@bitsocial/bitsocial-cli 0.19.64 → 0.19.66

package/dist/common-utils/daemon-state.js

@@ -1,12 +1,60 @@
 import defaults from "./defaults.js";
 import path from "path";
 import fs from "fs/promises";
+import { execFile } from "child_process";
+import { promisify } from "util";
+const execFileAsync = promisify(execFile);
 const DAEMON_STATES_DIR = path.join(defaults.PKC_DATA_PATH, ".daemon_states");
 function stateFilePath(pid) {
     return path.join(DAEMON_STATES_DIR, `${pid}-daemon.state`);
 }
+/**
+ * OS-reported start time of a process, used as an identity token: if a state file's PID
+ * was reused by an unrelated process, its start time won't match the recorded one.
+ * Linux: starttime (field 22) of /proc/<pid>/stat, in clock ticks since boot.
+ * Other unix: `ps -o lstart=` output. Returns undefined when it can't be determined.
+ */
+async function getProcessStartTime(pid) {
+    try {
+        const stat = await fs.readFile(`/proc/${pid}/stat`, "utf-8");
+        // comm (field 2) may contain spaces/parens — real fields resume after the last ')'
+        const fields = stat.slice(stat.lastIndexOf(")") + 2).split(" ");
+        return fields[19]; // field 22 (starttime), offset by the 3 fields before the split
+    }
+    catch {
+        try {
+            const { stdout } = await execFileAsync("ps", ["-p", String(pid), "-o", "lstart="]);
+            return stdout.trim() || undefined;
+        }
+        catch {
+            return undefined;
+        }
+    }
+}
+/** Full command line of a process, or undefined when it can't be determined. */
+async function getProcessCommandLine(pid) {
+    try {
+        // An empty /proc cmdline is meaningful (kernel thread — not a daemon), so keep it
+        const raw = await fs.readFile(`/proc/${pid}/cmdline`, "utf-8");
+        return raw.split("\0").join(" ").trim();
+    }
+    catch {
+        try {
+            const { stdout } = await execFileAsync("ps", ["-p", String(pid), "-o", "args="]);
+            return stdout.trim() || undefined;
+        }
+        catch {
+            return undefined;
+        }
+    }
+}
 /** Write a daemon state file atomically (write to .tmp then rename). */
 export async function writeDaemonState(state) {
+    if (state.procStartTime === undefined) {
+        const procStartTime = await getProcessStartTime(state.pid);
+        if (procStartTime !== undefined)
+            state = { ...state, procStartTime };
+    }
     await fs.mkdir(DAEMON_STATES_DIR, { recursive: true });
     const dest = stateFilePath(state.pid);
     const tmp = dest + ".tmp";
@@ -60,21 +108,37 @@ function isPidAlive(pid) {
         return false; // ESRCH — no such process
     }
 }
-/** Delete state files for dead PIDs from disk. */
-export async function pruneStaleStates() {
-    const states = await readAllDaemonStates();
-    for (const state of states) {
-        if (!isPidAlive(state.pid)) {
-            await deleteDaemonState(state.pid);
-        }
+/**
+ * Check whether the daemon that wrote `state` is still the process running under its PID.
+ * A bare liveness check is not enough: a stale state file's PID may have been reused by an
+ * unrelated process (e.g. a state file written inside a Docker container whose PID maps to
+ * a kernel thread on the host — issue #66).
+ */
+async function isDaemonStateAlive(state) {
+    if (!isPidAlive(state.pid))
+        return false;
+    if (state.procStartTime !== undefined) {
+        const current = await getProcessStartTime(state.pid);
+        if (current !== undefined)
+            return current === state.procStartTime; // mismatch — PID was reused
+        return true; // identity undeterminable — fall back to liveness only
     }
+    // Legacy state file without procStartTime — heuristic: the command line must reference bitsocial
+    const cmdline = await getProcessCommandLine(state.pid);
+    if (cmdline === undefined)
+        return true; // identity undeterminable — fall back to liveness only
+    return cmdline.includes("bitsocial");
+}
+/** Delete state files for dead or reused PIDs from disk. */
+export async function pruneStaleStates() {
+    await getAliveDaemonStates();
 }
-/** Read all states, delete stale files (dead PIDs) from disk, return only alive ones. */
+/** Read all states, delete stale files (dead or reused PIDs) from disk, return only alive ones. */
 export async function getAliveDaemonStates() {
     const states = await readAllDaemonStates();
     const alive = [];
     for (const state of states) {
-        if (isPidAlive(state.pid)) {
+        if (await isDaemonStateAlive(state)) {
             alive.push(state);
         }
         else {

