@clef-sh/cli 0.1.13-beta.92 → 0.1.14-beta.95
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.cjs +1080 -1577
- package/dist/index.cjs.map +4 -4
- package/dist/index.mjs +1072 -1570
- package/dist/index.mjs.map +4 -4
- package/package.json +1 -1
package/dist/index.mjs
CHANGED
|
@@ -41,6 +41,7 @@ var __toESM = (mod3, isNodeMode, target) => (target = mod3 != null ? __create(__
|
|
|
41
41
|
isNodeMode || !mod3 || !mod3.__esModule ? __defProp(target, "default", { value: mod3, enumerable: true }) : target,
|
|
42
42
|
mod3
|
|
43
43
|
));
|
|
44
|
+
var __toCommonJS = (mod3) => __copyProps(__defProp({}, "__esModule", { value: true }), mod3);
|
|
44
45
|
|
|
45
46
|
// ../../node_modules/commander/lib/error.js
|
|
46
47
|
var require_error = __commonJS({
|
|
@@ -975,8 +976,8 @@ var require_command = __commonJS({
|
|
|
975
976
|
"../../node_modules/commander/lib/command.js"(exports) {
|
|
976
977
|
var EventEmitter = __require("node:events").EventEmitter;
|
|
977
978
|
var childProcess = __require("node:child_process");
|
|
978
|
-
var
|
|
979
|
-
var
|
|
979
|
+
var path57 = __require("node:path");
|
|
980
|
+
var fs38 = __require("node:fs");
|
|
980
981
|
var process2 = __require("node:process");
|
|
981
982
|
var { Argument: Argument2, humanReadableArgName } = require_argument();
|
|
982
983
|
var { CommanderError: CommanderError2 } = require_error();
|
|
@@ -1908,11 +1909,11 @@ Expecting one of '${allowedValues.join("', '")}'`);
|
|
|
1908
1909
|
let launchWithNode = false;
|
|
1909
1910
|
const sourceExt = [".js", ".ts", ".tsx", ".mjs", ".cjs"];
|
|
1910
1911
|
function findFile(baseDir, baseName) {
|
|
1911
|
-
const localBin =
|
|
1912
|
-
if (
|
|
1913
|
-
if (sourceExt.includes(
|
|
1912
|
+
const localBin = path57.resolve(baseDir, baseName);
|
|
1913
|
+
if (fs38.existsSync(localBin)) return localBin;
|
|
1914
|
+
if (sourceExt.includes(path57.extname(baseName))) return void 0;
|
|
1914
1915
|
const foundExt = sourceExt.find(
|
|
1915
|
-
(ext) =>
|
|
1916
|
+
(ext) => fs38.existsSync(`${localBin}${ext}`)
|
|
1916
1917
|
);
|
|
1917
1918
|
if (foundExt) return `${localBin}${foundExt}`;
|
|
1918
1919
|
return void 0;
|
|
@@ -1924,21 +1925,21 @@ Expecting one of '${allowedValues.join("', '")}'`);
|
|
|
1924
1925
|
if (this._scriptPath) {
|
|
1925
1926
|
let resolvedScriptPath;
|
|
1926
1927
|
try {
|
|
1927
|
-
resolvedScriptPath =
|
|
1928
|
+
resolvedScriptPath = fs38.realpathSync(this._scriptPath);
|
|
1928
1929
|
} catch (err) {
|
|
1929
1930
|
resolvedScriptPath = this._scriptPath;
|
|
1930
1931
|
}
|
|
1931
|
-
executableDir =
|
|
1932
|
-
|
|
1932
|
+
executableDir = path57.resolve(
|
|
1933
|
+
path57.dirname(resolvedScriptPath),
|
|
1933
1934
|
executableDir
|
|
1934
1935
|
);
|
|
1935
1936
|
}
|
|
1936
1937
|
if (executableDir) {
|
|
1937
1938
|
let localFile = findFile(executableDir, executableFile);
|
|
1938
1939
|
if (!localFile && !subcommand._executableFile && this._scriptPath) {
|
|
1939
|
-
const legacyName =
|
|
1940
|
+
const legacyName = path57.basename(
|
|
1940
1941
|
this._scriptPath,
|
|
1941
|
-
|
|
1942
|
+
path57.extname(this._scriptPath)
|
|
1942
1943
|
);
|
|
1943
1944
|
if (legacyName !== this._name) {
|
|
1944
1945
|
localFile = findFile(
|
|
@@ -1949,7 +1950,7 @@ Expecting one of '${allowedValues.join("', '")}'`);
|
|
|
1949
1950
|
}
|
|
1950
1951
|
executableFile = localFile || executableFile;
|
|
1951
1952
|
}
|
|
1952
|
-
launchWithNode = sourceExt.includes(
|
|
1953
|
+
launchWithNode = sourceExt.includes(path57.extname(executableFile));
|
|
1953
1954
|
let proc;
|
|
1954
1955
|
if (process2.platform !== "win32") {
|
|
1955
1956
|
if (launchWithNode) {
|
|
@@ -2789,7 +2790,7 @@ Expecting one of '${allowedValues.join("', '")}'`);
|
|
|
2789
2790
|
* @return {Command}
|
|
2790
2791
|
*/
|
|
2791
2792
|
nameFromFilename(filename) {
|
|
2792
|
-
this._name =
|
|
2793
|
+
this._name = path57.basename(filename, path57.extname(filename));
|
|
2793
2794
|
return this;
|
|
2794
2795
|
}
|
|
2795
2796
|
/**
|
|
@@ -2803,9 +2804,9 @@ Expecting one of '${allowedValues.join("', '")}'`);
|
|
|
2803
2804
|
* @param {string} [path]
|
|
2804
2805
|
* @return {(string|null|Command)}
|
|
2805
2806
|
*/
|
|
2806
|
-
executableDir(
|
|
2807
|
-
if (
|
|
2808
|
-
this._executableDir =
|
|
2807
|
+
executableDir(path58) {
|
|
2808
|
+
if (path58 === void 0) return this._executableDir;
|
|
2809
|
+
this._executableDir = path58;
|
|
2809
2810
|
return this;
|
|
2810
2811
|
}
|
|
2811
2812
|
/**
|
|
@@ -3112,17 +3113,17 @@ var require_visit = __commonJS({
|
|
|
3112
3113
|
visit.BREAK = BREAK;
|
|
3113
3114
|
visit.SKIP = SKIP;
|
|
3114
3115
|
visit.REMOVE = REMOVE;
|
|
3115
|
-
function visit_(key, node2, visitor,
|
|
3116
|
-
const ctrl = callVisitor(key, node2, visitor,
|
|
3116
|
+
function visit_(key, node2, visitor, path57) {
|
|
3117
|
+
const ctrl = callVisitor(key, node2, visitor, path57);
|
|
3117
3118
|
if (identity.isNode(ctrl) || identity.isPair(ctrl)) {
|
|
3118
|
-
replaceNode(key,
|
|
3119
|
-
return visit_(key, ctrl, visitor,
|
|
3119
|
+
replaceNode(key, path57, ctrl);
|
|
3120
|
+
return visit_(key, ctrl, visitor, path57);
|
|
3120
3121
|
}
|
|
3121
3122
|
if (typeof ctrl !== "symbol") {
|
|
3122
3123
|
if (identity.isCollection(node2)) {
|
|
3123
|
-
|
|
3124
|
+
path57 = Object.freeze(path57.concat(node2));
|
|
3124
3125
|
for (let i = 0; i < node2.items.length; ++i) {
|
|
3125
|
-
const ci = visit_(i, node2.items[i], visitor,
|
|
3126
|
+
const ci = visit_(i, node2.items[i], visitor, path57);
|
|
3126
3127
|
if (typeof ci === "number")
|
|
3127
3128
|
i = ci - 1;
|
|
3128
3129
|
else if (ci === BREAK)
|
|
@@ -3133,13 +3134,13 @@ var require_visit = __commonJS({
|
|
|
3133
3134
|
}
|
|
3134
3135
|
}
|
|
3135
3136
|
} else if (identity.isPair(node2)) {
|
|
3136
|
-
|
|
3137
|
-
const ck = visit_("key", node2.key, visitor,
|
|
3137
|
+
path57 = Object.freeze(path57.concat(node2));
|
|
3138
|
+
const ck = visit_("key", node2.key, visitor, path57);
|
|
3138
3139
|
if (ck === BREAK)
|
|
3139
3140
|
return BREAK;
|
|
3140
3141
|
else if (ck === REMOVE)
|
|
3141
3142
|
node2.key = null;
|
|
3142
|
-
const cv = visit_("value", node2.value, visitor,
|
|
3143
|
+
const cv = visit_("value", node2.value, visitor, path57);
|
|
3143
3144
|
if (cv === BREAK)
|
|
3144
3145
|
return BREAK;
|
|
3145
3146
|
else if (cv === REMOVE)
|
|
@@ -3160,17 +3161,17 @@ var require_visit = __commonJS({
|
|
|
3160
3161
|
visitAsync.BREAK = BREAK;
|
|
3161
3162
|
visitAsync.SKIP = SKIP;
|
|
3162
3163
|
visitAsync.REMOVE = REMOVE;
|
|
3163
|
-
async function visitAsync_(key, node2, visitor,
|
|
3164
|
-
const ctrl = await callVisitor(key, node2, visitor,
|
|
3164
|
+
async function visitAsync_(key, node2, visitor, path57) {
|
|
3165
|
+
const ctrl = await callVisitor(key, node2, visitor, path57);
|
|
3165
3166
|
if (identity.isNode(ctrl) || identity.isPair(ctrl)) {
|
|
3166
|
-
replaceNode(key,
|
|
3167
|
-
return visitAsync_(key, ctrl, visitor,
|
|
3167
|
+
replaceNode(key, path57, ctrl);
|
|
3168
|
+
return visitAsync_(key, ctrl, visitor, path57);
|
|
3168
3169
|
}
|
|
3169
3170
|
if (typeof ctrl !== "symbol") {
|
|
3170
3171
|
if (identity.isCollection(node2)) {
|
|
3171
|
-
|
|
3172
|
+
path57 = Object.freeze(path57.concat(node2));
|
|
3172
3173
|
for (let i = 0; i < node2.items.length; ++i) {
|
|
3173
|
-
const ci = await visitAsync_(i, node2.items[i], visitor,
|
|
3174
|
+
const ci = await visitAsync_(i, node2.items[i], visitor, path57);
|
|
3174
3175
|
if (typeof ci === "number")
|
|
3175
3176
|
i = ci - 1;
|
|
3176
3177
|
else if (ci === BREAK)
|
|
@@ -3181,13 +3182,13 @@ var require_visit = __commonJS({
|
|
|
3181
3182
|
}
|
|
3182
3183
|
}
|
|
3183
3184
|
} else if (identity.isPair(node2)) {
|
|
3184
|
-
|
|
3185
|
-
const ck = await visitAsync_("key", node2.key, visitor,
|
|
3185
|
+
path57 = Object.freeze(path57.concat(node2));
|
|
3186
|
+
const ck = await visitAsync_("key", node2.key, visitor, path57);
|
|
3186
3187
|
if (ck === BREAK)
|
|
3187
3188
|
return BREAK;
|
|
3188
3189
|
else if (ck === REMOVE)
|
|
3189
3190
|
node2.key = null;
|
|
3190
|
-
const cv = await visitAsync_("value", node2.value, visitor,
|
|
3191
|
+
const cv = await visitAsync_("value", node2.value, visitor, path57);
|
|
3191
3192
|
if (cv === BREAK)
|
|
3192
3193
|
return BREAK;
|
|
3193
3194
|
else if (cv === REMOVE)
|
|
@@ -3214,23 +3215,23 @@ var require_visit = __commonJS({
|
|
|
3214
3215
|
}
|
|
3215
3216
|
return visitor;
|
|
3216
3217
|
}
|
|
3217
|
-
function callVisitor(key, node2, visitor,
|
|
3218
|
+
function callVisitor(key, node2, visitor, path57) {
|
|
3218
3219
|
if (typeof visitor === "function")
|
|
3219
|
-
return visitor(key, node2,
|
|
3220
|
+
return visitor(key, node2, path57);
|
|
3220
3221
|
if (identity.isMap(node2))
|
|
3221
|
-
return visitor.Map?.(key, node2,
|
|
3222
|
+
return visitor.Map?.(key, node2, path57);
|
|
3222
3223
|
if (identity.isSeq(node2))
|
|
3223
|
-
return visitor.Seq?.(key, node2,
|
|
3224
|
+
return visitor.Seq?.(key, node2, path57);
|
|
3224
3225
|
if (identity.isPair(node2))
|
|
3225
|
-
return visitor.Pair?.(key, node2,
|
|
3226
|
+
return visitor.Pair?.(key, node2, path57);
|
|
3226
3227
|
if (identity.isScalar(node2))
|
|
3227
|
-
return visitor.Scalar?.(key, node2,
|
|
3228
|
+
return visitor.Scalar?.(key, node2, path57);
|
|
3228
3229
|
if (identity.isAlias(node2))
|
|
3229
|
-
return visitor.Alias?.(key, node2,
|
|
3230
|
+
return visitor.Alias?.(key, node2, path57);
|
|
3230
3231
|
return void 0;
|
|
3231
3232
|
}
|
|
3232
|
-
function replaceNode(key,
|
|
3233
|
-
const parent =
|
|
3233
|
+
function replaceNode(key, path57, node2) {
|
|
3234
|
+
const parent = path57[path57.length - 1];
|
|
3234
3235
|
if (identity.isCollection(parent)) {
|
|
3235
3236
|
parent.items[key] = node2;
|
|
3236
3237
|
} else if (identity.isPair(parent)) {
|
|
@@ -3838,10 +3839,10 @@ var require_Collection = __commonJS({
|
|
|
3838
3839
|
var createNode = require_createNode();
|
|
3839
3840
|
var identity = require_identity();
|
|
3840
3841
|
var Node = require_Node();
|
|
3841
|
-
function collectionFromPath(schema,
|
|
3842
|
+
function collectionFromPath(schema, path57, value) {
|
|
3842
3843
|
let v = value;
|
|
3843
|
-
for (let i =
|
|
3844
|
-
const k =
|
|
3844
|
+
for (let i = path57.length - 1; i >= 0; --i) {
|
|
3845
|
+
const k = path57[i];
|
|
3845
3846
|
if (typeof k === "number" && Number.isInteger(k) && k >= 0) {
|
|
3846
3847
|
const a = [];
|
|
3847
3848
|
a[k] = v;
|
|
@@ -3860,7 +3861,7 @@ var require_Collection = __commonJS({
|
|
|
3860
3861
|
sourceObjects: /* @__PURE__ */ new Map()
|
|
3861
3862
|
});
|
|
3862
3863
|
}
|
|
3863
|
-
var isEmptyPath = (
|
|
3864
|
+
var isEmptyPath = (path57) => path57 == null || typeof path57 === "object" && !!path57[Symbol.iterator]().next().done;
|
|
3864
3865
|
var Collection = class extends Node.NodeBase {
|
|
3865
3866
|
constructor(type, schema) {
|
|
3866
3867
|
super(type);
|
|
@@ -3890,11 +3891,11 @@ var require_Collection = __commonJS({
|
|
|
3890
3891
|
* be a Pair instance or a `{ key, value }` object, which may not have a key
|
|
3891
3892
|
* that already exists in the map.
|
|
3892
3893
|
*/
|
|
3893
|
-
addIn(
|
|
3894
|
-
if (isEmptyPath(
|
|
3894
|
+
addIn(path57, value) {
|
|
3895
|
+
if (isEmptyPath(path57))
|
|
3895
3896
|
this.add(value);
|
|
3896
3897
|
else {
|
|
3897
|
-
const [key, ...rest] =
|
|
3898
|
+
const [key, ...rest] = path57;
|
|
3898
3899
|
const node2 = this.get(key, true);
|
|
3899
3900
|
if (identity.isCollection(node2))
|
|
3900
3901
|
node2.addIn(rest, value);
|
|
@@ -3908,8 +3909,8 @@ var require_Collection = __commonJS({
|
|
|
3908
3909
|
* Removes a value from the collection.
|
|
3909
3910
|
* @returns `true` if the item was found and removed.
|
|
3910
3911
|
*/
|
|
3911
|
-
deleteIn(
|
|
3912
|
-
const [key, ...rest] =
|
|
3912
|
+
deleteIn(path57) {
|
|
3913
|
+
const [key, ...rest] = path57;
|
|
3913
3914
|
if (rest.length === 0)
|
|
3914
3915
|
return this.delete(key);
|
|
3915
3916
|
const node2 = this.get(key, true);
|
|
@@ -3923,8 +3924,8 @@ var require_Collection = __commonJS({
|
|
|
3923
3924
|
* scalar values from their surrounding node; to disable set `keepScalar` to
|
|
3924
3925
|
* `true` (collections are always returned intact).
|
|
3925
3926
|
*/
|
|
3926
|
-
getIn(
|
|
3927
|
-
const [key, ...rest] =
|
|
3927
|
+
getIn(path57, keepScalar) {
|
|
3928
|
+
const [key, ...rest] = path57;
|
|
3928
3929
|
const node2 = this.get(key, true);
|
|
3929
3930
|
if (rest.length === 0)
|
|
3930
3931
|
return !keepScalar && identity.isScalar(node2) ? node2.value : node2;
|
|
@@ -3942,8 +3943,8 @@ var require_Collection = __commonJS({
|
|
|
3942
3943
|
/**
|
|
3943
3944
|
* Checks if the collection includes a value with the key `key`.
|
|
3944
3945
|
*/
|
|
3945
|
-
hasIn(
|
|
3946
|
-
const [key, ...rest] =
|
|
3946
|
+
hasIn(path57) {
|
|
3947
|
+
const [key, ...rest] = path57;
|
|
3947
3948
|
if (rest.length === 0)
|
|
3948
3949
|
return this.has(key);
|
|
3949
3950
|
const node2 = this.get(key, true);
|
|
@@ -3953,8 +3954,8 @@ var require_Collection = __commonJS({
|
|
|
3953
3954
|
* Sets a value in this collection. For `!!set`, `value` needs to be a
|
|
3954
3955
|
* boolean to add/remove the item from the set.
|
|
3955
3956
|
*/
|
|
3956
|
-
setIn(
|
|
3957
|
-
const [key, ...rest] =
|
|
3957
|
+
setIn(path57, value) {
|
|
3958
|
+
const [key, ...rest] = path57;
|
|
3958
3959
|
if (rest.length === 0) {
|
|
3959
3960
|
this.set(key, value);
|
|
3960
3961
|
} else {
|
|
@@ -6466,9 +6467,9 @@ var require_Document = __commonJS({
|
|
|
6466
6467
|
this.contents.add(value);
|
|
6467
6468
|
}
|
|
6468
6469
|
/** Adds a value to the document. */
|
|
6469
|
-
addIn(
|
|
6470
|
+
addIn(path57, value) {
|
|
6470
6471
|
if (assertCollection(this.contents))
|
|
6471
|
-
this.contents.addIn(
|
|
6472
|
+
this.contents.addIn(path57, value);
|
|
6472
6473
|
}
|
|
6473
6474
|
/**
|
|
6474
6475
|
* Create a new `Alias` node, ensuring that the target `node` has the required anchor.
|
|
@@ -6543,14 +6544,14 @@ var require_Document = __commonJS({
|
|
|
6543
6544
|
* Removes a value from the document.
|
|
6544
6545
|
* @returns `true` if the item was found and removed.
|
|
6545
6546
|
*/
|
|
6546
|
-
deleteIn(
|
|
6547
|
-
if (Collection.isEmptyPath(
|
|
6547
|
+
deleteIn(path57) {
|
|
6548
|
+
if (Collection.isEmptyPath(path57)) {
|
|
6548
6549
|
if (this.contents == null)
|
|
6549
6550
|
return false;
|
|
6550
6551
|
this.contents = null;
|
|
6551
6552
|
return true;
|
|
6552
6553
|
}
|
|
6553
|
-
return assertCollection(this.contents) ? this.contents.deleteIn(
|
|
6554
|
+
return assertCollection(this.contents) ? this.contents.deleteIn(path57) : false;
|
|
6554
6555
|
}
|
|
6555
6556
|
/**
|
|
6556
6557
|
* Returns item at `key`, or `undefined` if not found. By default unwraps
|
|
@@ -6565,10 +6566,10 @@ var require_Document = __commonJS({
|
|
|
6565
6566
|
* scalar values from their surrounding node; to disable set `keepScalar` to
|
|
6566
6567
|
* `true` (collections are always returned intact).
|
|
6567
6568
|
*/
|
|
6568
|
-
getIn(
|
|
6569
|
-
if (Collection.isEmptyPath(
|
|
6569
|
+
getIn(path57, keepScalar) {
|
|
6570
|
+
if (Collection.isEmptyPath(path57))
|
|
6570
6571
|
return !keepScalar && identity.isScalar(this.contents) ? this.contents.value : this.contents;
|
|
6571
|
-
return identity.isCollection(this.contents) ? this.contents.getIn(
|
|
6572
|
+
return identity.isCollection(this.contents) ? this.contents.getIn(path57, keepScalar) : void 0;
|
|
6572
6573
|
}
|
|
6573
6574
|
/**
|
|
6574
6575
|
* Checks if the document includes a value with the key `key`.
|
|
@@ -6579,10 +6580,10 @@ var require_Document = __commonJS({
|
|
|
6579
6580
|
/**
|
|
6580
6581
|
* Checks if the document includes a value at `path`.
|
|
6581
6582
|
*/
|
|
6582
|
-
hasIn(
|
|
6583
|
-
if (Collection.isEmptyPath(
|
|
6583
|
+
hasIn(path57) {
|
|
6584
|
+
if (Collection.isEmptyPath(path57))
|
|
6584
6585
|
return this.contents !== void 0;
|
|
6585
|
-
return identity.isCollection(this.contents) ? this.contents.hasIn(
|
|
6586
|
+
return identity.isCollection(this.contents) ? this.contents.hasIn(path57) : false;
|
|
6586
6587
|
}
|
|
6587
6588
|
/**
|
|
6588
6589
|
* Sets a value in this document. For `!!set`, `value` needs to be a
|
|
@@ -6599,13 +6600,13 @@ var require_Document = __commonJS({
|
|
|
6599
6600
|
* Sets a value in this document. For `!!set`, `value` needs to be a
|
|
6600
6601
|
* boolean to add/remove the item from the set.
|
|
6601
6602
|
*/
|
|
6602
|
-
setIn(
|
|
6603
|
-
if (Collection.isEmptyPath(
|
|
6603
|
+
setIn(path57, value) {
|
|
6604
|
+
if (Collection.isEmptyPath(path57)) {
|
|
6604
6605
|
this.contents = value;
|
|
6605
6606
|
} else if (this.contents == null) {
|
|
6606
|
-
this.contents = Collection.collectionFromPath(this.schema, Array.from(
|
|
6607
|
+
this.contents = Collection.collectionFromPath(this.schema, Array.from(path57), value);
|
|
6607
6608
|
} else if (assertCollection(this.contents)) {
|
|
6608
|
-
this.contents.setIn(
|
|
6609
|
+
this.contents.setIn(path57, value);
|
|
6609
6610
|
}
|
|
6610
6611
|
}
|
|
6611
6612
|
/**
|
|
@@ -8562,9 +8563,9 @@ var require_cst_visit = __commonJS({
|
|
|
8562
8563
|
visit.BREAK = BREAK;
|
|
8563
8564
|
visit.SKIP = SKIP;
|
|
8564
8565
|
visit.REMOVE = REMOVE;
|
|
8565
|
-
visit.itemAtPath = (cst,
|
|
8566
|
+
visit.itemAtPath = (cst, path57) => {
|
|
8566
8567
|
let item = cst;
|
|
8567
|
-
for (const [field, index] of
|
|
8568
|
+
for (const [field, index] of path57) {
|
|
8568
8569
|
const tok = item?.[field];
|
|
8569
8570
|
if (tok && "items" in tok) {
|
|
8570
8571
|
item = tok.items[index];
|
|
@@ -8573,23 +8574,23 @@ var require_cst_visit = __commonJS({
|
|
|
8573
8574
|
}
|
|
8574
8575
|
return item;
|
|
8575
8576
|
};
|
|
8576
|
-
visit.parentCollection = (cst,
|
|
8577
|
-
const parent = visit.itemAtPath(cst,
|
|
8578
|
-
const field =
|
|
8577
|
+
visit.parentCollection = (cst, path57) => {
|
|
8578
|
+
const parent = visit.itemAtPath(cst, path57.slice(0, -1));
|
|
8579
|
+
const field = path57[path57.length - 1][0];
|
|
8579
8580
|
const coll = parent?.[field];
|
|
8580
8581
|
if (coll && "items" in coll)
|
|
8581
8582
|
return coll;
|
|
8582
8583
|
throw new Error("Parent collection not found");
|
|
8583
8584
|
};
|
|
8584
|
-
function _visit(
|
|
8585
|
-
let ctrl = visitor(item,
|
|
8585
|
+
function _visit(path57, item, visitor) {
|
|
8586
|
+
let ctrl = visitor(item, path57);
|
|
8586
8587
|
if (typeof ctrl === "symbol")
|
|
8587
8588
|
return ctrl;
|
|
8588
8589
|
for (const field of ["key", "value"]) {
|
|
8589
8590
|
const token = item[field];
|
|
8590
8591
|
if (token && "items" in token) {
|
|
8591
8592
|
for (let i = 0; i < token.items.length; ++i) {
|
|
8592
|
-
const ci = _visit(Object.freeze(
|
|
8593
|
+
const ci = _visit(Object.freeze(path57.concat([[field, i]])), token.items[i], visitor);
|
|
8593
8594
|
if (typeof ci === "number")
|
|
8594
8595
|
i = ci - 1;
|
|
8595
8596
|
else if (ci === BREAK)
|
|
@@ -8600,10 +8601,10 @@ var require_cst_visit = __commonJS({
|
|
|
8600
8601
|
}
|
|
8601
8602
|
}
|
|
8602
8603
|
if (typeof ctrl === "function" && field === "key")
|
|
8603
|
-
ctrl = ctrl(item,
|
|
8604
|
+
ctrl = ctrl(item, path57);
|
|
8604
8605
|
}
|
|
8605
8606
|
}
|
|
8606
|
-
return typeof ctrl === "function" ? ctrl(item,
|
|
8607
|
+
return typeof ctrl === "function" ? ctrl(item, path57) : ctrl;
|
|
8607
8608
|
}
|
|
8608
8609
|
exports.visit = visit;
|
|
8609
8610
|
}
|
|
@@ -9888,14 +9889,14 @@ var require_parser = __commonJS({
|
|
|
9888
9889
|
case "scalar":
|
|
9889
9890
|
case "single-quoted-scalar":
|
|
9890
9891
|
case "double-quoted-scalar": {
|
|
9891
|
-
const
|
|
9892
|
+
const fs38 = this.flowScalar(this.type);
|
|
9892
9893
|
if (atNextItem || it.value) {
|
|
9893
|
-
map.items.push({ start, key:
|
|
9894
|
+
map.items.push({ start, key: fs38, sep: [] });
|
|
9894
9895
|
this.onKeyLine = true;
|
|
9895
9896
|
} else if (it.sep) {
|
|
9896
|
-
this.stack.push(
|
|
9897
|
+
this.stack.push(fs38);
|
|
9897
9898
|
} else {
|
|
9898
|
-
Object.assign(it, { key:
|
|
9899
|
+
Object.assign(it, { key: fs38, sep: [] });
|
|
9899
9900
|
this.onKeyLine = true;
|
|
9900
9901
|
}
|
|
9901
9902
|
return;
|
|
@@ -10023,13 +10024,13 @@ var require_parser = __commonJS({
|
|
|
10023
10024
|
case "scalar":
|
|
10024
10025
|
case "single-quoted-scalar":
|
|
10025
10026
|
case "double-quoted-scalar": {
|
|
10026
|
-
const
|
|
10027
|
+
const fs38 = this.flowScalar(this.type);
|
|
10027
10028
|
if (!it || it.value)
|
|
10028
|
-
fc.items.push({ start: [], key:
|
|
10029
|
+
fc.items.push({ start: [], key: fs38, sep: [] });
|
|
10029
10030
|
else if (it.sep)
|
|
10030
|
-
this.stack.push(
|
|
10031
|
+
this.stack.push(fs38);
|
|
10031
10032
|
else
|
|
10032
|
-
Object.assign(it, { key:
|
|
10033
|
+
Object.assign(it, { key: fs38, sep: [] });
|
|
10033
10034
|
return;
|
|
10034
10035
|
}
|
|
10035
10036
|
case "flow-map-end":
|
|
@@ -16094,7 +16095,7 @@ function ecdsa(Point, hash, ecdsaOpts = {}) {
|
|
|
16094
16095
|
const sig = drbg(seed, k2sig);
|
|
16095
16096
|
return sig.toBytes(opts2.format);
|
|
16096
16097
|
}
|
|
16097
|
-
function
|
|
16098
|
+
function verify3(signature, message, publicKey, opts2 = {}) {
|
|
16098
16099
|
const { lowS, prehash, format } = validateSigOpts(opts2, defaultSigOpts);
|
|
16099
16100
|
publicKey = abytes4(publicKey, void 0, "publicKey");
|
|
16100
16101
|
message = validateMsgAndHash(message, prehash);
|
|
@@ -16135,7 +16136,7 @@ function ecdsa(Point, hash, ecdsaOpts = {}) {
|
|
|
16135
16136
|
lengths,
|
|
16136
16137
|
Point,
|
|
16137
16138
|
sign: sign2,
|
|
16138
|
-
verify:
|
|
16139
|
+
verify: verify3,
|
|
16139
16140
|
recoverPublicKey,
|
|
16140
16141
|
Signature,
|
|
16141
16142
|
hash
|
|
@@ -21112,15 +21113,15 @@ function saveRequests(repoRoot, requests) {
|
|
|
21112
21113
|
function upsertRequest(repoRoot, key, label2, environment) {
|
|
21113
21114
|
const requests = loadRequests(repoRoot);
|
|
21114
21115
|
const now = /* @__PURE__ */ new Date();
|
|
21115
|
-
const
|
|
21116
|
+
const request2 = { key, label: label2, requestedAt: now, environment };
|
|
21116
21117
|
const existingIndex = requests.findIndex((r) => r.key === key);
|
|
21117
21118
|
if (existingIndex >= 0) {
|
|
21118
|
-
requests[existingIndex] =
|
|
21119
|
+
requests[existingIndex] = request2;
|
|
21119
21120
|
} else {
|
|
21120
|
-
requests.push(
|
|
21121
|
+
requests.push(request2);
|
|
21121
21122
|
}
|
|
21122
21123
|
saveRequests(repoRoot, requests);
|
|
21123
|
-
return
|
|
21124
|
+
return request2;
|
|
21124
21125
|
}
|
|
21125
21126
|
function removeRequest(repoRoot, identifier) {
|
|
21126
21127
|
const requests = loadRequests(repoRoot);
|
|
@@ -31629,11 +31630,11 @@ var require_mime_types = __commonJS({
|
|
|
31629
31630
|
}
|
|
31630
31631
|
return exts[0];
|
|
31631
31632
|
}
|
|
31632
|
-
function lookup(
|
|
31633
|
-
if (!
|
|
31633
|
+
function lookup(path57) {
|
|
31634
|
+
if (!path57 || typeof path57 !== "string") {
|
|
31634
31635
|
return false;
|
|
31635
31636
|
}
|
|
31636
|
-
var extension2 = extname3("x." +
|
|
31637
|
+
var extension2 = extname3("x." + path57).toLowerCase().substr(1);
|
|
31637
31638
|
if (!extension2) {
|
|
31638
31639
|
return false;
|
|
31639
31640
|
}
|
|
@@ -32738,13 +32739,13 @@ var require_form_data = __commonJS({
|
|
|
32738
32739
|
"use strict";
|
|
32739
32740
|
var CombinedStream = require_combined_stream();
|
|
32740
32741
|
var util = __require("util");
|
|
32741
|
-
var
|
|
32742
|
+
var path57 = __require("path");
|
|
32742
32743
|
var http = __require("http");
|
|
32743
32744
|
var https = __require("https");
|
|
32744
32745
|
var parseUrl = __require("url").parse;
|
|
32745
|
-
var
|
|
32746
|
+
var fs38 = __require("fs");
|
|
32746
32747
|
var Stream = __require("stream").Stream;
|
|
32747
|
-
var
|
|
32748
|
+
var crypto10 = __require("crypto");
|
|
32748
32749
|
var mime = require_mime_types();
|
|
32749
32750
|
var asynckit = require_asynckit();
|
|
32750
32751
|
var setToStringTag = require_es_set_tostringtag();
|
|
@@ -32809,7 +32810,7 @@ var require_form_data = __commonJS({
|
|
|
32809
32810
|
if (value.end != void 0 && value.end != Infinity && value.start != void 0) {
|
|
32810
32811
|
callback(null, value.end + 1 - (value.start ? value.start : 0));
|
|
32811
32812
|
} else {
|
|
32812
|
-
|
|
32813
|
+
fs38.stat(value.path, function(err, stat) {
|
|
32813
32814
|
if (err) {
|
|
32814
32815
|
callback(err);
|
|
32815
32816
|
return;
|
|
@@ -32866,11 +32867,11 @@ var require_form_data = __commonJS({
|
|
|
32866
32867
|
FormData2.prototype._getContentDisposition = function(value, options) {
|
|
32867
32868
|
var filename;
|
|
32868
32869
|
if (typeof options.filepath === "string") {
|
|
32869
|
-
filename =
|
|
32870
|
+
filename = path57.normalize(options.filepath).replace(/\\/g, "/");
|
|
32870
32871
|
} else if (options.filename || value && (value.name || value.path)) {
|
|
32871
|
-
filename =
|
|
32872
|
+
filename = path57.basename(options.filename || value && (value.name || value.path));
|
|
32872
32873
|
} else if (value && value.readable && hasOwn(value, "httpVersion")) {
|
|
32873
|
-
filename =
|
|
32874
|
+
filename = path57.basename(value.client._httpMessage.path || "");
|
|
32874
32875
|
}
|
|
32875
32876
|
if (filename) {
|
|
32876
32877
|
return 'filename="' + filename + '"';
|
|
@@ -32950,7 +32951,7 @@ var require_form_data = __commonJS({
|
|
|
32950
32951
|
return Buffer.concat([dataBuffer, Buffer.from(this._lastBoundary())]);
|
|
32951
32952
|
};
|
|
32952
32953
|
FormData2.prototype._generateBoundary = function() {
|
|
32953
|
-
this._boundary = "--------------------------" +
|
|
32954
|
+
this._boundary = "--------------------------" + crypto10.randomBytes(12).toString("hex");
|
|
32954
32955
|
};
|
|
32955
32956
|
FormData2.prototype.getLengthSync = function() {
|
|
32956
32957
|
var knownLength = this._overheadLength + this._valueLength;
|
|
@@ -32990,7 +32991,7 @@ var require_form_data = __commonJS({
|
|
|
32990
32991
|
});
|
|
32991
32992
|
};
|
|
32992
32993
|
FormData2.prototype.submit = function(params, cb) {
|
|
32993
|
-
var
|
|
32994
|
+
var request2;
|
|
32994
32995
|
var options;
|
|
32995
32996
|
var defaults = { method: "post" };
|
|
32996
32997
|
if (typeof params === "string") {
|
|
@@ -33009,9 +33010,9 @@ var require_form_data = __commonJS({
|
|
|
33009
33010
|
}
|
|
33010
33011
|
options.headers = this.getHeaders(params.headers);
|
|
33011
33012
|
if (options.protocol === "https:") {
|
|
33012
|
-
|
|
33013
|
+
request2 = https.request(options);
|
|
33013
33014
|
} else {
|
|
33014
|
-
|
|
33015
|
+
request2 = http.request(options);
|
|
33015
33016
|
}
|
|
33016
33017
|
this.getLength(function(err, length) {
|
|
33017
33018
|
if (err && err !== "Unknown stream") {
|
|
@@ -33019,22 +33020,22 @@ var require_form_data = __commonJS({
|
|
|
33019
33020
|
return;
|
|
33020
33021
|
}
|
|
33021
33022
|
if (length) {
|
|
33022
|
-
|
|
33023
|
+
request2.setHeader("Content-Length", length);
|
|
33023
33024
|
}
|
|
33024
|
-
this.pipe(
|
|
33025
|
+
this.pipe(request2);
|
|
33025
33026
|
if (cb) {
|
|
33026
33027
|
var onResponse;
|
|
33027
33028
|
var callback = function(error, responce) {
|
|
33028
|
-
|
|
33029
|
-
|
|
33029
|
+
request2.removeListener("error", callback);
|
|
33030
|
+
request2.removeListener("response", onResponse);
|
|
33030
33031
|
return cb.call(this, error, responce);
|
|
33031
33032
|
};
|
|
33032
33033
|
onResponse = callback.bind(this, null);
|
|
33033
|
-
|
|
33034
|
-
|
|
33034
|
+
request2.on("error", callback);
|
|
33035
|
+
request2.on("response", onResponse);
|
|
33035
33036
|
}
|
|
33036
33037
|
}.bind(this));
|
|
33037
|
-
return
|
|
33038
|
+
return request2;
|
|
33038
33039
|
};
|
|
33039
33040
|
FormData2.prototype._error = function(err) {
|
|
33040
33041
|
if (!this.error) {
|
|
@@ -33634,7 +33635,7 @@ var require_node = __commonJS({
|
|
|
33634
33635
|
"../../node_modules/debug/src/node.js"(exports, module) {
|
|
33635
33636
|
var tty = __require("tty");
|
|
33636
33637
|
var util = __require("util");
|
|
33637
|
-
exports.init =
|
|
33638
|
+
exports.init = init2;
|
|
33638
33639
|
exports.log = log;
|
|
33639
33640
|
exports.formatArgs = formatArgs;
|
|
33640
33641
|
exports.save = save;
|
|
@@ -33783,7 +33784,7 @@ var require_node = __commonJS({
|
|
|
33783
33784
|
function load() {
|
|
33784
33785
|
return process.env.DEBUG;
|
|
33785
33786
|
}
|
|
33786
|
-
function
|
|
33787
|
+
function init2(debug) {
|
|
33787
33788
|
debug.inspectOpts = {};
|
|
33788
33789
|
const keys = Object.keys(exports.inspectOpts);
|
|
33789
33790
|
for (let i = 0; i < keys.length; i++) {
|
|
@@ -34085,10 +34086,10 @@ var require_follow_redirects = __commonJS({
|
|
|
34085
34086
|
var scheme = protocol.slice(0, -1);
|
|
34086
34087
|
this._options.agent = this._options.agents[scheme];
|
|
34087
34088
|
}
|
|
34088
|
-
var
|
|
34089
|
-
|
|
34089
|
+
var request2 = this._currentRequest = nativeProtocol.request(this._options, this._onNativeResponse);
|
|
34090
|
+
request2._redirectable = this;
|
|
34090
34091
|
for (var event of events) {
|
|
34091
|
-
|
|
34092
|
+
request2.on(event, eventHandlers[event]);
|
|
34092
34093
|
}
|
|
34093
34094
|
this._currentUrl = /^\//.test(this._options.path) ? url.format(this._options) : (
|
|
34094
34095
|
// When making a request to a proxy, […]
|
|
@@ -34100,16 +34101,16 @@ var require_follow_redirects = __commonJS({
|
|
|
34100
34101
|
var self2 = this;
|
|
34101
34102
|
var buffers = this._requestBodyBuffers;
|
|
34102
34103
|
(function writeNext(error) {
|
|
34103
|
-
if (
|
|
34104
|
+
if (request2 === self2._currentRequest) {
|
|
34104
34105
|
if (error) {
|
|
34105
34106
|
self2.emit("error", error);
|
|
34106
34107
|
} else if (i < buffers.length) {
|
|
34107
34108
|
var buffer = buffers[i++];
|
|
34108
|
-
if (!
