From 5e9637da9041cc11978e8366e3d5f5a3667791f0 Mon Sep 17 00:00:00 2001
From: Juan Picado <juanpicado19@gmail.com>
Date: Fri, 21 Jul 2023 00:32:14 +0200
Subject: [PATCH] fix: add missing token auth middleware (#3944)
* fix: add missing token auth middleware
* improve tests
* format
---
src/api/web/api/package.ts | 3 +-
src/api/web/index.ts | 1 +
src/lib/auth.ts | 2 +-
test/README.md | 2 +-
test/functional/store/config-1.yaml | 2 +-
test/functional/store/config-2.yaml | 2 +-
test/functional/store/config-3.yaml | 2 +-
test/unit/modules/access/pkg.access.spec.ts | 2 +-
test/unit/modules/api/config/distTag.yaml | 2 +-
test/unit/modules/api/config/package.yaml | 2 +-
test/unit/modules/api/config/ping.yaml | 2 +-
.../modules/api/config/publish-proxy.yaml | 2 +-
test/unit/modules/api/config/publish.yaml | 2 +-
test/unit/modules/api/config/search.yaml | 2 +-
test/unit/modules/api/config/star.yaml | 2 +-
test/unit/modules/api/config/token.jwt.yaml | 2 +-
test/unit/modules/api/config/token.yaml | 2 +-
test/unit/modules/api/config/user.jwt.yaml | 2 +-
test/unit/modules/api/config/user.yaml | 2 +-
test/unit/modules/api/config/whoami.yaml | 2 +-
test/unit/modules/api/legacy/api.__c.ts | 4 +--
test/unit/modules/auth/jwt.spec.ts | 2 +-
test/unit/modules/bootstrap/config.yaml | 2 +-
test/unit/modules/config/partials/logs.yaml | 1 +
test/unit/modules/web/api.web.spec.ts | 30 ++++++++++++++-----
.../config-unit-mock-server-test.yaml | 3 +-
test/unit/partials/config/config_access.ts | 5 ++--
test/unit/partials/config/js/default.js | 2 +-
.../partials/config/yaml/api-jwt/jwt.yaml | 3 +-
.../partials/config/yaml/api.search.spec.yaml | 2 +-
test/unit/partials/config/yaml/api.spec.yaml | 2 +-
.../config/yaml/api.spec/web-config.yaml | 3 +-
.../partials/config/yaml/api.web.spec.yaml | 9 ++++--
test/unit/partials/config/yaml/default.yaml | 3 +-
.../partials/config/yaml/pkg.access.spec.yaml | 3 +-
.../partials/config/yaml/profile/profile.yaml | 3 +-
.../unit/partials/config/yaml/store.spec.yaml | 3 +-
.../unit/partials/config/yaml/token.spec.yaml | 3 +-
38 files changed, 68 insertions(+), 55 deletions(-)
diff --git a/src/api/web/api/package.ts b/src/api/web/api/package.ts
index f9de1e6be..f3c9d9305 100644
--- a/src/api/web/api/package.ts
+++ b/src/api/web/api/package.ts
@@ -69,7 +69,8 @@ function addPackageWebApi(pkgRouter: Router, storage: Storage, auth: Auth, confi
const pkgCopy = { ...pkg };
pkgCopy.author = formatAuthor(pkg.author);
try {
- if (await checkAllow(pkg.name, req.remote_user)) {
+ const isAllowed = await checkAllow(pkg.name, req.remote_user);
+ if (isAllowed) {
if (config.web) {
pkgCopy.author.avatar = generateGravatarUrl(
pkgCopy.author.email,
diff --git a/src/api/web/index.ts b/src/api/web/index.ts
index c5af4d825..2c1db932f 100644
--- a/src/api/web/index.ts
+++ b/src/api/web/index.ts
@@ -30,6 +30,7 @@ export default (config, auth, storage) => {
const pluginOptions = loadTheme(config) || require('@verdaccio/ui-theme')();
// eslint-disable-next-line new-cap
const router = Router();
+ router.use(auth.webUIJWTmiddleware());
router.use(setSecurityWebHeaders);
// render web
// @ts-ignore
diff --git a/src/lib/auth.ts b/src/lib/auth.ts
index 313b02b10..f5757f9f7 100644
--- a/src/lib/auth.ts
+++ b/src/lib/auth.ts
@@ -299,7 +299,7 @@ class Auth {
{ name: packageName, version: packageVersion },
getMatchedPackagesSpec(packageName, this.config.packages)
);
- debug('allow publish for %o init | plugins: %o', packageName, plugins);
+ debug('allow publish for %o init | plugins: %o', packageName, plugins?.length);
(function next(): void {
const plugin = plugins.shift();
diff --git a/test/README.md b/test/README.md
index 675f735b1..196beffd2 100644
--- a/test/README.md
+++ b/test/README.md
@@ -76,7 +76,7 @@ const configForTest = configDefault(
url: `http://${DOMAIN_SERVERS}:${mockServerPort}`,
},
},
- logs: [{ type: 'stdout', format: 'pretty', level: 'trace' }],
+ log: { type: 'stdout', format: 'pretty', level: 'trace' },
},
'api.spec.yaml'
);
diff --git a/test/functional/store/config-1.yaml b/test/functional/store/config-1.yaml
index d5fa343e3..ae18900ff 100644
--- a/test/functional/store/config-1.yaml
+++ b/test/functional/store/config-1.yaml
@@ -29,7 +29,7 @@ uplinks:
baduplink:
url: http://localhost:55666/
-logs: { type: stdout, format: pretty, level: trace }
+log: { type: stdout, format: pretty, level: trace }
packages:
'@test/*':
diff --git a/test/functional/store/config-2.yaml b/test/functional/store/config-2.yaml
index 8e8edc4fa..83df830b8 100644
--- a/test/functional/store/config-2.yaml
+++ b/test/functional/store/config-2.yaml
@@ -30,7 +30,7 @@ auth:
name: authtest
password: blahblah-password
-logs: { type: stdout, format: pretty, level: trace }
+log: { type: stdout, format: pretty, level: trace }
packages:
'@test/*':
diff --git a/test/functional/store/config-3.yaml b/test/functional/store/config-3.yaml
index 2daee6f31..cbe0643d8 100644
--- a/test/functional/store/config-3.yaml
+++ b/test/functional/store/config-3.yaml
@@ -18,7 +18,7 @@ auth:
name: test
password: test
-logs: { type: stdout, format: pretty, level: trace }
+log: { type: stdout, format: pretty, level: trace }
packages:
'pkg-gh131':
diff --git a/test/unit/modules/access/pkg.access.spec.ts b/test/unit/modules/access/pkg.access.spec.ts
index f32fcf791..b5fa04fb4 100644
--- a/test/unit/modules/access/pkg.access.spec.ts
+++ b/test/unit/modules/access/pkg.access.spec.ts
@@ -36,7 +36,7 @@ describe('api with no limited access configuration', () => {
url: `http://${DOMAIN_SERVERS}:${mockServerPort}`,
},
},
- logs: [{ type: 'stdout', format: 'pretty', level: 'warn' }],
+ log: { type: 'stdout', format: 'pretty', level: 'warn' },
},
'pkg.access.spec.yaml'
);
diff --git a/test/unit/modules/api/config/distTag.yaml b/test/unit/modules/api/config/distTag.yaml
index 76716921d..effb9755c 100644
--- a/test/unit/modules/api/config/distTag.yaml
+++ b/test/unit/modules/api/config/distTag.yaml
@@ -13,7 +13,7 @@ publish:
uplinks:
-logs: { type: stdout, format: pretty, level: trace }
+log: { type: stdout, format: pretty, level: trace }
packages:
'@*/*':
diff --git a/test/unit/modules/api/config/package.yaml b/test/unit/modules/api/config/package.yaml
index ade72178a..0457046ba 100644
--- a/test/unit/modules/api/config/package.yaml
+++ b/test/unit/modules/api/config/package.yaml
@@ -13,7 +13,7 @@ publish:
uplinks:
-logs: { type: stdout, format: pretty, level: trace }
+log: { type: stdout, format: pretty, level: trace }
packages:
'@*/*':
diff --git a/test/unit/modules/api/config/ping.yaml b/test/unit/modules/api/config/ping.yaml
index 62aa3e440..d9ab68796 100644
--- a/test/unit/modules/api/config/ping.yaml
+++ b/test/unit/modules/api/config/ping.yaml
@@ -7,7 +7,7 @@ web:
uplinks:
-logs: { type: stdout, format: pretty, level: trace }
+log: { type: stdout, format: pretty, level: trace }
packages:
'@*/*':
diff --git a/test/unit/modules/api/config/publish-proxy.yaml b/test/unit/modules/api/config/publish-proxy.yaml
index 695a56860..ad86bd19a 100644
