@particle/tachyon-image 0.1.0

package/README.md

@@ -0,0 +1,35 @@
+# @particle/tachyon-image
+
+Shared library for Particle Tachyon system images. It is the **single home** for all image logic so
+the composer, CLI, on-device OTA service, and cloud server never re-implement it:
+
+- **operation-graph model** (`program` chunked/sparse · `erase` · `zero` · `patch` GPT-arith · `gpt`)
+- **`particle_image_v1`** (Particle format) + legacy Qualcomm **`image_manifest_v1`** parse/build
+- **rawprogram / patch / erase XML** round-trip (import a real factory image, emit qdl-ready XML)
+- **ed25519 / JCS** manifest signing + verification
+- **sha256 / payload_sha256** hashing (expanded-with-holes)
+- **Android sparse** + multi-chunk decode
+- **format expansion**: `factory` | `ota-image(slot)` | `ota-boot(slot)`
+- **manifest-first ZIP** read/write (streaming, partition-decodable order)
+- **validation** (shared by composer CI, cloud server, CLI)
+
+Every module is unit-tested. Golden fixtures under `test/fixtures/factory/` are real
+`rawprogram`/`patch`/`manifest.json` entries pulled from the published Tachyon factory image, used to
+prove lossless round-trip.
+
+## Prior art (reference, not a dependency)
+
+The Qualcomm rawprogram/patch grammar is also implemented by [linux-msm/qdl](https://github.com/linux-msm/qdl)
+(C, BSD-3 — authoritative) and [bkerler/edl](https://github.com/bkerler/edl) (Python, GPL-3 — most
+complete parser). We read those for grammar edge cases (patch CRC ops, `partofsingleimage`,
+sparse/erase) but implement our own in TypeScript: no JS/TS library exists, it avoids the GPL/Python
+coupling, and we need a superset (op-graph + `particle_image_v1` + signing) they don't provide.
+
+## Build & test
+
+```bash
+npm install
+npm run build      # tsc -> dist/
+npm test           # vitest
+npm run typecheck
+```

package/dist/bin/particle-image.d.ts

@@ -0,0 +1,2 @@
+#!/usr/bin/env node
+export {};