|
|
34109
|
-
|
|
34109
|
+
if (!request2.finished) {
|
|
34110
|
+
request2.write(buffer.data, buffer.encoding, writeNext);
|
|
34110
34111
|
}
|
|
34111
34112
|
} else if (self2._ended) {
|
|
34112
|
-
|
|
34113
|
+
request2.end();
|
|
34113
34114
|
}
|
|
34114
34115
|
}
|
|
34115
34116
|
})();
|
|
@@ -34191,7 +34192,7 @@ var require_follow_redirects = __commonJS({
|
|
|
34191
34192
|
var protocol = scheme + ":";
|
|
34192
34193
|
var nativeProtocol = nativeProtocols[protocol] = protocols[scheme];
|
|
34193
34194
|
var wrappedProtocol = exports2[scheme] = Object.create(nativeProtocol);
|
|
34194
|
-
function
|
|
34195
|
+
function request2(input, options, callback) {
|
|
34195
34196
|
if (isURL(input)) {
|
|
34196
34197
|
input = spreadUrlObject(input);
|
|
34197
34198
|
} else if (isString(input)) {
|
|
@@ -34223,7 +34224,7 @@ var require_follow_redirects = __commonJS({
|
|
|
34223
34224
|
return wrappedRequest;
|
|
34224
34225
|
}
|
|
34225
34226
|
Object.defineProperties(wrappedProtocol, {
|
|
34226
|
-
request: { value:
|
|
34227
|
+
request: { value: request2, configurable: true, enumerable: true, writable: true },
|
|
34227
34228
|
get: { value: get, configurable: true, enumerable: true, writable: true }
|
|
34228
34229
|
});
|
|
34229
34230
|
});
|
|
@@ -34301,12 +34302,12 @@ var require_follow_redirects = __commonJS({
|
|
|
34301
34302
|
});
|
|
34302
34303
|
return CustomError;
|
|
34303
34304
|
}
|
|
34304
|
-
function destroyRequest(
|
|
34305
|
+
function destroyRequest(request2, error) {
|
|
34305
34306
|
for (var event of events) {
|
|
34306
|
-
|
|
34307
|
+
request2.removeListener(event, eventHandlers[event]);
|
|
34307
34308
|
}
|
|
34308
|
-
|
|
34309
|
-
|
|
34309
|
+
request2.on("error", noop);
|
|
34310
|
+
request2.destroy(error);
|
|
34310
34311
|
}
|
|
34311
34312
|
function isSubdomain(subdomain, domain) {
|
|
34312
34313
|
assert2(isString(subdomain) && isString(domain));
|
|
@@ -34335,7 +34336,7 @@ var require_axios = __commonJS({
|
|
|
34335
34336
|
"../../node_modules/axios/dist/node/axios.cjs"(exports, module) {
|
|
34336
34337
|
"use strict";
|
|
34337
34338
|
var FormData$1 = require_form_data();
|
|
34338
|
-
var
|
|
34339
|
+
var crypto10 = __require("crypto");
|
|
34339
34340
|
var url = __require("url");
|
|
34340
34341
|
var http = __require("http");
|
|
34341
34342
|
var https = __require("https");
|
|
@@ -34786,8 +34787,8 @@ var require_axios = __commonJS({
|
|
|
34786
34787
|
isIterable
|
|
34787
34788
|
};
|
|
34788
34789
|
var AxiosError = class _AxiosError extends Error {
|
|
34789
|
-
static from(error, code, config,
|
|
34790
|
-
const axiosError = new _AxiosError(error.message, code || error.code, config,
|
|
34790
|
+
static from(error, code, config, request2, response, customProps) {
|
|
34791
|
+
const axiosError = new _AxiosError(error.message, code || error.code, config, request2, response);
|
|
34791
34792
|
axiosError.cause = error;
|
|
34792
34793
|
axiosError.name = error.name;
|
|
34793
34794
|
if (error.status != null && axiosError.status == null) {
|
|
@@ -34807,7 +34808,7 @@ var require_axios = __commonJS({
|
|
|
34807
34808
|
*
|
|
34808
34809
|
* @returns {Error} The created error.
|
|
34809
34810
|
*/
|
|
34810
|
-
constructor(message, code, config,
|
|
34811
|
+
constructor(message, code, config, request2, response) {
|
|
34811
34812
|
super(message);
|
|
34812
34813
|
Object.defineProperty(this, "message", {
|
|
34813
34814
|
value: message,
|
|
@@ -34819,7 +34820,7 @@ var require_axios = __commonJS({
|
|
|
34819
34820
|
this.isAxiosError = true;
|
|
34820
34821
|
code && (this.code = code);
|
|
34821
34822
|
config && (this.config = config);
|
|
34822
|
-
|
|
34823
|
+
request2 && (this.request = request2);
|
|
34823
34824
|
if (response) {
|
|
34824
34825
|
this.response = response;
|
|
34825
34826
|
this.status = response.status;
|
|
@@ -34863,9 +34864,9 @@ var require_axios = __commonJS({
|
|
|
34863
34864
|
function removeBrackets(key) {
|
|
34864
34865
|
return utils$1.endsWith(key, "[]") ? key.slice(0, -2) : key;
|
|
34865
34866
|
}
|
|
34866
|
-
function renderKey(
|
|
34867
|
-
if (!
|
|
34868
|
-
return
|
|
34867
|
+
function renderKey(path57, key, dots) {
|
|
34868
|
+
if (!path57) return key;
|
|
34869
|
+
return path57.concat(key).map(function each(token, i) {
|
|
34869
34870
|
token = removeBrackets(token);
|
|
34870
34871
|
return !dots && i ? "[" + token + "]" : token;
|
|
34871
34872
|
}).join(dots ? "." : "");
|
|
@@ -34913,13 +34914,13 @@ var require_axios = __commonJS({
|
|
|
34913
34914
|
}
|
|
34914
34915
|
return value;
|
|
34915
34916
|
}
|
|
34916
|
-
function defaultVisitor(value, key,
|
|
34917
|
+
function defaultVisitor(value, key, path57) {
|
|
34917
34918
|
let arr = value;
|
|
34918
34919
|
if (utils$1.isReactNative(formData) && utils$1.isReactNativeBlob(value)) {
|
|
34919
|
-
formData.append(renderKey(
|
|
34920
|
+
formData.append(renderKey(path57, key, dots), convertValue(value));
|
|
34920
34921
|
return false;
|
|
34921
34922
|
}
|
|
34922
|
-
if (value && !
|
|
34923
|
+
if (value && !path57 && typeof value === "object") {
|
|
34923
34924
|
if (utils$1.endsWith(key, "{}")) {
|
|
34924
34925
|
key = metaTokens ? key : key.slice(0, -2);
|
|
34925
34926
|
value = JSON.stringify(value);
|
|
@@ -34938,7 +34939,7 @@ var require_axios = __commonJS({
|
|
|
34938
34939
|
if (isVisitable(value)) {
|
|
34939
34940
|
return true;
|
|
34940
34941
|
}
|
|
34941
|
-
formData.append(renderKey(
|
|
34942
|
+
formData.append(renderKey(path57, key, dots), convertValue(value));
|
|
34942
34943
|
return false;
|
|
34943
34944
|
}
|
|
34944
34945
|
const stack = [];
|
|
@@ -34947,16 +34948,16 @@ var require_axios = __commonJS({
|
|
|
34947
34948
|
convertValue,
|
|
34948
34949
|
isVisitable
|
|
34949
34950
|
});
|
|
34950
|
-
function build(value,
|
|
34951
|
+
function build(value, path57) {
|
|
34951
34952
|
if (utils$1.isUndefined(value)) return;
|
|
34952
34953
|
if (stack.indexOf(value) !== -1) {
|
|
34953
|
-
throw Error("Circular reference detected in " +
|
|
34954
|
+
throw Error("Circular reference detected in " + path57.join("."));
|
|
34954
34955
|
}
|
|
34955
34956
|
stack.push(value);
|
|
34956
34957
|
utils$1.forEach(value, function each(el, key) {
|
|
34957
|
-
const result = !(utils$1.isUndefined(el) || el === null) && visitor.call(formData, el, utils$1.isString(key) ? key.trim() : key,
|
|
34958
|
+
const result = !(utils$1.isUndefined(el) || el === null) && visitor.call(formData, el, utils$1.isString(key) ? key.trim() : key, path57, exposedHelpers);
|
|
34958
34959
|
if (result === true) {
|
|
34959
|
-
build(el,
|
|
34960
|
+
build(el, path57 ? path57.concat(key) : [key]);
|
|
34960
34961
|
}
|
|
34961
34962
|
});
|
|
34962
34963
|
stack.pop();
|
|
@@ -35106,7 +35107,7 @@ var require_axios = __commonJS({
|
|
|
35106
35107
|
length
|
|
35107
35108
|
} = alphabet2;
|
|
35108
35109
|
const randomValues = new Uint32Array(size);
|
|
35109
|
-
|
|
35110
|
+
crypto10.randomFillSync(randomValues);
|
|
35110
35111
|
for (let i = 0; i < size; i++) {
|
|
35111
35112
|
str2 += alphabet2[randomValues[i] % length];
|
|
35112
35113
|
}
|
|
@@ -35145,7 +35146,7 @@ var require_axios = __commonJS({
|
|
|
35145
35146
|
};
|
|
35146
35147
|
function toURLEncodedForm(data, options) {
|
|
35147
35148
|
return toFormData(data, new platform.classes.URLSearchParams(), {
|
|
35148
|
-
visitor: function(value, key,
|
|
35149
|
+
visitor: function(value, key, path57, helpers) {
|
|
35149
35150
|
if (platform.isNode && utils$1.isBuffer(value)) {
|
|
35150
35151
|
this.append(key, value.toString("base64"));
|
|
35151
35152
|
return false;
|
|
@@ -35173,11 +35174,11 @@ var require_axios = __commonJS({
|
|
|
35173
35174
|
return obj;
|
|
35174
35175
|
}
|
|
35175
35176
|
function formDataToJSON(formData) {
|
|
35176
|
-
function buildPath(
|
|
35177
|
-
let name =
|
|
35177
|
+
function buildPath(path57, value, target, index) {
|
|
35178
|
+
let name = path57[index++];
|
|
35178
35179
|
if (name === "__proto__") return true;
|
|
35179
35180
|
const isNumericKey = Number.isFinite(+name);
|
|
35180
|
-
const isLast = index >=
|
|
35181
|
+
const isLast = index >= path57.length;
|
|
35181
35182
|
name = !name && utils$1.isArray(target) ? target.length : name;
|
|
35182
35183
|
if (isLast) {
|
|
35183
35184
|
if (utils$1.hasOwnProp(target, name)) {
|
|
@@ -35190,7 +35191,7 @@ var require_axios = __commonJS({
|
|
|
35190
35191
|
if (!target[name] || !utils$1.isObject(target[name])) {
|
|
35191
35192
|
target[name] = [];
|
|
35192
35193
|
}
|
|
35193
|
-
const result = buildPath(
|
|
35194
|
+
const result = buildPath(path57, value, target[name], index);
|
|
35194
35195
|
if (result && utils$1.isArray(target[name])) {
|
|
35195
35196
|
target[name] = arrayToObject(target[name]);
|
|
35196
35197
|
}
|
|
@@ -35586,8 +35587,8 @@ var require_axios = __commonJS({
|
|
|
35586
35587
|
*
|
|
35587
35588
|
* @returns {CanceledError} The created error.
|
|
35588
35589
|
*/
|
|
35589
|
-
constructor(message, config,
|
|
35590
|
-
super(message == null ? "canceled" : message, AxiosError.ERR_CANCELED, config,
|
|
35590
|
+
constructor(message, config, request2) {
|
|
35591
|
+
super(message == null ? "canceled" : message, AxiosError.ERR_CANCELED, config, request2);
|
|
35591
35592
|
this.name = "CanceledError";
|
|
35592
35593
|
this.__CANCEL__ = true;
|
|
35593
35594
|
}
|
|
@@ -36508,9 +36509,9 @@ var require_axios = __commonJS({
|
|
|
36508
36509
|
auth = urlUsername + ":" + urlPassword;
|
|
36509
36510
|
}
|
|
36510
36511
|
auth && headers.delete("authorization");
|
|
36511
|
-
let
|
|
36512
|
+
let path57;
|
|
36512
36513
|
try {
|
|
36513
|
-
|
|
36514
|
+
path57 = buildURL(parsed.pathname + parsed.search, config.params, config.paramsSerializer).replace(/^\?/, "");
|
|
36514
36515
|
} catch (err) {
|
|
36515
36516
|
const customErr = new Error(err.message);
|
|
36516
36517
|
customErr.config = config;
|
|
@@ -36520,7 +36521,7 @@ var require_axios = __commonJS({
|
|
|
36520
36521
|
}
|
|
36521
36522
|
headers.set("Accept-Encoding", "gzip, compress, deflate" + (isBrotliSupported ? ", br" : ""), false);
|
|
36522
36523
|
const options = {
|
|
36523
|
-
path:
|
|
36524
|
+
path: path57,
|
|
36524
36525
|
method,
|
|
36525
36526
|
headers: headers.toJSON(),
|
|
36526
36527
|
agents: {
|
|
@@ -36726,14 +36727,14 @@ var require_axios = __commonJS({
|
|
|
36726
36727
|
var cookies = platform.hasStandardBrowserEnv ? (
|
|
36727
36728
|
// Standard browser envs support document.cookie
|
|
36728
36729
|
{
|
|
36729
|
-
write(name, value, expires,
|
|
36730
|
+
write(name, value, expires, path57, domain, secure, sameSite) {
|
|
36730
36731
|
if (typeof document === "undefined") return;
|
|
36731
36732
|
const cookie = [`${name}=${encodeURIComponent(value)}`];
|
|
36732
36733
|
if (utils$1.isNumber(expires)) {
|
|
36733
36734
|
cookie.push(`expires=${new Date(expires).toUTCString()}`);
|
|
36734
36735
|
}
|
|
36735
|
-
if (utils$1.isString(
|
|
36736
|
-
cookie.push(`path=${
|
|
36736
|
+
if (utils$1.isString(path57)) {
|
|
36737
|
+
cookie.push(`path=${path57}`);
|
|
36737
36738
|
}
|
|
36738
36739
|
if (utils$1.isString(domain)) {
|
|
36739
36740
|
cookie.push(`domain=${domain}`);
|
|
@@ -36912,22 +36913,22 @@ var require_axios = __commonJS({
|
|
|
36912
36913
|
_config.cancelToken && _config.cancelToken.unsubscribe(onCanceled);
|
|
36913
36914
|
_config.signal && _config.signal.removeEventListener("abort", onCanceled);
|
|
36914
36915
|
}
|
|
36915
|
-
let
|
|
36916
|
-
|
|
36917
|
-
|
|
36916
|
+
let request2 = new XMLHttpRequest();
|
|
36917
|
+
request2.open(_config.method.toUpperCase(), _config.url, true);
|
|
36918
|
+
request2.timeout = _config.timeout;
|
|
36918
36919
|
function onloadend() {
|
|
36919
|
-
if (!
|
|
36920
|
+
if (!request2) {
|
|
36920
36921
|
return;
|
|
36921
36922
|
}
|
|
36922
|
-
const responseHeaders = AxiosHeaders.from("getAllResponseHeaders" in
|
|
36923
|
-
const responseData = !responseType || responseType === "text" || responseType === "json" ?
|
|
36923
|
+
const responseHeaders = AxiosHeaders.from("getAllResponseHeaders" in request2 && request2.getAllResponseHeaders());
|
|
36924
|
+
const responseData = !responseType || responseType === "text" || responseType === "json" ? request2.responseText : request2.response;
|
|
36924
36925
|
const response = {
|
|
36925
36926
|
data: responseData,
|
|
36926
|
-
status:
|
|
36927
|
-
statusText:
|
|
36927
|
+
status: request2.status,
|
|
36928
|
+
statusText: request2.statusText,
|
|
36928
36929
|
headers: responseHeaders,
|
|
36929
36930
|
config,
|
|
36930
|
-
request
|
|
36931
|
+
request: request2
|
|
36931
36932
|
};
|
|
36932
36933
|
settle(function _resolve(value) {
|
|
36933
36934
|
resolve7(value);
|
|
@@ -36936,73 +36937,73 @@ var require_axios = __commonJS({
|
|
|
36936
36937
|
reject(err);
|
|
36937
36938
|
done();
|
|
36938
36939
|
}, response);
|
|
36939
|
-
|
|
36940
|
+
request2 = null;
|
|
36940
36941
|
}
|
|
36941
|
-
if ("onloadend" in
|
|
36942
|
-
|
|
36942
|
+
if ("onloadend" in request2) {
|
|
36943
|
+
request2.onloadend = onloadend;
|
|
36943
36944
|
} else {
|
|
36944
|
-
|
|
36945
|
-
if (!
|
|
36945
|
+
request2.onreadystatechange = function handleLoad() {
|
|
36946
|
+
if (!request2 || request2.readyState !== 4) {
|
|
36946
36947
|
return;
|
|
36947
36948
|
}
|
|
36948
|
-
if (
|
|
36949
|
+
if (request2.status === 0 && !(request2.responseURL && request2.responseURL.indexOf("file:") === 0)) {
|
|
36949
36950
|
return;
|
|
36950
36951
|
}
|
|
36951
36952
|
setTimeout(onloadend);
|
|
36952
36953
|
};
|
|
36953
36954
|
}
|
|
36954
|
-
|
|
36955
|
-
if (!
|
|
36955
|
+
request2.onabort = function handleAbort() {
|
|
36956
|
+
if (!request2) {
|
|
36956
36957
|
return;
|
|
36957
36958
|
}
|
|
36958
|
-
reject(new AxiosError("Request aborted", AxiosError.ECONNABORTED, config,
|
|
36959
|
-
|
|
36959
|
+
reject(new AxiosError("Request aborted", AxiosError.ECONNABORTED, config, request2));
|
|
36960
|
+
request2 = null;
|
|
36960
36961
|
};
|
|
36961
|
-
|
|
36962
|
+
request2.onerror = function handleError(event) {
|
|
36962
36963
|
const msg = event && event.message ? event.message : "Network Error";
|
|
36963
|
-
const err = new AxiosError(msg, AxiosError.ERR_NETWORK, config,
|
|
36964
|
+
const err = new AxiosError(msg, AxiosError.ERR_NETWORK, config, request2);
|
|
36964
36965
|
err.event = event || null;
|
|
36965
36966
|
reject(err);
|
|
36966
|
-
|
|
36967
|
+
request2 = null;
|
|
36967
36968
|
};
|
|
36968
|
-
|
|
36969
|
+
request2.ontimeout = function handleTimeout() {
|
|
36969
36970
|
let timeoutErrorMessage = _config.timeout ? "timeout of " + _config.timeout + "ms exceeded" : "timeout exceeded";
|
|
36970
36971
|
const transitional = _config.transitional || transitionalDefaults;
|
|
36971
36972
|
if (_config.timeoutErrorMessage) {
|
|
36972
36973
|
timeoutErrorMessage = _config.timeoutErrorMessage;
|
|
36973
36974
|
}
|
|
36974
|
-
reject(new AxiosError(timeoutErrorMessage, transitional.clarifyTimeoutError ? AxiosError.ETIMEDOUT : AxiosError.ECONNABORTED, config,
|
|
36975
|
-
|
|
36975
|
+
reject(new AxiosError(timeoutErrorMessage, transitional.clarifyTimeoutError ? AxiosError.ETIMEDOUT : AxiosError.ECONNABORTED, config, request2));
|
|
36976
|
+
request2 = null;
|
|
36976
36977
|
};
|
|
36977
36978
|
requestData === void 0 && requestHeaders.setContentType(null);
|
|
36978
|
-
if ("setRequestHeader" in
|
|
36979
|
+
if ("setRequestHeader" in request2) {
|
|
36979
36980
|
utils$1.forEach(requestHeaders.toJSON(), function setRequestHeader(val, key) {
|
|
36980
|
-
|
|
36981
|
+
request2.setRequestHeader(key, val);
|
|
36981
36982
|
});
|
|
36982
36983
|
}
|
|
36983
36984
|
if (!utils$1.isUndefined(_config.withCredentials)) {
|
|
36984
|
-
|
|
36985
|
+
request2.withCredentials = !!_config.withCredentials;
|
|
36985
36986
|
}
|
|
36986
36987
|
if (responseType && responseType !== "json") {
|
|
36987
|
-
|
|
36988
|
+
request2.responseType = _config.responseType;
|
|
36988
36989
|
}
|
|
36989
36990
|
if (onDownloadProgress) {
|
|
36990
36991
|
[downloadThrottled, flushDownload] = progressEventReducer(onDownloadProgress, true);
|
|
36991
|
-
|
|
36992
|
+
request2.addEventListener("progress", downloadThrottled);
|
|
36992
36993
|
}
|
|
36993
|
-
if (onUploadProgress &&
|
|
36994
|
+
if (onUploadProgress && request2.upload) {
|
|
36994
36995
|
[uploadThrottled, flushUpload] = progressEventReducer(onUploadProgress);
|
|
36995
|
-
|
|
36996
|
-
|
|
36996
|
+
request2.upload.addEventListener("progress", uploadThrottled);
|
|
36997
|
+
request2.upload.addEventListener("loadend", flushUpload);
|
|
36997
36998
|
}
|
|
36998
36999
|
if (_config.cancelToken || _config.signal) {
|
|
36999
37000
|
onCanceled = (cancel) => {
|
|
37000
|
-
if (!
|
|
37001
|
+
if (!request2) {
|
|
37001
37002
|
return;
|
|
37002
37003
|
}
|
|
37003
|
-
reject(!cancel || cancel.type ? new CanceledError(null, config,
|
|
37004
|
-
|
|
37005
|
-
|
|
37004
|
+
reject(!cancel || cancel.type ? new CanceledError(null, config, request2) : cancel);
|
|
37005
|
+
request2.abort();
|
|
37006
|
+
request2 = null;
|
|
37006
37007
|
};
|
|
37007
37008
|
_config.cancelToken && _config.cancelToken.subscribe(onCanceled);
|
|
37008
37009
|
if (_config.signal) {
|
|
@@ -37014,7 +37015,7 @@ var require_axios = __commonJS({
|
|
|
37014
37015
|
reject(new AxiosError("Unsupported protocol " + protocol + ":", AxiosError.ERR_BAD_REQUEST, config));
|
|
37015
37016
|
return;
|
|
37016
37017
|
}
|
|
37017
|
-
|
|
37018
|
+
request2.send(requestData || null);
|
|
37018
37019
|
});
|
|
37019
37020
|
};
|
|
37020
37021
|
var composeSignals = (signals, timeout) => {
|
|
@@ -37249,7 +37250,7 @@ var require_axios = __commonJS({
|
|
|
37249
37250
|
let _fetch2 = envFetch || fetch;
|
|
37250
37251
|
responseType = responseType ? (responseType + "").toLowerCase() : "text";
|
|
37251
37252
|
let composedSignal = composeSignals([signal, cancelToken && cancelToken.toAbortSignal()], timeout);
|
|
37252
|
-
let
|
|
37253
|
+
let request2 = null;
|
|
37253
37254
|
const unsubscribe = composedSignal && composedSignal.unsubscribe && (() => {
|
|
37254
37255
|
composedSignal.unsubscribe();
|
|
37255
37256
|
});
|
|
@@ -37283,8 +37284,8 @@ var require_axios = __commonJS({
|
|
|
37283
37284
|
duplex: "half",
|
|
37284
37285
|
credentials: isCredentialsSupported ? withCredentials : void 0
|
|
37285
37286
|
};
|
|
37286
|
-
|
|
37287
|
-
let response = await (isRequestSupported ? _fetch2(
|
|
37287
|
+
request2 = isRequestSupported && new Request3(url2, resolvedOptions);
|
|
37288
|
+
let response = await (isRequestSupported ? _fetch2(request2, fetchOptions) : _fetch2(url2, resolvedOptions));
|
|
37288
37289
|
const isStreamResponse = supportsResponseStream && (responseType === "stream" || responseType === "response");
|
|
37289
37290
|
if (supportsResponseStream && (onDownloadProgress || isStreamResponse && unsubscribe)) {
|
|
37290
37291
|
const options = {};
|
|
@@ -37308,17 +37309,17 @@ var require_axios = __commonJS({
|
|
|
37308
37309
|
status: response.status,
|
|
37309
37310
|
statusText: response.statusText,
|
|
37310
37311
|
config,
|
|
37311
|
-
request
|
|
37312
|
+
request: request2
|
|
37312
37313
|
});
|
|
37313
37314
|
});
|
|
37314
37315
|
} catch (err) {
|
|
37315
37316
|
unsubscribe && unsubscribe();
|
|
37316
37317
|
if (err && err.name === "TypeError" && /Load failed|fetch/i.test(err.message)) {
|
|
37317
|
-
throw Object.assign(new AxiosError("Network Error", AxiosError.ERR_NETWORK, config,
|
|
37318
|
+
throw Object.assign(new AxiosError("Network Error", AxiosError.ERR_NETWORK, config, request2, err && err.response), {
|
|
37318
37319
|
cause: err.cause || err
|
|
37319
37320
|
});
|
|
37320
37321
|
}
|
|
37321
|
-
throw AxiosError.from(err, err && err.code, config,
|
|
37322
|
+
throw AxiosError.from(err, err && err.code, config, request2, err && err.response);
|
|
37322
37323
|
}
|
|
37323
37324
|
};
|
|
37324
37325
|
};
|
|
@@ -37694,11 +37695,11 @@ var require_axios = __commonJS({
|
|
|
37694
37695
|
};
|
|
37695
37696
|
return promise;
|
|
37696
37697
|
};
|
|
37697
|
-
executor(function cancel(message, config,
|
|
37698
|
+
executor(function cancel(message, config, request2) {
|
|
37698
37699
|
if (token.reason) {
|
|
37699
37700
|
return;
|
|
37700
37701
|
}
|
|
37701
|
-
token.reason = new CanceledError(message, config,
|
|
37702
|
+
token.reason = new CanceledError(message, config, request2);
|
|
37702
37703
|
resolvePromise(token.reason);
|
|
37703
37704
|
});
|
|
37704
37705
|
}
|
|
@@ -38254,8 +38255,8 @@ function createGetModuleFromFilename(basePath = process.argv[1] ? dirname5(proce
|
|
|
38254
38255
|
return decodedFile;
|
|
38255
38256
|
};
|
|
38256
38257
|
}
|
|
38257
|
-
function normalizeWindowsPath(
|
|
38258
|
-
return
|
|
38258
|
+
function normalizeWindowsPath(path57) {
|
|
38259
|
+
return path57.replace(/^[A-Z]:/, "").replace(/\\/g, "/");
|
|
38259
38260
|
}
|
|
38260
38261
|
async function addSourceContext(frames) {
|
|
38261
38262
|
const filesToLines = {};
|
|
@@ -38300,9 +38301,9 @@ async function addSourceContext(frames) {
|
|
|
38300
38301
|
LRU_FILE_CONTENTS_CACHE.reduce();
|
|
38301
38302
|
return frames;
|
|
38302
38303
|
}
|
|
38303
|
-
function getContextLinesFromFile(
|
|
38304
|
+
function getContextLinesFromFile(path57, ranges, output) {
|
|
38304
38305
|
return new Promise((resolve7) => {
|
|
38305
|
-
const stream2 = createReadStream(
|
|
38306
|
+
const stream2 = createReadStream(path57);
|
|
38306
38307
|
const lineReaded = createInterface2({
|
|
38307
38308
|
input: stream2
|
|
38308
38309
|
});
|
|
@@ -38320,7 +38321,7 @@ function getContextLinesFromFile(path56, ranges, output) {
|
|
|
38320
38321
|
let rangeStart = range[0];
|
|
38321
38322
|
let rangeEnd = range[1];
|
|
38322
38323
|
function onStreamError() {
|
|
38323
|
-
LRU_FILE_CONTENTS_FS_READ_FAILED.set(
|
|
38324
|
+
LRU_FILE_CONTENTS_FS_READ_FAILED.set(path57, 1);
|
|
38324
38325
|
lineReaded.close();
|
|
38325
38326
|
lineReaded.removeAllListeners();
|
|
38326
38327
|
destroyStreamAndResolve();
|
|
@@ -38397,8 +38398,8 @@ function clearLineContext(frame) {
|
|
|
38397
38398
|
delete frame.context_line;
|
|
38398
38399
|
delete frame.post_context;
|
|
38399
38400
|
}
|
|
38400
|
-
function shouldSkipContextLinesForFile(
|
|
38401
|
-
return
|
|
38401
|
+
function shouldSkipContextLinesForFile(path57) {
|
|
38402
|
+
return path57.startsWith("node:") || path57.endsWith(".min.js") || path57.endsWith(".min.cjs") || path57.endsWith(".min.mjs") || path57.startsWith("data:");
|
|
38402
38403
|
}
|
|
38403
38404
|
function shouldSkipContextLinesForFrame(frame) {
|
|
38404
38405
|
if (frame.lineno !== void 0 && frame.lineno > MAX_CONTEXTLINES_LINENO) {
|
|
@@ -40771,9 +40772,9 @@ var init_node = __esm({
|
|
|
40771
40772
|
return globalThis.crypto.subtle;
|
|
40772
40773
|
}
|
|
40773
40774
|
try {
|
|
40774
|
-
const
|
|
40775
|
-
if (
|
|
40776
|
-
return
|
|
40775
|
+
const crypto10 = await nodeCrypto.getValue();
|
|
40776
|
+
if (crypto10?.webcrypto?.subtle) {
|
|
40777
|
+
return crypto10.webcrypto.subtle;
|
|
40777
40778
|
}
|
|
40778
40779
|
} catch {
|
|
40779
40780
|
}
|
|
@@ -42213,18 +42214,18 @@ var init_report_client = __esm({
|
|
|
42213
42214
|
Authorization: `Bearer ${apiKey}`,
|
|
42214
42215
|
"Content-Type": "application/json"
|
|
42215
42216
|
};
|
|
42216
|
-
const
|
|
42217
|
+
const init2 = {
|
|
42217
42218
|
method,
|
|
42218
42219
|
headers,
|
|
42219
42220
|
...body !== void 0 ? { body: JSON.stringify(body) } : {}
|
|
42220
42221
|
};
|
|
42221
42222
|
let response;
|
|
42222
42223
|
try {
|
|
42223
|
-
response = await fetch(url,
|
|
42224
|
+
response = await fetch(url, init2);
|
|
42224
42225
|
} catch {
|
|
42225
42226
|
await this.delay(this.retryDelayMs);
|
|
42226
42227
|
try {
|
|
42227
|
-
response = await fetch(url,
|
|
42228
|
+
response = await fetch(url, init2);
|
|
42228
42229
|
} catch (retryErr) {
|
|
42229
42230
|
throw new CloudApiError2(
|
|
42230
42231
|
`Network error contacting Clef Cloud: ${retryErr.message}`,
|
|
@@ -42238,7 +42239,7 @@ var init_report_client = __esm({
|
|
|
42238
42239
|
}
|
|
42239
42240
|
if (response.status >= 500 && response.status < 600) {
|
|
42240
42241
|
await this.delay(this.retryDelayMs);
|
|
42241
|
-
const retryResponse = await fetch(url,
|
|
42242
|
+
const retryResponse = await fetch(url, init2);
|
|
42242
42243
|
if (retryResponse.ok) {
|
|
42243
42244
|
return await retryResponse.json();
|
|
42244
42245
|
}
|
|
@@ -56805,11 +56806,11 @@ var require_mime_types2 = __commonJS({
|
|
|
56805
56806
|
}
|
|
56806
56807
|
return exts[0];
|
|
56807
56808
|
}
|
|
56808
|
-
function lookup(
|
|
56809
|
-
if (!
