@abtnode/core 1.16.39 → 1.16.40-beta-20250227-092112-1815be0a

package/lib/blocklet/manager/disk.js

@@ -4,6 +4,7 @@ const fs = require('fs-extra');
 const path = require('path');
 const flat = require('flat');
 const { LRUCache } = require('lru-cache');
+const isUrl = require('is-url');
 const get = require('lodash/get');
 const uniq = require('lodash/uniq');
 const omit = require('lodash/omit');
@@ -787,13 +788,6 @@ class DiskBlockletManager extends BaseBlockletManager {
 
       const nodeInfo = await states.node.read();
 
-      if (checkDockerRunHistory(nodeInfo)) {
-        await dockerExecChown(`${blocklet?.meta?.did}-start`, [
-          path.join(process.env.ABT_NODE_DATA_DIR, 'data', blocklet?.meta?.did),
-          path.join(process.env.ABT_NODE_DATA_DIR, 'tmp', 'pnpm-stores'),
-        ]);
-      }
-
       const nodeEnvironments = await states.node.getEnvironments();
 
       if (checkDockerRunHistory(nodeInfo)) {
@@ -2042,6 +2036,13 @@ class DiskBlockletManager extends BaseBlockletManager {
     return newState;
   }
 
+  async updateVault({ did, vaults }, context) {
+    await states.blocklet.updateBlockletVaults(did, vaults);
+    const newState = await this.getBlocklet(did);
+    this.emit(BlockletEvents.updated, { ...newState, context });
+    return newState;
+  }
+
   // eslint-disable-next-line no-unused-vars
   async getRuntimeHistory({ did, hours }, context) {
     const metaDid = await states.blocklet.getBlockletMetaDid(did);
@@ -2409,6 +2410,36 @@ class DiskBlockletManager extends BaseBlockletManager {
     return spaceGateways;
   }
 
+  async updateUserSpaceHosts({ did, url }) {
+    if (isUrl(url)) {
+      try {
+        const { data } = await request.get(joinURL(url, '__blocklet__.js?type=json'), { timeout: 5000 });
+        if (Array.isArray(data.domainAliases)) {
+          const userSpaceHosts = await this.getUserSpaceHosts({ did });
+          const validHosts = data.domainAliases.filter(
+            (x) => x.endsWith('.did.abtnet.io') === false && x.endsWith('.ip.abtnet.io') === false
+          );
+          if (validHosts.every((x) => userSpaceHosts.includes(x))) {
+            return;
+          }
+
+          logger.info('updateUserSpaceHosts', { did, url, domains: data.domainAliases });
+          await states.blockletExtras.setSettings(did, {
+            userSpaceHosts: uniq([...userSpaceHosts, ...validHosts]),
+          });
+          this.emit(BlockletInternalEvents.appSettingChanged, { appDid: did });
+        }
+      } catch (error) {
+        logger.error('updateUserSpaceHosts', { did, url, error });
+      }
+    }
+  }
+
+  async getUserSpaceHosts({ did }) {
+    const userSpaceHosts = await states.blockletExtras.getSettings(did, 'userSpaceHosts', []);
+    return userSpaceHosts;
+  }
+
   /**
    * @description
    * @param {{
@@ -4331,25 +4362,6 @@ class DiskBlockletManager extends BaseBlockletManager {
     }
   }
 
-  // to be deleted
-  async _setAppSk(did, appSk, context) {
-    if (process.env.NODE_ENV === 'production' && !appSk) {
-      throw new Error(`appSk for blocklet ${did} is required`);
-    }
-
-    if (appSk) {
-      await this.config(
-        {
-          did,
-          configs: [{ key: 'BLOCKLET_APP_SK', value: appSk, secure: true }],
-          skipHook: true,
-          skipDidDocument: true,
-        },
-        context
-      );
-    }
-  }
-
   async _getBlockletForInstallation(did) {
     const blocklet = await states.blocklet.getBlocklet(did, { decryptSk: false });
     if (!blocklet) {

