npm - @vex-chat/libvex - Versions diffs - 1.1.0 → 4.0.0 - Mend

@vex-chat/libvex 1.1.0 → 4.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (149) hide show

package/README.md +104 -41
package/dist/Client.d.ts +473 -560
package/dist/Client.d.ts.map +1 -0
package/dist/Client.js +1486 -1551
package/dist/Client.js.map +1 -1
package/dist/Storage.d.ts +111 -0
package/dist/Storage.d.ts.map +1 -0
package/dist/Storage.js +2 -0
package/dist/Storage.js.map +1 -0
package/dist/__tests__/harness/memory-storage.d.ts +29 -27
package/dist/__tests__/harness/memory-storage.d.ts.map +1 -0
package/dist/__tests__/harness/memory-storage.js +120 -109
package/dist/__tests__/harness/memory-storage.js.map +1 -1
package/dist/codec.d.ts +44 -0
package/dist/codec.d.ts.map +1 -0
package/dist/codec.js +51 -0
package/dist/codec.js.map +1 -0
package/dist/codecs.d.ts +201 -0
package/dist/codecs.d.ts.map +1 -0
package/dist/codecs.js +67 -0
package/dist/codecs.js.map +1 -0
package/dist/index.d.ts +6 -5
package/dist/index.d.ts.map +1 -0
package/dist/index.js +1 -0
package/dist/index.js.map +1 -1
package/dist/keystore/memory.d.ts +5 -4
package/dist/keystore/memory.d.ts.map +1 -0
package/dist/keystore/memory.js +9 -7
package/dist/keystore/memory.js.map +1 -1
package/dist/keystore/node.d.ts +8 -6
package/dist/keystore/node.d.ts.map +1 -0
package/dist/keystore/node.js +47 -22
package/dist/keystore/node.js.map +1 -1
package/dist/preset/common.d.ts +7 -0
package/dist/preset/common.d.ts.map +1 -0
package/dist/preset/common.js +2 -0
package/dist/preset/common.js.map +1 -0
package/dist/preset/node.d.ts +4 -7
package/dist/preset/node.d.ts.map +1 -0
package/dist/preset/node.js +4 -11
package/dist/preset/node.js.map +1 -1
package/dist/preset/test.d.ts +4 -5
package/dist/preset/test.d.ts.map +1 -0
package/dist/preset/test.js +3 -20
package/dist/preset/test.js.map +1 -1
package/dist/storage/node.d.ts +3 -3
package/dist/storage/node.d.ts.map +1 -0
package/dist/storage/node.js +4 -10
package/dist/storage/node.js.map +1 -1
package/dist/storage/schema.d.ts +55 -54
package/dist/storage/schema.d.ts.map +1 -0
package/dist/storage/sqlite.d.ts +41 -28
package/dist/storage/sqlite.d.ts.map +1 -0
package/dist/storage/sqlite.js +339 -297
package/dist/storage/sqlite.js.map +1 -1
package/dist/transport/types.d.ts +17 -16
package/dist/transport/types.d.ts.map +1 -0
package/dist/transport/websocket.d.ts +26 -0
package/dist/transport/websocket.d.ts.map +1 -0
package/dist/transport/websocket.js +83 -0
package/dist/transport/websocket.js.map +1 -0
package/dist/types/crypto.d.ts +38 -0
package/dist/types/crypto.d.ts.map +1 -0
package/dist/types/crypto.js +9 -0
package/dist/types/crypto.js.map +1 -0
package/dist/types/identity.d.ts +22 -0
package/dist/types/identity.d.ts.map +1 -0
package/dist/types/identity.js +6 -0
package/dist/types/identity.js.map +1 -0
package/dist/types/index.d.ts +3 -0
package/dist/types/index.d.ts.map +1 -0
package/dist/types/index.js +2 -0
package/dist/types/index.js.map +1 -0
package/dist/utils/capitalize.d.ts +1 -0
package/dist/utils/capitalize.d.ts.map +1 -0
package/dist/utils/formatBytes.d.ts +1 -0
package/dist/utils/formatBytes.d.ts.map +1 -0
package/dist/utils/formatBytes.js +3 -1
package/dist/utils/formatBytes.js.map +1 -1
package/dist/utils/sqlSessionToCrypto.d.ts +4 -2
package/dist/utils/sqlSessionToCrypto.d.ts.map +1 -0
