javascript-solid-server 0.0.79 → 0.0.81

package/.claude/settings.local.json

@@ -0,0 +1,283 @@
+{
+  "permissions": {
+    "allow": [
+      "WebSearch",
+      "WebFetch(domain:github.com)",
+      "WebFetch(domain:raw.githubusercontent.com)",
+      "Bash(cat:*)",
+      "WebFetch(domain:www.inrupt.com)",
+      "Bash(npm install:*)",
+      "Bash(timeout 3 node:*)",
+      "Bash(PORT=3030 timeout 3 node:*)",
+      "Bash(git commit:*)",
+      "Bash(pkill:*)",
+      "Bash(curl:*)",
+      "Bash(npm test:*)",
+      "Bash(git add:*)",
+      "WebFetch(domain:solid.github.io)",
+      "Bash(node:*)",
+      "WebFetch(domain:solidservers.org)",
+      "WebFetch(domain:solid-contrib.github.io)",
+      "Bash(git clone:*)",
+      "Bash(chmod:*)",
+      "Bash(JSS_PORT=4000 JSS_CONNEG=true node bin/jss.js:*)",
+      "Bash(find:*)",
+      "Bash(timeout 5 node:*)",
+      "Bash(npm view:*)",
+      "Bash(npm ls:*)",
+      "Bash(timeout 10 node:*)",
+      "Bash(npm run test:cth:*)",
+      "Bash(__NEW_LINE__ curl -s -X POST http://localhost:4000/.pods )",
+      "Bash(lsof:*)",
+      "Bash(xargs kill -9)",
+      "Bash(docker:*)",
+      "Bash(solidproject/conformance-test-harness )",
+      "Bash(timeout 30 node:*)",
+      "Bash(timeout 20 node:*)",
+      "Bash(timeout 25 node:*)",
+      "Bash(JSS_PORT=4000 JSS_CONNEG=true timeout 5 node:*)",
+      "Bash(pgrep:*)",
+      "Bash(python3:*)",
+      "Bash(ls:*)",
+      "Bash(timeout 15 node:*)",
+      "Bash(echo 'No .idp folder' echo find /home/melvin/remote/github.com/JavaScriptSolidServer/JavaScriptSolidServer/data/.idp/ -name *.json)",
+      "Bash(echo '=== Interactions ===' ls -la /home/melvin/remote/github.com/JavaScriptSolidServer/JavaScriptSolidServer/data/.idp/interaction/ echo echo '=== Latest interaction ===' cat /home/melvin/remote/github.com/JavaScriptSolidServer/JavaScriptSolidServer/data/.idp/interaction/*.json)",
+      "Bash(1 echo \"\" echo \"=== Server errors ===\" grep -E \"(error|Error)\" /tmp/jss.log)",
+      "Bash(echo 'Server not ready' curl -s -X POST http://localhost:4000/.pods -H 'Content-Type: application/json' -d {\"\"name\"\":\"\"alice\"\",\"\"email\"\":\"\"alice@example.com\"\",\"\"password\"\":\"\"alicepassword123\"\"})",
+      "Bash(head -1 curl -s -X POST http://localhost:4000/.pods -H \"Content-Type: application/json\" -d '{\"\"\"\"name\"\"\"\":\"\"\"\"bob\"\"\"\",\"\"\"\"email\"\"\"\":\"\"\"\"bob@example.com\"\"\"\",\"\"\"\"password\"\"\"\":\"\"\"\"bobpassword123\"\"\"\"}')",
+      "Bash(xargs:*)",
+      "Bash(fuser:*)",
+      "Bash(kill:*)",