package/dist/bin/particle-image.js

@@ -0,0 +1,135 @@
+#!/usr/bin/env node
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+/**
+ * particle-image — thin CLI over @particle/tachyon-image.
+ *
+ *   particle-image generate --factory-dir <dir> --out <zip>
+ *       [--emit factory|ota-image|ota-boot] [--slot a|b] [--include-userdata]
+ *       [--sign-profile test|prod|none] [--key <ed25519-private.pem>]
+ *
+ *   particle-image validate <image.zip | factory-dir> [--public-key <pem>]
+ *
+ * Used by tachyon-composer (generate + CI validate) and reusable anywhere.
+ */
+const node_fs_1 = require("node:fs");
+const node_path_1 = require("node:path");
+const factoryDir_1 = require("../import/factoryDir");
+const expand_1 = require("../format/expand");
+const sign_1 = require("../signing/sign");
+const zip_1 = require("../zip");
+const validate_1 = require("../validate");
+function parseArgs(argv) {
+    const out = { _: [] };
+    for (let i = 0; i < argv.length; i++) {
+        const a = argv[i];
+        if (a.startsWith('--')) {
+            const key = a.slice(2);
+            const next = argv[i + 1];
+            if (next === undefined || next.startsWith('--'))
+                out[key] = true;
+            else {
+                out[key] = next;
+                i++;
+            }
+        }
+        else
+            out._.push(a);
+    }
+    return out;
+}
+/** Collect the unique payload file names referenced by the manifest's ops. */
+function collectPayloads(manifest, dir) {
+    const names = new Set();
+    for (const p of manifest.partitions) {
+        for (const op of p.ops) {
+            if (op.op === 'program') {
+                if (op.source)
+                    names.add(op.source);
+                for (const c of op.chunks ?? [])
+                    names.add(c.source);
+            }
+            else if (op.op === 'zero' && op.source)
+                names.add(op.source);
+            else if (op.op === 'gpt')
+                names.add(op.source);
+        }
+    }
+    const payloads = [];
+    for (const name of names) {
+        const path = (0, node_path_1.join)(dir, name);
+        if ((0, node_fs_1.existsSync)(path) && (0, node_fs_1.statSync)(path).isFile())
+            payloads.push({ name, path });
+    }
+    return payloads;
+}
+async function cmdGenerate(args) {
+    const dir = args['factory-dir'];
+    const out = args.out;
+    if (!dir || !out) {
+        console.error('generate: --factory-dir and --out are required');
+        return 2;
+    }
+    const profile = args['sign-profile'] ?? 'test';
+    let manifest = (0, factoryDir_1.importFactoryDir)(dir, { signingProfile: profile, keyId: args['key-id'] });
+    const emit = args.emit ?? 'factory';
+    if (emit !== 'factory') {
+        manifest = (0, expand_1.expand)(manifest, { kind: emit, slot: args.slot, includeUserdata: !!args['include-userdata'] });
+    }
+    if (args.key) {
+        manifest = (0, sign_1.signManifest)(manifest, (0, node_fs_1.readFileSync)(args.key));
+    }
+    else if (profile !== 'none') {
+        console.error(`warning: --sign-profile ${profile} but no --key given; manifest will be unsigned`);
+    }
+    const payloads = collectPayloads(manifest, dir);
+    await (0, zip_1.writeImageZip)(out, manifest, payloads);
+    console.error(`wrote ${out}: ${emit}, ${manifest.partitions.length} partitions, ${payloads.length} payloads`);
+    return 0;
+}
+async function cmdValidate(args) {
+    const target = args._[0];
+    if (!target) {
+        console.error('validate: <image.zip | factory-dir> required');
+        return 2;
+    }
+    const publicKey = args['public-key'] ? (0, node_fs_1.readFileSync)(args['public-key']) : undefined;
+    let manifest;
+    let zipEntryNames;
+    let requireHashes = true;
+    if ((0, node_fs_1.statSync)(target).isDirectory()) {
+        // structural inspection by default (skip multi-GB hashing); --hash to be strict.
+        const doHash = !!args.hash;
+        manifest = (0, factoryDir_1.importFactoryDir)(target, { hashPayloads: doHash });
+        requireHashes = doHash;
+    }
+    else {
+        manifest = await (0, zip_1.readManifestFromZip)(target);
+        zipEntryNames = (await (0, zip_1.listImageZip)(target)).map((e) => e.name);
+    }
+    const report = (0, validate_1.validateManifest)(manifest, { publicKey, zipEntryNames, requireHashes });
+    for (const c of report.checks) {
+        console.log(`${c.ok ? 'PASS' : 'FAIL'}  ${c.name}`);
+        for (const e of c.errors)
+            console.log(`        - ${e}`);
+    }
+    console.log(report.ok ? '\nOK: all checks passed' : '\nFAILED');
+    return report.ok ? 0 : 1;
+}
+async function main() {
+    const [, , cmd, ...rest] = process.argv;
+    const args = parseArgs(rest);
+    switch (cmd) {
+        case 'generate':
+            return cmdGenerate(args);
+        case 'validate':
+            return cmdValidate(args);
+        default:
+            console.error('usage: particle-image <generate|validate> [options]');
+            return 2;
+    }
+}
+main().then((code) => process.exit(code), (err) => {
+    console.error(err instanceof Error ? err.message : String(err));
+    process.exit(1);
+});

package/dist/format/expand.d.ts

@@ -0,0 +1,18 @@
+/**
+ * Format expansion: select the partition subset of a particle_image_v1 for one
+ * of the three emit formats. The source archive is normally a full `factory`
+ * image; expansion produces the smaller `ota-image` / `ota-boot` views.
+ *
+ *  - factory   : every partition.
+ *  - ota-image : just the chosen slot's OS (group A or B = efi_<slot>+system_<slot>).
+ *  - ota-boot  : all BOOT + FIRMWARE (both slots) + the chosen slot's OS;
+ *                USER (userdata/persist) only if includeUserdata.
+ */
+import type { FormatKind, Slot } from '../model/types';
+import type { ParticleImageV1 } from '../manifest/particleImageV1';
+export interface ExpandOpts {
+    kind: FormatKind;
+    slot?: Slot;
+    includeUserdata?: boolean;
+}
+export declare function expand(manifest: ParticleImageV1, opts: ExpandOpts): ParticleImageV1;

