seabox 0.1.0-beta.3 → 0.1.0-beta.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +342 -146
- package/bin/seabox-rebuild.mjs +95 -0
- package/bin/seabox.mjs +135 -0
- package/lib/{blob.js → blob.mjs} +12 -18
- package/lib/bootstrap.cjs +753 -0
- package/lib/build-cache.mjs +199 -0
- package/lib/build.mjs +75 -0
- package/lib/config.mjs +234 -0
- package/lib/{crypto-assets.js → crypto-assets.mjs} +12 -47
- package/lib/entry-bundler.mjs +64 -0
- package/lib/{fetch-node.js → fetch-node.mjs} +10 -16
- package/lib/index.mjs +26 -0
- package/lib/{inject.js → inject.mjs} +24 -27
- package/lib/{manifest.js → manifest.mjs} +5 -11
- package/lib/multi-target-builder.mjs +620 -0
- package/lib/native-scanner.mjs +210 -0
- package/lib/{obfuscate.js → obfuscate.mjs} +9 -31
- package/lib/require-shim.mjs +111 -0
- package/lib/rolldown-bundler.mjs +415 -0
- package/lib/{unsign.js → unsign.cjs} +7 -32
- package/package.json +9 -5
- package/bin/seabox-rebuild.js +0 -395
- package/bin/seabox.js +0 -81
- package/lib/bindings.js +0 -31
- package/lib/bootstrap.js +0 -697
- package/lib/build.js +0 -283
- package/lib/bytenode-hack.js +0 -56
- package/lib/config.js +0 -119
- package/lib/index.js +0 -27
- package/lib/scanner.js +0 -153
|
@@ -1,13 +1,15 @@
|
|
|
1
1
|
/**
|
|
2
|
-
* fetch-node.
|
|
2
|
+
* fetch-node.mjs
|
|
3
3
|
* Download target Node.js binary for SEA injection.
|
|
4
4
|
*/
|
|
5
5
|
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
6
|
+
import fs from 'fs';
|
|
7
|
+
import path from 'path';
|
|
8
|
+
import https from 'https';
|
|
9
|
+
import { pipeline } from 'stream';
|
|
10
|
+
import { promisify } from 'util';
|
|
11
|
+
import AdmZip from 'adm-zip';
|
|
12
|
+
import tar from 'tar';
|
|
11
13
|
|
|
12
14
|
const pipelineAsync = promisify(pipeline);
|
|
13
15
|
|
|
@@ -78,9 +80,6 @@ async function downloadFile(url, outputPath) {
|
|
|
78
80
|
* @returns {Promise<string>} - Path to extracted node binary
|
|
79
81
|
*/
|
|
80
82
|
async function extractNodeBinary(archivePath, outputDir, platform) {
|
|
81
|
-
const AdmZip = require('adm-zip');
|
|
82
|
-
const tar = require('tar');
|
|
83
|
-
|
|
84
83
|
if (platform === 'win32') {
|
|
85
84
|
// Extract from ZIP
|
|
86
85
|
const zip = new AdmZip(archivePath);
|
|
@@ -135,7 +134,7 @@ async function extractNodeBinary(archivePath, outputDir, platform) {
|
|
|
135
134
|
* @param {string} cacheDir - Directory to cache downloads
|
|
136
135
|
* @returns {Promise<string>} - Path to the node binary
|
|
137
136
|
*/
|
|
138
|
-
async function fetchNodeBinary(nodeVersion, platform, arch, cacheDir) {
|
|
137
|
+
export async function fetchNodeBinary(nodeVersion, platform, arch, cacheDir) {
|
|
139
138
|
if (!fs.existsSync(cacheDir)) {
|
|
140
139
|
fs.mkdirSync(cacheDir, { recursive: true });
|
|
141
140
|
}
|
|
@@ -169,9 +168,4 @@ async function fetchNodeBinary(nodeVersion, platform, arch, cacheDir) {
|
|
|
169
168
|
return binaryPath;
|
|
170
169
|
}
|
|
171
170
|
|
|
172
|
-
|
|
173
|
-
getNodeDownloadUrl,
|
|
174
|
-
downloadFile,
|
|
175
|
-
extractNodeBinary,
|
|
176
|
-
fetchNodeBinary
|
|
177
|
-
};
|
|
171
|
+
export { getNodeDownloadUrl, downloadFile, extractNodeBinary };
|
package/lib/index.mjs
ADDED
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* index.mjs
|
|
3
|
+
* Main entry point for Seabox v2 library.