|
|
56809
|
+
function lookup(path57) {
|
|
56810
|
+
if (!path57 || typeof path57 !== "string") {
|
|
56810
56811
|
return false;
|
|
56811
56812
|
}
|
|
56812
|
-
var extension2 = extname3("x." +
|
|
56813
|
+
var extension2 = extname3("x." + path57).toLowerCase().slice(1);
|
|
56813
56814
|
if (!extension2) {
|
|
56814
56815
|
return false;
|
|
56815
56816
|
}
|
|
@@ -57049,16 +57050,16 @@ var require_utils = __commonJS({
|
|
|
57049
57050
|
var inflate = options?.inflate !== false;
|
|
57050
57051
|
var limit = typeof options?.limit !== "number" ? bytes.parse(options?.limit || "100kb") : options?.limit;
|
|
57051
57052
|
var type = options?.type || defaultType;
|
|
57052
|
-
var
|
|
57053
|
+
var verify3 = options?.verify || false;
|
|
57053
57054
|
var defaultCharset = options?.defaultCharset || "utf-8";
|
|
57054
|
-
if (
|
|
57055
|
+
if (verify3 !== false && typeof verify3 !== "function") {
|
|
57055
57056
|
throw new TypeError("option verify must be function");
|
|
57056
57057
|
}
|
|
57057
57058
|
var shouldParse = typeof type !== "function" ? typeChecker(type) : type;
|
|
57058
57059
|
return {
|
|
57059
57060
|
inflate,
|
|
57060
57061
|
limit,
|
|
57061
|
-
verify:
|
|
57062
|
+
verify: verify3,
|
|
57062
57063
|
defaultCharset,
|
|
57063
57064
|
shouldParse
|
|
57064
57065
|
};
|
|
@@ -57116,7 +57117,7 @@ var require_read = __commonJS({
|
|
|
57116
57117
|
var length;
|
|
57117
57118
|
var opts2 = options;
|
|
57118
57119
|
var stream2;
|
|
57119
|
-
var
|
|
57120
|
+
var verify3 = opts2.verify;
|
|
57120
57121
|
try {
|
|
57121
57122
|
stream2 = contentstream(req, debug, opts2.inflate);
|
|
57122
57123
|
length = stream2.length;
|
|
@@ -57125,7 +57126,7 @@ var require_read = __commonJS({
|
|
|
57125
57126
|
return next(err);
|
|
57126
57127
|
}
|
|
57127
57128
|
opts2.length = length;
|
|
57128
|
-
opts2.encoding =
|
|
57129
|
+
opts2.encoding = verify3 ? null : encoding;
|
|
57129
57130
|
if (opts2.encoding === null && encoding !== null && !iconv.encodingExists(encoding)) {
|
|
57130
57131
|
return next(createError(415, 'unsupported charset "' + encoding.toUpperCase() + '"', {
|
|
57131
57132
|
charset: encoding.toLowerCase(),
|
|
@@ -57153,10 +57154,10 @@ var require_read = __commonJS({
|
|
|
57153
57154
|
});
|
|
57154
57155
|
return;
|
|
57155
57156
|
}
|
|
57156
|
-
if (
|
|
57157
|
+
if (verify3) {
|
|
57157
57158
|
try {
|
|
57158
57159
|
debug("verify body");
|
|
57159
|
-
|
|
57160
|
+
verify3(req, res, body, encoding);
|
|
57160
57161
|
} catch (err) {
|
|
57161
57162
|
next(createError(403, err, {
|
|
57162
57163
|
body,
|
|
@@ -59474,13 +59475,13 @@ var require_view = __commonJS({
|
|
|
59474
59475
|
"../../node_modules/express/lib/view.js"(exports, module) {
|
|
59475
59476
|
"use strict";
|
|
59476
59477
|
var debug = require_src()("express:view");
|
|
59477
|
-
var
|
|
59478
|
-
var
|
|
59479
|
-
var
|
|
59480
|
-
var basename6 =
|
|
59481
|
-
var extname3 =
|
|
59482
|
-
var
|
|
59483
|
-
var resolve7 =
|
|
59478
|
+
var path57 = __require("node:path");
|
|
59479
|
+
var fs38 = __require("node:fs");
|
|
59480
|
+
var dirname11 = path57.dirname;
|
|
59481
|
+
var basename6 = path57.basename;
|
|
59482
|
+
var extname3 = path57.extname;
|
|
59483
|
+
var join53 = path57.join;
|
|
59484
|
+
var resolve7 = path57.resolve;
|
|
59484
59485
|
module.exports = View;
|
|
59485
59486
|
function View(name, options) {
|
|
59486
59487
|
var opts2 = options || {};
|
|
@@ -59509,17 +59510,17 @@ var require_view = __commonJS({
|
|
|
59509
59510
|
this.path = this.lookup(fileName);
|
|
59510
59511
|
}
|
|
59511
59512
|
View.prototype.lookup = function lookup(name) {
|
|
59512
|
-
var
|
|
59513
|
+
var path58;
|
|
59513
59514
|
var roots = [].concat(this.root);
|
|
59514
59515
|
debug('lookup "%s"', name);
|
|
59515
|
-
for (var i = 0; i < roots.length && !
|
|
59516
|
+
for (var i = 0; i < roots.length && !path58; i++) {
|
|
59516
59517
|
var root = roots[i];
|
|
59517
59518
|
var loc = resolve7(root, name);
|
|
59518
|
-
var dir =
|
|
59519
|
+
var dir = dirname11(loc);
|
|
59519
59520
|
var file = basename6(loc);
|
|
59520
|
-
|
|
59521
|
+
path58 = this.resolve(dir, file);
|
|
59521
59522
|
}
|
|
59522
|
-
return
|
|
59523
|
+
return path58;
|
|
59523
59524
|
};
|
|
59524
59525
|
View.prototype.render = function render(options, callback) {
|
|
59525
59526
|
var sync = true;
|
|
@@ -59541,21 +59542,21 @@ var require_view = __commonJS({
|
|
|
59541
59542
|
};
|
|
59542
59543
|
View.prototype.resolve = function resolve8(dir, file) {
|
|
59543
59544
|
var ext = this.ext;
|
|
59544
|
-
var
|
|
59545
|
-
var stat = tryStat(
|
|
59545
|
+
var path58 = join53(dir, file);
|
|
59546
|
+
var stat = tryStat(path58);
|
|
59546
59547
|
if (stat && stat.isFile()) {
|
|
59547
|
-
return
|
|
59548
|
+
return path58;
|
|
59548
59549
|
}
|
|
59549
|
-
|
|
59550
|
-
stat = tryStat(
|
|
59550
|
+
path58 = join53(dir, basename6(file, ext), "index" + ext);
|
|
59551
|
+
stat = tryStat(path58);
|
|
59551
59552
|
if (stat && stat.isFile()) {
|
|
59552
|
-
return
|
|
59553
|
+
return path58;
|
|
59553
59554
|
}
|
|
59554
59555
|
};
|
|
59555
|
-
function tryStat(
|
|
59556
|
-
debug('stat "%s"',
|
|
59556
|
+
function tryStat(path58) {
|
|
59557
|
+
debug('stat "%s"', path58);
|
|
59557
59558
|
try {
|
|
59558
|
-
return
|
|
59559
|
+
return fs38.statSync(path58);
|
|
59559
59560
|
} catch (e) {
|
|
59560
59561
|
return void 0;
|
|
59561
59562
|
}
|
|
@@ -59568,14 +59569,14 @@ var require_etag = __commonJS({
|
|
|
59568
59569
|
"../../node_modules/etag/index.js"(exports, module) {
|
|
59569
59570
|
"use strict";
|
|
59570
59571
|
module.exports = etag;
|
|
59571
|
-
var
|
|
59572
|
+
var crypto10 = __require("crypto");
|
|
59572
59573
|
var Stats = __require("fs").Stats;
|
|
59573
59574
|
var toString = Object.prototype.toString;
|
|
59574
59575
|
function entitytag(entity) {
|
|
59575
59576
|
if (entity.length === 0) {
|
|
59576
59577
|
return '"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"';
|
|
59577
59578
|
}
|
|
59578
|
-
var hash =
|
|
59579
|
+
var hash = crypto10.createHash("sha1").update(entity, "utf8").digest("base64").substring(0, 27);
|
|
59579
59580
|
var len = typeof entity === "string" ? Buffer.byteLength(entity, "utf8") : entity.length;
|
|
59580
59581
|
return '"' + len.toString(16) + "-" + hash + '"';
|
|
59581
59582
|
}
|
|
@@ -69061,11 +69062,11 @@ var require_mime_types3 = __commonJS({
|
|
|
69061
69062
|
}
|
|
69062
69063
|
return exts[0];
|
|
69063
69064
|
}
|
|
69064
|
-
function lookup(
|
|
69065
|
-
if (!
|
|
69065
|
+
function lookup(path57) {
|
|
69066
|
+
if (!path57 || typeof path57 !== "string") {
|
|
69066
69067
|
return false;
|
|
69067
69068
|
}
|
|
69068
|
-
var extension2 = extname3("x." +
|
|
69069
|
+
var extension2 = extname3("x." + path57).toLowerCase().slice(1);
|
|
69069
69070
|
if (!extension2) {
|
|
69070
69071
|
return false;
|
|
69071
69072
|
}
|
|
@@ -70246,15 +70247,15 @@ var require_dist2 = __commonJS({
|
|
|
70246
70247
|
if (token.type === endType)
|
|
70247
70248
|
break;
|
|
70248
70249
|
if (token.type === "char" || token.type === "escape") {
|
|
70249
|
-
let
|
|
70250
|
+
let path57 = token.value;
|
|
70250
70251
|
let cur = tokens[pos];
|
|
70251
70252
|
while (cur.type === "char" || cur.type === "escape") {
|
|
70252
|
-
|
|
70253
|
+
path57 += cur.value;
|
|
70253
70254
|
cur = tokens[++pos];
|
|
70254
70255
|
}
|
|
70255
70256
|
output.push({
|
|
70256
70257
|
type: "text",
|
|
70257
|
-
value: encodePath(
|
|
70258
|
+
value: encodePath(path57)
|
|
70258
70259
|
});
|
|
70259
70260
|
continue;
|
|
70260
70261
|
}
|
|
@@ -70278,16 +70279,16 @@ var require_dist2 = __commonJS({
|
|
|
70278
70279
|
}
|
|
70279
70280
|
return new TokenData(consumeUntil("end"), str2);
|
|
70280
70281
|
}
|
|
70281
|
-
function compile(
|
|
70282
|
+
function compile(path57, options = {}) {
|
|
70282
70283
|
const { encode: encode2 = encodeURIComponent, delimiter = DEFAULT_DELIMITER } = options;
|
|
70283
|
-
const data = typeof
|
|
70284
|
+
const data = typeof path57 === "object" ? path57 : parse18(path57, options);
|
|
70284
70285
|
const fn = tokensToFunction(data.tokens, delimiter, encode2);
|
|
70285
|
-
return function
|
|
70286
|
-
const [
|
|
70286
|
+
return function path58(params = {}) {
|
|
70287
|
+
const [path59, ...missing] = fn(params);
|
|
70287
70288
|
if (missing.length) {
|
|
70288
70289
|
throw new TypeError(`Missing parameters: ${missing.join(", ")}`);
|
|
70289
70290
|
}
|
|
70290
|
-
return
|
|
70291
|
+
return path59;
|
|
70291
70292
|
};
|
|
70292
70293
|
}
|
|
70293
70294
|
function tokensToFunction(tokens, delimiter, encode2) {
|
|
@@ -70343,9 +70344,9 @@ var require_dist2 = __commonJS({
|
|
|
70343
70344
|
return [encodeValue(value)];
|
|
70344
70345
|
};
|
|
70345
70346
|
}
|
|
70346
|
-
function match(
|
|
70347
|
+
function match(path57, options = {}) {
|
|
70347
70348
|
const { decode: decode2 = decodeURIComponent, delimiter = DEFAULT_DELIMITER } = options;
|
|
70348
|
-
const { regexp, keys } = pathToRegexp(
|
|
70349
|
+
const { regexp, keys } = pathToRegexp(path57, options);
|
|
70349
70350
|
const decoders = keys.map((key) => {
|
|
70350
70351
|
if (decode2 === false)
|
|
70351
70352
|
return NOOP_VALUE;
|
|
@@ -70357,7 +70358,7 @@ var require_dist2 = __commonJS({
|
|
|
70357
70358
|
const m = regexp.exec(input);
|
|
70358
70359
|
if (!m)
|
|
70359
70360
|
return false;
|
|
70360
|
-
const
|
|
70361
|
+
const path58 = m[0];
|
|
70361
70362
|
const params = /* @__PURE__ */ Object.create(null);
|
|
70362
70363
|
for (let i = 1; i < m.length; i++) {
|
|
70363
70364
|
if (m[i] === void 0)
|
|
@@ -70366,22 +70367,22 @@ var require_dist2 = __commonJS({
|
|
|
70366
70367
|
const decoder = decoders[i - 1];
|
|
70367
70368
|
params[key.name] = decoder(m[i]);
|
|
70368
70369
|
}
|
|
70369
|
-
return { path:
|
|
70370
|
+
return { path: path58, params };
|
|
70370
70371
|
};
|
|
70371
70372
|
}
|
|
70372
|
-
function pathToRegexp(
|
|
70373
|
+
function pathToRegexp(path57, options = {}) {
|
|
70373
70374
|
const { delimiter = DEFAULT_DELIMITER, end = true, sensitive = false, trailing = true } = options;
|
|
70374
70375
|
const keys = [];
|
|
70375
70376
|
const sources = [];
|
|
70376
|
-
const paths = [
|
|
70377
|
+
const paths = [path57];
|
|
70377
70378
|
let combinations = 0;
|
|
70378
70379
|
while (paths.length) {
|
|
70379
|
-
const
|
|
70380
|
-
if (Array.isArray(
|
|
70381
|
-
paths.push(...
|
|
70380
|
+
const path58 = paths.shift();
|
|
70381
|
+
if (Array.isArray(path58)) {
|
|
70382
|
+
paths.push(...path58);
|
|
70382
70383
|
continue;
|
|
70383
70384
|
}
|
|
70384
|
-
const data = typeof
|
|
70385
|
+
const data = typeof path58 === "object" ? path58 : parse18(path58, options);
|
|
70385
70386
|
flatten2(data.tokens, 0, [], (tokens) => {
|
|
70386
70387
|
if (combinations++ >= 256) {
|
|
70387
70388
|
throw new PathError("Too many path combinations", data.originalPath);
|
|
@@ -70526,18 +70527,18 @@ var require_layer = __commonJS({
|
|
|
70526
70527
|
var TRAILING_SLASH_REGEXP = /\/+$/;
|
|
70527
70528
|
var MATCHING_GROUP_REGEXP = /\((?:\?<(.*?)>)?(?!\?)/g;
|
|
70528
70529
|
module.exports = Layer;
|
|
70529
|
-
function Layer(
|
|
70530
|
+
function Layer(path57, options, fn) {
|
|
70530
70531
|
if (!(this instanceof Layer)) {
|
|
70531
|
-
return new Layer(
|
|
70532
|
+
return new Layer(path57, options, fn);
|
|
70532
70533
|
}
|
|
70533
|
-
debug("new %o",
|
|
70534
|
+
debug("new %o", path57);
|
|
70534
70535
|
const opts2 = options || {};
|
|
70535
70536
|
this.handle = fn;
|
|
70536
70537
|
this.keys = [];
|
|
70537
70538
|
this.name = fn.name || "<anonymous>";
|
|
70538
70539
|
this.params = void 0;
|
|
70539
70540
|
this.path = void 0;
|
|
70540
|
-
this.slash =
|
|
70541
|
+
this.slash = path57 === "/" && opts2.end === false;
|
|
70541
70542
|
function matcher(_path) {
|
|
70542
70543
|
if (_path instanceof RegExp) {
|
|
70543
70544
|
const keys = [];
|
|
@@ -70576,7 +70577,7 @@ var require_layer = __commonJS({
|
|
|
70576
70577
|
decode: decodeParam
|
|
70577
70578
|
});
|
|
70578
70579
|
}
|
|
70579
|
-
this.matchers = Array.isArray(
|
|
70580
|
+
this.matchers = Array.isArray(path57) ? path57.map(matcher) : [matcher(path57)];
|
|
70580
70581
|
}
|
|
70581
70582
|
Layer.prototype.handleError = function handleError(error, req, res, next) {
|
|
70582
70583
|
const fn = this.handle;
|
|
@@ -70616,9 +70617,9 @@ var require_layer = __commonJS({
|
|
|
70616
70617
|
next(err);
|
|
70617
70618
|
}
|
|
70618
70619
|
};
|
|
70619
|
-
Layer.prototype.match = function match(
|
|
70620
|
+
Layer.prototype.match = function match(path57) {
|
|
70620
70621
|
let match2;
|
|
70621
|
-
if (
|
|
70622
|
+
if (path57 != null) {
|
|
70622
70623
|
if (this.slash) {
|
|
70623
70624
|
this.params = {};
|
|
70624
70625
|
this.path = "";
|
|
@@ -70626,7 +70627,7 @@ var require_layer = __commonJS({
|
|
|
70626
70627
|
}
|
|
70627
70628
|
let i = 0;
|
|
70628
70629
|
while (!match2 && i < this.matchers.length) {
|
|
70629
|
-
match2 = this.matchers[i](
|
|
70630
|
+
match2 = this.matchers[i](path57);
|
|
70630
70631
|
i++;
|
|
70631
70632
|
}
|
|
70632
70633
|
}
|
|
@@ -70654,13 +70655,13 @@ var require_layer = __commonJS({
|
|
|
70654
70655
|
throw err;
|
|
70655
70656
|
}
|
|
70656
70657
|
}
|
|
70657
|
-
function loosen(
|
|
70658
|
-
if (
|
|
70659
|
-
return
|
|
70658
|
+
function loosen(path57) {
|
|
70659
|
+
if (path57 instanceof RegExp || path57 === "/") {
|
|
70660
|
+
return path57;
|
|
70660
70661
|
}
|
|
70661
|
-
return Array.isArray(
|
|
70662
|
+
return Array.isArray(path57) ? path57.map(function(p) {
|
|
70662
70663
|
return loosen(p);
|
|
70663
|
-
}) : String(
|
|
70664
|
+
}) : String(path57).replace(TRAILING_SLASH_REGEXP, "");
|
|
70664
70665
|
}
|
|
70665
70666
|
}
|
|
70666
70667
|
});
|
|
@@ -70676,9 +70677,9 @@ var require_route = __commonJS({
|
|
|
70676
70677
|
var flatten2 = Array.prototype.flat;
|
|
70677
70678
|
var methods = METHODS.map((method) => method.toLowerCase());
|
|
70678
70679
|
module.exports = Route;
|
|
70679
|
-
function Route(
|
|
70680
|
-
debug("new %o",
|
|
70681
|
-
this.path =
|
|
70680
|
+
function Route(path57) {
|
|
70681
|
+
debug("new %o", path57);
|
|
70682
|
+
this.path = path57;
|
|
70682
70683
|
this.stack = [];
|
|
70683
70684
|
this.methods = /* @__PURE__ */ Object.create(null);
|
|
70684
70685
|
}
|
|
@@ -70886,8 +70887,8 @@ var require_router = __commonJS({
|
|
|
70886
70887
|
if (++sync > 100) {
|
|
70887
70888
|
return setImmediate(next, err);
|
|
70888
70889
|
}
|
|
70889
|
-
const
|
|
70890
|
-
if (
|
|
70890
|
+
const path57 = getPathname(req);
|
|
70891
|
+
if (path57 == null) {
|
|
70891
70892
|
return done(layerError);
|
|
70892
70893
|
}
|
|
70893
70894
|
let layer;
|
|
@@ -70895,7 +70896,7 @@ var require_router = __commonJS({
|
|
|
70895
70896
|
let route;
|
|
70896
70897
|
while (match !== true && idx < stack.length) {
|
|
70897
70898
|
layer = stack[idx++];
|
|
70898
|
-
match = matchLayer(layer,
|
|
70899
|
+
match = matchLayer(layer, path57);
|
|
70899
70900
|
route = layer.route;
|
|
70900
70901
|
if (typeof match !== "boolean") {
|
|
70901
70902
|
layerError = layerError || match;
|
|
@@ -70933,18 +70934,18 @@ var require_router = __commonJS({
|
|
|
70933
70934
|
} else if (route) {
|
|
70934
70935
|
layer.handleRequest(req, res, next);
|
|
70935
70936
|
} else {
|
|
70936
|
-
trimPrefix(layer, layerError, layerPath,
|
|
70937
|
+
trimPrefix(layer, layerError, layerPath, path57);
|
|
70937
70938
|
}
|
|
70938
70939
|
sync = 0;
|
|
70939
70940
|
});
|
|
70940
70941
|
}
|
|
70941
|
-
function trimPrefix(layer, layerError, layerPath,
|
|
70942
|
+
function trimPrefix(layer, layerError, layerPath, path57) {
|
|
70942
70943
|
if (layerPath.length !== 0) {
|
|
70943
|
-
if (layerPath !==
|
|
70944
|
+
if (layerPath !== path57.substring(0, layerPath.length)) {
|
|
70944
70945
|
next(layerError);
|
|
70945
70946
|
return;
|
|
70946
70947
|
}
|
|
70947
|
-
const c =
|
|
70948
|
+
const c = path57[layerPath.length];
|
|
70948
70949
|
if (c && c !== "/") {
|
|
70949
70950
|
next(layerError);
|
|
70950
70951
|
return;
|
|
@@ -70968,7 +70969,7 @@ var require_router = __commonJS({
|
|
|
70968
70969
|
};
|
|
70969
70970
|
Router2.prototype.use = function use(handler) {
|
|
70970
70971
|
let offset = 0;
|
|
70971
|
-
let
|
|
70972
|
+
let path57 = "/";
|
|
70972
70973
|
if (typeof handler !== "function") {
|
|
70973
70974
|
let arg = handler;
|
|
70974
70975
|
while (Array.isArray(arg) && arg.length !== 0) {
|
|
@@ -70976,7 +70977,7 @@ var require_router = __commonJS({
|
|
|
70976
70977
|
}
|
|
70977
70978
|
if (typeof arg !== "function") {
|
|
70978
70979
|
offset = 1;
|
|
70979
|
-
|
|
70980
|
+
path57 = handler;
|
|
70980
70981
|
}
|
|
70981
70982
|
}
|
|
70982
70983
|
const callbacks = flatten2.call(slice.call(arguments, offset), Infinity);
|
|
@@ -70988,8 +70989,8 @@ var require_router = __commonJS({
|
|
|
70988
70989
|
if (typeof fn !== "function") {
|
|
70989
70990
|
throw new TypeError("argument handler must be a function");
|
|
70990
70991
|
}
|
|
70991
|
-
debug("use %o %s",
|
|
70992
|
-
const layer = new Layer(
|
|
70992
|
+
debug("use %o %s", path57, fn.name || "<anonymous>");
|
|
70993
|
+
const layer = new Layer(path57, {
|
|
70993
70994
|
sensitive: this.caseSensitive,
|
|
70994
70995
|
strict: false,
|
|
70995
70996
|
end: false
|
|
@@ -70999,9 +71000,9 @@ var require_router = __commonJS({
|
|
|
70999
71000
|
}
|
|
71000
71001
|
return this;
|
|
71001
71002
|
};
|
|
71002
|
-
Router2.prototype.route = function route(
|
|
71003
|
-
const route2 = new Route(
|
|
71004
|
-
const layer = new Layer(
|
|
71003
|
+
Router2.prototype.route = function route(path57) {
|
|
71004
|
+
const route2 = new Route(path57);
|
|
71005
|
+
const layer = new Layer(path57, {
|
|
71005
71006
|
sensitive: this.caseSensitive,
|
|
71006
71007
|
strict: this.strict,
|
|
71007
71008
|
end: true
|
|
@@ -71014,8 +71015,8 @@ var require_router = __commonJS({
|
|
|
71014
71015
|
return route2;
|
|
71015
71016
|
};
|
|
71016
71017
|
methods.concat("all").forEach(function(method) {
|
|
71017
|
-
Router2.prototype[method] = function(
|
|
71018
|
-
const route = this.route(
|
|
71018
|
+
Router2.prototype[method] = function(path57) {
|
|
71019
|
+
const route = this.route(path57);
|
|
71019
71020
|
route[method].apply(route, slice.call(arguments, 1));
|
|
71020
71021
|
return this;
|
|
71021
71022
|
};
|
|
@@ -71044,9 +71045,9 @@ var require_router = __commonJS({
|
|
|
71044
71045
|
const fqdnIndex = url.substring(0, pathLength).indexOf("://");
|
|
71045
71046
|
return fqdnIndex !== -1 ? url.substring(0, url.indexOf("/", 3 + fqdnIndex)) : void 0;
|
|
71046
71047
|
}
|
|
71047
|
-
function matchLayer(layer,
|
|
71048
|
+
function matchLayer(layer, path57) {
|
|
71048
71049
|
try {
|
|
71049
|
-
return layer.match(
|
|
71050
|
+
return layer.match(path57);
|
|
71050
71051
|
} catch (err) {
|
|
71051
71052
|
return err;
|
|
71052
71053
|
}
|
|
@@ -71202,7 +71203,7 @@ var require_application = __commonJS({
|
|
|
71202
71203
|
var flatten2 = Array.prototype.flat;
|
|
71203
71204
|
var app = exports = module.exports = {};
|
|
71204
71205
|
var trustProxyDefaultSymbol = "@@symbol:trust_proxy_default";
|
|
71205
|
-
app.init = function
|
|
71206
|
+
app.init = function init2() {
|
|
71206
71207
|
var router = null;
|
|
71207
71208
|
this.cache = /* @__PURE__ */ Object.create(null);
|
|
71208
71209
|
this.engines = /* @__PURE__ */ Object.create(null);
|
|
@@ -71274,7 +71275,7 @@ var require_application = __commonJS({
|
|
|
71274
71275
|
};
|
|
71275
71276
|
app.use = function use(fn) {
|
|
71276
71277
|
var offset = 0;
|
|
71277
|
-
var
|
|
71278
|
+
var path57 = "/";
|
|
71278
71279
|
if (typeof fn !== "function") {
|
|
71279
71280
|
var arg = fn;
|
|
71280
71281
|
while (Array.isArray(arg) && arg.length !== 0) {
|
|
@@ -71282,7 +71283,7 @@ var require_application = __commonJS({
|
|
|
71282
71283
|
}
|
|
71283
71284
|
if (typeof arg !== "function") {
|
|
71284
71285
|
offset = 1;
|
|
71285
|
-
|
|
71286
|
+
path57 = fn;
|
|
71286
71287
|
}
|
|
71287
71288
|
}
|
|
71288
71289
|
var fns = flatten2.call(slice.call(arguments, offset), Infinity);
|
|
@@ -71292,12 +71293,12 @@ var require_application = __commonJS({
|
|
|
71292
71293
|
var router = this.router;
|
|
71293
71294
|
fns.forEach(function(fn2) {
|
|
71294
71295
|
if (!fn2 || !fn2.handle || !fn2.set) {
|
|
71295
|
-
return router.use(
|
|
71296
|
+
return router.use(path57, fn2);
|
|
71296
71297
|
}
|
|
71297
|
-
debug(".use app under %s",
|
|
71298
|
-
fn2.mountpath =
|
|
71298
|
+
debug(".use app under %s", path57);
|
|
71299
|
+
fn2.mountpath = path57;
|
|
71299
71300
|
fn2.parent = this;
|
|
71300
|
-
router.use(
|
|
71301
|
+
router.use(path57, function mounted_app(req, res, next) {
|
|
71301
71302
|
var orig = req.app;
|
|
71302
71303
|
fn2.handle(req, res, function(err) {
|
|
71303
71304
|
Object.setPrototypeOf(req, orig.request);
|
|
@@ -71309,8 +71310,8 @@ var require_application = __commonJS({
|
|
|
71309
71310
|
}, this);
|
|
71310
71311
|
return this;
|
|
71311
71312
|
};
|
|
71312
|
-
app.route = function route(
|
|
71313
|
-
return this.router.route(
|
|
71313
|
+
app.route = function route(path57) {
|
|
71314
|
+
return this.router.route(path57);
|
|
71314
71315
|
};
|
|
71315
71316
|
app.engine = function engine(ext, fn) {
|
|
71316
71317
|
if (typeof fn !== "function") {
|
|
@@ -71353,7 +71354,7 @@ var require_application = __commonJS({
|
|
|
71353
71354
|
}
|
|
71354
71355
|
return this;
|
|
71355
71356
|
};
|
|
71356
|
-
app.path = function
|
|
71357
|
+
app.path = function path57() {
|
|
71357
71358
|
return this.parent ? this.parent.path() + this.mountpath : "";
|
|
71358
71359
|
};
|
|
71359
71360
|
app.enabled = function enabled(setting) {
|
|
@@ -71369,17 +71370,17 @@ var require_application = __commonJS({
|
|
|
71369
71370
|
return this.set(setting, false);
|
|
71370
71371
|
};
|
|
71371
71372
|
methods.forEach(function(method) {
|
|
71372
|
-
app[method] = function(
|
|
71373
|
+
app[method] = function(path57) {
|
|
71373
71374
|
if (method === "get" && arguments.length === 1) {
|
|
71374
|
-
return this.set(
|
|
71375
|
+
return this.set(path57);
|
|
71375
71376
|
}
|
|
71376
|
-
var route = this.route(
|
|
71377
|
+
var route = this.route(path57);
|
|
71377
71378
|
route[method].apply(route, slice.call(arguments, 1));
|
|
71378
71379
|
return this;
|
|
71379
71380
|
};
|
|
71380
71381
|
});
|
|
71381
|
-
app.all = function all(
|
|
71382
|
-
var route = this.route(
|
|
71382
|
+
app.all = function all(path57) {
|
|
71383
|
+
var route = this.route(path57);
|
|
71383
71384
|
var args = slice.call(arguments, 1);
|
|
71384
71385
|
for (var i = 0; i < methods.length; i++) {
|
|
71385
71386
|
route[methods[i]].apply(route, args);
|
|
@@ -71911,11 +71912,11 @@ var require_negotiator = __commonJS({
|
|
|
71911
71912
|
var preferredMediaTypes = require_mediaType();
|
|
71912
71913
|
module.exports = Negotiator;
|
|
71913
71914
|
module.exports.Negotiator = Negotiator;
|
|
71914
|
-
function Negotiator(
|
|
71915
|
+
function Negotiator(request2) {
|
|
71915
71916
|
if (!(this instanceof Negotiator)) {
|
|
71916
|
-
return new Negotiator(
|
|
71917
|
+
return new Negotiator(request2);
|
|
71917
71918
|
}
|
|
71918
|
-
this.request =
|
|
71919
|
+
this.request = request2;
|
|
71919
71920
|
}
|
|
71920
71921
|
Negotiator.prototype.charset = function charset(available) {
|
|
71921
71922
|
var set = this.charsets(available);
|
|
@@ -81413,11 +81414,11 @@ var require_mime_types4 = __commonJS({
|
|
|
81413
81414
|
}
|
|
81414
81415
|
return exts[0];
|
|
81415
81416
|
}
|
|
81416
|
-
function lookup(
|
|
81417
|
-
if (!
|
|
81417
|
+
function lookup(path57) {
|
|
81418
|
+
if (!path57 || typeof path57 !== "string") {
|
|
81418
81419
|
return false;
|
|
81419
81420
|
}
|
|
81420
|
-
var extension2 = extname3("x." +
|
|
81421
|
+
var extension2 = extname3("x." + path57).toLowerCase().slice(1);
|
|
81421
81422
|
if (!extension2) {
|
|
81422
81423
|
return false;
|
|
81423
81424
|
}
|
|
@@ -81794,7 +81795,7 @@ var require_request = __commonJS({
|
|
|
81794
81795
|
var subdomains2 = !isIP2(hostname2) ? hostname2.split(".").reverse() : [hostname2];
|
|
81795
81796
|
return subdomains2.slice(offset);
|
|
81796
81797
|
});
|
|
81797
|
-
defineGetter(req, "path", function
|
|
81798
|
+
defineGetter(req, "path", function path57() {
|
|
81798
81799
|
return parse18(this).pathname;
|
|
81799
81800
|
});
|
|
81800
81801
|
defineGetter(req, "host", function host() {
|
|
@@ -82010,17 +82011,17 @@ var require_content_disposition = __commonJS({
|
|
|
82010
82011
|
// ../../node_modules/cookie-signature/index.js
|
|
82011
82012
|
var require_cookie_signature = __commonJS({
|
|
82012
82013
|
"../../node_modules/cookie-signature/index.js"(exports) {
|
|
82013
|
-
var
|
|
82014
|
+
var crypto10 = __require("crypto");
|
|
82014
82015
|
exports.sign = function(val, secret) {
|
|
82015
82016
|
if ("string" != typeof val) throw new TypeError("Cookie value must be provided as a string.");
|
|
82016
82017
|
if (null == secret) throw new TypeError("Secret key must be provided.");
|
|
82017
|
-
return val + "." +
|
|
82018
|
+
return val + "." + crypto10.createHmac("sha256", secret).update(val).digest("base64").replace(/\=+$/, "");
|
|
82018
82019
|
};
|
|
82019
82020
|
exports.unsign = function(input, secret) {
|
|
82020
82021
|
if ("string" != typeof input) throw new TypeError("Signed cookie string must be provided.");
|
|
82021
82022
|
if (null == secret) throw new TypeError("Secret key must be provided.");
|
|
82022
82023
|
var tentativeValue = input.slice(0, input.lastIndexOf(".")), expectedInput = exports.sign(tentativeValue, secret), expectedBuffer = Buffer.from(expectedInput), inputBuffer = Buffer.from(input);
|
|
82023
|
-
return expectedBuffer.length === inputBuffer.length &&
|
|
82024
|
+
return expectedBuffer.length === inputBuffer.length && crypto10.timingSafeEqual(expectedBuffer, inputBuffer) ? tentativeValue : false;
|
|
82024
82025
|
};
|
|
82025
82026
|
}
|
|
82026
82027
|
});
|
|
@@ -91647,11 +91648,11 @@ var require_mime_types5 = __commonJS({
|
|
|
91647
91648
|
}
|
|
91648
91649
|
return exts[0];
|
|
91649
91650
|
}
|
|
91650
|
-
function lookup(
|
|
91651
|
-
if (!
