@dirathea/busical 0.1.3

package/dist/getbusicalapp/wrangler.json

@@ -0,0 +1 @@
+{"configPath":"/home/runner/work/getbusicalapp/getbusicalapp/wrangler.jsonc","userConfigPath":"/home/runner/work/getbusicalapp/getbusicalapp/wrangler.jsonc","topLevelName":"getbusicalapp","definedEnvironments":[],"legacy_env":true,"compatibility_date":"2025-04-03","compatibility_flags":[],"jsx_factory":"React.createElement","jsx_fragment":"React.Fragment","rules":[{"type":"ESModule","globs":["**/*.js","**/*.mjs"]}],"name":"getbusicalapp","main":"index.js","triggers":{},"assets":{"directory":"../client","not_found_handling":"single-page-application"},"vars":{},"durable_objects":{"bindings":[]},"workflows":[],"migrations":[],"kv_namespaces":[],"cloudchamber":{},"send_email":[],"queues":{"producers":[],"consumers":[]},"r2_buckets":[],"d1_databases":[],"vectorize":[],"hyperdrive":[],"services":[],"analytics_engine_datasets":[],"dispatch_namespaces":[],"mtls_certificates":[],"pipelines":[],"secrets_store_secrets":[],"unsafe_hello_world":[],"worker_loaders":[],"ratelimits":[],"vpc_services":[],"logfwdr":{"bindings":[]},"python_modules":{"exclude":["**/*.pyc"]},"dev":{"ip":"localhost","local_protocol":"http","upstream_protocol":"http","enable_containers":true,"generate_types":false},"no_bundle":true}