package/lib/blocklet/migration-dist/migration.cjs

@@ -214,6 +214,10 @@ const RBAC_CONFIG = {
       name: 'mutate_blocklet',
       description: 'Perform state changing actions on a blocklet, such as upgrade/config/start/stop',
     },
+    {
+      name: 'mutate_vault',
+      description: 'Manage vault for a blocklet',
+    },
   ]),
   grants: Object.freeze({
     [SERVER_ROLES.GUEST]: [
@@ -247,7 +251,7 @@ const RBAC_CONFIG = {
 
     // blocklet app or blocklet user
     [SERVER_ROLES.BLOCKLET_SDK]: ['query_team', 'mutate_team', 'query_blocklet'],
-    [SERVER_ROLES.BLOCKLET_OWNER]: [SERVER_ROLES.BLOCKLET_ADMIN],
+    [SERVER_ROLES.BLOCKLET_OWNER]: [SERVER_ROLES.BLOCKLET_ADMIN, 'mutate_vault'],
     [SERVER_ROLES.BLOCKLET_ADMIN]: [
       SERVER_ROLES.BLOCKLET_MEMBER,
       'mutate_team',
@@ -710,6 +714,7 @@ module.exports = Object.freeze({
     'deleteBlockletSecurityRule',
     'deleteBlockletResponseHeaderPolicy',
     'deleteBlockletAccessPolicy',
+    'configVault',
   ],
 
   // 如果是 multiple tenant 的情况下, 这些白名单不会验证 RBAC
@@ -38677,7 +38682,7 @@ module.exports = require("zlib");
 /***/ ((module) => {
 
