npm - @abtnode/core - Versions diffs - 1.17.12 → 1.17.13-beta-20260512-042419-7b556a38 - Mend

@abtnode/core 1.17.12 → 1.17.13-beta-20260512-042419-7b556a38

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (23) hide show

package/lib/api/team/passport-manager.js +1 -1
package/lib/api/team/session-manager.js +1 -1
package/lib/api/team/user-query-manager.js +1 -1
package/lib/blocklet/manager/disk/federated-manager.js +1 -1
package/lib/blocklet/manager/disk/install-core-manager.js +1 -1
package/lib/blocklet/manager/disk/query-manager.js +1 -1
package/lib/blocklet/manager/disk.js +1 -1
package/lib/blocklet/manager/helper/install-application-from-general.js +1 -1
package/lib/blocklet/manager/helper/install-component-from-url.js +1 -1
package/lib/blocklet/manager/helper/migrate-application-to-struct-v2.js +1 -1
package/lib/blocklet/migration-dist/migration.cjs +131 -26
package/lib/router/helper.js +3 -3
package/lib/router/security/limiter.js +1 -1
package/lib/states/audit-log.js +2 -2
package/lib/states/site.js +1 -1
package/lib/states/user.js +4 -4
package/lib/util/blocklet/blocklet-loader.js +1 -1
package/lib/util/blocklet/install-utils.js +2 -2
package/lib/util/get-accessible-external-node-ip.js +1 -1
package/lib/util/launcher.js +1 -1
package/lib/util/spaces.js +1 -1
package/lib/validators/user.js +1 -1
package/package.json +37 -25

package/lib/api/team/passport-manager.js CHANGED Viewed

@@ -529,7 +529,7 @@ async function getPassportIssuances(api, { teamDid, ownerDid }) {
 async function getPassportIssuance(api, { teamDid, sessionId }) {
   const state = await api.getSessionState(teamDid);
   const doc = await state.read(sessionId);
-  // FIXME: @zhanghan 指定被邀请者的邀请需要查询被邀请者的详细信息
+  // FIXME: 指定被邀请者的邀请需要查询被邀请者的详细信息
   return doc;
 }

package/lib/api/team/session-manager.js CHANGED Viewed

@@ -546,7 +546,7 @@ async function logoutUser(api, { teamDid, userDid, visitorId = '', appPid = '',
     callFederated({
       action: 'sync',
       permanentWallet,
-      // FIXME: @zhanghan 是否还需要通知其他 Member 站点，执行退出登录的操作
+      // FIXME: 是否还需要通知其他 Member 站点，执行退出登录的操作
       site: masterSite,
       data: {
         userSessions: [

package/lib/api/team/user-query-manager.js CHANGED Viewed

@@ -113,7 +113,7 @@ async function getUsers(api, { teamDid, query, paging: inputPaging, sort, dids }
     // eslint-disable-next-line function-paren-newline
   );
   return {
-    // FIXME: @zhanghan 这里做字段过滤的目的是？gql 本身已经对字段做了过滤了
+    // FIXME: 这里做字段过滤的目的是？gql 本身已经对字段做了过滤了
     users,
     paging,
   };

package/lib/blocklet/manager/disk/federated-manager.js CHANGED Viewed

@@ -570,7 +570,7 @@ async function syncFederatedConfig(manager, { did }) {
   let siteInfoList = [];
   if (isSelfMaster) {
     siteInfoList = await pMap(
-      // FIXME: @zhanghan 需要对 sites 做一次去重处理
+      // FIXME: 需要对 sites 做一次去重处理
       uniqBy(federated.sites, 'appPid'),
       async (item) => {
         if (item.appPid === teamDid) {

package/lib/blocklet/manager/disk/install-core-manager.js CHANGED Viewed

@@ -326,7 +326,7 @@ async function _addBlocklet(
     }
   }
-  // FIXME @linchen
+  // FIXME:
   // 当应用本身是容器时, 下载这个容器, 因为容器可能除 blocklet.yml 额外的文件
   // 本身就是容器的应用, 在容器中添加额外文件可能不是合理的做法
   // 容器只在安装时有效, 安装后容器无法升级

package/lib/blocklet/manager/disk/query-manager.js CHANGED Viewed

@@ -431,7 +431,7 @@ async function _attachRuntimeInfo(manager, { did, nodeInfo, diskInfo = false, co
             version: engineComponent.meta.version,
             available: true,
             visible: true,
-            // FIXME: @wangshijun this should be dynamic
+            // FIXME: this should be dynamic
             logo: '',
           };
         } else if (engineId !== STATIC_SERVER_ENGINE_DID) {

package/lib/blocklet/manager/disk.js CHANGED Viewed

@@ -1370,7 +1370,7 @@ class DiskBlockletManager extends BaseBlockletManager {
   }
   /**
-   * FIXME: @linchen support cancel
+   * FIXME: support cancel
    * @param {import('@blocklet/server-js').RequestRestoreBlockletInput} input
    * @memberof BlockletManager
    */

package/lib/blocklet/manager/helper/install-application-from-general.js CHANGED Viewed