--- a/test/unit/modules/api/config/publish-proxy.yaml
+++ b/test/unit/modules/api/config/publish-proxy.yaml
@@ -9,7 +9,7 @@ uplinks:
npmjs:
url: https://registry.npmjs.org/
-logs: { type: stdout, format: pretty, level: trace }
+log: { type: stdout, format: pretty, level: trace }
packages:
'@*/*':
diff --git a/test/unit/modules/api/config/publish.yaml b/test/unit/modules/api/config/publish.yaml
index 07ab242e1..0e609fa75 100644
--- a/test/unit/modules/api/config/publish.yaml
+++ b/test/unit/modules/api/config/publish.yaml
@@ -10,7 +10,7 @@ publish:
uplinks:
-logs: { type: stdout, format: pretty, level: trace }
+log: { type: stdout, format: pretty, level: trace }
packages:
'@*/*':
diff --git a/test/unit/modules/api/config/search.yaml b/test/unit/modules/api/config/search.yaml
index c126ee7e2..2aa18a16a 100644
--- a/test/unit/modules/api/config/search.yaml
+++ b/test/unit/modules/api/config/search.yaml
@@ -10,7 +10,7 @@ web:
uplinks:
-logs: { type: stdout, format: pretty, level: trace }
+log: { type: stdout, format: pretty, level: trace }
packages:
'private-*':
diff --git a/test/unit/modules/api/config/star.yaml b/test/unit/modules/api/config/star.yaml
index 485de50a2..df8574bd1 100644
--- a/test/unit/modules/api/config/star.yaml
+++ b/test/unit/modules/api/config/star.yaml
@@ -9,7 +9,7 @@ uplinks:
npmjs:
url: https://registry.npmjs.org/
-logs: { type: stdout, format: pretty, level: info }
+log: { type: stdout, format: pretty, level: info }
packages:
'@*/*':
diff --git a/test/unit/modules/api/config/token.jwt.yaml b/test/unit/modules/api/config/token.jwt.yaml
index 23a8c6d66..5b6a011a2 100644
--- a/test/unit/modules/api/config/token.jwt.yaml
+++ b/test/unit/modules/api/config/token.jwt.yaml
@@ -20,7 +20,7 @@ packages:
access: $authenticated
publish: $authenticated
-logs: { type: stdout, format: pretty, level: debug }
+log: { type: stdout, format: pretty, level: debug }
## enable token for testing
flags:
diff --git a/test/unit/modules/api/config/token.yaml b/test/unit/modules/api/config/token.yaml
index 03a1a8b6e..0378bf3a3 100644
--- a/test/unit/modules/api/config/token.yaml
+++ b/test/unit/modules/api/config/token.yaml
@@ -12,7 +12,7 @@ packages:
access: $authenticated
publish: $authenticated
-logs: { type: stdout, format: pretty, level: debug }
+log: { type: stdout, format: pretty, level: debug }
## enable token for testing
flags:
diff --git a/test/unit/modules/api/config/user.jwt.yaml b/test/unit/modules/api/config/user.jwt.yaml
index 44231ad1f..41f407442 100644
--- a/test/unit/modules/api/config/user.jwt.yaml
+++ b/test/unit/modules/api/config/user.jwt.yaml
@@ -34,4 +34,4 @@ middlewares:
audit:
enabled: true
-logs: { type: stdout, format: pretty, level: info }
+log: { type: stdout, format: pretty, level: info }
diff --git a/test/unit/modules/api/config/user.yaml b/test/unit/modules/api/config/user.yaml
index 521a4a343..318133982 100644
--- a/test/unit/modules/api/config/user.yaml
+++ b/test/unit/modules/api/config/user.yaml
@@ -9,7 +9,7 @@ uplinks:
ver:
url: https://registry.verdaccio.org
-logs: { type: stdout, format: pretty, level: trace }
+log: { type: stdout, format: pretty, level: trace }
packages:
'@*/*':
diff --git a/test/unit/modules/api/config/whoami.yaml b/test/unit/modules/api/config/whoami.yaml
index a3c639ef7..91a68fd4b 100644
--- a/test/unit/modules/api/config/whoami.yaml
+++ b/test/unit/modules/api/config/whoami.yaml
@@ -6,7 +6,7 @@ uplinks:
npmjs:
url: https://registry.npmjs.org/
-logs: { type: stdout, format: pretty, level: trace }
