npm - javascript-solid-server - Versions diffs - 0.0.86 → 0.0.87 - Mend

javascript-solid-server 0.0.86 → 0.0.87

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/.claude/settings.local.json +2 -1
package/README.md +43 -23
package/package.json +1 -1
package/src/config.js +5 -0
package/src/wac/parser.js +3 -2
package/test/wac.test.js +17 -0
package/fonstr-data/index.html +0 -120

package/.claude/settings.local.json CHANGED Viewed

@@ -324,7 +324,8 @@
       "Bash(npm link)",
       "Bash(npm link:*)",
       "Bash(git push)",
-      "Bash(ulimit:*)"
+      "Bash(ulimit:*)",
+      "Bash(gh label:*)"
     ]
   }
 }

package/README.md CHANGED Viewed

@@ -6,8 +6,11 @@ A minimal, fast, JSON-LD native Solid server.
 ## Features
-### Implemented (v0.0.79)
+### Implemented (v0.0.86)
+- **Live Reload** - Auto-refresh browser on file changes (`--live-reload`)
+- **Read-Only Mode** - Disable write operations for static hosting (`--read-only`)
+- **Public Mode** - Skip WAC for open read/write access (`--public`)
 - **Schnorr SSO** - Passwordless login via BIP-340 Schnorr signatures using NIP-07 browser extensions (Podkey, nos2x, Alby)
 - **Passkey Authentication** - WebAuthn/FIDO2 passwordless login with Touch ID, Face ID, or security keys
 - **HTTP Range Requests** - Partial content delivery for large files and media streaming
@@ -35,7 +38,7 @@ A minimal, fast, JSON-LD native Solid server.
 - **Content Negotiation** - Turtle <-> JSON-LD conversion, including HTML data islands
 - **CORS Support** - Full cross-origin resource sharing
 - **Git HTTP Backend** - Clone and push to containers via `git` protocol
-- **Nostr Relay** - Integrated NIP-01 relay on the same port (`wss://your.pod/relay`)
+- **Nostr Relay** - Integrated NIP-01/NIP-11/NIP-16 relay on the same port (`wss://your.pod/relay`)
 - **Invite-Only Registration** - CLI-managed invite codes for controlled signups
 - **Storage Quotas** - Per-user storage limits with CLI management
 - **Security** - Blocks access to dotfiles (`.git/`, `.env`, etc.) except Solid-specific ones
@@ -139,6 +142,9 @@ jss --help             # Show help
 | `--ap-display-name <name>` | ActivityPub display name | (username) |
 | `--ap-summary <text>` | ActivityPub bio/summary | - |
 | `--ap-nostr-pubkey <hex>` | Nostr pubkey for identity linking | - |
+| `--public` | Allow unauthenticated access (skip WAC) | false |
+| `--read-only` | Disable PUT/DELETE/PATCH methods | false |
+| `--live-reload` | Auto-refresh browser on file changes | false |
 | `-q, --quiet` | Suppress logs | false |
 ### Environment Variables
@@ -159,6 +165,10 @@ export JSS_WEBID_TLS=true
 export JSS_DEFAULT_QUOTA=100MB
 export JSS_ACTIVITYPUB=true
 export JSS_AP_USERNAME=alice
+export JSS_PUBLIC=true
+export JSS_READ_ONLY=true
+export JSS_LIVE_RELOAD=true
+export JSS_SOLIDOS_UI=true
 jss start
 ```
@@ -868,7 +878,7 @@ curl -X POST https://example.com/.pods \
 | Server | Size | Deps | Notes |
 |--------|------|------|-------|
-| [JSS](https://github.com/JavaScriptSolidServer/JavaScriptSolidServer) | 432 KB | 10 | Minimal, JSON-LD native |
+| [JSS](https://github.com/JavaScriptSolidServer/JavaScriptSolidServer) | ~14K LoC | 14 | Minimal, JSON-LD native |
 | [NSS](https://github.com/nodeSolidServer/node-solid-server) | 777 KB | 58 | Original Solid server |
 | [CSS](https://github.com/CommunitySolidServer/CommunitySolidServer) | 5.8 MB | 70 | Modular, configurable |
 | [Pivot](https://github.com/solid-contrib/pivot) | ~6 MB | 70+ | Built on CSS |
@@ -941,7 +951,7 @@ npm run benchmark
 npm test
 ```
-Currently passing: **223 tests** (including 27 conformance tests)
+Currently passing: **229 tests** (including 27 conformance tests)
 ### Conformance Test Harness (CTH)
@@ -988,12 +998,12 @@ src/
 │   ├── filesystem.js     # File operations
 │   └── quota.js          # Storage quota management
 ├── auth/
-│   ├── middleware.js     # Auth hook
-│   ├── token.js          # Simple token auth
-│   ├── solid-oidc.js     # DPoP verification
-│   ├── nostr.js          # NIP-98 Nostr authentication
-│   ├── did-nostr.js      # did:nostr → WebID resolution
-│   └── webid-tls.js      # WebID-TLS client certificate auth
+│   ├── middleware.js      # Auth hook
+│   ├── token.js           # Simple token auth
+│   ├── solid-oidc.js      # DPoP verification
+│   ├── nostr.js           # NIP-98 Nostr authentication
+│   ├── did-nostr.js       # did:nostr → WebID resolution
+│   └── webid-tls.js       # WebID-TLS client certificate auth
 ├── wac/
 │   ├── parser.js         # ACL parsing