package/dist/ipfs/startIpfs.js

@@ -185,53 +185,53 @@ async function ensureIpfsPortsAreAvailable(log, configPath, apiUrl, gatewayUrl)
     }
 }
 export async function startKuboNode(apiUrl, gatewayUrl, dataPath, onSpawn) {
-    return new Promise(async (resolve, reject) => {
-        const log = PKCLogger("bitsocial-cli:ipfs:startKuboNode");
-        const ipfsDataPath = process.env["IPFS_PATH"] || path.join(dataPath, ".bitsocial-cli.ipfs");
-        await fs.promises.mkdir(ipfsDataPath, { recursive: true });
-        const ipfsConfigPath = path.join(ipfsDataPath, "config");
-        const kuboExePath = await getKuboExePath();
-        const kuboVersion = await getKuboVersion();
-        log(`Using Kubo version: ${kuboVersion}`);
-        log(`IpfsDataPath (${ipfsDataPath}), kuboExePath (${kuboExePath})`, "kubo ipfs config file", path.join(ipfsDataPath, "config"));
-        log("If you would like to change kubo config, please edit the config file at", path.join(ipfsDataPath, "config"));
-        const env = { IPFS_PATH: ipfsDataPath, DEBUG_COLORS: "1" };
-        let configJustInitialized = false;
-        try {
-            await _spawnAsync(log, kuboExePath, ["init"], { env, hideWindows: true });
-            configJustInitialized = true;
-        }
-        catch (e) {
-            const error = e;
-            if (!error?.message?.includes("ipfs configuration file already exists!"))
-                throw new Error("Failed to call ipfs init" + error);
-        }
-        if (configJustInitialized) {
-            await _spawnAsync(log, kuboExePath, ["config", "profile", "apply", `server`], {
-                env,
-                hideWindows: true
-            });
-            log("Called 'ipfs config profile apply server' successfully");
-            await mergeCliDefaultsIntoIpfsConfig(log, ipfsConfigPath, apiUrl, gatewayUrl);
-        }
-        else {
-            log("IPFS config already exists; skipping config overrides to preserve user changes.");
-        }
-        try {
-            await _spawnAsync(log, kuboExePath, ["repo", "migrate"], { env, hideWindows: true });
-            log("Ensured IPFS repository is migrated to the latest supported version.");
-        }
-        catch (migrationError) {
-            log.error("Failed to run IPFS repo migrations automatically", migrationError);
-            throw migrationError;
-        }
-        try {
-            await ensureIpfsPortsAreAvailable(log, ipfsConfigPath, apiUrl, gatewayUrl);
-        }
-        catch (error) {
-            reject(error instanceof Error ? error : new Error(String(error)));
-            return;
-        }
+    // Preparation phase runs as plain awaits so any failure rejects the returned promise.
+    // It must NOT live inside the new Promise() executor below: an async executor swallows
+    // throws as unhandledRejections and the promise never settles, which wedges the daemon's
+    // pendingKuboStart tracking and hangs its shutdown (issue #70).
+    const log = PKCLogger("bitsocial-cli:ipfs:startKuboNode");
+    const ipfsDataPath = process.env["IPFS_PATH"] || path.join(dataPath, ".bitsocial-cli.ipfs");
+    await fs.promises.mkdir(ipfsDataPath, { recursive: true });
+    const ipfsConfigPath = path.join(ipfsDataPath, "config");
+    const kuboExePath = await getKuboExePath();
+    const kuboVersion = await getKuboVersion();
+    log(`Using Kubo version: ${kuboVersion}`);
+    log(`IpfsDataPath (${ipfsDataPath}), kuboExePath (${kuboExePath})`, "kubo ipfs config file", path.join(ipfsDataPath, "config"));
+    log("If you would like to change kubo config, please edit the config file at", path.join(ipfsDataPath, "config"));
+    const env = { IPFS_PATH: ipfsDataPath, DEBUG_COLORS: "1" };
+    let configJustInitialized = false;
+    try {
+        await _spawnAsync(log, kuboExePath, ["init"], { env, hideWindows: true });
+        configJustInitialized = true;
+    }
+    catch (e) {
+        const error = e;
+        if (!error?.message?.includes("ipfs configuration file already exists!"))
+            throw new Error("Failed to call ipfs init" + error);
+    }
+    if (configJustInitialized) {
+        await _spawnAsync(log, kuboExePath, ["config", "profile", "apply", `server`], {
+            env,
+            hideWindows: true
+        });
+        log("Called 'ipfs config profile apply server' successfully");
+        await mergeCliDefaultsIntoIpfsConfig(log, ipfsConfigPath, apiUrl, gatewayUrl);
+    }
+    else {
+        log("IPFS config already exists; skipping config overrides to preserve user changes.");
+    }
+    try {
+        await _spawnAsync(log, kuboExePath, ["repo", "migrate"], { env, hideWindows: true });
+        log("Ensured IPFS repository is migrated to the latest supported version.");
+    }
+    catch (migrationError) {
+        log.error("Failed to run IPFS repo migrations automatically", migrationError);
+        throw migrationError;
+    }
+    await ensureIpfsPortsAreAvailable(log, ipfsConfigPath, apiUrl, gatewayUrl);
+    // Spawn phase: the promise only wraps the event-driven wait for kubo's "Daemon is ready",
+    // so every settle path goes through resolve/reject.
+    return new Promise((resolve, reject) => {
         const daemonArgs = ["--enable-namesys-pubsub", "--migrate"];
         const kuboProcess = spawn(kuboExePath, ["daemon", ...daemonArgs], {
             env,