package/dist/worker/app.js

@@ -0,0 +1,224 @@
+import { cors } from "hono/cors";
+const setup = (app, env) => {
+    // Get allowed origin from environment variable or fallback to wildcard for dev
+    const allowedOrigin = env?.ALLOWED_ORIGIN || "*";
+    // Enable CORS for all routes
+    app.use("*", cors({
+        origin: allowedOrigin,
+        allowMethods: ["GET", "POST", "OPTIONS"],
+        allowHeaders: ["Content-Type", "Authorization", "Accept", "User-Agent"],
+        exposeHeaders: ["Content-Length", "Content-Type"],
+        maxAge: 86400, // 24 hours
+        credentials: false,
+    }));
+    // Security headers middleware (applied to all routes)
+    app.use("*", async (c, next) => {
+        await next();
+        // Prevent MIME type sniffing
+        c.header('X-Content-Type-Options', 'nosniff');
+        // Prevent clickjacking
+        c.header('X-Frame-Options', 'DENY');
+        // Enable XSS protection
+        c.header('X-XSS-Protection', '1; mode=block');
+        // Referrer policy
+        c.header('Referrer-Policy', 'strict-origin-when-cross-origin');
+        // Note: CSP is handled by index.html meta tag for static files
+        // Proxy endpoints have their own strict CSP below
+    });
+    // Strict CSP for proxy endpoint only (API responses don't need scripts/styles)
+    app.use("/proxy", async (c, next) => {
+        await next();
+        c.header('Content-Security-Policy', "default-src 'none'; connect-src 'self'");
+    });
+    // Health check endpoint
+    app.get("/health", (c) => {
+        return c.json({ status: "ok", timestamp: new Date().toISOString() });
+    });
+    // GET endpoint for ICS proxy (primary method)
+    app.get("/proxy", async (c) => {
+        try {
+            const url = c.req.query("url");
+            if (!url) {
+                return c.json({
+                    success: false,
+                    error: "Missing url query parameter",
+                }, 400);
+            }
+            // Validate URL to prevent SSRF attacks
+            let urlObj;
+            try {
+                urlObj = new URL(url);
+            }
+            catch {
+                return c.json({
+                    success: false,
+                    error: "Invalid URL format",
+                }, 400);
+            }
+            if (!["http:", "https:"].includes(urlObj.protocol)) {
+                return c.json({
+                    success: false,
+                    error: "Invalid URL protocol. Only http and https are allowed.",
+                }, 400);
+            }
+            // Fetch the ICS file
+            const response = await fetch(url, {
+                method: "GET",
+                headers: {
+                    "User-Agent": "BusiCal-Proxy/1.0 (Calendar Sync App)",
+                    Accept: "text/calendar, text/plain, */*",
+                },
+            });
+            // Check file size limit (5MB max)
+            const MAX_ICS_SIZE = 5 * 1024 * 1024; // 5MB
+            const contentLength = response.headers.get('content-length');
+            if (contentLength && parseInt(contentLength) > MAX_ICS_SIZE) {
+                return c.json({
+                    success: false,
+                    error: "Calendar file too large (max 5MB)",
+                }, 413 // Payload Too Large
+                );
+            }
+            if (!response.ok) {
+                return c.json({
+                    success: false,
+                    error: "Failed to fetch calendar",
+                    upstreamStatus: response.status,
+                    upstreamStatusText: response.statusText,
+                }, 502); // Bad Gateway
+            }
+            // Get the ICS data as plain text
+            const icsData = await response.text();
+            // Double-check actual size (in case Content-Length header was missing)
+            if (icsData.length > MAX_ICS_SIZE) {
+                return c.json({
+                    success: false,
+                    error: "Calendar file too large (max 5MB)",
+                }, 413);
+            }
+            // Validate that we got ICS-like content
+            if (!icsData.includes("BEGIN:VCALENDAR")) {
+                return c.json({
+                    success: false,
+                    error: "Response does not appear to be a valid ICS file",
+                }, 400);
+            }
+            // Return success with ICS data
+            return c.json({
+                success: true,
+                data: icsData,
+                contentType: response.headers.get("content-type") || "text/calendar",
+            });
+        }
+        catch (error) {
+            const errorMessage = error instanceof Error ? error.message : "Unknown error";
+            // No logging - privacy first
+            return c.json({
+                success: false,
+                error: "Proxy request failed",
+                details: errorMessage,
+            }, 500);
+        }
+    });
+    // POST endpoint for ICS proxy (alternative method)
+    app.post("/proxy", async (c) => {
+        try {
+            const body = await c.req.json();
+            const { url } = body;
+            if (!url) {
+                return c.json({
+                    success: false,
+                    error: "Missing url parameter",
+                }, 400);
+            }
+            // Validate URL
+            let urlObj;
+            try {
+                urlObj = new URL(url);
+            }
+            catch {
+                return c.json({
+                    success: false,
+                    error: "Invalid URL format",
+                }, 400);
+            }
+            if (!["http:", "https:"].includes(urlObj.protocol)) {
+                return c.json({
+                    success: false,
+                    error: "Invalid URL protocol",
+                }, 400);
+            }
+            const response = await fetch(url, {
+                method: "GET",
+                headers: {
+                    "User-Agent": "BusiCal-Proxy/1.0",
+                    Accept: "text/calendar, text/plain, */*",
+                },
+            });
+            // Check file size limit (5MB max)
+            const MAX_ICS_SIZE = 5 * 1024 * 1024; // 5MB
+            const contentLength = response.headers.get('content-length');
+            if (contentLength && parseInt(contentLength) > MAX_ICS_SIZE) {
+                return c.json({
+                    success: false,
+                    error: "Calendar file too large (max 5MB)",
+                }, 413 // Payload Too Large
+                );
+            }
+            if (!response.ok) {
+                return c.json({
+                    success: false,
+                    error: "Failed to fetch calendar",
+                    upstreamStatus: response.status,
+                    upstreamStatusText: response.statusText,
+                }, 502); // Bad Gateway
+            }
+            const icsData = await response.text();
+            // Double-check actual size
+            if (icsData.length > MAX_ICS_SIZE) {
+                return c.json({
+                    success: false,
+                    error: "Calendar file too large (max 5MB)",
+                }, 413);
+            }
+            if (!icsData.includes("BEGIN:VCALENDAR")) {
+                return c.json({
+                    success: false,
+                    error: "Response does not appear to be a valid ICS file",
+                }, 400);
+            }
+            return c.json({
+                success: true,
+                data: icsData,
+            });
+        }
+        catch (error) {
+            const errorMessage = error instanceof Error ? error.message : "Unknown error";
+            // No logging - privacy first
+            return c.json({
+                success: false,
+                error: "Proxy request failed",
+                details: errorMessage,
+            }, 500);
+        }
+    });
+    // 404 handler
+    app.notFound((c) => {
+        return c.json({
+            success: false,
+            error: "Not found",
+            path: c.req.path,
+        }, 404);
+    });
+    // Error handler
+    app.onError((err, c) => {
+        // No logging - privacy first
+        return c.json({
+            success: false,
+            error: "Internal server error",
+            message: err.message,
+        }, 500);
+    });
+    return app;
+};
+export { setup };

