@mindees/updates 0.12.0 โ 0.14.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +27 -3
- package/dist/index.d.ts +1 -1
- package/dist/index.js +1 -1
- package/dist/index.js.map +1 -1
- package/package.json +2 -2
package/README.md
CHANGED
|
@@ -5,9 +5,10 @@ installed apps without an app-store release, safely.
|
|
|
5
5
|
|
|
6
6
|
> Status: ๐งช **Experimental** โ Phase 9 (Pulse) is complete in its current scope.
|
|
7
7
|
> Implemented and tested: signed OTA core, differential bundle diffing, the reference
|
|
8
|
-
> update server,
|
|
9
|
-
>
|
|
10
|
-
>
|
|
8
|
+
> update server, server-driven UI (SDUI), and a real **sandboxed WASM module runtime**
|
|
9
|
+
> (`createWasmModuleRuntime()` โ capability-secure, core WebAssembly; the full WASM
|
|
10
|
+
> Component Model / WASI 0.2/0.3 is a labeled follow-up behind the same seam). See the
|
|
11
|
+
> repository [STATUS.md](../../STATUS.md).
|
|
11
12
|
|
|
12
13
|
## What works today
|
|
13
14
|
|
|
@@ -70,6 +71,29 @@ Incremental updates use a pure-TS RFC 7396 merge-patch (`applyMergePatch`) and a
|
|
|
70
71
|
RFC 6902 subset (`applyJsonPatch` โ `add`/`remove`/`replace`); a patched tree must be
|
|
71
72
|
re-run through `compileSdui` before render. Design: [ADR-0011](../../docs/adr/0011-pulse-sdui.md).
|
|
72
73
|
|
|
74
|
+
## Sandboxed WASM modules
|
|
75
|
+
|
|
76
|
+
`@mindees/updates` ships a real, **capability-secure** WebAssembly runtime so an OTA
|
|
77
|
+
update can carry signed feature modules that run at runtime, isolated in their own linear
|
|
78
|
+
memory. `createWasmModuleRuntime()` returns a runtime whose `instantiate`:
|
|
79
|
+
|
|
80
|
+
- **is the sandbox** โ a module sees ONLY the `capabilities` you pass as its import object;
|
|
81
|
+
it has no ambient access to the JS realm, the network, or the DOM,
|
|
82
|
+
- **fails closed** โ a module that asks for a capability it wasn't granted (`LinkError`),
|
|
83
|
+
malformed bytecode, or an over-budget module (default 16 MiB cap) is rejected
|
|
84
|
+
deterministically with `UpdateError('MODULE_INVALID')`,
|
|
85
|
+
- **runs everywhere** โ core WebAssembly, so it works on Hermes/React Native, Node, and the
|
|
86
|
+
web today without a native module; the full WASM **Component Model** (WASI 0.2/0.3 typed
|
|
87
|
+
interfaces) is a labeled follow-up that slots in behind the same `instantiate` seam.
|
|
88
|
+
|
|
89
|
+
```ts
|
|
90
|
+
import { createWasmModuleRuntime } from '@mindees/updates'
|
|
91
|
+
|
|
92
|
+
const runtime = createWasmModuleRuntime()
|
|
93
|
+
const mod = await runtime.instantiate(wasmBytes, { host: { inc: (n: number) => n + 1 } })
|
|
94
|
+
mod.call<number>('run', 41) // โ 42, using only the granted host.inc capability
|
|
95
|
+
```
|
|
96
|
+
|
|
73
97
|
## Quick start
|
|
74
98
|
|
|
75
99
|
```ts
|
package/dist/index.d.ts
CHANGED
|
@@ -13,7 +13,7 @@ import { Maturity, NotImplementedError, PackageInfo, notImplemented } from "@min
|
|
|
13
13
|
/** The npm package name. */
|
|
14
14
|
declare const name = "@mindees/updates";
|
|
15
15
|
/** The package version. All `@mindees/*` packages share one locked version line. */
|
|
16
|
-
declare const VERSION = "0.
|
|
16
|
+
declare const VERSION = "0.14.0";
|
|
17
17
|
/** Current maturity. See the repository `STATUS.md`. */
|
|
18
18
|
declare const maturity: Maturity;
|
|
19
19
|
/**
|
package/dist/index.js
CHANGED
|
@@ -12,7 +12,7 @@ import { NotImplementedError, notImplemented } from "@mindees/core";
|
|
|
12
12
|
/** The npm package name. */
|
|
13
13
|
const name = "@mindees/updates";
|
|
14
14
|
/** The package version. All `@mindees/*` packages share one locked version line. */
|
|
15
|
-
const VERSION = "0.
|
|
15
|
+
const VERSION = "0.14.0";
|
|
16
16
|
/** Current maturity. See the repository `STATUS.md`. */
|
|
17
17
|
const maturity = "experimental";
|
|
18
18
|
/**
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","names":[],"sources":["../src/index.ts"],"sourcesContent":["/**\n * `@mindees/updates` (Pulse) โ signed OTA updates.\n *\n * Pulse ships a versioned, hash-addressed {@link UpdateManifest}, Ed25519\n * {@link signManifest signing}/{@link verifySignedManifest verification} (threshold +\n * key rotation), a content-addressed {@link UpdateStorage store}, an\n * {@link createUpdateClient update client} with atomic generations + crash-loop\n * rollback, differential bundle diffing, a reference update server, and SDUI.\n *\n * @module\n */\n\nimport type { Maturity, PackageInfo } from '@mindees/core'\nimport { NotImplementedError, notImplemented } from '@mindees/core'\n\n/** The npm package name. */\nexport const name = '@mindees/updates'\n\n/** The package version. All `@mindees/*` packages share one locked version line. */\nexport const VERSION = '0.