 │   └── checker.js        # Permission checking
@@ -1010,14 +1020,16 @@ src/
 │   ├── events.js         # Event emitter
 │   └── websocket.js      # solid-0.1 protocol
 ├── idp/
-│   ├── index.js          # Identity Provider plugin
-│   ├── provider.js       # oidc-provider config
-│   ├── adapter.js        # Filesystem adapter
-│   ├── accounts.js       # User account management
-│   ├── keys.js           # JWKS key management
-│   ├── interactions.js   # Login/consent handlers
-│   ├── views.js          # HTML templates
-│   └── invites.js        # Invite code management
+│   ├── index.js           # Identity Provider plugin
+│   ├── provider.js        # oidc-provider config
+│   ├── adapter.js         # Filesystem adapter
+│   ├── accounts.js        # User account management
+│   ├── credentials.js     # Credentials endpoint
+│   ├── keys.js            # JWKS key management
+│   ├── interactions.js    # Login/consent handlers
+│   ├── passkey.js         # WebAuthn/FIDO2 passkey support
+│   ├── views.js           # HTML templates
+│   └── invites.js         # Invite code management
 ├── ap/
 │   ├── index.js          # ActivityPub plugin
 │   ├── keys.js           # RSA keypair management
@@ -1030,23 +1042,31 @@ src/
 ├── rdf/
 │   ├── turtle.js         # Turtle <-> JSON-LD
 │   └── conneg.js         # Content negotiation
+├── mashlib/
+│   └── index.js           # Mashlib data browser plugin
 └── utils/
-    ├── url.js            # URL utilities
-    └── conditional.js    # If-Match/If-None-Match
+    ├── url.js             # URL utilities
+    ├── conditional.js     # If-Match/If-None-Match
+    └── ssrf.js            # SSRF protection
 ```
 ## Dependencies
-Minimal dependencies for a fast, secure server:
+14 direct dependencies for a fast, secure server:
 - **fastify** - High-performance HTTP server
+- **@fastify/middie** - Express/Connect middleware bridge (for IdP)
+- **@fastify/rate-limit** - Rate limiting for API endpoints
 - **@fastify/websocket** - WebSocket support for notifications
+- **@simplewebauthn/server** - Passkey/WebAuthn authentication
+- **bcryptjs** - Password hashing (pure JS, works on Termux/Android)
+- **commander** - CLI command parsing
 - **fs-extra** - Enhanced file operations
 - **jose** - JWT/JWK handling for Solid-OIDC
+- **microfed** - ActivityPub primitives (only when activitypub enabled)
 - **n3** - Turtle parsing (only used when conneg enabled)
+- **nostr-tools** - Nostr protocol and Schnorr signature verification
 - **oidc-provider** - OpenID Connect Identity Provider (only when IdP enabled)
-- **bcryptjs** - Password hashing (only when IdP enabled)
-- **microfed** - ActivityPub primitives (only when activitypub enabled)
 - **sql.js** - SQLite storage for federation data (WASM, cross-platform)
 ## License

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "javascript-solid-server",
-  "version": "0.0.86",
+  "version": "0.0.87",
   "description": "A minimal, fast Solid server",
   "main": "src/index.js",
   "type": "module",

package/src/config.js CHANGED Viewed

@@ -228,6 +228,11 @@ export async function loadConfig(cliOptions = {}, configFile = null) {
     config.logger = false;
   }
+  // Mashlib requires content negotiation for Turtle support
+  if (config.mashlib || config.mashlibCdn) {
+    config.conneg = true;
+  }
   // Validate SSL config
   if ((config.sslKey && !config.sslCert) || (!config.sslKey && config.sslCert)) {
     throw new Error('Both --ssl-key and --ssl-cert must be provided together');

package/src/wac/parser.js CHANGED Viewed

@@ -144,8 +144,9 @@ function parseAuthorization(node, aclUrl) {
   auth.default = parseUriArray(node['acl:default'] || node['default'])
     .map(uri => resolveUri(uri, baseUrl));
-  // Parse agents (WebIDs can be relative too)
-  auth.agents = parseUriArray(node['acl:agent'] || node['agent']);
+  // Parse agents (WebIDs can be relative too) - resolve against ACL URL
+  auth.agents = parseUriArray(node['acl:agent'] || node['agent'])
+    .map(uri => resolveUri(uri, aclUrl));
   // Parse agentClass
   auth.agentClasses = parseUriArray(node['acl:agentClass'] || node['agentClass']);

package/test/wac.test.js CHANGED Viewed

@@ -187,6 +187,23 @@ describe('WAC Parser', () => {
         `Expected accessTo to include 'https://alice.example/other/', got: ${auths[0].accessTo}`);
     });
+    it('should resolve relative agent URIs against ACL URL', async () => {
+      const acl = {
+        '@context': { 'acl': 'http://www.w3.org/ns/auth/acl#' },
