Export typings for individual middleware options

Question

Export typings for individual middleware options

billyjanitsch opened this issue a year ago · comments

Hi! Currently, Helmet exports the top-level options type (HelmetOptions) but not any of the constituent middleware options types (ContentSecurityPolicyOptions, etc.).

As a workaround, it's possible to extract them from the top-level type, but doing so isn't very ergonomic because they're mixed in with booleans and null values, so you have to do something like:

import {type HelmetOptions} from 'helmet'

type ContentSecurityPolicyOptions = Extract<HelmetOptions['contentSecurityPolicy'], object>

Would you be open to exporting all of the middleware options types so that this isn't necessary?

Evan Hahn · Answer 1 · Tue May 16 2023 20:22:37 GMT+0800 (China Standard Time)

Would something like this work for you?

type ContentSecurityPolicyOptions = Parameters<typeof helmet.contentSecurityPolicy>[0];

Evan Hahn · Answer 2 · Mon Jul 17 2023 20:20:19 GMT+0800 (China Standard Time)

I'm going to close this issue because there hasn't been much movement on it. Let me know if you'd like me to reopen.

Judith Hartmann · Answer 3 · Fri Aug 11 2023 19:52:14 GMT+0800 (China Standard Time)

Hey @EvanHahn,
we are currently upgrading from 6.1.0 to 6.2.0.

Before we were able to import ContentSecurityPolicyOptions through:

import { ContentSecurityPolicyOptions } from 'helmet/dist/types/middlewares/content-security-policy';

not pretty but it did the job.

in 6.2.0 I tried both:

type ContentSecurityPolicyOptions = Parameters<typeof helmet.contentSecurityPolicy>[0];

and

import {type HelmetOptions} from 'helmet'

type ContentSecurityPolicyOptions = Extract<HelmetOptions['contentSecurityPolicy'], object>

neither of the 2 suggested solutions work, due to the following error:
TS4023

Exported variable 'contentSecurityPolicies' has or is using name 'ContentSecurityPolicyOptions' from external module `[PROJECT_PATH]/node_modules/helmet/index" but cannot be named.

most likely due to ContentSecurityPolicyOptions not being exported

is there a way, you can export the in between interfaces as well?

Evan Hahn · Answer 4 · Fri Aug 11 2023 23:15:24 GMT+0800 (China Standard Time)

@judithhartmann Does something like this work for you?

import type { HelmetOptions } from "helmet";

type ContentSecurityPolicyOptions = HelmetOptions["contentSecurityPolicy"];

const cspOptions: ContentSecurityPolicyOptions = {
  directives: {
    defaultSrc: ["'self'"],
    // ...
  },
};

Judith Hartmann · Answer 5 · Fri Aug 11 2023 23:30:49 GMT+0800 (China Standard Time)

@EvanHahn No i get the same error unless i explicity export ContentSecurityPolicyOptions

Exported variable 'contentSecurityPolicies' has or is using name 'ContentSecurityPolicyOptions' from external module "[PATH]/node_modules/helmet/index" but cannot be named.

Typescript version 4.9.5 btw

Evan Hahn · Answer 6 · Fri Aug 11 2023 23:32:28 GMT+0800 (China Standard Time)

@judithhartmann Does this happen with the latest version of Helmet, too? If so, could you open a new issue with code that reproduces this problem?