@motebit/verify 1.2.2 → 1.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +27 -0
- package/dist/cli.d.ts +44 -0
- package/dist/cli.d.ts.map +1 -1
- package/dist/cli.js +384 -10
- package/dist/cli.js.map +1 -1
- package/package.json +9 -7
package/README.md
CHANGED
|
@@ -75,6 +75,33 @@ const result = await verifyFile("cred.json", {
|
|
|
75
75
|
});
|
|
76
76
|
```
|
|
77
77
|
|
|
78
|
+
`buildHardwareVerifiers()` with no arguments uses motebit's canonical defaults (`com.motebit.mobile` bundle, `motebit.com` RP ID, pinned Apple/Google/FIDO/TPM roots). To verify credentials minted by a fork, a federation peer, or a custom build, pass a `HardwareVerifierBundleConfig`:
|
|
79
|
+
|
|
80
|
+
```ts
|
|
81
|
+
import { readFileSync } from "node:fs";
|
|
82
|
+
import { buildHardwareVerifiers } from "@motebit/verify";
|
|
83
|
+
import { verifyFile } from "@motebit/verifier";
|
|
84
|
+
|
|
85
|
+
const result = await verifyFile("cred.json", {
|
|
86
|
+
hardwareAttestation: buildHardwareVerifiers({
|
|
87
|
+
// Apple App Attest — non-motebit iOS build
|
|
88
|
+
appAttestBundleId: "com.example.app",
|
|
89
|
+
// Android Keystore — raw attestationApplicationId bytes from the
|
|
90
|
+
// leaf cert, computed once at build time from (packageName, signing-cert SHA-256)
|
|
91
|
+
androidKeystoreExpectedAttestationApplicationId: readFileSync("./app-id.bin"),
|
|
92
|
+
// WebAuthn — relying-party domain
|
|
93
|
+
webauthnRpId: "example.com",
|
|
94
|
+
// Optional — override any pinned root set (test fabrications, federation peer roots, etc.)
|
|
95
|
+
appAttestRootPem: customAppleRootPem,
|
|
96
|
+
androidKeystoreRootPems: [customGoogleRoot1, customGoogleRoot2],
|
|
97
|
+
webauthnRootPems: [customYubicoRoot],
|
|
98
|
+
tpmRootPems: [customInfineonRoot],
|
|
99
|
+
}),
|
|
100
|
+
});
|
|
101
|
+
```
|
|
102
|
+
|
|
103
|
+
Every field is optional and falls back to the motebit-canonical default. The Android Keystore arm is wired only when `androidKeystoreExpectedAttestationApplicationId` is supplied — there is no canonical default for the leaf-cert package binding, by design.
|
|
104
|
+
|
|
78
105
|
## The three-package lineage
|
|
79
106
|
|
|
80
107
|
This package sits at the top of a deliberate three-layer split — the same shape long-lived tool lineages use (git / libgit2, cargo / tokio, npm / @npm/arborist):
|
package/dist/cli.d.ts
CHANGED
|
@@ -39,5 +39,49 @@
|
|
|
39
39
|
* @motebit/verifier — Apache-2.0 library (file I/O, human formatting)
|
|
40
40
|
* @motebit/crypto — Apache-2.0 primitives (verify, sign, suite dispatch)
|
|
41
41
|
*/
|
|
42
|
+
import type { ArtifactType, ContentArtifactManifest } from "@motebit/crypto";
|
|
43
|
+
import type { ContentArtifactType } from "@motebit/protocol";
|
|
44
|
+
interface ParsedArgs {
|
|
45
|
+
readonly mode: "verify" | "verify-content-artifact" | "help" | "version";
|
|
46
|
+
readonly file?: string;
|
|
47
|
+
readonly json: boolean;
|
|
48
|
+
readonly expectedType?: ArtifactType;
|
|
49
|
+
readonly clockSkewSeconds?: number;
|
|
50
|
+
readonly bundleId?: string;
|
|
51
|
+
readonly androidAttestationApplicationIdPath?: string;
|
|
52
|
+
readonly rpId?: string;
|
|
53
|
+
/** Content-artifact mode: manifest input — either base64url header value or path to JSON file. */
|
|
54
|
+
readonly manifest?: string;
|
|
55
|
+
/** Content-artifact mode: optional pinned producer key (hex, 64 chars). */
|
|
56
|
+
readonly expectedProducerKey?: string;
|
|
57
|
+
/** Content-artifact mode: optional expected artifact-type from the closed registry. */
|
|
58
|
+
readonly expectedArtifactType?: ContentArtifactType;
|
|
59
|
+
readonly usageError?: string;
|
|
60
|
+
}
|
|
61
|
+
export declare function parseArgs(argv: readonly string[]): ParsedArgs;
|
|
62
|
+
/**
|
|
63
|
+
* Decode the `--manifest` argument. Tries the value as a filesystem
|
|
64
|
+
* path first; if the file exists and parses as JSON, returns that.
|
|
65
|
+
* Otherwise, treats it as a base64url-encoded canonical-JSON
|
|
66
|
+
* representation (the form `services/relay/src/state-export.ts` emits
|
|
67
|
+
* in the `X-Motebit-Content-Manifest` HTTP header). Returns the
|
|
68
|
+
* parsed manifest object or a usage error.
|
|
69
|
+
*
|
|
70
|
+
* Auto-detect order matters: a base64url string could in principle be
|
|
71
|
+
* a legal path on disk, but the path-first try is bounded (readFileSync
|
|
72
|
+
* + JSON.parse) and falls through silently to header-decode. The
|
|
73
|
+
* inverse — treating every input as header bytes — would accidentally
|
|
74
|
+
* succeed on JSON files whose contents happen to base64-decode as
|
|
75
|
+
* arbitrary bytes, returning malformed garbage.
|
|
76
|
+
*/
|
|
77
|
+
export declare function decodeManifestInput(value: string): {
|
|
78
|
+
ok: true;
|
|
79
|
+
manifest: ContentArtifactManifest;
|
|
80
|
+
} | {
|
|
81
|
+
ok: false;
|
|
82
|
+
error: string;
|
|
83
|
+
};
|
|
84
|
+
/** Failure-reason → human-readable phrase for the human-mode CLI output. */
|
|
85
|
+
export declare function describeContentArtifactReason(reason: string): string;
|
|
42
86
|
export {};
|
|
43
87
|
//# sourceMappingURL=cli.d.ts.map
|
package/dist/cli.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AACA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAuCG"}
|
|
1
|
+
{"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AACA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAuCG;AAMH,OAAO,KAAK,EAAE,YAAY,EAAE,uBAAuB,EAAE,MAAM,iBAAiB,CAAC;AAE7E,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AA6B7D,UAAU,UAAU;IAClB,QAAQ,CAAC,IAAI,EAAE,QAAQ,GAAG,yBAAyB,GAAG,MAAM,GAAG,SAAS,CAAC;IACzE,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC;IACvB,QAAQ,CAAC,YAAY,CAAC,EAAE,YAAY,CAAC;IACrC,QAAQ,CAAC,gBAAgB,CAAC,EAAE,MAAM,CAAC;IACnC,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,mCAAmC,CAAC,EAAE,MAAM,CAAC;IACtD,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,CAAC;IACvB,kGAAkG;IAClG,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAC3B,2EAA2E;IAC3E,QAAQ,CAAC,mBAAmB,CAAC,EAAE,MAAM,CAAC;IACtC,uFAAuF;IACvF,QAAQ,CAAC,oBAAoB,CAAC,EAAE,mBAAmB,CAAC;IACpD,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,CAAC;CAC9B;AAED,wBAAgB,SAAS,CAAC,IAAI,EAAE,SAAS,MAAM,EAAE,GAAG,UAAU,CAsH7D;AAgND;;;;;;;;;;;;;;GAcG;AACH,wBAAgB,mBAAmB,CACjC,KAAK,EAAE,MAAM,GACZ;IAAE,EAAE,EAAE,IAAI,CAAC;IAAC,QAAQ,EAAE,uBAAuB,CAAA;CAAE,GAAG;IAAE,EAAE,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,CA0BhF;AAED,4EAA4E;AAC5E,wBAAgB,6BAA6B,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,CAmBpE"}
|
package/dist/cli.js
CHANGED
|
@@ -42,6 +42,9 @@
|
|
|
42
42
|
import { readFileSync } from "node:fs";
|
|
43
43
|
import { dirname, join } from "node:path";
|
|
44
44
|
import { fileURLToPath } from "node:url";
|
|
45
|
+
import { verifyContentArtifact } from "@motebit/crypto";
|
|
46
|
+
import { ALL_CONTENT_ARTIFACT_TYPES, isContentArtifactType } from "@motebit/protocol";
|
|
47
|
+
import { verifyInnerSignedReceipts, } from "@motebit/state-export-client";
|
|
45
48
|
import { formatHuman, verifyFile } from "@motebit/verifier";
|
|
46
49
|
import { buildHardwareVerifiers } from "./adapters.js";
|
|
47
50
|
const EXPECT_VALUES = [
|
|
@@ -51,7 +54,24 @@ const EXPECT_VALUES = [
|
|
|
51
54
|
"presentation",
|
|
52
55
|
"skill",
|
|
53
56
|
];
|
|
54
|
-
|
|
57
|
+
/**
|
|
58
|
+
* First positional argument that switches the CLI into content-artifact
|
|
59
|
+
* mode. Verifies a relay-asserted (or motebit-asserted) C2PA-shape
|
|
60
|
+
* manifest against the bytes it covers — the consumer-side primitive
|
|
61
|
+
* for the state-export-signing surface (`docs/doctrine/nist-alignment.md`
|
|
62
|
+
* §8). Stays a subcommand rather than auto-detection because
|
|
63
|
+
* content-artifact mode takes TWO inputs (body + manifest); auto-
|
|
64
|
+
* detection on a single positional cannot distinguish them.
