typescript-virtual-container 1.2.0 → 1.2.2

package/dist/VirtualFileSystem/index.js

@@ -2,6 +2,7 @@ import { EventEmitter } from "node:events";
 import * as fs from "node:fs";
 import * as path from "node:path";
 import { gunzipSync, gzipSync } from "node:zlib";
+import { createPerfLogger } from "../utils/perfLogger";
 import { normalizePath } from "./path";
 /**
  * In-memory virtual filesystem with tar.gz mirror persistence.
@@ -10,6 +11,7 @@ import { normalizePath } from "./path";
  * {@link VirtualFileSystem.restoreMirror} on startup and
  * {@link VirtualFileSystem.flushMirror} to persist pending changes.
  */
+const perf = createPerfLogger("VirtualFileSystem");
 class VirtualFileSystem extends EventEmitter {
     mirrorRoot;
     ensureMirrorRoot() {
@@ -77,6 +79,7 @@ class VirtualFileSystem extends EventEmitter {
      */
     constructor(baseDir = process.cwd()) {
         super();
+        perf.mark("constructor");
         this.mirrorRoot = path.resolve(baseDir, ".vfs", "mirror");
     }
     /**
@@ -85,6 +88,7 @@ class VirtualFileSystem extends EventEmitter {
      * If archive does not exist or cannot be read, creates fresh mirror file.
      */
     async restoreMirror() {
+        perf.mark("restoreMirror");
         this.ensureMirrorRoot();
     }
     /**
@@ -93,6 +97,7 @@ class VirtualFileSystem extends EventEmitter {
      * No-op when nothing changed and archive already exists.
      */
     async flushMirror() {
+        perf.mark("flushMirror");
         this.ensureMirrorRoot();
         this.emit("mirror:flush");
     }
@@ -103,6 +108,7 @@ class VirtualFileSystem extends EventEmitter {
      * @param mode POSIX-like mode bits for new directories.
      */
     mkdir(targetPath, mode = 0o755) {
+        perf.mark("mkdir");
         this.ensureMirrorRoot();
         const fsPath = this.resolveFsPath(targetPath);
         if (fs.existsSync(fsPath) && !fs.statSync(fsPath).isDirectory()) {
@@ -121,6 +127,7 @@ class VirtualFileSystem extends EventEmitter {
      * @param options Optional write behavior (mode, compression).
      */
     writeFile(targetPath, content, options = {}) {
+        perf.mark("writeFile");
         this.ensureMirrorRoot();
         const normalized = normalizePath(targetPath);
         const fsPath = this.resolveFsPath(normalized);
@@ -147,6 +154,7 @@ class VirtualFileSystem extends EventEmitter {
      * @returns UTF-8 string content.
      */
     readFile(targetPath) {
+        perf.mark("readFile");
         this.ensureMirrorRoot();
         const fsPath = this.resolveFsPath(targetPath);
         if (!fs.existsSync(fsPath) || !fs.statSync(fsPath).isFile()) {
@@ -165,6 +173,7 @@ class VirtualFileSystem extends EventEmitter {
      * @returns True when file or directory exists.
      */
     exists(targetPath) {
+        perf.mark("exists");
         try {
             const fsPath = this.resolveFsPath(targetPath);
             return fs.existsSync(fsPath);
@@ -180,6 +189,7 @@ class VirtualFileSystem extends EventEmitter {
      * @param mode New POSIX-like mode.
      */
     chmod(targetPath, mode) {
+        perf.mark("chmod");
         const fsPath = this.resolveFsPath(targetPath);
         if (!fs.existsSync(fsPath)) {
             throw new Error(`Path '${normalizePath(targetPath)}' does not exist.`);
@@ -193,6 +203,7 @@ class VirtualFileSystem extends EventEmitter {
      * @returns Typed stat object based on node type.
      */
     stat(targetPath) {
+        perf.mark("stat");
         this.ensureMirrorRoot();
         const normalized = normalizePath(targetPath);
         const fsPath = this.resolveFsPath(normalized);
@@ -231,6 +242,7 @@ class VirtualFileSystem extends EventEmitter {
      * @returns Sorted child names.
      */
     list(dirPath = "/") {
+        perf.mark("list");
         const fsPath = this.resolveFsPath(dirPath);
         if (!fs.existsSync(fsPath) || !fs.statSync(fsPath).isDirectory()) {
             throw new Error(`Cannot list '${dirPath}': not a directory.`);
@@ -244,6 +256,7 @@ class VirtualFileSystem extends EventEmitter {
      * @returns Multi-line tree string.
      */
     tree(dirPath = "/") {
+        perf.mark("tree");
         const fsPath = this.resolveFsPath(dirPath);
         if (!fs.existsSync(fsPath) || !fs.statSync(fsPath).isDirectory()) {
             throw new Error(`Cannot render tree for '${dirPath}': not a directory.`);
@@ -261,6 +274,7 @@ class VirtualFileSystem extends EventEmitter {
      * @returns Total byte usage for file content under target path.
      */
     getUsageBytes(targetPath = "/") {
+        perf.mark("getUsageBytes");
         const fsPath = this.resolveFsPath(targetPath);
         if (!fs.existsSync(fsPath)) {
             throw new Error(`Path '${normalizePath(targetPath)}' does not exist.`);
@@ -273,6 +287,7 @@ class VirtualFileSystem extends EventEmitter {
      * @param targetPath Path to file.
      */
     compressFile(targetPath) {
+        perf.mark("compressFile");
         const fsPath = this.resolveFsPath(targetPath);
         if (!fs.existsSync(fsPath) || !fs.statSync(fsPath).isFile()) {
             throw new Error(`Cannot compress '${targetPath}': not a file.`);
@@ -288,6 +303,7 @@ class VirtualFileSystem extends EventEmitter {
      * @param targetPath Path to file.
      */
     decompressFile(targetPath) {
+        perf.mark("decompressFile");
         const fsPath = this.resolveFsPath(targetPath);
         if (!fs.existsSync(fsPath) || !fs.statSync(fsPath).isFile()) {
             throw new Error(`Cannot decompress '${targetPath}': not a file.`);
@@ -304,6 +320,7 @@ class VirtualFileSystem extends EventEmitter {
      * @param options Removal options, including recursive delete.
      */
     remove(targetPath, options = {}) {
+        perf.mark("remove");
         const normalized = normalizePath(targetPath);
         if (normalized === "/") {
             throw new Error("Cannot remove root directory.");
@@ -333,6 +350,7 @@ class VirtualFileSystem extends EventEmitter {
      * @param toPath Destination path.
      */
     move(fromPath, toPath) {
+        perf.mark("move");
         const fromNormalized = normalizePath(fromPath);
         const toNormalized = normalizePath(toPath);
         if (fromNormalized === "/" || toNormalized === "/") {

