@metamask/snaps-controllers 3.0.0 → 3.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +20 -1
- package/dist/cjs/cronjob/CronjobController.js +1 -1
- package/dist/cjs/cronjob/CronjobController.js.map +1 -1
- package/dist/cjs/services/AbstractExecutionService.js +6 -7
- package/dist/cjs/services/AbstractExecutionService.js.map +1 -1
- package/dist/cjs/snaps/SnapController.js +73 -82
- package/dist/cjs/snaps/SnapController.js.map +1 -1
- package/dist/cjs/snaps/endowments/cronjob.js +4 -4
- package/dist/cjs/snaps/endowments/cronjob.js.map +1 -1
- package/dist/cjs/snaps/endowments/keyring.js +4 -4
- package/dist/cjs/snaps/endowments/keyring.js.map +1 -1
- package/dist/cjs/snaps/endowments/name-lookup.js +3 -3
- package/dist/cjs/snaps/endowments/name-lookup.js.map +1 -1
- package/dist/cjs/snaps/endowments/rpc.js +4 -4
- package/dist/cjs/snaps/endowments/rpc.js.map +1 -1
- package/dist/cjs/snaps/endowments/transaction-insight.js +3 -3
- package/dist/cjs/snaps/endowments/transaction-insight.js.map +1 -1
- package/dist/cjs/snaps/location/npm.js +41 -14
- package/dist/cjs/snaps/location/npm.js.map +1 -1
- package/dist/cjs/snaps/permissions.js +5 -5
- package/dist/cjs/snaps/permissions.js.map +1 -1
- package/dist/cjs/snaps/registry/json.js +30 -1
- package/dist/cjs/snaps/registry/json.js.map +1 -1
- package/dist/cjs/snaps/registry/registry.js.map +1 -1
- package/dist/esm/cronjob/CronjobController.js +1 -1
- package/dist/esm/cronjob/CronjobController.js.map +1 -1
- package/dist/esm/services/AbstractExecutionService.js +6 -7
- package/dist/esm/services/AbstractExecutionService.js.map +1 -1
- package/dist/esm/snaps/SnapController.js +70 -79
- package/dist/esm/snaps/SnapController.js.map +1 -1
- package/dist/esm/snaps/endowments/cronjob.js +4 -4
- package/dist/esm/snaps/endowments/cronjob.js.map +1 -1
- package/dist/esm/snaps/endowments/keyring.js +4 -4
- package/dist/esm/snaps/endowments/keyring.js.map +1 -1
- package/dist/esm/snaps/endowments/name-lookup.js +3 -3
- package/dist/esm/snaps/endowments/name-lookup.js.map +1 -1
- package/dist/esm/snaps/endowments/rpc.js +4 -4
- package/dist/esm/snaps/endowments/rpc.js.map +1 -1
- package/dist/esm/snaps/endowments/transaction-insight.js +3 -3
- package/dist/esm/snaps/endowments/transaction-insight.js.map +1 -1
- package/dist/esm/snaps/location/npm.js +42 -15
- package/dist/esm/snaps/location/npm.js.map +1 -1
- package/dist/esm/snaps/permissions.js +1 -1
- package/dist/esm/snaps/permissions.js.map +1 -1
- package/dist/esm/snaps/registry/json.js +31 -2
- package/dist/esm/snaps/registry/json.js.map +1 -1
- package/dist/esm/snaps/registry/registry.js.map +1 -1
- package/dist/types/cronjob/CronjobController.d.ts +1 -1
- package/dist/types/services/AbstractExecutionService.d.ts +1 -1
- package/dist/types/snaps/SnapController.d.ts +20 -32
- package/dist/types/snaps/location/npm.d.ts +1 -1
- package/dist/types/snaps/registry/json.d.ts +5 -1
- package/dist/types/snaps/registry/registry.d.ts +11 -1
- package/package.json +29 -22
|
@@ -26,9 +26,9 @@ _export(exports, {
|
|
|
26
26
|
}
|
|
27
27
|
});
|
|
28
28
|
const _permissioncontroller = require("@metamask/permission-controller");
|
|
29
|
+
const _rpcerrors = require("@metamask/rpc-errors");
|
|
29
30
|
const _snapsutils = require("@metamask/snaps-utils");
|
|
30
31
|
const _utils = require("@metamask/utils");
|
|
31
|
-
const _ethrpcerrors = require("eth-rpc-errors");
|
|
32
32
|
const _enum = require("./enum");
|
|
33
33
|
const permissionName = _enum.SnapEndowments.Cronjob;
|
|
34
34
|
/**
|
|
@@ -74,18 +74,18 @@ function getCronjobCaveatJobs(permission) {
|
|
|
74
74
|
}
|
|
75
75
|
function validateCronjobCaveat(caveat) {
|
|
76
76
|
if (!(0, _utils.hasProperty)(caveat, 'value') || !(0, _utils.isPlainObject)(caveat.value)) {
|
|
77
|
-
throw
|
|
77
|
+
throw _rpcerrors.rpcErrors.invalidParams({
|
|
78
78
|
message: 'Expected a plain object.'
|
|
79
79
|
});
|
|
80
80
|
}
|
|
81
81
|
const { value } = caveat;
|
|
82
82
|
if (!(0, _utils.hasProperty)(value, 'jobs') || !(0, _utils.isPlainObject)(value)) {
|
|
83
|
-
throw
|
|
83
|
+
throw _rpcerrors.rpcErrors.invalidParams({
|
|
84
84
|
message: 'Expected a plain object.'
|
|
85
85
|
});
|
|
86
86
|
}
|
|
87
87
|
if (!(0, _snapsutils.isCronjobSpecificationArray)(value.jobs)) {
|
|
88
|
-
throw
|
|
88
|
+
throw _rpcerrors.rpcErrors.invalidParams({
|
|
89
89
|
message: 'Expected a valid cronjob specification array.'
|
|
90
90
|
});
|
|
91
91
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../src/snaps/endowments/cronjob.ts"],"sourcesContent":["import type {\n PermissionSpecificationBuilder,\n EndowmentGetterParams,\n ValidPermissionSpecification,\n PermissionConstraint,\n Caveat,\n CaveatSpecificationConstraint,\n} from '@metamask/permission-controller';\nimport { PermissionType, SubjectType } from '@metamask/permission-controller';\nimport type { CronjobSpecification } from '@metamask/snaps-utils';\nimport {\n SnapCaveatType,\n isCronjobSpecificationArray,\n} from '@metamask/snaps-utils';\nimport type { Json, NonEmptyArray } from '@metamask/utils';\nimport { assert, hasProperty, isPlainObject } from '@metamask/utils';\
|
|
1
|
+
{"version":3,"sources":["../../../../src/snaps/endowments/cronjob.ts"],"sourcesContent":["import type {\n PermissionSpecificationBuilder,\n EndowmentGetterParams,\n ValidPermissionSpecification,\n PermissionConstraint,\n Caveat,\n CaveatSpecificationConstraint,\n} from '@metamask/permission-controller';\nimport { PermissionType, SubjectType } from '@metamask/permission-controller';\nimport { rpcErrors } from '@metamask/rpc-errors';\nimport type { CronjobSpecification } from '@metamask/snaps-utils';\nimport {\n SnapCaveatType,\n isCronjobSpecificationArray,\n} from '@metamask/snaps-utils';\nimport type { Json, NonEmptyArray } from '@metamask/utils';\nimport { assert, hasProperty, isPlainObject } from '@metamask/utils';\n\nimport { SnapEndowments } from './enum';\n\nconst permissionName = SnapEndowments.Cronjob;\n\ntype CronjobEndowmentSpecification = ValidPermissionSpecification<{\n permissionType: PermissionType.Endowment;\n targetName: typeof permissionName;\n endowmentGetter: (_options?: any) => undefined;\n allowedCaveats: Readonly<NonEmptyArray<string>> | null;\n}>;\n\n/**\n * `endowment:cronjob` returns nothing; it is intended to be used as a flag to determine whether the snap wants to run cronjobs.\n *\n * @param _builderOptions - Optional specification builder options.\n * @returns The specification for the cronjob endowment.\n */\nconst specificationBuilder: PermissionSpecificationBuilder<\n PermissionType.Endowment,\n any,\n CronjobEndowmentSpecification\n> = (_builderOptions?: any) => {\n return {\n permissionType: PermissionType.Endowment,\n targetName: permissionName,\n allowedCaveats: [SnapCaveatType.SnapCronjob],\n endowmentGetter: (_getterOptions?: EndowmentGetterParams) => undefined,\n subjectTypes: [SubjectType.Snap],\n };\n};\n\nexport const cronjobEndowmentBuilder = Object.freeze({\n targetName: permissionName,\n specificationBuilder,\n} as const);\n\n/**\n * Map a raw value from the `initialPermissions` to a caveat specification.\n * Note that this function does not do any validation, that's handled by the\n * PermissionsController when the permission is requested.\n *\n * @param value - The raw value from the `initialPermissions`.\n * @returns The caveat specification.\n */\nexport function getCronjobCaveatMapper(\n value: Json,\n): Pick<PermissionConstraint, 'caveats'> {\n return {\n caveats: [\n {\n type: SnapCaveatType.SnapCronjob,\n value,\n },\n ],\n };\n}\n\n/**\n * Getter function to get the cronjobs from a permission.\n *\n * This does basic validation of the caveat, but does not validate the type or\n * value of the namespaces object itself, as this is handled by the\n * `PermissionsController` when the permission is requested.\n *\n * @param permission - The permission to get the keyring namespaces from.\n * @returns The cronjobs, or `null` if the permission does not have a\n * cronjob caveat.\n */\nexport function getCronjobCaveatJobs(\n permission?: PermissionConstraint,\n): CronjobSpecification[] | null {\n if (!permission?.caveats) {\n return null;\n }\n\n assert(permission.caveats.length === 1);\n assert(permission.caveats[0].type === SnapCaveatType.SnapCronjob);\n\n const caveat = permission.caveats[0] as Caveat<string, { jobs: Json[] }>;\n\n return (caveat.value?.jobs as CronjobSpecification[]) ?? null;\n}\n\n/**\n * Validate the cronjob specification values associated with a caveat.\n * This validates that the value is a non-empty array with valid\n * cronjob expression and request object.\n *\n * @param caveat - The caveat to validate.\n * @throws If the value is invalid.\n */\nexport function validateCronjobCaveat(caveat: Caveat<string, any>) {\n if (!hasProperty(caveat, 'value') || !isPlainObject(caveat.value)) {\n throw rpcErrors.invalidParams({\n message: 'Expected a plain object.',\n });\n }\n\n const { value } = caveat;\n\n if (!hasProperty(value, 'jobs') || !isPlainObject(value)) {\n throw rpcErrors.invalidParams({\n message: 'Expected a plain object.',\n });\n }\n\n if (!isCronjobSpecificationArray(value.jobs)) {\n throw rpcErrors.invalidParams({\n message: 'Expected a valid cronjob specification array.',\n });\n }\n}\n\n/**\n * Caveat specification for the Cronjob.\n */\nexport const cronjobCaveatSpecifications: Record<\n SnapCaveatType.SnapCronjob,\n CaveatSpecificationConstraint\n> = {\n [SnapCaveatType.SnapCronjob]: Object.freeze({\n type: SnapCaveatType.SnapCronjob,\n validator: (caveat) => validateCronjobCaveat(caveat),\n }),\n};\n"],"names":["cronjobEndowmentBuilder","getCronjobCaveatMapper","getCronjobCaveatJobs","validateCronjobCaveat","cronjobCaveatSpecifications","permissionName","SnapEndowments","Cronjob","specificationBuilder","_builderOptions","permissionType","PermissionType","Endowment","targetName","allowedCaveats","SnapCaveatType","SnapCronjob","endowmentGetter","_getterOptions","undefined","subjectTypes","SubjectType","Snap","Object","freeze","value","caveats","type","permission","assert","length","caveat","jobs","hasProperty","isPlainObject","rpcErrors","invalidParams","message","isCronjobSpecificationArray","validator"],"mappings":";;;;;;;;;;;IAiDaA,uBAAuB;eAAvBA;;IAaGC,sBAAsB;eAAtBA;;IAwBAC,oBAAoB;eAApBA;;IAuBAC,qBAAqB;eAArBA;;IAyBHC,2BAA2B;eAA3BA;;;sCA9H+B;2BAClB;4BAKnB;uBAE4C;sBAEpB;AAE/B,MAAMC,iBAAiBC,oBAAc,CAACC,OAAO;AAS7C;;;;;CAKC,GACD,MAAMC,uBAIF,CAACC;IACH,OAAO;QACLC,gBAAgBC,oCAAc,CAACC,SAAS;QACxCC,YAAYR;QACZS,gBAAgB;YAACC,0BAAc,CAACC,WAAW;SAAC;QAC5CC,iBAAiB,CAACC,iBAA2CC;QAC7DC,cAAc;YAACC,iCAAW,CAACC,IAAI;SAAC;IAClC;AACF;AAEO,MAAMtB,0BAA0BuB,OAAOC,MAAM,CAAC;IACnDX,YAAYR;IACZG;AACF;AAUO,SAASP,uBACdwB,KAAW;IAEX,OAAO;QACLC,SAAS;YACP;gBACEC,MAAMZ,0BAAc,CAACC,WAAW;gBAChCS;YACF;SACD;IACH;AACF;AAaO,SAASvB,qBACd0B,UAAiC;IAEjC,IAAI,CAACA,YAAYF,SAAS;QACxB,OAAO;IACT;IAEAG,IAAAA,aAAM,EAACD,WAAWF,OAAO,CAACI,MAAM,KAAK;IACrCD,IAAAA,aAAM,EAACD,WAAWF,OAAO,CAAC,EAAE,CAACC,IAAI,KAAKZ,0BAAc,CAACC,WAAW;IAEhE,MAAMe,SAASH,WAAWF,OAAO,CAAC,EAAE;IAEpC,OAAO,CAACK,OAAON,KAAK,EAAEO,IAA8B,KAAK;AAC3D;AAUO,SAAS7B,sBAAsB4B,MAA2B;IAC/D,IAAI,CAACE,IAAAA,kBAAW,EAACF,QAAQ,YAAY,CAACG,IAAAA,oBAAa,EAACH,OAAON,KAAK,GAAG;QACjE,MAAMU,oBAAS,CAACC,aAAa,CAAC;YAC5BC,SAAS;QACX;IACF;IAEA,MAAM,EAAEZ,KAAK,EAAE,GAAGM;IAElB,IAAI,CAACE,IAAAA,kBAAW,EAACR,OAAO,WAAW,CAACS,IAAAA,oBAAa,EAACT,QAAQ;QACxD,MAAMU,oBAAS,CAACC,aAAa,CAAC;YAC5BC,SAAS;QACX;IACF;IAEA,IAAI,CAACC,IAAAA,uCAA2B,EAACb,MAAMO,IAAI,GAAG;QAC5C,MAAMG,oBAAS,CAACC,aAAa,CAAC;YAC5BC,SAAS;QACX;IACF;AACF;AAKO,MAAMjC,8BAGT;IACF,CAACW,0BAAc,CAACC,WAAW,CAAC,EAAEO,OAAOC,MAAM,CAAC;QAC1CG,MAAMZ,0BAAc,CAACC,WAAW;QAChCuB,WAAW,CAACR,SAAW5B,sBAAsB4B;IAC/C;AACF"}
|
|
@@ -23,9 +23,9 @@ _export(exports, {
|
|
|
23
23
|
}
|
|
24
24
|
});
|
|
25
25
|
const _permissioncontroller = require("@metamask/permission-controller");
|
|
26
|
+
const _rpcerrors = require("@metamask/rpc-errors");
|
|
26
27
|
const _snapsutils = require("@metamask/snaps-utils");
|
|
27
28
|
const _utils = require("@metamask/utils");
|
|
28
|
-
const _ethrpcerrors = require("eth-rpc-errors");
|
|
29
29
|
const _enum = require("./enum");
|
|
30
30
|
const permissionName = _enum.SnapEndowments.Keyring;
|
|
31
31
|
/**
|
|
@@ -44,7 +44,7 @@ const permissionName = _enum.SnapEndowments.Keyring;
|
|
|
44
44
|
endowmentGetter: (_getterOptions)=>undefined,
|
|
45
45
|
validator: ({ caveats })=>{
|
|
46
46
|
if (caveats?.length !== 1 || caveats[0].type !== _snapsutils.SnapCaveatType.KeyringOrigin) {
|
|
47
|
-
throw
|
|
47
|
+
throw _rpcerrors.rpcErrors.invalidParams({
|
|
48
48
|
message: `Expected a single "${_snapsutils.SnapCaveatType.KeyringOrigin}" caveat.`
|
|
49
49
|
});
|
|
50
50
|
}
|
|
@@ -66,12 +66,12 @@ const keyringEndowmentBuilder = Object.freeze({
|
|
|
66
66
|
* @throws If the caveat value is invalid.
