npm - cyberia - Versions diffs - 3.0.2 → 3.1.3 - Mend

cyberia 3.0.2 → 3.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (182) hide show

package/{.env.production → .env.example} +20 -2
package/.github/workflows/engine-cyberia.cd.yml +41 -10
package/.github/workflows/engine-cyberia.ci.yml +53 -14
package/.github/workflows/ghpkg.ci.yml +1 -1
package/.github/workflows/gitlab.ci.yml +1 -1
package/.github/workflows/hardhat.ci.yml +82 -0
package/.github/workflows/npmpkg.ci.yml +37 -8
package/.github/workflows/publish.ci.yml +5 -5
package/.github/workflows/publish.cyberia.ci.yml +5 -5
package/.github/workflows/pwa-microservices-template-page.cd.yml +3 -3
package/.github/workflows/pwa-microservices-template-test.ci.yml +1 -1
package/.github/workflows/release.cd.yml +3 -2
package/.vscode/extensions.json +9 -8
package/.vscode/settings.json +3 -2
package/CHANGELOG.md +533 -290
package/CLI-HELP.md +79 -53
package/WHITE-PAPER.md +1540 -0
package/bin/build.js +16 -11
package/bin/cyberia.js +959 -8
package/bin/deploy.js +103 -270
package/bin/file.js +2 -1
package/bin/index.js +959 -8
package/bin/vs.js +3 -3
package/conf.js +277 -77
package/deployment.yaml +218 -4
package/hardhat/.env.example +31 -0
package/hardhat/README.md +531 -0
package/hardhat/WHITE-PAPER.md +1540 -0
package/hardhat/contracts/ObjectLayerToken.sol +391 -0
package/hardhat/deployments/.gitkeep +0 -0
package/hardhat/deployments/hardhat-ObjectLayerToken.json +11 -0
package/hardhat/hardhat.config.js +136 -0
package/hardhat/ignition/modules/ObjectLayerToken.js +21 -0
package/hardhat/networks/besu-object-layer.network.json +138 -0
package/hardhat/package-lock.json +7628 -0
package/hardhat/package.json +45 -0
package/hardhat/scripts/deployObjectLayerToken.js +98 -0
package/hardhat/test/ObjectLayerToken.js +590 -0
package/jsdoc.dd-cyberia.json +59 -0
package/jsdoc.json +20 -13
package/manifests/cronjobs/dd-cron/dd-cron-backup.yaml +1 -1
package/manifests/cronjobs/dd-cron/dd-cron-dns.yaml +1 -1
package/manifests/deployment/dd-cyberia-development/deployment.yaml +490 -0
package/manifests/deployment/dd-cyberia-development/proxy.yaml +261 -0
package/manifests/deployment/dd-cyberia-development/pv-pvc.yaml +132 -0
package/manifests/deployment/dd-default-development/deployment.yaml +2 -2
package/manifests/deployment/dd-test-development/deployment.yaml +52 -52
package/manifests/deployment/dd-test-development/proxy.yaml +4 -4
package/manifests/pv-pvc-dd.yaml +1 -1
package/package.json +60 -50
package/proxy.yaml +128 -9
package/pv-pvc.yaml +132 -0
package/scripts/k3s-node-setup.sh +1 -1
package/scripts/ports-ls.sh +2 -0
package/src/api/atlas-sprite-sheet/atlas-sprite-sheet.controller.js +3 -1
package/src/api/atlas-sprite-sheet/atlas-sprite-sheet.model.js +1 -2
package/src/api/atlas-sprite-sheet/atlas-sprite-sheet.service.js +40 -7
package/src/api/document/document.service.js +1 -1
package/src/api/file/file.controller.js +3 -1
package/src/api/file/file.service.js +28 -5
package/src/api/ipfs/ipfs.service.js +2 -2