|
|
4
|
+
* Exports all public APIs.
|
|
5
|
+
*/
|
|
6
|
+
|
|
7
|
+
export { build } from './build.mjs';
|
|
8
|
+
export {
|
|
9
|
+
loadConfig,
|
|
10
|
+
validateConfig,
|
|
11
|
+
parseTarget,
|
|
12
|
+
generateDefaultConfig,
|
|
13
|
+
normalizeConfig,
|
|
14
|
+
getDefaultLibraryPatterns
|
|
15
|
+
} from './config.mjs';
|
|
16
|
+
export { MultiTargetBuilder } from './multi-target-builder.mjs';
|
|
17
|
+
export { bundleWithRollup, NativeModuleDetectorPlugin } from './rolldown-bundler.mjs';
|
|
18
|
+
export { scanDependenciesForNativeModules, findNativeModuleBuildPath } from './native-scanner.mjs';
|
|
19
|
+
export { BuildCache } from './build-cache.mjs';
|
|
20
|
+
export { generateManifest, serializeManifest } from './manifest.mjs';
|
|
21
|
+
export { createSeaConfig, writeSeaConfigJson, generateBlob } from './blob.mjs';
|
|
22
|
+
export { fetchNodeBinary } from './fetch-node.mjs';
|
|
23
|
+
export { injectBlob } from './inject.mjs';
|
|
24
|
+
export { generateEncryptionKey, encryptAsset, decryptAsset, encryptAssets, keyToObfuscatedCode } from './crypto-assets.mjs';
|
|
25
|
+
export { obfuscateBootstrap } from './obfuscate.mjs';
|
|
26
|
+
export { bundleEntry } from './entry-bundler.mjs';
|
|
@@ -1,13 +1,21 @@
|
|
|
1
1
|
/**
|
|
2
|
-
* inject.
|
|
2
|
+
* inject.mjs
|
|
3
3
|
* Inject SEA blob into Node binary using postject.
|
|
4
4
|
*/
|
|
5
5
|
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
6
|
+
import fs from 'fs';
|
|
7
|
+
import path from 'path';
|
|
8
|
+
import { execFile } from 'child_process';
|
|
9
|
+
import { promisify } from 'util';
|
|
10
|
+
import Module from 'module';
|
|
11
|
+
import { fileURLToPath } from 'url';
|
|
12
|
+
|
|
13
|
+
const __filename = fileURLToPath(import.meta.url);
|
|
14
|
+
const __dirname = path.dirname(__filename);
|
|
15
|
+
|
|
16
|
+
// Import unsign using require since it's CommonJS
|
|
17
|
+
const require = Module.createRequire(import.meta.url);
|
|
18
|
+
const { removeSignature } = require('./unsign.cjs');
|
|
11
19
|
|
|
12
20
|
const execFileAsync = promisify(execFile);
|
|
13
21
|
|
|
@@ -21,12 +29,17 @@ const execFileAsync = promisify(execFile);
|
|
|
21
29
|
* @param {Object} [rceditOptions] - Optional rcedit configuration for Windows executables
|
|
22
30
|
* @returns {Promise<void>}
|
|
23
31
|
*/
|
|
24
|
-
async function injectBlob(nodeBinaryPath, blobPath, outputPath, platform, verbose, rceditOptions) {
|
|
32
|
+
export async function injectBlob(nodeBinaryPath, blobPath, outputPath, platform, verbose, rceditOptions) {
|
|
33
|
+
// Ensure output directory exists
|
|
34
|
+
const outputDir = path.dirname(outputPath);
|
|
35
|
+
if (!fs.existsSync(outputDir)) {
|
|
36
|
+
fs.mkdirSync(outputDir, { recursive: true });
|
|
37
|
+
}
|
|
38
|
+
|
|
25
39
|
// Copy node binary to output location
|
|
26
40
|
fs.copyFileSync(nodeBinaryPath, outputPath);
|
|
27
41
|
|
|
28
42
|
// Remove existing signature before postject injection
|
|
29
|
-
// The downloaded Node.js binary is signed, and postject will corrupt this signature
|
|
30
43
|
await removeSignature(outputPath, platform);
|
|
31
44
|
|
|
32
45
|
// Apply rcedit changes (Windows only, before postject)
|
|
@@ -59,8 +72,6 @@ async function injectBlob(nodeBinaryPath, blobPath, outputPath, platform, verbos