package/dist/VirtualShell/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/VirtualShell/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAE3C,OAAO,KAAK,EAAE,cAAc,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AACvE,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AACpD,OAAO,iBAAiB,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,kBAAkB,EAAE,MAAM,uBAAuB,CAAC;AAG3D,MAAM,WAAW,eAAe;IAC/B,MAAM,EAAE,MAAM,CAAC;IACf,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;CACb;AA8BD;;;;;GAKG;AACH,cAAM,YAAa,SAAQ,YAAY;IACtC,QAAQ,EAAE,MAAM,CAAO;IACvB,GAAG,EAAE,iBAAiB,CAAC;IACvB,KAAK,EAAE,kBAAkB,CAAC;IAC1B,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,eAAe,CAAC;IAC5B,OAAO,CAAC,WAAW,CAAgB;IAEnC;;;;;;OAMG;gBAEF,QAAQ,EAAE,MAAM,EAChB,UAAU,CAAC,EAAE,eAAe,EAC5B,QAAQ,CAAC,EAAE,MAAM;IAyBlB;;;OAGG;IACU,iBAAiB,IAAI,OAAO,CAAC,IAAI,CAAC;IAI/C;;;;;;OAMG;IACH,UAAU,CACT,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,MAAM,EAAE,EAChB,QAAQ,EAAE,CAAC,GAAG,EAAE,cAAc,KAAK,aAAa,GAAG,OAAO,CAAC,aAAa,CAAC,GACvE,IAAI;IASP;;;;;;OAMG;IACH,cAAc,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,IAAI;IAKrE;;;;;;;OAOG;IAEH,uBAAuB,CACtB,MAAM,EAAE,WAAW,EACnB,QAAQ,EAAE,MAAM,EAChB,SAAS,EAAE,MAAM,GAAG,IAAI,EACxB,aAAa,EAAE,MAAM,EACrB,YAAY,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,GAC1C,IAAI;IAeP;;;;OAIG;IACI,MAAM,IAAI,iBAAiB,GAAG,IAAI;IAIzC;;;;OAIG;IACI,QAAQ,IAAI,kBAAkB,GAAG,IAAI;IAI5C;;;;OAIG;IACI,WAAW,IAAI,MAAM;IAI5B;;;;;;OAMG;IACI,eAAe,CACrB,QAAQ,EAAE,MAAM,EAChB,UAAU,EAAE,MAAM,EAClB,OAAO,EAAE,MAAM,GAAG,MAAM,GACtB,IAAI;CAIP;AAED,OAAO,EAAE,YAAY,EAAE,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/VirtualShell/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAE3C,OAAO,KAAK,EAAE,cAAc,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AACvE,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAGpD,OAAO,iBAAiB,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,kBAAkB,EAAE,MAAM,uBAAuB,CAAC;AAG3D,MAAM,WAAW,eAAe;IAC/B,MAAM,EAAE,MAAM,CAAC;IACf,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;CACb;AAwCD;;;;;GAKG;AACH,cAAM,YAAa,SAAQ,YAAY;IACtC,QAAQ,EAAE,MAAM,CAAO;IACvB,GAAG,EAAE,iBAAiB,CAAC;IACvB,KAAK,EAAE,kBAAkB,CAAC;IAC1B,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,eAAe,CAAC;IAC5B,OAAO,CAAC,WAAW,CAAgB;IAEnC;;;;;;OAMG;gBAEF,QAAQ,EAAE,MAAM,EAChB,UAAU,CAAC,EAAE,eAAe,EAC5B,QAAQ,CAAC,EAAE,MAAM;IA0BlB;;;OAGG;IACU,iBAAiB,IAAI,OAAO,CAAC,IAAI,CAAC;IAK/C;;;;;;OAMG;IACH,UAAU,CACT,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,MAAM,EAAE,EAChB,QAAQ,EAAE,CAAC,GAAG,EAAE,cAAc,KAAK,aAAa,GAAG,OAAO,CAAC,aAAa,CAAC,GACvE,IAAI;IASP;;;;;;OAMG;IACH,cAAc,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,IAAI;IAMrE;;;;;;;OAOG;IAEH,uBAAuB,CACtB,MAAM,EAAE,WAAW,EACnB,QAAQ,EAAE,MAAM,EAChB,SAAS,EAAE,MAAM,GAAG,IAAI,EACxB,aAAa,EAAE,MAAM,EACrB,YAAY,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,GAC1C,IAAI;IAgBP;;;;OAIG;IACI,MAAM,IAAI,iBAAiB,GAAG,IAAI;IAIzC;;;;OAIG;IACI,QAAQ,IAAI,kBAAkB,GAAG,IAAI;IAI5C;;;;OAIG;IACI,WAAW,IAAI,MAAM;IAI5B;;;;;;OAMG;IACI,eAAe,CACrB,QAAQ,EAAE,MAAM,EAChB,UAAU,EAAE,MAAM,EAClB,OAAO,EAAE,MAAM,GAAG,MAAM,GACtB,IAAI;CAKP;AAED,OAAO,EAAE,YAAY,EAAE,CAAC"}

