Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: migrate to nuxt modules #589

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .stackblitz/app.vue
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
<template>
<div>
Check out the browser network tab to see what Response Headers has been set for you by nuxt-security module
Check out the browser network tab to see what Response Headers has been set for you by @nuxtjs/security module
</div>
</template>
2 changes: 1 addition & 1 deletion .stackblitz/nuxt.config.ts
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
// https://v3.nuxtjs.org/api/configuration/nuxt.config
export default defineNuxtConfig({
modules: ['nuxt-security'],
modules: ['@nuxtjs/security'],
// Following configuration is only necessary to make Stackblitz work correctly.
// For local projects, you do not need any configuration to try it out.
security: {
Expand Down
2 changes: 1 addition & 1 deletion .stackblitz/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,6 @@
"nuxt": "^3.11.2"
},
"dependencies": {
"nuxt-security": "latest"
"@nuxtjs/security": "latest"
}
}
8 changes: 4 additions & 4 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,23 +3,23 @@

## v2.1.4

[compare changes](https://github.com/Baroshem/nuxt-security/compare/v2.1.3...v2.1.4)
[compare changes](https://github.com/nuxt-modules/security/compare/v2.1.3...v2.1.4)

### 🩹 Fixes

- #564 resolves issue with element.replace on non-string elements ([#564](https://github.com/Baroshem/nuxt-security/issues/564))
- #564 resolves issue with element.replace on non-string elements ([#564](https://github.com/nuxt-modules/security/issues/564))

### ❤️ Contributors

- Lawren <lawrenipsum@gmail.com>

## v2.1.3

[compare changes](https://github.com/Baroshem/nuxt-security/compare/v2.1.2...v2.1.3)
[compare changes](https://github.com/nuxt-modules/security/compare/v2.1.2...v2.1.3)

### 🩹 Fixes

- #564 resolves issue with element.replace on non-string elements ([#564](https://github.com/Baroshem/nuxt-security/issues/564))
- #564 resolves issue with element.replace on non-string elements ([#564](https://github.com/nuxt-modules/security/issues/564))

### ❤️ Contributors

Expand Down
26 changes: 13 additions & 13 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
[![nuxt-security](https://nuxt-security.vercel.app/preview.png)](https://nuxt-security.vercel.app)
[![nuxt-security](https://security.nuxtjs.org/preview.png)](https://security.nuxtjs.org)

[![npm version][npm-version-src]][npm-version-href]
[![npm downloads][npm-downloads-src]][npm-downloads-href]
Expand All @@ -12,8 +12,8 @@ Automatically configure your app to follow OWASP security patterns and principle

> This module works with Nuxt 3 only

- [📖 &nbsp;Read the documentation](https://nuxt-security.vercel.app)
- [👾 &nbsp;Playground](https://nuxt-security.vercel.app/playground)
- [📖 &nbsp;Read the documentation](https://security.nuxtjs.org)
- [👾 &nbsp;Playground](https://security.nuxtjs.org/playground)

## Features

Expand All @@ -40,14 +40,14 @@ You can pass configuration to the module in the `nuxt.config.ts` like following:

```ts
export default defineNuxtConfig({
modules: ["nuxt-security"],
modules: ["@nuxtjs/security"],
security: {
// options
}
})
```

For all available configuration options check out the [docs](https://nuxt-security.vercel.app).
For all available configuration options check out the [docs](https://security.nuxtjs.org).

## Development

Expand All @@ -60,13 +60,13 @@ For all available configuration options check out the [docs](https://nuxt-securi