|
|
67
67
|
*/ function validateCaveatOrigins(caveat) {
|
|
68
68
|
if (!(0, _utils.hasProperty)(caveat, 'value') || !(0, _utils.isPlainObject)(caveat.value)) {
|
|
69
|
-
throw
|
|
69
|
+
throw _rpcerrors.rpcErrors.invalidParams({
|
|
70
70
|
message: 'Invalid keyring origins: Expected a plain object.'
|
|
71
71
|
});
|
|
72
72
|
}
|
|
73
73
|
const { value } = caveat;
|
|
74
|
-
(0, _snapsutils.assertIsKeyringOrigins)(value,
|
|
74
|
+
(0, _snapsutils.assertIsKeyringOrigins)(value, _rpcerrors.rpcErrors.invalidParams);
|
|
75
75
|
}
|
|
76
76
|
function getKeyringCaveatMapper(value) {
|
|
77
77
|
return {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../src/snaps/endowments/keyring.ts"],"sourcesContent":["import type {\n Caveat,\n CaveatSpecificationConstraint,\n EndowmentGetterParams,\n PermissionConstraint,\n PermissionSpecificationBuilder,\n PermissionValidatorConstraint,\n ValidPermissionSpecification,\n} from '@metamask/permission-controller';\nimport { PermissionType, SubjectType } from '@metamask/permission-controller';\nimport type { KeyringOrigins } from '@metamask/snaps-utils';\nimport { assertIsKeyringOrigins, SnapCaveatType } from '@metamask/snaps-utils';\nimport type { Json, NonEmptyArray } from '@metamask/utils';\nimport { assert, hasProperty, isPlainObject } from '@metamask/utils';\
|
|
1
|
+
{"version":3,"sources":["../../../../src/snaps/endowments/keyring.ts"],"sourcesContent":["import type {\n Caveat,\n CaveatSpecificationConstraint,\n EndowmentGetterParams,\n PermissionConstraint,\n PermissionSpecificationBuilder,\n PermissionValidatorConstraint,\n ValidPermissionSpecification,\n} from '@metamask/permission-controller';\nimport { PermissionType, SubjectType } from '@metamask/permission-controller';\nimport { rpcErrors } from '@metamask/rpc-errors';\nimport type { KeyringOrigins } from '@metamask/snaps-utils';\nimport { assertIsKeyringOrigins, SnapCaveatType } from '@metamask/snaps-utils';\nimport type { Json, NonEmptyArray } from '@metamask/utils';\nimport { assert, hasProperty, isPlainObject } from '@metamask/utils';\n\nimport { SnapEndowments } from './enum';\n\nconst permissionName = SnapEndowments.Keyring;\n\ntype KeyringEndowmentSpecification = ValidPermissionSpecification<{\n permissionType: PermissionType.Endowment;\n targetName: typeof permissionName;\n endowmentGetter: (_options?: EndowmentGetterParams) => undefined;\n allowedCaveats: Readonly<NonEmptyArray<string>> | null;\n validator: PermissionValidatorConstraint;\n subjectTypes: readonly SubjectType[];\n}>;\n\n/**\n * `endowment:keyring` returns nothing; it is intended to be used as a flag\n * by the client to detect whether the snap has keyring capabilities.\n *\n * @param _builderOptions - Optional specification builder options.\n * @returns The specification for the keyring endowment.\n */\nconst specificationBuilder: PermissionSpecificationBuilder<\n PermissionType.Endowment,\n any,\n KeyringEndowmentSpecification\n> = (_builderOptions?: unknown) => {\n return {\n permissionType: PermissionType.Endowment,\n targetName: permissionName,\n allowedCaveats: [SnapCaveatType.KeyringOrigin],\n endowmentGetter: (_getterOptions?: EndowmentGetterParams) => undefined,\n validator: ({ caveats }) => {\n if (\n caveats?.length !== 1 ||\n caveats[0].type !== SnapCaveatType.KeyringOrigin\n ) {\n throw rpcErrors.invalidParams({\n message: `Expected a single \"${SnapCaveatType.KeyringOrigin}\" caveat.`,\n });\n }\n },\n subjectTypes: [SubjectType.Snap],\n };\n};\n\nexport const keyringEndowmentBuilder = Object.freeze({\n targetName: permissionName,\n specificationBuilder,\n} as const);\n\n/**\n * Validate the value of a caveat. This does not validate the type of the\n * caveat itself, only the value of the caveat.\n *\n * @param caveat - The caveat to validate.\n * @throws If the caveat value is invalid.\n */\nfunction validateCaveatOrigins(caveat: Caveat<string, any>) {\n if (!hasProperty(caveat, 'value') || !isPlainObject(caveat.value)) {\n throw rpcErrors.invalidParams({\n message: 'Invalid keyring origins: Expected a plain object.',\n });\n }\n\n const { value } = caveat;\n assertIsKeyringOrigins(value, rpcErrors.invalidParams);\n}\n\n/**\n * Map a raw value from the `initialPermissions` to a caveat specification.\n * Note that this function does not do any validation, that's handled by the\n * PermissionsController when the permission is requested.\n *\n * @param value - The raw value from the `initialPermissions`.\n * @returns The caveat specification.\n */\nexport function getKeyringCaveatMapper(\n value: Json,\n): Pick<PermissionConstraint, 'caveats'> {\n return {\n caveats: [\n {\n type: SnapCaveatType.KeyringOrigin,\n value,\n },\n ],\n };\n}\n\n/**\n * Getter function to get the {@link KeyringOrigins} caveat value from a\n * permission.\n *\n * @param permission - The permission to get the caveat value from.\n * @returns The caveat value.\n * @throws If the permission does not have a valid {@link KeyringOrigins}\n * caveat.\n */\nexport function getKeyringCaveatOrigins(\n permission?: PermissionConstraint,\n): KeyringOrigins | null {\n assert(permission?.caveats);\n assert(permission.caveats.length === 1);\n assert(permission.caveats[0].type === SnapCaveatType.KeyringOrigin);\n\n const caveat = permission.caveats[0] as Caveat<string, KeyringOrigins>;\n return caveat.value;\n}\n\nexport const keyringCaveatSpecifications: Record<\n SnapCaveatType.KeyringOrigin,\n CaveatSpecificationConstraint\n> = {\n [SnapCaveatType.KeyringOrigin]: Object.freeze({\n type: SnapCaveatType.KeyringOrigin,\n validator: (caveat: Caveat<string, any>) => validateCaveatOrigins(caveat),\n }),\n};\n"],"names":["keyringEndowmentBuilder","getKeyringCaveatMapper","getKeyringCaveatOrigins","keyringCaveatSpecifications","permissionName","SnapEndowments","Keyring","specificationBuilder","_builderOptions","permissionType","PermissionType","Endowment","targetName","allowedCaveats","SnapCaveatType","KeyringOrigin","endowmentGetter","_getterOptions","undefined","validator","caveats","length","type","rpcErrors","invalidParams","message","subjectTypes","SubjectType","Snap","Object","freeze","validateCaveatOrigins","caveat","hasProperty","isPlainObject","value","assertIsKeyringOrigins","permission","assert"],"mappings":";;;;;;;;;;;IA4DaA,uBAAuB;eAAvBA;;IA+BGC,sBAAsB;eAAtBA;;IAsBAC,uBAAuB;eAAvBA;;IAWHC,2BAA2B;eAA3BA;;;sCAnH+B;2BAClB;4BAE6B;uBAEJ;sBAEpB;AAE/B,MAAMC,iBAAiBC,oBAAc,CAACC,OAAO;AAW7C;;;;;;CAMC,GACD,MAAMC,uBAIF,CAACC;IACH,OAAO;QACLC,gBAAgBC,oCAAc,CAACC,SAAS;QACxCC,YAAYR;QACZS,gBAAgB;YAACC,0BAAc,CAACC,aAAa;SAAC;QAC9CC,iBAAiB,CAACC,iBAA2CC;QAC7DC,WAAW,CAAC,EAAEC,OAAO,EAAE;YACrB,IACEA,SAASC,WAAW,KACpBD,OAAO,CAAC,EAAE,CAACE,IAAI,KAAKR,0BAAc,CAACC,aAAa,EAChD;gBACA,MAAMQ,oBAAS,CAACC,aAAa,CAAC;oBAC5BC,SAAS,CAAC,mBAAmB,EAAEX,0BAAc,CAACC,aAAa,CAAC,SAAS,CAAC;gBACxE;YACF;QACF;QACAW,cAAc;YAACC,iCAAW,CAACC,IAAI;SAAC;IAClC;AACF;AAEO,MAAM5B,0BAA0B6B,OAAOC,MAAM,CAAC;IACnDlB,YAAYR;IACZG;AACF;AAEA;;;;;;CAMC,GACD,SAASwB,sBAAsBC,MAA2B;IACxD,IAAI,CAACC,IAAAA,kBAAW,EAACD,QAAQ,YAAY,CAACE,IAAAA,oBAAa,EAACF,OAAOG,KAAK,GAAG;QACjE,MAAMZ,oBAAS,CAACC,aAAa,CAAC;YAC5BC,SAAS;QACX;IACF;IAEA,MAAM,EAAEU,KAAK,EAAE,GAAGH;IAClBI,IAAAA,kCAAsB,EAACD,OAAOZ,oBAAS,CAACC,aAAa;AACvD;AAUO,SAASvB,uBACdkC,KAAW;IAEX,OAAO;QACLf,SAAS;YACP;gBACEE,MAAMR,0BAAc,CAACC,aAAa;gBAClCoB;YACF;SACD;IACH;AACF;AAWO,SAASjC,wBACdmC,UAAiC;IAEjCC,IAAAA,aAAM,EAACD,YAAYjB;IACnBkB,IAAAA,aAAM,EAACD,WAAWjB,OAAO,CAACC,MAAM,KAAK;IACrCiB,IAAAA,aAAM,EAACD,WAAWjB,OAAO,CAAC,EAAE,CAACE,IAAI,KAAKR,0BAAc,CAACC,aAAa;IAElE,MAAMiB,SAASK,WAAWjB,OAAO,CAAC,EAAE;IACpC,OAAOY,OAAOG,KAAK;AACrB;AAEO,MAAMhC,8BAGT;IACF,CAACW,0BAAc,CAACC,aAAa,CAAC,EAAEc,OAAOC,MAAM,CAAC;QAC5CR,MAAMR,0BAAc,CAACC,aAAa;QAClCI,WAAW,CAACa,SAAgCD,sBAAsBC;IACpE;AACF"}
|
|
@@ -23,9 +23,9 @@ _export(exports, {
|
|
|
23
23
|
}
|
|
24
24
|
});
|
|
25
25
|
const _permissioncontroller = require("@metamask/permission-controller");
|
|
26
|
+
const _rpcerrors = require("@metamask/rpc-errors");
|
|
26
27
|
const _snapsutils = require("@metamask/snaps-utils");
|
|
27
28
|
const _utils = require("@metamask/utils");
|
|
28
|
-
const _ethrpcerrors = require("eth-rpc-errors");
|
|
29
29
|
const _enum = require("./enum");
|
|
30
30
|
const permissionName = _enum.SnapEndowments.NameLookup;
|
|
31
31
|
/**
|
|
@@ -44,7 +44,7 @@ const permissionName = _enum.SnapEndowments.NameLookup;
|
|
|
44
44
|
endowmentGetter: (_getterOptions)=>undefined,
|
|
45
45
|
validator: ({ caveats })=>{
|
|
46
46
|
if (!caveats || caveats !== null && caveats?.length > 1 || caveats?.length === 1 && caveats[0].type !== _snapsutils.SnapCaveatType.ChainIds) {
|
|
47
|
-
throw
|
|
47
|
+
throw _rpcerrors.rpcErrors.invalidParams({
|
|
48
48
|
message: `Expected a single "${_snapsutils.SnapCaveatType.ChainIds}" caveat.`
|
|
49
49
|
});
|
|
50
50
|
}
|
|
@@ -65,7 +65,7 @@ const nameLookupEndowmentBuilder = Object.freeze({
|
|
|
65
65
|
* @throws If the caveat value is invalid.
|
|
66
66
|
*/ function validateCaveat(caveat) {
|
|
67
67
|
if (!(0, _utils.hasProperty)(caveat, 'value') || !(0, _utils.isPlainObject)(caveat)) {
|
|
68
|
-
throw
|
|
68
|
+
throw _rpcerrors.rpcErrors.invalidParams({
|
|
69
69
|
message: 'Expected a plain object.'
