npm - @cloudflare/sandbox - Versions diffs - 0.4.17 → 0.5.1 - Mend

@cloudflare/sandbox 0.4.17 → 0.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (27) hide show

package/.turbo/turbo-build.log +8 -8
package/CHANGELOG.md +58 -0
package/Dockerfile +5 -1
package/LICENSE +176 -0
package/README.md +1 -1
package/dist/index.d.ts +296 -312
package/dist/index.d.ts.map +1 -1
package/dist/index.js +527 -57
package/dist/index.js.map +1 -1
package/package.json +2 -2
package/src/clients/base-client.ts +107 -46
package/src/clients/file-client.ts +2 -2
package/src/index.ts +19 -2
package/src/request-handler.ts +2 -1
package/src/sandbox.ts +637 -24
package/src/storage-mount/credential-detection.ts +41 -0
package/src/storage-mount/errors.ts +51 -0
package/src/storage-mount/index.ts +17 -0
package/src/storage-mount/provider-detection.ts +93 -0
package/src/storage-mount/types.ts +17 -0
package/src/version.ts +1 -1
package/tests/base-client.test.ts +218 -0
package/tests/get-sandbox.test.ts +24 -1
package/tests/sandbox.test.ts +121 -0
package/tests/storage-mount/credential-detection.test.ts +119 -0
package/tests/storage-mount/provider-detection.test.ts +77 -0
package/tsdown.config.ts +2 -1

package/tests/storage-mount/credential-detection.test.ts ADDED Viewed

@@ -0,0 +1,119 @@
+import { describe, expect, it } from 'vitest';
+import { detectCredentials } from '../../src/storage-mount/credential-detection';
+describe('Credential Detection', () => {
+  it('should use explicit credentials from options', () => {
+    const envVars = {};
+    const options = {
+      endpoint: 'https://test.r2.cloudflarestorage.com',
+      credentials: {
+        accessKeyId: 'explicit-key',
+        secretAccessKey: 'explicit-secret'
+      }
+    };
+    const credentials = detectCredentials(options, envVars);
+    expect(credentials.accessKeyId).toBe('explicit-key');
+    expect(credentials.secretAccessKey).toBe('explicit-secret');
+  });
+  it('should detect standard AWS env vars', () => {
+    const envVars = {
+      AWS_ACCESS_KEY_ID: 'aws-key',
+      AWS_SECRET_ACCESS_KEY: 'aws-secret'
+    };
+    const options = { endpoint: 'https://s3.us-west-2.amazonaws.com' };
+    const credentials = detectCredentials(options, envVars);
+    expect(credentials.accessKeyId).toBe('aws-key');
+    expect(credentials.secretAccessKey).toBe('aws-secret');
+  });
+  it('should ignore session token in environment', () => {
+    const envVars = {
+      AWS_ACCESS_KEY_ID: 'aws-key',
+      AWS_SECRET_ACCESS_KEY: 'aws-secret',
+      AWS_SESSION_TOKEN: 'session-token'
+    };
+    const options = { endpoint: 'https://s3.us-west-2.amazonaws.com' };
+    const credentials = detectCredentials(options, envVars);
+    expect(credentials.accessKeyId).toBe('aws-key');
+    expect(credentials.secretAccessKey).toBe('aws-secret');
+  });
+  it('should prioritize explicit credentials over env vars', () => {
+    const envVars = {
+      AWS_ACCESS_KEY_ID: 'env-key',
+      AWS_SECRET_ACCESS_KEY: 'env-secret'
+    };
+    const options = {
+      endpoint: 'https://test.r2.cloudflarestorage.com',
+      credentials: {
+        accessKeyId: 'explicit-key',
+        secretAccessKey: 'explicit-secret'
+      }
+    };
+    const credentials = detectCredentials(options, envVars);
+    expect(credentials.accessKeyId).toBe('explicit-key');
+    expect(credentials.secretAccessKey).toBe('explicit-secret');
+  });
+  it('should throw error when no credentials found', () => {
+    const envVars = {};
+    const options = { endpoint: 'https://test.r2.cloudflarestorage.com' };
+    expect(() => detectCredentials(options, envVars)).toThrow(
+      'No credentials found'
+    );
+  });
+  it('should include helpful error message with env var hints', () => {
+    const envVars = {};
+    const options = { endpoint: 'https://test.r2.cloudflarestorage.com' };
+    let thrownError: Error | null = null;
+    try {
+      detectCredentials(options, envVars);
+    } catch (error) {
+      thrownError = error as Error;
+    }
+    expect(thrownError).toBeTruthy();
+    if (thrownError) {
+      const message = thrownError.message;
+      expect(message).toContain('AWS_ACCESS_KEY_ID');
+      expect(message).toContain('AWS_SECRET_ACCESS_KEY');
+      expect(message).toContain('explicit credentials');
+    }
+  });
+  it('should throw error when only access key is present', () => {
+    const envVars = {
+      AWS_ACCESS_KEY_ID: 'aws-key'
+      // Missing AWS_SECRET_ACCESS_KEY
+    };
+    const options = { endpoint: 'https://test.r2.cloudflarestorage.com' };
+    expect(() => detectCredentials(options, envVars)).toThrow(
+      'No credentials found'
+    );
+  });
+  it('should throw error when only secret key is present', () => {
+    const envVars = {
+      AWS_SECRET_ACCESS_KEY: 'aws-secret'
+      // Missing AWS_ACCESS_KEY_ID
+    };
+    const options = { endpoint: 'https://test.r2.cloudflarestorage.com' };
+    expect(() => detectCredentials(options, envVars)).toThrow(
+      'No credentials found'
+    );
+  });
+});