|
|
|
59
72
|
? ['/c', 'npx', 'postject', ...args]
|
|
60
73
|
: ['postject', ...args];
|
|
61
74
|
|
|
62
|
-
//console.log(`Command: ${command} ${cmdArgs.join(' ')}`);
|
|
63
|
-
|
|
64
75
|
try {
|
|
65
76
|
const { stdout, stderr } = await execFileAsync(command, cmdArgs);
|
|
66
77
|
if (stdout && verbose) console.log(stdout);
|
|
@@ -69,8 +80,6 @@ async function injectBlob(nodeBinaryPath, blobPath, outputPath, platform, verbos
|
|
|
69
80
|
} catch (error) {
|
|
70
81
|
throw new Error(`Postject injection failed: ${error.message}`);
|
|
71
82
|
}
|
|
72
|
-
|
|
73
|
-
//console.log('\nNote: Executable is now ready for signing with your certificate');
|
|
74
83
|
}
|
|
75
84
|
|
|
76
85
|
/**
|
|
@@ -86,7 +95,8 @@ async function applyRcedit(exePath, options, verbose) {
|
|
|
86
95
|
console.log('Options:', JSON.stringify(options, null, 2));
|
|
87
96
|
}
|
|
88
97
|
|
|
89
|
-
|
|
98
|
+
// Dynamic import for rcedit (it's CommonJS)
|
|
99
|
+
const rcedit = (await import('rcedit')).default;
|
|
90
100
|
|
|
91
101
|
try {
|
|
92
102
|
await rcedit(exePath, options);
|
|
@@ -98,17 +108,4 @@ async function applyRcedit(exePath, options, verbose) {
|
|
|
98
108
|
}
|
|
99
109
|
}
|
|
100
110
|
|
|
101
|
-
|
|
102
|
-
* Resolve the postject executable path.
|
|
103
|
-
* @returns {string}
|
|
104
|
-
*/
|
|
105
|
-
function resolvePostject() {
|
|
106
|
-
// Use npx to run postject
|
|
107
|
-
return 'npx';
|
|
108
|
-
}
|
|
109
|
-
|
|
110
|
-
module.exports = {
|
|
111
|
-
injectBlob,
|
|
112
|
-
resolvePostject,
|
|
113
|
-
applyRcedit
|
|
114
|
-
};
|
|
111
|
+
export { applyRcedit };
|
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
/**
|
|
2
|
-
* manifest.
|
|
2
|
+
* manifest.mjs
|
|
3
3
|
* Generate runtime manifest with asset metadata and extraction rules.
|
|
4
4
|
*/
|
|
5
5
|
|
|
6
|
-
|
|
6
|
+
import path from 'path';
|
|
7
7
|
|
|
8
8
|
/**
|
|
9
9
|
* @typedef {Object} BinaryManifestEntry
|
|
@@ -28,13 +28,13 @@ const path = require('path');
|
|
|
28
28
|
|
|
29
29
|
/**
|
|
30
30
|
* Generate a runtime manifest from scanned assets.
|
|
31
|
-
* @param {
|
|
31
|
+
* @param {Array} assets - All scanned assets
|
|
32
32
|
* @param {Object} config - SEA configuration
|
|
33
33
|
* @param {string} targetPlatform - Target platform (win32, linux, darwin)
|
|
34
34
|
* @param {string} targetArch - Target architecture (x64, arm64)
|
|
35
35
|
* @returns {RuntimeManifest}
|
|
36
36
|
*/
|
|
37
|
-
function generateManifest(assets, config, targetPlatform, targetArch) {
|
|
37
|
+
export function generateManifest(assets, config, targetPlatform, targetArch) {
|
|
38
38
|
const binaries = assets
|
|
39
39
|
.filter(a => a.isBinary)
|
|
40
40
|
.map((asset, index) => {
|
|
@@ -95,12 +95,6 @@ function inferExtractionOrder(fileName, fallbackIndex) {
|
|
|
95
95
|
* @param {RuntimeManifest} manifest
|
|
96
96
|
* @returns {string}
|
|
97
97
|
*/
|
|
98
|
-
function serializeManifest(manifest) {
|
|
98
|
+
export function serializeManifest(manifest) {
|
|
99
99
|
return JSON.stringify(manifest, null, 2);
|
|
100
100
|
}
|
|
101
|
-
|
|
102
|
-
module.exports = {
|
|
103
|
-
generateManifest,
|
|
104
|
-
inferExtractionOrder,
|
|
105
|
-
serializeManifest
|
|
106
|
-
};
|