npm - @striae-org/striae - Versions diffs - 4.0.1 → 4.0.2 - Mend

@striae-org/striae 4.0.1 → 4.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (87) hide show

package/app/services/audit/audit.service.ts CHANGED Viewed

@@ -9,7 +9,7 @@ import type {
   AuditResult,
   PerformanceMetrics
 } from '~/types';
-import { generateWorkflowId } from '../../utils/id-generator';
+import { generateWorkflowId } from '~/utils/common';
 import {
   fetchAuditEntriesForUser,
   persistAuditEntryForUser

package/app/services/firebase/index.ts CHANGED Viewed

@@ -6,7 +6,7 @@ import {
     //connectAuthEmulator,
  } from 'firebase/auth';
 import firebaseConfig from '~/config/firebase';
-import { getAppVersion } from '~/utils/version';
+import { getAppVersion } from '~/utils/common';
 export const app = initializeApp(firebaseConfig, "Striae");
 export const auth = getAuth(app);

package/app/utils/api/index.ts ADDED Viewed

@@ -0,0 +1,4 @@
+export * from './data-api-client';
+export * from './image-api-client';
+export * from './pdf-api-client';
+export * from './user-api-client';

package/app/utils/auth/index.ts ADDED Viewed

@@ -0,0 +1,5 @@
+export * from './auth';
+export * from './auth-action-settings';
+export * from './mfa';
+export * from './mfa-phone';
+export * from './password-policy';

package/app/utils/common/index.ts ADDED Viewed

@@ -0,0 +1,3 @@
+export * from './batch-operations';
+export * from './id-generator';
+export * from './version';

package/app/utils/{version.ts → common/version.ts} RENAMED Viewed

@@ -1,4 +1,4 @@
-import packageJson from '../../package.json';
+import packageJson from '../../../package.json';
 export const getAppVersion = () => {
   return packageJson.version;

package/app/utils/{data-operations.ts → data/data-operations.ts} RENAMED Viewed

@@ -6,19 +6,19 @@
 import type { User } from 'firebase/auth';
 import { type CaseData, type AnnotationData, type ConfirmationImportData } from '~/types';
-import { fetchDataApi } from './data-api-client';
+import { fetchDataApi } from '../api';
 import { validateUserSession, canAccessCase, canModifyCase } from './permissions';
 import {
   type ForensicManifestData,
   type ForensicManifestSignature,
   FORENSIC_MANIFEST_VERSION
-} from './SHA256';
-import { CONFIRMATION_SIGNATURE_VERSION } from './confirmation-signature';
+} from '../forensics/SHA256';
+import { CONFIRMATION_SIGNATURE_VERSION } from '../forensics/confirmation-signature';
 import {
   AUDIT_EXPORT_SIGNATURE_VERSION,
   type AuditExportSigningPayload,
   isValidAuditExportSigningPayload
-} from './audit-export-signature';
+} from '../forensics/audit-export-signature';
 // ============================================================================
 // INTERFACES AND TYPES

package/app/utils/data/index.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export * from './data-operations';
2	+ export * from './permissions';

package/app/utils/{permissions.ts → data/permissions.ts} RENAMED Viewed

@@ -1,7 +1,7 @@
 import type { User } from 'firebase/auth';
 import type { UserData, ExtendedUserData, UserLimits, ReadOnlyCaseMetadata } from '~/types';
 import paths from '~/config/config.json';
-import { fetchUserApi } from './user-api-client';
+import { fetchUserApi } from '../api';
 const MAX_CASES_REVIEW = paths.max_cases_review;
 const MAX_FILES_PER_CASE_REVIEW = paths.max_files_per_case_review;

package/app/utils/forensics/index.ts ADDED Viewed

@@ -0,0 +1,5 @@
+export * from './SHA256';
+export * from './audit-export-signature';
+export * from './confirmation-signature';
+export * from './export-verification';
+export * from './signature-utils';

package/app/utils/ui/index.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export * from './annotation-timestamp';
2	+ export * from './style';