|
|
91651
|
+
function lookup(path57) {
|
|
91652
|
+
if (!path57 || typeof path57 !== "string") {
|
|
91652
91653
|
return false;
|
|
91653
91654
|
}
|
|
91654
|
-
var extension2 = extname3("x." +
|
|
91655
|
+
var extension2 = extname3("x." + path57).toLowerCase().slice(1);
|
|
91655
91656
|
if (!extension2) {
|
|
91656
91657
|
return false;
|
|
91657
91658
|
}
|
|
@@ -91706,32 +91707,32 @@ var require_send = __commonJS({
|
|
|
91706
91707
|
var escapeHtml = require_escape_html();
|
|
91707
91708
|
var etag = require_etag();
|
|
91708
91709
|
var fresh = require_fresh();
|
|
91709
|
-
var
|
|
91710
|
+
var fs38 = __require("fs");
|
|
91710
91711
|
var mime = require_mime_types5();
|
|
91711
91712
|
var ms = require_ms();
|
|
91712
91713
|
var onFinished = require_on_finished();
|
|
91713
91714
|
var parseRange = require_range_parser();
|
|
91714
|
-
var
|
|
91715
|
+
var path57 = __require("path");
|
|
91715
91716
|
var statuses = require_statuses();
|
|
91716
91717
|
var Stream = __require("stream");
|
|
91717
91718
|
var util = __require("util");
|
|
91718
|
-
var extname3 =
|
|
91719
|
-
var
|
|
91720
|
-
var normalize =
|
|
91721
|
-
var resolve7 =
|
|
91722
|
-
var sep3 =
|
|
91719
|
+
var extname3 = path57.extname;
|
|
91720
|
+
var join53 = path57.join;
|
|
91721
|
+
var normalize = path57.normalize;
|
|
91722
|
+
var resolve7 = path57.resolve;
|
|
91723
|
+
var sep3 = path57.sep;
|
|
91723
91724
|
var BYTES_RANGE_REGEXP = /^ *bytes=/;
|
|
91724
91725
|
var MAX_MAXAGE = 60 * 60 * 24 * 365 * 1e3;
|
|
91725
91726
|
var UP_PATH_REGEXP = /(?:^|[\\/])\.\.(?:[\\/]|$)/;
|
|
91726
91727
|
module.exports = send;
|
|
91727
|
-
function send(req,
|
|
91728
|
-
return new SendStream(req,
|
|
91728
|
+
function send(req, path58, options) {
|
|
91729
|
+
return new SendStream(req, path58, options);
|
|
91729
91730
|
}
|
|
91730
|
-
function SendStream(req,
|
|
91731
|
+
function SendStream(req, path58, options) {
|
|
91731
91732
|
Stream.call(this);
|
|
91732
91733
|
var opts2 = options || {};
|
|
91733
91734
|
this.options = opts2;
|
|
91734
|
-
this.path =
|
|
91735
|
+
this.path = path58;
|
|
91735
91736
|
this.req = req;
|
|
91736
91737
|
this._acceptRanges = opts2.acceptRanges !== void 0 ? Boolean(opts2.acceptRanges) : true;
|
|
91737
91738
|
this._cacheControl = opts2.cacheControl !== void 0 ? Boolean(opts2.cacheControl) : true;
|
|
@@ -91845,10 +91846,10 @@ var require_send = __commonJS({
|
|
|
91845
91846
|
var lastModified = this.res.getHeader("Last-Modified");
|
|
91846
91847
|
return parseHttpDate(lastModified) <= parseHttpDate(ifRange);
|
|
91847
91848
|
};
|
|
91848
|
-
SendStream.prototype.redirect = function redirect(
|
|
91849
|
+
SendStream.prototype.redirect = function redirect(path58) {
|
|
91849
91850
|
var res = this.res;
|
|
91850
91851
|
if (hasListeners(this, "directory")) {
|
|
91851
|
-
this.emit("directory", res,
|
|
91852
|
+
this.emit("directory", res, path58);
|
|
91852
91853
|
return;
|
|
91853
91854
|
}
|
|
91854
91855
|
if (this.hasTrailingSlash()) {
|
|
@@ -91868,38 +91869,38 @@ var require_send = __commonJS({
|
|
|
91868
91869
|
SendStream.prototype.pipe = function pipe(res) {
|
|
91869
91870
|
var root = this._root;
|
|
91870
91871
|
this.res = res;
|
|
91871
|
-
var
|
|
91872
|
-
if (
|
|
91872
|
+
var path58 = decode2(this.path);
|
|
91873
|
+
if (path58 === -1) {
|
|
91873
91874
|
this.error(400);
|
|
91874
91875
|
return res;
|
|
91875
91876
|
}
|
|
91876
|
-
if (~
|
|
91877
|
+
if (~path58.indexOf("\0")) {
|
|
91877
91878
|
this.error(400);
|
|
91878
91879
|
return res;
|
|
91879
91880
|
}
|
|
91880
91881
|
var parts;
|
|
91881
91882
|
if (root !== null) {
|
|
91882
|
-
if (
|
|
91883
|
-
|
|
91883
|
+
if (path58) {
|
|
91884
|
+
path58 = normalize("." + sep3 + path58);
|
|
91884
91885
|
}
|
|
91885
|
-
if (UP_PATH_REGEXP.test(
|
|
91886
|
-
debug('malicious path "%s"',
|
|
91886
|
+
if (UP_PATH_REGEXP.test(path58)) {
|
|
91887
|
+
debug('malicious path "%s"', path58);
|
|
91887
91888
|
this.error(403);
|
|
91888
91889
|
return res;
|
|
91889
91890
|
}
|
|
91890
|
-
parts =
|
|
91891
|
-
|
|
91891
|
+
parts = path58.split(sep3);
|
|
91892
|
+
path58 = normalize(join53(root, path58));
|
|
91892
91893
|
} else {
|
|
91893
|
-
if (UP_PATH_REGEXP.test(
|
|
91894
|
-
debug('malicious path "%s"',
|
|
91894
|
+
if (UP_PATH_REGEXP.test(path58)) {
|
|
91895
|
+
debug('malicious path "%s"', path58);
|
|
91895
91896
|
this.error(403);
|
|
91896
91897
|
return res;
|
|
91897
91898
|
}
|
|
91898
|
-
parts = normalize(
|
|
91899
|
-
|
|
91899
|
+
parts = normalize(path58).split(sep3);
|
|
91900
|
+
path58 = resolve7(path58);
|
|
91900
91901
|
}
|
|
91901
91902
|
if (containsDotFile(parts)) {
|
|
91902
|
-
debug('%s dotfile "%s"', this._dotfiles,
|
|
91903
|
+
debug('%s dotfile "%s"', this._dotfiles, path58);
|
|
91903
91904
|
switch (this._dotfiles) {
|
|
91904
91905
|
case "allow":
|
|
91905
91906
|
break;
|
|
@@ -91913,13 +91914,13 @@ var require_send = __commonJS({
|
|
|
91913
91914
|
}
|
|
91914
91915
|
}
|
|
91915
91916
|
if (this._index.length && this.hasTrailingSlash()) {
|
|
91916
|
-
this.sendIndex(
|
|
91917
|
+
this.sendIndex(path58);
|
|
91917
91918
|
return res;
|
|
91918
91919
|
}
|
|
91919
|
-
this.sendFile(
|
|
91920
|
+
this.sendFile(path58);
|
|
91920
91921
|
return res;
|
|
91921
91922
|
};
|
|
91922
|
-
SendStream.prototype.send = function send2(
|
|
91923
|
+
SendStream.prototype.send = function send2(path58, stat) {
|
|
91923
91924
|
var len = stat.size;
|
|
91924
91925
|
var options = this.options;
|
|
91925
91926
|
var opts2 = {};
|
|
@@ -91931,9 +91932,9 @@ var require_send = __commonJS({
|
|
|
91931
91932
|
this.headersAlreadySent();
|
|
91932
91933
|
return;
|
|
91933
91934
|
}
|
|
91934
|
-
debug('pipe "%s"',
|
|
91935
|
-
this.setHeader(
|
|
91936
|
-
this.type(
|
|
91935
|
+
debug('pipe "%s"', path58);
|
|
91936
|
+
this.setHeader(path58, stat);
|
|
91937
|
+
this.type(path58);
|
|
91937
91938
|
if (this.isConditionalGET()) {
|
|
91938
91939
|
if (this.isPreconditionFailure()) {
|
|
91939
91940
|
this.error(412);
|
|
@@ -91982,30 +91983,30 @@ var require_send = __commonJS({
|
|
|
91982
91983
|
res.end();
|
|
91983
91984
|
return;
|
|
91984
91985
|
}
|
|
91985
|
-
this.stream(
|
|
91986
|
+
this.stream(path58, opts2);
|
|
91986
91987
|
};
|
|
91987
|
-
SendStream.prototype.sendFile = function sendFile(
|
|
91988
|
+
SendStream.prototype.sendFile = function sendFile(path58) {
|
|
91988
91989
|
var i = 0;
|
|
91989
91990
|
var self2 = this;
|
|
91990
|
-
debug('stat "%s"',
|
|
91991
|
-
|
|
91992
|
-
var pathEndsWithSep =
|
|
91993
|
-
if (err && err.code === "ENOENT" && !extname3(
|
|
91991
|
+
debug('stat "%s"', path58);
|
|
91992
|
+
fs38.stat(path58, function onstat(err, stat) {
|
|
91993
|
+
var pathEndsWithSep = path58[path58.length - 1] === sep3;
|
|
91994
|
+
if (err && err.code === "ENOENT" && !extname3(path58) && !pathEndsWithSep) {
|
|
91994
91995
|
return next(err);
|
|
91995
91996
|
}
|
|
91996
91997
|
if (err) return self2.onStatError(err);
|
|
91997
|
-
if (stat.isDirectory()) return self2.redirect(
|
|
91998
|
+
if (stat.isDirectory()) return self2.redirect(path58);
|
|
91998
91999
|
if (pathEndsWithSep) return self2.error(404);
|
|
91999
|
-
self2.emit("file",
|
|
92000
|
-
self2.send(
|
|
92000
|
+
self2.emit("file", path58, stat);
|
|
92001
|
+
self2.send(path58, stat);
|
|
92001
92002
|
});
|
|
92002
92003
|
function next(err) {
|
|
92003
92004
|
if (self2._extensions.length <= i) {
|
|
92004
92005
|
return err ? self2.onStatError(err) : self2.error(404);
|
|
92005
92006
|
}
|
|
92006
|
-
var p =
|
|
92007
|
+
var p = path58 + "." + self2._extensions[i++];
|
|
92007
92008
|
debug('stat "%s"', p);
|
|
92008
|
-
|
|
92009
|
+
fs38.stat(p, function(err2, stat) {
|
|
92009
92010
|
if (err2) return next(err2);
|
|
92010
92011
|
if (stat.isDirectory()) return next();
|
|
92011
92012
|
self2.emit("file", p, stat);
|
|
@@ -92013,7 +92014,7 @@ var require_send = __commonJS({
|
|
|
92013
92014
|
});
|
|
92014
92015
|
}
|
|
92015
92016
|
};
|
|
92016
|
-
SendStream.prototype.sendIndex = function sendIndex(
|
|
92017
|
+
SendStream.prototype.sendIndex = function sendIndex(path58) {
|
|
92017
92018
|
var i = -1;
|
|
92018
92019
|
var self2 = this;
|
|
92019
92020
|
function next(err) {
|
|
@@ -92021,9 +92022,9 @@ var require_send = __commonJS({
|
|
|
92021
92022
|
if (err) return self2.onStatError(err);
|
|
92022
92023
|
return self2.error(404);
|
|
92023
92024
|
}
|
|
92024
|
-
var p =
|
|
92025
|
+
var p = join53(path58, self2._index[i]);
|
|
92025
92026
|
debug('stat "%s"', p);
|
|
92026
|
-
|
|
92027
|
+
fs38.stat(p, function(err2, stat) {
|
|
92027
92028
|
if (err2) return next(err2);
|
|
92028
92029
|
if (stat.isDirectory()) return next();
|
|
92029
92030
|
self2.emit("file", p, stat);
|
|
@@ -92032,10 +92033,10 @@ var require_send = __commonJS({
|
|
|
92032
92033
|
}
|
|
92033
92034
|
next();
|
|
92034
92035
|
};
|
|
92035
|
-
SendStream.prototype.stream = function stream2(
|
|
92036
|
+
SendStream.prototype.stream = function stream2(path58, options) {
|
|
92036
92037
|
var self2 = this;
|
|
92037
92038
|
var res = this.res;
|
|
92038
|
-
var stream3 =
|
|
92039
|
+
var stream3 = fs38.createReadStream(path58, options);
|
|
92039
92040
|
this.emit("stream", stream3);
|
|
92040
92041
|
stream3.pipe(res);
|
|
92041
92042
|
function cleanup() {
|
|
@@ -92050,17 +92051,17 @@ var require_send = __commonJS({
|
|
|
92050
92051
|
self2.emit("end");
|
|
92051
92052
|
});
|
|
92052
92053
|
};
|
|
92053
|
-
SendStream.prototype.type = function type(
|
|
92054
|
+
SendStream.prototype.type = function type(path58) {
|
|
92054
92055
|
var res = this.res;
|
|
92055
92056
|
if (res.getHeader("Content-Type")) return;
|
|
92056
|
-
var ext = extname3(
|
|
92057
|
+
var ext = extname3(path58);
|
|
92057
92058
|
var type2 = mime.contentType(ext) || "application/octet-stream";
|
|
92058
92059
|
debug("content-type %s", type2);
|
|
92059
92060
|
res.setHeader("Content-Type", type2);
|
|
92060
92061
|
};
|
|
92061
|
-
SendStream.prototype.setHeader = function setHeader(
|
|
92062
|
+
SendStream.prototype.setHeader = function setHeader(path58, stat) {
|
|
92062
92063
|
var res = this.res;
|
|
92063
|
-
this.emit("headers", res,
|
|
92064
|
+
this.emit("headers", res, path58, stat);
|
|
92064
92065
|
if (this._acceptRanges && !res.getHeader("Accept-Ranges")) {
|
|
92065
92066
|
debug("accept ranges");
|
|
92066
92067
|
res.setHeader("Accept-Ranges", "bytes");
|
|
@@ -92118,9 +92119,9 @@ var require_send = __commonJS({
|
|
|
92118
92119
|
}
|
|
92119
92120
|
return err instanceof Error ? createError(status, err, { expose: false }) : createError(status, err);
|
|
92120
92121
|
}
|
|
92121
|
-
function decode2(
|
|
92122
|
+
function decode2(path58) {
|
|
92122
92123
|
try {
|
|
92123
|
-
return decodeURIComponent(
|
|
92124
|
+
return decodeURIComponent(path58);
|
|
92124
92125
|
} catch (err) {
|
|
92125
92126
|
return -1;
|
|
92126
92127
|
}
|
|
@@ -92264,7 +92265,7 @@ var require_response = __commonJS({
|
|
|
92264
92265
|
var http = __require("node:http");
|
|
92265
92266
|
var onFinished = require_on_finished();
|
|
92266
92267
|
var mime = require_mime_types3();
|
|
92267
|
-
var
|
|
92268
|
+
var path57 = __require("node:path");
|
|
92268
92269
|
var pathIsAbsolute = __require("node:path").isAbsolute;
|
|
92269
92270
|
var statuses = require_statuses();
|
|
92270
92271
|
var sign2 = require_cookie_signature().sign;
|
|
@@ -92273,8 +92274,8 @@ var require_response = __commonJS({
|
|
|
92273
92274
|
var setCharset = require_utils3().setCharset;
|
|
92274
92275
|
var cookie = require_cookie();
|
|
92275
92276
|
var send = require_send();
|
|
92276
|
-
var extname3 =
|
|
92277
|
-
var resolve7 =
|
|
92277
|
+
var extname3 = path57.extname;
|
|
92278
|
+
var resolve7 = path57.resolve;
|
|
92278
92279
|
var vary = require_vary();
|
|
92279
92280
|
var { Buffer: Buffer3 } = __require("node:buffer");
|
|
92280
92281
|
var res = Object.create(http.ServerResponse.prototype);
|
|
@@ -92420,26 +92421,26 @@ var require_response = __commonJS({
|
|
|
92420
92421
|
this.type("txt");
|
|
92421
92422
|
return this.send(body);
|
|
92422
92423
|
};
|
|
92423
|
-
res.sendFile = function sendFile(
|
|
92424
|
+
res.sendFile = function sendFile(path58, options, callback) {
|
|
92424
92425
|
var done = callback;
|
|
92425
92426
|
var req = this.req;
|
|
92426
92427
|
var res2 = this;
|
|
92427
92428
|
var next = req.next;
|
|
92428
92429
|
var opts2 = options || {};
|
|
92429
|
-
if (!
|
|
92430
|
+
if (!path58) {
|
|
92430
92431
|
throw new TypeError("path argument is required to res.sendFile");
|
|
92431
92432
|
}
|
|
92432
|
-
if (typeof
|
|
92433
|
+
if (typeof path58 !== "string") {
|
|
92433
92434
|
throw new TypeError("path must be a string to res.sendFile");
|
|
92434
92435
|
}
|
|
92435
92436
|
if (typeof options === "function") {
|
|
92436
92437
|
done = options;
|
|
92437
92438
|
opts2 = {};
|
|
92438
92439
|
}
|
|
92439
|
-
if (!opts2.root && !pathIsAbsolute(
|
|
92440
|
+
if (!opts2.root && !pathIsAbsolute(path58)) {
|
|
92440
92441
|
throw new TypeError("path must be absolute or specify root to res.sendFile");
|
|
92441
92442
|
}
|
|
92442
|
-
var pathname = encodeURI(
|
|
92443
|
+
var pathname = encodeURI(path58);
|
|
92443
92444
|
opts2.etag = this.app.enabled("etag");
|
|
92444
92445
|
var file = send(req, pathname, opts2);
|
|
92445
92446
|
sendfile(res2, file, opts2, function(err) {
|
|
@@ -92450,7 +92451,7 @@ var require_response = __commonJS({
|
|
|
92450
92451
|
}
|
|
92451
92452
|
});
|
|
92452
92453
|
};
|
|
92453
|
-
res.download = function download(
|
|
92454
|
+
res.download = function download(path58, filename, options, callback) {
|
|
92454
92455
|
var done = callback;
|
|
92455
92456
|
var name = filename;
|
|
92456
92457
|
var opts2 = options || null;
|
|
@@ -92467,7 +92468,7 @@ var require_response = __commonJS({
|
|
|
92467
92468
|
opts2 = filename;
|
|
92468
92469
|
}
|
|
92469
92470
|
var headers = {
|
|
92470
|
-
"Content-Disposition": contentDisposition(name ||
|
|
92471
|
+
"Content-Disposition": contentDisposition(name || path58)
|
|
92471
92472
|
};
|
|
92472
92473
|
if (opts2 && opts2.headers) {
|
|
92473
92474
|
var keys = Object.keys(opts2.headers);
|
|
@@ -92480,7 +92481,7 @@ var require_response = __commonJS({
|
|
|
92480
92481
|
}
|
|
92481
92482
|
opts2 = Object.create(opts2);
|
|
92482
92483
|
opts2.headers = headers;
|
|
92483
|
-
var fullPath = !opts2.root ? resolve7(
|
|
92484
|
+
var fullPath = !opts2.root ? resolve7(path58) : path58;
|
|
92484
92485
|
return this.sendFile(fullPath, opts2, done);
|
|
92485
92486
|
};
|
|
92486
92487
|
res.contentType = res.type = function contentType(type) {
|
|
@@ -92763,11 +92764,11 @@ var require_serve_static = __commonJS({
|
|
|
92763
92764
|
}
|
|
92764
92765
|
var forwardError = !fallthrough;
|
|
92765
92766
|
var originalUrl = parseUrl.original(req);
|
|
92766
|
-
var
|
|
92767
|
-
if (
|
|
92768
|
-
|
|
92767
|
+
var path57 = parseUrl(req).pathname;
|
|
92768
|
+
if (path57 === "/" && originalUrl.pathname.substr(-1) !== "/") {
|
|
92769
|
+
path57 = "";
|
|
92769
92770
|
}
|
|
92770
|
-
var stream2 = send(req,
|
|
92771
|
+
var stream2 = send(req, path57, opts2);
|
|
92771
92772
|
stream2.on("directory", onDirectory);
|
|
92772
92773
|
if (setHeaders) {
|
|
92773
92774
|
stream2.on("headers", setHeaders);
|
|
@@ -93011,8 +93012,8 @@ var init_dist2 = __esm({
|
|
|
93011
93012
|
*
|
|
93012
93013
|
* @returns {void}
|
|
93013
93014
|
*/
|
|
93014
|
-
trustProxy(
|
|
93015
|
-
if (
|
|
93015
|
+
trustProxy(request2) {
|
|
93016
|
+
if (request2.app.get("trust proxy") === true) {
|
|
93016
93017
|
throw new ValidationError2(
|
|
93017
93018
|
"ERR_ERL_PERMISSIVE_TRUST_PROXY",
|
|
93018
93019
|
`The Express 'trust proxy' setting is true, which allows anyone to trivially bypass IP-based rate limiting.`
|
|
@@ -93029,8 +93030,8 @@ var init_dist2 = __esm({
|
|
|
93029
93030
|
*
|
|
93030
93031
|
* @returns {void}
|
|
93031
93032
|
*/
|
|
93032
|
-
xForwardedForHeader(
|
|
93033
|
-
if (
|
|
93033
|
+
xForwardedForHeader(request2) {
|
|
93034
|
+
if (request2.headers["x-forwarded-for"] && request2.app.get("trust proxy") === false) {
|
|
93034
93035
|
throw new ValidationError2(
|
|
93035
93036
|
"ERR_ERL_UNEXPECTED_X_FORWARDED_FOR",
|
|
93036
93037
|
`The 'X-Forwarded-For' header is set but the Express 'trust proxy' setting is false (default). This could indicate a misconfiguration which would prevent express-rate-limit from accurately identifying users.`
|
|
@@ -93072,11 +93073,11 @@ var init_dist2 = __esm({
|
|
|
93072
93073
|
*
|
|
93073
93074
|
* @returns {void}
|
|
93074
93075
|
*/
|
|
93075
|
-
singleCount(
|
|
93076
|
-
let storeKeys = singleCountKeys.get(
|
|
93076
|
+
singleCount(request2, store, key) {
|
|
93077
|
+
let storeKeys = singleCountKeys.get(request2);
|
|
93077
93078
|
if (!storeKeys) {
|
|
93078
93079
|
storeKeys = /* @__PURE__ */ new Map();
|
|
93079
|
-
singleCountKeys.set(
|
|
93080
|
+
singleCountKeys.set(request2, storeKeys);
|
|
93080
93081
|
}
|
|
93081
93082
|
const storeKey = store.localKeys ? store : store.constructor.name;
|
|
93082
93083
|
let keys = storeKeys.get(storeKey);
|
|
@@ -93464,10 +93465,10 @@ var init_dist2 = __esm({
|
|
|
93464
93465
|
message: "Too many requests, please try again later.",
|
|
93465
93466
|
statusCode: 429,
|
|
93466
93467
|
legacyHeaders: passedOptions.headers ?? true,
|
|
93467
|
-
identifier(
|
|
93468
|
+
identifier(request2, _response) {
|
|
93468
93469
|
let duration = "";
|
|
93469
93470
|
const property = config.requestPropertyName;
|
|
93470
|
-
const { limit } =
|
|
93471
|
+
const { limit } = request2[property];
|
|
93471
93472
|
const seconds = config.windowMs / 1e3;
|
|
93472
93473
|
const minutes = config.windowMs / (1e3 * 60);
|
|
93473
93474
|
const hours = config.windowMs / (1e3 * 60 * 60);
|
|
@@ -93483,16 +93484,16 @@ var init_dist2 = __esm({
|
|
|
93483
93484
|
skipSuccessfulRequests: false,
|
|
93484
93485
|
requestWasSuccessful: (_request, response) => response.statusCode < 400,
|
|
93485
93486
|
skip: (_request, _response) => false,
|
|
93486
|
-
keyGenerator(
|
|
93487
|
-
validations2.ip(
|
|
93488
|
-
validations2.trustProxy(
|
|
93489
|
-
validations2.xForwardedForHeader(
|
|
93490
|
-
return
|
|
93487
|
+
keyGenerator(request2, _response) {
|
|
93488
|
+
validations2.ip(request2.ip);
|
|
93489
|
+
validations2.trustProxy(request2);
|
|
93490
|
+
validations2.xForwardedForHeader(request2);
|
|
93491
|
+
return request2.ip;
|
|
93491
93492
|
},
|
|
93492
|
-
async handler(
|
|
93493
|
+
async handler(request2, response, _next, _optionsUsed) {
|
|
93493
93494
|
response.status(config.statusCode);
|
|
93494
93495
|
const message = typeof config.message === "function" ? await config.message(
|
|
93495
|
-
|
|
93496
|
+
request2,
|
|
93496
93497
|
response
|
|
93497
93498
|
) : config.message;
|
|
93498
93499
|
if (!response.writableEnded) {
|
|
@@ -93517,9 +93518,9 @@ var init_dist2 = __esm({
|
|
|
93517
93518
|
}
|
|
93518
93519
|
return config;
|
|
93519
93520
|
};
|
|
93520
|
-
handleAsyncErrors = (fn) => async (
|
|
93521
|
+
handleAsyncErrors = (fn) => async (request2, response, next) => {
|
|
93521
93522
|
try {
|
|
93522
|
-
await Promise.resolve(fn(
|
|
93523
|
+
await Promise.resolve(fn(request2, response, next)).catch(next);
|
|
93523
93524
|
} catch (error) {
|
|
93524
93525
|
next(error);
|
|
93525
93526
|
}
|
|
@@ -93531,14 +93532,14 @@ var init_dist2 = __esm({
|
|
|
93531
93532
|
config.validations.unsharedStore(config.store);
|
|
93532
93533
|
if (typeof config.store.init === "function") config.store.init(options);
|
|
93533
93534
|
const middleware = handleAsyncErrors(
|
|
93534
|
-
async (
|
|
93535
|
-
const skip = await config.skip(
|
|
93535
|
+
async (request2, response, next) => {
|
|
93536
|
+
const skip = await config.skip(request2, response);
|
|
93536
93537
|
if (skip) {
|
|
93537
93538
|
next();
|
|
93538
93539
|
return;
|
|
93539
93540
|
}
|
|
93540
|
-
const augmentedRequest =
|
|
93541
|
-
const key = await config.keyGenerator(
|
|
93541
|
+
const augmentedRequest = request2;
|
|
93542
|
+
const key = await config.keyGenerator(request2, response);
|
|
93542
93543
|
let totalHits = 0;
|
|
93543
93544
|
let resetTime;
|
|
93544
93545
|
try {
|
|
@@ -93557,8 +93558,8 @@ var init_dist2 = __esm({
|
|
|
93557
93558
|
throw error;
|
|
93558
93559
|
}
|
|
93559
93560
|
config.validations.positiveHits(totalHits);
|
|
93560
|
-
config.validations.singleCount(
|
|
93561
|
-
const retrieveLimit = typeof config.limit === "function" ? config.limit(
|
|
93561
|
+
config.validations.singleCount(request2, config.store, key);
|
|
93562
|
+
const retrieveLimit = typeof config.limit === "function" ? config.limit(request2, response) : config.limit;
|
|
93562
93563
|
const limit = await retrieveLimit;
|
|
93563
93564
|
config.validations.limit(limit);
|
|
93564
93565
|
const info = {
|
|
@@ -93588,7 +93589,7 @@ var init_dist2 = __esm({
|
|
|
93588
93589
|
break;
|
|
93589
93590
|
}
|
|
93590
93591
|
case "draft-8": {
|
|
93591
|
-
const retrieveName = typeof config.identifier === "function" ? config.identifier(
|
|
93592
|
+
const retrieveName = typeof config.identifier === "function" ? config.identifier(request2, response) : config.identifier;
|
|
93592
93593
|
const name = await retrieveName;
|
|
93593
93594
|
config.validations.headersResetTime(info.resetTime);
|
|
93594
93595
|
setDraft8Headers(response, info, config.windowMs, name, key);
|
|
@@ -93610,7 +93611,7 @@ var init_dist2 = __esm({
|
|
|
93610
93611
|
};
|
|
93611
93612
|
if (config.skipFailedRequests) {
|
|
93612
93613
|
response.on("finish", async () => {
|
|
93613
|
-
if (!await config.requestWasSuccessful(
|
|
93614
|
+
if (!await config.requestWasSuccessful(request2, response))
|
|
93614
93615
|
await decrementKey();
|
|
93615
93616
|
});
|
|
93616
93617
|
response.on("close", async () => {
|
|
@@ -93622,7 +93623,7 @@ var init_dist2 = __esm({
|
|
|
93622
93623
|
}
|
|
93623
93624
|
if (config.skipSuccessfulRequests) {
|
|
93624
93625
|
response.on("finish", async () => {
|
|
93625
|
-
if (await config.requestWasSuccessful(
|
|
93626
|
+
if (await config.requestWasSuccessful(request2, response))
|
|
93626
93627
|
await decrementKey();
|
|
93627
93628
|
});
|
|
93628
93629
|
}
|
|
@@ -93632,7 +93633,7 @@ var init_dist2 = __esm({
|
|
|
93632
93633
|
if (config.legacyHeaders || config.standardHeaders) {
|
|
93633
93634
|
setRetryAfterHeader(response, info, config.windowMs);
|
|
93634
93635
|
}
|
|
93635
|
-
config.handler(
|
|
93636
|
+
config.handler(request2, response, next, options);
|
|
93636
93637
|
return;
|
|
93637
93638
|
}
|
|
93638
93639
|
next();
|
|
@@ -94695,13 +94696,12 @@ var init_server = __esm({
|
|
|
94695
94696
|
}
|
|
94696
94697
|
});
|
|
94697
94698
|
|
|
94698
|
-
// ../runtime/
|
|
94699
|
-
var
|
|
94700
|
-
|
|
94699
|
+
// ../runtime/src/secrets-cache.ts
|
|
94700
|
+
var SecretsCache;
|
|
94701
|
+
var init_secrets_cache = __esm({
|
|
94702
|
+
"../runtime/src/secrets-cache.ts"() {
|
|
94701
94703
|
"use strict";
|
|
94702
|
-
|
|
94703
|
-
exports.SecretsCache = void 0;
|
|
94704
|
-
var SecretsCache = class {
|
|
94704
|
+
SecretsCache = class {
|
|
94705
94705
|
snapshot = null;
|
|
94706
94706
|
/** Replace the cached secrets in a single reference assignment. */
|
|
94707
94707
|
swap(values, keys, revision) {
|
|
@@ -94714,8 +94714,7 @@ var require_secrets_cache = __commonJS({
|
|
|
94714
94714
|
}
|
|
94715
94715
|
/** Whether the cache has exceeded the given TTL (seconds). */
|
|
94716
94716
|
isExpired(ttlSeconds) {
|
|
94717
|
-
if (!this.snapshot)
|
|
94718
|
-
return false;
|
|
94717
|
+
if (!this.snapshot) return false;
|
|
94719
94718
|
return (Date.now() - this.snapshot.swappedAt) / 1e3 > ttlSeconds;
|
|
94720
94719
|
}
|
|
94721
94720
|
/** Clear the cached snapshot, zeroing values first (best-effort). */
|
|
@@ -94738,8 +94737,7 @@ var require_secrets_cache = __commonJS({
|
|
|
94738
94737
|
/** Get all cached secret values. Returns null if not yet loaded. */
|
|
94739
94738
|
getAll() {
|
|
94740
94739
|
const s = this.snapshot;
|
|
94741
|
-
if (!s)
|
|
94742
|
-
return null;
|
|
94740
|
+
if (!s) return null;
|
|
94743
94741
|
return { ...s.values };
|
|
94744
94742
|
}
|
|
94745
94743
|
/** Get the list of available secret key names. */
|
|
@@ -94756,79 +94754,40 @@ var require_secrets_cache = __commonJS({
|
|
|
94756
94754
|
return this.snapshot !== null;
|
|
94757
94755
|
}
|
|
94758
94756
|
};
|
|
94759
|
-
exports.SecretsCache = SecretsCache;
|
|
94760
94757
|
}
|
|
94761
94758
|
});
|
|
94762
94759
|
|
|
94763
|
-
// ../runtime/
|
|
94764
|
-
|
|
94765
|
-
|
|
94760
|
+
// ../runtime/src/disk-cache.ts
|
|
94761
|
+
import * as fs32 from "fs";
|
|
94762
|
+
import * as path48 from "path";
|
|
94763
|
+
var DiskCache;
|
|
94764
|
+
var init_disk_cache = __esm({
|
|
94765
|
+
"../runtime/src/disk-cache.ts"() {
|
|
94766
94766
|
"use strict";
|
|
94767
|
-
|
|
94768
|
-
if (k2 === void 0) k2 = k;
|
|
94769
|
-
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
94770
|
-
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
94771
|
-
desc = { enumerable: true, get: function() {
|
|
94772
|
-
return m[k];
|
|
94773
|
-
} };
|
|
94774
|
-
}
|
|
94775
|
-
Object.defineProperty(o, k2, desc);
|
|
94776
|
-
}) : (function(o, m, k, k2) {
|
|
94777
|
-
if (k2 === void 0) k2 = k;
|
|
94778
|
-
o[k2] = m[k];
|
|
94779
|
-
}));
|
|
94780
|
-
var __setModuleDefault = exports && exports.__setModuleDefault || (Object.create ? (function(o, v) {
|
|
94781
|
-
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
94782
|
-
}) : function(o, v) {
|
|
94783
|
-
o["default"] = v;
|
|
94784
|
-
});
|
|
94785
|
-
var __importStar = exports && exports.__importStar || /* @__PURE__ */ (function() {
|
|
94786
|
-
var ownKeys = function(o) {
|
|
94787
|
-
ownKeys = Object.getOwnPropertyNames || function(o2) {
|
|
94788
|
-
var ar = [];
|
|
94789
|
-
for (var k in o2) if (Object.prototype.hasOwnProperty.call(o2, k)) ar[ar.length] = k;
|
|
94790
|
-
return ar;
|
|
94791
|
-
};
|
|
94792
|
-
return ownKeys(o);
|
|
94793
|
-
};
|
|
94794
|
-
return function(mod3) {
|
|
94795
|
-
if (mod3 && mod3.__esModule) return mod3;
|
|
94796
|
-
var result = {};
|
|
94797
|
-
if (mod3 != null) {
|
|
94798
|
-
for (var k = ownKeys(mod3), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod3, k[i]);
|
|
94799
|
-
}
|
|
94800
|
-
__setModuleDefault(result, mod3);
|
|
94801
|
-
return result;
|
|
94802
|
-
};
|
|
94803
|
-
})();
|
|
94804
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
94805
|
-
exports.DiskCache = void 0;
|
|
94806
|
-
var fs35 = __importStar(__require("fs"));
|
|
94807
|
-
var path56 = __importStar(__require("path"));
|
|
94808
|
-
var DiskCache = class {
|
|
94767
|
+
DiskCache = class {
|
|
94809
94768
|
artifactPath;
|
|
94810
94769
|
metaPath;
|
|
94811
94770
|
constructor(cachePath, identity, environment) {
|
|
94812
|
-
const dir =
|
|
94813
|
-
this.artifactPath =
|
|
94814
|
-
this.metaPath =
|
|
94771
|
+
const dir = path48.join(cachePath, identity);
|
|
94772
|
+
this.artifactPath = path48.join(dir, `${environment}.age.json`);
|
|
94773
|
+
this.metaPath = path48.join(dir, `${environment}.meta`);
|
|
94815
94774
|
}
|
|
94816
94775
|
/** Write an artifact and optional metadata to disk (atomic via tmp+rename). */
|
|
94817
94776
|
write(raw, sha) {
|
|
94818
|
-
const dir =
|
|
94819
|
-
|
|
94777
|
+
const dir = path48.dirname(this.artifactPath);
|
|
94778
|
+
fs32.mkdirSync(dir, { recursive: true });
|
|
94820
94779
|
const tmpArtifact = `${this.artifactPath}.tmp.${process.pid}`;
|
|
94821
|
-
|
|
94822
|
-
|
|
94780
|
+
fs32.writeFileSync(tmpArtifact, raw, "utf-8");
|
|
94781
|
+
fs32.renameSync(tmpArtifact, this.artifactPath);
|
|
94823
94782
|
const meta = { sha, fetchedAt: (/* @__PURE__ */ new Date()).toISOString() };
|
|
94824
94783
|
const tmpMeta = `${this.metaPath}.tmp.${process.pid}`;
|
|
94825
|
-
|
|
94826
|
-
|
|
94784
|
+
fs32.writeFileSync(tmpMeta, JSON.stringify(meta), "utf-8");
|
|
94785
|
+
fs32.renameSync(tmpMeta, this.metaPath);
|
|
94827
94786
|
}
|
|
94828
94787
|
/** Read the cached artifact. Returns null if no cache file exists. */
|
|
94829
94788
|
read() {
|
|
94830
94789
|
try {
|
|
94831
|
-
return
|
|
94790
|
+
return fs32.readFileSync(this.artifactPath, "utf-8");
|
|
94832
94791
|
} catch {
|
|
94833
94792
|
return null;
|
|
94834
94793
|
}
|
|
@@ -94843,7 +94802,7 @@ var require_disk_cache = __commonJS({
|
|
|
94843
94802
|
}
|
|
94844
94803
|
readMeta() {
|
|
94845
94804
|
try {
|
|
94846
|
-
const raw =
|
|
94805
|
+
const raw = fs32.readFileSync(this.metaPath, "utf-8");
|
|
94847
94806
|
return JSON.parse(raw);
|
|
94848
94807
|
} catch {
|
|
94849
94808
|
return void 0;
|
|
@@ -94852,64 +94811,25 @@ var require_disk_cache = __commonJS({
|
|
|
94852
94811
|
/** Remove cached artifact and metadata files. */
|
|
94853
94812
|
purge() {
|
|
94854
94813
|
try {
|
|
94855
|
-
|
|
94814
|
+
fs32.unlinkSync(this.artifactPath);
|
|
94856
94815
|
} catch {
|
|
94857
94816
|
}
|
|
94858
94817
|
try {
|
|
94859
|
-
|
|
94818
|
+
fs32.unlinkSync(this.metaPath);
|
|
94860
94819
|
} catch {
|
|
94861
94820
|
}
|
|
94862
94821
|
}
|
|
94863
94822
|
};
|
|
94864
|
-
exports.DiskCache = DiskCache;
|
|
94865
94823
|
}
|
|
94866
94824
|
});
|
|
94867
94825
|
|
|
94868
|
-
// ../runtime/
|
|
94869
|
-
|
|
94870
|
-
|
|
94826
|
+
// ../runtime/src/decrypt.ts
|
|
94827
|
+
import * as fs33 from "fs";
|
|
94828
|
+
var AgeDecryptor;
|
|
94829
|
+
var init_decrypt = __esm({
|
|
94830
|
+
"../runtime/src/decrypt.ts"() {
|
|
94871
94831
|
"use strict";
|
|
94872
|
-
|
|
94873
|
-
if (k2 === void 0) k2 = k;
|
|
94874
|
-
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
94875
|
-
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
94876
|
-
desc = { enumerable: true, get: function() {
|
|
94877
|
-
return m[k];
|
|
94878
|
-
} };
|
|
94879
|
-
}
|
|
94880
|
-
Object.defineProperty(o, k2, desc);
|
|
94881
|
-
}) : (function(o, m, k, k2) {
|
|
94882
|
-
if (k2 === void 0) k2 = k;
|
|
94883
|
-
o[k2] = m[k];
|
|
94884
|
-
}));
|
|
94885
|
-
var __setModuleDefault = exports && exports.__setModuleDefault || (Object.create ? (function(o, v) {
|
|
94886
|
-
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
94887
|
-
}) : function(o, v) {
|
|
94888
|
-
o["default"] = v;
|
|
94889
|
-
});
|
|
94890
|
-
var __importStar = exports && exports.__importStar || /* @__PURE__ */ (function() {
|
|
94891
|
-
var ownKeys = function(o) {
|
|
94892
|
-
ownKeys = Object.getOwnPropertyNames || function(o2) {
|
|
94893
|
-
var ar = [];
|
|
94894
|
-
for (var k in o2) if (Object.prototype.hasOwnProperty.call(o2, k)) ar[ar.length] = k;
|
|
94895
|
-
return ar;
|
|
94896
|
-
};
|
|
94897
|
-
return ownKeys(o);
|
|
94898
|
-
};
|
|
94899
|
-
return function(mod3) {
|
|
94900
|
-
if (mod3 && mod3.__esModule) return mod3;
|
|
94901
|
-
var result = {};
|
|
94902
|
-
if (mod3 != null) {
|
|
94903
|
-
for (var k = ownKeys(mod3), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod3, k[i]);
|
|
94904
|
-
}
|
|
94905
|
-
__setModuleDefault(result, mod3);
|
|
94906
|
-
return result;
|
|
94907
|
-
};
|
|
94908
|
-
})();
|
|
94909
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
94910
|
-
exports.AgeDecryptor = void 0;
|
|
94911
|
-
var fs35 = __importStar(__require("fs"));
|
|
94912
|
-
var AgeDecryptor = class {
|
|
94832
|
+
AgeDecryptor = class {
|
|
94913
94833
|
/**
|
|
94914
94834
|
* Decrypt an age-encrypted PEM-armored ciphertext string.