<!-- Badges -->

[npm-version-src]: https://img.shields.io/npm/v/nuxt-security/latest.svg
[npm-version-href]: https://npmjs.com/package/nuxt-security
[npm-downloads-src]: https://img.shields.io/npm/dt/nuxt-security.svg
[npm-downloads-href]: https://npmjs.com/package/nuxt-security
[github-actions-ci-src]: https://github.com/baroshem/nuxt-security/actions/workflows/ci.yml/badge.svg
[github-actions-ci-href]: https://github.com/baroshem/nuxt-security/actions?query=workflow%3Aci
[license-src]: https://img.shields.io/npm/l/nuxt-security.svg
[license-href]: https://npmjs.com/package/nuxt-security
[npm-version-src]: https://img.shields.io/npm/v/@nuxtjs/security/latest.svg
[npm-version-href]: https://npmjs.com/package/@nuxtjs/security
[npm-downloads-src]: https://img.shields.io/npm/dt/@nuxtjs/security.svg
[npm-downloads-href]: https://npmjs.com/package/@nuxtjs/security
[github-actions-ci-src]: https://github.com/nuxt-modules/security/actions/workflows/ci.yml/badge.svg
[github-actions-ci-href]: https://github.com/nuxt-modules/security/actions?query=workflow%3Aci
[license-src]: https://img.shields.io/npm/l/@nuxtjs/security.svg
[license-href]: https://npmjs.com/package/@nuxtjs/security
[nuxt-src]: https://img.shields.io/badge/Nuxt-18181B?logo=nuxt.js
[nuxt-href]: https://nuxt.com
8 changes: 4 additions & 4 deletions docs/app.vue
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ const links = [
},
{
label: 'Releases',
to: 'https://github.com/Baroshem/nuxt-security/releases',
to: 'https://github.com/nuxt-modules/security/releases',
target: '_blank',
},
]
Expand Down Expand Up @@ -62,7 +62,7 @@ provide('navigation', navigation)
<UButton
aria-label="Nuxt Security on GitHub"
icon="i-simple-icons-github"
to="https://github.com/Baroshem/nuxt-security"
to="https://github.com/nuxt-modules/security"
target="_blank"
color="gray"
variant="ghost"
Expand Down Expand Up @@ -94,7 +94,7 @@ provide('navigation', navigation)
<span class="text-sm">
Published under
<NuxtLink
to="https://github.com/Baroshem/nuxt-security"
to="https://github.com/nuxt-modules/security"
target="_blank"
class="underline"
>MIT License</NuxtLink>
Expand All @@ -121,7 +121,7 @@ provide('navigation', navigation)
<UButton
aria-label="Nuxt Security on GitHub"
icon="i-simple-icons-github"
to="https://github.com/Baroshem/nuxt-security"
to="https://github.com/nuxt-modules/security"
target="_blank"
color="gray"
variant="ghost"
Expand Down
4 changes: 2 additions & 2 deletions docs/content/1.getting-started/1.installation.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ description: Having more secure Nuxt project is only one command away ✨.



Install `nuxt-security` module:
Install `'@nuxtjs/security'` module:
```bash
npx nuxi@latest module add security
```
Expand All @@ -22,4 +22,4 @@ security: {
}
```

You can find more about configuring `nuxt-security` [here](/getting-started/configuration).
You can find more about configuring `'@nuxtjs/security'` [here](/getting-started/configuration).
2 changes: 1 addition & 1 deletion docs/content/1.getting-started/2.configuration.md
Original file line number Diff line number Diff line change
Expand Up @@ -129,7 +129,7 @@ To modify these default settings and further increase the security of your appli

## Overriding a layer's configuration

If you extend a [Nuxt Layer](https://nuxt.com/docs/getting-started/layers) which adds `nuxt-security`, you can override that layer's `nuxt-security` configuration or parts of it by defining a module in your project's `nuxt.config.ts`. Here is an example that illustrates how to remove the `'none'` value set by default for `object-src`:
If you extend a [Nuxt Layer](https://nuxt.com/docs/getting-started/layers) which adds `'@nuxtjs/security'`, you can override that layer's `'@nuxtjs/security'` configuration or parts of it by defining a module in your project's `nuxt.config.ts`. Here is an example that illustrates how to remove the `'none'` value set by default for `object-src`:


```ts
Expand Down
10 changes: 5 additions & 5 deletions docs/content/1.getting-started/4.contributing.md
Original file line number Diff line number Diff line change
Expand Up @@ -11,20 +11,20 @@ description: We can never thank you enough for your contributions. ❤️

## How to contribute?

- Clone [nuxt-security](https://github.com/Baroshem/nuxt-security) repository
- Clone [nuxt-modules/security](https://github.com/nuxt-modules/security) repository
- Install dependencies using `yarn`
- Run `yarn dev:prepare` to generate type stubs.

## Nuxt Security

- Use `yarn dev` to start the [playground](https://github.com/Baroshem/nuxt-security/tree/main/playground) in development mode.
- Use `yarn dev` to start the [playground](https://github.com/nuxt-modules/security/tree/main/playground) in development mode.
- Apply your changes
- Add tests into the [test/](https://github.com/Baroshem/nuxt-security/tree/main/test) directory and run `yarn test` to make sure they pass.
- Add tests into the [test/](https://github.com/nuxt-modules/security/tree/main/test) directory and run `yarn test` to make sure they pass.
- Check the code style with `yarn lint`
- Before creating a PR, make sure to run `yarn build` and that no errors are reported.

