rb-portless 0.3.0.dev.20260630.8a76e8f → 0.3.0.dev.20260630.fb5fc36
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +12 -0
- data/lib/portless/config.rb +11 -0
- data/lib/portless/health.rb +4 -2
- data/lib/portless/runner.rb +1 -0
- data/lib/portless/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ad245d30c0c47ba8ac0be15c5483524cedc6d2a6fffd30b4df35ad0904287af6
|
|
4
|
+
data.tar.gz: 64e421e608545dc03fa7ad75506cd473ae86cece15b90bc38395c03fa8db0bba
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: cf6f98facf2bc05067f832f1f865b18977a00b9cbd608189289d5c89284a2b887f1d056cbcf3c664ef5a5a4762808e30dea9c1b8f582e430750562ce8b3c3b4b
|
|
7
|
+
data.tar.gz: '02658fcdf8c2ad85e58a3d5cf71148dcbec8819adb2d0bc439ec06cb44aad599d5e84a0055804ce910374f72012720e758ed418a7ded1e25033f57760f433d13'
|
data/CHANGELOG.md
CHANGED
|
@@ -6,8 +6,20 @@ All notable changes to this project are documented here. The format follows
|
|
|
6
6
|
|
|
7
7
|
## [0.3.0]
|
|
8
8
|
|
|
9
|
+
### Fixed / hardened
|
|
10
|
+
|
|
11
|
+
- **Health probes can't hang.** Added a read timeout to the TLS and plain probes
|
|
12
|
+
so a port that accepts but never answers no longer blocks `discover_port`.
|
|
13
|
+
|
|
9
14
|
### Added
|
|
10
15
|
|
|
16
|
+
- **Risky-TLD warning.** Warn when the configured `tld` ends in a real/reserved
|
|
17
|
+
TLD (`dev`, `app`, `local`, …) that could intercept live traffic.
|
|
18
|
+
- **More tests** — health probes and privilege logic. (Verified manually, since
|
|
19
|
+
the Async proxy can't be driven in-process without deadlock: HTTP/HTTPS/HTTP-2
|
|
20
|
+
forwarding, wildcard routing, and the **WebSocket upgrade relay** / ActionCable.)
|
|
21
|
+
|
|
22
|
+
|
|
11
23
|
- **Startup banner.** Running a dev server through rb-portless now prints a clear
|
|
12
24
|
banner with the named URL(s) it's reachable at — not just `127.0.0.1:port`.
|
|
13
25
|
- **Monorepo / multi-app.** A `portless.json` `apps` map runs several apps under
|
data/lib/portless/config.rb
CHANGED
|
@@ -32,6 +32,17 @@ module Portless
|
|
|
32
32
|
tld.split(".").include?(name) ? tld : "#{name}.#{tld}"
|
|
33
33
|
end
|
|
34
34
|
|
|
35
|
+
# Real/reserved TLDs that can intercept live traffic or clash with mDNS.
|
|
36
|
+
RISKY_TLDS = %w[dev app page zip mov local].freeze
|
|
37
|
+
|
|
38
|
+
# A warning string if the tld looks risky, else nil. (.localhost / .test are safe.)
|
|
39
|
+
def tld_warning
|
|
40
|
+
last = tld.split(".").last
|
|
41
|
+
return unless RISKY_TLDS.include?(last)
|
|
42
|
+
|
|
43
|
+
"tld \".#{last}\" is a real/reserved TLD — prefer \".localhost\" so you don't intercept real traffic"
|
|
44
|
+
end
|
|
45
|
+
|
|
35
46
|
def self.read_file(dir)
|
|
36
47
|
json = File.join(dir, "portless.json")
|
|
37
48
|
return JSON.parse(File.read(json)) if File.exist?(json)
|
data/lib/portless/health.rb
CHANGED
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
require "socket"
|
|
4
4
|
require "openssl"
|
|
5
|
+
require "timeout"
|
|
5
6
|
|
|
6
7
|
module Portless
|
|
7
8
|
# "Is *our* proxy on this port?" — every proxied response carries the
|
|
@@ -26,7 +27,8 @@ module Portless
|
|
|
26
27
|
ssl.sync_close = true
|
|
27
28
|
ssl.connect
|
|
28
29
|
ssl.write(REQUEST)
|
|
29
|
-
|
|
30
|
+
# Read timeout too — a port that accepts but never answers must not hang us.
|
|
31
|
+
marker?(Timeout.timeout(timeout) { ssl.read(4096) })
|
|
30
32
|
rescue StandardError
|
|
31
33
|
false
|
|
32
34
|
ensure
|
|
@@ -38,7 +40,7 @@ module Portless
|
|
|
38
40
|
Socket.tcp("127.0.0.1", port, connect_timeout: timeout) do |sock|
|
|
39
41
|
sock.write(REQUEST)
|
|
40
42
|
sock.close_write
|
|
41
|
-
marker?(sock.read(4096))
|
|
43
|
+
marker?(Timeout.timeout(timeout) { sock.read(4096) })
|
|
42
44
|
end
|
|
43
45
|
rescue StandardError
|
|
44
46
|
false
|
data/lib/portless/runner.rb
CHANGED
|
@@ -21,6 +21,7 @@ module Portless
|
|
|
21
21
|
command = Frameworks.inject(command, port) # --port/--host for vite/astro/etc.
|
|
22
22
|
hostname = @config.hostname
|
|
23
23
|
|
|
24
|
+
warn "rb-portless: #{@config.tld_warning}" if @config.tld_warning
|
|
24
25
|
ensure_trusted if @config.tls
|
|
25
26
|
proxy_port = Daemon.ensure_running(tls: @config.tls)
|
|
26
27
|
@route_store.add(hostname: hostname, port: port, pid: Process.pid, force: true)
|
data/lib/portless/version.rb
CHANGED