@metamask/snaps-controllers 3.0.0 → 3.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +25 -1
- package/dist/cjs/cronjob/CronjobController.js +1 -1
- package/dist/cjs/cronjob/CronjobController.js.map +1 -1
- package/dist/cjs/services/AbstractExecutionService.js +6 -7
- package/dist/cjs/services/AbstractExecutionService.js.map +1 -1
- package/dist/cjs/snaps/SnapController.js +72 -82
- package/dist/cjs/snaps/SnapController.js.map +1 -1
- package/dist/cjs/snaps/endowments/cronjob.js +4 -4
- package/dist/cjs/snaps/endowments/cronjob.js.map +1 -1
- package/dist/cjs/snaps/endowments/keyring.js +4 -4
- package/dist/cjs/snaps/endowments/keyring.js.map +1 -1
- package/dist/cjs/snaps/endowments/name-lookup.js +3 -3
- package/dist/cjs/snaps/endowments/name-lookup.js.map +1 -1
- package/dist/cjs/snaps/endowments/rpc.js +4 -4
- package/dist/cjs/snaps/endowments/rpc.js.map +1 -1
- package/dist/cjs/snaps/endowments/transaction-insight.js +3 -3
- package/dist/cjs/snaps/endowments/transaction-insight.js.map +1 -1
- package/dist/cjs/snaps/location/location.js.map +1 -1
- package/dist/cjs/snaps/location/npm.js +47 -16
- package/dist/cjs/snaps/location/npm.js.map +1 -1
- package/dist/cjs/snaps/permissions.js +5 -5
- package/dist/cjs/snaps/permissions.js.map +1 -1
- package/dist/cjs/snaps/registry/json.js +30 -1
- package/dist/cjs/snaps/registry/json.js.map +1 -1
- package/dist/cjs/snaps/registry/registry.js.map +1 -1
- package/dist/esm/cronjob/CronjobController.js +1 -1
- package/dist/esm/cronjob/CronjobController.js.map +1 -1
- package/dist/esm/services/AbstractExecutionService.js +6 -7
- package/dist/esm/services/AbstractExecutionService.js.map +1 -1
- package/dist/esm/snaps/SnapController.js +69 -79
- package/dist/esm/snaps/SnapController.js.map +1 -1
- package/dist/esm/snaps/endowments/cronjob.js +4 -4
- package/dist/esm/snaps/endowments/cronjob.js.map +1 -1
- package/dist/esm/snaps/endowments/keyring.js +4 -4
- package/dist/esm/snaps/endowments/keyring.js.map +1 -1
- package/dist/esm/snaps/endowments/name-lookup.js +3 -3
- package/dist/esm/snaps/endowments/name-lookup.js.map +1 -1
- package/dist/esm/snaps/endowments/rpc.js +4 -4
- package/dist/esm/snaps/endowments/rpc.js.map +1 -1
- package/dist/esm/snaps/endowments/transaction-insight.js +3 -3
- package/dist/esm/snaps/endowments/transaction-insight.js.map +1 -1
- package/dist/esm/snaps/location/location.js.map +1 -1
- package/dist/esm/snaps/location/npm.js +48 -17
- package/dist/esm/snaps/location/npm.js.map +1 -1
- package/dist/esm/snaps/permissions.js +1 -1
- package/dist/esm/snaps/permissions.js.map +1 -1
- package/dist/esm/snaps/registry/json.js +31 -2
- package/dist/esm/snaps/registry/json.js.map +1 -1
- package/dist/esm/snaps/registry/registry.js.map +1 -1
- package/dist/types/cronjob/CronjobController.d.ts +1 -1
- package/dist/types/services/AbstractExecutionService.d.ts +1 -1
- package/dist/types/snaps/SnapController.d.ts +20 -32
- package/dist/types/snaps/location/location.d.ts +2 -0
- package/dist/types/snaps/location/npm.d.ts +1 -1
- package/dist/types/snaps/registry/json.d.ts +5 -1
- package/dist/types/snaps/registry/registry.d.ts +11 -1
- package/package.json +29 -22
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import { PermissionType, SubjectType } from '@metamask/permission-controller';
|
|
2
|
+
import { rpcErrors } from '@metamask/rpc-errors';
|
|
2
3
|
import { SnapCaveatType, isCronjobSpecificationArray } from '@metamask/snaps-utils';
|
|
3
4
|
import { assert, hasProperty, isPlainObject } from '@metamask/utils';
|
|
4
|
-
import { ethErrors } from 'eth-rpc-errors';
|
|
5
5
|
import { SnapEndowments } from './enum';
|
|
6
6
|
const permissionName = SnapEndowments.Cronjob;
|
|
7
7
|
/**
|
|
@@ -71,18 +71,18 @@ export const cronjobEndowmentBuilder = Object.freeze({
|
|
|
71
71
|
* @throws If the value is invalid.
|
|
72
72
|
*/ export function validateCronjobCaveat(caveat) {
|
|
73
73
|
if (!hasProperty(caveat, 'value') || !isPlainObject(caveat.value)) {
|
|
74
|
-
throw
|
|
74
|
+
throw rpcErrors.invalidParams({
|
|
75
75
|
message: 'Expected a plain object.'
|
|
76
76
|
});
|
|
77
77
|
}
|
|
78
78
|
const { value } = caveat;
|
|
79
79
|
if (!hasProperty(value, 'jobs') || !isPlainObject(value)) {
|
|
80
|
-
throw
|
|
80
|
+
throw rpcErrors.invalidParams({
|
|
81
81
|
message: 'Expected a plain object.'
|
|
82
82
|
});
|
|
83
83
|
}
|
|
84
84
|
if (!isCronjobSpecificationArray(value.jobs)) {
|
|
85
|
-
throw
|
|
85
|
+
throw rpcErrors.invalidParams({
|
|
86
86
|
message: 'Expected a valid cronjob specification array.'
|
|
87
87
|
});
|
|
88
88
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../src/snaps/endowments/cronjob.ts"],"sourcesContent":["import type {\n PermissionSpecificationBuilder,\n EndowmentGetterParams,\n ValidPermissionSpecification,\n PermissionConstraint,\n Caveat,\n CaveatSpecificationConstraint,\n} from '@metamask/permission-controller';\nimport { PermissionType, SubjectType } from '@metamask/permission-controller';\nimport type { CronjobSpecification } from '@metamask/snaps-utils';\nimport {\n SnapCaveatType,\n isCronjobSpecificationArray,\n} from '@metamask/snaps-utils';\nimport type { Json, NonEmptyArray } from '@metamask/utils';\nimport { assert, hasProperty, isPlainObject } from '@metamask/utils';\
|
|
1
|
+
{"version":3,"sources":["../../../../src/snaps/endowments/cronjob.ts"],"sourcesContent":["import type {\n PermissionSpecificationBuilder,\n EndowmentGetterParams,\n ValidPermissionSpecification,\n PermissionConstraint,\n Caveat,\n CaveatSpecificationConstraint,\n} from '@metamask/permission-controller';\nimport { PermissionType, SubjectType } from '@metamask/permission-controller';\nimport { rpcErrors } from '@metamask/rpc-errors';\nimport type { CronjobSpecification } from '@metamask/snaps-utils';\nimport {\n SnapCaveatType,\n isCronjobSpecificationArray,\n} from '@metamask/snaps-utils';\nimport type { Json, NonEmptyArray } from '@metamask/utils';\nimport { assert, hasProperty, isPlainObject } from '@metamask/utils';\n\nimport { SnapEndowments } from './enum';\n\nconst permissionName = SnapEndowments.Cronjob;\n\ntype CronjobEndowmentSpecification = ValidPermissionSpecification<{\n permissionType: PermissionType.Endowment;\n targetName: typeof permissionName;\n endowmentGetter: (_options?: any) => undefined;\n allowedCaveats: Readonly<NonEmptyArray<string>> | null;\n}>;\n\n/**\n * `endowment:cronjob` returns nothing; it is intended to be used as a flag to determine whether the snap wants to run cronjobs.\n *\n * @param _builderOptions - Optional specification builder options.\n * @returns The specification for the cronjob endowment.\n */\nconst specificationBuilder: PermissionSpecificationBuilder<\n PermissionType.Endowment,\n any,\n CronjobEndowmentSpecification\n> = (_builderOptions?: any) => {\n return {\n permissionType: PermissionType.Endowment,\n targetName: permissionName,\n allowedCaveats: [SnapCaveatType.SnapCronjob],\n endowmentGetter: (_getterOptions?: EndowmentGetterParams) => undefined,\n subjectTypes: [SubjectType.Snap],\n };\n};\n\nexport const cronjobEndowmentBuilder = Object.freeze({\n targetName: permissionName,\n specificationBuilder,\n} as const);\n\n/**\n * Map a raw value from the `initialPermissions` to a caveat specification.\n * Note that this function does not do any validation, that's handled by the\n * PermissionsController when the permission is requested.\n *\n * @param value - The raw value from the `initialPermissions`.\n * @returns The caveat specification.\n */\nexport function getCronjobCaveatMapper(\n value: Json,\n): Pick<PermissionConstraint, 'caveats'> {\n return {\n caveats: [\n {\n type: SnapCaveatType.SnapCronjob,\n value,\n },\n ],\n };\n}\n\n/**\n * Getter function to get the cronjobs from a permission.\n *\n * This does basic validation of the caveat, but does not validate the type or\n * value of the namespaces object itself, as this is handled by the\n * `PermissionsController` when the permission is requested.\n *\n * @param permission - The permission to get the keyring namespaces from.\n * @returns The cronjobs, or `null` if the permission does not have a\n * cronjob caveat.\n */\nexport function getCronjobCaveatJobs(\n permission?: PermissionConstraint,\n): CronjobSpecification[] | null {\n if (!permission?.caveats) {\n return null;\n }\n\n assert(permission.caveats.length === 1);\n assert(permission.caveats[0].type === SnapCaveatType.SnapCronjob);\n\n const caveat = permission.caveats[0] as Caveat<string, { jobs: Json[] }>;\n\n return (caveat.value?.jobs as CronjobSpecification[]) ?? null;\n}\n\n/**\n * Validate the cronjob specification values associated with a caveat.\n * This validates that the value is a non-empty array with valid\n * cronjob expression and request object.\n *\n * @param caveat - The caveat to validate.\n * @throws If the value is invalid.\n */\nexport function validateCronjobCaveat(caveat: Caveat<string, any>) {\n if (!hasProperty(caveat, 'value') || !isPlainObject(caveat.value)) {\n throw rpcErrors.invalidParams({\n message: 'Expected a plain object.',\n });\n }\n\n const { value } = caveat;\n\n if (!hasProperty(value, 'jobs') || !isPlainObject(value)) {\n throw rpcErrors.invalidParams({\n message: 'Expected a plain object.',\n });\n }\n\n if (!isCronjobSpecificationArray(value.jobs)) {\n throw rpcErrors.invalidParams({\n message: 'Expected a valid cronjob specification array.',\n });\n }\n}\n\n/**\n * Caveat specification for the Cronjob.\n */\nexport const cronjobCaveatSpecifications: Record<\n SnapCaveatType.SnapCronjob,\n CaveatSpecificationConstraint\n> = {\n [SnapCaveatType.SnapCronjob]: Object.freeze({\n type: SnapCaveatType.SnapCronjob,\n validator: (caveat) => validateCronjobCaveat(caveat),\n }),\n};\n"],"names":["PermissionType","SubjectType","rpcErrors","SnapCaveatType","isCronjobSpecificationArray","assert","hasProperty","isPlainObject","SnapEndowments","permissionName","Cronjob","specificationBuilder","_builderOptions","permissionType","Endowment","targetName","allowedCaveats","SnapCronjob","endowmentGetter","_getterOptions","undefined","subjectTypes","Snap","cronjobEndowmentBuilder","Object","freeze","getCronjobCaveatMapper","value","caveats","type","getCronjobCaveatJobs","permission","length","caveat","jobs","validateCronjobCaveat","invalidParams","message","cronjobCaveatSpecifications","validator"],"mappings":"AAQA,SAASA,cAAc,EAAEC,WAAW,QAAQ,kCAAkC;AAC9E,SAASC,SAAS,QAAQ,uBAAuB;AAEjD,SACEC,cAAc,EACdC,2BAA2B,QACtB,wBAAwB;AAE/B,SAASC,MAAM,EAAEC,WAAW,EAAEC,aAAa,QAAQ,kBAAkB;AAErE,SAASC,cAAc,QAAQ,SAAS;AAExC,MAAMC,iBAAiBD,eAAeE,OAAO;AAS7C;;;;;CAKC,GACD,MAAMC,uBAIF,CAACC;IACH,OAAO;QACLC,gBAAgBb,eAAec,SAAS;QACxCC,YAAYN;QACZO,gBAAgB;YAACb,eAAec,WAAW;SAAC;QAC5CC,iBAAiB,CAACC,iBAA2CC;QAC7DC,cAAc;YAACpB,YAAYqB,IAAI;SAAC;IAClC;AACF;AAEA,OAAO,MAAMC,0BAA0BC,OAAOC,MAAM,CAAC;IACnDV,YAAYN;IACZE;AACF,GAAY;AAEZ;;;;;;;CAOC,GACD,OAAO,SAASe,uBACdC,KAAW;IAEX,OAAO;QACLC,SAAS;YACP;gBACEC,MAAM1B,eAAec,WAAW;gBAChCU;YACF;SACD;IACH;AACF;AAEA;;;;;;;;;;CAUC,GACD,OAAO,SAASG,qBACdC,UAAiC;IAEjC,IAAI,CAACA,YAAYH,SAAS;QACxB,OAAO;IACT;IAEAvB,OAAO0B,WAAWH,OAAO,CAACI,MAAM,KAAK;IACrC3B,OAAO0B,WAAWH,OAAO,CAAC,EAAE,CAACC,IAAI,KAAK1B,eAAec,WAAW;IAEhE,MAAMgB,SAASF,WAAWH,OAAO,CAAC,EAAE;IAEpC,OAAO,CAACK,OAAON,KAAK,EAAEO,IAA8B,KAAK;AAC3D;AAEA;;;;;;;CAOC,GACD,OAAO,SAASC,sBAAsBF,MAA2B;IAC/D,IAAI,CAAC3B,YAAY2B,QAAQ,YAAY,CAAC1B,cAAc0B,OAAON,KAAK,GAAG;QACjE,MAAMzB,UAAUkC,aAAa,CAAC;YAC5BC,SAAS;QACX;IACF;IAEA,MAAM,EAAEV,KAAK,EAAE,GAAGM;IAElB,IAAI,CAAC3B,YAAYqB,OAAO,WAAW,CAACpB,cAAcoB,QAAQ;QACxD,MAAMzB,UAAUkC,aAAa,CAAC;YAC5BC,SAAS;QACX;IACF;IAEA,IAAI,CAACjC,4BAA4BuB,MAAMO,IAAI,GAAG;QAC5C,MAAMhC,UAAUkC,aAAa,CAAC;YAC5BC,SAAS;QACX;IACF;AACF;AAEA;;CAEC,GACD,OAAO,MAAMC,8BAGT;IACF,CAACnC,eAAec,WAAW,CAAC,EAAEO,OAAOC,MAAM,CAAC;QAC1CI,MAAM1B,eAAec,WAAW;QAChCsB,WAAW,CAACN,SAAWE,sBAAsBF;IAC/C;AACF,EAAE"}
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import { PermissionType, SubjectType } from '@metamask/permission-controller';
|
|
2
|
+
import { rpcErrors } from '@metamask/rpc-errors';
|
|
2
3
|
import { assertIsKeyringOrigins, SnapCaveatType } from '@metamask/snaps-utils';
|
|
3
4
|
import { assert, hasProperty, isPlainObject } from '@metamask/utils';
|
|
4
|
-
import { ethErrors } from 'eth-rpc-errors';
|
|
5
5
|
import { SnapEndowments } from './enum';
|
|
6
6
|
const permissionName = SnapEndowments.Keyring;
|
|
7
7
|
/**
|
|
@@ -20,7 +20,7 @@ const permissionName = SnapEndowments.Keyring;
|
|
|
20
20
|
endowmentGetter: (_getterOptions)=>undefined,
|
|
21
21
|
validator: ({ caveats })=>{
|
|
22
22
|
if (caveats?.length !== 1 || caveats[0].type !== SnapCaveatType.KeyringOrigin) {
|
|
23
|
-
throw
|
|
23
|
+
throw rpcErrors.invalidParams({
|
|
24
24
|
message: `Expected a single "${SnapCaveatType.KeyringOrigin}" caveat.`
|
|
25
25
|
});
|
|
26
26
|
}
|
|
@@ -42,12 +42,12 @@ export const keyringEndowmentBuilder = Object.freeze({
|
|
|
42
42
|
* @throws If the caveat value is invalid.
|
|
43
43
|
*/ function validateCaveatOrigins(caveat) {
|
|
44
44
|
if (!hasProperty(caveat, 'value') || !isPlainObject(caveat.value)) {
|
|
45
|
-
throw
|
|
45
|
+
throw rpcErrors.invalidParams({
|
|
46
46
|
message: 'Invalid keyring origins: Expected a plain object.'