 "use strict";
-module.exports = /*#__PURE__*/JSON.parse('{"name":"@abtnode/core","publishConfig":{"access":"public"},"version":"1.16.38","description":"","main":"lib/index.js","files":["lib"],"scripts":{"lint":"eslint tests lib --ignore-pattern \'tests/assets/*\'","lint:fix":"eslint --fix tests lib","test":"node tools/jest.js","coverage":"npm run test -- --coverage"},"keywords":[],"author":"wangshijun <wangshijun2010@gmail.com> (http://github.com/wangshijun)","license":"Apache-2.0","dependencies":{"@abtnode/analytics":"1.16.38","@abtnode/auth":"1.16.38","@abtnode/certificate-manager":"1.16.38","@abtnode/constant":"1.16.38","@abtnode/cron":"1.16.38","@abtnode/docker-utils":"1.16.38","@abtnode/logger":"1.16.38","@abtnode/models":"1.16.38","@abtnode/queue":"1.16.38","@abtnode/rbac":"1.16.38","@abtnode/router-provider":"1.16.38","@abtnode/static-server":"1.16.38","@abtnode/timemachine":"1.16.38","@abtnode/util":"1.16.38","@arcblock/did":"1.19.10","@arcblock/did-auth":"1.19.10","@arcblock/did-ext":"^1.19.10","@arcblock/did-motif":"^1.1.13","@arcblock/did-util":"1.19.10","@arcblock/event-hub":"1.19.10","@arcblock/jwt":"^1.19.10","@arcblock/pm2-events":"^0.0.5","@arcblock/validator":"^1.19.10","@arcblock/vc":"1.19.10","@blocklet/constant":"1.16.38","@blocklet/did-space-js":"^1.0.19","@blocklet/env":"1.16.38","@blocklet/meta":"1.16.38","@blocklet/resolver":"1.16.38","@blocklet/sdk":"1.16.38","@blocklet/store":"1.16.38","@fidm/x509":"^1.2.1","@ocap/mcrypto":"1.19.10","@ocap/util":"1.19.10","@ocap/wallet":"1.19.10","@slack/webhook":"^5.0.4","archiver":"^7.0.1","axios":"^1.7.9","axon":"^2.0.3","chalk":"^4.1.2","cross-spawn":"^7.0.3","deep-diff":"^1.0.2","detect-port":"^1.5.1","envfile":"^7.1.0","escape-string-regexp":"^4.0.0","fast-glob":"^3.3.2","filesize":"^10.1.1","flat":"^5.0.2","fs-extra":"^11.2.0","get-port":"^5.1.1","hasha":"^5.2.2","is-base64":"^1.1.0","is-cidr":"4","is-ip":"3","is-url":"^1.2.4","joi":"17.12.2","joi-extension-semver":"^5.0.0","js-yaml":"^4.1.0","kill-port":"^2.0.1","lodash":"^4.17.21","lru-cache":"^11.0.2","node-stream-zip":"^1.15.0","p-all":"^3.0.0","p-limit":"^3.1.0","p-map":"^4.0.0","p-retry":"^4.6.2","rate-limiter-flexible":"^5.0.5","read-last-lines":"^1.8.0","semver":"^7.6.3","sequelize":"^6.35.0","shelljs":"^0.8.5","ssri":"^8.0.1","stream-throttle":"^0.1.3","stream-to-promise":"^3.0.0","systeminformation":"^5.23.3","tail":"^2.2.4","tar":"^6.1.11","transliteration":"^2.3.5","ua-parser-js":"^1.0.2","ufo":"^1.5.3","uuid":"^9.0.1","valid-url":"^1.0.9","which":"^2.0.2","xbytes":"^1.8.0"},"devDependencies":{"expand-tilde":"^2.0.2","express":"^4.18.2","jest":"^29.7.0","unzipper":"^0.10.11"},"gitHead":"e5764f753181ed6a7c615cd4fc6682aacf0cb7cd"}');
