From 7e4e398f6baa8dc6aeb374e49072d15c03a44162 Mon Sep 17 00:00:00 2001 From: Rubin Bhandari Date: Mon, 18 Sep 2023 15:07:22 +0545 Subject: [PATCH] fix: security headers --- docker-compose.yml | 10 +- package.json | 4 +- pnpm-lock.yaml | 170 ++++++++++++++++---------------- src/common/helpers/app.utils.ts | 4 +- src/main.ts | 21 ++-- 5 files changed, 107 insertions(+), 102 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index bd9bceda..1a61b2a7 100755 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -116,10 +116,12 @@ services: - "traefik.http.middlewares.traefik-ratelimit.ratelimit.period=1m" # Set rate limit evaluation period to 1 minute - "traefik.http.middlewares.traefik-retry.retry.attempts=4" # Allow up to 4 retry attempts - "traefik.http.middlewares.traefik-retry.retry.initialinterval=100ms" # Set initial retry interval to 100 milliseconds - # - "traefik.http.middlewares.security-headers.headers.accesscontrolallowmethods=*" # Allow specified HTTP methods - # - "traefik.http.middlewares.security-headers.headers.accesscontrolalloworiginlist=*" # Allow specified HTTP methods - # - "traefik.http.middlewares.security-headers.headers.accesscontrolmaxage=100" # Set value for Access-Control-Max-Age header - # - "traefik.http.middlewares.security-headers.headers.addvaryheader=true" # Add Vary header to responses + # - "traefik.http.middlewares.security-headers.headers.accesscontrolallowmethods=GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS" # Allow specified HTTP methods + # - "traefik.http.middlewares.security-headers.headers.accesscontrolalloworiginlist=*" # Allow specified HTTP origin list + # - "traefik.http.middlewares.security-headers.headers.accessControlAllowCredentials=true" # Add control allow credentials header + # - "traefik.http.middlewares.security-headers.headers.accesscontrolallowheaders=*" # Add control allow credentials header + # - "traefik.http.middlewares.security-headers.headers.accesscontrolmaxage=3600" # Set value for Access-Control-Max-Age header + # - "traefik.http.middlewares.security-headers.headers.addvaryheader=true" # Add Vary header to responses - "traefik.http.middlewares.security-headers.headers.framedeny=true" # Enable frame denial for clickjacking protection - "traefik.http.middlewares.security-headers.headers.contenttypenosniff=true" # Enable Content-Type nosniff - "traefik.http.middlewares.security-headers.headers.browserxssfilter=false" # Enable browser XSS filter diff --git a/package.json b/package.json index 0d67edba..45014dba 100644 --- a/package.json +++ b/package.json @@ -36,6 +36,7 @@ "build": "nest build", "lint": "eslint '{src,test}/**/*.ts' --cache", "lint:fix": "eslint '{src,test}/**/*.ts' --cache --fix", + "orm": "npx mikro-orm", "prebuild": "rimraf dist", "sample": "cd env; npx sample-env --env .env.dev", "start": "nest start", @@ -48,8 +49,7 @@ "test:watch": "jest --watch", "test:cov": "jest --coverage", "test:debug": "node --inspect-brk -r tsconfig-paths/register -r ts-node/register node_modules/.bin/jest --runInBand", - "test:e2e": "jest --config ./test/jest-e2e.json --runInBand --forceExit", - "orm": "npx mikro-orm" + "test:e2e": "jest --config ./test/jest-e2e.json --runInBand --forceExit" }, "dependencies": { "@aws-sdk/client-s3": "^3.414.0", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index f1ef6f8a..c952c781 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -1128,27 +1128,27 @@ packages: resolution: {integrity: sha512-XktuhWlJ5g+3TJXc5upd9Ks1HutSArik6jf2eAjYFyIOf4ej3RN+184cZbzDvbPnuTJIUhPKKJE3cIsYTiAT3w==} engines: {node: '>=6.9.0'} dependencies: - '@babel/highlight': 7.22.13 + '@babel/highlight': 7.22.20 chalk: 2.4.2 - /@babel/compat-data@7.22.9: - resolution: {integrity: sha512-5UamI7xkUcJ3i9qVDS+KFDEK8/7oJ55/sJMB1Ge7IEapr7KfdfV/HErR+koZwOfd+SgtFKOKRhRakdg++DcJpQ==} + /@babel/compat-data@7.22.20: + resolution: {integrity: sha512-BQYjKbpXjoXwFW5jGqiizJQQT/aC7pFm9Ok1OWssonuguICi264lbgMzRp2ZMmRSlfkX6DsWDDcsrctK8Rwfiw==} engines: {node: '>=6.9.0'} dev: true - /@babel/core@7.22.19: - resolution: {integrity: sha512-Q8Yj5X4LHVYTbLCKVz0//2D2aDmHF4xzCdEttYvKOnWvErGsa6geHXD6w46x64n5tP69VfeH+IfSrdyH3MLhwA==} + /@babel/core@7.22.20: + resolution: {integrity: sha512-Y6jd1ahLubuYweD/zJH+vvOY141v4f9igNQAQ+MBgq9JlHS2iTsZKn1aMsb3vGccZsXI16VzTBw52Xx0DWmtnA==} engines: {node: '>=6.9.0'} dependencies: '@ampproject/remapping': 2.2.1 '@babel/code-frame': 7.22.13 '@babel/generator': 7.22.15 '@babel/helper-compilation-targets': 7.22.15 - '@babel/helper-module-transforms': 7.22.19(@babel/core@7.22.19) + '@babel/helper-module-transforms': 7.22.20(@babel/core@7.22.20) '@babel/helpers': 7.22.15 '@babel/parser': 7.22.16 '@babel/template': 7.22.15 - '@babel/traverse': 7.22.19 + '@babel/traverse': 7.22.20 '@babel/types': 7.22.19 convert-source-map: 1.9.0 debug: 4.3.4 @@ -1173,15 +1173,15 @@ packages: resolution: {integrity: sha512-y6EEzULok0Qvz8yyLkCvVX+02ic+By2UdOhylwUOvOn9dvYc9mKICJuuU1n1XBI02YWsNsnrY1kc6DVbjcXbtw==} engines: {node: '>=6.9.0'} dependencies: - '@babel/compat-data': 7.22.9 + '@babel/compat-data': 7.22.20 '@babel/helper-validator-option': 7.22.15 browserslist: 4.21.10 lru-cache: 5.1.1 semver: 6.3.1 dev: true - /@babel/helper-environment-visitor@7.22.5: - resolution: {integrity: sha512-XGmhECfVA/5sAt+H+xpSg0mfrHq6FzNr9Oxh7PSEBBRUb/mL7Kz3NICXb194rCqAEdxkhPT1a88teizAFyvk8Q==} + /@babel/helper-environment-visitor@7.22.20: + resolution: {integrity: sha512-zfedSIzFhat/gFhWfHtgWvlec0nqB9YEIVrpuwjruLlXfUSnA8cJB0miHKwqDnQ7d32aKo2xt88/xZptwxbfhA==} engines: {node: '>=6.9.0'} dev: true @@ -1207,18 +1207,18 @@ packages: '@babel/types': 7.22.19 dev: true - /@babel/helper-module-transforms@7.22.19(@babel/core@7.22.19): - resolution: {integrity: sha512-m6h1cJvn+OJ+R3jOHp30faq5xKJ7VbjwDj5RGgHuRlU9hrMeKsGC+JpihkR5w1g7IfseCPPtZ0r7/hB4UKaYlA==} + /@babel/helper-module-transforms@7.22.20(@babel/core@7.22.20): + resolution: {integrity: sha512-dLT7JVWIUUxKOs1UnJUBR3S70YK+pKX6AbJgB2vMIvEkZkrfJDbYDJesnPshtKV4LhDOR3Oc5YULeDizRek+5A==} engines: {node: '>=6.9.0'} peerDependencies: '@babel/core': ^7.0.0 dependencies: - '@babel/core': 7.22.19 - '@babel/helper-environment-visitor': 7.22.5 + '@babel/core': 7.22.20 + '@babel/helper-environment-visitor': 7.22.20 '@babel/helper-module-imports': 7.22.15 '@babel/helper-simple-access': 7.22.5 '@babel/helper-split-export-declaration': 7.22.6 - '@babel/helper-validator-identifier': 7.22.19 + '@babel/helper-validator-identifier': 7.22.20 dev: true /@babel/helper-plugin-utils@7.22.5: @@ -1244,8 +1244,8 @@ packages: resolution: {integrity: sha512-mM4COjgZox8U+JcXQwPijIZLElkgEpO5rsERVDJTc2qfCDfERyob6k5WegS14SX18IIjv+XD+GrqNumY5JRCDw==} engines: {node: '>=6.9.0'} - /@babel/helper-validator-identifier@7.22.19: - resolution: {integrity: sha512-Tinq7ybnEPFFXhlYOYFiSjespWQk0dq2dRNAiMdRTOYQzEGqnnNyrTxPYHP5r6wGjlF1rFgABdDV0g8EwD6Qbg==} + /@babel/helper-validator-identifier@7.22.20: + resolution: {integrity: sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==} engines: {node: '>=6.9.0'} /@babel/helper-validator-option@7.22.15: @@ -1258,17 +1258,17 @@ packages: engines: {node: '>=6.9.0'} dependencies: '@babel/template': 7.22.15 - '@babel/traverse': 7.22.19 + '@babel/traverse': 7.22.20 '@babel/types': 7.22.19 transitivePeerDependencies: - supports-color dev: true - /@babel/highlight@7.22.13: - resolution: {integrity: sha512-C/BaXcnnvBCmHTpz/VGZ8jgtE2aYlW4hxDhseJAWZb7gqGM/qtCK6iZUb0TyKFf7BOUsBH7Q7fkRsDRhg1XklQ==} + /@babel/highlight@7.22.20: + resolution: {integrity: sha512-dkdMCN3py0+ksCgYmGG8jKeGA/8Tk+gJwSYYlFGxG5lmhfKNoAy004YpLxpS1W2J8m/EK2Ew+yOs9pVRwO89mg==} engines: {node: '>=6.9.0'} dependencies: - '@babel/helper-validator-identifier': 7.22.19 + '@babel/helper-validator-identifier': 7.22.20 chalk: 2.4.2 js-tokens: 4.0.0 @@ -1279,132 +1279,132 @@ packages: dependencies: '@babel/types': 7.22.19 - /@babel/plugin-syntax-async-generators@7.8.4(@babel/core@7.22.19): + /@babel/plugin-syntax-async-generators@7.8.4(@babel/core@7.22.20): resolution: {integrity: sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==} peerDependencies: '@babel/core': ^7.0.0-0 dependencies: - '@babel/core': 7.22.19 + '@babel/core': 7.22.20 '@babel/helper-plugin-utils': 7.22.5 dev: true - /@babel/plugin-syntax-bigint@7.8.3(@babel/core@7.22.19): + /@babel/plugin-syntax-bigint@7.8.3(@babel/core@7.22.20): resolution: {integrity: sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==} peerDependencies: '@babel/core': ^7.0.0-0 dependencies: - '@babel/core': 7.22.19 + '@babel/core': 7.22.20 '@babel/helper-plugin-utils': 7.22.5 dev: true - /@babel/plugin-syntax-class-properties@7.12.13(@babel/core@7.22.19): + /@babel/plugin-syntax-class-properties@7.12.13(@babel/core@7.22.20): resolution: {integrity: sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==} peerDependencies: '@babel/core': ^7.0.0-0 dependencies: - '@babel/core': 7.22.19 + '@babel/core': 7.22.20 '@babel/helper-plugin-utils': 7.22.5 dev: true - /@babel/plugin-syntax-import-meta@7.10.4(@babel/core@7.22.19): + /@babel/plugin-syntax-import-meta@7.10.4(@babel/core@7.22.20): resolution: {integrity: sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==} peerDependencies: '@babel/core': ^7.0.0-0 dependencies: - '@babel/core': 7.22.19 + '@babel/core': 7.22.20 '@babel/helper-plugin-utils': 7.22.5 dev: true - /@babel/plugin-syntax-json-strings@7.8.3(@babel/core@7.22.19): + /@babel/plugin-syntax-json-strings@7.8.3(@babel/core@7.22.20): resolution: {integrity: sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==} peerDependencies: '@babel/core': ^7.0.0-0 dependencies: - '@babel/core': 7.22.19 + '@babel/core': 7.22.20 '@babel/helper-plugin-utils': 7.22.5 dev: true - /@babel/plugin-syntax-jsx@7.22.5(@babel/core@7.22.19): + /@babel/plugin-syntax-jsx@7.22.5(@babel/core@7.22.20): resolution: {integrity: sha512-gvyP4hZrgrs/wWMaocvxZ44Hw0b3W8Pe+cMxc8V1ULQ07oh8VNbIRaoD1LRZVTvD+0nieDKjfgKg89sD7rrKrg==} engines: {node: '>=6.9.0'} peerDependencies: '@babel/core': ^7.0.0-0 dependencies: - '@babel/core': 7.22.19 + '@babel/core': 7.22.20 '@babel/helper-plugin-utils': 7.22.5 dev: true - /@babel/plugin-syntax-logical-assignment-operators@7.10.4(@babel/core@7.22.19): + /@babel/plugin-syntax-logical-assignment-operators@7.10.4(@babel/core@7.22.20): resolution: {integrity: sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==} peerDependencies: '@babel/core': ^7.0.0-0 dependencies: - '@babel/core': 7.22.19 + '@babel/core': 7.22.20 '@babel/helper-plugin-utils': 7.22.5 dev: true - /@babel/plugin-syntax-nullish-coalescing-operator@7.8.3(@babel/core@7.22.19): + /@babel/plugin-syntax-nullish-coalescing-operator@7.8.3(@babel/core@7.22.20): resolution: {integrity: sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==} peerDependencies: '@babel/core': ^7.0.0-0 dependencies: - '@babel/core': 7.22.19 + '@babel/core': 7.22.20 '@babel/helper-plugin-utils': 7.22.5 dev: true - /@babel/plugin-syntax-numeric-separator@7.10.4(@babel/core@7.22.19): + /@babel/plugin-syntax-numeric-separator@7.10.4(@babel/core@7.22.20): resolution: {integrity: sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==} peerDependencies: '@babel/core': ^7.0.0-0 dependencies: - '@babel/core': 7.22.19 + '@babel/core': 7.22.20 '@babel/helper-plugin-utils': 7.22.5 dev: true - /@babel/plugin-syntax-object-rest-spread@7.8.3(@babel/core@7.22.19): + /@babel/plugin-syntax-object-rest-spread@7.8.3(@babel/core@7.22.20): resolution: {integrity: sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==} peerDependencies: '@babel/core': ^7.0.0-0 dependencies: - '@babel/core': 7.22.19 + '@babel/core': 7.22.20 '@babel/helper-plugin-utils': 7.22.5 dev: true - /@babel/plugin-syntax-optional-catch-binding@7.8.3(@babel/core@7.22.19): + /@babel/plugin-syntax-optional-catch-binding@7.8.3(@babel/core@7.22.20): resolution: {integrity: sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==} peerDependencies: '@babel/core': ^7.0.0-0 dependencies: - '@babel/core': 7.22.19 + '@babel/core': 7.22.20 '@babel/helper-plugin-utils': 7.22.5 dev: true - /@babel/plugin-syntax-optional-chaining@7.8.3(@babel/core@7.22.19): + /@babel/plugin-syntax-optional-chaining@7.8.3(@babel/core@7.22.20): resolution: {integrity: sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==} peerDependencies: '@babel/core': ^7.0.0-0 dependencies: - '@babel/core': 7.22.19 + '@babel/core': 7.22.20 '@babel/helper-plugin-utils': 7.22.5 dev: true - /@babel/plugin-syntax-top-level-await@7.14.5(@babel/core@7.22.19): + /@babel/plugin-syntax-top-level-await@7.14.5(@babel/core@7.22.20): resolution: {integrity: sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==} engines: {node: '>=6.9.0'} peerDependencies: '@babel/core': ^7.0.0-0 dependencies: - '@babel/core': 7.22.19 + '@babel/core': 7.22.20 '@babel/helper-plugin-utils': 7.22.5 dev: true - /@babel/plugin-syntax-typescript@7.22.5(@babel/core@7.22.19): + /@babel/plugin-syntax-typescript@7.22.5(@babel/core@7.22.20): resolution: {integrity: sha512-1mS2o03i7t1c6VzH6fdQ3OA8tcEIxwG18zIPRp+UY1Ihv6W+XZzBCVxExF9upussPXJ0xE9XRHwMoNs1ep/nRQ==} engines: {node: '>=6.9.0'} peerDependencies: '@babel/core': ^7.0.0-0 dependencies: - '@babel/core': 7.22.19 + '@babel/core': 7.22.20 '@babel/helper-plugin-utils': 7.22.5 dev: true @@ -1424,13 +1424,13 @@ packages: '@babel/types': 7.22.19 dev: true - /@babel/traverse@7.22.19: - resolution: {integrity: sha512-ZCcpVPK64krfdScRbpxF6xA5fz7IOsfMwx1tcACvCzt6JY+0aHkBk7eIU8FRDSZRU5Zei6Z4JfgAxN1bqXGECg==} + /@babel/traverse@7.22.20: + resolution: {integrity: sha512-eU260mPZbU7mZ0N+X10pxXhQFMGTeLb9eFS0mxehS8HZp9o1uSnFeWQuG1UPrlxgA7QoUzFhOnilHDp0AXCyHw==} engines: {node: '>=6.9.0'} dependencies: '@babel/code-frame': 7.22.13 '@babel/generator': 7.22.15 - '@babel/helper-environment-visitor': 7.22.5 + '@babel/helper-environment-visitor': 7.22.20 '@babel/helper-function-name': 7.22.5 '@babel/helper-hoist-variables': 7.22.5 '@babel/helper-split-export-declaration': 7.22.6 @@ -1447,7 +1447,7 @@ packages: engines: {node: '>=6.9.0'} dependencies: '@babel/helper-string-parser': 7.22.5 - '@babel/helper-validator-identifier': 7.22.19 + '@babel/helper-validator-identifier': 7.22.20 to-fast-properties: 2.0.0 /@bcoe/v8-coverage@0.2.3: @@ -2378,7 +2378,7 @@ packages: resolution: {integrity: sha512-ok/BTPFzFKVMwO5eOHRrvnBVHdRy9IrsrW1GpMaQ9MCnilNLXQKmAX8s1YXDFaai9xJpac2ySzV0YeRRECr2Vw==} engines: {node: ^14.15.0 || ^16.10.0 || >=18.0.0} dependencies: - '@babel/core': 7.22.19 + '@babel/core': 7.22.20 '@jest/types': 29.6.3 '@jridgewell/trace-mapping': 0.3.19 babel-plugin-istanbul: 6.1.1 @@ -5381,17 +5381,17 @@ packages: - debug dev: false - /babel-jest@29.7.0(@babel/core@7.22.19): + /babel-jest@29.7.0(@babel/core@7.22.20): resolution: {integrity: sha512-BrvGY3xZSwEcCzKvKsCi2GgHqDqsYkOP4/by5xCgIwGXQxIEh+8ew3gmrE1y7XRR6LHZIj6yLYnUi/mm2KXKBg==} engines: {node: ^14.15.0 || ^16.10.0 || >=18.0.0} peerDependencies: '@babel/core': ^7.8.0 dependencies: - '@babel/core': 7.22.19 + '@babel/core': 7.22.20 '@jest/transform': 29.7.0 '@types/babel__core': 7.20.2 babel-plugin-istanbul: 6.1.1 - babel-preset-jest: 29.6.3(@babel/core@7.22.19) + babel-preset-jest: 29.6.3(@babel/core@7.22.20) chalk: 4.1.2 graceful-fs: 4.2.11 slash: 3.0.0 @@ -5422,35 +5422,35 @@ packages: '@types/babel__traverse': 7.20.2 dev: true - /babel-preset-current-node-syntax@1.0.1(@babel/core@7.22.19): + /babel-preset-current-node-syntax@1.0.1(@babel/core@7.22.20): resolution: {integrity: sha512-M7LQ0bxarkxQoN+vz5aJPsLBn77n8QgTFmo8WK0/44auK2xlCXrYcUxHFxgU7qW5Yzw/CjmLRK2uJzaCd7LvqQ==} peerDependencies: '@babel/core': ^7.0.0 dependencies: - '@babel/core': 7.22.19 - '@babel/plugin-syntax-async-generators': 