|
|
47
47
|
});
|
|
48
48
|
}
|
|
49
49
|
const { value } = caveat;
|
|
50
|
-
assertIsKeyringOrigins(value,
|
|
50
|
+
assertIsKeyringOrigins(value, rpcErrors.invalidParams);
|
|
51
51
|
}
|
|
52
52
|
/**
|
|
53
53
|
* Map a raw value from the `initialPermissions` to a caveat specification.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../src/snaps/endowments/keyring.ts"],"sourcesContent":["import type {\n Caveat,\n CaveatSpecificationConstraint,\n EndowmentGetterParams,\n PermissionConstraint,\n PermissionSpecificationBuilder,\n PermissionValidatorConstraint,\n ValidPermissionSpecification,\n} from '@metamask/permission-controller';\nimport { PermissionType, SubjectType } from '@metamask/permission-controller';\nimport type { KeyringOrigins } from '@metamask/snaps-utils';\nimport { assertIsKeyringOrigins, SnapCaveatType } from '@metamask/snaps-utils';\nimport type { Json, NonEmptyArray } from '@metamask/utils';\nimport { assert, hasProperty, isPlainObject } from '@metamask/utils';\
|
|
1
|
+
{"version":3,"sources":["../../../../src/snaps/endowments/keyring.ts"],"sourcesContent":["import type {\n Caveat,\n CaveatSpecificationConstraint,\n EndowmentGetterParams,\n PermissionConstraint,\n PermissionSpecificationBuilder,\n PermissionValidatorConstraint,\n ValidPermissionSpecification,\n} from '@metamask/permission-controller';\nimport { PermissionType, SubjectType } from '@metamask/permission-controller';\nimport { rpcErrors } from '@metamask/rpc-errors';\nimport type { KeyringOrigins } from '@metamask/snaps-utils';\nimport { assertIsKeyringOrigins, SnapCaveatType } from '@metamask/snaps-utils';\nimport type { Json, NonEmptyArray } from '@metamask/utils';\nimport { assert, hasProperty, isPlainObject } from '@metamask/utils';\n\nimport { SnapEndowments } from './enum';\n\nconst permissionName = SnapEndowments.Keyring;\n\ntype KeyringEndowmentSpecification = ValidPermissionSpecification<{\n permissionType: PermissionType.Endowment;\n targetName: typeof permissionName;\n endowmentGetter: (_options?: EndowmentGetterParams) => undefined;\n allowedCaveats: Readonly<NonEmptyArray<string>> | null;\n validator: PermissionValidatorConstraint;\n subjectTypes: readonly SubjectType[];\n}>;\n\n/**\n * `endowment:keyring` returns nothing; it is intended to be used as a flag\n * by the client to detect whether the snap has keyring capabilities.\n *\n * @param _builderOptions - Optional specification builder options.\n * @returns The specification for the keyring endowment.\n */\nconst specificationBuilder: PermissionSpecificationBuilder<\n PermissionType.Endowment,\n any,\n KeyringEndowmentSpecification\n> = (_builderOptions?: unknown) => {\n return {\n permissionType: PermissionType.Endowment,\n targetName: permissionName,\n allowedCaveats: [SnapCaveatType.KeyringOrigin],\n endowmentGetter: (_getterOptions?: EndowmentGetterParams) => undefined,\n validator: ({ caveats }) => {\n if (\n caveats?.length !== 1 ||\n caveats[0].type !== SnapCaveatType.KeyringOrigin\n ) {\n throw rpcErrors.invalidParams({\n message: `Expected a single \"${SnapCaveatType.KeyringOrigin}\" caveat.`,\n });\n }\n },\n subjectTypes: [SubjectType.Snap],\n };\n};\n\nexport const keyringEndowmentBuilder = Object.freeze({\n targetName: permissionName,\n specificationBuilder,\n} as const);\n\n/**\n * Validate the value of a caveat. This does not validate the type of the\n * caveat itself, only the value of the caveat.\n *\n * @param caveat - The caveat to validate.\n * @throws If the caveat value is invalid.\n */\nfunction validateCaveatOrigins(caveat: Caveat<string, any>) {\n if (!hasProperty(caveat, 'value') || !isPlainObject(caveat.value)) {\n throw rpcErrors.invalidParams({\n message: 'Invalid keyring origins: Expected a plain object.',\n });\n }\n\n const { value } = caveat;\n assertIsKeyringOrigins(value, rpcErrors.invalidParams);\n}\n\n/**\n * Map a raw value from the `initialPermissions` to a caveat specification.\n * Note that this function does not do any validation, that's handled by the\n * PermissionsController when the permission is requested.\n *\n * @param value - The raw value from the `initialPermissions`.\n * @returns The caveat specification.\n */\nexport function getKeyringCaveatMapper(\n value: Json,\n): Pick<PermissionConstraint, 'caveats'> {\n return {\n caveats: [\n {\n type: SnapCaveatType.KeyringOrigin,\n value,\n },\n ],\n };\n}\n\n/**\n * Getter function to get the {@link KeyringOrigins} caveat value from a\n * permission.\n *\n * @param permission - The permission to get the caveat value from.\n * @returns The caveat value.\n * @throws If the permission does not have a valid {@link KeyringOrigins}\n * caveat.\n */\nexport function getKeyringCaveatOrigins(\n permission?: PermissionConstraint,\n): KeyringOrigins | null {\n assert(permission?.caveats);\n assert(permission.caveats.length === 1);\n assert(permission.caveats[0].type === SnapCaveatType.KeyringOrigin);\n\n const caveat = permission.caveats[0] as Caveat<string, KeyringOrigins>;\n return caveat.value;\n}\n\nexport const keyringCaveatSpecifications: Record<\n SnapCaveatType.KeyringOrigin,\n CaveatSpecificationConstraint\n> = {\n [SnapCaveatType.KeyringOrigin]: Object.freeze({\n type: SnapCaveatType.KeyringOrigin,\n validator: (caveat: Caveat<string, any>) => validateCaveatOrigins(caveat),\n }),\n};\n"],"names":["PermissionType","SubjectType","rpcErrors","assertIsKeyringOrigins","SnapCaveatType","assert","hasProperty","isPlainObject","SnapEndowments","permissionName","Keyring","specificationBuilder","_builderOptions","permissionType","Endowment","targetName","allowedCaveats","KeyringOrigin","endowmentGetter","_getterOptions","undefined","validator","caveats","length","type","invalidParams","message","subjectTypes","Snap","keyringEndowmentBuilder","Object","freeze","validateCaveatOrigins","caveat","value","getKeyringCaveatMapper","getKeyringCaveatOrigins","permission","keyringCaveatSpecifications"],"mappings":"AASA,SAASA,cAAc,EAAEC,WAAW,QAAQ,kCAAkC;AAC9E,SAASC,SAAS,QAAQ,uBAAuB;AAEjD,SAASC,sBAAsB,EAAEC,cAAc,QAAQ,wBAAwB;AAE/E,SAASC,MAAM,EAAEC,WAAW,EAAEC,aAAa,QAAQ,kBAAkB;AAErE,SAASC,cAAc,QAAQ,SAAS;AAExC,MAAMC,iBAAiBD,eAAeE,OAAO;AAW7C;;;;;;CAMC,GACD,MAAMC,uBAIF,CAACC;IACH,OAAO;QACLC,gBAAgBb,eAAec,SAAS;QACxCC,YAAYN;QACZO,gBAAgB;YAACZ,eAAea,aAAa;SAAC;QAC9CC,iBAAiB,CAACC,iBAA2CC;QAC7DC,WAAW,CAAC,EAAEC,OAAO,EAAE;YACrB,IACEA,SAASC,WAAW,KACpBD,OAAO,CAAC,EAAE,CAACE,IAAI,KAAKpB,eAAea,aAAa,EAChD;gBACA,MAAMf,UAAUuB,aAAa,CAAC;oBAC5BC,SAAS,CAAC,mBAAmB,EAAEtB,eAAea,aAAa,CAAC,SAAS,CAAC;gBACxE;YACF;QACF;QACAU,cAAc;YAAC1B,YAAY2B,IAAI;SAAC;IAClC;AACF;AAEA,OAAO,MAAMC,0BAA0BC,OAAOC,MAAM,CAAC;IACnDhB,YAAYN;IACZE;AACF,GAAY;AAEZ;;;;;;CAMC,GACD,SAASqB,sBAAsBC,MAA2B;IACxD,IAAI,CAAC3B,YAAY2B,QAAQ,YAAY,CAAC1B,cAAc0B,OAAOC,KAAK,GAAG;QACjE,MAAMhC,UAAUuB,aAAa,CAAC;YAC5BC,SAAS;QACX;IACF;IAEA,MAAM,EAAEQ,KAAK,EAAE,GAAGD;IAClB9B,uBAAuB+B,OAAOhC,UAAUuB,aAAa;AACvD;AAEA;;;;;;;CAOC,GACD,OAAO,SAASU,uBACdD,KAAW;IAEX,OAAO;QACLZ,SAAS;YACP;gBACEE,MAAMpB,eAAea,aAAa;gBAClCiB;YACF;SACD;IACH;AACF;AAEA;;;;;;;;CAQC,GACD,OAAO,SAASE,wBACdC,UAAiC;IAEjChC,OAAOgC,YAAYf;IACnBjB,OAAOgC,WAAWf,OAAO,CAACC,MAAM,KAAK;IACrClB,OAAOgC,WAAWf,OAAO,CAAC,EAAE,CAACE,IAAI,KAAKpB,eAAea,aAAa;IAElE,MAAMgB,SAASI,WAAWf,OAAO,CAAC,EAAE;IACpC,OAAOW,OAAOC,KAAK;AACrB;AAEA,OAAO,MAAMI,8BAGT;IACF,CAAClC,eAAea,aAAa,CAAC,EAAEa,OAAOC,MAAM,CAAC;QAC5CP,MAAMpB,eAAea,aAAa;QAClCI,WAAW,CAACY,SAAgCD,sBAAsBC;IACpE;AACF,EAAE"}
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import { PermissionType, SubjectType } from '@metamask/permission-controller';
|
|
2
|
+
import { rpcErrors } from '@metamask/rpc-errors';
|
|
2
3
|
import { SnapCaveatType, isChainId } from '@metamask/snaps-utils';
|
|
3
4
|
import { assert, hasProperty, isPlainObject } from '@metamask/utils';
|
|
4
|
-
import { ethErrors } from 'eth-rpc-errors';
|
|
5
5
|
import { SnapEndowments } from './enum';
|
|
6
6
|
const permissionName = SnapEndowments.NameLookup;
|
|
7
7
|
/**
|
|
@@ -20,7 +20,7 @@ const permissionName = SnapEndowments.NameLookup;
|
|
|
20
20
|
endowmentGetter: (_getterOptions)=>undefined,
|
|
21
21
|
validator: ({ caveats })=>{
|
|
22
22
|
if (!caveats || caveats !== null && caveats?.length > 1 || caveats?.length === 1 && caveats[0].type !== SnapCaveatType.ChainIds) {
|
|
23
|
-
throw
|
|
23
|
+
throw rpcErrors.invalidParams({
|
|
24
24
|
message: `Expected a single "${SnapCaveatType.ChainIds}" caveat.`
|
|
25
25
|
});
|
|
26
26
|
}
|
|
@@ -41,7 +41,7 @@ export const nameLookupEndowmentBuilder = Object.freeze({
|
|
|
41
41
|
* @throws If the caveat value is invalid.
|
|
42
42
|
*/ function validateCaveat(caveat) {
|
|
43
43
|
if (!hasProperty(caveat, 'value') || !isPlainObject(caveat)) {
|
|
44
|
-
throw
|
|
44
|
+
throw rpcErrors.invalidParams({
|
|
45
45
|
message: 'Expected a plain object.'
|
|
46
46
|
});
|
|
47
47
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../src/snaps/endowments/name-lookup.ts"],"sourcesContent":["import type {\n EndowmentGetterParams,\n PermissionSpecificationBuilder,\n PermissionValidatorConstraint,\n ValidPermissionSpecification,\n Caveat,\n CaveatSpecificationConstraint,\n PermissionConstraint,\n} from '@metamask/permission-controller';\nimport { PermissionType, SubjectType } from '@metamask/permission-controller';\nimport { SnapCaveatType, isChainId } from '@metamask/snaps-utils';\nimport type { Json, NonEmptyArray } from '@metamask/utils';\nimport { assert, hasProperty, isPlainObject } from '@metamask/utils';\
|
|
1
|
+
{"version":3,"sources":["../../../../src/snaps/endowments/name-lookup.ts"],"sourcesContent":["import type {\n EndowmentGetterParams,\n PermissionSpecificationBuilder,\n PermissionValidatorConstraint,\n ValidPermissionSpecification,\n Caveat,\n CaveatSpecificationConstraint,\n PermissionConstraint,\n} from '@metamask/permission-controller';\nimport { PermissionType, SubjectType } from '@metamask/permission-controller';\nimport { rpcErrors } from '@metamask/rpc-errors';\nimport { SnapCaveatType, isChainId } from '@metamask/snaps-utils';\nimport type { Json, NonEmptyArray } from '@metamask/utils';\nimport { assert, hasProperty, isPlainObject } from '@metamask/utils';\n\nimport { SnapEndowments } from './enum';\n\nconst permissionName = SnapEndowments.NameLookup;\n\ntype NameLookupEndowmentSpecification = ValidPermissionSpecification<{\n permissionType: PermissionType.Endowment;\n targetName: typeof permissionName;\n endowmentGetter: (_options?: EndowmentGetterParams) => undefined;\n allowedCaveats: Readonly<NonEmptyArray<string>> | null;\n validator: PermissionValidatorConstraint;\n}>;\n\n/**\n * `endowment:name-lookup` returns nothing; it is intended to be used as a flag\n * by the extension to detect whether the snap has the capability to resolve a domain/address.\n *\n * @param _builderOptions - Optional specification builder options.\n * @returns The specification for the name-lookup endowment.\n */\nconst specificationBuilder: PermissionSpecificationBuilder<\n PermissionType.Endowment,\n any,\n NameLookupEndowmentSpecification\n> = (_builderOptions?: unknown) => {\n return {\n permissionType: PermissionType.Endowment,\n targetName: permissionName,\n allowedCaveats: [SnapCaveatType.ChainIds],\n endowmentGetter: (_getterOptions?: EndowmentGetterParams) => undefined,\n validator: ({ caveats }) => {\n if (\n !caveats ||\n (caveats !== null && caveats?.length > 1) ||\n (caveats?.length === 1 && caveats[0].type !== SnapCaveatType.ChainIds)\n ) {\n throw rpcErrors.invalidParams({\n message: `Expected a single \"${SnapCaveatType.ChainIds}\" caveat.`,\n });\n }\n },\n subjectTypes: [SubjectType.Snap],\n };\n};\n\nexport const nameLookupEndowmentBuilder = Object.freeze({\n targetName: permissionName,\n specificationBuilder,\n} as const);\n\n/**\n * Validates the type of the caveat value.\n *\n * @param caveat - The caveat to validate.\n * @throws If the caveat value is invalid.\n */\nfunction validateCaveat(caveat: Caveat<string, any>): void {\n if (!hasProperty(caveat, 'value') || !isPlainObject(caveat)) {\n throw rpcErrors.invalidParams({\n message: 'Expected a plain object.',\n });\n }\n\n const { value } = caveat;\n\n assert(\n Array.isArray(value) && value.every((val) => isChainId(val)),\n 'Expected caveat value to have type \"string array\"',\n );\n}\n\n/**\n * Map a raw value from the `initialPermissions` to a caveat specification.\n * Note that this function does not do any validation, that's handled by the\n * PermissionsController when the permission is requested.\n *\n * @param value - The raw value from the `initialPermissions`.\n * @returns The caveat specification.\n */\nexport function getNameLookupCaveatMapper(\n value: Json,\n): Pick<PermissionConstraint, 'caveats'> {\n if (\n !value ||\n !Array.isArray(value) ||\n (Array.isArray(value) && value.length === 0)\n ) {\n return { caveats: null };\n }\n return {\n caveats: [\n {\n type: SnapCaveatType.ChainIds,\n value,\n },\n ],\n };\n}\n\n/**\n * Getter function to get the chainIds caveat from a permission.