|
|
70
70
|
});
|
|
71
71
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../src/snaps/endowments/name-lookup.ts"],"sourcesContent":["import type {\n EndowmentGetterParams,\n PermissionSpecificationBuilder,\n PermissionValidatorConstraint,\n ValidPermissionSpecification,\n Caveat,\n CaveatSpecificationConstraint,\n PermissionConstraint,\n} from '@metamask/permission-controller';\nimport { PermissionType, SubjectType } from '@metamask/permission-controller';\nimport { SnapCaveatType, isChainId } from '@metamask/snaps-utils';\nimport type { Json, NonEmptyArray } from '@metamask/utils';\nimport { assert, hasProperty, isPlainObject } from '@metamask/utils';\
|
|
1
|
+
{"version":3,"sources":["../../../../src/snaps/endowments/name-lookup.ts"],"sourcesContent":["import type {\n EndowmentGetterParams,\n PermissionSpecificationBuilder,\n PermissionValidatorConstraint,\n ValidPermissionSpecification,\n Caveat,\n CaveatSpecificationConstraint,\n PermissionConstraint,\n} from '@metamask/permission-controller';\nimport { PermissionType, SubjectType } from '@metamask/permission-controller';\nimport { rpcErrors } from '@metamask/rpc-errors';\nimport { SnapCaveatType, isChainId } from '@metamask/snaps-utils';\nimport type { Json, NonEmptyArray } from '@metamask/utils';\nimport { assert, hasProperty, isPlainObject } from '@metamask/utils';\n\nimport { SnapEndowments } from './enum';\n\nconst permissionName = SnapEndowments.NameLookup;\n\ntype NameLookupEndowmentSpecification = ValidPermissionSpecification<{\n permissionType: PermissionType.Endowment;\n targetName: typeof permissionName;\n endowmentGetter: (_options?: EndowmentGetterParams) => undefined;\n allowedCaveats: Readonly<NonEmptyArray<string>> | null;\n validator: PermissionValidatorConstraint;\n}>;\n\n/**\n * `endowment:name-lookup` returns nothing; it is intended to be used as a flag\n * by the extension to detect whether the snap has the capability to resolve a domain/address.\n *\n * @param _builderOptions - Optional specification builder options.\n * @returns The specification for the name-lookup endowment.\n */\nconst specificationBuilder: PermissionSpecificationBuilder<\n PermissionType.Endowment,\n any,\n NameLookupEndowmentSpecification\n> = (_builderOptions?: unknown) => {\n return {\n permissionType: PermissionType.Endowment,\n targetName: permissionName,\n allowedCaveats: [SnapCaveatType.ChainIds],\n endowmentGetter: (_getterOptions?: EndowmentGetterParams) => undefined,\n validator: ({ caveats }) => {\n if (\n !caveats ||\n (caveats !== null && caveats?.length > 1) ||\n (caveats?.length === 1 && caveats[0].type !== SnapCaveatType.ChainIds)\n ) {\n throw rpcErrors.invalidParams({\n message: `Expected a single \"${SnapCaveatType.ChainIds}\" caveat.`,\n });\n }\n },\n subjectTypes: [SubjectType.Snap],\n };\n};\n\nexport const nameLookupEndowmentBuilder = Object.freeze({\n targetName: permissionName,\n specificationBuilder,\n} as const);\n\n/**\n * Validates the type of the caveat value.\n *\n * @param caveat - The caveat to validate.\n * @throws If the caveat value is invalid.\n */\nfunction validateCaveat(caveat: Caveat<string, any>): void {\n if (!hasProperty(caveat, 'value') || !isPlainObject(caveat)) {\n throw rpcErrors.invalidParams({\n message: 'Expected a plain object.',\n });\n }\n\n const { value } = caveat;\n\n assert(\n Array.isArray(value) && value.every((val) => isChainId(val)),\n 'Expected caveat value to have type \"string array\"',\n );\n}\n\n/**\n * Map a raw value from the `initialPermissions` to a caveat specification.\n * Note that this function does not do any validation, that's handled by the\n * PermissionsController when the permission is requested.\n *\n * @param value - The raw value from the `initialPermissions`.\n * @returns The caveat specification.\n */\nexport function getNameLookupCaveatMapper(\n value: Json,\n): Pick<PermissionConstraint, 'caveats'> {\n if (\n !value ||\n !Array.isArray(value) ||\n (Array.isArray(value) && value.length === 0)\n ) {\n return { caveats: null };\n }\n return {\n caveats: [\n {\n type: SnapCaveatType.ChainIds,\n value,\n },\n ],\n };\n}\n\n/**\n * Getter function to get the chainIds caveat from a permission.\n *\n * This does basic validation of the caveat, but does not validate the type or\n * value of the namespaces object itself, as this is handled by the\n * `PermissionsController` when the permission is requested.\n *\n * @param permission - The permission to get the `chainIds` caveat from.\n * @returns An array of `chainIds` that the snap supports.\n */\nexport function getChainIdsCaveat(\n permission?: PermissionConstraint,\n): string[] | null {\n if (!permission?.caveats) {\n return null;\n }\n\n assert(permission.caveats.length === 1);\n assert(permission.caveats[0].type === SnapCaveatType.ChainIds);\n\n const caveat = permission.caveats[0] as Caveat<string, string[]>;\n\n return caveat.value ?? null;\n}\n\nexport const nameLookupCaveatSpecifications: Record<\n SnapCaveatType.ChainIds,\n CaveatSpecificationConstraint\n> = {\n [SnapCaveatType.ChainIds]: Object.freeze({\n type: SnapCaveatType.ChainIds,\n validator: (caveat: Caveat<string, any>) => validateCaveat(caveat),\n }),\n};\n"],"names":["nameLookupEndowmentBuilder","getNameLookupCaveatMapper","getChainIdsCaveat","nameLookupCaveatSpecifications","permissionName","SnapEndowments","NameLookup","specificationBuilder","_builderOptions","permissionType","PermissionType","Endowment","targetName","allowedCaveats","SnapCaveatType","ChainIds","endowmentGetter","_getterOptions","undefined","validator","caveats","length","type","rpcErrors","invalidParams","message","subjectTypes","SubjectType","Snap","Object","freeze","validateCaveat","caveat","hasProperty","isPlainObject","value","assert","Array","isArray","every","val","isChainId","permission"],"mappings":";;;;;;;;;;;IA2DaA,0BAA0B;eAA1BA;;IAkCGC,yBAAyB;eAAzBA;;IA8BAC,iBAAiB;eAAjBA;;IAeHC,8BAA8B;eAA9BA;;;sCAjI+B;2BAClB;4BACgB;uBAES;sBAEpB;AAE/B,MAAMC,iBAAiBC,oBAAc,CAACC,UAAU;AAUhD;;;;;;CAMC,GACD,MAAMC,uBAIF,CAACC;IACH,OAAO;QACLC,gBAAgBC,oCAAc,CAACC,SAAS;QACxCC,YAAYR;QACZS,gBAAgB;YAACC,0BAAc,CAACC,QAAQ;SAAC;QACzCC,iBAAiB,CAACC,iBAA2CC;QAC7DC,WAAW,CAAC,EAAEC,OAAO,EAAE;YACrB,IACE,CAACA,WACAA,YAAY,QAAQA,SAASC,SAAS,KACtCD,SAASC,WAAW,KAAKD,OAAO,CAAC,EAAE,CAACE,IAAI,KAAKR,0BAAc,CAACC,QAAQ,EACrE;gBACA,MAAMQ,oBAAS,CAACC,aAAa,CAAC;oBAC5BC,SAAS,CAAC,mBAAmB,EAAEX,0BAAc,CAACC,QAAQ,CAAC,SAAS,CAAC;gBACnE;YACF;QACF;QACAW,cAAc;YAACC,iCAAW,CAACC,IAAI;SAAC;IAClC;AACF;AAEO,MAAM5B,6BAA6B6B,OAAOC,MAAM,CAAC;IACtDlB,YAAYR;IACZG;AACF;AAEA;;;;;CAKC,GACD,SAASwB,eAAeC,MAA2B;IACjD,IAAI,CAACC,IAAAA,kBAAW,EAACD,QAAQ,YAAY,CAACE,IAAAA,oBAAa,EAACF,SAAS;QAC3D,MAAMT,oBAAS,CAACC,aAAa,CAAC;YAC5BC,SAAS;QACX;IACF;IAEA,MAAM,EAAEU,KAAK,EAAE,GAAGH;IAElBI,IAAAA,aAAM,EACJC,MAAMC,OAAO,CAACH,UAAUA,MAAMI,KAAK,CAAC,CAACC,MAAQC,IAAAA,qBAAS,EAACD,OACvD;AAEJ;AAUO,SAASvC,0BACdkC,KAAW;IAEX,IACE,CAACA,SACD,CAACE,MAAMC,OAAO,CAACH,UACdE,MAAMC,OAAO,CAACH,UAAUA,MAAMd,MAAM,KAAK,GAC1C;QACA,OAAO;YAAED,SAAS;QAAK;IACzB;IACA,OAAO;QACLA,SAAS;YACP;gBACEE,MAAMR,0BAAc,CAACC,QAAQ;gBAC7BoB;YACF;SACD;IACH;AACF;AAYO,SAASjC,kBACdwC,UAAiC;IAEjC,IAAI,CAACA,YAAYtB,SAAS;QACxB,OAAO;IACT;IAEAgB,IAAAA,aAAM,EAACM,WAAWtB,OAAO,CAACC,MAAM,KAAK;IACrCe,IAAAA,aAAM,EAACM,WAAWtB,OAAO,CAAC,EAAE,CAACE,IAAI,KAAKR,0BAAc,CAACC,QAAQ;IAE7D,MAAMiB,SAASU,WAAWtB,OAAO,CAAC,EAAE;IAEpC,OAAOY,OAAOG,KAAK,IAAI;AACzB;AAEO,MAAMhC,iCAGT;IACF,CAACW,0BAAc,CAACC,QAAQ,CAAC,EAAEc,OAAOC,MAAM,CAAC;QACvCR,MAAMR,0BAAc,CAACC,QAAQ;QAC7BI,WAAW,CAACa,SAAgCD,eAAeC;IAC7D;AACF"}
|
|
@@ -23,9 +23,9 @@ _export(exports, {
|
|
|
23
23
|
}
|
|
24
24
|
});
|
|
25
25
|
const _permissioncontroller = require("@metamask/permission-controller");
|
|
26
|
+
const _rpcerrors = require("@metamask/rpc-errors");
|
|
26
27
|
const _snapsutils = require("@metamask/snaps-utils");
|
|
27
28
|
const _utils = require("@metamask/utils");
|
|
28
|
-
const _ethrpcerrors = require("eth-rpc-errors");
|
|
29
29
|
const _enum = require("./enum");
|
|
30
30
|
const targetName = _enum.SnapEndowments.Rpc;
|
|
31
31
|
/**
|
|
@@ -43,7 +43,7 @@ const targetName = _enum.SnapEndowments.Rpc;
|
|
|
43
43
|
endowmentGetter: (_getterOptions)=>undefined,
|
|
44
44
|
validator: ({ caveats })=>{
|
|
45
45
|
if (caveats?.length !== 1 || caveats[0].type !== _snapsutils.SnapCaveatType.RpcOrigin) {
|
|
46
|
-
throw
|
|
46
|
+
throw _rpcerrors.rpcErrors.invalidParams({
|
|
47
47
|
message: `Expected a single "${_snapsutils.SnapCaveatType.RpcOrigin}" caveat.`
|
|
48
48
|
});
|
|
49
49
|
}
|
|
@@ -65,12 +65,12 @@ const rpcEndowmentBuilder = Object.freeze({
|
|
|
65
65
|
* @throws If the caveat value is invalid.
|
|
66
66
|
*/ function validateCaveatOrigins(caveat) {
|
|
67
67
|
if (!(0, _utils.hasProperty)(caveat, 'value') || !(0, _utils.isPlainObject)(caveat.value)) {
|
|
68
|
-
throw
|
|
68
|
+
throw _rpcerrors.rpcErrors.invalidParams({
|
|
69
69
|
message: 'Invalid JSON-RPC origins: Expected a plain object.'
|
|
70
70
|
});
|
|
71
71
|
}
|
|
72
72
|
const { value } = caveat;
|
|
73
|
-
(0, _snapsutils.assertIsRpcOrigins)(value,
|
|
73
|
+
(0, _snapsutils.assertIsRpcOrigins)(value, _rpcerrors.rpcErrors.invalidParams);
|
|
74
74
|
}
|
|
75
75
|
function getRpcCaveatMapper(value) {
|
|
76
76
|
return {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../src/snaps/endowments/rpc.ts"],"sourcesContent":["import type {\n Caveat,\n CaveatSpecificationConstraint,\n EndowmentGetterParams,\n PermissionConstraint,\n PermissionSpecificationBuilder,\n PermissionValidatorConstraint,\n ValidPermissionSpecification,\n} from '@metamask/permission-controller';\nimport { PermissionType, SubjectType } from '@metamask/permission-controller';\nimport type { RpcOrigins } from '@metamask/snaps-utils';\nimport { assertIsRpcOrigins, SnapCaveatType } from '@metamask/snaps-utils';\nimport type { Json, NonEmptyArray } from '@metamask/utils';\nimport { hasProperty, isPlainObject, assert } from '@metamask/utils';\
|
|
1
|
+
{"version":3,"sources":["../../../../src/snaps/endowments/rpc.ts"],"sourcesContent":["import type {\n Caveat,\n CaveatSpecificationConstraint,\n EndowmentGetterParams,\n PermissionConstraint,\n PermissionSpecificationBuilder,\n PermissionValidatorConstraint,\n ValidPermissionSpecification,\n} from '@metamask/permission-controller';\nimport { PermissionType, SubjectType } from '@metamask/permission-controller';\nimport { rpcErrors } from '@metamask/rpc-errors';\nimport type { RpcOrigins } from '@metamask/snaps-utils';\nimport { assertIsRpcOrigins, SnapCaveatType } from '@metamask/snaps-utils';\nimport type { Json, NonEmptyArray } from '@metamask/utils';\nimport { hasProperty, isPlainObject, assert } from '@metamask/utils';\n\nimport { SnapEndowments } from './enum';\n\nconst targetName = SnapEndowments.Rpc;\n\ntype RpcSpecification = ValidPermissionSpecification<{\n permissionType: PermissionType.Endowment;\n targetName: typeof targetName;\n endowmentGetter: (_options?: any) => undefined;\n allowedCaveats: Readonly<NonEmptyArray<string>> | null;\n validator: PermissionValidatorConstraint;\n subjectTypes: readonly SubjectType[];\n}>;\n\ntype RpcSpecificationBuilderOptions = {\n // Empty for now.\n};\n\n/**\n * The specification builder for the JSON-RPC endowment permission.\n *\n * @param _builderOptions - Optional specification builder options.\n * @returns The specification for the JSON-RPC endowment permission.\n */\nconst specificationBuilder: PermissionSpecificationBuilder<\n PermissionType.Endowment,\n RpcSpecificationBuilderOptions,\n RpcSpecification\n> = (_builderOptions?: any): RpcSpecification => {\n return {\n permissionType: PermissionType.Endowment,\n targetName,\n allowedCaveats: [SnapCaveatType.RpcOrigin],\n endowmentGetter: (_getterOptions?: EndowmentGetterParams) => undefined,\n validator: ({ caveats }) => {\n if (\n caveats?.length !== 1 ||\n caveats[0].type !== SnapCaveatType.RpcOrigin\n ) {\n throw rpcErrors.invalidParams({\n message: `Expected a single \"${SnapCaveatType.RpcOrigin}\" caveat.`,\n });\n }\n },\n subjectTypes: [SubjectType.Snap],\n };\n};\n\nexport const rpcEndowmentBuilder = Object.freeze({\n targetName,\n specificationBuilder,\n} as const);\n\n/**\n * Validate the value of a caveat. This does not validate the type of the\n * caveat itself, only the value of the caveat.\n *\n * @param caveat - The caveat to validate.\n * @throws If the caveat value is invalid.\n */\nfunction validateCaveatOrigins(caveat: Caveat<string, any>) {\n if (!hasProperty(caveat, 'value') || !isPlainObject(caveat.value)) {\n throw rpcErrors.invalidParams({\n message: 'Invalid JSON-RPC origins: Expected a plain object.',\n });\n }\n\n const { value } = caveat;\n assertIsRpcOrigins(value, rpcErrors.invalidParams);\n}\n\n/**\n * Map a raw value from the `initialPermissions` to a caveat specification.\n * Note that this function does not do any validation, that's handled by the\n * PermissionsController when the permission is requested.\n *\n * @param value - The raw value from the `initialPermissions`.\n * @returns The caveat specification.\n */\nexport function getRpcCaveatMapper(\n value: Json,\n): Pick<PermissionConstraint, 'caveats'> {\n return {\n caveats: [\n {\n type: SnapCaveatType.RpcOrigin,\n value,\n },\n ],\n };\n}\n\n/**\n * Getter function to get the {@link RpcOrigins} caveat value from a permission.\n *\n * @param permission - The permission to get the caveat value from.\n * @returns The caveat value.\n * @throws If the permission does not have a valid {@link RpcOrigins} caveat.\n */\nexport function getRpcCaveatOrigins(\n permission?: PermissionConstraint,\n): RpcOrigins | null {\n assert(permission?.caveats);\n assert(permission.caveats.length === 1);\n assert(permission.caveats[0].type === SnapCaveatType.RpcOrigin);\n\n const caveat = permission.caveats[0] as Caveat<string, RpcOrigins>;\n return caveat.value;\n}\n\nexport const rpcCaveatSpecifications: Record<\n SnapCaveatType.RpcOrigin,\n CaveatSpecificationConstraint\n> = {\n [SnapCaveatType.RpcOrigin]: Object.freeze({\n type: SnapCaveatType.RpcOrigin,\n validator: (caveat: Caveat<string, any>) => validateCaveatOrigins(caveat),\n }),\n};\n"],"names":["rpcEndowmentBuilder","getRpcCaveatMapper","getRpcCaveatOrigins","rpcCaveatSpecifications","targetName","SnapEndowments","Rpc","specificationBuilder","_builderOptions","permissionType","PermissionType","Endowment","allowedCaveats","SnapCaveatType","RpcOrigin","endowmentGetter","_getterOptions","undefined","validator","caveats","length","type","rpcErrors","invalidParams","message","subjectTypes","SubjectType","Snap","Object","freeze","validateCaveatOrigins","caveat","hasProperty","isPlainObject","value","assertIsRpcOrigins","permission","assert"],"mappings":";;;;;;;;;;;IA+DaA,mBAAmB;eAAnBA;;IA+BGC,kBAAkB;eAAlBA;;IAoBAC,mBAAmB;eAAnBA;;IAWHC,uBAAuB;eAAvBA;;;sCApH+B;2BAClB;4BAEyB;uBAEA;sBAEpB;AAE/B,MAAMC,aAAaC,oBAAc,CAACC,GAAG;AAerC;;;;;CAKC,GACD,MAAMC,uBAIF,CAACC;IACH,OAAO;QACLC,gBAAgBC,oCAAc,CAACC,SAAS;QACxCP;QACAQ,gBAAgB;YAACC,0BAAc,CAACC,SAAS;SAAC;QAC1CC,iBAAiB,CAACC,iBAA2CC;QAC7DC,WAAW,CAAC,EAAEC,OAAO,EAAE;YACrB,IACEA,SAASC,WAAW,KACpBD,OAAO,CAAC,EAAE,CAACE,IAAI,KAAKR,0BAAc,CAACC,SAAS,EAC5C;gBACA,MAAMQ,oBAAS,CAACC,aAAa,CAAC;oBAC5BC,SAAS,CAAC,mBAAmB,EAAEX,0BAAc,CAACC,SAAS,CAAC,SAAS,CAAC;gBACpE;YACF;QACF;QACAW,cAAc;YAACC,iCAAW,CAACC,IAAI;SAAC;IAClC;AACF;AAEO,MAAM3B,sBAAsB4B,OAAOC,MAAM,CAAC;IAC/CzB;IACAG;AACF;AAEA;;;;;;CAMC,GACD,SAASuB,sBAAsBC,MAA2B;IACxD,IAAI,CAACC,IAAAA,kBAAW,EAACD,QAAQ,YAAY,CAACE,IAAAA,oBAAa,EAACF,OAAOG,KAAK,GAAG;QACjE,MAAMZ,oBAAS,CAACC,aAAa,CAAC;YAC5BC,SAAS;QACX;IACF;IAEA,MAAM,EAAEU,KAAK,EAAE,GAAGH;IAClBI,IAAAA,8BAAkB,EAACD,OAAOZ,oBAAS,CAACC,aAAa;AACnD;AAUO,SAAStB,mBACdiC,KAAW;IAEX,OAAO;QACLf,SAAS;YACP;gBACEE,MAAMR,0BAAc,CAACC,SAAS;gBAC9BoB;YACF;SACD;IACH;AACF;AASO,SAAShC,oBACdkC,UAAiC;IAEjCC,IAAAA,aAAM,EAACD,YAAYjB;IACnBkB,IAAAA,aAAM,EAACD,WAAWjB,OAAO,CAACC,MAAM,KAAK;IACrCiB,IAAAA,aAAM,EAACD,WAAWjB,OAAO,CAAC,EAAE,CAACE,IAAI,KAAKR,0BAAc,CAACC,SAAS;IAE9D,MAAMiB,SAASK,WAAWjB,OAAO,CAAC,EAAE;IACpC,OAAOY,OAAOG,KAAK;AACrB;AAEO,MAAM/B,0BAGT;IACF,CAACU,0BAAc,CAACC,SAAS,CAAC,EAAEc,OAAOC,MAAM,CAAC;QACxCR,MAAMR,0BAAc,CAACC,SAAS;QAC9BI,WAAW,CAACa,SAAgCD,sBAAsBC;IACpE;AACF"}
|
|
@@ -23,9 +23,9 @@ _export(exports, {
|
|
|
23
23
|
}
|
|
24
24
|
});
|
|
25
25
|
const _permissioncontroller = require("@metamask/permission-controller");
|
|
26
|
+
const _rpcerrors = require("@metamask/rpc-errors");
|
|
26
27
|
const _snapsutils = require("@metamask/snaps-utils");
|
|
27
28
|
const _utils = require("@metamask/utils");
|
|
28
|
-
const _ethrpcerrors = require("eth-rpc-errors");
|
|
29
29
|
const _enum = require("./enum");
|
|
30
30
|
const permissionName = _enum.SnapEndowments.TransactionInsight;
|
|
31
31
|
/**
|
|
@@ -44,7 +44,7 @@ const permissionName = _enum.SnapEndowments.TransactionInsight;
|
|
|
44
44
|
endowmentGetter: (_getterOptions)=>undefined,
|
|
45
45
|
validator: ({ caveats })=>{
|
|
46
46
|
if (caveats !== null && caveats?.length > 1 || caveats?.length === 1 && caveats[0].type !== _snapsutils.SnapCaveatType.TransactionOrigin) {
|
|
47
|
-
throw
|
|
47
|
+
throw _rpcerrors.rpcErrors.invalidParams({
|
|
48
48
|
message: `Expected a single "${_snapsutils.SnapCaveatType.TransactionOrigin}" caveat.`
|
|
49
49
|
});
|
|
50
50
|
}
|
|
@@ -65,7 +65,7 @@ const transactionInsightEndowmentBuilder = Object.freeze({
|
|
|
65
65
|
* @throws If the caveat value is invalid.