|
|
65
|
+
*/
|
|
66
|
+
const CONTENT_ARTIFACT_SUBCOMMAND = "content-artifact";
|
|
67
|
+
export function parseArgs(argv) {
|
|
68
|
+
// Detect content-artifact subcommand at the head of the arg list.
|
|
69
|
+
// The remaining args are parsed in content-artifact mode — a strict
|
|
70
|
+
// subset of the credential-verification flags (no platform-specific
|
|
71
|
+
// overrides) plus content-artifact-specific flags.
|
|
72
|
+
if (argv[0] === CONTENT_ARTIFACT_SUBCOMMAND) {
|
|
73
|
+
return parseContentArtifactArgs(argv.slice(1));
|
|
74
|
+
}
|
|
55
75
|
let file;
|
|
56
76
|
let json = false;
|
|
57
77
|
let expectedType;
|
|
@@ -168,12 +188,115 @@ function parseArgs(argv) {
|
|
|
168
188
|
function usage(message) {
|
|
169
189
|
return { mode: "help", json: false, usageError: message };
|
|
170
190
|
}
|
|
191
|
+
/**
|
|
192
|
+
* Parse args for the `content-artifact` subcommand. Accepts:
|
|
193
|
+
*
|
|
194
|
+
* motebit-verify content-artifact <body-file> --manifest <header-or-path>
|
|
195
|
+
* [--expect <artifact-type>]
|
|
196
|
+
* [--producer-key <hex>]
|
|
197
|
+
* [--json]
|
|
198
|
+
*
|
|
199
|
+
* `--manifest` accepts EITHER a base64url-encoded canonical-JSON value
|
|
200
|
+
* (as emitted in the `X-Motebit-Content-Manifest` HTTP header) OR a
|
|
201
|
+
* filesystem path to a JSON file. Auto-detected by checking if the
|
|
202
|
+
* value parses as JSON when treated as a path; on filesystem read
|
|
203
|
+
* failure, falls back to base64url-header interpretation.
|
|
204
|
+
*
|
|
205
|
+
* `--producer-key` (optional) pins the expected producer's hex public
|
|
206
|
+
* key (32 bytes / 64 hex chars). When set, the CLI rejects with
|
|
207
|
+
* `producer_key_mismatch` if the manifest's declared key differs —
|
|
208
|
+
* the offline trust-anchor primitive (a verifier who has pinned the
|
|
209
|
+
* relay's pubkey from `/.well-known/motebit-transparency.json` can
|
|
210
|
+
* confirm the producer matches).
|
|
211
|
+
*
|
|
212
|
+
* `--expect` (optional) narrows to a member of the `ContentArtifactType`
|
|
213
|
+
* registry; mirrors the closed-registry pattern of the credential-
|
|
214
|
+
* mode `--expect`.
|
|
215
|
+
*/
|
|
216
|
+
function parseContentArtifactArgs(argv) {
|
|
217
|
+
let file;
|
|
218
|
+
let manifest;
|
|
219
|
+
let expectedArtifactType;
|
|
220
|
+
let expectedProducerKey;
|
|
221
|
+
let json = false;
|
|
222
|
+
let help = false;
|
|
223
|
+
let i = 0;
|
|
224
|
+
while (i < argv.length) {
|
|
225
|
+
const arg = argv[i];
|
|
226
|
+
switch (arg) {
|
|
227
|
+
case "-h":
|
|
228
|
+
case "--help":
|
|
229
|
+
help = true;
|
|
230
|
+
i++;
|
|
231
|
+
break;
|
|
232
|
+
case "--json":
|
|
233
|
+
json = true;
|
|
234
|
+
i++;
|
|
235
|
+
break;
|
|
236
|
+
case "--manifest": {
|
|
237
|
+
const value = argv[i + 1];
|
|
238
|
+
if (value === undefined)
|
|
239
|
+
return usage("--manifest requires a value (header or file path)");
|
|
240
|
+
manifest = value;
|
|
241
|
+
i += 2;
|
|
242
|
+
break;
|
|
243
|
+
}
|
|
244
|
+
case "--expect":
|
|
245
|
+
case "--expected-type": {
|
|
246
|
+
const value = argv[i + 1];
|
|
247
|
+
if (value === undefined)
|
|
248
|
+
return usage(`${arg} requires a value`);
|
|
249
|
+
if (!isContentArtifactType(value)) {
|
|
250
|
+
return usage(`unknown --expect value "${value}" (valid: ${ALL_CONTENT_ARTIFACT_TYPES.join(", ")})`);
|
|
251
|
+
}
|
|
252
|
+
expectedArtifactType = value;
|
|
253
|
+
i += 2;
|
|
254
|
+
break;
|
|
255
|
+
}
|
|
256
|
+
case "--producer-key": {
|
|
257
|
+
const value = argv[i + 1];
|
|
258
|
+
if (value === undefined)
|
|
259
|
+
return usage("--producer-key requires a hex value");
|
|
260
|
+
if (!/^[0-9a-fA-F]{64}$/.test(value)) {
|
|
261
|
+
return usage("--producer-key must be 64 hex characters (32-byte Ed25519 public key)");
|
|
262
|
+
}
|
|
263
|
+
expectedProducerKey = value.toLowerCase();
|
|
264
|
+
i += 2;
|
|
265
|
+
break;
|
|
266
|
+
}
|
|
267
|
+
default:
|
|
268
|
+
if (arg.startsWith("-"))
|
|
269
|
+
return usage(`unknown flag: ${arg}`);
|
|
270
|
+
if (file !== undefined) {
|
|
271
|
+
return usage(`expected exactly one body-file argument, got a second: "${arg}" (after "${file}")`);
|
|
272
|
+
}
|
|
273
|
+
file = arg;
|
|
274
|
+
i++;
|
|
275
|
+
break;
|
|
276
|
+
}
|
|
277
|
+
}
|
|
278
|
+
if (help)
|
|
279
|
+
return { mode: "help", json };
|
|
280
|
+
if (file === undefined)
|
|
281
|
+
return usage("content-artifact: missing body-file argument");
|
|
282
|
+
if (manifest === undefined)
|
|
283
|
+
return usage("content-artifact: --manifest is required");
|
|
284
|
+
return {
|
|
285
|
+
mode: "verify-content-artifact",
|
|
286
|
+
file,
|
|
287
|
+
manifest,
|
|
288
|
+
json,
|
|
289
|
+
...(expectedArtifactType !== undefined && { expectedArtifactType }),
|
|
290
|
+
...(expectedProducerKey !== undefined && { expectedProducerKey }),
|
|
291
|
+
};
|
|
292
|
+
}
|
|
171
293
|
function renderHelp() {
|
|
172
294
|
return [
|
|
173
295
|
"motebit-verify — verify any signed Motebit artifact offline.",
|
|
174
296
|
"",
|
|
175
297
|
"USAGE",
|
|
176
298
|
" motebit-verify <path> [options]",
|
|
299
|
+
" motebit-verify content-artifact <body-file> --manifest <header-or-path> [options]",
|
|
177
300
|
"",
|
|
178
301
|
" <path> may be a single file (identity, receipt, credential, presentation,",
|
|
179
302
|
" or a skill envelope JSON) OR a skill directory containing SKILL.md +",
|
|
@@ -182,6 +305,14 @@ function renderHelp() {
|
|
|
182
305
|
" body-hash + per-file-hash cross-check; single-file inputs run the",
|
|
183
306
|
" artifact's own signature check.",
|
|
184
307
|
"",
|
|
308
|
+
" `content-artifact` mode verifies a C2PA-shape relay-asserted",
|
|
309
|
+
" manifest (e.g. the `X-Motebit-Content-Manifest` HTTP header emitted",
|
|
310
|
+
" on every state-export endpoint) against the response-body bytes",
|
|
311
|
+
" it covers. Two-step check: SHA-256 content-hash recomputation +",
|
|
312
|
+
" Ed25519 signature verification against the manifest's declared",
|
|
313
|
+
" producer key. Offline by design; pin the producer key with",
|
|
314
|
+
` --producer-key from /.well-known/motebit-transparency.json.`,
|
|
315
|
+
"",
|
|
185
316
|
"OPTIONS",
|
|
186
317
|
" --json Print structured JSON instead of human-readable.",
|
|
187
318
|
" --expect <type> Require the artifact to be of the named type.",
|
|
@@ -200,6 +331,24 @@ function renderHelp() {
|
|
|
200
331
|
" alongside other pinned config.",
|
|
201
332
|
" --rp-id <id> Override the expected WebAuthn Relying Party ID",
|
|
202
333
|
" (default: motebit.com).",
|
|
334
|
+
"",
|
|
335
|
+
" CONTENT-ARTIFACT MODE — `motebit-verify content-artifact <body> ...`",
|
|
336
|
+
" --manifest <header-or-path>",
|
|
337
|
+
" Either a base64url-encoded canonical-JSON",
|
|
338
|
+
" manifest value (the form emitted in the",
|
|
339
|
+
" X-Motebit-Content-Manifest HTTP header) OR a",
|
|
340
|
+
" filesystem path to a JSON manifest file.",
|
|
341
|
+
" Auto-detected.",
|
|
342
|
+
" --producer-key <hex> Pin the expected producer's Ed25519 public",
|
|
343
|
+
" key (64 hex chars). When set, rejects with",
|
|
344
|
+
" producer_key_mismatch if the manifest's",
|
|
345
|
+
" declared key differs. Pair with a key fetched",
|
|
346
|
+
" from /.well-known/motebit-transparency.json",
|
|
347
|
+
" for offline trust-anchor enforcement.",
|
|
348
|
+
" --expect <artifact-type> In content-artifact mode, narrows to a member",
|
|
349
|
+
" of the ContentArtifactType registry",
|
|
350
|
+
` (${ALL_CONTENT_ARTIFACT_TYPES.length} types today; see @motebit/protocol).`,
|
|
351
|
+
"",
|
|
203
352
|
" -h, --help Show this help.",
|
|
204
353
|
" -V, --version Print version.",
|
|
205
354
|
"",
|
|
@@ -240,6 +389,210 @@ function getPackageVersion() {
|
|
|
240
389
|
}
|
|
241
390
|
return cachedVersion;
|
|
242
391
|
}
|
|
392
|
+
/**
|
|
393
|
+
* Decode the `--manifest` argument. Tries the value as a filesystem
|
|
394
|
+
* path first; if the file exists and parses as JSON, returns that.