\n *\n * This does basic validation of the caveat, but does not validate the type or\n * value of the namespaces object itself, as this is handled by the\n * `PermissionsController` when the permission is requested.\n *\n * @param permission - The permission to get the `chainIds` caveat from.\n * @returns An array of `chainIds` that the snap supports.\n */\nexport function getChainIdsCaveat(\n permission?: PermissionConstraint,\n): string[] | null {\n if (!permission?.caveats) {\n return null;\n }\n\n assert(permission.caveats.length === 1);\n assert(permission.caveats[0].type === SnapCaveatType.ChainIds);\n\n const caveat = permission.caveats[0] as Caveat<string, string[]>;\n\n return caveat.value ?? null;\n}\n\nexport const nameLookupCaveatSpecifications: Record<\n SnapCaveatType.ChainIds,\n CaveatSpecificationConstraint\n> = {\n [SnapCaveatType.ChainIds]: Object.freeze({\n type: SnapCaveatType.ChainIds,\n validator: (caveat: Caveat<string, any>) => validateCaveat(caveat),\n }),\n};\n"],"names":["PermissionType","SubjectType","rpcErrors","SnapCaveatType","isChainId","assert","hasProperty","isPlainObject","SnapEndowments","permissionName","NameLookup","specificationBuilder","_builderOptions","permissionType","Endowment","targetName","allowedCaveats","ChainIds","endowmentGetter","_getterOptions","undefined","validator","caveats","length","type","invalidParams","message","subjectTypes","Snap","nameLookupEndowmentBuilder","Object","freeze","validateCaveat","caveat","value","Array","isArray","every","val","getNameLookupCaveatMapper","getChainIdsCaveat","permission","nameLookupCaveatSpecifications"],"mappings":"AASA,SAASA,cAAc,EAAEC,WAAW,QAAQ,kCAAkC;AAC9E,SAASC,SAAS,QAAQ,uBAAuB;AACjD,SAASC,cAAc,EAAEC,SAAS,QAAQ,wBAAwB;AAElE,SAASC,MAAM,EAAEC,WAAW,EAAEC,aAAa,QAAQ,kBAAkB;AAErE,SAASC,cAAc,QAAQ,SAAS;AAExC,MAAMC,iBAAiBD,eAAeE,UAAU;AAUhD;;;;;;CAMC,GACD,MAAMC,uBAIF,CAACC;IACH,OAAO;QACLC,gBAAgBb,eAAec,SAAS;QACxCC,YAAYN;QACZO,gBAAgB;YAACb,eAAec,QAAQ;SAAC;QACzCC,iBAAiB,CAACC,iBAA2CC;QAC7DC,WAAW,CAAC,EAAEC,OAAO,EAAE;YACrB,IACE,CAACA,WACAA,YAAY,QAAQA,SAASC,SAAS,KACtCD,SAASC,WAAW,KAAKD,OAAO,CAAC,EAAE,CAACE,IAAI,KAAKrB,eAAec,QAAQ,EACrE;gBACA,MAAMf,UAAUuB,aAAa,CAAC;oBAC5BC,SAAS,CAAC,mBAAmB,EAAEvB,eAAec,QAAQ,CAAC,SAAS,CAAC;gBACnE;YACF;QACF;QACAU,cAAc;YAAC1B,YAAY2B,IAAI;SAAC;IAClC;AACF;AAEA,OAAO,MAAMC,6BAA6BC,OAAOC,MAAM,CAAC;IACtDhB,YAAYN;IACZE;AACF,GAAY;AAEZ;;;;;CAKC,GACD,SAASqB,eAAeC,MAA2B;IACjD,IAAI,CAAC3B,YAAY2B,QAAQ,YAAY,CAAC1B,cAAc0B,SAAS;QAC3D,MAAM/B,UAAUuB,aAAa,CAAC;YAC5BC,SAAS;QACX;IACF;IAEA,MAAM,EAAEQ,KAAK,EAAE,GAAGD;IAElB5B,OACE8B,MAAMC,OAAO,CAACF,UAAUA,MAAMG,KAAK,CAAC,CAACC,MAAQlC,UAAUkC,OACvD;AAEJ;AAEA;;;;;;;CAOC,GACD,OAAO,SAASC,0BACdL,KAAW;IAEX,IACE,CAACA,SACD,CAACC,MAAMC,OAAO,CAACF,UACdC,MAAMC,OAAO,CAACF,UAAUA,MAAMX,MAAM,KAAK,GAC1C;QACA,OAAO;YAAED,SAAS;QAAK;IACzB;IACA,OAAO;QACLA,SAAS;YACP;gBACEE,MAAMrB,eAAec,QAAQ;gBAC7BiB;YACF;SACD;IACH;AACF;AAEA;;;;;;;;;CASC,GACD,OAAO,SAASM,kBACdC,UAAiC;IAEjC,IAAI,CAACA,YAAYnB,SAAS;QACxB,OAAO;IACT;IAEAjB,OAAOoC,WAAWnB,OAAO,CAACC,MAAM,KAAK;IACrClB,OAAOoC,WAAWnB,OAAO,CAAC,EAAE,CAACE,IAAI,KAAKrB,eAAec,QAAQ;IAE7D,MAAMgB,SAASQ,WAAWnB,OAAO,CAAC,EAAE;IAEpC,OAAOW,OAAOC,KAAK,IAAI;AACzB;AAEA,OAAO,MAAMQ,iCAGT;IACF,CAACvC,eAAec,QAAQ,CAAC,EAAEa,OAAOC,MAAM,CAAC;QACvCP,MAAMrB,eAAec,QAAQ;QAC7BI,WAAW,CAACY,SAAgCD,eAAeC;IAC7D;AACF,EAAE"}
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import { PermissionType, SubjectType } from '@metamask/permission-controller';
|
|
2
|
+
import { rpcErrors } from '@metamask/rpc-errors';
|
|
2
3
|
import { assertIsRpcOrigins, SnapCaveatType } from '@metamask/snaps-utils';
|
|
3
4
|
import { hasProperty, isPlainObject, assert } from '@metamask/utils';
|
|
4
|
-
import { ethErrors } from 'eth-rpc-errors';
|
|
5
5
|
import { SnapEndowments } from './enum';
|
|
6
6
|
const targetName = SnapEndowments.Rpc;
|
|
7
7
|
/**
|
|
@@ -19,7 +19,7 @@ const targetName = SnapEndowments.Rpc;
|
|
|
19
19
|
endowmentGetter: (_getterOptions)=>undefined,
|
|
20
20
|
validator: ({ caveats })=>{
|
|
21
21
|
if (caveats?.length !== 1 || caveats[0].type !== SnapCaveatType.RpcOrigin) {
|
|
22
|
-
throw
|
|
22
|
+
throw rpcErrors.invalidParams({
|
|
23
23
|
message: `Expected a single "${SnapCaveatType.RpcOrigin}" caveat.`
|
|
24
24
|
});
|
|
25
25
|
}
|
|
@@ -41,12 +41,12 @@ export const rpcEndowmentBuilder = Object.freeze({
|
|
|
41
41
|
* @throws If the caveat value is invalid.
|
|
42
42
|
*/ function validateCaveatOrigins(caveat) {
|
|
43
43
|
if (!hasProperty(caveat, 'value') || !isPlainObject(caveat.value)) {
|
|
44
|
-
throw
|
|
44
|
+
throw rpcErrors.invalidParams({
|
|
45
45
|
message: 'Invalid JSON-RPC origins: Expected a plain object.'
|
|
46
46
|
});
|
|
47
47
|
}
|
|
48
48
|
const { value } = caveat;
|
|
49
|
-
assertIsRpcOrigins(value,
|
|
49
|
+
assertIsRpcOrigins(value, rpcErrors.invalidParams);
|
|
50
50
|
}
|
|
51
51
|
/**
|
|
52
52
|
* Map a raw value from the `initialPermissions` to a caveat specification.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../src/snaps/endowments/rpc.ts"],"sourcesContent":["import type {\n Caveat,\n CaveatSpecificationConstraint,\n EndowmentGetterParams,\n PermissionConstraint,\n PermissionSpecificationBuilder,\n PermissionValidatorConstraint,\n ValidPermissionSpecification,\n} from '@metamask/permission-controller';\nimport { PermissionType, SubjectType } from '@metamask/permission-controller';\nimport type { RpcOrigins } from '@metamask/snaps-utils';\nimport { assertIsRpcOrigins, SnapCaveatType } from '@metamask/snaps-utils';\nimport type { Json, NonEmptyArray } from '@metamask/utils';\nimport { hasProperty, isPlainObject, assert } from '@metamask/utils';\
|
|
1
|
+
{"version":3,"sources":["../../../../src/snaps/endowments/rpc.ts"],"sourcesContent":["import type {\n Caveat,\n CaveatSpecificationConstraint,\n EndowmentGetterParams,\n PermissionConstraint,\n PermissionSpecificationBuilder,\n PermissionValidatorConstraint,\n ValidPermissionSpecification,\n} from '@metamask/permission-controller';\nimport { PermissionType, SubjectType } from '@metamask/permission-controller';\nimport { rpcErrors } from '@metamask/rpc-errors';\nimport type { RpcOrigins } from '@metamask/snaps-utils';\nimport { assertIsRpcOrigins, SnapCaveatType } from '@metamask/snaps-utils';\nimport type { Json, NonEmptyArray } from '@metamask/utils';\nimport { hasProperty, isPlainObject, assert } from '@metamask/utils';\n\nimport { SnapEndowments } from './enum';\n\nconst targetName = SnapEndowments.Rpc;\n\ntype RpcSpecification = ValidPermissionSpecification<{\n permissionType: PermissionType.Endowment;\n targetName: typeof targetName;\n endowmentGetter: (_options?: any) => undefined;\n allowedCaveats: Readonly<NonEmptyArray<string>> | null;\n validator: PermissionValidatorConstraint;\n subjectTypes: readonly SubjectType[];\n}>;\n\ntype RpcSpecificationBuilderOptions = {\n // Empty for now.\n};\n\n/**\n * The specification builder for the JSON-RPC endowment permission.\n *\n * @param _builderOptions - Optional specification builder options.\n * @returns The specification for the JSON-RPC endowment permission.\n */\nconst specificationBuilder: PermissionSpecificationBuilder<\n PermissionType.Endowment,\n RpcSpecificationBuilderOptions,\n RpcSpecification\n> = (_builderOptions?: any): RpcSpecification => {\n return {\n permissionType: PermissionType.Endowment,\n targetName,\n allowedCaveats: [SnapCaveatType.RpcOrigin],\n endowmentGetter: (_getterOptions?: EndowmentGetterParams) => undefined,\n validator: ({ caveats }) => {\n if (\n caveats?.length !== 1 ||\n caveats[0].type !== SnapCaveatType.RpcOrigin\n ) {\n throw rpcErrors.invalidParams({\n message: `Expected a single \"${SnapCaveatType.RpcOrigin}\" caveat.`,\n });\n }\n },\n subjectTypes: [SubjectType.Snap],\n };\n};\n\nexport const rpcEndowmentBuilder = Object.freeze({\n targetName,\n specificationBuilder,\n} as const);\n\n/**\n * Validate the value of a caveat. This does not validate the type of the\n * caveat itself, only the value of the caveat.\n *\n * @param caveat - The caveat to validate.\n * @throws If the caveat value is invalid.\n */\nfunction validateCaveatOrigins(caveat: Caveat<string, any>) {\n if (!hasProperty(caveat, 'value') || !isPlainObject(caveat.value)) {\n throw rpcErrors.invalidParams({\n message: 'Invalid JSON-RPC origins: Expected a plain object.',\n });\n }\n\n const { value } = caveat;\n assertIsRpcOrigins(value, rpcErrors.invalidParams);\n}\n\n/**\n * Map a raw value from the `initialPermissions` to a caveat specification.\n * Note that this function does not do any validation, that's handled by the\n * PermissionsController when the permission is requested.\n *\n * @param value - The raw value from the `initialPermissions`.\n * @returns The caveat specification.\n */\nexport function getRpcCaveatMapper(\n value: Json,\n): Pick<PermissionConstraint, 'caveats'> {\n return {\n caveats: [\n {\n type: SnapCaveatType.RpcOrigin,\n value,\n },\n ],\n };\n}\n\n/**\n * Getter function to get the {@link RpcOrigins} caveat value from a permission.\n *\n * @param permission - The permission to get the caveat value from.\n * @returns The caveat value.\n * @throws If the permission does not have a valid {@link RpcOrigins} caveat.\n */\nexport function getRpcCaveatOrigins(\n permission?: PermissionConstraint,\n): RpcOrigins | null {\n assert(permission?.caveats);\n assert(permission.caveats.length === 1);\n assert(permission.caveats[0].type === SnapCaveatType.RpcOrigin);\n\n const caveat = permission.caveats[0] as Caveat<string, RpcOrigins>;\n return caveat.value;\n}\n\nexport const rpcCaveatSpecifications: Record<\n SnapCaveatType.RpcOrigin,\n CaveatSpecificationConstraint\n> = {\n [SnapCaveatType.RpcOrigin]: Object.freeze({\n type: SnapCaveatType.RpcOrigin,\n validator: (caveat: Caveat<string, any>) => validateCaveatOrigins(caveat),\n }),\n};\n"],"names":["PermissionType","SubjectType","rpcErrors","assertIsRpcOrigins","SnapCaveatType","hasProperty","isPlainObject","assert","SnapEndowments","targetName","Rpc","specificationBuilder","_builderOptions","permissionType","Endowment","allowedCaveats","RpcOrigin","endowmentGetter","_getterOptions","undefined","validator","caveats","length","type","invalidParams","message","subjectTypes","Snap","rpcEndowmentBuilder","Object","freeze","validateCaveatOrigins","caveat","value","getRpcCaveatMapper","getRpcCaveatOrigins","permission","rpcCaveatSpecifications"],"mappings":"AASA,SAASA,cAAc,EAAEC,WAAW,QAAQ,kCAAkC;AAC9E,SAASC,SAAS,QAAQ,uBAAuB;AAEjD,SAASC,kBAAkB,EAAEC,cAAc,QAAQ,wBAAwB;AAE3E,SAASC,WAAW,EAAEC,aAAa,EAAEC,MAAM,QAAQ,kBAAkB;AAErE,SAASC,cAAc,QAAQ,SAAS;AAExC,MAAMC,aAAaD,eAAeE,GAAG;AAerC;;;;;CAKC,GACD,MAAMC,uBAIF,CAACC;IACH,OAAO;QACLC,gBAAgBb,eAAec,SAAS;QACxCL;QACAM,gBAAgB;YAACX,eAAeY,SAAS;SAAC;QAC1CC,iBAAiB,CAACC,iBAA2CC;QAC7DC,WAAW,CAAC,EAAEC,OAAO,EAAE;YACrB,IACEA,SAASC,WAAW,KACpBD,OAAO,CAAC,EAAE,CAACE,IAAI,KAAKnB,eAAeY,SAAS,EAC5C;gBACA,MAAMd,UAAUsB,aAAa,CAAC;oBAC5BC,SAAS,CAAC,mBAAmB,EAAErB,eAAeY,SAAS,CAAC,SAAS,CAAC;gBACpE;YACF;QACF;QACAU,cAAc;YAACzB,YAAY0B,IAAI;SAAC;IAClC;AACF;AAEA,OAAO,MAAMC,sBAAsBC,OAAOC,MAAM,CAAC;IAC/CrB;IACAE;AACF,GAAY;AAEZ;;;;;;CAMC,GACD,SAASoB,sBAAsBC,MAA2B;IACxD,IAAI,CAAC3B,YAAY2B,QAAQ,YAAY,CAAC1B,cAAc0B,OAAOC,KAAK,GAAG;QACjE,MAAM/B,UAAUsB,aAAa,CAAC;YAC5BC,SAAS;QACX;IACF;IAEA,MAAM,EAAEQ,KAAK,EAAE,GAAGD;IAClB7B,mBAAmB8B,OAAO/B,UAAUsB,aAAa;AACnD;AAEA;;;;;;;CAOC,GACD,OAAO,SAASU,mBACdD,KAAW;IAEX,OAAO;QACLZ,SAAS;YACP;gBACEE,MAAMnB,eAAeY,SAAS;gBAC9BiB;YACF;SACD;IACH;AACF;AAEA;;;;;;CAMC,GACD,OAAO,SAASE,oBACdC,UAAiC;IAEjC7B,OAAO6B,YAAYf;IACnBd,OAAO6B,WAAWf,OAAO,CAACC,MAAM,KAAK;IACrCf,OAAO6B,WAAWf,OAAO,CAAC,EAAE,CAACE,IAAI,KAAKnB,eAAeY,SAAS;IAE9D,MAAMgB,SAASI,WAAWf,OAAO,CAAC,EAAE;IACpC,OAAOW,OAAOC,KAAK;AACrB;AAEA,OAAO,MAAMI,0BAGT;IACF,CAACjC,eAAeY,SAAS,CAAC,EAAEa,OAAOC,MAAM,CAAC;QACxCP,MAAMnB,eAAeY,SAAS;QAC9BI,WAAW,CAACY,SAAgCD,sBAAsBC;IACpE;AACF,EAAE"}
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import { PermissionType, SubjectType } from '@metamask/permission-controller';
|
|
2
|
+
import { rpcErrors } from '@metamask/rpc-errors';
|
|
2
3
|
import { SnapCaveatType } from '@metamask/snaps-utils';
|
|
3
4
|
import { assert, hasProperty, isObject, isPlainObject } from '@metamask/utils';
|
|
4
|
-
import { ethErrors } from 'eth-rpc-errors';
|
|
5
5
|
import { SnapEndowments } from './enum';
|
|
6
6
|
const permissionName = SnapEndowments.TransactionInsight;
|
|
7
7
|
/**
|
|
@@ -20,7 +20,7 @@ const permissionName = SnapEndowments.TransactionInsight;
|
|
|
20
20
|
endowmentGetter: (_getterOptions)=>undefined,
|
|
21
21
|
validator: ({ caveats })=>{
|
|
22
22
|
if (caveats !== null && caveats?.length > 1 || caveats?.length === 1 && caveats[0].type !== SnapCaveatType.TransactionOrigin) {
|
|
23
|
-
throw
|
|
23
|
+
throw rpcErrors.invalidParams({
|
|
24
24
|
message: `Expected a single "${SnapCaveatType.TransactionOrigin}" caveat.`
|
|
25
25
|
});
|
|
26
26
|
}
|
|
@@ -41,7 +41,7 @@ export const transactionInsightEndowmentBuilder = Object.freeze({
|
|
|
41
41
|
* @throws If the caveat value is invalid.