+log: { type: stdout, format: pretty, level: trace }
auth:
htpasswd:
diff --git a/test/unit/modules/api/legacy/api.__c.ts b/test/unit/modules/api/legacy/api.__c.ts
index 8ab39671d..7debc46c7 100644
--- a/test/unit/modules/api/legacy/api.__c.ts
+++ b/test/unit/modules/api/legacy/api.__c.ts
@@ -92,7 +92,7 @@ describe('endpoint unit test', () => {
fail_timeout: '1s',
},
},
- logs: [{ type: 'stdout', format: 'pretty', level: 'warn' }],
+ log: { type: 'stdout', format: 'pretty', level: 'warn' },
},
'api.spec.yaml'
);
@@ -1042,7 +1042,7 @@ describe('endpoint unit test', () => {
url: `http://${DOMAIN_SERVERS}:${mockServerPort}`,
},
},
- logs: [{ type: 'stdout', format: 'pretty', level: 'warn' }],
+ log: { type: 'stdout', format: 'pretty', level: 'warn' },
},
'api.spec.yaml'
);
diff --git a/test/unit/modules/auth/jwt.spec.ts b/test/unit/modules/auth/jwt.spec.ts
index bde2c33c5..6cfc82b38 100644
--- a/test/unit/modules/auth/jwt.spec.ts
+++ b/test/unit/modules/auth/jwt.spec.ts
@@ -49,7 +49,7 @@ describe('endpoint user auth JWT unit test', () => {
file: './test-jwt-storage/.htpasswd_jwt_auth',
},
},
- logs: [{ type: 'stdout', format: 'pretty', level: 'warn' }],
+ log: { type: 'stdout', format: 'pretty', level: 'warn' },
},
'api-jwt/jwt.yaml'
);
diff --git a/test/unit/modules/bootstrap/config.yaml b/test/unit/modules/bootstrap/config.yaml
index 9e290b971..a5f97e379 100644
--- a/test/unit/modules/bootstrap/config.yaml
+++ b/test/unit/modules/bootstrap/config.yaml
@@ -13,7 +13,7 @@ auth:
name: test
password: test
-logs: { type: stdout, format: pretty, level: warn }
+log: { type: stdout, format: pretty, level: warn }
packages:
'@*/*':
diff --git a/test/unit/modules/config/partials/logs.yaml b/test/unit/modules/config/partials/logs.yaml
index de5ff2e91..2bb90866a 100644
--- a/test/unit/modules/config/partials/logs.yaml
+++ b/test/unit/modules/config/partials/logs.yaml
@@ -26,6 +26,7 @@ server:
middlewares:
audit:
enabled: true
+# intended to verify backward compatibility
logs: { type: stdout, format: pretty, level: http }
experiments:
token: false
diff --git a/test/unit/modules/web/api.web.spec.ts b/test/unit/modules/web/api.web.spec.ts
index 578a23451..067bed2f2 100644
--- a/test/unit/modules/web/api.web.spec.ts
+++ b/test/unit/modules/web/api.web.spec.ts
@@ -2,6 +2,8 @@ import path from 'path';
import rimraf from 'rimraf';
import request from 'supertest';
+import { buildToken } from '@verdaccio/utils';
+
import endPointAPI from '../../../../src/api';
import {
API_ERROR,
@@ -9,13 +11,16 @@ import {
HEADERS,
HEADER_TYPE,
HTTP_STATUS,
+ TOKEN_BEARER,
} from '../../../../src/lib/constants';
import { DOMAIN_SERVERS } from '../../../functional/config.functional';
+import { generatePackageMetadata } from '../../../helpers/generatePackageMetadata';
import { addUser } from '../../__helper/api';
import { mockServer } from '../../__helper/mock';
import configDefault from '../../partials/config';
import forbiddenPlace from '../../partials/forbidden-place';
import publishMetadata from '../../partials/publish-api';
+import { getNewToken } from '../api/_helper';
require('../../../../src/lib/logger').setup([]);
@@ -70,17 +75,28 @@ describe('endpoint web unit test', () => {
.set(HEADER_TYPE.CONTENT_TYPE, HEADERS.JSON)
.send(JSON.stringify(forbiddenPlace))
.expect(HTTP_STATUS.CREATED);
+ await request(app)
+ .put('/@protected/pk1')
+ .set(HEADER_TYPE.CONTENT_TYPE, HEADERS.JSON)
+ .send(JSON.stringify(generatePackageMetadata('@protected/pk1')))
+ .expect(HTTP_STATUS.CREATED);
});