package/src/api/object-layer/object-layer.controller.js +6 -2
package/src/api/object-layer/object-layer.model.js +67 -21
package/src/api/object-layer/object-layer.router.js +668 -42
package/src/api/object-layer/object-layer.service.js +10 -16
package/src/api/object-layer-render-frames/object-layer-render-frames.model.js +1 -2
package/src/api/user/user.router.js +10 -5
package/src/api/user/user.service.js +7 -7
package/src/cli/baremetal.js +6 -10
package/src/cli/cloud-init.js +0 -3
package/src/cli/db.js +54 -71
package/src/cli/deploy.js +64 -12
package/src/cli/env.js +5 -5
package/src/cli/fs.js +0 -2
package/src/cli/image.js +0 -3
package/src/cli/index.js +41 -13
package/src/cli/monitor.js +5 -6
package/src/cli/repository.js +329 -46
package/src/cli/run.js +210 -122
package/src/cli/secrets.js +1 -3
package/src/cli/ssh.js +1 -1
package/src/client/Itemledger.index.js +1 -959
package/src/client/Underpost.index.js +36 -0
package/src/client/components/core/AgGrid.js +20 -5
package/src/client/components/core/Alert.js +2 -2
package/src/client/components/core/Content.js +22 -3
package/src/client/components/core/Docs.js +30 -6
package/src/client/components/core/FileExplorer.js +71 -4
package/src/client/components/core/Input.js +1 -1
package/src/client/components/core/Modal.js +22 -6
package/src/client/components/core/PublicProfile.js +3 -3
package/src/client/components/core/RichText.js +1 -2
package/src/client/components/core/Router.js +34 -1
package/src/client/components/core/Worker.js +1 -1
package/src/client/components/cryptokoyn/CssCryptokoyn.js +63 -1
package/src/client/components/cyberia/ObjectLayerEngineModal.js +145 -119
package/src/client/components/cyberia/ObjectLayerEngineViewer.js +64 -6
package/src/client/components/cyberia-portal/CommonCyberiaPortal.js +1 -0
package/src/client/components/cyberia-portal/CssCyberiaPortal.js +44 -2
package/src/client/components/cyberia-portal/LogInCyberiaPortal.js +0 -1
package/src/client/components/cyberia-portal/MenuCyberiaPortal.js +64 -2
package/src/client/components/cyberia-portal/RoutesCyberiaPortal.js +1 -0
package/src/client/components/itemledger/CssItemledger.js +62 -0
package/src/client/components/underpost/CommonUnderpost.js +29 -0
package/src/client/components/underpost/CssUnderpost.js +281 -0
package/src/client/components/underpost/CyberpunkBloggerUnderpost.js +879 -0
package/src/client/components/underpost/DocumentSearchProvider.js +448 -0
package/src/client/components/underpost/ElementsUnderpost.js +38 -0
package/src/client/components/underpost/LabGalleryUnderpost.js +82 -0
package/src/client/components/underpost/LogInUnderpost.js +23 -0
package/src/client/components/underpost/LogOutUnderpost.js +15 -0
package/src/client/components/underpost/MenuUnderpost.js +691 -0
package/src/client/components/underpost/RoutesUnderpost.js +47 -0
package/src/client/components/underpost/SettingsUnderpost.js +16 -0
package/src/client/components/underpost/SignUpUnderpost.js +9 -0
package/src/client/components/underpost/SocketIoUnderpost.js +54 -0
