npm - specrails-desktop - Versions diffs - 2.5.0 → 2.7.0 - Mend

specrails-desktop 2.5.0 → 2.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (76) hide show

package/server/dist/mobile/mobile-mdns.js DELETED Viewed

@@ -1,81 +0,0 @@
-"use strict";
-// Best-effort mDNS/DNS-SD advertising via @homebridge/ciao (pure-JS, RFC
-// 6762/6763, Windows-safe). Discovery is a SECONDARY convenience — the QR is the
-// primary path — so any failure here is logged and swallowed; the gateway works
-// without it. TXT carries only { id, fp } (never a token or a revealing name).
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || (function () {
-    var ownKeys = function(o) {
-        ownKeys = Object.getOwnPropertyNames || function (o) {
-            var ar = [];
-            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
-            return ar;
-        };
-        return ownKeys(o);
-    };
-    return function (mod) {
-        if (mod && mod.__esModule) return mod;
-        var result = {};
-        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
-        __setModuleDefault(result, mod);
-        return result;
-    };
-})();
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.advertiseMdns = advertiseMdns;
-exports.withdrawMdns = withdrawMdns;
-let responder = null;
-let service = null;
-async function advertiseMdns(opts) {
-    try {
-        const mod = (await Promise.resolve().then(() => __importStar(require('@homebridge/ciao'))));
-        const getResponder = mod.getResponder ?? mod.default?.getResponder;
-        if (!getResponder)
-            return false;
-        responder = getResponder();
-        service = responder.createService({
-            name: opts.name,
-            // mobile-app v1 wire compat — mDNS service type is frozen, do not rename.
-            type: 'specrailshub',
-            port: opts.port,
-            txt: { id: opts.instanceId, fp: opts.fingerprint },
-        });
-        await service.advertise();
-        return true;
-    }
-    catch (err) {
-        console.warn('[mobile-mdns] advertise failed (non-fatal):', err instanceof Error ? err.message : err);
-        responder = null;
-        service = null;
-        return false;
-    }
-}
-async function withdrawMdns() {
-    try {
-        if (service)
-            await service.end();
-    }
-    catch { /* ignore */ }
-    try {
-        if (responder)
-            await responder.shutdown();
-    }
-    catch { /* ignore */ }
-    service = null;
-    responder = null;
-}