package/dist/format/expand.js

@@ -0,0 +1,49 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.expand = expand;
+function slotGroup(slot) {
+    if (slot === 'a')
+        return 'A';
+    if (slot === 'b')
+        return 'B';
+    throw new Error(`expand: slot must be 'a' or 'b' for this format (got '${slot}')`);
+}
+function keep(p, opts) {
+    switch (opts.kind) {
+        case 'factory':
+            return true;
+        case 'ota-image':
+            return p.group === slotGroup(opts.slot);
+        case 'ota-boot': {
+            if (p.group === 'BOOT' || p.group === 'FIRMWARE')
+                return true;
+            if (p.group === slotGroup(opts.slot))
+                return true;
+            if (p.group === 'USER')
+                return !!opts.includeUserdata;
+            return false;
+        }
+        default:
+            throw new Error(`expand: unknown format kind ${opts.kind}`);
+    }
+}
+function expand(manifest, opts) {
+    if (!manifest.format.emittable.includes(opts.kind)) {
+        throw new Error(`expand: archive cannot emit '${opts.kind}' (emittable: ${manifest.format.emittable.join(', ')})`);
+    }
+    if (opts.kind !== 'factory') {
+        const s = opts.slot;
+        if (s !== 'a' && s !== 'b')
+            throw new Error(`expand: '${opts.kind}' requires --slot a|b`);
+        if (!manifest.format.slots_present.includes(s)) {
+            throw new Error(`expand: slot '${s}' not present (have: ${manifest.format.slots_present.join(', ')})`);
+        }
+    }
+    const partitions = manifest.partitions.filter((p) => keep(p, opts));
+    const slots = opts.kind === 'factory' ? manifest.format.slots_present : [opts.slot];
+    return {
+        ...manifest,
+        format: { ...manifest.format, kind: opts.kind, slots_present: slots },
+        partitions,
+    };
+}

package/dist/hash/index.d.ts

@@ -0,0 +1,19 @@
+export declare function sha256(buf: Buffer | Uint8Array): string;
+/**
+ * sha256 of a file via chunked synchronous reads — handles files larger than
+ * the 2 GiB Buffer limit that defeats readFileSync (real system images are
+ * multi-GB). Returns the hash and the byte size.
+ */
+export declare function hashFileSync(path: string, chunkSize?: number): {
+    sha256: string;
+    size: number;
+};
+/** Read the first `n` bytes of a file without loading the whole thing. */
+export declare function peekFileSync(path: string, n: number): Buffer;
+export declare class PayloadHasher {
+    private h;
+    update(buf: Buffer | Uint8Array): this;
+    /** Hash `len` zero bytes (a sparse DONT_CARE hole) without allocating it. */
+    skip(len: number): this;
+    digest(): string;
+}

package/dist/hash/index.js

@@ -0,0 +1,78 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PayloadHasher = void 0;
+exports.sha256 = sha256;
+exports.hashFileSync = hashFileSync;
+exports.peekFileSync = peekFileSync;
+/**
+ * Hashing shared by emitter, validator, device writer, and delta compare.
+ *
+ * - `sha256(buf)` — integrity of a (possibly compressed) zip entry.
+ * - `PayloadHasher` — `payload_sha256` of the fully-EXPANDED raw partition
+ *   image: the writer feeds real data via `update()` and signals sparse holes
+ *   via `skip(len)` (hashed as zeros). This must match exactly between the
+ *   composer (which expands the image to hash it) and the device (which reads
+ *   the block device back), so both count holes as zero bytes.
+ */
+const node_crypto_1 = require("node:crypto");
+const node_fs_1 = require("node:fs");
+function sha256(buf) {
+    return (0, node_crypto_1.createHash)('sha256').update(buf).digest('hex');
+}
+/**
+ * sha256 of a file via chunked synchronous reads — handles files larger than
+ * the 2 GiB Buffer limit that defeats readFileSync (real system images are
+ * multi-GB). Returns the hash and the byte size.
+ */
+function hashFileSync(path, chunkSize = 8 * 1024 * 1024) {
+    const fd = (0, node_fs_1.openSync)(path, 'r');
+    try {
+        const size = (0, node_fs_1.fstatSync)(fd).size;
+        const h = (0, node_crypto_1.createHash)('sha256');
+        const buf = Buffer.allocUnsafe(chunkSize);
+        let bytesRead;
+        while ((bytesRead = (0, node_fs_1.readSync)(fd, buf, 0, buf.length, null)) > 0) {
+            h.update(buf.subarray(0, bytesRead));
+        }
+        return { sha256: h.digest('hex'), size };
+    }
+    finally {
+        (0, node_fs_1.closeSync)(fd);
+    }
+}
+/** Read the first `n` bytes of a file without loading the whole thing. */
+function peekFileSync(path, n) {
+    const fd = (0, node_fs_1.openSync)(path, 'r');
+    try {
+        const buf = Buffer.alloc(n);
+        const read = (0, node_fs_1.readSync)(fd, buf, 0, n, 0);
+        return buf.subarray(0, read);
+    }
+    finally {
+        (0, node_fs_1.closeSync)(fd);
+    }
+}
+const ZERO_CHUNK = Buffer.alloc(64 * 1024); // reused zero buffer for skip()
+class PayloadHasher {
+    constructor() {
+        this.h = (0, node_crypto_1.createHash)('sha256');
+    }
+    update(buf) {
+        this.h.update(buf);
+        return this;
+    }
+    /** Hash `len` zero bytes (a sparse DONT_CARE hole) without allocating it. */
+    skip(len) {
+        let remaining = len;
+        while (remaining > 0) {
+            const n = Math.min(remaining, ZERO_CHUNK.length);
+            this.h.update(n === ZERO_CHUNK.length ? ZERO_CHUNK : ZERO_CHUNK.subarray(0, n));
+            remaining -= n;
+        }
+        return this;
+    }
+    digest() {
+        return this.h.digest('hex');
+    }
+}
+exports.PayloadHasher = PayloadHasher;

