From 22287e33de0b7b9861fc7e333ada387b3e2bec7f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 19 Jun 2024 10:20:59 +0000 Subject: [PATCH 1/7] Bump ws from 7.5.9 to 7.5.10 Bumps [ws](https://github.com/websockets/ws) from 7.5.9 to 7.5.10. - [Release notes](https://github.com/websockets/ws/releases) - [Commits](https://github.com/websockets/ws/compare/7.5.9...7.5.10) --- updated-dependencies: - dependency-name: ws dependency-type: indirect ... Signed-off-by: dependabot[bot] --- package-lock.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/package-lock.json b/package-lock.json index 3a74b36..a1b8936 100644 --- a/package-lock.json +++ b/package-lock.json @@ -9376,9 +9376,9 @@ } }, "node_modules/ws": { - "version": "7.5.9", - "resolved": "https://registry.npmjs.org/ws/-/ws-7.5.9.tgz", - "integrity": "sha512-F+P9Jil7UiSKSkppIiD94dN07AwvFixvLIj1Og1Rl9GGMuNipJnV9JzjD6XuqmAeiswGvUmNLjr5cFuXwNS77Q==", + "version": "7.5.10", + "resolved": "https://registry.npmjs.org/ws/-/ws-7.5.10.tgz", + "integrity": "sha512-+dbF1tHwZpXcbOJdVOkzLDxZP1ailvSxM6ZweXTegylPny803bFhA+vqBYw4s31NSAk4S2Qz+AKXK9a4wkdjcQ==", "dev": true, "engines": { "node": ">=8.3.0" @@ -16538,9 +16538,9 @@ } }, "ws": { - "version": "7.5.9", - "resolved": "https://registry.npmjs.org/ws/-/ws-7.5.9.tgz", - "integrity": "sha512-F+P9Jil7UiSKSkppIiD94dN07AwvFixvLIj1Og1Rl9GGMuNipJnV9JzjD6XuqmAeiswGvUmNLjr5cFuXwNS77Q==", + "version": "7.5.10", + "resolved": "https://registry.npmjs.org/ws/-/ws-7.5.10.tgz", + "integrity": "sha512-+dbF1tHwZpXcbOJdVOkzLDxZP1ailvSxM6ZweXTegylPny803bFhA+vqBYw4s31NSAk4S2Qz+AKXK9a4wkdjcQ==", "dev": true, "requires": {} }, From f782b20be8b026c8ece8a6099f5b74f3385c30eb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 20 Jun 2024 09:30:49 +0000 Subject: [PATCH 2/7] Bump braces from 3.0.2 to 3.0.3 Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to 3.0.3. - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](https://github.com/micromatch/braces/compare/3.0.2...3.0.3) --- updated-dependencies: - dependency-name: braces dependency-type: indirect ... Signed-off-by: dependabot[bot] --- package-lock.json | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/package-lock.json b/package-lock.json index 3a74b36..880f567 100644 --- a/package-lock.json +++ b/package-lock.json @@ -2386,12 +2386,12 @@ } }, "node_modules/braces": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", - "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", + "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", "dev": true, "dependencies": { - "fill-range": "^7.0.1" + "fill-range": "^7.1.1" }, "engines": { "node": ">=8" @@ -4111,9 +4111,9 @@ } }, "node_modules/fill-range": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", - "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", + "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", "dev": true, "dependencies": { "to-regex-range": "^5.0.1" @@ -11310,12 +11310,12 @@ } }, "braces": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", - "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", + "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", "dev": true, "requires": { - "fill-range": "^7.0.1" + "fill-range": "^7.1.1" } }, "browser-process-hrtime": { @@ -12614,9 +12614,9 @@ } }, "fill-range": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", - "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", + "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", "dev": true, "requires": { "to-regex-range": "^5.0.1" From 472398fa155c7e5dbf9e438810db85ca1a492913 Mon Sep 17 00:00:00 2001 From: Emiliano Sanchez Date: Mon, 5 Aug 2024 20:44:18 +0100 Subject: [PATCH 3/7] Vulnerability fixes --- package-lock.json | 14 +++++++------- package.json | 2 +- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/package-lock.json b/package-lock.json index 0347aa1..350b8e4 100644 --- a/package-lock.json +++ b/package-lock.json @@ -9,7 +9,7 @@ "version": "0.6.0", "license": "Apache-2.0", "dependencies": { - "@splitsoftware/splitio-commons": "1.15.0", + "@splitsoftware/splitio-commons": "1.16.0", "dotenv": "^9.0.1", "node-fetch": "^2.6.7", "yargs": "^17.0.1" @@ -1488,9 +1488,9 @@ } }, "node_modules/@splitsoftware/splitio-commons": { - "version": "1.15.0", - "resolved": "https://registry.npmjs.org/@splitsoftware/splitio-commons/-/splitio-commons-1.15.0.tgz", - "integrity": "sha512-hCgh6pcAhSKXtDO6VvB+qKoiMH5u+rR/BX/rYuGwD25zjebbngg/iZXqErVbR3XiwveKL+ZBK/Kq9WieBKLZFg==", + "version": "1.16.0", + "resolved": "https://registry.npmjs.org/@splitsoftware/splitio-commons/-/splitio-commons-1.16.0.tgz", + "integrity": "sha512-k16cCWJOWut/NB5W1d9hQEYPxFrZXO66manp+8d6RjZYH4r+Q6lu82NYjDcfh5E93H9v+TVKcQLAmpVofbjcvg==", "dependencies": { "tslib": "^2.3.1" }, @@ -10626,9 +10626,9 @@ } }, "@splitsoftware/splitio-commons": { - "version": "1.15.0", - "resolved": "https://registry.npmjs.org/@splitsoftware/splitio-commons/-/splitio-commons-1.15.0.tgz", - "integrity": "sha512-hCgh6pcAhSKXtDO6VvB+qKoiMH5u+rR/BX/rYuGwD25zjebbngg/iZXqErVbR3XiwveKL+ZBK/Kq9WieBKLZFg==", + "version": "1.16.0", + "resolved": "https://registry.npmjs.org/@splitsoftware/splitio-commons/-/splitio-commons-1.16.0.tgz", + "integrity": "sha512-k16cCWJOWut/NB5W1d9hQEYPxFrZXO66manp+8d6RjZYH4r+Q6lu82NYjDcfh5E93H9v+TVKcQLAmpVofbjcvg==", "requires": { "tslib": "^2.3.1" } diff --git a/package.json b/package.json index c754a6c..14b47e3 100644 --- a/package.json +++ b/package.json @@ -51,7 +51,7 @@ "prepublishOnly": "npm run check && npm run test && npm run build" }, "dependencies": { - "@splitsoftware/splitio-commons": "1.15.0", + "@splitsoftware/splitio-commons": "1.16.0", "dotenv": "^9.0.1", "node-fetch": "^2.6.7", "yargs": "^17.0.1" From 2c2038532e203eee782d4aa42d1cf3f2fee60bca Mon Sep 17 00:00:00 2001 From: Emiliano Sanchez Date: Mon, 5 Aug 2024 20:47:18 +0100 Subject: [PATCH 4/7] Add changelog entry --- CHANGES.txt | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/CHANGES.txt b/CHANGES.txt index b772664..7c94a1a 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -1,3 +1,7 @@ +0.7.0 (August 6, 2024) + - Added `sync.requestOptions.agent` option to allow passing a custom NodeJS HTTP(S) Agent with specific configurations for the Synchronizer requests, like custom TLS settings or a network proxy (See https://help.split.io/hc/en-us/articles/4421513571469-Split-JavaScript-synchronizer-tools#proxy). + - Updated some transitive dependencies for vulnerability fixes. + 0.6.0 (May 13, 2024) - Added a new configuration option `sync.flagSpecVersion` to specify the flags spec version of feature flag definitions to be fetched and stored. - Updated @splitsoftware/splitio-commons package to version 1.15.0 that includes minor updates: From 4e3754be4f06276bba4a791aac3230f7a678d632 Mon Sep 17 00:00:00 2001 From: Emiliano Sanchez Date: Mon, 5 Aug 2024 21:14:54 +0100 Subject: [PATCH 5/7] Add config.sync.requestOptions.agent --- src/Synchronizer.ts | 10 ++++++-- src/settings/__tests__/index.spec.ts | 2 ++ src/settings/index.ts | 3 +++ types/index.d.ts | 34 ++++++++++++++++++++++++++++ 4 files changed, 47 insertions(+), 2 deletions(-) diff --git a/src/Synchronizer.ts b/src/Synchronizer.ts index a376f58..72b6c5b 100644 --- a/src/Synchronizer.ts +++ b/src/Synchronizer.ts @@ -88,8 +88,14 @@ export class Synchronizer { * The Split's HTTPclient, required to make the requests to the API. */ this._splitApi = splitApiFactory( - this.settings, - { getFetch: Synchronizer._getFetch }, + this.settings, // @ts-expect-error + { + getFetch: Synchronizer._getFetch, + getOptions(settings: ISettings) { + // @ts-expect-error + if (settings.sync.requestOptions) return settings.sync.requestOptions; + }, + }, telemetryTrackerFactory() // no-op telemetry tracker ); } diff --git a/src/settings/__tests__/index.spec.ts b/src/settings/__tests__/index.spec.ts index e4f2d5b..12a1ac4 100644 --- a/src/settings/__tests__/index.spec.ts +++ b/src/settings/__tests__/index.spec.ts @@ -17,6 +17,7 @@ describe('synchronizerSettingsValidator', () => { sync: { // @ts-expect-error flagSpecVersion: 'invalid', + requestOptions: { agent: false }, }, storage: { wrapper: {} }, }; @@ -26,6 +27,7 @@ describe('synchronizerSettingsValidator', () => { expect(settings.scheduler.impressionsPerPost).toBe(defaults.scheduler.impressionsPerPost); expect(settings.scheduler.maxRetries).toBe(config.scheduler!.maxRetries); expect(settings.sync.flagSpecVersion).toBe('1.1'); + expect(settings.sync.requestOptions).toBe(config.sync!.requestOptions); }); }); diff --git a/src/settings/index.ts b/src/settings/index.ts index efdd77e..0ad6c55 100644 --- a/src/settings/index.ts +++ b/src/settings/index.ts @@ -48,6 +48,9 @@ export function synchronizerSettingsValidator( // @ts-ignore, override readonly prop settings.mode = undefined; // "producer" mode + // if provided, keeps reference to the `requestOptions` object + if (settings.sync.requestOptions) settings.sync.requestOptions = config!.sync!.requestOptions; + const { scheduler, log } = settings; // @TODO validate synchronizerMode eventually diff --git a/types/index.d.ts b/types/index.d.ts index 862b1c7..b94454f 100644 --- a/types/index.d.ts +++ b/types/index.d.ts @@ -1,6 +1,7 @@ // Type definitions for Split JavaScript Sync Tools // Project: http://www.split.io/ // Definitions by: Emiliano Sanchez +import { RequestOptions } from 'http'; export = JsSyncTools; @@ -186,6 +187,39 @@ declare module JsSyncTools { * @default 'OPTIMIZED' */ impressionsMode?: ImpressionsMode + /** + * Custom options object for HTTP(S) requests in NodeJS. + * If provided, this object is merged with the options object passed for Node-Fetch calls. + * @see {@link https://www.npmjs.com/package/node-fetch#options} + */ + requestOptions?: { + /** + * Custom NodeJS HTTP(S) Agent used for HTTP(S) requests. + * + * You can use it, for example, for certificate pinning or setting a network proxy: + * + * ```javascript + * const { HttpsProxyAgent } = require('https-proxy-agent'); + * + * const proxyAgent = new HttpsProxyAgent(process.env.HTTPS_PROXY || 'http://10.10.1.10:1080'); + * + * const synchronizer = Synchronizer({ + * ... + * sync: { + * requestOptions: { + * agent: proxyAgent + * } + * } + * }) + * ``` + * + * @see {@link https://nodejs.org/api/https.html#class-httpsagent} + * + * @property {http.Agent | https.Agent} agent + * @default undefined + */ + agent?: RequestOptions['agent'] + }, } /** * Scheduler settings. From cada0b04e6a69f9e3aa99131df4894ec16e81264 Mon Sep 17 00:00:00 2001 From: Emiliano Sanchez Date: Mon, 5 Aug 2024 21:15:25 +0100 Subject: [PATCH 6/7] rc --- package-lock.json | 4 ++-- package.json | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/package-lock.json b/package-lock.json index 350b8e4..e1e9158 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "@splitsoftware/splitio-sync-tools", - "version": "0.6.0", + "version": "0.6.1-rc.0", "lockfileVersion": 2, "requires": true, "packages": { "": { "name": "@splitsoftware/splitio-sync-tools", - "version": "0.6.0", + "version": "0.6.1-rc.0", "license": "Apache-2.0", "dependencies": { "@splitsoftware/splitio-commons": "1.16.0", diff --git a/package.json b/package.json index 14b47e3..d9114e2 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@splitsoftware/splitio-sync-tools", - "version": "0.6.0", + "version": "0.6.1-rc.0", "description": "Split JavaScript Sync Tools", "main": "lib/cjs/index.js", "module": "lib/esm/index.js", From c897b085e2c69a628c557deac35fc260c03dc7d3 Mon Sep 17 00:00:00 2001 From: Emiliano Sanchez Date: Mon, 5 Aug 2024 21:49:00 +0100 Subject: [PATCH 7/7] stable version --- CHANGES.txt | 2 +- package-lock.json | 4 ++-- package.json | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/CHANGES.txt b/CHANGES.txt index 7c94a1a..7130c42 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -1,4 +1,4 @@ -0.7.0 (August 6, 2024) +0.7.0 (August 5, 2024) - Added `sync.requestOptions.agent` option to allow passing a custom NodeJS HTTP(S) Agent with specific configurations for the Synchronizer requests, like custom TLS settings or a network proxy (See https://help.split.io/hc/en-us/articles/4421513571469-Split-JavaScript-synchronizer-tools#proxy). - Updated some transitive dependencies for vulnerability fixes. diff --git a/package-lock.json b/package-lock.json index e1e9158..037ba48 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "@splitsoftware/splitio-sync-tools", - "version": "0.6.1-rc.0", + "version": "0.7.0", "lockfileVersion": 2, "requires": true, "packages": { "": { "name": "@splitsoftware/splitio-sync-tools", - "version": "0.6.1-rc.0", + "version": "0.7.0", "license": "Apache-2.0", "dependencies": { "@splitsoftware/splitio-commons": "1.16.0", diff --git a/package.json b/package.json index d9114e2..3cd5333 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@splitsoftware/splitio-sync-tools", - "version": "0.6.1-rc.0", + "version": "0.7.0", "description": "Split JavaScript Sync Tools", "main": "lib/cjs/index.js", "module": "lib/esm/index.js",