@smartspectra/node-sdk 3.2.0-rc.6 → 3.2.0-rc.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/README.md CHANGED
@@ -149,16 +149,6 @@ generated from the SDK's bundled TypeScript declarations so it tracks the
149
149
  published package. For which metrics to request and how to read the decoded
150
150
  payloads, see the [metrics guide](docs/metrics.md).
151
151
 
152
- <!-- The two members below are not yet emitted by docs-site/scripts/generate-api.ts
153
- (it doesn't capture fields on the ambient `declare class`); documented here
154
- until that generator gap is fixed, then they move to the API reference. -->
155
- Two instance members aren't yet in the generated reference:
156
-
157
- | Member | Type | Notes |
158
- | --- | --- | --- |
159
- | `sdk.processingStatus` | `ProcessingStatusValue` | Current processing status (read-only). |
160
- | `SmartSpectraSDK.version` | `string` | Static; the SDK package version. |
161
-
162
152
  ## Electron integration
163
153
 
164
154
  Runnable sample at [electron-quickstart](https://github.com/Presage-Security/SmartSpectra/tree/main/nodejs/samples/electron-quickstart).
package/js/main/index.js CHANGED
@@ -62,6 +62,7 @@ function ensurePreconfigured() {
62
62
  // Pre-create the tree with restrictive permissions; Electron's
63
63
  // app.getPath('cache') root isn't always present on first launch.
64
64
  try {
65
+ // nosemgrep: detect-non-literal-fs-filename - safe: SDK cache dir derived from the app/OS cache path (app.getPath('cache') + app name), not untrusted input.
65
66
  fs.mkdirSync(sdkDirectory, { recursive: true, mode: 0o700 });
66
67
  } catch (err) {
67
68
  throw new Error(
@@ -60,6 +60,7 @@ function resolveNativeLibrary() {
60
60
 
61
61
  const override = process.env.SMARTSPECTRA_CAPI_PATH;
62
62
  if (override) {
63
+ // nosemgrep: detect-non-literal-fs-filename - safe: path is the consumer-set SMARTSPECTRA_CAPI_PATH override, same trust boundary as the process; no attacker input.
63
64
  if (!fs.existsSync(override)) {
64
65
  throw new Error(
65
66
  `@smartspectra/node-sdk: SMARTSPECTRA_CAPI_PATH=${override} ` +
@@ -96,6 +97,7 @@ function resolveNativeLibrary() {
96
97
  }
97
98
 
98
99
  const libPath = path.join(pkgRoot, libName);
100
+ // nosemgrep: detect-non-literal-fs-filename - safe: path is derived from require.resolve of the installed platform package plus a fixed library basename; same trust boundary as the process, no attacker input.
99
101
  if (!fs.existsSync(libPath)) {
100
102
  throw new Error(
101
103
  `@smartspectra/node-sdk: "${platformPkg}" is installed but ${libName} is missing from it ` +
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@smartspectra/node-sdk",
3
- "version": "3.2.0-rc.6",
3
+ "version": "3.2.0-rc.8",
4
4
  "description": "Node.js (Electron) FFI binding for SmartSpectra vitals measurement",
5
5
  "author": "Presage Technologies, Inc.",
6
6
  "license": "SEE LICENSE IN LICENSE",
@@ -65,10 +65,10 @@
65
65
  "dependencies": {
66
66
  "koffi": "^2.10.0",
67
67
  "protobufjs": "^7.5.0",
68
- "@smartspectra/node-sdk-linux-x64": "3.2.0-rc.6",
69
- "@smartspectra/node-sdk-linux-arm64": "3.2.0-rc.6",
70
- "@smartspectra/node-sdk-darwin-arm64": "3.2.0-rc.6",
71
- "@smartspectra/node-sdk-win32-x64": "3.2.0-rc.6"
68
+ "@smartspectra/node-sdk-linux-x64": "3.2.0-rc.8",
69
+ "@smartspectra/node-sdk-linux-arm64": "3.2.0-rc.8",
70
+ "@smartspectra/node-sdk-darwin-arm64": "3.2.0-rc.8",
71
+ "@smartspectra/node-sdk-win32-x64": "3.2.0-rc.8"
72
72
  },
73
73
  "devDependencies": {
74
74
  "@types/node": "^20.0.0",