+module.exports = /*#__PURE__*/JSON.parse('{"name":"@abtnode/core","publishConfig":{"access":"public"},"version":"1.16.39","description":"","main":"lib/index.js","files":["lib"],"scripts":{"lint":"eslint tests lib --ignore-pattern \'tests/assets/*\'","lint:fix":"eslint --fix tests lib","test":"node tools/jest.js","coverage":"npm run test -- --coverage"},"keywords":[],"author":"wangshijun <wangshijun2010@gmail.com> (http://github.com/wangshijun)","license":"Apache-2.0","dependencies":{"@abtnode/analytics":"1.16.39","@abtnode/auth":"1.16.39","@abtnode/certificate-manager":"1.16.39","@abtnode/constant":"1.16.39","@abtnode/cron":"1.16.39","@abtnode/docker-utils":"1.16.39","@abtnode/logger":"1.16.39","@abtnode/models":"1.16.39","@abtnode/queue":"1.16.39","@abtnode/rbac":"1.16.39","@abtnode/router-provider":"1.16.39","@abtnode/static-server":"1.16.39","@abtnode/timemachine":"1.16.39","@abtnode/util":"1.16.39","@arcblock/did":"1.19.12","@arcblock/did-auth":"1.19.12","@arcblock/did-ext":"^1.19.12","@arcblock/did-motif":"^1.1.13","@arcblock/did-util":"1.19.12","@arcblock/event-hub":"1.19.12","@arcblock/jwt":"^1.19.12","@arcblock/pm2-events":"^0.0.5","@arcblock/validator":"^1.19.12","@arcblock/vc":"1.19.12","@blocklet/constant":"1.16.39","@blocklet/did-space-js":"^1.0.21","@blocklet/env":"1.16.39","@blocklet/meta":"1.16.39","@blocklet/resolver":"1.16.39","@blocklet/sdk":"1.16.39","@blocklet/store":"1.16.39","@fidm/x509":"^1.2.1","@ocap/mcrypto":"1.19.12","@ocap/util":"1.19.12","@ocap/wallet":"1.19.12","@slack/webhook":"^5.0.4","archiver":"^7.0.1","axios":"^1.7.9","axon":"^2.0.3","chalk":"^4.1.2","cross-spawn":"^7.0.3","deep-diff":"^1.0.2","detect-port":"^1.5.1","envfile":"^7.1.0","escape-string-regexp":"^4.0.0","fast-glob":"^3.3.2","filesize":"^10.1.1","flat":"^5.0.2","fs-extra":"^11.2.0","get-port":"^5.1.1","hasha":"^5.2.2","is-base64":"^1.1.0","is-cidr":"4","is-ip":"3","is-url":"^1.2.4","joi":"17.12.2","joi-extension-semver":"^5.0.0","js-yaml":"^4.1.0","kill-port":"^2.0.1","lodash":"^4.17.21","lru-cache":"^11.0.2","node-stream-zip":"^1.15.0","p-all":"^3.0.0","p-limit":"^3.1.0","p-map":"^4.0.0","p-retry":"^4.6.2","rate-limiter-flexible":"^5.0.5","read-last-lines":"^1.8.0","semver":"^7.6.3","sequelize":"^6.35.0","shelljs":"^0.8.5","ssri":"^8.0.1","stream-throttle":"^0.1.3","stream-to-promise":"^3.0.0","systeminformation":"^5.23.3","tail":"^2.2.4","tar":"^6.1.11","transliteration":"^2.3.5","ua-parser-js":"^1.0.2","ufo":"^1.5.3","uuid":"^9.0.1","valid-url":"^1.0.9","which":"^2.0.2","xbytes":"^1.8.0"},"devDependencies":{"expand-tilde":"^2.0.2","express":"^4.18.2","jest":"^29.7.0","unzipper":"^0.10.11"},"gitHead":"e5764f753181ed6a7c615cd4fc6682aacf0cb7cd"}');
 
