datomic-client-js 0.1.11 → 0.1.13

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/.github/workflows/publish.yml +60 -0
  2. package/.github/workflows/test.yml +34 -0
  3. package/package.json +7 -7
  4. package/src/pro.js +27 -4
  5. package/src/shared.js +1106 -843
package/.github/workflows/publish.yml ADDED
@@ -0,0 +1,60 @@
1
+ name: Publish to NPM
2
+
3
+ on:
4
+ push:
5
+ branches: [master]
6
+ workflow_dispatch:
7
+ inputs:
8
+ version_type:
9
+ description: "Version increment type"
10
+ required: true
11
+ default: "patch"
12
+ type: choice
13
+ options:
14
+ - patch
15
+ - minor
16
+ - major
17
+
18
+ permissions:
19
+ contents: write
20
+ id-token: write
21
+
22
+ jobs:
23
+ publish:
24
+ runs-on: ubuntu-latest
25
+
26
+ steps:
27
+ - uses: actions/checkout@v4
28
+
29
+ - name: Use Node.js 20.x
30
+ uses: actions/setup-node@v4
31
+ with:
32
+ node-version: "20.x"
33
+ registry-url: "https://registry.npmjs.org"
34
+
35
+ - name: Configure git
36
+ run: |
37
+ git config user.name "github-actions[bot]"
38
+ git config user.email "github-actions[bot]@users.noreply.github.com"
39
+
40
+ - name: Update NPM
41
+ run: npm i -g npm@latest
42
+
43
+ - name: Install dependencies
44
+ run: npm ci
45
+
46
+ - name: Run tests
47
+ env:
48
+ SKIP_CLOUD_TESTS: "1"
49
+ run: npm test
50
+
51
+ - name: Bump version
52
+ run: npm version ${{ inputs.version_type || 'patch' }} -m "Release %s"
53
+
54
+ - name: Publish to NPM with provenance
55
+ run: npm publish --access public --provenance
56
+ env:
57
+ NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
58
+
59
+ - name: Push version commit and tag
60
+ run: git push --follow-tags
package/.github/workflows/test.yml ADDED
@@ -0,0 +1,34 @@
1
+ name: Tests
2
+
3
+ on:
4
+ pull_request:
5
+ branches: [master]
6
+
7
+ jobs:
8
+ test:
9
+ runs-on: ubuntu-latest
10
+
11
+ strategy:
12
+ matrix:
13
+ # Node 18 EOL is April 2025; supporting Node 20+ only
14
+ node-version: ['20.x', '22.x']
15
+
16
+ steps:
17
+ - uses: actions/checkout@v4
18
+
19
+ - name: Use Node.js ${{ matrix.node-version }}
20
+ uses: actions/setup-node@v4
21
+ with:
22
+ node-version: ${{ matrix.node-version }}
23
+ cache: 'npm'
24
+
25
+ - name: Show Node.js version
26
+ run: node --version
27
+
28
+ - name: Install dependencies
29
+ run: npm ci
30
+
31
+ - name: Run tests
32
+ env:
33
+ SKIP_CLOUD_TESTS: '1'
34
+ run: npm test -- --reporter spec
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "datomic-client-js",
3
- "version": "0.1.11",
3
+ "version": "0.1.13",
4
4
  "description": "Client for Datomic Cloud and Peer Server",
5
5
  "scripts": {
6
6
  "test": "mocha",
@@ -12,15 +12,15 @@
12
12
  "author": "Casey Marshall",
13
13
  "license": "Apache-2.0",
14
14
  "dependencies": {
15
- "aws-sdk": "2.1693.0",
15
+ "aws-sdk": "^1.18.0",
16
16
  "jsedn": "~0.4.1",
17
- "npm": "^6.13.6",
18
- "socks-proxy-agent": "4.0.2",
19
- "transit-js": "0.8.861",
20
- "uuid": "latest"
17
+ "mocha": "^11.3.0",
18
+ "npm": "^11.7.0",
19
+ "socks-proxy-agent": "8.0.5",
20
+ "transit-js": "0.8.861"
21
21
  },
22
22
  "devDependencies": {
23
- "jsdoc": "~3.6.3",
23
+ "jsdoc": "^4.0.5",
24
24
  "promise": "~8.0.3"
25
25
  },
26
26
  "main": "index.js",
package/src/pro.js CHANGED
@@ -1,5 +1,13 @@
1
1
  'use strict';
2
2
 
3
+ /**
4
+ * TLS validation modes for peer-server connections:
5
+ * - 'strict': Full certificate validation including expiration and CA chain
6
+ * - 'allow-expired': Validate CA chain but allow expired certificates (default)
7
+ * - 'none': Disable all certificate validation (not recommended)
8
+ */
9
+ const TLS_VALIDATION_MODES = ['strict', 'allow-expired', 'none'];
10
+
3
11
  function routingMap(endpoint) {
4
12
  let parts = endpoint.split(':', 2);
5
13
  let host = parts[0];
@@ -16,10 +24,11 @@ function routingMap(endpoint) {
16
24
  };
17
25
  }
18
26
 
19
- function Spi(signingMap, routingMap) {
27
+ function Spi(signingMap, routingMap, tlsConfig) {
20
28
  this.signingMap = signingMap;
21
29
  this.routingMap = routingMap;
22
30
  this.serverType = 'peer-server';
31
+ this.tlsConfig = tlsConfig;
23
32
  }
24
33
 
25
34
  Spi.prototype.addRouting = function(request) {
@@ -42,7 +51,12 @@ Spi.prototype.getAgent = function() {
42
51
  };
43
52
 
44
53
  Spi.prototype.usePrivateTrustAnchor = function () {
45
- return true;
54
+ // Use private trust anchor unless user provided their own CA with strict validation
55
+ return this.tlsConfig.validation !== 'strict' || !this.tlsConfig.ca;
56
+ }
57
+
58
+ Spi.prototype.getTlsConfig = function () {
59
+ return this.tlsConfig;
46
60
  }
47
61
 
48
62
  function createSpi(args) {
@@ -54,10 +68,19 @@ function createSpi(args) {
54
68
  service: "peer-server",
55
69
  region: "none"
56
70
  };
57
- return new Spi(signParams, routing);
71
+ let tlsValidation = args.tlsValidation || 'allow-expired';
72
+ if (TLS_VALIDATION_MODES.indexOf(tlsValidation) === -1) {
73
+ throw Error(`invalid tlsValidation mode: ${tlsValidation}. Must be one of: ${TLS_VALIDATION_MODES.join(', ')}`);
74
+ }
75
+ let tlsConfig = {
76
+ validation: tlsValidation,
77
+ ca: args.tlsCa || null
78
+ };
79
+ return new Spi(signParams, routing, tlsConfig);
58
80
  } else {
59
81
  throw Error('invalid connection config');
60
82
  }
61
83
  }
62
84
 
63
- exports.createSpi = createSpi;
85
+ exports.createSpi = createSpi;
86
+ exports.TLS_VALIDATION_MODES = TLS_VALIDATION_MODES;