From 69a5755a337342c051397763fbaf0a8f10a1971c Mon Sep 17 00:00:00 2001 From: Jonas Thelemann Date: Wed, 27 Sep 2023 18:22:00 +0200 Subject: [PATCH 1/5] ci: run on all pull requests and more branches --- .github/workflows/ci.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a0ba5a82..a958604a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -3,10 +3,11 @@ name: ci on: push: branches: + - alpha + - beta - main + - renovate/** pull_request: - branches: - - main jobs: ci: From 684709b7306f259b649239365b81c34c7441b3dc Mon Sep 17 00:00:00 2001 From: Jonas Thelemann Date: Wed, 27 Sep 2023 20:36:07 +0200 Subject: [PATCH 2/5] chore(defu): do not use default export --- src/module.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/module.ts b/src/module.ts index 2b23a79b..33e61845 100644 --- a/src/module.ts +++ b/src/module.ts @@ -1,7 +1,7 @@ import { fileURLToPath } from 'node:url' import { resolve, normalize } from 'pathe' import { defineNuxtModule, addServerHandler, installModule, addVitePlugin } from '@nuxt/kit' -import defu from 'defu' +import { defu } from 'defu' import { Nuxt, RuntimeConfig } from '@nuxt/schema' import { builtinDrivers } from 'unstorage' import { defuReplaceArray } from './utils' From eca3a8e8d6cf7337e9284f954403422283cbd01e Mon Sep 17 00:00:00 2001 From: Jonas Thelemann Date: Fri, 29 Sep 2023 07:47:22 +0200 Subject: [PATCH 3/5] chore(package): specify manager --- package.json | 1 + 1 file changed, 1 insertion(+) diff --git a/package.json b/package.json index 57dfb544..cd9cfc5e 100644 --- a/package.json +++ b/package.json @@ -48,6 +48,7 @@ "test:watch": "vitest watch", "stackblitz": "cd .stackblitz && yarn && yarn dev" }, + "packageManager": "yarn@1.22.19", "dependencies": { "@nuxt/kit": "^3.7.3", "basic-auth": "^2.0.1", From dabab162aa422f334d77b18a1d69062846eb894d Mon Sep 17 00:00:00 2001 From: Jonas Thelemann Date: Fri, 29 Sep 2023 07:59:36 +0200 Subject: [PATCH 4/5] docs(configuration): add layer overriding instructions --- .../1.getting-started/2.configuration.md | 35 +++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/docs/content/1.documentation/1.getting-started/2.configuration.md b/docs/content/1.documentation/1.getting-started/2.configuration.md index 23f3a7df..c7d6f05b 100644 --- a/docs/content/1.documentation/1.getting-started/2.configuration.md +++ b/docs/content/1.documentation/1.getting-started/2.configuration.md @@ -113,3 +113,38 @@ security: { ``` To read more about every security middleware, go to that middleware page in `security` section. + +## Overriding a layer's configuration + +If you extend a [Nuxt Layer](https://nuxt.com/docs/getting-started/layers) which adds `nuxt-security`, you can override that layer's `nuxt-security` configuration or parts of it by defining a module in your project's `nuxt.config.ts`. Here is an example that illustrates how to remove the `'none'` value set by default for `object-src`: + + +```ts +export default defineNuxtConfig( + { + extends: 'some-layer-adding-nuxt-security', + modules: [ + (_options, nuxt) => { + const nuxtConfigSecurity = nuxt.options.security + if ( + typeof nuxtConfigSecurity.headers !== 'boolean' && + nuxtConfigSecurity.headers.contentSecurityPolicy && + typeof nuxtConfigSecurity.headers.contentSecurityPolicy !== + 'boolean' && + typeof nuxtConfigSecurity.headers.contentSecurityPolicy !== + 'string' && + nuxtConfigSecurity.headers.contentSecurityPolicy['object-src'] + ) { + nuxtConfigSecurity.headers.contentSecurityPolicy['object-src'] = + nuxtConfigSecurity.headers.contentSecurityPolicy[ + 'object-src' + ].filter((x) => x !== "'none'") + } + console.log(nuxt.options.security) + }, + ], + } +) +``` + +Of course it's possible to define the module shown above using a file in the `modules` directory as well. From 68cc7af000135f3e7b27cd87e36b5e930e0f90db Mon Sep 17 00:00:00 2001 From: Jonas Thelemann Date: Sat, 30 Sep 2023 10:36:47 +0200 Subject: [PATCH 5/5] ci: remove alpha and beta, add `rc` --- .github/workflows/ci.yml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a958604a..011d498f 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -3,10 +3,9 @@ name: ci on: push: branches: - - alpha - - beta - - main - - renovate/** + - 'main' + - '**-rc.**' + - 'renovate/**' pull_request: jobs: