seabox 0.1.0-beta.3 → 0.1.0

package/lib/build-cache.mjs

@@ -0,0 +1,199 @@
+/**
+ * build-cache.mjs
+ * Build caching system to speed up incremental builds.
+ */
+
+import fs from 'fs';
+import path from 'path';
+import crypto from 'crypto';
+
+/**
+ * @typedef {Object} CacheEntry
+ * @property {string} hash - Content hash of input
+ * @property {number} timestamp - When cached
+ * @property {any} data - Cached data
+ */
+
+export class BuildCache {
+  /**
+   * @param {string} cacheDir - Cache directory path
+   */
+  constructor(cacheDir = '.seabox-cache') {
+    this.cacheDir = cacheDir;
+    this.ensureCacheDir();
+  }
+
+  /**
+   * Ensure cache directory exists
+   */
+  ensureCacheDir() {
+    if (!fs.existsSync(this.cacheDir)) {
+      fs.mkdirSync(this.cacheDir, { recursive: true });
+    }
+
+    // Create subdirectories
+    const subdirs = ['bundles', 'natives', 'blobs'];
+    for (const subdir of subdirs) {
+      const dirPath = path.join(this.cacheDir, subdir);
+      if (!fs.existsSync(dirPath)) {
+        fs.mkdirSync(dirPath, { recursive: true });
+      }
+    }
+  }
+
+  /**
+   * Compute cache key from entry path and config
+   * @param {string} entryPath - Entry file path
+   * @param {Object} config - Build config
+   * @returns {string}
+   */
+  computeCacheKey(entryPath, config) {
+    const configStr = JSON.stringify({
+      bundler: config.bundler,
+      entry: entryPath
+    });
+    
+    return crypto
+      .createHash('sha256')
+      .update(configStr)
+      .digest('hex')
+      .substring(0, 16);
+  }
+
+  /**
+   * Get cached bundle if valid
+   * @param {string} entryPath - Entry file path
+   * @param {Object} config - Build config
+   * @returns {Object|null}
+   */
+  async getCachedBundle(entryPath, config) {
+    const cacheKey = this.computeCacheKey(entryPath, config);
+    const cachePath = path.join(this.cacheDir, 'bundles', `${cacheKey}.json`);
+
+    if (!fs.existsSync(cachePath)) {
+      return null;
+    }
+
+    try {
+      const cached = JSON.parse(fs.readFileSync(cachePath, 'utf8'));
+      
+      // Validate that source files haven't changed
+      if (await this.isValid(cached, entryPath)) {
+        return cached;
+      }
+    } catch (err) {
+      // Invalid cache entry
+    }
+
+    return null;
+  }
+
+  /**
+   * Cache a bundle result
+   * @param {string} entryPath - Entry file path
+   * @param {Object} config - Build config
+   * @param {Object} bundleResult - Bundle result to cache
+   */
+  async cacheBundle(entryPath, config, bundleResult) {
+    const cacheKey = this.computeCacheKey(entryPath, config);
+    const cachePath = path.join(this.cacheDir, 'bundles', `${cacheKey}.json`);
+
+    const cacheEntry = {
+      hash: await this.hashFile(entryPath),
+      timestamp: Date.now(),
+      data: bundleResult
+    };
+
+    fs.writeFileSync(cachePath, JSON.stringify(cacheEntry, null, 2));
+  }
+
+  /**
+   * Get cached native module build
+   * @param {string} moduleRoot - Module root path
+   * @param {string} target - Build target
+   * @returns {string|null} - Path to cached .node file
+   */
+  getCachedNativeBuild(moduleRoot, target) {
+    const cacheKey = crypto
+      .createHash('sha256')
+      .update(moduleRoot + target)
+      .digest('hex')
+      .substring(0, 16);
+
+    const cachePath = path.join(this.cacheDir, 'natives', `${cacheKey}.node`);
+
+    if (fs.existsSync(cachePath)) {
+      // Check if source has changed
+      const bindingGypPath = path.join(moduleRoot, 'binding.gyp');
+      if (fs.existsSync(bindingGypPath)) {
+        const cacheStats = fs.statSync(cachePath);
+        const sourceStats = fs.statSync(bindingGypPath);
+        
+        if (cacheStats.mtime > sourceStats.mtime) {
+          return cachePath;
+        }
+      }
+    }
+
+    return null;
+  }
+
+  /**
+   * Cache a native module build
+   * @param {string} moduleRoot - Module root path
+   * @param {string} target - Build target
+   * @param {string} builtBinaryPath - Path to built .node file
+   */
+  cacheNativeBuild(moduleRoot, target, builtBinaryPath) {
+    const cacheKey = crypto
+      .createHash('sha256')
+      .update(moduleRoot + target)
+      .digest('hex')
+      .substring(0, 16);
+
+    const cachePath = path.join(this.cacheDir, 'natives', `${cacheKey}.node`);
+
+    fs.copyFileSync(builtBinaryPath, cachePath);
+  }
+
+  /**
+   * Check if cache entry is valid
+   * @param {CacheEntry} cached - Cached entry
+   * @param {string} filePath - Source file path
+   * @returns {Promise<boolean>}
+   */
+  async isValid(cached, filePath) {
+    if (!fs.existsSync(filePath)) {
+      return false;
+    }
+
+    const currentHash = await this.hashFile(filePath);
+    return currentHash === cached.hash;
+  }
+
+  /**
+   * Compute hash of a file
+   * @param {string} filePath - File path
+   * @returns {Promise<string>}
+   */
+  hashFile(filePath) {
+    return new Promise((resolve, reject) => {
+      const hash = crypto.createHash('sha256');
+      const stream = fs.createReadStream(filePath);
+      
+      stream.on('data', chunk => hash.update(chunk));
+      stream.on('end', () => resolve(hash.digest('hex')));
+      stream.on('error', reject);
+    });
+  }
+
+  /**
+   * Clear cache
+   */
+  clear() {
+    if (fs.existsSync(this.cacheDir)) {
+      fs.rmSync(this.cacheDir, { recursive: true, force: true });
+    }
+    this.ensureCacheDir();
+  }
+}