|
|
66
66
|
*/ function validateCaveat(caveat) {
|
|
67
67
|
if (!(0, _utils.hasProperty)(caveat, 'value') || !(0, _utils.isPlainObject)(caveat)) {
|
|
68
|
-
throw
|
|
68
|
+
throw _rpcerrors.rpcErrors.invalidParams({
|
|
69
69
|
message: 'Expected a plain object.'
|
|
70
70
|
});
|
|
71
71
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../src/snaps/endowments/transaction-insight.ts"],"sourcesContent":["import type {\n PermissionSpecificationBuilder,\n EndowmentGetterParams,\n ValidPermissionSpecification,\n PermissionValidatorConstraint,\n PermissionConstraint,\n CaveatSpecificationConstraint,\n Caveat,\n} from '@metamask/permission-controller';\nimport { PermissionType, SubjectType } from '@metamask/permission-controller';\nimport { SnapCaveatType } from '@metamask/snaps-utils';\nimport type { Json, NonEmptyArray } from '@metamask/utils';\nimport { assert, hasProperty, isObject, isPlainObject } from '@metamask/utils';\
|
|
1
|
+
{"version":3,"sources":["../../../../src/snaps/endowments/transaction-insight.ts"],"sourcesContent":["import type {\n PermissionSpecificationBuilder,\n EndowmentGetterParams,\n ValidPermissionSpecification,\n PermissionValidatorConstraint,\n PermissionConstraint,\n CaveatSpecificationConstraint,\n Caveat,\n} from '@metamask/permission-controller';\nimport { PermissionType, SubjectType } from '@metamask/permission-controller';\nimport { rpcErrors } from '@metamask/rpc-errors';\nimport { SnapCaveatType } from '@metamask/snaps-utils';\nimport type { Json, NonEmptyArray } from '@metamask/utils';\nimport { assert, hasProperty, isObject, isPlainObject } from '@metamask/utils';\n\nimport { SnapEndowments } from './enum';\n\nconst permissionName = SnapEndowments.TransactionInsight;\n\ntype TransactionInsightEndowmentSpecification = ValidPermissionSpecification<{\n permissionType: PermissionType.Endowment;\n targetName: typeof permissionName;\n endowmentGetter: (_options?: EndowmentGetterParams) => undefined;\n allowedCaveats: Readonly<NonEmptyArray<string>> | null;\n validator: PermissionValidatorConstraint;\n}>;\n\n/**\n * `endowment:transaction-insight` returns nothing; it is intended to be used as a flag\n * by the extension to detect whether the snap has the capability to show information on the transaction confirmation screen.\n *\n * @param _builderOptions - Optional specification builder options.\n * @returns The specification for the transaction-insight endowment.\n */\nconst specificationBuilder: PermissionSpecificationBuilder<\n PermissionType.Endowment,\n any,\n TransactionInsightEndowmentSpecification\n> = (_builderOptions?: unknown) => {\n return {\n permissionType: PermissionType.Endowment,\n targetName: permissionName,\n allowedCaveats: [SnapCaveatType.TransactionOrigin],\n endowmentGetter: (_getterOptions?: EndowmentGetterParams) => undefined,\n validator: ({ caveats }) => {\n if (\n (caveats !== null && caveats?.length > 1) ||\n (caveats?.length === 1 &&\n caveats[0].type !== SnapCaveatType.TransactionOrigin)\n ) {\n throw rpcErrors.invalidParams({\n message: `Expected a single \"${SnapCaveatType.TransactionOrigin}\" caveat.`,\n });\n }\n },\n subjectTypes: [SubjectType.Snap],\n };\n};\n\nexport const transactionInsightEndowmentBuilder = Object.freeze({\n targetName: permissionName,\n specificationBuilder,\n} as const);\n\n/**\n * Validates the type of the caveat value.\n *\n * @param caveat - The caveat to validate.\n * @throws If the caveat value is invalid.\n */\nfunction validateCaveat(caveat: Caveat<string, any>): void {\n if (!hasProperty(caveat, 'value') || !isPlainObject(caveat)) {\n throw rpcErrors.invalidParams({\n message: 'Expected a plain object.',\n });\n }\n\n const { value } = caveat;\n\n assert(\n typeof value === 'boolean',\n 'Expected caveat value to have type \"boolean\"',\n );\n}\n\n/**\n * Map a raw value from the `initialPermissions` to a caveat specification.\n * Note that this function does not do any validation, that's handled by the\n * PermissionsController when the permission is requested.\n *\n * @param value - The raw value from the `initialPermissions`.\n * @returns The caveat specification.\n */\nexport function getTransactionInsightCaveatMapper(\n value: Json,\n): Pick<PermissionConstraint, 'caveats'> {\n if (\n !value ||\n !isObject(value) ||\n (isObject(value) && Object.keys(value).length === 0)\n ) {\n return { caveats: null };\n }\n return {\n caveats: [\n {\n type: SnapCaveatType.TransactionOrigin,\n value:\n hasProperty(value, 'allowTransactionOrigin') &&\n (value.allowTransactionOrigin as boolean),\n },\n ],\n };\n}\n\n/**\n * Getter function to get the transaction origin caveat from a permission.\n *\n * This does basic validation of the caveat, but does not validate the type or\n * value of the namespaces object itself, as this is handled by the\n * `PermissionsController` when the permission is requested.\n *\n * @param permission - The permission to get the transaction origin caveat from.\n * @returns The transaction origin, or `null` if the permission does not have a\n * transaction origin caveat.\n */\nexport function getTransactionOriginCaveat(\n permission?: PermissionConstraint,\n): boolean | null {\n if (!permission?.caveats) {\n return null;\n }\n\n assert(permission.caveats.length === 1);\n assert(permission.caveats[0].type === SnapCaveatType.TransactionOrigin);\n\n const caveat = permission.caveats[0] as Caveat<string, boolean>;\n\n return caveat.value ?? null;\n}\n\nexport const transactionInsightCaveatSpecifications: Record<\n SnapCaveatType.TransactionOrigin,\n CaveatSpecificationConstraint\n> = {\n [SnapCaveatType.TransactionOrigin]: Object.freeze({\n type: SnapCaveatType.TransactionOrigin,\n validator: (caveat: Caveat<string, any>) => validateCaveat(caveat),\n }),\n};\n"],"names":["transactionInsightEndowmentBuilder","getTransactionInsightCaveatMapper","getTransactionOriginCaveat","transactionInsightCaveatSpecifications","permissionName","SnapEndowments","TransactionInsight","specificationBuilder","_builderOptions","permissionType","PermissionType","Endowment","targetName","allowedCaveats","SnapCaveatType","TransactionOrigin","endowmentGetter","_getterOptions","undefined","validator","caveats","length","type","rpcErrors","invalidParams","message","subjectTypes","SubjectType","Snap","Object","freeze","validateCaveat","caveat","hasProperty","isPlainObject","value","assert","isObject","keys","allowTransactionOrigin","permission"],"mappings":";;;;;;;;;;;IA2DaA,kCAAkC;eAAlCA;;IAkCGC,iCAAiC;eAAjCA;;IAiCAC,0BAA0B;eAA1BA;;IAeHC,sCAAsC;eAAtCA;;;sCApI+B;2BAClB;4BACK;uBAE8B;sBAE9B;AAE/B,MAAMC,iBAAiBC,oBAAc,CAACC,kBAAkB;AAUxD;;;;;;CAMC,GACD,MAAMC,uBAIF,CAACC;IACH,OAAO;QACLC,gBAAgBC,oCAAc,CAACC,SAAS;QACxCC,YAAYR;QACZS,gBAAgB;YAACC,0BAAc,CAACC,iBAAiB;SAAC;QAClDC,iBAAiB,CAACC,iBAA2CC;QAC7DC,WAAW,CAAC,EAAEC,OAAO,EAAE;YACrB,IACE,AAACA,YAAY,QAAQA,SAASC,SAAS,KACtCD,SAASC,WAAW,KACnBD,OAAO,CAAC,EAAE,CAACE,IAAI,KAAKR,0BAAc,CAACC,iBAAiB,EACtD;gBACA,MAAMQ,oBAAS,CAACC,aAAa,CAAC;oBAC5BC,SAAS,CAAC,mBAAmB,EAAEX,0BAAc,CAACC,iBAAiB,CAAC,SAAS,CAAC;gBAC5E;YACF;QACF;QACAW,cAAc;YAACC,iCAAW,CAACC,IAAI;SAAC;IAClC;AACF;AAEO,MAAM5B,qCAAqC6B,OAAOC,MAAM,CAAC;IAC9DlB,YAAYR;IACZG;AACF;AAEA;;;;;CAKC,GACD,SAASwB,eAAeC,MAA2B;IACjD,IAAI,CAACC,IAAAA,kBAAW,EAACD,QAAQ,YAAY,CAACE,IAAAA,oBAAa,EAACF,SAAS;QAC3D,MAAMT,oBAAS,CAACC,aAAa,CAAC;YAC5BC,SAAS;QACX;IACF;IAEA,MAAM,EAAEU,KAAK,EAAE,GAAGH;IAElBI,IAAAA,aAAM,EACJ,OAAOD,UAAU,WACjB;AAEJ;AAUO,SAASlC,kCACdkC,KAAW;IAEX,IACE,CAACA,SACD,CAACE,IAAAA,eAAQ,EAACF,UACTE,IAAAA,eAAQ,EAACF,UAAUN,OAAOS,IAAI,CAACH,OAAOd,MAAM,KAAK,GAClD;QACA,OAAO;YAAED,SAAS;QAAK;IACzB;IACA,OAAO;QACLA,SAAS;YACP;gBACEE,MAAMR,0BAAc,CAACC,iBAAiB;gBACtCoB,OACEF,IAAAA,kBAAW,EAACE,OAAO,6BAClBA,MAAMI,sBAAsB;YACjC;SACD;IACH;AACF;AAaO,SAASrC,2BACdsC,UAAiC;IAEjC,IAAI,CAACA,YAAYpB,SAAS;QACxB,OAAO;IACT;IAEAgB,IAAAA,aAAM,EAACI,WAAWpB,OAAO,CAACC,MAAM,KAAK;IACrCe,IAAAA,aAAM,EAACI,WAAWpB,OAAO,CAAC,EAAE,CAACE,IAAI,KAAKR,0BAAc,CAACC,iBAAiB;IAEtE,MAAMiB,SAASQ,WAAWpB,OAAO,CAAC,EAAE;IAEpC,OAAOY,OAAOG,KAAK,IAAI;AACzB;AAEO,MAAMhC,yCAGT;IACF,CAACW,0BAAc,CAACC,iBAAiB,CAAC,EAAEc,OAAOC,MAAM,CAAC;QAChDR,MAAMR,0BAAc,CAACC,iBAAiB;QACtCI,WAAW,CAACa,SAAgCD,eAAeC;IAC7D;AACF"}
|
|
@@ -22,6 +22,7 @@ _export(exports, {
|
|
|
22
22
|
const _snapsutils = require("@metamask/snaps-utils");
|
|
23
23
|
const _utils = require("@metamask/utils");
|
|
24
24
|
const _concatstream = /*#__PURE__*/ _interop_require_default(require("concat-stream"));
|
|
25
|
+
const _getnpmtarballurl = /*#__PURE__*/ _interop_require_default(require("get-npm-tarball-url"));
|
|
25
26
|
const _gunzipmaybe = /*#__PURE__*/ _interop_require_default(require("gunzip-maybe"));
|
|
26
27
|
const _readablewebtonodestream = require("readable-web-to-node-stream");
|
|
27
28
|
const _stream = require("stream");
|
|
@@ -59,7 +60,7 @@ function _interop_require_default(obj) {
|
|
|
59
60
|
default: obj
|
|
60
61
|
};
|
|
61
62
|
}
|
|
62
|
-
const DEFAULT_NPM_REGISTRY = 'https://registry.npmjs.org';
|
|
63
|
+
const DEFAULT_NPM_REGISTRY = new URL('https://registry.npmjs.org');
|
|
63
64
|
var _lazyInit = /*#__PURE__*/ new WeakSet();
|
|
64
65
|
class NpmLocation {
|
|
65
66
|
async manifest() {
|
|
@@ -106,7 +107,7 @@ class NpmLocation {
|
|
|
106
107
|
(0, _utils.assertStruct)(url.toString(), _snapsutils.NpmSnapIdStruct, 'Invalid Snap Id: ');
|
|
107
108
|
let registry;
|
|
108
109
|
if (url.host === '' && url.port === '' && url.username === '' && url.password === '') {
|
|
109
|
-
registry =
|
|
110
|
+
registry = DEFAULT_NPM_REGISTRY;
|
|
110
111
|
} else {
|
|
111
112
|
registry = 'https://';
|
|
112
113
|
if (url.username) {
|
|
@@ -172,6 +173,41 @@ async function fetchNpmMetadata(packageName, registryUrl, fetchFunction) {
|
|
|
172
173
|
}
|
|
173
174
|
return packageMetadata;
|
|
174
175
|
}
|
|
176
|
+
/**
|
|
177
|
+
* Resolves a version range to a version using the NPM registry.
|
|
178
|
+
*
|
|
179
|
+
* Unless the version range is already a version, then the NPM registry is skipped.
|
|
180
|
+
*
|
|
181
|
+
* @param packageName - The name of the package whose metadata to fetch.
|
|
182
|
+
* @param versionRange - The version range of the package.
|
|
183
|
+
* @param registryUrl - The URL of the npm registry to fetch the metadata from.
|
|
184
|
+
* @param fetchFunction - The fetch function to use. Defaults to the global
|
|
185
|
+
* {@link fetch}. Useful for Node.js compatibility.
|
|
186
|
+
* @returns An object containing the resolved version and a URL for its tarball.
|
|
187
|
+
* @throws If fetching the metadata fails.