|
|
395
|
+
* Otherwise, treats it as a base64url-encoded canonical-JSON
|
|
396
|
+
* representation (the form `services/relay/src/state-export.ts` emits
|
|
397
|
+
* in the `X-Motebit-Content-Manifest` HTTP header). Returns the
|
|
398
|
+
* parsed manifest object or a usage error.
|
|
399
|
+
*
|
|
400
|
+
* Auto-detect order matters: a base64url string could in principle be
|
|
401
|
+
* a legal path on disk, but the path-first try is bounded (readFileSync
|
|
402
|
+
* + JSON.parse) and falls through silently to header-decode. The
|
|
403
|
+
* inverse — treating every input as header bytes — would accidentally
|
|
404
|
+
* succeed on JSON files whose contents happen to base64-decode as
|
|
405
|
+
* arbitrary bytes, returning malformed garbage.
|
|
406
|
+
*/
|
|
407
|
+
export function decodeManifestInput(value) {
|
|
408
|
+
// Path-first: if the value looks like a path and readable as JSON, use that.
|
|
409
|
+
try {
|
|
410
|
+
const fileContents = readFileSync(value, "utf-8");
|
|
411
|
+
const parsed = JSON.parse(fileContents);
|
|
412
|
+
return { ok: true, manifest: parsed };
|
|
413
|
+
}
|
|
414
|
+
catch {
|
|
415
|
+
// Fall through to header-decode.
|
|
416
|
+
}
|
|
417
|
+
// Header-form: base64url → UTF-8 → JSON. Buffer is available because
|
|
418
|
+
// the CLI runs in Node ≥20 (per repo engines).
|
|
419
|
+
try {
|
|
420
|
+
const decoded = Buffer.from(value, "base64url").toString("utf-8");
|
|
421
|
+
if (decoded === "") {
|
|
422
|
+
return { ok: false, error: "--manifest is empty or undecodable as base64url" };
|
|
423
|
+
}
|
|
424
|
+
const parsed = JSON.parse(decoded);
|
|
425
|
+
return { ok: true, manifest: parsed };
|
|
426
|
+
}
|
|
427
|
+
catch (err) {
|
|
428
|
+
const msg = err instanceof Error ? err.message : String(err);
|
|
429
|
+
return {
|
|
430
|
+
ok: false,
|
|
431
|
+
error: `--manifest is neither a readable JSON file nor a valid base64url-encoded manifest: ${msg}`,
|
|
432
|
+
};
|
|
433
|
+
}
|
|
434
|
+
}
|
|
435
|
+
/** Failure-reason → human-readable phrase for the human-mode CLI output. */
|
|
436
|
+
export function describeContentArtifactReason(reason) {
|
|
437
|
+
switch (reason) {
|
|
438
|
+
case "content_hash_mismatch":
|
|
439
|
+
return "body bytes do not match the manifest's content_hash (the artifact was tampered, OR the manifest was issued for different bytes)";
|
|
440
|
+
case "signature_invalid":
|
|
441
|
+
return "signature does not verify against the declared producer key (manifest tampered, OR signed by a different key than the one declared)";
|
|
442
|
+
case "malformed_public_key":
|
|
443
|
+
return "manifest's producer_public_key is not 64 hex characters (32-byte Ed25519)";
|
|
444
|
+
case "malformed_signature":
|
|
445
|
+
return "manifest's signature is not valid base64url";
|
|
446
|
+
case "unsupported_suite":
|
|
447
|
+
return "manifest's cryptosuite is not yet implemented by this verifier (post-quantum migration pending)";
|
|
448
|
+
case "producer_key_mismatch":
|
|
449
|
+
return "manifest's declared producer key does not match the value pinned via --producer-key";
|
|
450
|
+
case "artifact_type_mismatch":
|
|
451
|
+
return "manifest's artifact_type does not match the value required via --expect";
|
|
452
|
+
default:
|
|
453
|
+
return reason;
|
|
454
|
+
}
|
|
455
|
+
}
|
|
456
|
+
async function verifyContentArtifactCli(args, json) {
|
|
457
|
+
if (args.file === undefined) {
|
|
458
|
+
process.stderr.write(`motebit-verify: content-artifact missing body-file argument\n`);
|
|
459
|
+
return 2;
|
|
460
|
+
}
|
|
461
|
+
if (args.manifest === undefined) {
|
|
462
|
+
process.stderr.write(`motebit-verify: content-artifact requires --manifest\n`);
|
|
463
|
+
return 2;
|
|
464
|
+
}
|
|
465
|
+
let bodyBytes;
|
|
466
|
+
try {
|
|
467
|
+
const buf = readFileSync(args.file);
|
|
468
|
+
bodyBytes = new Uint8Array(buf.buffer, buf.byteOffset, buf.byteLength);
|
|
469
|
+
}
|
|
470
|
+
catch (err) {
|
|
471
|
+
const msg = err instanceof Error ? err.message : String(err);
|
|
472
|
+
process.stderr.write(`motebit-verify: cannot read body-file ${args.file}: ${msg}\n`);
|
|
473
|
+
return 2;
|
|
474
|
+
}
|
|
475
|
+
const decoded = decodeManifestInput(args.manifest);
|
|
476
|
+
if (!decoded.ok) {
|
|
477
|
+
process.stderr.write(`motebit-verify: ${decoded.error}\n`);
|
|
478
|
+
return 2;
|
|
479
|
+
}
|
|
480
|
+
const manifest = decoded.manifest;
|
|
481
|
+
// Pre-crypto policy checks: producer-key pin and artifact-type narrow.
|
|
482
|
+
// Both bounded to bytes-level comparison — no new crypto in this
|
|
483
|
+
// package per CLAUDE.md Rule 1. The primitive's failure modes stay
|
|
484
|
+
// pristine; these CLI-layer rejections carry their own typed reasons.
|
|
485
|
+
if (args.expectedProducerKey !== undefined &&
|
|
486
|
+
manifest.producer_public_key.toLowerCase() !== args.expectedProducerKey) {
|
|
487
|
+
const result = {
|
|
488
|
+
valid: false,
|
|
489
|
+
reason: "producer_key_mismatch",
|
|
490
|
+
expected_producer_public_key: args.expectedProducerKey,
|
|
491
|
+
actual_producer_public_key: manifest.producer_public_key.toLowerCase(),
|
|
492
|
+
};
|
|
493
|
+
if (json) {
|
|
494
|
+
process.stdout.write(`${JSON.stringify(result, null, 2)}\n`);
|
|
495
|
+
}
|
|
496
|
+
else {
|
|
497
|
+
process.stdout.write(`✗ content-artifact INVALID — ${describeContentArtifactReason(result.reason)}\n`);
|
|
498
|
+
}
|
|
499
|
+
return 1;
|
|
500
|
+
}
|
|
501
|
+
if (args.expectedArtifactType !== undefined &&
|
|
502
|
+
manifest.artifact_type !== args.expectedArtifactType) {
|
|
503
|
+
const result = {
|
|
504
|
+
valid: false,
|
|
505
|
+
reason: "artifact_type_mismatch",
|
|
506
|
+
expected_artifact_type: args.expectedArtifactType,
|
|
507
|
+
actual_artifact_type: manifest.artifact_type,
|
|
508
|
+
};
|
|
509
|
+
if (json) {
|
|
510
|
+
process.stdout.write(`${JSON.stringify(result, null, 2)}\n`);
|
|
511
|
+
}
|
|
512
|
+
else {
|
|
513
|
+
process.stdout.write(`✗ content-artifact INVALID — ${describeContentArtifactReason(result.reason)}\n`);
|
|
514
|
+
}
|
|
515
|
+
return 1;
|
|
516
|
+
}
|
|
517
|
+
const result = await verifyContentArtifact(manifest, bodyBytes);
|
|
518
|
+
// v1.1 inner-receipt recursive verification — only when the outer
|
|
519
|
+
// manifest already verified (no point auditing the inside of bytes
|
|
520
|
+
// we don't trust were assembled by the relay we expected). Auto-on
|
|
521
|
+
// when applicable; no flag to remember. Calm-software register:
|
|
522
|
+
// surfaces a per-inner-receipt summary only when v1.1 bodies are
|
|
523
|
+
// detected. Per `spec/execution-ledger-v1.md` §4.3 + closure of the
|
|
524
|
+
// operator-trust gap (`docs/doctrine/nist-alignment.md` §8).
|
|
525
|
+
let innerVerification;
|
|
526
|
+
if (result.valid && manifest.artifact_type === "execution-ledger") {
|
|
527
|
+
try {
|
|
528
|
+
const parsed = JSON.parse(new TextDecoder().decode(bodyBytes));
|
|
529
|
+
const inner = await verifyInnerSignedReceipts(parsed);
|
|
530
|
+
if (inner.applicable)
|
|
531
|
+
innerVerification = inner;
|
|
532
|
+
}
|
|
533
|
+
catch {
|
|
534
|
+
// Body parsed earlier for the outer manifest, but if v1.1 inner
|
|
535
|
+
// recursion can't parse it (somehow), silently skip — the outer
|
|
536
|
+
// check has already verified the bytes. v1.0 bodies and bodies
|
|
537
|
+
// without `signed_receipts` set `applicable: false` and don't
|
|
538
|
+
// surface a section.