package/dist/utils/sqlSessionToCrypto.js +5 -5
package/dist/utils/sqlSessionToCrypto.js.map +1 -1
package/dist/utils/uint8uuid.d.ts +1 -4
package/dist/utils/uint8uuid.d.ts.map +1 -0
package/dist/utils/uint8uuid.js +1 -7
package/dist/utils/uint8uuid.js.map +1 -1
package/package.json +74 -91
package/src/Client.ts +3086 -0
package/{dist/IStorage.d.ts → src/Storage.ts} +70 -62
package/src/__tests__/codec.test.ts +256 -0
package/src/__tests__/ghost.png +0 -0
package/src/__tests__/harness/fixtures.ts +22 -0
package/src/__tests__/harness/memory-storage.ts +254 -0
package/src/__tests__/harness/platform-transports.ts +4 -0
package/src/__tests__/harness/poison-node-imports.ts +107 -0
package/src/__tests__/harness/shared-suite.ts +426 -0
package/src/__tests__/platform-browser.test.ts +14 -0
package/src/__tests__/platform-node.test.ts +9 -0
package/src/__tests__/triggered.png +0 -0
package/src/codec.ts +68 -0
package/src/codecs.ts +101 -0
package/src/index.ts +40 -0
package/src/keystore/memory.ts +30 -0
package/src/keystore/node.ts +102 -0
package/src/preset/common.ts +7 -0
package/src/preset/node.ts +18 -0
package/src/preset/test.ts +20 -0
package/src/storage/node.ts +22 -0
package/src/storage/schema.ts +94 -0
package/src/storage/sqlite.ts +655 -0
package/src/transport/types.ts +22 -0
package/src/transport/websocket.ts +106 -0
package/src/types/crypto.ts +42 -0
package/src/types/identity.ts +23 -0
package/src/types/index.ts +9 -0
package/src/utils/capitalize.ts +6 -0
package/src/utils/formatBytes.ts +15 -0
package/src/utils/sqlSessionToCrypto.ts +16 -0
package/src/utils/uint8uuid.ts +7 -0
package/dist/IStorage.js +0 -2
package/dist/IStorage.js.map +0 -1
package/dist/keystore/types.d.ts +0 -4
package/dist/keystore/types.js +0 -2
package/dist/keystore/types.js.map +0 -1
package/dist/preset/expo.d.ts +0 -2
package/dist/preset/expo.js +0 -39
package/dist/preset/expo.js.map +0 -1
package/dist/preset/tauri.d.ts +0 -2
package/dist/preset/tauri.js +0 -36
package/dist/preset/tauri.js.map +0 -1
package/dist/preset/types.d.ts +0 -14
package/dist/preset/types.js +0 -2
package/dist/preset/types.js.map +0 -1
package/dist/storage/expo.d.ts +0 -3
package/dist/storage/expo.js +0 -18
package/dist/storage/expo.js.map +0 -1
package/dist/storage/tauri.d.ts +0 -3
package/dist/storage/tauri.js +0 -21
package/dist/storage/tauri.js.map +0 -1
package/dist/transport/browser.d.ts +0 -17
package/dist/transport/browser.js +0 -56
package/dist/transport/browser.js.map +0 -1
package/dist/utils/constants.d.ts +0 -8
package/dist/utils/constants.js +0 -9
package/dist/utils/constants.js.map +0 -1
package/dist/utils/createLogger.d.ts +0 -5
package/dist/utils/createLogger.js +0 -27
package/dist/utils/createLogger.js.map +0 -1

package/src/__tests__/harness/memory-storage.ts ADDED Viewed

@@ -0,0 +1,254 @@
+import type { Message } from "../../index.js";
+import type { Storage } from "../../Storage.js";
+import type {
+    PreKeysCrypto,
+    SessionCrypto,
+    UnsavedPreKey,
+} from "../../types/index.js";
+import type { Device, PreKeysSQL, SessionSQL } from "@vex-chat/types";
+import {
+    type KeyPair,
+    xBoxKeyPairFromSecret,
+    XKeyConvert,
+    xSecretbox,
+    xSecretboxOpen,
+    xSignKeyPairFromSecret,
+    XUtils,
+} from "@vex-chat/crypto";
+/**
+ * Minimal in-memory Storage for browser/RN platform tests.