|
|
188
|
+
*/ async function resolveNpmVersion(packageName, versionRange, registryUrl, fetchFunction) {
|
|
189
|
+
// If the version range is already a static version we don't need to look for the metadata.
|
|
190
|
+
if (registryUrl.toString() === DEFAULT_NPM_REGISTRY.toString() && (0, _utils.isValidSemVerVersion)(versionRange)) {
|
|
191
|
+
return {
|
|
192
|
+
tarballURL: (0, _getnpmtarballurl.default)(packageName, versionRange),
|
|
193
|
+
targetVersion: versionRange
|
|
194
|
+
};
|
|
195
|
+
}
|
|
196
|
+
const packageMetadata = await fetchNpmMetadata(packageName, registryUrl, fetchFunction);
|
|
197
|
+
const versions = Object.keys(packageMetadata?.versions ?? {}).map((version)=>{
|
|
198
|
+
(0, _utils.assertIsSemVerVersion)(version);
|
|
199
|
+
return version;
|
|
200
|
+
});
|
|
201
|
+
const targetVersion = (0, _snapsutils.getTargetVersion)(versions, versionRange);
|
|
202
|
+
if (targetVersion === null) {
|
|
203
|
+
throw new Error(`Failed to find a matching version in npm metadata for package "${packageName}" and requested semver range "${versionRange}".`);
|
|
204
|
+
}
|
|
205
|
+
const tarballURL = packageMetadata?.versions?.[targetVersion]?.dist?.tarball;
|
|
206
|
+
return {
|
|
207
|
+
tarballURL,
|
|
208
|
+
targetVersion
|
|
209
|
+
};
|
|
210
|
+
}
|
|
175
211
|
/**
|
|
176
212
|
* Fetches the tarball (`.tgz` file) of the specified package and version from
|
|
177
213
|
* the public npm registry.
|
|
@@ -186,22 +222,13 @@ async function fetchNpmMetadata(packageName, registryUrl, fetchFunction) {
|
|
|
186
222
|
* actual version of the package.
|
|
187
223
|
* @throws If fetching the tarball fails.
|
|
188
224
|
*/ async function fetchNpmTarball(packageName, versionRange, registryUrl, fetchFunction) {
|
|
189
|
-
const
|
|
190
|
-
|
|
191
|
-
(0, _utils.assertIsSemVerVersion)(version);
|
|
192
|
-
return version;
|
|
193
|
-
});
|
|
194
|
-
const targetVersion = (0, _snapsutils.getTargetVersion)(versions, versionRange);
|
|
195
|
-
if (targetVersion === null) {
|
|
196
|
-
throw new Error(`Failed to find a matching version in npm metadata for package "${packageName}" and requested semver range "${versionRange}".`);
|
|
197
|
-
}
|
|
198
|
-
const tarballUrlString = packageMetadata?.versions?.[targetVersion]?.dist?.tarball;
|
|
199
|
-
if (!(0, _snapsutils.isValidUrl)(tarballUrlString) || !tarballUrlString.toString().endsWith('.tgz')) {
|
|
225
|
+
const { tarballURL, targetVersion } = await resolveNpmVersion(packageName, versionRange, registryUrl, fetchFunction);
|
|
226
|
+
if (!(0, _snapsutils.isValidUrl)(tarballURL) || !tarballURL.toString().endsWith('.tgz')) {
|
|
200
227
|
throw new Error(`Failed to find valid tarball URL in NPM metadata for package "${packageName}".`);
|
|
201
228
|
}
|
|
202
229
|
// Override the tarball hostname/protocol with registryUrl hostname/protocol
|
|
203
230
|
const newRegistryUrl = new URL(registryUrl);
|
|
204
|
-
const newTarballUrl = new URL(
|
|
231
|
+
const newTarballUrl = new URL(tarballURL);
|
|
205
232
|
newTarballUrl.hostname = newRegistryUrl.hostname;
|
|
206
233
|
newTarballUrl.protocol = newRegistryUrl.protocol;
|
|
207
234
|
// Perform a raw fetch because we want the Response object itself.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../src/snaps/location/npm.ts"],"sourcesContent":["import type { SnapManifest } from '@metamask/snaps-utils';\nimport {\n createSnapManifest,\n DEFAULT_REQUESTED_SNAP_VERSION,\n getTargetVersion,\n isValidUrl,\n NpmSnapIdStruct,\n VirtualFile,\n normalizeRelative,\n parseJson,\n} from '@metamask/snaps-utils';\nimport type { SemVerRange, SemVerVersion } from '@metamask/utils';\nimport {\n assert,\n assertIsSemVerVersion,\n assertStruct,\n isObject,\n} from '@metamask/utils';\nimport concat from 'concat-stream';\nimport createGunzipStream from 'gunzip-maybe';\nimport { ReadableWebToNodeStream } from 'readable-web-to-node-stream';\nimport { pipeline } from 'stream';\nimport type { Readable, Writable } from 'stream';\nimport { extract as tarExtract } from 'tar-stream';\n\nimport type { DetectSnapLocationOptions, SnapLocation } from './location';\n\nexport const DEFAULT_NPM_REGISTRY = 'https://registry.npmjs.org';\n\ninterface NpmMeta {\n registry: URL;\n packageName: string;\n requestedRange: SemVerRange;\n version?: string;\n fetch: typeof fetch;\n}\nexport interface NpmOptions {\n /**\n * @default DEFAULT_REQUESTED_SNAP_VERSION\n */\n versionRange?: SemVerRange;\n /**\n * Whether to allow custom NPM registries outside of {@link DEFAULT_NPM_REGISTRY}.\n *\n * @default false\n */\n allowCustomRegistries?: boolean;\n}\n\nexport class NpmLocation implements SnapLocation {\n private readonly meta: NpmMeta;\n\n private validatedManifest?: VirtualFile<SnapManifest>;\n\n private files?: Map<string, VirtualFile>;\n\n constructor(url: URL, opts: DetectSnapLocationOptions = {}) {\n const allowCustomRegistries = opts.allowCustomRegistries ?? false;\n const fetchFunction = opts.fetch ?? globalThis.fetch.bind(globalThis);\n const requestedRange = opts.versionRange ?? DEFAULT_REQUESTED_SNAP_VERSION;\n\n assertStruct(url.toString(), NpmSnapIdStruct, 'Invalid Snap Id: ');\n\n let registry: string | URL;\n if (\n url.host === '' &&\n url.port === '' &&\n url.username === '' &&\n url.password === ''\n ) {\n registry = new URL(DEFAULT_NPM_REGISTRY);\n } else {\n registry = 'https://';\n if (url.username) {\n registry += url.username;\n if (url.password) {\n registry += `:${url.password}`;\n }\n registry += '@';\n }\n registry += url.host;\n registry = new URL(registry);\n assert(\n allowCustomRegistries,\n new TypeError(\n `Custom NPM registries are disabled, tried to use \"${registry.toString()}\".`,\n ),\n );\n }\n\n assert(\n registry.pathname === '/' &&\n registry.search === '' &&\n registry.hash === '',\n );\n\n assert(\n url.pathname !== '' && url.pathname !== '/',\n new TypeError('The package name in NPM location is empty.'),\n );\n let packageName = url.pathname;\n if (packageName.startsWith('/')) {\n packageName = packageName.slice(1);\n }\n\n this.meta = {\n requestedRange,\n registry,\n packageName,\n fetch: fetchFunction,\n };\n }\n\n async manifest(): Promise<VirtualFile<SnapManifest>> {\n if (this.validatedManifest) {\n return this.validatedManifest.clone();\n }\n\n const vfile = await this.fetch('snap.manifest.json');\n const result = parseJson(vfile.toString());\n vfile.result = createSnapManifest(result);\n this.validatedManifest = vfile as VirtualFile<SnapManifest>;\n\n return this.manifest();\n }\n\n async fetch(path: string): Promise<VirtualFile> {\n const relativePath = normalizeRelative(path);\n if (!this.files) {\n await this.#lazyInit();\n assert(this.files !== undefined);\n }\n const vfile = this.files.get(relativePath);\n assert(\n vfile !== undefined,\n new TypeError(`File \"${path}\" not found in package.`),\n );\n return vfile.clone();\n }\n\n get packageName(): string {\n return this.meta.packageName;\n }\n\n get version(): string {\n assert(\n this.meta.version !== undefined,\n 'Tried to access version without first fetching NPM package.',\n );\n return this.meta.version;\n }\n\n get registry(): URL {\n return this.meta.registry;\n }\n\n get versionRange(): SemVerRange {\n return this.meta.requestedRange;\n }\n\n async #lazyInit() {\n assert(this.files === undefined);\n const [tarballResponse, actualVersion] = await fetchNpmTarball(\n this.meta.packageName,\n this.meta.requestedRange,\n this.meta.registry,\n this.meta.fetch,\n );\n this.meta.version = actualVersion;\n\n let canonicalBase = 'npm://';\n if (this.meta.registry.username !== '') {\n canonicalBase += this.meta.registry.username;\n if (this.meta.registry.password !== '') {\n canonicalBase += `:${this.meta.registry.password}`;\n }\n canonicalBase += '@';\n }\n canonicalBase += this.meta.registry.host;\n\n // TODO(ritave): Lazily extract files instead of up-front extracting all of them\n // We would need to replace tar-stream package because it requires immediate consumption of streams.\n await new Promise<void>((resolve, reject) => {\n this.files = new Map();\n pipeline(\n getNodeStream(tarballResponse),\n // The \"gz\" in \"tgz\" stands for \"gzip\". The tarball needs to be decompressed\n // before we can actually grab any files from it.\n // To prevent recursion-based zip bombs, we set a maximum recursion depth of 1.\n createGunzipStream(1),\n createTarballStream(\n `${canonicalBase}/${this.meta.packageName}/`,\n this.files,\n ),\n (error) => {\n error ? reject(error) : resolve();\n },\n );\n });\n }\n}\n\n// Safety limit for tarballs, 250 MB in bytes\nconst TARBALL_SIZE_SAFETY_LIMIT = 262144000;\n\n// Incomplete type\nexport type PartialNpmMetadata = {\n versions: Record<string, { dist: { tarball: string } }>;\n};\n\n/**\n * Fetches the NPM metadata of the specified package from\n * the public npm registry.\n *\n * @param packageName - The name of the package whose metadata to fetch.\n * @param registryUrl - The URL of the npm registry to fetch the metadata from.\n * @param fetchFunction - The fetch function to use. Defaults to the global\n * {@link fetch}. Useful for Node.js compatibility.\n * @returns The NPM metadata object.\n * @throws If fetching the metadata fails.\n */\nexport async function fetchNpmMetadata(\n packageName: string,\n registryUrl: URL | string,\n fetchFunction: typeof fetch,\n): Promise<PartialNpmMetadata> {\n const packageResponse = await fetchFunction(\n new URL(packageName, registryUrl).toString(),\n );\n if (!packageResponse.ok) {\n throw new Error(\n `Failed to fetch NPM registry entry. Status code: ${packageResponse.status}.`,\n );\n }\n const packageMetadata = await packageResponse.json();\n\n if (!isObject(packageMetadata)) {\n throw new Error(\n `Failed to fetch package \"${packageName}\" metadata from npm.`,\n );\n }\n\n return packageMetadata as PartialNpmMetadata;\n}\n\n/**\n * Fetches the tarball (`.tgz` file) of the specified package and version from\n * the public npm registry.\n *\n * @param packageName - The name of the package whose tarball to fetch.\n * @param versionRange - The SemVer range of the package to fetch. The highest\n * version satisfying the range will be fetched.\n * @param registryUrl - The URL of the npm registry to fetch the tarball from.\n * @param fetchFunction - The fetch function to use. Defaults to the global\n * {@link fetch}. Useful for Node.js compatibility.\n * @returns A tuple of the {@link Response} for the package tarball and the\n * actual version of the package.\n * @throws If fetching the tarball fails.\n */\nasync function fetchNpmTarball(\n packageName: string,\n versionRange: SemVerRange,\n registryUrl: URL | string,\n fetchFunction: typeof fetch,\n): Promise<[ReadableStream, SemVerVersion]> {\n const packageMetadata = await fetchNpmMetadata(\n packageName,\n registryUrl,\n fetchFunction,\n );\n\n const versions = Object.keys(packageMetadata?.versions ?? {}).map(\n (version) => {\n assertIsSemVerVersion(version);\n return version;\n },\n );\n\n const targetVersion = getTargetVersion(versions, versionRange);\n\n if (targetVersion === null) {\n throw new Error(\n `Failed to find a matching version in npm metadata for package \"${packageName}\" and requested semver range \"${versionRange}\".`,\n );\n }\n\n const tarballUrlString =\n packageMetadata?.versions?.[targetVersion]?.dist?.tarball;\n\n if (\n !isValidUrl(tarballUrlString) ||\n !tarballUrlString.toString().endsWith('.tgz')\n ) {\n throw new Error(\n `Failed to find valid tarball URL in NPM metadata for package \"${packageName}\".`,\n );\n }\n\n // Override the tarball hostname/protocol with registryUrl hostname/protocol\n const newRegistryUrl = new URL(registryUrl);\n const newTarballUrl = new URL(tarballUrlString);\n newTarballUrl.hostname = newRegistryUrl.hostname;\n newTarballUrl.protocol = newRegistryUrl.protocol;\n\n // Perform a raw fetch because we want the Response object itself.