|
|
42
42
|
*/ function validateCaveat(caveat) {
|
|
43
43
|
if (!hasProperty(caveat, 'value') || !isPlainObject(caveat)) {
|
|
44
|
-
throw
|
|
44
|
+
throw rpcErrors.invalidParams({
|
|
45
45
|
message: 'Expected a plain object.'
|
|
46
46
|
});
|
|
47
47
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../src/snaps/endowments/transaction-insight.ts"],"sourcesContent":["import type {\n PermissionSpecificationBuilder,\n EndowmentGetterParams,\n ValidPermissionSpecification,\n PermissionValidatorConstraint,\n PermissionConstraint,\n CaveatSpecificationConstraint,\n Caveat,\n} from '@metamask/permission-controller';\nimport { PermissionType, SubjectType } from '@metamask/permission-controller';\nimport { SnapCaveatType } from '@metamask/snaps-utils';\nimport type { Json, NonEmptyArray } from '@metamask/utils';\nimport { assert, hasProperty, isObject, isPlainObject } from '@metamask/utils';\
|
|
1
|
+
{"version":3,"sources":["../../../../src/snaps/endowments/transaction-insight.ts"],"sourcesContent":["import type {\n PermissionSpecificationBuilder,\n EndowmentGetterParams,\n ValidPermissionSpecification,\n PermissionValidatorConstraint,\n PermissionConstraint,\n CaveatSpecificationConstraint,\n Caveat,\n} from '@metamask/permission-controller';\nimport { PermissionType, SubjectType } from '@metamask/permission-controller';\nimport { rpcErrors } from '@metamask/rpc-errors';\nimport { SnapCaveatType } from '@metamask/snaps-utils';\nimport type { Json, NonEmptyArray } from '@metamask/utils';\nimport { assert, hasProperty, isObject, isPlainObject } from '@metamask/utils';\n\nimport { SnapEndowments } from './enum';\n\nconst permissionName = SnapEndowments.TransactionInsight;\n\ntype TransactionInsightEndowmentSpecification = ValidPermissionSpecification<{\n permissionType: PermissionType.Endowment;\n targetName: typeof permissionName;\n endowmentGetter: (_options?: EndowmentGetterParams) => undefined;\n allowedCaveats: Readonly<NonEmptyArray<string>> | null;\n validator: PermissionValidatorConstraint;\n}>;\n\n/**\n * `endowment:transaction-insight` returns nothing; it is intended to be used as a flag\n * by the extension to detect whether the snap has the capability to show information on the transaction confirmation screen.\n *\n * @param _builderOptions - Optional specification builder options.\n * @returns The specification for the transaction-insight endowment.\n */\nconst specificationBuilder: PermissionSpecificationBuilder<\n PermissionType.Endowment,\n any,\n TransactionInsightEndowmentSpecification\n> = (_builderOptions?: unknown) => {\n return {\n permissionType: PermissionType.Endowment,\n targetName: permissionName,\n allowedCaveats: [SnapCaveatType.TransactionOrigin],\n endowmentGetter: (_getterOptions?: EndowmentGetterParams) => undefined,\n validator: ({ caveats }) => {\n if (\n (caveats !== null && caveats?.length > 1) ||\n (caveats?.length === 1 &&\n caveats[0].type !== SnapCaveatType.TransactionOrigin)\n ) {\n throw rpcErrors.invalidParams({\n message: `Expected a single \"${SnapCaveatType.TransactionOrigin}\" caveat.`,\n });\n }\n },\n subjectTypes: [SubjectType.Snap],\n };\n};\n\nexport const transactionInsightEndowmentBuilder = Object.freeze({\n targetName: permissionName,\n specificationBuilder,\n} as const);\n\n/**\n * Validates the type of the caveat value.\n *\n * @param caveat - The caveat to validate.\n * @throws If the caveat value is invalid.\n */\nfunction validateCaveat(caveat: Caveat<string, any>): void {\n if (!hasProperty(caveat, 'value') || !isPlainObject(caveat)) {\n throw rpcErrors.invalidParams({\n message: 'Expected a plain object.',\n });\n }\n\n const { value } = caveat;\n\n assert(\n typeof value === 'boolean',\n 'Expected caveat value to have type \"boolean\"',\n );\n}\n\n/**\n * Map a raw value from the `initialPermissions` to a caveat specification.\n * Note that this function does not do any validation, that's handled by the\n * PermissionsController when the permission is requested.\n *\n * @param value - The raw value from the `initialPermissions`.\n * @returns The caveat specification.\n */\nexport function getTransactionInsightCaveatMapper(\n value: Json,\n): Pick<PermissionConstraint, 'caveats'> {\n if (\n !value ||\n !isObject(value) ||\n (isObject(value) && Object.keys(value).length === 0)\n ) {\n return { caveats: null };\n }\n return {\n caveats: [\n {\n type: SnapCaveatType.TransactionOrigin,\n value:\n hasProperty(value, 'allowTransactionOrigin') &&\n (value.allowTransactionOrigin as boolean),\n },\n ],\n };\n}\n\n/**\n * Getter function to get the transaction origin caveat from a permission.\n *\n * This does basic validation of the caveat, but does not validate the type or\n * value of the namespaces object itself, as this is handled by the\n * `PermissionsController` when the permission is requested.\n *\n * @param permission - The permission to get the transaction origin caveat from.\n * @returns The transaction origin, or `null` if the permission does not have a\n * transaction origin caveat.\n */\nexport function getTransactionOriginCaveat(\n permission?: PermissionConstraint,\n): boolean | null {\n if (!permission?.caveats) {\n return null;\n }\n\n assert(permission.caveats.length === 1);\n assert(permission.caveats[0].type === SnapCaveatType.TransactionOrigin);\n\n const caveat = permission.caveats[0] as Caveat<string, boolean>;\n\n return caveat.value ?? null;\n}\n\nexport const transactionInsightCaveatSpecifications: Record<\n SnapCaveatType.TransactionOrigin,\n CaveatSpecificationConstraint\n> = {\n [SnapCaveatType.TransactionOrigin]: Object.freeze({\n type: SnapCaveatType.TransactionOrigin,\n validator: (caveat: Caveat<string, any>) => validateCaveat(caveat),\n }),\n};\n"],"names":["PermissionType","SubjectType","rpcErrors","SnapCaveatType","assert","hasProperty","isObject","isPlainObject","SnapEndowments","permissionName","TransactionInsight","specificationBuilder","_builderOptions","permissionType","Endowment","targetName","allowedCaveats","TransactionOrigin","endowmentGetter","_getterOptions","undefined","validator","caveats","length","type","invalidParams","message","subjectTypes","Snap","transactionInsightEndowmentBuilder","Object","freeze","validateCaveat","caveat","value","getTransactionInsightCaveatMapper","keys","allowTransactionOrigin","getTransactionOriginCaveat","permission","transactionInsightCaveatSpecifications"],"mappings":"AASA,SAASA,cAAc,EAAEC,WAAW,QAAQ,kCAAkC;AAC9E,SAASC,SAAS,QAAQ,uBAAuB;AACjD,SAASC,cAAc,QAAQ,wBAAwB;AAEvD,SAASC,MAAM,EAAEC,WAAW,EAAEC,QAAQ,EAAEC,aAAa,QAAQ,kBAAkB;AAE/E,SAASC,cAAc,QAAQ,SAAS;AAExC,MAAMC,iBAAiBD,eAAeE,kBAAkB;AAUxD;;;;;;CAMC,GACD,MAAMC,uBAIF,CAACC;IACH,OAAO;QACLC,gBAAgBb,eAAec,SAAS;QACxCC,YAAYN;QACZO,gBAAgB;YAACb,eAAec,iBAAiB;SAAC;QAClDC,iBAAiB,CAACC,iBAA2CC;QAC7DC,WAAW,CAAC,EAAEC,OAAO,EAAE;YACrB,IACE,AAACA,YAAY,QAAQA,SAASC,SAAS,KACtCD,SAASC,WAAW,KACnBD,OAAO,CAAC,EAAE,CAACE,IAAI,KAAKrB,eAAec,iBAAiB,EACtD;gBACA,MAAMf,UAAUuB,aAAa,CAAC;oBAC5BC,SAAS,CAAC,mBAAmB,EAAEvB,eAAec,iBAAiB,CAAC,SAAS,CAAC;gBAC5E;YACF;QACF;QACAU,cAAc;YAAC1B,YAAY2B,IAAI;SAAC;IAClC;AACF;AAEA,OAAO,MAAMC,qCAAqCC,OAAOC,MAAM,CAAC;IAC9DhB,YAAYN;IACZE;AACF,GAAY;AAEZ;;;;;CAKC,GACD,SAASqB,eAAeC,MAA2B;IACjD,IAAI,CAAC5B,YAAY4B,QAAQ,YAAY,CAAC1B,cAAc0B,SAAS;QAC3D,MAAM/B,UAAUuB,aAAa,CAAC;YAC5BC,SAAS;QACX;IACF;IAEA,MAAM,EAAEQ,KAAK,EAAE,GAAGD;IAElB7B,OACE,OAAO8B,UAAU,WACjB;AAEJ;AAEA;;;;;;;CAOC,GACD,OAAO,SAASC,kCACdD,KAAW;IAEX,IACE,CAACA,SACD,CAAC5B,SAAS4B,UACT5B,SAAS4B,UAAUJ,OAAOM,IAAI,CAACF,OAAOX,MAAM,KAAK,GAClD;QACA,OAAO;YAAED,SAAS;QAAK;IACzB;IACA,OAAO;QACLA,SAAS;YACP;gBACEE,MAAMrB,eAAec,iBAAiB;gBACtCiB,OACE7B,YAAY6B,OAAO,6BAClBA,MAAMG,sBAAsB;YACjC;SACD;IACH;AACF;AAEA;;;;;;;;;;CAUC,GACD,OAAO,SAASC,2BACdC,UAAiC;IAEjC,IAAI,CAACA,YAAYjB,SAAS;QACxB,OAAO;IACT;IAEAlB,OAAOmC,WAAWjB,OAAO,CAACC,MAAM,KAAK;IACrCnB,OAAOmC,WAAWjB,OAAO,CAAC,EAAE,CAACE,IAAI,KAAKrB,eAAec,iBAAiB;IAEtE,MAAMgB,SAASM,WAAWjB,OAAO,CAAC,EAAE;IAEpC,OAAOW,OAAOC,KAAK,IAAI;AACzB;AAEA,OAAO,MAAMM,yCAGT;IACF,CAACrC,eAAec,iBAAiB,CAAC,EAAEa,OAAOC,MAAM,CAAC;QAChDP,MAAMrB,eAAec,iBAAiB;QACtCI,WAAW,CAACY,SAAgCD,eAAeC;IAC7D;AACF,EAAE"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../src/snaps/location/location.ts"],"sourcesContent":["import type { SnapManifest, VirtualFile } from '@metamask/snaps-utils';\nimport { assert } from '@metamask/utils';\n\nimport { HttpLocation } from './http';\nimport { LocalLocation } from './local';\nimport type { NpmOptions } from './npm';\nimport { NpmLocation } from './npm';\n\ndeclare module '@metamask/snaps-utils' {\n interface DataMap {\n /**\n * Fully qualified, canonical path for the file in {@link https://github.com/MetaMask/SIPs/blob/main/SIPS/sip-8.md SIP-8 } URI format.\n */\n canonicalPath: string;\n }\n}\n\nexport interface SnapLocation {\n /**\n * All files are relative to the manifest, except the manifest itself.\n */\n manifest(): Promise<VirtualFile<SnapManifest>>;\n fetch(path: string): Promise<VirtualFile>;\n\n readonly shouldAlwaysReload?: boolean;\n}\n\nexport type DetectSnapLocationOptions = NpmOptions & {\n /**\n * The function used to fetch data.\n *\n * @default globalThis.fetch\n */\n fetch?: typeof fetch;\n /**\n * @default false\n */\n allowHttp?: boolean;\n /**\n * @default false\n */\n allowLocal?: boolean;\n};\n\n/**\n * Auto-magically detects which SnapLocation object to create based on the provided {@link location}.\n *\n * @param location - A {@link https://github.com/MetaMask/SIPs/blob/main/SIPS/sip-8.md SIP-8} uri.\n * @param opts - NPM options and feature flags.\n * @returns SnapLocation based on url.\n */\nexport function detectSnapLocation(\n location: string | URL,\n opts?: DetectSnapLocationOptions,\n): SnapLocation {\n const allowHttp = opts?.allowHttp ?? false;\n const allowLocal = opts?.allowLocal ?? false;\n const root = new URL(location);\n switch (root.protocol) {\n case 'npm:':\n return new NpmLocation(root, opts);\n case 'local:':\n assert(allowLocal, new TypeError('Fetching local snaps is disabled.'));\n return new LocalLocation(root, opts);\n case 'http:':\n case 'https:':\n assert(\n allowHttp,\n new TypeError('Fetching snaps through http/https is disabled.'),\n );\n return new HttpLocation(root, opts);\n default:\n throw new TypeError(\n `Unrecognized \"${root.protocol}\" snap location protocol.`,\n );\n }\n}\n"],"names":["assert","HttpLocation","LocalLocation","NpmLocation","detectSnapLocation","location","opts","allowHttp","allowLocal","root","URL","protocol","TypeError"],"mappings":"
|
|
1
|
+
{"version":3,"sources":["../../../../src/snaps/location/location.ts"],"sourcesContent":["import type { SnapManifest, VirtualFile } from '@metamask/snaps-utils';\nimport type { SemVerRange } from '@metamask/utils';\nimport { assert } from '@metamask/utils';\n\nimport { HttpLocation } from './http';\nimport { LocalLocation } from './local';\nimport type { NpmOptions } from './npm';\nimport { NpmLocation } from './npm';\n\ndeclare module '@metamask/snaps-utils' {\n interface DataMap {\n /**\n * Fully qualified, canonical path for the file in {@link https://github.com/MetaMask/SIPs/blob/main/SIPS/sip-8.md SIP-8 } URI format.\n */\n canonicalPath: string;\n }\n}\n\nexport interface SnapLocation {\n /**\n * All files are relative to the manifest, except the manifest itself.\n */\n manifest(): Promise<VirtualFile<SnapManifest>>;\n fetch(path: string): Promise<VirtualFile>;\n\n readonly shouldAlwaysReload?: boolean;\n}\n\nexport type DetectSnapLocationOptions = NpmOptions & {\n /**\n * The function used to fetch data.\n *\n * @default globalThis.fetch\n */\n fetch?: typeof fetch;\n /**\n * @default false\n */\n allowHttp?: boolean;\n /**\n * @default false\n */\n allowLocal?: boolean;\n\n resolveVersion?: (range: SemVerRange) => Promise<SemVerRange>;\n};\n\n/**\n * Auto-magically detects which SnapLocation object to create based on the provided {@link location}.\n *\n * @param location - A {@link https://github.com/MetaMask/SIPs/blob/main/SIPS/sip-8.md SIP-8} uri.\n * @param opts - NPM options and feature flags.\n * @returns SnapLocation based on url.\n */\nexport function detectSnapLocation(\n location: string | URL,\n opts?: DetectSnapLocationOptions,\n): SnapLocation {\n const allowHttp = opts?.allowHttp ?? false;\n const allowLocal = opts?.allowLocal ?? false;\n const root = new URL(location);\n switch (root.protocol) {\n case 'npm:':\n return new NpmLocation(root, opts);\n case 'local:':\n assert(allowLocal, new TypeError('Fetching local snaps is disabled.'));\n return new LocalLocation(root, opts);\n case 'http:':\n case 'https:':\n assert(\n allowHttp,\n new TypeError('Fetching snaps through http/https is disabled.'),\n );\n return new HttpLocation(root, opts);\n default:\n throw new TypeError(\n `Unrecognized \"${root.protocol}\" snap location protocol.`,\n );\n }\n}\n"],"names":["assert","HttpLocation","LocalLocation","NpmLocation","detectSnapLocation","location","opts","allowHttp","allowLocal","root","URL","protocol","TypeError"],"mappings":"AAEA,SAASA,MAAM,QAAQ,kBAAkB;AAEzC,SAASC,YAAY,QAAQ,SAAS;AACtC,SAASC,aAAa,QAAQ,UAAU;AAExC,SAASC,WAAW,QAAQ,QAAQ;AAwCpC;;;;;;CAMC,GACD,OAAO,SAASC,mBACdC,QAAsB,EACtBC,IAAgC;IAEhC,MAAMC,YAAYD,MAAMC,aAAa;IACrC,MAAMC,aAAaF,MAAME,cAAc;IACvC,MAAMC,OAAO,IAAIC,IAAIL;IACrB,OAAQI,KAAKE,QAAQ;QACnB,KAAK;YACH,OAAO,IAAIR,YAAYM,MAAMH;QAC/B,KAAK;YACHN,OAAOQ,YAAY,IAAII,UAAU;YACjC,OAAO,IAAIV,cAAcO,MAAMH;QACjC,KAAK;QACL,KAAK;YACHN,OACEO,WACA,IAAIK,UAAU;YAEhB,OAAO,IAAIX,aAAaQ,MAAMH;QAChC;YACE,MAAM,IAAIM,UACR,CAAC,cAAc,EAAEH,KAAKE,QAAQ,CAAC,yBAAyB,CAAC;IAE/D;AACF"}
|
|
@@ -27,13 +27,14 @@ function _define_property(obj, key, value) {
|
|
|
27
27
|
return obj;
|
|
28
28
|
}
|
|
29
29
|
import { createSnapManifest, DEFAULT_REQUESTED_SNAP_VERSION, getTargetVersion, isValidUrl, NpmSnapIdStruct, VirtualFile, normalizeRelative, parseJson } from '@metamask/snaps-utils';
|
|
30
|
-
import { assert, assertIsSemVerVersion, assertStruct, isObject } from '@metamask/utils';
|
|
30
|
+
import { assert, assertIsSemVerVersion, assertStruct, isObject, isValidSemVerVersion } from '@metamask/utils';
|
|
31
31
|
import concat from 'concat-stream';
|
|
32
|
+
import getNpmTarballUrl from 'get-npm-tarball-url';
|
|
32
33
|
import createGunzipStream from 'gunzip-maybe';
|
|
33
34
|
import { ReadableWebToNodeStream } from 'readable-web-to-node-stream';
|
|
34
35
|
import { pipeline } from 'stream';
|
|
35
36
|
import { extract as tarExtract } from 'tar-stream';
|
|
36
|
-
export const DEFAULT_NPM_REGISTRY = 'https://registry.npmjs.org';
|
|
37
|
+
export const DEFAULT_NPM_REGISTRY = new URL('https://registry.npmjs.org');
|
|
37
38
|
var _lazyInit = /*#__PURE__*/ new WeakSet();
|
|
38
39
|
export class NpmLocation {
|
|
39
40
|
async manifest() {
|
|
@@ -77,10 +78,12 @@ export class NpmLocation {
|
|
|
77
78
|
const allowCustomRegistries = opts.allowCustomRegistries ?? false;
|
|
78
79
|
const fetchFunction = opts.fetch ?? globalThis.fetch.bind(globalThis);
|
|
79
80
|
const requestedRange = opts.versionRange ?? DEFAULT_REQUESTED_SNAP_VERSION;
|
|
81
|
+
const defaultResolve = async (range)=>range;
|
|
82
|
+
const resolveVersion = opts.resolveVersion ?? defaultResolve;
|
|
80
83
|
assertStruct(url.toString(), NpmSnapIdStruct, 'Invalid Snap Id: ');
|
|
81
84
|
let registry;
|
|
82
85
|
if (url.host === '' && url.port === '' && url.username === '' && url.password === '') {
|
|
83
|
-
registry =
|
|
86
|
+
registry = DEFAULT_NPM_REGISTRY;
|
|
84
87
|
} else {
|
|
85
88
|
registry = 'https://';
|
|
86
89
|
if (url.username) {
|
|
@@ -104,13 +107,15 @@ export class NpmLocation {
|
|
|
104
107
|
requestedRange,
|
|
105
108
|
registry,
|
|
106
109
|
packageName,
|
|
107
|
-
fetch: fetchFunction
|
|
110
|
+
fetch: fetchFunction,
|
|
111
|
+
resolveVersion
|
|
108
112
|
};
|
|
109
113
|
}
|
|
110
114
|
}
|
|
111
115
|
async function lazyInit() {
|
|
112
116
|
assert(this.files === undefined);
|
|
113
|
-
const
|
|
117
|
+
const resolvedVersion = await this.meta.resolveVersion(this.meta.requestedRange);
|
|
118
|
+
const [tarballResponse, actualVersion] = await fetchNpmTarball(this.meta.packageName, resolvedVersion, this.meta.registry, this.meta.fetch);
|
|
114
119
|
this.meta.version = actualVersion;
|
|
115
120
|
let canonicalBase = 'npm://';
|
|
116
121
|
if (this.meta.registry.username !== '') {
|
|
@@ -156,6 +161,41 @@ const TARBALL_SIZE_SAFETY_LIMIT = 262144000;
|
|
|
156
161
|
}
|
|
157
162
|
return packageMetadata;
|
|
158
163
|
}
|
|
164
|
+
/**
|
|
165
|
+
* Resolves a version range to a version using the NPM registry.