package/lib/build.mjs

@@ -0,0 +1,77 @@
+/**
+ * build.mjs (v2)
+ * Main build orchestrator using v2 architecture with multi-target support.
+ */
+
+import { loadConfig } from './config.mjs';
+import { MultiTargetBuilder } from './multi-target-builder.mjs';
+import * as diag from './diagnostics.mjs';
+import fs from 'fs';
+
+/**
+ * Main build function for v2
+ * @param {Object} options - Build options
+ * @param {string} [options.configPath] - Path to config file
+ * @param {boolean} [options.verbose] - Enable verbose logging
+ * @param {boolean} [options.debug] - Keep temporary build files
+ * @param {string} [options.projectRoot] - Project root directory
+ */
+export async function build(options = {}) {
+  // Support both options object and legacy process.argv parsing
+  let configPath = options.configPath;
+  let verbose = options.verbose;
+  let debug = options.debug;
+  let projectRoot = options.projectRoot || process.cwd();
+  
+  // Fallback to process.argv if called without options
+  if (!options.configPath && !options.verbose && !options.debug) {
+    const args = process.argv.slice(2);
+    configPath = args.includes('--config') ? args[args.indexOf('--config') + 1] : null;
+    verbose = args.includes('--verbose');
+    debug = args.includes('--debug');
+  }
+
+  try {
+    // Load configuration
+    const config = loadConfig(configPath, projectRoot);
+    
+    // Config should exist if we got here (CLI checks first)
+    if (!config) {
+      throw new Error('No configuration found. Run: npx seabox init');
+    }
+    
+    // Override verbose from CLI if specified
+    if (verbose) {
+      config.verbose = true;
+    }
+
+    // Create and run multi-target builder
+    const builder = new MultiTargetBuilder(config, projectRoot);
+    const results = await builder.buildAll();
+
+    // Display results
+    diag.separator();
+    diag.info('Output files:');
+    for (const result of results) {
+      const size = diag.formatSize(fs.statSync(result.path).size);
+      diag.info(`  ${result.target}: ${result.path} (${size})`);
+    }
+    diag.separator();
+
+    return results;
+  } catch (error) {
+    diag.separator();
+    diag.error(`Build failed: ${error.message}`);
+    if (verbose || process.argv.includes('--verbose')) {
+      console.error(error.stack);
+    }
+    throw error;
+  }
+}
+
+// Run if called directly
+if (import.meta.url === `file://${process.argv[1]}`) {
+  build().catch(error => {
+    process.exit(1);
+  });
+}

