npm - vaultfs - Versions diffs - 1.0.1 → 1.0.3 - Mend

vaultfs 1.0.1 → 1.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/bin/vaultfs-npm.js +1 -1
package/install.bat +261 -0
package/install.sh +1 -1
package/package.json +1 -1
package/src/auth/AuthConfig.java +9 -0
package/src/auth/AuthManager.java +267 -471
package/src/filesystem/DiskService.java +3 -0
package/src/filesystem/FileSystem.java +9 -6
package/src/sync/FirestoreSync.java +10 -2
package/src/utils/EnvParser.java +25 -4
package/version.txt +1 -1

package/src/filesystem/DiskService.java CHANGED Viewed

@@ -39,6 +39,9 @@ public class DiskService {
         if (existingStartBlockId >= 0) {
             metadata.startBlockId = existingStartBlockId;
+        } else if (existingStartBlockId == -2) {
+            // Already tracked but disk was full — don't retry allocation
+            metadata.startBlockId = -1;
         } else if (metadata.startBlockId == -1) {
             metadata.startBlockId = diskSimulator.allocateFile(metadata.sizeBytes);
         }

package/src/filesystem/FileSystem.java CHANGED Viewed

@@ -762,10 +762,13 @@ public class FileSystem {
             } else if (entry.isFile()) {
                 String filePath = diskService.normalizePath(entry.getAbsolutePath());
                 Integer existingBlockId = fileBlockIndex.get(filePath);
+                // If file is already tracked (even with -1 = disk full), skip re-allocation
+                int blockHint = existingBlockId != null ? existingBlockId : -1;
+                boolean alreadyTracked = fileBlockIndex.containsKey(filePath);
                 models.FileMetadata metadata = diskService.metadataFromDiskFile(
                         entry,
                         diskSimulator,
-                        existingBlockId != null ? existingBlockId : -1
+                        alreadyTracked ? Math.max(blockHint, 0) == blockHint ? blockHint : -2 : -1
                 );
                 diskFiles.add(metadata);
                 diskFilePaths.add(filePath);
@@ -858,7 +861,9 @@ public class FileSystem {
     }
     /** Allows plain names only so commands operate within current directory scope.
-     *  Rejects path separators, traversal patterns (..), null bytes, and empty/blank names. */
+     *  Rejects path separators, traversal patterns (..), null bytes, and empty/blank names.
+     *  Note: any name containing ".." is rejected, including "foo..bar", as a
+     *  defense-in-depth measure against path traversal after separator stripping. */
     private boolean isSimpleName(String name) {
         if (name == null || name.trim().isEmpty()) {
             return false;
@@ -869,8 +874,6 @@ public class FileSystem {
         if (".".equals(name) || "..".equals(name)) {
             return false;
         }
-        // Reject names that contain ".." as a substring (e.g. "foo..bar" is fine,
-        // but this catches edge cases with path separators stripped earlier)
         if (name.contains("..")) {
             return false;
         }
@@ -955,7 +958,6 @@ public class FileSystem {
         if (AuthManager.isLoggedIn() && syncPending.compareAndSet(false, true)) {
             syncExecutor.submit(() -> {
                 try {
-                    syncPending.set(false);
                     String stateContent = new String(
                             java.nio.file.Files.readAllBytes(
                                     java.nio.file.Paths.get(
@@ -969,8 +971,9 @@ public class FileSystem {
                             stateContent
                     );
                 } catch (Exception e) {
-                    syncPending.set(false);
                     Logger.warn("[sync] Cloud sync failed: " + e.getClass().getSimpleName());
+                } finally {
+                    syncPending.set(false);
                 }
             });
         }

package/src/sync/FirestoreSync.java CHANGED Viewed

@@ -99,7 +99,13 @@ public class FirestoreSync {
                     if (attempt == maxRetries) {
                         Logger.warn("[sync] Push failed after " + maxRetries + " attempts");
                     } else {
-                        Thread.sleep((long) Math.pow(2, attempt) * 1000); // Exponential backoff
+                        try {
+                            Thread.sleep((long) Math.pow(2, attempt) * 1000); // Exponential backoff
+                        } catch (InterruptedException ie) {
+                            Thread.currentThread().interrupt();
+                            Logger.warn("[sync] Push interrupted");
+                            break;
+                        }
                     }
                 }
             }
@@ -136,7 +142,9 @@ public class FirestoreSync {
                 return null;
             }
-            // Use char array for private key so we can zero it after use
+            // Best-effort zeroing: char array can be wiped, but intermediate String
+            // instances (strippedKey, jwt) remain in the JVM string pool until GC.
+            // For stronger guarantees, consider an HSM or vault-based signer.
             char[] privateKeyChars = privateKey.toCharArray();
             privateKey = null; // Release string reference

package/src/utils/EnvParser.java CHANGED Viewed

@@ -11,17 +11,38 @@ public class EnvParser {
     private static final Map<String, String> envMap = new HashMap<>();
     static {
-        loadEnvFile(System.getProperty("user.dir") + "/.env");
+        // Try user.dir first (development), then VAULTFS_HOME / -Dvaultfs.home (global install)
+        String userDir = System.getProperty("user.dir");
+        String envPath = userDir + "/.env";
+        if (!new java.io.File(envPath).exists()) {
+            String home = System.getProperty("vaultfs.home");
+            if (home == null || home.isEmpty()) {
+                home = System.getenv("VAULTFS_HOME");
+            }
+            if (home != null && !home.isEmpty()) {
+                envPath = home + "/.env";
+            }
+        }
+        loadEnvFile(envPath);
     }
     private static void loadEnvFile(String path) {
-        // Validate the .env path is within the project directory
+        // Validate the .env path is within an allowed base directory
         try {
             java.io.File envFile = new java.io.File(path);
             String canonicalEnv = envFile.getCanonicalPath();
             String canonicalBase = new java.io.File(System.getProperty("user.dir")).getCanonicalPath();
-            if (!canonicalEnv.startsWith(canonicalBase)) {
-                System.err.println("[EnvParser] Warning: .env path outside project directory, skipping");
+            boolean allowed = canonicalEnv.startsWith(canonicalBase);
+            if (!allowed) {
+                String home = System.getProperty("vaultfs.home");
+                if (home == null || home.isEmpty()) home = System.getenv("VAULTFS_HOME");
+                if (home != null && !home.isEmpty()) {
+                    String canonicalHome = new java.io.File(home).getCanonicalPath();
+                    allowed = canonicalEnv.startsWith(canonicalHome);
+                }
+            }
+            if (!allowed) {
+                System.err.println("[EnvParser] Warning: .env path outside allowed directories, skipping");
                 return;
             }
         } catch (IOException e) {

package/version.txt CHANGED Viewed

	@@ -1 +1 @@
1	- 1.0.1
1	+ 1.0.3