package/server/dist/mobile/mobile-pairing.js DELETED Viewed

@@ -1,179 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.PairingManager = void 0;
-const crypto_1 = require("crypto");
-const auth_1 = require("../auth");
-// In-memory pairing state machine. At most one pairing session is open at a time
-// (the desktop opens it when the user clicks "Pair device"). Sessions, lockout
-// counters, and the one-time token delivery live ONLY in memory — they are voided
-// by a process restart/sleep/self-update, which is acceptable (paired devices
-// survive in desktop.sqlite; an in-progress pair just restarts).
-//
-// Security (verified gaps from the adversarial review):
-//  - secret: 16 random bytes (128-bit), single-use, 60s TTL → no PAKE needed.
-//  - claimId: separate 16-byte handle; the token is delivered EXACTLY ONCE then
-//    scrubbed (a later poll returns approved-without-token).
-//  - lockout: per-IP (5 bad secrets → 60s) AND a global attempt cap (defeats
-//    IPv6 privacy-address rotation) that destroys the session on breach.
-//  - desktop Approve click gates token issuance (QR possession is not enough).
-// 5 minutes: long enough for a manual copy→paste→type flow (e.g. pairing a
-// simulator with no camera) while still single-use + gated by the desktop
-// approval click + a 128-bit secret, so the leaked-QR window stays small.
-const DEFAULT_TTL_MS = 300_000;
-const PER_IP_MAX_FAILS = 5;
-const PER_IP_LOCKOUT_MS = 60_000;
-const GLOBAL_WINDOW_MS = 60_000;
-const GLOBAL_MAX_ATTEMPTS = 20;
-class PairingManager {
-    _session = null;
-    _perIp = new Map();
-    _globalAttempts = [];
-    _deps;
-    constructor(deps) {
-        this._deps = {
-            ...deps,
-            clock: deps.clock ?? (() => Date.now()),
-            genBytes: deps.genBytes ?? ((n) => (0, crypto_1.randomBytes)(n)),
-            ttlMs: deps.ttlMs ?? DEFAULT_TTL_MS,
-        };
-    }
-    now() {
-        return this._deps.clock();
-    }
-    b64url(n) {
-        return this._deps.genBytes(n).toString('base64url');
-    }
-    /** Open (or replace) a pairing session and return the QR payload to render. */
-    createSession() {
-        const now = this.now();
-        const session = {
-            secret: this.b64url(16),
-            claimId: this.b64url(16),
-            exp: now + this._deps.ttlMs,
-            status: 'pending',
-            delivered: false,
-        };
-        this._session = session;
-        this._perIp.clear();
-        this._globalAttempts = [];
-        return {
-            v: 1,
-            // mobile-app v1 wire compat — QR field name `hub` is frozen, do not rename.
-            hub: this._deps.desktopInstanceId(),
-            name: this._deps.desktopName(),
-            addrs: this._deps.lanAddresses(),
-            port: this._deps.port(),
-            fp: this._deps.certFingerprint(),
-            secret: session.secret,
-            claimId: session.claimId,
-            exp: Math.floor(session.exp / 1000),
-        };
-    }
-    isExpired(s) {
-        return this.now() > s.exp && s.status !== 'approved';
-    }
-    /** Phone submits the QR secret. Enforces lockout + single-claim. */
-    claim(secret, device, ip) {
-        const s = this._session;
-        if (!s)
-            return { ok: false, reason: 'no-session' };
-        if (this.isExpired(s)) {
-            this._session = null;
-            return { ok: false, reason: 'expired' };
-        }
-        // Per-IP lockout
-        const rec = this._perIp.get(ip);
-        if (rec && rec.until > this.now())
-            return { ok: false, reason: 'locked' };
-        // Global attempt cap (sliding 60s window) — defeats IPv6 privacy rotation.
-        const now = this.now();
-        this._globalAttempts = this._globalAttempts.filter((t) => now - t < GLOBAL_WINDOW_MS);
-        this._globalAttempts.push(now);
-        if (this._globalAttempts.length > GLOBAL_MAX_ATTEMPTS) {
-            this._session = null;
-            return { ok: false, reason: 'locked' };
-        }
-        if (s.status !== 'pending')
-            return { ok: false, reason: 'already-claimed' };
-        if (!(0, auth_1.safeEqual)(secret, s.secret)) {
-            const next = { count: (rec?.count ?? 0) + 1, until: rec?.until ?? 0 };
-            if (next.count >= PER_IP_MAX_FAILS)
-                next.until = now + PER_IP_LOCKOUT_MS;
-            this._perIp.set(ip, next);
-            return { ok: false, reason: 'invalid' };
-        }
-        s.status = 'claimed';
-        s.device = { name: device.name.slice(0, 80) || 'Unknown device', platform: device.platform };
-        try {
-            this._deps.onClaimed?.(s.device);
-        }
-        catch { /* non-fatal */ }
-        return { ok: true };
-    }
-    /** Desktop approves → issue a per-device token (delivered once via pollStatus). */
-    approve() {
-        const s = this._session;
-        if (!s)
-            return { ok: false, reason: 'no-session' };
-        if (s.status !== 'claimed' || !s.device)
-            return { ok: false, reason: 'not-claimed' };
-        const token = this._deps.genBytes(32).toString('hex');
-        const deviceId = this._deps.createDevice({
-            name: s.device.name,
-            platform: s.device.platform,
-            token,
-            certFingerprint: this._deps.certFingerprint(),
-        });
-        s.approved = {
-            approved: true,
-            deviceToken: token,
-            deviceId,
-            // mobile-app v1 wire compat — `hubName`/`hubInstanceId` field names are
-            // frozen (delivered to the phone via /pair/status), do not rename.
-            hubName: this._deps.desktopName(),
-            hubInstanceId: this._deps.desktopInstanceId(),
-        };
-        s.status = 'approved';
-        return { ok: true };
-    }
-    deny() {
-        if (this._session)
-            this._session.status = 'denied';
-    }
-    cancel() {
-        this._session = null;
-    }
-    /** Desktop UI poll. */
-    getDesktopState() {
-        const s = this._session;
-        if (!s)
-            return null;
-        const status = this.isExpired(s) ? 'expired' : s.status;
-        return { status, claimId: s.claimId, device: s.device };
-    }
-    /** Phone poll. Delivers the token EXACTLY ONCE, then scrubs it. */
-    pollStatus(claimId) {
-        const s = this._session;
-        if (!s || !(0, auth_1.safeEqual)(claimId, s.claimId))
-            return { status: 'expired' };
-        if (s.status === 'approved' && s.approved) {
-            if (!s.delivered) {
-                s.delivered = true;
-                const result = s.approved;
-                // Scrub the token from memory after the single delivery.
-                s.approved = { ...result, deviceToken: '' };
-                return result;
-            }
-            // Already delivered — never hand the token out twice.
-            return { status: 'expired' };
-        }
-        if (this.isExpired(s))
-            return { status: 'expired' };
-        if (s.status === 'denied')
-            return { status: 'denied' };
-        if (s.status === 'claimed')
-            return { status: 'claimed' };
-        return { status: 'pending' };
-    }
-}
-exports.PairingManager = PairingManager;