package/lib/config.mjs

@@ -0,0 +1,243 @@
+/**
+ * config.mjs
+ * Load and validate SEA configuration from seabox.config.json or package.json.
+ */
+
+import fs from 'fs';
+import path from 'path';
+
+/**
+ * @typedef {Object} OutputTarget
+ * @property {string} path - Output directory
+ * @property {string} target - Node version and platform (e.g., node24.11.0-win32-x64)
+ * @property {string} output - Executable filename
+ * @property {string[]} [libraries] - Glob patterns for shared libraries (DLLs/SOs) requiring filesystem extraction
+ * @property {Object} [rcedit] - Windows executable customization options
+ */
+
+/**
+ * @typedef {Object} BundlerConfig
+ * @property {string[]} [external] - Modules to externalize
+ * @property {Array} [plugins] - Rollup plugins
+ * @property {boolean} [minify] - Minify output
+ * @property {boolean} [sourcemap] - Generate sourcemaps
+ */
+
+/**
+ * @typedef {Object} SeaboxConfig
+ * @property {string} entry - Entry point source file
+ * @property {OutputTarget[]} outputs - Multi-target output configurations
+ * @property {string[]} [assets] - Glob patterns for assets to embed (auto-detected assets are merged)
+ * @property {BundlerConfig} [bundler] - Bundler configuration
+ * @property {boolean} [encryptAssets] - Enable asset encryption
+ * @property {string[]} [encryptExclude] - Assets to exclude from encryption
+ * @property {boolean} [useSnapshot] - Enable V8 snapshot
+ * @property {boolean} [useCodeCache] - Enable V8 code cache
+ * @property {string} [cacheLocation] - Cache directory for extracted binaries
+ * @property {string} [sign] - Path to signing script (.mjs/.cjs) that exports a function(config) => Promise<void>
+ * @property {boolean} [verbose] - Enable verbose logging
+ */
+
+/**
+ * Load SEA configuration from seabox.config.json or package.json
+ * @param {string} [configPath] - Optional path to config file
+ * @param {string} [projectRoot] - Project root directory
+ * @returns {SeaboxConfig|null} Config object or null if not found
+ */
+export function loadConfig(configPath, projectRoot = process.cwd()) {
+  let config;
+
+  // Priority: CLI arg > seabox.config.json > package.json "seabox" field
+  if (configPath) {
+    // If explicit config path provided, it must exist
+    const fullPath = path.resolve(projectRoot, configPath);
+    if (!fs.existsSync(fullPath)) {
+      throw new Error(`Config file not found: ${fullPath}`);
+    }
+    config = JSON.parse(fs.readFileSync(fullPath, 'utf8'));
+  } else if (fs.existsSync(path.join(projectRoot, 'seabox.config.json'))) {
+    // Check for seabox.config.json
+    const configFile = path.join(projectRoot, 'seabox.config.json');
+    config = JSON.parse(fs.readFileSync(configFile, 'utf8'));
+  } else {
+    // Check for "seabox" field in package.json
+    const pkgPath = path.join(projectRoot, 'package.json');
+    
+    if (fs.existsSync(pkgPath)) {
+      const pkg = JSON.parse(fs.readFileSync(pkgPath, 'utf8'));
+      
+      if (pkg.seabox) {
+        config = normalizeConfig(pkg.seabox, pkg);
+      } else {
+        // No config found anywhere - return null
+        return null;
+      }
+    } else {
+      // No package.json - return null
+      return null;
+    }
+  }
+
+  validateConfig(config);
+  
+  return config;
+}
+
+/**
+ * Normalize config from package.json to standard format
+ * @param {Object} pkgConfig - Config from package.json "seabox" field
+ * @param {Object} pkg - package.json contents
+ * @returns {SeaboxConfig}
+ */
+export function normalizeConfig(pkgConfig, pkg) {
+  // Helper to normalize assets to array
+  const normalizeAssets = (assets) => {
+    if (!assets) return [];
+    if (Array.isArray(assets)) return assets;
+    if (typeof assets === 'string') return [assets];
+    return [];
+  };
+
+  // If already in outputs format, return as-is
+  if (pkgConfig.outputs) {
