@marcuspuchalla/nachos 0.1.3 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +75 -0
- package/dist/{chunk-PTWN7K3Y.cjs → chunk-3Z45RBZP.cjs} +469 -244
- package/dist/chunk-3Z45RBZP.cjs.map +1 -0
- package/dist/{chunk-2MTLSQ7E.js → chunk-EDXZTSIA.js} +224 -166
- package/dist/chunk-EDXZTSIA.js.map +1 -0
- package/dist/{chunk-R62CQQNI.cjs → chunk-HMUA5KLG.cjs} +239 -181
- package/dist/chunk-HMUA5KLG.cjs.map +1 -0
- package/dist/{chunk-ZDZ2B5PE.js → chunk-JESIF5IF.js} +7 -3
- package/dist/chunk-JESIF5IF.js.map +1 -0
- package/dist/{chunk-5A5T56JB.js → chunk-LWNWC2O7.js} +442 -217
- package/dist/chunk-LWNWC2O7.js.map +1 -0
- package/dist/{chunk-PD72MVTX.cjs → chunk-P6A2OOIY.cjs} +7 -3
- package/dist/chunk-P6A2OOIY.cjs.map +1 -0
- package/dist/encoder/index.cjs +14 -14
- package/dist/encoder/index.d.cts +5 -4
- package/dist/encoder/index.d.ts +5 -4
- package/dist/encoder/index.js +2 -2
- package/dist/index.cjs +58 -39
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +40 -21
- package/dist/index.d.ts +40 -21
- package/dist/index.js +37 -17
- package/dist/index.js.map +1 -1
- package/dist/metafile-cjs.json +1 -1
- package/dist/metafile-esm.json +1 -1
- package/dist/parser/index.cjs +21 -21
- package/dist/parser/index.d.cts +4 -2
- package/dist/parser/index.d.ts +4 -2
- package/dist/parser/index.js +2 -2
- package/dist/{types-DvNlfbKB.d.cts → types-eG2qalpr.d.cts} +27 -1
- package/dist/{types-DvNlfbKB.d.ts → types-eG2qalpr.d.ts} +27 -1
- package/dist/{useCborSimpleEncoder-TVxzNJ_9.d.ts → useCborSimpleEncoder-CamvS-_N.d.ts} +7 -3
- package/dist/{useCborSimpleEncoder-ButVU988.d.cts → useCborSimpleEncoder-DXgPx62d.d.cts} +7 -3
- package/dist/{useCborTag-xV2Pz2VY.d.ts → useCborTag-D4d7xG3-.d.cts} +9 -4
- package/dist/{useCborTag-Cs1CZuXZ.d.cts → useCborTag-TYst1KR6.d.ts} +9 -4
- package/package.json +1 -1
- package/src/__tests__/audit-fixes.test.ts +141 -0
- package/src/__tests__/public-api.test.ts +153 -0
- package/src/__tests__/roundtrip.test.ts +5 -6
- package/src/encoder/__tests__/cbor-collection-encoder.test.ts +103 -5
- package/src/encoder/__tests__/cbor-encoder-errors.test.ts +40 -5
- package/src/encoder/__tests__/cbor-simple-encoder.test.ts +126 -0
- package/src/encoder/composables/useCborCollectionEncoder.ts +30 -26
- package/src/encoder/composables/useCborEncoder.ts +40 -0
- package/src/encoder/composables/useCborSimpleEncoder.ts +40 -9
- package/src/encoder/types.ts +9 -4
- package/src/encoder/utils.ts +33 -1
- package/src/index.ts +39 -20
- package/src/parser/__tests__/buffer-native-parsing.test.ts +338 -0
- package/src/parser/__tests__/cbor-map-duplicate-keys.test.ts +97 -7
- package/src/parser/__tests__/cbor-security-dos-protection.test.ts +164 -31
- package/src/parser/__tests__/cbor-standard-tags.test.ts +75 -7
- package/src/parser/__tests__/cbor-tag-reparse-fix.test.ts +268 -0
- package/src/parser/__tests__/utils-errors.test.ts +11 -3
- package/src/parser/composables/useCborCollection.ts +51 -45
- package/src/parser/composables/useCborDiagnostic.ts +28 -0
- package/src/parser/composables/useCborFloat.ts +2 -1
- package/src/parser/composables/useCborInteger.ts +24 -10
- package/src/parser/composables/useCborParser.ts +448 -208
- package/src/parser/composables/useCborTag.ts +53 -38
- package/src/parser/types.ts +32 -1
- package/src/parser/utils.ts +52 -0
- package/dist/chunk-2MTLSQ7E.js.map +0 -1
- package/dist/chunk-5A5T56JB.js.map +0 -1
- package/dist/chunk-PD72MVTX.cjs.map +0 -1
- package/dist/chunk-PTWN7K3Y.cjs.map +0 -1
- package/dist/chunk-R62CQQNI.cjs.map +0 -1
- package/dist/chunk-ZDZ2B5PE.js.map +0 -1
package/CHANGELOG.md
CHANGED
|
@@ -5,6 +5,81 @@ All notable changes to this project will be documented in this file.