package/dist/import/factoryDir.d.ts

@@ -0,0 +1,9 @@
+import { type ParticleImageV1 } from '../manifest/particleImageV1';
+export interface ImportOptions {
+    /** signing profile recorded in the manifest (signature applied separately). */
+    signingProfile?: 'test' | 'prod' | 'none';
+    keyId?: string;
+    /** compute payload hashes (sha256 + payload_sha256). Default true. */
+    hashPayloads?: boolean;
+}
+export declare function importFactoryDir(dir: string, opts?: ImportOptions): ParticleImageV1;

package/dist/import/factoryDir.js

@@ -0,0 +1,226 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.importFactoryDir = importFactoryDir;
+/**
+ * Import a built factory tree (the directory `make_factory_img.sh` produces, or
+ * the unpacked factory zip) into a particle_image_v1 manifest.
+ *
+ * It reads the legacy image_manifest_v1 (manifest.json) for the EDL block, parses
+ * every rawprogram/patch XML into the operation graph, enriches partitions from
+ * partition_ext.xml (type GUID, size) and image-map.tsv (signed/image-id), and
+ * hashes payload files that are present. The result is the single source of truth
+ * the emitter writes into the manifest-first zip.
+ */
+const node_fs_1 = require("node:fs");
+const node_path_1 = require("node:path");
+const imageManifestV1_1 = require("../manifest/imageManifestV1");
+const rawprogram_1 = require("../xml/rawprogram");
+const types_1 = require("../model/types");
+const hash_1 = require("../hash");
+const decode_1 = require("../sparse/decode");
+const particleImageV1_1 = require("../manifest/particleImageV1");
+const ZERO_RE = /(^|\/)(zero|zeros)[\w]*\.bin$/i;
+function readMap(path) {
+    const m = new Map();
+    if (!(0, node_fs_1.existsSync)(path))
+        return m;
+    for (const line of (0, node_fs_1.readFileSync)(path, 'utf8').split('\n')) {
+        const t = line.trim();
+        if (!t || t.startsWith('#'))
+            continue;
+        const [file, signFlag, imageId] = t.split('\t');
+        if (file)
+            m.set(file, { signed: signFlag === 'yes', imageId: imageId || undefined });
+    }
+    return m;
+}
+function partitionExtGuids(path) {
+    const m = new Map();
+    if (!(0, node_fs_1.existsSync)(path))
+        return m;
+    const xml = (0, node_fs_1.readFileSync)(path, 'utf8');
+    // <partition label="x" type="GUID" size_in_kb="N" .../>
+    const re = /<partition\b([^>]*)\/?>/g;
+    let mm;
+    while ((mm = re.exec(xml))) {
+        const attrs = mm[1];
+        const label = /\blabel="([^"]*)"/.exec(attrs)?.[1];
+        if (!label)
+            continue;
+        const typeGuid = /\btype="([^"]*)"/.exec(attrs)?.[1];
+        const kb = /\bsize_in_kb="([^"]*)"/.exec(attrs)?.[1];
+        m.set(label, { typeGuid, sizeBytes: kb ? Number(kb) * 1024 : undefined });
+    }
+    return m;
+}
+function hashPayload(dir, filename) {
+    const p = (0, node_path_1.join)(dir, filename);
+    if (!(0, node_fs_1.existsSync)(p) || !(0, node_fs_1.statSync)(p).isFile())
+        return undefined;
+    // Sparse files are compact on disk; raw images (e.g. a 9GB rootfs.ext4) can
+    // exceed the 2GiB Buffer limit, so hash those via chunked streaming.
+    const magic = (0, hash_1.peekFileSync)(p, 4);
+    const sparse = magic.length === 4 && magic.readUInt32LE(0) === decode_1.SPARSE_MAGIC;
+    if (sparse) {
+        const buf = (0, node_fs_1.readFileSync)(p);
+        const ph = new hash_1.PayloadHasher();
+        let expanded = 0;
+        for (const op of (0, decode_1.decodeSparse)(buf)) {
+            if (op.kind === 'data') {
+                ph.update(op.data);
+                expanded += op.data.length;
+            }
+            else {
+                ph.skip(op.length);
+                expanded += op.length;
+            }
+        }
+        return { sha256: (0, hash_1.sha256)(buf), payloadSha256: ph.digest(), uncompressedSize: expanded };
+    }
+    // raw, uncompressed: the on-disk bytes ARE the expanded image, so the two
+    // hashes coincide.
+    const { sha256: h, size } = (0, hash_1.hashFileSync)(p);
+    return { sha256: h, payloadSha256: h, uncompressedSize: size };
+}
+function importFactoryDir(dir, opts = {}) {
+    const hashPayloadsFlag = opts.hashPayloads !== false;
+    const legacy = (0, imageManifestV1_1.parseImageManifestV1)((0, node_fs_1.readFileSync)((0, node_path_1.join)(dir, 'manifest.json'), 'utf8'));
+    const { platform, edl } = (0, imageManifestV1_1.edlOf)(legacy);
+    const rawEntries = [];
+    for (const f of edl.program_xml)
+        rawEntries.push(...(0, rawprogram_1.parseRawProgram)((0, node_fs_1.readFileSync)((0, node_path_1.join)(dir, f), 'utf8')));
+    const patchEntries = [];
+    for (const f of edl.patch_xml)
+        patchEntries.push(...(0, rawprogram_1.parsePatch)((0, node_fs_1.readFileSync)((0, node_path_1.join)(dir, f), 'utf8')));
+    const guids = partitionExtGuids((0, node_path_1.join)(dir, 'partition_ext.xml'));
+    const signMap = readMap((0, node_path_1.join)(dir, 'image-map.tsv'));
+    // group raw entries by label, preserving first-seen order (= flash order)