|
|
94915
94835
|
*
|
|
@@ -94918,7 +94838,7 @@ var require_decrypt = __commonJS({
|
|
|
94918
94838
|
* @returns The decrypted plaintext string.
|
|
94919
94839
|
*/
|
|
94920
94840
|
async decrypt(ciphertext, privateKey) {
|
|
94921
|
-
const { Decrypter: Decrypter2 } = await Promise.resolve(
|
|
94841
|
+
const { Decrypter: Decrypter2 } = await Promise.resolve().then(() => (init_dist(), dist_exports));
|
|
94922
94842
|
const d = new Decrypter2();
|
|
94923
94843
|
d.addIdentity(privateKey);
|
|
94924
94844
|
return d.decrypt(Buffer.from(ciphertext, "base64"), "text");
|
|
@@ -94931,10 +94851,9 @@ var require_decrypt = __commonJS({
|
|
|
94931
94851
|
* @returns The age private key string.
|
|
94932
94852
|
*/
|
|
94933
94853
|
resolveKey(ageKey, ageKeyFile) {
|
|
94934
|
-
if (ageKey)
|
|
94935
|
-
return ageKey.trim();
|
|
94854
|
+
if (ageKey) return ageKey.trim();
|
|
94936
94855
|
if (ageKeyFile) {
|
|
94937
|
-
const content =
|
|
94856
|
+
const content = fs33.readFileSync(ageKeyFile, "utf-8").trim();
|
|
94938
94857
|
const lines = content.split("\n").filter((l) => l.startsWith("AGE-SECRET-KEY-"));
|
|
94939
94858
|
if (lines.length === 0) {
|
|
94940
94859
|
throw new Error(`No age secret key found in file: ${ageKeyFile}`);
|
|
@@ -94944,54 +94863,15 @@ var require_decrypt = __commonJS({
|
|
|
94944
94863
|
throw new Error("No age key available. Set CLEF_AGE_KEY or CLEF_AGE_KEY_FILE.");
|
|
94945
94864
|
}
|
|
94946
94865
|
};
|
|
94947
|
-
exports.AgeDecryptor = AgeDecryptor;
|
|
94948
94866
|
}
|
|
94949
94867
|
});
|
|
94950
94868
|
|
|
94951
|
-
// ../runtime/
|
|
94952
|
-
var
|
|
94953
|
-
|
|
94869
|
+
// ../runtime/src/kms/aws.ts
|
|
94870
|
+
var AwsKmsProvider;
|
|
94871
|
+
var init_aws = __esm({
|
|
94872
|
+
"../runtime/src/kms/aws.ts"() {
|
|
94954
94873
|
"use strict";
|
|
94955
|
-
|
|
94956
|
-
if (k2 === void 0) k2 = k;
|
|
94957
|
-
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
94958
|
-
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
94959
|
-
desc = { enumerable: true, get: function() {
|
|
94960
|
-
return m[k];
|
|
94961
|
-
} };
|
|
94962
|
-
}
|
|
94963
|
-
Object.defineProperty(o, k2, desc);
|
|
94964
|
-
}) : (function(o, m, k, k2) {
|
|
94965
|
-
if (k2 === void 0) k2 = k;
|
|
94966
|
-
o[k2] = m[k];
|
|
94967
|
-
}));
|
|
94968
|
-
var __setModuleDefault = exports && exports.__setModuleDefault || (Object.create ? (function(o, v) {
|
|
94969
|
-
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
94970
|
-
}) : function(o, v) {
|
|
94971
|
-
o["default"] = v;
|
|
94972
|
-
});
|
|
94973
|
-
var __importStar = exports && exports.__importStar || /* @__PURE__ */ (function() {
|
|
94974
|
-
var ownKeys = function(o) {
|
|
94975
|
-
ownKeys = Object.getOwnPropertyNames || function(o2) {
|
|
94976
|
-
var ar = [];
|
|
94977
|
-
for (var k in o2) if (Object.prototype.hasOwnProperty.call(o2, k)) ar[ar.length] = k;
|
|
94978
|
-
return ar;
|
|
94979
|
-
};
|
|
94980
|
-
return ownKeys(o);
|
|
94981
|
-
};
|
|
94982
|
-
return function(mod3) {
|
|
94983
|
-
if (mod3 && mod3.__esModule) return mod3;
|
|
94984
|
-
var result = {};
|
|
94985
|
-
if (mod3 != null) {
|
|
94986
|
-
for (var k = ownKeys(mod3), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod3, k[i]);
|
|
94987
|
-
}
|
|
94988
|
-
__setModuleDefault(result, mod3);
|
|
94989
|
-
return result;
|
|
94990
|
-
};
|
|
94991
|
-
})();
|
|
94992
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
94993
|
-
exports.AwsKmsProvider = void 0;
|
|
94994
|
-
var AwsKmsProvider = class {
|
|
94874
|
+
AwsKmsProvider = class {
|
|
94995
94875
|
// eslint-disable-next-line @typescript-eslint/no-explicit-any -- lazy-loaded SDK client
|
|
94996
94876
|
client;
|
|
94997
94877
|
// eslint-disable-next-line @typescript-eslint/no-explicit-any -- lazy-loaded SDK module
|
|
@@ -95001,13 +94881,14 @@ var require_aws = __commonJS({
|
|
|
95001
94881
|
this.region = region;
|
|
95002
94882
|
}
|
|
95003
94883
|
async ensureClient() {
|
|
95004
|
-
if (this.client)
|
|
95005
|
-
return;
|
|
94884
|
+
if (this.client) return;
|
|
95006
94885
|
try {
|
|
95007
|
-
this.sdk = await
|
|
94886
|
+
this.sdk = await import("@aws-sdk/client-kms");
|
|
95008
94887
|
this.client = new this.sdk.KMSClient({ region: this.region });
|
|
95009
94888
|
} catch {
|
|
95010
|
-
throw new Error(
|
|
94889
|
+
throw new Error(
|
|
94890
|
+
"AWS KMS requires @aws-sdk/client-kms. Install it with: npm install @aws-sdk/client-kms"
|
|
94891
|
+
);
|
|
95011
94892
|
}
|
|
95012
94893
|
}
|
|
95013
94894
|
async wrap(keyId, plaintext) {
|
|
@@ -95054,64 +94935,26 @@ var require_aws = __commonJS({
|
|
|
95054
94935
|
return Buffer.from(response.Signature);
|
|
95055
94936
|
}
|
|
95056
94937
|
};
|
|
95057
|
-
exports.AwsKmsProvider = AwsKmsProvider;
|
|
95058
94938
|
}
|
|
95059
94939
|
});
|
|
95060
94940
|
|
|
95061
|
-
// ../runtime/
|
|
95062
|
-
var
|
|
95063
|
-
|
|
94941
|
+
// ../runtime/src/kms/gcp.ts
|
|
94942
|
+
var GcpKmsProvider;
|
|
94943
|
+
var init_gcp = __esm({
|
|
94944
|
+
"../runtime/src/kms/gcp.ts"() {
|
|
95064
94945
|
"use strict";
|
|
95065
|
-
|
|
95066
|
-
if (k2 === void 0) k2 = k;
|
|
95067
|
-
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
95068
|
-
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
95069
|
-
desc = { enumerable: true, get: function() {
|
|
95070
|
-
return m[k];
|
|
95071
|
-
} };
|
|
95072
|
-
}
|
|
95073
|
-
Object.defineProperty(o, k2, desc);
|
|
95074
|
-
}) : (function(o, m, k, k2) {
|
|
95075
|
-
if (k2 === void 0) k2 = k;
|
|
95076
|
-
o[k2] = m[k];
|
|
95077
|
-
}));
|
|
95078
|
-
var __setModuleDefault = exports && exports.__setModuleDefault || (Object.create ? (function(o, v) {
|
|
95079
|
-
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
95080
|
-
}) : function(o, v) {
|
|
95081
|
-
o["default"] = v;
|
|
95082
|
-
});
|
|
95083
|
-
var __importStar = exports && exports.__importStar || /* @__PURE__ */ (function() {
|
|
95084
|
-
var ownKeys = function(o) {
|
|
95085
|
-
ownKeys = Object.getOwnPropertyNames || function(o2) {
|
|
95086
|
-
var ar = [];
|
|
95087
|
-
for (var k in o2) if (Object.prototype.hasOwnProperty.call(o2, k)) ar[ar.length] = k;
|
|
95088
|
-
return ar;
|
|
95089
|
-
};
|
|
95090
|
-
return ownKeys(o);
|
|
95091
|
-
};
|
|
95092
|
-
return function(mod3) {
|
|
95093
|
-
if (mod3 && mod3.__esModule) return mod3;
|
|
95094
|
-
var result = {};
|
|
95095
|
-
if (mod3 != null) {
|
|
95096
|
-
for (var k = ownKeys(mod3), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod3, k[i]);
|
|
95097
|
-
}
|
|
95098
|
-
__setModuleDefault(result, mod3);
|
|
95099
|
-
return result;
|
|
95100
|
-
};
|
|
95101
|
-
})();
|
|
95102
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
95103
|
-
exports.GcpKmsProvider = void 0;
|
|
95104
|
-
var GcpKmsProvider = class {
|
|
94946
|
+
GcpKmsProvider = class {
|
|
95105
94947
|
// eslint-disable-next-line @typescript-eslint/no-explicit-any -- lazy-loaded SDK client
|
|
95106
94948
|
client;
|
|
95107
94949
|
async ensureClient() {
|
|
95108
|
-
if (this.client)
|
|
95109
|
-
return;
|
|
94950
|
+
if (this.client) return;
|
|
95110
94951
|
try {
|
|
95111
|
-
const kms = await
|
|
94952
|
+
const kms = await import("@google-cloud/kms");
|
|
95112
94953
|
this.client = new kms.KeyManagementServiceClient();
|
|
95113
94954
|
} catch {
|
|
95114
|
-
throw new Error(
|
|
94955
|
+
throw new Error(
|
|
94956
|
+
"GCP KMS requires @google-cloud/kms. Install it with: npm install @google-cloud/kms"
|
|
94957
|
+
);
|
|
95115
94958
|
}
|
|
95116
94959
|
}
|
|
95117
94960
|
async wrap(keyId, plaintext) {
|
|
@@ -95140,67 +94983,29 @@ var require_gcp = __commonJS({
|
|
|
95140
94983
|
return Buffer.from(response.plaintext);
|
|
95141
94984
|
}
|
|
95142
94985
|
};
|
|
95143
|
-
exports.GcpKmsProvider = GcpKmsProvider;
|
|
95144
94986
|
}
|
|
95145
94987
|
});
|
|
95146
94988
|
|
|
95147
|
-
// ../runtime/
|
|
95148
|
-
var
|
|
95149
|
-
|
|
94989
|
+
// ../runtime/src/kms/azure.ts
|
|
94990
|
+
var AzureKmsProvider;
|
|
94991
|
+
var init_azure = __esm({
|
|
94992
|
+
"../runtime/src/kms/azure.ts"() {
|
|
95150
94993
|
"use strict";
|
|
95151
|
-
|
|
95152
|
-
if (k2 === void 0) k2 = k;
|
|
95153
|
-
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
95154
|
-
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
95155
|
-
desc = { enumerable: true, get: function() {
|
|
95156
|
-
return m[k];
|
|
95157
|
-
} };
|
|
95158
|
-
}
|
|
95159
|
-
Object.defineProperty(o, k2, desc);
|
|
95160
|
-
}) : (function(o, m, k, k2) {
|
|
95161
|
-
if (k2 === void 0) k2 = k;
|
|
95162
|
-
o[k2] = m[k];
|
|
95163
|
-
}));
|
|
95164
|
-
var __setModuleDefault = exports && exports.__setModuleDefault || (Object.create ? (function(o, v) {
|
|
95165
|
-
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
95166
|
-
}) : function(o, v) {
|
|
95167
|
-
o["default"] = v;
|
|
95168
|
-
});
|
|
95169
|
-
var __importStar = exports && exports.__importStar || /* @__PURE__ */ (function() {
|
|
95170
|
-
var ownKeys = function(o) {
|
|
95171
|
-
ownKeys = Object.getOwnPropertyNames || function(o2) {
|
|
95172
|
-
var ar = [];
|
|
95173
|
-
for (var k in o2) if (Object.prototype.hasOwnProperty.call(o2, k)) ar[ar.length] = k;
|
|
95174
|
-
return ar;
|
|
95175
|
-
};
|
|
95176
|
-
return ownKeys(o);
|
|
95177
|
-
};
|
|
95178
|
-
return function(mod3) {
|
|
95179
|
-
if (mod3 && mod3.__esModule) return mod3;
|
|
95180
|
-
var result = {};
|
|
95181
|
-
if (mod3 != null) {
|
|
95182
|
-
for (var k = ownKeys(mod3), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod3, k[i]);
|
|
95183
|
-
}
|
|
95184
|
-
__setModuleDefault(result, mod3);
|
|
95185
|
-
return result;
|
|
95186
|
-
};
|
|
95187
|
-
})();
|
|
95188
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
95189
|
-
exports.AzureKmsProvider = void 0;
|
|
95190
|
-
var AzureKmsProvider = class {
|
|
94994
|
+
AzureKmsProvider = class {
|
|
95191
94995
|
// eslint-disable-next-line @typescript-eslint/no-explicit-any -- lazy-loaded SDK credential
|
|
95192
94996
|
credential;
|
|
95193
94997
|
// eslint-disable-next-line @typescript-eslint/no-explicit-any -- lazy-loaded SDK module
|
|
95194
94998
|
keysModule;
|
|
95195
94999
|
async ensureLoaded() {
|
|
95196
|
-
if (this.credential)
|
|
95197
|
-
return;
|
|
95000
|
+
if (this.credential) return;
|
|
95198
95001
|
try {
|
|
95199
|
-
const identity = await
|
|
95200
|
-
this.keysModule = await
|
|
95002
|
+
const identity = await import("@azure/identity");
|
|
95003
|
+
this.keysModule = await import("@azure/keyvault-keys");
|
|
95201
95004
|
this.credential = new identity.DefaultAzureCredential();
|
|
95202
95005
|
} catch {
|
|
95203
|
-
throw new Error(
|
|
95006
|
+
throw new Error(
|
|
95007
|
+
"Azure Key Vault requires @azure/identity and @azure/keyvault-keys. Install them with: npm install @azure/identity @azure/keyvault-keys"
|
|
95008
|
+
);
|
|
95204
95009
|
}
|
|
95205
95010
|
}
|
|
95206
95011
|
async wrap(keyId, plaintext) {
|
|
@@ -95225,38 +95030,84 @@ var require_azure = __commonJS({
|
|
|
95225
95030
|
return Buffer.from(result.result);
|
|
95226
95031
|
}
|
|
95227
95032
|
};
|
|
95228
|
-
exports.AzureKmsProvider = AzureKmsProvider;
|
|
95229
95033
|
}
|
|
95230
95034
|
});
|
|
95231
95035
|
|
|
95232
|
-
// ../client/dist/kms.
|
|
95233
|
-
var
|
|
95234
|
-
|
|
95036
|
+
// ../client/dist/kms.mjs
|
|
95037
|
+
var kms_exports = {};
|
|
95038
|
+
__export(kms_exports, {
|
|
95039
|
+
ClefClientError: () => ClefClientError,
|
|
95040
|
+
CloudKmsProvider: () => CloudKmsProvider
|
|
95041
|
+
});
|
|
95042
|
+
function resolveToken(explicit) {
|
|
95043
|
+
if (explicit) return explicit;
|
|
95044
|
+
if (typeof process !== "undefined" && process.env?.CLEF_SERVICE_TOKEN) {
|
|
95045
|
+
return process.env.CLEF_SERVICE_TOKEN;
|
|
95046
|
+
}
|
|
95047
|
+
throw new ClefClientError(
|
|
95048
|
+
"No service token configured",
|
|
95049
|
+
void 0,
|
|
95050
|
+
"Set CLEF_SERVICE_TOKEN or pass token in options."
|
|
95051
|
+
);
|
|
95052
|
+
}
|
|
95053
|
+
async function request(baseUrl, opts2) {
|
|
95054
|
+
const url = `${baseUrl}${opts2.path}`;
|
|
95055
|
+
const headers = {
|
|
95056
|
+
Authorization: `Bearer ${opts2.token}`,
|
|
95057
|
+
Accept: "application/json"
|
|
95058
|
+
};
|
|
95059
|
+
if (opts2.body !== void 0) {
|
|
95060
|
+
headers["Content-Type"] = "application/json";
|
|
95061
|
+
}
|
|
95062
|
+
const init2 = {
|
|
95063
|
+
method: opts2.method,
|
|
95064
|
+
headers,
|
|
95065
|
+
body: opts2.body !== void 0 ? JSON.stringify(opts2.body) : void 0
|
|
95066
|
+
};
|
|
95067
|
+
let response;
|
|
95068
|
+
try {
|
|
95069
|
+
response = await opts2.fetchFn(url, init2);
|
|
95070
|
+
} catch (err) {
|
|
95071
|
+
try {
|
|
95072
|
+
response = await opts2.fetchFn(url, init2);
|
|
95073
|
+
} catch {
|
|
95074
|
+
throw new ClefClientError(
|
|
95075
|
+
`Connection failed: ${err.message}`,
|
|
95076
|
+
void 0,
|
|
95077
|
+
"Is the endpoint reachable? Check your CLEF_ENDPOINT setting."
|
|
95078
|
+
);
|
|
95079
|
+
}
|
|
95080
|
+
}
|
|
95081
|
+
if (response.status >= 500) {
|
|
95082
|
+
response = await opts2.fetchFn(url, init2);
|
|
95083
|
+
}
|
|
95084
|
+
if (response.status === 401) {
|
|
95085
|
+
throw new ClefClientError("Authentication failed", 401, "Check your CLEF_SERVICE_TOKEN.");
|
|
95086
|
+
}
|
|
95087
|
+
if (response.status === 503) {
|
|
95088
|
+
throw new ClefClientError("Secrets expired or not loaded", 503, "Check the agent logs.");
|
|
95089
|
+
}
|
|
95090
|
+
if (!response.ok) {
|
|
95091
|
+
const text = await response.text().catch(() => "");
|
|
95092
|
+
throw new ClefClientError(
|
|
95093
|
+
`HTTP ${response.status}: ${text || response.statusText}`,
|
|
95094
|
+
response.status
|
|
95095
|
+
);
|
|
95096
|
+
}
|
|
95097
|
+
const json = await response.json();
|
|
95098
|
+
if (json && typeof json === "object" && "success" in json) {
|
|
95099
|
+
if (!json.success) {
|
|
95100
|
+
throw new ClefClientError(json.message || "Request failed", response.status);
|
|
95101
|
+
}
|
|
95102
|
+
return json.data;
|
|
95103
|
+
}
|
|
95104
|
+
return json;
|
|
95105
|
+
}
|
|
95106
|
+
var ClefClientError, CloudKmsProvider;
|
|
95107
|
+
var init_kms2 = __esm({
|
|
95108
|
+
"../client/dist/kms.mjs"() {
|
|
95235
95109
|
"use strict";
|
|
95236
|
-
|
|
95237
|
-
var __getOwnPropDesc2 = Object.getOwnPropertyDescriptor;
|
|
95238
|
-
var __getOwnPropNames2 = Object.getOwnPropertyNames;
|
|
95239
|
-
var __hasOwnProp2 = Object.prototype.hasOwnProperty;
|
|
95240
|
-
var __export2 = (target, all) => {
|
|
95241
|
-
for (var name in all)
|
|
95242
|
-
__defProp2(target, name, { get: all[name], enumerable: true });
|
|
95243
|
-
};
|
|
95244
|
-
var __copyProps2 = (to, from, except, desc) => {
|
|
95245
|
-
if (from && typeof from === "object" || typeof from === "function") {
|
|
95246
|
-
for (let key of __getOwnPropNames2(from))
|
|
95247
|
-
if (!__hasOwnProp2.call(to, key) && key !== except)
|
|
95248
|
-
__defProp2(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc2(from, key)) || desc.enumerable });
|
|
95249
|
-
}
|
|
95250
|
-
return to;
|
|
95251
|
-
};
|
|
95252
|
-
var __toCommonJS = (mod3) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod3);
|
|
95253
|
-
var kms_exports = {};
|
|
95254
|
-
__export2(kms_exports, {
|
|
95255
|
-
ClefClientError: () => ClefClientError,
|
|
95256
|
-
CloudKmsProvider: () => CloudKmsProvider
|
|
95257
|
-
});
|
|
95258
|
-
module.exports = __toCommonJS(kms_exports);
|
|
95259
|
-
var ClefClientError = class extends Error {
|
|
95110
|
+
ClefClientError = class extends Error {
|
|
95260
95111
|
constructor(message, statusCode, fix) {
|
|
95261
95112
|
super(message);
|
|
95262
95113
|
this.statusCode = statusCode;
|
|
@@ -95266,71 +95117,7 @@ var require_kms = __commonJS({
|
|
|
95266
95117
|
statusCode;
|
|
95267
95118
|
fix;
|
|
95268
95119
|
};
|
|
95269
|
-
|
|
95270
|
-
if (explicit) return explicit;
|
|
95271
|
-
if (typeof process !== "undefined" && process.env?.CLEF_SERVICE_TOKEN) {
|
|
95272
|
-
return process.env.CLEF_SERVICE_TOKEN;
|
|
95273
|
-
}
|
|
95274
|
-
throw new ClefClientError(
|
|
95275
|
-
"No service token configured",
|
|
95276
|
-
void 0,
|
|
95277
|
-
"Set CLEF_SERVICE_TOKEN or pass token in options."
|
|
95278
|
-
);
|
|
95279
|
-
}
|
|
95280
|
-
async function request(baseUrl, opts2) {
|
|
95281
|
-
const url = `${baseUrl}${opts2.path}`;
|
|
95282
|
-
const headers = {
|
|
95283
|
-
Authorization: `Bearer ${opts2.token}`,
|
|
95284
|
-
Accept: "application/json"
|
|
95285
|
-
};
|
|
95286
|
-
if (opts2.body !== void 0) {
|
|
95287
|
-
headers["Content-Type"] = "application/json";
|
|
95288
|
-
}
|
|
95289
|
-
const init = {
|
|
95290
|
-
method: opts2.method,
|
|
95291
|
-
headers,
|
|
95292
|
-
body: opts2.body !== void 0 ? JSON.stringify(opts2.body) : void 0
|
|
95293
|
-
};
|
|
95294
|
-
let response;
|
|
95295
|
-
try {
|
|
95296
|
-
response = await opts2.fetchFn(url, init);
|
|
95297
|
-
} catch (err) {
|
|
95298
|
-
try {
|
|
95299
|
-
response = await opts2.fetchFn(url, init);
|
|
95300
|
-
} catch {
|
|
95301
|
-
throw new ClefClientError(
|
|
95302
|
-
`Connection failed: ${err.message}`,
|
|
95303
|
-
void 0,
|
|
95304
|
-
"Is the endpoint reachable? Check your CLEF_ENDPOINT setting."
|
|
95305
|
-
);
|
|
95306
|
-
}
|
|
95307
|
-
}
|
|
95308
|
-
if (response.status >= 500) {
|
|
95309
|
-
response = await opts2.fetchFn(url, init);
|
|
95310
|
-
}
|
|
95311
|
-
if (response.status === 401) {
|
|
95312
|
-
throw new ClefClientError("Authentication failed", 401, "Check your CLEF_SERVICE_TOKEN.");
|
|
95313
|
-
}
|
|
95314
|
-
if (response.status === 503) {
|
|
95315
|
-
throw new ClefClientError("Secrets expired or not loaded", 503, "Check the agent logs.");
|
|
95316
|
-
}
|
|
95317
|
-
if (!response.ok) {
|
|
95318
|
-
const text = await response.text().catch(() => "");
|
|
95319
|
-
throw new ClefClientError(
|
|
95320
|
-
`HTTP ${response.status}: ${text || response.statusText}`,
|
|
95321
|
-
response.status
|
|
95322
|
-
);
|
|
95323
|
-
}
|
|
95324
|
-
const json = await response.json();
|
|
95325
|
-
if (json && typeof json === "object" && "success" in json) {
|
|
95326
|
-
if (!json.success) {
|
|
95327
|
-
throw new ClefClientError(json.message || "Request failed", response.status);
|
|
95328
|
-
}
|
|
95329
|
-
return json.data;
|
|
95330
|
-
}
|
|
95331
|
-
return json;
|
|
95332
|
-
}
|
|
95333
|
-
var CloudKmsProvider = class {
|
|
95120
|
+
CloudKmsProvider = class {
|
|
95334
95121
|
endpoint;
|
|
95335
95122
|
token;
|
|
95336
95123
|
constructor(options) {
|
|
@@ -95359,139 +95146,54 @@ var require_kms = __commonJS({
|
|
|
95359
95146
|
}
|
|
95360
95147
|
});
|
|
95361
95148
|
|
|
95362
|
-
// ../runtime/
|
|
95363
|
-
|
|
95364
|
-
|
|
95365
|
-
|
|
95366
|
-
|
|
95367
|
-
|
|
95368
|
-
|
|
95369
|
-
|
|
95370
|
-
|
|
95371
|
-
|
|
95372
|
-
|
|
95373
|
-
|
|
95374
|
-
|
|
95375
|
-
|
|
95376
|
-
|
|
95377
|
-
|
|
95378
|
-
|
|
95379
|
-
|
|
95380
|
-
|
|
95381
|
-
|
|
95382
|
-
o["default"] = v;
|
|
95383
|
-
});
|
|
95384
|
-
var __importStar = exports && exports.__importStar || /* @__PURE__ */ (function() {
|
|
95385
|
-
var ownKeys = function(o) {
|
|
95386
|
-
ownKeys = Object.getOwnPropertyNames || function(o2) {
|
|
95387
|
-
var ar = [];
|
|
95388
|
-
for (var k in o2) if (Object.prototype.hasOwnProperty.call(o2, k)) ar[ar.length] = k;
|
|
95389
|
-
return ar;
|
|
95390
|
-
};
|
|
95391
|
-
return ownKeys(o);
|
|
95392
|
-
};
|
|
95393
|
-
return function(mod3) {
|
|
95394
|
-
if (mod3 && mod3.__esModule) return mod3;
|
|
95395
|
-
var result = {};
|
|
95396
|
-
if (mod3 != null) {
|
|
95397
|
-
for (var k = ownKeys(mod3), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod3, k[i]);
|
|
95398
|
-
}
|
|
95399
|
-
__setModuleDefault(result, mod3);
|
|
95400
|
-
return result;
|
|
95401
|
-
};
|
|
95402
|
-
})();
|
|
95403
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
95404
|
-
exports.AzureKmsProvider = exports.GcpKmsProvider = exports.AwsKmsProvider = void 0;
|
|
95405
|
-
exports.createKmsProvider = createKmsProvider;
|
|
95406
|
-
var aws_1 = require_aws();
|
|
95407
|
-
var gcp_1 = require_gcp();
|
|
95408
|
-
var azure_1 = require_azure();
|
|
95409
|
-
var aws_2 = require_aws();
|
|
95410
|
-
Object.defineProperty(exports, "AwsKmsProvider", { enumerable: true, get: function() {
|
|
95411
|
-
return aws_2.AwsKmsProvider;
|
|
95412
|
-
} });
|
|
95413
|
-
var gcp_2 = require_gcp();
|
|
95414
|
-
Object.defineProperty(exports, "GcpKmsProvider", { enumerable: true, get: function() {
|
|
95415
|
-
return gcp_2.GcpKmsProvider;
|
|
95416
|
-
} });
|
|
95417
|
-
var azure_2 = require_azure();
|
|
95418
|
-
Object.defineProperty(exports, "AzureKmsProvider", { enumerable: true, get: function() {
|
|
95419
|
-
return azure_2.AzureKmsProvider;
|
|
95420
|
-
} });
|
|
95421
|
-
async function createKmsProvider(provider, options) {
|
|
95422
|
-
switch (provider) {
|
|
95423
|
-
case "aws":
|
|
95424
|
-
return new aws_1.AwsKmsProvider(options?.region);
|
|
95425
|
-
case "gcp":
|
|
95426
|
-
return new gcp_1.GcpKmsProvider();
|
|
95427
|
-
case "azure":
|
|
95428
|
-
return new azure_1.AzureKmsProvider();
|
|
95429
|
-
case "cloud": {
|
|
95430
|
-
try {
|
|
95431
|
-
const { CloudKmsProvider } = await Promise.resolve().then(() => __importStar(require_kms()));
|
|
95432
|
-
return new CloudKmsProvider({
|
|
95433
|
-
endpoint: options?.endpoint ?? "",
|
|
95434
|
-
token: options?.token
|
|
95435
|
-
});
|
|
95436
|
-
} catch {
|
|
95437
|
-
throw new Error("Clef Cloud KMS requires @clef-sh/client. Install it with: npm install @clef-sh/client");
|
|
95438
|
-
}
|
|
95439
|
-
}
|
|
95440
|
-
default:
|
|
95441
|
-
throw new Error(`Unknown KMS provider: ${provider}`);
|
|
95149
|
+
// ../runtime/src/kms/index.ts
|
|
95150
|
+
async function createKmsProvider(provider, options) {
|
|
95151
|
+
switch (provider) {
|
|
95152
|
+
case "aws":
|
|
95153
|
+
return new AwsKmsProvider(options?.region);
|
|
95154
|
+
case "gcp":
|
|
95155
|
+
return new GcpKmsProvider();
|
|
95156
|
+
case "azure":
|
|
95157
|
+
return new AzureKmsProvider();
|
|
95158
|
+
case "cloud": {
|
|
95159
|
+
try {
|
|
95160
|
+
const { CloudKmsProvider: CloudKmsProvider2 } = await Promise.resolve().then(() => (init_kms2(), kms_exports));
|
|
95161
|
+
return new CloudKmsProvider2({
|
|
95162
|
+
endpoint: options?.endpoint ?? "",
|
|
95163
|
+
token: options?.token
|
|
95164
|
+
});
|
|
95165
|
+
} catch {
|
|
95166
|
+
throw new Error(
|
|
95167
|
+
"Clef Cloud KMS requires @clef-sh/client. Install it with: npm install @clef-sh/client"
|
|
95168
|
+
);
|
|
95442
95169
|
}
|
|
95443
95170
|
}
|
|
95171
|
+
default:
|
|
95172
|
+
throw new Error(`Unknown KMS provider: ${provider}`);
|
|
95173
|
+
}
|
|
95174
|
+
}
|
|
95175
|
+
var init_kms3 = __esm({
|
|
95176
|
+
"../runtime/src/kms/index.ts"() {
|
|
95177
|
+
"use strict";
|
|
95178
|
+
init_aws();
|
|
95179
|
+
init_gcp();
|
|
95180
|
+
init_azure();
|
|
95181
|
+
init_aws();
|
|
95182
|
+
init_gcp();
|
|
95183
|
+
init_azure();
|
|
95444
95184
|
}
|
|
95445
95185
|
});
|
|
95446
95186
|
|
|
95447
|
-
// ../runtime/
|
|
95448
|
-
|
|
95449
|
-
|
|
95187
|
+
// ../runtime/src/artifact-decryptor.ts
|
|
95188
|
+
import * as crypto6 from "crypto";
|
|
95189
|
+
var ArtifactDecryptor;
|
|
95190
|
+
var init_artifact_decryptor = __esm({
|
|
95191
|
+
"../runtime/src/artifact-decryptor.ts"() {
|
|
95450
95192
|
"use strict";
|
|
95451
|
-
|
|
95452
|
-
|
|
95453
|
-
|
|
95454
|
-
|
|
95455
|
-
desc = { enumerable: true, get: function() {
|
|
95456
|
-
return m[k];
|
|
95457
|
-
} };
|
|
95458
|
-
}
|
|
95459
|
-
Object.defineProperty(o, k2, desc);
|
|
95460
|
-
}) : (function(o, m, k, k2) {
|
|
95461
|
-
if (k2 === void 0) k2 = k;
|
|
95462
|
-
o[k2] = m[k];
|
|
95463
|
-
}));
|
|
95464
|
-
var __setModuleDefault = exports && exports.__setModuleDefault || (Object.create ? (function(o, v) {
|
|
95465
|
-
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
95466
|
-
}) : function(o, v) {
|
|
95467
|
-
o["default"] = v;
|
|
95468
|
-
});
|
|
95469
|
-
var __importStar = exports && exports.__importStar || /* @__PURE__ */ (function() {
|
|
95470
|
-
var ownKeys = function(o) {
|
|
95471
|
-
ownKeys = Object.getOwnPropertyNames || function(o2) {
|
|
95472
|
-
var ar = [];
|
|
95473
|
-
for (var k in o2) if (Object.prototype.hasOwnProperty.call(o2, k)) ar[ar.length] = k;
|
|
95474
|
-
return ar;
|
|
95475
|
-
};
|
|
95476
|
-
return ownKeys(o);
|
|
95477
|
-
};
|
|
95478
|
-
return function(mod3) {
|
|
95479
|
-
if (mod3 && mod3.__esModule) return mod3;
|
|
95480
|
-
var result = {};
|
|
95481
|
-
if (mod3 != null) {
|
|
95482
|
-
for (var k = ownKeys(mod3), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod3, k[i]);
|
|
95483
|
-
}
|
|
95484
|
-
__setModuleDefault(result, mod3);
|
|
95485
|
-
return result;
|
|
95486
|
-
};
|
|
95487
|
-
})();
|
|
95488
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
95489
|
-
exports.ArtifactDecryptor = void 0;
|
|
95490
|
-
var crypto6 = __importStar(__require("crypto"));
|
|
95491
|
-
var decrypt_1 = require_decrypt();
|
|
95492
|
-
var kms_1 = require_kms2();
|
|
95493
|
-
var ArtifactDecryptor = class {
|
|
95494
|
-
ageDecryptor = new decrypt_1.AgeDecryptor();
|
|
95193
|
+
init_decrypt();
|
|
95194
|
+
init_kms3();
|
|
95195
|
+
ArtifactDecryptor = class {
|
|
95196
|
+
ageDecryptor = new AgeDecryptor();
|
|
95495
95197
|
privateKey;
|
|
95496
95198
|
telemetryOverride;
|
|
95497
95199
|
initialTelemetry;
|
|
@@ -95538,7 +95240,7 @@ var require_artifact_decryptor = __commonJS({
|
|
|
95538
95240
|
const envelope = artifact.envelope;
|
|
95539
95241
|
let dek;
|
|
95540
95242
|
try {
|
|
95541
|
-
const kms = await
|
|
95243
|
+
const kms = await createKmsProvider(envelope.provider);
|
|
95542
95244
|
const wrappedKey = Buffer.from(envelope.wrappedKey, "base64");
|
|
95543
95245
|
dek = await kms.unwrap(envelope.keyId, wrappedKey, envelope.algorithm);
|
|
95544
95246
|
} catch (err) {
|
|
@@ -95568,7 +95270,9 @@ var require_artifact_decryptor = __commonJS({
|
|
|
95568
95270
|
/** Age-only: decrypt with the static private key. */
|
|
95569
95271
|
async decryptAge(artifact) {
|
|
95570
95272
|
if (!this.privateKey) {
|
|
95571
|
-
throw new Error(
|
|
95273
|
+
throw new Error(
|
|
95274
|
+
"Artifact requires an age private key. Set CLEF_AGENT_AGE_KEY or use KMS envelope encryption."