package/package.json CHANGED Viewed

@@ -1,20 +1,18 @@
 {
   "name": "@striae-org/striae",
-  "version": "4.0.1",
+  "version": "4.0.2",
   "private": false,
   "description": "Striae is a specialized, cloud-native platform designed to streamline forensic firearms identification by providing an intuitive environment for digital comparison image annotation, authenticated confirmations, and automated report generation.",
   "license": "Apache-2.0",
-  "homepage": "https://striae.app",
+  "homepage": "https://github.com/striae-org/striae/wiki",
   "repository": {
     "type": "git",
     "url": "https://github.com/striae-org/striae.git"
   },
-  "funding": [
-    {
-      "type": "patreon",
-      "url": "https://www.patreon.com/striae"
-    }
-  ],
+  "funding": {
+    "type": "github",
+    "url": "https://github.com/sponsors/striae-org"
+  },
   "bugs": {
     "url": "https://github.com/striae-org/striae/issues"
   },
@@ -114,7 +112,7 @@
     "@react-router/cloudflare": "^7.13.1",
     "exceljs": "^4.4.0",
     "firebase": "^12.10.0",
-    "isbot": "^5.1.35",
+    "isbot": "^5.1.36",
     "jszip": "^3.10.1",
     "react": "^19.2.4",
     "react-dom": "^19.2.4",
@@ -123,23 +121,23 @@
   "devDependencies": {
     "@react-router/dev": "^7.13.1",
     "@react-router/fs-routes": "^7.13.1",
-    "@types/react": "^19.1.10",
-    "@types/react-dom": "^19.1.7",
-    "@typescript-eslint/eslint-plugin": "^8.54.0",
-    "@typescript-eslint/parser": "^8.56.1",
+    "@types/react": "^19.2.14",
+    "@types/react-dom": "^19.2.3",
+    "@typescript-eslint/eslint-plugin": "^8.57.1",
+    "@typescript-eslint/parser": "^8.57.1",
     "autoprefixer": "^10.4.27",
-    "eslint": "^9.39.2",
+    "eslint": "^9.39.4",
     "eslint-import-resolver-typescript": "^4.4.4",
     "eslint-plugin-import": "^2.32.0",
-    "eslint-plugin-jsx-a11y": "^6.7.1",
-    "eslint-plugin-react": "^7.37.4",
+    "eslint-plugin-jsx-a11y": "^6.10.2",
+    "eslint-plugin-react": "^7.37.5",
     "eslint-plugin-react-hooks": "^7.0.1",
-    "postcss": "^8.5.6",
-    "tailwindcss": "^3.4.0",
+    "postcss": "^8.5.8",
+    "tailwindcss": "^3.4.19",
     "typescript": "^5.9.3",
     "vite": "^6.4.1",
     "vite-tsconfig-paths": "^6.1.1",
-    "wrangler": "^4.73.0"
+    "wrangler": "^4.74.0"
   },
   "overrides": {
     "tar": "7.5.11",
@@ -155,4 +153,4 @@
     "node": ">=20.0.0"
   },
   "packageManager": "npm@11.11.0"
-}
+}