|
|
166
|
+
*
|
|
167
|
+
* Unless the version range is already a version, then the NPM registry is skipped.
|
|
168
|
+
*
|
|
169
|
+
* @param packageName - The name of the package whose metadata to fetch.
|
|
170
|
+
* @param versionRange - The version range of the package.
|
|
171
|
+
* @param registryUrl - The URL of the npm registry to fetch the metadata from.
|
|
172
|
+
* @param fetchFunction - The fetch function to use. Defaults to the global
|
|
173
|
+
* {@link fetch}. Useful for Node.js compatibility.
|
|
174
|
+
* @returns An object containing the resolved version and a URL for its tarball.
|
|
175
|
+
* @throws If fetching the metadata fails.
|
|
176
|
+
*/ async function resolveNpmVersion(packageName, versionRange, registryUrl, fetchFunction) {
|
|
177
|
+
// If the version range is already a static version we don't need to look for the metadata.
|
|
178
|
+
if (registryUrl.toString() === DEFAULT_NPM_REGISTRY.toString() && isValidSemVerVersion(versionRange)) {
|
|
179
|
+
return {
|
|
180
|
+
tarballURL: getNpmTarballUrl(packageName, versionRange),
|
|
181
|
+
targetVersion: versionRange
|
|
182
|
+
};
|
|
183
|
+
}
|
|
184
|
+
const packageMetadata = await fetchNpmMetadata(packageName, registryUrl, fetchFunction);
|
|
185
|
+
const versions = Object.keys(packageMetadata?.versions ?? {}).map((version)=>{
|
|
186
|
+
assertIsSemVerVersion(version);
|
|
187
|
+
return version;
|
|
188
|
+
});
|
|
189
|
+
const targetVersion = getTargetVersion(versions, versionRange);
|
|
190
|
+
if (targetVersion === null) {
|
|
191
|
+
throw new Error(`Failed to find a matching version in npm metadata for package "${packageName}" and requested semver range "${versionRange}".`);
|
|
192
|
+
}
|
|
193
|
+
const tarballURL = packageMetadata?.versions?.[targetVersion]?.dist?.tarball;
|
|
194
|
+
return {
|
|
195
|
+
tarballURL,
|
|
196
|
+
targetVersion
|
|
197
|
+
};
|
|
198
|
+
}
|
|
159
199
|
/**
|
|
160
200
|
* Fetches the tarball (`.tgz` file) of the specified package and version from
|
|
161
201
|
* the public npm registry.
|
|
@@ -170,22 +210,13 @@ const TARBALL_SIZE_SAFETY_LIMIT = 262144000;
|
|
|
170
210
|
* actual version of the package.
|
|
171
211
|
* @throws If fetching the tarball fails.
|
|
172
212
|
*/ async function fetchNpmTarball(packageName, versionRange, registryUrl, fetchFunction) {
|
|
173
|
-
const
|
|
174
|
-
|
|
175
|
-
assertIsSemVerVersion(version);
|
|
176
|
-
return version;
|
|
177
|
-
});
|
|
178
|
-
const targetVersion = getTargetVersion(versions, versionRange);
|
|
179
|
-
if (targetVersion === null) {
|
|
180
|
-
throw new Error(`Failed to find a matching version in npm metadata for package "${packageName}" and requested semver range "${versionRange}".`);
|
|
181
|
-
}
|
|
182
|
-
const tarballUrlString = packageMetadata?.versions?.[targetVersion]?.dist?.tarball;
|
|
183
|
-
if (!isValidUrl(tarballUrlString) || !tarballUrlString.toString().endsWith('.tgz')) {
|
|
213
|
+
const { tarballURL, targetVersion } = await resolveNpmVersion(packageName, versionRange, registryUrl, fetchFunction);
|
|
214
|
+
if (!isValidUrl(tarballURL) || !tarballURL.toString().endsWith('.tgz')) {
|
|
184
215
|
throw new Error(`Failed to find valid tarball URL in NPM metadata for package "${packageName}".`);
|
|
185
216
|
}
|
|
186
217
|
// Override the tarball hostname/protocol with registryUrl hostname/protocol
|
|
187
218
|
const newRegistryUrl = new URL(registryUrl);
|
|
188
|
-
const newTarballUrl = new URL(
|
|
219
|
+
const newTarballUrl = new URL(tarballURL);
|
|
189
220
|
newTarballUrl.hostname = newRegistryUrl.hostname;
|
|
190
221
|
newTarballUrl.protocol = newRegistryUrl.protocol;
|
|
191
222
|
// Perform a raw fetch because we want the Response object itself.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../../src/snaps/location/npm.ts"],"sourcesContent":["import type { SnapManifest } from '@metamask/snaps-utils';\nimport {\n createSnapManifest,\n DEFAULT_REQUESTED_SNAP_VERSION,\n getTargetVersion,\n isValidUrl,\n NpmSnapIdStruct,\n VirtualFile,\n normalizeRelative,\n parseJson,\n} from '@metamask/snaps-utils';\nimport type { SemVerRange, SemVerVersion } from '@metamask/utils';\nimport {\n assert,\n assertIsSemVerVersion,\n assertStruct,\n isObject,\n} from '@metamask/utils';\nimport concat from 'concat-stream';\nimport createGunzipStream from 'gunzip-maybe';\nimport { ReadableWebToNodeStream } from 'readable-web-to-node-stream';\nimport { pipeline } from 'stream';\nimport type { Readable, Writable } from 'stream';\nimport { extract as tarExtract } from 'tar-stream';\n\nimport type { DetectSnapLocationOptions, SnapLocation } from './location';\n\nexport const DEFAULT_NPM_REGISTRY = 'https://registry.npmjs.org';\n\ninterface NpmMeta {\n registry: URL;\n packageName: string;\n requestedRange: SemVerRange;\n version?: string;\n fetch: typeof fetch;\n}\nexport interface NpmOptions {\n /**\n * @default DEFAULT_REQUESTED_SNAP_VERSION\n */\n versionRange?: SemVerRange;\n /**\n * Whether to allow custom NPM registries outside of {@link DEFAULT_NPM_REGISTRY}.\n *\n * @default false\n */\n allowCustomRegistries?: boolean;\n}\n\nexport class NpmLocation implements SnapLocation {\n private readonly meta: NpmMeta;\n\n private validatedManifest?: VirtualFile<SnapManifest>;\n\n private files?: Map<string, VirtualFile>;\n\n constructor(url: URL, opts: DetectSnapLocationOptions = {}) {\n const allowCustomRegistries = opts.allowCustomRegistries ?? false;\n const fetchFunction = opts.fetch ?? globalThis.fetch.bind(globalThis);\n const requestedRange = opts.versionRange ?? DEFAULT_REQUESTED_SNAP_VERSION;\n\n assertStruct(url.toString(), NpmSnapIdStruct, 'Invalid Snap Id: ');\n\n let registry: string | URL;\n if (\n url.host === '' &&\n url.port === '' &&\n url.username === '' &&\n url.password === ''\n ) {\n registry = new URL(DEFAULT_NPM_REGISTRY);\n } else {\n registry = 'https://';\n if (url.username) {\n registry += url.username;\n if (url.password) {\n registry += `:${url.password}`;\n }\n registry += '@';\n }\n registry += url.host;\n registry = new URL(registry);\n assert(\n allowCustomRegistries,\n new TypeError(\n `Custom NPM registries are disabled, tried to use \"${registry.toString()}\".`,\n ),\n );\n }\n\n assert(\n registry.pathname === '/' &&\n registry.search === '' &&\n registry.hash === '',\n );\n\n assert(\n url.pathname !== '' && url.pathname !== '/',\n new TypeError('The package name in NPM location is empty.'),\n );\n let packageName = url.pathname;\n if (packageName.startsWith('/')) {\n packageName = packageName.slice(1);\n }\n\n this.meta = {\n requestedRange,\n registry,\n packageName,\n fetch: fetchFunction,\n };\n }\n\n async manifest(): Promise<VirtualFile<SnapManifest>> {\n if (this.validatedManifest) {\n return this.validatedManifest.clone();\n }\n\n const vfile = await this.fetch('snap.manifest.json');\n const result = parseJson(vfile.toString());\n vfile.result = createSnapManifest(result);\n this.validatedManifest = vfile as VirtualFile<SnapManifest>;\n\n return this.manifest();\n }\n\n async fetch(path: string): Promise<VirtualFile> {\n const relativePath = normalizeRelative(path);\n if (!this.files) {\n await this.#lazyInit();\n assert(this.files !== undefined);\n }\n const vfile = this.files.get(relativePath);\n assert(\n vfile !== undefined,\n new TypeError(`File \"${path}\" not found in package.`),\n );\n return vfile.clone();\n }\n\n get packageName(): string {\n return this.meta.packageName;\n }\n\n get version(): string {\n assert(\n this.meta.version !== undefined,\n 'Tried to access version without first fetching NPM package.',\n );\n return this.meta.version;\n }\n\n get registry(): URL {\n return this.meta.registry;\n }\n\n get versionRange(): SemVerRange {\n return this.meta.requestedRange;\n }\n\n async #lazyInit() {\n assert(this.files === undefined);\n const [tarballResponse, actualVersion] = await fetchNpmTarball(\n this.meta.packageName,\n this.meta.requestedRange,\n this.meta.registry,\n this.meta.fetch,\n );\n this.meta.version = actualVersion;\n\n let canonicalBase = 'npm://';\n if (this.meta.registry.username !== '') {\n canonicalBase += this.meta.registry.username;\n if (this.meta.registry.password !== '') {\n canonicalBase += `:${this.meta.registry.password}`;\n }\n canonicalBase += '@';\n }\n canonicalBase += this.meta.registry.host;\n\n // TODO(ritave): Lazily extract files instead of up-front extracting all of them\n // We would need to replace tar-stream package because it requires immediate consumption of streams.\n await new Promise<void>((resolve, reject) => {\n this.files = new Map();\n pipeline(\n getNodeStream(tarballResponse),\n // The \"gz\" in \"tgz\" stands for \"gzip\". The tarball needs to be decompressed\n // before we can actually grab any files from it.\n // To prevent recursion-based zip bombs, we set a maximum recursion depth of 1.\n createGunzipStream(1),\n createTarballStream(\n `${canonicalBase}/${this.meta.packageName}/`,\n this.files,\n ),\n (error) => {\n error ? reject(error) : resolve();\n },\n );\n });\n }\n}\n\n// Safety limit for tarballs, 250 MB in bytes\nconst TARBALL_SIZE_SAFETY_LIMIT = 262144000;\n\n// Incomplete type\nexport type PartialNpmMetadata = {\n versions: Record<string, { dist: { tarball: string } }>;\n};\n\n/**\n * Fetches the NPM metadata of the specified package from\n * the public npm registry.\n *\n * @param packageName - The name of the package whose metadata to fetch.\n * @param registryUrl - The URL of the npm registry to fetch the metadata from.\n * @param fetchFunction - The fetch function to use. Defaults to the global\n * {@link fetch}. Useful for Node.js compatibility.\n * @returns The NPM metadata object.\n * @throws If fetching the metadata fails.\n */\nexport async function fetchNpmMetadata(\n packageName: string,\n registryUrl: URL | string,\n fetchFunction: typeof fetch,\n): Promise<PartialNpmMetadata> {\n const packageResponse = await fetchFunction(\n new URL(packageName, registryUrl).toString(),\n );\n if (!packageResponse.ok) {\n throw new Error(\n `Failed to fetch NPM registry entry. Status code: ${packageResponse.status}.`,\n );\n }\n const packageMetadata = await packageResponse.json();\n\n if (!isObject(packageMetadata)) {\n throw new Error(\n `Failed to fetch package \"${packageName}\" metadata from npm.`,\n );\n }\n\n return packageMetadata as PartialNpmMetadata;\n}\n\n/**\n * Fetches the tarball (`.tgz` file) of the specified package and version from\n * the public npm registry.\n *\n * @param packageName - The name of the package whose tarball to fetch.\n * @param versionRange - The SemVer range of the package to fetch. The highest\n * version satisfying the range will be fetched.\n * @param registryUrl - The URL of the npm registry to fetch the tarball from.\n * @param fetchFunction - The fetch function to use. Defaults to the global\n * {@link fetch}. Useful for Node.js compatibility.\n * @returns A tuple of the {@link Response} for the package tarball and the\n * actual version of the package.\n * @throws If fetching the tarball fails.\n */\nasync function fetchNpmTarball(\n packageName: string,\n versionRange: SemVerRange,\n registryUrl: URL | string,\n fetchFunction: typeof fetch,\n): Promise<[ReadableStream, SemVerVersion]> {\n const packageMetadata = await fetchNpmMetadata(\n packageName,\n registryUrl,\n fetchFunction,\n );\n\n const versions = Object.keys(packageMetadata?.versions ?? {}).map(\n (version) => {\n assertIsSemVerVersion(version);\n return version;\n },\n );\n\n const targetVersion = getTargetVersion(versions, versionRange);\n\n if (targetVersion === null) {\n throw new Error(\n `Failed to find a matching version in npm metadata for package \"${packageName}\" and requested semver range \"${versionRange}\".