|
|
95275
|
+
);
|
|
95572
95276
|
}
|
|
95573
95277
|
try {
|
|
95574
95278
|
return await this.ageDecryptor.decrypt(artifact.ciphertext, this.privateKey);
|
|
@@ -95581,141 +95285,71 @@ var require_artifact_decryptor = __commonJS({
|
|
|
95581
95285
|
}
|
|
95582
95286
|
}
|
|
95583
95287
|
};
|
|
95584
|
-
exports.ArtifactDecryptor = ArtifactDecryptor;
|
|
95585
95288
|
}
|
|
95586
95289
|
});
|
|
95587
95290
|
|
|
95588
|
-
// ../runtime/
|
|
95589
|
-
|
|
95590
|
-
|
|
95291
|
+
// ../runtime/src/signature.ts
|
|
95292
|
+
import * as crypto7 from "crypto";
|
|
95293
|
+
function buildSigningPayload2(artifact) {
|
|
95294
|
+
const fields = [
|
|
95295
|
+
"clef-sig-v3",
|
|
95296
|
+
String(artifact.version),
|
|
95297
|
+
artifact.identity,
|
|
95298
|
+
artifact.environment,
|
|
95299
|
+
artifact.revision,
|
|
95300
|
+
artifact.packedAt,
|
|
95301
|
+
artifact.ciphertextHash,
|
|
95302
|
+
artifact.expiresAt ?? "",
|
|
95303
|
+
artifact.envelope?.provider ?? "",
|
|
95304
|
+
artifact.envelope?.keyId ?? "",
|
|
95305
|
+
artifact.envelope?.wrappedKey ?? "",
|
|
95306
|
+
artifact.envelope?.algorithm ?? "",
|
|
95307
|
+
artifact.envelope?.iv ?? "",
|
|
95308
|
+
artifact.envelope?.authTag ?? ""
|
|
95309
|
+
];
|
|
95310
|
+
return Buffer.from(fields.join("\n"), "utf-8");
|
|
95311
|
+
}
|
|
95312
|
+
function verifySignature2(payload, signatureBase64, publicKeyBase64) {
|
|
95313
|
+
const keyObj = crypto7.createPublicKey({
|
|
95314
|
+
key: Buffer.from(publicKeyBase64, "base64"),
|
|
95315
|
+
format: "der",
|
|
95316
|
+
type: "spki"
|
|
95317
|
+
});
|
|
95318
|
+
const signature = Buffer.from(signatureBase64, "base64");
|
|
95319
|
+
const keyType = keyObj.asymmetricKeyType;
|
|
95320
|
+
if (keyType === "ed25519") {
|
|
95321
|
+
return crypto7.verify(null, payload, keyObj, signature);
|
|
95322
|
+
}
|
|
95323
|
+
if (keyType === "ec") {
|
|
95324
|
+
return crypto7.verify("sha256", payload, keyObj, signature);
|
|
95325
|
+
}
|
|
95326
|
+
throw new Error(`Unsupported key type for signature verification: ${keyType}`);
|
|
95327
|
+
}
|
|
95328
|
+
var init_signature = __esm({
|
|
95329
|
+
"../runtime/src/signature.ts"() {
|
|
95591
95330
|
"use strict";
|
|
95592
|
-
var __createBinding = exports && exports.__createBinding || (Object.create ? (function(o, m, k, k2) {
|
|
95593
|
-
if (k2 === void 0) k2 = k;
|
|
95594
|
-
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
95595
|
-
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
95596
|
-
desc = { enumerable: true, get: function() {
|
|
95597
|
-
return m[k];
|
|
95598
|
-
} };
|
|
95599
|
-
}
|
|
95600
|
-
Object.defineProperty(o, k2, desc);
|
|
95601
|
-
}) : (function(o, m, k, k2) {
|
|
95602
|
-
if (k2 === void 0) k2 = k;
|
|
95603
|
-
o[k2] = m[k];
|
|
95604
|
-
}));
|
|
95605
|
-
var __setModuleDefault = exports && exports.__setModuleDefault || (Object.create ? (function(o, v) {
|
|
95606
|
-
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
95607
|
-
}) : function(o, v) {
|
|
95608
|
-
o["default"] = v;
|
|
95609
|
-
});
|
|
95610
|
-
var __importStar = exports && exports.__importStar || /* @__PURE__ */ (function() {
|
|
95611
|
-
var ownKeys = function(o) {
|
|
95612
|
-
ownKeys = Object.getOwnPropertyNames || function(o2) {
|
|
95613
|
-
var ar = [];
|
|
95614
|
-
for (var k in o2) if (Object.prototype.hasOwnProperty.call(o2, k)) ar[ar.length] = k;
|
|
95615
|
-
return ar;
|
|
95616
|
-
};
|
|
95617
|
-
return ownKeys(o);
|
|
95618
|
-
};
|
|
95619
|
-
return function(mod3) {
|
|
95620
|
-
if (mod3 && mod3.__esModule) return mod3;
|
|
95621
|
-
var result = {};
|
|
95622
|
-
if (mod3 != null) {
|
|
95623
|
-
for (var k = ownKeys(mod3), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod3, k[i]);
|
|
95624
|
-
}
|
|
95625
|
-
__setModuleDefault(result, mod3);
|
|
95626
|
-
return result;
|
|
95627
|
-
};
|
|
95628
|
-
})();
|
|
95629
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
95630
|
-
exports.buildSigningPayload = buildSigningPayload2;
|
|
95631
|
-
exports.verifySignature = verifySignature2;
|
|
95632
|
-
var crypto6 = __importStar(__require("crypto"));
|
|
95633
|
-
function buildSigningPayload2(artifact) {
|
|
95634
|
-
const fields = [
|
|
95635
|
-
"clef-sig-v3",
|
|
95636
|
-
String(artifact.version),
|
|
95637
|
-
artifact.identity,
|
|
95638
|
-
artifact.environment,
|
|
95639
|
-
artifact.revision,
|
|
95640
|
-
artifact.packedAt,
|
|
95641
|
-
artifact.ciphertextHash,
|
|
95642
|
-
artifact.expiresAt ?? "",
|
|
95643
|
-
artifact.envelope?.provider ?? "",
|
|
95644
|
-
artifact.envelope?.keyId ?? "",
|
|
95645
|
-
artifact.envelope?.wrappedKey ?? "",
|
|
95646
|
-
artifact.envelope?.algorithm ?? "",
|
|
95647
|
-
artifact.envelope?.iv ?? "",
|
|
95648
|
-
artifact.envelope?.authTag ?? ""
|
|
95649
|
-
];
|
|
95650
|
-
return Buffer.from(fields.join("\n"), "utf-8");
|
|
95651
|
-
}
|
|
95652
|
-
function verifySignature2(payload, signatureBase64, publicKeyBase64) {
|
|
95653
|
-
const keyObj = crypto6.createPublicKey({
|
|
95654
|
-
key: Buffer.from(publicKeyBase64, "base64"),
|
|
95655
|
-
format: "der",
|
|
95656
|
-
type: "spki"
|
|
95657
|
-
});
|
|
95658
|
-
const signature = Buffer.from(signatureBase64, "base64");
|
|
95659
|
-
const keyType = keyObj.asymmetricKeyType;
|
|
95660
|
-
if (keyType === "ed25519") {
|
|
95661
|
-
return crypto6.verify(null, payload, keyObj, signature);
|
|
95662
|
-
}
|
|
95663
|
-
if (keyType === "ec") {
|
|
95664
|
-
return crypto6.verify("sha256", payload, keyObj, signature);
|
|
95665
|
-
}
|
|
95666
|
-
throw new Error(`Unsupported key type for signature verification: ${keyType}`);
|
|
95667
|
-
}
|
|
95668
95331
|
}
|
|
95669
95332
|
});
|
|
95670
95333
|
|
|
95671
|
-
// ../runtime/
|
|
95672
|
-
|
|
95673
|
-
|
|
95334
|
+
// ../runtime/src/poller.ts
|
|
95335
|
+
import * as crypto8 from "crypto";
|
|
95336
|
+
function classifyValidationError(err) {
|
|
95337
|
+
if (err instanceof SyntaxError) return "json_parse";
|
|
95338
|
+
const msg = err instanceof Error ? err.message : "";
|
|
95339
|
+
if (msg.includes("Unsupported artifact version")) return "unsupported_version";
|
|
95340
|
+
if (msg.includes("missing required fields")) return "missing_fields";
|
|
95341
|
+
if (msg.includes("incomplete envelope")) return "incomplete_envelope";
|
|
95342
|
+
if (msg.includes("signature")) return "signature";
|
|
95343
|
+
return "unknown";
|
|
95344
|
+
}
|
|
95345
|
+
var MIN_POLL_MS, ArtifactPoller;
|
|
95346
|
+
var init_poller = __esm({
|
|
95347
|
+
"../runtime/src/poller.ts"() {
|
|
95674
95348
|
"use strict";
|
|
95675
|
-
|
|
95676
|
-
|
|
95677
|
-
|
|
95678
|
-
|
|
95679
|
-
desc = { enumerable: true, get: function() {
|
|
95680
|
-
return m[k];
|
|
95681
|
-
} };
|
|
95682
|
-
}
|
|
95683
|
-
Object.defineProperty(o, k2, desc);
|
|
95684
|
-
}) : (function(o, m, k, k2) {
|
|
95685
|
-
if (k2 === void 0) k2 = k;
|
|
95686
|
-
o[k2] = m[k];
|
|
95687
|
-
}));
|
|
95688
|
-
var __setModuleDefault = exports && exports.__setModuleDefault || (Object.create ? (function(o, v) {
|
|
95689
|
-
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
95690
|
-
}) : function(o, v) {
|
|
95691
|
-
o["default"] = v;
|
|
95692
|
-
});
|
|
95693
|
-
var __importStar = exports && exports.__importStar || /* @__PURE__ */ (function() {
|
|
95694
|
-
var ownKeys = function(o) {
|
|
95695
|
-
ownKeys = Object.getOwnPropertyNames || function(o2) {
|
|
95696
|
-
var ar = [];
|
|
95697
|
-
for (var k in o2) if (Object.prototype.hasOwnProperty.call(o2, k)) ar[ar.length] = k;
|
|
95698
|
-
return ar;
|
|
95699
|
-
};
|
|
95700
|
-
return ownKeys(o);
|
|
95701
|
-
};
|
|
95702
|
-
return function(mod3) {
|
|
95703
|
-
if (mod3 && mod3.__esModule) return mod3;
|
|
95704
|
-
var result = {};
|
|
95705
|
-
if (mod3 != null) {
|
|
95706
|
-
for (var k = ownKeys(mod3), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod3, k[i]);
|
|
95707
|
-
}
|
|
95708
|
-
__setModuleDefault(result, mod3);
|
|
95709
|
-
return result;
|
|
95710
|
-
};
|
|
95711
|
-
})();
|
|
95712
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
95713
|
-
exports.ArtifactPoller = void 0;
|
|
95714
|
-
var crypto6 = __importStar(__require("crypto"));
|
|
95715
|
-
var artifact_decryptor_1 = require_artifact_decryptor();
|
|
95716
|
-
var signature_1 = require_signature();
|
|
95717
|
-
var MIN_POLL_MS = 5e3;
|
|
95718
|
-
var ArtifactPoller = class {
|
|
95349
|
+
init_artifact_decryptor();
|
|
95350
|
+
init_signature();
|
|
95351
|
+
MIN_POLL_MS = 5e3;
|
|
95352
|
+
ArtifactPoller = class {
|
|
95719
95353
|
timer = null;
|
|
95720
95354
|
lastContentHash = null;
|
|
95721
95355
|
lastRevision = null;
|
|
@@ -95727,7 +95361,7 @@ var require_poller = __commonJS({
|
|
|
95727
95361
|
constructor(options) {
|
|
95728
95362
|
this.options = options;
|
|
95729
95363
|
this.jitMode = !!options.encryptedStore;
|
|
95730
|
-
this.decryptor = new
|
|
95364
|
+
this.decryptor = new ArtifactDecryptor({
|
|
95731
95365
|
privateKey: options.privateKey,
|
|
95732
95366
|
telemetry: options.telemetry
|
|
95733
95367
|
});
|
|
@@ -95750,8 +95384,7 @@ var require_poller = __commonJS({
|
|
|
95750
95384
|
*/
|
|
95751
95385
|
async fetchAndDecrypt() {
|
|
95752
95386
|
const result = await this.fetchRaw();
|
|
95753
|
-
if (!result)
|
|
95754
|
-
return;
|
|
95387
|
+
if (!result) return;
|
|
95755
95388
|
await this.validateDecryptAndCache(result.artifact, result.contentHash);
|
|
95756
95389
|
}
|
|
95757
95390
|
/**
|
|
@@ -95761,8 +95394,7 @@ var require_poller = __commonJS({
|
|
|
95761
95394
|
*/
|
|
95762
95395
|
async fetchAndValidate() {
|
|
95763
95396
|
const result = await this.fetchRaw();
|
|
95764
|
-
if (!result)
|
|
95765
|
-
return;
|
|
95397
|
+
if (!result) return;
|
|
95766
95398
|
const artifact = this.validateArtifact(result.artifact);
|
|
95767
95399
|
this.options.encryptedStore.swap(artifact);
|
|
95768
95400
|
this.lastRevision = artifact.revision;
|
|
@@ -95787,8 +95419,7 @@ var require_poller = __commonJS({
|
|
|
95787
95419
|
const result = await this.options.source.fetch();
|
|
95788
95420
|
raw = result.raw;
|
|
95789
95421
|
contentHash = result.contentHash;
|
|
95790
|
-
if (contentHash && contentHash === this.lastContentHash)
|
|
95791
|
-
return null;
|
|
95422
|
+
if (contentHash && contentHash === this.lastContentHash) return null;
|
|
95792
95423
|
this.options.diskCache?.write(raw, contentHash);
|
|
95793
95424
|
} catch (err) {
|
|
95794
95425
|
this.telemetry?.fetchFailed({
|
|
@@ -95813,8 +95444,7 @@ var require_poller = __commonJS({
|
|
|
95813
95444
|
}
|
|
95814
95445
|
raw = cached3;
|
|
95815
95446
|
contentHash = this.options.diskCache.getCachedSha();
|
|
95816
|
-
if (contentHash && contentHash === this.lastContentHash)
|
|
95817
|
-
return null;
|
|
95447
|
+
if (contentHash && contentHash === this.lastContentHash) return null;
|
|
95818
95448
|
} else {
|
|
95819
95449
|
if (ttl !== void 0 && ttl > 0 && this.options.cache.isExpired(ttl)) {
|
|
95820
95450
|
this.options.cache.wipe();
|
|
@@ -95848,7 +95478,9 @@ var require_poller = __commonJS({
|
|
|
95848
95478
|
this.telemetry?.artifactRevoked({
|
|
95849
95479
|
revokedAt: String(parsed.revokedAt)
|
|
95850
95480
|
});
|
|
95851
|
-
throw new Error(
|
|
95481
|
+
throw new Error(
|
|
95482
|
+
`Artifact revoked: ${parsed.identity}/${parsed.environment} at ${parsed.revokedAt}`
|
|
95483
|
+
);
|
|
95852
95484
|
}
|
|
95853
95485
|
return { artifact: parsed, contentHash };
|
|
95854
95486
|
}
|
|
@@ -95876,11 +95508,12 @@ var require_poller = __commonJS({
|
|
|
95876
95508
|
this.telemetry?.artifactExpired({ expiresAt: artifact.expiresAt });
|
|
95877
95509
|
throw new Error(`Artifact expired at ${artifact.expiresAt}`);
|
|
95878
95510
|
}
|
|
95879
|
-
if (artifact.revision === this.lastRevision)
|
|
95880
|
-
|
|
95881
|
-
const hash = crypto6.createHash("sha256").update(artifact.ciphertext).digest("hex");
|
|
95511
|
+
if (artifact.revision === this.lastRevision) return artifact;
|
|
95512
|
+
const hash = crypto8.createHash("sha256").update(artifact.ciphertext).digest("hex");
|
|
95882
95513
|
if (hash !== artifact.ciphertextHash) {
|
|
95883
|
-
const err = new Error(
|
|
95514
|
+
const err = new Error(
|
|
95515
|
+
`Artifact integrity check failed: expected hash ${artifact.ciphertextHash}, got ${hash}`
|
|
95516
|
+
);
|
|
95884
95517
|
this.telemetry?.artifactInvalid({
|
|
95885
95518
|
reason: "integrity",
|
|
95886
95519
|
error: err.message
|
|
@@ -95889,19 +95522,23 @@ var require_poller = __commonJS({
|
|
|
95889
95522
|
}
|
|
95890
95523
|
if (this.options.verifyKey) {
|
|
95891
95524
|
if (!artifact.signature) {
|
|
95892
|
-
const err = new Error(
|
|
95525
|
+
const err = new Error(
|
|
95526
|
+
"Artifact signature verification failed: artifact is unsigned but a verify key is configured. Only signed artifacts are accepted when signature verification is enabled."
|
|
95527
|
+
);
|
|
95893
95528
|
this.telemetry?.artifactInvalid({
|
|
95894
95529
|
reason: "signature_missing",
|
|
95895
95530
|
error: err.message
|
|
95896
95531
|
});
|
|
95897
95532
|
throw err;
|
|
95898
95533
|
}
|
|
95899
|
-
const payload = (
|
|
95534
|
+
const payload = buildSigningPayload2(artifact);
|
|
95900
95535
|
let valid;
|
|
95901
95536
|
try {
|
|
95902
|
-
valid = (
|
|
95537
|
+
valid = verifySignature2(payload, artifact.signature, this.options.verifyKey);
|
|
95903
95538
|
} catch (sigErr) {
|
|
95904
|
-
const err = new Error(
|
|
95539
|
+
const err = new Error(
|
|
95540
|
+
`Artifact signature verification error: ${sigErr instanceof Error ? sigErr.message : String(sigErr)}`
|
|
95541
|
+
);
|
|
95905
95542
|
this.telemetry?.artifactInvalid({
|
|
95906
95543
|
reason: "signature_error",
|
|
95907
95544
|
error: err.message
|
|
@@ -95909,7 +95546,9 @@ var require_poller = __commonJS({
|
|
|
95909
95546
|
throw err;
|
|
95910
95547
|
}
|
|
95911
95548
|
if (!valid) {
|
|
95912
|
-
const err = new Error(
|
|
95549
|
+
const err = new Error(
|
|
95550
|
+
"Artifact signature verification failed: signature does not match the verify key. The artifact may have been tampered with or signed by a different key."
|
|
95551
|
+
);
|
|
95913
95552
|
this.telemetry?.artifactInvalid({
|
|
95914
95553
|
reason: "signature_invalid",
|
|
95915
95554
|
error: err.message
|
|
@@ -95924,8 +95563,7 @@ var require_poller = __commonJS({
|
|
|
95924
95563
|
*/
|
|
95925
95564
|
async validateDecryptAndCache(parsed, contentHash) {
|
|
95926
95565
|
const artifact = this.validateArtifact(parsed);
|
|
95927
|
-
if (artifact.revision === this.lastRevision)
|
|
95928
|
-
return;
|
|
95566
|
+
if (artifact.revision === this.lastRevision) return;
|
|
95929
95567
|
const { values } = await this.decryptor.decrypt(artifact);
|
|
95930
95568
|
const keys = Object.keys(values);
|
|
95931
95569
|
this.options.cache.swap(values, keys, artifact.revision);
|
|
@@ -95950,8 +95588,7 @@ var require_poller = __commonJS({
|
|
|
95950
95588
|
}
|
|
95951
95589
|
/** Start only the polling schedule (no initial fetch). */
|
|
95952
95590
|
startPolling() {
|
|
95953
|
-
if (this.timer)
|
|
95954
|
-
return;
|
|
95591
|
+
if (this.timer) return;
|
|
95955
95592
|
this.scheduleNext();
|
|
95956
95593
|
}
|
|
95957
95594
|
/** Stop the polling loop. */
|
|
@@ -95991,8 +95628,7 @@ var require_poller = __commonJS({
|
|
|
95991
95628
|
}
|
|
95992
95629
|
return MIN_POLL_MS;
|
|
95993
95630
|
}
|
|
95994
|
-
if (this.jitMode)
|
|
95995
|
-
return MIN_POLL_MS;
|
|
95631
|
+
if (this.jitMode) return MIN_POLL_MS;
|
|
95996
95632
|
const ttl = this.options.cacheTtl;
|
|
95997
95633
|
if (ttl !== void 0) {
|
|
95998
95634
|
return Math.max(ttl / 10 * 1e3, MIN_POLL_MS);
|
|
@@ -96014,31 +95650,15 @@ var require_poller = __commonJS({
|
|
|
96014
95650
|
return artifact;
|
|
96015
95651
|
}
|
|
96016
95652
|
};
|
|
96017
|
-
exports.ArtifactPoller = ArtifactPoller;
|
|
96018
|
-
function classifyValidationError(err) {
|
|
96019
|
-
if (err instanceof SyntaxError)
|
|
96020
|
-
return "json_parse";
|
|
96021
|
-
const msg = err instanceof Error ? err.message : "";
|
|
96022
|
-
if (msg.includes("Unsupported artifact version"))
|
|
96023
|
-
return "unsupported_version";
|
|
96024
|
-
if (msg.includes("missing required fields"))
|
|
96025
|
-
return "missing_fields";
|
|
96026
|
-
if (msg.includes("incomplete envelope"))
|
|
96027
|
-
return "incomplete_envelope";
|
|
96028
|
-
if (msg.includes("signature"))
|
|
96029
|
-
return "signature";
|
|
96030
|
-
return "unknown";
|
|
96031
|
-
}
|
|
96032
95653
|
}
|
|
96033
95654
|
});
|
|
96034
95655
|
|
|
96035
|
-
// ../runtime/
|
|
96036
|
-
var
|
|
96037
|
-
|
|
95656
|
+
// ../runtime/src/encrypted-artifact-store.ts
|
|
95657
|
+
var EncryptedArtifactStore;
|
|
95658
|
+
var init_encrypted_artifact_store = __esm({
|
|
95659
|
+
"../runtime/src/encrypted-artifact-store.ts"() {
|
|
96038
95660
|
"use strict";
|
|
96039
|
-
|
|
96040
|
-
exports.EncryptedArtifactStore = void 0;
|
|
96041
|
-
var EncryptedArtifactStore = class {
|
|
95661
|
+
EncryptedArtifactStore = class {
|
|
96042
95662
|
artifact = null;
|
|
96043
95663
|
_storedAt = null;
|
|
96044
95664
|
/** Atomically replace the stored artifact. */
|
|
@@ -96068,17 +95688,23 @@ var require_encrypted_artifact_store = __commonJS({
|
|
|
96068
95688
|
this._storedAt = null;
|
|
96069
95689
|
}
|
|
96070
95690
|
};
|
|
96071
|
-
exports.EncryptedArtifactStore = EncryptedArtifactStore;
|
|
96072
95691
|
}
|
|
96073
95692
|
});
|
|
96074
95693
|
|
|
96075
|
-
// ../runtime/
|
|
96076
|
-
|
|
96077
|
-
"
|
|
95694
|
+
// ../runtime/src/telemetry.ts
|
|
95695
|
+
function otlpValue(v) {
|
|
95696
|
+
if (typeof v === "boolean") return { boolValue: v };
|
|
95697
|
+
if (typeof v === "number") return { intValue: String(v) };
|
|
95698
|
+
return { stringValue: String(v) };
|
|
95699
|
+
}
|
|
95700
|
+
function isoToUnixNano(iso) {
|
|
95701
|
+
return String(new Date(iso).getTime() * 1e6);
|
|
95702
|
+
}
|
|
95703
|
+
var SEVERITY, BASE_FIELDS, TelemetryEmitter;
|
|
95704
|
+
var init_telemetry = __esm({
|
|
95705
|
+
"../runtime/src/telemetry.ts"() {
|
|
96078
95706
|
"use strict";
|
|
96079
|
-
|
|
96080
|
-
exports.TelemetryEmitter = void 0;
|
|
96081
|
-
var SEVERITY = {
|
|
95707
|
+
SEVERITY = {
|
|
96082
95708
|
"agent.started": { number: 9, text: "INFO" },
|
|
96083
95709
|
"agent.stopped": { number: 9, text: "INFO" },
|
|
96084
95710
|
"artifact.refreshed": { number: 9, text: "INFO" },
|
|
@@ -96088,7 +95714,7 @@ var require_telemetry = __commonJS({
|
|
|
96088
95714
|
"cache.expired": { number: 17, text: "ERROR" },
|
|
96089
95715
|
"artifact.invalid": { number: 17, text: "ERROR" }
|
|
96090
95716
|
};
|
|
96091
|
-
|
|
95717
|
+
BASE_FIELDS = /* @__PURE__ */ new Set([
|
|
96092
95718
|
"type",
|
|
96093
95719
|
"timestamp",
|
|
96094
95720
|
"agentId",
|
|
@@ -96096,17 +95722,7 @@ var require_telemetry = __commonJS({
|
|
|
96096
95722
|
"environment",
|
|
96097
95723
|
"sourceType"
|
|
96098
95724
|
]);
|
|
96099
|
-
|
|
96100
|
-
if (typeof v === "boolean")
|
|
96101
|
-
return { boolValue: v };
|
|
96102
|
-
if (typeof v === "number")
|
|
96103
|
-
return { intValue: String(v) };
|
|
96104
|
-
return { stringValue: String(v) };
|
|
96105
|
-
}
|
|
96106
|
-
function isoToUnixNano(iso) {
|
|
96107
|
-
return String(new Date(iso).getTime() * 1e6);
|
|
96108
|
-
}
|
|
96109
|
-
var TelemetryEmitter = class {
|
|
95725
|
+
TelemetryEmitter = class {
|
|
96110
95726
|
buffer = [];
|
|
96111
95727
|
timer = null;
|
|
96112
95728
|
opts;
|
|
@@ -96144,8 +95760,7 @@ var require_telemetry = __commonJS({
|
|
|
96144
95760
|
}
|
|
96145
95761
|
/** Fire-and-forget flush of the current buffer. */
|
|
96146
95762
|
flush() {
|
|
96147
|
-
if (this.buffer.length === 0)
|
|
96148
|
-
return;
|
|
95763
|
+
if (this.buffer.length === 0) return;
|
|
96149
95764
|
const batch = this.buffer;
|
|
96150
95765
|
this.buffer = [];
|
|
96151
95766
|
fetch(this.opts.url, {
|
|
@@ -96157,8 +95772,7 @@ var require_telemetry = __commonJS({
|
|
|
96157
95772
|
}
|
|
96158
95773
|
/** Awaitable flush for graceful shutdown. */
|
|
96159
95774
|
async flushAsync() {
|
|
96160
|
-
if (this.buffer.length === 0)
|
|
96161
|
-
return;
|
|
95775
|
+
if (this.buffer.length === 0) return;
|
|
96162
95776
|
const batch = this.buffer;
|
|
96163
95777
|
this.buffer = [];
|
|
96164
95778
|
try {
|
|
@@ -96220,8 +95834,7 @@ var require_telemetry = __commonJS({
|
|
|
96220
95834
|
{ key: "event.name", value: { stringValue: `clef.${event.type}` } }
|
|
96221
95835
|
];
|
|
96222
95836
|
for (const [key, val] of Object.entries(event)) {
|
|
96223
|
-
if (BASE_FIELDS.has(key))
|
|
96224
|
-
continue;
|
|
95837
|
+
if (BASE_FIELDS.has(key)) continue;
|
|
96225
95838
|
attributes.push({ key: `clef.${key}`, value: otlpValue(val) });
|
|
96226
95839
|
}
|
|
96227
95840
|
return {
|
|
@@ -96247,17 +95860,15 @@ var require_telemetry = __commonJS({
|
|
|
96247
95860
|
});
|
|
96248
95861
|
}
|
|
96249
95862
|
};
|
|
96250
|
-
exports.TelemetryEmitter = TelemetryEmitter;
|
|
96251
95863
|
}
|
|
96252
95864
|
});
|
|
96253
95865
|
|
|
96254
|
-
// ../runtime/
|
|
96255
|
-
var
|
|
96256
|
-
|
|
95866
|
+
// ../runtime/src/vcs/github.ts
|
|
95867
|
+
var GitHubProvider;
|
|
95868
|
+
var init_github = __esm({
|
|
95869
|
+
"../runtime/src/vcs/github.ts"() {
|
|
96257
95870
|
"use strict";
|
|
96258
|
-
|
|
96259
|
-
exports.GitHubProvider = void 0;
|
|
96260
|
-
var GitHubProvider = class {
|
|
95871
|
+
GitHubProvider = class {
|
|
96261
95872
|
repo;
|
|
96262
95873
|
token;
|
|
96263
95874
|
ref;
|
|
@@ -96268,10 +95879,9 @@ var require_github = __commonJS({
|
|
|
96268
95879
|
this.ref = config.ref;
|
|
96269
95880
|
this.apiUrl = config.apiUrl ?? "https://api.github.com";
|
|
96270
95881
|
}
|
|
96271
|
-
async fetchFile(
|
|
96272
|
-
const url = new URL(`/repos/${this.repo}/contents/${
|
|
96273
|
-
if (this.ref)
|
|
96274
|
-
url.searchParams.set("ref", this.ref);
|
|
95882
|
+
async fetchFile(path57) {
|
|
95883
|
+
const url = new URL(`/repos/${this.repo}/contents/${path57}`, this.apiUrl);
|
|
95884
|
+
if (this.ref) url.searchParams.set("ref", this.ref);
|
|
96275
95885
|
const res = await fetch(url.toString(), {
|
|
96276
95886
|
headers: {
|
|
96277
95887
|
Authorization: `Bearer ${this.token}`,
|
|
@@ -96279,24 +95889,22 @@ var require_github = __commonJS({
|
|
|
96279
95889
|
}
|
|
96280
95890
|
});
|
|
96281
95891
|
if (!res.ok) {
|
|
96282
|
-
throw new Error(`GitHub API error: ${res.status} fetching ${
|
|
95892
|
+
throw new Error(`GitHub API error: ${res.status} fetching ${path57} from ${this.repo}`);
|
|
96283
95893
|
}
|
|
96284
95894
|
const data = await res.json();
|
|
96285
95895
|
const content = Buffer.from(data.content, "base64").toString("utf-8");
|
|
96286
95896
|
return { content, sha: data.sha };
|
|
96287
95897
|
}
|
|
96288
95898
|
};
|
|
96289
|
-
exports.GitHubProvider = GitHubProvider;
|
|
96290
95899
|
}
|
|
96291
95900
|
});
|
|
96292
95901
|
|
|
96293
|
-
// ../runtime/
|
|
96294
|
-
var
|
|
96295
|
-
|
|
95902
|
+
// ../runtime/src/vcs/gitlab.ts
|
|
95903
|
+
var GitLabProvider;
|
|
95904
|
+
var init_gitlab = __esm({
|
|
95905
|
+
"../runtime/src/vcs/gitlab.ts"() {
|
|
96296
95906
|
"use strict";
|
|
96297
|
-
|
|
96298
|
-
exports.GitLabProvider = void 0;
|
|
96299
|
-
var GitLabProvider = class {
|
|
95907
|
+
GitLabProvider = class {
|
|
96300
95908
|
repo;
|
|
96301
95909
|
token;
|
|
96302
95910
|
ref;
|
|
@@ -96307,36 +95915,36 @@ var require_gitlab = __commonJS({
|
|
|
96307
95915
|
this.ref = config.ref;
|
|
96308
95916
|
this.apiUrl = config.apiUrl ?? "https://gitlab.com";
|
|
96309
95917
|
}
|
|
96310
|
-
async fetchFile(
|
|
95918
|
+
async fetchFile(path57) {
|
|
96311
95919
|
const encodedRepo = encodeURIComponent(this.repo);
|
|
96312
|
-
const encodedPath = encodeURIComponent(
|
|
96313
|
-
const url = new URL(
|
|
96314
|
-
|
|
96315
|
-
|
|
95920
|
+
const encodedPath = encodeURIComponent(path57);
|
|
95921
|
+
const url = new URL(
|
|
95922
|
+
`/api/v4/projects/${encodedRepo}/repository/files/${encodedPath}`,
|
|
95923
|
+
this.apiUrl
|
|
95924
|
+
);
|
|
95925
|
+
if (this.ref) url.searchParams.set("ref", this.ref);
|
|
96316
95926
|
const res = await fetch(url.toString(), {
|
|
96317
95927
|
headers: {
|
|
96318
95928
|
"PRIVATE-TOKEN": this.token
|
|
96319
95929
|
}
|
|
96320
95930
|
});
|
|
96321
95931
|
if (!res.ok) {
|
|
96322
|
-
throw new Error(`GitLab API error: ${res.status} fetching ${
|
|
95932
|
+
throw new Error(`GitLab API error: ${res.status} fetching ${path57} from ${this.repo}`);
|
|
96323
95933
|
}
|
|
96324
95934
|
const data = await res.json();
|
|
96325
95935
|
const content = Buffer.from(data.content, "base64").toString("utf-8");
|
|
96326
95936
|
return { content, sha: data.blob_id };
|
|
96327
95937
|
}
|
|
96328
95938
|
};
|
|
96329
|
-
exports.GitLabProvider = GitLabProvider;
|
|
96330
95939
|
}
|
|
96331
95940
|
});
|
|
96332
95941
|
|
|
96333
|
-
// ../runtime/
|
|
96334
|
-
var
|
|
96335
|
-
|
|
95942
|
+
// ../runtime/src/vcs/bitbucket.ts
|
|
95943
|
+
var BitbucketProvider;
|
|
95944
|
+
var init_bitbucket = __esm({
|
|
95945
|
+
"../runtime/src/vcs/bitbucket.ts"() {
|
|
96336
95946
|
"use strict";
|
|
96337
|
-
|
|
96338
|
-
exports.BitbucketProvider = void 0;
|
|
96339
|
-
var BitbucketProvider = class {
|
|
95947
|
+
BitbucketProvider = class {
|
|
96340
95948
|
repo;
|
|
96341
95949
|
token;
|
|
96342
95950
|
ref;
|
|
@@ -96347,8 +95955,8 @@ var require_bitbucket = __commonJS({
|
|
|
96347
95955
|
this.ref = config.ref ?? "main";
|
|
96348
95956
|
this.apiUrl = config.apiUrl ?? "https://api.bitbucket.org";
|
|
96349
95957
|
}
|
|
96350
|
-
async fetchFile(
|
|
96351
|
-
const baseUrl = `${this.apiUrl}/2.0/repositories/${this.repo}/src/${this.ref}/${
|
|
95958
|
+
async fetchFile(path57) {
|
|
95959
|
+
const baseUrl = `${this.apiUrl}/2.0/repositories/${this.repo}/src/${this.ref}/${path57}`;
|
|
96352
95960
|
const metaRes = await fetch(baseUrl, {
|
|
96353
95961
|
headers: {
|
|
96354
95962
|
Authorization: `Bearer ${this.token}`,
|
|
@@ -96356,7 +95964,7 @@ var require_bitbucket = __commonJS({
|
|
|
96356
95964
|
}
|
|
96357
95965
|
});
|
|
96358
95966
|
if (!metaRes.ok) {
|
|
96359
|
-
throw new Error(`Bitbucket API error: ${metaRes.status} fetching ${
|
|
95967
|
+
throw new Error(`Bitbucket API error: ${metaRes.status} fetching ${path57} from ${this.repo}`);
|
|
96360
95968
|
}
|
|
96361
95969
|
const meta = await metaRes.json();
|
|
96362
95970
|
const rawRes = await fetch(baseUrl, {
|
|
@@ -96365,60 +95973,48 @@ var require_bitbucket = __commonJS({
|
|
|
96365
95973
|
}
|
|
96366
95974
|
});
|
|
96367
95975
|
if (!rawRes.ok) {
|
|
96368
|
-
throw new Error(
|
|
95976
|
+
throw new Error(
|
|
95977
|
+
`Bitbucket API error: ${rawRes.status} fetching raw content of ${path57} from ${this.repo}`
|
|
95978
|
+
);
|
|
96369
95979
|
}
|
|
96370
95980
|
const content = await rawRes.text();
|
|
96371
95981
|
return { content, sha: meta.commit.hash };
|
|
96372
95982
|
}
|
|
96373
95983
|
};
|
|
96374
|
-
exports.BitbucketProvider = BitbucketProvider;
|
|
96375
95984
|
}
|
|
96376
95985
|
});
|
|
96377
95986
|
|
|
96378
|
-
// ../runtime/
|
|
96379
|
-
|
|
96380
|
-
|
|
95987
|
+
// ../runtime/src/vcs/index.ts
|
|
95988
|
+
function createVcsProvider(config) {
|
|
95989
|
+
switch (config.provider) {
|
|
95990
|
+
case "github":
|
|
95991
|
+
return new GitHubProvider(config);
