Skip to content

Commit 311a89d

Browse files
ricardo-devis-agulloricardo-devis-agullo
committed
improv config doc
1 parent b748eb2 commit 311a89d

File tree

1 file changed

+40
-8
lines changed

1 file changed

+40
-8
lines changed

website/docs/registry/registry-configuration.md

Lines changed: 40 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -139,14 +139,21 @@ For unsuscribing to all [events](#registry-events).
139139

140140
### Authentication and Security Options
141141

142-
| Parameter | Type | Mandatory | Default | Description |
143-
| ------------------------------- | -------- | --------- | ------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
144-
| <sub>publishAuth</sub> | object | no | - | Authentication strategy for component publishing. When `undefined`, no authorization is required |
145-
| <sub>publishAuth.type</sub> | string | no | - | Authentication type. Supports `"basic"` or custom authentication objects |
146-
| <sub>publishAuth.username</sub> | string | no | - | Username for basic authentication (when type is `"basic"`) |
147-
| <sub>publishAuth.password</sub> | string | no | - | Password for basic authentication (when type is `"basic"`) |
148-
| <sub>publishAuth.logins</sub> | array | no | - | Array of login objects for multiple users: `[{ username: "user1", password: "pass1" }, ...]` (when type is `"basic"`) |
149-
| <sub>publishValidation</sub> | function | no | - | Custom validation logic executed during component publishing. Function signature: `(pkgJson: unknown, context: { user?: string }) => { isValid: boolean; error?: string } \| boolean`. [See example](#publish-validation-example) |
142+
| Parameter | Type | Mandatory | Default | Description |
143+
| ---------------------------------------- | --------------------- | --------- | --------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
144+
| <sub>publishAuth</sub> | object | no | - | Authentication strategy for component publishing. When `undefined`, no authorization is required |
145+
| <sub>publishAuth.type</sub> | string | no | - | Authentication type. Supports `"basic"` or custom authentication objects |
146+
| <sub>publishAuth.username</sub> | string | no | - | Username for basic authentication (when type is `"basic"`) |
147+
| <sub>publishAuth.password</sub> | string | no | - | Password for basic authentication (when type is `"basic"`) |
148+
| <sub>publishAuth.logins</sub> | array | no | - | Array of login objects for multiple users: `[{ username: "user1", password: "pass1" }, ...]` (when type is `"basic"`) |
149+
| <sub>publishValidation</sub> | function | no | - | Custom validation logic executed during component publishing. Function signature: `(pkgJson: unknown, context: { user?: string }) => { isValid: boolean; error?: string } \| boolean`. [See example](#publish-validation-example) |
150+
| <sub>publishRateLimit</sub> | object | no | - | Rate-limiting configuration for component publishing. When `undefined`, no throttling is applied |
151+
| <sub>publishRateLimit.windowMs</sub> | number (milliseconds) | no | `900000` | Size of the sliding window used for rate limiting. Defaults to 15 minutes |
152+
| <sub>publishRateLimit.max</sub> | number | no | `100` | Maximum number of publish requests allowed within `windowMs` |
153+
| <sub>publishRateLimit.keyGenerator</sub> | function | no | - | Function that returns the identifier used for counting hits (defaults to `${req.ip}:${req.user ?? 'anon'}`). Signature: `(req: Request) => string` |
154+
| <sub>publishRateLimit.skip</sub> | function | no | - | Predicate to bypass throttling for specific requests/users. Signature: `(req: Request) => boolean` |
155+
| <sub>publishRateLimit.store</sub> | object | no | In-memory | Custom storage backend implementing the `RateLimitStore` interface |
156+
| <sub>publishRateLimit.maxCacheSize</sub> | number | no | `1000` | Maximum number of rate-limit entries the default in-memory store keeps |
150157

151158
### Component and Template Options
152159

@@ -294,6 +301,31 @@ var registry = new oc.Registry(configuration);
294301
registry.start();
295302
```
296303

304+
### Publish Rate Limit Configuration
305+
306+
```js
307+
var oc = require("oc");
308+
309+
var configuration = {
310+
baseUrl: "https://components.mycompany.com/",
311+
port: 3000,
312+
313+
// Throttle component publishing to max 50 requests per 10-minute window
314+
publishRateLimit: {
315+
windowMs: 10 * 60 * 1000, // 10 minutes
316+
max: 50,
317+
// Optional fine-tuning examples:
318+
// keyGenerator: (req) => `${req.ip}:${req.user ?? 'anon'}`,
319+
// skip: (req) => req.user === "ci-bot", // allow automated CI
320+
// store: new RedisRateLimitStore(), // pluggable backend
321+
// maxCacheSize: 5000,
322+
},
323+
};
324+
325+
var registry = new oc.Registry(configuration);
326+
registry.start();
327+
```
328+
297329
### Publish validation example
298330

299331
```js

0 commit comments

Comments
 (0)