@avaprotocol/sdk-js 3.1.0 → 3.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +16 -0
- package/dist/index.js +17 -2
- package/dist/index.mjs +20 -3
- package/dist/v4/auth.d.ts.map +1 -1
- package/dist/v4/auth.js +10 -2
- package/dist/v4/index.d.ts +1 -1
- package/dist/v4/index.d.ts.map +1 -1
- package/dist/v4/index.js +1 -1
- package/dist/v4/protocols/index.d.ts +1 -1
- package/dist/v4/protocols/index.d.ts.map +1 -1
- package/dist/v4/protocols/index.js +1 -1
- package/package.json +2 -2
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,21 @@
|
|
|
1
1
|
# @avaprotocol/sdk-js
|
|
2
2
|
|
|
3
|
+
## 3.2.1
|
|
4
|
+
|
|
5
|
+
### Patch Changes
|
|
6
|
+
|
|
7
|
+
- 3ce791f: `buildAuthMessage` now rejects URIs without an explicit `http:` or `https:` scheme.
|
|
8
|
+
|
|
9
|
+
The WHATWG URL parser accepts strings like `localhost:3000` as valid URLs with scheme `localhost`, so the previous validation (`new URL(uri)` inside a try/catch) let bare authority strings through. A signature scoped to a phantom `localhost:` scheme can't be trusted by anything verifying against the real origin — callers passing such values were getting incorrect behavior.
|
|
10
|
+
|
|
11
|
+
Existing callers using `http://localhost:3000`, `https://app.example.com`, etc. are unaffected.
|
|
12
|
+
|
|
13
|
+
## 3.2.0
|
|
14
|
+
|
|
15
|
+
### Minor Changes
|
|
16
|
+
|
|
17
|
+
- 8ea2a5b: Extend the catalog re-export surface and bump `@avaprotocol/protocols` to `^0.6.0`.
|
|
18
|
+
|
|
3
19
|
## 3.1.0
|
|
4
20
|
|
|
5
21
|
### Minor Changes
|
package/dist/index.js
CHANGED
|
@@ -34,12 +34,14 @@ __export(index_exports, {
|
|
|
34
34
|
OperatorsResource: () => OperatorsResource,
|
|
35
35
|
Protocols: () => import_protocols2.Protocols,
|
|
36
36
|
SecretsResource: () => SecretsResource,
|
|
37
|
+
Tokens: () => import_protocols2.Tokens,
|
|
37
38
|
TokensResource: () => TokensResource,
|
|
38
39
|
Triggers: () => Triggers,
|
|
39
40
|
TriggersResource: () => TriggersResource,
|
|
40
41
|
WalletsResource: () => WalletsResource,
|
|
41
42
|
WorkflowsResource: () => WorkflowsResource,
|
|
42
43
|
buildAuthMessage: () => buildAuthMessage,
|
|
44
|
+
lookupToken: () => import_protocols2.lookupToken,
|
|
43
45
|
signAuthMessage: () => signAuthMessage
|
|
44
46
|
});
|
|
45
47
|
module.exports = __toCommonJS(index_exports);
|
|
@@ -208,11 +210,22 @@ function buildAuthMessage(input) {
|
|
|
208
210
|
"buildAuthMessage: uri must be a non-empty string (the origin the user is signing into, e.g. window.location.origin)."
|
|
209
211
|
);
|
|
210
212
|
}
|
|
213
|
+
let parsed;
|
|
211
214
|
try {
|
|
212
|
-
new URL(trimmedUri);
|
|
215
|
+
parsed = new URL(trimmedUri);
|
|
213
216
|
} catch {
|
|
214
217
|
throw new Error(
|
|
215
|
-
|
|
218
|
+
`buildAuthMessage: uri must be a valid URL (got ${JSON.stringify(trimmedUri)}); use the http(s) origin the user is signing into.`
|
|
219
|
+
);
|
|
220
|
+
}
|
|
221
|
+
if (parsed.protocol !== "http:" && parsed.protocol !== "https:") {
|
|
222
|
+
throw new Error(
|
|
223
|
+
`buildAuthMessage: uri scheme must be http or https (got ${parsed.protocol}); use the origin the user is signing into.`
|
|
224
|
+
);
|
|
225
|
+
}
|
|
226
|
+
if (!parsed.hostname) {
|
|
227
|
+
throw new Error(
|
|
228
|
+
`buildAuthMessage: uri must include a host (got ${JSON.stringify(trimmedUri)}); use the origin the user is signing into.`
|
|
216
229
|
);
|
|
217
230
|
}
|
|
218
231
|
if (!Number.isInteger(input.chainId) || input.chainId <= 0) {
|
|
@@ -1007,11 +1020,13 @@ var import_protocols2 = require("@avaprotocol/protocols");
|
|
|
1007
1020
|
OperatorsResource,
|
|
1008
1021
|
Protocols,
|
|
1009
1022
|
SecretsResource,
|
|
1023
|
+
Tokens,
|
|
1010
1024
|
TokensResource,
|
|
1011
1025
|
Triggers,
|
|
1012
1026
|
TriggersResource,
|
|
1013
1027
|
WalletsResource,
|
|
1014
1028
|
WorkflowsResource,
|
|
1015
1029
|
buildAuthMessage,
|
|
1030
|
+
lookupToken,
|
|
1016
1031
|
signAuthMessage
|
|
1017
1032
|
});
|
package/dist/index.mjs
CHANGED
|
@@ -162,11 +162,22 @@ function buildAuthMessage(input) {
|
|
|
162
162
|
"buildAuthMessage: uri must be a non-empty string (the origin the user is signing into, e.g. window.location.origin)."