+    return {
+      ...pkgConfig,
+      assets: normalizeAssets(pkgConfig.assets),
+      bundler: pkgConfig.bundler || { external: [] },
+      _packageName: pkg.name,
+      _packageVersion: pkg.version
+    };
+  }
+
+  // Convert old targets format to outputs format
+  const outputs = (pkgConfig.targets || []).map(target => ({
+    path: pkgConfig.outputPath || 'dist',
+    target: target,
+    output: pkgConfig.output || 'app.exe',
+    libraries: pkgConfig.binaries || pkgConfig.libraries,
+    rcedit: pkgConfig.rcedit
+  }));
+
+  return {
+    entry: pkgConfig.entry,
+    outputs: outputs,
+    assets: normalizeAssets(pkgConfig.assets),
+    bundler: {
+      external: pkgConfig.external || []
+    },
+    encryptAssets: pkgConfig.encryptAssets || false,
+    encryptExclude: pkgConfig.encryptExclude || [],
+    useSnapshot: pkgConfig.useSnapshot || false,
+    useCodeCache: pkgConfig.useCodeCache || false,
+    cacheLocation: pkgConfig.cacheLocation,
+    verbose: pkgConfig.verbose || false,
+    _packageName: pkg.name,
+    _packageVersion: pkg.version
+  };
+}
+
+/**
+ * Validate configuration
+ * @param {SeaboxConfig} config
+ */
+export function validateConfig(config) {
+  // Required fields
+  if (!config.entry) {
+    throw new Error('Missing required field: entry');
+  }
+
+  if (!config.outputs || !Array.isArray(config.outputs) || config.outputs.length === 0) {
+    throw new Error('Missing required field: outputs (must be non-empty array)');
+  }
+
+  // Validate each output target
+  for (const output of config.outputs) {
+    if (!output.path) {
+      throw new Error('Output target missing required field: path');
+    }
+    if (!output.target) {
+      throw new Error('Output target missing required field: target');
+    }
+    if (!output.output) {
+      throw new Error('Output target missing required field: output');
+    }
+
+    // Validate target format
+    const targetPattern = /^node\d+\.\d+\.\d+-\w+-\w+$/;
+    if (!targetPattern.test(output.target)) {
+      throw new Error(`Invalid target format: "${output.target}". Expected: nodeX.Y.Z-platform-arch`);
+    }
+  }
+}
+
+/**
+ * Parse a target string into components
+ * @param {string} target - e.g., "node24.11.0-win32-x64"
+ * @returns {{nodeVersion: string, platform: string, arch: string}}
+ */
+export function parseTarget(target) {
+  const match = target.match(/^node(\d+\.\d+\.\d+)-(\w+)-(\w+)$/);
+  if (!match) {
+    throw new Error(`Cannot parse target: ${target}`);
+  }
+  return {
+    nodeVersion: match[1],
+    platform: match[2],
+    arch: match[3]
+  };
+}
+
+/**
+ * Get default library patterns for a platform
+ * @param {string} platform - Platform name (win32, linux, darwin)
+ * @returns {string[]}
+ */
+export function getDefaultLibraryPatterns(platform) {
+  switch (platform) {
+    case 'win32':
+      return ['**/*.dll'];
+    case 'linux':
+      return ['**/*.so', '**/*.so.*'];
+    case 'darwin':
+      return ['**/*.dylib'];
+    default:
+      return [];
+  }
+}
+
+/**
+ * Generate default configuration
+ * @param {Object} options - Options for config generation
+ * @returns {SeaboxConfig}
+ */
+export function generateDefaultConfig(options = {}) {
+  return {
+    entry: options.entry || './src/index.js',
+    outputs: [
+      {
+        path: './dist/win',
+        target: 'node24.11.0-win32-x64',
+        output: 'app.exe',
+        libraries: ['**/*.dll']
+      },
+      {
+        path: './dist/linux',
+        target: 'node24.11.0-linux-x64',
+        output: 'app',
+        libraries: ['**/*.so', '**/*.so.*']
+      },
+      {
+        path: './dist/macos',
+        target: 'node24.11.0-darwin-arm64',
+        output: 'app',
+        libraries: ['**/*.dylib']
+      }
+    ],
+    assets: [],
+    bundler: {
+      external: []
+    },
+    encryptAssets: false,
+    useSnapshot: true
+  };
+}