 /***/ }),
 

package/lib/blocklet/project/create-pack-release.js

@@ -260,7 +260,12 @@ const createPackRelease = async ({
         script: 120,
       };
 
-      meta.interfaces.push(...dockerParsePublishPorts(blockletDocker.dockerImage, blockletDocker.dockerArgs));
+      meta.interfaces.push(
+        ...dockerParsePublishPorts(
+          `${meta.title || blockletDocker.dockerImage}-${meta.did?.slice(-6)}`,
+          blockletDocker.dockerArgs
+        )
+      );
     }
 
     // merge extended blocklet.yml

package/lib/blocklet/security/vault.js

@@ -0,0 +1,133 @@
+const cloneDeep = require('lodash/cloneDeep');
+const { schemas } = require('@arcblock/validator');
+const { isValid, isFromPublicKey } = require('@arcblock/did');
+const { getBlockletAppIdList } = require('@blocklet/meta/lib/util');
+const { verifyVault } = require('@blocklet/meta/lib/security');
+const formatError = require('@abtnode/util/lib/format-error');
+
+const logger = require('@abtnode/logger')('@abtnode/core');
+
+const validateVault = async (node, vaultDid, teamDid) => {
+  if (!isValid(vaultDid)) {
+    throw new Error('Invalid vault did');
+  }
+
+  const { error } = schemas.tokenHolder.validate(vaultDid);
+  if (error) {
+    throw new Error(`Invalid vault did type: ${formatError(error)}`);
+  }
+
+  const blocklet = await node.getBlocklet({ did: teamDid });
+  if (!blocklet) {
+    throw new Error('Blocklet not found');
+  }
+
+  // Do we need to do online check?
+  const appDids = getBlockletAppIdList(blocklet);
+  if (appDids.includes(vaultDid)) {
+    throw new Error('Can not use current blocklet did as vault');
+  }
+
+  // Ensure vault history is valid
+  const { vaults } = blocklet;
+  if (vaults.length > 0) {
+    if (vaults.some((vault) => vault.did === vaultDid)) {
+      throw new Error('Can not add same vault twice');
+    }
+
+    const result = await verifyVault(vaults, blocklet.appDid);
+    if (!result) {
+      throw new Error('Vault history verification failed');
+    }
+  }
+
+  return blocklet;
+};
+
+const validateSession = async (node, sessionId) => {
+  const session = await node.getSession({ id: sessionId });
+  if (!session) {
+    throw new Error('Vault config session not found');
+  }
+
+  if (session.type !== 'configVault') {
+    logger.error('Vault config session type mismatch', session);
+    throw new Error('Vault config session type mismatch');
+  }
+
+  const { vaultDid, teamDid } = session;
+  if (!isValid(vaultDid)) {
+    throw new Error('Invalid vault did');
+  }
+
+  if (!isValid(teamDid)) {
+    throw new Error('Invalid team did');
+  }
+
+  return session;
+};
+
+const configVault = async (node, { teamDid, vaultDid }, context) => {
+  await validateVault(node, vaultDid, teamDid);
+
+  // create a new session
+  const session = await node.startSession({
+    data: {
+      type: 'configVault',
+      vaultDid,
+      teamDid,
+      context,
+    },
+  });
+  logger.info('vault config attempt', session);
+
+  return session.id;
+};
+
+const commitVault = async (node, { sessionId, userDid, userPk, signature }) => {
+  if (!isFromPublicKey(userDid, userPk)) {
+    throw new Error('Vault pk and did mismatch');
+  }
+
+  const session = await validateSession(node, sessionId);
+  logger.info('vault config commit', { session, userDid, userPk, signature });
+
+  const { vaultDid, teamDid, context } = session;
+  if (userDid !== vaultDid) {
+    throw new Error('Vault did not match');
+  }
+
+  const blocklet = await validateVault(node, vaultDid, teamDid);
+  const vaults = cloneDeep(blocklet.vaults);
+  vaults.push({
+    did: userDid,
+    pk: userPk,
+    at: Date.now(),
+    sig: signature,
+  });
+
+  const result = await verifyVault(vaults, blocklet.appDid);
+  if (!result) {
+    throw new Error('Vault signature verification failed');
+  }
+
+  await node.updateBlockletVault({ did: teamDid, vaults }, context);
+  await node.endSession({ id: sessionId });
+  logger.info('vault config committed', { teamDid, vaultDid, context, sessionId: session.id });
+
+  await node.createAuditLog(
+    {
+      action: 'configVault',
+      args: { teamDid, vaultDid },
+      context,
+    },
+    node
+  );
+};
+
+module.exports = {
+  validateVault,
+  validateSession,
+  configVault,
+  commitVault,
+};

package/lib/event/index.js

@@ -12,8 +12,9 @@ const {
   TeamEvents,
   BLOCKLET_CONFIGURABLE_KEY,
 } = require('@blocklet/constant');
-const { EVENTS, BACKUPS, NODE_MODES } = require('@abtnode/constant');
-
+const { EVENTS, BACKUPS, NODE_MODES, DEFAULT_DID_DOMAIN, WELLKNOWN_BLOCKLET_ADMIN_PATH } = require('@abtnode/constant');
+const { joinURL } = require('ufo');
+const { encode } = require('@abtnode/util/lib/base32');
 const { NodeMonitSender } = require('../monitor/node-monit-sender');
 const { isCLI } = require('../util');
 
@@ -241,6 +242,9 @@ module.exports = ({
    * @param {any} payload
    */
   const handleBlockletEvent = async (eventName, payload) => {
+    /**
+     * @type {import('@abtnode/client').BlockletState} payload
+     */
     const blocklet = payload.blocklet || payload;
 
     if (isCLI() && process.env.NODE_ENV !== 'test') {
@@ -335,6 +339,12 @@ module.exports = ({
         }
 
