+14

.env.example

reviewed

··· 1 1 + # Required 2 2 + DID=did:web:example.com 3 3 + HANDLE=alice.example.com 4 4 + PDS_HOSTNAME=example.com 5 5 + AUTH_TOKEN=your-bearer-token-here 6 6 + SIGNING_KEY=hex-encoded-secp256k1-private-key 7 7 + SIGNING_KEY_PUBLIC=multibase-encoded-public-key 8 8 + JWT_SECRET=your-jwt-secret-here 9 9 + PASSWORD_HASH=$2a$10$... # bcrypt hash of account password 10 10 + 11 11 + # Optional 12 12 + EMAIL=alice@example.com 13 13 + DATA_DIR=./data 14 14 + PORT=3000

+8

.gitignore

reviewed

··· 1 1 + node_modules/ 2 2 + dist/ 3 3 + data/ 4 4 + .env 5 5 + *.db 6 6 + *.db-journal 7 7 + *.db-wal 8 8 + *.db-shm

+31

CLAUDE.md

reviewed

··· 1 1 + # CLAUDE.md 2 2 + 3 3 + This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository. 4 4 + 5 5 + ## Project Overview 6 6 + 7 7 + P2PDS is an AT Protocol (atproto) Personal Data Server with P2P capabilities. It syncs and stores records for a set of accounts, provides them on P2P networks, and fetches/stores records from P2P networks for serviced accounts. 8 8 + 9 9 + ## Planned Tech Stack 10 10 + 11 11 + - **Runtime:** Node.js 12 12 + - **Base:** Generalized version of [Cirrus](https://github.com/ascorbic/cirrus) (Cloudflare-specific parts abstracted away) 13 13 + - **IPFS:** Helia with DHT and pubsub enabled 14 14 + - **Identity:** AT Protocol DIDs via PLC directory 15 15 + - **Addressing:** DASL addresses for IPFS-stored records 16 16 + 17 17 + ## Architecture (Planned) 18 18 + 19 19 + The system is configured with a list of DIDs and operates as follows: 20 20 + 1. On first run, queries PLC directory to resolve PDSes for all configured DIDs 21 21 + 2. Fetches records from each DID's PDS 22 22 + 3. Stores and provides records over IPFS using DASL addresses 23 23 + 4. Syncs records bidirectionally between PDS and IPFS 24 24 + 25 25 + Open design problem: DID-to-PeerID mapping (both can update/rotate). 26 26 + 27 27 + ## Development Phases 28 28 + 29 29 + 1. Single-user PDS working as local node service 30 30 + 2. Record replication with local storage 31 31 + 3. IPFS integration for replicated records