+ *
+ * Uses eventemitter3 (browser-safe) instead of Node's events module.
+ * No persistence — just enough for the register/login/connect/DM test flow.
+ */
+import { EventEmitter } from "eventemitter3";
+export class MemoryStorage extends EventEmitter implements Storage {
+    public ready = false;
+    private readonly devices: Device[] = [];
+    private readonly idKeys: KeyPair;
+    private messages: Message[] = [];
+    private nextOtkIndex = 1;
+    private nextPreKeyIndex = 1;
+    private oneTimeKeys: any[] = [];
+    private preKeys: any[] = [];
+    private sessions: SessionSQL[] = [];
+    constructor(SK: string) {
+        super();
+        const idKeys = XKeyConvert.convertKeyPair(
+            xSignKeyPairFromSecret(XUtils.decodeHex(SK)),
+        );
+        if (!idKeys) throw new Error("Can't convert SK!");
+        this.idKeys = idKeys;
+    }
+    close(): Promise<void> {
+        return Promise.resolve();
+    }
+    deleteHistory(channelOrUserID: string): Promise<void> {
+        this.messages = this.messages.filter(
+            (m) =>
+                m.group !== channelOrUserID &&
+                m.authorID !== channelOrUserID &&
+                m.readerID !== channelOrUserID,
+        );
+        return Promise.resolve();
+    }
+    deleteMessage(mailID: string): Promise<void> {
+        this.messages = this.messages.filter((m) => m.mailID !== mailID);
+        return Promise.resolve();
+    }
+    deleteOneTimeKey(index: number): Promise<void> {
+        this.oneTimeKeys = this.oneTimeKeys.filter((k) => k.index !== index);
+        return Promise.resolve();
+    }
+    getAllSessions(): Promise<SessionSQL[]> {
+        return Promise.resolve(
+            this.sessions.map((s) => ({
+                ...s,
+                verified: s.verified,
+            })),
+        );
+    }
+    getDevice(deviceID: string): Promise<Device | null> {
+        return Promise.resolve(
+            this.devices.find((d) => d.deviceID === deviceID) ?? null,
+        );
+    }
+    getGroupHistory(channelID: string): Promise<Message[]> {
+        return Promise.resolve(
+            this.messages
+                .filter((m) => m.group === channelID)
+                .map((m) => this.decryptMessage(m)),
+        );
+    }
+    getMessageHistory(userID: string): Promise<Message[]> {
+        return Promise.resolve(
+            this.messages
+                .filter(
+                    (m) =>
+                        (m.direction === "incoming" &&
+                            m.authorID === userID &&
+                            !m.group) ||
+                        (m.direction === "outgoing" &&
+                            m.readerID === userID &&
+                            !m.group),
+                )
+                .map((m) => this.decryptMessage(m)),
+        );
+    }
+    getOneTimeKey(index: number): Promise<null | PreKeysCrypto> {
+        const otk = this.oneTimeKeys.find((k) => k.index === index);
+        if (!otk || !otk.privateKey) return Promise.resolve(null);
+        return Promise.resolve({
+            index: otk.index,
+            keyPair: xBoxKeyPairFromSecret(XUtils.decodeHex(otk.privateKey)),
+            signature: XUtils.decodeHex(otk.signature),
+        });
+    }
+    getPreKeys(): Promise<null | PreKeysCrypto> {
+        if (this.preKeys.length === 0) return Promise.resolve(null);
+        const pk = this.preKeys[0];
+        if (!pk.privateKey) return Promise.resolve(null);
+        return Promise.resolve({
+            index: pk.index,
+            keyPair: xBoxKeyPairFromSecret(XUtils.decodeHex(pk.privateKey)),
+            signature: XUtils.decodeHex(pk.signature),
+        });
+    }
+    getSessionByDeviceID(deviceID: string): Promise<null | SessionCrypto> {
+        const s = this.sessions.find((s) => s.deviceID === deviceID);
+        if (!s) return Promise.resolve(null);
+        return Promise.resolve(this.sqlToCrypto(s));
+    }
