES_HOSTS: {
+    [microsEnv in LambdaEnvironment]: string[];
+};
+export declare const EXTERNAL_ALLOW_LISTED_IMAGES_HOSTS: string[];
 export declare class CSPInjectionService {
     private getCSPReportUri;
     private getForgeGlobalCSP;
     private getExistingCSPDetails;