\n const tarballResponse = await fetchFunction(newTarballUrl.toString());\n if (!tarballResponse.ok || !tarballResponse.body) {\n throw new Error(`Failed to fetch tarball for package \"${packageName}\".`);\n }\n // We assume that NPM is a good actor and provides us with a valid `content-length` header.\n const tarballSizeString = tarballResponse.headers.get('content-length');\n assert(tarballSizeString, 'Snap tarball has invalid content-length');\n const tarballSize = parseInt(tarballSizeString, 10);\n assert(\n tarballSize <= TARBALL_SIZE_SAFETY_LIMIT,\n 'Snap tarball exceeds size limit',\n );\n return [tarballResponse.body, targetVersion];\n}\n\n/**\n * The paths of files within npm tarballs appear to always be prefixed with\n * \"package/\".\n */\nconst NPM_TARBALL_PATH_PREFIX = /^package\\//u;\n\n/**\n * Converts a {@link ReadableStream} to a Node.js {@link Readable}\n * stream. Returns the stream directly if it is already a Node.js stream.\n * We can't use the native Web {@link ReadableStream} directly because the\n * other stream libraries we use expect Node.js streams.\n *\n * @param stream - The stream to convert.\n * @returns The given stream as a Node.js Readable stream.\n */\nfunction getNodeStream(stream: ReadableStream): Readable {\n if (typeof stream.getReader !== 'function') {\n return stream as unknown as Readable;\n }\n\n return new ReadableWebToNodeStream(stream);\n}\n\n/**\n * Creates a `tar-stream` that will get the necessary files from an npm Snap\n * package tarball (`.tgz` file).\n *\n * @param canonicalBase - A base URI as specified in {@link https://github.com/MetaMask/SIPs/blob/main/SIPS/sip-8.md SIP-8}. Starting with 'npm:'. Will be used for canonicalPath vfile argument.\n * @param files - An object to write target file contents to.\n * @returns The {@link Writable} tarball extraction stream.\n */\nfunction createTarballStream(\n canonicalBase: string,\n files: Map<string, VirtualFile>,\n): Writable {\n assert(\n canonicalBase.endsWith('/'),\n \"Base needs to end with '/' for relative paths to be added as children instead of siblings.\",\n );\n\n assert(\n canonicalBase.startsWith('npm:'),\n 'Protocol mismatch, expected \"npm:\".',\n );\n // `tar-stream` is pretty old-school, so we create it first and then\n // instrument it by adding event listeners.\n const extractStream = tarExtract();\n\n let totalSize = 0;\n\n // \"entry\" is fired for every discreet entity in the tarball. This includes\n // files and folders.\n extractStream.on('entry', (header, entryStream, next) => {\n const { name: headerName, type: headerType } = header;\n if (headerType === 'file') {\n // The name is a path if the header type is \"file\".\n const path = headerName.replace(NPM_TARBALL_PATH_PREFIX, '');\n return entryStream.pipe(\n concat({ encoding: 'uint8array' }, (data) => {\n try {\n totalSize += data.byteLength;\n // To prevent zip bombs, we set a safety limit for the total size of tarballs.\n assert(\n totalSize < TARBALL_SIZE_SAFETY_LIMIT,\n `Snap tarball exceeds limit of ${TARBALL_SIZE_SAFETY_LIMIT} bytes.`,\n );\n const vfile = new VirtualFile({\n value: data,\n path,\n data: {\n canonicalPath: new URL(path, canonicalBase).toString(),\n },\n });\n // We disallow files having identical paths as it may confuse our checksum calculations.\n assert(\n !files.has(path),\n 'Malformed tarball, multiple files with the same path.',\n );\n files.set(path, vfile);\n return next();\n } catch (error) {\n return extractStream.destroy(error);\n }\n }),\n );\n }\n\n // If we get here, the entry is not a file, and we want to ignore. The entry\n // stream must be drained, or the extractStream will stop reading. This is\n // effectively a no-op for the current entry.\n entryStream.on('end', () => next());\n return entryStream.resume();\n });\n return extractStream;\n}\n"],"names":["DEFAULT_NPM_REGISTRY","NpmLocation","fetchNpmMetadata","manifest","validatedManifest","clone","vfile","fetch","result","parseJson","toString","createSnapManifest","path","relativePath","normalizeRelative","files","lazyInit","assert","undefined","get","TypeError","packageName","meta","version","registry","versionRange","requestedRange","constructor","url","opts","allowCustomRegistries","fetchFunction","globalThis","bind","DEFAULT_REQUESTED_SNAP_VERSION","assertStruct","NpmSnapIdStruct","host","port","username","password","URL","pathname","search","hash","startsWith","slice","tarballResponse","actualVersion","fetchNpmTarball","canonicalBase","Promise","resolve","reject","Map","pipeline","getNodeStream","createGunzipStream","createTarballStream","error","TARBALL_SIZE_SAFETY_LIMIT","registryUrl","packageResponse","ok","Error","status","packageMetadata","json","isObject","versions","Object","keys","map","assertIsSemVerVersion","targetVersion","getTargetVersion","tarballUrlString","dist","tarball","isValidUrl","endsWith","newRegistryUrl","newTarballUrl","hostname","protocol","body","tarballSizeString","headers","tarballSize","parseInt","NPM_TARBALL_PATH_PREFIX","stream","getReader","ReadableWebToNodeStream","extractStream","tarExtract","totalSize","on","header","entryStream","next","name","headerName","type","headerType","replace","pipe","concat","encoding","data","byteLength","VirtualFile","value","canonicalPath","has","set","destroy","resume"],"mappings":";;;;;;;;;;;IA2BaA,oBAAoB;eAApBA;;IAsBAC,WAAW;eAAXA;;IA4KSC,gBAAgB;eAAhBA;;;4BAnNf;uBAOA;qEACY;oEACY;yCACS;wBACf;2BAEa;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAI/B,MAAMF,uBAAuB;IAqI5B;AA/GD,MAAMC;IAgEX,MAAME,WAA+C;QACnD,IAAI,IAAI,CAACC,iBAAiB,EAAE;YAC1B,OAAO,IAAI,CAACA,iBAAiB,CAACC,KAAK;QACrC;QAEA,MAAMC,QAAQ,MAAM,IAAI,CAACC,KAAK,CAAC;QAC/B,MAAMC,SAASC,IAAAA,qBAAS,EAACH,MAAMI,QAAQ;QACvCJ,MAAME,MAAM,GAAGG,IAAAA,8BAAkB,EAACH;QAClC,IAAI,CAACJ,iBAAiB,GAAGE;QAEzB,OAAO,IAAI,CAACH,QAAQ;IACtB;IAEA,MAAMI,MAAMK,IAAY,EAAwB;QAC9C,MAAMC,eAAeC,IAAAA,6BAAiB,EAACF;QACvC,IAAI,CAAC,IAAI,CAACG,KAAK,EAAE;YACf,MAAM,0BAAA,IAAI,EAAEC,WAAAA,eAAN,IAAI;YACVC,IAAAA,aAAM,EAAC,IAAI,CAACF,KAAK,KAAKG;QACxB;QACA,MAAMZ,QAAQ,IAAI,CAACS,KAAK,CAACI,GAAG,CAACN;QAC7BI,IAAAA,aAAM,EACJX,UAAUY,WACV,IAAIE,UAAU,CAAC,MAAM,EAAER,KAAK,uBAAuB,CAAC;QAEtD,OAAON,MAAMD,KAAK;IACpB;IAEA,IAAIgB,cAAsB;QACxB,OAAO,IAAI,CAACC,IAAI,CAACD,WAAW;IAC9B;IAEA,IAAIE,UAAkB;QACpBN,IAAAA,aAAM,EACJ,IAAI,CAACK,IAAI,CAACC,OAAO,KAAKL,WACtB;QAEF,OAAO,IAAI,CAACI,IAAI,CAACC,OAAO;IAC1B;IAEA,IAAIC,WAAgB;QAClB,OAAO,IAAI,CAACF,IAAI,CAACE,QAAQ;IAC3B;IAEA,IAAIC,eAA4B;QAC9B,OAAO,IAAI,CAACH,IAAI,CAACI,cAAc;IACjC;IAtGAC,YAAYC,GAAQ,EAAEC,OAAkC,CAAC,CAAC,CAAE;QAwG5D,iCAAM;QA9GN,uBAAiBP,QAAjB,KAAA;QAEA,uBAAQlB,qBAAR,KAAA;QAEA,uBAAQW,SAAR,KAAA;QAGE,MAAMe,wBAAwBD,KAAKC,qBAAqB,IAAI;QAC5D,MAAMC,gBAAgBF,KAAKtB,KAAK,IAAIyB,WAAWzB,KAAK,CAAC0B,IAAI,CAACD;QAC1D,MAAMN,iBAAiBG,KAAKJ,YAAY,IAAIS,0CAA8B;QAE1EC,IAAAA,mBAAY,EAACP,IAAIlB,QAAQ,IAAI0B,2BAAe,EAAE;QAE9C,IAAIZ;QACJ,IACEI,IAAIS,IAAI,KAAK,MACbT,IAAIU,IAAI,KAAK,MACbV,IAAIW,QAAQ,KAAK,MACjBX,IAAIY,QAAQ,KAAK,IACjB;YACAhB,WAAW,IAAIiB,IAAIzC;QACrB,OAAO;YACLwB,WAAW;YACX,IAAII,IAAIW,QAAQ,EAAE;gBAChBf,YAAYI,IAAIW,QAAQ;gBACxB,IAAIX,IAAIY,QAAQ,EAAE;oBAChBhB,YAAY,CAAC,CAAC,EAAEI,IAAIY,QAAQ,CAAC,CAAC;gBAChC;gBACAhB,YAAY;YACd;YACAA,YAAYI,IAAIS,IAAI;YACpBb,WAAW,IAAIiB,IAAIjB;YACnBP,IAAAA,aAAM,EACJa,uBACA,IAAIV,UACF,CAAC,kDAAkD,EAAEI,SAASd,QAAQ,GAAG,EAAE,CAAC;QAGlF;QAEAO,IAAAA,aAAM,EACJO,SAASkB,QAAQ,KAAK,OACpBlB,SAASmB,MAAM,KAAK,MACpBnB,SAASoB,IAAI,KAAK;QAGtB3B,IAAAA,aAAM,EACJW,IAAIc,QAAQ,KAAK,MAAMd,IAAIc,QAAQ,KAAK,KACxC,IAAItB,UAAU;QAEhB,IAAIC,cAAcO,IAAIc,QAAQ;QAC9B,IAAIrB,YAAYwB,UAAU,CAAC,MAAM;YAC/BxB,cAAcA,YAAYyB,KAAK,CAAC;QAClC;QAEA,IAAI,CAACxB,IAAI,GAAG;YACVI;YACAF;YACAH;YACAd,OAAOwB;QACT;IACF;AAyFF;AAxCE,eAAA;IACEd,IAAAA,aAAM,EAAC,IAAI,CAACF,KAAK,KAAKG;IACtB,MAAM,CAAC6B,iBAAiBC,cAAc,GAAG,MAAMC,gBAC7C,IAAI,CAAC3B,IAAI,CAACD,WAAW,EACrB,IAAI,CAACC,IAAI,CAACI,cAAc,EACxB,IAAI,CAACJ,IAAI,CAACE,QAAQ,EAClB,IAAI,CAACF,IAAI,CAACf,KAAK;IAEjB,IAAI,CAACe,IAAI,CAACC,OAAO,GAAGyB;IAEpB,IAAIE,gBAAgB;IACpB,IAAI,IAAI,CAAC5B,IAAI,CAACE,QAAQ,CAACe,QAAQ,KAAK,IAAI;QACtCW,iBAAiB,IAAI,CAAC5B,IAAI,CAACE,QAAQ,CAACe,QAAQ;QAC5C,IAAI,IAAI,CAACjB,IAAI,CAACE,QAAQ,CAACgB,QAAQ,KAAK,IAAI;YACtCU,iBAAiB,CAAC,CAAC,EAAE,IAAI,CAAC5B,IAAI,CAACE,QAAQ,CAACgB,QAAQ,CAAC,CAAC;QACpD;QACAU,iBAAiB;IACnB;IACAA,iBAAiB,IAAI,CAAC5B,IAAI,CAACE,QAAQ,CAACa,IAAI;IAExC,gFAAgF;IAChF,kHAAkH;IAClH,MAAM,IAAIc,QAAc,CAACC,SAASC;QAChC,IAAI,CAACtC,KAAK,GAAG,IAAIuC;QACjBC,IAAAA,gBAAQ,EACNC,cAAcT,kBACd,4EAA4E;QAC5E,iDAAiD;QACjD,+EAA+E;QAC/EU,IAAAA,oBAAkB,EAAC,IACnBC,oBACE,CAAC,EAAER,cAAc,CAAC,EAAE,IAAI,CAAC5B,IAAI,CAACD,WAAW,CAAC,CAAC,CAAC,EAC5C,IAAI,CAACN,KAAK,GAEZ,CAAC4C;YACCA,QAAQN,OAAOM,SAASP;QAC1B;IAEJ;AACF;AAGF,6CAA6C;AAC7C,MAAMQ,4BAA4B;AAkB3B,eAAe1D,iBACpBmB,WAAmB,EACnBwC,WAAyB,EACzB9B,aAA2B;IAE3B,MAAM+B,kBAAkB,MAAM/B,cAC5B,IAAIU,IAAIpB,aAAawC,aAAanD,QAAQ;IAE5C,IAAI,CAACoD,gBAAgBC,EAAE,EAAE;QACvB,MAAM,IAAIC,MACR,CAAC,iDAAiD,EAAEF,gBAAgBG,MAAM,CAAC,CAAC,CAAC;IAEjF;IACA,MAAMC,kBAAkB,MAAMJ,gBAAgBK,IAAI;IAElD,IAAI,CAACC,IAAAA,eAAQ,EAACF,kBAAkB;QAC9B,MAAM,IAAIF,MACR,CAAC,yBAAyB,EAAE3C,YAAY,oBAAoB,CAAC;IAEjE;IAEA,OAAO6C;AACT;AAEA;;;;;;;;;;;;;CAaC,GACD,eAAejB,gBACb5B,WAAmB,EACnBI,YAAyB,EACzBoC,WAAyB,EACzB9B,aAA2B;IAE3B,MAAMmC,kBAAkB,MAAMhE,iBAC5BmB,aACAwC,aACA9B;IAGF,MAAMsC,WAAWC,OAAOC,IAAI,CAACL,iBAAiBG,YAAY,CAAC,GAAGG,GAAG,CAC/D,CAACjD;QACCkD,IAAAA,4BAAqB,EAAClD;QACtB,OAAOA;IACT;IAGF,MAAMmD,gBAAgBC,IAAAA,4BAAgB,EAACN,UAAU5C;IAEjD,IAAIiD,kBAAkB,MAAM;QAC1B,MAAM,IAAIV,MACR,CAAC,+DAA+D,EAAE3C,YAAY,8BAA8B,EAAEI,aAAa,EAAE,CAAC;IAElI;IAEA,MAAMmD,mBACJV,iBAAiBG,UAAU,CAACK,cAAc,EAAEG,MAAMC;IAEpD,IACE,CAACC,IAAAA,sBAAU,EAACH,qBACZ,CAACA,iBAAiBlE,QAAQ,GAAGsE,QAAQ,CAAC,SACtC;QACA,MAAM,IAAIhB,MACR,CAAC,8DAA8D,EAAE3C,YAAY,EAAE,CAAC;IAEpF;IAEA,4EAA4E;IAC5E,MAAM4D,iBAAiB,IAAIxC,IAAIoB;IAC/B,MAAMqB,gBAAgB,IAAIzC,IAAImC;IAC9BM,cAAcC,QAAQ,GAAGF,eAAeE,QAAQ;IAChDD,cAAcE,QAAQ,GAAGH,eAAeG,QAAQ;IAEhD,kEAAkE;IAClE,MAAMrC,kBAAkB,MAAMhB,cAAcmD,cAAcxE,QAAQ;IAClE,IAAI,CAACqC,gBAAgBgB,EAAE,IAAI,CAAChB,gBAAgBsC,IAAI,EAAE;QAChD,MAAM,IAAIrB,MAAM,CAAC,qCAAqC,EAAE3C,YAAY,EAAE,CAAC;IACzE;IACA,2FAA2F;IAC3F,MAAMiE,oBAAoBvC,gBAAgBwC,OAAO,CAACpE,GAAG,CAAC;IACtDF,IAAAA,aAAM,EAACqE,mBAAmB;IAC1B,MAAME,cAAcC,SAASH,mBAAmB;IAChDrE,IAAAA,aAAM,EACJuE,eAAe5B,2BACf;IAEF,OAAO;QAACb,gBAAgBsC,IAAI;QAAEX;KAAc;AAC9C;AAEA;;;CAGC,GACD,MAAMgB,0BAA0B;AAEhC;;;;;;;;CAQC,GACD,SAASlC,cAAcmC,MAAsB;IAC3C,IAAI,OAAOA,OAAOC,SAAS,KAAK,YAAY;QAC1C,OAAOD;IACT;IAEA,OAAO,IAAIE,gDAAuB,CAACF;AACrC;AAEA;;;;;;;CAOC,GACD,SAASjC,oBACPR,aAAqB,EACrBnC,KAA+B;IAE/BE,IAAAA,aAAM,EACJiC,cAAc8B,QAAQ,CAAC,MACvB;IAGF/D,IAAAA,aAAM,EACJiC,cAAcL,UAAU,CAAC,SACzB;IAEF,oEAAoE;IACpE,2CAA2C;IAC3C,MAAMiD,gBAAgBC,IAAAA,kBAAU;IAEhC,IAAIC,YAAY;IAEhB,2EAA2E;IAC3E,qBAAqB;IACrBF,cAAcG,EAAE,CAAC,SAAS,CAACC,QAAQC,aAAaC;QAC9C,MAAM,EAAEC,MAAMC,UAAU,EAAEC,MAAMC,UAAU,EAAE,GAAGN;QAC/C,IAAIM,eAAe,QAAQ;YACzB,mDAAmD;YACnD,MAAM5F,OAAO0F,WAAWG,OAAO,CAACf,yBAAyB;YACzD,OAAOS,YAAYO,IAAI,CACrBC,IAAAA,qBAAM,EAAC;gBAAEC,UAAU;YAAa,GAAG,CAACC;gBAClC,IAAI;oBACFb,aAAaa,KAAKC,UAAU;oBAC5B,8EAA8E;oBAC9E7F,IAAAA,aAAM,EACJ+E,YAAYpC,2BACZ,CAAC,8BAA8B,EAAEA,0BAA0B,OAAO,CAAC;oBAErE,MAAMtD,QAAQ,IAAIyG,uBAAW,CAAC;wBAC5BC,OAAOH;wBACPjG;wBACAiG,MAAM;4BACJI,eAAe,IAAIxE,IAAI7B,MAAMsC,eAAexC,QAAQ;wBACtD;oBACF;oBACA,wFAAwF;oBACxFO,IAAAA,aAAM,EACJ,CAACF,MAAMmG,GAAG,CAACtG,OACX;oBAEFG,MAAMoG,GAAG,CAACvG,MAAMN;oBAChB,OAAO8F;gBACT,EAAE,OAAOzC,OAAO;oBACd,OAAOmC,cAAcsB,OAAO,CAACzD;gBAC/B;YACF;QAEJ;QAEA,4EAA4E;QAC5E,0EAA0E;QAC1E,6CAA6C;QAC7CwC,YAAYF,EAAE,CAAC,OAAO,IAAMG;QAC5B,OAAOD,YAAYkB,MAAM;IAC3B;IACA,OAAOvB;AACT"}
|
|
1
|
+