package/src/client/components/underpost/TranslateUnderpost.js +10 -0
package/src/client/public/cryptokoyn/assets/logo/base-icon.png +0 -0
package/src/client/public/cryptokoyn/browserconfig.xml +12 -0
package/src/client/public/cryptokoyn/microdata.json +85 -0
package/src/client/public/cryptokoyn/site.webmanifest +57 -0
package/src/client/public/cryptokoyn/sitemap +3 -3
package/src/client/public/default/sitemap +3 -3
package/src/client/public/itemledger/browserconfig.xml +2 -2
package/src/client/public/itemledger/manifest.webmanifest +4 -4
package/src/client/public/itemledger/microdata.json +71 -0
package/src/client/public/itemledger/sitemap +3 -3
package/src/client/public/itemledger/yandex-browser-manifest.json +2 -2
package/src/client/public/test/sitemap +3 -3
package/src/client/services/object-layer/object-layer.management.js +23 -4
package/src/client/ssr/body/404.js +15 -11
package/src/client/ssr/body/500.js +15 -11
package/src/client/ssr/body/SwaggerDarkMode.js +285 -0
package/src/client/ssr/body/UnderpostDefaultSplashScreen.js +83 -0
package/src/client/ssr/head/PwaItemledger.js +60 -0
package/src/client/ssr/head/UnderpostScripts.js +6 -0
package/src/client/ssr/offline/NoNetworkConnection.js +11 -10
package/src/client/ssr/pages/Test.js +11 -10
package/src/client.build.js +0 -3
package/src/client.dev.js +0 -3
package/src/db/DataBaseProvider.js +17 -2
package/src/db/mariadb/MariaDB.js +14 -9
package/src/db/mongo/MongooseDB.js +17 -1
package/src/index.js +1 -1
package/src/proxy.js +0 -3
package/src/runtime/express/Express.js +15 -9
package/src/runtime/lampp/Lampp.js +6 -13
package/src/server/auth.js +12 -14
package/src/server/backup.js +2 -3
package/src/server/besu-genesis-generator.js +1630 -0
package/src/server/client-build-docs.js +126 -17
package/src/server/client-build-live.js +9 -18
package/src/server/client-build.js +203 -75
package/src/server/client-dev-server.js +14 -13
package/src/server/conf.js +376 -164
package/src/server/cron.js +2 -1
package/src/server/dns.js +28 -12
package/src/server/downloader.js +0 -2
package/src/server/logger.js +27 -9
package/src/server/object-layer.js +92 -16
package/src/server/peer.js +0 -2
package/src/server/process.js +1 -50
package/src/server/proxy.js +4 -8
package/src/server/runtime.js +5 -8
package/src/server/semantic-layer-generator.js +1 -0
package/src/server/ssr.js +0 -3
package/src/server/start.js +19 -12
package/src/server/tls.js +0 -2
package/src/server.js +0 -4
package/.env.development +0 -43
package/.env.test +0 -43
package/hardhat/contracts/CryptoKoyn.sol +0 -59
package/hardhat/contracts/ItemLedger.sol +0 -73
package/hardhat/contracts/Lock.sol +0 -34
package/hardhat/hardhat.config.cjs +0 -45
package/hardhat/ignition/modules/Lock.js +0 -18
package/hardhat/networks/cryptokoyn-itemledger.network.json +0 -29
package/hardhat/scripts/deployCryptokoyn.cjs +0 -25
package/hardhat/scripts/deployItemledger.cjs +0 -25
package/hardhat/test/Lock.js +0 -126
package/hardhat/white-paper.md +0 -581
package/white-paper.md +0 -581