|
|
163
163
|
);
|
|
164
164
|
}
|
|
165
|
+
let parsed;
|
|
165
166
|
try {
|
|
166
|
-
new URL(trimmedUri);
|
|
167
|
+
parsed = new URL(trimmedUri);
|
|
167
168
|
} catch {
|
|
168
169
|
throw new Error(
|
|
169
|
-
|
|
170
|
+
`buildAuthMessage: uri must be a valid URL (got ${JSON.stringify(trimmedUri)}); use the http(s) origin the user is signing into.`
|
|
171
|
+
);
|
|
172
|
+
}
|
|
173
|
+
if (parsed.protocol !== "http:" && parsed.protocol !== "https:") {
|
|
174
|
+
throw new Error(
|
|
175
|
+
`buildAuthMessage: uri scheme must be http or https (got ${parsed.protocol}); use the origin the user is signing into.`
|
|
176
|
+
);
|
|
177
|
+
}
|
|
178
|
+
if (!parsed.hostname) {
|
|
179
|
+
throw new Error(
|
|
180
|
+
`buildAuthMessage: uri must include a host (got ${JSON.stringify(trimmedUri)}); use the origin the user is signing into.`
|
|
170
181
|
);
|
|
171
182
|
}
|
|
172
183
|
if (!Number.isInteger(input.chainId) || input.chainId <= 0) {
|
|
@@ -944,7 +955,11 @@ var Nodes = Object.freeze({
|
|
|
944
955
|
});
|
|
945
956
|
|
|
946
957
|
// src/v4/protocols/index.ts
|
|
947
|
-
import {
|
|
958
|
+
import {
|
|
959
|
+
Protocols,
|
|
960
|
+
Tokens,
|
|
961
|
+
lookupToken
|
|
962
|
+
} from "@avaprotocol/protocols";
|
|
948
963
|
export {
|
|
949
964
|
APIError,
|
|
950
965
|
AUTH_TEMPLATE,
|
|
@@ -960,11 +975,13 @@ export {
|
|
|
960
975
|
OperatorsResource,
|
|
961
976
|
Protocols,
|
|
962
977
|
SecretsResource,
|
|
978
|
+
Tokens,
|
|
963
979
|
TokensResource,
|
|
964
980
|
Triggers,
|
|
965
981
|
TriggersResource,
|
|
966
982
|
WalletsResource,
|
|
967
983
|
WorkflowsResource,
|
|
968
984
|
buildAuthMessage,
|
|
985
|
+
lookupToken,
|
|
969
986
|
signAuthMessage
|
|
970
987
|
};
|
package/dist/v4/auth.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../src/v4/auth.ts"],"names":[],"mappings":"AAEA;;;;;;;GAOG;AACH,eAAO,MAAM,aAAa,kLAOT,CAAC;AAElB,MAAM,WAAW,qBAAqB;IACpC,wEAAwE;IACxE,YAAY,EAAE,MAAM,CAAC;IACrB;;;;;;;;;OASG;IACH,GAAG,EAAE,MAAM,CAAC;IACZ;;;;;;;;;;;;;OAaG;IACH,OAAO,EAAE,MAAM,CAAC;IAChB;;;;;;OAMG;IACH,OAAO,EAAE,MAAM,CAAC;IAChB,oDAAoD;IACpD,QAAQ,CAAC,EAAE,IAAI,CAAC;IAChB,mDAAmD;IACnD,QAAQ,CAAC,EAAE,IAAI,CAAC;CACjB;AAED,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,QAAQ,EAAE,IAAI,CAAC;CACzB;AAED;;;;;;;;;;;;GAYG;AACH,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,qBAAqB,GAAG,gBAAgB,
|
|
1
|
+
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../src/v4/auth.ts"],"names":[],"mappings":"AAEA;;;;;;;GAOG;AACH,eAAO,MAAM,aAAa,kLAOT,CAAC;AAElB,MAAM,WAAW,qBAAqB;IACpC,wEAAwE;IACxE,YAAY,EAAE,MAAM,CAAC;IACrB;;;;;;;;;OASG;IACH,GAAG,EAAE,MAAM,CAAC;IACZ;;;;;;;;;;;;;OAaG;IACH,OAAO,EAAE,MAAM,CAAC;IAChB;;;;;;OAMG;IACH,OAAO,EAAE,MAAM,CAAC;IAChB,oDAAoD;IACpD,QAAQ,CAAC,EAAE,IAAI,CAAC;IAChB,mDAAmD;IACnD,QAAQ,CAAC,EAAE,IAAI,CAAC;CACjB;AAED,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,QAAQ,EAAE,IAAI,CAAC;CACzB;AAED;;;;;;;;;;;;GAYG;AACH,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,qBAAqB,GAAG,gBAAgB,CAsD/E;AAED;;;;;;;;;;;GAWG;AACH,wBAAsB,eAAe,CACnC,UAAU,EAAE,MAAM,EAClB,KAAK,EAAE,IAAI,CAAC,qBAAqB,EAAE,cAAc,CAAC,GAAG;IAAE,YAAY,CAAC,EAAE,MAAM,CAAA;CAAE,GAC7E,OAAO,CAAC;IAAE,OAAO,EAAE,MAAM,CAAC;IAAC,SAAS,EAAE,MAAM,CAAC;IAAC,YAAY,EAAE,MAAM,CAAC;IAAC,QAAQ,EAAE,IAAI,CAAA;CAAE,CAAC,CA4BvF"}