+2902

package-lock.json

reviewed

··· 1 1 + { 2 2 + "name": "p2pds", 3 3 + "version": "0.1.0", 4 4 + "lockfileVersion": 3, 5 5 + "requires": true, 6 6 + "packages": { 7 7 + "": { 8 8 + "name": "p2pds", 9 9 + "version": "0.1.0", 10 10 + "license": "MIT", 11 11 + "dependencies": { 12 12 + "@atcute/atproto": "^3.1.10", 13 13 + "@atcute/bluesky": "^3.2.14", 14 14 + "@atcute/cbor": "^2.2.8", 15 15 + "@atcute/cid": "^2.3.0", 16 16 + "@atcute/client": "^4.2.0", 17 17 + "@atcute/identity": "^1.1.3", 18 18 + "@atcute/identity-resolver": "^1.2.2", 19 19 + "@atcute/lexicons": "^1.2.6", 20 20 + "@atcute/tid": "^1.1.1", 21 21 + "@atproto/crypto": "^0.4.5", 22 22 + "@atproto/lex-cbor": "^0.0.3", 23 23 + "@atproto/lex-data": "^0.0.3", 24 24 + "@atproto/lex-json": "^0.0.11", 25 25 + "@atproto/repo": "^0.8.12", 26 26 + "@hono/node-server": "^1.13.8", 27 27 + "bcryptjs": "^3.0.3", 28 28 + "better-sqlite3": "^11.8.1", 29 29 + "hono": "^4.11.3", 30 30 + "jose": "^6.1.3", 31 31 + "picocolors": "^1.1.1", 32 32 + "ws": "^8.18.3" 33 33 + }, 34 34 + "devDependencies": { 35 35 + "@types/bcryptjs": "^3.0.0", 36 36 + "@types/better-sqlite3": "^7.6.12", 37 37 + "@types/ws": "^8.18.1", 38 38 + "tsx": "^4.21.0", 39 39 + "typescript": "^5.9.3", 40 40 + "vitest": "^3.0.0" 41 41 + } 42 42 + }, 43 43 + "node_modules/@atcute/atproto": { 44 44 + "version": "3.1.10", 45 45 + "resolved": "https://registry.npmjs.org/@atcute/atproto/-/atproto-3.1.10.tgz", 46 46 + "integrity": "sha512-+GKZpOc0PJcdWMQEkTfg/rSNDAAHxmAUGBl60g2az15etqJn5WaUPNGFE2sB7hKpwi5Ue2h/L0OacINcE/JDDQ==", 47 47 + "license": "0BSD", 48 48 + "dependencies": { 49 49 + "@atcute/lexicons": "^1.2.6" 50 50 + } 51 51 + }, 52 52 + "node_modules/@atcute/bluesky": { 53 53 + "version": "3.2.17", 54 54 + "resolved": "https://registry.npmjs.org/@atcute/bluesky/-/bluesky-3.2.17.tgz", 55 55 + "integrity": "sha512-Li+RsPkcRNC6AnNlqOGnlmAcjSwBdXIKFubJL1nwACDngKNXG4ooGL5cvzeekdDEfHmtFhS/tyZNaUx9QXYEUw==", 56 56 + "license": "0BSD", 57 57 + "dependencies": { 58 58 + "@atcute/atproto": "^3.1.10", 59 59 + "@atcute/lexicons": "^1.2.7" 60 60 + } 61 61 + }, 62 62 + "node_modules/@atcute/cbor": { 63 63 + "version": "2.3.1", 64 64 + "resolved": "https://registry.npmjs.org/@atcute/cbor/-/cbor-2.3.1.tgz", 65 65 + "integrity": "sha512-yX036iKstCck3zrK6B4FRxB7oBwAskal6m2RIRKXAN4cx27Pa92ECPuecNe/D3F6CcLzioP32/RAiOOhDAPPEw==", 66 66 + "license": "0BSD", 67 67 + "dependencies": { 68 68 + "@atcute/cid": "^2.4.0", 69 69 + "@atcute/multibase": "^1.1.7", 70 70 + "@atcute/uint8array": "^1.1.0" 71 71 + } 72 72 + }, 73 73 + "node_modules/@atcute/cid": { 74 74 + "version": "2.4.0", 75 75 + "resolved": "https://registry.npmjs.org/@atcute/cid/-/cid-2.4.0.tgz", 76 76 + "integrity": "sha512-6+5u9MpUrgSRQ94z7vaIX4BYk8fYr2KXUBS+rrr2NhlPy8xam8nbTlmd3hvBbtpSwShbhRAE4tA5Ab7eYUp2Yw==", 77 77 + "license": "0BSD", 78 78 + "dependencies": { 79 79 + "@atcute/multibase": "^1.1.6", 80 80 + "@atcute/uint8array": "^1.0.6" 81 81 + } 82 82 + }, 83 83 + "node_modules/@atcute/client": { 84 84 + "version": "4.2.1", 85 85 + "resolved": "https://registry.npmjs.org/@atcute/client/-/client-4.2.1.tgz", 86 86 + "integrity": "sha512-ZBFM2pW075JtgGFu5g7HHZBecrClhlcNH8GVP9Zz1aViWR+cjjBsTpeE63rJs+FCOHFYlirUyo5L8SGZ4kMINw==", 87 87 + "license": "0BSD", 88 88 + "dependencies": { 89 89 + "@atcute/identity": "^1.1.3", 90 90 + "@atcute/lexicons": "^1.2.6" 91 91 + } 92 92 + }, 93 93 + "node_modules/@atcute/identity": { 94 94 + "version": "1.1.3", 95 95 + "resolved": "https://registry.npmjs.org/@atcute/identity/-/identity-1.1.3.tgz", 96 96 + "integrity": "sha512-oIqPoI8TwWeQxvcLmFEZLdN2XdWcaLVtlm8pNk0E72As9HNzzD9pwKPrLr3rmTLRIoULPPFmq9iFNsTeCIU9ng==", 97 97 + "license": "0BSD", 98 98 + "dependencies": { 99 99 + "@atcute/lexicons": "^1.2.4", 100 100 + "@badrap/valita": "^0.4.6" 101 101 + } 102 102 + }, 103 103 + "node_modules/@atcute/identity-resolver": { 104 104 + "version": "1.2.2", 105 105 + "resolved": "https://registry.npmjs.org/@atcute/identity-resolver/-/identity-resolver-1.2.2.tgz", 106 106 + "integrity": "sha512-eUh/UH4bFvuXS0X7epYCeJC/kj4rbBXfSRumLEH4smMVwNOgTo7cL/0Srty+P/qVPoZEyXdfEbS0PHJyzoXmHw==", 107 107 + "license": "0BSD", 108 108 + "dependencies": { 109 109 + "@atcute/lexicons": "^1.2.6", 110 110 + "@atcute/util-fetch": "^1.0.5", 111 111 + "@badrap/valita": "^0.4.6" 112 112 + }, 113 113 + "peerDependencies": { 114 114 + "@atcute/identity": "^1.0.0" 115 115 + } 116 116 + }, 117 117 + "node_modules/@atcute/lexicons": { 118 118 + "version": "1.2.8", 119 119 + "resolved": "https://registry.npmjs.org/@atcute/lexicons/-/lexicons-1.2.8.tgz", 120 120 + "integrity": "sha512-3WPyU5droiovgVyWYuhsNibFAknna7uuVqvcnCd++oVp7ZPvXtXPFVx1MuAjJV7FspYwkuMh/GlTPsdfIOetBQ==", 121 121 + "license": "0BSD", 122 122 + "dependencies": { 123 123 + "@atcute/uint8array": "^1.1.0", 124 124 + "@atcute/util-text": "^1.1.0", 125 125 + "@standard-schema/spec": "^1.1.0", 126 126 + "esm-env": "^1.2.2" 127 127 + } 128 128 + }, 129 129 + "node_modules/@atcute/multibase": { 130 130 + "version": "1.1.7", 131 131 + "resolved": "https://registry.npmjs.org/@atcute/multibase/-/multibase-1.1.7.tgz", 132 132 + "integrity": "sha512-YmWds7U52b7Qri0xNfGeqSOvgyNfHR8Yy/NNDQx4d5TkCX2fHJIo0pXquEhCyMNAwKt53uH5yQDswy4TNP1Zhw==", 133 133 + "license": "0BSD", 134 134 + "dependencies": { 135 135 + "@atcute/uint8array": "^1.1.0" 136 136 + } 137 137 + }, 138 138 + "node_modules/@atcute/tid": { 139 139 + "version": "1.1.1", 140 140 + "resolved": "https://registry.npmjs.org/@atcute/tid/-/tid-1.1.1.tgz", 141 141 + "integrity": "sha512-djJ8UGhLkTU5V51yCnBEruMg35qETjWzWy5sJG/2gEOl2Gd7rQWHSaf+yrO6vMS5EFA38U2xOWE3EDUPzvc2ZQ==", 142 142 + "license": "0BSD", 143 143 + "dependencies": { 144 144 + "@atcute/time-ms": "^1.0.0" 145 145 + } 146 146 + }, 147 147 + "node_modules/@atcute/time-ms": { 148 148 + "version": "1.2.1", 149 149 + "resolved": "https://registry.npmjs.org/@atcute/time-ms/-/time-ms-1.2.1.tgz", 150 150 + "integrity": "sha512-7tzcYMLz1IQCyneupNP5AMkgfLywzYnsWLTW/n1Ku3vM/LgicGgBVbHKhqP10H8LUz3gEf8DUMrKbTkM/VLUgA==", 151 151 + "hasInstallScript": true, 152 152 + "license": "0BSD", 153 153 + "dependencies": { 154 154 + "@types/bun": "^1.3.8", 155 155 + "node-gyp-build": "^4.8.4" 156 156 + } 157 157 + }, 158 158 + "node_modules/@atcute/uint8array": { 159 159 + "version": "1.1.0", 160 160 + "resolved": "https://registry.npmjs.org/@atcute/uint8array/-/uint8array-1.1.0.tgz", 161 161 + "integrity": "sha512-JtHXIVW6LPU9FMWp7SgE4HbUs3uV2WdfkK/2RWdEGjr4EgMV50P3FdU6fPeGlTfDNBJVYMIsuD2wwaKRPV/Aqg==", 162 162 + "license": "0BSD" 163 163 + }, 164 164 + "node_modules/@atcute/util-fetch": { 165 165 + "version": "1.0.5", 166 166 + "resolved": "https://registry.npmjs.org/@atcute/util-fetch/-/util-fetch-1.0.5.tgz", 167 167 + "integrity": "sha512-qjHj01BGxjSjIFdPiAjSARnodJIIyKxnCMMEcXMESo9TAyND6XZQqrie5fia+LlYWVXdpsTds8uFQwc9jdKTig==", 168 168 + "license": "0BSD", 169 169 + "dependencies": { 170 170 + "@badrap/valita": "^0.4.6" 171 171 + } 172 172 + }, 173 173 + "node_modules/@atcute/util-text": { 174 174 + "version": "1.1.0", 175 175 + "resolved": "https://registry.npmjs.org/@atcute/util-text/-/util-text-1.1.0.tgz", 176 176 + "integrity": "sha512-34G9KD5Z9f7oEdFpZOmqrMnU86p8ne6LlxJowfZzKNszRcl1GH+FtEPh3N1woelJT2SkPXMK2anwT8DESTluwA==", 177 177 + "license": "0BSD", 178 178 + "dependencies": { 179 179 + "unicode-segmenter": "^0.14.5" 180 180 + } 181 181 + }, 182 182 + "node_modules/@atproto/common": { 183 183 + "version": "0.5.11", 184 184 + "resolved": "https://registry.npmjs.org/@atproto/common/-/common-0.5.11.tgz", 185 185 + "integrity": "sha512-WRlT4s+wv80WdQuzkQub9D5vTD82O8dH2p91u4b+x3O17q5IQbmA3Lj+1NICINNSy2voqloqAWdqXEkRfdlAPw==", 186 186 + "license": "MIT", 187 187 + "dependencies": { 188 188 + "@atproto/common-web": "^0.4.16", 189 189 + "@atproto/lex-cbor": "^0.0.11", 190 190 + "@atproto/lex-data": "^0.0.11", 191 191 + "iso-datestring-validator": "^2.2.2", 192 192 + "multiformats": "^9.9.0", 193 193 + "pino": "^8.21.0" 194 194 + }, 195 195 + "engines": { 196 196 + "node": ">=18.7.0" 197 197 + } 198 198 + }, 199 199 + "node_modules/@atproto/common-web": { 200 200 + "version": "0.4.16", 201 201 + "resolved": "https://registry.npmjs.org/@atproto/common-web/-/common-web-0.4.16.tgz", 202 202 + "integrity": "sha512-Ufvaff5JgxUyUyTAG0/3o7ltpy3lnZ1DvLjyAnvAf+hHfiK7OMQg+8byr+orN+KP9MtIQaRTsCgYPX+PxMKUoA==", 203 203 + "license": "MIT", 204 204 + "dependencies": { 205 205 + "@atproto/lex-data": "^0.0.11", 206 206 + "@atproto/lex-json": "^0.0.11", 207 207 + "@atproto/syntax": "^0.4.3", 208 208 + "zod": "^3.23.8" 209 209 + } 210 210 + }, 211 211 + "node_modules/@atproto/common-web/node_modules/@atproto/lex-data": { 212 212 + "version": "0.0.11", 213 213 + "resolved": "https://registry.npmjs.org/@atproto/lex-data/-/lex-data-0.0.11.tgz", 214 214 + "integrity": "sha512-4+KTtHdqwlhiTKA7D4SACea4jprsNpCQsNALW09wsZ6IHhCDGO5tr1cmV+QnLYe3G3mu1E1yXHXbPUHrUUDT/A==", 215 215 + "license": "MIT", 216 216 + "dependencies": { 217 217 + "multiformats": "^9.9.0", 218 218 + "tslib": "^2.8.1", 219 219 + "uint8arrays": "3.0.0", 220 220 + "unicode-segmenter": "^0.14.0" 221 221 + } 222 222 + }, 223 223 + "node_modules/@atproto/common-web/node_modules/@atproto/syntax": { 224 224 + "version": "0.4.3", 225 225 + "resolved": "https://registry.npmjs.org/@atproto/syntax/-/syntax-0.4.3.tgz", 226 226 + "integrity": "sha512-YoZUz40YAJr5nPwvCDWgodEOlt5IftZqPJvA0JDWjuZKD8yXddTwSzXSaKQAzGOpuM+/A3uXRtPzJJqlScc+iA==", 227 227 + "license": "MIT", 228 228 + "dependencies": { 229 229 + "tslib": "^2.8.1" 230 230 + } 231 231 + }, 232 232 + "node_modules/@atproto/common/node_modules/@atproto/lex-cbor": { 233 233 + "version": "0.0.11", 234 234 + "resolved": "https://registry.npmjs.org/@atproto/lex-cbor/-/lex-cbor-0.0.11.tgz", 235 235 + "integrity": "sha512-A7ETtPsEsJ/VuPJOFw4bPNTKxHvFN1JbTQ2NjLuisd3ry7fVxgMpo/qGXsUQsAh/I/uziGbhpNqdS6GnI2p/Wg==", 236 236 + "license": "MIT", 237 237 + "dependencies": { 238 238 + "@atproto/lex-data": "^0.0.11", 239 239 + "tslib": "^2.8.1" 240 240 + } 241 241 + }, 242 242 + "node_modules/@atproto/common/node_modules/@atproto/lex-data": { 243 243 + "version": "0.0.11", 244 244 + "resolved": "https://registry.npmjs.org/@atproto/lex-data/-/lex-data-0.0.11.tgz", 245 245 + "integrity": "sha512-4+KTtHdqwlhiTKA7D4SACea4jprsNpCQsNALW09wsZ6IHhCDGO5tr1cmV+QnLYe3G3mu1E1yXHXbPUHrUUDT/A==", 246 246 + "license": "MIT", 247 247 + "dependencies": { 248 248 + "multiformats": "^9.9.0", 249 249 + "tslib": "^2.8.1", 250 250 + "uint8arrays": "3.0.0", 251 251 + "unicode-segmenter": "^0.14.0" 252 252 + } 253 253 + }, 254 254 + "node_modules/@atproto/crypto": { 255 255 + "version": "0.4.5", 256 256 + "resolved": "https://registry.npmjs.org/@atproto/crypto/-/crypto-0.4.5.tgz", 257 257 + "integrity": "sha512-n40aKkMoCatP0u9Yvhrdk6fXyOHFDDbkdm4h4HCyWW+KlKl8iXfD5iV+ECq+w5BM+QH25aIpt3/j6EUNerhLxw==", 258 258 + "license": "MIT", 259 259 + "dependencies": { 260 260 + "@noble/curves": "^1.7.0", 261 261 + "@noble/hashes": "^1.6.1", 262 262 + "uint8arrays": "3.0.0" 263 263 + }, 264 264 + "engines": { 265 265 + "node": ">=18.7.0" 266 266 + } 267 267 + }, 268 268 + "node_modules/@atproto/lex-cbor": { 269 269 + "version": "0.0.3", 270 270 + "resolved": "https://registry.npmjs.org/@atproto/lex-cbor/-/lex-cbor-0.0.3.tgz", 271 271 + "integrity": "sha512-N8lCV3kK5ZcjSOWxKLWqzlnaSpK4isjXRZ0EqApl/5y9KB64s78hQ/U3KIE5qnPRlBbW5kSH3YACoU27u9nTOA==", 272 272 + "license": "MIT", 273 273 + "dependencies": { 274 274 + "@atproto/lex-data": "0.0.3", 275 275 + "multiformats": "^9.9.0", 276 276 + "tslib": "^2.8.1" 277 277 + } 278 278 + }, 279 279 + "node_modules/@atproto/lex-data": { 280 280 + "version": "0.0.3", 281 281 + "resolved": "https://registry.npmjs.org/@atproto/lex-data/-/lex-data-0.0.3.tgz", 282 282 + "integrity": "sha512-ivo1IpY/EX+RIpxPgCf4cPhQo5bfu4nrpa1vJCt8hCm9SfoonJkDFGa0n4SMw4JnXZoUcGcrJ46L+D8bH6GI2g==", 283 283 + "license": "MIT", 284 284 + "dependencies": { 285 285 + "@atproto/syntax": "0.4.2", 286 286 + "multiformats": "^9.9.0", 287 287 + "tslib": "^2.8.1", 288 288 + "uint8arrays": "3.0.0", 289 289 + "unicode-segmenter": "^0.14.0" 290 290 + } 291 291 + }, 292 292 + "node_modules/@atproto/lex-json": { 293 293 + "version": "0.0.11", 294 294 + "resolved": "https://registry.npmjs.org/@atproto/lex-json/-/lex-json-0.0.11.tgz", 295 295 + "integrity": "sha512-2IExAoQ4KsR5fyPa1JjIvtR316PvdgRH/l3BVGLBd3cSxM3m5MftIv1B6qZ9HjNiK60SgkWp0mi9574bTNDhBQ==", 296 296 + "license": "MIT", 297 297 + "dependencies": { 298 298 + "@atproto/lex-data": "^0.0.11", 299 299 + "tslib": "^2.8.1" 300 300 + } 301 301 + }, 302 302 + "node_modules/@atproto/lex-json/node_modules/@atproto/lex-data": { 303 303 + "version": "0.0.11", 304 304 + "resolved": "https://registry.npmjs.org/@atproto/lex-data/-/lex-data-0.0.11.tgz", 305 305 + "integrity": "sha512-4+KTtHdqwlhiTKA7D4SACea4jprsNpCQsNALW09wsZ6IHhCDGO5tr1cmV+QnLYe3G3mu1E1yXHXbPUHrUUDT/A==", 306 306 + "license": "MIT", 307 307 + "dependencies": { 308 308 + "multiformats": "^9.9.0", 309 309 + "tslib": "^2.8.1", 310 310 + "uint8arrays": "3.0.0", 311 311 + "unicode-segmenter": "^0.14.0" 312 312 + } 313 313 + }, 314 314 + "node_modules/@atproto/lexicon": { 315 315 + "version": "0.6.1", 316 316 + "resolved": "https://registry.npmjs.org/@atproto/lexicon/-/lexicon-0.6.1.tgz", 317 317 + "integrity": "sha512-/vI1kVlY50Si+5MXpvOucelnYwb0UJ6Qto5mCp+7Q5C+Jtp+SoSykAPVvjVtTnQUH2vrKOFOwpb3C375vSKzXw==", 318 318 + "license": "MIT", 319 319 + "dependencies": { 320 320 + "@atproto/common-web": "^0.4.13", 321 321 + "@atproto/syntax": "^0.4.3", 322 322 + "iso-datestring-validator": "^2.2.2", 323 323 + "multiformats": "^9.9.0", 324 324 + "zod": "^3.23.8" 325 325 + } 326 326 + }, 327 327 + "node_modules/@atproto/lexicon/node_modules/@atproto/syntax": { 328 328 + "version": "0.4.3", 329 329 + "resolved": "https://registry.npmjs.org/@atproto/syntax/-/syntax-0.4.3.tgz", 330 330 + "integrity": "sha512-YoZUz40YAJr5nPwvCDWgodEOlt5IftZqPJvA0JDWjuZKD8yXddTwSzXSaKQAzGOpuM+/A3uXRtPzJJqlScc+iA==", 331 331 + "license": "MIT", 332 332 + "dependencies": { 333 333 + "tslib": "^2.8.1" 334 334 + } 335 335 + }, 336 336 + "node_modules/@atproto/repo": { 337 337 + "version": "0.8.12", 338 338 + "resolved": "https://registry.npmjs.org/@atproto/repo/-/repo-0.8.12.tgz", 339 339 + "integrity": "sha512-QpVTVulgfz5PUiCTELlDBiRvnsnwrFWi+6CfY88VwXzrRHd9NE8GItK7sfxQ6U65vD/idH8ddCgFrlrsn1REPQ==", 340 340 + "license": "MIT", 341 341 + "dependencies": { 342 342 + "@atproto/common": "^0.5.3", 343 343 + "@atproto/common-web": "^0.4.7", 344 344 + "@atproto/crypto": "^0.4.5", 345 345 + "@atproto/lexicon": "^0.6.0", 346 346 + "@ipld/dag-cbor": "^7.0.0", 347 347 + "multiformats": "^9.9.0", 348 348 + "uint8arrays": "3.0.0", 349 349 + "varint": "^6.0.0", 350 350 + "zod": "^3.23.8" 351 351 + }, 352 352 + "engines": { 353 353 + "node": ">=18.7.0" 354 354 + } 355 355 + }, 356 356 + "node_modules/@atproto/syntax": { 357 357 + "version": "0.4.2", 358 358 + "resolved": "https://registry.npmjs.org/@atproto/syntax/-/syntax-0.4.2.tgz", 359 359 + "integrity": "sha512-X9XSRPinBy/0VQ677j8VXlBsYSsUXaiqxWVpGGxJYsAhugdQRb0jqaVKJFtm6RskeNkV6y9xclSUi9UYG/COrA==", 360 360 + "license": "MIT" 361 361 + }, 362 362 + "node_modules/@badrap/valita": { 363 363 + "version": "0.4.6", 364 364 + "resolved": "https://registry.npmjs.org/@badrap/valita/-/valita-0.4.6.tgz", 365 365 + "integrity": "sha512-4kdqcjyxo/8RQ8ayjms47HCWZIF5981oE5nIenbfThKDxWXtEHKipAOWlflpPJzZx9y/JWYQkp18Awr7VuepFg==", 366 366 + "license": "MIT", 367 367 + "engines": { 368 368 + "node": ">= 18" 369 369 + } 370 370 + }, 371 371 + "node_modules/@esbuild/aix-ppc64": { 372 372 + "version": "0.27.3", 373 373 + "resolved": "https://registry.npmjs.org/@esbuild/aix-ppc64/-/aix-ppc64-0.27.3.tgz", 374 374 + "integrity": "sha512-9fJMTNFTWZMh5qwrBItuziu834eOCUcEqymSH7pY+zoMVEZg3gcPuBNxH1EvfVYe9h0x/Ptw8KBzv7qxb7l8dg==", 375 375 + "cpu": [ 376 376 + "ppc64" 377 377 + ], 378 378 + "dev": true, 379 379 + "license": "MIT", 380 380 + "optional": true, 381 381 + "os": [ 382 382 + "aix" 383 383 + ], 384 384 + "engines": { 385 385 + "node": ">=18" 386 386 + } 387 387 + }, 388 388 + "node_modules/@esbuild/android-arm": { 389 389 + "version": "0.27.3", 390 390 + "resolved": "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.27.3.tgz", 391 391 + "integrity": "sha512-i5D1hPY7GIQmXlXhs2w8AWHhenb00+GxjxRncS2ZM7YNVGNfaMxgzSGuO8o8SJzRc/oZwU2bcScvVERk03QhzA==", 392 392 + "cpu": [ 393 393 + "arm" 394 394 + ], 395 395 + "dev": true, 396 396 + "license": "MIT", 397 397 + "optional": true, 398 398 + "os": [ 399 399 + "android" 400 400 + ], 401 401 + "engines": { 402 402 + "node": ">=18" 403 403 + } 404 404 + }, 405 405 + "node_modules/@esbuild/android-arm64": { 406 406 + "version": "0.27.3", 407 407 + "resolved": "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.27.3.tgz", 408 408 + "integrity": "sha512-YdghPYUmj/FX2SYKJ0OZxf+iaKgMsKHVPF1MAq/P8WirnSpCStzKJFjOjzsW0QQ7oIAiccHdcqjbHmJxRb/dmg==", 409 409 + "cpu": [ 410 410 + "arm64" 411 411 + ], 412 412 + "dev": true, 413 413 + "license": "MIT", 414 414 + "optional": true, 415 415 + "os": [ 416 416 + "android" 417 417 + ], 418 418 + "engines": { 419 419 + "node": ">=18" 420 420 + } 421 421 + }, 422 422 + "node_modules/@esbuild/android-x64": { 423 423 + "version": "0.27.3", 424 424 + "resolved": "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.27.3.tgz", 425 425 + "integrity": "sha512-IN/0BNTkHtk8lkOM8JWAYFg4ORxBkZQf9zXiEOfERX/CzxW3Vg1ewAhU7QSWQpVIzTW+b8Xy+lGzdYXV6UZObQ==", 426 426 + "cpu": [ 427 427 + "x64" 428 428 + ], 429 429 + "dev": true, 430 430 + "license": "MIT", 431 431 + "optional": true, 432 432 + "os": [ 433 433 + "android" 434 434 + ], 435 435 + "engines": { 436 436 + "node": ">=18" 437 437 + } 438 438 + }, 439 439 + "node_modules/@esbuild/darwin-arm64": { 440 440 + "version": "0.27.3", 441 441 + "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.27.3.tgz", 442 442 + "integrity": "sha512-Re491k7ByTVRy0t3EKWajdLIr0gz2kKKfzafkth4Q8A5n1xTHrkqZgLLjFEHVD+AXdUGgQMq+Godfq45mGpCKg==", 443 443 + "cpu": [ 444 444 + "arm64" 445 445 + ], 446 446 + "dev": true, 447 447 + "license": "MIT", 448 448 + "optional": true, 449 449 + "os": [ 450 450 + "darwin" 451 451 + ], 452 452 + "engines": { 453 453 + "node": ">=18" 454 454 + } 455 455 + }, 456 456 + "node_modules/@esbuild/darwin-x64": { 457 457 + "version": "0.27.3", 458 458 + "resolved": "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.27.3.tgz", 459 459 + "integrity": "sha512-vHk/hA7/1AckjGzRqi6wbo+jaShzRowYip6rt6q7VYEDX4LEy1pZfDpdxCBnGtl+A5zq8iXDcyuxwtv3hNtHFg==", 460 460 + "cpu": [ 461 461 + "x64" 462 462 + ], 463 463 + "dev": true, 464 464 + "license": "MIT", 465 465 + "optional": true, 466 466 + "os": [ 467 467 + "darwin" 468 468 + ], 469 469 + "engines": { 470 470 + "node": ">=18" 471 471 + } 472 472 + }, 473 473 + "node_modules/@esbuild/freebsd-arm64": { 474 474 + "version": "0.27.3", 475 475 + "resolved": "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.27.3.tgz", 476 476 + "integrity": "sha512-ipTYM2fjt3kQAYOvo6vcxJx3nBYAzPjgTCk7QEgZG8AUO3ydUhvelmhrbOheMnGOlaSFUoHXB6un+A7q4ygY9w==", 477 477 + "cpu": [ 478 478 + "arm64" 479 479 + ], 480 480 + "dev": true, 481 481 + "license": "MIT", 482 482 + "optional": true, 483 483 + "os": [ 484 484 + "freebsd" 485 485 + ], 486 486 + "engines": { 487 487 + "node": ">=18" 488 488 + } 489 489 + }, 490 490 + "node_modules/@esbuild/freebsd-x64": { 491 491 + "version": "0.27.3", 492 492 + "resolved": "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.27.3.tgz", 493 493 + "integrity": "sha512-dDk0X87T7mI6U3K9VjWtHOXqwAMJBNN2r7bejDsc+j03SEjtD9HrOl8gVFByeM0aJksoUuUVU9TBaZa2rgj0oA==", 494 494 + "cpu": [ 495 495 + "x64" 496 496 + ], 497 497 + "dev": true, 498 498 + "license": "MIT", 499 499 + "optional": true, 500 500 + "os": [ 501 501 + "freebsd" 502 502 + ], 503 503 + "engines": { 504 504 + "node": ">=18" 505 505 + } 506 506 + }, 507 507 + "node_modules/@esbuild/linux-arm": { 508 508 + "version": "0.27.3", 509 509 + "resolved": "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.27.3.tgz", 510 510 + "integrity": "sha512-s6nPv2QkSupJwLYyfS+gwdirm0ukyTFNl3KTgZEAiJDd+iHZcbTPPcWCcRYH+WlNbwChgH2QkE9NSlNrMT8Gfw==", 511 511 + "cpu": [ 512 512 + "arm" 513 513 + ], 514 514 + "dev": true, 515 515 + "license": "MIT", 516 516 + "optional": true, 517 517 + "os": [ 518 518 + "linux" 519 519 + ], 520 520 + "engines": { 521 521 + "node": ">=18" 522 522 + } 523 523 + }, 524 524 + "node_modules/@esbuild/linux-arm64": { 525 525 + "version": "0.27.3", 526 526 + "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.27.3.tgz", 527 527 + "integrity": "sha512-sZOuFz/xWnZ4KH3YfFrKCf1WyPZHakVzTiqji3WDc0BCl2kBwiJLCXpzLzUBLgmp4veFZdvN5ChW4Eq/8Fc2Fg==", 528 528 + "cpu": [ 529 529 + "arm64" 530 530 + ], 531 531 + "dev": true, 532 532 + "license": "MIT", 533 533 + "optional": true, 534 534 + "os": [ 535 535 + "linux" 536 536 + ], 537 537 + "engines": { 538 538 + "node": ">=18" 539 539 + } 540 540 + }, 541 541 + "node_modules/@esbuild/linux-ia32": { 542 542 + "version": "0.27.3", 543 543 + "resolved": "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.27.3.tgz", 544 544 + "integrity": "sha512-yGlQYjdxtLdh0a3jHjuwOrxQjOZYD/C9PfdbgJJF3TIZWnm/tMd/RcNiLngiu4iwcBAOezdnSLAwQDPqTmtTYg==", 545 545 + "cpu": [ 546 546 + "ia32" 547 547 + ], 548 548 + "dev": true, 549 549 + "license": "MIT", 550 550 + "optional": true, 551 551 + "os": [ 552 552 + "linux" 553 553 + ], 554 554 + "engines": { 555 555 + "node": ">=18" 556 556 + } 557 557 + }, 558 558 + "node_modules/@esbuild/linux-loong64": { 559 559 + "version": "0.27.3", 560 560 + "resolved": "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.27.3.tgz", 561 561 + "integrity": "sha512-WO60Sn8ly3gtzhyjATDgieJNet/KqsDlX5nRC5Y3oTFcS1l0KWba+SEa9Ja1GfDqSF1z6hif/SkpQJbL63cgOA==", 562 562 + "cpu": [ 563 563 + "loong64" 564 564 + ], 565 565 + "dev": true, 566 566 + "license": "MIT", 567 567 + "optional": true, 568 568 + "os": [ 569 569 + "linux" 570 570 + ], 571 571 + "engines": { 572 572 + "node": ">=18" 573 573 + } 574 574 + }, 575 575 + "node_modules/@esbuild/linux-mips64el": { 576 576 + "version": "0.27.3", 577 577 + "resolved": "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.27.3.tgz", 578 578 + "integrity": "sha512-APsymYA6sGcZ4pD6k+UxbDjOFSvPWyZhjaiPyl/f79xKxwTnrn5QUnXR5prvetuaSMsb4jgeHewIDCIWljrSxw==", 579 579 + "cpu": [ 580 580 + "mips64el" 581 581 + ], 582 582 + "dev": true, 583 583 + "license": "MIT", 584 584 + "optional": true, 585 585 + "os": [ 586 586 + "linux" 587 587 + ], 588 588 + "engines": { 589 589 + "node": ">=18" 590 590 + } 591 591 + }, 592 592 + "node_modules/@esbuild/linux-ppc64": { 593 593 + "version": "0.27.3", 594 594 + "resolved": "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.27.3.tgz", 595 595 + "integrity": "sha512-eizBnTeBefojtDb9nSh4vvVQ3V9Qf9Df01PfawPcRzJH4gFSgrObw+LveUyDoKU3kxi5+9RJTCWlj4FjYXVPEA==", 596 596 + "cpu": [ 597 597 + "ppc64" 598 598 + ], 599 599 + "dev": true, 600 600 + "license": "MIT", 601 601 + "optional": true, 602 602 + "os": [ 603 603 + "linux" 604 604 + ], 605 605 + "engines": { 606 606 + "node": ">=18" 607 607 + } 608 608 + }, 609 609 + "node_modules/@esbuild/linux-riscv64": { 610 610 + "version": "0.27.3", 611 611 + "resolved": "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.27.3.tgz", 612 612 + "integrity": "sha512-3Emwh0r5wmfm3ssTWRQSyVhbOHvqegUDRd0WhmXKX2mkHJe1SFCMJhagUleMq+Uci34wLSipf8Lagt4LlpRFWQ==", 613 613 + "cpu": [ 614 614 + "riscv64" 615 615 + ], 616 616 + "dev": true, 617 617 + "license": "MIT", 618 618 + "optional": true, 619 619 + "os": [ 620 620 + "linux" 621 621 + ], 622 622 + "engines": { 623 623 + "node": ">=18" 624 624 + } 625 625 + }, 626 626 + "node_modules/@esbuild/linux-s390x": { 627 627 + "version": "0.27.3", 628 628 + "resolved": "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.27.3.tgz", 629 629 + "integrity": "sha512-pBHUx9LzXWBc7MFIEEL0yD/ZVtNgLytvx60gES28GcWMqil8ElCYR4kvbV2BDqsHOvVDRrOxGySBM9Fcv744hw==", 630 630 + "cpu": [ 631 631 + "s390x" 632 632 + ], 633 633 + "dev": true, 634 634 + "license": "MIT", 635 635 + "optional": true, 636 636 + "os": [ 637 637 + "linux" 638 638 + ], 639 639 + "engines": { 640 640 + "node": ">=18" 641 641 + } 642 642 + }, 643 643 + "node_modules/@esbuild/linux-x64": { 644 644 + "version": "0.27.3", 645 645 + "resolved": "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.27.3.tgz", 646 646 + "integrity": "sha512-Czi8yzXUWIQYAtL/2y6vogER8pvcsOsk5cpwL4Gk5nJqH5UZiVByIY8Eorm5R13gq+DQKYg0+JyQoytLQas4dA==", 647 647 + "cpu": [ 648 648 + "x64" 649 649 + ], 650 650 + "dev": true, 651 651 + "license": "MIT", 652 652 + "optional": true, 653 653 + "os": [ 654 654 + "linux" 655 655 + ], 656 656 + "engines": { 657 657 + "node": ">=18" 658 658 + } 659 659 + }, 660 660 + "node_modules/@esbuild/netbsd-arm64": { 661 661 + "version": "0.27.3", 662 662 + "resolved": "https://registry.npmjs.org/@esbuild/netbsd-arm64/-/netbsd-arm64-0.27.3.tgz", 663 663 + "integrity": "sha512-sDpk0RgmTCR/5HguIZa9n9u+HVKf40fbEUt+iTzSnCaGvY9kFP0YKBWZtJaraonFnqef5SlJ8/TiPAxzyS+UoA==", 664 664 + "cpu": [ 665 665 + "arm64" 666 666 + ], 667 667 + "dev": true, 668 668 + "license": "MIT", 669 669 + "optional": true, 670 670 + "os": [ 671 671 + "netbsd" 672 672 + ], 673 673 + "engines": { 674 674 + "node": ">=18" 675 675 + } 676 676 + }, 677 677 + "node_modules/@esbuild/netbsd-x64": { 678 678 + "version": "0.27.3", 679 679 + "resolved": "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.27.3.tgz", 680 680 + "integrity": "sha512-P14lFKJl/DdaE00LItAukUdZO5iqNH7+PjoBm+fLQjtxfcfFE20Xf5CrLsmZdq5LFFZzb5JMZ9grUwvtVYzjiA==", 681 681 + "cpu": [ 682 682 + "x64" 683 683 + ], 684 684 + "dev": true, 685 685 + "license": "MIT", 686 686 + "optional": true, 687 687 + "os": [ 688 688 + "netbsd" 689 689 + ], 690 690 + "engines": { 691 691 + "node": ">=18" 692 692 + } 693 693 + }, 694 694 + "node_modules/@esbuild/openbsd-arm64": { 695 695 + "version": "0.27.3", 696 696 + "resolved": "https://registry.npmjs.org/@esbuild/openbsd-arm64/-/openbsd-arm64-0.27.3.tgz", 697 697 + "integrity": "sha512-AIcMP77AvirGbRl/UZFTq5hjXK+2wC7qFRGoHSDrZ5v5b8DK/GYpXW3CPRL53NkvDqb9D+alBiC/dV0Fb7eJcw==", 698 698 + "cpu": [ 699 699 + "arm64" 700 700 + ], 701 701 + "dev": true, 702 702 + "license": "MIT", 703 703 + "optional": true, 704 704 + "os": [ 705 705 + "openbsd" 706 706 + ], 707 707 + "engines": { 708 708 + "node": ">=18" 709 709 + } 710 710 + }, 711 711 + "node_modules/@esbuild/openbsd-x64": { 712 712 + "version": "0.27.3", 713 713 + "resolved": "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.27.3.tgz", 714 714 + "integrity": "sha512-DnW2sRrBzA+YnE70LKqnM3P+z8vehfJWHXECbwBmH/CU51z6FiqTQTHFenPlHmo3a8UgpLyH3PT+87OViOh1AQ==", 715 715 + "cpu": [ 716 716 + "x64" 717 717 + ], 718 718 + "dev": true, 719 719 + "license": "MIT", 720 720 + "optional": true, 721 721 + "os": [ 722 722 + "openbsd" 723 723 + ], 724 724 + "engines": { 725 725 + "node": ">=18" 726 726 + } 727 727 + }, 728 728 + "node_modules/@esbuild/openharmony-arm64": { 729 729 + "version": "0.27.3", 730 730 + "resolved": "https://registry.npmjs.org/@esbuild/openharmony-arm64/-/openharmony-arm64-0.27.3.tgz", 731 731 + "integrity": "sha512-NinAEgr/etERPTsZJ7aEZQvvg/A6IsZG/LgZy+81wON2huV7SrK3e63dU0XhyZP4RKGyTm7aOgmQk0bGp0fy2g==", 732 732 + "cpu": [ 733 733 + "arm64" 734 734 + ], 735 735 + "dev": true, 736 736 + "license": "MIT", 737 737 + "optional": true, 738 738 + "os": [ 739 739 + "openharmony" 740 740 + ], 741 741 + "engines": { 742 742 + "node": ">=18" 743 743 + } 744 744 + }, 745 745 + "node_modules/@esbuild/sunos-x64": { 746 746 + "version": "0.27.3", 747 747 + "resolved": "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.27.3.tgz", 748 748 + "integrity": "sha512-PanZ+nEz+eWoBJ8/f8HKxTTD172SKwdXebZ0ndd953gt1HRBbhMsaNqjTyYLGLPdoWHy4zLU7bDVJztF5f3BHA==", 749 749 + "cpu": [ 750 750 + "x64" 751 751 + ], 752 752 + "dev": true, 753 753 + "license": "MIT", 754 754 + "optional": true, 755 755 + "os": [ 756 756 + "sunos" 757 757 + ], 758 758 + "engines": { 759 759 + "node": ">=18" 760 760 + } 761 761 + }, 762 762 + "node_modules/@esbuild/win32-arm64": { 763 763 + "version": "0.27.3", 764 764 + "resolved": "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.27.3.tgz", 765 765 + "integrity": "sha512-B2t59lWWYrbRDw/tjiWOuzSsFh1Y/E95ofKz7rIVYSQkUYBjfSgf6oeYPNWHToFRr2zx52JKApIcAS/D5TUBnA==", 766 766 + "cpu": [ 767 767 + "arm64" 768 768 + ], 769 769 + "dev": true, 770 770 + "license": "MIT", 771 771 + "optional": true, 772 772 + "os": [ 773 773 + "win32" 774 774 + ], 775 775 + "engines": { 776 776 + "node": ">=18" 777 777 + } 778 778 + }, 779 779 + "node_modules/@esbuild/win32-ia32": { 780 780 + "version": "0.27.3", 781 781 + "resolved": "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.27.3.tgz", 782 782 + "integrity": "sha512-QLKSFeXNS8+tHW7tZpMtjlNb7HKau0QDpwm49u0vUp9y1WOF+PEzkU84y9GqYaAVW8aH8f3GcBck26jh54cX4Q==", 783 783 + "cpu": [ 784 784 + "ia32" 785 785 + ], 786 786 + "dev": true, 787 787 + "license": "MIT", 788 788 + "optional": true, 789 789 + "os": [ 790 790 + "win32" 791 791 + ], 792 792 + "engines": { 793 793 + "node": ">=18" 794 794 + } 795 795 + }, 796 796 + "node_modules/@esbuild/win32-x64": { 797 797 + "version": "0.27.3", 798 798 + "resolved": "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.27.3.tgz", 799 799 + "integrity": "sha512-4uJGhsxuptu3OcpVAzli+/gWusVGwZZHTlS63hh++ehExkVT8SgiEf7/uC/PclrPPkLhZqGgCTjd0VWLo6xMqA==", 800 800 + "cpu": [ 801 801 + "x64" 802 802 + ], 803 803 + "dev": true, 804 804 + "license": "MIT", 805 805 + "optional": true, 806 806 + "os": [ 807 807 + "win32" 808 808 + ], 809 809 + "engines": { 810 810 + "node": ">=18" 811 811 + } 812 812 + }, 813 813 + "node_modules/@hono/node-server": { 814 814 + "version": "1.19.9", 815 815 + "resolved": "https://registry.npmjs.org/@hono/node-server/-/node-server-1.19.9.tgz", 816 816 + "integrity": "sha512-vHL6w3ecZsky+8P5MD+eFfaGTyCeOHUIFYMGpQGbrBTSmNNoxv0if69rEZ5giu36weC5saFuznL411gRX7bJDw==", 817 817 + "license": "MIT", 818 818 + "engines": { 819 819 + "node": ">=18.14.1" 820 820 + }, 821 821 + "peerDependencies": { 822 822 + "hono": "^4" 823 823 + } 824 824 + }, 825 825 + "node_modules/@ipld/dag-cbor": { 826 826 + "version": "7.0.3", 827 827 + "resolved": "https://registry.npmjs.org/@ipld/dag-cbor/-/dag-cbor-7.0.3.tgz", 828 828 + "integrity": "sha512-1VVh2huHsuohdXC1bGJNE8WR72slZ9XE2T3wbBBq31dm7ZBatmKLLxrB+XAqafxfRFjv08RZmj/W/ZqaM13AuA==", 829 829 + "license": "(Apache-2.0 AND MIT)", 830 830 + "dependencies": { 831 831 + "cborg": "^1.6.0", 832 832 + "multiformats": "^9.5.4" 833 833 + } 834 834 + }, 835 835 + "node_modules/@jridgewell/sourcemap-codec": { 836 836 + "version": "1.5.5", 837 837 + "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.5.5.tgz", 838 838 + "integrity": "sha512-cYQ9310grqxueWbl+WuIUIaiUaDcj7WOq5fVhEljNVgRfOUhY9fy2zTvfoqWsnebh8Sl70VScFbICvJnLKB0Og==", 839 839 + "dev": true, 840 840 + "license": "MIT" 841 841 + }, 842 842 + "node_modules/@noble/curves": { 843 843 + "version": "1.9.7", 844 844 + "resolved": "https://registry.npmjs.org/@noble/curves/-/curves-1.9.7.tgz", 845 845 + "integrity": "sha512-gbKGcRUYIjA3/zCCNaWDciTMFI0dCkvou3TL8Zmy5Nc7sJ47a0jtOeZoTaMxkuqRo9cRhjOdZJXegxYE5FN/xw==", 846 846 + "license": "MIT", 847 847 + "dependencies": { 848 848 + "@noble/hashes": "1.8.0" 849 849 + }, 850 850 + "engines": { 851 851 + "node": "^14.21.3 || >=16" 852 852 + }, 853 853 + "funding": { 854 854 + "url": "https://paulmillr.com/funding/" 855 855 + } 856 856 + }, 857 857 + "node_modules/@noble/hashes": { 858 858 + "version": "1.8.0", 859 859 + "resolved": "https://registry.npmjs.org/@noble/hashes/-/hashes-1.8.0.tgz", 860 860 + "integrity": "sha512-jCs9ldd7NwzpgXDIf6P3+NrHh9/sD6CQdxHyjQI+h/6rDNo88ypBxxz45UDuZHz9r3tNz7N/VInSVoVdtXEI4A==", 861 861 + "license": "MIT", 862 862 + "engines": { 863 863 + "node": "^14.21.3 || >=16" 864 864 + }, 865 865 + "funding": { 866 866 + "url": "https://paulmillr.com/funding/" 867 867 + } 868 868 + }, 869 869 + "node_modules/@rollup/rollup-android-arm-eabi": { 870 870 + "version": "4.57.1", 871 871 + "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm-eabi/-/rollup-android-arm-eabi-4.57.1.tgz", 872 872 + "integrity": "sha512-A6ehUVSiSaaliTxai040ZpZ2zTevHYbvu/lDoeAteHI8QnaosIzm4qwtezfRg1jOYaUmnzLX1AOD6Z+UJjtifg==", 873 873 + "cpu": [ 874 874 + "arm" 875 875 + ], 876 876 + "dev": true, 877 877 + "license": "MIT", 878 878 + "optional": true, 879 879 + "os": [ 880 880 + "android" 881 881 + ] 882 882 + }, 883 883 + "node_modules/@rollup/rollup-android-arm64": { 884 884 + "version": "4.57.1", 885 885 + "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm64/-/rollup-android-arm64-4.57.1.tgz", 886 886 + "integrity": "sha512-dQaAddCY9YgkFHZcFNS/606Exo8vcLHwArFZ7vxXq4rigo2bb494/xKMMwRRQW6ug7Js6yXmBZhSBRuBvCCQ3w==", 887 887 + "cpu": [ 888 888 + "arm64" 889 889 + ], 890 890 + "dev": true, 891 891 + "license": "MIT", 892 892 + "optional": true, 893 893 + "os": [ 894 894 + "android" 895 895 + ] 896 896 + }, 897 897 + "node_modules/@rollup/rollup-darwin-arm64": { 898 898 + "version": "4.57.1", 899 899 + "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.57.1.tgz", 900 900 + "integrity": "sha512-crNPrwJOrRxagUYeMn/DZwqN88SDmwaJ8Cvi/TN1HnWBU7GwknckyosC2gd0IqYRsHDEnXf328o9/HC6OkPgOg==", 901 901 + "cpu": [ 902 902 + "arm64" 903 903 + ], 904 904 + "dev": true, 905 905 + "license": "MIT", 906 906 + "optional": true, 907 907 + "os": [ 908 908 + "darwin" 909 909 + ] 910 910 + }, 911 911 + "node_modules/@rollup/rollup-darwin-x64": { 912 912 + "version": "4.57.1", 913 913 + "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-x64/-/rollup-darwin-x64-4.57.1.tgz", 914 914 + "integrity": "sha512-Ji8g8ChVbKrhFtig5QBV7iMaJrGtpHelkB3lsaKzadFBe58gmjfGXAOfI5FV0lYMH8wiqsxKQ1C9B0YTRXVy4w==", 915 915 + "cpu": [ 916 916 + "x64" 917 917 + ], 918 918 + "dev": true, 919 919 + "license": "MIT", 920 920 + "optional": true, 921 921 + "os": [ 922 922 + "darwin" 923 923 + ] 924 924 + }, 925 925 + "node_modules/@rollup/rollup-freebsd-arm64": { 926 926 + "version": "4.57.1", 927 927 + "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-arm64/-/rollup-freebsd-arm64-4.57.1.tgz", 928 928 + "integrity": "sha512-R+/WwhsjmwodAcz65guCGFRkMb4gKWTcIeLy60JJQbXrJ97BOXHxnkPFrP+YwFlaS0m+uWJTstrUA9o+UchFug==", 929 929 + "cpu": [ 930 930 + "arm64" 931 931 + ], 932 932 + "dev": true, 933 933 + "license": "MIT", 934 934 + "optional": true, 935 935 + "os": [ 936 936 + "freebsd" 937 937 + ] 938 938 + }, 939 939 + "node_modules/@rollup/rollup-freebsd-x64": { 940 940 + "version": "4.57.1", 941 941 + "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-x64/-/rollup-freebsd-x64-4.57.1.tgz", 942 942 + "integrity": "sha512-IEQTCHeiTOnAUC3IDQdzRAGj3jOAYNr9kBguI7MQAAZK3caezRrg0GxAb6Hchg4lxdZEI5Oq3iov/w/hnFWY9Q==", 943 943 + "cpu": [ 944 944 + "x64" 945 945 + ], 946 946 + "dev": true, 947 947 + "license": "MIT", 948 948 + "optional": true, 949 949 + "os": [ 950 950 + "freebsd" 951 951 + ] 952 952 + }, 953 953 + "node_modules/@rollup/rollup-linux-arm-gnueabihf": { 954 954 + "version": "4.57.1", 955 955 + "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-gnueabihf/-/rollup-linux-arm-gnueabihf-4.57.1.tgz", 956 956 + "integrity": "sha512-F8sWbhZ7tyuEfsmOxwc2giKDQzN3+kuBLPwwZGyVkLlKGdV1nvnNwYD0fKQ8+XS6hp9nY7B+ZeK01EBUE7aHaw==", 957 957 + "cpu": [ 958 958 + "arm" 959 959 + ], 960 960 + "dev": true, 961 961 + "license": "MIT", 962 962 + "optional": true, 963 963 + "os": [ 964 964 + "linux" 965 965 + ] 966 966 + }, 967 967 + "node_modules/@rollup/rollup-linux-arm-musleabihf": { 968 968 + "version": "4.57.1", 969 969 + "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-musleabihf/-/rollup-linux-arm-musleabihf-4.57.1.tgz", 970 970 + "integrity": "sha512-rGfNUfn0GIeXtBP1wL5MnzSj98+PZe/AXaGBCRmT0ts80lU5CATYGxXukeTX39XBKsxzFpEeK+Mrp9faXOlmrw==", 971 971 + "cpu": [ 972 972 + "arm" 973 973 + ], 974 974 + "dev": true, 975 975 + "license": "MIT", 976 976 + "optional": true, 977 977 + "os": [ 978 978 + "linux" 979 979 + ] 980 980 + }, 981 981 + "node_modules/@rollup/rollup-linux-arm64-gnu": { 982 982 + "version": "4.57.1", 983 983 + "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-gnu/-/rollup-linux-arm64-gnu-4.57.1.tgz", 984 984 + "integrity": "sha512-MMtej3YHWeg/0klK2Qodf3yrNzz6CGjo2UntLvk2RSPlhzgLvYEB3frRvbEF2wRKh1Z2fDIg9KRPe1fawv7C+g==", 985 985 + "cpu": [ 986 986 + "arm64" 987 987 + ], 988 988 + "dev": true, 989 989 + "license": "MIT", 990 990 + "optional": true, 991 991 + "os": [ 992 992 + "linux" 993 993 + ] 994 994 + }, 995 995 + "node_modules/@rollup/rollup-linux-arm64-musl": { 996 996 + "version": "4.57.1", 997 997 + "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-musl/-/rollup-linux-arm64-musl-4.57.1.tgz", 998 998 + "integrity": "sha512-1a/qhaaOXhqXGpMFMET9VqwZakkljWHLmZOX48R0I/YLbhdxr1m4gtG1Hq7++VhVUmf+L3sTAf9op4JlhQ5u1Q==", 999 999 + "cpu": [ 1000 1000 + "arm64" 1001 1001 + ], 1002 1002 + "dev": true, 1003 1003 + "license": "MIT", 1004 1004 + "optional": true, 1005 1005 + "os": [ 1006 1006 + "linux" 1007 1007 + ] 1008 1008 + }, 1009 1009 + "node_modules/@rollup/rollup-linux-loong64-gnu": { 1010 1010 + "version": "4.57.1", 1011 1011 + "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-loong64-gnu/-/rollup-linux-loong64-gnu-4.57.1.tgz", 1012 1012 + "integrity": "sha512-QWO6RQTZ/cqYtJMtxhkRkidoNGXc7ERPbZN7dVW5SdURuLeVU7lwKMpo18XdcmpWYd0qsP1bwKPf7DNSUinhvA==", 1013 1013 + "cpu": [ 1014 1014 + "loong64" 1015 1015 + ], 1016 1016 + "dev": true, 1017 1017 + "license": "MIT", 1018 1018 + "optional": true, 1019 1019 + "os": [ 1020 1020 + "linux" 1021 1021 + ] 1022 1022 + }, 1023 1023 + "node_modules/@rollup/rollup-linux-loong64-musl": { 1024 1024 + "version": "4.57.1", 1025 1025 + "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-loong64-musl/-/rollup-linux-loong64-musl-4.57.1.tgz", 1026 1026 + "integrity": "sha512-xpObYIf+8gprgWaPP32xiN5RVTi/s5FCR+XMXSKmhfoJjrpRAjCuuqQXyxUa/eJTdAE6eJ+KDKaoEqjZQxh3Gw==", 1027 1027 + "cpu": [ 1028 1028 + "loong64" 1029 1029 + ], 