package/dist/VirtualShell/index.js

@@ -1,6 +1,7 @@
 import { randomBytes } from "node:crypto";
 import { EventEmitter } from "node:events";
 import { createCustomCommand, registerCommand, runCommand } from "../commands";
+import { createPerfLogger } from "../utils/perfLogger";
 import VirtualFileSystem from "../VirtualFileSystem";
 import { VirtualUserManager } from "../VirtualUserManager";
 import { startShell } from "./shell";
@@ -9,12 +10,19 @@ const defaultShellProperties = {
     os: "Fortune GNU/Linux x64",
     arch: "x86_64",
 };
+const perf = createPerfLogger("VirtualShell");
+let cachedRootPassword = null;
 function resolveRootPassword() {
+    if (cachedRootPassword) {
+        return cachedRootPassword;
+    }
     const configured = process.env.SSH_MIMIC_ROOT_PASSWORD;
     if (configured && configured.trim().length > 0) {
-        return configured;
+        cachedRootPassword = configured.trim();
+        return cachedRootPassword;
     }
     const generated = randomBytes(18).toString("base64url");
+    cachedRootPassword = generated;
     console.warn(`[ssh-mimic] SSH_MIMIC_ROOT_PASSWORD missing; generated ephemeral root password: ${generated}`);
     return generated;
 }
@@ -47,6 +55,7 @@ class VirtualShell extends EventEmitter {
      */
     constructor(hostname, properties, basePath) {
         super();
+        perf.mark("constructor");
         this.hostname = hostname;
         this.properties = properties || defaultShellProperties;
         this.basePath = basePath || ".";
@@ -67,6 +76,7 @@ class VirtualShell extends EventEmitter {
      * Call this before any authentication or command execution.
      */
     async ensureInitialized() {
+        perf.mark("ensureInitialized");
         await this.initialized;
     }
     /**
@@ -91,6 +101,7 @@ class VirtualShell extends EventEmitter {
      * @param cwd
      */
     executeCommand(rawInput, authUser, cwd) {
+        perf.mark("executeCommand");
         runCommand(rawInput, authUser, this.hostname, "shell", cwd, this);
         this.emit("command", { command: rawInput, user: authUser, cwd });
     }
@@ -103,6 +114,7 @@ class VirtualShell extends EventEmitter {
      * @param remoteAddress The address of the remote client.
      */
     startInteractiveSession(stream, authUser, sessionId, remoteAddress, terminalSize) {
+        perf.mark("startInteractiveSession");
         // Interactive shell logic
         this.emit("session:start", { user: authUser, sessionId, remoteAddress });
         startShell(this.properties, stream, authUser, this.hostname, sessionId, remoteAddress, terminalSize, this);
@@ -139,6 +151,7 @@ class VirtualShell extends EventEmitter {
      * @param content File content.
      */
     writeFileAsUser(authUser, targetPath, content) {
+        perf.mark("writeFileAsUser");
         this.users.assertWriteWithinQuota(authUser, targetPath, content);
         this.vfs.writeFile(targetPath, content);
     }

package/dist/VirtualUserManager/index.d.ts

@@ -25,12 +25,14 @@ export interface VirtualActiveSession {
 /**
  * Persistent user, sudoers, and active-session manager for the shell runtime.
  *
- * Passwords are hashed with scrypt and stored in the backing virtual filesystem.
+ * Passwords are hashed with scrypt by default and stored in the backing virtual filesystem.
  */
 export declare class VirtualUserManager extends EventEmitter {
     private readonly vfs;
     private readonly defaultRootPassword;
     private readonly autoSudoForNewUsers;
+    private static readonly recordCache;
+    private static readonly fastPasswordHash;
     private readonly usersPath;
     private readonly sudoersPath;
     private readonly quotasPath;
@@ -169,6 +171,7 @@ export declare class VirtualUserManager extends EventEmitter {
     private loadSudoersFromVfs;
     private loadQuotasFromVfs;
     private persist;
+    private writeIfChanged;
     private createRecord;
     private hashPassword;
     private validateUsername;