package/public/.well-known/keybase.txt ADDED Viewed

@@ -0,0 +1,56 @@
+==================================================================
+https://keybase.io/stephenjlu
+--------------------------------------------------------------------
+I hereby claim:
+  * I am an admin of https://striae.app
+  * I am stephenjlu (https://keybase.io/stephenjlu) on keybase.
+  * I have a public key ASAKWYuLxhqhdePAuDulLzWWUusZk7mQi-1lMyjF8lsSbgo
+To do so, I am signing this object:
+{
+  "body": {
+    "key": {
+      "eldest_kid": "01200a598b8bc61aa175e3c0b83ba52f359652eb1993b9908bed653328c5f25b126e0a",
+      "host": "keybase.io",
+      "kid": "01200a598b8bc61aa175e3c0b83ba52f359652eb1993b9908bed653328c5f25b126e0a",
+      "uid": "ef43479353eb3b8be30c76fd0919c219",
+      "username": "stephenjlu"
+    },
+    "merkle_root": {
+      "ctime": 1773711528,
+      "hash": "9519e4709ef4b2ab7ea27c6633fd91e00989841d63cf53dd15500ccbec43152fdb37efd0cefcae90edcae7d84e2584620026334e98ef2feb36241c6aa38aca11",
+      "hash_meta": "a8ed0ac295c8a433c99b4606da6e569399fae2b052a5f8d053a2d735d110b265",
+      "seqno": 27471249
+    },
+    "service": {
+      "entropy": "e8nGKp/3/msv+czv8R/pIZOA",
+      "hostname": "striae.app",
+      "protocol": "https:"
+    },
+    "type": "web_service_binding",
+    "version": 2
+  },
+  "client": {
+    "name": "keybase.io go client",
+    "version": "6.6.0"
+  },
+  "ctime": 1773711539,
+  "expire_in": 504576000,
+  "prev": "20fa9a69a64b9008e2ba1d18171c4eda04d49fc68c2b419cf5156b78faa8b75b",
+  "seqno": 26,
+  "tag": "signature"
+}
+which yields the signature:
+hKRib2R5hqhkZXRhY2hlZMOpaGFzaF90eXBlCqNrZXnEIwEgClmLi8YaoXXjwLg7pS81llLrGZO5kIvtZTMoxfJbEm4Kp3BheWxvYWTESpcCGsQgIPqaaaZLkAjiuh0YFxxO2gTUn8aMK0Gc9RVrePqot1vEIOlO7j2uG/S+PR0TZqsul0pFPx7wKWbK+YYm6cWb9OQYAgHCo3NpZ8RAUVB1DF+DBdsDrp5BVL0eqUuueayhIrABHB63O9f9e03e8MJpZUAWdv8r7eLRcOoSf5p3I+CtsDgeyklUXy6oCKhzaWdfdHlwZSCkaGFzaIKkdHlwZQildmFsdWXEIH2d3PmZB6Yydgvkp783wyinfEsZBLRlgM2WXItXvkvTo3RhZ80CAqd2ZXJzaW9uAQ==
+And finally, I am proving ownership of this host by posting or
+appending to this document.
+View my publicly-auditable identity here: https://keybase.io/stephenjlu
+==================================================================

package/scripts/deploy-config.sh CHANGED Viewed

@@ -559,6 +559,7 @@ required_vars=(
     "PDF_WORKER_AUTH"
     "ACCOUNT_HASH"
     "API_TOKEN"
+    "BROWSER_API_TOKEN"
     "HMAC_KEY"
     "MANIFEST_SIGNING_PRIVATE_KEY"
     "MANIFEST_SIGNING_KEY_ID"
@@ -1284,6 +1285,7 @@ prompt_for_secrets() {
     prompt_for_var "PDF_WORKER_AUTH" "PDF worker authentication token (generate with: openssl rand -hex 16)"
     prompt_for_var "ACCOUNT_HASH" "Cloudflare Images Account Hash"
     prompt_for_var "API_TOKEN" "Cloudflare Images API token (for Images Worker)"
+    prompt_for_var "BROWSER_API_TOKEN" "Cloudflare Browser Rendering API token (for PDF Worker)"
     prompt_for_var "HMAC_KEY" "Cloudflare Images HMAC signing key"
     configure_manifest_signing_credentials

package/scripts/deploy-worker-secrets.sh CHANGED Viewed

@@ -197,10 +197,9 @@ if ! set_worker_secrets "Images Worker" "workers/image-worker" \
     echo -e "${YELLOW}⚠️  Skipping Images Worker (not configured)${NC}"
 fi
-# PDF Worker (no secrets needed)
 # PDF Worker
 if ! set_worker_secrets "PDF Worker" "workers/pdf-worker" \
-    "PDF_WORKER_AUTH"; then
+    "PDF_WORKER_AUTH" "ACCOUNT_ID" "BROWSER_API_TOKEN"; then
     echo -e "${YELLOW}⚠️  Skipping PDF Worker (not configured)${NC}"
 fi

package/workers/audit-worker/wrangler.jsonc.example CHANGED Viewed

@@ -2,7 +2,7 @@
   "name": "AUDIT_WORKER_NAME",
   "account_id": "ACCOUNT_ID",
   "main": "src/audit-worker.ts",
-  "compatibility_date": "2026-03-15",
+  "compatibility_date": "2026-03-17",
   "compatibility_flags": [
     "nodejs_compat"
   ],