+      "Bash(ACCESS_TOKEN=\"eyJhbGciOiJFUzI1NiIsImtpZCI6IjQwY2U0YzIzLWY2OWQtNDU4NS05ODg2LTE4MDQzZWIyZjU2ZCJ9.eyJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjQwMDAvIiwic3ViIjoiYjhlZjY5YWUtODc0ZS00MDg5LThiMDktOGQwY2QyM2VlZWY3IiwiYXVkIjoic29saWQiLCJ3ZWJpZCI6Imh0dHA6Ly9sb2NhbGhvc3Q0MDAwL2FsaWNlLyNtZSIsImlhdCI6MTc2NjgyOTQ5MiwiZXhwIjoxNzY2ODMzMDkyLCJqdGkiOiIwMWY4ODVlZS05ZjY2LTQ3M2MtYmZkNC05MWM4ZGU3NGJhZjYiLCJjbGllbnRfaWQiOiJjcmVkZW50aWFsc19jbGllbnQiLCJzY29wZSI6Im9wZW5pZCB3ZWJpZCJ9.DYTlSRkORyDN28XtXk-zbR7xNLViD97KkPqUKb6chV860BaIgwa1suif4TxHQDnK_ejvbvmZ46_n5WwwRnf_Zw\" curl -sI -X PUT http://localhost:4000/alice/cth-test/ -H \"Content-Type: text/turtle\" -H \"Authorization: Bearer $ACCESS_TOKEN\")",
+      "Bash(timeout 60 docker run:*)",
+      "Bash(rm:*)",
+      "Bash(mkdir:*)",
+      "WebFetch(domain:communitysolidserver.github.io)",
+      "WebFetch(domain:solidos.github.io)",
+      "WebFetch(domain:solidcommunity.net)",
+      "WebFetch(domain:www.npmjs.com)",
+      "Bash(pm2 list:*)",
+      "Bash(pm2 logs:*)",
+      "Bash(pm2 restart:*)",
+      "Bash(timeout 60 npm test:*)",
+      "Bash(pm2 stop:*)",
+      "Bash(pm2 delete:*)",
+      "Bash(pm2 start:*)",
+      "Bash(DATA_ROOT=/home/melvin/jss/data pm2 start:*)",
+      "Bash(pm2 save:*)",
+      "Bash(gh issue create:*)",
+      "Bash(gh issue view:*)",
+      "Bash(gh issue edit:*)",
+      "WebFetch(domain:nostrcg.github.io)",
+      "WebFetch(domain:melvincarvalho.github.io)",
+      "WebFetch(domain:dev.to)",
+      "WebFetch(domain:solidproject.org)",
+      "WebFetch(domain:www.w3.org)",
+      "Bash(wc:*)",
+      "Bash(TOKEN=\"eyJraW5kIjoyNzIzNSwidGFncyI6W1sidSIsImh0dHA6Ly9sb2NhbGhvc3Q6NDAwMC9kZW1vL25vc3RyLXpvbmUvIl0sWyJtZXRob2QiLCJHRVQiXV0sImNyZWF0ZWRfYXQiOjE3NjY5MzQ1NjksImNvbnRlbnQiOiIiLCJwdWJrZXkiOiI4OTg5OWNmOWEyNGE5ZTdlMTNmODU3MGRkMGI1MmJiOTQyMjllNDI2OGM1MGQ1OWZhNjdhMzQ0MGQ0NmFhZTdkIiwiaWQiOiJiNTUyMDUyOTVmYmQwYzhjZDYwMzk1NTgwOWYxZGM5Y2MwMjdlY2U4N2NjYmNlNzcwNWY2MjdmNmQ0ODk1MGJkIiwic2lnIjoiOWYzN2Y0NzIyZDlkNmFmZGQ5OTNkYTM0MDg2MWQ2YzQ4MmY1NzQ1MmFmZTIwZmY2YmI5OTAxNGIwOTU3NjUwMWZiNTgyZjEzNzNlZmVhNjI4ZDI5ZjlhMzhmZTgyODU0ODlmMzAzYzlmYmJjYWE0OTQxZjUyZGZlMWYxNzVkOWMifQ==\")",
+      "WebFetch(domain:solid-lite.org)",
+      "Bash(git push:*)",
+      "WebFetch(domain:linkedwebstorage.com)",
+      "WebFetch(domain:w3c.github.io)",
+      "WebFetch(domain:socialdocs.org)",
+      "WebFetch(domain:nosdav.com)",
+      "WebFetch(domain:sandy-mount.com)",
+      "WebFetch(domain:ditto.pub)",
+      "WebFetch(domain:blocktrails.org)",
+      "WebFetch(domain:microfed.org)",
+      "WebFetch(domain:soliddocs.org)",
+      "WebFetch(domain:agenticalliance.com)",
+      "WebFetch(domain:activitypub.rocks)",
+      "WebFetch(domain:nostrgit.org)",
+      "Bash(convert:*)",
+      "WebFetch(domain:instantdomainsearch.com)",
+      "Bash(for domain in jss.dev jss.sh jss.io jss.app solidserver.dev solid-server.dev)",
+      "Bash(do echo -n '$domain: ')",
+      "Bash(whois $domain)",
+      "Bash(done)",
+      "Bash(for domain in jss.dev jss.sh jss.io jss.app solidserver.dev)",
+      "Bash(host:*)",
+      "WebFetch(domain:nostr-components.github.io)",