|
package/dist/v4/auth.js
CHANGED
|
@@ -33,11 +33,19 @@ export function buildAuthMessage(input) {
|
|
|
33
33
|
if (!trimmedUri) {
|
|
34
34
|
throw new Error("buildAuthMessage: uri must be a non-empty string (the origin the user is signing into, e.g. window.location.origin).");
|
|
35
35
|
}
|
|
36
|
+
// WHATWG URL treats `localhost:3000` as scheme `localhost:` — require an http(s) origin with a host.
|
|
37
|
+
let parsed;
|
|
36
38
|
try {
|
|
37
|
-
new URL(trimmedUri);
|
|
39
|
+
parsed = new URL(trimmedUri);
|
|
38
40
|
}
|
|
39
41
|
catch {
|
|
40
|
-
throw new Error(
|
|
42
|
+
throw new Error(`buildAuthMessage: uri must be a valid URL (got ${JSON.stringify(trimmedUri)}); use the http(s) origin the user is signing into.`);
|
|
43
|
+
}
|
|
44
|
+
if (parsed.protocol !== "http:" && parsed.protocol !== "https:") {
|
|
45
|
+
throw new Error(`buildAuthMessage: uri scheme must be http or https (got ${parsed.protocol}); use the origin the user is signing into.`);
|
|
46
|
+
}
|
|
47
|
+
if (!parsed.hostname) {
|
|
48
|
+
throw new Error(`buildAuthMessage: uri must include a host (got ${JSON.stringify(trimmedUri)}); use the origin the user is signing into.`);
|
|
41
49
|
}
|
|
42
50
|
if (!Number.isInteger(input.chainId) || input.chainId <= 0) {
|
|
43
51
|
throw new Error("buildAuthMessage: chainId must be a positive integer (the wallet's currently-connected chain).");
|
package/dist/v4/index.d.ts
CHANGED
|
@@ -2,7 +2,7 @@ export { Client, type ClientOptions } from "./client";
|
|
|
2
2
|
export { Chains, type ChainId } from "./chains";
|
|
3
3
|
export { Triggers } from "./builders/triggers";
|
|
4
4
|
export { Nodes } from "./builders/nodes";
|
|
5
|
-
export { Protocols, type AbiFragment, type AddressByChain } from "./protocols";
|
|
5
|
+
export { Protocols, Tokens, lookupToken, type AbiFragment, type AddressByChain, type TokenByChain, type TokenChainEntry, type TokenLinks, } from "./protocols";
|
|
6
6
|
export { buildAuthMessage, signAuthMessage, AUTH_TEMPLATE, type BuildAuthMessageInput, type BuiltAuthMessage, } from "./auth";
|
|
7
7
|
export { APIError, NetworkError, AuthRequiredError } from "./internal/errors";
|
|
8
8
|
export { AuthResource } from "./resources/auth";
|
package/dist/v4/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/v4/index.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,MAAM,EAAE,KAAK,aAAa,EAAE,MAAM,UAAU,CAAC;AACtD,OAAO,EAAE,MAAM,EAAE,KAAK,OAAO,EAAE,MAAM,UAAU,CAAC;AAChD,OAAO,EAAE,QAAQ,EAAE,MAAM,qBAAqB,CAAC;AAC/C,OAAO,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AACzC,OAAO,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/v4/index.