7.8.4(@babel/core@7.22.19) - '@babel/plugin-syntax-bigint': 7.8.3(@babel/core@7.22.19) - '@babel/plugin-syntax-class-properties': 7.12.13(@babel/core@7.22.19) - '@babel/plugin-syntax-import-meta': 7.10.4(@babel/core@7.22.19) - '@babel/plugin-syntax-json-strings': 7.8.3(@babel/core@7.22.19) - '@babel/plugin-syntax-logical-assignment-operators': 7.10.4(@babel/core@7.22.19) - '@babel/plugin-syntax-nullish-coalescing-operator': 7.8.3(@babel/core@7.22.19) - '@babel/plugin-syntax-numeric-separator': 7.10.4(@babel/core@7.22.19) - '@babel/plugin-syntax-object-rest-spread': 7.8.3(@babel/core@7.22.19) - '@babel/plugin-syntax-optional-catch-binding': 7.8.3(@babel/core@7.22.19) - '@babel/plugin-syntax-optional-chaining': 7.8.3(@babel/core@7.22.19) - '@babel/plugin-syntax-top-level-await': 7.14.5(@babel/core@7.22.19) - dev: true - - /babel-preset-jest@29.6.3(@babel/core@7.22.19): + '@babel/core': 7.22.20 + '@babel/plugin-syntax-async-generators': 7.8.4(@babel/core@7.22.20) + '@babel/plugin-syntax-bigint': 7.8.3(@babel/core@7.22.20) + '@babel/plugin-syntax-class-properties': 7.12.13(@babel/core@7.22.20) + '@babel/plugin-syntax-import-meta': 7.10.4(@babel/core@7.22.20) + '@babel/plugin-syntax-json-strings': 7.8.3(@babel/core@7.22.20) + '@babel/plugin-syntax-logical-assignment-operators': 7.10.4(@babel/core@7.22.20) + '@babel/plugin-syntax-nullish-coalescing-operator': 7.8.3(@babel/core@7.22.20) + '@babel/plugin-syntax-numeric-separator': 7.10.4(@babel/core@7.22.20) + '@babel/plugin-syntax-object-rest-spread': 7.8.3(@babel/core@7.22.20) + '@babel/plugin-syntax-optional-catch-binding': 7.8.3(@babel/core@7.22.20) + '@babel/plugin-syntax-optional-chaining': 7.8.3(@babel/core@7.22.20) + '@babel/plugin-syntax-top-level-await': 7.14.5(@babel/core@7.22.20) + dev: true + + /babel-preset-jest@29.6.3(@babel/core@7.22.20): resolution: {integrity: sha512-0B3bhxR6snWXJZtR/RliHTDPRgn1sNHOR0yVtq/IiQFyuOVjFS+wuio/R4gSNkyYmKmJB4wGZv2NZanmKmTnNA==} engines: {node: ^14.15.0 || ^16.10.0 || >=18.0.0} peerDependencies: '@babel/core': ^7.0.0 dependencies: - '@babel/core': 7.22.19 + '@babel/core': 7.22.20 babel-plugin-jest-hoist: 29.6.3 - babel-preset-current-node-syntax: 1.0.1(@babel/core@7.22.19) + babel-preset-current-node-syntax: 1.0.1(@babel/core@7.22.20) dev: true /babel-walk@3.0.0-canary-5: @@ -7006,7 +7006,7 @@ packages: peerDependencies: eslint: '>=8.44.0' dependencies: - '@babel/helper-validator-identifier': 7.22.19 + '@babel/helper-validator-identifier': 7.22.20 '@eslint-community/eslint-utils': 4.4.0(eslint@8.49.0) ci-info: 3.8.0 clean-regexp: 1.0.0 @@ -8715,7 +8715,7 @@ packages: resolution: {integrity: sha512-pzqtp31nLv/XFOzXGuvhCb8qhjmTVo5vjVk19XE4CRlSWz0KoeJ3bw9XsA7nOp9YBf4qHjwBxkDzKcME/J29Yg==} engines: {node: '>=8'} dependencies: - '@babel/core': 7.22.19 + '@babel/core': 7.22.20 '@babel/parser': 7.22.16 '@istanbuljs/schema': 0.1.3 istanbul-lib-coverage: 3.2.0 @@ -8728,7 +8728,7 @@ packages: resolution: {integrity: sha512-x58orMzEVfzPUKqlbLd1hXCnySCxKdDKa6Rjg97CwuLLRI4g3FHTdnExu1OqffVFay6zeMW+T6/DowFLndWnIw==} engines: {node: '>=10'} dependencies: - '@babel/core': 