### Documentation

- Use `yarn dev:docs` to start the [documentation](https://github.com/Baroshem/nuxt-security/tree/main/docs) in development mode.
- Use `yarn dev:docs` to start the [documentation](https://github.com/nuxt-modules/security/tree/main/docs) in development mode.
- Open [http://localhost:3000](http://localhost:3000) to view it in the browser.
- Update the content of the documentation in the [docs/content/](https://github.com/Baroshem/nuxt-security/tree/main/docs/content) directory.
- Update the content of the documentation in the [docs/content/](https://github.com/nuxt-modules/security/tree/main/docs/content) directory.
2 changes: 1 addition & 1 deletion docs/content/2.headers/3.crossOriginEmbedderPolicy.md
Original file line number Diff line number Diff line change
Expand Up @@ -97,5 +97,5 @@ However even with this setting, you might encounter difficulties.
2. Have a look at our documentation example code

Our own documentation website includes iframes from Youtube and Stackblitz.
Please have a look at our [Github source code](https://github.com/Baroshem/nuxt-security/blob/main/docs/nuxt.config.ts) to see how we set the Nuxt Security options to allow these iframes.
Please have a look at our [Github source code](https://github.com/nuxt-modules/security/blob/main/docs/nuxt.config.ts) to see how we set the Nuxt Security options to allow these iframes.

4 changes: 2 additions & 2 deletions docs/content/4.utils/1.hide-x-powered-by-header.md
Original file line number Diff line number Diff line change
Expand Up @@ -14,15 +14,15 @@ links:
Read more about it [here](https://cheatsheetseries.owasp.org/cheatsheets/Nodejs_Security_Cheat_Sheet.html#use-appropriate-security-headers).
::

Fortunately, `nuxt-security` module hides this header by default so your application is not leaking this information in the response headers.
Fortunately, `@nuxtjs/security` module hides this header by default so your application is not leaking this information in the response headers.

## Options

If you prefer not to have this changed, you can always disable this functionality from the module configuration (which is not recommended but possible) like the following:

```js{}[nuxt.config.ts]
export default defineNuxtConfig({
modules: ['nuxt-security'],
modules: ['@nuxtjs/security'],
security: {
hidePoweredBy: false
}
Expand Down
4 changes: 2 additions & 2 deletions docs/content/4.utils/2.remove-console-loggers.md
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ You can disable the feature by setting `removeLoggers: false`:

```js{}[nuxt.config.ts]
export default defineNuxtConfig({
modules: ['nuxt-security'],
modules: ['@nuxtjs/security'],

security: {
removeLoggers: false
Expand All @@ -48,7 +48,7 @@ If you want to use the `unplugin-remove` plugin method, pass an object to the `r

```js{}[nuxt.config.ts]
export default defineNuxtConfig({
modules: ['nuxt-security'],
modules: ['@nuxtjs/security'],

security: {
removeLoggers: {
Expand Down
24 changes: 12 additions & 12 deletions docs/content/5.advanced/2.faq.md
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ defineNuxtConfig({
```

::callout{icon="i-heroicons-light-bulb"}
Read more about it [here](https://github.com/Baroshem/nuxt-security/issues/309).
Read more about it [here](https://github.com/nuxt-modules/security/issues/309).
::


Expand All @@ -68,7 +68,7 @@ security:{
```

::callout{icon="i-heroicons-light-bulb"}
Read more about it [here](https://github.com/Baroshem/nuxt-security/issues/127).
Read more about it [here](https://github.com/nuxt-modules/security/issues/127).
::


Expand Down Expand Up @@ -122,7 +122,7 @@ useHead({
```

::callout{icon="i-heroicons-light-bulb"}
Read more about it [here](https://github.com/Baroshem/nuxt-security/issues/255#issuecomment-1793476794).
Read more about it [here](https://github.com/nuxt-modules/security/issues/255#issuecomment-1793476794).
::


Expand Down Expand Up @@ -159,7 +159,7 @@ defineNuxtConfig({
```

::callout{icon="i-heroicons-light-bulb"}
Read more about it [here](https://github.com/Baroshem/nuxt-security/discussions/302).
Read more about it [here](https://github.com/nuxt-modules/security/discussions/302).
::

### Google Auth
Expand All @@ -177,7 +177,7 @@ security:{
```

::callout{icon="i-heroicons-light-bulb"}
Read more about it [here](https://github.com/Baroshem/nuxt-security/issues/327).
Read more about it [here](https://github.com/nuxt-modules/security/issues/327).
::

## Testing CORS configuration
Expand All @@ -187,7 +187,7 @@ In the default configuration for CORS in Nuxt Security module, only the request
To test it, run your application and then in another test application running on a different port, send a request to the first app. You will get the CORS error there.