`,\n );\n }\n\n const tarballUrlString =\n packageMetadata?.versions?.[targetVersion]?.dist?.tarball;\n\n if (\n !isValidUrl(tarballUrlString) ||\n !tarballUrlString.toString().endsWith('.tgz')\n ) {\n throw new Error(\n `Failed to find valid tarball URL in NPM metadata for package \"${packageName}\".`,\n );\n }\n\n // Override the tarball hostname/protocol with registryUrl hostname/protocol\n const newRegistryUrl = new URL(registryUrl);\n const newTarballUrl = new URL(tarballUrlString);\n newTarballUrl.hostname = newRegistryUrl.hostname;\n newTarballUrl.protocol = newRegistryUrl.protocol;\n\n // Perform a raw fetch because we want the Response object itself.\n const tarballResponse = await fetchFunction(newTarballUrl.toString());\n if (!tarballResponse.ok || !tarballResponse.body) {\n throw new Error(`Failed to fetch tarball for package \"${packageName}\".`);\n }\n // We assume that NPM is a good actor and provides us with a valid `content-length` header.\n const tarballSizeString = tarballResponse.headers.get('content-length');\n assert(tarballSizeString, 'Snap tarball has invalid content-length');\n const tarballSize = parseInt(tarballSizeString, 10);\n assert(\n tarballSize <= TARBALL_SIZE_SAFETY_LIMIT,\n 'Snap tarball exceeds size limit',\n );\n return [tarballResponse.body, targetVersion];\n}\n\n/**\n * The paths of files within npm tarballs appear to always be prefixed with\n * \"package/\".\n */\nconst NPM_TARBALL_PATH_PREFIX = /^package\\//u;\n\n/**\n * Converts a {@link ReadableStream} to a Node.js {@link Readable}\n * stream. Returns the stream directly if it is already a Node.js stream.\n * We can't use the native Web {@link ReadableStream} directly because the\n * other stream libraries we use expect Node.js streams.\n *\n * @param stream - The stream to convert.\n * @returns The given stream as a Node.js Readable stream.\n */\nfunction getNodeStream(stream: ReadableStream): Readable {\n if (typeof stream.getReader !== 'function') {\n return stream as unknown as Readable;\n }\n\n return new ReadableWebToNodeStream(stream);\n}\n\n/**\n * Creates a `tar-stream` that will get the necessary files from an npm Snap\n * package tarball (`.tgz` file).\n *\n * @param canonicalBase - A base URI as specified in {@link https://github.com/MetaMask/SIPs/blob/main/SIPS/sip-8.md SIP-8}. Starting with 'npm:'. Will be used for canonicalPath vfile argument.\n * @param files - An object to write target file contents to.\n * @returns The {@link Writable} tarball extraction stream.\n */\nfunction createTarballStream(\n canonicalBase: string,\n files: Map<string, VirtualFile>,\n): Writable {\n assert(\n canonicalBase.endsWith('/'),\n \"Base needs to end with '/' for relative paths to be added as children instead of siblings.\",\n );\n\n assert(\n canonicalBase.startsWith('npm:'),\n 'Protocol mismatch, expected \"npm:\".',\n );\n // `tar-stream` is pretty old-school, so we create it first and then\n // instrument it by adding event listeners.\n const extractStream = tarExtract();\n\n let totalSize = 0;\n\n // \"entry\" is fired for every discreet entity in the tarball. This includes\n // files and folders.\n extractStream.on('entry', (header, entryStream, next) => {\n const { name: headerName, type: headerType } = header;\n if (headerType === 'file') {\n // The name is a path if the header type is \"file\".\n const path = headerName.replace(NPM_TARBALL_PATH_PREFIX, '');\n return entryStream.pipe(\n concat({ encoding: 'uint8array' }, (data) => {\n try {\n totalSize += data.byteLength;\n // To prevent zip bombs, we set a safety limit for the total size of tarballs.\n assert(\n totalSize < TARBALL_SIZE_SAFETY_LIMIT,\n `Snap tarball exceeds limit of ${TARBALL_SIZE_SAFETY_LIMIT} bytes.`,\n );\n const vfile = new VirtualFile({\n value: data,\n path,\n data: {\n canonicalPath: new URL(path, canonicalBase).toString(),\n },\n });\n // We disallow files having identical paths as it may confuse our checksum calculations.\n assert(\n !files.has(path),\n 'Malformed tarball, multiple files with the same path.',\n );\n files.set(path, vfile);\n return next();\n } catch (error) {\n return extractStream.destroy(error);\n }\n }),\n );\n }\n\n // If we get here, the entry is not a file, and we want to ignore. The entry\n // stream must be drained, or the extractStream will stop reading. This is\n // effectively a no-op for the current entry.\n entryStream.on('end', () => next());\n return entryStream.resume();\n });\n return extractStream;\n}\n"],"names":["createSnapManifest","DEFAULT_REQUESTED_SNAP_VERSION","getTargetVersion","isValidUrl","NpmSnapIdStruct","VirtualFile","normalizeRelative","parseJson","assert","assertIsSemVerVersion","assertStruct","isObject","concat","createGunzipStream","ReadableWebToNodeStream","pipeline","extract","tarExtract","DEFAULT_NPM_REGISTRY","NpmLocation","manifest","validatedManifest","clone","vfile","fetch","result","toString","path","relativePath","files","lazyInit","undefined","get","TypeError","packageName","meta","version","registry","versionRange","requestedRange","constructor","url","opts","allowCustomRegistries","fetchFunction","globalThis","bind","host","port","username","password","URL","pathname","search","hash","startsWith","slice","tarballResponse","actualVersion","fetchNpmTarball","canonicalBase","Promise","resolve","reject","Map","getNodeStream","createTarballStream","error","TARBALL_SIZE_SAFETY_LIMIT","fetchNpmMetadata","registryUrl","packageResponse","ok","Error","status","packageMetadata","json","versions","Object","keys","map","targetVersion","tarballUrlString","dist","tarball","endsWith","newRegistryUrl","newTarballUrl","hostname","protocol","body","tarballSizeString","headers","tarballSize","parseInt","NPM_TARBALL_PATH_PREFIX","stream","getReader","extractStream","totalSize","on","header","entryStream","next","name","headerName","type","headerType","replace","pipe","encoding","data","byteLength","value","canonicalPath","has","set","destroy","resume"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AACA,SACEA,kBAAkB,EAClBC,8BAA8B,EAC9BC,gBAAgB,EAChBC,UAAU,EACVC,eAAe,EACfC,WAAW,EACXC,iBAAiB,EACjBC,SAAS,QACJ,wBAAwB;AAE/B,SACEC,MAAM,EACNC,qBAAqB,EACrBC,YAAY,EACZC,QAAQ,QACH,kBAAkB;AACzB,OAAOC,YAAY,gBAAgB;AACnC,OAAOC,wBAAwB,eAAe;AAC9C,SAASC,uBAAuB,QAAQ,8BAA8B;AACtE,SAASC,QAAQ,QAAQ,SAAS;AAElC,SAASC,WAAWC,UAAU,QAAQ,aAAa;AAInD,OAAO,MAAMC,uBAAuB,6BAA6B;IAqIzD;AA/GR,OAAO,MAAMC;IAgEX,MAAMC,WAA+C;QACnD,IAAI,IAAI,CAACC,iBAAiB,EAAE;YAC1B,OAAO,IAAI,CAACA,iBAAiB,CAACC,KAAK;QACrC;QAEA,MAAMC,QAAQ,MAAM,IAAI,CAACC,KAAK,CAAC;QAC/B,MAAMC,SAASlB,UAAUgB,MAAMG,QAAQ;QACvCH,MAAME,MAAM,GAAGzB,mBAAmByB;QAClC,IAAI,CAACJ,iBAAiB,GAAGE;QAEzB,OAAO,IAAI,CAACH,QAAQ;IACtB;IAEA,MAAMI,MAAMG,IAAY,EAAwB;QAC9C,MAAMC,eAAetB,kBAAkBqB;QACvC,IAAI,CAAC,IAAI,CAACE,KAAK,EAAE;YACf,MAAM,0BAAA,IAAI,EAAEC,WAAAA,eAAN,IAAI;YACVtB,OAAO,IAAI,CAACqB,KAAK,KAAKE;QACxB;QACA,MAAMR,QAAQ,IAAI,CAACM,KAAK,CAACG,GAAG,CAACJ;QAC7BpB,OACEe,UAAUQ,WACV,IAAIE,UAAU,CAAC,MAAM,EAAEN,KAAK,uBAAuB,CAAC;QAEtD,OAAOJ,MAAMD,KAAK;IACpB;IAEA,IAAIY,cAAsB;QACxB,OAAO,IAAI,CAACC,IAAI,CAACD,WAAW;IAC9B;IAEA,IAAIE,UAAkB;QACpB5B,OACE,IAAI,CAAC2B,IAAI,CAACC,OAAO,KAAKL,WACtB;QAEF,OAAO,IAAI,CAACI,IAAI,CAACC,OAAO;IAC1B;IAEA,IAAIC,WAAgB;QAClB,OAAO,IAAI,CAACF,IAAI,CAACE,QAAQ;IAC3B;IAEA,IAAIC,eAA4B;QAC9B,OAAO,IAAI,CAACH,IAAI,CAACI,cAAc;IACjC;IAtGAC,YAAYC,GAAQ,EAAEC,OAAkC,CAAC,CAAC,CAAE;QAwG5D,iCAAM;QA9GN,uBAAiBP,QAAjB,KAAA;QAEA,uBAAQd,qBAAR,KAAA;QAEA,uBAAQQ,SAAR,KAAA;QAGE,MAAMc,wBAAwBD,KAAKC,qBAAqB,IAAI;QAC5D,MAAMC,gBAAgBF,KAAKlB,KAAK,IAAIqB,WAAWrB,KAAK,CAACsB,IAAI,CAACD;QAC1D,MAAMN,iBAAiBG,KAAKJ,YAAY,IAAIrC;QAE5CS,aAAa+B,IAAIf,QAAQ,IAAItB,iBAAiB;QAE9C,IAAIiC;QACJ,IACEI,IAAIM,IAAI,KAAK,MACbN,IAAIO,IAAI,KAAK,MACbP,IAAIQ,QAAQ,KAAK,MACjBR,IAAIS,QAAQ,KAAK,IACjB;YACAb,WAAW,IAAIc,IAAIjC;QACrB,OAAO;YACLmB,WAAW;YACX,IAAII,IAAIQ,QAAQ,EAAE;gBAChBZ,YAAYI,IAAIQ,QAAQ;gBACxB,IAAIR,IAAIS,QAAQ,EAAE;oBAChBb,YAAY,CAAC,CAAC,EAAEI,IAAIS,QAAQ,CAAC,CAAC;gBAChC;gBACAb,YAAY;YACd;YACAA,YAAYI,IAAIM,IAAI;YACpBV,WAAW,IAAIc,IAAId;YACnB7B,OACEmC,uBACA,IAAIV,UACF,CAAC,kDAAkD,EAAEI,SAASX,QAAQ,GAAG,EAAE,CAAC;QAGlF;QAEAlB,OACE6B,SAASe,QAAQ,KAAK,OACpBf,SAASgB,MAAM,KAAK,MACpBhB,SAASiB,IAAI,KAAK;QAGtB9C,OACEiC,IAAIW,QAAQ,KAAK,MAAMX,IAAIW,QAAQ,KAAK,KACxC,IAAInB,UAAU;QAEhB,IAAIC,cAAcO,IAAIW,QAAQ;QAC9B,IAAIlB,YAAYqB,UAAU,CAAC,MAAM;YAC/BrB,cAAcA,YAAYsB,KAAK,CAAC;QAClC;QAEA,IAAI,CAACrB,IAAI,GAAG;YACVI;YACAF;YACAH;YACAV,OAAOoB;QACT;IACF;AAyFF;AAxCE,eAAA;IACEpC,OAAO,IAAI,CAACqB,KAAK,KAAKE;IACtB,MAAM,CAAC0B,iBAAiBC,cAAc,GAAG,MAAMC,gBAC7C,IAAI,CAACxB,IAAI,CAACD,WAAW,EACrB,IAAI,CAACC,IAAI,CAACI,cAAc,EACxB,IAAI,CAACJ,IAAI,CAACE,QAAQ,EAClB,IAAI,CAACF,IAAI,CAACX,KAAK;IAEjB,IAAI,CAACW,IAAI,CAACC,OAAO,GAAGsB;IAEpB,IAAIE,gBAAgB;IACpB,IAAI,IAAI,CAACzB,IAAI,CAACE,QAAQ,CAACY,QAAQ,KAAK,IAAI;QACtCW,iBAAiB,IAAI,CAACzB,IAAI,CAACE,QAAQ,CAACY,QAAQ;QAC5C,IAAI,IAAI,CAACd,IAAI,CAACE,QAAQ,CAACa,QAAQ,KAAK,IAAI;YACtCU,iBAAiB,CAAC,CAAC,EAAE,IAAI,CAACzB,IAAI,CAACE,QAAQ,CAACa,QAAQ,CAAC,CAAC;QACpD;QACAU,iBAAiB;IACnB;IACAA,iBAAiB,IAAI,CAACzB,IAAI,CAACE,QAAQ,CAACU,IAAI;IAExC,gFAAgF;IAChF,kHAAkH;IAClH,MAAM,IAAIc,QAAc,CAACC,SAASC;QAChC,IAAI,CAAClC,KAAK,GAAG,IAAImC;QACjBjD,SACEkD,cAAcR,kBACd,4EAA4E;QAC5E,iDAAiD;QACjD,+EAA+E;QAC/E5C,mBAAmB,IACnBqD,oBACE,CAAC,EAAEN,cAAc,CAAC,EAAE,IAAI,CAACzB,IAAI,CAACD,WAAW,CAAC,CAAC,CAAC,EAC5C,IAAI,CAACL,KAAK,GAEZ,CAACsC;YACCA,QAAQJ,OAAOI,SAASL;QAC1B;IAEJ;AACF;AAGF,6CAA6C;AAC7C,MAAMM,4BAA4B;AAOlC;;;;;;;;;;CAUC,GACD,OAAO,eAAeC,iBACpBnC,WAAmB,EACnBoC,WAAyB,EACzB1B,aAA2B;IAE3B,MAAM2B,kBAAkB,MAAM3B,cAC5B,IAAIO,IAAIjB,aAAaoC,aAAa5C,QAAQ;IAE5C,IAAI,CAAC6C,gBAAgBC,EAAE,EAAE;QACvB,MAAM,IAAIC,MACR,CAAC,iDAAiD,EAAEF,gBAAgBG,MAAM,CAAC,CAAC,CAAC;IAEjF;IACA,MAAMC,kBAAkB,MAAMJ,gBAAgBK,IAAI;IAElD,IAAI,CAACjE,SAASgE,kBAAkB;QAC9B,MAAM,IAAIF,MACR,CAAC,yBAAyB,EAAEvC,YAAY,oBAAoB,CAAC;IAEjE;IAEA,OAAOyC;AACT;AAEA;;;;;;;;;;;;;CAaC,GACD,eAAehB,gBACbzB,WAAmB,EACnBI,YAAyB,EACzBgC,WAAyB,EACzB1B,aAA2B;IAE3B,MAAM+B,kBAAkB,MAAMN,iBAC5BnC,aACAoC,aACA1B;IAGF,MAAMiC,WAAWC,OAAOC,IAAI,CAACJ,iBAAiBE,YAAY,CAAC,GAAGG,GAAG,CAC/D,CAAC5C;QACC3B,sBAAsB2B;QACtB,OAAOA;IACT;IAGF,MAAM6C,gBAAgB/E,iBAAiB2E,UAAUvC;IAEjD,IAAI2C,kBAAkB,MAAM;QAC1B,MAAM,IAAIR,MACR,CAAC,+DAA+D,EAAEvC,YAAY,8BAA8B,EAAEI,aAAa,EAAE,CAAC;IAElI;IAEA,MAAM4C,mBACJP,iBAAiBE,UAAU,CAACI,cAAc,EAAEE,MAAMC;IAEpD,IACE,CAACjF,WAAW+E,qBACZ,CAACA,iBAAiBxD,QAAQ,GAAG2D,QAAQ,CAAC,SACtC;QACA,MAAM,IAAIZ,MACR,CAAC,8DAA8D,EAAEvC,YAAY,EAAE,CAAC;IAEpF;IAEA,4EAA4E;IAC5E,MAAMoD,iBAAiB,IAAInC,IAAImB;IAC/B,MAAMiB,gBAAgB,IAAIpC,IAAI+B;IAC9BK,cAAcC,QAAQ,GAAGF,eAAeE,QAAQ;IAChDD,cAAcE,QAAQ,GAAGH,eAAeG,QAAQ;IAEhD,kEAAkE;IAClE,MAAMhC,kBAAkB,MAAMb,cAAc2C,cAAc7D,QAAQ;IAClE,IAAI,CAAC+B,gBAAgBe,EAAE,IAAI,CAACf,gBAAgBiC,IAAI,EAAE;QAChD,MAAM,IAAIjB,MAAM,CAAC,qCAAqC,EAAEvC,YAAY,EAAE,CAAC;IACzE;IACA,2FAA2F;IAC3F,MAAMyD,oBAAoBlC,gBAAgBmC,OAAO,CAAC5D,GAAG,CAAC;IACtDxB,OAAOmF,mBAAmB;IAC1B,MAAME,cAAcC,SAASH,mBAAmB;IAChDnF,OACEqF,eAAezB,2BACf;IAEF,OAAO;QAACX,gBAAgBiC,IAAI;QAAET;KAAc;AAC9C;AAEA;;;CAGC,GACD,MAAMc,0BAA0B;AAEhC;;;;;;;;CAQC,GACD,SAAS9B,cAAc+B,MAAsB;IAC3C,IAAI,OAAOA,OAAOC,SAAS,KAAK,YAAY;QAC1C,OAAOD;IACT;IAEA,OAAO,IAAIlF,wBAAwBkF;AACrC;AAEA;;;;;;;CAOC,GACD,SAAS9B,oBACPN,aAAqB,EACrB/B,KAA+B;IAE/BrB,OACEoD,cAAcyB,QAAQ,CAAC,MACvB;IAGF7E,OACEoD,cAAcL,UAAU,CAAC,SACzB;IAEF,oEAAoE;IACpE,2CAA2C;IAC3C,MAAM2C,gBAAgBjF;IAEtB,IAAIkF,YAAY;IAEhB,2EAA2E;IAC3E,qBAAqB;IACrBD,cAAcE,EAAE,CAAC,SAAS,CAACC,QAAQC,aAAaC;QAC9C,MAAM,EAAEC,MAAMC,UAAU,EAAEC,MAAMC,UAAU,EAAE,GAAGN;QAC/C,IAAIM,eAAe,QAAQ;YACzB,mDAAmD;YACnD,MAAMhF,OAAO8E,WAAWG,OAAO,CAACb,yBAAyB;YACzD,OAAOO,YAAYO,IAAI,CACrBjG,OAAO;gBAAEkG,UAAU;YAAa,GAAG,CAACC;gBAClC,IAAI;oBACFZ,aAAaY,KAAKC,UAAU;oBAC5B,8EAA8E;oBAC9ExG,OACE2F,YAAY/B,2BACZ,CAAC,8BAA8B,EAAEA,0BAA0B,OAAO,CAAC;oBAErE,MAAM7C,QAAQ,IAAIlB,YAAY;wBAC5B4G,OAAOF;wBACPpF;wBACAoF,MAAM;4BACJG,eAAe,IAAI/D,IAAIxB,MAAMiC,eAAelC,QAAQ;wBACtD;oBACF;oBACA,wFAAwF;oBACxFlB,OACE,CAACqB,MAAMsF,GAAG,CAACxF,OACX;oBAEFE,MAAMuF,GAAG,CAACzF,MAAMJ;oBAChB,OAAOgF;gBACT,EAAE,OAAOpC,OAAO;oBACd,OAAO+B,cAAcmB,OAAO,CAAClD;gBAC/B;YACF;QAEJ;QAEA,4EAA4E;QAC5E,0EAA0E;QAC1E,6CAA6C;QAC7CmC,YAAYF,EAAE,CAAC,OAAO,IAAMG;QAC5B,OAAOD,YAAYgB,MAAM;IAC3B;IACA,OAAOpB;AACT"}