{"version":3,"sources":["../../../../src/snaps/location/npm.ts"],"sourcesContent":["import type { SnapManifest } from '@metamask/snaps-utils';\nimport {\n createSnapManifest,\n DEFAULT_REQUESTED_SNAP_VERSION,\n getTargetVersion,\n isValidUrl,\n NpmSnapIdStruct,\n VirtualFile,\n normalizeRelative,\n parseJson,\n} from '@metamask/snaps-utils';\nimport type { SemVerRange, SemVerVersion } from '@metamask/utils';\nimport {\n assert,\n assertIsSemVerVersion,\n assertStruct,\n isObject,\n isValidSemVerVersion,\n} from '@metamask/utils';\nimport concat from 'concat-stream';\nimport getNpmTarballUrl from 'get-npm-tarball-url';\nimport createGunzipStream from 'gunzip-maybe';\nimport { ReadableWebToNodeStream } from 'readable-web-to-node-stream';\nimport { pipeline } from 'stream';\nimport type { Readable, Writable } from 'stream';\nimport { extract as tarExtract } from 'tar-stream';\n\nimport type { DetectSnapLocationOptions, SnapLocation } from './location';\n\nexport const DEFAULT_NPM_REGISTRY = new URL('https://registry.npmjs.org');\n\ninterface NpmMeta {\n registry: URL;\n packageName: string;\n requestedRange: SemVerRange;\n version?: string;\n fetch: typeof fetch;\n}\nexport interface NpmOptions {\n /**\n * @default DEFAULT_REQUESTED_SNAP_VERSION\n */\n versionRange?: SemVerRange;\n /**\n * Whether to allow custom NPM registries outside of {@link DEFAULT_NPM_REGISTRY}.\n *\n * @default false\n */\n allowCustomRegistries?: boolean;\n}\n\nexport class NpmLocation implements SnapLocation {\n private readonly meta: NpmMeta;\n\n private validatedManifest?: VirtualFile<SnapManifest>;\n\n private files?: Map<string, VirtualFile>;\n\n constructor(url: URL, opts: DetectSnapLocationOptions = {}) {\n const allowCustomRegistries = opts.allowCustomRegistries ?? false;\n const fetchFunction = opts.fetch ?? globalThis.fetch.bind(globalThis);\n const requestedRange = opts.versionRange ?? DEFAULT_REQUESTED_SNAP_VERSION;\n\n assertStruct(url.toString(), NpmSnapIdStruct, 'Invalid Snap Id: ');\n\n let registry: string | URL;\n if (\n url.host === '' &&\n url.port === '' &&\n url.username === '' &&\n url.password === ''\n ) {\n registry = DEFAULT_NPM_REGISTRY;\n } else {\n registry = 'https://';\n if (url.username) {\n registry += url.username;\n if (url.password) {\n registry += `:${url.password}`;\n }\n registry += '@';\n }\n registry += url.host;\n registry = new URL(registry);\n assert(\n allowCustomRegistries,\n new TypeError(\n `Custom NPM registries are disabled, tried to use \"${registry.toString()}\".`,\n ),\n );\n }\n\n assert(\n registry.pathname === '/' &&\n registry.search === '' &&\n registry.hash === '',\n );\n\n assert(\n url.pathname !== '' && url.pathname !== '/',\n new TypeError('The package name in NPM location is empty.'),\n );\n let packageName = url.pathname;\n if (packageName.startsWith('/')) {\n packageName = packageName.slice(1);\n }\n\n this.meta = {\n requestedRange,\n registry,\n packageName,\n fetch: fetchFunction,\n };\n }\n\n async manifest(): Promise<VirtualFile<SnapManifest>> {\n if (this.validatedManifest) {\n return this.validatedManifest.clone();\n }\n\n const vfile = await this.fetch('snap.manifest.json');\n const result = parseJson(vfile.toString());\n vfile.result = createSnapManifest(result);\n this.validatedManifest = vfile as VirtualFile<SnapManifest>;\n\n return this.manifest();\n }\n\n async fetch(path: string): Promise<VirtualFile> {\n const relativePath = normalizeRelative(path);\n if (!this.files) {\n await this.#lazyInit();\n assert(this.files !== undefined);\n }\n const vfile = this.files.get(relativePath);\n assert(\n vfile !== undefined,\n new TypeError(`File \"${path}\" not found in package.`),\n );\n return vfile.clone();\n }\n\n get packageName(): string {\n return this.meta.packageName;\n }\n\n get version(): string {\n assert(\n this.meta.version !== undefined,\n 'Tried to access version without first fetching NPM package.',\n );\n return this.meta.version;\n }\n\n get registry(): URL {\n return this.meta.registry;\n }\n\n get versionRange(): SemVerRange {\n return this.meta.requestedRange;\n }\n\n async #lazyInit() {\n assert(this.files === undefined);\n const [tarballResponse, actualVersion] = await fetchNpmTarball(\n this.meta.packageName,\n this.meta.requestedRange,\n this.meta.registry,\n this.meta.fetch,\n );\n this.meta.version = actualVersion;\n\n let canonicalBase = 'npm://';\n if (this.meta.registry.username !== '') {\n canonicalBase += this.meta.registry.username;\n if (this.meta.registry.password !== '') {\n canonicalBase += `:${this.meta.registry.password}`;\n }\n canonicalBase += '@';\n }\n canonicalBase += this.meta.registry.host;\n\n // TODO(ritave): Lazily extract files instead of up-front extracting all of them\n // We would need to replace tar-stream package because it requires immediate consumption of streams.\n await new Promise<void>((resolve, reject) => {\n this.files = new Map();\n pipeline(\n getNodeStream(tarballResponse),\n // The \"gz\" in \"tgz\" stands for \"gzip\". The tarball needs to be decompressed\n // before we can actually grab any files from it.\n // To prevent recursion-based zip bombs, we set a maximum recursion depth of 1.\n createGunzipStream(1),\n createTarballStream(\n `${canonicalBase}/${this.meta.packageName}/`,\n this.files,\n ),\n (error) => {\n error ? reject(error) : resolve();\n },\n );\n });\n }\n}\n\n// Safety limit for tarballs, 250 MB in bytes\nconst TARBALL_SIZE_SAFETY_LIMIT = 262144000;\n\n// Incomplete type\nexport type PartialNpmMetadata = {\n versions: Record<string, { dist: { tarball: string } }>;\n};\n\n/**\n * Fetches the NPM metadata of the specified package from\n * the public npm registry.\n *\n * @param packageName - The name of the package whose metadata to fetch.\n * @param registryUrl - The URL of the npm registry to fetch the metadata from.\n * @param fetchFunction - The fetch function to use. Defaults to the global\n * {@link fetch}. Useful for Node.js compatibility.\n * @returns The NPM metadata object.\n * @throws If fetching the metadata fails.\n */\nexport async function fetchNpmMetadata(\n packageName: string,\n registryUrl: URL | string,\n fetchFunction: typeof fetch,\n): Promise<PartialNpmMetadata> {\n const packageResponse = await fetchFunction(\n new URL(packageName, registryUrl).toString(),\n );\n if (!packageResponse.ok) {\n throw new Error(\n `Failed to fetch NPM registry entry. Status code: ${packageResponse.status}.`,\n );\n }\n const packageMetadata = await packageResponse.json();\n\n if (!isObject(packageMetadata)) {\n throw new Error(\n `Failed to fetch package \"${packageName}\" metadata from npm.`,\n );\n }\n\n return packageMetadata as PartialNpmMetadata;\n}\n\n/**\n * Resolves a version range to a version using the NPM registry.\n *\n * Unless the version range is already a version, then the NPM registry is skipped.\n *\n * @param packageName - The name of the package whose metadata to fetch.\n * @param versionRange - The version range of the package.\n * @param registryUrl - The URL of the npm registry to fetch the metadata from.\n * @param fetchFunction - The fetch function to use. Defaults to the global\n * {@link fetch}. Useful for Node.js compatibility.\n * @returns An object containing the resolved version and a URL for its tarball.\n * @throws If fetching the metadata fails.\n */\nasync function resolveNpmVersion(\n packageName: string,\n versionRange: SemVerRange,\n registryUrl: URL,\n fetchFunction: typeof fetch,\n): Promise<{ tarballURL: string; targetVersion: SemVerVersion }> {\n // If the version range is already a static version we don't need to look for the metadata.\n if (\n registryUrl.toString() === DEFAULT_NPM_REGISTRY.toString() &&\n isValidSemVerVersion(versionRange)\n ) {\n return {\n tarballURL: getNpmTarballUrl(packageName, versionRange),\n targetVersion: versionRange,\n };\n }\n\n const packageMetadata = await fetchNpmMetadata(\n packageName,\n registryUrl,\n fetchFunction,\n );\n\n const versions = Object.keys(packageMetadata?.versions ?? {}).map(\n (version) => {\n assertIsSemVerVersion(version);\n return version;\n },\n );\n\n const targetVersion = getTargetVersion(versions, versionRange);\n\n if (targetVersion === null) {\n throw new Error(\n `Failed to find a matching version in npm metadata for package \"${packageName}\" and requested semver range \"${versionRange}\".`,\n );\n }\n\n const tarballURL = packageMetadata?.versions?.[targetVersion]?.dist?.tarball;\n\n return { tarballURL, targetVersion };\n}\n\n/**\n * Fetches the tarball (`.tgz` file) of the specified package and version from\n * the public npm registry.\n *\n * @param packageName - The name of the package whose tarball to fetch.\n * @param versionRange - The SemVer range of the package to fetch. The highest\n * version satisfying the range will be fetched.\n * @param registryUrl - The URL of the npm registry to fetch the tarball from.\n * @param fetchFunction - The fetch function to use. Defaults to the global\n * {@link fetch}. Useful for Node.js compatibility.\n * @returns A tuple of the {@link Response} for the package tarball and the\n * actual version of the package.\n * @throws If fetching the tarball fails.\n */\nasync function fetchNpmTarball(\n packageName: string,\n versionRange: SemVerRange,\n registryUrl: URL,\n fetchFunction: typeof fetch,\n): Promise<[ReadableStream, SemVerVersion]> {\n const { tarballURL, targetVersion } = await resolveNpmVersion(\n packageName,\n versionRange,\n registryUrl,\n fetchFunction,\n );\n\n if (!isValidUrl(tarballURL) || !tarballURL.toString().endsWith('.tgz')) {\n throw new Error(\n `Failed to find valid tarball URL in NPM metadata for package \"${packageName}\".`,\n );\n }\n\n // Override the tarball hostname/protocol with registryUrl hostname/protocol\n const newRegistryUrl = new URL(registryUrl);\n const newTarballUrl = new URL(tarballURL);\n newTarballUrl.hostname = newRegistryUrl.hostname;\n newTarballUrl.protocol = newRegistryUrl.protocol;\n\n // Perform a raw fetch because we want the Response object itself.\n const tarballResponse = await fetchFunction(newTarballUrl.toString());\n if (!tarballResponse.ok || !tarballResponse.body) {\n throw new Error(`Failed to fetch tarball for package \"${packageName}\".`);\n }\n // We assume that NPM is a good actor and provides us with a valid `content-length` header.\n const tarballSizeString = tarballResponse.headers.get('content-length');\n assert(tarballSizeString, 'Snap tarball has invalid content-length');\n const tarballSize = parseInt(tarballSizeString, 10);\n assert(\n tarballSize <= TARBALL_SIZE_SAFETY_LIMIT,\n 'Snap tarball exceeds size limit',\n );\n return [tarballResponse.body, targetVersion];\n}\n\n/**\n * The paths of files within npm tarballs appear to always be prefixed with\n * \"package/\".\n */\nconst NPM_TARBALL_PATH_PREFIX = /^package\\//u;\n\n/**\n * Converts a {@link ReadableStream} to a Node.js {@link Readable}\n * stream. Returns the stream directly if it is already a Node.js stream.\n * We can't use the native Web {@link ReadableStream} directly because the\n * other stream libraries we use expect Node.js streams.\n *\n * @param stream - The stream to convert.\n * @returns The given stream as a Node.js Readable stream.\n */\nfunction getNodeStream(stream: ReadableStream): Readable {\n if (typeof stream.getReader !== 'function') {\n return stream as unknown as Readable;\n }\n\n return new ReadableWebToNodeStream(stream);\n}\n\n/**\n * Creates a `tar-stream` that will get the necessary files from an npm Snap\n * package tarball (`.tgz` file).\n *\n * @param canonicalBase - A base URI as specified in {@link https://github.com/MetaMask/SIPs/blob/main/SIPS/sip-8.md SIP-8}. Starting with 'npm:'. Will be used for canonicalPath vfile argument.\n * @param files - An object to write target file contents to.\n * @returns The {@link Writable} tarball extraction stream.