@smartspectra/node-sdk 3.2.0-rc.7 → 3.2.0-rc.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/js/main/index.js +1 -0
- package/js/resolve-native.js +6 -2
- package/package.json +5 -5
package/js/main/index.js
CHANGED
|
@@ -62,6 +62,7 @@ function ensurePreconfigured() {
|
|
|
62
62
|
// Pre-create the tree with restrictive permissions; Electron's
|
|
63
63
|
// app.getPath('cache') root isn't always present on first launch.
|
|
64
64
|
try {
|
|
65
|
+
// nosemgrep: detect-non-literal-fs-filename - safe: SDK cache dir derived from the app/OS cache path (app.getPath('cache') + app name), not untrusted input.
|
|
65
66
|
fs.mkdirSync(sdkDirectory, { recursive: true, mode: 0o700 });
|
|
66
67
|
} catch (err) {
|
|
67
68
|
throw new Error(
|
package/js/resolve-native.js
CHANGED
|
@@ -6,8 +6,10 @@
|
|
|
6
6
|
// Picks the right libsmartspectra_capi.{dll,dylib,so} for the current
|
|
7
7
|
// platform+arch and returns a path that koffi.load() can consume.
|
|
8
8
|
//
|
|
9
|
-
// The native runtime closure (shim + libsmartspectra + OpenCV +
|
|
10
|
-
//
|
|
9
|
+
// The native runtime closure (shim + libsmartspectra + OpenCV + graph data,
|
|
10
|
+
// plus a Vulkan loader on Linux/Windows; on macOS MoltenVK is statically
|
|
11
|
+
// linked into libsmartspectra, so no separate Vulkan dylib ships) lives in
|
|
12
|
+
// per-platform packages — `@smartspectra/node-sdk-<plat>-<arch>`
|
|
11
13
|
// — declared as regular (HARD) dependencies of the main package. There is no
|
|
12
14
|
// postinstall download and no install script in the published tarball.
|
|
13
15
|
//
|
|
@@ -60,6 +62,7 @@ function resolveNativeLibrary() {
|
|
|
60
62
|
|
|
61
63
|
const override = process.env.SMARTSPECTRA_CAPI_PATH;
|
|
62
64
|
if (override) {
|
|
65
|
+
// nosemgrep: detect-non-literal-fs-filename - safe: path is the consumer-set SMARTSPECTRA_CAPI_PATH override, same trust boundary as the process; no attacker input.
|
|
63
66
|
if (!fs.existsSync(override)) {
|
|
64
67
|
throw new Error(
|
|
65
68
|
`@smartspectra/node-sdk: SMARTSPECTRA_CAPI_PATH=${override} ` +
|
|
@@ -96,6 +99,7 @@ function resolveNativeLibrary() {
|
|
|
96
99
|
}
|
|
97
100
|
|
|
98
101
|
const libPath = path.join(pkgRoot, libName);
|
|
102
|
+
// nosemgrep: detect-non-literal-fs-filename - safe: path is derived from require.resolve of the installed platform package plus a fixed library basename; same trust boundary as the process, no attacker input.
|
|
99
103
|
if (!fs.existsSync(libPath)) {
|
|
100
104
|
throw new Error(
|
|
101
105
|
`@smartspectra/node-sdk: "${platformPkg}" is installed but ${libName} is missing from it ` +
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@smartspectra/node-sdk",
|
|
3
|
-
"version": "3.2.0-rc.
|
|
3
|
+
"version": "3.2.0-rc.9",
|
|
4
4
|
"description": "Node.js (Electron) FFI binding for SmartSpectra vitals measurement",
|
|
5
5
|
"author": "Presage Technologies, Inc.",
|
|
6
6
|
"license": "SEE LICENSE IN LICENSE",
|
|
@@ -65,10 +65,10 @@
|
|
|
65
65
|
"dependencies": {
|
|
66
66
|
"koffi": "^2.10.0",
|
|
67
67
|
"protobufjs": "^7.5.0",
|
|
68
|
-
"@smartspectra/node-sdk-linux-x64": "3.2.0-rc.
|
|
69
|
-
"@smartspectra/node-sdk-linux-arm64": "3.2.0-rc.
|
|
70
|
-
"@smartspectra/node-sdk-darwin-arm64": "3.2.0-rc.
|
|
71
|
-
"@smartspectra/node-sdk-win32-x64": "3.2.0-rc.
|
|
68
|
+
"@smartspectra/node-sdk-linux-x64": "3.2.0-rc.9",
|
|
69
|
+
"@smartspectra/node-sdk-linux-arm64": "3.2.0-rc.9",
|
|
70
|
+
"@smartspectra/node-sdk-darwin-arm64": "3.2.0-rc.9",
|
|
71
|
+
"@smartspectra/node-sdk-win32-x64": "3.2.0-rc.9"
|
|
72
72
|
},
|
|
73
73
|
"devDependencies": {
|
|
74
74
|
"@types/node": "^20.0.0",
|