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,MAAM,EAAE,KAAK,aAAa,EAAE,MAAM,UAAU,CAAC;AACtD,OAAO,EAAE,MAAM,EAAE,KAAK,OAAO,EAAE,MAAM,UAAU,CAAC;AAChD,OAAO,EAAE,QAAQ,EAAE,MAAM,qBAAqB,CAAC;AAC/C,OAAO,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AACzC,OAAO,EACL,SAAS,EACT,MAAM,EACN,WAAW,EACX,KAAK,WAAW,EAChB,KAAK,cAAc,EACnB,KAAK,YAAY,EACjB,KAAK,eAAe,EACpB,KAAK,UAAU,GAChB,MAAM,aAAa,CAAC;AACrB,OAAO,EACL,gBAAgB,EAChB,eAAe,EACf,aAAa,EACb,KAAK,qBAAqB,EAC1B,KAAK,gBAAgB,GACtB,MAAM,QAAQ,CAAC;AAChB,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAK9E,OAAO,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAChD,OAAO,EAAE,kBAAkB,EAAE,MAAM,wBAAwB,CAAC;AAC5D,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AACpD,OAAO,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAClD,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAC1D,OAAO,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AACtD,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AACpD,OAAO,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAC;AACxD,OAAO,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AACtD,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAI1D,YAAY,EAAE,EAAE,EAAE,MAAM,oBAAoB,CAAC"}
|
package/dist/v4/index.js
CHANGED
|
@@ -6,7 +6,7 @@ export { Client } from "./client";
|
|
|
6
6
|
export { Chains } from "./chains";
|
|
7
7
|
export { Triggers } from "./builders/triggers";
|
|
8
8
|
export { Nodes } from "./builders/nodes";
|
|
9
|
-
export { Protocols } from "./protocols";
|
|
9
|
+
export { Protocols, Tokens, lookupToken, } from "./protocols";
|
|
10
10
|
export { buildAuthMessage, signAuthMessage, AUTH_TEMPLATE, } from "./auth";
|
|
11
11
|
export { APIError, NetworkError, AuthRequiredError } from "./internal/errors";
|
|
12
12
|
// Resource classes are exported in case advanced consumers want to
|
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
export { Protocols, type AbiFragment, type AddressByChain } from "@avaprotocol/protocols";
|
|
1
|
+
export { Protocols, Tokens, lookupToken, type AbiFragment, type AddressByChain, type TokenByChain, type TokenChainEntry, type TokenLinks, } from "@avaprotocol/protocols";
|
|
2
2
|
//# sourceMappingURL=index.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/v4/protocols/index.ts"],"names":[],"mappings":"AAaA,OAAO,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/v4/protocols/index.ts"],"names":[],"mappings":"AAaA,OAAO,EACL,SAAS,EACT,MAAM,EACN,WAAW,EACX,KAAK,WAAW,EAChB,KAAK,cAAc,EACnB,KAAK,YAAY,EACjB,KAAK,eAAe,EACpB,KAAK,UAAU,GAChB,MAAM,wBAAwB,CAAC"}
|
|
@@ -10,4 +10,4 @@
|
|
|
10
10
|
// when a new protocol address lands or a new chain comes online;
|
|
11
11
|
// bumping `@avaprotocol/protocols` minor version + republishing this
|
|
12
12
|
// SDK package picks it up automatically.
|
|
13
|
-
export { Protocols } from "@avaprotocol/protocols";
|
|
13
|
+
export { Protocols, Tokens, lookupToken, } from "@avaprotocol/protocols";
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@avaprotocol/sdk-js",
|
|
3
|
-
"version": "3.1
|
|
3
|
+
"version": "3.2.1",
|
|
4
4
|
"description": "TypeScript SDK for Ava Protocol's AVS REST API. Resource-grouped sub-clients, fetch transport, EIP-191 auth.",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|
|
@@ -32,7 +32,7 @@
|
|
|
32
32
|
"prepare": "node ../../scripts/prepare-package.js"
|
|
33
33
|
},
|
|
34
34
|
"dependencies": {
|
|
35
|
-
"@avaprotocol/protocols": "^0.
|
|
35
|
+
"@avaprotocol/protocols": "^0.6.0",
|
|
36
36
|
"@avaprotocol/types": "^3.0.0",
|
|
37
37
|
"dotenv": "^16.4.5",
|
|
38
38
|
"ethers": "^6.13.2"
|