|
|
539
|
+
}
|
|
540
|
+
}
|
|
541
|
+
const innerFailed = innerVerification !== undefined && !innerVerification.allValid;
|
|
542
|
+
if (json) {
|
|
543
|
+
process.stdout.write(`${JSON.stringify({
|
|
544
|
+
valid: result.valid && !innerFailed,
|
|
545
|
+
...(result.reason !== undefined && { reason: result.reason }),
|
|
546
|
+
manifest: {
|
|
547
|
+
suite: manifest.suite,
|
|
548
|
+
artifact_type: manifest.artifact_type,
|
|
549
|
+
producer: manifest.producer,
|
|
550
|
+
producer_public_key: manifest.producer_public_key,
|
|
551
|
+
claim_generator: manifest.claim_generator,
|
|
552
|
+
produced_at: manifest.produced_at,
|
|
553
|
+
content_hash: manifest.content_hash,
|
|
554
|
+
...(manifest.invocation !== undefined && { invocation: manifest.invocation }),
|
|
555
|
+
},
|
|
556
|
+
...(innerVerification !== undefined && { inner_receipts: innerVerification }),
|
|
557
|
+
}, null, 2)}\n`);
|
|
558
|
+
}
|
|
559
|
+
else {
|
|
560
|
+
if (result.valid) {
|
|
561
|
+
process.stdout.write([
|
|
562
|
+
`✓ content-artifact VERIFIED`,
|
|
563
|
+
` artifact_type ${manifest.artifact_type}`,
|
|
564
|
+
` producer ${manifest.producer}`,
|
|
565
|
+
` producer_key ${manifest.producer_public_key}`,
|
|
566
|
+
` claim_generator ${manifest.claim_generator}`,
|
|
567
|
+
` produced_at ${manifest.produced_at}`,
|
|
568
|
+
` suite ${manifest.suite}`,
|
|
569
|
+
` content_hash ${manifest.content_hash}`,
|
|
570
|
+
``,
|
|
571
|
+
].join("\n"));
|
|
572
|
+
if (innerVerification !== undefined) {
|
|
573
|
+
const allOk = innerVerification.allValid;
|
|
574
|
+
process.stdout.write([
|
|
575
|
+
`${allOk ? "✓" : "✗"} inner receipts ${innerVerification.verifiedCount}/${innerVerification.totalCount} VERIFIED (spec: motebit/execution-ledger@1.1)`,
|
|
576
|
+
...innerVerification.results.map((r) => {
|
|
577
|
+
if (r.valid) {
|
|
578
|
+
return ` ✓ ${r.taskId} motebit=${r.motebitId}${r.signerDid !== undefined ? ` signer=${r.signerDid}` : ""}`;
|
|
579
|
+
}
|
|
580
|
+
return ` ✗ ${r.taskId} motebit=${r.motebitId} reason=${r.reason ?? "unknown"}${r.detail !== undefined ? ` detail=${r.detail}` : ""}`;
|
|
581
|
+
}),
|
|
582
|
+
``,
|
|
583
|
+
].join("\n"));
|
|
584
|
+
}
|
|
585
|
+
}
|
|
586
|
+
else {
|
|
587
|
+
process.stdout.write(`✗ content-artifact INVALID — ${describeContentArtifactReason(result.reason ?? "unknown")}\n`);
|
|
588
|
+
}
|
|
589
|
+
}
|
|
590
|
+
// Overall validity gates on outer AND inner — a v1.1 bundle where any
|
|
591
|
+
// inner receipt fails is not a clean verification, even if the relay's
|
|
592
|
+
// outer signature checks out (the relay is correctly attesting bytes
|
|
593
|
+
// it assembled, but those bytes contain falsified inner claims).
|
|
594
|
+
return result.valid && !innerFailed ? 0 : 1;
|
|
595
|
+
}
|
|
243
596
|
async function main() {
|
|
244
597
|
const args = parseArgs(process.argv.slice(2));
|
|
245
598
|
if (args.mode === "version") {
|
|
@@ -255,6 +608,9 @@ async function main() {
|
|
|
255
608
|
process.stdout.write(`${help}\n`);
|
|
256
609
|
return 0;
|
|
257
610
|
}
|
|
611
|
+
if (args.mode === "verify-content-artifact") {
|
|
612
|
+
return verifyContentArtifactCli(args, args.json);
|
|
613
|
+
}
|
|
258
614
|
if (args.file === undefined) {
|
|
259
615
|
process.stderr.write(`motebit-verify: missing file argument\n\n${renderHelp()}\n`);
|
|
260
616
|
return 2;
|
|
@@ -299,13 +655,31 @@ async function main() {
|
|
|
299
655
|
}
|
|
300
656
|
return result.valid ? 0 : 1;
|
|
301
657
|
}
|
|
302
|
-
|
|
303
|
-
|
|
304
|
-
|
|
305
|
-
|
|
306
|
-
|
|
307
|
-
|
|
308
|
-
process.
|
|
309
|
-
|
|
310
|
-
|
|
658
|
+
// Entry-point guard: only run when invoked as the binary, not when
|
|
659
|
+
// imported by tests or programmatic consumers. Mirrors the standard
|
|
660
|
+
// Node ESM pattern `if (import.meta.url === pathToFileURL(argv[1]))`.
|
|
661
|
+
// Without this, importing cli.ts to test the pure-function helpers
|
|
662
|
+
// triggers main() with vitest's argv and exits the test process.
|
|
663
|
+
const invokedAsBinary = (() => {
|
|
664
|
+
if (process.argv[1] === undefined)
|
|
665
|
+
return false;
|
|
666
|
+
try {
|
|
667
|
+
const argvFileUrl = new URL(`file://${process.argv[1]}`).href;
|
|
668
|
+
return import.meta.url === argvFileUrl;
|
|
669
|
+
}
|
|
670
|
+
catch {
|
|
671
|
+
return false;
|
|
672
|
+
}
|
|
673
|
+
})();
|
|
674
|
+
if (invokedAsBinary) {
|
|
675
|
+
main()
|
|
676
|
+
.then((code) => {
|
|
677
|
+
process.exit(code);
|
|
678
|
+
})
|
|
679
|
+
.catch((err) => {
|
|
680
|
+
const msg = err instanceof Error ? err.message : String(err);
|
|
681
|
+
process.stderr.write(`motebit-verify: ${msg}\n`);
|
|
682
|
+
process.exit(2);
|
|
683
|
+
});
|
|
684
|
+
}
|
|
311
685
|
//# sourceMappingURL=cli.js.map
|
package/dist/cli.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AACA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAuCG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACvC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAGzC,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAE5D,OAAO,EAAE,sBAAsB,EAAE,MAAM,eAAe,CAAC;AAEvD,MAAM,aAAa,GAA4B;IAC7C,UAAU;IACV,SAAS;IACT,YAAY;IACZ,cAAc;IACd,OAAO;CACR,CAAC;AAcF,SAAS,SAAS,CAAC,IAAuB;IACxC,IAAI,IAAwB,CAAC;IAC7B,IAAI,IAAI,GAAG,KAAK,CAAC;IACjB,IAAI,YAAsC,CAAC;IAC3C,IAAI,gBAAoC,CAAC;IACzC,IAAI,QAA4B,CAAC;IACjC,IAAI,mCAAuD,CAAC;IAC5D,IAAI,IAAwB,CAAC;IAC7B,IAAI,IAAI,GAAG,KAAK,CAAC;IACjB,IAAI,OAAO,GAAG,KAAK,CAAC;IAEpB,IAAI,CAAC,GAAG,CAAC,CAAC;IACV,OAAO,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC;QACvB,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAE,CAAC;QACrB,QAAQ,GAAG,EAAE,CAAC;YACZ,KAAK,IAAI,CAAC;YACV,KAAK,QAAQ;gBACX,IAAI,GAAG,IAAI,CAAC;gBACZ,CAAC,EAAE,CAAC;gBACJ,MAAM;YACR,KAAK,IAAI,CAAC;YACV,KAAK,WAAW;gBACd,OAAO,GAAG,IAAI,CAAC;gBACf,CAAC,EAAE,CAAC;gBACJ,MAAM;YACR,KAAK,QAAQ;gBACX,IAAI,GAAG,IAAI,CAAC;gBACZ,CAAC,EAAE,CAAC;gBACJ,MAAM;YACR,KAAK,UAAU,CAAC;YAChB,KAAK,iBAAiB,CAAC,CAAC,CAAC;gBACvB,MAAM,KAAK,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBAC1B,IAAI,KAAK,KAAK,SAAS;oBAAE,OAAO,KAAK,CAAC,GAAG,GAAG,mBAAmB,CAAC,CAAC;gBACjE,IAAI,CAAE,aAAmC,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;oBAC1D,OAAO,KAAK,CAAC,2BAA2B,KAAK,aAAa,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBACzF,CAAC;gBACD,YAAY,GAAG,KAAqB,CAAC;gBACrC,CAAC,IAAI,CAAC,CAAC;gBACP,MAAM;YACR,CAAC;YACD,KAAK,cAAc,CAAC,CAAC,CAAC;gBACpB,MAAM,KAAK,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBAC1B,IAAI,KAAK,KAAK,SAAS;oBAAE,OAAO,KAAK,CAAC,gDAAgD,CAAC,CAAC;gBACxF,MAAM,CAAC,GAAG,MAAM,CAAC,QAAQ,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;gBACrC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;oBACjC,OAAO,KAAK,CAAC,qDAAqD,KAAK,IAAI,CAAC,CAAC;gBAC/E,CAAC;gBACD,gBAAgB,GAAG,CAAC,CAAC;gBACrB,CAAC,IAAI,CAAC,CAAC;gBACP,MAAM;YACR,CAAC;YACD,KAAK,aAAa,CAAC,CAAC,CAAC;gBACnB,MAAM,KAAK,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBAC1B,IAAI,KAAK,KAAK,SAAS;oBAAE,OAAO,KAAK,CAAC,8BAA8B,CAAC,CAAC;gBACtE,QAAQ,GAAG,KAAK,CAAC;gBACjB,CAAC,IAAI,CAAC,CAAC;gBACP,MAAM;YACR,CAAC;YACD,KAAK,sCAAsC,CAAC,CAAC,CAAC;gBAC5C,6DAA6D;gBAC7D,+DAA+D;gBAC/D,0DAA0D;gBAC1D,2DAA2D;gBAC3D,+DAA+D;gBAC/D,8DAA8D;gBAC9D,8CAA8C;gBAC9C,MAAM,KAAK,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBAC1B,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;oBACxB,OAAO,KAAK,CAAC,uEAAuE,CAAC,CAAC;gBACxF,CAAC;gBACD,mCAAmC,GAAG,KAAK,CAAC;gBAC5C,CAAC,IAAI,CAAC,CAAC;gBACP,MAAM;YACR,CAAC;YACD,KAAK,SAAS,CAAC,CAAC,CAAC;gBACf,MAAM,KAAK,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBAC1B,IAAI,KAAK,KAAK,SAAS;oBAAE,OAAO,KAAK,CAAC,0BAA0B,CAAC,CAAC;gBAClE,IAAI,GAAG,KAAK,CAAC;gBACb,CAAC,IAAI,CAAC,CAAC;gBACP,MAAM;YACR,CAAC;YACD;gBACE,IAAI,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC;oBAAE,OAAO,KAAK,CAAC,iBAAiB,GAAG,EAAE,CAAC,CAAC;gBAC9D,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;oBACvB,OAAO,KAAK,CACV,sDAAsD,GAAG,aAAa,IAAI,IAAI,CAC/E,CAAC;gBACJ,CAAC;gBACD,IAAI,GAAG,GAAG,CAAC;gBACX,CAAC,EAAE,CAAC;gBACJ,MAAM;QACV,CAAC;IACH,CAAC;IAED,IAAI,IAAI;QAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC;IACxC,IAAI,OAAO;QAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC;IAC9C,IAAI,IAAI,KAAK,SAAS;QAAE,OAAO,KAAK,CAAC,uBAAuB,CAAC,CAAC;IAE9D,OAAO;QACL,IAAI,EAAE,QAAQ;QACd,IAAI;QACJ,IAAI;QACJ,GAAG,CAAC,YAAY,KAAK,SAAS,IAAI,EAAE,YAAY,EAAE,CAAC;QACnD,GAAG,CAAC,gBAAgB,KAAK,SAAS,IAAI,EAAE,gBAAgB,EAAE,CAAC;QAC3D,GAAG,CAAC,QAAQ,KAAK,SAAS,IAAI,EAAE,QAAQ,EAAE,CAAC;QAC3C,GAAG,CAAC,mCAAmC,KAAK,SAAS,IAAI;YACvD,mCAAmC;SACpC,CAAC;QACF,GAAG,CAAC,IAAI,KAAK,SAAS,IAAI,EAAE,IAAI,EAAE,CAAC;KACpC,CAAC;AACJ,CAAC;AAED,SAAS,KAAK,CAAC,OAAe;IAC5B,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,UAAU,EAAE,OAAO,EAAE,CAAC;AAC5D,CAAC;AAED,SAAS,UAAU;IACjB,OAAO;QACL,8DAA8D;QAC9D,EAAE;QACF,OAAO;QACP,mCAAmC;QACnC,EAAE;QACF,6EAA6E;QAC7E,wEAAwE;QACxE,6DAA6D;QAC7D,oEAAoE;QACpE,qEAAqE;QACrE,mCAAmC;QACnC,EAAE;QACF,SAAS;QACT,8EAA8E;QAC9E,2EAA2E;QAC3E,4DAA4D;QAC5D,gFAAgF;QAChF,4DAA4D;QAC5D,+CAA+C;QAC/C,4EAA4E;QAC5E,2EAA2E;QAC3E,qEAAqE;QACrE,yEAAyE;QACzE,uEAAuE;QACvE,0EAA0E;QAC1E,4EAA4E;QAC5E,yEAAyE;QACzE,4DAA4D;QAC5D,6EAA6E;QAC7E,qDAAqD;QACrD,6CAA6C;QAC7C,4CAA4C;QAC5C,EAAE;QACF,YAAY;QACZ,kEAAkE;QAClE,qFAAqF;QACrF,0BAA0B;QAC1B,EAAE;QACF,6BAA6B;QAC7B,2DAA2D;QAC3D,sFAAsF;QACtF,mEAAmE;QACnE,iEAAiE;QACjE,4DAA4D;QAC5D,sFAAsF;QACtF,EAAE;QACF,mBAAmB;QACnB,4EAA4E;QAC5E,+EAA+E;QAC/E,4EAA4E;QAC5E,yEAAyE;QACzE,qEAAqE;QACrE,2EAA2E;KAC5E,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACf,CAAC;AAED,IAAI,aAAiC,CAAC;AACtC,SAAS,iBAAiB;IACxB,IAAI,aAAa,KAAK,SAAS;QAAE,OAAO,aAAa,CAAC;IACtD,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;QACrD,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,cAAc,CAAC,CAAC;QACjD,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAyB,CAAC;QAC/E,aAAa,GAAG,GAAG,CAAC,OAAO,IAAI,OAAO,CAAC;IACzC,CAAC;IAAC,MAAM,CAAC;QACP,aAAa,GAAG,OAAO,CAAC;IAC1B,CAAC;IACD,OAAO,aAAa,CAAC;AACvB,CAAC;AAED,KAAK,UAAU,IAAI;IACjB,MAAM,IAAI,GAAG,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IAE9C,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;QAC5B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,iBAAiB,EAAE,IAAI,CAAC,CAAC;QACjD,OAAO,CAAC,CAAC;IACX,CAAC;IACD,IAAI,IAAI,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;QACzB,MAAM,IAAI,GAAG,UAAU,EAAE,CAAC;QAC1B,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;YAClC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,mBAAmB,IAAI,CAAC,UAAU,OAAO,IAAI,IAAI,CAAC,CAAC;YACxE,OAAO,CAAC,CAAC;QACX,CAAC;QACD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC;QAClC,OAAO,CAAC,CAAC;IACX,CAAC;IAED,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;QAC5B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,4CAA4C,UAAU,EAAE,IAAI,CAAC,CAAC;QACnF,OAAO,CAAC,CAAC;IACX,CAAC;IAED,IAAI,+CAAuE,CAAC;IAC5E,IAAI,IAAI,CAAC,mCAAmC,KAAK,SAAS,EAAE,CAAC;QAC3D,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,YAAY,CAAC,IAAI,CAAC,mCAAmC,CAAC,CAAC;YACrE,+CAA+C,GAAG,IAAI,UAAU,CAC9D,KAAK,CAAC,MAAM,EACZ,KAAK,CAAC,UAAU,EAChB,KAAK,CAAC,UAAU,CACjB,CAAC;QACJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC7D,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,uEAAuE,IAAI,CAAC,mCAAmC,KAAK,GAAG,IAAI,CAC5H,CAAC;YACF,OAAO,CAAC,CAAC;QACX,CAAC;IACH,CAAC;IAED,MAAM,mBAAmB,GAAG,sBAAsB,CAAC;QACjD,GAAG,CAAC,IAAI,CAAC,QAAQ,KAAK,SAAS,IAAI,EAAE,iBAAiB,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC;QACxE,GAAG,CAAC,+CAA+C,KAAK,SAAS,IAAI;YACnE,+CAA+C;SAChD,CAAC;QACF,GAAG,CAAC,IAAI,CAAC,IAAI,KAAK,SAAS,IAAI,EAAE,YAAY,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC;KAC5D,CAAC,CAAC;IAEH,IAAI,MAAM,CAAC;IACX,IAAI,CAAC;QACH,MAAM,GAAG,MAAM,UAAU,CAAC,IAAI,CAAC,IAAI,EAAE;YACnC,GAAG,CAAC,IAAI,CAAC,YAAY,KAAK,SAAS,IAAI,EAAE,YAAY,EAAE,IAAI,CAAC,YAAY,EAAE,CAAC;YAC3E,GAAG,CAAC,IAAI,CAAC,gBAAgB,KAAK,SAAS,IAAI,EAAE,gBAAgB,EAAE,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACvF,mBAAmB;SACpB,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC7D,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,+BAA+B,IAAI,CAAC,IAAI,KAAK,GAAG,IAAI,CAAC,CAAC;QAC3E,OAAO,CAAC,CAAC;IACX,CAAC;IAED,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;QACd,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC;IAC/D,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IACnD,CAAC;IACD,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAC9B,CAAC;AAED,IAAI,EAAE;KACH,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE;IACb,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACrB,CAAC,CAAC;KACD,KAAK,CAAC,CAAC,GAAY,EAAE,EAAE;IACtB,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IAC7D,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,mBAAmB,GAAG,IAAI,CAAC,CAAC;IACjD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}
|
|
1
|
+