package/dist/webui/daemon-server.d.ts

@@ -1,4 +1,6 @@
-export declare function startDaemonServer(rpcUrl: URL, ipfsGatewayUrl: URL, pkcOptions: any): Promise<{
+export declare function startDaemonServer(rpcUrl: URL, ipfsGatewayUrl: URL, pkcOptions: any, rpcServerOptions?: {
+    allowPrivateKeyExport?: boolean;
+}): Promise<{
     rpcAuthKey: string;
     listedSub: string[];
     webuis: {

package/dist/webui/daemon-server.js

@@ -6,7 +6,7 @@ import fs from "fs/promises";
 import { PKCLogger } from "../util.js";
 import { randomBytes } from "crypto";
 import express from "express";
-import { loadChallengesIntoPKC } from "../challenge-packages/challenge-utils.js";
+import { loadChallengesIntoPKC, formatChallengeNameVersion } from "../challenge-packages/challenge-utils.js";
 const rootHashRedirectScriptPattern = /<script\b[^>]*>(?:(?!<\/script>)[\s\S])*?window\.location\.replace\(["']\/#["']\s*\+\s*window\.location\.pathname\s*\+\s*window\.location\.search\);(?:(?!<\/script>)[\s\S])*?<\/script>/;
 async function _generateModifiedIndexHtmlWithRpcSettings(webuiPath, webuiName, ipfsGatewayPort) {
     const indexHtmlString = (await fs.readFile(path.join(webuiPath, "index_backup_no_rpc.html")))
@@ -39,10 +39,23 @@ async function _generateRpcAuthKeyIfNotExisting(pkcDataPath) {
     return pkcRpcAuthKey;
 }
 // The daemon server will host both RPC and webui on the same port
-export async function startDaemonServer(rpcUrl, ipfsGatewayUrl, pkcOptions) {
+export async function startDaemonServer(rpcUrl, ipfsGatewayUrl, pkcOptions, rpcServerOptions) {
     // Start pkc-js RPC
     const log = PKCLogger("bitsocial-cli:daemon:startDaemonServer");
     const webuiExpressApp = express();
+    // GET /exports/<exportId> is streamed by pkc-js's own request listener, attached to this same
+    // http.Server inside PKCWsServer. Express must stay silent for those paths — its catch-all 404
+    // races the async pkc-js handler and clobbers the download (the CLI's `community export` would
+    // see HTTP 404). Other /exports/ paths fall through to express's 404 because pkc-js ignores
+    // them on a caller-supplied server and the request would otherwise hang unanswered.
+    // NOT mounted at "/exports": a mounted middleware strips the mount prefix from the shared
+    // req.url while the request is held, so pkc-js's listener would no longer recognize it.
+    webuiExpressApp.use((req, res, next) => {
+        const isExportDownload = /^\/exports\/[0-9a-fA-F-]{36}$/.test(req.path);
+        if (!isExportDownload)
+            return next();
+        // intentionally neither responds nor calls next(): pkc-js's listener owns this request
+    });
     // Wait for bind to actually complete before returning. Calling express.listen() without
     // awaiting 'listening' lets startup proceed before the port is accepting connections,
     // and without an 'error' handler a bind failure becomes an uncaughtException that kills
@@ -68,7 +81,8 @@ export async function startDaemonServer(rpcUrl, ipfsGatewayUrl, pkcOptions) {
     const rpcServer = await PKCRpc.default.PKCWsServer({
         server: httpServer,
         pkcOptions: pkcOptions,
-        authKey: rpcAuthKey
+        authKey: rpcAuthKey,
+        allowPrivateKeyExport: rpcServerOptions?.allowPrivateKeyExport
     });
     const webuisDir = path.join(__dirname, "..", "..", "dist", "webuis");
     const webUiNames = (await fs.readdir(webuisDir, { withFileTypes: true })).filter((file) => file.isDirectory()).map((file) => file.name);
@@ -110,7 +124,7 @@ export async function startDaemonServer(rpcUrl, ipfsGatewayUrl, pkcOptions) {
     // Challenge reload endpoints
     const handleChallengeReload = async (_req, res) => {
         try {
-            const loadedNames = await loadChallengesIntoPKC(pkcOptions.dataPath);
+            const loadedChallenges = await loadChallengesIntoPKC(pkcOptions.dataPath);
             // Notify all connected RPC clients about the updated challenges
             const onSettingsChange = rpcServer._onSettingsChange;
             if (onSettingsChange) {
@@ -125,7 +139,7 @@ export async function startDaemonServer(rpcUrl, ipfsGatewayUrl, pkcOptions) {
                     }
                 }
             }
-            res.json({ ok: true, challenges: loadedNames });
+            res.json({ ok: true, challenges: loadedChallenges.map(formatChallengeNameVersion) });
         }
         catch (err) {
             log.error("Failed to reload challenges", err);