1030 1030 + "dev": true, 1031 1031 + "license": "MIT", 1032 1032 + "optional": true, 1033 1033 + "os": [ 1034 1034 + "linux" 1035 1035 + ] 1036 1036 + }, 1037 1037 + "node_modules/@rollup/rollup-linux-ppc64-gnu": { 1038 1038 + "version": "4.57.1", 1039 1039 + "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-ppc64-gnu/-/rollup-linux-ppc64-gnu-4.57.1.tgz", 1040 1040 + "integrity": "sha512-4BrCgrpZo4hvzMDKRqEaW1zeecScDCR+2nZ86ATLhAoJ5FQ+lbHVD3ttKe74/c7tNT9c6F2viwB3ufwp01Oh2w==", 1041 1041 + "cpu": [ 1042 1042 + "ppc64" 1043 1043 + ], 1044 1044 + "dev": true, 1045 1045 + "license": "MIT", 1046 1046 + "optional": true, 1047 1047 + "os": [ 1048 1048 + "linux" 1049 1049 + ] 1050 1050 + }, 1051 1051 + "node_modules/@rollup/rollup-linux-ppc64-musl": { 1052 1052 + "version": "4.57.1", 1053 1053 + "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-ppc64-musl/-/rollup-linux-ppc64-musl-4.57.1.tgz", 1054 1054 + "integrity": "sha512-NOlUuzesGauESAyEYFSe3QTUguL+lvrN1HtwEEsU2rOwdUDeTMJdO5dUYl/2hKf9jWydJrO9OL/XSSf65R5+Xw==", 1055 1055 + "cpu": [ 1056 1056 + "ppc64" 1057 1057 + ], 1058 1058 + "dev": true, 1059 1059 + "license": "MIT", 1060 1060 + "optional": true, 1061 1061 + "os": [ 1062 1062 + "linux" 1063 1063 + ] 1064 1064 + }, 1065 1065 + "node_modules/@rollup/rollup-linux-riscv64-gnu": { 1066 1066 + "version": "4.57.1", 1067 1067 + "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-gnu/-/rollup-linux-riscv64-gnu-4.57.1.tgz", 1068 1068 + "integrity": "sha512-ptA88htVp0AwUUqhVghwDIKlvJMD/fmL/wrQj99PRHFRAG6Z5nbWoWG4o81Nt9FT+IuqUQi+L31ZKAFeJ5Is+A==", 1069 1069 + "cpu": [ 1070 1070 + "riscv64" 1071 1071 + ], 1072 1072 + "dev": true, 1073 1073 + "license": "MIT", 1074 1074 + "optional": true, 1075 1075 + "os": [ 1076 1076 + "linux" 1077 1077 + ] 1078 1078 + }, 1079 1079 + "node_modules/@rollup/rollup-linux-riscv64-musl": { 1080 1080 + "version": "4.57.1", 1081 1081 + "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-musl/-/rollup-linux-riscv64-musl-4.57.1.tgz", 1082 1082 + "integrity": "sha512-S51t7aMMTNdmAMPpBg7OOsTdn4tySRQvklmL3RpDRyknk87+Sp3xaumlatU+ppQ+5raY7sSTcC2beGgvhENfuw==", 1083 1083 + "cpu": [ 1084 1084 + "riscv64" 1085 1085 + ], 1086 1086 + "dev": true, 1087 1087 + "license": "MIT", 1088 1088 + "optional": true, 1089 1089 + "os": [ 1090 1090 + "linux" 1091 1091 + ] 1092 1092 + }, 1093 1093 + "node_modules/@rollup/rollup-linux-s390x-gnu": { 1094 1094 + "version": "4.57.1", 1095 1095 + "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-s390x-gnu/-/rollup-linux-s390x-gnu-4.57.1.tgz", 1096 1096 + "integrity": "sha512-Bl00OFnVFkL82FHbEqy3k5CUCKH6OEJL54KCyx2oqsmZnFTR8IoNqBF+mjQVcRCT5sB6yOvK8A37LNm/kPJiZg==", 1097 1097 + "cpu": [ 1098 1098 + "s390x" 1099 1099 + ], 1100 1100 + "dev": true, 1101 1101 + "license": "MIT", 1102 1102 + "optional": true, 1103 1103 + "os": [ 1104 1104 + "linux" 1105 1105 + ] 1106 1106 + }, 1107 1107 + "node_modules/@rollup/rollup-linux-x64-gnu": { 1108 1108 + "version": "4.57.1", 1109 1109 + "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.57.1.tgz", 1110 1110 + "integrity": "sha512-ABca4ceT4N+Tv/GtotnWAeXZUZuM/9AQyCyKYyKnpk4yoA7QIAuBt6Hkgpw8kActYlew2mvckXkvx0FfoInnLg==", 1111 1111 + "cpu": [ 1112 1112 + "x64" 1113 1113 + ], 1114 1114 + "dev": true, 1115 1115 + "license": "MIT", 1116 1116 + "optional": true, 1117 1117 + "os": [ 1118 1118 + "linux" 1119 1119 + ] 1120 1120 + }, 1121 1121 + "node_modules/@rollup/rollup-linux-x64-musl": { 1122 1122 + "version": "4.57.1", 1123 1123 + "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-musl/-/rollup-linux-x64-musl-4.57.1.tgz", 1124 1124 + "integrity": "sha512-HFps0JeGtuOR2convgRRkHCekD7j+gdAuXM+/i6kGzQtFhlCtQkpwtNzkNj6QhCDp7DRJ7+qC/1Vg2jt5iSOFw==", 1125 1125 + "cpu": [ 1126 1126 + "x64" 1127 1127 + ], 1128 1128 + "dev": true, 1129 1129 + "license": "MIT", 1130 1130 + "optional": true, 1131 1131 + "os": [ 1132 1132 + "linux" 1133 1133 + ] 1134 1134 + }, 1135 1135 + "node_modules/@rollup/rollup-openbsd-x64": { 1136 1136 + "version": "4.57.1", 1137 1137 + "resolved": "https://registry.npmjs.org/@rollup/rollup-openbsd-x64/-/rollup-openbsd-x64-4.57.1.tgz", 1138 1138 + "integrity": "sha512-H+hXEv9gdVQuDTgnqD+SQffoWoc0Of59AStSzTEj/feWTBAnSfSD3+Dql1ZruJQxmykT/JVY0dE8Ka7z0DH1hw==", 1139 1139 + "cpu": [ 1140 1140 + "x64" 1141 1141 + ], 1142 1142 + "dev": true, 1143 1143 + "license": "MIT", 1144 1144 + "optional": true, 1145 1145 + "os": [ 1146 1146 + "openbsd" 1147 1147 + ] 1148 1148 + }, 1149 1149 + "node_modules/@rollup/rollup-openharmony-arm64": { 1150 1150 + "version": "4.57.1", 1151 1151 + "resolved": "https://registry.npmjs.org/@rollup/rollup-openharmony-arm64/-/rollup-openharmony-arm64-4.57.1.tgz", 1152 1152 + "integrity": "sha512-4wYoDpNg6o/oPximyc/NG+mYUejZrCU2q+2w6YZqrAs2UcNUChIZXjtafAiiZSUc7On8v5NyNj34Kzj/Ltk6dQ==", 1153 1153 + "cpu": [ 1154 1154 + "arm64" 1155 1155 + ], 1156 1156 + "dev": true, 1157 1157 + "license": "MIT", 1158 1158 + "optional": true, 1159 1159 + "os": [ 1160 1160 + "openharmony" 1161 1161 + ] 1162 1162 + }, 1163 1163 + "node_modules/@rollup/rollup-win32-arm64-msvc": { 1164 1164 + "version": "4.57.1", 1165 1165 + "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-arm64-msvc/-/rollup-win32-arm64-msvc-4.57.1.tgz", 1166 1166 + "integrity": "sha512-O54mtsV/6LW3P8qdTcamQmuC990HDfR71lo44oZMZlXU4tzLrbvTii87Ni9opq60ds0YzuAlEr/GNwuNluZyMQ==", 1167 1167 + "cpu": [ 1168 1168 + "arm64" 1169 1169 + ], 1170 1170 + "dev": true, 1171 1171 + "license": "MIT", 1172 1172 + "optional": true, 1173 1173 + "os": [ 1174 1174 + "win32" 1175 1175 + ] 1176 1176 + }, 1177 1177 + "node_modules/@rollup/rollup-win32-ia32-msvc": { 1178 1178 + "version": "4.57.1", 1179 1179 + "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-ia32-msvc/-/rollup-win32-ia32-msvc-4.57.1.tgz", 1180 1180 + "integrity": "sha512-P3dLS+IerxCT/7D2q2FYcRdWRl22dNbrbBEtxdWhXrfIMPP9lQhb5h4Du04mdl5Woq05jVCDPCMF7Ub0NAjIew==", 1181 1181 + "cpu": [ 1182 1182 + "ia32" 1183 1183 + ], 1184 1184 + "dev": true, 1185 1185 + "license": "MIT", 1186 1186 + "optional": true, 1187 1187 + "os": [ 1188 1188 + "win32" 1189 1189 + ] 1190 1190 + }, 1191 1191 + "node_modules/@rollup/rollup-win32-x64-gnu": { 1192 1192 + "version": "4.57.1", 1193 1193 + "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-gnu/-/rollup-win32-x64-gnu-4.57.1.tgz", 1194 1194 + "integrity": "sha512-VMBH2eOOaKGtIJYleXsi2B8CPVADrh+TyNxJ4mWPnKfLB/DBUmzW+5m1xUrcwWoMfSLagIRpjUFeW5CO5hyciQ==", 1195 1195 + "cpu": [ 1196 1196 + "x64" 1197 1197 + ], 1198 1198 + "dev": true, 1199 1199 + "license": "MIT", 1200 1200 + "optional": true, 1201 1201 + "os": [ 1202 1202 + "win32" 1203 1203 + ] 1204 1204 + }, 1205 1205 + "node_modules/@rollup/rollup-win32-x64-msvc": { 1206 1206 + "version": "4.57.1", 1207 1207 + "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-msvc/-/rollup-win32-x64-msvc-4.57.1.tgz", 1208 1208 + "integrity": "sha512-mxRFDdHIWRxg3UfIIAwCm6NzvxG0jDX/wBN6KsQFTvKFqqg9vTrWUE68qEjHt19A5wwx5X5aUi2zuZT7YR0jrA==", 1209 1209 + "cpu": [ 1210 1210 + "x64" 1211 1211 + ], 1212 1212 + "dev": true, 1213 1213 + "license": "MIT", 1214 1214 + "optional": true, 1215 1215 + "os": [ 1216 1216 + "win32" 1217 1217 + ] 1218 1218 + }, 1219 1219 + "node_modules/@standard-schema/spec": { 1220 1220 + "version": "1.1.0", 1221 1221 + "resolved": "https://registry.npmjs.org/@standard-schema/spec/-/spec-1.1.0.tgz", 1222 1222 + "integrity": "sha512-l2aFy5jALhniG5HgqrD6jXLi/rUWrKvqN/qJx6yoJsgKhblVd+iqqU4RCXavm/jPityDo5TCvKMnpjKnOriy0w==", 1223 1223 + "license": "MIT" 1224 1224 + }, 1225 1225 + "node_modules/@types/bcryptjs": { 1226 1226 + "version": "3.0.0", 1227 1227 + "resolved": "https://registry.npmjs.org/@types/bcryptjs/-/bcryptjs-3.0.0.tgz", 1228 1228 + "integrity": "sha512-WRZOuCuaz8UcZZE4R5HXTco2goQSI2XxjGY3hbM/xDvwmqFWd4ivooImsMx65OKM6CtNKbnZ5YL+YwAwK7c1dg==", 1229 1229 + "deprecated": "This is a stub types definition. bcryptjs provides its own type definitions, so you do not need this installed.", 1230 1230 + "dev": true, 1231 1231 + "license": "MIT", 1232 1232 + "dependencies": { 1233 1233 + "bcryptjs": "*" 1234 1234 + } 1235 1235 + }, 1236 1236 + "node_modules/@types/better-sqlite3": { 1237 1237 + "version": "7.6.13", 1238 1238 + "resolved": "https://registry.npmjs.org/@types/better-sqlite3/-/better-sqlite3-7.6.13.tgz", 1239 1239 + "integrity": "sha512-NMv9ASNARoKksWtsq/SHakpYAYnhBrQgGD8zkLYk/jaK8jUGn08CfEdTRgYhMypUQAfzSP8W6gNLe0q19/t4VA==", 1240 1240 + "dev": true, 1241 1241 + "license": "MIT", 1242 1242 + "dependencies": { 1243 1243 + "@types/node": "*" 1244 1244 + } 1245 1245 + }, 1246 1246 + "node_modules/@types/bun": { 1247 1247 + "version": "1.3.9", 1248 1248 + "resolved": "https://registry.npmjs.org/@types/bun/-/bun-1.3.9.tgz", 1249 1249 + "integrity": "sha512-KQ571yULOdWJiMH+RIWIOZ7B2RXQGpL1YQrBtLIV3FqDcCu6FsbFUBwhdKUlCKUpS3PJDsHlJ1QKlpxoVR+xtw==", 1250 1250 + "license": "MIT", 1251 1251 + "dependencies": { 1252 1252 + "bun-types": "1.3.9" 1253 1253 + } 1254 1254 + }, 1255 1255 + "node_modules/@types/chai": { 1256 1256 + "version": "5.2.3", 1257 1257 + "resolved": "https://registry.npmjs.org/@types/chai/-/chai-5.2.3.tgz", 1258 1258 + "integrity": "sha512-Mw558oeA9fFbv65/y4mHtXDs9bPnFMZAL/jxdPFUpOHHIXX91mcgEHbS5Lahr+pwZFR8A7GQleRWeI6cGFC2UA==", 1259 1259 + "dev": true, 1260 1260 + "license": "MIT", 1261 1261 + "dependencies": { 1262 1262 + "@types/deep-eql": "*", 1263 1263 + "assertion-error": "^2.0.1" 1264 1264 + } 1265 1265 + }, 1266 1266 + "node_modules/@types/deep-eql": { 1267 1267 + "version": "4.0.2", 1268 1268 + "resolved": "https://registry.npmjs.org/@types/deep-eql/-/deep-eql-4.0.2.tgz", 1269 1269 + "integrity": "sha512-c9h9dVVMigMPc4bwTvC5dxqtqJZwQPePsWjPlpSOnojbor6pGqdk541lfA7AqFQr5pB1BRdq0juY9db81BwyFw==", 1270 1270 + "dev": true, 1271 1271 + "license": "MIT" 1272 1272 + }, 1273 1273 + "node_modules/@types/estree": { 1274 1274 + "version": "1.0.8", 1275 1275 + "resolved": "https://registry.npmjs.org/@types/estree/-/estree-1.0.8.tgz", 1276 1276 + "integrity": "sha512-dWHzHa2WqEXI/O1E9OjrocMTKJl2mSrEolh1Iomrv6U+JuNwaHXsXx9bLu5gG7BUWFIN0skIQJQ/L1rIex4X6w==", 1277 1277 + "dev": true, 1278 1278 + "license": "MIT" 1279 1279 + }, 1280 1280 + "node_modules/@types/node": { 1281 1281 + "version": "25.2.3", 1282 1282 + "resolved": "https://registry.npmjs.org/@types/node/-/node-25.2.3.tgz", 1283 1283 + "integrity": "sha512-m0jEgYlYz+mDJZ2+F4v8D1AyQb+QzsNqRuI7xg1VQX/KlKS0qT9r1Mo16yo5F/MtifXFgaofIFsdFMox2SxIbQ==", 1284 1284 + "license": "MIT", 1285 1285 + "dependencies": { 1286 1286 + "undici-types": "~7.16.0" 1287 1287 + } 1288 1288 + }, 1289 1289 + "node_modules/@types/ws": { 1290 1290 + "version": "8.18.1", 1291 1291 + "resolved": "https://registry.npmjs.org/@types/ws/-/ws-8.18.1.tgz", 1292 1292 + "integrity": "sha512-ThVF6DCVhA8kUGy+aazFQ4kXQ7E1Ty7A3ypFOe0IcJV8O/M511G99AW24irKrW56Wt44yG9+ij8FaqoBGkuBXg==", 1293 1293 + "dev": true, 1294 1294 + "license": "MIT", 1295 1295 + "dependencies": { 1296 1296 + "@types/node": "*" 1297 1297 + } 1298 1298 + }, 1299 1299 + "node_modules/@vitest/expect": { 1300 1300 + "version": "3.2.4", 1301 1301 + "resolved": "https://registry.npmjs.org/@vitest/expect/-/expect-3.2.4.tgz", 1302 1302 + "integrity": "sha512-Io0yyORnB6sikFlt8QW5K7slY4OjqNX9jmJQ02QDda8lyM6B5oNgVWoSoKPac8/kgnCUzuHQKrSLtu/uOqqrig==", 1303 1303 + "dev": true, 1304 1304 + "license": "MIT", 1305 1305 + "dependencies": { 1306 1306 + "@types/chai": "^5.2.2", 1307 1307 + "@vitest/spy": "3.2.4", 1308 1308 + "@vitest/utils": "3.2.4", 1309 1309 + "chai": "^5.2.0", 1310 1310 + "tinyrainbow": "^2.0.0" 1311 1311 + }, 1312 1312 + "funding": { 1313 1313 + "url": "https://opencollective.com/vitest" 1314 1314 + } 1315 1315 + }, 1316 1316 + "node_modules/@vitest/mocker": { 1317 1317 + "version": "3.2.4", 1318 1318 + "resolved": "https://registry.npmjs.org/@vitest/mocker/-/mocker-3.2.4.tgz", 1319 1319 + "integrity": "sha512-46ryTE9RZO/rfDd7pEqFl7etuyzekzEhUbTW3BvmeO/BcCMEgq59BKhek3dXDWgAj4oMK6OZi+vRr1wPW6qjEQ==", 1320 1320 + "dev": true, 1321 1321 + "license": "MIT", 1322 1322 + "dependencies": { 1323 1323 + "@vitest/spy": "3.2.4", 1324 1324 + "estree-walker": "^3.0.3", 1325 1325 + "magic-string": "^0.30.17" 1326 1326 + }, 1327 1327 + "funding": { 1328 1328 + "url": "https://opencollective.com/vitest" 1329 1329 + }, 1330 1330 + "peerDependencies": { 1331 1331 + "msw": "^2.4.9", 1332 1332 + "vite": "^5.0.0 || ^6.0.0 || ^7.0.0-0" 1333 1333 + }, 1334 1334 + "peerDependenciesMeta": { 1335 1335 + "msw": { 1336 1336 + "optional": true 1337 1337 + }, 1338 1338 + "vite": { 1339 1339 + "optional": true 1340 1340 + } 1341 1341 + } 1342 1342 + }, 1343 1343 + "node_modules/@vitest/pretty-format": { 1344 1344 + "version": "3.2.4", 1345 1345 + "resolved": "https://registry.npmjs.org/@vitest/pretty-format/-/pretty-format-3.2.4.tgz", 1346 1346 + "integrity": "sha512-IVNZik8IVRJRTr9fxlitMKeJeXFFFN0JaB9PHPGQ8NKQbGpfjlTx9zO4RefN8gp7eqjNy8nyK3NZmBzOPeIxtA==", 1347 1347 + "dev": true, 1348 1348 + "license": "MIT", 1349 1349 + "dependencies": { 1350 1350 + "tinyrainbow": "^2.0.0" 1351 1351 + }, 1352 1352 + "funding": { 1353 1353 + "url": "https://opencollective.com/vitest" 1354 1354 + } 1355 1355 + }, 1356 1356 + "node_modules/@vitest/runner": { 1357 1357 + "version": "3.2.4", 1358 1358 + "resolved": "https://registry.npmjs.org/@vitest/runner/-/runner-3.2.4.tgz", 1359 1359 + "integrity": "sha512-oukfKT9Mk41LreEW09vt45f8wx7DordoWUZMYdY/cyAk7w5TWkTRCNZYF7sX7n2wB7jyGAl74OxgwhPgKaqDMQ==", 1360 1360 + "dev": true, 1361 1361 + "license": "MIT", 1362 1362 + "dependencies": { 1363 1363 + "@vitest/utils": "3.2.4", 1364 1364 + "pathe": "^2.0.3", 1365 1365 + "strip-literal": "^3.0.0" 1366 1366 + }, 1367 1367 + "funding": { 1368 1368 + "url": "https://opencollective.com/vitest" 1369 1369 + } 1370 1370 + }, 1371 1371 + "node_modules/@vitest/snapshot": { 1372 1372 + "version": "3.2.4", 1373 1373 + "resolved": "https://registry.npmjs.org/@vitest/snapshot/-/snapshot-3.2.4.tgz", 1374 1374 + "integrity": "sha512-dEYtS7qQP2CjU27QBC5oUOxLE/v5eLkGqPE0ZKEIDGMs4vKWe7IjgLOeauHsR0D5YuuycGRO5oSRXnwnmA78fQ==", 1375 1375 + "dev": true, 1376 1376 + "license": "MIT", 1377 1377 + "dependencies": { 1378 1378 + "@vitest/pretty-format": "3.2.4", 1379 1379 + "magic-string": "^0.30.17", 1380 1380 + "pathe": "^2.0.3" 1381 1381 + }, 1382 1382 + "funding": { 1383 1383 + "url": "https://opencollective.com/vitest" 1384 1384 + } 1385 1385 + }, 1386 1386 + "node_modules/@vitest/spy": { 1387 1387 + "version": "3.2.4", 1388 1388 + "resolved": "https://registry.npmjs.org/@vitest/spy/-/spy-3.2.4.tgz", 1389 1389 + "integrity": "sha512-vAfasCOe6AIK70iP5UD11Ac4siNUNJ9i/9PZ3NKx07sG6sUxeag1LWdNrMWeKKYBLlzuK+Gn65Yd5nyL6ds+nw==", 1390 1390 + "dev": true, 1391 1391 + "license": "MIT", 1392 1392 + "dependencies": { 1393 1393 + "tinyspy": "^4.0.3" 1394 1394 + }, 1395 1395 + "funding": { 1396 1396 + "url": "https://opencollective.com/vitest" 1397 1397 + } 1398 1398 + }, 1399 1399 + "node_modules/@vitest/utils": { 1400 1400 + "version": "3.2.4", 1401 1401 + "resolved": "https://registry.npmjs.org/@vitest/utils/-/utils-3.2.4.tgz", 1402 1402 + "integrity": "sha512-fB2V0JFrQSMsCo9HiSq3Ezpdv4iYaXRG1Sx8edX3MwxfyNn83mKiGzOcH+Fkxt4MHxr3y42fQi1oeAInqgX2QA==", 1403 1403 + "dev": true, 1404 1404 + "license": "MIT", 1405 1405 + "dependencies": { 1406 1406 + "@vitest/pretty-format": "3.2.4", 1407 1407 + "loupe": "^3.1.4", 1408 1408 + "tinyrainbow": "^2.0.0" 1409 1409 + }, 1410 1410 + "funding": { 1411 1411 + "url": "https://opencollective.com/vitest" 1412 1412 + } 1413 1413 + }, 1414 1414 + "node_modules/abort-controller": { 1415 1415 + "version": "3.0.0", 1416 1416 + "resolved": "https://registry.npmjs.org/abort-controller/-/abort-controller-3.0.0.tgz", 1417 1417 + "integrity": "sha512-h8lQ8tacZYnR3vNQTgibj+tODHI5/+l06Au2Pcriv/Gmet0eaj4TwWH41sO9wnHDiQsEj19q0drzdWdeAHtweg==", 1418 1418 + "license": "MIT", 1419 1419 + "dependencies": { 1420 1420 + "event-target-shim": "^5.0.0" 1421 1421 + }, 1422 1422 + "engines": { 1423 1423 + "node": ">=6.5" 1424 1424 + } 1425 1425 + }, 1426 1426 + "node_modules/assertion-error": { 1427 1427 + "version": "2.0.1", 1428 1428 + "resolved": "https://registry.npmjs.org/assertion-error/-/assertion-error-2.0.1.tgz", 1429 1429 + "integrity": "sha512-Izi8RQcffqCeNVgFigKli1ssklIbpHnCYc6AknXGYoB6grJqyeby7jv12JUQgmTAnIDnbck1uxksT4dzN3PWBA==", 1430 1430 + "dev": true, 1431 1431 + "license": "MIT", 1432 1432 + "engines": { 1433 1433 + "node": ">=12" 1434 1434 + } 1435 1435 + }, 1436 1436 + "node_modules/atomic-sleep": { 1437 1437 + "version": "1.0.0", 1438 1438 + "resolved": "https://registry.npmjs.org/atomic-sleep/-/atomic-sleep-1.0.0.tgz", 1439 1439 + "integrity": "sha512-kNOjDqAh7px0XWNI+4QbzoiR/nTkHAWNud2uvnJquD1/x5a7EQZMJT0AczqK0Qn67oY/TTQ1LbUKajZpp3I9tQ==", 1440 1440 + "license": "MIT", 1441 1441 + "engines": { 1442 1442 + "node": ">=8.0.0" 1443 1443 + } 1444 1444 + }, 1445 1445 + "node_modules/base64-js": { 1446 1446 + "version": "1.5.1", 1447 1447 + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.5.1.tgz", 1448 1448 + "integrity": "sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==", 1449 1449 + "funding": [ 1450 1450 + { 1451 1451 + "type": "github", 1452 1452 + "url": "https://github.com/sponsors/feross" 1453 1453 + }, 1454 1454 + { 1455 1455 + "type": "patreon", 1456 1456 + "url": "https://www.patreon.com/feross" 1457 1457 + }, 1458 1458 + { 1459 1459 + "type": "consulting", 1460 1460 + "url": "https://feross.org/support" 1461 1461 + } 1462 1462 + ], 1463 1463 + "license": "MIT" 1464 1464 + }, 1465 1465 + "node_modules/bcryptjs": { 1466 1466 + "version": "3.0.3", 1467 1467 + "resolved": "https://registry.npmjs.org/bcryptjs/-/bcryptjs-3.0.3.tgz", 1468 1468 + "integrity": "sha512-GlF5wPWnSa/X5LKM1o0wz0suXIINz1iHRLvTS+sLyi7XPbe5ycmYI3DlZqVGZZtDgl4DmasFg7gOB3JYbphV5g==", 1469 1469 + "license": "BSD-3-Clause", 1470 1470 + "bin": { 1471 1471 + "bcrypt": "bin/bcrypt" 1472 1472 + } 1473 1473 + }, 1474 1474 + "node_modules/better-sqlite3": { 1475 1475 + "version": "11.10.0", 1476 1476 + "resolved": "https://registry.npmjs.org/better-sqlite3/-/better-sqlite3-11.10.0.tgz", 1477 1477 + "integrity": "sha512-EwhOpyXiOEL/lKzHz9AW1msWFNzGc/z+LzeB3/jnFJpxu+th2yqvzsSWas1v9jgs9+xiXJcD5A8CJxAG2TaghQ==", 1478 1478 + "hasInstallScript": true, 1479 1479 + "license": "MIT", 1480 1480 + "dependencies": { 1481 1481 + "bindings": "^1.5.0", 1482 1482 + "prebuild-install": "^7.1.1" 1483 1483 + } 1484 1484 + }, 1485 1485 + "node_modules/bindings": { 1486 1486 + "version": "1.5.0", 1487 1487 + "resolved": "https://registry.npmjs.org/bindings/-/bindings-1.5.0.tgz", 1488 1488 + "integrity": "sha512-p2q/t/mhvuOj/UeLlV6566GD/guowlr0hHxClI0W9m7MWYkL1F0hLo+0Aexs9HSPCtR1SXQ0TD3MMKrXZajbiQ==", 1489 1489 + "license": "MIT", 1490 1490 + "dependencies": { 1491 1491 + "file-uri-to-path": "1.0.0" 1492 1492 + } 1493 1493 + }, 1494 1494 + "node_modules/bl": { 1495 1495 + "version": "4.1.0", 1496 1496 + "resolved": "https://registry.npmjs.org/bl/-/bl-4.1.0.tgz", 1497 1497 + "integrity": "sha512-1W07cM9gS6DcLperZfFSj+bWLtaPGSOHWhPiGzXmvVJbRLdG82sH/Kn8EtW1VqWVA54AKf2h5k5BbnIbwF3h6w==", 1498 1498 + "license": "MIT", 1499 1499 + "dependencies": { 1500 1500 + "buffer": "^5.5.0", 1501 1501 + "inherits": "^2.0.4", 1502 1502 + "readable-stream": "^3.4.0" 1503 1503 + } 1504 1504 + }, 1505 1505 + "node_modules/bl/node_modules/buffer": { 1506 1506 + "version": "5.7.1", 1507 1507 + "resolved": "https://registry.npmjs.org/buffer/-/buffer-5.7.1.tgz", 1508 1508 + "integrity": "sha512-EHcyIPBQ4BSGlvjB16k5KgAJ27CIsHY/2JBmCRReo48y9rQ3MaUzWX3KVlBa4U7MyX02HdVj0K7C3WaB3ju7FQ==", 1509 1509 + "funding": [ 1510 1510 + { 1511 1511 + "type": "github", 1512 1512 + "url": "https://github.com/sponsors/feross" 1513 1513 + }, 1514 1514 + { 1515 1515 + "type": "patreon", 1516 1516 + "url": "https://www.patreon.com/feross" 1517 1517 + }, 1518 1518 + { 1519 1519 + "type": "consulting", 1520 1520 + "url": "https://feross.org/support" 1521 1521 + } 1522 1522 + ], 1523 1523 + "license": "MIT", 1524 1524 + "dependencies": { 1525 1525 + "base64-js": "^1.3.1", 1526 1526 + "ieee754": "^1.1.13" 1527 1527 + } 1528 1528 + }, 1529 1529 + "node_modules/bl/node_modules/readable-stream": { 1530 1530 + "version": "3.6.2", 1531 1531 + "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.2.tgz", 1532 1532 + "integrity": "sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==", 1533 1533 + "license": "MIT", 1534 1534 + "dependencies": { 1535 1535 + "inherits": "^2.0.3", 1536 1536 + "string_decoder": "^1.1.1", 1537 1537 + "util-deprecate": "^1.0.1" 1538 1538 + }, 1539 1539 + "engines": { 1540 1540 + "node": ">= 6" 1541 1541 + } 1542 1542 + }, 1543 1543 + "node_modules/buffer": { 1544 1544 + "version": "6.0.3", 1545 1545 + "resolved": "https://registry.npmjs.org/buffer/-/buffer-6.0.3.tgz", 1546 1546 + "integrity": "sha512-FTiCpNxtwiZZHEZbcbTIcZjERVICn9yq/pDFkTl95/AxzD1naBctN7YO68riM/gLSDY7sdrMby8hofADYuuqOA==", 1547 1547 + "funding": [ 1548 1548 + { 1549 1549 + "type": "github", 1550 1550 + "url": "https://github.com/sponsors/feross" 1551 1551 + }, 1552 1552 + { 1553 1553 + "type": "patreon", 1554 1554 + "url": "https://www.patreon.com/feross" 1555 1555 + }, 1556 1556 + { 1557 1557 + "type": "consulting", 1558 1558 + "url": "https://feross.org/support" 1559 1559 + } 1560 1560 + ], 1561 1561 + "license": "MIT", 1562 1562 + "dependencies": { 1563 1563 + "base64-js": "^1.3.1", 1564 1564 + "ieee754": "^1.2.1" 1565 1565 + } 1566 1566 + }, 1567 1567 + "node_modules/bun-types": { 1568 1568 + "version": "1.3.9", 1569 1569 + "resolved": "https://registry.npmjs.org/bun-types/-/bun-types-1.3.9.tgz", 1570 1570 + "integrity": "sha512-+UBWWOakIP4Tswh0Bt0QD0alpTY8cb5hvgiYeWCMet9YukHbzuruIEeXC2D7nMJPB12kbh8C7XJykSexEqGKJg==", 1571 1571 + "license": "MIT", 1572 1572 + "dependencies": { 1573 1573 + "@types/node": "*" 1574 1574 + } 1575 1575 + }, 1576 1576 + "node_modules/cac": { 1577 1577 + "version": "6.7.14", 1578 1578 + "resolved": "https://registry.npmjs.org/cac/-/cac-6.7.14.tgz", 1579 1579 + "integrity": "sha512-b6Ilus+c3RrdDk+JhLKUAQfzzgLEPy6wcXqS7f/xe1EETvsDP6GORG7SFuOs6cID5YkqchW/LXZbX5bc8j7ZcQ==", 1580 1580 + "dev": true, 1581 1581 + "license": "MIT", 1582 1582 + "engines": { 1583 1583 + "node": ">=8" 1584 1584 + } 1585 1585 + }, 1586 1586 + "node_modules/cborg": { 1587 1587 + "version": "1.10.2", 1588 1588 + "resolved": "https://registry.npmjs.org/cborg/-/cborg-1.10.2.tgz", 1589 1589 + "integrity": "sha512-b3tFPA9pUr2zCUiCfRd2+wok2/LBSNUMKOuRRok+WlvvAgEt/PlbgPTsZUcwCOs53IJvLgTp0eotwtosE6njug==", 1590 1590 + "license": "Apache-2.0", 1591 1591 + "bin": { 1592 1592 + "cborg": "cli.js" 1593 1593 + } 1594 1594 + }, 1595 1595 + "node_modules/chai": { 1596 1596 + "version": "5.3.3", 1597 1597 + "resolved": "https://registry.npmjs.org/chai/-/chai-5.3.3.tgz", 1598 1598 + "integrity": "sha512-4zNhdJD/iOjSH0A05ea+Ke6MU5mmpQcbQsSOkgdaUMJ9zTlDTD/GYlwohmIE2u0gaxHYiVHEn1Fw9mZ/ktJWgw==", 1599 1599 + "dev": true, 1600 1600 + "license": "MIT", 1601 1601 + "dependencies": { 1602 1602 + "assertion-error": "^2.0.1", 1603 1603 + "check-error": "^2.1.1", 1604 1604 + "deep-eql": "^5.0.1", 1605 1605 + "loupe": "^3.1.0", 1606 1606 + "pathval": "^2.0.0" 1607 1607 + }, 1608 1608 + "engines": { 1609 1609 + "node": ">=18" 1610 1610 + } 1611 1611 + }, 1612 1612 + "node_modules/check-error": { 1613 1613 + "version": "2.1.3", 1614 1614 + "resolved": "https://registry.npmjs.org/check-error/-/check-error-2.1.3.tgz", 1615 1615 + "integrity": "sha512-PAJdDJusoxnwm1VwW07VWwUN1sl7smmC3OKggvndJFadxxDRyFJBX/ggnu/KE4kQAB7a3Dp8f/YXC1FlUprWmA==", 1616 1616 + "dev": true, 1617 1617 + "license": "MIT", 1618 1618 + "engines": { 1619 1619 + "node": ">= 16" 1620 1620 + } 1621 1621 + }, 1622 1622 + "node_modules/chownr": { 1623 1623 + "version": "1.1.4", 1624 1624 + "resolved": "https://registry.npmjs.org/chownr/-/chownr-1.1.4.tgz", 1625 1625 + "integrity": "sha512-jJ0bqzaylmJtVnNgzTeSOs8DPavpbYgEr/b0YL8/2GO3xJEhInFmhKMUnEJQjZumK7KXGFhUy89PrsJWlakBVg==", 1626 1626 + "license": "ISC" 1627 1627 + }, 1628 1628 + "node_modules/debug": { 1629 1629 + "version": "4.4.3", 1630 1630 + "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.3.tgz", 1631 1631 + "integrity": "sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA==", 1632 1632 + "dev": true, 1633 1633 + "license": "MIT", 1634 1634 + "dependencies": { 1635 1635 + "ms": "^2.1.3" 1636 1636 + }, 1637 1637 + "engines": { 1638 1638 + "node": ">=6.0" 1639 1639 + }, 1640 1640 + "peerDependenciesMeta": { 1641 1641 + "supports-color": { 1642 1642 + "optional": true 1643 1643 + } 1644 1644 + } 1645 1645 + }, 1646 1646 + "node_modules/decompress-response": { 1647 1647 + "version": "6.0.0", 1648 1648 + "resolved": "https://registry.npmjs.org/decompress-response/-/decompress-response-6.0.0.tgz", 1649 1649 + "integrity": "sha512-aW35yZM6Bb/4oJlZncMH2LCoZtJXTRxES17vE3hoRiowU2kWHaJKFkSBDnDR+cm9J+9QhXmREyIfv0pji9ejCQ==", 1650 1650 + "license": "MIT", 1651 1651 + "dependencies": { 1652 1652 + "mimic-response": "^3.1.0" 1653 1653 + }, 1654 1654 + "engines": { 1655 1655 + "node": ">=10" 1656 1656 + }, 1657 1657 + "funding": { 1658 1658 + "url": "https://github.com/sponsors/sindresorhus" 1659 1659 + } 1660 1660 + }, 1661 1661 + "node_modules/deep-eql": { 1662 1662 + "version": "5.0.2", 1663 1663 + "resolved": "https://registry.npmjs.org/deep-eql/-/deep-eql-5.0.2.tgz", 1664 1664 + "integrity": "sha512-h5k/5U50IJJFpzfL6nO9jaaumfjO/f2NjK/oYB2Djzm4p9L+3T9qWpZqZ2hAbLPuuYq9wrU08WQyBTL5GbPk5Q==", 1665 1665 + "dev": true, 1666 1666 + "license": "MIT", 1667 1667 + "engines": { 1668 1668 + "node": ">=6" 1669 1669 + } 1670 1670 + }, 1671 1671 + "node_modules/deep-extend": { 1672 1672 + "version": "0.6.0", 1673 1673 + "resolved": "https://registry.npmjs.org/deep-extend/-/deep-extend-0.6.0.tgz", 1674 1674 + "integrity": "sha512-LOHxIOaPYdHlJRtCQfDIVZtfw/ufM8+rVj649RIHzcm/vGwQRXFt6OPqIFWsm2XEMrNIEtWR64sY1LEKD2vAOA==", 1675 1675 + "license": "MIT", 1676 1676 + "engines": { 1677 1677 + "node": ">=4.0.0" 1678 1678 + } 1679 1679 + }, 1680 1680 + "node_modules/detect-libc": { 1681 1681 + "version": "2.1.2", 1682 1682 + "resolved": "https://registry.npmjs.org/detect-libc/-/detect-libc-2.1.2.tgz", 1683 1683 + "integrity": "sha512-Btj2BOOO83o3WyH59e8MgXsxEQVcarkUOpEYrubB0urwnN10yQ364rsiByU11nZlqWYZm05i/of7io4mzihBtQ==", 1684 1684 + "license": "Apache-2.0", 1685 1685 + "engines": { 1686 1686 + "node": ">=8" 1687 1687 + } 1688 1688 + }, 1689 1689 + "node_modules/end-of-stream": { 1690 1690 + "version": "1.4.5", 1691 1691 + "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.5.tgz", 1692 1692 + "integrity": "sha512-ooEGc6HP26xXq/N+GCGOT0JKCLDGrq2bQUZrQ7gyrJiZANJ/8YDTxTpQBXGMn+WbIQXNVpyWymm7KYVICQnyOg==", 1693 1693 + "license": "MIT", 1694 1694 + "dependencies": { 1695 1695 + "once": "^1.4.0" 1696 1696 + } 1697 1697 + }, 1698 1698 + "node_modules/es-module-lexer": { 1699 1699 + "version": "1.7.0", 1700 1700 + "resolved": "https://registry.npmjs.org/es-module-lexer/-/es-module-lexer-1.7.0.tgz", 1701 1701 + "integrity": "sha512-jEQoCwk8hyb2AZziIOLhDqpm5+2ww5uIE6lkO/6jcOCusfk6LhMHpXXfBLXTZ7Ydyt0j4VoUQv6uGNYbdW+kBA==", 1702 1702 + "dev": true, 1703 1703 + "license": "MIT" 1704 1704 + }, 1705 1705 + "node_modules/esbuild": { 1706 1706 + "version": "0.27.3", 1707 1707 + "resolved": "https://registry.npmjs.org/esbuild/-/esbuild-0.27.3.tgz", 1708 1708 + "integrity": "sha512-8VwMnyGCONIs6cWue2IdpHxHnAjzxnw2Zr7MkVxB2vjmQ2ivqGFb4LEG3SMnv0Gb2F/G/2yA8zUaiL1gywDCCg==", 1709 1709 + "dev": true, 1710 1710 + "hasInstallScript": true, 1711 1711 + "license": "MIT", 1712 1712 + "bin": { 1713 1713 + "esbuild": "bin/esbuild" 1714 1714 + }, 1715 1715 + "engines": { 1716 1716 + "node": ">=18" 1717 1717 + }, 1718 1718 + "optionalDependencies": { 1719 1719 + "@esbuild/aix-ppc64": "0.27.3", 1720 1720 + "@esbuild/android-arm": "0.27.3", 1721 1721 + "@esbuild/android-arm64": "0.27.3", 1722 1722 + "@esbuild/android-x64": "0.27.3", 1723 1723 + "@esbuild/darwin-arm64": "0.27.3", 1724 1724 + "@esbuild/darwin-x64": "0.27.3", 1725 1725 + "@esbuild/freebsd-arm64": "0.27.3", 1726 1726 + "@esbuild/freebsd-x64": "0.27.3", 1727 1727 + "@esbuild/linux-arm": "0.27.3", 1728 1728 + "@esbuild/linux-arm64": "0.27.3", 1729 1729 + "@esbuild/linux-ia32": "0.27.3", 1730 1730 + "@esbuild/linux-loong64": "0.27.3", 1731 1731 + "@esbuild/linux-mips64el": "0.27.3", 1732 1732 + "@esbuild/linux-ppc64": "0.27.3", 1733 1733 + "@esbuild/linux-riscv64": "0.27.3", 1734 1734 + "@esbuild/linux-s390x": "0.27.3", 1735 1735 + "@esbuild/linux-x64": "0.27.3", 1736 1736 + "@esbuild/netbsd-arm64": "0.27.3", 1737 1737 + "@esbuild/netbsd-x64": "0.27.3", 1738 1738 + "@esbuild/openbsd-arm64": "0.27.3", 1739 1739 + "@esbuild/openbsd-x64": "0.27.3", 1740 1740 + "@esbuild/openharmony-arm64": "0.27.3", 1741 1741 + "@esbuild/sunos-x64": "0.27.3", 1742 1742 + "@esbuild/win32-arm64": "0.27.3", 1743 1743 + "@esbuild/win32-ia32": "0.27.3", 1744 1744 + "@esbuild/win32-x64": "0.27.3" 1745 1745 + } 1746 1746 + }, 1747 1747 + "node_modules/esm-env": { 1748 1748 + "version": "1.2.2", 1749 1749 + "resolved": "https://registry.npmjs.org/esm-env/-/esm-env-1.2.2.tgz", 1750 1750 + "integrity": "sha512-Epxrv+Nr/CaL4ZcFGPJIYLWFom+YeV1DqMLHJoEd9SYRxNbaFruBwfEX/kkHUJf55j2+TUbmDcmuilbP1TmXHA==", 1751 1751 + "license": "MIT" 1752 1752 + }, 1753 1753 + "node_modules/estree-walker": { 1754 1754 + "version": "3.0.3", 1755 1755 + "resolved": "https://registry.npmjs.org/estree-walker/-/estree-walker-3.0.3.tgz", 1756 1756 + "integrity": "sha512-7RUKfXgSMMkzt6ZuXmqapOurLGPPfgj6l9uRZ7lRGolvk0y2yocc35LdcxKC5PQZdn2DMqioAQ2NoWcrTKmm6g==", 1757 1757 + "dev": true, 1758 1758 + "license": "MIT", 1759 1759 + "dependencies": { 1760 1760 + "@types/estree": "^1.0.0" 1761 1761 + } 1762 1762 + }, 1763 1763 + "node_modules/event-target-shim": { 1764 1764 + "version": "5.0.1", 1765 1765 + "resolved": "https://registry.npmjs.org/event-target-shim/-/event-target-shim-5.0.1.tgz", 1766 1766 + "integrity": "sha512-i/2XbnSz/uxRCU6+NdVJgKWDTM427+MqYbkQzD321DuCQJUqOuJKIA0IM2+W2xtYHdKOmZ4dR6fExsd4SXL+WQ==", 1767 1767 + "license": "MIT", 1768 1768 + "engines": { 1769 1769 + "node": ">=6" 1770 1770 + } 1771 1771 + }, 1772 1772 + "node_modules/events": { 1773 1773 + "version": "3.3.0", 1774 1774 + "resolved": "https://registry.npmjs.org/events/-/events-3.3.0.tgz", 1775 1775 + "integrity": "sha512-mQw+2fkQbALzQ7V0MY0IqdnXNOeTtP4r0lN9z7AAawCXgqea7bDii20AYrIBrFd/Hx0M2Ocz6S111CaFkUcb0Q==", 1776 1776 + "license": "MIT", 1777 1777 + "engines": { 1778 1778 + "node": ">=0.8.x" 1779 1779 + } 1780 1780 + }, 1781 1781 + "node_modules/expand-template": { 1782 1782 + "version": "2.0.3", 1783 1783 + "resolved": "https://registry.npmjs.org/expand-template/-/expand-template-2.0.3.tgz", 1784 1784 + "integrity": "sha512-XYfuKMvj4O35f/pOXLObndIRvyQ+/+6AhODh+OKWj9S9498pHHn/IMszH+gt0fBCRWMNfk1ZSp5x3AifmnI2vg==", 1785 1785 + "license": "(MIT OR WTFPL)", 1786 1786 + "engines": { 1787 1787 + "node": ">=6" 1788 1788 + } 1789 1789 + }, 1790 1790 + "node_modules/expect-type": { 1791 1791 + "version": "1.3.0", 1792 1792 + "resolved": "https://registry.npmjs.org/expect-type/-/expect-type-1.3.0.tgz", 1793 1793 + "integrity": "sha512-knvyeauYhqjOYvQ66MznSMs83wmHrCycNEN6Ao+2AeYEfxUIkuiVxdEa1qlGEPK+We3n0THiDciYSsCcgW/DoA==", 1794 1794 + "dev": true, 1795 1795 + "license": "Apache-2.0", 1796 1796 + "engines": { 1797 1797 + "node": ">=12.0.0" 1798 1798 + } 1799 1799 + }, 1800 1800 + "node_modules/fast-redact": { 1801 1801 + "version": "3.5.0", 1802 1802 + "resolved": "https://registry.npmjs.org/fast-redact/-/fast-redact-3.5.0.tgz", 1803 1803 + "integrity": "sha512-dwsoQlS7h9hMeYUq1W++23NDcBLV4KqONnITDV9DjfS3q1SgDGVrBdvvTLUotWtPSD7asWDV9/CmsZPy8Hf70A==", 1804 1804 + "license": "MIT", 1805 1805 + "engines": { 1806 1806 + "node": ">=6" 1807 1807 + } 1808 1808 + }, 1809 1809 + "node_modules/fdir": { 1810 1810 + "version": "6.5.0", 1811 1811 + "resolved": "https://registry.npmjs.org/fdir/-/fdir-6.5.0.tgz", 1812 1812 + "integrity": "sha512-tIbYtZbucOs0BRGqPJkshJUYdL+SDH7dVM8gjy+ERp3WAUjLEFJE+02kanyHtwjWOnwrKYBiwAmM0p4kLJAnXg==", 1813 1813 + "dev": true, 1814 1814 + "license": "MIT", 1815 1815 + "engines": { 1816 1816 + "node": ">=12.0.0" 1817 1817 + }, 1818 1818 + "peerDependencies": { 1819 1819 + "picomatch": "^3 || ^4" 1820 1820 + }, 1821 1821 + "peerDependenciesMeta": { 1822 1822 + "picomatch": { 1823 1823 + "optional": true 1824 1824 + } 1825 1825 + } 1826 1826 + }, 1827 1827 + "node_modules/file-uri-to-path": { 1828 1828 + "version": "1.0.0", 1829 1829 + "resolved": "https://registry.npmjs.org/file-uri-to-path/-/file-uri-to-path-1.0.0.tgz", 1830 1830 + "integrity": "sha512-0Zt+s3L7Vf1biwWZ29aARiVYLx7iMGnEUl9x33fbB/j3jR81u/O2LbqK+Bm1CDSNDKVtJ/YjwY7TUd5SkeLQLw==", 1831 1831 + "license": "MIT" 1832 1832 + }, 1833 1833 + "node_modules/fs-constants": { 1834 1834 + "version": "1.0.0", 1835 1835 + "resolved": "https://registry.npmjs.org/fs-constants/-/fs-constants-1.0.0.tgz", 1836 1836 + "integrity": "sha512-y6OAwoSIf7FyjMIv94u+b5rdheZEjzR63GTyZJm5qh4Bi+2YgwLCcI/fPFZkL5PSixOt6ZNKm+w+Hfp/Bciwow==", 1837 1837 + "license": "MIT" 1838 1838 + }, 1839 1839 + "node_modules/fsevents": { 1840 1840 + "version": "2.3.3", 1841 1841 + "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz", 1842 1842 + "integrity": "sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==", 1843 1843 + "dev": true, 1844 1844 + "hasInstallScript": true, 1845 1845 + "license": "MIT", 1846 1846 + "optional": true, 1847 1847 + "os": [ 1848 1848 + "darwin" 1849 1849 + ], 1850 1850 + "engines": { 1851 1851 + "node": "^8.16.0 || ^10.6.0 || >=11.0.0" 1852 1852 + } 1853 1853 + }, 1854 1854 + "node_modules/get-tsconfig": { 1855 1855 + "version": "4.13.6", 1856 1856 + "resolved": "https://registry.npmjs.org/get-tsconfig/-/get-tsconfig-4.13.6.tgz", 1857 1857 + "integrity": "sha512-shZT/QMiSHc/YBLxxOkMtgSid5HFoauqCE3/exfsEcwg1WkeqjG+V40yBbBrsD+jW2HDXcs28xOfcbm2jI8Ddw==", 1858 1858 + "dev": true, 1859 1859 + "license": "MIT", 1860 1860 + "dependencies": { 1861 1861 + "resolve-pkg-maps": "^1.0.0" 1862 1862 + }, 1863 1863 + "funding": { 1864 1864 + "url": "https://github.com/privatenumber/get-tsconfig?sponsor=1" 1865 1865 + } 1866 1866 + }, 1867 1867 + "node_modules/github-from-package": { 1868 1868 + "version": "0.0.0", 1869 1869 + "resolved": "https://registry.npmjs.org/github-from-package/-/github-from-package-0.0.0.tgz", 1870 1870 + "integrity": "sha512-SyHy3T1v2NUXn29OsWdxmK6RwHD+vkj3v8en8AOBZ1wBQ/hCAQ5bAQTD02kW4W9tUp/3Qh6J8r9EvntiyCmOOw==", 1871 1871 + "license": "MIT" 1872 1872 + }, 1873 1873 + "node_modules/hono": { 1874 1874 + "version": "4.11.9", 1875 1875 + "resolved": "https://registry.npmjs.org/hono/-/hono-4.11.9.tgz", 1876 1876 + "integrity": "sha512-Eaw2YTGM6WOxA6CXbckaEvslr2Ne4NFsKrvc0v97JD5awbmeBLO5w9Ho9L9kmKonrwF9RJlW6BxT1PVv/agBHQ==", 1877 1877 + "license": "MIT", 1878 1878 + "engines": { 1879 1879 + "node": ">=16.9.0" 1880 1880 + } 1881 1881 + }, 1882 1882 + "node_modules/ieee754": { 1883 1883 + "version": "1.2.1", 1884 1884 + "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.2.1.tgz", 1885 1885 + "integrity": "sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA==", 1886 1886 + "funding": [ 1887 1887 + { 1888 1888 + "type": "github", 1889 1889 + "url": "https://github.com/sponsors/feross" 1890 1890 + }, 1891 1891 + { 1892 1892 + "type": "patreon", 1893 1893 + "url": "https://www.patreon.com/feross" 1894 1894 + }, 1895 1895 + { 1896 1896 + "type": "consulting", 1897 1897 + "url": "https://feross.org/support" 1898 1898 + } 1899 1899 + ], 1900 1900 + "license": "BSD-3-Clause" 1901 1901 + }, 1902 1902 + "node_modules/inherits": { 1903 1903 + "version": "2.0.4", 1904 1904 + "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", 1905 1905 + "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", 1906 1906 + "license": "ISC" 1907 1907 + }, 1908 1908 + "node_modules/ini": { 1909 1909 + "version": "1.3.8", 1910 1910 + "resolved": "https://registry.npmjs.org/ini/-/ini-1.3.8.tgz", 1911 1911 + "integrity": "sha512-JV/yugV2uzW5iMRSiZAyDtQd+nxtUnjeLt0acNdw98kKLrvuRVyB80tsREOE7yvGVgalhZ6RNXCmEHkUKBKxew==", 1912 1912 + "license": "ISC" 1913 1913 + }, 1914 1914 + "node_modules/iso-datestring-validator": { 1915 1915 + "version": "2.2.2", 1916 1916 + "resolved": "https://registry.npmjs.org/iso-datestring-validator/-/iso-datestring-validator-2.2.2.tgz", 1917 1917 + "integrity": "sha512-yLEMkBbLZTlVQqOnQ4FiMujR6T4DEcCb1xizmvXS+OxuhwcbtynoosRzdMA69zZCShCNAbi+gJ71FxZBBXx1SA==", 1918 1918 + "license": "MIT" 1919 1919 + }, 1920 1920 + "node_modules/jose": { 1921 1921 + "version": "6.1.3", 1922 1922 + "resolved": "https://registry.npmjs.org/jose/-/jose-6.1.3.tgz", 1923 1923 + "integrity": "sha512-0TpaTfihd4QMNwrz/ob2Bp7X04yuxJkjRGi4aKmOqwhov54i6u79oCv7T+C7lo70MKH6BesI3vscD1yb/yzKXQ==", 1924 1924 + "license": "MIT", 1925 1925 + "funding": { 1926 1926 + "url": "https://github.com/sponsors/panva" 1927 1927 + } 1928 1928 + }, 1929 1929 + "node_modules/js-tokens": { 1930 1930 + "version": "9.0.1", 1931 1931 + "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-9.0.1.tgz", 1932 1932 + "integrity": "sha512-mxa9E9ITFOt0ban3j6L5MpjwegGz6lBQmM1IJkWeBZGcMxto50+eWdjC/52xDbS2vy0k7vIMK0Fe2wfL9OQSpQ==", 1933 1933 + "dev": true, 1934 1934 + "license": "MIT" 1935 1935 + }, 1936 1936 + "node_modules/loupe": { 1937 1937 + "version": "3.2.1", 1938 1938 + "resolved": "https://registry.npmjs.org/loupe/-/loupe-3.2.1.tgz", 1939 1939 + "integrity": "sha512-CdzqowRJCeLU72bHvWqwRBBlLcMEtIvGrlvef74kMnV2AolS9Y8xUv1I0U/MNAWMhBlKIoyuEgoJ0t/bbwHbLQ==", 1940 1940 + "dev": true, 1941 1941 + "license": "MIT" 1942 1942 + }, 1943 1943 + "node_modules/magic-string": { 1944 1944 + "version": "0.30.21", 1945 1945 + "resolved": "https://registry.npmjs.org/magic-string/-/magic-string-0.30.21.tgz", 1946 1946 + "integrity": "sha512-vd2F4YUyEXKGcLHoq+TEyCjxueSeHnFxyyjNp80yg0XV4vUhnDer/lvvlqM/arB5bXQN5K2/3oinyCRyx8T2CQ==", 1947 1947 + "dev": true, 1948 1948 + "license": "MIT", 1949 1949 + "dependencies": { 1950 1950 + "@jridgewell/sourcemap-codec": "^1.5.5" 1951 1951 + } 1952 1952 + }, 1953 1953 + "node_modules/mimic-response": { 1954 1954 + "version": "3.1.0", 1955 1955 + "resolved": "https://registry.npmjs.org/mimic-response/-/mimic-response-3.1.0.tgz", 1956 1956 + "integrity": "sha512-z0yWI+4FDrrweS8Zmt4Ej5HdJmky15+L2e6Wgn3+iK5fWzb6T3fhNFq2+MeTRb064c6Wr4N/wv0DzQTjNzHNGQ==", 1957 1957 + "license": "MIT", 1958 1958 + "engines": { 1959 1959 + "node": ">=10" 1960 1960 + }, 1961 1961 + "funding": { 1962 1962 + "url": "https://github.com/sponsors/sindresorhus" 1963 1963 + } 1964 1964 + }, 1965 1965 + "node_modules/minimist": { 1966 1966 + "version": "1.2.8", 1967 1967 + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.8.tgz", 1968 1968 + "integrity": "sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA==", 1969 1969 + "license": "MIT", 1970 1970 + "funding": { 1971 1971 + "url": "https://github.com/sponsors/ljharb" 1972 1972 + } 1973 1973 + }, 1974 1974 + "node_modules/mkdirp-classic": { 1975 1975 + "version": "0.5.3", 1976 1976 + "resolved": "https://registry.npmjs.org/mkdirp-classic/-/mkdirp-classic-0.5.3.tgz", 1977 1977 + "integrity": "sha512-gKLcREMhtuZRwRAfqP3RFW+TK4JqApVBtOIftVgjuABpAtpxhPGaDcfvbhNvD0B8iD1oUr/txX35NjcaY6Ns/A==", 1978 1978 + "license": "MIT" 1979 1979 + }, 1980 1980 + "node_modules/ms": { 1981 1981 + "version": "2.1.3", 1982 1982 + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", 1983 1983 + "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==", 1984 1984 + "dev": true, 1985 1985 + "license": "MIT" 1986 1986 + }, 1987 1987 + "node_modules/multiformats": { 1988 1988 + "version": "9.9.0", 1989 1989 + "resolved": "https://registry.npmjs.org/multiformats/-/multiformats-9.9.0.tgz", 1990 1990 + "integrity": "sha512-HoMUjhH9T8DDBNT+6xzkrd9ga/XiBI4xLr58LJACwK6G3HTOPeMz4nB4KJs33L2BelrIJa7P0VuNaVF3hMYfjg==", 1991 1991 + "license": "(Apache-2.0 AND MIT)" 1992 1992 + }, 1993 1993 + "node_modules/nanoid": { 1994 1994 + "version": "3.3.11", 1995 1995 + "resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.11.tgz", 1996 1996 + "integrity": "sha512-N8SpfPUnUp1bK+PMYW8qSWdl9U+wwNWI4QKxOYDy9JAro3WMX7p2OeVRF9v+347pnakNevPmiHhNmZ2HbFA76w==", 1997 1997 + "dev": true, 1998 1998 + "funding": [ 1999 1999 + { 2000 2000 + "type": "github", 2001 2001 + "url": "https://github.com/sponsors/ai" 2002 2002 + } 2003 2003 + ], 2004 2004 + "license": "MIT", 2005 2005 + "bin": { 2006 2006 + "nanoid": "bin/nanoid.cjs" 2007 2007 + }, 2008 2008 + "engines": { 2009 2009 + "node": "^10 || ^12 || ^13.7 || ^14 || >=15.0.1" 2010 2010 + } 2011 2011 + }, 2012 2012 + "node_modules/napi-build-utils": { 2013 2013 + "version": "2.0.0", 2014 2014 + "resolved": "https://registry.npmjs.org/napi-build-utils/-/napi-build-utils-2.0.0.tgz", 2015 2015 + "integrity": "sha512-GEbrYkbfF7MoNaoh2iGG84Mnf/WZfB0GdGEsM8wz7Expx/LlWf5U8t9nvJKXSp3qr5IsEbK04cBGhol/KwOsWA==", 2016 2016 + "license": "MIT" 2017 2017 + }, 2018 2018 + "node_modules/node-abi": { 2019 2019 + "version": "3.87.0", 2020 2020 + "resolved": "https://registry.npmjs.org/node-abi/-/node-abi-3.87.0.tgz", 2021 2021 + "integrity": "sha512-+CGM1L1CgmtheLcBuleyYOn7NWPVu0s0EJH2C4puxgEZb9h8QpR9G2dBfZJOAUhi7VQxuBPMd0hiISWcTyiYyQ==", 2022 2022 + "license": "MIT", 2023 2023 + "dependencies": { 2024 2024 + "semver": "^7.3.5" 2025 2025 + }, 2026 2026 + "engines": { 2027 2027 + "node": ">=10" 2028 2028 + } 2029 2029 + }, 2030 2030 + "node_modules/node-gyp-build": { 2031 2031 + "version": "4.8.4", 2032 2032 + "resolved": "https://registry.npmjs.org/node-gyp-build/-/node-gyp-build-4.8.4.tgz", 2033 2033 + "integrity": "sha512-LA4ZjwlnUblHVgq0oBF3Jl/6h/Nvs5fzBLwdEF4nuxnFdsfajde4WfxtJr3CaiH+F6ewcIB/q4jQ4UzPyid+CQ==", 2034 2034 + "license": "MIT", 2035 2035 + "bin": { 2036 2036 + "node-gyp-build": "bin.js", 2037 2037 + "node-gyp-build-optional": "optional.js", 2038 2038 + "node-gyp-build-test": "build-test.js" 2039 2039 + } 2040 2040 + }, 2041 2041 + "node_modules/on-exit-leak-free": { 2042 2042 + "version": "2.1.2", 2043 2043 + "resolved": "https://registry.npmjs.org/on-exit-leak-free/-/on-exit-leak-free-2.1.2.tgz", 2044 2044 + "integrity": "sha512-0eJJY6hXLGf1udHwfNftBqH+g73EU4B504nZeKpz1sYRKafAghwxEJunB2O7rDZkL4PGfsMVnTXZ2EjibbqcsA==", 2045 2045 + "license": "MIT", 2046 2046 + "engines": { 2047 2047 + "node": ">=14.0.0" 2048 2048 + } 2049 2049 + }, 2050 2050 + "node_modules/once": { 2051 2051 + "version": "1.4.0", 2052 2052 + "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", 2053 2053 + "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", 2054 2054 + "license": "ISC", 2055 2055 + "dependencies": { 2056 2056 + "wrappy": "1" 2057 2057 + } 2058 2058 + }, 2059 2059 + "node_modules/pathe": { 2060 2060 + "version": "2.0.3", 2061 2061 + "resolved": "https://registry.npmjs.org/pathe/-/pathe-2.0.3.tgz", 2062 2062 + "integrity": "sha512-WUjGcAqP1gQacoQe+OBJsFA7Ld4DyXuUIjZ5cc75cLHvJ7dtNsTugphxIADwspS+AraAUePCKrSVtPLFj/F88w==", 2063 2063 + "dev": true, 2064 2064 + "license": "MIT" 2065 2065 + }, 2066 2066 + "node_modules/pathval": { 2067 2067 + "version": "2.0.1", 2068 2068 + "resolved": "https://registry.npmjs.org/pathval/-/pathval-2.0.1.tgz", 2069 2069 + "integrity": "sha512-//nshmD55c46FuFw26xV/xFAaB5HF9Xdap7HJBBnrKdAd6/GxDBaNA1870O79+9ueg61cZLSVc+OaFlfmObYVQ==", 2070 2070 + "dev": true, 2071 2071 + "license": "MIT", 2072 2072 + "engines": { 2073 2073 + "node": ">= 14.16" 2074 2074 + } 2075 2075 + }, 2076 2076 + "node_modules/picocolors": { 2077 2077 + "version": "1.1.1", 2078 2078 + "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.1.tgz", 2079 2079 + "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==", 2080 2080 + "license": "ISC" 2081 2081 + }, 2082 2082 + "node_modules/picomatch": { 2083 2083 + "version": "4.0.3", 2084 2084 + "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.3.tgz", 2085 2085 + "integrity": "sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q==", 2086 2086 + "dev": true, 2087 2087 + "license": "MIT", 2088 2088 + "engines": { 2089 2089 + "node": ">=12" 2090 2090 + }, 2091 2091 + "funding": { 2092 2092 + "url": "https://github.com/sponsors/jonschlinkert" 2093 2093 + } 2094 2094 + }, 2095 2095 + "node_modules/pino": { 2096 2096 + "version": "8.21.0", 2097 2097 + "resolved": "https://registry.npmjs.org/pino/-/pino-8.21.0.tgz", 2098 2098 + "integrity": "sha512-ip4qdzjkAyDDZklUaZkcRFb2iA118H9SgRh8yzTkSQK8HilsOJF7rSY8HoW5+I0M46AZgX/pxbprf2vvzQCE0Q==", 2099 2099 + "license": "MIT", 2100 2100 + "dependencies": { 2101 2101 + "atomic-sleep": "^1.0.0", 2102 2102 + "fast-redact": "^3.1.1", 2103 2103 + "on-exit-leak-free": "^2.1.0", 2104 2104 + "pino-abstract-transport": "^1.2.0", 2105 2105 + "pino-std-serializers": "^6.0.0", 2106 2106 + "process-warning": "^3.0.0", 2107 2107 + "quick-format-unescaped": "^4.0.3", 2108 2108 + "real-require": "^0.2.0", 2109 2109 + "safe-stable-stringify": "^2.3.1", 2110 2110 + "sonic-boom": "^3.7.0", 2111 2111 + "thread-stream": "^2.6.0" 2112 2112 + }, 2113 2113 + "bin": { 2114 2114 + "pino": "bin.js" 2115 2115 + } 2116 2116 + }, 2117 2117 + "node_modules/pino-abstract-transport": { 2118 2118 + "version": "1.2.0", 2119 2119 + "resolved": "https://registry.npmjs.org/pino-abstract-transport/-/pino-abstract-transport-1.2.0.tgz", 2120 2120 + "integrity": "sha512-Guhh8EZfPCfH+PMXAb6rKOjGQEoy0xlAIn+irODG5kgfYV+BQ0rGYYWTIel3P5mmyXqkYkPmdIkywsn6QKUR1Q==", 2121 2121 + "license": "MIT", 2122 2122 + "dependencies": { 2123 2123 + "readable-stream": "^4.0.0", 2124 2124 + "split2": "^4.0.0" 2125 2125 + } 2126 2126 + }, 2127 2127 + "node_modules/pino-std-serializers": { 2128 2128 + "version": "6.2.2", 2129 2129 + "resolved": "https://registry.npmjs.org/pino-std-serializers/-/pino-std-serializers-6.2.2.tgz", 2130 2130 + "integrity": "sha512-cHjPPsE+vhj/tnhCy/wiMh3M3z3h/j15zHQX+S9GkTBgqJuTuJzYJ4gUyACLhDaJ7kk9ba9iRDmbH2tJU03OiA==", 2131 2131 + "license": "MIT" 2132 2132 + }, 2133 2133 + "node_modules/postcss": { 2134 2134 + "version": "8.5.6", 2135 2135 + "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.5.6.tgz", 2136 2136 + "integrity": "sha512-3Ybi1tAuwAP9s0r1UQ2J4n5Y0G05bJkpUIO0/bI9MhwmD70S5aTWbXGBwxHrelT+XM1k6dM0pk+SwNkpTRN7Pg==", 2137 2137 + "dev": true, 2138 2138 + "funding": [ 2139 2139 + { 2140 2140 + "type": "opencollective", 2141 2141 + "url": "https://opencollective.com/postcss/" 2142 2142 + }, 2143 2143 + { 2144 2144 + "type": "tidelift", 2145 2145 + "url": "https://tidelift.com/funding/github/npm/postcss" 2146 2146 + }, 2147 2147 + { 2148 2148 + "type": "github", 2149 2149 + "url": "https://github.com/sponsors/ai" 2150 2150 + } 2151 2151 + ], 2152 2152 + "license": "MIT", 2153 2153 + "dependencies": { 2154 2154 + "nanoid": "^3.3.11", 2155 2155 + "picocolors": "^1.1.1", 2156 2156 + "source-map-js": "^1.2.1" 2157 2157 + }, 2158 2158 + "engines": { 2159 2159 + "node": "^10 || ^12 || >=14" 2160 2160 + } 2161 2161 + }, 2162 2162 + "node_modules/prebuild-install": { 2163 2163 + "version": "7.1.3", 2164 2164 + "resolved": "https://registry.npmjs.org/prebuild-install/-/prebuild-install-7.1.3.tgz", 2165 2165 + "integrity": "sha512-8Mf2cbV7x1cXPUILADGI3wuhfqWvtiLA1iclTDbFRZkgRQS0NqsPZphna9V+HyTEadheuPmjaJMsbzKQFOzLug==", 2166 2166 + "license": "MIT", 2167 2167 + "dependencies": { 2168 2168 + "detect-libc": "^2.0.0", 2169 2169 + "expand-template": "^2.0.3", 2170 2170 + "github-from-package": "0.0.0", 2171 2171 + "minimist": "^1.2.3", 2172 2172 + "mkdirp-classic": "^0.5.3", 2173 2173 + "napi-build-utils": "^2.0.0", 2174 2174 + "node-abi": "^3.3.0", 2175 2175 + "pump": "^3.0.0", 2176 2176 + "rc": "^1.2.7", 2177 2177 + "simple-get": "^4.0.0", 2178 2178 + "tar-fs": "^2.0.0", 2179 2179 + "tunnel-agent": "^0.6.0" 2180 2180 + }, 2181 2181 + "bin": { 2182 2182 + "prebuild-install": "bin.js" 2183 2183 + }, 2184 2184 + "engines": { 2185 2185 + "node": ">=10" 2186 2186 + } 2187 2187 + }, 2188 2188 + "node_modules/process": { 2189 2189 + "version": "0.11.10", 2190 2190 + "resolved": "https://registry.npmjs.org/process/-/process-0.11.10.tgz", 2191 2191 + "integrity": "sha512-cdGef/drWFoydD1JsMzuFf8100nZl+GT+yacc2bEced5f9Rjk4z+WtFUTBu9PhOi9j/jfmBPu0mMEY4wIdAF8A==", 2192 2192 + "license": "MIT", 2193 2193 + "engines": { 2194 2194 + "node": ">= 0.6.0" 2195 2195 + } 2196 2196 + }, 2197 2197 + "node_modules/process-warning": { 2198 2198 + "version": "3.0.0", 2199 2199 + "resolved": "https://registry.npmjs.org/process-warning/-/process-warning-3.0.0.tgz", 2200 2200 + "integrity": "sha512-mqn0kFRl0EoqhnL0GQ0veqFHyIN1yig9RHh/InzORTUiZHFRAur+aMtRkELNwGs9aNwKS6tg/An4NYBPGwvtzQ==", 2201 2201 + "license": "MIT" 2202 2202 + }, 2203 2203 + "node_modules/pump": { 2204 2204 + "version": "3.0.3", 2205 2205 + "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.3.tgz", 2206 2206 + "integrity": "sha512-todwxLMY7/heScKmntwQG8CXVkWUOdYxIvY2s0VWAAMh/nd8SoYiRaKjlr7+iCs984f2P8zvrfWcDDYVb73NfA==", 2207 2207 + "license": "MIT", 2208 2208 + "dependencies": { 2209 2209 + "end-of-stream": "^1.1.0", 2210 2210 + "once": "^1.3.1" 2211 2211 + } 2212 2212 + }, 2213 2213 + "node_modules/quick-format-unescaped": { 2214 2214 + "version": "4.0.4", 2215 2215 + "resolved": "https://registry.npmjs.org/quick-format-unescaped/-/quick-format-unescaped-4.0.4.tgz", 2216 2216 + "integrity": "sha512-tYC1Q1hgyRuHgloV/YXs2w15unPVh8qfu/qCTfhTYamaw7fyhumKa2yGpdSo87vY32rIclj+4fWYQXUMs9EHvg==", 2217 2217 + "license": "MIT" 2218 2218 + }, 2219 2219 + "node_modules/rc": { 2220 2220 + "version": "1.2.8", 2221 2221 + "resolved": "https://registry.npmjs.org/rc/-/rc-1.2.8.tgz", 2222 2222 + "integrity": "sha512-y3bGgqKj3QBdxLbLkomlohkvsA8gdAiUQlSBJnBhfn+BPxg4bc62d8TcBW15wavDfgexCgccckhcZvywyQYPOw==", 2223 2223 + "license": "(BSD-2-Clause OR MIT OR Apache-2.0)", 2224 2224 + "dependencies": { 2225 2225 + "deep-extend": "^0.6.0", 2226 2226 + "ini": "~1.3.0", 2227 2227 + "minimist": "^1.2.0", 2228 2228 + "strip-json-comments": "~2.0.1" 2229 2229 + }, 2230 2230 + "bin": { 2231 2231 + "rc": "cli.js" 2232 2232 + } 2233 2233 + }, 2234 2234 + "node_modules/readable-stream": { 2235 2235 + "version": "4.7.0", 2236 2236 + "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-4.7.0.tgz", 2237 2237 + "integrity": "sha512-oIGGmcpTLwPga8Bn6/Z75SVaH1z5dUut2ibSyAMVhmUggWpmDn2dapB0n7f8nwaSiRtepAsfJyfXIO5DCVAODg==", 2238 2238 + "license": "MIT", 2239 2239 + "dependencies": { 2240 2240 + "abort-controller": "^3.0.0", 2241 2241 + "buffer": "^6.0.3", 2242 2242 + "events": "^3.3.0", 2243 2243 + "process": "^0.11.10", 2244 2244 + "string_decoder": "^1.3.0" 2245 2245 + }, 2246 2246 + "engines": { 2247 2247 + "node": "^12.22.0 || ^14.17.0 || >=16.0.0" 2248 2248 + } 2249 2249 + }, 2250 2250 + "node_modules/real-require": { 2251 2251 + "version": "0.2.0", 2252 2252 + "resolved": "https://registry.npmjs.org/real-require/-/real-require-0.2.0.tgz", 2253 2253 + "integrity": "sha512-57frrGM/OCTLqLOAh0mhVA9VBMHd+9U7Zb2THMGdBUoZVOtGbJzjxsYGDJ3A9AYYCP4hn6y1TVbaOfzWtm5GFg==", 2254 2254 + "license": "MIT", 2255 2255 + "engines": { 2256 2256 + "node": ">= 12.13.0" 2257 2257 + } 2258 2258 + }, 2259 2259 + "node_modules/resolve-pkg-maps": { 2260 2260 + "version": "1.0.0", 2261 2261 + "resolved": "https://registry.npmjs.org/resolve-pkg-maps/-/resolve-pkg-maps-1.0.0.tgz", 2262 2262 + "integrity": "sha512-seS2Tj26TBVOC2NIc2rOe2y2ZO7efxITtLZcGSOnHHNOQ7CkiUBfw0Iw2ck6xkIhPwLhKNLS8BO+hEpngQlqzw==", 2263 2263 + "dev": true, 2264 2264 + "license": "MIT", 2265 2265 + "funding": { 2266 2266 + "url": "https://github.com/privatenumber/resolve-pkg-maps?sponsor=1" 2267 2267 + } 2268 2268 + }, 2269 2269 + "node_modules/rollup": { 2270 2270 + "version": "4.57.1", 2271 2271 + "resolved": "https://registry.npmjs.org/rollup/-/rollup-4.57.1.tgz", 2272 2272 + "integrity": "sha512-oQL6lgK3e2QZeQ7gcgIkS2YZPg5slw37hYufJ3edKlfQSGGm8ICoxswK15ntSzF/a8+h7ekRy7k7oWc3BQ7y8A==", 2273 2273 + "dev": true, 2274 2274 + "license": "MIT", 2275 2275 + "dependencies": { 2276 2276 + "@types/estree": "1.0.8" 2277 2277 + }, 2278 2278 + "bin": { 2279 2279 + "rollup": "dist/bin/rollup" 2280 2280 + }, 2281 2281 + "engines": { 2282 2282 + "node": ">=18.0.0", 2283 2283 + "npm": ">=8.0.0" 2284 2284 + }, 2285 2285 + "optionalDependencies": { 2286 2286 + "@rollup/rollup-android-arm-eabi": "4.57.1", 2287 2287 + "@rollup/rollup-android-arm64": "4.57.1", 2288 2288 + "@rollup/rollup-darwin-arm64": "4.57.1", 2289 2289 + "@rollup/rollup-darwin-x64": "4.57.1", 2290 2290 + "@rollup/rollup-freebsd-arm64": "4.57.1", 2291 2291 + "@rollup/rollup-freebsd-x64": "4.57.1", 2292 2292 + "@rollup/rollup-linux-arm-gnueabihf": "4.57.1", 2293 2293 + "@rollup/rollup-linux-arm-musleabihf": "4.57.1", 2294 2294 + "@rollup/rollup-linux-arm64-gnu": "4.57.1", 2295 2295 + "@rollup/rollup-linux-arm64-musl": "4.57.1", 2296 2296 + "@rollup/rollup-linux-loong64-gnu": "4.57.1", 2297 2297 + "@rollup/rollup-linux-loong64-musl": "4.57.1", 2298 2298 + "@rollup/rollup-linux-ppc64-gnu": "4.57.1", 2299 2299 + "@rollup/rollup-linux-ppc64-musl": "4.57.1", 2300 2300 + "@rollup/rollup-linux-riscv64-gnu": "4.57.1", 2301 2301 + "@rollup/rollup-linux-riscv64-musl": "4.57.1", 2302 2302 + "@rollup/rollup-linux-s390x-gnu": "4.57.1", 2303 2303 + "@rollup/rollup-linux-x64-gnu": "4.57.1", 2304 2304 + "@rollup/rollup-linux-x64-musl": "4.57.1", 2305 2305 + "@rollup/rollup-openbsd-x64": "4.57.1", 2306 2306 + "@rollup/rollup-openharmony-arm64": "4.57.1", 2307 2307 + "@rollup/rollup-win32-arm64-msvc": "4.57.1", 2308 2308 + "@rollup/rollup-win32-ia32-msvc": "4.57.1", 2309 2309 + "@rollup/rollup-win32-x64-gnu": "4.57.1", 2310 2310 + "@rollup/rollup-win32-x64-msvc": "4.57.1", 2311 2311 + "fsevents": "~2.3.2" 2312 2312 + } 2313 2313 + }, 2314 2314 + "node_modules/safe-buffer": { 2315 2315 + "version": "5.2.1", 2316 2316 + "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz", 2317 2317 + "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==", 2318 2318 + "funding": [ 2319 2319 + { 2320 2320 + "type": "github", 2321 2321 + "url": "https://github.com/sponsors/feross" 2322 2322 + }, 2323 2323 + { 2324 2324 + "type": "patreon", 2325 2325 + "url": "https://www.patreon.com/feross" 2326 2326 + }, 2327 2327 + { 2328 2328 + "type": "consulting", 2329 2329 + "url": "https://feross.org/support" 2330 2330 + } 2331 2331 + ], 2332 2332 + "license": "MIT" 2333 2333 + }, 2334 2334 + "node_modules/safe-stable-stringify": { 2335 2335 + "version": "2.5.0", 2336 2336 + "resolved": "https://registry.npmjs.org/safe-stable-stringify/-/safe-stable-stringify-2.5.0.tgz", 2337 2337 + "integrity": "sha512-b3rppTKm9T+PsVCBEOUR46GWI7fdOs00VKZ1+9c1EWDaDMvjQc6tUwuFyIprgGgTcWoVHSKrU8H31ZHA2e0RHA==", 2338 2338 + "license": "MIT", 2339 2339 + "engines": { 2340 2340 + "node": ">=10" 2341 2341 + } 2342 2342 + }, 2343 2343 + "node_modules/semver": { 2344 2344 + "version": "7.7.4", 2345 2345 + "resolved": "https://registry.npmjs.org/semver/-/semver-7.7.4.tgz", 2346 2346 + "integrity": "sha512-vFKC2IEtQnVhpT78h1Yp8wzwrf8CM+MzKMHGJZfBtzhZNycRFnXsHk6E5TxIkkMsgNS7mdX3AGB7x2QM2di4lA==", 2347 2347 + "license": "ISC", 2348 2348 + "bin": { 2349 2349 + "semver": "bin/semver.js" 2350 2350 + }, 2351 2351 + "engines": { 2352 2352 + "node": ">=10" 2353 2353 + } 2354 2354 + }, 2355 2355 + "node_modules/siginfo": { 2356 2356 + "version": "2.0.0", 2357 2357 + "resolved": "https://registry.npmjs.org/siginfo/-/siginfo-2.0.0.tgz", 2358 2358 + "integrity": "sha512-ybx0WO1/8bSBLEWXZvEd7gMW3Sn3JFlW3TvX1nREbDLRNQNaeNN8WK0meBwPdAaOI7TtRRRJn/Es1zhrrCHu7g==", 2359 2359 + "dev": true, 2360 2360 + "license": "ISC" 2361 2361 + }, 2362 2362 + "node_modules/simple-concat": { 2363 2363 + "version": "1.0.1", 2364 2364 + "resolved": "https://registry.npmjs.org/simple-concat/-/simple-concat-1.0.1.tgz", 2365 2365 + "integrity": "sha512-cSFtAPtRhljv69IK0hTVZQ+OfE9nePi/rtJmw5UjHeVyVroEqJXP1sFztKUy1qU+xvz3u/sfYJLa947b7nAN2Q==", 2366 2366 + "funding": [ 2367 2367 + { 2368 2368 + "type": "github", 2369 2369 + "url": "https://github.com/sponsors/feross" 2370 2370 + }, 2371 2371 + { 2372 2372 + "type": "patreon", 2373 2373 + "url": "https://www.patreon.com/feross" 2374 2374 + }, 2375 2375 + { 2376 2376 + "type": "consulting", 2377 2377 + "url": "https://feross.org/support" 2378 2378 + } 2379 2379 + ], 2380 2380 + "license": "MIT" 2381 2381 + }, 2382 2382 + "node_modules/simple-get": { 2383 2383 + "version": "4.0.1", 2384 2384 + "resolved": "https://registry.npmjs.org/simple-get/-/simple-get-4.0.1.tgz", 2385 2385 + "integrity": "sha512-brv7p5WgH0jmQJr1ZDDfKDOSeWWg+OVypG99A/5vYGPqJ6pxiaHLy8nxtFjBA7oMa01ebA9gfh1uMCFqOuXxvA==", 2386 2386 + "funding": [ 2387 2387 + { 2388 2388 + "type": "github", 2389 2389 + "url": "https://github.com/sponsors/feross" 2390 2390 + }, 2391 2391 + { 2392 2392 + "type": "patreon", 2393 2393 + "url": "https://www.patreon.com/feross" 2394 2394 + }, 2395 2395 + { 2396 2396 + "type": "consulting", 2397 2397 + "url": "https://feross.org/support" 2398 2398 + } 2399 2399 + ], 2400 2400 + "license": "MIT", 2401 2401 + "dependencies": { 2402 2402 + "decompress-response": "^6.0.0", 2403 2403 + "once": "^1.3.1", 2404 2404 + "simple-concat": "^1.0.0" 2405 2405 + } 2406 2406 + }, 2407 2407 + "node_modules/sonic-boom": { 2408 2408 + "version": "3.8.1", 2409 2409 + "resolved": "https://registry.npmjs.org/sonic-boom/-/sonic-boom-3.8.1.tgz", 2410 2410 + "integrity": "sha512-y4Z8LCDBuum+PBP3lSV7RHrXscqksve/bi0as7mhwVnBW+/wUqKT/2Kb7um8yqcFy0duYbbPxzt89Zy2nOCaxg==", 2411 2411 + "license": "MIT", 2412 2412 + "dependencies": { 2413 2413 + "atomic-sleep": "^1.0.0" 2414 2414 + } 2415 2415 + }, 2416 2416 + "node_modules/source-map-js": { 2417 2417 + "version": "1.2.1", 2418 2418 + "resolved": "https://registry.npmjs.org/source-map-js/-/source-map-js-1.2.1.tgz", 2419 2419 + "integrity": "sha512-UXWMKhLOwVKb728IUtQPXxfYU+usdybtUrK/8uGE8CQMvrhOpwvzDBwj0QhSL7MQc7vIsISBG8VQ8+IDQxpfQA==", 2420 2420 + "dev": true, 2421 2421 + "license": "BSD-3-Clause", 2422 2422 + "engines": { 2423 2423 + "node": ">=0.10.0" 2424 2424 + } 2425 2425 + }, 2426 2426 + "node_modules/split2": { 2427 2427 + "version": "4.2.0", 2428 2428 + "resolved": "https://registry.npmjs.org/split2/-/split2-4.2.0.tgz", 2429 2429 + "integrity": "sha512-UcjcJOWknrNkF6PLX83qcHM6KHgVKNkV62Y8a5uYDVv9ydGQVwAHMKqHdJje1VTWpljG0WYpCDhrCdAOYH4TWg==", 2430 2430 + "license": "ISC", 2431 2431 + "engines": { 2432 2432 + "node": ">= 10.x" 2433 2433 + } 2434 2434 + }, 2435 2435 + "node_modules/stackback": { 2436 2436 + "version": "0.0.2", 2437 2437 + "resolved": "https://registry.npmjs.org/stackback/-/stackback-0.0.2.tgz", 2438 2438 + "integrity": "sha512-1XMJE5fQo1jGH6Y/7ebnwPOBEkIEnT4QF32d5R1+VXdXveM0IBMJt8zfaxX1P3QhVwrYe+576+jkANtSS2mBbw==", 2439 2439 + "dev": true, 2440 2440 + "license": "MIT" 2441 2441 + }, 2442 2442 + "node_modules/std-env": { 2443 2443 + "version": "3.10.0", 2444 2444 + "resolved": "https://registry.npmjs.org/std-env/-/std-env-3.10.0.tgz", 2445 2445 + "integrity": "sha512-5GS12FdOZNliM5mAOxFRg7Ir0pWz8MdpYm6AY6VPkGpbA7ZzmbzNcBJQ0GPvvyWgcY7QAhCgf9Uy89I03faLkg==", 2446 2446 + "dev": true, 2447 2447 + "license": "MIT" 2448 2448 + }, 2449 2449 + "node_modules/string_decoder": { 2450 2450 + "version": "1.3.0", 2451 2451 + "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.3.0.tgz", 2452 2452 + "integrity": "sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA==", 2453 2453 + "license": "MIT", 2454 2454 + "dependencies": { 2455 2455 + "safe-buffer": "~5.2.0" 2456 2456 + } 2457 2457 + }, 2458 2458 + "node_modules/strip-json-comments": { 2459 2459 + "version": "2.0.1", 2460 2460 + "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-2.0.1.tgz", 2461 2461 + "integrity": "sha512-4gB8na07fecVVkOI6Rs4e7T6NOTki5EmL7TUduTs6bu3EdnSycntVJ4re8kgZA+wx9IueI2Y11bfbgwtzuE0KQ==", 2462 2462 + "license": "MIT", 2463 2463 + "engines": { 2464 2464 + "node": ">=0.10.0" 2465 2465 + } 2466 2466 + }, 2467 2467 + "node_modules/strip-literal": { 2468 2468 + "version": "3.1.0", 2469 2469 + "resolved": "https://registry.npmjs.org/strip-literal/-/strip-literal-3.1.0.tgz", 2470 2470 + "integrity": "sha512-8r3mkIM/2+PpjHoOtiAW8Rg3jJLHaV7xPwG+YRGrv6FP0wwk/toTpATxWYOW0BKdWwl82VT2tFYi5DlROa0Mxg==", 2471 2471 + "dev": true, 2472 2472 + "license": "MIT", 2473 2473 + "dependencies": { 2474 2474 + "js-tokens": "^9.0.1" 2475 2475 + }, 2476 2476 + "funding": { 2477 2477 + "url": "https://github.com/sponsors/antfu" 2478 2478 + } 2479 2479 + }, 2480 2480 + "node_modules/tar-fs": { 2481 2481 + "version": "2.1.4", 2482 2482 + "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-2.1.4.tgz", 2483 2483 + "integrity": "sha512-mDAjwmZdh7LTT6pNleZ05Yt65HC3E+NiQzl672vQG38jIrehtJk/J3mNwIg+vShQPcLF/LV7CMnDW6vjj6sfYQ==", 2484 2484 + "license": "MIT", 2485 2485 + "dependencies": { 2486 2486 + "chownr": "^1.1.1", 2487 2487 + "mkdirp-classic": "^0.5.2", 2488 2488 + "pump": "^3.0.0", 2489 2489 + "tar-stream": "^2.1.4" 2490 2490 + } 2491 2491 + }, 2492 2492 + "node_modules/tar-stream": { 2493 2493 + "version": "2.2.0", 2494 2494 + "resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-2.2.0.tgz", 2495 2495 + "integrity": "sha512-ujeqbceABgwMZxEJnk2HDY2DlnUZ+9oEcb1KzTVfYHio0UE6dG71n60d8D2I4qNvleWrrXpmjpt7vZeF1LnMZQ==", 2496 2496 + "license": "MIT", 2497 2497 + "dependencies": { 2498 2498 + "bl": "^4.0.3", 2499 2499 + "end-of-stream": "^1.4.1", 2500 2500 + "fs-constants": "^1.0.0", 2501 2501 + "inherits": "^2.0.3", 2502 2502 + "readable-stream": "^3.1.1" 2503 2503 + }, 2504 2504 + "engines": { 2505 2505 + "node": ">=6" 2506 2506 + } 2507 2507 + }, 2508 2508 + "node_modules/tar-stream/node_modules/readable-stream": { 2509 2509 + "version": "3.6.2", 2510 2510 + "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.2.tgz", 2511 2511 + "integrity": "sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==", 2512 2512 + "license": "MIT", 2513 2513 + "dependencies": { 2514 2514 + "inherits": "^2.0.3", 2515 2515 + "string_decoder": "^1.1.1", 2516 2516 + "util-deprecate": "^1.0.1" 2517 2517 + }, 2518 2518 + "engines": { 2519 2519 + "node": ">= 6" 2520 2520 + } 2521 2521 + }, 2522 2522 + "node_modules/thread-stream": { 2523 2523 + "version": "2.7.0", 2524 2524 + "resolved": "https://registry.npmjs.org/thread-stream/-/thread-stream-2.7.0.tgz", 2525 2525 + "integrity": "sha512-qQiRWsU/wvNolI6tbbCKd9iKaTnCXsTwVxhhKM6nctPdujTyztjlbUkUTUymidWcMnZ5pWR0ej4a0tjsW021vw==", 2526 2526 + "license": "MIT", 2527 2527 + "dependencies": { 2528 2528 + "real-require": "^0.2.0" 2529 2529 + } 2530 2530 + }, 2531 2531 + "node_modules/tinybench": { 2532 2532 + "version": "2.9.0", 2533 2533 + "resolved": "https://registry.npmjs.org/tinybench/-/tinybench-2.9.0.tgz", 2534 2534 + "integrity": "sha512-0+DUvqWMValLmha6lr4kD8iAMK1HzV0/aKnCtWb9v9641TnP/MFb7Pc2bxoxQjTXAErryXVgUOfv2YqNllqGeg==", 2535 2535 + "dev": true, 2536 2536 + "license": "MIT" 2537 2537 + }, 2538 2538 + "node_modules/tinyexec": { 2539 2539 + "version": "0.3.2", 2540 2540 + "resolved": "https://registry.npmjs.org/tinyexec/-/tinyexec-0.3.2.tgz", 2541 2541 + "integrity": "sha512-KQQR9yN7R5+OSwaK0XQoj22pwHoTlgYqmUscPYoknOoWCWfj/5/ABTMRi69FrKU5ffPVh5QcFikpWJI/P1ocHA==", 2542 2542 + "dev": true, 2543 2543 + "license": "MIT" 2544 2544 + }, 2545 2545 + "node_modules/tinyglobby": { 2546 2546 + "version": "0.2.15", 2547 2547 + "resolved": "https://registry.npmjs.org/tinyglobby/-/tinyglobby-0.2.15.tgz", 2548 2548 + "integrity": "sha512-j2Zq4NyQYG5XMST4cbs02Ak8iJUdxRM0XI5QyxXuZOzKOINmWurp3smXu3y5wDcJrptwpSjgXHzIQxR0omXljQ==", 2549 2549 + "dev": true, 2550 2550 + "license": "MIT", 2551 2551 + "dependencies": { 2552 2552 + "fdir": "^6.5.0", 2553 2553 + "picomatch": "^4.0.3" 2554 2554 + }, 2555 2555 + "engines": { 2556 2556 + "node": ">=12.0.0" 2557 2557 + }, 2558 2558 + "funding": { 2559 2559 + "url": "https://github.com/sponsors/SuperchupuDev" 2560 2560 + } 2561 2561 + }, 2562 2562 + "node_modules/tinypool": { 2563 2563 + "version": "1.1.1", 2564 2564 + "resolved": "https://registry.npmjs.org/tinypool/-/tinypool-1.1.1.tgz", 2565 2565 + "integrity": "sha512-Zba82s87IFq9A9XmjiX5uZA/ARWDrB03OHlq+Vw1fSdt0I+4/Kutwy8BP4Y/y/aORMo61FQ0vIb5j44vSo5Pkg==", 2566 2566 + "dev": true, 2567 2567 + "license": "MIT", 2568 2568 + "engines": { 2569 2569 + "node": "^18.0.0 || >=20.0.0" 2570 2570 + } 2571 2571 + }, 2572 2572 + "node_modules/tinyrainbow": { 2573 2573 + "version": "2.0.0", 2574 2574 + "resolved": "https://registry.npmjs.org/tinyrainbow/-/tinyrainbow-2.0.0.tgz", 2575 2575 + "integrity": "sha512-op4nsTR47R6p0vMUUoYl/a+ljLFVtlfaXkLQmqfLR1qHma1h/ysYk4hEXZ880bf2CYgTskvTa/e196Vd5dDQXw==", 2576 2576 + "dev": true, 2577 2577 + "license": "MIT", 2578 2578 + "engines": { 2579 2579 + "node": ">=14.0.0" 2580 2580 + } 2581 2581 + }, 2582 2582 + "node_modules/tinyspy": { 2583 2583 + "version": "4.0.4", 2584 2584 + "resolved": "https://registry.npmjs.org/tinyspy/-/tinyspy-4.0.4.tgz", 2585 2585 + "integrity": "sha512-azl+t0z7pw/z958Gy9svOTuzqIk6xq+NSheJzn5MMWtWTFywIacg2wUlzKFGtt3cthx0r2SxMK0yzJOR0IES7Q==", 2586 2586 + "dev": true, 2587 2587 + "license": "MIT", 2588 2588 + "engines": { 2589 2589 + "node": ">=14.0.0" 2590 2590 + } 2591 2591 + }, 2592 2592 + "node_modules/tslib": { 2593 2593 + "version": "2.8.1", 2594 2594 + "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.8.1.tgz", 2595 2595 + "integrity": "sha512-oJFu94HQb+KVduSUQL7wnpmqnfmLsOA/nAh6b6EH0wCEoK0/mPeXU6c3wKDV83MkOuHPRHtSXKKU99IBazS/2w==", 2596 2596 + "license": "0BSD" 2597 2597 + }, 2598 2598 + "node_modules/tsx": { 2599 2599 + "version": "4.21.0", 2600 2600 + "resolved": "https://registry.npmjs.org/tsx/-/tsx-4.21.0.tgz", 2601 2601 + "integrity": "sha512-5C1sg4USs1lfG0GFb2RLXsdpXqBSEhAaA/0kPL01wxzpMqLILNxIxIOKiILz+cdg/pLnOUxFYOR5yhHU666wbw==", 2602 2602 + "dev": true, 2603 2603 + "license": "MIT", 2604 2604 + "dependencies": { 2605 2605 + "esbuild": "~0.27.0", 2606 2606 + "get-tsconfig": "^4.7.5" 2607 2607 + }, 2608 2608 + "bin": { 2609 2609 + "tsx": "dist/cli.mjs" 2610 2610 + }, 2611 2611 + "engines": { 2612 2612 + "node": ">=18.0.0" 2613 2613 + }, 2614 2614 + "optionalDependencies": { 2615 2615 + "fsevents": "~2.3.3" 2616 2616 + } 2617 2617 + }, 2618 2618 + "node_modules/tunnel-agent": { 2619 2619 + "version": "0.6.0", 2620 2620 + "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", 2621 2621 + "integrity": "sha512-McnNiV1l8RYeY8tBgEpuodCC1mLUdbSN+CYBL7kJsJNInOP8UjDDEwdk6Mw60vdLLrr5NHKZhMAOSrR2NZuQ+w==", 2622 2622 + "license": "Apache-2.0", 2623 2623 + "dependencies": { 2624 2624 + "safe-buffer": "^5.0.1" 2625 2625 + }, 2626 2626 + "engines": { 2627 2627 + "node": "*" 2628 2628 + } 2629 2629 + }, 2630 2630 + "node_modules/typescript": { 2631 2631 + "version": "5.9.3", 2632 2632 + "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.9.3.tgz", 2633 2633 + "integrity": "sha512-jl1vZzPDinLr9eUt3J/t7V6FgNEw9QjvBPdysz9KfQDD41fQrC2Y4vKQdiaUpFT4bXlb1RHhLpp8wtm6M5TgSw==", 2634 2634 + "dev": true, 2635 2635 + "license": "Apache-2.0", 2636 2636 + "bin": { 2637 2637 + "tsc": "bin/tsc", 2638 2638 + "tsserver": "bin/tsserver" 2639 2639 + }, 2640 2640 + "engines": { 2641 2641 + "node": ">=14.17" 2642 2642 + } 2643 2643 + }, 2644 2644 + "node_modules/uint8arrays": { 2645 2645 + "version": "3.0.0", 2646 2646 + "resolved": "https://registry.npmjs.org/uint8arrays/-/uint8arrays-3.0.0.tgz", 2647 2647 + "integrity": "sha512-HRCx0q6O9Bfbp+HHSfQQKD7wU70+lydKVt4EghkdOvlK/NlrF90z+eXV34mUd48rNvVJXwkrMSPpCATkct8fJA==", 2648 2648 + "license": "MIT", 2649 2649 + "dependencies": { 2650 2650 + "multiformats": "^9.4.2" 2651 2651 + } 2652 2652 + }, 2653 2653 + "node_modules/undici-types": { 2654 2654 + "version": "7.16.0", 2655 2655 + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.16.0.tgz", 2656 2656 + "integrity": "sha512-Zz+aZWSj8LE6zoxD+xrjh4VfkIG8Ya6LvYkZqtUQGJPZjYl53ypCaUwWqo7eI0x66KBGeRo+mlBEkMSeSZ38Nw==", 2657 2657 + "license": "MIT" 2658 2658 + }, 2659 2659 + "node_modules/unicode-segmenter": { 2660 2660 + "version": "0.14.5", 2661 2661 + "resolved": "https://registry.npmjs.org/unicode-segmenter/-/unicode-segmenter-0.14.5.tgz", 2662 2662 + "integrity": "sha512-jHGmj2LUuqDcX3hqY12Ql+uhUTn8huuxNZGq7GvtF6bSybzH3aFgedYu/KTzQStEgt1Ra2F3HxadNXsNjb3m3g==", 2663 2663 + "license": "MIT" 2664 2664 + }, 2665 2665 + "node_modules/util-deprecate": { 2666 2666 + "version": "1.0.2", 2667 2667 + "resolved": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz", 2668 2668 + "integrity": "sha512-EPD5q1uXyFxJpCrLnCc1nHnq3gOa6DZBocAIiI2TaSCA7VCJ1UJDMagCzIkXNsUYfD1daK//LTEQ8xiIbrHtcw==", 2669 2669 + "license": "MIT" 2670 2670 + }, 2671 2671 + "node_modules/varint": { 2672 2672 + "version": "6.0.0", 2673 2673 + "resolved": "https://registry.npmjs.org/varint/-/varint-6.0.0.tgz", 2674 2674 + "integrity": "sha512-cXEIW6cfr15lFv563k4GuVuW/fiwjknytD37jIOLSdSWuOI6WnO/oKwmP2FQTU2l01LP8/M5TSAJpzUaGe3uWg==", 2675 2675 + "license": "MIT" 2676 2676 + }, 2677 2677 + "node_modules/vite": { 2678 2678 + "version": "7.3.1", 2679 2679 + "resolved": "https://registry.npmjs.org/vite/-/vite-7.3.1.tgz", 2680 2680 + "integrity": "sha512-w+N7Hifpc3gRjZ63vYBXA56dvvRlNWRczTdmCBBa+CotUzAPf5b7YMdMR/8CQoeYE5LX3W4wj6RYTgonm1b9DA==", 2681 2681 + "dev": true, 2682 2682 + "license": "MIT", 2683 2683 + "dependencies": { 2684 2684 + "esbuild": "^0.27.0", 2685 2685 + "fdir": "^6.5.0", 2686 2686 + "picomatch": "^4.0.3", 2687 2687 + "postcss": "^8.5.6", 2688 2688 + "rollup": "^4.43.0", 2689 2689 + "tinyglobby": "^0.2.15" 2690 2690 + }, 2691 2691 + "bin": { 2692 2692 + "vite": "bin/vite.js" 2693 2693 + }, 2694 2694 + "engines": { 2695 2695 + "node": "^20.19.0 || >=22.12.0" 2696 2696 + }, 2697 2697 + "funding": { 2698 2698 + "url": "https://github.com/vitejs/vite?sponsor=1" 2699 2699 + }, 2700 2700 + "optionalDependencies": { 2701 2701 + "fsevents": "~2.3.3" 2702 2702 + }, 2703 2703 + "peerDependencies": { 2704 2704 + "@types/node": "^20.19.0 || >=22.12.0", 2705 2705 + "jiti": ">=1.21.0", 2706 2706 + "less": "^4.0.0", 2707 2707 + "lightningcss": "^1.21.0", 2708 2708 + "sass": "^1.70.0", 2709 2709 + "sass-embedded": "^1.70.0", 2710 2710 + "stylus": ">=0.54.8", 2711 2711 + "sugarss": "^5.0.0", 2712 2712 + "terser": "^5.16.0", 2713 2713 + "tsx": "^4.8.1", 2714 2714 + "yaml": "^2.4.2" 2715 2715 + }, 2716 2716 + "peerDependenciesMeta": { 2717 2717 + "@types/node": { 2718 2718 + "optional": true 2719 2719 + }, 2720 2720 + "jiti": { 2721 2721 + "optional": true 2722 2722 + }, 2723 2723 + "less": { 2724 2724 + "optional": true 2725 2725 + }, 2726 2726 + "lightningcss": { 2727 2727 + "optional": true 2728 2728 + }, 2729 2729 + "sass": { 2730 2730 + "optional": true 2731 2731 + }, 2732 2732 + "sass-embedded": { 2733 2733 + "optional": true 2734 2734 + }, 2735 2735 + "stylus": { 2736 2736 + "optional": true 2737 2737 + }, 2738 2738 + "sugarss": { 2739 2739 + "optional": true 2740 2740 + }, 2741 2741 + "terser": { 2742 2742 + "optional": true 2743 2743 + }, 2744 2744 + "tsx": { 2745 2745 + "optional": true 2746 2746 + }, 2747 2747 + "yaml": { 2748 2748 + "optional": true 2749 2749 + } 2750 2750 + } 2751 2751 + }, 2752 2752 + "node_modules/vite-node": { 2753 2753 + "version": "3.2.4", 2754 2754 + "resolved": "https://registry.npmjs.org/vite-node/-/vite-node-3.2.4.tgz", 2755 2755 + "integrity": "sha512-EbKSKh+bh1E1IFxeO0pg1n4dvoOTt0UDiXMd/qn++r98+jPO1xtJilvXldeuQ8giIB5IkpjCgMleHMNEsGH6pg==", 2756 2756 + "dev": true, 2757 2757 + "license": "MIT", 2758 2758 + "dependencies": { 2759 2759 + "cac": "^6.7.14", 2760 2760 + "debug": "^4.4.1", 2761 2761 + "es-module-lexer": "^1.7.0", 2762 2762 + "pathe": "^2.0.3", 2763 2763 + "vite": "^5.0.0 || ^6.0.0 || ^7.0.0-0" 2764 2764 + }, 2765 2765 + "bin": { 2766 2766 + "vite-node": "vite-node.mjs" 2767 2767 + }, 2768 2768 + "engines": { 2769 2769 + "node": "^18.0.0 || ^20.0.0 || >=22.0.0" 2770 2770 + }, 2771 2771 + "funding": { 2772 2772 + "url": "https://opencollective.com/vitest" 2773 2773 + } 2774 2774 + }, 2775 2775 + "node_modules/vitest": { 2776 2776 + "version": "3.2.4", 2777 2777 + "resolved": "https://registry.npmjs.org/vitest/-/vitest-3.2.4.tgz", 2778 2778 + "integrity": "sha512-LUCP5ev3GURDysTWiP47wRRUpLKMOfPh+yKTx3kVIEiu5KOMeqzpnYNsKyOoVrULivR8tLcks4+lga33Whn90A==", 2779 2779 + "dev": true, 2780 2780 + "license": "MIT", 2781 2781 + "dependencies": { 2782 2782 + "@types/chai": "^5.2.2", 2783 2783 + "@vitest/expect": "3.2.4", 2784 2784 + "@vitest/mocker": "3.2.4", 2785 2785 + "@vitest/pretty-format": "^3.2.4", 2786 2786 + "@vitest/runner": "3.2.4", 2787 2787 + "@vitest/snapshot": "3.2.4", 2788 2788 + "@vitest/spy": "3.2.4", 2789 2789 + "@vitest/utils": "3.2.4", 2790 2790 + "chai": "^5.2.0", 2791 2791 + "debug": "^4.4.1", 2792 2792 + "expect-type": "^1.2.1", 2793 2793 + "magic-string": "^0.30.17", 2794 2794 + "pathe": "^2.0.3", 2795 2795 + "picomatch": "^4.0.2", 2796 2796 + "std-env": "^3.9.0", 2797 2797 + "tinybench": "^2.9.0", 2798 2798 + "tinyexec": "^0.3.2", 2799 2799 + "tinyglobby": "^0.2.14", 2800 2800 + "tinypool": "^1.1.1", 2801 2801 + "tinyrainbow": "^2.0.0", 2802 2802 + "vite": "^5.0.0 || ^6.0.0 || ^7.0.0-0", 2803 2803 + "vite-node": "3.2.4", 2804 2804 + "why-is-node-running": "^2.3.0" 2805 2805 + }, 2806 2806 + "bin": { 2807 2807 + "vitest": "vitest.mjs" 2808 2808 + }, 2809 2809 + "engines": { 2810 2810 + "node": "^18.0.0 || ^20.0.0 || >=22.0.0" 2811 2811 + }, 2812 2812 + "funding": { 2813 2813 + "url": "https://opencollective.com/vitest" 2814 2814 + }, 2815 2815 + "peerDependencies": { 2816 2816 + "@edge-runtime/vm": "*", 2817 2817 + "@types/debug": "^4.1.12", 2818 2818 + "@types/node": "^18.0.0 || ^20.0.0 || >=22.0.0", 2819 2819 + "@vitest/browser": "3.2.4", 2820 2820 + "@vitest/ui": "3.2.4", 2821 2821 + "happy-dom": "*", 2822 2822 + "jsdom": "*" 2823 2823 + }, 2824 2824 + "peerDependenciesMeta": { 2825 2825 + "@edge-runtime/vm": { 2826 2826 + "optional": true 2827 2827 + }, 2828 2828 + "@types/debug": { 2829 2829 + "optional": true 2830 2830 + }, 2831 2831 + "@types/node": { 2832 2832 + "optional": true 2833 2833 + }, 2834 2834 + "@vitest/browser": { 2835 2835 + "optional": true 2836 2836 + }, 2837 2837 + "@vitest/ui": { 2838 2838 + "optional": true 2839 2839 + }, 2840 2840 + "happy-dom": { 2841 2841 + "optional": true 2842 2842 + }, 2843 2843 + "jsdom": { 2844 2844 + "optional": true 2845 2845 + } 2846 2846 + } 2847 2847 + }, 2848 2848 + "node_modules/why-is-node-running": { 2849 2849 + "version": "2.3.0", 2850 2850 + "resolved": "https://registry.npmjs.org/why-is-node-running/-/why-is-node-running-2.3.0.tgz", 2851 2851 + "integrity": "sha512-hUrmaWBdVDcxvYqnyh09zunKzROWjbZTiNy8dBEjkS7ehEDQibXJ7XvlmtbwuTclUiIyN+CyXQD4Vmko8fNm8w==", 2852 2852 + "dev": true, 2853 2853 + "license": "MIT", 2854 2854 + "dependencies": { 2855 2855 + "siginfo": "^2.0.0", 2856 2856 + "stackback": "0.0.2" 2857 2857 + }, 2858 2858 + "bin": { 2859 2859 + "why-is-node-running": "cli.js" 2860 2860 + }, 2861 2861 + "engines": { 2862 2862 + "node": ">=8" 2863 2863 + } 2864 2864 + }, 2865 2865 + "node_modules/wrappy": { 2866 2866 + "version": "1.0.2", 2867 2867 + "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", 2868 2868 + "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", 2869 2869 + "license": "ISC" 2870 2870 + }, 2871 2871 + "node_modules/ws": { 2872 2872 + "version": "8.19.0", 2873 2873 + "resolved": "https://registry.npmjs.org/ws/-/ws-8.19.0.tgz", 2874 2874 + "integrity": "sha512-blAT2mjOEIi0ZzruJfIhb3nps74PRWTCz1IjglWEEpQl5XS/UNama6u2/rjFkDDouqr4L67ry+1aGIALViWjDg==", 2875 2875 + "license": "MIT", 2876 2876 + "engines": { 2877 2877 + "node": ">=10.0.0" 2878 2878 + }, 2879 2879 + "peerDependencies": { 2880 2880 + "bufferutil": "^4.0.1", 2881 2881 + "utf-8-validate": ">=5.0.2" 2882 2882 + }, 2883 2883 + "peerDependenciesMeta": { 2884 2884 + "bufferutil": { 2885 2885 + "optional": true 2886 2886 + }, 2887 2887 + "utf-8-validate": { 2888 2888 + "optional": true 2889 2889 + } 2890 2890 + } 2891 2891 + }, 2892 2892 + "node_modules/zod": { 2893 2893 + "version": "3.25.76", 2894 2894 + "resolved": "https://registry.npmjs.org/zod/-/zod-3.25.76.tgz", 2895 2895 + "integrity": "sha512-gzUt/qt81nXsFGKIFcC3YnfEAx5NkunCfnDlvuBSSFS02bcXu4Lmea0AFIUwbLWxWPx3d9p8S5QoaujKcNQxcQ==", 2896 2896 + "license": "MIT", 2897 2897 + "funding": { 2898 2898 + "url": "https://github.com/sponsors/colinhacks" 2899 2899 + } 2900 2900 + } 2901 2901 + } 2902 2902 + }