         if (payload?.progress !== 100) {
+          const nodeInfo = await node.getNodeInfo();
+          const appUrl = blocklet?.environments.find((x) => x.key === 'BLOCKLET_APP_URL')?.value;
+          /**
+           *
+           * @type {import('@blocklet/sdk/lib/types/notification').TNotificationInput | import('@blocklet/sdk/lib/types/notification').TNotification]} param
+           */
           const param = {
             title: 'App Backup Failed',
             description: `Failed to backup ${getDisplayName(blocklet)} to ${args.url}, due to: ${args.errorMessage}`,
@@ -342,8 +352,24 @@ module.exports = ({
             entityId: args.did,
             severity: 'error',
             sticky: true,
+            actions: [
+              {
+                name: 'View in server',
+                title: 'View in server',
+                link: joinURL(
+                  `https://${encode(nodeInfo.did)}.${DEFAULT_DID_DOMAIN}`,
+                  nodeInfo.routing.adminPath,
+                  `/blocklets/${blocklet.appPid}/didSpaces`
+                ),
+              },
+              {
+                name: 'View in app',
+                title: 'View in app',
+                link: joinURL(appUrl, WELLKNOWN_BLOCKLET_ADMIN_PATH, 'did-spaces'),
+              },
+            ],
           };
-          const nodeInfo = await node.getNodeInfo();
+
           await node.createNotification({ ...param, teamDid: nodeInfo.did });
           await node.createNotification({ ...param, teamDid: args.did });
         }

package/lib/index.js

@@ -43,6 +43,7 @@ const getDynamicComponents = require('./util/get-dynamic-components');
 const SecurityAPI = require('./blocklet/security');
 const dockerRestartAllContainers = require('./util/docker/docker-restart-all-containers');
 const RouterBlocker = require('./router/security/blocker');
+const BlockletVault = require('./blocklet/security/vault');
 
 /**
  * @typedef {{} & import('./api/team')}} TNode
@@ -333,6 +334,7 @@ function ABTNode(options) {
     fromStatus,
 
     states,
+    getUserState: teamManager.getUserState.bind(teamManager),
 
     onReady: onStatesReady,
 
@@ -411,6 +413,7 @@ function ABTNode(options) {
     setBlockletInitialized: blockletManager.setInitialized.bind(blockletManager),
     setBlockletOwner: blockletManager.updateOwner.bind(blockletManager),
     updateBlockletOwner: blockletManager.updateOwner.bind(blockletManager),
+    updateBlockletVault: blockletManager.updateVault.bind(blockletManager),
     getBlockletRuntimeHistory: blockletManager.getRuntimeHistory.bind(blockletManager),
 
     // blocklet spaces gateways
@@ -419,6 +422,9 @@ function ABTNode(options) {
     updateBlockletSpaceGateway: blockletManager.updateBlockletSpaceGateway.bind(blockletManager),
     getBlockletSpaceGateways: blockletManager.getBlockletSpaceGateways.bind(blockletManager),
 
+    updateUserSpaceHosts: blockletManager.updateUserSpaceHosts.bind(blockletManager),
+    getUserSpaceHosts: blockletManager.getUserSpaceHosts.bind(blockletManager),
+
     // auto backup related
     updateAutoBackup: blockletManager.updateAutoBackup.bind(blockletManager),
     getBlockletBackups: blockletManager.getBlockletBackups.bind(blockletManager),
@@ -699,6 +705,10 @@ function ABTNode(options) {
     addBlockletAccessPolicy: securityAPI.addBlockletAccessPolicy.bind(securityAPI),
     updateBlockletAccessPolicy: securityAPI.updateBlockletAccessPolicy.bind(securityAPI),
     deleteBlockletAccessPolicy: securityAPI.deleteBlockletAccessPolicy.bind(securityAPI),
+
+    // blocklet vault
+    configVault: (params, context) => BlockletVault.configVault(instance, params, context),
+    commitVault: (params) => BlockletVault.commitVault(instance, params),
   };
 