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AACA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAuCG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACvC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAGzC,OAAO,EAAE,qBAAqB,EAAE,MAAM,iBAAiB,CAAC;AAExD,OAAO,EAAE,0BAA0B,EAAE,qBAAqB,EAAE,MAAM,mBAAmB,CAAC;AACtF,OAAO,EACL,yBAAyB,GAE1B,MAAM,8BAA8B,CAAC;AACtC,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAE5D,OAAO,EAAE,sBAAsB,EAAE,MAAM,eAAe,CAAC;AAEvD,MAAM,aAAa,GAA4B;IAC7C,UAAU;IACV,SAAS;IACT,YAAY;IACZ,cAAc;IACd,OAAO;CACR,CAAC;AAEF;;;;;;;;GAQG;AACH,MAAM,2BAA2B,GAAG,kBAAkB,CAAC;AAoBvD,MAAM,UAAU,SAAS,CAAC,IAAuB;IAC/C,kEAAkE;IAClE,oEAAoE;IACpE,oEAAoE;IACpE,mDAAmD;IACnD,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,2BAA2B,EAAE,CAAC;QAC5C,OAAO,wBAAwB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IACjD,CAAC;IAED,IAAI,IAAwB,CAAC;IAC7B,IAAI,IAAI,GAAG,KAAK,CAAC;IACjB,IAAI,YAAsC,CAAC;IAC3C,IAAI,gBAAoC,CAAC;IACzC,IAAI,QAA4B,CAAC;IACjC,IAAI,mCAAuD,CAAC;IAC5D,IAAI,IAAwB,CAAC;IAC7B,IAAI,IAAI,GAAG,KAAK,CAAC;IACjB,IAAI,OAAO,GAAG,KAAK,CAAC;IAEpB,IAAI,CAAC,GAAG,CAAC,CAAC;IACV,OAAO,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC;QACvB,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAE,CAAC;QACrB,QAAQ,GAAG,EAAE,CAAC;YACZ,KAAK,IAAI,CAAC;YACV,KAAK,QAAQ;gBACX,IAAI,GAAG,IAAI,CAAC;gBACZ,CAAC,EAAE,CAAC;gBACJ,MAAM;YACR,KAAK,IAAI,CAAC;YACV,KAAK,WAAW;gBACd,OAAO,GAAG,IAAI,CAAC;gBACf,CAAC,EAAE,CAAC;gBACJ,MAAM;YACR,KAAK,QAAQ;gBACX,IAAI,GAAG,IAAI,CAAC;gBACZ,CAAC,EAAE,CAAC;gBACJ,MAAM;YACR,KAAK,UAAU,CAAC;YAChB,KAAK,iBAAiB,CAAC,CAAC,CAAC;gBACvB,MAAM,KAAK,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBAC1B,IAAI,KAAK,KAAK,SAAS;oBAAE,OAAO,KAAK,CAAC,GAAG,GAAG,mBAAmB,CAAC,CAAC;gBACjE,IAAI,CAAE,aAAmC,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;oBAC1D,OAAO,KAAK,CAAC,2BAA2B,KAAK,aAAa,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBACzF,CAAC;gBACD,YAAY,GAAG,KAAqB,CAAC;gBACrC,CAAC,IAAI,CAAC,CAAC;gBACP,MAAM;YACR,CAAC;YACD,KAAK,cAAc,CAAC,CAAC,CAAC;gBACpB,MAAM,KAAK,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBAC1B,IAAI,KAAK,KAAK,SAAS;oBAAE,OAAO,KAAK,CAAC,gDAAgD,CAAC,CAAC;gBACxF,MAAM,CAAC,GAAG,MAAM,CAAC,QAAQ,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;gBACrC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;oBACjC,OAAO,KAAK,CAAC,qDAAqD,KAAK,IAAI,CAAC,CAAC;gBAC/E,CAAC;gBACD,gBAAgB,GAAG,CAAC,CAAC;gBACrB,CAAC,IAAI,CAAC,CAAC;gBACP,MAAM;YACR,CAAC;YACD,KAAK,aAAa,CAAC,CAAC,CAAC;gBACnB,MAAM,KAAK,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBAC1B,IAAI,KAAK,KAAK,SAAS;oBAAE,OAAO,KAAK,CAAC,8BAA8B,CAAC,CAAC;gBACtE,QAAQ,GAAG,KAAK,CAAC;gBACjB,CAAC,IAAI,CAAC,CAAC;gBACP,MAAM;YACR,CAAC;YACD,KAAK,sCAAsC,CAAC,CAAC,CAAC;gBAC5C,6DAA6D;gBAC7D,+DAA+D;gBAC/D,0DAA0D;gBAC1D,2DAA2D;gBAC3D,+DAA+D;gBAC/D,8DAA8D;gBAC9D,8CAA8C;gBAC9C,MAAM,KAAK,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBAC1B,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;oBACxB,OAAO,KAAK,CAAC,uEAAuE,CAAC,CAAC;gBACxF,CAAC;gBACD,mCAAmC,GAAG,KAAK,CAAC;gBAC5C,CAAC,IAAI,CAAC,CAAC;gBACP,MAAM;YACR,CAAC;YACD,KAAK,SAAS,CAAC,CAAC,CAAC;gBACf,MAAM,KAAK,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBAC1B,IAAI,KAAK,KAAK,SAAS;oBAAE,OAAO,KAAK,CAAC,0BAA0B,CAAC,CAAC;gBAClE,IAAI,GAAG,KAAK,CAAC;gBACb,CAAC,IAAI,CAAC,CAAC;gBACP,MAAM;YACR,CAAC;YACD;gBACE,IAAI,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC;oBAAE,OAAO,KAAK,CAAC,iBAAiB,GAAG,EAAE,CAAC,CAAC;gBAC9D,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;oBACvB,OAAO,KAAK,CACV,sDAAsD,GAAG,aAAa,IAAI,IAAI,CAC/E,CAAC;gBACJ,CAAC;gBACD,IAAI,GAAG,GAAG,CAAC;gBACX,CAAC,EAAE,CAAC;gBACJ,MAAM;QACV,CAAC;IACH,CAAC;IAED,IAAI,IAAI;QAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC;IACxC,IAAI,OAAO;QAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC;IAC9C,IAAI,IAAI,KAAK,SAAS;QAAE,OAAO,KAAK,CAAC,uBAAuB,CAAC,CAAC;IAE9D,OAAO;QACL,IAAI,EAAE,QAAQ;QACd,IAAI;QACJ,IAAI;QACJ,GAAG,CAAC,YAAY,KAAK,SAAS,IAAI,EAAE,YAAY,EAAE,CAAC;QACnD,GAAG,CAAC,gBAAgB,KAAK,SAAS,IAAI,EAAE,gBAAgB,EAAE,CAAC;QAC3D,GAAG,CAAC,QAAQ,KAAK,SAAS,IAAI,EAAE,QAAQ,EAAE,CAAC;QAC3C,GAAG,CAAC,mCAAmC,KAAK,SAAS,IAAI;YACvD,mCAAmC;SACpC,CAAC;QACF,GAAG,CAAC,IAAI,KAAK,SAAS,IAAI,EAAE,IAAI,EAAE,CAAC;KACpC,CAAC;AACJ,CAAC;AAED,SAAS,KAAK,CAAC,OAAe;IAC5B,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,UAAU,EAAE,OAAO,EAAE,CAAC;AAC5D,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,SAAS,wBAAwB,CAAC,IAAuB;IACvD,IAAI,IAAwB,CAAC;IAC7B,IAAI,QAA4B,CAAC;IACjC,IAAI,oBAAqD,CAAC;IAC1D,IAAI,mBAAuC,CAAC;IAC5C,IAAI,IAAI,GAAG,KAAK,CAAC;IACjB,IAAI,IAAI,GAAG,KAAK,CAAC;IAEjB,IAAI,CAAC,GAAG,CAAC,CAAC;IACV,OAAO,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC;QACvB,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAE,CAAC;QACrB,QAAQ,GAAG,EAAE,CAAC;YACZ,KAAK,IAAI,CAAC;YACV,KAAK,QAAQ;gBACX,IAAI,GAAG,IAAI,CAAC;gBACZ,CAAC,EAAE,CAAC;gBACJ,MAAM;YACR,KAAK,QAAQ;gBACX,IAAI,GAAG,IAAI,CAAC;gBACZ,CAAC,EAAE,CAAC;gBACJ,MAAM;YACR,KAAK,YAAY,CAAC,CAAC,CAAC;gBAClB,MAAM,KAAK,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBAC1B,IAAI,KAAK,KAAK,SAAS;oBAAE,OAAO,KAAK,CAAC,mDAAmD,CAAC,CAAC;gBAC3F,QAAQ,GAAG,KAAK,CAAC;gBACjB,CAAC,IAAI,CAAC,CAAC;gBACP,MAAM;YACR,CAAC;YACD,KAAK,UAAU,CAAC;YAChB,KAAK,iBAAiB,CAAC,CAAC,CAAC;gBACvB,MAAM,KAAK,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBAC1B,IAAI,KAAK,KAAK,SAAS;oBAAE,OAAO,KAAK,CAAC,GAAG,GAAG,mBAAmB,CAAC,CAAC;gBACjE,IAAI,CAAC,qBAAqB,CAAC,KAAK,CAAC,EAAE,CAAC;oBAClC,OAAO,KAAK,CACV,2BAA2B,KAAK,aAAa,0BAA0B,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CACtF,CAAC;gBACJ,CAAC;gBACD,oBAAoB,GAAG,KAAK,CAAC;gBAC7B,CAAC,IAAI,CAAC,CAAC;gBACP,MAAM;YACR,CAAC;YACD,KAAK,gBAAgB,CAAC,CAAC,CAAC;gBACtB,MAAM,KAAK,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBAC1B,IAAI,KAAK,KAAK,SAAS;oBAAE,OAAO,KAAK,CAAC,qCAAqC,CAAC,CAAC;gBAC7E,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;oBACrC,OAAO,KAAK,CAAC,uEAAuE,CAAC,CAAC;gBACxF,CAAC;gBACD,mBAAmB,GAAG,KAAK,CAAC,WAAW,EAAE,CAAC;gBAC1C,CAAC,IAAI,CAAC,CAAC;gBACP,MAAM;YACR,CAAC;YACD;gBACE,IAAI,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC;oBAAE,OAAO,KAAK,CAAC,iBAAiB,GAAG,EAAE,CAAC,CAAC;gBAC9D,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;oBACvB,OAAO,KAAK,CACV,2DAA2D,GAAG,aAAa,IAAI,IAAI,CACpF,CAAC;gBACJ,CAAC;gBACD,IAAI,GAAG,GAAG,CAAC;gBACX,CAAC,EAAE,CAAC;gBACJ,MAAM;QACV,CAAC;IACH,CAAC;IAED,IAAI,IAAI;QAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC;IACxC,IAAI,IAAI,KAAK,SAAS;QAAE,OAAO,KAAK,CAAC,8CAA8C,CAAC,CAAC;IACrF,IAAI,QAAQ,KAAK,SAAS;QAAE,OAAO,KAAK,CAAC,0CAA0C,CAAC,CAAC;IAErF,OAAO;QACL,IAAI,EAAE,