+      "Bash(ssh melvincarvalho.com \"pm2 list && echo ''---HAPROXY---'' && cat /etc/haproxy/haproxy.cfg 2>/dev/null | grep -A5 ''melvin\\|backend\\|frontend\\|acl host''\")",
+      "Bash(ssh:*)",
+      "Bash(time curl -s --connect-timeout 10 https://melvin.solid.live/credit/count.ttl)",
+      "Bash(time curl -s --connect-timeout 10 https://melvin.solid.live/)",
+      "Bash(time curl:*)",
+      "Bash(time curl -s 'https://melvin.solid.live/credit/count.ttl')",
+      "Bash(grep:*)",
+      "Bash(scp:*)",
+      "Bash(for i in 1 2 3)",
+      "Bash(do echo \"Attempt $i:\")",
+      "Bash(for i in 1 2 3 4 5)",
+      "Bash(do curl -so /dev/null -w \"%{http_code} \" https://melvincarvalho.com/js/handlemutation.js)",
+      "Bash(for i in 1 2 3 4 5 6 7 8 9 10)",
+      "Bash(if [ ! -d \"jose\" ])",
+      "Bash(then git clone --depth 1 --branch v0.7.0 https://github.com/solid/jose.git)",
+      "Bash(fi)",
+      "Bash(timeout 45 node:*)",
+      "Bash(gh issue list:*)",
+      "Bash(DATA_ROOT=/tmp/jss-git-test JSS_PORT=4444 timeout 3 node:*)",
+      "Bash(pm2 show:*)",
+      "Bash(git config:*)",
+      "Bash(npm version:*)",
+      "Bash(git init:*)",
+      "Bash(gh repo create:*)",
+      "Bash(./bin/git-credential-nostr generate:*)",
+      "Bash(./bin/git-credential-nostr get:*)",
+      "Bash(git-credential-nostr:*)",
+      "Bash(git branch:*)",
+      "Bash(GIT_TRACE=1 GIT_CURL_VERBOSE=1 git push:*)",
+      "Bash(GIT_CURL_VERBOSE=1 git push:*)",
+      "Bash(git reset:*)",
+      "Bash(echo:*)",
+      "Bash(unset DATA_ROOT)",
+      "Bash(timeout 30 npm test:*)",
+      "Bash(/home/melvin/remote/github.com/JavaScriptSolidServer/git-credential-nostr/bin/git-credential-nostr acl:*)",
+      "Bash(npm cache clean:*)",
+      "Bash(git checkout:*)",
+      "Bash(gh gist edit:*)",
+      "Bash(gh gist view:*)",
+      "Bash(./bin/git-credential-nostr acl:*)",
+      "Bash(DATA_ROOT=/tmp/jss-git-test/data node:*)",
+      "Bash(git remote set-url:*)",
+      "Bash(for:*)",
+      "Bash(^/**\" | head -1 | sed ''''s/.*\\* //'''')\")",
+      "Bash(if [ ! -d \"node-solid-server\" ])",
+      "Bash(then git clone --depth 1 https://github.com/nodeSolidServer/node-solid-server.git)",
+      "Bash(node test-local-nss2.js:*)",
+      "Bash(npm test)",
+      "Bash(repos.json)",
+      "Bash(*.log)",
+      "Bash(node --check:*)",
+      "Bash(gh repo view:*)",
+      "Bash(noskey --help:*)",
+      "Bash(npx noskey --help:*)",
+      "Bash(noskey:*)",
+      "Bash(node -e:*)",
+      "Bash(node src/publish.js:*)",
+      "Bash(git remote add:*)",
+      "Bash(git fetch:*)",
+      "Bash(git rev-parse:*)",
+      "Bash(f502f06c1d7553f4b7159e8d57a1e14819dc3053b59399e080882cc8e6bb62ad )",
+      "Bash(798715377357003683b979b41c5d99c0312e6e788d789f0d5df710465483aa3e )",
+      "Bash(f810e7491da3390109ddc13a74a1fff985ba3a4735024f2b714c12d213f5ea11 )",
+      "Bash(1 )",
+      "Bash(911912000 )",