@@ -88,7 +88,7 @@ const installApplicationFromGeneral = async ({
         ? {
             store: registryUrl,
             name: meta.bundleName || meta.name,
-            // FIXME @linchen version should be specified
+            // FIXME: version should be specified
             version: 'latest',
           }
         : { url: componentSourceUrl },

package/lib/blocklet/manager/helper/install-component-from-url.js CHANGED Viewed

@@ -88,7 +88,7 @@ const installComponentFromUrl = async ({
       ? {
           store: registryUrl,
           name: meta.bundleName || meta.name,
-          // FIXME @linchen version should be specified
+          // FIXME: version should be specified
           version: 'latest',
         }
       : { url },

package/lib/blocklet/manager/helper/migrate-application-to-struct-v2.js CHANGED Viewed

@@ -223,7 +223,7 @@ const migrateApplicationToStructV2 = async ({ did, appSk: newAppSk, context = {}
     extraData.meta.name = appPid;
   }
   // fork root component's configs to container
-  // FIXME: @linchen the configs in container should be managed in dashboard ?
+  // FIXME: should configs in container be managed in dashboard?
   extraData.configs = (extraData.configs || []).filter((x) => x.key !== BLOCKLET_CONFIGURABLE_KEY.BLOCKLET_APP_SK);
   // If appSk not configured before, then set derived appSk as permanent appSk