::callout{icon="i-heroicons-light-bulb"}
Read more about it [here](https://github.com/Baroshem/nuxt-security/issues/208).
Read more about it [here](https://github.com/nuxt-modules/security/issues/208).
::

## Set Content-Security-Policy-Report-Only
Expand All @@ -209,7 +209,7 @@ routeRules: {
```

::callout{icon="i-heroicons-light-bulb"}
Read more about it [here](https://github.com/Baroshem/nuxt-security/issues/193#issuecomment-1669009189).
Read more about it [here](https://github.com/nuxt-modules/security/issues/193#issuecomment-1669009189).
::

## Allowing images and scripts from external domains
Expand Down Expand Up @@ -239,7 +239,7 @@ Next, you need to configure your img tag to include the `crossorigin` attribute:
```

::callout{icon="i-heroicons-light-bulb"}
Read more about it [here](https://github.com/Baroshem/nuxt-security/issues/138#issuecomment-1497883915).
Read more about it [here](https://github.com/nuxt-modules/security/issues/138#issuecomment-1497883915).
::

## Nuxt Image
Expand Down Expand Up @@ -267,7 +267,7 @@ security:{
```

::callout{icon="i-heroicons-light-bulb"}
Read more about it [here](https://github.com/Baroshem/nuxt-security/issues/228).
Read more about it [here](https://github.com/nuxt-modules/security/issues/228).
::


Expand Down Expand Up @@ -342,7 +342,7 @@ Alternatively, you can use the `external` attribute on `NuxtLink` to set the nav
```

::callout{icon="i-heroicons-light-bulb"}
Read more about it [here](https://github.com/Baroshem/nuxt-security/issues/228).
Read more about it [here](https://github.com/nuxt-modules/security/issues/228).
::

### Running app with `--host` flag
Expand All @@ -352,7 +352,7 @@ If you want to expose your app in local network to test it by using other device
```ts
security: {
headers: {
crossOriginEmbedderPolicy: process.env.NODE_ENV === 'development' ? 'unsafe-none' : 'require-corp', //https://github.com/Baroshem/nuxt-security/issues/101
crossOriginEmbedderPolicy: process.env.NODE_ENV === 'development' ? 'unsafe-none' : 'require-corp', //https://github.com/nuxt-modules/security/issues/101
contentSecurityPolicy: {
"upgrade-insecure-requests": process.env.NODE_ENV === 'development' ? false : true // USE ONLY IN DEV MODE
}
Expand All @@ -364,5 +364,5 @@ security: {
```

::callout{icon="i-heroicons-light-bulb"}
Read more about it [here](https://github.com/Baroshem/nuxt-security/issues/397).
Read more about it [here](https://github.com/nuxt-modules/security/issues/397).
::
2 changes: 1 addition & 1 deletion docs/nuxt.config.ts
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ export default defineNuxtConfig({
modules: [
'@nuxt/content',
'@nuxt/ui',
'nuxt-security',
'@nuxtjs/security',
'@vueuse/nuxt'
],

Expand Down
2 changes: 1 addition & 1 deletion docs/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@
"@nuxt/ui-pro": "^1.3.1",
"@vueuse/nuxt": "^11.2.0",
"nuxt": "^3.11.2",
"nuxt-security": "latest",
"@nuxtjs/security": "latest",
"typescript": "^5.4.5"
}
}
4 changes: 2 additions & 2 deletions docs/pages/[...slug].vue
Original file line number Diff line number Diff line change
Expand Up @@ -39,13 +39,13 @@ const communityLinks = computed(() => [
{
icon: 'i-ph-pen-duotone',
label: 'Edit this page',
to: `https://github.com/Baroshem/nuxt-security/edit/main/docs/content/${page?.value?._file}`,
to: `https://github.com/nuxt-modules/security/edit/main/docs/content/${page?.value?._file}`,
target: '_blank',
},
{
icon: 'i-ph-shooting-star-duotone',
label: 'Star on GitHub',
to: 'https://github.com/Baroshem/nuxt-security',
to: 'https://github.com/nuxt-modules/security',
target: '_blank',
},
{
Expand Down
2 changes: 1 addition & 1 deletion docs/pages/index.vue
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ definePageMeta({
const seo = {
title: 'Nuxt Security',
description: 'Automatically configure your app to follow OWASP security patterns and principles by using HTTP Headers and Middleware.',
cover: 'https://nuxt-security.vercel.app/preview.png'
cover: 'https://security.nuxtjs.org/preview.png'
}

const source = ref('npx nuxi@latest module add security')
Expand Down
2 changes: 1 addition & 1 deletion docs/pages/playground.vue
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ useSeoMeta({
<ClientOnly>
<iframe
class="dark:bg-gray-950"
:src="`https://stackblitz.com/github/Baroshem/nuxt-security?embed=1&file=.stackblitz%2Fnuxt.config.ts&theme=${$colorMode.preference}`"
:src="`https://stackblitz.com/github/nuxt-modules/security?embed=1&file=.stackblitz%2Fnuxt.config.ts&theme=${$colorMode.preference}`"
width="100%"
height="100%"
/>
Expand Down
Loading
Loading