+      "Bash(4ccef8c68cf18f8f156a0bb017dfd6e0cc7ebf1672fa2d769e02e2efc700328b 1000000 )",
+      "Bash(798715377357003683b979b41c5d99c0312e6e788d789f0d5df710465483aa3e 910911000 )",
+      "Bash(~/.gitmark/faucet.txt)",
+      "Bash(blocktrails --version:*)",
+      "Bash(blocktrails --help:*)",
+      "Bash(blocktrails show:*)",
+      "Bash(git restore:*)",
+      "Bash(npm show:*)",
+      "WebFetch(domain:gitlab.com)",
+      "Bash(gh repo edit:*)",
+      "WebFetch(domain:blocktrails.github.io)",
+      "Bash(jq:*)",
+      "Bash(SOLID_SYNC=true timeout 45 node:*)",
+      "Bash(git -C /home/melvin/remote/github.com/blocktrails/gitmark-amm status)",
+      "Bash(SOLID_SYNC=true ANCHOR=true timeout 8 node:*)",
+      "Bash(SOLID_SYNC=true ANCHOR=true node:*)",
+      "Bash(git -C /home/melvin/remote/github.com/blocktrails/gitmark-amm diff src/watcher.js)",
+      "Bash(git -C /home/melvin/remote/github.com/blocktrails/gitmark-amm add src/watcher.js)",
+      "Bash(git -C /home/melvin/remote/github.com/blocktrails/gitmark-amm commit -m \"$\\(cat <<''EOF''\nAdd transfer API and HTTP 402 middleware\n\n- Add POST /transfer endpoint for user-to-user token transfers\n- Add verify402Payment middleware for token-gated APIs\n- Add GET /api/quote demo endpoint \\(costs 1 GSAT\\)\n- Add GET /balance/:did and GET /state endpoints\n- Fix anchor function to use encodeBech32m for address derivation\n- Remove OP_RETURN from anchor tx \\(state hash stored in state.json\\)\nEOF\n\\)\")",
+      "Bash(git -C /home/melvin/remote/github.com/blocktrails/gitmark-amm push)",
+      "Bash(git -C /home/melvin/remote/github.com/blocktrails/gitmark-amm add demo.html src/watcher.js debug.html paywall.html transfer.html)",
+      "Bash(git -C /home/melvin/remote/github.com/blocktrails/gitmark-amm commit -m \"$\\(cat <<''EOF''\nAdd NIP-98 paywall, transfer, withdraw, and debug pages\n\n- Implement NIP-98 \\(kind 27235\\) for HTTP 402 authentication\n- Add paywall.html demo page showing NIP-98 flow\n- Add transfer.html for user-to-user GSAT transfers\n- Add debug.html with anchors, state, verify, withdraw, and users tabs\n- Add POST /withdraw endpoint for sats → Bitcoin address\n- Add navigation to demo.html linking all pages\nEOF\n\\)\")",
+      "Bash(git -C /home/melvin/remote/github.com/blocktrails/gitmark-amm add test-amm.mjs package.json)",
+      "Bash(git -C /home/melvin/remote/github.com/blocktrails/gitmark-amm commit -m \"$\\(cat <<''EOF''\nAdd AMM tests for math, signatures, and NIP-98\n\n- AMM math tests \\(calculateGsatOut, calculateSatsOut, slippage, k invariant\\)\n- Signature verification tests \\(sell, transfer, withdraw requests\\)\n- NIP-98 event creation, verification, and encoding tests\n- Update package.json with test script\nEOF\n\\)\")",
+      "Bash(SOLID_SYNC=true node src/watcher.js:*)",