package/lib/blocklet/migration-dist/migration.cjs CHANGED Viewed

@@ -55,7 +55,7 @@ const getNoopLogger = (label = '') => {
 // singleton per process
 let addedRejectionExceptionTransport = false;
-// 目前的实现不支持 splat, 但是我测试了好多次，但是依然没搞明白为什么 splat 中包含了所有的 metadata
+// splat is intentionally unused here; the splat array unexpectedly contains all metadata
 const customPrintfCallback = ({ level, message, label, timestamp, [Symbol.for('splat')]: metadata }) => {
   let result = `[${process.pid}] [${timestamp}] [${level}] [${label || 'default'}] [${message || ''}]`;
@@ -9865,14 +9865,14 @@ const { areIdentical } = __nccwpck_require__(887)
 async function createLink (srcpath, dstpath) {
   let dstStat
   try {
-    dstStat = await fs.lstat(dstpath)
+    dstStat = await fs.lstat(dstpath, { bigint: true })
   } catch {
     // ignore error
   }
   let srcStat
   try {
-    srcStat = await fs.lstat(srcpath)
+    srcStat = await fs.lstat(srcpath, { bigint: true })
   } catch (err) {
     err.message = err.message.replace('lstat', 'ensureLink')
     throw err
@@ -9894,11 +9894,11 @@ async function createLink (srcpath, dstpath) {
 function createLinkSync (srcpath, dstpath) {
   let dstStat
   try {
-    dstStat = fs.lstatSync(dstpath)
+    dstStat = fs.lstatSync(dstpath, { bigint: true })
   } catch {}
   try {
-    const srcStat = fs.lstatSync(srcpath)
+    const srcStat = fs.lstatSync(srcpath, { bigint: true })
     if (dstStat && areIdentical(srcStat, dstStat)) return
   } catch (err) {
     err.message = err.message.replace('lstat', 'ensureLink')
@@ -10098,11 +10098,22 @@ async function createSymlink (srcpath, dstpath, type) {
   } catch { }
   if (stats && stats.isSymbolicLink()) {
-    const [srcStat, dstStat] = await Promise.all([
-      fs.stat(srcpath),
-      fs.stat(dstpath)
-    ])
+    // When srcpath is relative, resolve it relative to dstpath's directory
+    // (standard symlink behavior) or fall back to cwd if that doesn't exist
+    let srcStat
+    if (path.isAbsolute(srcpath)) {
+      srcStat = await fs.stat(srcpath, { bigint: true })
+    } else {
+      const dstdir = path.dirname(dstpath)
+      const relativeToDst = path.join(dstdir, srcpath)
+      try {
+        srcStat = await fs.stat(relativeToDst, { bigint: true })
+      } catch {
+        srcStat = await fs.stat(srcpath, { bigint: true })
+      }
+    }
+    const dstStat = await fs.stat(dstpath, { bigint: true })
     if (areIdentical(srcStat, dstStat)) return
   }
@@ -10124,8 +10135,22 @@ function createSymlinkSync (srcpath, dstpath, type) {
     stats = fs.lstatSync(dstpath)
   } catch { }
   if (stats && stats.isSymbolicLink()) {
-    const srcStat = fs.statSync(srcpath)
-    const dstStat = fs.statSync(dstpath)
+    // When srcpath is relative, resolve it relative to dstpath's directory
+    // (standard symlink behavior) or fall back to cwd if that doesn't exist
+    let srcStat
+    if (path.isAbsolute(srcpath)) {
+      srcStat = fs.statSync(srcpath, { bigint: true })
+    } else {
+      const dstdir = path.dirname(dstpath)
+      const relativeToDst = path.join(dstdir, srcpath)
+      try {
+        srcStat = fs.statSync(relativeToDst, { bigint: true })
+      } catch {
+        srcStat = fs.statSync(srcpath, { bigint: true })
+      }
+    }
+    const dstStat = fs.statSync(dstpath, { bigint: true })
     if (areIdentical(srcStat, dstStat)) return
   }
@@ -10937,30 +10962,47 @@ const fs = __nccwpck_require__(3506)
 const u = (__nccwpck_require__(5077).fromPromise)
 async function utimesMillis (path, atime, mtime) {
-  // if (!HAS_MILLIS_RES) return fs.utimes(path, atime, mtime, callback)
   const fd = await fs.open(path, 'r+')
-  let closeErr = null
+  let error = null
   try {
     await fs.futimes(fd, atime, mtime)
+  } catch (futimesErr) {
+    error = futimesErr
   } finally {
     try {
       await fs.close(fd)
-    } catch (e) {
-      closeErr = e
+    } catch (closeErr) {
+      if (!error) error = closeErr
     }
   }
-  if (closeErr) {
-    throw closeErr
+  if (error) {
+    throw error
   }
 }
 function utimesMillisSync (path, atime, mtime) {
   const fd = fs.openSync(path, 'r+')
-  fs.futimesSync(fd, atime, mtime)
-  return fs.closeSync(fd)
+  let error = null
+  try {
+    fs.futimesSync(fd, atime, mtime)
+  } catch (futimesErr) {
+    error = futimesErr
+  } finally {
+    try {
+      fs.closeSync(fd)
+    } catch (closeErr) {
+      if (!error) error = closeErr
+    }
+  }
+  if (error) {
+    throw error
+  }
 }
 module.exports = {
@@ -12310,6 +12352,10 @@ function stringify (obj, { EOL = '\n', finalEOL = true, replacer = null, spaces
   const EOF = finalEOL ? EOL : ''
   const str = JSON.stringify(obj, replacer, spaces)
+  if (str === undefined) {
+    throw new TypeError(`Converting ${typeof obj} value to JSON is not supported`)
+  }
   return str.replace(/\n/g, EOL) + EOF
 }
@@ -16340,7 +16386,7 @@ module.exports = setCacheAdd;