   const events = createEvents({

package/lib/states/audit-log.js

@@ -248,6 +248,8 @@ const getLogContent = async (action, args, context, result, info, node) => {
       return `removed ${result.deletedComponent.meta.title}@${result.deletedComponent.meta.version} ${args.keepData !== false ? 'but kept its data and config' : 'and its data and config'}`; // prettier-ignore
     case 'configBlocklet':
       return `updated following config for ${args.did?.length > 1 ? componentOrApplicationInfo(result, [args.did[1]]) : 'application'}: ${args.configs.map(x => `*${x.key}*`).join(', ')}`; // prettier-ignore
+    case 'configVault':
+      return `updated vault for ${args.teamDid} to ${args.vaultDid}`;
     // @see: core/state/lib/event.js#311
     case 'backupToSpaces':
       if (args?.success) {
@@ -520,6 +522,7 @@ const getLogCategory = (action) => {
     case 'deleteBlocklet':
     case 'deleteComponent':
     case 'configBlocklet':
+    case 'configVault':
     case 'upgradeBlocklet':
     case 'upgradeComponents':
     case 'configNavigations':

package/lib/states/blocklet.js

@@ -28,6 +28,7 @@ const {
   BlockletGroup,
 } = require('@blocklet/constant');
 const { refreshPorts } = require('@abtnode/util/lib/port');
+const { verifyVault } = require('@blocklet/meta/lib/security');
 const { APP_STRUCT_VERSION } = require('@abtnode/constant');
 
 const logger = require('@abtnode/logger')('@abtnode/core:states:blocklet');
@@ -299,7 +300,7 @@ class BlockletState extends BaseState {
       throw new Error(`Blocklet does not exist on update: ${did}`);
     }
 
-    const formatted = formatBlocklet(cloneDeep(updates), 'onUpdate', this.config.dek);
+    const formatted = formatBlocklet(omit(cloneDeep(updates), ['vaults']), 'onUpdate', this.config.dek);
     const [, [updated]] = await this.update({ id: doc.id }, { $set: formatted });
 
     updated.status = getBlockletStatus(updated);
@@ -307,6 +308,18 @@ class BlockletState extends BaseState {
     return updated;
   }
 
+  async updateBlockletVaults(did, vaults) {
+    const doc = await this.getBlocklet(did);
+    if (!doc) {
+      throw new Error(`Blocklet does not exist on update vaults: ${did}`);
+    }
+
+    await verifyVault(vaults, doc.appDid, true);
+
+    const [, [updated]] = await this.update({ id: doc.id }, { $set: { vaults } });
+    return updated;
+  }
+
   async upgradeBlocklet({ meta, source, deployedFrom = '', children, manualChildPorts } = {}) {
     const doc = await this.getBlocklet(meta.did);
     if (!doc) {