+      "Bash(git -C /home/melvin/remote/github.com/blocktrails/gitmark-amm add demo.html src/watcher.js)",
+      "Bash(git -C /home/melvin/remote/github.com/blocktrails/gitmark-amm commit -m \"$\\(cat <<''EOF''\nAdd smart polling with manual deposit check\n\n- Change poll interval from 30s to 10 minutes\n- Add POST /check endpoint for manual deposit scan\n- Add 10-second rate limit between manual checks\n- Add \"Check Deposits\" button to demo.html\nEOF\n\\)\")",
+      "Bash(git -C /home/melvin/remote/github.com/blocktrails/gitmark-amm add:*)",
+      "Bash(git -C /home/melvin/remote/github.com/blocktrails/gitmark-amm commit -m \"Use blocktrails npm package instead of local path\")",
+      "Bash(for addr in tb1pdypd4k38q4x0qz5x7hqavjhfpgt2n4tm0egggx587aafqn3wsnds8gm3yf tb1pqxmrkvuyea9v7vv323tmptjfle5tj9y6cpe5g8wqvlz6d5xmfhlqctx7py tb1p0fv2683x2j5htf9n7fkpmxsy4h7yuxmetelq2c6vp8u2zw9rhp2s5kha7v)",
+      "Bash(do echo -n \"$addr: \" curl -s \"https://mempool.space/testnet4/api/address/$addr\")",
+      "WebFetch(domain:webledgers.org)",
+      "Bash(npm pack:*)",
+      "Bash(npm info:*)",
+      "Bash(tar:*)",
+      "Bash(TEST_API=1 API_URL=https://api.solid.social node:*)",
+      "Bash(webledgers show:*)",
+      "Bash(webledgers set-balance:*)",
+      "Bash(ssh melvincarvalho.com \"pm2 list | grep jss\")",
+      "Bash(ssh melvincarvalho.com \"cd /home/ubuntu/jss && git pull && pm2 restart jss\")",
+      "WebFetch(domain:registry.npmjs.org)",
+      "WebFetch(domain:solid-chat.com)",
+      "WebFetch(domain:developer.chrome.com)",
+      "WebFetch(domain:css-tricks.com)",
+      "Bash(node bin/jss.js:*)",
+      "WebFetch(domain:nostr.social)",
+      "Bash(xargs curl -s)",
+      "Bash(ssh phone:*)",
+      "Bash(dig:*)",
+      "WebFetch(domain:fonstr.com)",
+      "Bash(node -e \"import\\(''nostr-tools''\\).then\\(m => console.log\\(Object.keys\\(m\\).join\\(''\\\\n''\\)\\)\\)\":*)",
+      "Bash(gh repo list:*)",
+      "Bash(gh search:*)",
+      "Bash(__NEW_LINE__ echo \"\")",
+      "WebFetch(domain:webfinger.net)",
+      "Bash(npm update:*)",
+      "Bash(timeout 8 node:*)",
+      "Bash(gh pr view:*)",
+      "Bash(gh pr diff:*)",
+      "Bash(gh pr review:*)",
+      "Bash(gh api:*)",
+      "Bash(gh pr comment:*)",
+      "Bash(git pull:*)",
+      "Bash(gh pr:*)",
+      "Bash(node --test:*)",
+      "Bash(TOKEN_SECRET=test node --test:*)",
+      "Bash(gh search issues:*)",
+      "Bash(timeout 60 bash:*)",
+      "Bash(timeout 90 bash -c:*)",
+      "Bash(git commit -m \"$\\(cat <<''EOF''\nsecurity: add ACL check on WebSocket subscription requests\n\nCheck WAC read permission before allowing subscription to prevent\ninformation leakage via notifications. Unauthorized subscriptions\nnow receive ''err <url> forbidden'' response.\n\nSecurity improvements:\n- Check ACL read access before allowing subscription\n- Validate URLs are on this server \\(prevents SSRF-like probing\\)\n- Add subscription limit and URL length validation\n\nFixes #62\nEOF\n\\)\")",