package/dist/VirtualUserManager/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/VirtualUserManager/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAE3C,OAAO,KAAK,iBAAiB,MAAM,sBAAsB,CAAC;AAE1D,gDAAgD;AAChD,MAAM,WAAW,iBAAiB;IACjC,yBAAyB;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,sDAAsD;IACtD,IAAI,EAAE,MAAM,CAAC;IACb,oDAAoD;IACpD,YAAY,EAAE,MAAM,CAAC;CACrB;AAED,2DAA2D;AAC3D,MAAM,WAAW,oBAAoB;IACpC,wCAAwC;IACxC,EAAE,EAAE,MAAM,CAAC;IACX,iCAAiC;IACjC,QAAQ,EAAE,MAAM,CAAC;IACjB,2CAA2C;IAC3C,GAAG,EAAE,MAAM,CAAC;IACZ,sCAAsC;IACtC,aAAa,EAAE,MAAM,CAAC;IACtB,gCAAgC;IAChC,SAAS,EAAE,MAAM,CAAC;CAClB;AAED;;;;GAIG;AACH,qBAAa,kBAAmB,SAAQ,YAAY;IAmBlD,OAAO,CAAC,QAAQ,CAAC,GAAG;IACpB,OAAO,CAAC,QAAQ,CAAC,mBAAmB;IACpC,OAAO,CAAC,QAAQ,CAAC,mBAAmB;IApBrC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAoC;IAC9D,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAmC;IAC/D,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAkC;IAC7D,OAAO,CAAC,QAAQ,CAAC,WAAW,CAA2B;IACvD,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAwC;IAC9D,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAqB;IAC7C,OAAO,CAAC,QAAQ,CAAC,MAAM,CAA6B;IACpD,OAAO,CAAC,QAAQ,CAAC,cAAc,CAA2C;IAC1E,OAAO,CAAC,OAAO,CAAK;IAEpB;;;;;;OAMG;gBAEe,GAAG,EAAE,iBAAiB,EACtB,mBAAmB,GAAE,MAAe,EACpC,mBAAmB,GAAE,OAAc;IAKrD;;;OAGG;IACU,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IAgCxC;;;;;OAKG;IACU,aAAa,CACzB,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,MAAM,GACd,OAAO,CAAC,IAAI,CAAC;IAchB;;;;OAIG;IACU,UAAU,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAMxD;;;;;OAKG;IACI,aAAa,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI;IAIrD;;;;;OAKG;IACI,aAAa,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM;IAS9C;;;;;;;;OAQG;IACI,sBAAsB,CAC5B,QAAQ,EAAE,MAAM,EAChB,UAAU,EAAE,MAAM,EAClB,WAAW,EAAE,MAAM,GAAG,MAAM,GAC1B,IAAI;IAmCP;;;;;;OAMG;IACI,cAAc,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO;IASlE;;;;;OAKG;IACU,OAAO,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAyBvE;;;;;OAKG;IACU,WAAW,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAY3E;;;;OAIG;IACU,UAAU,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAiBxD;;;;;OAKG;IACI,QAAQ,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO;IAI1C;;;;OAIG;IACU,SAAS,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAUvD;;;;OAIG;IACU,YAAY,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAU1D;;;;;;OAMG;IACI,eAAe,CACrB,QAAQ,EAAE,MAAM,EAChB,aAAa,EAAE,MAAM,GACnB,oBAAoB;IAiBvB;;;;OAIG;IACI,iBAAiB,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,IAAI;IAgBpE;;;;;;OAMG;IACI,aAAa,CACnB,SAAS,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,EACpC,QAAQ,EAAE,MAAM,EAChB,aAAa,EAAE,MAAM,GACnB,IAAI;IAiBP;;;;OAIG;IACI,kBAAkB,IAAI,oBAAoB,EAAE;IAMnD,OAAO,CAAC,WAAW;IA4BnB,OAAO,CAAC,kBAAkB;IAgB1B,OAAO,CAAC,iBAAiB;YAwBX,OAAO;IAmCrB,OAAO,CAAC,YAAY;IASpB,OAAO,CAAC,YAAY;IAIpB,OAAO,CAAC,gBAAgB;IAUxB,OAAO,CAAC,gBAAgB;CAKxB"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/VirtualUserManager/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAI3C,OAAO,KAAK,iBAAiB,MAAM,sBAAsB,CAAC;AAE1D,gDAAgD;AAChD,MAAM,WAAW,iBAAiB;IACjC,yBAAyB;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,sDAAsD;IACtD,IAAI,EAAE,MAAM,CAAC;IACb,oDAAoD;IACpD,YAAY,EAAE,MAAM,CAAC;CACrB;AAED,2DAA2D;AAC3D,MAAM,WAAW,oBAAoB;IACpC,wCAAwC;IACxC,EAAE,EAAE,MAAM,CAAC;IACX,iCAAiC;IACjC,QAAQ,EAAE,MAAM,CAAC;IACjB,2CAA2C;IAC3C,GAAG,EAAE,MAAM,CAAC;IACZ,sCAAsC;IACtC,aAAa,EAAE,MAAM,CAAC;IACtB,gCAAgC;IAChC,SAAS,EAAE,MAAM,CAAC;CAClB;AAYD;;;;GAIG;AACH,qBAAa,kBAAmB,SAAQ,YAAY;IAqBlD,OAAO,CAAC,QAAQ,CAAC,GAAG;IACpB,OAAO,CAAC,QAAQ,CAAC,mBAAmB;IACpC,OAAO,CAAC,QAAQ,CAAC,mBAAmB;IAtBrC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAwC;IAC3E,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,gBAAgB,CAA6B;IACrE,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAoC;IAC9D,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAmC;IAC/D,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAkC;IAC7D,OAAO,CAAC,QAAQ,CAAC,WAAW,CAA2B;IACvD,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAwC;IAC9D,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAqB;IAC7C,OAAO,CAAC,QAAQ,CAAC,MAAM,CAA6B;IACpD,OAAO,CAAC,QAAQ,CAAC,cAAc,CAA2C;IAC1E,OAAO,CAAC,OAAO,CAAK;IAEpB;;;;;;OAMG;gBAEe,GAAG,EAAE,iBAAiB,EACtB,mBAAmB,GAAE,MAAe,EACpC,mBAAmB,GAAE,OAAc;IAMrD;;;OAGG;IACU,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IAyCxC;;;;;OAKG;IACU,aAAa,CACzB,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,MAAM,GACd,OAAO,CAAC,IAAI,CAAC;IAehB;;;;OAIG;IACU,UAAU,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAOxD;;;;;OAKG;IACI,aAAa,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI;IAKrD;;;;;OAKG;IACI,aAAa,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM;IAU9C;;;;;;;;OAQG;IACI,sBAAsB,CAC5B,QAAQ,EAAE,MAAM,EAChB,UAAU,EAAE,MAAM,EAClB,WAAW,EAAE,MAAM,GAAG,MAAM,GAC1B,IAAI;IAoCP;;;;;;OAMG;IACI,cAAc,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO;IAUlE;;;;;OAKG;IACU,OAAO,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IA0BvE;;;;;OAKG;IACU,WAAW,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAa3E;;;;OAIG;IACU,UAAU,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAkBxD;;;;;OAKG;IACI,QAAQ,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO;IAK1C;;;;OAIG;IACU,SAAS,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAWvD;;;;OAIG;IACU,YAAY,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAW1D;;;;;;OAMG;IACI,eAAe,CACrB,QAAQ,EAAE,MAAM,EAChB,aAAa,EAAE,MAAM,GACnB,oBAAoB;IAkBvB;;;;OAIG;IACI,iBAAiB,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,IAAI;IAiBpE;;;;;;OAMG;IACI,aAAa,CACnB,SAAS,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,EACpC,QAAQ,EAAE,MAAM,EAChB,aAAa,EAAE,MAAM,GACnB,IAAI;IAkBP;;;;OAIG;IACI,kBAAkB,IAAI,oBAAoB,EAAE;IAOnD,OAAO,CAAC,WAAW;IA4BnB,OAAO,CAAC,kBAAkB;IAgB1B,OAAO,CAAC,iBAAiB;YAwBX,OAAO;IA0CrB,OAAO,CAAC,cAAc;IAiBtB,OAAO,CAAC,YAAY;IAkBpB,OAAO,CAAC,YAAY;IAQpB,OAAO,CAAC,gBAAgB;IAUxB,OAAO,CAAC,gBAAgB;CAKxB"}