package/oclif.manifest.json

@@ -9,7 +9,8 @@
         "bitsocial daemon --pkcRpcUrl ws://localhost:53812",
         "bitsocial daemon --pkcOptions.dataPath /tmp/bitsocial-datapath/",
         "bitsocial daemon --pkcOptions.kuboRpcClientsOptions[0] https://remoteipfsnode.com",
-        "bitsocial daemon --chainProviderUrls https://mainnet.infura.io/v3/YOUR_KEY"
+        "bitsocial daemon --chainProviderUrls https://mainnet.infura.io/v3/YOUR_KEY",
+        "bitsocial daemon --no-allowPrivateKeyExport"
       ],
       "flags": {
         "pkcRpcUrl": {
@@ -44,6 +45,12 @@
           "hasDynamicHelp": false,
           "multiple": true,
           "type": "option"
+        },
+        "allowPrivateKeyExport": {
+          "description": "Allow RPC clients to request community exports that include the community signer's private key (`bitsocial community export --includePrivateKey`). Disable with --no-allowPrivateKeyExport when exposing the RPC to untrusted clients",
+          "name": "allowPrivateKeyExport",
+          "allowNo": true,
+          "type": "boolean"
         }
       },
       "hasDynamicHelp": false,
@@ -154,7 +161,10 @@
       ]
     },
     "challenge:install": {
-      "aliases": [],
+      "aliases": [
+        "challenge:i",
+        "challenge:add"
+      ],
       "args": {
         "package": {
           "description": "Package specifier — anything npm can install (name, name@version, git URL, tarball URL, local path)",
@@ -198,7 +208,9 @@
       ]
     },
     "challenge:list": {
-      "aliases": [],
+      "aliases": [
+        "challenge:ls"
+      ],
       "args": {},
       "description": "List installed challenge packages",
       "examples": [
@@ -240,7 +252,11 @@
       ]
     },
     "challenge:remove": {
-      "aliases": [],
+      "aliases": [
+        "challenge:uninstall",
+        "challenge:rm",
+        "challenge:un"
+      ],
       "args": {
         "name": {
           "description": "The challenge package name (e.g., my-challenge or @scope/my-challenge)",
@@ -459,6 +475,91 @@
         "edit.js"
       ]
     },
+    "community:export": {
+      "aliases": [],
+      "args": {
+        "address": {
+          "description": "Address of the community to export",
+          "name": "address",
+          "required": false
+        }
+      },
+      "description": "Export a local community to a SQLite snapshot file. The export runs on the RPC server (daemon); once finished the snapshot is downloaded and its sha256 checksum is verified. Pass --includePrivateKey to produce a restorable backup that keeps the community's address.",
+      "examples": [
+        "bitsocial community export plebmusic.bso",
+        "bitsocial community export plebmusic.bso --includePrivateKey -o ./backups/plebmusic.sqlite",
+        "bitsocial community export --name my-community",
+        "bitsocial community export --publicKey 12D3KooWG3XbzoVyAE6Y9vHZKF64Yuuu4TjdgQKedk14iYmTEPWu"