+      "Bash(gh repo fork:*)",
+      "Bash(timeout 180 npm test:*)",
+      "Bash(git show:*)",
+      "Bash(git -C /home/melvin/remote/github.com/nodeSolidServer/node-solid-server log --oneline -30 -- \"test/integration/acl-tls-test.mjs\" \"test-esm/integration/acl-tls-test.js\")",
+      "Bash(git -C /home/melvin/remote/github.com/nodeSolidServer/node-solid-server log --oneline --follow -30 -- \"test/integration/acl-tls-test.mjs\")",
+      "Bash(git -C /home/melvin/remote/github.com/nodeSolidServer/node-solid-server show 778095ad --stat)",
+      "Bash(git -C /home/melvin/remote/github.com/nodeSolidServer/node-solid-server show 778095ad)",
+      "Bash(git -C /home/melvin/remote/github.com/nodeSolidServer/node-solid-server show b183c7a0)",
+      "Bash(git -C /home/melvin/remote/github.com/nodeSolidServer/node-solid-server log --oneline --before=\"2019-10-29\" --after=\"2019-10-01\" -20)",
+      "Bash(git -C /home/melvin/remote/github.com/nodeSolidServer/node-solid-server show 1a92a912 --stat)",
+      "Bash(git -C /home/melvin/remote/github.com/nodeSolidServer/node-solid-server log --oneline --all --grep=jaxoncreed)",
+      "Bash(git -C /home/melvin/remote/github.com/nodeSolidServer/node-solid-server log --oneline --author=\"jaxoncreed\" -30)",
+      "Bash(git -C /home/melvin/remote/github.com/nodeSolidServer/node-solid-server log --oneline --author=\"[Dd]mitri\" -20)",
+      "Bash(git -C /home/melvin/remote/github.com/nodeSolidServer/node-solid-server log --oneline --all --grep=\"oidc\" -20)",
+      "Bash(npm install)",
+      "Bash(timeout 60 npx mocha:*)",
+      "Bash(timeout 120 npx mocha:*)",
+      "Bash(timeout 30 npx mocha:*)",
+      "Bash(openssl x509:*)",
+      "Bash(gh pr checks:*)",
+      "Bash(gh run view:*)",
+      "Bash(gh pr edit:*)",
+      "WebFetch(domain:patch-diff.githubusercontent.com)",
+      "Bash(git rebase:*)",
+      "Bash(timeout 10 npm start)",
+      "Bash(node bin/jss.js start:*)",
+      "Bash(ssh solid.social \"cd /var/www/jss && git pull && pm2 restart jss\")",
+      "Bash(ssh solid.social:*)",
+      "Bash(git -C /tmp/lws-server log --oneline --all -20)",
+      "Bash(git -C /tmp/lws-server branch -a)",
+      "Bash(git -C /tmp/lws-server show-branch -a)",
+      "WebFetch(domain:web-platform-tests.org)",
+      "Bash(file:*)",
+      "WebFetch(domain:karate.apache.org)",
+      "WebFetch(domain:restfulapi.net)",
+      "Bash(npm run test:jss:*)",
+      "Bash(node /home/melvin/remote/github.com/JavaScriptSolidServer/JavaScriptSolidServer/bin/jss.js start:*)",
+      "Bash(VERBOSE=true npm run test:jss:*)",
+      "Bash(npm whoami:*)",
+      "Bash(node bin/lws-test.js:*)",
+      "Bash(timeout 2 node:*)",
+      "Bash(node index.js:*)",
+      "Bash(timeout 3 npx lws-server@0.0.3:*)",
+      "Bash(npx lws-server@0.0.3)",