|
|
1
|
+
{"version":3,"sources":["../../../../src/snaps/location/npm.ts"],"sourcesContent":["import type { SnapManifest } from '@metamask/snaps-utils';\nimport {\n createSnapManifest,\n DEFAULT_REQUESTED_SNAP_VERSION,\n getTargetVersion,\n isValidUrl,\n NpmSnapIdStruct,\n VirtualFile,\n normalizeRelative,\n parseJson,\n} from '@metamask/snaps-utils';\nimport type { SemVerRange, SemVerVersion } from '@metamask/utils';\nimport {\n assert,\n assertIsSemVerVersion,\n assertStruct,\n isObject,\n isValidSemVerVersion,\n} from '@metamask/utils';\nimport concat from 'concat-stream';\nimport getNpmTarballUrl from 'get-npm-tarball-url';\nimport createGunzipStream from 'gunzip-maybe';\nimport { ReadableWebToNodeStream } from 'readable-web-to-node-stream';\nimport { pipeline } from 'stream';\nimport type { Readable, Writable } from 'stream';\nimport { extract as tarExtract } from 'tar-stream';\n\nimport type { DetectSnapLocationOptions, SnapLocation } from './location';\n\nexport const DEFAULT_NPM_REGISTRY = new URL('https://registry.npmjs.org');\n\ninterface NpmMeta {\n registry: URL;\n packageName: string;\n requestedRange: SemVerRange;\n version?: string;\n fetch: typeof fetch;\n resolveVersion: (range: SemVerRange) => Promise<SemVerRange>;\n}\nexport interface NpmOptions {\n /**\n * @default DEFAULT_REQUESTED_SNAP_VERSION\n */\n versionRange?: SemVerRange;\n /**\n * Whether to allow custom NPM registries outside of {@link DEFAULT_NPM_REGISTRY}.\n *\n * @default false\n */\n allowCustomRegistries?: boolean;\n}\n\nexport class NpmLocation implements SnapLocation {\n private readonly meta: NpmMeta;\n\n private validatedManifest?: VirtualFile<SnapManifest>;\n\n private files?: Map<string, VirtualFile>;\n\n constructor(url: URL, opts: DetectSnapLocationOptions = {}) {\n const allowCustomRegistries = opts.allowCustomRegistries ?? false;\n const fetchFunction = opts.fetch ?? globalThis.fetch.bind(globalThis);\n const requestedRange = opts.versionRange ?? DEFAULT_REQUESTED_SNAP_VERSION;\n const defaultResolve = async (range: SemVerRange) => range;\n const resolveVersion = opts.resolveVersion ?? defaultResolve;\n\n assertStruct(url.toString(), NpmSnapIdStruct, 'Invalid Snap Id: ');\n\n let registry: string | URL;\n if (\n url.host === '' &&\n url.port === '' &&\n url.username === '' &&\n url.password === ''\n ) {\n registry = DEFAULT_NPM_REGISTRY;\n } else {\n registry = 'https://';\n if (url.username) {\n registry += url.username;\n if (url.password) {\n registry += `:${url.password}`;\n }\n registry += '@';\n }\n registry += url.host;\n registry = new URL(registry);\n assert(\n allowCustomRegistries,\n new TypeError(\n `Custom NPM registries are disabled, tried to use \"${registry.toString()}\".`,\n ),\n );\n }\n\n assert(\n registry.pathname === '/' &&\n registry.search === '' &&\n registry.hash === '',\n );\n\n assert(\n url.pathname !== '' && url.pathname !== '/',\n new TypeError('The package name in NPM location is empty.'),\n );\n let packageName = url.pathname;\n if (packageName.startsWith('/')) {\n packageName = packageName.slice(1);\n }\n\n this.meta = {\n requestedRange,\n registry,\n packageName,\n fetch: fetchFunction,\n resolveVersion,\n };\n }\n\n async manifest(): Promise<VirtualFile<SnapManifest>> {\n if (this.validatedManifest) {\n return this.validatedManifest.clone();\n }\n\n const vfile = await this.fetch('snap.manifest.json');\n const result = parseJson(vfile.toString());\n vfile.result = createSnapManifest(result);\n this.validatedManifest = vfile as VirtualFile<SnapManifest>;\n\n return this.manifest();\n }\n\n async fetch(path: string): Promise<VirtualFile> {\n const relativePath = normalizeRelative(path);\n if (!this.files) {\n await this.#lazyInit();\n assert(this.files !== undefined);\n }\n const vfile = this.files.get(relativePath);\n assert(\n vfile !== undefined,\n new TypeError(`File \"${path}\" not found in package.`),\n );\n return vfile.clone();\n }\n\n get packageName(): string {\n return this.meta.packageName;\n }\n\n get version(): string {\n assert(\n this.meta.version !== undefined,\n 'Tried to access version without first fetching NPM package.',\n );\n return this.meta.version;\n }\n\n get registry(): URL {\n return this.meta.registry;\n }\n\n get versionRange(): SemVerRange {\n return this.meta.requestedRange;\n }\n\n async #lazyInit() {\n assert(this.files === undefined);\n const resolvedVersion = await this.meta.resolveVersion(\n this.meta.requestedRange,\n );\n const [tarballResponse, actualVersion] = await fetchNpmTarball(\n this.meta.packageName,\n resolvedVersion,\n this.meta.registry,\n this.meta.fetch,\n );\n this.meta.version = actualVersion;\n\n let canonicalBase = 'npm://';\n if (this.meta.registry.username !== '') {\n canonicalBase += this.meta.registry.username;\n if (this.meta.registry.password !== '') {\n canonicalBase += `:${this.meta.registry.password}`;\n }\n canonicalBase += '@';\n }\n canonicalBase += this.meta.registry.host;\n\n // TODO(ritave): Lazily extract files instead of up-front extracting all of them\n // We would need to replace tar-stream package because it requires immediate consumption of streams.\n await new Promise<void>((resolve, reject) => {\n this.files = new Map();\n pipeline(\n getNodeStream(tarballResponse),\n // The \"gz\" in \"tgz\" stands for \"gzip\". The tarball needs to be decompressed\n // before we can actually grab any files from it.\n // To prevent recursion-based zip bombs, we set a maximum recursion depth of 1.\n createGunzipStream(1),\n createTarballStream(\n `${canonicalBase}/${this.meta.packageName}/`,\n this.files,\n ),\n (error) => {\n error ? reject(error) : resolve();\n },\n );\n });\n }\n}\n\n// Safety limit for tarballs, 250 MB in bytes\nconst TARBALL_SIZE_SAFETY_LIMIT = 262144000;\n\n// Incomplete type\nexport type PartialNpmMetadata = {\n versions: Record<string, { dist: { tarball: string } }>;\n};\n\n/**\n * Fetches the NPM metadata of the specified package from\n * the public npm registry.\n *\n * @param packageName - The name of the package whose metadata to fetch.\n * @param registryUrl - The URL of the npm registry to fetch the metadata from.\n * @param fetchFunction - The fetch function to use. Defaults to the global\n * {@link fetch}. Useful for Node.js compatibility.\n * @returns The NPM metadata object.\n * @throws If fetching the metadata fails.\n */\nexport async function fetchNpmMetadata(\n packageName: string,\n registryUrl: URL | string,\n fetchFunction: typeof fetch,\n): Promise<PartialNpmMetadata> {\n const packageResponse = await fetchFunction(\n new URL(packageName, registryUrl).toString(),\n );\n if (!packageResponse.ok) {\n throw new Error(\n `Failed to fetch NPM registry entry. Status code: ${packageResponse.status}.`,\n );\n }\n const packageMetadata = await packageResponse.json();\n\n if (!isObject(packageMetadata)) {\n throw new Error(\n `Failed to fetch package \"${packageName}\" metadata from npm.`,\n );\n }\n\n return packageMetadata as PartialNpmMetadata;\n}\n\n/**\n * Resolves a version range to a version using the NPM registry.\n *\n * Unless the version range is already a version, then the NPM registry is skipped.\n *\n * @param packageName - The name of the package whose metadata to fetch.\n * @param versionRange - The version range of the package.\n * @param registryUrl - The URL of the npm registry to fetch the metadata from.\n * @param fetchFunction - The fetch function to use. Defaults to the global\n * {@link fetch}. Useful for Node.js compatibility.\n * @returns An object containing the resolved version and a URL for its tarball.\n * @throws If fetching the metadata fails.\n */\nasync function resolveNpmVersion(\n packageName: string,\n versionRange: SemVerRange,\n registryUrl: URL,\n fetchFunction: typeof fetch,\n): Promise<{ tarballURL: string; targetVersion: SemVerVersion }> {\n // If the version range is already a static version we don't need to look for the metadata.\n if (\n registryUrl.toString() === DEFAULT_NPM_REGISTRY.toString() &&\n isValidSemVerVersion(versionRange)\n ) {\n return {\n tarballURL: getNpmTarballUrl(packageName, versionRange),\n targetVersion: versionRange,\n };\n }\n\n const packageMetadata = await fetchNpmMetadata(\n packageName,\n registryUrl,\n fetchFunction,\n );\n\n const versions = Object.keys(packageMetadata?.versions ?? {}).map(\n (version) => {\n assertIsSemVerVersion(version);\n return version;\n },\n );\n\n const targetVersion = getTargetVersion(versions, versionRange);\n\n if (targetVersion === null) {\n throw new Error(\n `Failed to find a matching version in npm metadata for package \"${packageName}\" and requested semver range \"${versionRange}\".`,\n );\n }\n\n const tarballURL = packageMetadata?.versions?.[targetVersion]?.dist?.tarball;\n\n return { tarballURL, targetVersion };\n}\n\n/**\n * Fetches the tarball (`.tgz` file) of the specified package and version from\n * the public npm registry.\n *\n * @param packageName - The name of the package whose tarball to fetch.\n * @param versionRange - The SemVer range of the package to fetch. The highest\n * version satisfying the range will be fetched.\n * @param registryUrl - The URL of the npm registry to fetch the tarball from.\n * @param fetchFunction - The fetch function to use. Defaults to the global\n * {@link fetch}. Useful for Node.js compatibility.\n * @returns A tuple of the {@link Response} for the package tarball and the\n * actual version of the package.\n * @throws If fetching the tarball fails.\n */\nasync function fetchNpmTarball(\n packageName: string,\n versionRange: SemVerRange,\n registryUrl: URL,\n fetchFunction: typeof fetch,\n): Promise<[ReadableStream, SemVerVersion]> {\n const { tarballURL, targetVersion } = await resolveNpmVersion(\n packageName,\n versionRange,\n registryUrl,\n fetchFunction,\n );\n\n if (!isValidUrl(tarballURL) || !tarballURL.toString().endsWith('.tgz')) {\n throw new Error(\n `Failed to find valid tarball URL in NPM metadata for package \"${packageName}\".`,\n );\n }\n\n // Override the tarball hostname/protocol with registryUrl hostname/protocol\n const newRegistryUrl = new URL(registryUrl);\n const newTarballUrl = new URL(tarballURL);\n newTarballUrl.hostname = newRegistryUrl.hostname;\n newTarballUrl.protocol = newRegistryUrl.protocol;\n\n // Perform a raw fetch because we want the Response object itself.\n const tarballResponse = await fetchFunction(newTarballUrl.toString());\n if (!tarballResponse.ok || !tarballResponse.body) {\n throw new Error(`Failed to fetch tarball for package \"${packageName}\".`);\n }\n // We assume that NPM is a good actor and provides us with a valid `content-length` header.