|
|
|
5
5
|
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
|
|
6
6
|
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
|
7
7
|
|
|
8
|
+
## [0.2.0] - 2026-06-14 - RFC 8949 audit remediation
|
|
9
|
+
|
|
10
|
+
Resolves the findings of the June 2026 RFC 8949 conformance & security audit.
|
|
11
|
+
All fixes verified empirically against the build and locked in by
|
|
12
|
+
`src/__tests__/audit-fixes.test.ts`.
|
|
13
|
+
|
|
14
|
+
### Fixed
|
|
15
|
+
|
|
16
|
+
#### Security
|
|
17
|
+
- **(H1) Source-map parse path stack overflow** - `decodeWithSourceMap()` now
|
|
18
|
+
enforces `maxTagDepth` (RUSTSEC-2019-0025). Deeply nested tags previously
|
|
19
|
+
overflowed the call stack with an uncatchable `RangeError`; they now raise a
|
|
20
|
+
clean `Error`, matching `decode()`.
|
|
21
|
+
- **(M2) Encoder depth bypass via tags** - `maxDepth` is now tracked across the
|
|
22
|
+
tagged-value boundary, so deeply nested `{tag,value}` chains can no longer
|
|
23
|
+
bypass the limit and overflow the stack.
|
|
24
|
+
- **(L3) `readUint` precision** - refuses values above `MAX_SAFE_INTEGER`
|
|
25
|
+
instead of silently losing precision; callers must use `readBigUint`.
|
|
26
|
+
|
|
27
|
+
#### Correctness / Conformance
|
|
28
|
+
- **(H2) Map key ordering is now explicit** - canonical mode defaults to
|
|
29
|
+
**length-first** ordering (Cardano CIP-21 / RFC 7049 §3.9) and accepts a new
|
|
30
|
+
`mapKeyOrder: 'length-first' | 'bytewise'` option. `'bytewise'` selects
|
|
31
|
+
RFC 8949 §4.2.1 core deterministic ordering. Applies to both encoding and
|
|
32
|
+
`validateCanonical` decoding.
|
|
33
|
+
- **(M1) Trailing-data well-formedness** - new `allowTrailingData` option
|
|
34
|
+
(default `true`; auto-`false` in `strict` mode) makes `decode()` reject
|
|
35
|
+
bytes left over after the top-level item. Use `parseSequence` for multiple items.
|
|
36
|
+
- **(M4) Shortest-form tag numbers** - `validateCanonical` now rejects
|
|
37
|
+
non-shortest tag number encodings (e.g. `d80100` instead of `c100`).
|
|
38
|
+
- **(M5) Float16 subnormal encoding** - `canBeFloat16` lower bound corrected
|
|
39
|
+
from 2⁻¹⁴ (min normal) to 2⁻²⁴ (min subnormal). The encoder no longer emits
|
|
40
|
+
float32 for representable subnormals, so its output again passes its own
|
|
41
|
+
canonical validator.