7.22.19 + '@babel/core': 7.22.20 '@babel/parser': 7.22.16 '@istanbuljs/schema': 0.1.3 istanbul-lib-coverage: 3.2.0 @@ -8853,11 +8853,11 @@ packages: ts-node: optional: true dependencies: - '@babel/core': 7.22.19 + '@babel/core': 7.22.20 '@jest/test-sequencer': 29.7.0 '@jest/types': 29.6.3 '@types/node': 20.6.2 - babel-jest: 29.7.0(@babel/core@7.22.19) + babel-jest: 29.7.0(@babel/core@7.22.20) chalk: 4.1.2 ci-info: 3.8.0 deepmerge: 4.3.1 @@ -9093,15 +9093,15 @@ packages: resolution: {integrity: sha512-Rm0BMWtxBcioHr1/OX5YCP8Uov4riHvKPknOGs804Zg9JGZgmIBkbtlxJC/7Z4msKYVbIJtfU+tKb8xlYNfdkw==} engines: {node: ^14.15.0 || ^16.10.0 || >=18.0.0} dependencies: - '@babel/core': 7.22.19 + '@babel/core': 7.22.20 '@babel/generator': 7.22.15 - '@babel/plugin-syntax-jsx': 7.22.5(@babel/core@7.22.19) - '@babel/plugin-syntax-typescript': 7.22.5(@babel/core@7.22.19) + '@babel/plugin-syntax-jsx': 7.22.5(@babel/core@7.22.20) + '@babel/plugin-syntax-typescript': 7.22.5(@babel/core@7.22.20) '@babel/types': 7.22.19 '@jest/expect-utils': 29.7.0 '@jest/transform': 29.7.0 '@jest/types': 29.6.3 - babel-preset-current-node-syntax: 1.0.1(@babel/core@7.22.19) + babel-preset-current-node-syntax: 1.0.1(@babel/core@7.22.20) chalk: 4.1.2 expect: 29.7.0 graceful-fs: 4.2.11 diff --git a/src/common/helpers/app.utils.ts b/src/common/helpers/app.utils.ts index 0800f248..31496bd0 100644 --- a/src/common/helpers/app.utils.ts +++ b/src/common/helpers/app.utils.ts @@ -85,8 +85,8 @@ export const AppUtils = { for (const method of methods) { if ( isArray(method.security) - // eslint-disable-next-line @typescript-eslint/no-unsafe-call - && method.security.includes(IS_PUBLIC_KEY_META) + // eslint-disable-next-line @typescript-eslint/no-unsafe-call + && method.security.includes(IS_PUBLIC_KEY_META) ) method.security = []; } diff --git a/src/main.ts b/src/main.ts index 271e8d9a..94b957c7 100644 --- a/src/main.ts +++ b/src/main.ts @@ -18,7 +18,7 @@ import { AppModule } from "./app.module"; import { createLogger } from "@lib/pino/app.logger"; import { AppUtils, HelperService } from "@common/helpers"; -declare const module: { hot: { accept: () => void; dispose: (argument0: () => Promise) => void } }; +declare const module: { hot: { accept: () => void; dispose: (argument: () => Promise) => void } }; const logger = new Logger("Bootstrap"); @@ -47,14 +47,17 @@ const bootstrap = async () => { bodyParser.json({ limit: "10mb" }), bodyParser.urlencoded({ limit: "10mb", extended: true }), ); - app.use(helmet()); - app.use(compression()); - app.enableCors({ - credentials: true, - methods: "GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS", - maxAge: 3600, - origin: configService.get("app.allowedOrigins", { infer: true }), - }); + + if (!HelperService.isProd()) { + app.use(compression()); + app.use(helmet()); + app.enableCors({ + credentials: true, + methods: "GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS", + maxAge: 3600, + origin: configService.get("app.allowedOrigins", { infer: true }), + }); + } // ===================================================== // configure global pipes, filters, interceptors