@smartspectra/node-sdk 3.2.0-rc.7 → 3.2.0-rc.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/js/main/index.js +1 -0
- package/js/resolve-native.js +2 -0
- package/package.json +5 -5
package/js/main/index.js
CHANGED
|
@@ -62,6 +62,7 @@ function ensurePreconfigured() {
|
|
|
62
62
|
// Pre-create the tree with restrictive permissions; Electron's
|
|
63
63
|
// app.getPath('cache') root isn't always present on first launch.
|
|
64
64
|
try {
|
|
65
|
+
// nosemgrep: detect-non-literal-fs-filename - safe: SDK cache dir derived from the app/OS cache path (app.getPath('cache') + app name), not untrusted input.
|
|
65
66
|
fs.mkdirSync(sdkDirectory, { recursive: true, mode: 0o700 });
|
|
66
67
|
} catch (err) {
|
|
67
68
|
throw new Error(
|
package/js/resolve-native.js
CHANGED
|
@@ -60,6 +60,7 @@ function resolveNativeLibrary() {
|
|
|
60
60
|
|
|
61
61
|
const override = process.env.SMARTSPECTRA_CAPI_PATH;
|
|
62
62
|
if (override) {
|
|
63
|
+
// nosemgrep: detect-non-literal-fs-filename - safe: path is the consumer-set SMARTSPECTRA_CAPI_PATH override, same trust boundary as the process; no attacker input.
|
|
63
64
|
if (!fs.existsSync(override)) {
|
|
64
65
|
throw new Error(
|
|
65
66
|
`@smartspectra/node-sdk: SMARTSPECTRA_CAPI_PATH=${override} ` +
|
|
@@ -96,6 +97,7 @@ function resolveNativeLibrary() {
|
|
|
96
97
|
}
|
|
97
98
|
|
|
98
99
|
const libPath = path.join(pkgRoot, libName);
|
|
100
|
+
// nosemgrep: detect-non-literal-fs-filename - safe: path is derived from require.resolve of the installed platform package plus a fixed library basename; same trust boundary as the process, no attacker input.
|
|
99
101
|
if (!fs.existsSync(libPath)) {
|
|
100
102
|
throw new Error(
|
|
101
103
|
`@smartspectra/node-sdk: "${platformPkg}" is installed but ${libName} is missing from it ` +
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@smartspectra/node-sdk",
|
|
3
|
-
"version": "3.2.0-rc.
|
|
3
|
+
"version": "3.2.0-rc.8",
|
|
4
4
|
"description": "Node.js (Electron) FFI binding for SmartSpectra vitals measurement",
|
|
5
5
|
"author": "Presage Technologies, Inc.",
|
|
6
6
|
"license": "SEE LICENSE IN LICENSE",
|
|
@@ -65,10 +65,10 @@
|
|
|
65
65
|
"dependencies": {
|
|
66
66
|
"koffi": "^2.10.0",
|
|
67
67
|
"protobufjs": "^7.5.0",
|
|
68
|
-
"@smartspectra/node-sdk-linux-x64": "3.2.0-rc.
|
|
69
|
-
"@smartspectra/node-sdk-linux-arm64": "3.2.0-rc.
|
|
70
|
-
"@smartspectra/node-sdk-darwin-arm64": "3.2.0-rc.
|
|
71
|
-
"@smartspectra/node-sdk-win32-x64": "3.2.0-rc.
|
|
68
|
+
"@smartspectra/node-sdk-linux-x64": "3.2.0-rc.8",
|
|
69
|
+
"@smartspectra/node-sdk-linux-arm64": "3.2.0-rc.8",
|
|
70
|
+
"@smartspectra/node-sdk-darwin-arm64": "3.2.0-rc.8",
|
|
71
|
+
"@smartspectra/node-sdk-win32-x64": "3.2.0-rc.8"
|
|
72
72
|
},
|
|
73
73
|
"devDependencies": {
|
|
74
74
|
"@types/node": "^20.0.0",
|