yBAAyB;QAC/B,IAAI;QACJ,QAAQ;QACR,IAAI;QACJ,GAAG,CAAC,oBAAoB,KAAK,SAAS,IAAI,EAAE,oBAAoB,EAAE,CAAC;QACnE,GAAG,CAAC,mBAAmB,KAAK,SAAS,IAAI,EAAE,mBAAmB,EAAE,CAAC;KAClE,CAAC;AACJ,CAAC;AAED,SAAS,UAAU;IACjB,OAAO;QACL,8DAA8D;QAC9D,EAAE;QACF,OAAO;QACP,mCAAmC;QACnC,qFAAqF;QACrF,EAAE;QACF,6EAA6E;QAC7E,wEAAwE;QACxE,6DAA6D;QAC7D,oEAAoE;QACpE,qEAAqE;QACrE,mCAAmC;QACnC,EAAE;QACF,gEAAgE;QAChE,uEAAuE;QACvE,mEAAmE;QACnE,mEAAmE;QACnE,kEAAkE;QAClE,8DAA8D;QAC9D,+DAA+D;QAC/D,EAAE;QACF,SAAS;QACT,8EAA8E;QAC9E,2EAA2E;QAC3E,4DAA4D;QAC5D,gFAAgF;QAChF,4DAA4D;QAC5D,+CAA+C;QAC/C,4EAA4E;QAC5E,2EAA2E;QAC3E,qEAAqE;QACrE,yEAAyE;QACzE,uEAAuE;QACvE,0EAA0E;QAC1E,4EAA4E;QAC5E,yEAAyE;QACzE,4DAA4D;QAC5D,6EAA6E;QAC7E,qDAAqD;QACrD,EAAE;QACF,wEAAwE;QACxE,+BAA+B;QAC/B,uEAAuE;QACvE,qEAAqE;QACrE,0EAA0E;QAC1E,sEAAsE;QACtE,4CAA4C;QAC5C,wEAAwE;QACxE,wEAAwE;QACxE,qEAAqE;QACrE,2EAA2E;QAC3E,yEAAyE;QACzE,mEAAmE;QACnE,2EAA2E;QAC3E,iEAAiE;QACjE,gCAAgC,0BAA0B,CAAC,MAAM,uCAAuC;QACxG,EAAE;QACF,6CAA6C;QAC7C,4CAA4C;QAC5C,EAAE;QACF,YAAY;QACZ,kEAAkE;QAClE,qFAAqF;QACrF,0BAA0B;QAC1B,EAAE;QACF,6BAA6B;QAC7B,2DAA2D;QAC3D,sFAAsF;QACtF,mEAAmE;QACnE,iEAAiE;QACjE,4DAA4D;QAC5D,sFAAsF;QACtF,EAAE;QACF,mBAAmB;QACnB,4EAA4E;QAC5E,+EAA+E;QAC/E,4EAA4E;QAC5E,yEAAyE;QACzE,qEAAqE;QACrE,2EAA2E;KAC5E,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACf,CAAC;AAED,IAAI,aAAiC,CAAC;AACtC,SAAS,iBAAiB;IACxB,IAAI,aAAa,KAAK,SAAS;QAAE,OAAO,aAAa,CAAC;IACtD,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;QACrD,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,cAAc,CAAC,CAAC;QACjD,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAyB,CAAC;QAC/E,aAAa,GAAG,GAAG,CAAC,OAAO,IAAI,OAAO,CAAC;IACzC,CAAC;IAAC,MAAM,CAAC;QACP,aAAa,GAAG,OAAO,CAAC;IAC1B,CAAC;IACD,OAAO,aAAa,CAAC;AACvB,CAAC;AAED;;;;;;;;;;;;;;GAcG;AACH,MAAM,UAAU,mBAAmB,CACjC,KAAa;IAEb,6EAA6E;IAC7E,IAAI,CAAC;QACH,MAAM,YAAY,GAAG,YAAY,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QAClD,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAA4B,CAAC;QACnE,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC;IACxC,CAAC;IAAC,MAAM,CAAC;QACP,iCAAiC;IACnC,CAAC;IAED,qEAAqE;IACrE,+CAA+C;IAC/C,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QAClE,IAAI,OAAO,KAAK,EAAE,EAAE,CAAC;YACnB,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,iDAAiD,EAAE,CAAC;QACjF,CAAC;QACD,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAA4B,CAAC;QAC9D,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC;IACxC,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC7D,OAAO;YACL,EAAE,EAAE,KAAK;YACT,KAAK,EAAE,sFAAsF,GAAG,EAAE;SACnG,CAAC;IACJ,CAAC;AACH,CAAC;AAED,4EAA4E;AAC5E,MAAM,UAAU,6BAA6B,CAAC,MAAc;IAC1D,QAAQ,MAAM,EAAE,CAAC;QACf,KAAK,uBAAuB;YAC1B,OAAO,iIAAiI,CAAC;QAC3I,KAAK,mBAAmB;YACtB,OAAO,qIAAqI,CAAC;QAC/I,KAAK,sBAAsB;YACzB,OAAO,2EAA2E,CAAC;QACrF,KAAK,qBAAqB;YACxB,OAAO,6CAA6C,CAAC;QACvD,KAAK,mBAAmB;YACtB,OAAO,iGAAiG,CAAC;QAC3G,KAAK,uBAAuB;YAC1B,OAAO,qFAAqF,CAAC;QAC/F,KAAK,wBAAwB;YAC3B,OAAO,yEAAyE,CAAC;QACnF;YACE,OAAO,MAAM,CAAC;IAClB,CAAC;AACH,CAAC;AAED,KAAK,UAAU,wBAAwB,CAAC,IAAgB,EAAE,IAAa;IACrE,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;QAC5B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,+DAA+D,CAAC,CAAC;QACtF,OAAO,CAAC,CAAC;IACX,CAAC;IACD,IAAI,IAAI,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;QAChC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,wDAAwD,CAAC,CAAC;QAC/E,OAAO,CAAC,CAAC;IACX,CAAC;IAED,IAAI,SAAqB,CAAC;IAC1B,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACpC,SAAS,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,UAAU,CAAC,CAAC;IACzE,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC7D,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,yCAAyC,IAAI,CAAC,IAAI,KAAK,GAAG,IAAI,CAAC,CAAC;QACrF,OAAO,CAAC,CAAC;IACX,CAAC;IAED,MAAM,OAAO,GAAG,mBAAmB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IACnD,IAAI,CAAC,OAAO,CAAC,EAAE,EAAE,CAAC;QAChB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,mBAAmB,OAAO,CAAC,KAAK,IAAI,CAAC,CAAC;QAC3D,OAAO,CAAC,CAAC;IACX,CAAC;IACD,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;IAElC,uEAAuE;IACvE,iEAAiE;IACjE,mEAAmE;IACnE,sEAAsE;IACtE,IACE,IAAI,CAAC,mBAAmB,KAAK,SAAS;QACtC,QAAQ,CAAC,mBAAmB,CAAC,WAAW,EAAE,KAAK,IAAI,CAAC,mBAAmB,EACvE,CAAC;QACD,MAAM,MAAM,GAAG;YACb,KAAK,EAAE,KAAK;YACZ,MAAM,EAAE,uBAAuB;YAC/B,4BAA4B,EAAE,IAAI,CAAC,mBAAmB;YACtD,0BAA0B,EAAE,QAAQ,CAAC,mBAAmB,CAAC,WAAW,EAAE;SACvE,CAAC;QACF,IAAI,IAAI,EAAE,CAAC;YACT,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC;QAC/D,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,gCAAgC,6BAA6B,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CACjF,CAAC;QACJ,CAAC;QACD,OAAO,CAAC,CAAC;IACX,CAAC;IACD,IACE,IAAI,CAAC,oBAAoB,KAAK,SAAS;QACvC,QAAQ,CAAC,aAAa,KAAK,IAAI,CAAC,oBAAoB,EACpD,CAAC;QACD,MAAM,MAAM,GAAG;YACb,KAAK,EAAE,KAAK;YACZ,MAAM,EAAE,wBAAwB;YAChC,sBAAsB,EAAE,IAAI,CAAC,oBAAoB;YACjD,oBAAoB,EAAE,QAAQ,CAAC,aAAa;SAC7C,CAAC;QACF,IAAI,IAAI,EAAE,CAAC;YACT,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC;QAC/D,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,gCAAgC,6BAA6B,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CACjF,CAAC;QACJ,CAAC;QACD,OAAO,CAAC,CAAC;IACX,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,qBAAqB,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;IAEhE,kEAAkE;IAClE,mEAAmE;IACnE,mEAAmE;IACnE,gEAAgE;IAChE,iEAAiE;IACjE,oEAAoE;IACpE,6DAA6D;IAC7D,IAAI,iBAAwD,CAAC;IAC7D,IAAI,MAAM,CAAC,KAAK,IAAI,QAAQ,CAAC,aAAa,KAAK,kBAAkB,EAAE,CAAC;QAClE,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,CAAY,CAAC;YAC1E,MAAM,KAAK,GAAG,MAAM,yBAAyB,CAAC,MAAM,CAAC,CAAC;YACtD,IAAI,KAAK,CAAC,UAAU;gBAAE,iBAAiB,GAAG,KAAK,CAAC;QAClD,CAAC;QAAC,MAAM,CAAC;YACP,gEAAgE;YAChE,gEAAgE;YAChE,+DAA+D;YAC/D,8DAA8D;YAC9D,qBAAqB;QACvB,CAAC;IACH,CAAC;IACD,MAAM,WAAW,GAAG,iBAAiB,KAAK,SAAS,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC;IAEnF,IAAI,IAAI,EAAE,CAAC;QACT,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,GAAG,IAAI,CAAC,SAAS,CACf;YACE,KAAK,EAAE,MAAM,CAAC,KAAK,IAAI,CAAC,WAAW;YACnC,GAAG,CAAC,MAAM,CAAC,MAAM,KAAK,SAAS,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,CAAC;YAC7D,QAAQ,EAAE;gBACR,KAAK,EAAE,QAAQ,CAAC,KAAK;gBACrB,aAAa,EAAE,QAAQ,CAAC,aAAa;gBACrC,QAAQ,EAAE,QAAQ,CAAC,QAAQ;gBAC3B,mBAAmB,EAAE,QAAQ,CAAC,mBAAmB;gBACjD,eAAe,EAAE,QAAQ,CAAC,eAAe;gBACzC,WAAW,EAAE,QAAQ,CAAC,WAAW;gBACjC,YAAY,EAAE,QAAQ,CAAC,YAAY;gBACnC,GAAG,CAAC,QAAQ,CAAC,UAAU,KAAK,SAAS,IAAI,EAAE,UAAU,EAAE,QAAQ,CAAC,UAAU,EAAE,CAAC;aAC9E;YACD,GAAG,CAAC,iBAAiB,KAAK,SAAS,IAAI,EAAE,cAAc,