  * @name has
  * @memberOf SetCache
  * @param {*} value The value to search for.
- * @returns {number} Returns `true` if `value` is found, else `false`.
+ * @returns {boolean} Returns `true` if `value` is found, else `false`.
  */
 function setCacheHas(value) {
   return this.__data__.has(value);
@@ -31705,7 +31751,7 @@ const diff = (version1, version2) => {
     return prefix + 'patch'
   }
-  // high and low are preleases
+  // high and low are prereleases
   return 'prerelease'
 }
@@ -31959,6 +32005,62 @@ const sort = (list, loose) => list.sort((a, b) => compareBuild(a, b, loose))
 module.exports = sort
+/***/ }),
+/***/ 6114:
+/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
+"use strict";
+const parse = __nccwpck_require__(6353)
+const constants = __nccwpck_require__(5101)
+const SemVer = __nccwpck_require__(7163)
+const truncate = (version, truncation, options) => {
+  if (!constants.RELEASE_TYPES.includes(truncation)) {
+    return null
+  }
+  const clonedVersion = cloneInputVersion(version, options)
+  return clonedVersion && doTruncation(clonedVersion, truncation)
+}
+const cloneInputVersion = (version, options) => {
+  const versionStringToParse = (
+    version instanceof SemVer ? version.version : version
+  )
+  return parse(versionStringToParse, options)
+}
+const doTruncation = (version, truncation) => {
+  if (isPrerelease(truncation)) {
+    return version.version
+  }
+  version.prerelease = []
+  switch (truncation) {
+    case 'major':
+      version.minor = 0
+      version.patch = 0
+      break
+    case 'minor':
+      version.patch = 0
+      break
+  }
+  return version.format()
+}
+const isPrerelease = (type) => {
+  return type.startsWith('pre')
+}
+module.exports = truncate
 /***/ }),
 /***/ 8780:
@@ -32011,6 +32113,7 @@ const gte = __nccwpck_require__(1236)
 const lte = __nccwpck_require__(6717)
 const cmp = __nccwpck_require__(8646)
 const coerce = __nccwpck_require__(5385)
+const truncate = __nccwpck_require__(6114)
 const Comparator = __nccwpck_require__(9379)
 const Range = __nccwpck_require__(6782)
 const satisfies = __nccwpck_require__(8011)
@@ -32049,6 +32152,7 @@ module.exports = {
   lte,
   cmp,
   coerce,
+  truncate,
   Comparator,
   Range,
   satisfies,
@@ -32336,8 +32440,8 @@ createToken('MAINVERSIONLOOSE', `(${src[t.NUMERICIDENTIFIERLOOSE]})\\.` +
 // ## Pre-release Version Identifier
 // A numeric identifier, or a non-numeric identifier.
-// Non-numberic identifiers include numberic identifiers but can be longer.
-// Therefore non-numberic identifiers must go first.
+// Non-numeric identifiers include numeric identifiers but can be longer.
+// Therefore non-numeric identifiers must go first.
 createToken('PRERELEASEIDENTIFIER', `(?:${src[t.NONNUMERICIDENTIFIER]
 }|${src[t.NUMERICIDENTIFIER]})`)
@@ -32394,7 +32498,7 @@ createToken('LOOSE', `^${src[t.LOOSEPLAIN]}$`)
 createToken('GTLT', '((?:<|>)?=?)')
 // Something like "2.*" or "1.2.x".
-// Note that "x.x" is a valid xRange identifer, meaning "any version"
+// Note that "x.x" is a valid xRange identifier, meaning "any version"
 // Only the first item is strictly required.
 createToken('XRANGEIDENTIFIERLOOSE', `${src[t.NUMERICIDENTIFIERLOOSE]}|x|X|\\*`)
 createToken('XRANGEIDENTIFIER', `${src[t.NUMERICIDENTIFIER]}|x|X|\\*`)
@@ -32859,7 +32963,7 @@ const compare = __nccwpck_require__(8469)
 // - If LT
 //   - If LT.semver is greater than any < or <= comp in C, return false
 //   - If LT is <=, and LT.semver does not satisfy every C, return false
-//   - If GT.semver has a prerelease, and not in prerelease mode
+//   - If LT.semver has a prerelease, and not in prerelease mode
 //     - If no C has a prerelease and the LT.semver tuple, return false
 // - Else return true
@@ -38062,6 +38166,7 @@ module.exports = require("zlib");
 /***/ 567:
 /***/ ((__unused_webpack_module, exports) => {
+Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
 //#region src/roles.js
 const ROLES = /* @__PURE__ */ Object.freeze({
@@ -39103,7 +39208,7 @@ exports.isSystemRole = isSystemRole;
 /***/ ((module) => {
 "use strict";
-module.exports = /*#__PURE__*/JSON.parse('{"name":"@abtnode/core","publishConfig":{"access":"public"},"version":"1.17.11","description":"","main":"lib/index.js","files":["lib"],"scripts":{"lint":"eslint tests lib --ignore-pattern \'tests/assets/*\'","lint:fix":"eslint --fix tests lib"},"keywords":[],"author":"wangshijun <wangshijun2010@gmail.com> (http://github.com/wangshijun)","license":"Apache-2.0","dependencies":{"@abtnode/analytics":"1.17.11","@abtnode/auth":"1.17.11","@abtnode/certificate-manager":"1.17.11","@abtnode/constant":"1.17.11","@abtnode/cron":"1.17.11","@abtnode/db-cache":"1.17.11","@abtnode/docker-utils":"1.17.11","@abtnode/logger":"1.17.11","@abtnode/models":"1.17.11","@abtnode/queue":"1.17.11","@abtnode/rbac":"1.17.11","@abtnode/router-provider":"1.17.11","@abtnode/util":"1.17.11","@arcblock/did":"1.29.27","@arcblock/did-connect-js":"1.29.27","@arcblock/did-ext":"1.29.27","@arcblock/did-motif":"^1.1.14","@arcblock/did-util":"1.29.27","@arcblock/event-hub":"1.29.27","@arcblock/jwt":"1.29.27","@arcblock/pm2-events":"^0.0.5","@arcblock/validator":"1.29.27","@arcblock/vc":"1.29.27","@blocklet/constant":"1.17.11","@blocklet/did-space-js":"1.2.23","@blocklet/env":"1.17.11","@blocklet/error":"^0.3.5","@blocklet/meta":"1.17.11","@blocklet/resolver":"1.17.11","@blocklet/sdk":"1.17.11","@blocklet/server-js":"1.17.11","@blocklet/store":"1.17.11","@blocklet/theme":"^3.5.2","@fidm/x509":"^1.2.1","@ocap/mcrypto":"1.29.27","@ocap/util":"1.29.27","@ocap/wallet":"1.29.27","@slack/webhook":"^7.0.6","archiver":"^7.0.1","axios":"^1.7.9","axon":"^2.0.3","chalk":"^4.1.2","cross-spawn":"^7.0.3","dayjs":"^1.11.13","deep-diff":"^1.0.2","detect-port":"^1.5.1","envfile":"^7.1.0","escape-string-regexp":"^4.0.0","fast-glob":"^3.3.2","filesize":"^10.1.1","flat":"^5.0.2","fs-extra":"^11.2.0","get-port":"^5.1.1","hasha":"^5.2.2","is-base64":"^1.1.0","is-cidr":"4","is-ip":"3","is-url":"^1.2.4","joi":"17.12.2","joi-extension-semver":"^5.0.0","js-yaml":"^4.1.0","kill-port":"^2.0.1","lodash":"^4.17.21","node-stream-zip":"^1.15.0","p-all":"^3.0.0","p-limit":"^3.1.0","p-map":"^4.0.0","p-retry":"^4.6.2","p-wait-for":"^3.2.0","private-ip":"^2.3.4","rate-limiter-flexible":"^5.0.5","read-last-lines":"^1.8.0","semver":"^7.6.3","sequelize":"^6.35.0","shelljs":"^0.8.5","slugify":"^1.6.6","ssri":"^8.0.1","stream-throttle":"^0.1.3","stream-to-promise":"^3.0.0","systeminformation":"^5.23.3","tail":"^2.2.4","tar":"^6.1.11","transliteration":"2.3.5","ua-parser-js":"^1.0.2","ufo":"^1.5.3","uuid":"^11.1.0","valid-url":"^1.0.9","which":"^2.0.2","xbytes":"^1.8.0"},"devDependencies":{"axios-mock-adapter":"^2.1.0","expand-tilde":"^2.0.2","express":"^4.18.2","unzipper":"^0.10.11"},"gitHead":"e5764f753181ed6a7c615cd4fc6682aacf0cb7cd"}');
+module.exports = /*#__PURE__*/JSON.parse('{"name":"@abtnode/core","publishConfig":{"access":"public"},"version":"1.17.12","description":"","main":"lib/index.js","files":["lib"],"scripts":{"lint":"eslint tests lib --ignore-pattern \'tests/assets/*\'","lint:fix":"eslint --fix tests lib"},"keywords":[],"author":{"name":"ArcBlock","email":"blocklet@arcblock.io","url":"https://github.com/ArcBlock"},"license":"Apache-2.0","repository":{"type":"git","url":"https://github.com/ArcBlock/blocklet-server.git","directory":"core/state"},"bugs":{"url":"https://github.com/ArcBlock/blocklet-server/issues"},"homepage":"https://github.com/ArcBlock/blocklet-server/tree/main/core/state#readme","dependencies":{"@abtnode/analytics":"1.17.12","@abtnode/auth":"1.17.12","@abtnode/certificate-manager":"1.17.12","@abtnode/constant":"1.17.12","@abtnode/cron":"1.17.12","@abtnode/db-cache":"1.17.12","@abtnode/docker-utils":"1.17.12","@abtnode/logger":"1.17.12","@abtnode/models":"1.17.12","@abtnode/queue":"1.17.12","@abtnode/rbac":"1.17.12","@abtnode/router-provider":"1.17.12","@abtnode/util":"1.17.12","@arcblock/did":"1.29.27","@arcblock/did-connect-js":"1.29.27","@arcblock/did-ext":"1.29.27","@arcblock/did-motif":"^1.1.14","@arcblock/did-util":"1.29.27","@arcblock/event-hub":"1.29.27","@arcblock/jwt":"1.29.27","@arcblock/pm2-events":"^0.0.5","@arcblock/validator":"1.29.27","@arcblock/vc":"1.29.27","@blocklet/constant":"1.17.12","@blocklet/did-space-js":"1.2.23","@blocklet/env":"1.17.12","@blocklet/error":"^0.3.5","@blocklet/meta":"1.17.12","@blocklet/resolver":"1.17.12","@blocklet/sdk":"1.17.12","@blocklet/server-js":"1.17.12","@blocklet/store":"1.17.12","@blocklet/theme":"^3.5.2","@fidm/x509":"^1.2.1","@ocap/mcrypto":"1.29.27","@ocap/util":"1.29.27","@ocap/wallet":"1.29.27","@slack/webhook":"^7.0.6","archiver":"^7.0.1","axios":"^1.7.9","axon":"^2.0.3","chalk":"^4.1.2","cross-spawn":"^7.0.3","dayjs":"^1.11.13","deep-diff":"^1.0.2","detect-port":"^1.5.1","envfile":"^7.1.0","escape-string-regexp":"^4.0.0","fast-glob":"^3.3.2","filesize":"^10.1.1","flat":"^5.0.2","fs-extra":"^11.2.0","get-port":"^5.1.1","hasha":"^5.2.2","is-base64":"^1.1.0","is-cidr":"4","is-ip":"3","is-url":"^1.2.4","joi":"17.12.2","joi-extension-semver":"^5.0.0","js-yaml":"^4.1.0","kill-port":"^2.0.1","lodash":"^4.17.21","node-stream-zip":"^1.15.0","p-all":"^3.0.0","p-limit":"^3.1.0","p-map":"^4.0.0","p-retry":"^4.6.2","p-wait-for":"^3.2.0","rate-limiter-flexible":"^5.0.5","read-last-lines":"^1.8.0","semver":"^7.6.3","sequelize":"^6.35.0","shelljs":"^0.8.5","slugify":"^1.6.6","ssri":"^8.0.1","stream-throttle":"^0.1.3","stream-to-promise":"^3.0.0","systeminformation":"^5.23.3","tail":"^2.2.4","tar":"^7.5.13","transliteration":"2.3.5","ua-parser-js":"^1.0.2","ufo":"^1.5.3","uuid":"^11.1.0","valid-url":"^1.0.9","which":"^2.0.2","xbytes":"^1.8.0"},"devDependencies":{"axios-mock-adapter":"^2.1.0","expand-tilde":"^2.0.2","express":"^4.18.2","unzipper":"^0.10.11"},"gitHead":"e5764f753181ed6a7c615cd4fc6682aacf0cb7cd"}');
 /***/ }),