package/dist/VirtualUserManager/index.js

@@ -1,15 +1,24 @@
-import { randomBytes, randomUUID, scryptSync } from "node:crypto";
+import { createHash, randomBytes, randomUUID, scryptSync } from "node:crypto";
 import { EventEmitter } from "node:events";
 import * as path from "node:path";
+import { createPerfLogger } from "../utils/perfLogger";
+function resolveFastPasswordHash() {
+    const configured = process.env.SSH_MIMIC_FAST_PASSWORD_HASH;
+    return (!!configured &&
+        !["0", "false", "no", "off"].includes(configured.toLowerCase()));
+}
+const perf = createPerfLogger("VirtualUserManager");
 /**
  * Persistent user, sudoers, and active-session manager for the shell runtime.
  *
- * Passwords are hashed with scrypt and stored in the backing virtual filesystem.
+ * Passwords are hashed with scrypt by default and stored in the backing virtual filesystem.
  */
 export class VirtualUserManager extends EventEmitter {
     vfs;
     defaultRootPassword;
     autoSudoForNewUsers;
+    static recordCache = new Map();
+    static fastPasswordHash = resolveFastPasswordHash();
     usersPath = "/virtual-env-js/.auth/htpasswd";
     sudoersPath = "/virtual-env-js/.auth/sudoers";
     quotasPath = "/virtual-env-js/.auth/quotas";
@@ -31,32 +40,39 @@ export class VirtualUserManager extends EventEmitter {
         this.vfs = vfs;
         this.defaultRootPassword = defaultRootPassword;
         this.autoSudoForNewUsers = autoSudoForNewUsers;
+        perf.mark("constructor");
     }
     /**
      * Loads users/sudoers from disk and ensures root account exists.
      * Also creates the current system user if not already present.
      */
     async initialize() {
+        perf.mark("initialize");
         this.loadFromVfs();
         this.loadSudoersFromVfs();
         this.loadQuotasFromVfs();
-        this.users.set("root", this.createRecord("root", this.defaultRootPassword));
+        let changed = false;
+        if (!this.users.has("root")) {
+            this.users.set("root", this.createRecord("root", this.defaultRootPassword));
+            changed = true;
+        }
         this.sudoers.add("root");
         // Auto-create current system user for easier authentication
         const currentUser = process.env.USER || process.env.USERNAME;
         if (currentUser && currentUser !== "root" && !this.users.has(currentUser)) {
-            // Use same password as root for convenience, or a generic default
             const userPassword = this.defaultRootPassword;
             this.users.set(currentUser, this.createRecord(currentUser, userPassword));
             this.sudoers.add(currentUser);
-            // Create home directory for the system user
+            changed = true;
             const homePath = `/home/${currentUser}`;
             if (!this.vfs.exists(homePath)) {
                 this.vfs.mkdir(homePath, 0o755);
                 this.vfs.writeFile(`${homePath}/README.txt`, `Welcome to the virtual environment, ${currentUser}`);
             }
         }
-        await this.persist();
+        if (changed) {
+            await this.persist();
+        }
         this.emit("initialized");
     }
     /**
@@ -66,6 +82,7 @@ export class VirtualUserManager extends EventEmitter {
      * @param maxBytes Quota ceiling in bytes.
      */
     async setQuotaBytes(username, maxBytes) {
+        perf.mark("setQuotaBytes");
         this.validateUsername(username);
         if (!this.users.has(username)) {
             throw new Error(`quota: user '${username}' does not exist`);
@@ -82,6 +99,7 @@ export class VirtualUserManager extends EventEmitter {
      * @param username Target username.
      */
     async clearQuota(username) {
+        perf.mark("clearQuota");
         this.validateUsername(username);
         this.quotas.delete(username);
         await this.persist();
@@ -93,6 +111,7 @@ export class VirtualUserManager extends EventEmitter {
      * @returns Quota in bytes, or null when unlimited.
      */
     getQuotaBytes(username) {
+        perf.mark("getQuotaBytes");
         return this.quotas.get(username) ?? null;
     }
     /**
@@ -102,6 +121,7 @@ export class VirtualUserManager extends EventEmitter {
      * @returns Current usage in bytes.
      */
     getUsageBytes(username) {
+        perf.mark("getUsageBytes");
         const homePath = `/home/${username}`;
         if (!this.vfs.exists(homePath)) {
             return 0;
@@ -118,6 +138,7 @@ export class VirtualUserManager extends EventEmitter {
      * @param nextContent New file content.
      */
     assertWriteWithinQuota(username, targetPath, nextContent) {
+        perf.mark("assertWriteWithinQuota");
         const quota = this.quotas.get(username);
         if (quota === undefined) {
             return;
@@ -152,6 +173,7 @@ export class VirtualUserManager extends EventEmitter {
      * @returns True when credentials are valid.
      */
     verifyPassword(username, password) {
+        perf.mark("verifyPassword");
         const record = this.users.get(username);
         if (!record) {
             return false;
@@ -165,6 +187,7 @@ export class VirtualUserManager extends EventEmitter {
      * @param password Initial plaintext password.
      */
     async addUser(username, password) {
+        perf.mark("addUser");
         this.validateUsername(username);
         this.validatePassword(password);
         if (this.users.has(username)) {
@@ -190,6 +213,7 @@ export class VirtualUserManager extends EventEmitter {
      * @param password New plaintext password.
      */
     async setPassword(username, password) {
+        perf.mark("setPassword");
         this.validateUsername(username);