|
|
95992
|
+
case "gitlab":
|
|
95993
|
+
return new GitLabProvider(config);
|
|
95994
|
+
case "bitbucket":
|
|
95995
|
+
return new BitbucketProvider(config);
|
|
95996
|
+
default:
|
|
95997
|
+
throw new Error(`Unsupported VCS provider: ${config.provider}`);
|
|
95998
|
+
}
|
|
95999
|
+
}
|
|
96000
|
+
var init_vcs = __esm({
|
|
96001
|
+
"../runtime/src/vcs/index.ts"() {
|
|
96381
96002
|
"use strict";
|
|
96382
|
-
|
|
96383
|
-
|
|
96384
|
-
|
|
96385
|
-
|
|
96386
|
-
|
|
96387
|
-
|
|
96388
|
-
} });
|
|
96389
|
-
var gitlab_1 = require_gitlab();
|
|
96390
|
-
Object.defineProperty(exports, "GitLabProvider", { enumerable: true, get: function() {
|
|
96391
|
-
return gitlab_1.GitLabProvider;
|
|
96392
|
-
} });
|
|
96393
|
-
var bitbucket_1 = require_bitbucket();
|
|
96394
|
-
Object.defineProperty(exports, "BitbucketProvider", { enumerable: true, get: function() {
|
|
96395
|
-
return bitbucket_1.BitbucketProvider;
|
|
96396
|
-
} });
|
|
96397
|
-
var github_2 = require_github();
|
|
96398
|
-
var gitlab_2 = require_gitlab();
|
|
96399
|
-
var bitbucket_2 = require_bitbucket();
|
|
96400
|
-
function createVcsProvider(config) {
|
|
96401
|
-
switch (config.provider) {
|
|
96402
|
-
case "github":
|
|
96403
|
-
return new github_2.GitHubProvider(config);
|
|
96404
|
-
case "gitlab":
|
|
96405
|
-
return new gitlab_2.GitLabProvider(config);
|
|
96406
|
-
case "bitbucket":
|
|
96407
|
-
return new bitbucket_2.BitbucketProvider(config);
|
|
96408
|
-
default:
|
|
96409
|
-
throw new Error(`Unsupported VCS provider: ${config.provider}`);
|
|
96410
|
-
}
|
|
96411
|
-
}
|
|
96003
|
+
init_github();
|
|
96004
|
+
init_gitlab();
|
|
96005
|
+
init_bitbucket();
|
|
96006
|
+
init_github();
|
|
96007
|
+
init_gitlab();
|
|
96008
|
+
init_bitbucket();
|
|
96412
96009
|
}
|
|
96413
96010
|
});
|
|
96414
96011
|
|
|
96415
|
-
// ../runtime/
|
|
96416
|
-
var
|
|
96417
|
-
|
|
96012
|
+
// ../runtime/src/sources/http.ts
|
|
96013
|
+
var HttpArtifactSource;
|
|
96014
|
+
var init_http = __esm({
|
|
96015
|
+
"../runtime/src/sources/http.ts"() {
|
|
96418
96016
|
"use strict";
|
|
96419
|
-
|
|
96420
|
-
exports.HttpArtifactSource = void 0;
|
|
96421
|
-
var HttpArtifactSource = class {
|
|
96017
|
+
HttpArtifactSource = class {
|
|
96422
96018
|
url;
|
|
96423
96019
|
constructor(url) {
|
|
96424
96020
|
this.url = url;
|
|
@@ -96426,7 +96022,9 @@ var require_http = __commonJS({
|
|
|
96426
96022
|
async fetch() {
|
|
96427
96023
|
const res = await fetch(this.url);
|
|
96428
96024
|
if (!res.ok) {
|
|
96429
|
-
throw new Error(
|
|
96025
|
+
throw new Error(
|
|
96026
|
+
`Failed to fetch artifact from ${this.describe()}: ${res.status} ${res.statusText}`
|
|
96027
|
+
);
|
|
96430
96028
|
}
|
|
96431
96029
|
const raw = await res.text();
|
|
96432
96030
|
const etag = res.headers.get("etag") ?? void 0;
|
|
@@ -96445,78 +96043,37 @@ var require_http = __commonJS({
|
|
|
96445
96043
|
}
|
|
96446
96044
|
}
|
|
96447
96045
|
};
|
|
96448
|
-
exports.HttpArtifactSource = HttpArtifactSource;
|
|
96449
96046
|
}
|
|
96450
96047
|
});
|
|
96451
96048
|
|
|
96452
|
-
// ../runtime/
|
|
96453
|
-
|
|
96454
|
-
|
|
96049
|
+
// ../runtime/src/sources/file.ts
|
|
96050
|
+
import * as fs34 from "fs";
|
|
96051
|
+
var FileArtifactSource;
|
|
96052
|
+
var init_file = __esm({
|
|
96053
|
+
"../runtime/src/sources/file.ts"() {
|
|
96455
96054
|
"use strict";
|
|
96456
|
-
|
|
96457
|
-
if (k2 === void 0) k2 = k;
|
|
96458
|
-
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
96459
|
-
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
96460
|
-
desc = { enumerable: true, get: function() {
|
|
96461
|
-
return m[k];
|
|
96462
|
-
} };
|
|
96463
|
-
}
|
|
96464
|
-
Object.defineProperty(o, k2, desc);
|
|
96465
|
-
}) : (function(o, m, k, k2) {
|
|
96466
|
-
if (k2 === void 0) k2 = k;
|
|
96467
|
-
o[k2] = m[k];
|
|
96468
|
-
}));
|
|
96469
|
-
var __setModuleDefault = exports && exports.__setModuleDefault || (Object.create ? (function(o, v) {
|
|
96470
|
-
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
96471
|
-
}) : function(o, v) {
|
|
96472
|
-
o["default"] = v;
|
|
96473
|
-
});
|
|
96474
|
-
var __importStar = exports && exports.__importStar || /* @__PURE__ */ (function() {
|
|
96475
|
-
var ownKeys = function(o) {
|
|
96476
|
-
ownKeys = Object.getOwnPropertyNames || function(o2) {
|
|
96477
|
-
var ar = [];
|
|
96478
|
-
for (var k in o2) if (Object.prototype.hasOwnProperty.call(o2, k)) ar[ar.length] = k;
|
|
96479
|
-
return ar;
|
|
96480
|
-
};
|
|
96481
|
-
return ownKeys(o);
|
|
96482
|
-
};
|
|
96483
|
-
return function(mod3) {
|
|
96484
|
-
if (mod3 && mod3.__esModule) return mod3;
|
|
96485
|
-
var result = {};
|
|
96486
|
-
if (mod3 != null) {
|
|
96487
|
-
for (var k = ownKeys(mod3), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod3, k[i]);
|
|
96488
|
-
}
|
|
96489
|
-
__setModuleDefault(result, mod3);
|
|
96490
|
-
return result;
|
|
96491
|
-
};
|
|
96492
|
-
})();
|
|
96493
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
96494
|
-
exports.FileArtifactSource = void 0;
|
|
96495
|
-
var fs35 = __importStar(__require("fs"));
|
|
96496
|
-
var FileArtifactSource = class {
|
|
96055
|
+
FileArtifactSource = class {
|
|
96497
96056
|
path;
|
|
96498
96057
|
constructor(filePath) {
|
|
96499
96058
|
this.path = filePath;
|
|
96500
96059
|
}
|
|
96501
96060
|
async fetch() {
|
|
96502
|
-
const raw =
|
|
96061
|
+
const raw = fs34.readFileSync(this.path, "utf-8");
|
|
96503
96062
|
return { raw };
|
|
96504
96063
|
}
|
|
96505
96064
|
describe() {
|
|
96506
96065
|
return `file ${this.path}`;
|
|
96507
96066
|
}
|
|
96508
96067
|
};
|
|
96509
|
-
exports.FileArtifactSource = FileArtifactSource;
|
|
96510
96068
|
}
|
|
96511
96069
|
});
|
|
96512
96070
|
|
|
96513
|
-
// ../runtime/
|
|
96514
|
-
var
|
|
96515
|
-
|
|
96071
|
+
// ../runtime/src/sources/vcs.ts
|
|
96072
|
+
var VcsArtifactSource;
|
|
96073
|
+
var init_vcs2 = __esm({
|
|
96074
|
+
"../runtime/src/sources/vcs.ts"() {
|
|
96516
96075
|
"use strict";
|
|
96517
|
-
|
|
96518
|
-
exports.VcsArtifactSource = void 0;
|
|
96519
|
-
var VcsArtifactSource = class {
|
|
96076
|
+
VcsArtifactSource = class {
|
|
96520
96077
|
provider;
|
|
96521
96078
|
path;
|
|
96522
96079
|
identity;
|
|
@@ -96535,95 +96092,104 @@ var require_vcs2 = __commonJS({
|
|
|
96535
96092
|
return `VCS .clef/packed/${this.identity}/${this.environment}.age.json`;
|
|
96536
96093
|
}
|
|
96537
96094
|
};
|
|
96538
|
-
exports.VcsArtifactSource = VcsArtifactSource;
|
|
96539
96095
|
}
|
|
96540
96096
|
});
|
|
96541
96097
|
|
|
96542
|
-
// ../runtime/
|
|
96543
|
-
|
|
96544
|
-
|
|
96098
|
+
// ../runtime/src/sources/s3.ts
|
|
96099
|
+
import * as crypto9 from "crypto";
|
|
96100
|
+
function isS3Url(url) {
|
|
96101
|
+
return parseS3UrlSafe(url) !== null;
|
|
96102
|
+
}
|
|
96103
|
+
function parseS3Url(url) {
|
|
96104
|
+
const loc = parseS3UrlSafe(url);
|
|
96105
|
+
if (!loc) throw new Error(`Not a valid S3 URL: ${url}`);
|
|
96106
|
+
return loc;
|
|
96107
|
+
}
|
|
96108
|
+
function parseS3UrlSafe(url) {
|
|
96109
|
+
let u;
|
|
96110
|
+
try {
|
|
96111
|
+
u = new URL(url);
|
|
96112
|
+
} catch {
|
|
96113
|
+
return null;
|
|
96114
|
+
}
|
|
96115
|
+
if (u.protocol !== "https:") return null;
|
|
96116
|
+
const host = u.hostname;
|
|
96117
|
+
const key = u.pathname.slice(1);
|
|
96118
|
+
if (!key) return null;
|
|
96119
|
+
const vhMatch = host.match(/^(.+)\.s3\.([a-z0-9-]+)\.amazonaws\.com$/) ?? host.match(/^(.+)\.s3\.amazonaws\.com$/);
|
|
96120
|
+
if (vhMatch) {
|
|
96121
|
+
return { bucket: vhMatch[1], key, region: vhMatch[2] || "us-east-1" };
|
|
96122
|
+
}
|
|
96123
|
+
const psMatch = host.match(/^s3\.([a-z0-9-]+)\.amazonaws\.com$/) ?? host.match(/^s3\.amazonaws\.com$/);
|
|
96124
|
+
if (psMatch) {
|
|
96125
|
+
const slashIdx = key.indexOf("/");
|
|
96126
|
+
if (slashIdx < 0) return null;
|
|
96127
|
+
return {
|
|
96128
|
+
bucket: key.slice(0, slashIdx),
|
|
96129
|
+
key: key.slice(slashIdx + 1),
|
|
96130
|
+
region: psMatch[1] || "us-east-1"
|
|
96131
|
+
};
|
|
96132
|
+
}
|
|
96133
|
+
return null;
|
|
96134
|
+
}
|
|
96135
|
+
function hmacSha256(key, data) {
|
|
96136
|
+
return crypto9.createHmac("sha256", key).update(data, "utf-8").digest();
|
|
96137
|
+
}
|
|
96138
|
+
function sha256Hex(data) {
|
|
96139
|
+
return crypto9.createHash("sha256").update(data, "utf-8").digest("hex");
|
|
96140
|
+
}
|
|
96141
|
+
function toAmzDate(date) {
|
|
96142
|
+
return date.toISOString().replace(/[-:]/g, "").replace(/\.\d{3}/, "");
|
|
96143
|
+
}
|
|
96144
|
+
function toDateStamp(date) {
|
|
96145
|
+
return toAmzDate(date).slice(0, 8);
|
|
96146
|
+
}
|
|
96147
|
+
function encodeS3Key(key) {
|
|
96148
|
+
return key.split("/").map((s) => encodeURIComponent(s)).join("/");
|
|
96149
|
+
}
|
|
96150
|
+
function signS3GetRequest(host, path57, region, creds, now) {
|
|
96151
|
+
const amzDate = toAmzDate(now);
|
|
96152
|
+
const dateStamp = toDateStamp(now);
|
|
96153
|
+
const service = "s3";
|
|
96154
|
+
const scope = `${dateStamp}/${region}/${service}/aws4_request`;
|
|
96155
|
+
const headers = {
|
|
96156
|
+
host,
|
|
96157
|
+
"x-amz-date": amzDate,
|
|
96158
|
+
"x-amz-content-sha256": "UNSIGNED-PAYLOAD"
|
|
96159
|
+
};
|
|
96160
|
+
if (creds.sessionToken) {
|
|
96161
|
+
headers["x-amz-security-token"] = creds.sessionToken;
|
|
96162
|
+
}
|
|
96163
|
+
const signedHeaderKeys = Object.keys(headers).sort();
|
|
96164
|
+
const signedHeaders = signedHeaderKeys.join(";");
|
|
96165
|
+
const canonicalHeaders = signedHeaderKeys.map((k) => `${k}:${headers[k]}
|
|
96166
|
+
`).join("");
|
|
96167
|
+
const canonicalRequest = [
|
|
96168
|
+
"GET",
|
|
96169
|
+
path57,
|
|
96170
|
+
"",
|
|
96171
|
+
// no query string
|
|
96172
|
+
canonicalHeaders,
|
|
96173
|
+
signedHeaders,
|
|
96174
|
+
"UNSIGNED-PAYLOAD"
|
|
96175
|
+
].join("\n");
|
|
96176
|
+
const stringToSign = ["AWS4-HMAC-SHA256", amzDate, scope, sha256Hex(canonicalRequest)].join("\n");
|
|
96177
|
+
const kDate = hmacSha256(`AWS4${creds.secretAccessKey}`, dateStamp);
|
|
96178
|
+
const kRegion = hmacSha256(kDate, region);
|
|
96179
|
+
const kService = hmacSha256(kRegion, service);
|
|
96180
|
+
const kSigning = hmacSha256(kService, "aws4_request");
|
|
96181
|
+
const signature = hmacSha256(kSigning, stringToSign).toString("hex");
|
|
96182
|
+
const authorization = `AWS4-HMAC-SHA256 Credential=${creds.accessKeyId}/${scope}, SignedHeaders=${signedHeaders}, Signature=${signature}`;
|
|
96183
|
+
return {
|
|
96184
|
+
...headers,
|
|
96185
|
+
Authorization: authorization
|
|
96186
|
+
};
|
|
96187
|
+
}
|
|
96188
|
+
var S3ArtifactSource;
|
|
96189
|
+
var init_s3 = __esm({
|
|
96190
|
+
"../runtime/src/sources/s3.ts"() {
|
|
96545
96191
|
"use strict";
|
|
96546
|
-
|
|
96547
|
-
if (k2 === void 0) k2 = k;
|
|
96548
|
-
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
96549
|
-
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
96550
|
-
desc = { enumerable: true, get: function() {
|
|
96551
|
-
return m[k];
|
|
96552
|
-
} };
|
|
96553
|
-
}
|
|
96554
|
-
Object.defineProperty(o, k2, desc);
|
|
96555
|
-
}) : (function(o, m, k, k2) {
|
|
96556
|
-
if (k2 === void 0) k2 = k;
|
|
96557
|
-
o[k2] = m[k];
|
|
96558
|
-
}));
|
|
96559
|
-
var __setModuleDefault = exports && exports.__setModuleDefault || (Object.create ? (function(o, v) {
|
|
96560
|
-
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
96561
|
-
}) : function(o, v) {
|
|
96562
|
-
o["default"] = v;
|
|
96563
|
-
});
|
|
96564
|
-
var __importStar = exports && exports.__importStar || /* @__PURE__ */ (function() {
|
|
96565
|
-
var ownKeys = function(o) {
|
|
96566
|
-
ownKeys = Object.getOwnPropertyNames || function(o2) {
|
|
96567
|
-
var ar = [];
|
|
96568
|
-
for (var k in o2) if (Object.prototype.hasOwnProperty.call(o2, k)) ar[ar.length] = k;
|
|
96569
|
-
return ar;
|
|
96570
|
-
};
|
|
96571
|
-
return ownKeys(o);
|
|
96572
|
-
};
|
|
96573
|
-
return function(mod3) {
|
|
96574
|
-
if (mod3 && mod3.__esModule) return mod3;
|
|
96575
|
-
var result = {};
|
|
96576
|
-
if (mod3 != null) {
|
|
96577
|
-
for (var k = ownKeys(mod3), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod3, k[i]);
|
|
96578
|
-
}
|
|
96579
|
-
__setModuleDefault(result, mod3);
|
|
96580
|
-
return result;
|
|
96581
|
-
};
|
|
96582
|
-
})();
|
|
96583
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
96584
|
-
exports.S3ArtifactSource = void 0;
|
|
96585
|
-
exports.isS3Url = isS3Url;
|
|
96586
|
-
var crypto6 = __importStar(__require("crypto"));
|
|
96587
|
-
function isS3Url(url) {
|
|
96588
|
-
return parseS3UrlSafe(url) !== null;
|
|
96589
|
-
}
|
|
96590
|
-
function parseS3Url(url) {
|
|
96591
|
-
const loc = parseS3UrlSafe(url);
|
|
96592
|
-
if (!loc)
|
|
96593
|
-
throw new Error(`Not a valid S3 URL: ${url}`);
|
|
96594
|
-
return loc;
|
|
96595
|
-
}
|
|
96596
|
-
function parseS3UrlSafe(url) {
|
|
96597
|
-
let u;
|
|
96598
|
-
try {
|
|
96599
|
-
u = new URL(url);
|
|
96600
|
-
} catch {
|
|
96601
|
-
return null;
|
|
96602
|
-
}
|
|
96603
|
-
if (u.protocol !== "https:")
|
|
96604
|
-
return null;
|
|
96605
|
-
const host = u.hostname;
|
|
96606
|
-
const key = u.pathname.slice(1);
|
|
96607
|
-
if (!key)
|
|
96608
|
-
return null;
|
|
96609
|
-
const vhMatch = host.match(/^(.+)\.s3\.([a-z0-9-]+)\.amazonaws\.com$/) ?? host.match(/^(.+)\.s3\.amazonaws\.com$/);
|
|
96610
|
-
if (vhMatch) {
|
|
96611
|
-
return { bucket: vhMatch[1], key, region: vhMatch[2] || "us-east-1" };
|
|
96612
|
-
}
|
|
96613
|
-
const psMatch = host.match(/^s3\.([a-z0-9-]+)\.amazonaws\.com$/) ?? host.match(/^s3\.amazonaws\.com$/);
|
|
96614
|
-
if (psMatch) {
|
|
96615
|
-
const slashIdx = key.indexOf("/");
|
|
96616
|
-
if (slashIdx < 0)
|
|
96617
|
-
return null;
|
|
96618
|
-
return {
|
|
96619
|
-
bucket: key.slice(0, slashIdx),
|
|
96620
|
-
key: key.slice(slashIdx + 1),
|
|
96621
|
-
region: psMatch[1] || "us-east-1"
|
|
96622
|
-
};
|
|
96623
|
-
}
|
|
96624
|
-
return null;
|
|
96625
|
-
}
|
|
96626
|
-
var S3ArtifactSource = class {
|
|
96192
|
+
S3ArtifactSource = class {
|
|
96627
96193
|
url;
|
|
96628
96194
|
location;
|
|
96629
96195
|
cachedCredentials = null;
|
|
@@ -96635,12 +96201,14 @@ var require_s3 = __commonJS({
|
|
|
96635
96201
|
const creds = await this.resolveCredentials();
|
|
96636
96202
|
const { bucket, key, region } = this.location;
|
|
96637
96203
|
const host = `${bucket}.s3.${region}.amazonaws.com`;
|
|
96638
|
-
const
|
|
96204
|
+
const path57 = `/${encodeS3Key(key)}`;
|
|
96639
96205
|
const now = /* @__PURE__ */ new Date();
|
|
96640
|
-
const headers = signS3GetRequest(host,
|
|
96641
|
-
const res = await globalThis.fetch(`https://${host}${
|
|
96206
|
+
const headers = signS3GetRequest(host, path57, region, creds, now);
|
|
96207
|
+
const res = await globalThis.fetch(`https://${host}${path57}`, { headers });
|
|
96642
96208
|
if (!res.ok) {
|
|
96643
|
-
throw new Error(
|
|
96209
|
+
throw new Error(
|
|
96210
|
+
`Failed to fetch artifact from ${this.describe()}: ${res.status} ${res.statusText}`
|
|
96211
|
+
);
|
|
96644
96212
|
}
|
|
96645
96213
|
const raw = await res.text();
|
|
96646
96214
|
const etag = res.headers.get("etag") ?? void 0;
|
|
@@ -96671,7 +96239,9 @@ var require_s3 = __commonJS({
|
|
|
96671
96239
|
sessionToken: process.env.AWS_SESSION_TOKEN
|
|
96672
96240
|
};
|
|
96673
96241
|
}
|
|
96674
|
-
throw new Error(
|
|
96242
|
+
throw new Error(
|
|
96243
|
+
"No AWS credentials found. Set AWS_ACCESS_KEY_ID/AWS_SECRET_ACCESS_KEY, or run in ECS/Fargate with a task role."
|
|
96244
|
+
);
|
|
96675
96245
|
}
|
|
96676
96246
|
async fetchEcsCredentials(endpoint) {
|
|
96677
96247
|
const headers = {};
|
|
@@ -96698,172 +96268,90 @@ var require_s3 = __commonJS({
|
|
|
96698
96268
|
return creds;
|
|
96699
96269
|
}
|
|
96700
96270
|
};
|
|
96701
|
-
exports.S3ArtifactSource = S3ArtifactSource;
|
|
96702
|
-
function hmacSha256(key, data) {
|
|
96703
|
-
return crypto6.createHmac("sha256", key).update(data, "utf-8").digest();
|
|
96704
|
-
}
|
|
96705
|
-
function sha256Hex(data) {
|
|
96706
|
-
return crypto6.createHash("sha256").update(data, "utf-8").digest("hex");
|
|
96707
|
-
}
|
|
96708
|
-
function toAmzDate(date) {
|
|
96709
|
-
return date.toISOString().replace(/[-:]/g, "").replace(/\.\d{3}/, "");
|
|
96710
|
-
}
|
|
96711
|
-
function toDateStamp(date) {
|
|
96712
|
-
return toAmzDate(date).slice(0, 8);
|
|
96713
|
-
}
|
|
96714
|
-
function encodeS3Key(key) {
|
|
96715
|
-
return key.split("/").map((s) => encodeURIComponent(s)).join("/");
|
|
96716
|
-
}
|
|
96717
|
-
function signS3GetRequest(host, path56, region, creds, now) {
|
|
96718
|
-
const amzDate = toAmzDate(now);
|
|
96719
|
-
const dateStamp = toDateStamp(now);
|
|
96720
|
-
const service = "s3";
|
|
96721
|
-
const scope = `${dateStamp}/${region}/${service}/aws4_request`;
|
|
96722
|
-
const headers = {
|
|
96723
|
-
host,
|
|
96724
|
-
"x-amz-date": amzDate,
|
|
96725
|
-
"x-amz-content-sha256": "UNSIGNED-PAYLOAD"
|
|
96726
|
-
};
|
|
96727
|
-
if (creds.sessionToken) {
|
|
96728
|
-
headers["x-amz-security-token"] = creds.sessionToken;
|
|
96729
|
-
}
|
|
96730
|
-
const signedHeaderKeys = Object.keys(headers).sort();
|
|
96731
|
-
const signedHeaders = signedHeaderKeys.join(";");
|
|
96732
|
-
const canonicalHeaders = signedHeaderKeys.map((k) => `${k}:${headers[k]}
|
|
96733
|
-
`).join("");
|
|
96734
|
-
const canonicalRequest = [
|
|
96735
|
-
"GET",
|
|
96736
|
-
path56,
|
|
96737
|
-
"",
|
|
96738
|
-
// no query string
|
|
96739
|
-
canonicalHeaders,
|
|
96740
|
-
signedHeaders,
|
|
96741
|
-
"UNSIGNED-PAYLOAD"
|
|
96742
|
-
].join("\n");
|
|
96743
|
-
const stringToSign = ["AWS4-HMAC-SHA256", amzDate, scope, sha256Hex(canonicalRequest)].join("\n");
|
|
96744
|
-
const kDate = hmacSha256(`AWS4${creds.secretAccessKey}`, dateStamp);
|
|
96745
|
-
const kRegion = hmacSha256(kDate, region);
|
|
96746
|
-
const kService = hmacSha256(kRegion, service);
|
|
96747
|
-
const kSigning = hmacSha256(kService, "aws4_request");
|
|
96748
|
-
const signature = hmacSha256(kSigning, stringToSign).toString("hex");
|
|
96749
|
-
const authorization = `AWS4-HMAC-SHA256 Credential=${creds.accessKeyId}/${scope}, SignedHeaders=${signedHeaders}, Signature=${signature}`;
|
|
96750
|
-
return {
|
|
96751
|
-
...headers,
|
|
96752
|
-
Authorization: authorization
|
|
96753
|
-
};
|
|
96754
|
-
}
|
|
96755
96271
|
}
|
|
96756
96272
|
});
|
|
96757
96273
|
|
|
96758
|
-
// ../runtime/
|
|
96759
|
-
var
|
|
96760
|
-
|
|
96274
|
+
// ../runtime/src/index.ts
|
|
96275
|
+
var src_exports3 = {};
|
|
96276
|
+
__export(src_exports3, {
|
|
96277
|
+
AgeDecryptor: () => AgeDecryptor,
|
|
96278
|
+
ArtifactDecryptor: () => ArtifactDecryptor,
|
|
96279
|
+
ArtifactPoller: () => ArtifactPoller,
|
|
96280
|
+
AwsKmsProvider: () => AwsKmsProvider,
|
|
96281
|
+
BitbucketProvider: () => BitbucketProvider,
|
|
96282
|
+
ClefRuntime: () => ClefRuntime,
|
|
96283
|
+
DiskCache: () => DiskCache,
|
|
96284
|
+
EncryptedArtifactStore: () => EncryptedArtifactStore,
|
|
96285
|
+
FileArtifactSource: () => FileArtifactSource,
|
|
96286
|
+
GitHubProvider: () => GitHubProvider,
|
|
96287
|
+
GitLabProvider: () => GitLabProvider,
|
|
96288
|
+
HttpArtifactSource: () => HttpArtifactSource,
|
|
96289
|
+
S3ArtifactSource: () => S3ArtifactSource,
|
|
96290
|
+
SecretsCache: () => SecretsCache,
|
|
96291
|
+
TelemetryEmitter: () => TelemetryEmitter,
|
|
96292
|
+
VcsArtifactSource: () => VcsArtifactSource,
|
|
96293
|
+
buildSigningPayload: () => buildSigningPayload2,
|
|
96294
|
+
createKmsProvider: () => createKmsProvider,
|
|
96295
|
+
createVcsProvider: () => createVcsProvider,
|
|
96296
|
+
init: () => init,
|
|
96297
|
+
isS3Url: () => isS3Url,
|
|
96298
|
+
verifySignature: () => verifySignature2
|
|
96299
|
+
});
|
|
96300
|
+
async function init(config) {
|
|
96301
|
+
const runtime = new ClefRuntime(config);
|
|
96302
|
+
await runtime.start();
|
|
96303
|
+
return runtime;
|
|
96304
|
+
}
|
|
96305
|
+
var ClefRuntime;
|
|
96306
|
+
var init_src4 = __esm({
|
|
96307
|
+
"../runtime/src/index.ts"() {
|
|
96761
96308
|
"use strict";
|
|
96762
|
-
|
|
96763
|
-
|
|
96764
|
-
|
|
96765
|
-
|
|
96766
|
-
|
|
96767
|
-
|
|
96768
|
-
|
|
96769
|
-
|
|
96770
|
-
|
|
96771
|
-
|
|
96772
|
-
|
|
96773
|
-
|
|
96774
|
-
|
|
96775
|
-
|
|
96776
|
-
|
|
96777
|
-
|
|
96778
|
-
|
|
96779
|
-
|
|
96780
|
-
|
|
96781
|
-
|
|
96782
|
-
|
|
96783
|
-
|
|
96784
|
-
|
|
96785
|
-
|
|
96786
|
-
|
|
96787
|
-
|
|
96788
|
-
|
|
96789
|
-
|
|
96790
|
-
|
|
96791
|
-
return telemetry_1.TelemetryEmitter;
|
|
96792
|
-
} });
|
|
96793
|
-
var github_1 = require_github();
|
|
96794
|
-
Object.defineProperty(exports, "GitHubProvider", { enumerable: true, get: function() {
|
|
96795
|
-
return github_1.GitHubProvider;
|
|
96796
|
-
} });
|
|
96797
|
-
var gitlab_1 = require_gitlab();
|
|
96798
|
-
Object.defineProperty(exports, "GitLabProvider", { enumerable: true, get: function() {
|
|
96799
|
-
return gitlab_1.GitLabProvider;
|
|
96800
|
-
} });
|
|
96801
|
-
var bitbucket_1 = require_bitbucket();
|
|
96802
|
-
Object.defineProperty(exports, "BitbucketProvider", { enumerable: true, get: function() {
|
|
96803
|
-
return bitbucket_1.BitbucketProvider;
|
|
96804
|
-
} });
|
|
96805
|
-
var index_1 = require_vcs();
|
|
96806
|
-
Object.defineProperty(exports, "createVcsProvider", { enumerable: true, get: function() {
|
|
96807
|
-
return index_1.createVcsProvider;
|
|
96808
|
-
} });
|
|
96809
|
-
var kms_1 = require_kms2();
|
|
96810
|
-
Object.defineProperty(exports, "AwsKmsProvider", { enumerable: true, get: function() {
|
|
96811
|
-
return kms_1.AwsKmsProvider;
|
|
96812
|
-
} });
|
|
96813
|
-
var kms_2 = require_kms2();
|
|
96814
|
-
Object.defineProperty(exports, "createKmsProvider", { enumerable: true, get: function() {
|
|
96815
|
-
return kms_2.createKmsProvider;
|
|
96816
|
-
} });
|
|
96817
|
-
var http_1 = require_http();
|
|
96818
|
-
Object.defineProperty(exports, "HttpArtifactSource", { enumerable: true, get: function() {
|
|
96819
|
-
return http_1.HttpArtifactSource;
|
|
96820
|
-
} });
|
|
96821
|
-
var file_1 = require_file();
|
|
96822
|
-
Object.defineProperty(exports, "FileArtifactSource", { enumerable: true, get: function() {
|
|
96823
|
-
return file_1.FileArtifactSource;
|
|
96824
|
-
} });
|
|
96825
|
-
var vcs_1 = require_vcs2();
|
|
96826
|
-
Object.defineProperty(exports, "VcsArtifactSource", { enumerable: true, get: function() {
|
|
96827
|
-
return vcs_1.VcsArtifactSource;
|
|
96828
|
-
} });
|
|
96829
|
-
var s3_1 = require_s3();
|
|
96830
|
-
Object.defineProperty(exports, "S3ArtifactSource", { enumerable: true, get: function() {
|
|
96831
|
-
return s3_1.S3ArtifactSource;
|
|
96832
|
-
} });
|
|
96833
|
-
Object.defineProperty(exports, "isS3Url", { enumerable: true, get: function() {
|
|
96834
|
-
return s3_1.isS3Url;
|
|
96835
|
-
} });
|
|
96836
|
-
var signature_1 = require_signature();
|
|
96837
|
-
Object.defineProperty(exports, "buildSigningPayload", { enumerable: true, get: function() {
|
|
96838
|
-
return signature_1.buildSigningPayload;
|
|
96839
|
-
} });
|
|
96840
|
-
Object.defineProperty(exports, "verifySignature", { enumerable: true, get: function() {
|
|
96841
|
-
return signature_1.verifySignature;
|
|
96842
|
-
} });
|
|
96843
|
-
var secrets_cache_2 = require_secrets_cache();
|
|
96844
|
-
var disk_cache_2 = require_disk_cache();
|
|
96845
|
-
var decrypt_2 = require_decrypt();
|
|
96846
|
-
var poller_2 = require_poller();
|
|
96847
|
-
var index_2 = require_vcs();
|
|
96848
|
-
var vcs_2 = require_vcs2();
|
|
96849
|
-
var http_2 = require_http();
|
|
96850
|
-
var file_2 = require_file();
|
|
96851
|
-
var s3_2 = require_s3();
|
|
96852
|
-
var ClefRuntime = class {
|
|
96853
|
-
cache = new secrets_cache_2.SecretsCache();
|
|
96309
|
+
init_secrets_cache();
|
|
96310
|
+
init_disk_cache();
|
|
96311
|
+
init_decrypt();
|
|
96312
|
+
init_poller();
|
|
96313
|
+
init_artifact_decryptor();
|
|
96314
|
+
init_encrypted_artifact_store();
|
|
96315
|
+
init_telemetry();
|
|
96316
|
+
init_github();
|
|
96317
|
+
init_gitlab();
|
|
96318
|
+
init_bitbucket();
|
|
96319
|
+
init_vcs();
|
|
96320
|
+
init_kms3();
|
|
96321
|
+
init_kms3();
|
|
96322
|
+
init_http();
|
|
96323
|
+
init_file();
|
|
96324
|
+
init_vcs2();
|
|
96325
|
+
init_s3();
|
|
96326
|
+
init_signature();
|
|
96327
|
+
init_secrets_cache();
|
|
96328
|
+
init_disk_cache();
|
|
96329
|
+
init_decrypt();
|
|
96330
|
+
init_poller();
|
|
96331
|
+
init_vcs();
|
|
96332
|
+
init_vcs2();
|
|
96333
|
+
init_http();
|
|
96334
|
+
init_file();
|
|
96335
|
+
init_s3();
|
|
96336
|
+
ClefRuntime = class {
|
|
96337
|
+
cache = new SecretsCache();
|
|
96854
96338
|
poller;
|
|
96855
96339
|
config;
|
|
96856
96340
|
constructor(config) {
|
|
96857
96341
|
this.config = config;
|
|
96858
96342
|
let privateKey;
|
|
96859
96343
|
try {
|
|
96860
|
-
const decryptor = new
|
|
96344
|
+
const decryptor = new AgeDecryptor();
|
|
96861
96345
|
privateKey = decryptor.resolveKey(config.ageKey, config.ageKeyFile);
|
|
96862
96346
|
} catch {
|
|
96863
96347
|
}
|
|
96864
96348
|
const source = this.resolveSource(config);
|
|
96865
|
-
const diskCache = config.cachePath ? new
|
|
96866
|
-
|
|
96349
|
+
const diskCache = config.cachePath ? new DiskCache(
|
|
96350
|
+
config.cachePath,
|
|
96351
|
+
config.identity ?? "default",
|
|
96352
|
+
config.environment ?? "default"
|
|
96353
|
+
) : void 0;
|
|
96354
|
+
this.poller = new ArtifactPoller({
|
|
96867
96355
|
source,
|
|
96868
96356
|
privateKey,
|
|
96869
96357
|
cache: this.cache,
|
|
@@ -96929,36 +96417,34 @@ var require_dist3 = __commonJS({
|
|
|
96929
96417
|
const missingVcs = Object.entries(vcsFields).filter(([, v]) => !v);
|
|
96930
96418
|
if (presentVcs.length > 0 && missingVcs.length > 0) {
|
|
96931
96419
|
const missing = missingVcs.map(([k]) => k).join(", ");
|
|
96932
|
-
throw new Error(
|
|
96420
|
+
throw new Error(
|
|
96421
|
+
`Partial VCS config detected. Missing: ${missing}. Provide all VCS fields (provider, repo, token, identity, environment) or use a source URL/path instead.`
|
|
96422
|
+
);
|
|
96933
96423
|
}
|
|
96934
96424
|
if (presentVcs.length === Object.keys(vcsFields).length) {
|
|
96935
|
-
const provider =
|
|
96425
|
+
const provider = createVcsProvider({
|
|
96936
96426
|
provider: config.provider,
|
|
96937
96427
|
repo: config.repo,
|
|
96938
96428
|
token: config.token,
|
|
96939
96429
|
ref: config.ref,
|
|
96940
96430
|
apiUrl: config.apiUrl
|
|
96941
96431
|
});
|
|
96942
|
-
return new
|
|
96432
|
+
return new VcsArtifactSource(provider, config.identity, config.environment);
|
|
96943
96433
|
}
|
|
96944
96434
|
if (config.source) {
|
|
96945
|
-
if (
|
|
96946
|
-
return new
|
|
96435
|
+
if (isS3Url(config.source)) {
|
|
96436
|
+
return new S3ArtifactSource(config.source);
|
|
96947
96437
|
}
|
|
96948
96438
|
if (config.source.startsWith("http://") || config.source.startsWith("https://")) {
|
|
96949
|
-
return new
|
|
96439
|
+
return new HttpArtifactSource(config.source);
|
|
96950
96440
|
}
|
|
96951
|
-
return new
|
|
96441
|
+
return new FileArtifactSource(config.source);
|
|
96952
96442
|
}
|
|
96953
|
-
throw new Error(
|
|
96443
|
+
throw new Error(
|
|
96444
|
+
"No artifact source configured. Provide VCS config (provider, repo, token, identity, environment) or a source URL/path."