package/lib/router/helper.js CHANGED Viewed

@@ -3,7 +3,6 @@
 /* eslint-disable prefer-destructuring */
 const fs = require('fs-extra');
 const path = require('path');
-const tar = require('tar');
 const dns = require('dns').promises;
 const UUID = require('uuid');
 const dayjs = require('@abtnode/util/lib/dayjs');
@@ -27,6 +26,7 @@ const normalizePathPrefix = require('@abtnode/util/lib/normalize-path-prefix');
 const getTmpDir = require('@abtnode/util/lib/get-tmp-directory');
 const downloadFile = require('@abtnode/util/lib/download-file');
 const axios = require('@abtnode/util/lib/axios');
+const { safeTarExtract } = require('@abtnode/util/lib/safe-tar');
 const { getIpDnsDomainForBlocklet, getDidDomainForBlocklet } = require('@abtnode/util/lib/get-domain-for-blocklet');
 const { hasMountPoint } = require('@blocklet/meta/lib/engine');
 const { forEachBlockletSync } = require('@blocklet/meta/lib/util');
@@ -840,7 +840,7 @@ const ensureLatestInfo = async (sites = [], blocklets = [], teamManager = null,
 const decompressCertificates = async (source, dest) => {
   fs.ensureDirSync(dest);
-  await tar.x({ file: source, C: dest });
+  await safeTarExtract({ file: source, cwd: dest });
   return dest;
 };
@@ -2188,7 +2188,7 @@ module.exports = function getRouterHelpers({
     const analyzeLock = path.join(logDir, '.analyze.lock20241030');
     if (fs.existsSync(analyzeLock)) {
-      // FIXME: @wangshijun how do we support real time logs
+      // FIXME: how do we support real time logs
       const date = dayjs().subtract(1, 'day').format('YYYY-MM-DD');
       await doAnalyze(date, cloneDeep(groups));
     } else {

package/lib/router/security/limiter.js CHANGED Viewed

@@ -1,4 +1,4 @@
-// FIXME: @wangshijun use a crash safe store for the limiter
+// FIXME: use a crash safe store for the limiter
 const dayjs = require('@abtnode/util/lib/dayjs');
 const { BLACKLIST_SCOPE } = require('@abtnode/constant');
 const { RateLimiterMemory } = require('rate-limiter-flexible');

package/lib/states/audit-log.js CHANGED Viewed

@@ -972,8 +972,8 @@ class AuditLogState extends BaseState {
       protocol: 'http',
       user: {
         meta: 'profile',
-        fullName: 'wangshijun',
-        email: 'shijun@arcblock.io',
+        fullName: 'user',
+        email: 'user@example.com',
         type: 'profile',
         did: 'z1jq5bGF64wnZiy29EbRyuQqUxmRHmSdt1Q',
         pk: 'zHTcKwgi9DK8US8QQY9K7wQ3qF79CtrWYn6BYAgTQUeVQ',

package/lib/states/site.js CHANGED Viewed

@@ -16,7 +16,7 @@ const { validateUpdateDomainAliases } = require('../validators/router');
 // };
 /**
- * FIXME: @wangshijun some functions may not be performant
+ * FIXME: some functions may not be performant
  * @extends BaseState<import('@abtnode/models').SiteState>
  */
 class SiteState extends BaseState {

package/lib/states/user.js CHANGED Viewed

@@ -100,7 +100,7 @@ class User extends ExtendBase {
     }
   }
-  // FIXME: @wangshijun wrap these in a transaction
+  // FIXME: wrap these in a transaction
   async addUser(user) {
     if (!validateOwner(user)) {
       throw new CustomError(400, 'user is invalid');
@@ -120,7 +120,7 @@ class User extends ExtendBase {
     await Promise.all((get(user, 'passports') || []).map((x) => this.passport.insert({ ...x, userDid: user.did })));
     await Promise.all(
       (get(user, 'connectedAccounts') || []).map((x) => {
-        // FIXME: @zhanghan 这里在修复完 https://github.com/blocklet/tweet-token/issues/131 之后需要去除特殊处理的逻辑
+        // FIXME: 这里在修复完 https://github.com/blocklet/tweet-token/issues/131 之后需要去除特殊处理的逻辑
         const mergeData = { ...x, userDid: user.did };
         if (mergeData.id === null && mergeData.provider === LOGIN_PROVIDER.AUTH0) {
           mergeData.provider = LOGIN_PROVIDER.WALLET;
@@ -132,7 +132,7 @@ class User extends ExtendBase {
     return this.getUser(user.did);
   }
-  // FIXME: @wangshijun wrap these in a transaction
+  // FIXME: wrap these in a transaction
   async updateUser(did, updates) {
     const exist = await super.findOne({ did });
     if (!exist) {
@@ -176,7 +176,7 @@ class User extends ExtendBase {
       (get(cloneData, 'connectedAccounts') || [])
         .filter((x) => x.did)
         .map((x) => {
-          // FIXME: @zhanghan 这里在修复完 https://github.com/blocklet/tweet-token/issues/131 之后需要去除特殊处理的逻辑
+          // FIXME: 这里在修复完 https://github.com/blocklet/tweet-token/issues/131 之后需要去除特殊处理的逻辑
           const mergeData = { ...x, userDid: did };
           if (mergeData.id === null && mergeData.provider === LOGIN_PROVIDER.AUTH0) {
             mergeData.provider = LOGIN_PROVIDER.WALLET;