+45

package.json

reviewed

··· 1 1 + { 2 2 + "name": "p2pds", 3 3 + "version": "0.1.0", 4 4 + "description": "AT Protocol Personal Data Server with P2P capabilities", 5 5 + "type": "module", 6 6 + "main": "dist/server.js", 7 7 + "scripts": { 8 8 + "dev": "tsx watch src/server.ts", 9 9 + "build": "tsc", 10 10 + "start": "node dist/server.js", 11 11 + "test": "vitest run" 12 12 + }, 13 13 + "dependencies": { 14 14 + "@atcute/atproto": "^3.1.10", 15 15 + "@atcute/bluesky": "^3.2.14", 16 16 + "@atcute/cbor": "^2.2.8", 17 17 + "@atcute/cid": "^2.3.0", 18 18 + "@atcute/client": "^4.2.0", 19 19 + "@atcute/identity": "^1.1.3", 20 20 + "@atcute/identity-resolver": "^1.2.2", 21 21 + "@atcute/lexicons": "^1.2.6", 22 22 + "@atcute/tid": "^1.1.1", 23 23 + "@atproto/crypto": "^0.4.5", 24 24 + "@atproto/lex-cbor": "^0.0.3", 25 25 + "@atproto/lex-data": "^0.0.3", 26 26 + "@atproto/lex-json": "^0.0.11", 27 27 + "@atproto/repo": "^0.8.12", 28 28 + "@hono/node-server": "^1.13.8", 29 29 + "bcryptjs": "^3.0.3", 30 30 + "better-sqlite3": "^11.8.1", 31 31 + "hono": "^4.11.3", 32 32 + "jose": "^6.1.3", 33 33 + "picocolors": "^1.1.1", 34 34 + "ws": "^8.18.3" 35 35 + }, 36 36 + "devDependencies": { 37 37 + "@types/bcryptjs": "^3.0.0", 38 38 + "@types/better-sqlite3": "^7.6.12", 39 39 + "@types/ws": "^8.18.1", 40 40 + "tsx": "^4.21.0", 41 41 + "typescript": "^5.9.3", 42 42 + "vitest": "^3.0.0" 43 43 + }, 44 44 + "license": "MIT" 45 45 + }

+107

src/blobs.ts

reviewed

··· 1 1 + import { readFileSync, writeFileSync, existsSync, mkdirSync } from "node:fs"; 2 2 + import { join } from "node:path"; 3 3 + import { create as createCid, CODEC_RAW, toString as cidToString } from "@atcute/cid"; 4 4 + 5 5 + export interface BlobRef { 6 6 + $type: "blob"; 7 7 + ref: { $link: string }; 8 8 + mimeType: string; 9 9 + size: number; 10 10 + } 11 11 + 12 12 + export interface BlobResult { 13 13 + bytes: Uint8Array; 14 14 + mimeType: string; 15 15 + size: number; 16 16 + } 17 17 + 18 18 + /** 19 19 + * BlobStore manages blob storage on the local filesystem. 20 20 + * Blobs are stored with CID-based filenames under DATA_DIR/blobs/{did}/. 21 21 + */ 22 22 + export class BlobStore { 23 23 + private blobDir: string; 24 24 + 25 25 + constructor(dataDir: string, private did: string) { 26 26 + this.blobDir = join(dataDir, "blobs", did); 27 27 + mkdirSync(this.blobDir, { recursive: true }); 28 28 + } 29 29 + 30 30 + /** 31 31 + * Upload a blob and return a BlobRef. 32 32 + */ 33 33 + async putBlob(bytes: Uint8Array, mimeType: string): Promise<BlobRef> { 34 34 + const cidObj = await createCid(CODEC_RAW, bytes); 35 35 + const cidStr = cidToString(cidObj); 36 36 + 37 37 + const blobPath = join(this.blobDir, cidStr); 38 38 + const metaPath = join(this.blobDir, `${cidStr}.meta`); 39 39 + 40 40 + writeFileSync(blobPath, bytes); 41 41 + writeFileSync( 42 42 + metaPath, 43 43 + JSON.stringify({ mimeType, size: bytes.length }), 44 44 + ); 45 45 + 46 46 + return { 47 47 + $type: "blob", 48 48 + ref: { $link: cidStr }, 49 49 + mimeType, 50 50 + size: bytes.length, 51 51 + }; 52 52 + } 53 53 + 54 54 + /** 55 55 + * Retrieve a blob by CID string. 56 56 + */ 57 57 + getBlob(cid: string): BlobResult | null { 58 58 + const blobPath = join(this.blobDir, cid); 59 59 + const metaPath = join(this.blobDir, `${cid}.meta`); 60 60 + 61 61 + if (!existsSync(blobPath)) return null; 62 62 + 63 63 + const bytes = new Uint8Array(readFileSync(blobPath)); 64 64 + let mimeType = "application/octet-stream"; 65 65 + 66 66 + if (existsSync(metaPath)) { 67 67 + try { 68 68 + const meta = JSON.parse(readFileSync(metaPath, "utf-8")); 69 69 + mimeType = meta.mimeType || mimeType; 70 70 + } catch { 71 71 + // Ignore corrupt metadata 72 72 + } 73 73 + } 74 74 + 75 75 + return { bytes, mimeType, size: bytes.length }; 76 76 + } 77 77 + 78 78 + /** 79 79 + * Check if a blob exists. 80 80 + */ 81 81 + hasBlob(cid: string): boolean { 82 82 + return existsSync(join(this.blobDir, cid)); 83 83 + } 84 84 + 85 85 + /** 86 86 + * List all blob CIDs (for listBlobs endpoint). 87 87 + */ 88 88 + listBlobs(limit: number = 500, cursor?: string): { cids: string[]; cursor?: string } { 89 89 + const { readdirSync } = require("node:fs") as typeof import("node:fs"); 90 90 + const entries = readdirSync(this.blobDir) 91 91 + .filter((name: string) => !name.endsWith(".meta")) 92 92 + .sort(); 93 93 + 94 94 + let startIdx = 0; 95 95 + if (cursor) { 96 96 + const idx = entries.indexOf(cursor); 97 97 + startIdx = idx >= 0 ? idx + 1 : 0; 98 98 + } 99 99 + 100 100 + const slice = entries.slice(startIdx, startIdx + limit + 1); 101 101 + const hasMore = slice.length > limit; 102 102 + const cids = hasMore ? slice.slice(0, limit) : slice; 103 103 + const nextCursor = hasMore ? cids[cids.length - 1] : undefined; 104 104 + 105 105 + return { cids, cursor: nextCursor }; 106 106 + } 107 107 + }

+131

src/cbor-compat.ts

reviewed

··· 1 1 + /** 2 2 + * CBOR compatibility layer for migrating from @atproto/lex-cbor to @atcute/cbor. 3 3 + * 4 4 + * @atcute/cbor uses lazy wrappers (BytesWrapper, CidLinkWrapper) that are 5 5 + * compatible with atproto's lex-json format. This layer handles conversion 6 6 + * of @atproto CID objects to CidLinkWrapper for encoding. 7 7 + * 8 8 + * Use toCidLink/fromCidLink to convert between lex-json and raw CID types. 9 9 + */ 10 10 + import { 11 11 + encode as atcuteEncode, 12 12 + decode as atcuteDecode, 13 13 + toCidLink, 14 14 + toBytes, 15 15 + fromBytes, 16 16 + isBytes, 17 17 + type CidLink, 18 18 + } from "@atcute/cbor"; 19 19 + import { fromString } from "@atcute/cid"; 20 20 + import type { CID } from "@atproto/lex-data"; 21 21 + 22 22 + /** 23 23 + * Check if a value is an @atproto CID object. 24 24 + */ 25 25 + function isAtprotoCid(value: unknown): value is CID { 26 26 + if (value === null || typeof value !== "object") { 27 27 + return false; 28 28 + } 29 29 + const obj = value as Record<string | symbol, unknown>; 30 30 + return "asCID" in obj && obj[Symbol.toStringTag] === "CID"; 31 31 + } 32 32 + 33 33 + /** 34 34 + * Convert @atproto CID to @atcute CidLink. 35 35 + */ 36 36 + function atprotoCidToCidLink(cid: CID): CidLink { 37 37 + return toCidLink(fromString(cid.toString())); 38 38 + } 39 39 + 40 40 + /** 41 41 + * Recursively convert @atproto CIDs to @atcute CidLinks for encoding. 42 42 + */ 43 43 + function convertCidsForEncode(value: unknown): unknown { 44 44 + if (value === null || value === undefined) { 45 45 + return value; 46 46 + } 47 47 + 48 48 + if (typeof value !== "object") { 49 49 + return value; 50 50 + } 51 51 + 52 52 + // Handle Uint8Array - wrap with toBytes() for @atcute/cbor 53 53 + if (value instanceof Uint8Array) { 54 54 + return toBytes(value); 55 55 + } 56 56 + 57 57 + // Convert @atproto CID to @atcute CidLink 58 58 + if (isAtprotoCid(value)) { 59 59 + return atprotoCidToCidLink(value); 60 60 + } 61 61 + 62 62 + // Handle arrays 63 63 + if (Array.isArray(value)) { 64 64 + return (value as unknown[]).map(convertCidsForEncode); 65 65 + } 66 66 + 67 67 + // Handle plain objects 68 68 + const proto = Object.getPrototypeOf(value); 69 69 + if (proto === Object.prototype || proto === null) { 70 70 + const result: Record<string, unknown> = {}; 71 71 + for (const [key, val] of Object.entries(value as Record<string, unknown>)) { 72 72 + result[key] = convertCidsForEncode(val); 73 73 + } 74 74 + return result; 75 75 + } 76 76 + 77 77 + return value; 78 78 + } 79 79 + 80 80 + /** 81 81 + * Encode a value to CBOR, automatically converting @atproto CIDs to CidLinks. 82 82 + */ 83 83 + export function encode(value: unknown): Uint8Array { 84 84 + const converted = convertCidsForEncode(value); 85 85 + return atcuteEncode(converted); 86 86 + } 87 87 + 88 88 + /** 89 89 + * Recursively convert @atcute wrappers back to raw types for decoding. 90 90 + */ 91 91 + function convertWrappersForDecode(value: unknown): unknown { 92 92 + if (value === null || value === undefined) { 93 93 + return value; 94 94 + } 95 95 + 96 96 + if (typeof value !== "object") { 97 97 + return value; 98 98 + } 99 99 + 100 100 + // Unwrap BytesWrapper to raw Uint8Array 101 101 + if (isBytes(value)) { 102 102 + return fromBytes(value); 103 103 + } 104 104 + 105 105 + // CidLinkWrapper is left as-is since it has $link getter for lex-json compat 106 106 + 107 107 + // Handle arrays 108 108 + if (Array.isArray(value)) { 109 109 + return (value as unknown[]).map(convertWrappersForDecode); 110 110 + } 111 111 + 112 112 + // Handle plain objects 113 113 + const proto = Object.getPrototypeOf(value); 114 114 + if (proto === Object.prototype || proto === null) { 115 115 + const result: Record<string, unknown> = {}; 116 116 + for (const [key, val] of Object.entries(value as Record<string, unknown>)) { 117 117 + result[key] = convertWrappersForDecode(val); 118 118 + } 119 119 + return result; 120 120 + } 121 121 + 122 122 + return value; 123 123 + } 124 124 + 125 125 + /** 126 126 + * Decode CBOR bytes. 127 127 + */ 128 128 + export function decode(bytes: Uint8Array): unknown { 129 129 + const decoded = atcuteDecode(bytes); 130 130 + return convertWrappersForDecode(decoded); 131 131 + }