+    getSessionByPublicKey(
+        publicKey: Uint8Array,
+    ): Promise<null | SessionCrypto> {
+        const hex = XUtils.encodeHex(publicKey);
+        const s = this.sessions.find((s) => s.publicKey === hex);
+        if (!s) return Promise.resolve(null);
+        return Promise.resolve(this.sqlToCrypto(s));
+    }
+    init(): Promise<void> {
+        this.ready = true;
+        this.emit("ready");
+        return Promise.resolve();
+    }
+    markSessionUsed(sessionID: string): Promise<void> {
+        const s = this.sessions.find((s) => s.sessionID === sessionID);
+        if (s) s.lastUsed = new Date().toISOString();
+        return Promise.resolve();
+    }
+    markSessionVerified(sessionID: string): Promise<void> {
+        const s = this.sessions.find((s) => s.sessionID === sessionID);
+        if (s) s.verified = true;
+        return Promise.resolve();
+    }
+    purgeHistory(): Promise<void> {
+        this.messages = [];
+        return Promise.resolve();
+    }
+    purgeKeyData(): Promise<void> {
+        this.sessions = [];
+        this.preKeys = [];
+        this.oneTimeKeys = [];
+        this.messages = [];
+        return Promise.resolve();
+    }
+    saveDevice(device: Device): Promise<void> {
+        if (!this.devices.find((d) => d.deviceID === device.deviceID)) {
+            this.devices.push(device);
+        }
+        return Promise.resolve();
+    }
+    saveMessage(message: Message): Promise<void> {
+        const copy = { ...message };
+        copy.message = XUtils.encodeHex(
+            xSecretbox(
+                XUtils.decodeUTF8(message.message),
+                XUtils.decodeHex(message.nonce),
+                this.idKeys.secretKey,
+            ),
+        );
+        this.messages.push(copy);
+        return Promise.resolve();
+    }
+    savePreKeys(
+        preKeys: UnsavedPreKey[],
+        oneTime: boolean,
+    ): Promise<PreKeysSQL[]> {
+        const added: PreKeysSQL[] = [];
+        for (const pk of preKeys) {
+            const idx = oneTime ? this.nextOtkIndex++ : this.nextPreKeyIndex++;
+            const row = {
+                index: idx,
+                privateKey: XUtils.encodeHex(pk.keyPair.secretKey),
+                publicKey: XUtils.encodeHex(pk.keyPair.publicKey),
+                signature: XUtils.encodeHex(pk.signature),
+            };
+            if (oneTime) this.oneTimeKeys.push(row);
+            else this.preKeys.push(row);
+            // Return without privateKey (matches real Storage behavior)
+            added.push({
+                index: idx,
+                publicKey: row.publicKey,
+                signature: row.signature,
+            } as PreKeysSQL);
+        }
+        return Promise.resolve(added);
+    }
+    saveSession(session: SessionSQL): Promise<void> {
+        if (!this.sessions.find((s) => s.SK === session.SK)) {
+            this.sessions.push(session);
+        }
+        return Promise.resolve();
+    }
+    private decryptMessage(msg: Message): Message {
+        const copy = { ...msg };
+        if (copy.decrypted) {
+            const dec = xSecretboxOpen(
+                XUtils.decodeHex(copy.message),
+                XUtils.decodeHex(copy.nonce),
+                this.idKeys.secretKey,
+            );
+            if (dec) copy.message = XUtils.encodeUTF8(dec);
+        }
+        return copy;
+    }
+    private sqlToCrypto(s: SessionSQL): SessionCrypto {
+        return {
+            fingerprint: XUtils.decodeHex(s.fingerprint),
+            lastUsed: s.lastUsed,
+            mode: s.mode,
+            publicKey: XUtils.decodeHex(s.publicKey),
+            sessionID: s.sessionID,
+            SK: XUtils.decodeHex(s.SK),
+            userID: s.userID,
+        };
+    }
+}

package/src/__tests__/harness/platform-transports.ts ADDED Viewed

@@ -0,0 +1,4 @@
+/**
+ * Shared test transport utilities — kept as a module boundary for
+ * platform-specific test setup.