package/package.json

@@ -3,7 +3,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "1.16.39",
+  "version": "1.16.40-beta-20250227-092112-1815be0a",
   "description": "",
   "main": "lib/index.js",
   "files": [
@@ -19,41 +19,41 @@
   "author": "wangshijun <wangshijun2010@gmail.com> (http://github.com/wangshijun)",
   "license": "Apache-2.0",
   "dependencies": {
-    "@abtnode/analytics": "1.16.39",
-    "@abtnode/auth": "1.16.39",
-    "@abtnode/certificate-manager": "1.16.39",
-    "@abtnode/constant": "1.16.39",
-    "@abtnode/cron": "1.16.39",
-    "@abtnode/docker-utils": "1.16.39",
-    "@abtnode/logger": "1.16.39",
-    "@abtnode/models": "1.16.39",
-    "@abtnode/queue": "1.16.39",
-    "@abtnode/rbac": "1.16.39",
-    "@abtnode/router-provider": "1.16.39",
-    "@abtnode/static-server": "1.16.39",
-    "@abtnode/timemachine": "1.16.39",
-    "@abtnode/util": "1.16.39",
-    "@arcblock/did": "1.19.10",
-    "@arcblock/did-auth": "1.19.10",
-    "@arcblock/did-ext": "^1.19.10",
+    "@abtnode/analytics": "1.16.40-beta-20250227-092112-1815be0a",
+    "@abtnode/auth": "1.16.40-beta-20250227-092112-1815be0a",
+    "@abtnode/certificate-manager": "1.16.40-beta-20250227-092112-1815be0a",
+    "@abtnode/constant": "1.16.40-beta-20250227-092112-1815be0a",
+    "@abtnode/cron": "1.16.40-beta-20250227-092112-1815be0a",
+    "@abtnode/docker-utils": "1.16.40-beta-20250227-092112-1815be0a",
+    "@abtnode/logger": "1.16.40-beta-20250227-092112-1815be0a",
+    "@abtnode/models": "1.16.40-beta-20250227-092112-1815be0a",
+    "@abtnode/queue": "1.16.40-beta-20250227-092112-1815be0a",
+    "@abtnode/rbac": "1.16.40-beta-20250227-092112-1815be0a",
+    "@abtnode/router-provider": "1.16.40-beta-20250227-092112-1815be0a",
+    "@abtnode/static-server": "1.16.40-beta-20250227-092112-1815be0a",
+    "@abtnode/timemachine": "1.16.40-beta-20250227-092112-1815be0a",
+    "@abtnode/util": "1.16.40-beta-20250227-092112-1815be0a",
+    "@arcblock/did": "1.19.12",
+    "@arcblock/did-auth": "1.19.12",
+    "@arcblock/did-ext": "^1.19.12",
     "@arcblock/did-motif": "^1.1.13",
-    "@arcblock/did-util": "1.19.10",
-    "@arcblock/event-hub": "1.19.10",
-    "@arcblock/jwt": "^1.19.10",
+    "@arcblock/did-util": "1.19.12",
+    "@arcblock/event-hub": "1.19.12",
+    "@arcblock/jwt": "^1.19.12",
     "@arcblock/pm2-events": "^0.0.5",
-    "@arcblock/validator": "^1.19.10",
-    "@arcblock/vc": "1.19.10",
-    "@blocklet/constant": "1.16.39",
-    "@blocklet/did-space-js": "^1.0.19",
-    "@blocklet/env": "1.16.39",
-    "@blocklet/meta": "1.16.39",
-    "@blocklet/resolver": "1.16.39",
-    "@blocklet/sdk": "1.16.39",
-    "@blocklet/store": "1.16.39",
+    "@arcblock/validator": "^1.19.12",
+    "@arcblock/vc": "1.19.12",
+    "@blocklet/constant": "1.16.40-beta-20250227-092112-1815be0a",
+    "@blocklet/did-space-js": "^1.0.21",
+    "@blocklet/env": "1.16.40-beta-20250227-092112-1815be0a",
+    "@blocklet/meta": "1.16.40-beta-20250227-092112-1815be0a",
+    "@blocklet/resolver": "1.16.40-beta-20250227-092112-1815be0a",
+    "@blocklet/sdk": "1.16.40-beta-20250227-092112-1815be0a",
+    "@blocklet/store": "1.16.40-beta-20250227-092112-1815be0a",
     "@fidm/x509": "^1.2.1",
-    "@ocap/mcrypto": "1.19.10",
-    "@ocap/util": "1.19.10",
-    "@ocap/wallet": "1.19.10",
+    "@ocap/mcrypto": "1.19.12",
+    "@ocap/util": "1.19.12",
+    "@ocap/wallet": "1.19.12",
     "@slack/webhook": "^5.0.4",
     "archiver": "^7.0.1",
     "axios": "^1.7.9",
@@ -110,5 +110,5 @@
     "jest": "^29.7.0",
     "unzipper": "^0.10.11"
   },
-  "gitHead": "e3a614757b32dba71dcc187f20060932df31eab6"
+  "gitHead": "e33d791e24236a10ed3d196618aba989a0eee8ad"
 }