\n */\nfunction createTarballStream(\n canonicalBase: string,\n files: Map<string, VirtualFile>,\n): Writable {\n assert(\n canonicalBase.endsWith('/'),\n \"Base needs to end with '/' for relative paths to be added as children instead of siblings.\",\n );\n\n assert(\n canonicalBase.startsWith('npm:'),\n 'Protocol mismatch, expected \"npm:\".',\n );\n // `tar-stream` is pretty old-school, so we create it first and then\n // instrument it by adding event listeners.\n const extractStream = tarExtract();\n\n let totalSize = 0;\n\n // \"entry\" is fired for every discreet entity in the tarball. This includes\n // files and folders.\n extractStream.on('entry', (header, entryStream, next) => {\n const { name: headerName, type: headerType } = header;\n if (headerType === 'file') {\n // The name is a path if the header type is \"file\".\n const path = headerName.replace(NPM_TARBALL_PATH_PREFIX, '');\n return entryStream.pipe(\n concat({ encoding: 'uint8array' }, (data) => {\n try {\n totalSize += data.byteLength;\n // To prevent zip bombs, we set a safety limit for the total size of tarballs.\n assert(\n totalSize < TARBALL_SIZE_SAFETY_LIMIT,\n `Snap tarball exceeds limit of ${TARBALL_SIZE_SAFETY_LIMIT} bytes.`,\n );\n const vfile = new VirtualFile({\n value: data,\n path,\n data: {\n canonicalPath: new URL(path, canonicalBase).toString(),\n },\n });\n // We disallow files having identical paths as it may confuse our checksum calculations.\n assert(\n !files.has(path),\n 'Malformed tarball, multiple files with the same path.',\n );\n files.set(path, vfile);\n return next();\n } catch (error) {\n return extractStream.destroy(error);\n }\n }),\n );\n }\n\n // If we get here, the entry is not a file, and we want to ignore. The entry\n // stream must be drained, or the extractStream will stop reading. This is\n // effectively a no-op for the current entry.\n entryStream.on('end', () => next());\n return entryStream.resume();\n });\n return extractStream;\n}\n"],"names":["DEFAULT_NPM_REGISTRY","NpmLocation","fetchNpmMetadata","URL","manifest","validatedManifest","clone","vfile","fetch","result","parseJson","toString","createSnapManifest","path","relativePath","normalizeRelative","files","lazyInit","assert","undefined","get","TypeError","packageName","meta","version","registry","versionRange","requestedRange","constructor","url","opts","allowCustomRegistries","fetchFunction","globalThis","bind","DEFAULT_REQUESTED_SNAP_VERSION","assertStruct","NpmSnapIdStruct","host","port","username","password","pathname","search","hash","startsWith","slice","tarballResponse","actualVersion","fetchNpmTarball","canonicalBase","Promise","resolve","reject","Map","pipeline","getNodeStream","createGunzipStream","createTarballStream","error","TARBALL_SIZE_SAFETY_LIMIT","registryUrl","packageResponse","ok","Error","status","packageMetadata","json","isObject","resolveNpmVersion","isValidSemVerVersion","tarballURL","getNpmTarballUrl","targetVersion","versions","Object","keys","map","assertIsSemVerVersion","getTargetVersion","dist","tarball","isValidUrl","endsWith","newRegistryUrl","newTarballUrl","hostname","protocol","body","tarballSizeString","headers","tarballSize","parseInt","NPM_TARBALL_PATH_PREFIX","stream","getReader","ReadableWebToNodeStream","extractStream","tarExtract","totalSize","on","header","entryStream","next","name","headerName","type","headerType","replace","pipe","concat","encoding","data","byteLength","VirtualFile","value","canonicalPath","has","set","destroy","resume"],"mappings":";;;;;;;;;;;IA6BaA,oBAAoB;eAApBA;;IAsBAC,WAAW;eAAXA;;IA4KSC,gBAAgB;eAAhBA;;;4BArNf;uBAQA;qEACY;yEACU;oEACE;yCACS;wBACf;2BAEa;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAI/B,MAAMF,uBAAuB,IAAIG,IAAI;IAqIpC;AA/GD,MAAMF;IAgEX,MAAMG,WAA+C;QACnD,IAAI,IAAI,CAACC,iBAAiB,EAAE;YAC1B,OAAO,IAAI,CAACA,iBAAiB,CAACC,KAAK;QACrC;QAEA,MAAMC,QAAQ,MAAM,IAAI,CAACC,KAAK,CAAC;QAC/B,MAAMC,SAASC,IAAAA,qBAAS,EAACH,MAAMI,QAAQ;QACvCJ,MAAME,MAAM,GAAGG,IAAAA,8BAAkB,EAACH;QAClC,IAAI,CAACJ,iBAAiB,GAAGE;QAEzB,OAAO,IAAI,CAACH,QAAQ;IACtB;IAEA,MAAMI,MAAMK,IAAY,EAAwB;QAC9C,MAAMC,eAAeC,IAAAA,6BAAiB,EAACF;QACvC,IAAI,CAAC,IAAI,CAACG,KAAK,EAAE;YACf,MAAM,0BAAA,IAAI,EAAEC,WAAAA,eAAN,IAAI;YACVC,IAAAA,aAAM,EAAC,IAAI,CAACF,KAAK,KAAKG;QACxB;QACA,MAAMZ,QAAQ,IAAI,CAACS,KAAK,CAACI,GAAG,CAACN;QAC7BI,IAAAA,aAAM,EACJX,UAAUY,WACV,IAAIE,UAAU,CAAC,MAAM,EAAER,KAAK,uBAAuB,CAAC;QAEtD,OAAON,MAAMD,KAAK;IACpB;IAEA,IAAIgB,cAAsB;QACxB,OAAO,IAAI,CAACC,IAAI,CAACD,WAAW;IAC9B;IAEA,IAAIE,UAAkB;QACpBN,IAAAA,aAAM,EACJ,IAAI,CAACK,IAAI,CAACC,OAAO,KAAKL,WACtB;QAEF,OAAO,IAAI,CAACI,IAAI,CAACC,OAAO;IAC1B;IAEA,IAAIC,WAAgB;QAClB,OAAO,IAAI,CAACF,IAAI,CAACE,QAAQ;IAC3B;IAEA,IAAIC,eAA4B;QAC9B,OAAO,IAAI,CAACH,IAAI,CAACI,cAAc;IACjC;IAtGAC,YAAYC,GAAQ,EAAEC,OAAkC,CAAC,CAAC,CAAE;QAwG5D,iCAAM;QA9GN,uBAAiBP,QAAjB,KAAA;QAEA,uBAAQlB,qBAAR,KAAA;QAEA,uBAAQW,SAAR,KAAA;QAGE,MAAMe,wBAAwBD,KAAKC,qBAAqB,IAAI;QAC5D,MAAMC,gBAAgBF,KAAKtB,KAAK,IAAIyB,WAAWzB,KAAK,CAAC0B,IAAI,CAACD;QAC1D,MAAMN,iBAAiBG,KAAKJ,YAAY,IAAIS,0CAA8B;QAE1EC,IAAAA,mBAAY,EAACP,IAAIlB,QAAQ,IAAI0B,2BAAe,EAAE;QAE9C,IAAIZ;QACJ,IACEI,IAAIS,IAAI,KAAK,MACbT,IAAIU,IAAI,KAAK,MACbV,IAAIW,QAAQ,KAAK,MACjBX,IAAIY,QAAQ,KAAK,IACjB;YACAhB,WAAWzB;QACb,OAAO;YACLyB,WAAW;YACX,IAAII,IAAIW,QAAQ,EAAE;gBAChBf,YAAYI,IAAIW,QAAQ;gBACxB,IAAIX,IAAIY,QAAQ,EAAE;oBAChBhB,YAAY,CAAC,CAAC,EAAEI,IAAIY,QAAQ,CAAC,CAAC;gBAChC;gBACAhB,YAAY;YACd;YACAA,YAAYI,IAAIS,IAAI;YACpBb,WAAW,IAAItB,IAAIsB;YACnBP,IAAAA,aAAM,EACJa,uBACA,IAAIV,UACF,CAAC,kDAAkD,EAAEI,SAASd,QAAQ,GAAG,EAAE,CAAC;QAGlF;QAEAO,IAAAA,aAAM,EACJO,SAASiB,QAAQ,KAAK,OACpBjB,SAASkB,MAAM,KAAK,MACpBlB,SAASmB,IAAI,KAAK;QAGtB1B,IAAAA,aAAM,EACJW,IAAIa,QAAQ,KAAK,MAAMb,IAAIa,QAAQ,KAAK,KACxC,IAAIrB,UAAU;QAEhB,IAAIC,cAAcO,IAAIa,QAAQ;QAC9B,IAAIpB,YAAYuB,UAAU,CAAC,MAAM;YAC/BvB,cAAcA,YAAYwB,KAAK,CAAC;QAClC;QAEA,IAAI,CAACvB,IAAI,GAAG;YACVI;YACAF;YACAH;YACAd,OAAOwB;QACT;IACF;AAyFF;AAxCE,eAAA;IACEd,IAAAA,aAAM,EAAC,IAAI,CAACF,KAAK,KAAKG;IACtB,MAAM,CAAC4B,iBAAiBC,cAAc,GAAG,MAAMC,gBAC7C,IAAI,CAAC1B,IAAI,CAACD,WAAW,EACrB,IAAI,CAACC,IAAI,CAACI,cAAc,EACxB,IAAI,CAACJ,IAAI,CAACE,QAAQ,EAClB,IAAI,CAACF,IAAI,CAACf,KAAK;IAEjB,IAAI,CAACe,IAAI,CAACC,OAAO,GAAGwB;IAEpB,IAAIE,gBAAgB;IACpB,IAAI,IAAI,CAAC3B,IAAI,CAACE,QAAQ,CAACe,QAAQ,KAAK,IAAI;QACtCU,iBAAiB,IAAI,CAAC3B,IAAI,CAACE,QAAQ,CAACe,QAAQ;QAC5C,IAAI,IAAI,CAACjB,IAAI,CAACE,QAAQ,CAACgB,QAAQ,KAAK,IAAI;YACtCS,iBAAiB,CAAC,CAAC,EAAE,IAAI,CAAC3B,IAAI,CAACE,QAAQ,CAACgB,QAAQ,CAAC,CAAC;QACpD;QACAS,iBAAiB;IACnB;IACAA,iBAAiB,IAAI,CAAC3B,IAAI,CAACE,QAAQ,CAACa,IAAI;IAExC,gFAAgF;IAChF,kHAAkH;IAClH,MAAM,IAAIa,QAAc,CAACC,SAASC;QAChC,IAAI,CAACrC,KAAK,GAAG,IAAIsC;QACjBC,IAAAA,gBAAQ,EACNC,cAAcT,kBACd,4EAA4E;QAC5E,iDAAiD;QACjD,+EAA+E;QAC/EU,IAAAA,oBAAkB,EAAC,IACnBC,oBACE,CAAC,EAAER,cAAc,CAAC,EAAE,IAAI,CAAC3B,IAAI,CAACD,WAAW,CAAC,CAAC,CAAC,EAC5C,IAAI,CAACN,KAAK,GAEZ,CAAC2C;YACCA,QAAQN,OAAOM,SAASP;QAC1B;IAEJ;AACF;AAGF,6CAA6C;AAC7C,MAAMQ,4BAA4B;AAkB3B,eAAe1D,iBACpBoB,WAAmB,EACnBuC,WAAyB,EACzB7B,aAA2B;IAE3B,MAAM8B,kBAAkB,MAAM9B,cAC5B,IAAI7B,IAAImB,aAAauC,aAAalD,QAAQ;IAE5C,IAAI,CAACmD,gBAAgBC,EAAE,EAAE;QACvB,MAAM,IAAIC,MACR,CAAC,iDAAiD,EAAEF,gBAAgBG,MAAM,CAAC,CAAC,CAAC;IAEjF;IACA,MAAMC,kBAAkB,MAAMJ,gBAAgBK,IAAI;IAElD,IAAI,CAACC,IAAAA,eAAQ,EAACF,kBAAkB;QAC9B,MAAM,IAAIF,MACR,CAAC,yBAAyB,EAAE1C,YAAY,oBAAoB,CAAC;IAEjE;IAEA,OAAO4C;AACT;AAEA;;;;;;;;;;;;CAYC,GACD,eAAeG,kBACb/C,WAAmB,EACnBI,YAAyB,EACzBmC,WAAgB,EAChB7B,aAA2B;IAE3B,2FAA2F;IAC3F,IACE6B,YAAYlD,QAAQ,OAAOX,qBAAqBW,QAAQ,MACxD2D,IAAAA,2BAAoB,EAAC5C,eACrB;QACA,OAAO;YACL6C,YAAYC,IAAAA,yBAAgB,EAAClD,aAAaI;YAC1C+C,eAAe/C;QACjB;IACF;IAEA,MAAMwC,kBAAkB,MAAMhE,iBAC5BoB,aACAuC,aACA7B;IAGF,MAAM0C,WAAWC,OAAOC,IAAI,CAACV,iBAAiBQ,YAAY,CAAC,GAAGG,GAAG,CAC/D,CAACrD;QACCsD,IAAAA,4BAAqB,EAACtD;QACtB,OAAOA;IACT;IAGF,MAAMiD,gBAAgBM,IAAAA,4BAAgB,EAACL,UAAUhD;IAEjD,IAAI+C,kBAAkB,MAAM;QAC1B,MAAM,IAAIT,MACR,CAAC,+DAA+D,EAAE1C,YAAY,8BAA8B,EAAEI,aAAa,EAAE,CAAC;IAElI;IAEA,MAAM6C,aAAaL,iBAAiBQ,UAAU,CAACD,cAAc,EAAEO,MAAMC;IAErE,OAAO;QAAEV;QAAYE;IAAc;AACrC;AAEA;;;;;;;;;;;;;CAaC,GACD,eAAexB,gBACb3B,WAAmB,EACnBI,YAAyB,EACzBmC,WAAgB,EAChB7B,aAA2B;IAE3B,MAAM,EAAEuC,UAAU,EAAEE,aAAa,EAAE,GAAG,MAAMJ,kBAC1C/C,aACAI,cACAmC,aACA7B;IAGF,IAAI,CAACkD,IAAAA,sBAAU,EAACX,eAAe,CAACA,WAAW5D,QAAQ,GAAGwE,QAAQ,CAAC,SAAS;QACtE,MAAM,IAAInB,MACR,CAAC,8DAA8D,EAAE1C,YAAY,EAAE,CAAC;IAEpF;IAEA,4EAA4E;IAC5E,MAAM8D,iBAAiB,IAAIjF,IAAI0D;IAC/B,MAAMwB,gBAAgB,IAAIlF,IAAIoE;IAC9Bc,cAAcC,QAAQ,GAAGF,eAAeE,QAAQ;IAChDD,cAAcE,QAAQ,GAAGH,eAAeG,QAAQ;IAEhD,kEAAkE;IAClE,MAAMxC,kBAAkB,MAAMf,cAAcqD,cAAc1E,QAAQ;IAClE,IAAI,CAACoC,gBAAgBgB,EAAE,IAAI,CAAChB,gBAAgByC,IAAI,EAAE;QAChD,MAAM,IAAIxB,MAAM,CAAC,qCAAqC,EAAE1C,YAAY,EAAE,CAAC;IACzE;IACA,2FAA2F;IAC3F,MAAMmE,oBAAoB1C,gBAAgB2C,OAAO,CAACtE,GAAG,CAAC;IACtDF,IAAAA,aAAM,EAACuE,mBAAmB;IAC1B,MAAME,cAAcC,SAASH,mBAAmB;IAChDvE,IAAAA,aAAM,EACJyE,eAAe/B,2BACf;IAEF,OAAO;QAACb,gBAAgByC,IAAI;QAAEf;KAAc;AAC9C;AAEA;;;CAGC,GACD,MAAMoB,0BAA0B;AAEhC;;;;;;;;CAQC,GACD,SAASrC,cAAcsC,MAAsB;IAC3C,IAAI,OAAOA,OAAOC,SAAS,KAAK,YAAY;QAC1C,OAAOD;IACT;IAEA,OAAO,IAAIE,gDAAuB,CAACF;AACrC;AAEA;;;;;;;CAOC,GACD,SAASpC,oBACPR,aAAqB,EACrBlC,KAA+B;IAE/BE,IAAAA,aAAM,EACJgC,cAAciC,QAAQ,CAAC,MACvB;IAGFjE,IAAAA,aAAM,EACJgC,cAAcL,UAAU,CAAC,SACzB;IAEF,oEAAoE;IACpE,2CAA2C;IAC3C,MAAMoD,gBAAgBC,IAAAA,kBAAU;IAEhC,IAAIC,YAAY;IAEhB,2EAA2E;IAC3E,qBAAqB;IACrBF,cAAcG,EAAE,CAAC,SAAS,CAACC,QAAQC,aAAaC;QAC9C,MAAM,EAAEC,MAAMC,UAAU,EAAEC,MAAMC,UAAU,EAAE,GAAGN;QAC/C,IAAIM,eAAe,QAAQ;YACzB,mDAAmD;YACnD,MAAM9F,OAAO4F,WAAWG,OAAO,CAACf,yBAAyB;YACzD,OAAOS,YAAYO,IAAI,CACrBC,IAAAA,qBAAM,EAAC;gBAAEC,UAAU;YAAa,GAAG,CAACC;gBAClC,IAAI;oBACFb,aAAaa,KAAKC,UAAU;oBAC5B,8EAA8E;oBAC9E/F,IAAAA,aAAM,EACJiF,YAAYvC,2BACZ,CAAC,8BAA8B,EAAEA,0BAA0B,OAAO,CAAC;oBAErE,MAAMrD,QAAQ,IAAI2G,uBAAW,CAAC;wBAC5BC,OAAOH;wBACPnG;wBACAmG,MAAM;4BACJI,eAAe,IAAIjH,IAAIU,MAAMqC,eAAevC,QAAQ;wBACtD;oBACF;oBACA,wFAAwF;oBACxFO,IAAAA,aAAM,EACJ,CAACF,MAAMqG,GAAG,CAACxG,OACX;oBAEFG,MAAMsG,GAAG,CAACzG,MAAMN;oBAChB,OAAOgG;gBACT,EAAE,OAAO5C,OAAO;oBACd,OAAOsC,cAAcsB,OAAO,CAAC5D;gBAC/B;YACF;QAEJ;QAEA,4EAA4E;QAC5E,0EAA0E;QAC1E,6CAA6C;QAC7C2C,YAAYF,EAAE,CAAC,OAAO,IAAMG;QAC5B,OAAOD,YAAYkB,MAAM;IAC3B;IACA,OAAOvB;AACT"}
|
|
@@ -19,15 +19,15 @@ _export(exports, {
|
|
|
19
19
|
return buildSnapRestrictedMethodSpecifications;
|
|
20
20
|
}
|
|
21
21
|
});
|
|
22
|
-
const
|
|
22
|
+
const _snapsrpcmethods = require("@metamask/snaps-rpc-methods");
|
|
23
23
|
const _utils = require("@metamask/utils");
|
|
24
24
|
const _endowments = require("./endowments");
|
|
25
25
|
function processSnapPermissions(initialPermissions) {
|
|
26
26
|
return Object.fromEntries(Object.entries(initialPermissions).map(([initialPermission, value])=>{
|
|
27
|
-
if ((0, _utils.hasProperty)(
|
|
27
|
+
if ((0, _utils.hasProperty)(_snapsrpcmethods.caveatMappers, initialPermission)) {
|
|
28
28
|
return [
|
|
29
29
|
initialPermission,
|
|
30
|
-
|
|
30
|
+
_snapsrpcmethods.caveatMappers[initialPermission](value)
|
|
31
31
|
];
|
|
32
32
|
} else if ((0, _utils.hasProperty)(_endowments.endowmentCaveatMappers, initialPermission)) {
|
|
33
33
|
return [
|
|
@@ -48,11 +48,11 @@ const buildSnapEndowmentSpecifications = (excludedEndowments)=>Object.values(_en
|
|
|
48
48
|
}
|
|
49
49
|
return allSpecifications;
|
|
50
50
|
}, {});
|
|
51
|
-
const buildSnapRestrictedMethodSpecifications = (excludedPermissions, hooks)=>Object.values(
|
|
51
|
+
const buildSnapRestrictedMethodSpecifications = (excludedPermissions, hooks)=>Object.values(_snapsrpcmethods.restrictedMethodPermissionBuilders).reduce((specifications, { targetName, specificationBuilder, methodHooks })=>{
|
|
52
52
|
if (!excludedPermissions.includes(targetName)) {
|
|
53
53
|
specifications[targetName] = specificationBuilder({
|
|
54
54
|
// @ts-expect-error The selectHooks type is wonky
|
|
55
|
-
methodHooks: (0,
|
|
55
|
+
methodHooks: (0, _snapsrpcmethods.selectHooks)(hooks, methodHooks)
|
|
56
56
|
});
|
|
57
57
|
}
|
|
58
58
|
return specifications;
|