package/workers/data-worker/wrangler.jsonc.example CHANGED Viewed

@@ -3,7 +3,7 @@
   "name": "DATA_WORKER_NAME",
   "account_id": "ACCOUNT_ID",
   "main": "src/data-worker.ts",
-  "compatibility_date": "2026-03-15",
+  "compatibility_date": "2026-03-17",
   "compatibility_flags": [
     "nodejs_compat"
   ],

package/workers/image-worker/wrangler.jsonc.example CHANGED Viewed

@@ -2,7 +2,7 @@
   "name": "IMAGES_WORKER_NAME",
   "account_id": "ACCOUNT_ID",
   "main": "src/image-worker.ts",
-  "compatibility_date": "2026-03-15",
+  "compatibility_date": "2026-03-17",
   "compatibility_flags": [
     "nodejs_compat"
   ],

package/workers/keys-worker/wrangler.jsonc.example CHANGED Viewed

@@ -2,7 +2,7 @@
   "name": "KEYS_WORKER_NAME",
   "account_id": "ACCOUNT_ID",
   "main": "src/keys.ts",
-  "compatibility_date": "2026-03-15",
+  "compatibility_date": "2026-03-17",
   "compatibility_flags": [
     "nodejs_compat"
   ],

package/workers/pdf-worker/src/pdf-worker.example.ts CHANGED Viewed

@@ -1,12 +1,28 @@
-import { launch } from "@cloudflare/puppeteer";
 import type { PDFGenerationData, PDFGenerationRequest, ReportModule } from './report-types';
 interface Env {
   BROWSER: Fetcher;
   PDF_WORKER_AUTH: string;
+  ACCOUNT_ID?: string;
+  CLOUDFLARE_ACCOUNT_ID?: string;
+  BROWSER_API_TOKEN?: string;
+  API_TOKEN?: string;
 }
 const DEFAULT_REPORT_FORMAT = 'striae';
+const BROWSER_PDF_TIMEOUT_MS = 90_000;
+const BROWSER_RENDERING_API_BASE = 'https://api.cloudflare.com/client/v4/accounts';
+const DEFAULT_PDF_OPTIONS = {
+  printBackground: true,
+  format: 'letter',
+  margin: {
+    top: '0.5in',
+    bottom: '0.5in',
+    left: '0.5in',
+    right: '0.5in',
+  },
+};
 const reportModuleLoaders: Record<string, () => Promise<ReportModule>> = {
   // Default Striae report format module
@@ -22,6 +38,45 @@ const corsHeaders: Record<string, string> = {
 const hasValidHeader = (request: Request, env: Env): boolean =>
   request.headers.get('X-Custom-Auth-Key') === env.PDF_WORKER_AUTH;
+function isTimeoutError(error: unknown): boolean {
+  return error instanceof Error && (
+    error.name === 'AbortError' ||
+    error.name === 'TimeoutError' ||
+    /timed out/i.test(error.message)
+  );
+}
+function jsonResponse(body: unknown, status: number): Response {
+  return new Response(JSON.stringify(body), {
+    status,
+    headers: { ...corsHeaders, 'content-type': 'application/json' },
+  });
+}
+function resolveBrowserApiToken(env: Env): string {
+  const candidates = [env.BROWSER_API_TOKEN, env.API_TOKEN];
+  for (const candidate of candidates) {
+    if (typeof candidate === 'string' && candidate.trim().length > 0) {
+      return candidate.trim();
+    }
+  }
+  return '';
+}
+function resolveAccountId(env: Env): string {
+  const candidates = [env.ACCOUNT_ID, env.CLOUDFLARE_ACCOUNT_ID];
+  for (const candidate of candidates) {
+    if (typeof candidate === 'string' && candidate.trim().length > 0) {
+      return candidate.trim();
+    }
+  }
+  return '';
+}
 function normalizeReportFormat(format: unknown): string {
   if (typeof format !== 'string') {
     return DEFAULT_REPORT_FORMAT;
@@ -69,6 +124,84 @@ async function renderReport(reportFormat: string, data: PDFGenerationData): Prom
   return reportModule.renderReport(data);
 }
+async function renderPdfViaRestEndpoint(env: Env, html: string): Promise<Response> {
+  const accountId = resolveAccountId(env);
+  const browserApiToken = resolveBrowserApiToken(env);
+  if (!accountId || !browserApiToken) {
+    return jsonResponse(
+      {
+        error: 'Missing required Browser Rendering credentials',
+        requiredSecrets: ['ACCOUNT_ID', 'BROWSER_API_TOKEN'],
+        note: 'Set ACCOUNT_ID and a Browser Rendering - Edit token (BROWSER_API_TOKEN) on this worker.',
+      },
+      502
+    );
+  }
+  const endpoint = `${BROWSER_RENDERING_API_BASE}/${accountId}/browser-rendering/pdf`;
+  const requestBody = JSON.stringify({
+    html,
+    pdfOptions: DEFAULT_PDF_OPTIONS,
+  });
+  let endpointResponse: Response;
+  try {
+    endpointResponse = await fetch(endpoint, {