package/src/proxy.js CHANGED Viewed

@@ -3,14 +3,11 @@
 // https://nodejs.org/api
 // https://expressjs.com/en/4x/api.html
-import dotenv from 'dotenv';
 import { loggerFactory } from './server/logger.js';
 import { buildProxy } from './server/proxy.js';
 import { ProcessController } from './server/process.js';
 import { Config } from './server/conf.js';
-dotenv.config();
 await Config.build(process.argv[2], process.argv[3], process.argv[4]);
 const logger = loggerFactory(import.meta);

package/src/runtime/express/Express.js CHANGED Viewed

@@ -165,14 +165,7 @@ class ExpressService {
         });
       }
-      // Swagger UI setup
-      if (fs.existsSync(swaggerJsonPath)) {
-        const swaggerDoc = JSON.parse(fs.readFileSync(swaggerJsonPath, 'utf8'));
-        const swaggerUiOptions = await buildSwaggerUiOptions();
-        app.use(swaggerPath, swaggerUi.serve, swaggerUi.setup(swaggerDoc, swaggerUiOptions));
-      }
-      // Security and CORS
+      // Security and CORS — must run before swagger-ui so CSP headers are included in swagger responses
       if (process.env.NODE_ENV === 'development' && useLocalSsl)
         origins = origins.map((origin) => origin.replace('http', 'https'));
@@ -180,6 +173,13 @@ class ExpressService {
         origin: origins,
       });
+      // Swagger UI setup (after security middleware so responses carry correct CSP headers)
+      if (fs.existsSync(swaggerJsonPath)) {
+        const swaggerDoc = JSON.parse(fs.readFileSync(swaggerJsonPath, 'utf8'));
+        const swaggerUiOptions = await buildSwaggerUiOptions();
+        app.use(swaggerPath, swaggerUi.serve, swaggerUi.setup(swaggerDoc, swaggerUiOptions));
+      }
       // Database and Valkey connections
       if (db && apis) await DataBaseProvider.load({ apis, host, path, db });
@@ -249,7 +249,13 @@ class ExpressService {
     for (const [_, ssrMiddleware] of Object.entries(ssr)) app.use(ssrMiddleware);
     // Start listening on the main port
-    if (useLocalSsl && process.env.NODE_ENV === 'development') {
+    // When behind a dev proxy (isDevProxyContext), the proxy handles TLS termination,
+    // so backend servers should listen on plain HTTP to be reachable via http://localhost:PORT
+    if (
+      (useLocalSsl || process.argv.find((arg) => arg === 'tls')) &&
+      process.env.NODE_ENV === 'development' &&
+      !isDevProxyContext()
+    ) {
       if (!Underpost.tls.validateSecureContext()) shellExec(`node bin/deploy tls`);
       const { ServerSSL } = await Underpost.tls.createSslServer(app);
       await Underpost.start.listenPortController(ServerSSL, port, runningData);

package/src/runtime/lampp/Lampp.js CHANGED Viewed

@@ -21,11 +21,11 @@ const logger = loggerFactory(import.meta);
 class LamppService {
   /**
    * @method
-   * @type {string | undefined}
+   * @type {string}
    * @description Stores the accumulated Apache virtual host configuration (router definition).
    * @memberof LamppService
    */
-  router;
+  router = '';
   /**
    * @public
@@ -42,7 +42,7 @@ class LamppService {
    * @memberof LamppService
    */
   constructor() {
-    this.router = undefined;
+    this.router = '';
     this.ports = [];
   }
@@ -125,7 +125,6 @@ class LamppService {
     // 6. Start the service
     cmd = `sudo /opt/lampp/lampp start`;
-    if (this.router) fs.writeFileSync(`./tmp/lampp-router.conf`, this.router, 'utf-8');
     shellExec(cmd);
   }
@@ -139,13 +138,7 @@ class LamppService {
    * @memberof LamppService
    */
   appendRouter(render) {
-    if (!this.router) {
-      if (fs.existsSync(`./tmp/lampp-router.conf`)) {
-        this.router = fs.readFileSync(`./tmp/lampp-router.conf`, 'utf-8');
-        return this.router + render;
-      }
-      return (this.router = render);
-    }
+    if (!this.router) return (this.router = render);
     return (this.router += render);
   }
@@ -154,10 +147,10 @@ class LamppService {
    *
    * @memberof LamppService
    * @returns {void}
+   * @method removeRouter
    */
   removeRouter() {
-    this.router = undefined;
-    if (fs.existsSync(`./tmp/lampp-router.conf`)) fs.rmSync(`./tmp/lampp-router.conf`);
+    this.router = '';
   }
   /**