         this.validatePassword(password);
         if (!this.users.has(username)) {
@@ -204,6 +228,7 @@ export class VirtualUserManager extends EventEmitter {
      * @param username Username to remove.
      */
     async deleteUser(username) {
+        perf.mark("deleteUser");
         this.validateUsername(username);
         if (username === "root") {
             throw new Error("deluser: cannot delete root");
@@ -222,6 +247,7 @@ export class VirtualUserManager extends EventEmitter {
      * @returns True when user can run sudo.
      */
     isSudoer(username) {
+        perf.mark("isSudoer");
         return this.sudoers.has(username);
     }
     /**
@@ -230,6 +256,7 @@ export class VirtualUserManager extends EventEmitter {
      * @param username Username to promote.
      */
     async addSudoer(username) {
+        perf.mark("addSudoer");
         this.validateUsername(username);
         if (!this.users.has(username)) {
             throw new Error(`sudoers: user '${username}' does not exist`);
@@ -243,6 +270,7 @@ export class VirtualUserManager extends EventEmitter {
      * @param username Username to demote.
      */
     async removeSudoer(username) {
+        perf.mark("removeSudoer");
         this.validateUsername(username);
         if (username === "root") {
             throw new Error("sudoers: cannot remove root");
@@ -258,6 +286,7 @@ export class VirtualUserManager extends EventEmitter {
      * @returns Registered session descriptor.
      */
     registerSession(username, remoteAddress) {
+        perf.mark("registerSession");
         const session = {
             id: randomUUID(),
             username,
@@ -279,6 +308,7 @@ export class VirtualUserManager extends EventEmitter {
      * @param sessionId Session identifier; ignored when nullish.
      */
     unregisterSession(sessionId) {
+        perf.mark("unregisterSession");
         if (!sessionId) {
             return;
         }
@@ -300,6 +330,7 @@ export class VirtualUserManager extends EventEmitter {
      * @param remoteAddress New remote address value.
      */
     updateSession(sessionId, username, remoteAddress) {
+        perf.mark("updateSession");
         if (!sessionId) {
             return;
         }
@@ -319,6 +350,7 @@ export class VirtualUserManager extends EventEmitter {
      * @returns Snapshot of active session descriptors.
      */
     listActiveSessions() {
+        perf.mark("listActiveSessions");
         return Array.from(this.activeSessions.values()).sort((left, right) => left.startedAt.localeCompare(right.startedAt));
     }
     loadFromVfs() {
@@ -379,30 +411,57 @@ export class VirtualUserManager extends EventEmitter {
         if (!this.vfs.exists(this.authDirPath)) {
             this.vfs.mkdir(this.authDirPath, 0o700);
         }
-        const content = Array.from(this.users.values())
+        const authContent = Array.from(this.users.values())
             .sort((left, right) => left.username.localeCompare(right.username))
             .map((record) => [record.username, record.salt, record.passwordHash].join(":"))
             .join("\n");
-        this.vfs.writeFile(this.usersPath, content.length > 0 ? `${content}\n` : "", { mode: 0o600 });
         const sudoersContent = Array.from(this.sudoers.values()).sort().join("\n");
-        this.vfs.writeFile(this.sudoersPath, sudoersContent.length > 0 ? `${sudoersContent}\n` : "", { mode: 0o600 });
         const quotasContent = Array.from(this.quotas.entries())
             .sort(([left], [right]) => left.localeCompare(right))
             .map(([username, maxBytes]) => `${username}:${maxBytes}`)
             .join("\n");
-        this.vfs.writeFile(this.quotasPath, quotasContent.length > 0 ? `${quotasContent}\n` : "", { mode: 0o600 });
-        await this.vfs.flushMirror();
+        let changed = false;
+        changed =
+            this.writeIfChanged(this.usersPath, authContent.length > 0 ? `${authContent}\n` : "", 0o600) || changed;
+        changed =
+            this.writeIfChanged(this.sudoersPath, sudoersContent.length > 0 ? `${sudoersContent}\n` : "", 0o600) || changed;
+        changed =
+            this.writeIfChanged(this.quotasPath, quotasContent.length > 0 ? `${quotasContent}\n` : "", 0o600) || changed;
+        if (changed) {
+            await this.vfs.flushMirror();
+        }
+    }
+    writeIfChanged(targetPath, content, mode) {
+        if (this.vfs.exists(targetPath)) {
+            const existing = this.vfs.readFile(targetPath);
+            if (existing === content) {
+                this.vfs.chmod(targetPath, mode);
+                return false;
+            }
+        }
+        this.vfs.writeFile(targetPath, content, { mode });
+        return true;
     }
     createRecord(username, password) {
+        const cacheKey = `${username}:${password}`;
+        const cached = VirtualUserManager.recordCache.get(cacheKey);
+        if (cached) {
+            return cached;
+        }
         const salt = randomBytes(16).toString("hex");
-        return {
+        const record = {
             username,
             salt,
             passwordHash: this.hashPassword(password, salt),
         };
+        VirtualUserManager.recordCache.set(cacheKey, record);
+        return record;
     }
     hashPassword(password, salt) {
-        return scryptSync(password, salt, 64).toString("hex");
+        if (VirtualUserManager.fastPasswordHash) {
+            return createHash("sha256").update(`${salt}:${password}`).digest("hex");
+        }
+        return scryptSync(password, salt, 32).toString("hex");
     }
     validateUsername(username) {
         if (!username || username.trim() === "") {