+      method: 'POST',
+      headers: {
+        Authorization: `Bearer ${browserApiToken}`,
+        'Content-Type': 'application/json',
+      },
+      body: requestBody,
+      signal: AbortSignal.timeout(BROWSER_PDF_TIMEOUT_MS),
+    });
+  } catch (error) {
+    const message = error instanceof Error ? error.message : 'Unknown browser endpoint error';
+    return jsonResponse(
+      {
+        error: 'Unable to reach Browser Rendering endpoint',
+        endpoint,
+        message,
+      },
+      isTimeoutError(error) ? 504 : 502
+    );
+  }
+  if (!endpointResponse.ok) {
+    const failureText = await endpointResponse.text().catch(() => '');
+    return jsonResponse(
+      {
+        error: 'Browser Rendering endpoint returned an error',
+        endpoint,
+        status: endpointResponse.status,
+        details: failureText.slice(0, 512) || endpointResponse.statusText || 'Unknown endpoint failure',
+      },
+      endpointResponse.status === 504 ? 504 : 502
+    );
+  }
+  const responseHeaders = new Headers(endpointResponse.headers);
+  if (!responseHeaders.has('content-type')) {
+    responseHeaders.set('content-type', 'application/pdf');
+  }
+  if (!responseHeaders.has('cache-control')) {
+    responseHeaders.set('cache-control', 'no-store');
+  }
+  for (const [headerName, headerValue] of Object.entries(corsHeaders)) {
+    responseHeaders.set(headerName, headerValue);
+  }
+  return new Response(endpointResponse.body, {
+    status: endpointResponse.status,
+    statusText: endpointResponse.statusText,
+    headers: responseHeaders,
+  });
+}
 export default {
   async fetch(request: Request, env: Env): Promise<Response> {
     if (request.method === 'OPTIONS') {
@@ -76,55 +209,27 @@ export default {
     }
     if (!hasValidHeader(request, env)) {
-      return new Response(JSON.stringify({ error: 'Forbidden' }), {
-        status: 403,
-        headers: { ...corsHeaders, 'content-type': 'application/json' },
-      });
+      return jsonResponse({ error: 'Forbidden' }, 403);
     }
     if (request.method === 'POST') {
-      let browser: Awaited<ReturnType<typeof launch>> | undefined;
       try {
         const payload = await request.json() as PDFGenerationData | PDFGenerationRequest;
         const { reportFormat, data } = resolveReportRequest(payload);
-        browser = await launch(env.BROWSER);
-        const page = await browser.newPage();
-        // Render report from module selected by report format name.
         const document = await renderReport(reportFormat, data);
-        await page.setContent(document);
-        const pdfBuffer = await page.pdf({
-          printBackground: true,
-          format: 'letter',
-          margin: { top: '0.5in', bottom: '0.5in', left: '0.5in', right: '0.5in' },
-        });
-        return new Response(new Uint8Array(pdfBuffer), {
-          headers: {
-            ...corsHeaders,
-            'content-type': 'application/pdf',
-          },
-        });
-      } catch (error) {
-        const errorMessage = error instanceof Error ? error.message : 'Unknown error occurred';
-        return new Response(JSON.stringify({ error: errorMessage }), {
-          status: 500,
-          headers: { ...corsHeaders, 'content-type': 'application/json' },
-        });
-      } finally {
-        if (browser) {
-          await browser.close();
+        return await renderPdfViaRestEndpoint(env, document);
+      } catch (error) {
+        if (isTimeoutError(error)) {
+          const timeoutMessage = error instanceof Error ? error.message : 'PDF generation timed out';
+          return jsonResponse({ error: timeoutMessage }, 504);
         }
+        const errorMessage = error instanceof Error ? error.message : 'Unknown error occurred';
+        return jsonResponse({ error: errorMessage }, 500);
       }
     }
-    return new Response(JSON.stringify({ error: 'Method not allowed' }), {
-      status: 405,
-      headers: { ...corsHeaders, 'content-type': 'application/json' },
-    });
+    return jsonResponse({ error: 'Method not allowed' }, 405);
   },
 };