+96

src/config.ts

reviewed

··· 1 1 + import { readFileSync } from "node:fs"; 2 2 + import { resolve } from "node:path"; 3 3 + 4 4 + export interface Config { 5 5 + DID: string; 6 6 + HANDLE: string; 7 7 + PDS_HOSTNAME: string; 8 8 + AUTH_TOKEN: string; 9 9 + SIGNING_KEY: string; 10 10 + SIGNING_KEY_PUBLIC: string; 11 11 + JWT_SECRET: string; 12 12 + PASSWORD_HASH: string; 13 13 + EMAIL?: string; 14 14 + DATA_DIR: string; 15 15 + PORT: number; 16 16 + } 17 17 + 18 18 + const REQUIRED_KEYS = [ 19 19 + "DID", 20 20 + "HANDLE", 21 21 + "PDS_HOSTNAME", 22 22 + "AUTH_TOKEN", 23 23 + "SIGNING_KEY", 24 24 + "SIGNING_KEY_PUBLIC", 25 25 + "JWT_SECRET", 26 26 + "PASSWORD_HASH", 27 27 + ] as const; 28 28 + 29 29 + /** 30 30 + * Load a .env file into process.env (simple key=value parser). 31 31 + * Skips comments and empty lines. 32 32 + */ 33 33 + function loadDotEnv(path: string): void { 34 34 + let content: string; 35 35 + try { 36 36 + content = readFileSync(path, "utf-8"); 37 37 + } catch { 38 38 + return; // .env file is optional 39 39 + } 40 40 + 41 41 + for (const line of content.split("\n")) { 42 42 + const trimmed = line.trim(); 43 43 + if (!trimmed || trimmed.startsWith("#")) continue; 44 44 + const eqIdx = trimmed.indexOf("="); 45 45 + if (eqIdx === -1) continue; 46 46 + const key = trimmed.slice(0, eqIdx).trim(); 47 47 + let value = trimmed.slice(eqIdx + 1).trim(); 48 48 + // Strip surrounding quotes 49 49 + if ( 50 50 + (value.startsWith('"') && value.endsWith('"')) || 51 51 + (value.startsWith("'") && value.endsWith("'")) 52 52 + ) { 53 53 + value = value.slice(1, -1); 54 54 + } 55 55 + if (!process.env[key]) { 56 56 + process.env[key] = value; 57 57 + } 58 58 + } 59 59 + } 60 60 + 61 61 + /** 62 62 + * Load and validate configuration from environment variables. 63 63 + * Optionally loads a .env file first. 64 64 + */ 65 65 + export function loadConfig(envPath?: string): Config { 66 66 + // Load .env file if it exists 67 67 + const dotenvPath = envPath ?? resolve(process.cwd(), ".env"); 68 68 + loadDotEnv(dotenvPath); 69 69 + 70 70 + // Validate required variables 71 71 + const missing: string[] = []; 72 72 + for (const key of REQUIRED_KEYS) { 73 73 + if (!process.env[key]) { 74 74 + missing.push(key); 75 75 + } 76 76 + } 77 77 + if (missing.length > 0) { 78 78 + throw new Error( 79 79 + `Missing required environment variables: ${missing.join(", ")}`, 80 80 + ); 81 81 + } 82 82 + 83 83 + return { 84 84 + DID: process.env.DID!, 85 85 + HANDLE: process.env.HANDLE!, 86 86 + PDS_HOSTNAME: process.env.PDS_HOSTNAME!, 87 87 + AUTH_TOKEN: process.env.AUTH_TOKEN!, 88 88 + SIGNING_KEY: process.env.SIGNING_KEY!, 89 89 + SIGNING_KEY_PUBLIC: process.env.SIGNING_KEY_PUBLIC!, 90 90 + JWT_SECRET: process.env.JWT_SECRET!, 91 91 + PASSWORD_HASH: process.env.PASSWORD_HASH!, 92 92 + EMAIL: process.env.EMAIL, 93 93 + DATA_DIR: process.env.DATA_DIR ?? "./data", 94 94 + PORT: parseInt(process.env.PORT ?? "3000", 10), 95 95 + }; 96 96 + }

+89

src/did-cache.ts

reviewed

··· 1 1 + /** 2 2 + * DID cache using in-memory Map with TTL. 3 3 + * Replaces Cloudflare Workers Cache API from Cirrus. 4 4 + */ 5 5 + 6 6 + import { defs, type DidDocument } from "@atcute/identity"; 7 7 + 8 8 + export interface CacheResult { 9 9 + did: string; 10 10 + doc: DidDocument; 11 11 + updatedAt: number; 12 12 + stale: boolean; 13 13 + expired: boolean; 14 14 + } 15 15 + 16 16 + export interface DidCache { 17 17 + cacheDid( 18 18 + did: string, 19 19 + doc: DidDocument, 20 20 + prevResult?: CacheResult, 21 21 + ): Promise<void>; 22 22 + checkCache(did: string): Promise<CacheResult | null>; 23 23 + refreshCache( 24 24 + did: string, 25 25 + getDoc: () => Promise<DidDocument | null>, 26 26 + prevResult?: CacheResult, 27 27 + ): Promise<void>; 28 28 + clearEntry(did: string): Promise<void>; 29 29 + clear(): Promise<void>; 30 30 + } 31 31 + 32 32 + const STALE_TTL = 60 * 60 * 1000; // 1 hour 33 33 + const MAX_TTL = 24 * 60 * 60 * 1000; // 24 hours 34 34 + 35 35 + interface CacheEntry { 36 36 + doc: DidDocument; 37 37 + cachedAt: number; 38 38 + } 39 39 + 40 40 + export class InMemoryDidCache implements DidCache { 41 41 + private cache = new Map<string, CacheEntry>(); 42 42 + 43 43 + async cacheDid(did: string, doc: DidDocument): Promise<void> { 44 44 + this.cache.set(did, { doc, cachedAt: Date.now() }); 45 45 + } 46 46 + 47 47 + async checkCache(did: string): Promise<CacheResult | null> { 48 48 + const entry = this.cache.get(did); 49 49 + if (!entry) return null; 50 50 + 51 51 + const now = Date.now(); 52 52 + const age = now - entry.cachedAt; 53 53 + 54 54 + // Validate document 55 55 + const parsed = defs.didDocument.try(entry.doc); 56 56 + if (!parsed.ok || parsed.value.id !== did) { 57 57 + this.cache.delete(did); 58 58 + return null; 59 59 + } 60 60 + 61 61 + return { 62 62 + did, 63 63 + doc: parsed.value, 64 64 + updatedAt: entry.cachedAt, 65 65 + stale: age > STALE_TTL, 66 66 + expired: age > MAX_TTL, 67 67 + }; 68 68 + } 69 69 + 70 70 + async refreshCache( 71 71 + did: string, 72 72 + getDoc: () => Promise<DidDocument | null>, 73 73 + ): Promise<void> { 74 74 + // Background refresh (fire and forget) 75 75 + getDoc().then((doc) => { 76 76 + if (doc) { 77 77 + this.cacheDid(did, doc); 78 78 + } 79 79 + }); 80 80 + } 81 81 + 82 82 + async clearEntry(did: string): Promise<void> { 83 83 + this.cache.delete(did); 84 84 + } 85 85 + 86 86 + async clear(): Promise<void> { 87 87 + this.cache.clear(); 88 88 + } 89 89 + }

+88

src/did-resolver.ts

reviewed

··· 1 1 + /** 2 2 + * DID resolution for Node.js 3 3 + */ 4 4 + 5 5 + import { 6 6 + CompositeDidDocumentResolver, 7 7 + PlcDidDocumentResolver, 8 8 + WebDidDocumentResolver, 9 9 + } from "@atcute/identity-resolver"; 10 10 + import type { DidDocument } from "@atcute/identity"; 11 11 + import type { Did } from "@atcute/lexicons/syntax"; 12 12 + import type { DidCache } from "./did-cache.js"; 13 13 + 14 14 + const PLC_DIRECTORY = "https://plc.directory"; 15 15 + const TIMEOUT_MS = 3000; 16 16 + 17 17 + export interface DidResolverOpts { 18 18 + plcUrl?: string; 19 19 + timeout?: number; 20 20 + didCache?: DidCache; 21 21 + } 22 22 + 23 23 + export type { DidDocument }; 24 24 + 25 25 + export class DidResolver { 26 26 + private resolver: CompositeDidDocumentResolver<"plc" | "web">; 27 27 + private timeout: number; 28 28 + private cache?: DidCache; 29 29 + 30 30 + constructor(opts: DidResolverOpts = {}) { 31 31 + this.timeout = opts.timeout ?? TIMEOUT_MS; 32 32 + this.cache = opts.didCache; 33 33 + 34 34 + this.resolver = new CompositeDidDocumentResolver({ 35 35 + methods: { 36 36 + plc: new PlcDidDocumentResolver({ 37 37 + apiUrl: opts.plcUrl ?? PLC_DIRECTORY, 38 38 + }), 39 39 + web: new WebDidDocumentResolver(), 40 40 + }, 41 41 + }); 42 42 + } 43 43 + 44 44 + async resolve(did: string): Promise<DidDocument | null> { 45 45 + if (this.cache) { 46 46 + const cached = await this.cache.checkCache(did); 47 47 + if (cached && !cached.expired) { 48 48 + if (cached.stale) { 49 49 + this.cache.refreshCache( 50 50 + did, 51 51 + () => this.resolveNoCache(did), 52 52 + cached, 53 53 + ); 54 54 + } 55 55 + return cached.doc; 56 56 + } 57 57 + } 58 58 + 59 59 + const doc = await this.resolveNoCache(did); 60 60 + 61 61 + if (doc && this.cache) { 62 62 + await this.cache.cacheDid(did, doc); 63 63 + } else if (!doc && this.cache) { 64 64 + await this.cache.clearEntry(did); 65 65 + } 66 66 + 67 67 + return doc; 68 68 + } 69 69 + 70 70 + private async resolveNoCache(did: string): Promise<DidDocument | null> { 71 71 + const controller = new AbortController(); 72 72 + const timeoutId = setTimeout(() => controller.abort(), this.timeout); 73 73 + 74 74 + try { 75 75 + const doc = await this.resolver.resolve(did as Did<"plc" | "web">, { 76 76 + signal: controller.signal, 77 77 + }); 78 78 + if (doc.id !== did) { 79 79 + return null; 80 80 + } 81 81 + return doc; 82 82 + } catch { 83 83 + return null; 84 84 + } finally { 85 85 + clearTimeout(timeoutId); 86 86 + } 87 87 + } 88 88 + }

+141

src/firehose.ts

reviewed

··· 1 1 + import { WebSocketServer, WebSocket } from "ws"; 2 2 + import type { IncomingMessage } from "node:http"; 3 3 + import { encode as cborEncode } from "./cbor-compat.js"; 4 4 + import type { RepoManager } from "./repo-manager.js"; 5 5 + import type { 6 6 + SeqEvent, 7 7 + SeqCommitEvent, 8 8 + SeqIdentityEvent, 9 9 + } from "./sequencer.js"; 10 10 + 11 11 + /** 12 12 + * Firehose manages WebSocket connections for com.atproto.sync.subscribeRepos. 13 13 + * Replaces Cloudflare's hibernatable WebSocket API with the `ws` library. 14 14 + */ 15 15 + export class Firehose { 16 16 + private clients = new Set<WebSocket>(); 17 17 + 18 18 + constructor(private repoManager: RepoManager) { 19 19 + // Register as the event handler on the repo manager 20 20 + this.repoManager.onFirehoseEvent = (event) => { 21 21 + this.broadcast(event); 22 22 + }; 23 23 + } 24 24 + 25 25 + /** 26 26 + * Get current subscriber count. 27 27 + */ 28 28 + get subscriberCount(): number { 29 29 + return this.clients.size; 30 30 + } 31 31 + 32 32 + /** 33 33 + * Handle a new WebSocket connection. 34 34 + */ 35 35 + async handleConnection(ws: WebSocket, req: IncomingMessage): Promise<void> { 36 36 + this.clients.add(ws); 37 37 + 38 38 + // Parse cursor from query string 39 39 + const url = new URL(req.url ?? "/", "http://localhost"); 40 40 + const cursorParam = url.searchParams.get("cursor"); 41 41 + const cursor = cursorParam ? parseInt(cursorParam, 10) : null; 42 42 + 43 43 + ws.on("close", () => { 44 44 + this.clients.delete(ws); 45 45 + }); 46 46 + 47 47 + ws.on("error", (err) => { 48 48 + console.error("WebSocket error:", err); 49 49 + this.clients.delete(ws); 50 50 + }); 51 51 + 52 52 + // Backfill if cursor provided 53 53 + if (cursor !== null) { 54 54 + await this.backfill(ws, cursor); 55 55 + } 56 56 + } 57 57 + 58 58 + /** 59 59 + * Broadcast a firehose event to all connected clients. 60 60 + */ 61 61 + private broadcast(event: SeqEvent): void { 62 62 + const frame = this.encodeEventFrame(event); 63 63 + 64 64 + for (const ws of this.clients) { 65 65 + if (ws.readyState === WebSocket.OPEN) { 66 66 + try { 67 67 + ws.send(frame); 68 68 + } catch (e) { 69 69 + console.error("Error broadcasting to WebSocket:", e); 70 70 + this.clients.delete(ws); 71 71 + } 72 72 + } 73 73 + } 74 74 + } 75 75 + 76 76 + /** 77 77 + * Backfill events from a cursor. 78 78 + */ 79 79 + private async backfill(ws: WebSocket, cursor: number): Promise<void> { 80 80 + const latestSeq = this.repoManager.sequencer.getLatestSeq(); 81 81 + 82 82 + if (cursor > latestSeq) { 83 83 + const frame = this.encodeErrorFrame( 84 84 + "FutureCursor", 85 85 + "Cursor is in the future", 86 86 + ); 87 87 + ws.send(frame); 88 88 + ws.close(1008, "FutureCursor"); 89 89 + return; 90 90 + } 91 91 + 92 92 + const events = await this.repoManager.sequencer.getEventsSince( 93 93 + cursor, 94 94 + 1000, 95 95 + ); 96 96 + 97 97 + for (const event of events) { 98 98 + if (ws.readyState !== WebSocket.OPEN) break; 99 99 + const frame = this.encodeEventFrame(event); 100 100 + ws.send(frame); 101 101 + } 102 102 + } 103 103 + 104 104 + // ============================================ 105 105 + // Frame Encoding 106 106 + // ============================================ 107 107 + 108 108 + private encodeFrame(header: object, body: object): Uint8Array { 109 109 + const headerBytes = cborEncode(header); 110 110 + const bodyBytes = cborEncode(body); 111 111 + 112 112 + const frame = new Uint8Array(headerBytes.length + bodyBytes.length); 113 113 + frame.set(headerBytes, 0); 114 114 + frame.set(bodyBytes, headerBytes.length); 115 115 + 116 116 + return frame; 117 117 + } 118 118 + 119 119 + private encodeCommitFrame(event: SeqCommitEvent): Uint8Array { 120 120 + const header = { op: 1, t: "#commit" }; 121 121 + return this.encodeFrame(header, event.event); 122 122 + } 123 123 + 124 124 + private encodeIdentityFrame(event: SeqIdentityEvent): Uint8Array { 125 125 + const header = { op: 1, t: "#identity" }; 126 126 + return this.encodeFrame(header, event.event); 127 127 + } 128 128 + 129 129 + private encodeEventFrame(event: SeqEvent): Uint8Array { 130 130 + if (event.type === "identity") { 131 131 + return this.encodeIdentityFrame(event); 132 132 + } 133 133 + return this.encodeCommitFrame(event); 134 134 + } 135 135 + 136 136 + private encodeErrorFrame(error: string, message: string): Uint8Array { 137 137 + const header = { op: -1 }; 138 138 + const body = { error, message }; 139 139 + return this.encodeFrame(header, body); 140 140 + } 141 141 + }

+85

src/format.ts

reviewed

··· 1 1 + /** 2 2 + * Detect content type from file magic bytes. 3 3 + * Returns the detected MIME type or null if unknown. 4 4 + */ 5 5 + export function detectContentType(bytes: Uint8Array): string | null { 6 6 + // MP4/M4V/MOV - check for ftyp box 7 7 + if (bytes.length >= 12) { 8 8 + const ftyp = String.fromCharCode( 9 9 + bytes[4]!, 10 10 + bytes[5]!, 11 11 + bytes[6]!, 12 12 + bytes[7]!, 13 13 + ); 14 14 + if (ftyp === "ftyp") { 15 15 + const brand = String.fromCharCode( 16 16 + bytes[8]!, 17 17 + bytes[9]!, 18 18 + bytes[10]!, 19 19 + bytes[11]!, 20 20 + ); 21 21 + if ( 22 22 + brand === "isom" || 23 23 + brand === "iso2" || 24 24 + brand === "mp41" || 25 25 + brand === "mp42" || 26 26 + brand === "avc1" 27 27 + ) { 28 28 + return "video/mp4"; 29 29 + } 30 30 + if (brand === "M4V " || brand === "M4VH" || brand === "M4VP") { 31 31 + return "video/x-m4v"; 32 32 + } 33 33 + if (brand === "qt ") { 34 34 + return "video/quicktime"; 35 35 + } 36 36 + return "video/mp4"; 37 37 + } 38 38 + } 39 39 + 40 40 + // JPEG 41 41 + if (bytes[0] === 0xff && bytes[1] === 0xd8 && bytes[2] === 0xff) { 42 42 + return "image/jpeg"; 43 43 + } 44 44 + 45 45 + // PNG 46 46 + if ( 47 47 + bytes[0] === 0x89 && 48 48 + bytes[1] === 0x50 && 49 49 + bytes[2] === 0x4e && 50 50 + bytes[3] === 0x47 51 51 + ) { 52 52 + return "image/png"; 53 53 + } 54 54 + 55 55 + // GIF 56 56 + if (bytes[0] === 0x47 && bytes[1] === 0x49 && bytes[2] === 0x46) { 57 57 + return "image/gif"; 58 58 + } 59 59 + 60 60 + // WebP 61 61 + if ( 62 62 + bytes[0] === 0x52 && 63 63 + bytes[1] === 0x49 && 64 64 + bytes[2] === 0x46 && 65 65 + bytes[3] === 0x46 && 66 66 + bytes[8] === 0x57 && 67 67 + bytes[9] === 0x45 && 68 68 + bytes[10] === 0x42 && 69 69 + bytes[11] === 0x50 70 70 + ) { 71 71 + return "image/webp"; 72 72 + } 73 73 + 74 74 + // WebM 75 75 + if ( 76 76 + bytes[0] === 0x1a && 77 77 + bytes[1] === 0x45 && 78 78 + bytes[2] === 0xdf && 79 79 + bytes[3] === 0xa3 80 80 + ) { 81 81 + return "video/webm"; 82 82 + } 83 83 + 84 84 + return null; 85 85 + }

+315

src/index.ts

reviewed

··· 1 1 + import { Hono } from "hono"; 2 2 + import { cors } from "hono/cors"; 3 3 + import { requireAuth } from "./middleware/auth.js"; 4 4 + import type { RepoManager } from "./repo-manager.js"; 5 5 + import type { Firehose } from "./firehose.js"; 6 6 + import type { Config } from "./config.js"; 7 7 + import * as sync from "./xrpc/sync.js"; 8 8 + import * as repo from "./xrpc/repo.js"; 9 9 + import * as server from "./xrpc/server.js"; 10 10 + 11 11 + const VERSION = "0.1.0"; 12 12 + 13 13 + /** 14 14 + * Create the Hono app with all routes. 15 15 + * The repoManager and firehose are passed in from the server entry point. 16 16 + */ 17 17 + export function createApp( 18 18 + config: Config, 19 19 + repoManager: RepoManager, 20 20 + firehose: Firehose, 21 21 + ) { 22 22 + const app = new Hono<{ Bindings: Config }>(); 23 23 + 24 24 + // Bind config to all requests 25 25 + app.use("*", async (c, next) => { 26 26 + // Set config as bindings 27 27 + Object.assign(c.env, config); 28 28 + await next(); 29 29 + }); 30 30 + 31 31 + // CORS middleware 32 32 + app.use( 33 33 + "*", 34 34 + cors({ 35 35 + origin: "*", 36 36 + allowMethods: ["GET", "POST", "PUT", "DELETE", "OPTIONS"], 37 37 + allowHeaders: ["*"], 38 38 + exposeHeaders: ["Content-Type"], 39 39 + maxAge: 86400, 40 40 + }), 41 41 + ); 42 42 + 43 43 + // DID document for did:web resolution 44 44 + app.get("/.well-known/did.json", (c) => { 45 45 + const didDocument = { 46 46 + "@context": [ 47 47 + "https://www.w3.org/ns/did/v1", 48 48 + "https://w3id.org/security/multikey/v1", 49 49 + "https://w3id.org/security/suites/secp256k1-2019/v1", 50 50 + ], 51 51 + id: config.DID, 52 52 + alsoKnownAs: [`at://${config.HANDLE}`], 53 53 + verificationMethod: [ 54 54 + { 55 55 + id: `${config.DID}#atproto`, 56 56 + type: "Multikey", 57 57 + controller: config.DID, 58 58 + publicKeyMultibase: config.SIGNING_KEY_PUBLIC, 59 59 + }, 60 60 + ], 61 61 + service: [ 62 62 + { 63 63 + id: "#atproto_pds", 64 64 + type: "AtprotoPersonalDataServer", 65 65 + serviceEndpoint: `https://${config.PDS_HOSTNAME}`, 66 66 + }, 67 67 + ], 68 68 + }; 69 69 + return c.json(didDocument); 70 70 + }); 71 71 + 72 72 + // Handle verification for AT Protocol 73 73 + app.get("/.well-known/atproto-did", (c) => { 74 74 + if (config.HANDLE !== config.PDS_HOSTNAME) { 75 75 + return c.notFound(); 76 76 + } 77 77 + return new Response(config.DID, { 78 78 + headers: { "Content-Type": "text/plain" }, 79 79 + }); 80 80 + }); 81 81 + 82 82 + // Health check 83 83 + app.get("/xrpc/_health", (c) => { 84 84 + try { 85 85 + repoManager.healthCheck(); 86 86 + return c.json({ status: "ok", version: VERSION }); 87 87 + } catch { 88 88 + return c.json({ status: "unhealthy", version: VERSION }, 503); 89 89 + } 90 90 + }); 91 91 + 92 92 + // Homepage 93 93 + app.get("/", (c) => { 94 94 + const html = `<!DOCTYPE html> 95 95 + <html lang="en"> 96 96 + <head> 97 97 + <meta charset="utf-8"> 98 98 + <meta name="viewport" content="width=device-width, initial-scale=1"> 99 99 + <title>P2PDS</title> 100 100 + <style> 101 101 + * { margin: 0; padding: 0; box-sizing: border-box; } 102 102 + body { 103 103 + min-height: 100vh; 104 104 + display: flex; 105 105 + flex-direction: column; 106 106 + justify-content: center; 107 107 + align-items: center; 108 108 + font-family: ui-monospace, 'Cascadia Code', 'Source Code Pro', Menlo, Consolas, 'DejaVu Sans Mono', monospace; 109 109 + background: #f0f0f0; 110 110 + color: #000; 111 111 + padding: 2rem; 112 112 + } 113 113 + .name { font-size: clamp(1.5rem, 5vw, 3rem); font-weight: 700; letter-spacing: 0.2em; margin: 1rem 0; } 114 114 + .what { font-size: clamp(0.8rem, 2vw, 1rem); color: #666; max-width: 300px; text-align: center; } 115 115 + .handle { font-size: clamp(0.9rem, 2.5vw, 1.2rem); margin-top: 2rem; padding: 0.5rem 1rem; border: 2px solid #000; } 116 116 + .handle a { color: inherit; text-decoration: none; } 117 117 + .handle a:hover { text-decoration: underline; } 118 118 + .version { position: fixed; bottom: 1rem; right: 1rem; font-size: 0.7rem; color: #999; } 119 119 + </style> 120 120 + </head> 121 121 + <body> 122 122 + <div class="name">P2PDS</div> 123 123 + <div class="what">a personal data server for the atmosphere</div> 124 124 + <div class="handle"><a href="https://bsky.app/profile/${config.HANDLE}" target="_blank">@${config.HANDLE}</a></div> 125 125 + <div class="version">v${VERSION}</div> 126 126 + </body> 127 127 + </html>`; 128 128 + return c.html(html); 129 129 + }); 130 130 + 131 131 + // ============================================ 132 132 + // Sync endpoints (federation) 133 133 + // ============================================ 134 134 + app.get("/xrpc/com.atproto.sync.getRepo", (c) => 135 135 + sync.getRepo(c, repoManager), 136 136 + ); 137 137 + app.get("/xrpc/com.atproto.sync.getRepoStatus", (c) => 138 138 + sync.getRepoStatus(c, repoManager), 139 139 + ); 140 140 + app.get("/xrpc/com.atproto.sync.getBlocks", (c) => 141 141 + sync.getBlocks(c, repoManager), 142 142 + ); 143 143 + app.get("/xrpc/com.atproto.sync.getBlob", (c) => 144 144 + sync.getBlob(c, repoManager), 145 145 + ); 146 146 + app.get("/xrpc/com.atproto.sync.listRepos", (c) => 147 147 + sync.listRepos(c, repoManager), 148 148 + ); 149 149 + app.get("/xrpc/com.atproto.sync.listBlobs", (c) => 150 150 + sync.listBlobs(c, repoManager), 151 151 + ); 152 152 + app.get("/xrpc/com.atproto.sync.getRecord", (c) => 153 153 + sync.getRecord(c, repoManager), 154 154 + ); 155 155 + 156 156 + // WebSocket firehose - handled via ws library upgrade, not Hono 157 157 + // (see server.ts for WebSocket setup) 158 158 + 159 159 + // ============================================ 160 160 + // Repository operations 161 161 + // ============================================ 162 162 + app.use("/xrpc/com.atproto.repo.describeRepo", async (c, next) => { 163 163 + const requestedRepo = c.req.query("repo"); 164 164 + if (!requestedRepo || requestedRepo === config.DID) { 165 165 + return repo.describeRepo(c, repoManager); 166 166 + } 167 167 + await next(); 168 168 + }); 169 169 + 170 170 + app.use("/xrpc/com.atproto.repo.getRecord", async (c, next) => { 171 171 + const requestedRepo = c.req.query("repo"); 172 172 + if (!requestedRepo || requestedRepo === config.DID) { 173 173 + return repo.getRecord(c, repoManager); 174 174 + } 175 175 + await next(); 176 176 + }); 177 177 + 178 178 + app.use("/xrpc/com.atproto.repo.listRecords", async (c, next) => { 179 179 + const requestedRepo = c.req.query("repo"); 180 180 + if (!requestedRepo || requestedRepo === config.DID) { 181 181 + return repo.listRecords(c, repoManager); 182 182 + } 183 183 + await next(); 184 184 + }); 185 185 + 186 186 + // Write operations require authentication 187 187 + app.post("/xrpc/com.atproto.repo.createRecord", requireAuth, (c) => 188 188 + repo.createRecord(c, repoManager), 189 189 + ); 190 190 + app.post("/xrpc/com.atproto.repo.deleteRecord", requireAuth, (c) => 191 191 + repo.deleteRecord(c, repoManager), 192 192 + ); 193 193 + app.post("/xrpc/com.atproto.repo.uploadBlob", requireAuth, (c) => 194 194 + repo.uploadBlob(c, repoManager), 195 195 + ); 196 196 + app.post("/xrpc/com.atproto.repo.applyWrites", requireAuth, (c) => 197 197 + repo.applyWrites(c, repoManager), 198 198 + ); 199 199 + app.post("/xrpc/com.atproto.repo.putRecord", requireAuth, (c) => 200 200 + repo.putRecord(c, repoManager), 201 201 + ); 202 202 + app.post("/xrpc/com.atproto.repo.importRepo", requireAuth, (c) => 203 203 + repo.importRepo(c, repoManager), 204 204 + ); 205 205 + app.get("/xrpc/com.atproto.repo.listMissingBlobs", requireAuth, (c) => 206 206 + repo.listMissingBlobs(c, repoManager), 207 207 + ); 208 208 + 209 209 + // ============================================ 210 210 + // Server identity 211 211 + // ============================================ 212 212 + app.get("/xrpc/com.atproto.server.describeServer", server.describeServer); 213 213 + 214 214 + // Handle resolution 215 215 + app.get("/xrpc/com.atproto.identity.resolveHandle", (c) => { 216 216 + const handle = c.req.query("handle"); 217 217 + if (handle === config.HANDLE) { 218 218 + return c.json({ did: config.DID }); 219 219 + } 220 220 + return c.json( 221 221 + { error: "HandleNotFound", message: `Handle not found: ${handle}` }, 222 222 + 404, 223 223 + ); 224 224 + }); 225 225 + 226 226 + // ============================================ 227 227 + // Session management 228 228 + // ============================================ 229 229 + app.post("/xrpc/com.atproto.server.createSession", (c) => 230 230 + server.createSession(c, repoManager), 231 231 + ); 232 232 + app.post("/xrpc/com.atproto.server.refreshSession", (c) => 233 233 + server.refreshSession(c, repoManager), 234 234 + ); 235 235 + app.get("/xrpc/com.atproto.server.getSession", (c) => 236 236 + server.getSession(c, repoManager), 237 237 + ); 238 238 + app.post("/xrpc/com.atproto.server.deleteSession", server.deleteSession); 239 239 + 240 240 + // ============================================ 241 241 + // Account lifecycle 242 242 + // ============================================ 243 243 + app.get("/xrpc/com.atproto.server.checkAccountStatus", requireAuth, (c) => 244 244 + server.checkAccountStatus(c, repoManager), 245 245 + ); 246 246 + app.post("/xrpc/com.atproto.server.activateAccount", requireAuth, (c) => 247 247 + server.activateAccount(c, repoManager), 248 248 + ); 249 249 + app.post("/xrpc/com.atproto.server.deactivateAccount", requireAuth, (c) => 250 250 + server.deactivateAccount(c, repoManager), 251 251 + ); 252 252 + app.post("/xrpc/gg.mk.experimental.resetMigration", requireAuth, (c) => 253 253 + server.resetMigration(c, repoManager), 254 254 + ); 255 255 + app.post( 256 256 + "/xrpc/com.atproto.server.requestEmailUpdate", 257 257 + requireAuth, 258 258 + server.requestEmailUpdate, 259 259 + ); 260 260 + app.post( 261 261 + "/xrpc/com.atproto.server.requestEmailConfirmation", 262 262 + requireAuth, 263 263 + server.requestEmailConfirmation, 264 264 + ); 265 265 + app.post("/xrpc/com.atproto.server.updateEmail", requireAuth, (c) => 266 266 + server.updateEmail(c, repoManager), 267 267 + ); 268 268 + 269 269 + // Service auth 270 270 + app.get( 271 271 + "/xrpc/com.atproto.server.getServiceAuth", 272 272 + requireAuth, 273 273 + server.getServiceAuth, 274 274 + ); 275 275 + 276 276 + // ============================================ 277 277 + // Actor preferences 278 278 + // ============================================ 279 279 + app.get("/xrpc/app.bsky.actor.getPreferences", requireAuth, async (c) => { 280 280 + const result = await repoManager.getPreferences(); 281 281 + return c.json(result); 282 282 + }); 283 283 + app.post("/xrpc/app.bsky.actor.putPreferences", requireAuth, async (c) => { 284 284 + const body = await c.req.json<{ preferences: unknown[] }>(); 285 285 + await repoManager.putPreferences(body.preferences); 286 286 + return c.json({}); 287 287 + }); 288 288 + 289 289 + // ============================================ 290 290 + // Identity events 291 291 + // ============================================ 292 292 + app.post( 293 293 + "/xrpc/gg.mk.experimental.emitIdentityEvent", 294 294 + requireAuth, 295 295 + async (c) => { 296 296 + const result = await repoManager.emitIdentityEvent(config.HANDLE); 297 297 + return c.json(result); 298 298 + }, 299 299 + ); 300 300 + 301 301 + // ============================================ 302 302 + // Firehose status 303 303 + // ============================================ 304 304 + app.get( 305 305 + "/xrpc/gg.mk.experimental.getFirehoseStatus", 306 306 + requireAuth, 307 307 + (c) => { 308 308 + return c.json( 309 309 + repoManager.getFirehoseStatus(firehose.subscriberCount), 310 310 + ); 311 311 + }, 312 312 + ); 313 313 + 314 314 + return app; 315 315 + }

+107

src/middleware/auth.ts

reviewed

··· 1 1 + import type { Context, Next } from "hono"; 2 2 + import { verifyServiceJwt } from "../service-auth.js"; 3 3 + import { verifyAccessToken, TokenExpiredError } from "../session.js"; 4 4 + import type { Config } from "../config.js"; 5 5 + 6 6 + export interface AuthInfo { 7 7 + did: string; 8 8 + scope: string; 9 9 + } 10 10 + 11 11 + export type AuthVariables = { 12 12 + auth: AuthInfo; 13 13 + }; 14 14 + 15 15 + export async function requireAuth( 16 16 + c: Context<{ Bindings: Config; Variables: AuthVariables }>, 17 17 + next: Next, 18 18 + ): Promise<Response | void> { 19 19 + const auth = c.req.header("Authorization"); 20 20 + 21 21 + if (!auth) { 22 22 + return c.json( 23 23 + { 24 24 + error: "AuthMissing", 25 25 + message: "Authorization header required", 26 26 + }, 27 27 + 401, 28 28 + ); 29 29 + } 30 30 + 31 31 + // Handle Bearer tokens (session JWTs, static token, service JWTs) 32 32 + if (!auth.startsWith("Bearer ")) { 33 33 + return c.json( 34 34 + { 35 35 + error: "AuthMissing", 36 36 + message: "Invalid authorization scheme", 37 37 + }, 38 38 + 401, 39 39 + ); 40 40 + } 41 41 + 42 42 + const token = auth.slice(7); 43 43 + 44 44 + // Try static token first 45 45 + if (token === c.env.AUTH_TOKEN) { 46 46 + c.set("auth", { did: c.env.DID, scope: "com.atproto.access" }); 47 47 + return next(); 48 48 + } 49 49 + 50 50 + const serviceDid = `did:web:${c.env.PDS_HOSTNAME}`; 51 51 + 52 52 + // Try session JWT verification (HS256, signed with JWT_SECRET) 53 53 + try { 54 54 + const payload = await verifyAccessToken( 55 55 + token, 56 56 + c.env.JWT_SECRET, 57 57 + serviceDid, 58 58 + ); 59 59 + 60 60 + if (payload.sub !== c.env.DID) { 61 61 + return c.json( 62 62 + { 63 63 + error: "AuthenticationRequired", 64 64 + message: "Invalid access token", 65 65 + }, 66 66 + 401, 67 67 + ); 68 68 + } 69 69 + 70 70 + c.set("auth", { did: payload.sub, scope: payload.scope as string }); 71 71 + return next(); 72 72 + } catch (err) { 73 73 + if (err instanceof TokenExpiredError) { 74 74 + return c.json( 75 75 + { 76 76 + error: "ExpiredToken", 77 77 + message: err.message, 78 78 + }, 79 79 + 400, 80 80 + ); 81 81 + } 82 82 + // Session JWT verification failed, try service JWT 83 83 + } 84 84 + 85 85 + // Try service JWT verification (ES256K, signed with our signing key) 86 86 + try { 87 87 + const payload = await verifyServiceJwt( 88 88 + token, 89 89 + c.env.SIGNING_KEY, 90 90 + serviceDid, 91 91 + c.env.DID, 92 92 + ); 93 93 + 94 94 + c.set("auth", { did: payload.iss, scope: payload.lxm || "atproto" }); 95 95 + return next(); 96 96 + } catch { 97 97 + // Service JWT verification also failed 98 98 + } 99 99 + 100 100 + return c.json( 101 101 + { 102 102 + error: "AuthenticationRequired", 103 103 + message: "Invalid authentication token", 104 104 + }, 105 105 + 401, 106 106 + ); 107 107 + }