+    const order = [];
+    const byLabel = new Map();
+    for (const e of rawEntries) {
+        if (!byLabel.has(e.label)) {
+            byLabel.set(e.label, []);
+            order.push(e.label);
+        }
+        byLabel.get(e.label).push(e);
+    }
+    const partitions = [];
+    for (const label of order) {
+        const entries = byLabel.get(label);
+        const lun = entries[0].physicalPartitionNumber;
+        const { slot, role, group } = (0, types_1.classify)(label, lun);
+        const ops = [];
+        const programChunks = [];
+        for (const e of entries) {
+            if (e.kind === 'erase') {
+                ops.push({ op: 'erase' });
+            }
+            else if (e.kind === 'program') {
+                if (label === 'PrimaryGPT' || label === 'BackupGPT') {
+                    if (e.filename)
+                        ops.push({ op: 'gpt', which: label === 'PrimaryGPT' ? 'primary' : 'backup', source: e.filename });
+                }
+                else if (!e.filename) {
+                    // reserve only — no payload, nothing written
+                }
+                else if (ZERO_RE.test(e.filename)) {
+                    ops.push({ op: 'zero', source: e.filename });
+                }
+                else {
+                    programChunks.push({
+                        source: e.filename,
+                        startSector: typeof e.startSector === 'number' ? e.startSector : 0,
+                        numSectors: typeof e.numPartitionSectors === 'number' ? e.numPartitionSectors : 0,
+                        fileSectorOffset: e.fileSectorOffset,
+                        sparse: e.sparse,
+                    });
+                }
+            }
+        }
+        if (programChunks.length === 1) {
+            const c = programChunks[0];
+            const op = { op: 'program', source: c.source, sparse: c.sparse };
+            if (hashPayloadsFlag) {
+                const h = hashPayload(dir, c.source);
+                if (h)
+                    Object.assign(op, { sha256: h.sha256, payload_sha256: h.payloadSha256, uncompressed_size: h.uncompressedSize });
+            }
+            ops.push(op);
+        }
+        else if (programChunks.length > 1) {
+            ops.push({ op: 'program', chunks: programChunks });
+        }
+        const sm = signMap.get(`${label}`) ?? (programChunks[0] ? signMap.get(programChunks[0].source) : undefined);
+        const g = guids.get(label) ?? guids.get(label.replace(/_[ab]$/, ''));
+        partitions.push({
+            label,
+            lun,
+            slot,
+            role,
+            group,
+            size: g?.sizeBytes,
+            type_guid: g?.typeGuid,
+            signed: sm?.signed || undefined,
+            image_id: sm?.imageId ?? null,
+            ops,
+        });
+    }
+    // attach GPT-header patches per LUN to that LUN's PrimaryGPT partition
+    if (patchEntries.length) {
+        const byLun = new Map();
+        for (const pe of patchEntries) {
+            const arr = byLun.get(pe.physicalPartitionNumber) ?? [];
+            arr.push(pe);
+            byLun.set(pe.physicalPartitionNumber, arr);
+        }
+        for (const [lun, patches] of byLun) {
+            const gptPart = partitions.find((p) => p.lun === lun && p.label === 'PrimaryGPT');
+            if (gptPart) {
+                gptPart.ops.push({
+                    op: 'patch',
+                    patches: patches.map((pe) => ({
+                        startSector: pe.startSector,
+                        byteOffset: pe.byteOffset,
+                        sizeBytes: pe.sizeInBytes,
+                        value: pe.value,
+                        filename: pe.filename,
+                        what: pe.what,
+                    })),
+                });
+            }
+        }
+    }
+    const groups = buildGroups(partitions);
+    const slotsPresent = Array.from(new Set(partitions.map((p) => p.slot).filter((s) => s === 'a' || s === 'b')));
+    const emittable = ['factory', 'ota-image', 'ota-boot'];
+    return {
+        $schema: particleImageV1_1.PARTICLE_IMAGE_SCHEMA,
+        schema_version: 1,
+        release_name: legacy.release_name,
+        version: legacy.version,
+        platform,
+        board: legacy.board,
+        region: legacy.region,
+        variant: legacy.variant,
+        distribution: legacy.distribution,
+        distribution_version: legacy.distribution_version,
+        sector_size: 4096,
+        firehose: edl.firehose,
+        format: { kind: 'factory', emittable, slots_present: slotsPresent, groups },
+        partitions,
+        signing: {
+            profile: opts.signingProfile ?? 'test',
+            key_id: opts.keyId,
+            algorithm: 'ed25519',
+            digest_algorithm: 'sha256',
+            canonicalization: 'jcs',
+        },
+    };
+}
+function buildGroups(partitions) {
+    const groups = {};
+    for (const p of partitions) {
+        (groups[p.group] ??= []).push(p.label);
+    }
+    return groups;
+}