+ */

package/src/__tests__/harness/poison-node-imports.ts ADDED Viewed

@@ -0,0 +1,107 @@
+import type { Plugin } from "vite";
+/**
+ * Vite plugin that catches Node builtin imports AND Node-only globals
+ * in library source (src/) during transformation.
+ *
+ * Vitest runs in Node where builtins resolve natively and globals like
+ * Buffer/process exist — so tests pass even when the code would crash
+ * in a browser or Tauri webview. This plugin catches those at transform
+ * time, which vitest does invoke.
+ *
+ * Uses Node's own builtinModules list — no manual maintenance needed.
+ */
+import { builtinModules } from "node:module";
+const nodeBuiltins = new Set([
+    ...builtinModules,
+    ...builtinModules.map((m) => `node:${m}`),
+]);
+// Node-only globals that don't exist in browsers/Tauri/RN.
+// \bBuffer\b won't match ArrayBuffer or SharedArrayBuffer (no word boundary).
+const NODE_GLOBALS = ["Buffer", "process", "__dirname", "__filename"];
+// Matches: import ... from "events"  or  import ... from 'node:os'
+// Also: export ... from "events"
+const IMPORT_RE = /(?:import|export)\s+.*?\s+from\s+['"]([^'"]+)['"]/g;
+// Matches: await import("events")
+const DYNAMIC_IMPORT_RE = /import\(\s*['"]([^'"]+)['"]\s*\)/g;
+type Violation = { kind: "global" | "import"; line: number; name: string };
+export function poisonNodeImports(): Plugin {
+    return {
+        enforce: "pre",
+        name: "poison-node-imports",
+        transform(code: string, id: string) {
+            // Only check library source — not tests or dependencies
+            if (!id.includes("/src/")) return null;
+            if (id.includes("__tests__")) return null;
+            if (id.includes("node_modules")) return null;
+            if (isNodeOnlyFile(id)) return null;
+            const violations = findViolations(code);
+            if (violations.length === 0) return null;
+            const file = id.replace(/^.*\/src\//, "src/");
+            const msgs = violations
+                .map((v) => `  line ${String(v.line)}: ${v.name} (${v.kind})`)
+                .join("\n");
+            throw new Error(
+                `[platform-guard] Node-only code in ${file}:\n${msgs}\n` +
+                    `These would crash in browser/RN/Tauri. Use browser-safe alternatives or dynamic imports.`,
+            );
+        },
+    };
+}
+function findViolations(code: string): Violation[] {
+    const results: Violation[] = [];
+    const lines = code.split("\n");
+    const strippedLines = stripComments(code).split("\n");
+    // Check imports against the original code (comments don't affect import syntax)
+    for (let i = 0; i < lines.length; i++) {
+        const lineText = lines[i];
+        for (const re of [IMPORT_RE, DYNAMIC_IMPORT_RE]) {
+            re.lastIndex = 0;
+            let match;
+            while ((match = re.exec(lineText ?? "")) !== null) {
+                const mod = match[1]?.replace(/\.js$/, "").replace(/\.ts$/, "");
+                if (mod !== undefined && nodeBuiltins.has(mod)) {
+                    results.push({
+                        kind: "import",
+                        line: i + 1,
+                        name: match[1] ?? "",
+                    });
+                }
+            }
+        }
+    }
+    // Check globals against comment-stripped code
+    for (let i = 0; i < strippedLines.length; i++) {
+        const lineText = strippedLines[i] ?? "";
+        for (const g of NODE_GLOBALS) {
+            const re = new RegExp(`\\b${g}\\b`);
+            if (re.test(lineText)) {
+                results.push({ kind: "global", line: i + 1, name: g });
+            }
+        }
+    }
+    return results;
+}
+function isNodeOnlyFile(id: string): boolean {
+    // These files are only loaded via dynamic import on the Node path.
+    if (id.includes("/storage/node")) return true;
+    return false;
+}
+/** Strip comments to avoid false positives on globals in JSDoc / inline comments. */
+function stripComments(code: string): string {
+    // Remove single-line comments, but not URLs (://), and multi-line comments
+    return code.replace(/\/\/(?!:).*/g, "").replace(/\/\*[\s\S]*?\*\//g, "");
+}