@ocap/tx-protocols 1.29.12 → 1.29.14

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/package.json +19 -19
  2. package/tools/fixtures.ts +1 -2
  3. package/tools/test-helpers.ts +82 -0
package/package.json CHANGED
@@ -3,7 +3,7 @@
3
3
  "publishConfig": {
4
4
  "access": "public"
5
5
  },
6
- "version": "1.29.12",
6
+ "version": "1.29.14",
7
7
  "description": "Predefined tx pipeline sets to execute certain type of transactions",
8
8
  "type": "module",
9
9
  "main": "./lib/index.cjs",
@@ -46,34 +46,34 @@
46
46
  "author": "wangshijun <wangshijun2010@gmail.com> (http://github.com/wangshijun)",
47
47
  "license": "MIT",
48
48
  "dependencies": {
49
- "@arcblock/did": "1.29.12",
50
- "@arcblock/did-util": "1.29.12",
51
- "@arcblock/jwt": "1.29.12",
52
- "@arcblock/validator": "1.29.12",
53
- "@arcblock/vc": "1.29.12",
49
+ "@arcblock/did": "1.29.14",
50
+ "@arcblock/did-util": "1.29.14",
51
+ "@arcblock/jwt": "1.29.14",
52
+ "@arcblock/validator": "1.29.14",
53
+ "@arcblock/vc": "1.29.14",
54
54
  "@blocklet/xss": "^0.3.7",
55
- "@ocap/asset": "1.29.12",
56
- "@ocap/client": "1.29.12",
57
- "@ocap/mcrypto": "1.29.12",
58
- "@ocap/merkle-tree": "1.29.12",
59
- "@ocap/message": "1.29.12",
60
- "@ocap/state": "1.29.12",
61
- "@ocap/tx-pipeline": "1.29.12",
62
- "@ocap/types": "1.29.12",
63
- "@ocap/util": "1.29.12",
64
- "@ocap/wallet": "1.29.12",
55
+ "@ocap/asset": "1.29.14",
56
+ "@ocap/client": "1.29.14",
57
+ "@ocap/mcrypto": "1.29.14",
58
+ "@ocap/merkle-tree": "1.29.14",
59
+ "@ocap/message": "1.29.14",
60
+ "@ocap/state": "1.29.14",
61
+ "@ocap/tx-pipeline": "1.29.14",
62
+ "@ocap/types": "1.29.14",
63
+ "@ocap/util": "1.29.14",
64
+ "@ocap/wallet": "1.29.14",
65
65
  "debug": "^4.4.3",
66
66
  "deep-diff": "^1.0.2",
67
67
  "lodash": "^4.17.23",
68
68
  "url-join": "^4.0.1"
69
69
  },
70
70
  "resolutions": {
71
- "bn.js": "5.2.2",
71
+ "bn.js": "5.2.3",
72
72
  "elliptic": "6.5.3"
73
73
  },
74
74
  "devDependencies": {
75
- "@ocap/e2e-test": "1.29.12",
76
- "@ocap/statedb-memory": "1.29.12",
75
+ "@ocap/e2e-test": "1.29.14",
76
+ "@ocap/statedb-memory": "1.29.14",
77
77
  "@types/debug": "^4.1.12",
78
78
  "@types/lodash": "^4.17.16",
79
79
  "start-server-and-test": "^1.14.0"
package/tools/fixtures.ts CHANGED
@@ -14,8 +14,7 @@ import { create as createVC } from '@arcblock/vc';
14
14
  import { getTestChain, closeTestChain } from '@ocap/e2e-test/fixture';
15
15
  import defaultConfigModule from '@ocap/e2e-test/config';
16
16
 
17
- // @ts-ignore - compiled output
18
- import { execute, createExecutor } from '../lib';
17
+ import { execute, createExecutor } from '../src';
19
18
 
20
19
  const defaultConfig = cloneDeep(defaultConfigModule);
21
20
 
package/tools/test-helpers.ts ADDED
@@ -0,0 +1,82 @@
1
+ /**
2
+ * Test helper utilities for IDD six-dimension testing.
3
+ *
4
+ * - assertNoSensitiveData: Data Leak detection
5
+ * - captureStateSnapshot / assertStateUnchanged: Data Damage verification
6
+ */
7
+
8
+ /**
9
+ * Patterns that match sensitive data commonly found in blockchain SDKs.
10
+ * Used by Data Leak tests to verify error messages and outputs don't leak secrets.
11
+ */
12
+ export const SENSITIVE_PATTERNS: { pattern: RegExp; label: string }[] = [
13
+ { pattern: /-----BEGIN.*PRIVATE KEY-----/, label: 'PEM private key' },
14
+ { pattern: /\b(mnemonic|seed\s*phrase)\b/i, label: 'mnemonic keyword' },
15
+ { pattern: /sk[A-Za-z0-9+/]{40,}/, label: 'base58-encoded secret key' },
16
+ ];
17
+
18
+ /**
19
+ * Assert that a string or object does not contain sensitive data patterns.
20
+ * Throws if any SENSITIVE_PATTERNS match.
21
+ */
22
+ export function assertNoSensitiveData(data: string | object, context = 'output'): void {
23
+ const str = typeof data === 'string' ? data : JSON.stringify(data);
24
+ for (const { pattern, label } of SENSITIVE_PATTERNS) {
25
+ if (pattern.test(str)) {
26
+ throw new Error(`Data leak detected in ${context}: matches ${label} (${pattern})`);
27
+ }
28
+ }
29
+ }
30
+
31
+ /**
32
+ * Capture a deep-cloned snapshot of account states for the given addresses.
33
+ * Returns a Map<address, state>. Addresses with no state are skipped.
34
+ */
35
+ export async function captureStateSnapshot(
36
+ statedb: { account: { get(address: string): Promise<any> } },
37
+ addresses: string[]
38
+ ): Promise<Map<string, any>> {
39
+ const snapshot = new Map<string, any>();
40
+ for (const addr of addresses) {
41
+ const state = await statedb.account.get(addr);
42
+ if (state) {
43
+ snapshot.set(addr, JSON.parse(JSON.stringify(state)));
44
+ }
45
+ }
46
+ return snapshot;
47
+ }
48
+
49
+ /**
50
+ * Assert that account states have not changed between two snapshots.
51
+ * Compares by JSON serialization (deep equality).
52
+ *
53
+ * @param fields - If provided, only compare these fields on each state.
54
+ * Useful when dynamic fields (e.g. _retrievedAt) differ.
55
+ */
56
+ export function assertStateUnchanged(
57
+ before: Map<string, any>,
58
+ after: Map<string, any>,
59
+ message = '',
60
+ fields?: string[]
61
+ ): void {
62
+ for (const [addr, beforeState] of before) {
63
+ const afterState = after.get(addr);
64
+ const pick = (obj: any) => {
65
+ if (!fields || !obj) return obj;
66
+ const result: Record<string, any> = {};
67
+ for (const f of fields) {
68
+ result[f] = obj[f];
69
+ }
70
+ return result;
71
+ };
72
+ const beforeStr = JSON.stringify(pick(beforeState));
73
+ const afterStr = JSON.stringify(pick(afterState));
74
+ if (beforeStr !== afterStr) {
75
+ throw new Error(
76
+ `State changed for ${addr}${message ? ': ' + message : ''}\n` +
77
+ ` before: ${beforeStr}\n` +
78
+ ` after: ${afterStr}`
79
+ );
80
+ }
81
+ }
82
+ }