|
|
96445
|
+
);
|
|
96954
96446
|
}
|
|
96955
96447
|
};
|
|
96956
|
-
exports.ClefRuntime = ClefRuntime;
|
|
96957
|
-
async function init(config) {
|
|
96958
|
-
const runtime = new ClefRuntime(config);
|
|
96959
|
-
await runtime.start();
|
|
96960
|
-
return runtime;
|
|
96961
|
-
}
|
|
96962
96448
|
}
|
|
96963
96449
|
});
|
|
96964
96450
|
|
|
@@ -97394,12 +96880,12 @@ var require_lambda_extension = __commonJS({
|
|
|
97394
96880
|
});
|
|
97395
96881
|
|
|
97396
96882
|
// ../agent/dist/index.js
|
|
97397
|
-
var
|
|
96883
|
+
var require_dist3 = __commonJS({
|
|
97398
96884
|
"../agent/dist/index.js"(exports) {
|
|
97399
96885
|
"use strict";
|
|
97400
96886
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
97401
96887
|
exports.LambdaExtension = exports.Daemon = exports.readyHandler = exports.healthHandler = exports.ConfigError = exports.resolveConfig = exports.startAgentServer = exports.TelemetryEmitter = exports.init = exports.ClefRuntime = exports.ArtifactPoller = exports.AgeDecryptor = exports.SecretsCache = void 0;
|
|
97402
|
-
var runtime_1 =
|
|
96888
|
+
var runtime_1 = (init_src4(), __toCommonJS(src_exports3));
|
|
97403
96889
|
Object.defineProperty(exports, "SecretsCache", { enumerable: true, get: function() {
|
|
97404
96890
|
return runtime_1.SecretsCache;
|
|
97405
96891
|
} });
|
|
@@ -97415,7 +96901,7 @@ var require_dist4 = __commonJS({
|
|
|
97415
96901
|
Object.defineProperty(exports, "init", { enumerable: true, get: function() {
|
|
97416
96902
|
return runtime_1.init;
|
|
97417
96903
|
} });
|
|
97418
|
-
var runtime_2 =
|
|
96904
|
+
var runtime_2 = (init_src4(), __toCommonJS(src_exports3));
|
|
97419
96905
|
Object.defineProperty(exports, "TelemetryEmitter", { enumerable: true, get: function() {
|
|
97420
96906
|
return runtime_2.TelemetryEmitter;
|
|
97421
96907
|
} });
|
|
@@ -97449,7 +96935,7 @@ var require_dist4 = __commonJS({
|
|
|
97449
96935
|
});
|
|
97450
96936
|
|
|
97451
96937
|
// ../cloud/src/commands/cloud.ts
|
|
97452
|
-
import * as
|
|
96938
|
+
import * as path56 from "path";
|
|
97453
96939
|
function registerCloudCommands(program3, deps2) {
|
|
97454
96940
|
const { formatter: formatter2, sym: sym2, runner: runner2 } = deps2;
|
|
97455
96941
|
const cloud = program3.command("cloud").description("Manage Clef Cloud integration.");
|
|
@@ -97459,7 +96945,7 @@ function registerCloudCommands(program3, deps2) {
|
|
|
97459
96945
|
const parser = new ManifestParser();
|
|
97460
96946
|
let manifest;
|
|
97461
96947
|
try {
|
|
97462
|
-
manifest = parser.parse(
|
|
96948
|
+
manifest = parser.parse(path56.join(repoRoot, "clef.yaml"));
|
|
97463
96949
|
} catch {
|
|
97464
96950
|
formatter2.print(`${sym2("info")} No clef.yaml found in ${repoRoot}`);
|
|
97465
96951
|
return;
|
|
@@ -97507,7 +96993,7 @@ function registerCloudCommands(program3, deps2) {
|
|
|
97507
96993
|
try {
|
|
97508
96994
|
const repoRoot = program3.opts().dir || process.cwd();
|
|
97509
96995
|
const parser = new ManifestParser();
|
|
97510
|
-
const manifest = parser.parse(
|
|
96996
|
+
const manifest = parser.parse(path56.join(repoRoot, "clef.yaml"));
|
|
97511
96997
|
const targetEnv = manifest.environments.find((e) => e.name === opts2.env);
|
|
97512
96998
|
if (!targetEnv) {
|
|
97513
96999
|
formatter2.error(
|
|
@@ -97550,7 +97036,7 @@ function registerCloudCommands(program3, deps2) {
|
|
|
97550
97036
|
} else {
|
|
97551
97037
|
formatter2.print(` Opening browser to set up Cloud for ${opts2.env}...`);
|
|
97552
97038
|
const session = await initiateDeviceFlow2(cloudEndpoint, {
|
|
97553
|
-
repoName:
|
|
97039
|
+
repoName: path56.basename(repoRoot),
|
|
97554
97040
|
environment: opts2.env,
|
|
97555
97041
|
clientVersion: deps2.cliVersion,
|
|
97556
97042
|
flow: "setup"
|
|
@@ -97617,14 +97103,14 @@ function registerCloudCommands(program3, deps2) {
|
|
|
97617
97103
|
cloudManifest,
|
|
97618
97104
|
cell.environment
|
|
97619
97105
|
);
|
|
97620
|
-
const relPath =
|
|
97106
|
+
const relPath = path56.relative(repoRoot, cell.filePath);
|
|
97621
97107
|
formatter2.print(` ${sym2("success")} ${relPath}`);
|
|
97622
97108
|
}
|
|
97623
97109
|
formatter2.print(`
|
|
97624
97110
|
Verifying encrypted files...`);
|
|
97625
97111
|
for (const cell of cells) {
|
|
97626
97112
|
await cloudSopsClient.decrypt(cell.filePath);
|
|
97627
|
-
const relPath =
|
|
97113
|
+
const relPath = path56.relative(repoRoot, cell.filePath);
|
|
97628
97114
|
formatter2.print(` ${sym2("success")} ${relPath}`);
|
|
97629
97115
|
}
|
|
97630
97116
|
} finally {
|
|
@@ -97659,7 +97145,7 @@ function registerCloudCommands(program3, deps2) {
|
|
|
97659
97145
|
const existingCreds = readCloudCredentials2();
|
|
97660
97146
|
const endpoint = existingCreds?.endpoint;
|
|
97661
97147
|
const session = await initiateDeviceFlow2(endpoint, {
|
|
97662
|
-
repoName:
|
|
97148
|
+
repoName: path56.basename(process.cwd()),
|
|
97663
97149
|
clientVersion: deps2.cliVersion,
|
|
97664
97150
|
flow: "login"
|
|
97665
97151
|
});
|
|
@@ -99860,7 +99346,7 @@ async function fetchCheckpoint(config) {
|
|
|
99860
99346
|
}
|
|
99861
99347
|
|
|
99862
99348
|
// package.json
|
|
99863
|
-
var version2 = "0.1.
|
|
99349
|
+
var version2 = "0.1.14-beta.95";
|
|
99864
99350
|
var package_default = {
|
|
99865
99351
|
name: "@clef-sh/cli",
|
|
99866
99352
|
version: version2,
|
|
@@ -101377,13 +100863,13 @@ ${sym("failure")} Re-encryption failed on ${path45.basename(failedFile)}`
|
|
|
101377
100863
|
).option("-e, --environment <env>", "Environment to grant access to (overrides request)").action(async (identifier, opts2) => {
|
|
101378
100864
|
try {
|
|
101379
100865
|
const repoRoot = program3.opts().dir || process.cwd();
|
|
101380
|
-
const
|
|
101381
|
-
if (!
|
|
100866
|
+
const request2 = findRequest(repoRoot, identifier);
|
|
100867
|
+
if (!request2) {
|
|
101382
100868
|
formatter.error(`No pending request matching '${identifier}'.`);
|
|
101383
100869
|
process.exit(2);
|
|
101384
100870
|
return;
|
|
101385
100871
|
}
|
|
101386
|
-
const environment = opts2.environment ??
|
|
100872
|
+
const environment = opts2.environment ?? request2.environment;
|
|
101387
100873
|
if (!environment) {
|
|
101388
100874
|
formatter.error(
|
|
101389
100875
|
"An environment is required. The request did not specify one.\n Use -e to specify: clef recipients approve " + identifier + " -e <environment>"
|
|
@@ -101395,8 +100881,8 @@ ${sym("failure")} Re-encryption failed on ${path45.basename(failedFile)}`
|
|
|
101395
100881
|
repoRoot,
|
|
101396
100882
|
program3,
|
|
101397
100883
|
deps2,
|
|
101398
|
-
|
|
101399
|
-
|
|
100884
|
+
request2.key,
|
|
100885
|
+
request2.label,
|
|
101400
100886
|
environment
|
|
101401
100887
|
);
|
|
101402
100888
|
if (result) {
|
|
@@ -101405,13 +100891,13 @@ ${sym("failure")} Re-encryption failed on ${path45.basename(failedFile)}`
|
|
|
101405
100891
|
formatter.json({
|
|
101406
100892
|
action: "approved",
|
|
101407
100893
|
identifier,
|
|
101408
|
-
label:
|
|
100894
|
+
label: request2.label,
|
|
101409
100895
|
environment,
|
|
101410
100896
|
reEncryptedFiles: result.reEncryptedFiles.length
|
|
101411
100897
|
});
|
|
101412
100898
|
} else {
|
|
101413
100899
|
formatter.hint(
|
|
101414
|
-
`git add clef.yaml ${REQUESTS_FILENAME} && git add -A && git commit -m "approve recipient: ${
|
|
100900
|
+
`git add clef.yaml ${REQUESTS_FILENAME} && git add -A && git commit -m "approve recipient: ${request2.label} [${environment}]"`
|
|
101415
100901
|
);
|
|
101416
100902
|
}
|
|
101417
100903
|
}
|
|
@@ -102012,7 +101498,7 @@ function parseKmsEnvMappings(mappings) {
|
|
|
102012
101498
|
|
|
102013
101499
|
// src/commands/pack.ts
|
|
102014
101500
|
init_src();
|
|
102015
|
-
import * as
|
|
101501
|
+
import * as path49 from "path";
|
|
102016
101502
|
function registerPackCommand(program3, deps2) {
|
|
102017
101503
|
program3.command("pack <identity> <environment>").description(
|
|
102018
101504
|
"Pack an encrypted artifact for a service identity.\n\n The artifact is a JSON envelope with age-encrypted secrets that can be\n fetched by the Clef agent at runtime from any HTTP URL or local file.\n\nUsage:\n clef pack api-gateway production --output ./artifact.json\n # Then upload with your CI tools:\n # aws s3 cp ./artifact.json s3://my-bucket/clef/api-gateway/production.json"
|
|
@@ -102039,7 +101525,7 @@ function registerPackCommand(program3, deps2) {
|
|
|
102039
101525
|
}
|
|
102040
101526
|
const repoRoot = program3.opts().dir || process.cwd();
|
|
102041
101527
|
const parser = new ManifestParser();
|
|
102042
|
-
const manifest = parser.parse(
|
|
101528
|
+
const manifest = parser.parse(path49.join(repoRoot, "clef.yaml"));
|
|
102043
101529
|
if (opts2.remote) {
|
|
102044
101530
|
const { resolveAccessToken: resolveAccessToken2, CloudPackClient: CloudPackClient3 } = await Promise.resolve().then(() => (init_src3(), src_exports2));
|
|
102045
101531
|
const { accessToken: token, endpoint } = await resolveAccessToken2();
|
|
@@ -102062,13 +101548,13 @@ function registerPackCommand(program3, deps2) {
|
|
|
102062
101548
|
const si = manifest.service_identities?.find((s) => s.name === identity);
|
|
102063
101549
|
const envConfig = si?.environments[environment];
|
|
102064
101550
|
if (envConfig && isKmsEnvelope(envConfig)) {
|
|
102065
|
-
const { createKmsProvider } = await Promise.resolve().then(() =>
|
|
102066
|
-
kmsProvider = await
|
|
101551
|
+
const { createKmsProvider: createKmsProvider2 } = await Promise.resolve().then(() => (init_src4(), src_exports3));
|
|
101552
|
+
kmsProvider = await createKmsProvider2(envConfig.kms.provider, {
|
|
102067
101553
|
region: envConfig.kms.region
|
|
102068
101554
|
});
|
|
102069
101555
|
}
|
|
102070
101556
|
const packer = new ArtifactPacker(sopsClient, matrixManager, kmsProvider);
|
|
102071
|
-
const outputPath = opts2.output ?
|
|
101557
|
+
const outputPath = opts2.output ? path49.resolve(opts2.output) : void 0;
|
|
102072
101558
|
const ttl = opts2.ttl ? parseInt(opts2.ttl, 10) : void 0;
|
|
102073
101559
|
if (ttl !== void 0 && (isNaN(ttl) || ttl < 1)) {
|
|
102074
101560
|
formatter.error("--ttl must be a positive integer (seconds).");
|
|
@@ -102151,8 +101637,8 @@ function registerPackCommand(program3, deps2) {
|
|
|
102151
101637
|
|
|
102152
101638
|
// src/commands/revoke.ts
|
|
102153
101639
|
init_src();
|
|
102154
|
-
import * as
|
|
102155
|
-
import * as
|
|
101640
|
+
import * as fs35 from "fs";
|
|
101641
|
+
import * as path50 from "path";
|
|
102156
101642
|
function registerRevokeCommand(program3, _deps) {
|
|
102157
101643
|
program3.command("revoke <identity> <environment>").description(
|
|
102158
101644
|
"Revoke a packed artifact for a service identity.\n\n Overwrites the packed artifact with a revocation marker that the\n Clef agent detects on the next poll, causing it to wipe its cache\n and stop serving secrets.\n\nUsage:\n clef revoke api-gateway production\n # Then commit and push (or upload to your artifact store)."
|
|
@@ -102160,7 +101646,7 @@ function registerRevokeCommand(program3, _deps) {
|
|
|
102160
101646
|
try {
|
|
102161
101647
|
const repoRoot = program3.opts().dir || process.cwd();
|
|
102162
101648
|
const parser = new ManifestParser();
|
|
102163
|
-
const manifest = parser.parse(
|
|
101649
|
+
const manifest = parser.parse(path50.join(repoRoot, "clef.yaml"));
|
|
102164
101650
|
const si = manifest.service_identities?.find((s) => s.name === identity);
|
|
102165
101651
|
if (!si) {
|
|
102166
101652
|
formatter.error(
|
|
@@ -102176,17 +101662,17 @@ function registerRevokeCommand(program3, _deps) {
|
|
|
102176
101662
|
process.exit(1);
|
|
102177
101663
|
return;
|
|
102178
101664
|
}
|
|
102179
|
-
const artifactDir =
|
|
102180
|
-
const artifactPath =
|
|
101665
|
+
const artifactDir = path50.join(repoRoot, ".clef", "packed", identity);
|
|
101666
|
+
const artifactPath = path50.join(artifactDir, `${environment}.age.json`);
|
|
102181
101667
|
const revoked = {
|
|
102182
101668
|
version: 1,
|
|
102183
101669
|
identity,
|
|
102184
101670
|
environment,
|
|
102185
101671
|
revokedAt: (/* @__PURE__ */ new Date()).toISOString()
|
|
102186
101672
|
};
|
|
102187
|
-
|
|
102188
|
-
|
|
102189
|
-
const relPath =
|
|
101673
|
+
fs35.mkdirSync(artifactDir, { recursive: true });
|
|
101674
|
+
fs35.writeFileSync(artifactPath, JSON.stringify(revoked, null, 2) + "\n", "utf-8");
|
|
101675
|
+
const relPath = path50.relative(repoRoot, artifactPath);
|
|
102190
101676
|
if (isJsonMode()) {
|
|
102191
101677
|
formatter.json({
|
|
102192
101678
|
identity,
|
|
@@ -102220,14 +101706,14 @@ function registerRevokeCommand(program3, _deps) {
|
|
|
102220
101706
|
// src/commands/drift.ts
|
|
102221
101707
|
var import_picocolors5 = __toESM(require_picocolors());
|
|
102222
101708
|
init_src();
|
|
102223
|
-
import * as
|
|
101709
|
+
import * as path51 from "path";
|
|
102224
101710
|
function registerDriftCommand(program3, _deps) {
|
|
102225
101711
|
program3.command("drift <path>").description(
|
|
102226
101712
|
"Compare key sets across two local Clef repos without decryption.\n\nReads encrypted YAML files as plaintext (key names are not encrypted)\nand reports keys that exist in some environments but not others.\n\nDoes not require sops to be installed.\n\nExit codes:\n 0 No drift\n 1 Drift found"
|
|
102227
101713
|
).option("--push", "Push results as OTLP to CLEF_TELEMETRY_URL").option("--namespace <name...>", "Scope to specific namespace(s)").action(async (remotePath, options) => {
|
|
102228
101714
|
try {
|
|
102229
101715
|
const localRoot = program3.opts().dir || process.cwd();
|
|
102230
|
-
const remoteRoot =
|
|
101716
|
+
const remoteRoot = path51.resolve(localRoot, remotePath);
|
|
102231
101717
|
const detector = new DriftDetector();
|
|
102232
101718
|
const result = detector.detect(localRoot, remoteRoot, options.namespace);
|
|
102233
101719
|
if (options.push) {
|
|
@@ -102296,10 +101782,10 @@ init_src();
|
|
|
102296
101782
|
// src/report/historical.ts
|
|
102297
101783
|
init_src();
|
|
102298
101784
|
import * as os7 from "os";
|
|
102299
|
-
import * as
|
|
102300
|
-
import * as
|
|
101785
|
+
import * as path52 from "path";
|
|
101786
|
+
import * as fs36 from "fs";
|
|
102301
101787
|
async function generateReportAtCommit(repoRoot, commitSha, clefVersion, runner2) {
|
|
102302
|
-
const tmpDir =
|
|
101788
|
+
const tmpDir = path52.join(os7.tmpdir(), `clef-report-${commitSha.slice(0, 8)}-${Date.now()}`);
|
|
102303
101789
|
try {
|
|
102304
101790
|
const addResult = await runner2.run("git", ["worktree", "add", tmpDir, commitSha, "--detach"], {
|
|
102305
101791
|
cwd: repoRoot
|
|
@@ -102317,7 +101803,7 @@ async function generateReportAtCommit(repoRoot, commitSha, clefVersion, runner2)
|
|
|
102317
101803
|
await runner2.run("git", ["worktree", "remove", tmpDir, "--force"], { cwd: repoRoot });
|
|
102318
101804
|
} catch {
|
|
102319
101805
|
try {
|
|
102320
|
-
|
|
101806
|
+
fs36.rmSync(tmpDir, { recursive: true, force: true });
|
|
102321
101807
|
await runner2.run("git", ["worktree", "prune"], { cwd: repoRoot });
|
|
102322
101808
|
} catch {
|
|
102323
101809
|
}
|
|
@@ -102539,8 +102025,8 @@ function formatReportOutput(report) {
|
|
|
102539
102025
|
|
|
102540
102026
|
// src/commands/install.ts
|
|
102541
102027
|
var import_yaml = __toESM(require_dist());
|
|
102542
|
-
import * as
|
|
102543
|
-
import * as
|
|
102028
|
+
import * as fs37 from "fs";
|
|
102029
|
+
import * as path53 from "path";
|
|
102544
102030
|
|
|
102545
102031
|
// src/registry/client.ts
|
|
102546
102032
|
var DEFAULT_REGISTRY = "https://raw.githubusercontent.com/clef-sh/clef/main/brokers";
|
|
@@ -102587,8 +102073,8 @@ function registerInstallCommand(program3, _deps) {
|
|
|
102587
102073
|
process.exit(1);
|
|
102588
102074
|
return;
|
|
102589
102075
|
}
|
|
102590
|
-
const brokerDir =
|
|
102591
|
-
if (
|
|
102076
|
+
const brokerDir = path53.join(repoRoot, "brokers", entry.name);
|
|
102077
|
+
if (fs37.existsSync(brokerDir) && !options.force) {
|
|
102592
102078
|
const overwrite = await formatter.confirm(
|
|
102593
102079
|
`brokers/${entry.name}/ already exists. Overwrite?`
|
|
102594
102080
|
);
|
|
@@ -102619,11 +102105,11 @@ function registerInstallCommand(program3, _deps) {
|
|
|
102619
102105
|
process.exit(1);
|
|
102620
102106
|
return;
|
|
102621
102107
|
}
|
|
102622
|
-
if (!
|
|
102623
|
-
|
|
102108
|
+
if (!fs37.existsSync(brokerDir)) {
|
|
102109
|
+
fs37.mkdirSync(brokerDir, { recursive: true });
|
|
102624
102110
|
}
|
|
102625
102111
|
for (const file of files) {
|
|
102626
|
-
|
|
102112
|
+
fs37.writeFileSync(path53.join(brokerDir, file.name), file.content, "utf-8");
|
|
102627
102113
|
}
|
|
102628
102114
|
const manifestFile = files.find((f2) => f2.name === "broker.yaml");
|
|
102629
102115
|
const manifest = manifestFile ? (0, import_yaml.parse)(manifestFile.content) : {};
|
|
@@ -102737,7 +102223,7 @@ function printBrokerTable(brokers) {
|
|
|
102737
102223
|
|
|
102738
102224
|
// src/commands/migrate-backend.ts
|
|
102739
102225
|
init_src();
|
|
102740
|
-
import * as
|
|
102226
|
+
import * as path54 from "path";
|
|
102741
102227
|
function resolveTarget(opts2) {
|
|
102742
102228
|
const provided = [];
|
|
102743
102229
|
if (opts2.awsKmsArn) provided.push({ backend: "awskms", key: opts2.awsKmsArn });
|
|
@@ -102767,7 +102253,7 @@ function registerMigrateBackendCommand(program3, deps2) {
|
|
|
102767
102253
|
const repoRoot = program3.opts().dir || process.cwd();
|
|
102768
102254
|
const target = resolveTarget(opts2);
|
|
102769
102255
|
const parser = new ManifestParser();
|
|
102770
|
-
const manifest = parser.parse(
|
|
102256
|
+
const manifest = parser.parse(path54.join(repoRoot, "clef.yaml"));
|
|
102771
102257
|
const matrixManager = new MatrixManager();
|
|
102772
102258
|
const impactedEnvs = opts2.environment ? manifest.environments.filter((e) => e.name === opts2.environment) : manifest.environments;
|
|
102773
102259
|
if (impactedEnvs.length === 0) {
|
|
@@ -102891,8 +102377,22 @@ ${sym("working")} Backend migration summary:`);
|
|
|
102891
102377
|
|
|
102892
102378
|
// src/commands/serve.ts
|
|
102893
102379
|
init_src();
|
|
102894
|
-
import * as
|
|
102380
|
+
import * as path55 from "path";
|
|
102895
102381
|
import { randomBytes as randomBytes10 } from "crypto";
|
|
102382
|
+
function synthesizeDevManifest(manifest, identityName, envName, ephemeralPublicKey) {
|
|
102383
|
+
return {
|
|
102384
|
+
...manifest,
|
|
102385
|
+
service_identities: manifest.service_identities?.map(
|
|
102386
|
+
(si) => si.name === identityName ? {
|
|
102387
|
+
...si,
|
|
102388
|
+
environments: {
|
|
102389
|
+
...si.environments,
|
|
102390
|
+
[envName]: { recipient: ephemeralPublicKey }
|
|
102391
|
+
}
|
|
102392
|
+
} : si
|
|
102393
|
+
)
|
|
102394
|
+
};
|
|
102395
|
+
}
|
|
102896
102396
|
function registerServeCommand(program3, deps2) {
|
|
102897
102397
|
program3.command("serve").description(
|
|
102898
102398
|
"Start a local secrets server for development.\n\n Packs and decrypts the specified service identity, then serves secrets\n at GET /v1/secrets \u2014 the same contract as the Clef agent and Cloud serve\n endpoint. Your app code works identically in local dev and production.\n\nUsage:\n clef serve --identity api-gateway --env dev\n clef serve --identity api-gateway --env dev --port 7779"
|
|
@@ -102900,7 +102400,7 @@ function registerServeCommand(program3, deps2) {
|
|
|
102900
102400
|
try {
|
|
102901
102401
|
const repoRoot = program3.opts().dir || process.cwd();
|
|
102902
102402
|
const parser = new ManifestParser();
|
|
102903
|
-
const manifest = parser.parse(
|
|
102403
|
+
const manifest = parser.parse(path55.join(repoRoot, "clef.yaml"));
|
|
102904
102404
|
const env = manifest.environments.find((e) => e.name === opts2.env);
|
|
102905
102405
|
if (!env) {
|
|
102906
102406
|
formatter.error(`Environment '${opts2.env}' not found in manifest.`);
|
|
@@ -102931,21 +102431,20 @@ function registerServeCommand(program3, deps2) {
|
|
|
102931
102431
|
return;
|
|
102932
102432
|
}
|
|
102933
102433
|
formatter.print(`${sym("working")} Packing '${opts2.identity}/${opts2.env}'...`);
|
|
102434
|
+
const ephemeral = await generateAgeIdentity();
|
|
102435
|
+
const devManifest = synthesizeDevManifest(
|
|
102436
|
+
manifest,
|
|
102437
|
+
opts2.identity,
|
|
102438
|
+
opts2.env,
|
|
102439
|
+
ephemeral.publicKey
|
|
102440
|
+
);
|
|
102934
102441
|
const sopsClient = await createSopsClient(repoRoot, deps2.runner);
|
|
102935
102442
|
const matrixManager = new MatrixManager();
|
|
102936
|
-
let kmsProvider;
|
|
102937
|
-
const envConfig = si.environments[opts2.env];
|
|
102938
|
-
if (envConfig && isKmsEnvelope(envConfig)) {
|
|
102939
|
-
const { createKmsProvider } = await Promise.resolve().then(() => __toESM(require_dist3()));
|
|
102940
|
-
kmsProvider = await createKmsProvider(envConfig.kms.provider, {
|
|
102941
|
-
region: envConfig.kms.region
|
|
102942
|
-
});
|
|
102943
|
-
}
|
|
102944
102443
|
const memOutput = new MemoryPackOutput();
|
|
102945
|
-
const packer = new ArtifactPacker(sopsClient, matrixManager
|
|
102444
|
+
const packer = new ArtifactPacker(sopsClient, matrixManager);
|
|
102946
102445
|
const result = await packer.pack(
|
|
102947
102446
|
{ identity: opts2.identity, environment: opts2.env, output: memOutput },
|
|
102948
|
-
|
|
102447
|
+
devManifest,
|
|
102949
102448
|
repoRoot
|
|
102950
102449
|
);
|
|
102951
102450
|
if (!memOutput.artifact) {
|
|
@@ -102953,16 +102452,18 @@ function registerServeCommand(program3, deps2) {
|
|
|
102953
102452
|
process.exit(1);
|
|
102954
102453
|
return;
|
|
102955
102454
|
}
|
|
102956
|
-
const { ArtifactDecryptor } = await Promise.resolve().then(() =>
|
|
102957
|
-
const
|
|
102958
|
-
const decryptor = new ArtifactDecryptor({ privateKey: privateKey ?? void 0 });
|
|
102455
|
+
const { ArtifactDecryptor: ArtifactDecryptor2 } = await Promise.resolve().then(() => (init_src4(), src_exports3));
|
|
102456
|
+
const decryptor = new ArtifactDecryptor2({ privateKey: ephemeral.privateKey });
|
|
102959
102457
|
const decrypted = await decryptor.decrypt(memOutput.artifact);
|
|
102960
|
-
const { SecretsCache } = await Promise.resolve().then(() =>
|
|
102961
|
-
const cache = new
|
|
102458
|
+
const { SecretsCache: SecretsCache2 } = await Promise.resolve().then(() => (init_src4(), src_exports3));
|
|
102459
|
+
const cache = new SecretsCache2();
|
|
102962
102460
|
cache.swap(decrypted.values, decrypted.keys, decrypted.revision);
|
|
102963
102461
|
const token = randomBytes10(32).toString("hex");
|
|
102964
|
-
const { startAgentServer } = await Promise.resolve().then(() => __toESM(
|
|
102462
|
+
const { startAgentServer } = await Promise.resolve().then(() => __toESM(require_dist3()));
|
|
102965
102463
|
const server = await startAgentServer({ port, token, cache });
|
|
102464
|
+
formatter.warn(
|
|
102465
|
+
"DEVELOPMENT ONLY\n This server packs secrets locally with an ephemeral age key.\n Do NOT use this in production. For production, deploy the Clef\n agent with the service identity's actual private key or KMS access."
|
|
102466
|
+
);
|
|
102966
102467
|
formatter.success(`Serving ${result.keyCount} secrets for '${opts2.identity}/${opts2.env}'`);
|
|
102967
102468
|
formatter.print(`
|
|
102968
102469
|
URL: ${server.url}/v1/secrets`);
|
|
@@ -102982,6 +102483,7 @@ function registerServeCommand(program3, deps2) {
|
|
|
102982
102483
|
formatter.print(`
|
|
102983
102484
|
${sym("working")} Stopping server...`);
|
|
102984
102485
|
cache.wipe();
|
|
102486
|
+
ephemeral.privateKey = "";
|
|
102985
102487
|
await server.stop();
|
|
102986
102488
|
resolve7();
|
|
102987
102489
|
};
|