package/dist/index.d.ts

@@ -0,0 +1,14 @@
+export * from './model/types';
+export * from './xml/rawprogram';
+export * from './manifest/imageManifestV1';
+export * from './manifest/particleImageV1';
+export * from './signing/jcs';
+export * from './signing/sign';
+export * from './hash';
+export * from './sparse/decode';
+export * from './format/expand';
+export * from './zip';
+export * from './validate';
+export * from './import/factoryDir';
+export * as slots from './slots';
+export * as server from './server';

package/dist/index.js

@@ -0,0 +1,53 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.server = exports.slots = void 0;
+__exportStar(require("./model/types"), exports);
+__exportStar(require("./xml/rawprogram"), exports);
+__exportStar(require("./manifest/imageManifestV1"), exports);
+__exportStar(require("./manifest/particleImageV1"), exports);
+__exportStar(require("./signing/jcs"), exports);
+__exportStar(require("./signing/sign"), exports);
+__exportStar(require("./hash"), exports);
+__exportStar(require("./sparse/decode"), exports);
+__exportStar(require("./format/expand"), exports);
+__exportStar(require("./zip"), exports);
+__exportStar(require("./validate"), exports);
+__exportStar(require("./import/factoryDir"), exports);
+exports.slots = __importStar(require("./slots"));
+exports.server = __importStar(require("./server"));