+864

src/repo-manager.ts

reviewed

··· 1 1 + import type Database from "better-sqlite3"; 2 2 + import { 3 3 + Repo, 4 4 + WriteOpAction, 5 5 + BlockMap, 6 6 + blocksToCarFile, 7 7 + readCarWithRoot, 8 8 + getRecords, 9 9 + type RecordCreateOp, 10 10 + type RecordUpdateOp, 11 11 + type RecordDeleteOp, 12 12 + type RecordWriteOp, 13 13 + } from "@atproto/repo"; 14 14 + type RepoRecord = Record<string, unknown>; 15 15 + import { Secp256k1Keypair } from "@atproto/crypto"; 16 16 + import { CID, asCid, isBlobRef } from "@atproto/lex-data"; 17 17 + import { now as tidNow } from "@atcute/tid"; 18 18 + import { encode as cborEncode } from "./cbor-compat.js"; 19 19 + import { SqliteRepoStorage } from "./storage.js"; 20 20 + import { 21 21 + Sequencer, 22 22 + type SeqEvent, 23 23 + type SeqCommitEvent, 24 24 + type SeqIdentityEvent, 25 25 + type CommitData, 26 26 + } from "./sequencer.js"; 27 27 + import { BlobStore, type BlobRef } from "./blobs.js"; 28 28 + import { jsonToLex, type JsonValue } from "@atproto/lex-json"; 29 29 + import type { Config } from "./config.js"; 30 30 + 31 31 + /** 32 32 + * RepoManager - manages a single user's AT Protocol repository. 33 33 + * 34 34 + * This is the Node.js equivalent of Cirrus's AccountDurableObject, 35 35 + * converted from a Cloudflare Durable Object to a plain class. 36 36 + */ 37 37 + export class RepoManager { 38 38 + storage: SqliteRepoStorage; 39 39 + private repo: Repo | null = null; 40 40 + private keypair: Secp256k1Keypair | null = null; 41 41 + sequencer: Sequencer; 42 42 + blobStore: BlobStore | null = null; 43 43 + private repoInitialized = false; 44 44 + 45 45 + /** Callback invoked when a firehose event is produced */ 46 46 + onFirehoseEvent?: (event: SeqEvent) => void; 47 47 + 48 48 + constructor( 49 49 + private db: Database.Database, 50 50 + private config: Config, 51 51 + ) { 52 52 + this.storage = new SqliteRepoStorage(db); 53 53 + this.sequencer = new Sequencer(db); 54 54 + } 55 55 + 56 56 + /** 57 57 + * Initialize storage schema and optionally the blob store. 58 58 + */ 59 59 + init(blobStore?: BlobStore): void { 60 60 + this.storage.initSchema(true); 61 61 + if (blobStore) { 62 62 + this.blobStore = blobStore; 63 63 + } 64 64 + } 65 65 + 66 66 + /** 67 67 + * Initialize the Repo instance. Called lazily on first repo access. 68 68 + */ 69 69 + private async ensureRepoInitialized(): Promise<void> { 70 70 + if (this.repoInitialized) return; 71 71 + 72 72 + this.keypair = await Secp256k1Keypair.import(this.config.SIGNING_KEY); 73 73 + 74 74 + const root = await this.storage.getRoot(); 75 75 + if (root) { 76 76 + this.repo = await Repo.load(this.storage, root); 77 77 + } else { 78 78 + this.repo = await Repo.create( 79 79 + this.storage, 80 80 + this.config.DID, 81 81 + this.keypair, 82 82 + ); 83 83 + } 84 84 + 85 85 + this.repoInitialized = true; 86 86 + } 87 87 + 88 88 + async getRepo(): Promise<Repo> { 89 89 + await this.ensureRepoInitialized(); 90 90 + return this.repo!; 91 91 + } 92 92 + 93 93 + async getKeypair(): Promise<Secp256k1Keypair> { 94 94 + await this.ensureRepoInitialized(); 95 95 + return this.keypair!; 96 96 + } 97 97 + 98 98 + async ensureActive(): Promise<void> { 99 99 + const isActive = await this.storage.getActive(); 100 100 + if (!isActive) { 101 101 + throw new Error( 102 102 + "AccountDeactivated: Account is deactivated. Call activateAccount to enable writes.", 103 103 + ); 104 104 + } 105 105 + } 106 106 + 107 107 + /** 108 108 + * Get new blocks for the current revision from the database. 109 109 + */ 110 110 + private getNewBlocksForRev(rev: string): BlockMap { 111 111 + const newBlocks = new BlockMap(); 112 112 + const rows = this.db 113 113 + .prepare("SELECT cid, bytes FROM blocks WHERE rev = ?") 114 114 + .all(rev) as Array<{ cid: string; bytes: Buffer }>; 115 115 + 116 116 + for (const row of rows) { 117 117 + const cid = CID.parse(row.cid); 118 118 + const bytes = new Uint8Array(row.bytes); 119 119 + newBlocks.set(cid, bytes); 120 120 + } 121 121 + return newBlocks; 122 122 + } 123 123 + 124 124 + /** 125 125 + * Sequence a commit and broadcast to firehose listeners. 126 126 + */ 127 127 + private async sequenceAndBroadcast( 128 128 + prevRev: string, 129 129 + ops: Array<RecordWriteOp & { cid?: CID | null }>, 130 130 + ): Promise<void> { 131 131 + const newBlocks = this.getNewBlocksForRev(this.repo!.commit.rev); 132 132 + 133 133 + const commitData: CommitData = { 134 134 + did: this.repo!.did, 135 135 + commit: this.repo!.cid, 136 136 + rev: this.repo!.commit.rev, 137 137 + since: prevRev, 138 138 + newBlocks, 139 139 + ops, 140 140 + }; 141 141 + 142 142 + const event = await this.sequencer.sequenceCommit(commitData); 143 143 + this.onFirehoseEvent?.(event); 144 144 + } 145 145 + 146 146 + // ============================================ 147 147 + // Repo Operations 148 148 + // ============================================ 149 149 + 150 150 + async describeRepo(): Promise<{ 151 151 + did: string; 152 152 + collections: string[]; 153 153 + cid: string; 154 154 + }> { 155 155 + const repo = await this.getRepo(); 156 156 + 157 157 + if (!this.storage.hasCollections() && (await this.storage.getRoot())) { 158 158 + const seen = new Set<string>(); 159 159 + for await (const record of repo.walkRecords()) { 160 160 + if (!seen.has(record.collection)) { 161 161 + seen.add(record.collection); 162 162 + this.storage.addCollection(record.collection); 163 163 + } 164 164 + } 165 165 + } 166 166 + 167 167 + return { 168 168 + did: repo.did, 169 169 + collections: this.storage.getCollections(), 170 170 + cid: repo.cid.toString(), 171 171 + }; 172 172 + } 173 173 + 174 174 + async getRecord( 175 175 + collection: string, 176 176 + rkey: string, 177 177 + ): Promise<{ cid: string; record: unknown } | null> { 178 178 + const repo = await this.getRepo(); 179 179 + 180 180 + const dataKey = `${collection}/${rkey}`; 181 181 + const recordCid = await repo.data.get(dataKey); 182 182 + if (!recordCid) return null; 183 183 + 184 184 + const record = await repo.getRecord(collection, rkey); 185 185 + if (!record) return null; 186 186 + 187 187 + return { 188 188 + cid: recordCid.toString(), 189 189 + record: serializeRecord(record), 190 190 + }; 191 191 + } 192 192 + 193 193 + async listRecords( 194 194 + collection: string, 195 195 + opts: { limit: number; cursor?: string; reverse?: boolean }, 196 196 + ): Promise<{ 197 197 + records: Array<{ uri: string; cid: string; value: unknown }>; 198 198 + cursor?: string; 199 199 + }> { 200 200 + const repo = await this.getRepo(); 201 201 + const records = []; 202 202 + const startFrom = opts.cursor || `${collection}/`; 203 203 + 204 204 + for await (const record of repo.walkRecords(startFrom)) { 205 205 + if (record.collection !== collection) { 206 206 + if (records.length > 0) break; 207 207 + continue; 208 208 + } 209 209 + 210 210 + records.push({ 211 211 + uri: `at://${repo.did}/${record.collection}/${record.rkey}`, 212 212 + cid: record.cid.toString(), 213 213 + value: serializeRecord(record.record), 214 214 + }); 215 215 + 216 216 + if (records.length >= opts.limit + 1) break; 217 217 + } 218 218 + 219 219 + if (opts.reverse) { 220 220 + records.reverse(); 221 221 + } 222 222 + 223 223 + const hasMore = records.length > opts.limit; 224 224 + const results = hasMore ? records.slice(0, opts.limit) : records; 225 225 + const cursor = hasMore 226 226 + ? `${collection}/${results[results.length - 1]?.uri.split("/").pop() ?? ""}` 227 227 + : undefined; 228 228 + 229 229 + return { records: results, cursor }; 230 230 + } 231 231 + 232 232 + async createRecord( 233 233 + collection: string, 234 234 + rkey: string | undefined, 235 235 + record: unknown, 236 236 + ): Promise<{ 237 237 + uri: string; 238 238 + cid: string; 239 239 + commit: { cid: string; rev: string }; 240 240 + }> { 241 241 + await this.ensureActive(); 242 242 + const repo = await this.getRepo(); 243 243 + const keypair = await this.getKeypair(); 244 244 + 245 245 + const actualRkey = rkey || tidNow(); 246 246 + const createOp: RecordCreateOp = { 247 247 + action: WriteOpAction.Create, 248 248 + collection, 249 249 + rkey: actualRkey, 250 250 + record: jsonToLex(record as JsonValue) as RepoRecord, 251 251 + }; 252 252 + 253 253 + const prevRev = repo.commit.rev; 254 254 + const updatedRepo = await repo.applyWrites([createOp], keypair); 255 255 + this.repo = updatedRepo; 256 256 + 257 257 + const dataKey = `${collection}/${actualRkey}`; 258 258 + const recordCid = await this.repo.data.get(dataKey); 259 259 + if (!recordCid) { 260 260 + throw new Error(`Failed to create record: ${collection}/${actualRkey}`); 261 261 + } 262 262 + 263 263 + this.storage.addCollection(collection); 264 264 + 265 265 + const opWithCid = { ...createOp, cid: recordCid }; 266 266 + await this.sequenceAndBroadcast(prevRev, [opWithCid]); 267 267 + 268 268 + return { 269 269 + uri: `at://${this.repo.did}/${collection}/${actualRkey}`, 270 270 + cid: recordCid.toString(), 271 271 + commit: { 272 272 + cid: this.repo.cid.toString(), 273 273 + rev: this.repo.commit.rev, 274 274 + }, 275 275 + }; 276 276 + } 277 277 + 278 278 + async deleteRecord( 279 279 + collection: string, 280 280 + rkey: string, 281 281 + ): Promise<{ commit: { cid: string; rev: string } } | null> { 282 282 + await this.ensureActive(); 283 283 + const repo = await this.getRepo(); 284 284 + const keypair = await this.getKeypair(); 285 285 + 286 286 + const existing = await repo.getRecord(collection, rkey); 287 287 + if (!existing) return null; 288 288 + 289 289 + const deleteOp: RecordDeleteOp = { 290 290 + action: WriteOpAction.Delete, 291 291 + collection, 292 292 + rkey, 293 293 + }; 294 294 + 295 295 + const prevRev = repo.commit.rev; 296 296 + const updatedRepo = await repo.applyWrites([deleteOp], keypair); 297 297 + this.repo = updatedRepo; 298 298 + 299 299 + await this.sequenceAndBroadcast(prevRev, [deleteOp]); 300 300 + 301 301 + return { 302 302 + commit: { 303 303 + cid: updatedRepo.cid.toString(), 304 304 + rev: updatedRepo.commit.rev, 305 305 + }, 306 306 + }; 307 307 + } 308 308 + 309 309 + async putRecord( 310 310 + collection: string, 311 311 + rkey: string, 312 312 + record: unknown, 313 313 + ): Promise<{ 314 314 + uri: string; 315 315 + cid: string; 316 316 + commit: { cid: string; rev: string }; 317 317 + validationStatus: string; 318 318 + }> { 319 319 + await this.ensureActive(); 320 320 + const repo = await this.getRepo(); 321 321 + const keypair = await this.getKeypair(); 322 322 + 323 323 + const existing = await repo.getRecord(collection, rkey); 324 324 + const isUpdate = existing !== null; 325 325 + 326 326 + const normalizedRecord = jsonToLex(record as JsonValue) as RepoRecord; 327 327 + const op: RecordWriteOp = isUpdate 328 328 + ? ({ 329 329 + action: WriteOpAction.Update, 330 330 + collection, 331 331 + rkey, 332 332 + record: normalizedRecord, 333 333 + } as RecordUpdateOp) 334 334 + : ({ 335 335 + action: WriteOpAction.Create, 336 336 + collection, 337 337 + rkey, 338 338 + record: normalizedRecord, 339 339 + } as RecordCreateOp); 340 340 + 341 341 + const prevRev = repo.commit.rev; 342 342 + const updatedRepo = await repo.applyWrites([op], keypair); 343 343 + this.repo = updatedRepo; 344 344 + 345 345 + const dataKey = `${collection}/${rkey}`; 346 346 + const recordCid = await this.repo.data.get(dataKey); 347 347 + if (!recordCid) { 348 348 + throw new Error(`Failed to put record: ${collection}/${rkey}`); 349 349 + } 350 350 + 351 351 + this.storage.addCollection(collection); 352 352 + 353 353 + const opWithCid = { ...op, cid: recordCid }; 354 354 + await this.sequenceAndBroadcast(prevRev, [opWithCid]); 355 355 + 356 356 + return { 357 357 + uri: `at://${this.repo.did}/${collection}/${rkey}`, 358 358 + cid: recordCid.toString(), 359 359 + commit: { 360 360 + cid: this.repo.cid.toString(), 361 361 + rev: this.repo.commit.rev, 362 362 + }, 363 363 + validationStatus: "valid", 364 364 + }; 365 365 + } 366 366 + 367 367 + async applyWrites( 368 368 + writes: Array<{ 369 369 + $type: string; 370 370 + collection: string; 371 371 + rkey?: string; 372 372 + value?: unknown; 373 373 + }>, 374 374 + ): Promise<{ 375 375 + commit: { cid: string; rev: string }; 376 376 + results: Array<{ 377 377 + $type: string; 378 378 + uri?: string; 379 379 + cid?: string; 380 380 + validationStatus?: string; 381 381 + }>; 382 382 + }> { 383 383 + await this.ensureActive(); 384 384 + const repo = await this.getRepo(); 385 385 + const keypair = await this.getKeypair(); 386 386 + 387 387 + const ops: RecordWriteOp[] = []; 388 388 + const results: Array<{ 389 389 + $type: string; 390 390 + collection: string; 391 391 + rkey: string; 392 392 + action: WriteOpAction; 393 393 + }> = []; 394 394 + 395 395 + for (const write of writes) { 396 396 + if (write.$type === "com.atproto.repo.applyWrites#create") { 397 397 + const rkey = write.rkey || tidNow(); 398 398 + const op: RecordCreateOp = { 399 399 + action: WriteOpAction.Create, 400 400 + collection: write.collection, 401 401 + rkey, 402 402 + record: jsonToLex(write.value as JsonValue) as RepoRecord, 403 403 + }; 404 404 + ops.push(op); 405 405 + results.push({ 406 406 + $type: "com.atproto.repo.applyWrites#createResult", 407 407 + collection: write.collection, 408 408 + rkey, 409 409 + action: WriteOpAction.Create, 410 410 + }); 411 411 + } else if (write.$type === "com.atproto.repo.applyWrites#update") { 412 412 + if (!write.rkey) throw new Error("Update requires rkey"); 413 413 + const op: RecordUpdateOp = { 414 414 + action: WriteOpAction.Update, 415 415 + collection: write.collection, 416 416 + rkey: write.rkey, 417 417 + record: jsonToLex(write.value as JsonValue) as RepoRecord, 418 418 + }; 419 419 + ops.push(op); 420 420 + results.push({ 421 421 + $type: "com.atproto.repo.applyWrites#updateResult", 422 422 + collection: write.collection, 423 423 + rkey: write.rkey, 424 424 + action: WriteOpAction.Update, 425 425 + }); 426 426 + } else if (write.$type === "com.atproto.repo.applyWrites#delete") { 427 427 + if (!write.rkey) throw new Error("Delete requires rkey"); 428 428 + const op: RecordDeleteOp = { 429 429 + action: WriteOpAction.Delete, 430 430 + collection: write.collection, 431 431 + rkey: write.rkey, 432 432 + }; 433 433 + ops.push(op); 434 434 + results.push({ 435 435 + $type: "com.atproto.repo.applyWrites#deleteResult", 436 436 + collection: write.collection, 437 437 + rkey: write.rkey, 438 438 + action: WriteOpAction.Delete, 439 439 + }); 440 440 + } else { 441 441 + throw new Error(`Unknown write type: ${write.$type}`); 442 442 + } 443 443 + } 444 444 + 445 445 + const prevRev = repo.commit.rev; 446 446 + const updatedRepo = await repo.applyWrites(ops, keypair); 447 447 + this.repo = updatedRepo; 448 448 + 449 449 + for (const op of ops) { 450 450 + if (op.action !== WriteOpAction.Delete) { 451 451 + this.storage.addCollection(op.collection); 452 452 + } 453 453 + } 454 454 + 455 455 + const finalResults: Array<{ 456 456 + $type: string; 457 457 + uri?: string; 458 458 + cid?: string; 459 459 + validationStatus?: string; 460 460 + }> = []; 461 461 + const opsWithCids: Array<RecordWriteOp & { cid?: CID | null }> = []; 462 462 + 463 463 + for (let i = 0; i < results.length; i++) { 464 464 + const result = results[i]!; 465 465 + const op = ops[i]!; 466 466 + 467 467 + if (result.action === WriteOpAction.Delete) { 468 468 + finalResults.push({ $type: result.$type }); 469 469 + opsWithCids.push(op); 470 470 + } else { 471 471 + const dataKey = `${result.collection}/${result.rkey}`; 472 472 + const recordCid = await this.repo.data.get(dataKey); 473 473 + finalResults.push({ 474 474 + $type: result.$type, 475 475 + uri: `at://${this.repo.did}/${result.collection}/${result.rkey}`, 476 476 + cid: recordCid?.toString(), 477 477 + validationStatus: "valid", 478 478 + }); 479 479 + opsWithCids.push({ ...op, cid: recordCid }); 480 480 + } 481 481 + } 482 482 + 483 483 + await this.sequenceAndBroadcast(prevRev, opsWithCids); 484 484 + 485 485 + return { 486 486 + commit: { 487 487 + cid: this.repo.cid.toString(), 488 488 + rev: this.repo.commit.rev, 489 489 + }, 490 490 + results: finalResults, 491 491 + }; 492 492 + } 493 493 + 494 494 + // ============================================ 495 495 + // Repo Export/Import 496 496 + // ============================================ 497 497 + 498 498 + async getRepoStatus(): Promise<{ 499 499 + did: string; 500 500 + head: string; 501 501 + rev: string; 502 502 + }> { 503 503 + const repo = await this.getRepo(); 504 504 + return { 505 505 + did: repo.did, 506 506 + head: repo.cid.toString(), 507 507 + rev: repo.commit.rev, 508 508 + }; 509 509 + } 510 510 + 511 511 + async getRepoCar(): Promise<Uint8Array> { 512 512 + const root = await this.storage.getRoot(); 513 513 + if (!root) throw new Error("No repository root found"); 514 514 + 515 515 + const rows = this.db 516 516 + .prepare("SELECT cid, bytes FROM blocks") 517 517 + .all() as Array<{ cid: string; bytes: Buffer }>; 518 518 + 519 519 + const blocks = new BlockMap(); 520 520 + for (const row of rows) { 521 521 + const cid = CID.parse(row.cid); 522 522 + const bytes = new Uint8Array(row.bytes); 523 523 + blocks.set(cid, bytes); 524 524 + } 525 525 + 526 526 + return blocksToCarFile(root, blocks); 527 527 + } 528 528 + 529 529 + async getBlocks(cids: string[]): Promise<Uint8Array> { 530 530 + const root = await this.storage.getRoot(); 531 531 + if (!root) throw new Error("No repository root found"); 532 532 + 533 533 + const blocks = new BlockMap(); 534 534 + for (const cidStr of cids) { 535 535 + const cid = CID.parse(cidStr); 536 536 + const bytes = await this.storage.getBytes(cid); 537 537 + if (bytes) { 538 538 + blocks.set(cid, bytes); 539 539 + } 540 540 + } 541 541 + 542 542 + return blocksToCarFile(root, blocks); 543 543 + } 544 544 + 545 545 + async getRecordProof( 546 546 + collection: string, 547 547 + rkey: string, 548 548 + ): Promise<Uint8Array> { 549 549 + const root = await this.storage.getRoot(); 550 550 + if (!root) throw new Error("No repository root found"); 551 551 + 552 552 + const carChunks: Uint8Array[] = []; 553 553 + for await (const chunk of getRecords(this.storage, root, [ 554 554 + { collection, rkey }, 555 555 + ])) { 556 556 + carChunks.push(chunk); 557 557 + } 558 558 + 559 559 + const totalLength = carChunks.reduce((acc, chunk) => acc + chunk.length, 0); 560 560 + const result = new Uint8Array(totalLength); 561 561 + let offset = 0; 562 562 + for (const chunk of carChunks) { 563 563 + result.set(chunk, offset); 564 564 + offset += chunk.length; 565 565 + } 566 566 + 567 567 + return result; 568 568 + } 569 569 + 570 570 + async importRepo(carBytes: Uint8Array): Promise<{ 571 571 + did: string; 572 572 + rev: string; 573 573 + cid: string; 574 574 + }> { 575 575 + const isActive = await this.storage.getActive(); 576 576 + const existingRoot = await this.storage.getRoot(); 577 577 + 578 578 + if (isActive && existingRoot) { 579 579 + throw new Error( 580 580 + "Repository already exists. Cannot import over existing repository.", 581 581 + ); 582 582 + } 583 583 + 584 584 + if (existingRoot) { 585 585 + await this.storage.destroy(); 586 586 + this.repo = null; 587 587 + this.repoInitialized = false; 588 588 + } 589 589 + 590 590 + const { root: rootCid, blocks } = await readCarWithRoot(carBytes); 591 591 + 592 592 + const importRev = tidNow(); 593 593 + await this.storage.putMany(blocks, importRev); 594 594 + 595 595 + this.keypair = await Secp256k1Keypair.import(this.config.SIGNING_KEY); 596 596 + this.repo = await Repo.load(this.storage, rootCid); 597 597 + 598 598 + await this.storage.updateRoot(rootCid, this.repo.commit.rev); 599 599 + 600 600 + if (this.repo.did !== this.config.DID) { 601 601 + await this.storage.destroy(); 602 602 + throw new Error( 603 603 + `DID mismatch: CAR file contains DID ${this.repo.did}, but expected ${this.config.DID}`, 604 604 + ); 605 605 + } 606 606 + 607 607 + this.repoInitialized = true; 608 608 + 609 609 + const seenCollections = new Set<string>(); 610 610 + for await (const record of this.repo.walkRecords()) { 611 611 + if (!seenCollections.has(record.collection)) { 612 612 + seenCollections.add(record.collection); 613 613 + this.storage.addCollection(record.collection); 614 614 + } 615 615 + const blobCids = extractBlobCids(record.record); 616 616 + if (blobCids.length > 0) { 617 617 + const uri = `at://${this.repo.did}/${record.collection}/${record.rkey}`; 618 618 + this.storage.addRecordBlobs(uri, blobCids); 619 619 + } 620 620 + } 621 621 + 622 622 + return { 623 623 + did: this.repo.did, 624 624 + rev: this.repo.commit.rev, 625 625 + cid: rootCid.toString(), 626 626 + }; 627 627 + } 628 628 + 629 629 + // ============================================ 630 630 + // Blob Operations 631 631 + // ============================================ 632 632 + 633 633 + async uploadBlob(bytes: Uint8Array, mimeType: string): Promise<BlobRef> { 634 634 + if (!this.blobStore) { 635 635 + throw new Error("Blob storage not configured"); 636 636 + } 637 637 + 638 638 + const MAX_BLOB_SIZE = 60 * 1024 * 1024; 639 639 + if (bytes.length > MAX_BLOB_SIZE) { 640 640 + throw new Error( 641 641 + `Blob too large: ${bytes.length} bytes (max ${MAX_BLOB_SIZE})`, 642 642 + ); 643 643 + } 644 644 + 645 645 + const blobRef = await this.blobStore.putBlob(bytes, mimeType); 646 646 + this.storage.trackImportedBlob(blobRef.ref.$link, bytes.length, mimeType); 647 647 + 648 648 + return blobRef; 649 649 + } 650 650 + 651 651 + // ============================================ 652 652 + // Preferences 653 653 + // ============================================ 654 654 + 655 655 + async getPreferences(): Promise<{ preferences: unknown[] }> { 656 656 + const preferences = await this.storage.getPreferences(); 657 657 + return { preferences }; 658 658 + } 659 659 + 660 660 + async putPreferences(preferences: unknown[]): Promise<void> { 661 661 + await this.storage.putPreferences(preferences); 662 662 + } 663 663 + 664 664 + // ============================================ 665 665 + // Account State 666 666 + // ============================================ 667 667 + 668 668 + async getEmail(): Promise<{ email: string | null }> { 669 669 + return { email: this.storage.getEmail() }; 670 670 + } 671 671 + 672 672 + async updateEmail(email: string): Promise<void> { 673 673 + this.storage.setEmail(email); 674 674 + } 675 675 + 676 676 + async getActive(): Promise<boolean> { 677 677 + return this.storage.getActive(); 678 678 + } 679 679 + 680 680 + async activateAccount(): Promise<void> { 681 681 + await this.storage.setActive(true); 682 682 + } 683 683 + 684 684 + async deactivateAccount(): Promise<void> { 685 685 + await this.storage.setActive(false); 686 686 + } 687 687 + 688 688 + // ============================================ 689 689 + // Migration Progress 690 690 + // ============================================ 691 691 + 692 692 + async countBlocks(): Promise<number> { 693 693 + return this.storage.countBlocks(); 694 694 + } 695 695 + 696 696 + async countRecords(): Promise<number> { 697 697 + const repo = await this.getRepo(); 698 698 + let count = 0; 699 699 + for await (const _record of repo.walkRecords()) { 700 700 + count++; 701 701 + } 702 702 + return count; 703 703 + } 704 704 + 705 705 + async countExpectedBlobs(): Promise<number> { 706 706 + return this.storage.countExpectedBlobs(); 707 707 + } 708 708 + 709 709 + async countImportedBlobs(): Promise<number> { 710 710 + return this.storage.countImportedBlobs(); 711 711 + } 712 712 + 713 713 + async listMissingBlobs( 714 714 + limit: number = 500, 715 715 + cursor?: string, 716 716 + ): Promise<{ 717 717 + blobs: Array<{ cid: string; recordUri: string }>; 718 718 + cursor?: string; 719 719 + }> { 720 720 + return this.storage.listMissingBlobs(limit, cursor); 721 721 + } 722 722 + 723 723 + async resetMigration(): Promise<{ 724 724 + blocksDeleted: number; 725 725 + blobsCleared: number; 726 726 + }> { 727 727 + const isActive = await this.storage.getActive(); 728 728 + if (isActive) { 729 729 + throw new Error( 730 730 + "AccountActive: Cannot reset migration on an active account. Deactivate first.", 731 731 + ); 732 732 + } 733 733 + 734 734 + const blocksDeleted = await this.storage.countBlocks(); 735 735 + const blobsCleared = this.storage.countImportedBlobs(); 736 736 + 737 737 + await this.storage.destroy(); 738 738 + this.storage.clearBlobTracking(); 739 739 + 740 740 + this.repo = null; 741 741 + this.repoInitialized = false; 742 742 + 743 743 + return { blocksDeleted, blobsCleared }; 744 744 + } 745 745 + 746 746 + // ============================================ 747 747 + // Identity Events 748 748 + // ============================================ 749 749 + 750 750 + async emitIdentityEvent(handle: string): Promise<{ seq: number }> { 751 751 + const time = new Date().toISOString(); 752 752 + 753 753 + const result = this.db 754 754 + .prepare( 755 755 + `INSERT INTO firehose_events (event_type, payload) 756 756 + VALUES ('identity', ?)`, 757 757 + ) 758 758 + .run(Buffer.alloc(0)); 759 759 + const seq = Number(result.lastInsertRowid); 760 760 + 761 761 + const event: SeqIdentityEvent = { 762 762 + seq, 763 763 + type: "identity", 764 764 + event: { 765 765 + seq, 766 766 + did: this.config.DID, 767 767 + time, 768 768 + handle, 769 769 + }, 770 770 + time, 771 771 + }; 772 772 + 773 773 + this.onFirehoseEvent?.(event); 774 774 + 775 775 + return { seq }; 776 776 + } 777 777 + 778 778 + // ============================================ 779 779 + // Health 780 780 + // ============================================ 781 781 + 782 782 + healthCheck(): { ok: true } { 783 783 + this.db.prepare("SELECT 1").get(); 784 784 + return { ok: true }; 785 785 + } 786 786 + 787 787 + getFirehoseStatus(subscriberCount: number): { 788 788 + subscribers: number; 789 789 + latestSeq: number | null; 790 790 + } { 791 791 + const seq = this.sequencer.getLatestSeq(); 792 792 + return { 793 793 + subscribers: subscriberCount, 794 794 + latestSeq: seq || null, 795 795 + }; 796 796 + } 797 797 + } 798 798 + 799 799 + // ============================================ 800 800 + // Utility Functions 801 801 + // ============================================ 802 802 + 803 803 + /** 804 804 + * Serialize a record for JSON by converting CID objects to { $link: "..." } format. 805 805 + */ 806 806 + function serializeRecord(obj: unknown): unknown { 807 807 + if (obj === null || obj === undefined) return obj; 808 808 + 809 809 + const cid = asCid(obj); 810 810 + if (cid) { 811 811 + return { $link: cid.toString() }; 812 812 + } 813 813 + 814 814 + if (obj instanceof Uint8Array) { 815 815 + let binary = ""; 816 816 + for (let i = 0; i < obj.length; i++) { 817 817 + binary += String.fromCharCode(obj[i]!); 818 818 + } 819 819 + return { $bytes: btoa(binary) }; 820 820 + } 821 821 + 822 822 + if (Array.isArray(obj)) { 823 823 + return obj.map(serializeRecord); 824 824 + } 825 825 + 826 826 + if (typeof obj === "object") { 827 827 + const result: Record<string, unknown> = {}; 828 828 + for (const [key, value] of Object.entries(obj)) { 829 829 + result[key] = serializeRecord(value); 830 830 + } 831 831 + return result; 832 832 + } 833 833 + 834 834 + return obj; 835 835 + } 836 836 + 837 837 + /** 838 838 + * Extract blob CIDs from a record by recursively searching for blob references. 839 839 + */ 840 840 + function extractBlobCids(obj: unknown): string[] { 841 841 + const cids: string[] = []; 842 842 + 843 843 + function walk(value: unknown): void { 844 844 + if (value === null || value === undefined) return; 845 845 + 846 846 + if (isBlobRef(value)) { 847 847 + cids.push(value.ref.toString()); 848 848 + return; 849 849 + } 850 850 + 851 851 + if (Array.isArray(value)) { 852 852 + for (const item of value) { 853 853 + walk(item); 854 854 + } 855 855 + } else if (typeof value === "object") { 856 856 + for (const key of Object.keys(value as Record<string, unknown>)) { 857 857 + walk((value as Record<string, unknown>)[key]); 858 858 + } 859 859 + } 860 860 + } 861 861 + 862 862 + walk(obj); 863 863 + return cids; 864 864 + }