|
|
1
|
+
{"version":3,"file":"index.js","names":[],"sources":["../src/index.ts"],"sourcesContent":["/**\n * `@mindees/updates` (Pulse) โ signed OTA updates.\n *\n * Pulse ships a versioned, hash-addressed {@link UpdateManifest}, Ed25519\n * {@link signManifest signing}/{@link verifySignedManifest verification} (threshold +\n * key rotation), a content-addressed {@link UpdateStorage store}, an\n * {@link createUpdateClient update client} with atomic generations + crash-loop\n * rollback, differential bundle diffing, a reference update server, and SDUI.\n *\n * @module\n */\n\nimport type { Maturity, PackageInfo } from '@mindees/core'\nimport { NotImplementedError, notImplemented } from '@mindees/core'\n\n/** The npm package name. */\nexport const name = '@mindees/updates'\n\n/** The package version. All `@mindees/*` packages share one locked version line. */\nexport const VERSION = '0.14.0'\n\n/** Current maturity. See the repository `STATUS.md`. */\nexport const maturity: Maturity = 'experimental'\n\n/**\n * Static identity + maturity metadata for this package. Frozen so the\n * self-reported identity tooling introspects cannot be mutated at runtime,\n * matching the `readonly` fields of {@link PackageInfo}.\n */\nexport const info: PackageInfo = Object.freeze({ name, version: VERSION, maturity })\n\nexport {\n type BootResult,\n createUpdateClient,\n type UpdateCheck,\n type UpdateClient,\n type UpdateClientOptions,\n} from './client'\nexport {\n fromHex,\n generateKeypair,\n getPublicKey,\n type Keypair,\n sha256Hex,\n sign,\n toHex,\n utf8,\n verify,\n} from './crypto'\nexport { type ApplyDeltaOptions, applyDelta, diff } from './delta'\nexport { UpdateError, type UpdateErrorCode } from './errors'\nexport {\n type AssetEntry,\n allAssets,\n canonicalManifestJson,\n type PatchDescriptor,\n parseManifest,\n type UpdateManifest,\n} from './manifest'\n/**\n * Server-Driven UI (Pulse ยง10): compile an allowlisted, schema-versioned JSON tree into a live\n * MindeesNode tree, and apply incremental updates with JSON Merge Patch (RFC 7396) / JSON Patch\n * (RFC 6902). No `eval` โ components + actions are pre-registered.\n */\nexport {\n applyJsonPatch,\n applyMergePatch,\n compileSdui,\n type JsonPatchOp,\n type SduiActionHandler,\n type SduiActionRef,\n type SduiBindRef,\n SduiError,\n type SduiErrorCode,\n type SduiJson,\n type SduiLimits,\n type SduiNode,\n type SduiPropValue,\n type SduiRegistry,\n} from './sdui'\nexport {\n type SignatureEntry,\n type SignedManifest,\n type Signer,\n signManifest,\n type TrustedKey,\n type VerifiedManifest,\n verifySignedManifest,\n} from './signing'\nexport {\n createMemoryStorage,\n type GenerationMeta,\n type GenerationStatus,\n initialState,\n type UpdateState,\n type UpdateStorage,\n} from './store'\n\n/**\n * Pulse sandboxed WASM module runtime (spec ยง10) โ ship signed, capability-secure feature modules\n * that run at runtime in their own linear memory, reachable only through the capabilities you grant.\n * Core WebAssembly today; the full Component Model (WASI 0.2/0.3) is a follow-up behind the same seam.\n */\nexport {\n type Capabilities,\n createWasmModuleRuntime,\n type WasmModuleInstance,\n type WasmModuleRuntime,\n type WasmModuleRuntimeOptions,\n} from './wasm'\n\nexport type { Maturity, PackageInfo }\nexport { NotImplementedError, notImplemented }\n"],"mappings":";;;;;;;;;;;;AAgBA,MAAa,OAAO;;AAGpB,MAAa,UAAU;;AAGvB,MAAa,WAAqB;;;;;;AAOlC,MAAa,OAAoB,OAAO,OAAO;CAAE;CAAM,SAAS;CAAS;AAAS,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@mindees/updates",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.14.0",
|
|
4
4
|
"description": "MindeesNative Pulse - signed over-the-air (OTA) updates: hash-addressed manifests, Ed25519 signing, content-addressed storage, atomic generations with crash-loop rollback.",
|
|
5
5
|
"license": "MIT OR Apache-2.0",
|
|
6
6
|
"type": "module",
|
|
@@ -33,7 +33,7 @@
|
|
|
33
33
|
"dependencies": {
|
|
34
34
|
"@noble/curves": "2.2.0",
|
|
35
35
|
"@noble/hashes": "2.2.0",
|
|
36
|
-
"@mindees/core": "0.
|
|
36
|
+
"@mindees/core": "0.14.0"
|
|
37
37
|
},
|
|
38
38
|
"devDependencies": {
|
|
39
39
|
"fast-check": "4.8.0"
|