describe('Packages', () => {
- test('should display all packages', (done) => {
- request(app)
+ test('should display packages without login', async () => {
+ // this packages is protected at the yaml file
+ const res = await request(app).get('/-/verdaccio/data/packages').expect(HTTP_STATUS.OK);
+ expect(res.body).toHaveLength(1);
+ });
+
+ test('should display all packages logged', async () => {
+ const token = await getNewToken(app, { name: 'jota_token', password: 'secretPass' });
+ // this packages is protected at the yaml file
+ const res = await request(app)
.get('/-/verdaccio/data/packages')
- .expect(HTTP_STATUS.OK)
- .end(function (err, res) {
- expect(res.body).toHaveLength(1);
- done();
- });
+ .set(HEADERS.AUTHORIZATION, buildToken(TOKEN_BEARER, token))
+ .expect(HTTP_STATUS.OK);
+ expect(res.body).toHaveLength(2);
});
test.skip('should display scoped readme', (done) => {
diff --git a/test/unit/partials/config-unit-mock-server-test.yaml b/test/unit/partials/config-unit-mock-server-test.yaml
index 8e54b1fe8..1e363743e 100644
--- a/test/unit/partials/config-unit-mock-server-test.yaml
+++ b/test/unit/partials/config-unit-mock-server-test.yaml
@@ -11,8 +11,7 @@ auth:
name: test
password: test
-logs:
- - { type: stdout, format: pretty, level: trace }
+log: { type: stdout, format: pretty, level: trace }
packages:
'@*/*':
diff --git a/test/unit/partials/config/config_access.ts b/test/unit/partials/config/config_access.ts
index 0874c8e98..91bdd638e 100644
--- a/test/unit/partials/config/config_access.ts
+++ b/test/unit/partials/config/config_access.ts
@@ -18,9 +18,8 @@ const config = {
proxy: 'npmjs'
}
},
- logs: [
- {type: 'stdout', format: 'pretty', level: 'fatal'},
- ],
+ log: {type: 'stdout', format: 'pretty', level: 'fatal'}
+ ,
};
export default config;
diff --git a/test/unit/partials/config/js/default.js b/test/unit/partials/config/js/default.js
index 599754cf3..ebf684791 100644
--- a/test/unit/partials/config/js/default.js
+++ b/test/unit/partials/config/js/default.js
@@ -12,4 +12,4 @@ module.exports = { storage: './storage_default_storage',
publish: '$authenticated',
proxy: 'npmjs' },
'*': { access: '$all', publish: '$all', proxy: 'npmjs' } },
- logs: [ { type: 'stdout', format: 'pretty', level: 'warn' } ] };
+ log: { type: 'stdout', format: 'pretty', level: 'warn' } ] ;
diff --git a/test/unit/partials/config/yaml/api-jwt/jwt.yaml b/test/unit/partials/config/yaml/api-jwt/jwt.yaml
index 94d292a10..b29c94b10 100644
--- a/test/unit/partials/config/yaml/api-jwt/jwt.yaml
+++ b/test/unit/partials/config/yaml/api-jwt/jwt.yaml
@@ -32,5 +32,4 @@ packages:
middlewares:
audit:
enabled: true
-logs:
- - { type: stdout, format: pretty, level: http }
+log: { type: stdout, format: pretty, level: http }
diff --git a/test/unit/partials/config/yaml/api.search.spec.yaml b/test/unit/partials/config/yaml/api.search.spec.yaml
index 920d5578f..2f98c7ac2 100644
--- a/test/unit/partials/config/yaml/api.search.spec.yaml
+++ b/test/unit/partials/config/yaml/api.search.spec.yaml
@@ -28,4 +28,4 @@ packages:
publish: $all
unpublish: xxx
proxy: npmjs
-logs: { type: stdout, format: pretty, level: trace }
+log: { type: stdout, format: pretty, level: trace }
diff --git a/test/unit/partials/config/yaml/api.spec.yaml b/test/unit/partials/config/yaml/api.spec.yaml
index c1cf4b0e1..ae750edf0 100644
--- a/test/unit/partials/config/yaml/api.spec.yaml
+++ b/test/unit/partials/config/yaml/api.spec.yaml
@@ -95,4 +95,4 @@ packages:
publish: $all
unpublish: xxx
proxy: npmjs