EAAE,iBAAiB,EAAE,CAAC;SAC9E,EACD,IAAI,EACJ,CAAC,CACF,IAAI,CACN,CAAC;IACJ,CAAC;SAAM,CAAC;QACN,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;YACjB,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB;gBACE,6BAA6B;gBAC7B,sBAAsB,QAAQ,CAAC,aAAa,EAAE;gBAC9C,sBAAsB,QAAQ,CAAC,QAAQ,EAAE;gBACzC,sBAAsB,QAAQ,CAAC,mBAAmB,EAAE;gBACpD,sBAAsB,QAAQ,CAAC,eAAe,EAAE;gBAChD,sBAAsB,QAAQ,CAAC,WAAW,EAAE;gBAC5C,sBAAsB,QAAQ,CAAC,KAAK,EAAE;gBACtC,sBAAsB,QAAQ,CAAC,YAAY,EAAE;gBAC7C,EAAE;aACH,CAAC,IAAI,CAAC,IAAI,CAAC,CACb,CAAC;YACF,IAAI,iBAAiB,KAAK,SAAS,EAAE,CAAC;gBACpC,MAAM,KAAK,GAAG,iBAAiB,CAAC,QAAQ,CAAC;gBACzC,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB;oBACE,GAAG,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,mBAAmB,iBAAiB,CAAC,aAAa,IAAI,iBAAiB,CAAC,UAAU,gDAAgD;oBACtJ,GAAG,iBAAiB,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;wBACrC,IAAI,CAAC,CAAC,KAAK,EAAE,CAAC;4BACZ,OAAO,OAAO,CAAC,CAAC,MAAM,aAAa,CAAC,CAAC,SAAS,GAAG,CAAC,CAAC,SAAS,KAAK,SAAS,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;wBAChH,CAAC;wBACD,OAAO,OAAO,CAAC,CAAC,MAAM,aAAa,CAAC,CAAC,SAAS,YAAY,CAAC,CAAC,MAAM,IAAI,SAAS,GAAG,CAAC,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;oBAC3I,CAAC,CAAC;oBACF,EAAE;iBACH,CAAC,IAAI,CAAC,IAAI,CAAC,CACb,CAAC;YACJ,CAAC;QACH,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,gCAAgC,6BAA6B,CAAC,MAAM,CAAC,MAAM,IAAI,SAAS,CAAC,IAAI,CAC9F,CAAC;QACJ,CAAC;IACH,CAAC;IACD,sEAAsE;IACtE,uEAAuE;IACvE,qEAAqE;IACrE,iEAAiE;IACjE,OAAO,MAAM,CAAC,KAAK,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAC9C,CAAC;AAED,KAAK,UAAU,IAAI;IACjB,MAAM,IAAI,GAAG,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IAE9C,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;QAC5B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,iBAAiB,EAAE,IAAI,CAAC,CAAC;QACjD,OAAO,CAAC,CAAC;IACX,CAAC;IACD,IAAI,IAAI,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;QACzB,MAAM,IAAI,GAAG,UAAU,EAAE,CAAC;QAC1B,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;YAClC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,mBAAmB,IAAI,CAAC,UAAU,OAAO,IAAI,IAAI,CAAC,CAAC;YACxE,OAAO,CAAC,CAAC;QACX,CAAC;QACD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC;QAClC,OAAO,CAAC,CAAC;IACX,CAAC;IAED,IAAI,IAAI,CAAC,IAAI,KAAK,yBAAyB,EAAE,CAAC;QAC5C,OAAO,wBAAwB,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;IACnD,CAAC;IAED,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;QAC5B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,4CAA4C,UAAU,EAAE,IAAI,CAAC,CAAC;QACnF,OAAO,CAAC,CAAC;IACX,CAAC;IAED,IAAI,+CAAuE,CAAC;IAC5E,IAAI,IAAI,CAAC,mCAAmC,KAAK,SAAS,EAAE,CAAC;QAC3D,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,YAAY,CAAC,IAAI,CAAC,mCAAmC,CAAC,CAAC;YACrE,+CAA+C,GAAG,IAAI,UAAU,CAC9D,KAAK,CAAC,MAAM,EACZ,KAAK,CAAC,UAAU,EAChB,KAAK,CAAC,UAAU,CACjB,CAAC;QACJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC7D,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,uEAAuE,IAAI,CAAC,mCAAmC,KAAK,GAAG,IAAI,CAC5H,CAAC;YACF,OAAO,CAAC,CAAC;QACX,CAAC;IACH,CAAC;IAED,MAAM,mBAAmB,GAAG,sBAAsB,CAAC;QACjD,GAAG,CAAC,IAAI,CAAC,QAAQ,KAAK,SAAS,IAAI,EAAE,iBAAiB,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC;QACxE,GAAG,CAAC,+CAA+C,KAAK,SAAS,IAAI;YACnE,+CAA+C;SAChD,CAAC;QACF,GAAG,CAAC,IAAI,CAAC,IAAI,KAAK,SAAS,IAAI,EAAE,YAAY,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC;KAC5D,CAAC,CAAC;IAEH,IAAI,MAAM,CAAC;IACX,IAAI,CAAC;QACH,MAAM,GAAG,MAAM,UAAU,CAAC,IAAI,CAAC,IAAI,EAAE;YACnC,GAAG,CAAC,IAAI,CAAC,YAAY,KAAK,SAAS,IAAI,EAAE,YAAY,EAAE,IAAI,CAAC,YAAY,EAAE,CAAC;YAC3E,GAAG,CAAC,IAAI,CAAC,gBAAgB,KAAK,SAAS,IAAI,EAAE,gBAAgB,EAAE,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACvF,mBAAmB;SACpB,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC7D,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,+BAA+B,IAAI,CAAC,IAAI,KAAK,GAAG,IAAI,CAAC,CAAC;QAC3E,OAAO,CAAC,CAAC;IACX,CAAC;IAED,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;QACd,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC;IAC/D,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IACnD,CAAC;IACD,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAC9B,CAAC;AAED,mEAAmE;AACnE,oEAAoE;AACpE,sEAAsE;AACtE,mEAAmE;AACnE,iEAAiE;AACjE,MAAM,eAAe,GAAG,CAAC,GAAG,EAAE;IAC5B,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,SAAS;QAAE,OAAO,KAAK,CAAC;IAChD,IAAI,CAAC;QACH,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,UAAU,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC;QAC9D,OAAO,MAAM,CAAC,IAAI,CAAC,GAAG,KAAK,WAAW,CAAC;IACzC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC,CAAC,EAAE,CAAC;AAEL,IAAI,eAAe,EAAE,CAAC;IACpB,IAAI,EAAE;SACH,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE;QACb,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACrB,CAAC,CAAC;SACD,KAAK,CAAC,CAAC,GAAY,EAAE,EAAE;QACtB,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC7D,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,mBAAmB,GAAG,IAAI,CAAC,CAAC;QACjD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,CAAC,CAAC;AACP,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@motebit/verify",
|
|
3
|
-
"version": "1.
|
|
3
|
+
"version": "1.3.0",
|
|
4
4
|
"description": "The canonical `motebit-verify` command-line tool — verifies any signed motebit artifact offline, with every hardware-attestation platform bundled (Apple App Attest, Android Hardware-Backed Keystore Attestation, TPM 2.0, WebAuthn). One install, no network, self-attesting. Replaces the deprecated @motebit/verify@0.x zero-dep library: library primitives now live in @motebit/crypto; file-reading + formatting helpers in @motebit/verifier; this package is the binary.",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "./dist/index.js",
|
|
@@ -51,12 +51,14 @@
|
|
|
51
51
|
"access": "public"
|
|
52
52
|
},
|
|
53
53
|
"dependencies": {
|
|
54
|
-
"@motebit/crypto": "1.
|
|
55
|
-
"@motebit/crypto-android-keystore": "1.1.
|
|
56
|
-
"@motebit/crypto-
|
|
57
|
-
"@motebit/crypto-
|
|
58
|
-
"@motebit/crypto-
|
|
59
|
-
"@motebit/
|
|
54
|
+
"@motebit/crypto": "1.3.0",
|
|
55
|
+
"@motebit/crypto-android-keystore": "1.1.3",
|
|
56
|
+
"@motebit/crypto-tpm": "1.1.4",
|
|
57
|
+
"@motebit/crypto-webauthn": "1.0.5",
|
|
58
|
+
"@motebit/crypto-appattest": "1.0.5",
|
|
59
|
+
"@motebit/protocol": "1.3.0",
|
|
60
|
+
"@motebit/state-export-client": "0.2.0",
|
|
61
|
+
"@motebit/verifier": "1.1.2"
|
|
60
62
|
},
|
|
61
63
|
"devDependencies": {
|
|
62
64
|
"@noble/curves": "^1.9.0",
|