package/lib/util/blocklet/blocklet-loader.js CHANGED Viewed

@@ -111,7 +111,7 @@ const _getBlocklet = async ({
   const settings = states.blockletExtras.getFromDoc({ doc: extraDoc, dids: [blocklet.meta.did], name: 'settings' });
   // app settings
-  // FIXME: @zhanghan 在 server 开发模式下，使用 `node /workspace/arcblock/blocklet-server/core/cli/tools/dev.js` 运行的 blocklet，blocklet.meta.did 和 blocklet.appPid 是不一致的
+  // FIXME: 在 server 开发模式下，使用 `node /workspace/arcblock/blocklet-server/core/cli/tools/dev.js` 运行的 blocklet，blocklet.meta.did 和 blocklet.appPid 是不一致的
   blocklet.trustedPassports = get(settings, 'trustedPassports') || [];
   blocklet.trustedFactories = (get(settings, 'trustedFactories') || []).map((x) => {
     if (!x.passport.ttlPolicy) {

package/lib/util/blocklet/install-utils.js CHANGED Viewed

@@ -8,7 +8,6 @@
 const fs = require('fs-extra');
 const path = require('node:path');
-const tar = require('tar');
 const get = require('lodash/get');
 const streamToPromise = require('stream-to-promise');
 const { Throttle } = require('stream-throttle');
@@ -18,6 +17,7 @@ const diff = require('deep-diff');
 const logger = require('@abtnode/logger')('@abtnode/core:util:blocklet:install-utils');
 const formatBackSlash = require('@abtnode/util/lib/format-back-slash');
 const hashFiles = require('@abtnode/util/lib/hash-files');
+const { createSafeTarExtractStream } = require('@abtnode/util/lib/safe-tar');
 const { BLOCKLET_INSTALL_TYPE } = require('@abtnode/constant');
 const { BlockletStatus, BlockletSource, fromBlockletStatus } = require('@blocklet/constant');
@@ -61,7 +61,7 @@ const expandTarball = async ({ source, dest, strip = 1 }) => {
     fs
       .createReadStream(source)
       .pipe(new Throttle({ rate: 1024 * 1024 * 20 })) // 20MB
-      .pipe(tar.x({ C: dest, strip }))
+      .pipe(createSafeTarExtractStream({ cwd: dest, strip }))
   );
   return dest;

package/lib/util/get-accessible-external-node-ip.js CHANGED Viewed

@@ -87,7 +87,7 @@ const fetch = async (nodeInfo) => {
 module.exports.refresh = fetch;
 module.exports.getFromCache = (nodeInfo) => {
-  // FIXME: @zhanghan 用于修复 unit-test 中 `should add dynamic component as expected` 中的错误，暂不知道为什么会影响
+  // FIXME: 用于修复 unit-test 中 `should add dynamic component as expected` 中的错误，暂不知道为什么会影响
   if (process.env.NODE_ENV === 'test') {
     return cache;
   }

package/lib/util/launcher.js CHANGED Viewed

@@ -505,7 +505,7 @@ const getLauncherSession = async ({ launcherUrl, launcherSessionId, external = t
   return result;
 };
-// Check local first, then remote, FIXME: @wangshijun should we check on chain nft?
+// Check local first, then remote, FIXME: should we check on chain nft?
 const isLauncherSessionConsumed = async (params) => {
   let consumed = await states.blockletExtras.isLauncherSessionConsumed(params.launcherSessionId);
   logger.info('Launcher session consumed at local?', { params, consumed });

package/lib/util/spaces.js CHANGED Viewed

@@ -19,7 +19,7 @@ const getBackupEndpoint = (configs) => {
 };
 /**
- * @FIXME 希望之后放在 sdk 中 @jianchao
+ * FIXME: move this into the SDK later
  * @description
  * @param {string} endpoint
  * @returns {string}

package/lib/validators/user.js CHANGED Viewed

@@ -6,7 +6,7 @@ const { didExtension } = require('@blocklet/meta/lib/extension');
  */
 const Joi = JOI.extend(didExtension);
-// TODO: @zhanghan 这里目前仅包含必填的字段，后续需要增加其他字段
+// TODO: 这里目前仅包含必填的字段，后续需要增加其他字段
 const passportSchema = Joi.object({
   id: Joi.string().required(),
   role: Joi.string().required(),