+        '@id': '#owner',
+        '@type': 'acl:Authorization',
+        'acl:agent': { '@id': './#me' },
+        'acl:accessTo': { '@id': './' },
+        'acl:mode': [{ '@id': 'acl:Read' }]
+      };
+      const auths = await parseAcl(JSON.stringify(acl), 'https://alice.example/.acl');
+      assert.strictEqual(auths.length, 1);
+      assert.ok(auths[0].agents.includes('https://alice.example/#me'),
+        `Expected agents to include 'https://alice.example/#me', got: ${auths[0].agents}`);
+    });
     it('should keep absolute URLs unchanged', async () => {
       const acl = {
         '@context': { 'acl': 'http://www.w3.org/ns/auth/acl#' },

package/fonstr-data/index.html DELETED Viewed

@@ -1,120 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-<head>
-    <meta charset="UTF-8">
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <title>fonstr - Your Nostr Relay</title>
-    <style>
-        * { margin: 0; padding: 0; box-sizing: border-box; }
-        body {
-            font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', sans-serif;
-            background: linear-gradient(135deg, #6366f1 0%, #8b5cf6 100%);
-            color: white;
-            min-height: 100vh;
-            display: flex;
-            align-items: center;
-            justify-content: center;
-            padding: 2rem;
-        }
-        .container {
-            text-align: center;
-            max-width: 600px;
-        }
-        h1 {
-            font-size: 3rem;
-            margin-bottom: 0.5rem;
-        }
-        .emoji {
-            font-size: 4rem;
-            margin-bottom: 1rem;
-        }
-        p {
-            font-size: 1.25rem;
-            opacity: 0.95;
-            margin-bottom: 2rem;
-            line-height: 1.6;
-        }
-        .relay-info {
-            background: rgba(255, 255, 255, 0.2);
-            backdrop-filter: blur(10px);
-            border-radius: 1rem;
-            padding: 2rem;
-            margin: 2rem 0;
-        }
-        code {
-            background: rgba(255, 255, 255, 0.3);
-            padding: 0.5rem 1rem;
-            border-radius: 0.5rem;
-            font-size: 1.1rem;
-            display: inline-block;
-            margin: 0.5rem 0;
-            font-family: 'Monaco', 'Menlo', monospace;
-        }
-        .stats {
-            display: grid;
-            grid-template-columns: repeat(auto-fit, minmax(150px, 1fr));
-            gap: 1rem;
-            margin-top: 2rem;
-        }
-        .stat {
-            background: rgba(255, 255, 255, 0.15);
-            padding: 1rem;
-            border-radius: 0.5rem;
-        }
-        .stat-label {
-            font-size: 0.9rem;
-            opacity: 0.8;
-        }
-        .stat-value {
-            font-size: 1.5rem;
-            font-weight: 700;
-            margin-top: 0.25rem;
-        }
-        a {
-            color: white;
-            text-decoration: none;
-            border-bottom: 2px solid rgba(255, 255, 255, 0.5);
-            transition: border-color 0.2s;
-        }
-        a:hover {
-            border-color: white;
-        }
-    </style>
-</head>
-<body>
-    <div class="container">
-        <div class="emoji">⚡</div>
-        <h1>fonstr</h1>
-        <p>Your Nostr relay is running!</p>
-        <div class="relay-info">
-            <p style="font-size: 1rem; margin-bottom: 1rem; opacity: 0.9;">Connect to your relay:</p>
-            <code>ws://localhost:4444/relay</code>
-            <div class="stats">
-                <div class="stat">
-                    <div class="stat-label">Status</div>
-                    <div class="stat-value">✓ Online</div>
-                </div>
-                <div class="stat">
-                    <div class="stat-label">Protocol</div>
-                    <div class="stat-value">NIP-01</div>
-                </div>
-                <div class="stat">
-                    <div class="stat-label">Port</div>
-                    <div class="stat-value">4444</div>
-                </div>
-            </div>
-        </div>
-        <p style="font-size: 1rem;">
-            Add this relay to your favorite Nostr client and start using it!<br>
-            <a href="https://fonstr.com" target="_blank">Learn more about fonstr</a>
-        </p>
-        <p style="font-size: 0.9rem; opacity: 0.7; margin-top: 2rem;">
-            Replace this page by editing <code style="font-size: 0.8rem;">index.html</code> in your data directory
-        </p>
-    </div>
-</body>
-</html>