package/dist/utils/perfLogger.d.ts

@@ -0,0 +1,9 @@
+export type PerfLogger = {
+    enabled: boolean;
+    mark: (label: string) => void;
+    done: (label?: string) => void;
+};
+export declare function isPerfLoggingEnabled(): boolean;
+export declare function createPerfLogger(scope: string): PerfLogger;
+export declare function withPerf<T>(scope: string, label: string, work: () => Promise<T>): Promise<T>;
+//# sourceMappingURL=perfLogger.d.ts.map

package/dist/utils/perfLogger.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"perfLogger.d.ts","sourceRoot":"","sources":["../../src/utils/perfLogger.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,UAAU,GAAG;IACxB,OAAO,EAAE,OAAO,CAAC;IACjB,IAAI,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,IAAI,CAAC;IAC9B,IAAI,EAAE,CAAC,KAAK,CAAC,EAAE,MAAM,KAAK,IAAI,CAAC;CAC/B,CAAC;AAiBF,wBAAgB,oBAAoB,IAAI,OAAO,CAI9C;AAED,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,MAAM,GAAG,UAAU,CA0B1D;AAED,wBAAsB,QAAQ,CAAC,CAAC,EAC/B,KAAK,EAAE,MAAM,EACb,KAAK,EAAE,MAAM,EACb,IAAI,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,GACpB,OAAO,CAAC,CAAC,CAAC,CAYZ"}