package/lib/{crypto-assets.js → crypto-assets.mjs}

@@ -1,17 +1,16 @@
 /**
- * crypto-assets.js
+ * crypto-assets.mjs
  * Asset encryption/decryption utilities for SEA applications.
- * The encryption key is embedded in the bootstrap code and, when using snapshots,
- * becomes part of the V8 bytecode, providing obfuscation.
  */
 
-const crypto = require('crypto');
+import crypto from 'crypto';
+import fs from 'fs';
 
 /**
  * Generate a random encryption key.
  * @returns {Buffer} - 32-byte key for AES-256
  */
-function generateEncryptionKey() {
+export function generateEncryptionKey() {
   return crypto.randomBytes(32);
 }
 
@@ -21,7 +20,7 @@ function generateEncryptionKey() {
  * @param {Buffer} key - 32-byte encryption key
  * @returns {Buffer} - Encrypted data with IV and auth tag prepended
  */
-function encryptAsset(data, key) {
+export function encryptAsset(data, key) {
   // Generate a random IV for this encryption
   const iv = crypto.randomBytes(16);
   
@@ -47,7 +46,7 @@ function encryptAsset(data, key) {
  * @param {Buffer} key - 32-byte encryption key
  * @returns {Buffer} - Decrypted data
  */
-function decryptAsset(encryptedData, key) {
+export function decryptAsset(encryptedData, key) {
   // Extract IV, auth tag, and encrypted content
   const iv = encryptedData.slice(0, 16);
   const authTag = encryptedData.slice(16, 32);
@@ -68,16 +67,16 @@ function decryptAsset(encryptedData, key) {
 
 /**
  * Encrypt multiple assets.
- * @param {import('./scanner').AssetEntry[]} assets - Assets to encrypt
+ * @param {Array} assets - Assets to encrypt
  * @param {Buffer} key - Encryption key
- * @param {string[]} [excludePatterns] - Patterns to exclude from encryption (e.g., ['*.txt'])
+ * @param {string[]} [excludePatterns] - Patterns to exclude from encryption
  * @returns {Map<string, Buffer>} - Map of asset key to encrypted content
  */
-function encryptAssets(assets, key, excludePatterns = []) {
+export function encryptAssets(assets, key, excludePatterns = []) {
   const encrypted = new Map();
   
   for (const asset of assets) {
-    // Skip binaries - they need to be extracted as-is
+    // Skip binaries
     if (asset.isBinary) {
       continue;
     }
@@ -96,7 +95,7 @@ function encryptAssets(assets, key, excludePatterns = []) {
     }
     
     // Get asset content
-    const content = asset.content || require('fs').readFileSync(asset.sourcePath);
+    const content = asset.content || fs.readFileSync(asset.sourcePath);
     
     // Encrypt it
     const encryptedContent = encryptAsset(content, key);
@@ -106,37 +105,12 @@ function encryptAssets(assets, key, excludePatterns = []) {
   return encrypted;
 }
 
-/**
- * Generate the encryption key as a code string for embedding in bootstrap.
- * Returns a string that evaluates to a Buffer containing the key.
- * @param {Buffer} key - Encryption key
- * @returns {string} - JavaScript code that creates the key Buffer
- */
-function keyToCode(key) {
-  // Convert key to hex string for embedding
-  const hexKey = key.toString('hex');
-  
-  // Return code that reconstructs the Buffer
-  // Using multiple obfuscation techniques:
-  // 1. Split the hex string
-  // 2. Use Array.from with character codes
-  // 3. XOR with a simple constant (adds one more layer)
-  
-  const parts = [];
-  for (let i = 0; i < hexKey.length; i += 8) {
-    parts.push(hexKey.slice(i, i + 8));
-  }
-  
-  return `Buffer.from('${hexKey}', 'hex')`;
-}
-
 /**
  * Generate a more obfuscated version of the key embedding code.
- * This version splits the key and uses character code manipulation.
  * @param {Buffer} key - Encryption key
  * @returns {string} - Obfuscated JavaScript code
  */
-function keyToObfuscatedCode(key) {
+export function keyToObfuscatedCode(key) {
   // Convert to array of byte values
   const bytes = Array.from(key);
   
@@ -149,12 +123,3 @@ function keyToObfuscatedCode(key) {
   // Return code that reconstructs the key
   return `Buffer.from([${masked.join(',')}].map(b => b ^ 0x${xorMask.toString(16)}))`;
 }
-
-module.exports = {
-  generateEncryptionKey,
-  encryptAsset,
-  decryptAsset,
-  encryptAssets,
-  keyToCode,
-  keyToObfuscatedCode
-};