fix: revert header/allowedHeader

renovatebot · Jan 16, 2024 · 8815f1c · 8815f1c
1 parent 5c1a553
commit 8815f1c
Show file tree

Hide file tree

Showing 10 changed files with 45 additions and 45 deletions.
diff --git a/docs/usage/configuration-options.md b/docs/usage/configuration-options.md
@@ -1809,14 +1809,14 @@ It uses `QuickLRU` with a `maxSize` of `1000`.
 
 Enable got [http2](https://github.com/sindresorhus/got/blob/v11.5.2/readme.md#http2) support.
 
-### header
+### headers
 
-You can provide a `header` object that includes fields to be forwarded to the HTTP request header.
+You can provide a `headers` object that includes fields to be forwarded to the HTTP request headers.
 By default, all headers starting with "X-" are allowed.
 
-A bot administrator may configure an override for [`allowedHeader`](./self-hosted-configuration.md#allowedHeader) to configure more permitted headers.
+A bot administrator may configure an override for [`allowedHeaders`](./self-hosted-configuration.md#allowedHeaders) to configure more permitted headers.
 
-`header` value(s) configured in the bot admin `hostRules` (for example in a `config.js` file) are _not_ validated, so it may contain any header regardless of `allowedHeader`.
+`headers` value(s) configured in the bot admin `hostRules` (for example in a `config.js` file) are _not_ validated, so it may contain any header regardless of `allowedHeaders`.
 
 For example:
 
@@ -1825,7 +1825,7 @@ For example:
  "hostRules": [
  {
  "matchHost": "https://domain.com/all-versions",
- "header": {
+ "headers": {
  "X-custom-header": "secret"
  }
  }

diff --git a/docs/usage/self-hosted-configuration.md b/docs/usage/self-hosted-configuration.md
@@ -63,13 +63,13 @@ But before you disable templating completely, try the `allowedPostUpgradeCommand
 
 ## allowScripts
 
-## allowedHeader
+## allowedHeaders
 
-`allowedHeader` can be useful when a registry uses a authentication system that's not covered by Renovate's default credential handling in `hostRules`.
+`allowedHeaders` can be useful when a registry uses a authentication system that's not covered by Renovate's default credential handling in `hostRules`.
 By default, all headers starting with "X-" are allowed.
-If needed, you can allow additional headers with the `allowedHeader` option.
-Any set `allowedHeader` overrides the default "X-" allowed header, so you should include them in your config if you wish for them to remain allowed.
-The `allowedHeader` config option takes an array of minimatch-compatible globs or re2-compatible regex strings.
+If needed, you can allow additional headers with the `allowedHeaders` option.
+Any set `allowedHeaders` overrides the default "X-" allowed headers, so you should include them in your config if you wish for them to remain allowed.
+The `allowedHeaders` config option takes an array of minimatch-compatible globs or re2-compatible regex strings.
 
 Examples:
 
@@ -85,19 +85,19 @@ Examples:
  "hostRules": [
  {
  "matchHost": "https://domain.com/all-versions",
- "header": {
+ "headers": {
  "X-Auth-Token": "secret"
  }
  }
  ]
 }
 ```
 
-Or with custom `allowedHeader`:
+Or with custom `allowedHeaders`:
 