package/tests/storage-mount/provider-detection.test.ts ADDED Viewed

@@ -0,0 +1,77 @@
+import { describe, expect, it } from 'vitest';
+import {
+  detectProviderFromUrl,
+  getProviderFlags,
+  resolveS3fsOptions
+} from '../../src/storage-mount/provider-detection';
+describe('Provider Detection', () => {
+  describe('detectProviderFromUrl', () => {
+    it.each([
+      ['https://abc123.r2.cloudflarestorage.com', 'r2'],
+      ['https://s3.us-west-2.amazonaws.com', 's3'],
+      ['https://storage.googleapis.com', 'gcs']
+    ])('should detect %s as %s', (url, expectedProvider) => {
+      expect(detectProviderFromUrl(url)).toBe(expectedProvider);
+    });
+    it.each([['https://custom.storage.example.com'], ['not-a-url'], ['']])(
+      'should return null for unknown/invalid: %s',
+      (url) => {
+        expect(detectProviderFromUrl(url)).toBe(null);
+      }
+    );
+  });
+  describe('getProviderFlags', () => {
+    it.each([
+      ['r2', ['nomixupload']],
+      ['s3', []],
+      ['gcs', []]
+    ])('should return correct flags for %s', (provider, expected) => {
+      expect(getProviderFlags(provider as any)).toEqual(expected);
+    });
+    it('should return safe defaults for unknown providers', () => {
+      expect(getProviderFlags(null)).toEqual(['use_path_request_style']);
+    });
+  });
+  describe('resolveS3fsOptions', () => {
+    it('should use provider defaults when no user options', () => {
+      const options = resolveS3fsOptions('r2');
+      expect(options).toEqual(['nomixupload']);
+    });
+    it('should merge provider flags with user options', () => {
+      const options = resolveS3fsOptions('r2', ['custom_flag']);
+      expect(options).toContain('nomixupload');
+      expect(options).toContain('custom_flag');
+    });
+    it('should allow user options to override provider defaults', () => {
+      const options = resolveS3fsOptions('r2', ['endpoint=us-east']);
+      expect(options).toContain('nomixupload');
+      expect(options).toContain('endpoint=us-east');
+      expect(options).not.toContain('endpoint=auto');
+    });
+    it('should deduplicate flags keeping last occurrence', () => {
+      const options = resolveS3fsOptions(null, [
+        'use_path_request_style',
+        'custom_flag'
+      ]);
+      const count = options.filter(
+        (o) => o === 'use_path_request_style'
+      ).length;
+      expect(count).toBe(1);
+      expect(options).toContain('custom_flag');
+    });
+    it('should use safe defaults for unknown providers', () => {
+      const options = resolveS3fsOptions(null, ['nomixupload']);
+      expect(options).toContain('use_path_request_style');
+      expect(options).toContain('nomixupload');
+    });
+  });
+});

package/tsdown.config.ts CHANGED Viewed

@@ -8,5 +8,6 @@ export default defineConfig({
     resolve: ['@repo/shared']
   },
   sourcemap: true,
-  format: 'esm'
+  format: 'esm',
+  fixedExtension: false
 });