+      "Bash(node /tmp/jssd/verify-spacing.js:*)"
+    ]
+  }
+}

package/README.md

@@ -60,7 +60,7 @@ A minimal, fast, JSON-LD native Solid server.
 
 ### Android/Termux
 
-JSS runs on Android via Termux with automatic `bcryptjs` fallback:
+JSS runs on Android via Termux (uses pure JavaScript `bcryptjs` for compatibility):
 
 ```bash
 pkg install nodejs git
@@ -1045,9 +1045,9 @@ Minimal dependencies for a fast, secure server:
 - **jose** - JWT/JWK handling for Solid-OIDC
 - **n3** - Turtle parsing (only used when conneg enabled)
 - **oidc-provider** - OpenID Connect Identity Provider (only when IdP enabled)
-- **bcrypt** - Password hashing (only when IdP enabled)
+- **bcryptjs** - Password hashing (only when IdP enabled)
 - **microfed** - ActivityPub primitives (only when activitypub enabled)
-- **better-sqlite3** - SQLite storage for federation data
+- **sql.js** - SQLite storage for federation data (WASM, cross-platform)
 
 ## License
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "javascript-solid-server",
-  "version": "0.0.79",
+  "version": "0.0.81",
   "description": "A minimal, fast Solid server",
   "main": "src/index.js",
   "type": "module",
@@ -27,9 +27,7 @@
     "@fastify/rate-limit": "^9.1.0",
     "@fastify/websocket": "^8.3.1",
     "@simplewebauthn/server": "^13.2.2",
-    "bcrypt": "^6.0.0",
     "bcryptjs": "^3.0.3",
-    "better-sqlite3": "^12.5.0",
     "commander": "^14.0.2",
     "fastify": "^4.29.1",
     "fs-extra": "^11.2.0",

package/src/ap/store.js

@@ -2,8 +2,8 @@
  * ActivityPub SQLite Storage
  * Persistence layer for federation data
  *
- * Uses better-sqlite3 when available (native, fast)
- * Falls back to sql.js on Android/platforms without native builds
+ * Uses sql.js (WASM) for cross-platform compatibility
+ * Works on Android/Termux, Windows, and all platforms
  */
 
 import { existsSync, mkdirSync, readFileSync, writeFileSync } from 'fs'
@@ -11,7 +11,6 @@ import { dirname } from 'path'
 
 let db = null
 let dbPath = null
-let usingSqlJs = false
 
 // SQL schema
 const SCHEMA = `
@@ -59,7 +58,7 @@ const SCHEMA = `
 
 /**
  * Initialize the database
- * Tries better-sqlite3 first, falls back to sql.js
+ * Uses sql.js (WASM) for cross-platform compatibility
  * @param {string} path - Path to SQLite file
  */
 export async function initStore(path = 'data/activitypub.db') {
@@ -71,43 +70,31 @@ export async function initStore(path = 'data/activitypub.db') {
 
   dbPath = path
 
-  // Try better-sqlite3 first (fast, native)
-  try {
-    const Database = (await import('better-sqlite3')).default
-    db = new Database(path)
-    db.exec(SCHEMA)
-    usingSqlJs = false
-    return db
-  } catch (e) {
-    // Fall back to sql.js (WASM, works everywhere)
-    console.log('ActivityPub: Using sql.js (WASM) for SQLite storage')
-
-    const initSqlJs = (await import('sql.js')).default
-    const SQL = await initSqlJs()