 ```js title="config.js"
 module.exports = {
- allowedHeader: ['custom-header'],
+ allowedHeaders: ['custom-header'],
 };
 ```
 

diff --git a/lib/config/global.ts b/lib/config/global.ts
@@ -4,7 +4,7 @@ export class GlobalConfig {
  // TODO: once global config work is complete, add a test to make sure this list includes all options with globalOnly=true (#9603)
  private static readonly OPTIONS: (keyof RepoGlobalConfig)[] = [
  'allowCustomCrateRegistries',
- 'allowedHeader',
+ 'allowedHeaders',
  'allowedPostUpgradeCommands',
  'allowPlugins',
  'allowPostUpgradeCommandTemplating',

diff --git a/lib/config/options/index.ts b/lib/config/options/index.ts
@@ -6,7 +6,7 @@ import type { RenovateOptions } from '../types';
 
 const options: RenovateOptions[] = [
  {
- name: 'allowedHeader',
+ name: 'allowedHeaders',
  description:
  'List of allowed patterns for header names in repository hostRules config.',
  type: 'array',
@@ -2404,9 +2404,9 @@ const options: RenovateOptions[] = [
  advancedUse: true,
  },
  {
- name: 'header',
+ name: 'headers',
  description:
- 'Put fields to be forwarded to the HTTP request header in the header config option.',
+ 'Put fields to be forwarded to the HTTP request headers in the headers config option.',
  type: 'object',
  parent: 'hostRules',
  cli: false,

diff --git a/lib/config/types.ts b/lib/config/types.ts
@@ -127,7 +127,7 @@ export interface RepoGlobalConfig {
  allowPlugins?: boolean;
  allowPostUpgradeCommandTemplating?: boolean;
  allowScripts?: boolean;
- allowedHeader?: string[];
+ allowedHeaders?: string[];
  allowedPostUpgradeCommands?: string[];
  binarySource?: 'docker' | 'global' | 'install' | 'hermit';
  cacheHardTtlMinutes?: number;

diff --git a/lib/config/validation.spec.ts b/lib/config/validation.spec.ts
@@ -923,13 +923,13 @@ describe('config/validation', () => {
  });
 
  it('errors if forbidden header in hostRules', async () => {
- GlobalConfig.set({ allowedHeader: ['X-*'] });
+ GlobalConfig.set({ allowedHeaders: ['X-*'] });
 
  const config = {
  hostRules: [
  {
  matchHost: 'https://domain.com/all-versions',
- header: {
+ headers: {
  'X-Auth-Token': 'token',
  unallowedHeader: 'token',
  },
@@ -942,20 +942,20 @@ describe('config/validation', () => {
  expect(errors).toMatchObject([
  {
  message:
- "hostRules header `unallowedHeader` is not permitted by this bot's `allowedHeader`.",
+ "hostRules header `unallowedHeader` is not allowed by this bot's `allowedHeaders`.",
  topic: 'Configuration Error',
  },
  ]);
  });
 
- it('errors if header values are not string', async () => {
- GlobalConfig.set({ allowedHeader: ['X-*'] });
+ it('errors if headers values are not string', async () => {
+ GlobalConfig.set({ allowedHeaders: ['X-*'] });
 
  const config = {
  hostRules: [
  {
  matchHost: 'https://domain.com/all-versions',
- header: {
+ headers: {
  'X-Auth-Token': 10,
  } as unknown as Record<string, string>,
  },
@@ -967,7 +967,7 @@ describe('config/validation', () => {
  expect(errors).toMatchObject([
  {
  message:
- 'Invalid hostRules header value configuration: header must be a string.',
+ 'Invalid hostRules headers value configuration: header must be a string.',
  topic: 'Configuration Error',
  },
  ]);

diff --git a/lib/config/validation.ts b/lib/config/validation.ts
@@ -40,7 +40,7 @@ const topLevelObjects = managerList;
 
 const ignoredNodes = [
  '$schema',
- 'header',
+ 'headers',
  'depType',
  'npmToken',
  'packageFile',
@@ -679,22 +679,22 @@ export async function validateConfig(
  }
 
  if (key === 'hostRules' && is.array(val)) {
- const allowedHeader = GlobalConfig.get('allowedHeader');
+ const allowedHeaders = GlobalConfig.get('allowedHeaders');
  for (const rule of val as HostRule[]) {
- if (!rule.header) {
+ if (!rule.headers) {
  continue;
  }
- for (const [header, value] of Object.entries(rule.header)) {
+ for (const [header, value] of Object.entries(rule.headers)) {
  if (!is.string(value)) {
  errors.push({
  topic: 'Configuration Error',
- message: `Invalid hostRules header value configuration: header must be a string.`,
+ message: `Invalid hostRules headers value configuration: header must be a string.`,
  });
  }
- if (!anyMatchRegexOrMinimatch(allowedHeader, header)) {
+ if (!anyMatchRegexOrMinimatch(allowedHeaders, header)) {
  errors.push({
  topic: 'Configuration Error',
- message: `hostRules header \`${header}\` is not allowed by this bot's \`allowedHeader\`.`,
+ message: `hostRules header \`${header}\` is not allowed by this bot's \`allowedHeaders\`.`,
  });
  }
  }

diff --git a/lib/types/host-rules.ts b/lib/types/host-rules.ts
@@ -11,7 +11,7 @@ export interface HostRuleSearchResult {
  enableHttp2?: boolean;
  concurrentRequestLimit?: number;
  maxRequestsPerSecond?: number;
- header?: Record<string, string>;
+ headers?: Record<string, string>;
  maxRetryAfter?: number;
 
  dnsCache?: boolean;

diff --git a/lib/util/http/host-rules.spec.ts b/lib/util/http/host-rules.spec.ts
@@ -544,11 +544,11 @@ describe('util/http/host-rules', () => {
  });
  });
 
- it('should remove forbidden header from request', () => {
- GlobalConfig.set({ allowedHeader: ['X-*'] });
+ it('should remove forbidden headers from request', () => {
+ GlobalConfig.set({ allowedHeaders: ['X-*'] });
  const hostRule = {
  matchHost: 'https://domain.com/all-versions',
- header: {
+ headers: {
  'X-Auth-Token': 'token',
  unallowedHeader: 'token',
  },

diff --git a/lib/util/http/host-rules.ts b/lib/util/http/host-rules.ts
@@ -164,23 +164,23 @@ export function applyHostRule<GotOptions extends HostRulesGotOptions>(
  options.lookup = dnsLookup;
  }
 
- if (hostRule.header) {
- const allowedHeader = GlobalConfig.get('allowedHeader');
- const filteredHeader: Record<string, string> = {};
+ if (hostRule.headers) {
+ const allowedHeaders = GlobalConfig.get('allowedHeaders');
+ const filteredHeaders: Record<string, string> = {};
 
- for (const [header, value] of Object.entries(hostRule.header)) {
- if (anyMatchRegexOrMinimatch(allowedHeader, header)) {
- filteredHeader[header] = value;
+ for (const [header, value] of Object.entries(hostRule.headers)) {
+ if (anyMatchRegexOrMinimatch(allowedHeaders, header)) {
+ filteredHeaders[header] = value;
  } else {
  logger.once.error(
- { allowedHeader, header },
- 'Disallowed hostRules header',
+ { allowedHeaders, header },
+ 'Disallowed hostRules headers',
  );
  }
  }
 
  options.headers = {
- ...filteredHeader,
+ ...filteredHeaders,
  ...options.headers,
  };
  }