-logs: { type: stdout, format: pretty, level: trace }
+log: { type: stdout, format: pretty, level: trace }
diff --git a/test/unit/partials/config/yaml/api.spec/web-config.yaml b/test/unit/partials/config/yaml/api.spec/web-config.yaml
index fa63f82d5..ccbe27b6d 100644
--- a/test/unit/partials/config/yaml/api.spec/web-config.yaml
+++ b/test/unit/partials/config/yaml/api.spec/web-config.yaml
@@ -48,5 +48,4 @@ packages:
access: $all
publish: $all
-logs:
- - { type: stdout, format: pretty, level: warns }
+log: { type: stdout, format: pretty, level: warns }
diff --git a/test/unit/partials/config/yaml/api.web.spec.yaml b/test/unit/partials/config/yaml/api.web.spec.yaml
index 92646fedc..6c5be1df5 100644
--- a/test/unit/partials/config/yaml/api.web.spec.yaml
+++ b/test/unit/partials/config/yaml/api.web.spec.yaml
@@ -8,11 +8,15 @@ uplinks:
npmjs:
url: http://localhost:4873/
packages:
+ '@protected/*':
+ access: jota_token
+ publish: $all
+ proxy: npmjs
'@*/*':
access: $all
publish: $all
proxy: npmjs
- unpublish: npmjs
+ unpublish: somethingelse
'forbidden-place':
access: nobody
publish: $all
@@ -21,5 +25,4 @@ packages:
publish: $all
unpublish: xxx
proxy: npmjs
-logs:
- - { type: stdout, format: pretty, level: trace }
+log: { type: stdout, format: pretty, level: trace }
diff --git a/test/unit/partials/config/yaml/default.yaml b/test/unit/partials/config/yaml/default.yaml
index 34d3e4bcd..ebe796b00 100644
--- a/test/unit/partials/config/yaml/default.yaml
+++ b/test/unit/partials/config/yaml/default.yaml
@@ -38,5 +38,4 @@ packages:
access: $all
publish: $all
proxy: npmjs
-logs:
- - { type: stdout, format: pretty, level: warn }
+log: { type: stdout, format: pretty, level: warn }
diff --git a/test/unit/partials/config/yaml/pkg.access.spec.yaml b/test/unit/partials/config/yaml/pkg.access.spec.yaml
index aacf91126..36c17c41f 100644
--- a/test/unit/partials/config/yaml/pkg.access.spec.yaml
+++ b/test/unit/partials/config/yaml/pkg.access.spec.yaml
@@ -9,5 +9,4 @@ packages:
'**':
access: $all
proxy: remote
-logs:
- - { type: stdout, format: pretty, level: trace }
+log: { type: stdout, format: pretty, level: trace }
diff --git a/test/unit/partials/config/yaml/profile/profile.yaml b/test/unit/partials/config/yaml/profile/profile.yaml
index cbfe3c653..ee7696db5 100644
--- a/test/unit/partials/config/yaml/profile/profile.yaml
+++ b/test/unit/partials/config/yaml/profile/profile.yaml
@@ -26,5 +26,4 @@ packages:
'**':
access: $authenticated
publish: $authenticated
-logs:
- - { type: stdout, format: pretty, level: http }
+log: { type: stdout, format: pretty, level: http }
diff --git a/test/unit/partials/config/yaml/store.spec.yaml b/test/unit/partials/config/yaml/store.spec.yaml
index 14e344562..58da1179b 100644
--- a/test/unit/partials/config/yaml/store.spec.yaml
+++ b/test/unit/partials/config/yaml/store.spec.yaml
@@ -17,5 +17,4 @@ packages:
'npm_test':
access: $all
publish: $all
-logs:
- - { type: stdout, format: pretty, level: warn }
+log: { type: stdout, format: pretty, level: warn }
diff --git a/test/unit/partials/config/yaml/token.spec.yaml b/test/unit/partials/config/yaml/token.spec.yaml
index 87ddb880a..6f9c6c4c0 100644
--- a/test/unit/partials/config/yaml/token.spec.yaml
+++ b/test/unit/partials/config/yaml/token.spec.yaml
@@ -16,8 +16,7 @@ packages:
'only-you-can-publish':
access: $authenticated
publish: $authenticated
-logs:
- - { type: stdout, format: pretty, level: trace }
+log: { type: stdout, format: pretty, level: trace }
experiments:
## enable token for testing
token: true