-
-    // Load existing database if it exists
-    if (existsSync(path)) {
-      const buffer = readFileSync(path)
-      db = new SQL.Database(buffer)
-    } else {
-      db = new SQL.Database()
-    }
-
-    db.run(SCHEMA)
-    usingSqlJs = true
-
-    // Save initial database
-    saveDatabase()
-
-    return db
+  // Use sql.js (WASM, works everywhere)
+  const initSqlJs = (await import('sql.js')).default
+  const SQL = await initSqlJs()
+
+  // Load existing database if it exists
+  if (existsSync(path)) {
+    const buffer = readFileSync(path)
+    db = new SQL.Database(buffer)
+  } else {
+    db = new SQL.Database()
   }
+
+  db.run(SCHEMA)
+
+  // Save initial database
+  saveDatabase()
+
+  return db
 }
 
 /**
  * Save sql.js database to disk
  */
 function saveDatabase() {
-  if (usingSqlJs && db && dbPath) {
+  if (db && dbPath) {
     const data = db.export()
     const buffer = Buffer.from(data)
     writeFileSync(dbPath, buffer)
@@ -124,45 +111,33 @@ export function getStore() {
   return db
 }
 
-// Helper to run prepared statements across both implementations
+// Helper functions for sql.js API
 function runStmt(sql, params = []) {
-  if (usingSqlJs) {
-    db.run(sql, params)
-    saveDatabase()
-  } else {
-    db.prepare(sql).run(...params)
-  }
+  db.run(sql, params)
+  saveDatabase()
 }
 
 function getOne(sql, params = []) {
-  if (usingSqlJs) {
-    const stmt = db.prepare(sql)
-    stmt.bind(params)
-    if (stmt.step()) {
-      const row = stmt.getAsObject()
-      stmt.free()
-      return row
-    }
+  const stmt = db.prepare(sql)
+  stmt.bind(params)
+  if (stmt.step()) {
+    const row = stmt.getAsObject()
     stmt.free()
-    return null
-  } else {
-    return db.prepare(sql).get(...params)
+    return row
   }
+  stmt.free()
+  return null
 }
 
 function getAll(sql, params = []) {
-  if (usingSqlJs) {
-    const results = []
-    const stmt = db.prepare(sql)
-    stmt.bind(params)
-    while (stmt.step()) {
-      results.push(stmt.getAsObject())
-    }
-    stmt.free()
-    return results
-  } else {
-    return db.prepare(sql).all(...params)
+  const results = []
+  const stmt = db.prepare(sql)
+  stmt.bind(params)
+  while (stmt.step()) {
+    results.push(stmt.getAsObject())
   }
+  stmt.free()
+  return results
 }
 
 // Followers

package/src/idp/accounts.js

@@ -4,13 +4,8 @@
  * Email is optional - internally uses username@jss if not provided
  */
 
-// Try native bcrypt, fall back to pure JS bcryptjs (for Android/Termux)
-let bcrypt;
-try {
-  bcrypt = await import('bcrypt').then(m => m.default);
-} catch {
-  bcrypt = await import('bcryptjs').then(m => m.default);
-}
+// Use bcryptjs for cross-platform compatibility (works on Android/Termux/Windows)
+const bcrypt = await import('bcryptjs').then(m => m.default);
 import crypto from 'crypto';
 import fs from 'fs-extra';
 import path from 'path';