+      ],
+      "flags": {
+        "pkcRpcUrl": {
+          "name": "pkcRpcUrl",
+          "required": true,
+          "summary": "URL to PKC RPC",
+          "default": "ws://localhost:9138/",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "name": {
+          "description": "Name of the community to export",
+          "name": "name",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "publicKey": {
+          "description": "Public key of the community to export",
+          "name": "publicKey",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "path": {
+          "char": "o",
+          "description": "Destination file for the downloaded snapshot (default: <dataPath>/exports/<address>_<datetime>.sqlite)",
+          "name": "path",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "includePrivateKey": {
+          "description": "Ask the RPC server to include the community signer's private key in the export. Required for a restorable backup that keeps the same community address. The daemon may refuse (see `bitsocial daemon --no-allowPrivateKeyExport`)",
+          "name": "includePrivateKey",
+          "allowNo": false,
+          "type": "boolean"
+        },
+        "force": {
+          "description": "Overwrite the destination file if it already exists",
+          "name": "force",
+          "allowNo": false,
+          "type": "boolean"
+        },
+        "quiet": {
+          "char": "q",
+          "description": "Suppress progress output; only print the path of the downloaded snapshot",
+          "name": "quiet",
+          "allowNo": false,
+          "type": "boolean"
+        }
+      },
+      "hasDynamicHelp": false,
+      "hiddenAliases": [],
+      "id": "community:export",
+      "pluginAlias": "@bitsocial/bitsocial-cli",
+      "pluginName": "@bitsocial/bitsocial-cli",
+      "pluginType": "core",
+      "strict": true,
+      "enableJsonFlag": false,
+      "isESM": true,
+      "relativePath": [
+        "dist",
+        "cli",
+        "commands",
+        "community",
+        "export.js"
+      ]
+    },
     "community:get": {
       "aliases": [],
       "args": {
@@ -770,5 +871,5 @@
       ]
     }
   },
-  "version": "0.19.64"
+  "version": "0.19.66"
 }

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@bitsocial/bitsocial-cli",
-    "version": "0.19.64",
+    "version": "0.19.66",
     "description": "Command line interface to Bitsocial API",
     "types": "./dist/index.d.ts",
     "homepage": "https://github.com/bitsocialnet/bitsocial-cli",
@@ -119,7 +119,7 @@
         "@oclif/plugin-help": "6.2.36",
         "@oclif/plugin-not-found": "3.2.73",
         "@oclif/table": "0.5.1",
-        "@pkcprotocol/pkc-js": "0.0.40",
+        "@pkcprotocol/pkc-js": "0.0.41",
         "dataobject-parser": "1.2.22",
         "decompress": "4.2.1",
         "env-paths": "2.2.1",