package/package.json CHANGED Viewed

@@ -3,7 +3,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "1.17.12",
+  "version": "1.17.13-beta-20260512-042419-7b556a38",
   "description": "",
   "main": "lib/index.js",
   "files": [
@@ -14,22 +14,35 @@
     "lint:fix": "eslint --fix tests lib"
   },
   "keywords": [],
-  "author": "wangshijun <wangshijun2010@gmail.com> (http://github.com/wangshijun)",
+  "author": {
+    "name": "ArcBlock",
+    "email": "blocklet@arcblock.io",
+    "url": "https://github.com/ArcBlock"
+  },
   "license": "Apache-2.0",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/ArcBlock/blocklet-server.git",
+    "directory": "core/state"
+  },
+  "bugs": {
+    "url": "https://github.com/ArcBlock/blocklet-server/issues"
+  },
+  "homepage": "https://github.com/ArcBlock/blocklet-server/tree/main/core/state#readme",
   "dependencies": {
-    "@abtnode/analytics": "1.17.12",
-    "@abtnode/auth": "1.17.12",
-    "@abtnode/certificate-manager": "1.17.12",
-    "@abtnode/constant": "1.17.12",
-    "@abtnode/cron": "1.17.12",
-    "@abtnode/db-cache": "1.17.12",
-    "@abtnode/docker-utils": "1.17.12",
-    "@abtnode/logger": "1.17.12",
-    "@abtnode/models": "1.17.12",
-    "@abtnode/queue": "1.17.12",
-    "@abtnode/rbac": "1.17.12",
-    "@abtnode/router-provider": "1.17.12",
-    "@abtnode/util": "1.17.12",
+    "@abtnode/analytics": "1.17.13-beta-20260512-042419-7b556a38",
+    "@abtnode/auth": "1.17.13-beta-20260512-042419-7b556a38",
+    "@abtnode/certificate-manager": "1.17.13-beta-20260512-042419-7b556a38",
+    "@abtnode/constant": "1.17.13-beta-20260512-042419-7b556a38",
+    "@abtnode/cron": "1.17.13-beta-20260512-042419-7b556a38",
+    "@abtnode/db-cache": "1.17.13-beta-20260512-042419-7b556a38",
+    "@abtnode/docker-utils": "1.17.13-beta-20260512-042419-7b556a38",
+    "@abtnode/logger": "1.17.13-beta-20260512-042419-7b556a38",
+    "@abtnode/models": "1.17.13-beta-20260512-042419-7b556a38",
+    "@abtnode/queue": "1.17.13-beta-20260512-042419-7b556a38",
+    "@abtnode/rbac": "1.17.13-beta-20260512-042419-7b556a38",
+    "@abtnode/router-provider": "1.17.13-beta-20260512-042419-7b556a38",
+    "@abtnode/util": "1.17.13-beta-20260512-042419-7b556a38",
     "@arcblock/did": "1.29.27",
     "@arcblock/did-connect-js": "1.29.27",
     "@arcblock/did-ext": "1.29.27",
@@ -40,15 +53,15 @@
     "@arcblock/pm2-events": "^0.0.5",
     "@arcblock/validator": "1.29.27",
     "@arcblock/vc": "1.29.27",
-    "@blocklet/constant": "1.17.12",
+    "@blocklet/constant": "1.17.13-beta-20260512-042419-7b556a38",
     "@blocklet/did-space-js": "1.2.23",
-    "@blocklet/env": "1.17.12",
+    "@blocklet/env": "1.17.13-beta-20260512-042419-7b556a38",
     "@blocklet/error": "^0.3.5",
-    "@blocklet/meta": "1.17.12",
-    "@blocklet/resolver": "1.17.12",
-    "@blocklet/sdk": "1.17.12",
-    "@blocklet/server-js": "1.17.12",
-    "@blocklet/store": "1.17.12",
+    "@blocklet/meta": "1.17.13-beta-20260512-042419-7b556a38",
+    "@blocklet/resolver": "1.17.13-beta-20260512-042419-7b556a38",
+    "@blocklet/sdk": "1.17.13-beta-20260512-042419-7b556a38",
+    "@blocklet/server-js": "1.17.13-beta-20260512-042419-7b556a38",
+    "@blocklet/store": "1.17.13-beta-20260512-042419-7b556a38",
     "@blocklet/theme": "^3.5.2",
     "@fidm/x509": "^1.2.1",
     "@ocap/mcrypto": "1.29.27",
@@ -86,7 +99,6 @@
     "p-map": "^4.0.0",
     "p-retry": "^4.6.2",
     "p-wait-for": "^3.2.0",
-    "private-ip": "^2.3.4",
     "rate-limiter-flexible": "^5.0.5",
     "read-last-lines": "^1.8.0",
     "semver": "^7.6.3",
@@ -98,7 +110,7 @@
     "stream-to-promise": "^3.0.0",
     "systeminformation": "^5.23.3",
     "tail": "^2.2.4",
-    "tar": "^6.1.11",
+    "tar": "^7.5.13",
     "transliteration": "2.3.5",
     "ua-parser-js": "^1.0.2",
     "ufo": "^1.5.3",
@@ -113,5 +125,5 @@
     "express": "^4.18.2",
     "unzipper": "^0.10.11"
   },
-  "gitHead": "a851c46d35a66372b7aa8fb5d7eed7d26980da8a"
+  "gitHead": "2d9bc75c45b999ed599bb396e93cf5f2d53c4d52"
 }