package/dist/worker/node.js

@@ -0,0 +1,18 @@
+import { Hono } from "hono";
+import { serve } from "@hono/node-server";
+import { serveStatic } from "@hono/node-server/serve-static";
+import { setup } from "./app.js";
+const app = new Hono();
+const port = parseInt(process.env.PORT || "3000", 10);
+const allowedOrigin = process.env.ALLOWED_ORIGIN || "*";
+console.log("Starting BusiCal server...");
+console.log(`Port: ${port}`);
+console.log(`CORS Origin: ${allowedOrigin}`);
+setup(app, { ALLOWED_ORIGIN: allowedOrigin });
+// Serve static files from dist/client directory
+app.use("/*", serveStatic({ root: "./dist/client" }));
+// SPA fallback
+app.get("*", serveStatic({ path: "./dist/client/index.html" }));
+serve({ fetch: app.fetch, port }, (info) => {
+    console.log(`BusiCal server ready on http://localhost:${info.port}`);
+});

package/package.json

@@ -0,0 +1,87 @@
+{
+   "name": "@dirathea/busical",
+   "version": "0.1.3",
+   "type": "module",
+   "description": "Sync calendar events to your work calendar - with privacy",
+   "license": "MIT",
+   "author": "dirathea",
+   "repository": {
+      "type": "git",
+      "url": "https://github.com/dirathea/getbusicalapp"
+   },
+   "homepage": "https://github.com/dirathea/getbusicalapp",
+   "bugs": {
+      "url": "https://github.com/dirathea/getbusicalapp/issues"
+   },
+   "keywords": [
+      "calendar",
+      "ics",
+      "sync",
+      "privacy",
+      "busical"
+   ],
+   "bin": {
+      "busical": "./bin/cli.js"
+   },
+   "files": [
+      "bin",
+      "dist"
+   ],
+   "publishConfig": {
+      "registry": "https://registry.npmjs.org",
+      "access": "public"
+   },
+   "scripts": {
+      "dev": "vite",
+      "build": "tsc -b && vite build && npm run build:worker",
+      "build:worker": "tsc -p tsconfig.worker.json",
+      "lint": "eslint .",
+      "preview": "vite preview",
+      "dev:all": "concurrently 'npm run dev:worker' 'npm run dev'",
+      "dev:worker": "wrangler dev --port 8787",
+      "dev:node": "node bin/cli.js",
+      "deploy": "npm run build && wrangler deploy",
+      "changeset": "changeset",
+      "version-packages": "changeset version && node scripts/sync-sw-version.cjs",
+      "release": "changeset publish"
+   },
+   "dependencies": {
+      "@base-ui/react": "^1.0.0",
+      "@fontsource-variable/inter": "^5.2.8",
+      "@hono/node-server": "^1.19.9",
+      "@tailwindcss/vite": "^4.1.17",
+      "class-variance-authority": "^0.7.1",
+      "clsx": "^2.1.1",
+      "date-fns": "^4.1.0",
+      "hono": "^4.11.3",
+      "ical.js": "^2.2.1",
+      "lucide-react": "^0.562.0",
+      "radix-ui": "^1.4.3",
+      "react": "^19.2.0",
+      "react-dom": "^19.2.0",
+      "react-router": "^7.12.0",
+      "shadcn": "^3.6.3",
+      "tailwind-merge": "^3.4.0",
+      "tailwindcss": "^4.1.17",
+      "tw-animate-css": "^1.4.0"
+   },
+   "devDependencies": {
+      "@changesets/changelog-github": "^0.5.2",
+      "@changesets/cli": "^2.29.8",
+      "@cloudflare/vite-plugin": "^1.20.1",
+      "@eslint/js": "^9.39.1",
+      "@types/node": "^24.10.1",
+      "@types/react": "^19.2.5",
+      "@types/react-dom": "^19.2.3",
+      "@vitejs/plugin-react": "^5.1.1",
+      "concurrently": "^9.2.1",
+      "eslint": "^9.39.1",
+      "eslint-plugin-react-hooks": "^7.0.1",
+      "eslint-plugin-react-refresh": "^0.4.24",
+      "globals": "^16.5.0",
+      "typescript": "~5.9.3",
+      "typescript-eslint": "^8.46.4",
+      "vite": "^7.3.1",
+      "wrangler": "^4.58.0"
+   }
+}