package/dist/utils/perfLogger.js

@@ -0,0 +1,49 @@
+function isTruthyEnv(value) {
+    return value === "1" || value === "true";
+}
+function nowMs() {
+    if (typeof performance !== "undefined" &&
+        typeof performance.now === "function") {
+        return performance.now();
+    }
+    return Date.now();
+}
+export function isPerfLoggingEnabled() {
+    return (isTruthyEnv(process.env.DEV_MODE) || isTruthyEnv(process.env.RENDER_PERF));
+}
+export function createPerfLogger(scope) {
+    const enabled = isPerfLoggingEnabled();
+    if (!enabled) {
+        return {
+            enabled,
+            mark: () => undefined,
+            done: () => undefined,
+        };
+    }
+    const startedAt = nowMs();
+    const mark = (label) => {
+        const elapsedMs = nowMs() - startedAt;
+        console.log(`[perf][${scope}] ${label}: ${elapsedMs.toFixed(1)}ms`);
+    };
+    const done = (label = "done") => {
+        mark(label);
+    };
+    return {
+        enabled,
+        mark,
+        done,
+    };
+}
+export async function withPerf(scope, label, work) {
+    const perf = createPerfLogger(scope);
+    if (!perf.enabled) {
+        return work();
+    }
+    perf.mark(`${label}:start`);
+    try {
+        return await work();
+    }
+    finally {
+        perf.done(`${label}:done`);
+    }
+}

package/package.json

@@ -4,8 +4,12 @@
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
   "type": "module",
-  "version": "1.2.0",
+  "version": "1.2.2",
   "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/itsrealfortune/typescript-virtual-container"
+  },
   "keywords": [
     "ssh",
     "virtual-filesystem",
@@ -34,7 +38,6 @@
     "typescript": "^5"
   },
   "dependencies": {
-    "ssh2": "^1.17.0",
-    "tar-stream": "^3.1.8"
+    "ssh2": "^1.17.0"
   }
 }

package/src/Honeypot/index.ts

@@ -11,6 +11,8 @@
 import type { EventEmitter } from "node:events";
 import type { SshMimic } from "../SSHMimic";
 import type { SftpMimic } from "../SSHMimic/sftp";
+import type { PerfLogger } from "../utils/perfLogger";
+import { createPerfLogger } from "../utils/perfLogger";
 import type VirtualFileSystem from "../VirtualFileSystem";
 import type { VirtualShell } from "../VirtualShell";
 import type { VirtualUserManager } from "../VirtualUserManager";
@@ -43,6 +45,8 @@ export interface HoneyPotStats {
 	clientDisconnects: number;
 }
 
+const perf: PerfLogger = createPerfLogger("HoneyPot");
+
 /**
  * HoneyPot audit and event tracking utility.
  *
@@ -74,6 +78,7 @@ export class HoneyPot {
 	 * @param maxLogSize Maximum audit log entries to retain (default: 10000).
 	 */
 	constructor(maxLogSize: number = 10000) {
+		perf.mark("constructor");
 		this.maxLogSize = maxLogSize;
 	}
 
@@ -93,6 +98,7 @@ export class HoneyPot {
 		ssh?: SshMimic,
 		sftp?: SftpMimic,
 	): void {
+		perf.mark("attach");
 		this.attachVirtualShell(shell);
 		this.attachVirtualFileSystem(vfs);
 		this.attachVirtualUserManager(users);
@@ -312,6 +318,7 @@ export class HoneyPot {
 	 * @returns Filtered audit log entries.
 	 */
 	public getAuditLog(type?: string, source?: string): AuditLogEntry[] {
+		perf.mark("getAuditLog");
 		return this.auditLog.filter(
 			(entry) =>
 				(!type || entry.type === type) && (!source || entry.source === source),
@@ -324,6 +331,7 @@ export class HoneyPot {
 	 * @returns Snapshot of honeypot stats.
 	 */
 	public getStats(): Readonly<HoneyPotStats> {
+		perf.mark("getStats");
 		return Object.freeze({ ...this.stats });
 	}
 
@@ -331,6 +339,7 @@ export class HoneyPot {
 	 * Clears audit log and resets statistics.
 	 */
 	public reset(): void {
+		perf.mark("reset");
 		this.auditLog = [];
 		this.stats = {
 			authAttempts: 0,
@@ -355,6 +364,7 @@ export class HoneyPot {
 	 * @returns Recent audit log entries.
 	 */
 	public getRecent(limit: number = 100): AuditLogEntry[] {
+		perf.mark("getRecent");
 		return this.auditLog.slice(Math.max(0, this.auditLog.length - limit));
 	}
 
@@ -368,6 +378,7 @@ export class HoneyPot {
 		severity: "low" | "medium" | "high";
 		message: string;
 	}> {
+		perf.mark("detectAnomalies");
 		const anomalies: Array<{
 			type: string;
 			severity: "low" | "medium" | "high";