package/src/server/auth.js CHANGED Viewed

@@ -4,7 +4,6 @@
  * @namespace Auth
  */
-import dotenv from 'dotenv';
 import jwt from 'jsonwebtoken';
 import { loggerFactory } from './logger.js';
 import crypto from 'crypto';
@@ -19,7 +18,6 @@ import cookieParser from 'cookie-parser';
 import { DataBaseProvider } from '../db/DataBaseProvider.js';
 import { isDevProxyContext } from './conf.js';
-dotenv.config();
 const logger = loggerFactory(import.meta);
 // Promisified crypto functions
@@ -349,12 +347,7 @@ const cookieOptionsFactory = (req, host) => {
     secure,
     sameSite,
     path: '/',
-    domain:
-      process.env.NODE_ENV === 'production' ||
-      isDevProxyContext() ||
-      (req.headers.host && req.headers.host.toLocaleLowerCase().match(host))
-        ? host
-        : 'localhost',
+    domain: process.env.NODE_ENV === 'production' || isDevProxyContext() ? host : 'localhost',
     maxAge,
   };
@@ -389,7 +382,11 @@ async function createSessionAndUserToken(user, User, req, res, options = { host:
   };
   // push session
-  const updatedUser = await User.findByIdAndUpdate(user._id, { $push: { activeSessions: newSession } }, { new: true });
+  const updatedUser = await User.findByIdAndUpdate(
+    user._id,
+    { $push: { activeSessions: newSession } },
+    { returnDocument: 'after' },
+  );
   const session = updatedUser.activeSessions[updatedUser.activeSessions.length - 1];
   const jwtid = session._id.toString();
@@ -616,13 +613,13 @@ function applySecurity(app, opts = {}) {
         frameAncestors: frameAncestors,
         imgSrc: ["'self'", 'data:', httpDirective, 'https:', 'blob:'],
         objectSrc: ["'none'"],
-        // script-src and script-src-elem include dynamic nonce
-        scriptSrc: [
+        // script-src and script-src-elem: use 'unsafe-inline' for swagger (no nonce, otherwise
+        // the nonce causes 'unsafe-inline' to be ignored per CSP3 spec), nonce for everything else.
+        scriptSrc: ["'self'", (req, res) => (res.locals.isSwagger ? "'unsafe-inline'" : `'nonce-${res.locals.nonce}'`)],
+        scriptSrcElem: [
           "'self'",
-          (req, res) => `'nonce-${res.locals.nonce}'`,
-          (req, res) => (res.locals.isSwagger ? "'unsafe-inline'" : ''),
+          (req, res) => (res.locals.isSwagger ? "'unsafe-inline'" : `'nonce-${res.locals.nonce}'`),
         ],
-        scriptSrcElem: ["'self'", (req, res) => `'nonce-${res.locals.nonce}'`],
         // style-src: avoid 'unsafe-inline' when possible; if you must inline styles,
         // use a nonce for them too (or hash).
         styleSrc: [
@@ -630,6 +627,7 @@ function applySecurity(app, opts = {}) {
           httpDirective,
           (req, res) => (res.locals.isSwagger ? "'unsafe-inline'" : `'nonce-${res.locals.nonce}'`),
         ],
+        styleSrcAttr: [(req, res) => (res.locals.isSwagger ? "'unsafe-inline'" : "'none'")],
         // deny plugins
         objectSrc: ["'none'"],
       },

package/src/server/backup.js CHANGED Viewed

@@ -7,10 +7,8 @@
 import fs from 'fs-extra';
 import { loggerFactory } from './logger.js';
 import { shellExec } from './process.js';
-import dotenv from 'dotenv';
 import Underpost from '../index.js';
-dotenv.config();
+import { loadCronDeployEnv } from './conf.js';
 const logger = loggerFactory(import.meta);
@@ -33,6 +31,7 @@ class BackUp {
    * @memberof UnderpostBakcUp
    */
   static callback = async function (deployList, options = { git: false }) {
+    loadCronDeployEnv();
     if ((!deployList || deployList === 'dd') && fs.existsSync(`./engine-private/deploy/dd.router`))
       deployList = fs.readFileSync(`./engine-private/deploy/dd.router`, 'utf8').trim();