\n const tarballSizeString = tarballResponse.headers.get('content-length');\n assert(tarballSizeString, 'Snap tarball has invalid content-length');\n const tarballSize = parseInt(tarballSizeString, 10);\n assert(\n tarballSize <= TARBALL_SIZE_SAFETY_LIMIT,\n 'Snap tarball exceeds size limit',\n );\n return [tarballResponse.body, targetVersion];\n}\n\n/**\n * The paths of files within npm tarballs appear to always be prefixed with\n * \"package/\".\n */\nconst NPM_TARBALL_PATH_PREFIX = /^package\\//u;\n\n/**\n * Converts a {@link ReadableStream} to a Node.js {@link Readable}\n * stream. Returns the stream directly if it is already a Node.js stream.\n * We can't use the native Web {@link ReadableStream} directly because the\n * other stream libraries we use expect Node.js streams.\n *\n * @param stream - The stream to convert.\n * @returns The given stream as a Node.js Readable stream.\n */\nfunction getNodeStream(stream: ReadableStream): Readable {\n if (typeof stream.getReader !== 'function') {\n return stream as unknown as Readable;\n }\n\n return new ReadableWebToNodeStream(stream);\n}\n\n/**\n * Creates a `tar-stream` that will get the necessary files from an npm Snap\n * package tarball (`.tgz` file).\n *\n * @param canonicalBase - A base URI as specified in {@link https://github.com/MetaMask/SIPs/blob/main/SIPS/sip-8.md SIP-8}. Starting with 'npm:'. Will be used for canonicalPath vfile argument.\n * @param files - An object to write target file contents to.\n * @returns The {@link Writable} tarball extraction stream.\n */\nfunction createTarballStream(\n canonicalBase: string,\n files: Map<string, VirtualFile>,\n): Writable {\n assert(\n canonicalBase.endsWith('/'),\n \"Base needs to end with '/' for relative paths to be added as children instead of siblings.\",\n );\n\n assert(\n canonicalBase.startsWith('npm:'),\n 'Protocol mismatch, expected \"npm:\".',\n );\n // `tar-stream` is pretty old-school, so we create it first and then\n // instrument it by adding event listeners.\n const extractStream = tarExtract();\n\n let totalSize = 0;\n\n // \"entry\" is fired for every discreet entity in the tarball. This includes\n // files and folders.\n extractStream.on('entry', (header, entryStream, next) => {\n const { name: headerName, type: headerType } = header;\n if (headerType === 'file') {\n // The name is a path if the header type is \"file\".\n const path = headerName.replace(NPM_TARBALL_PATH_PREFIX, '');\n return entryStream.pipe(\n concat({ encoding: 'uint8array' }, (data) => {\n try {\n totalSize += data.byteLength;\n // To prevent zip bombs, we set a safety limit for the total size of tarballs.\n assert(\n totalSize < TARBALL_SIZE_SAFETY_LIMIT,\n `Snap tarball exceeds limit of ${TARBALL_SIZE_SAFETY_LIMIT} bytes.`,\n );\n const vfile = new VirtualFile({\n value: data,\n path,\n data: {\n canonicalPath: new URL(path, canonicalBase).toString(),\n },\n });\n // We disallow files having identical paths as it may confuse our checksum calculations.\n assert(\n !files.has(path),\n 'Malformed tarball, multiple files with the same path.',\n );\n files.set(path, vfile);\n return next();\n } catch (error) {\n return extractStream.destroy(error);\n }\n }),\n );\n }\n\n // If we get here, the entry is not a file, and we want to ignore. The entry\n // stream must be drained, or the extractStream will stop reading. This is\n // effectively a no-op for the current entry.\n entryStream.on('end', () => next());\n return entryStream.resume();\n });\n return extractStream;\n}\n"],"names":["createSnapManifest","DEFAULT_REQUESTED_SNAP_VERSION","getTargetVersion","isValidUrl","NpmSnapIdStruct","VirtualFile","normalizeRelative","parseJson","assert","assertIsSemVerVersion","assertStruct","isObject","isValidSemVerVersion","concat","getNpmTarballUrl","createGunzipStream","ReadableWebToNodeStream","pipeline","extract","tarExtract","DEFAULT_NPM_REGISTRY","URL","NpmLocation","manifest","validatedManifest","clone","vfile","fetch","result","toString","path","relativePath","files","lazyInit","undefined","get","TypeError","packageName","meta","version","registry","versionRange","requestedRange","constructor","url","opts","allowCustomRegistries","fetchFunction","globalThis","bind","defaultResolve","range","resolveVersion","host","port","username","password","pathname","search","hash","startsWith","slice","resolvedVersion","tarballResponse","actualVersion","fetchNpmTarball","canonicalBase","Promise","resolve","reject","Map","getNodeStream","createTarballStream","error","TARBALL_SIZE_SAFETY_LIMIT","fetchNpmMetadata","registryUrl","packageResponse","ok","Error","status","packageMetadata","json","resolveNpmVersion","tarballURL","targetVersion","versions","Object","keys","map","dist","tarball","endsWith","newRegistryUrl","newTarballUrl","hostname","protocol","body","tarballSizeString","headers","tarballSize","parseInt","NPM_TARBALL_PATH_PREFIX","stream","getReader","extractStream","totalSize","on","header","entryStream","next","name","headerName","type","headerType","replace","pipe","encoding","data","byteLength","value","canonicalPath","has","set","destroy","resume"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AACA,SACEA,kBAAkB,EAClBC,8BAA8B,EAC9BC,gBAAgB,EAChBC,UAAU,EACVC,eAAe,EACfC,WAAW,EACXC,iBAAiB,EACjBC,SAAS,QACJ,wBAAwB;AAE/B,SACEC,MAAM,EACNC,qBAAqB,EACrBC,YAAY,EACZC,QAAQ,EACRC,oBAAoB,QACf,kBAAkB;AACzB,OAAOC,YAAY,gBAAgB;AACnC,OAAOC,sBAAsB,sBAAsB;AACnD,OAAOC,wBAAwB,eAAe;AAC9C,SAASC,uBAAuB,QAAQ,8BAA8B;AACtE,SAASC,QAAQ,QAAQ,SAAS;AAElC,SAASC,WAAWC,UAAU,QAAQ,aAAa;AAInD,OAAO,MAAMC,uBAAuB,IAAIC,IAAI,8BAA8B;IAyIlE;AAlHR,OAAO,MAAMC;IAmEX,MAAMC,WAA+C;QACnD,IAAI,IAAI,CAACC,iBAAiB,EAAE;YAC1B,OAAO,IAAI,CAACA,iBAAiB,CAACC,KAAK;QACrC;QAEA,MAAMC,QAAQ,MAAM,IAAI,CAACC,KAAK,CAAC;QAC/B,MAAMC,SAASrB,UAAUmB,MAAMG,QAAQ;QACvCH,MAAME,MAAM,GAAG5B,mBAAmB4B;QAClC,IAAI,CAACJ,iBAAiB,GAAGE;QAEzB,OAAO,IAAI,CAACH,QAAQ;IACtB;IAEA,MAAMI,MAAMG,IAAY,EAAwB;QAC9C,MAAMC,eAAezB,kBAAkBwB;QACvC,IAAI,CAAC,IAAI,CAACE,KAAK,EAAE;YACf,MAAM,0BAAA,IAAI,EAAEC,WAAAA,eAAN,IAAI;YACVzB,OAAO,IAAI,CAACwB,KAAK,KAAKE;QACxB;QACA,MAAMR,QAAQ,IAAI,CAACM,KAAK,CAACG,GAAG,CAACJ;QAC7BvB,OACEkB,UAAUQ,WACV,IAAIE,UAAU,CAAC,MAAM,EAAEN,KAAK,uBAAuB,CAAC;QAEtD,OAAOJ,MAAMD,KAAK;IACpB;IAEA,IAAIY,cAAsB;QACxB,OAAO,IAAI,CAACC,IAAI,CAACD,WAAW;IAC9B;IAEA,IAAIE,UAAkB;QACpB/B,OACE,IAAI,CAAC8B,IAAI,CAACC,OAAO,KAAKL,WACtB;QAEF,OAAO,IAAI,CAACI,IAAI,CAACC,OAAO;IAC1B;IAEA,IAAIC,WAAgB;QAClB,OAAO,IAAI,CAACF,IAAI,CAACE,QAAQ;IAC3B;IAEA,IAAIC,eAA4B;QAC9B,OAAO,IAAI,CAACH,IAAI,CAACI,cAAc;IACjC;IAzGAC,YAAYC,GAAQ,EAAEC,OAAkC,CAAC,CAAC,CAAE;QA2G5D,iCAAM;QAjHN,uBAAiBP,QAAjB,KAAA;QAEA,uBAAQd,qBAAR,KAAA;QAEA,uBAAQQ,SAAR,KAAA;QAGE,MAAMc,wBAAwBD,KAAKC,qBAAqB,IAAI;QAC5D,MAAMC,gBAAgBF,KAAKlB,KAAK,IAAIqB,WAAWrB,KAAK,CAACsB,IAAI,CAACD;QAC1D,MAAMN,iBAAiBG,KAAKJ,YAAY,IAAIxC;QAC5C,MAAMiD,iBAAiB,OAAOC,QAAuBA;QACrD,MAAMC,iBAAiBP,KAAKO,cAAc,IAAIF;QAE9CxC,aAAakC,IAAIf,QAAQ,IAAIzB,iBAAiB;QAE9C,IAAIoC;QACJ,IACEI,IAAIS,IAAI,KAAK,MACbT,IAAIU,IAAI,KAAK,MACbV,IAAIW,QAAQ,KAAK,MACjBX,IAAIY,QAAQ,KAAK,IACjB;YACAhB,WAAWpB;QACb,OAAO;YACLoB,WAAW;YACX,IAAII,IAAIW,QAAQ,EAAE;gBAChBf,YAAYI,IAAIW,QAAQ;gBACxB,IAAIX,IAAIY,QAAQ,EAAE;oBAChBhB,YAAY,CAAC,CAAC,EAAEI,IAAIY,QAAQ,CAAC,CAAC;gBAChC;gBACAhB,YAAY;YACd;YACAA,YAAYI,IAAIS,IAAI;YACpBb,WAAW,IAAInB,IAAImB;YACnBhC,OACEsC,uBACA,IAAIV,UACF,CAAC,kDAAkD,EAAEI,SAASX,QAAQ,GAAG,EAAE,CAAC;QAGlF;QAEArB,OACEgC,SAASiB,QAAQ,KAAK,OACpBjB,SAASkB,MAAM,KAAK,MACpBlB,SAASmB,IAAI,KAAK;QAGtBnD,OACEoC,IAAIa,QAAQ,KAAK,MAAMb,IAAIa,QAAQ,KAAK,KACxC,IAAIrB,UAAU;QAEhB,IAAIC,cAAcO,IAAIa,QAAQ;QAC9B,IAAIpB,YAAYuB,UAAU,CAAC,MAAM;YAC/BvB,cAAcA,YAAYwB,KAAK,CAAC;QAClC;QAEA,IAAI,CAACvB,IAAI,GAAG;YACVI;YACAF;YACAH;YACAV,OAAOoB;YACPK;QACF;IACF;AA4FF;AA3CE,eAAA;IACE5C,OAAO,IAAI,CAACwB,KAAK,KAAKE;IACtB,MAAM4B,kBAAkB,MAAM,IAAI,CAACxB,IAAI,CAACc,cAAc,CACpD,IAAI,CAACd,IAAI,CAACI,cAAc;IAE1B,MAAM,CAACqB,iBAAiBC,cAAc,GAAG,MAAMC,gBAC7C,IAAI,CAAC3B,IAAI,CAACD,WAAW,EACrByB,iBACA,IAAI,CAACxB,IAAI,CAACE,QAAQ,EAClB,IAAI,CAACF,IAAI,CAACX,KAAK;IAEjB,IAAI,CAACW,IAAI,CAACC,OAAO,GAAGyB;IAEpB,IAAIE,gBAAgB;IACpB,IAAI,IAAI,CAAC5B,IAAI,CAACE,QAAQ,CAACe,QAAQ,KAAK,IAAI;QACtCW,iBAAiB,IAAI,CAAC5B,IAAI,CAACE,QAAQ,CAACe,QAAQ;QAC5C,IAAI,IAAI,CAACjB,IAAI,CAACE,QAAQ,CAACgB,QAAQ,KAAK,IAAI;YACtCU,iBAAiB,CAAC,CAAC,EAAE,IAAI,CAAC5B,IAAI,CAACE,QAAQ,CAACgB,QAAQ,CAAC,CAAC;QACpD;QACAU,iBAAiB;IACnB;IACAA,iBAAiB,IAAI,CAAC5B,IAAI,CAACE,QAAQ,CAACa,IAAI;IAExC,gFAAgF;IAChF,kHAAkH;IAClH,MAAM,IAAIc,QAAc,CAACC,SAASC;QAChC,IAAI,CAACrC,KAAK,GAAG,IAAIsC;QACjBrD,SACEsD,cAAcR,kBACd,4EAA4E;QAC5E,iDAAiD;QACjD,+EAA+E;QAC/EhD,mBAAmB,IACnByD,oBACE,CAAC,EAAEN,cAAc,CAAC,EAAE,IAAI,CAAC5B,IAAI,CAACD,WAAW,CAAC,CAAC,CAAC,EAC5C,IAAI,CAACL,KAAK,GAEZ,CAACyC;YACCA,QAAQJ,OAAOI,SAASL;QAC1B;IAEJ;AACF;AAGF,6CAA6C;AAC7C,MAAMM,4BAA4B;AAOlC;;;;;;;;;;CAUC,GACD,OAAO,eAAeC,iBACpBtC,WAAmB,EACnBuC,WAAyB,EACzB7B,aAA2B;IAE3B,MAAM8B,kBAAkB,MAAM9B,cAC5B,IAAI1B,IAAIgB,aAAauC,aAAa/C,QAAQ;IAE5C,IAAI,CAACgD,gBAAgBC,EAAE,EAAE;QACvB,MAAM,IAAIC,MACR,CAAC,iDAAiD,EAAEF,gBAAgBG,MAAM,CAAC,CAAC,CAAC;IAEjF;IACA,MAAMC,kBAAkB,MAAMJ,gBAAgBK,IAAI;IAElD,IAAI,CAACvE,SAASsE,kBAAkB;QAC9B,MAAM,IAAIF,MACR,CAAC,yBAAyB,EAAE1C,YAAY,oBAAoB,CAAC;IAEjE;IAEA,OAAO4C;AACT;AAEA;;;;;;;;;;;;CAYC,GACD,eAAeE,kBACb9C,WAAmB,EACnBI,YAAyB,EACzBmC,WAAgB,EAChB7B,aAA2B;IAE3B,2FAA2F;IAC3F,IACE6B,YAAY/C,QAAQ,OAAOT,qBAAqBS,QAAQ,MACxDjB,qBAAqB6B,eACrB;QACA,OAAO;YACL2C,YAAYtE,iBAAiBuB,aAAaI;YAC1C4C,eAAe5C;QACjB;IACF;IAEA,MAAMwC,kBAAkB,MAAMN,iBAC5BtC,aACAuC,aACA7B;IAGF,MAAMuC,WAAWC,OAAOC,IAAI,CAACP,iBAAiBK,YAAY,CAAC,GAAGG,GAAG,CAC/D,CAAClD;QACC9B,sBAAsB8B;QACtB,OAAOA;IACT;IAGF,MAAM8C,gBAAgBnF,iBAAiBoF,UAAU7C;IAEjD,IAAI4C,kBAAkB,MAAM;QAC1B,MAAM,IAAIN,MACR,CAAC,+DAA+D,EAAE1C,YAAY,8BAA8B,EAAEI,aAAa,EAAE,CAAC;IAElI;IAEA,MAAM2C,aAAaH,iBAAiBK,UAAU,CAACD,cAAc,EAAEK,MAAMC;IAErE,OAAO;QAAEP;QAAYC;IAAc;AACrC;AAEA;;;;;;;;;;;;;CAaC,GACD,eAAepB,gBACb5B,WAAmB,EACnBI,YAAyB,EACzBmC,WAAgB,EAChB7B,aAA2B;IAE3B,MAAM,EAAEqC,UAAU,EAAEC,aAAa,EAAE,GAAG,MAAMF,kBAC1C9C,aACAI,cACAmC,aACA7B;IAGF,IAAI,CAAC5C,WAAWiF,eAAe,CAACA,WAAWvD,QAAQ,GAAG+D,QAAQ,CAAC,SAAS;QACtE,MAAM,IAAIb,MACR,CAAC,8DAA8D,EAAE1C,YAAY,EAAE,CAAC;IAEpF;IAEA,4EAA4E;IAC5E,MAAMwD,iBAAiB,IAAIxE,IAAIuD;IAC/B,MAAMkB,gBAAgB,IAAIzE,IAAI+D;IAC9BU,cAAcC,QAAQ,GAAGF,eAAeE,QAAQ;IAChDD,cAAcE,QAAQ,GAAGH,eAAeG,QAAQ;IAEhD,kEAAkE;IAClE,MAAMjC,kBAAkB,MAAMhB,cAAc+C,cAAcjE,QAAQ;IAClE,IAAI,CAACkC,gBAAgBe,EAAE,IAAI,CAACf,gBAAgBkC,IAAI,EAAE;QAChD,MAAM,IAAIlB,MAAM,CAAC,qCAAqC,EAAE1C,YAAY,EAAE,CAAC;IACzE;IACA,2FAA2F;IAC3F,MAAM6D,oBAAoBnC,gBAAgBoC,OAAO,CAAChE,GAAG,CAAC;IACtD3B,OAAO0F,mBAAmB;IAC1B,MAAME,cAAcC,SAASH,mBAAmB;IAChD1F,OACE4F,eAAe1B,2BACf;IAEF,OAAO;QAACX,gBAAgBkC,IAAI;QAAEZ;KAAc;AAC9C;AAEA;;;CAGC,GACD,MAAMiB,0BAA0B;AAEhC;;;;;;;;CAQC,GACD,SAAS/B,cAAcgC,MAAsB;IAC3C,IAAI,OAAOA,OAAOC,SAAS,KAAK,YAAY;QAC1C,OAAOD;IACT;IAEA,OAAO,IAAIvF,wBAAwBuF;AACrC;AAEA;;;;;;;CAOC,GACD,SAAS/B,oBACPN,aAAqB,EACrBlC,KAA+B;IAE/BxB,OACE0D,cAAc0B,QAAQ,CAAC,MACvB;IAGFpF,OACE0D,cAAcN,UAAU,CAAC,SACzB;IAEF,oEAAoE;IACpE,2CAA2C;IAC3C,MAAM6C,gBAAgBtF;IAEtB,IAAIuF,YAAY;IAEhB,2EAA2E;IAC3E,qBAAqB;IACrBD,cAAcE,EAAE,CAAC,SAAS,CAACC,QAAQC,aAAaC;QAC9C,MAAM,EAAEC,MAAMC,UAAU,EAAEC,MAAMC,UAAU,EAAE,GAAGN;QAC/C,IAAIM,eAAe,QAAQ;YACzB,mDAAmD;YACnD,MAAMpF,OAAOkF,WAAWG,OAAO,CAACb,yBAAyB;YACzD,OAAOO,YAAYO,IAAI,CACrBvG,OAAO;gBAAEwG,UAAU;YAAa,GAAG,CAACC;gBAClC,IAAI;oBACFZ,aAAaY,KAAKC,UAAU;oBAC5B,8EAA8E;oBAC9E/G,OACEkG,YAAYhC,2BACZ,CAAC,8BAA8B,EAAEA,0BAA0B,OAAO,CAAC;oBAErE,MAAMhD,QAAQ,IAAIrB,YAAY;wBAC5BmH,OAAOF;wBACPxF;wBACAwF,MAAM;4BACJG,eAAe,IAAIpG,IAAIS,MAAMoC,eAAerC,QAAQ;wBACtD;oBACF;oBACA,wFAAwF;oBACxFrB,OACE,CAACwB,MAAM0F,GAAG,CAAC5F,OACX;oBAEFE,MAAM2F,GAAG,CAAC7F,MAAMJ;oBAChB,OAAOoF;gBACT,EAAE,OAAOrC,OAAO;oBACd,OAAOgC,cAAcmB,OAAO,CAACnD;gBAC/B;YACF;QAEJ;QAEA,4EAA4E;QAC5E,0EAA0E;QAC1E,6CAA6C;QAC7CoC,YAAYF,EAAE,CAAC,OAAO,IAAMG;QAC5B,OAAOD,YAAYgB,MAAM;IAC3B;IACA,OAAOpB;AACT"}
|