|
|
42
|
+
|
|
43
|
+
#### Behavior
|
|
44
|
+
- **(M3) Duplicate map keys** - default `dupMapKeyMode` changed from `'allow'`
|
|
45
|
+
to `'warn'` so duplicates are never silently collapsed in the `Map` view.
|
|
46
|
+
Byte-perfect round-trips are still preserved via `ALL_ENTRIES_SYMBOL`.
|
|
47
|
+
|
|
48
|
+
### Performance
|
|
49
|
+
- **(L1) Source-map sequences** - `parseSequenceWithSourceMap` uses a zero-copy
|
|
50
|
+
`subarray` view per item instead of re-hex-encoding the buffer tail (O(N²) → O(N)).
|
|
51
|
+
|
|
52
|
+
### Added
|
|
53
|
+
- `MapKeyOrder` type, `mapKeyOrder` option (parser + encoder), `allowTrailingData`
|
|
54
|
+
option, and `compareBytesLexicographic` / `compareMapKeys` utilities.
|
|
55
|
+
- Diagnostic notation (L5) now renders `CborByteString`/`CborTextString` wrappers,
|
|
56
|
+
unassigned simple values (`simple(N)`), and auto-detects indefinite-length
|
|
57
|
+
arrays/maps/strings.
|
|
58
|
+
- 24 new audit-regression tests.
|
|
59
|
+
|
|
60
|
+
## [0.1.4] - 2026-02-22
|
|
61
|
+
|
|
62
|
+
### Fixed
|
|
63
|
+
|
|
64
|
+
#### Security
|
|
65
|
+
- **Duplicate map key bypass** - Semantic comparison now used for duplicate detection; different encodings of the same integer key (e.g. `0x01`, `0x1801`, `0x190001`) are correctly identified as duplicates (RFC 8949 Section 5.6)
|
|
66
|
+
- **maxParseTime bypass** - Timeout is now enforced in standard `decode()`/`parse()` path, not only in `decodeWithSourceMap()`
|
|
67
|
+
- **bytesWritten double-counting** - Removed broken value-copy tracking from `EncodeContext`; `maxOutputSize` is now checked once at root level after encoding completes
|
|
68
|
+
|
|
69
|
+
#### Correctness
|
|
70
|
+
- **Tag 4/5 integer validation** - `Number.isInteger()` check added to reject floats in exponent/mantissa positions (RFC 8949 requirement)
|
|
71
|
+
- **Float16 IEEE 754 rounding** - Replaced truncating `>> 42` shift with guard/round/sticky round-half-to-even; also fixed 32-bit truncation bug that corrupted most float16 mantissas
|
|
72
|
+
- **Exponential source-map re-parsing** - `validateTagSemantics` and `decodePlutusConstructor` now called directly on already-parsed values instead of re-parsing the entire tag subtree (O(D²) → O(D))
|
|
73
|
+
|
|
74
|
+
### Performance
|
|
75
|
+
- **Eliminated O(N²) parsing** - `parseItem` and `parseSequence` no longer slice and hex-encode the full remaining buffer on each element; all types now use buffer+offset native dispatch
|
|
76
|
+
- **Map canonical sort** - Keys pre-encoded once before sort instead of re-encoded O(N log N) times inside comparator
|
|
77
|
+
|
|
78
|
+
### Added
|
|
79
|
+
- **Uint8Array input support** - `decode()`, `decodeWithSourceMap()`, `parseSequence()`, and `CborDecoder` class methods now accept `Uint8Array` directly, skipping hex conversion entirely
|
|
80
|
+
- **Buffer-native parser exports** - `parseIntegerFromBuffer`, `parseFromBuffer` (float), `parseTagFromBuffer`, `validateTagSemantics`, `decodePlutusConstructor` exported for advanced use
|
|
81
|
+
- 115 new tests
|
|
82
|
+
|
|
8
83
|
## [0.1.3] - 2026-02-09
|
|
9
84
|
|
|
10
85
|
### Fixed
|