@blaxel/core 0.2.54 → 0.2.55-preview.17

package/dist/esm/common/browser.js

@@ -2,6 +2,7 @@
 // Browser-compatible exports for Node.js modules
 // In browser environments, Node.js built-in modules are not available
 // All Node.js modules are null in browser
+export const crypto = null;
 export const fs = null;
 export const os = null;
 export const path = null;

package/dist/esm/common/node.js

@@ -3,6 +3,7 @@
 import * as fsImport from "fs";
 import * as osImport from "os";
 import * as pathImport from "path";
+import * as cryptoImport from "crypto";
 // Detect environments
 const isNode = typeof process !== "undefined" &&
     process.versions != null &&
@@ -12,6 +13,7 @@ const isBrowser = typeof globalThis !== "undefined" && globalThis?.window !== un
 let fs = null;
 let os = null;
 let path = null;
+let crypto = null;
 let dotenv = null;
 let ws = null; // Used internally by getWebSocket() for caching
 if (isNode && !isBrowser) {
@@ -19,6 +21,7 @@ if (isNode && !isBrowser) {
     fs = fsImport;
     os = osImport;
     path = pathImport;
+    crypto = cryptoImport;
     // Try to load optional dependencies
     try {
         dotenv = eval("require")("dotenv");
@@ -64,4 +67,4 @@ export async function getWebSocket() {
         throw new Error(`WebSocket library 'ws' not available: ${error?.message || error}`);
     }
 }
-export { dotenv, fs, os, path };
+export { crypto, dotenv, fs, os, path };

package/dist/esm/common/sentry-browser.js

@@ -0,0 +1,22 @@
+/* eslint-disable */
+// Browser/Edge-compatible exports for Sentry
+// In browser/edge environments, @sentry/node is not available
+// All functions are no-ops
+/**
+ * Initialize Sentry - no-op in browser/edge environments.
+ */
+export function initSentry() {
+    // No-op in browser/edge environments
+}
+/**
+ * Flush pending Sentry events - no-op in browser/edge environments.
+ */
+export async function flushSentry(_timeout = 2000) {
+    // No-op in browser/edge environments
+}
+/**
+ * Check if Sentry is initialized - always returns false in browser/edge environments.
+ */
+export function isSentryInitialized() {
+    return false;
+}

package/dist/esm/common/settings.js

@@ -3,8 +3,8 @@ import { authentication } from "../authentication/index.js";
 import { env } from "../common/env.js";
 import { fs, os, path } from "../common/node.js";
 // Build info - these placeholders are replaced at build time by build:replace-imports
-const BUILD_VERSION = "0.2.54";
-const BUILD_COMMIT = "36d148e9b7f9dd2134c772d954c8297b3c958ec3";
+const BUILD_VERSION = "0.2.55-preview.17";
+const BUILD_COMMIT = "1efcf3565af2e54805e7526888bebaf2347c5886";
 const BUILD_SENTRY_DSN = "https://fd5e60e1c9820e1eef5ccebb84a07127@o4508714045276160.ingest.us.sentry.io/4510465864564736";
 // Cache for config.yaml tracking value
 let configTrackingValue = null;
@@ -163,8 +163,9 @@ class Settings {
     }
     get tracking() {
         // Environment variable has highest priority
-        if (env.BL_TRACKING !== undefined) {
-            return env.BL_TRACKING === "true";
+        if (env.DO_NOT_TRACK !== undefined) {
+            // DO_NOT_TRACK has inverted semantics: true means tracking disabled
+            return env.DO_NOT_TRACK !== "true" && env.DO_NOT_TRACK !== "1";
         }
         // Then check config.yaml
         const configValue = getConfigTracking();

package/dist/esm/common/webhook.js

@@ -1,4 +1,4 @@
-import { createHmac, timingSafeEqual } from 'crypto';
+import { crypto } from './node.js';
 /**
  * Verify the HMAC-SHA256 signature of a webhook callback from async-sidecar
  *
@@ -31,6 +31,10 @@ export function verifyWebhookSignature(options) {
     if (!body || !signature || !secret) {
         return false;
     }
+    // crypto is only available in Node.js environments
+    if (!crypto) {
+        throw new Error('verifyWebhookSignature is only available in Node.js environments');
+    }
     try {
         // Verify timestamp if provided (prevents replay attacks)
         if (timestamp) {
@@ -44,11 +48,11 @@ export function verifyWebhookSignature(options) {
         // Extract hex signature from "sha256=<hex>" format
         const expectedSignature = signature.replace('sha256=', '');
         // Compute HMAC-SHA256 signature
-        const hmac = createHmac('sha256', secret);
+        const hmac = crypto.createHmac('sha256', secret);
         hmac.update(body);
         const computedSignature = hmac.digest('hex');
         // Timing-safe comparison to prevent timing attacks
-        return timingSafeEqual(Buffer.from(expectedSignature, 'hex'), Buffer.from(computedSignature, 'hex'));
+        return crypto.timingSafeEqual(Buffer.from(expectedSignature, 'hex'), Buffer.from(computedSignature, 'hex'));
     }
     catch {
         // Invalid signature format or other error