package/workers/pdf-worker/wrangler.jsonc.example CHANGED Viewed

@@ -2,7 +2,7 @@
   "name": "PDF_WORKER_NAME",
   "account_id": "ACCOUNT_ID",
   "main": "src/pdf-worker.ts",
-  "compatibility_date": "2026-03-15",
+  "compatibility_date": "2026-03-17",
   "compatibility_flags": [
     "nodejs_compat"
   ],

package/workers/user-worker/wrangler.jsonc.example CHANGED Viewed

@@ -2,7 +2,7 @@
   "name": "USER_WORKER_NAME",
   "account_id": "ACCOUNT_ID",
   "main": "src/user-worker.ts",
-  "compatibility_date": "2026-03-15",
+  "compatibility_date": "2026-03-17",
   "compatibility_flags": [
     "nodejs_compat"
   ],

package/wrangler.toml.example CHANGED Viewed

@@ -1,6 +1,6 @@
 #:schema node_modules/wrangler/config-schema.json
 name = "PAGES_PROJECT_NAME"
-compatibility_date = "2026-03-15"
+compatibility_date = "2026-03-17"
 compatibility_flags = ["nodejs_compat"]
 pages_build_output_dir = "./build/client"

package/public/.well-known/publickey.info@striae.org.asc DELETED Viewed

@@ -1,17 +0,0 @@
------BEGIN PGP PUBLIC KEY BLOCK-----
-xjMEaJ+SaRYJKwYBBAHaRw8BAQdAtWcW9OcCVtFNTBf+4lwASGgVBGNIGb6z
-GNIq37cw83zNIWluZm9Ac3RyaWFlLm9yZyA8aW5mb0BzdHJpYWUub3JnPsLA
-EQQTFgoAgwWCaJ+SaQMLCQcJkC2UdiWEnC1iRRQAAAAAABwAIHNhbHRAbm90
-YXRpb25zLm9wZW5wZ3Bqcy5vcmfhki1wbo0xW0HoW6jsyBK/iWN/u01JBBJd
-YGiCbEL+sAMVCggEFgACAQIZAQKbAwIeARYhBCw6mxgiRn72TJictC2UdiWE
-nC1iAADDlgD+Jlmez0pVz0u3kllpSt6S3MOuUCJla6p4ZEbjTniCJaUA/R7X
-kykgKaNm/PUolRZhnUwhcNWT48EMHo1jMkyGKUQEzjgEaJ+SaRIKKwYBBAGX
-VQEFAQEHQNEibB8TSeDgzURCgYgXn32lYJ6vVLl87FeJRsEQY4BfAwEIB8K+
-BBgWCgBwBYJon5JpCZAtlHYlhJwtYkUUAAAAAAAcACBzYWx0QG5vdGF0aW9u
-cy5vcGVucGdwanMub3Jn5sADmb+wNJJLschl/7wW5OxuG8sTK8hrYrYAMu8f
-lsgCmwwWIQQsOpsYIkZ+9kyYnLQtlHYlhJwtYgAADjQBAPLqpZXfz6LF3QCT
-ljTevmSNC+/XPUPUe0pWwmt3O+CFAQCoYARnr6O+e9K2RKTGiji5yY5EvHIo
-GsOM90I360PhCw==
-=MSt/
------END PGP PUBLIC KEY BLOCK-----