+224

src/sequencer.ts

reviewed

··· 1 1 + import type Database from "better-sqlite3"; 2 2 + import { encode as cborEncode, decode as cborDecode } from "./cbor-compat.js"; 3 3 + import { CID } from "@atproto/lex-data"; 4 4 + import { blocksToCarFile, type BlockMap } from "@atproto/repo"; 5 5 + import type { RecordWriteOp } from "@atproto/repo"; 6 6 + 7 7 + /** 8 8 + * Commit event payload for the firehose 9 9 + */ 10 10 + export interface CommitEvent { 11 11 + seq: number; 12 12 + rebase: boolean; 13 13 + tooBig: boolean; 14 14 + repo: string; 15 15 + commit: CID; 16 16 + rev: string; 17 17 + since: string | null; 18 18 + blocks: Uint8Array; 19 19 + ops: RepoOp[]; 20 20 + blobs: CID[]; 21 21 + time: string; 22 22 + } 23 23 + 24 24 + /** 25 25 + * Identity event payload for the firehose 26 26 + */ 27 27 + export interface IdentityEvent { 28 28 + seq: number; 29 29 + did: string; 30 30 + handle: string; 31 31 + time: string; 32 32 + } 33 33 + 34 34 + /** 35 35 + * Repository operation in a commit 36 36 + */ 37 37 + export interface RepoOp { 38 38 + action: "create" | "update" | "delete"; 39 39 + path: string; 40 40 + cid: CID | null; 41 41 + } 42 42 + 43 43 + /** 44 44 + * Sequenced commit event wrapper 45 45 + */ 46 46 + export interface SeqCommitEvent { 47 47 + seq: number; 48 48 + type: "commit"; 49 49 + event: CommitEvent; 50 50 + time: string; 51 51 + } 52 52 + 53 53 + /** 54 54 + * Sequenced identity event wrapper 55 55 + */ 56 56 + export interface SeqIdentityEvent { 57 57 + seq: number; 58 58 + type: "identity"; 59 59 + event: IdentityEvent; 60 60 + time: string; 61 61 + } 62 62 + 63 63 + /** 64 64 + * Sequenced event (commit or identity) 65 65 + */ 66 66 + export type SeqEvent = SeqCommitEvent | SeqIdentityEvent; 67 67 + 68 68 + /** 69 69 + * Data needed to sequence a commit 70 70 + */ 71 71 + export interface CommitData { 72 72 + did: string; 73 73 + commit: CID; 74 74 + rev: string; 75 75 + since: string | null; 76 76 + newBlocks: BlockMap; 77 77 + ops: Array<RecordWriteOp & { cid?: CID | null }>; 78 78 + } 79 79 + 80 80 + /** 81 81 + * Sequencer manages the firehose event log. 82 82 + * 83 83 + * Stores commit events in SQLite and provides methods for: 84 84 + * - Sequencing new commits 85 85 + * - Backfilling events from a cursor 86 86 + * - Getting the latest sequence number 87 87 + */ 88 88 + export class Sequencer { 89 89 + private _insertStmt?: Database.Statement; 90 90 + private _getEventsSinceStmt?: Database.Statement; 91 91 + private _getLatestSeqStmt?: Database.Statement; 92 92 + 93 93 + constructor(private db: Database.Database) {} 94 94 + 95 95 + /** Lazily prepare statements (tables must exist first via initSchema) */ 96 96 + private get insertStmt() { 97 97 + return (this._insertStmt ??= this.db.prepare( 98 98 + `INSERT INTO firehose_events (event_type, payload) 99 99 + VALUES ('commit', ?)`, 100 100 + )); 101 101 + } 102 102 + private get getEventsSinceStmt() { 103 103 + return (this._getEventsSinceStmt ??= this.db.prepare( 104 104 + `SELECT seq, event_type, payload, created_at 105 105 + FROM firehose_events 106 106 + WHERE seq > ? 107 107 + ORDER BY seq ASC 108 108 + LIMIT ?`, 109 109 + )); 110 110 + } 111 111 + private get getLatestSeqStmt() { 112 112 + return (this._getLatestSeqStmt ??= this.db.prepare( 113 113 + "SELECT MAX(seq) as seq FROM firehose_events", 114 114 + )); 115 115 + } 116 116 + 117 117 + /** 118 118 + * Add a commit to the firehose sequence. 119 119 + * Returns the complete sequenced event for broadcasting. 120 120 + */ 121 121 + async sequenceCommit(data: CommitData): Promise<SeqEvent> { 122 122 + // Create CAR slice with commit diff 123 123 + const carBytes = await blocksToCarFile(data.commit, data.newBlocks); 124 124 + const time = new Date().toISOString(); 125 125 + 126 126 + // Build event payload 127 127 + const eventPayload: Omit<CommitEvent, "seq"> = { 128 128 + repo: data.did, 129 129 + commit: data.commit, 130 130 + rev: data.rev, 131 131 + since: data.since, 132 132 + blocks: carBytes, 133 133 + ops: data.ops.map( 134 134 + (op): RepoOp => ({ 135 135 + action: op.action as "create" | "update" | "delete", 136 136 + path: `${op.collection}/${op.rkey}`, 137 137 + cid: ("cid" in op && op.cid ? op.cid : null) as CID | null, 138 138 + }), 139 139 + ), 140 140 + rebase: false, 141 141 + tooBig: carBytes.length > 1_000_000, 142 142 + blobs: [], 143 143 + time, 144 144 + }; 145 145 + 146 146 + // Store in SQLite 147 147 + const payload = cborEncode(eventPayload); 148 148 + const result = this.insertStmt.run(Buffer.from(payload)); 149 149 + const seq = Number(result.lastInsertRowid); 150 150 + 151 151 + return { 152 152 + seq, 153 153 + type: "commit", 154 154 + event: { 155 155 + ...eventPayload, 156 156 + seq, 157 157 + }, 158 158 + time, 159 159 + }; 160 160 + } 161 161 + 162 162 + /** 163 163 + * Get events from a cursor position. 164 164 + */ 165 165 + async getEventsSince(cursor: number, limit = 100): Promise<SeqEvent[]> { 166 166 + const rows = this.getEventsSinceStmt.all(cursor, limit) as Array<{ 167 167 + seq: number; 168 168 + event_type: string; 169 169 + payload: Buffer; 170 170 + created_at: string; 171 171 + }>; 172 172 + 173 173 + const events: SeqEvent[] = []; 174 174 + 175 175 + for (const row of rows) { 176 176 + const payload = new Uint8Array(row.payload); 177 177 + const seq = row.seq; 178 178 + const time = row.created_at; 179 179 + 180 180 + if (row.event_type === "identity") { 181 181 + if (payload.length === 0) continue; 182 182 + const decoded = cborDecode(payload) as Omit<IdentityEvent, "seq">; 183 183 + events.push({ 184 184 + seq, 185 185 + type: "identity", 186 186 + event: { ...decoded, seq }, 187 187 + time, 188 188 + }); 189 189 + } else { 190 190 + const decoded = cborDecode(payload) as Omit<CommitEvent, "seq">; 191 191 + events.push({ 192 192 + seq, 193 193 + type: "commit", 194 194 + event: { ...decoded, seq }, 195 195 + time, 196 196 + }); 197 197 + } 198 198 + } 199 199 + 200 200 + return events; 201 201 + } 202 202 + 203 203 + /** 204 204 + * Get the latest sequence number. 205 205 + */ 206 206 + getLatestSeq(): number { 207 207 + const result = this.getLatestSeqStmt.get() as { 208 208 + seq: number | null; 209 209 + }; 210 210 + return result?.seq ?? 0; 211 211 + } 212 212 + 213 213 + /** 214 214 + * Prune old events to keep the log from growing indefinitely. 215 215 + */ 216 216 + async pruneOldEvents(keepCount = 10000): Promise<void> { 217 217 + this.db 218 218 + .prepare( 219 219 + `DELETE FROM firehose_events 220 220 + WHERE seq < (SELECT MAX(seq) - ? FROM firehose_events)`, 221 221 + ) 222 222 + .run(keepCount); 223 223 + } 224 224 + }

+68

src/server.ts

reviewed

··· 1 1 + import { getRequestListener } from "@hono/node-server"; 2 2 + import { createServer } from "node:http"; 3 3 + import { mkdirSync } from "node:fs"; 4 4 + import { resolve } from "node:path"; 5 5 + import Database from "better-sqlite3"; 6 6 + import { WebSocketServer } from "ws"; 7 7 + import pc from "picocolors"; 8 8 + 9 9 + import { loadConfig } from "./config.js"; 10 10 + import { RepoManager } from "./repo-manager.js"; 11 11 + import { BlobStore } from "./blobs.js"; 12 12 + import { Firehose } from "./firehose.js"; 13 13 + import { createApp } from "./index.js"; 14 14 + 15 15 + // Load configuration 16 16 + const config = loadConfig(); 17 17 + 18 18 + // Ensure data directory exists 19 19 + const dataDir = resolve(config.DATA_DIR); 20 20 + mkdirSync(dataDir, { recursive: true }); 21 21 + 22 22 + // Initialize SQLite database 23 23 + const dbPath = resolve(dataDir, "pds.db"); 24 24 + const db = new Database(dbPath); 25 25 + db.pragma("journal_mode = WAL"); 26 26 + db.pragma("synchronous = NORMAL"); 27 27 + 28 28 + // Initialize repo manager 29 29 + const repoManager = new RepoManager(db, config); 30 30 + const blobStore = new BlobStore(dataDir, config.DID); 31 31 + repoManager.init(blobStore); 32 32 + 33 33 + // Initialize firehose 34 34 + const firehose = new Firehose(repoManager); 35 35 + 36 36 + // Create Hono app 37 37 + const app = createApp(config, repoManager, firehose); 38 38 + 39 39 + // Create HTTP server using @hono/node-server's request listener 40 40 + const requestListener = getRequestListener(app.fetch); 41 41 + const httpServer = createServer(requestListener); 42 42 + 43 43 + // Set up WebSocket server for firehose 44 44 + const wss = new WebSocketServer({ noServer: true }); 45 45 + 46 46 + httpServer.on("upgrade", (request, socket, head) => { 47 47 + const url = new URL(request.url ?? "/", `http://localhost:${config.PORT}`); 48 48 + 49 49 + if (url.pathname === "/xrpc/com.atproto.sync.subscribeRepos") { 50 50 + wss.handleUpgrade(request, socket, head, (ws) => { 51 51 + firehose.handleConnection(ws, request); 52 52 + }); 53 53 + } else { 54 54 + socket.destroy(); 55 55 + } 56 56 + }); 57 57 + 58 58 + // Start server 59 59 + httpServer.listen(config.PORT, () => { 60 60 + console.log( 61 61 + pc.bold(`\nP2PDS running at `) + 62 62 + pc.cyan(`http://localhost:${config.PORT}`), 63 63 + ); 64 64 + console.log(pc.dim(` DID: ${config.DID}`)); 65 65 + console.log(pc.dim(` Handle: @${config.HANDLE}`)); 66 66 + console.log(pc.dim(` Data: ${dataDir}`)); 67 67 + console.log(); 68 68 + });

+134

src/service-auth.ts

reviewed

··· 1 1 + import { Secp256k1Keypair, randomStr, verifySignature } from "@atproto/crypto"; 2 2 + 3 3 + const MINUTE = 60; 4 4 + const SERVICE_JWT_EXPIRY_SECONDS = 5 * MINUTE; 5 5 + 6 6 + let cachedKeypair: Secp256k1Keypair | null = null; 7 7 + let cachedSigningKey: string | null = null; 8 8 + 9 9 + export async function getSigningKeypair( 10 10 + signingKey: string, 11 11 + ): Promise<Secp256k1Keypair> { 12 12 + if (cachedKeypair && cachedSigningKey === signingKey) { 13 13 + return cachedKeypair; 14 14 + } 15 15 + cachedKeypair = await Secp256k1Keypair.import(signingKey); 16 16 + cachedSigningKey = signingKey; 17 17 + return cachedKeypair; 18 18 + } 19 19 + 20 20 + export interface ServiceJwtPayload { 21 21 + iss: string; 22 22 + aud: string; 23 23 + exp: number; 24 24 + iat?: number; 25 25 + lxm?: string; 26 26 + jti?: string; 27 27 + } 28 28 + 29 29 + type ServiceJwtParams = { 30 30 + iss: string; 31 31 + aud: string; 32 32 + lxm: string | null; 33 33 + keypair: Secp256k1Keypair; 34 34 + }; 35 35 + 36 36 + function jsonToB64Url(json: Record<string, unknown>): string { 37 37 + return Buffer.from(JSON.stringify(json)).toString("base64url"); 38 38 + } 39 39 + 40 40 + function noUndefinedVals<T extends Record<string, unknown>>( 41 41 + obj: T, 42 42 + ): Partial<T> { 43 43 + const result: Partial<T> = {}; 44 44 + for (const [key, val] of Object.entries(obj)) { 45 45 + if (val !== undefined) { 46 46 + result[key as keyof T] = val as T[keyof T]; 47 47 + } 48 48 + } 49 49 + return result; 50 50 + } 51 51 + 52 52 + export async function createServiceJwt( 53 53 + params: ServiceJwtParams, 54 54 + ): Promise<string> { 55 55 + const { iss, aud, keypair } = params; 56 56 + const iat = Math.floor(Date.now() / 1000); 57 57 + const exp = iat + SERVICE_JWT_EXPIRY_SECONDS; 58 58 + const lxm = params.lxm ?? undefined; 59 59 + const jti = randomStr(16, "hex"); 60 60 + 61 61 + const header = { 62 62 + typ: "JWT", 63 63 + alg: keypair.jwtAlg, 64 64 + }; 65 65 + 66 66 + const payload = noUndefinedVals({ 67 67 + iat, 68 68 + iss, 69 69 + aud, 70 70 + exp, 71 71 + lxm, 72 72 + jti, 73 73 + }); 74 74 + 75 75 + const toSignStr = `${jsonToB64Url(header)}.${jsonToB64Url(payload as Record<string, unknown>)}`; 76 76 + const toSign = Buffer.from(toSignStr, "utf8"); 77 77 + const sig = Buffer.from(await keypair.sign(toSign)); 78 78 + 79 79 + return `${toSignStr}.${sig.toString("base64url")}`; 80 80 + } 81 81 + 82 82 + export async function verifyServiceJwt( 83 83 + token: string, 84 84 + signingKey: string, 85 85 + expectedAudience: string, 86 86 + expectedIssuer: string, 87 87 + ): Promise<ServiceJwtPayload> { 88 88 + const parts = token.split("."); 89 89 + if (parts.length !== 3) { 90 90 + throw new Error("Invalid JWT format"); 91 91 + } 92 92 + 93 93 + const headerB64 = parts[0]!; 94 94 + const payloadB64 = parts[1]!; 95 95 + const signatureB64 = parts[2]!; 96 96 + 97 97 + const header = JSON.parse(Buffer.from(headerB64, "base64url").toString()); 98 98 + if (header.alg !== "ES256K") { 99 99 + throw new Error(`Unsupported algorithm: ${header.alg}`); 100 100 + } 101 101 + 102 102 + const payload: ServiceJwtPayload = JSON.parse( 103 103 + Buffer.from(payloadB64, "base64url").toString(), 104 104 + ); 105 105 + 106 106 + const now = Math.floor(Date.now() / 1000); 107 107 + if (payload.exp && payload.exp < now) { 108 108 + throw new Error("Token expired"); 109 109 + } 110 110 + 111 111 + if (payload.aud !== expectedAudience) { 112 112 + throw new Error(`Invalid audience: expected ${expectedAudience}`); 113 113 + } 114 114 + 115 115 + if (payload.iss !== expectedIssuer) { 116 116 + throw new Error(`Invalid issuer: expected ${expectedIssuer}`); 117 117 + } 118 118 + 119 119 + const keypair = await getSigningKeypair(signingKey); 120 120 + const msgBytes = new Uint8Array( 121 121 + Buffer.from(`${headerB64}.${payloadB64}`, "utf8"), 122 122 + ); 123 123 + const sigBytes = new Uint8Array(Buffer.from(signatureB64, "base64url")); 124 124 + 125 125 + const isValid = await verifySignature(keypair.did(), msgBytes, sigBytes, { 126 126 + allowMalleableSig: true, 127 127 + }); 128 128 + 129 129 + if (!isValid) { 130 130 + throw new Error("Invalid signature"); 131 131 + } 132 132 + 133 133 + return payload; 134 134 + }

+124

src/session.ts

reviewed

··· 1 1 + import { SignJWT, jwtVerify, errors, type JWTPayload } from "jose"; 2 2 + import { compare } from "bcryptjs"; 3 3 + 4 4 + export class TokenExpiredError extends Error { 5 5 + constructor(message = "Token has expired") { 6 6 + super(message); 7 7 + this.name = "TokenExpiredError"; 8 8 + } 9 9 + } 10 10 + 11 11 + const ACCESS_TOKEN_LIFETIME = "120m"; 12 12 + const REFRESH_TOKEN_LIFETIME = "90d"; 13 13 + 14 14 + function createSecretKey(secret: string): Uint8Array { 15 15 + return new TextEncoder().encode(secret); 16 16 + } 17 17 + 18 18 + export async function createAccessToken( 19 19 + jwtSecret: string, 20 20 + userDid: string, 21 21 + serviceDid: string, 22 22 + ): Promise<string> { 23 23 + const secret = createSecretKey(jwtSecret); 24 24 + 25 25 + return new SignJWT({ scope: "com.atproto.access" }) 26 26 + .setProtectedHeader({ alg: "HS256", typ: "at+jwt" }) 27 27 + .setIssuedAt() 28 28 + .setAudience(serviceDid) 29 29 + .setSubject(userDid) 30 30 + .setExpirationTime(ACCESS_TOKEN_LIFETIME) 31 31 + .sign(secret); 32 32 + } 33 33 + 34 34 + export async function createRefreshToken( 35 35 + jwtSecret: string, 36 36 + userDid: string, 37 37 + serviceDid: string, 38 38 + ): Promise<string> { 39 39 + const secret = createSecretKey(jwtSecret); 40 40 + const jti = crypto.randomUUID(); 41 41 + 42 42 + return new SignJWT({ scope: "com.atproto.refresh" }) 43 43 + .setProtectedHeader({ alg: "HS256", typ: "refresh+jwt" }) 44 44 + .setIssuedAt() 45 45 + .setAudience(serviceDid) 46 46 + .setSubject(userDid) 47 47 + .setJti(jti) 48 48 + .setExpirationTime(REFRESH_TOKEN_LIFETIME) 49 49 + .sign(secret); 50 50 + } 51 51 + 52 52 + export async function verifyAccessToken( 53 53 + token: string, 54 54 + jwtSecret: string, 55 55 + serviceDid: string, 56 56 + ): Promise<JWTPayload> { 57 57 + const secret = createSecretKey(jwtSecret); 58 58 + 59 59 + let payload: JWTPayload; 60 60 + let protectedHeader: { typ?: string }; 61 61 + 62 62 + try { 63 63 + const result = await jwtVerify(token, secret, { 64 64 + audience: serviceDid, 65 65 + }); 66 66 + payload = result.payload; 67 67 + protectedHeader = result.protectedHeader; 68 68 + } catch (err) { 69 69 + if (err instanceof errors.JWTExpired) { 70 70 + throw new TokenExpiredError(); 71 71 + } 72 72 + throw err; 73 73 + } 74 74 + 75 75 + if (protectedHeader.typ !== "at+jwt") { 76 76 + throw new Error("Invalid token type"); 77 77 + } 78 78 + 79 79 + if (payload.scope !== "com.atproto.access") { 80 80 + throw new Error("Invalid scope"); 81 81 + } 82 82 + 83 83 + return payload; 84 84 + } 85 85 + 86 86 + export async function verifyRefreshToken( 87 87 + token: string, 88 88 + jwtSecret: string, 89 89 + serviceDid: string, 90 90 + ): Promise<JWTPayload> { 91 91 + const secret = createSecretKey(jwtSecret); 92 92 + 93 93 + let payload: JWTPayload; 94 94 + let protectedHeader: { typ?: string }; 95 95 + 96 96 + try { 97 97 + const result = await jwtVerify(token, secret, { 98 98 + audience: serviceDid, 99 99 + }); 100 100 + payload = result.payload; 101 101 + protectedHeader = result.protectedHeader; 102 102 + } catch (err) { 103 103 + if (err instanceof errors.JWTExpired) { 104 104 + throw new TokenExpiredError(); 105 105 + } 106 106 + throw err; 107 107 + } 108 108 + 109 109 + if (protectedHeader.typ !== "refresh+jwt") { 110 110 + throw new Error("Invalid token type"); 111 111 + } 112 112 + 113 113 + if (payload.scope !== "com.atproto.refresh") { 114 114 + throw new Error("Invalid scope"); 115 115 + } 116 116 + 117 117 + if (!payload.jti) { 118 118 + throw new Error("Missing token ID"); 119 119 + } 120 120 + 121 121 + return payload; 122 122 + } 123 123 + 124 124 + export { compare as verifyPassword };

+415

src/storage.ts

reviewed

··· 1 1 + import type Database from "better-sqlite3"; 2 2 + import { CID } from "@atproto/lex-data"; 3 3 + import { BlockMap, type CommitData } from "@atproto/repo"; 4 4 + import { ReadableBlockstore, type RepoStorage } from "@atproto/repo"; 5 5 + 6 6 + /** 7 7 + * SQLite-backed repository storage using better-sqlite3. 8 8 + * 9 9 + * Implements the RepoStorage interface from @atproto/repo, storing blocks 10 10 + * in a SQLite database on the local filesystem. 11 11 + */ 12 12 + export class SqliteRepoStorage 13 13 + extends ReadableBlockstore 14 14 + implements RepoStorage 15 15 + { 16 16 + constructor(private db: Database.Database) { 17 17 + super(); 18 18 + } 19 19 + 20 20 + /** 21 21 + * Initialize the database schema. Should be called once on startup. 22 22 + */ 23 23 + initSchema(initialActive: boolean = true): void { 24 24 + this.db.exec(` 25 25 + -- Block storage (MST nodes + record blocks) 26 26 + CREATE TABLE IF NOT EXISTS blocks ( 27 27 + cid TEXT PRIMARY KEY, 28 28 + bytes BLOB NOT NULL, 29 29 + rev TEXT NOT NULL 30 30 + ); 31 31 + 32 32 + CREATE INDEX IF NOT EXISTS idx_blocks_rev ON blocks(rev); 33 33 + 34 34 + -- Repo state (single row) 35 35 + CREATE TABLE IF NOT EXISTS repo_state ( 36 36 + id INTEGER PRIMARY KEY CHECK (id = 1), 37 37 + root_cid TEXT, 38 38 + rev TEXT, 39 39 + seq INTEGER NOT NULL DEFAULT 0, 40 40 + active INTEGER NOT NULL DEFAULT 1, 41 41 + email TEXT 42 42 + ); 43 43 + 44 44 + -- Initialize with empty state if not exists 45 45 + INSERT OR IGNORE INTO repo_state (id, root_cid, rev, seq, active) 46 46 + VALUES (1, NULL, NULL, 0, ${initialActive ? 1 : 0}); 47 47 + 48 48 + -- Firehose events (sequenced commit log) 49 49 + CREATE TABLE IF NOT EXISTS firehose_events ( 50 50 + seq INTEGER PRIMARY KEY AUTOINCREMENT, 51 51 + event_type TEXT NOT NULL, 52 52 + payload BLOB NOT NULL, 53 53 + created_at TEXT NOT NULL DEFAULT (datetime('now')) 54 54 + ); 55 55 + 56 56 + CREATE INDEX IF NOT EXISTS idx_firehose_created_at ON firehose_events(created_at); 57 57 + 58 58 + -- User preferences (single row, stores JSON array) 59 59 + CREATE TABLE IF NOT EXISTS preferences ( 60 60 + id INTEGER PRIMARY KEY CHECK (id = 1), 61 61 + data TEXT NOT NULL DEFAULT '[]' 62 62 + ); 63 63 + 64 64 + -- Initialize with empty preferences array if not exists 65 65 + INSERT OR IGNORE INTO preferences (id, data) VALUES (1, '[]'); 66 66 + 67 67 + -- Track blob references in records (populated during importRepo) 68 68 + CREATE TABLE IF NOT EXISTS record_blob ( 69 69 + recordUri TEXT NOT NULL, 70 70 + blobCid TEXT NOT NULL, 71 71 + PRIMARY KEY (recordUri, blobCid) 72 72 + ); 73 73 + 74 74 + CREATE INDEX IF NOT EXISTS idx_record_blob_cid ON record_blob(blobCid); 75 75 + 76 76 + -- Track successfully imported blobs (populated during uploadBlob) 77 77 + CREATE TABLE IF NOT EXISTS imported_blobs ( 78 78 + cid TEXT PRIMARY KEY, 79 79 + size INTEGER NOT NULL, 80 80 + mimeType TEXT, 81 81 + createdAt TEXT NOT NULL DEFAULT (datetime('now')) 82 82 + ); 83 83 + 84 84 + -- Collection name cache (for describeRepo) 85 85 + CREATE TABLE IF NOT EXISTS collections ( 86 86 + collection TEXT PRIMARY KEY 87 87 + ); 88 88 + `); 89 89 + } 90 90 + 91 91 + async getRoot(): Promise<CID | null> { 92 92 + const row = this.db 93 93 + .prepare("SELECT root_cid FROM repo_state WHERE id = 1") 94 94 + .get() as { root_cid: string | null } | undefined; 95 95 + if (!row || !row.root_cid) { 96 96 + return null; 97 97 + } 98 98 + return CID.parse(row.root_cid); 99 99 + } 100 100 + 101 101 + async getRev(): Promise<string | null> { 102 102 + const row = this.db 103 103 + .prepare("SELECT rev FROM repo_state WHERE id = 1") 104 104 + .get() as { rev: string | null } | undefined; 105 105 + return row?.rev ?? null; 106 106 + } 107 107 + 108 108 + async getSeq(): Promise<number> { 109 109 + const row = this.db 110 110 + .prepare("SELECT seq FROM repo_state WHERE id = 1") 111 111 + .get() as { seq: number } | undefined; 112 112 + return row?.seq ?? 0; 113 113 + } 114 114 + 115 115 + async nextSeq(): Promise<number> { 116 116 + this.db 117 117 + .prepare("UPDATE repo_state SET seq = seq + 1 WHERE id = 1") 118 118 + .run(); 119 119 + return this.getSeq(); 120 120 + } 121 121 + 122 122 + async getBytes(cid: CID): Promise<Uint8Array | null> { 123 123 + const row = this.db 124 124 + .prepare("SELECT bytes FROM blocks WHERE cid = ?") 125 125 + .get(cid.toString()) as { bytes: Buffer } | undefined; 126 126 + if (!row || !row.bytes) { 127 127 + return null; 128 128 + } 129 129 + return new Uint8Array(row.bytes); 130 130 + } 131 131 + 132 132 + async has(cid: CID): Promise<boolean> { 133 133 + const row = this.db 134 134 + .prepare("SELECT 1 FROM blocks WHERE cid = ? LIMIT 1") 135 135 + .get(cid.toString()); 136 136 + return row !== undefined; 137 137 + } 138 138 + 139 139 + async getBlocks(cids: CID[]): Promise<{ blocks: BlockMap; missing: CID[] }> { 140 140 + const blocks = new BlockMap(); 141 141 + const missing: CID[] = []; 142 142 + 143 143 + for (const cid of cids) { 144 144 + const bytes = await this.getBytes(cid); 145 145 + if (bytes) { 146 146 + blocks.set(cid, bytes); 147 147 + } else { 148 148 + missing.push(cid); 149 149 + } 150 150 + } 151 151 + 152 152 + return { blocks, missing }; 153 153 + } 154 154 + 155 155 + async putBlock(cid: CID, block: Uint8Array, rev: string): Promise<void> { 156 156 + this.db 157 157 + .prepare( 158 158 + "INSERT OR REPLACE INTO blocks (cid, bytes, rev) VALUES (?, ?, ?)", 159 159 + ) 160 160 + .run(cid.toString(), Buffer.from(block), rev); 161 161 + } 162 162 + 163 163 + async putMany(blocks: BlockMap, rev: string): Promise<void> { 164 164 + const stmt = this.db.prepare( 165 165 + "INSERT OR REPLACE INTO blocks (cid, bytes, rev) VALUES (?, ?, ?)", 166 166 + ); 167 167 + const internalMap = (blocks as unknown as { map: Map<string, Uint8Array> }) 168 168 + .map; 169 169 + if (internalMap) { 170 170 + const insertMany = this.db.transaction(() => { 171 171 + for (const [cidStr, bytes] of internalMap) { 172 172 + stmt.run(cidStr, Buffer.from(bytes), rev); 173 173 + } 174 174 + }); 175 175 + insertMany(); 176 176 + } 177 177 + } 178 178 + 179 179 + async updateRoot(cid: CID, rev: string): Promise<void> { 180 180 + this.db 181 181 + .prepare("UPDATE repo_state SET root_cid = ?, rev = ? WHERE id = 1") 182 182 + .run(cid.toString(), rev); 183 183 + } 184 184 + 185 185 + async applyCommit(commit: CommitData): Promise<void> { 186 186 + const applyTransaction = this.db.transaction(() => { 187 187 + // Add new blocks 188 188 + const insertStmt = this.db.prepare( 189 189 + "INSERT OR REPLACE INTO blocks (cid, bytes, rev) VALUES (?, ?, ?)", 190 190 + ); 191 191 + const internalMap = ( 192 192 + commit.newBlocks as unknown as { map: Map<string, Uint8Array> } 193 193 + ).map; 194 194 + if (internalMap) { 195 195 + for (const [cidStr, bytes] of internalMap) { 196 196 + insertStmt.run(cidStr, Buffer.from(bytes), commit.rev); 197 197 + } 198 198 + } 199 199 + 200 200 + // Remove old blocks 201 201 + const deleteStmt = this.db.prepare( 202 202 + "DELETE FROM blocks WHERE cid = ?", 203 203 + ); 204 204 + const removedSet = ( 205 205 + commit.removedCids as unknown as { set: Set<string> } 206 206 + ).set; 207 207 + if (removedSet) { 208 208 + for (const cidStr of removedSet) { 209 209 + deleteStmt.run(cidStr); 210 210 + } 211 211 + } 212 212 + 213 213 + // Update root 214 214 + this.db 215 215 + .prepare( 216 216 + "UPDATE repo_state SET root_cid = ?, rev = ? WHERE id = 1", 217 217 + ) 218 218 + .run(commit.cid.toString(), commit.rev); 219 219 + }); 220 220 + applyTransaction(); 221 221 + } 222 222 + 223 223 + async sizeInBytes(): Promise<number> { 224 224 + const row = this.db 225 225 + .prepare("SELECT SUM(LENGTH(bytes)) as total FROM blocks") 226 226 + .get() as { total: number | null } | undefined; 227 227 + return row?.total ?? 0; 228 228 + } 229 229 + 230 230 + async destroy(): Promise<void> { 231 231 + this.db.exec("DELETE FROM blocks"); 232 232 + this.db 233 233 + .prepare( 234 234 + "UPDATE repo_state SET root_cid = NULL, rev = NULL WHERE id = 1", 235 235 + ) 236 236 + .run(); 237 237 + } 238 238 + 239 239 + async countBlocks(): Promise<number> { 240 240 + const row = this.db 241 241 + .prepare("SELECT COUNT(*) as count FROM blocks") 242 242 + .get() as { count: number }; 243 243 + return row.count; 244 244 + } 245 245 + 246 246 + async getPreferences(): Promise<unknown[]> { 247 247 + const row = this.db 248 248 + .prepare("SELECT data FROM preferences WHERE id = 1") 249 249 + .get() as { data: string } | undefined; 250 250 + if (!row?.data) return []; 251 251 + try { 252 252 + return JSON.parse(row.data); 253 253 + } catch { 254 254 + return []; 255 255 + } 256 256 + } 257 257 + 258 258 + async putPreferences(preferences: unknown[]): Promise<void> { 259 259 + this.db 260 260 + .prepare("UPDATE preferences SET data = ? WHERE id = 1") 261 261 + .run(JSON.stringify(preferences)); 262 262 + } 263 263 + 264 264 + async getActive(): Promise<boolean> { 265 265 + const row = this.db 266 266 + .prepare("SELECT active FROM repo_state WHERE id = 1") 267 267 + .get() as { active: number } | undefined; 268 268 + return row ? row.active === 1 : true; 269 269 + } 270 270 + 271 271 + async setActive(active: boolean): Promise<void> { 272 272 + this.db 273 273 + .prepare("UPDATE repo_state SET active = ? WHERE id = 1") 274 274 + .run(active ? 1 : 0); 275 275 + } 276 276 + 277 277 + getEmail(): string | null { 278 278 + const row = this.db 279 279 + .prepare("SELECT email FROM repo_state WHERE id = 1") 280 280 + .get() as { email: string | null } | undefined; 281 281 + return row?.email ?? null; 282 282 + } 283 283 + 284 284 + setEmail(email: string): void { 285 285 + this.db 286 286 + .prepare("UPDATE repo_state SET email = ? WHERE id = 1") 287 287 + .run(email); 288 288 + } 289 289 + 290 290 + // ============================================ 291 291 + // Collection Cache Methods 292 292 + // ============================================ 293 293 + 294 294 + getCollections(): string[] { 295 295 + const rows = this.db 296 296 + .prepare("SELECT collection FROM collections ORDER BY collection") 297 297 + .all() as Array<{ collection: string }>; 298 298 + return rows.map((row) => row.collection); 299 299 + } 300 300 + 301 301 + addCollection(collection: string): void { 302 302 + this.db 303 303 + .prepare("INSERT OR IGNORE INTO collections (collection) VALUES (?)") 304 304 + .run(collection); 305 305 + } 306 306 + 307 307 + hasCollections(): boolean { 308 308 + const row = this.db 309 309 + .prepare("SELECT 1 FROM collections LIMIT 1") 310 310 + .get(); 311 311 + return row !== undefined; 312 312 + } 313 313 + 314 314 + // ============================================ 315 315 + // Blob Tracking Methods 316 316 + // ============================================ 317 317 + 318 318 + addRecordBlob(recordUri: string, blobCid: string): void { 319 319 + this.db 320 320 + .prepare( 321 321 + "INSERT OR IGNORE INTO record_blob (recordUri, blobCid) VALUES (?, ?)", 322 322 + ) 323 323 + .run(recordUri, blobCid); 324 324 + } 325 325 + 326 326 + addRecordBlobs(recordUri: string, blobCids: string[]): void { 327 327 + for (const cid of blobCids) { 328 328 + this.addRecordBlob(recordUri, cid); 329 329 + } 330 330 + } 331 331 + 332 332 + removeRecordBlobs(recordUri: string): void { 333 333 + this.db 334 334 + .prepare("DELETE FROM record_blob WHERE recordUri = ?") 335 335 + .run(recordUri); 336 336 + } 337 337 + 338 338 + trackImportedBlob(cid: string, size: number, mimeType: string): void { 339 339 + this.db 340 340 + .prepare( 341 341 + "INSERT OR REPLACE INTO imported_blobs (cid, size, mimeType) VALUES (?, ?, ?)", 342 342 + ) 343 343 + .run(cid, size, mimeType); 344 344 + } 345 345 + 346 346 + isBlobImported(cid: string): boolean { 347 347 + const row = this.db 348 348 + .prepare("SELECT 1 FROM imported_blobs WHERE cid = ? LIMIT 1") 349 349 + .get(cid); 350 350 + return row !== undefined; 351 351 + } 352 352 + 353 353 + countExpectedBlobs(): number { 354 354 + const row = this.db 355 355 + .prepare( 356 356 + "SELECT COUNT(DISTINCT blobCid) as count FROM record_blob", 357 357 + ) 358 358 + .get() as { count: number }; 359 359 + return row.count; 360 360 + } 361 361 + 362 362 + countImportedBlobs(): number { 363 363 + const row = this.db 364 364 + .prepare("SELECT COUNT(*) as count FROM imported_blobs") 365 365 + .get() as { count: number }; 366 366 + return row.count; 367 367 + } 368 368 + 369 369 + listMissingBlobs( 370 370 + limit: number = 500, 371 371 + cursor?: string, 372 372 + ): { blobs: Array<{ cid: string; recordUri: string }>; cursor?: string } { 373 373 + const blobs: Array<{ cid: string; recordUri: string }> = []; 374 374 + 375 375 + const rows = cursor 376 376 + ? (this.db 377 377 + .prepare( 378 378 + `SELECT rb.blobCid, rb.recordUri FROM record_blob rb 379 379 + LEFT JOIN imported_blobs ib ON rb.blobCid = ib.cid 380 380 + WHERE ib.cid IS NULL AND rb.blobCid > ? 381 381 + ORDER BY rb.blobCid 382 382 + LIMIT ?`, 383 383 + ) 384 384 + .all(cursor, limit + 1) as Array<{ 385 385 + blobCid: string; 386 386 + recordUri: string; 387 387 + }>) 388 388 + : (this.db 389 389 + .prepare( 390 390 + `SELECT rb.blobCid, rb.recordUri FROM record_blob rb 391 391 + LEFT JOIN imported_blobs ib ON rb.blobCid = ib.cid 392 392 + WHERE ib.cid IS NULL 393 393 + ORDER BY rb.blobCid 394 394 + LIMIT ?`, 395 395 + ) 396 396 + .all(limit + 1) as Array<{ 397 397 + blobCid: string; 398 398 + recordUri: string; 399 399 + }>); 400 400 + 401 401 + for (const row of rows.slice(0, limit)) { 402 402 + blobs.push({ cid: row.blobCid, recordUri: row.recordUri }); 403 403 + } 404 404 + 405 405 + const hasMore = rows.length > limit; 406 406 + const nextCursor = hasMore ? blobs[blobs.length - 1]?.cid : undefined; 407 407 + 408 408 + return { blobs, cursor: nextCursor }; 409 409 + } 410 410 + 411 411 + clearBlobTracking(): void { 412 412 + this.db.exec("DELETE FROM record_blob"); 413 413 + this.db.exec("DELETE FROM imported_blobs"); 414 414 + } 415 415 + }

+17

src/types.ts

reviewed

··· 1 1 + import type { AuthVariables } from "./middleware/auth.js"; 2 2 + import type { Config } from "./config.js"; 3 3 + 4 4 + /** 5 5 + * Base app environment with config bindings. 6 6 + */ 7 7 + export type AppEnv = { 8 8 + Bindings: Config; 9 9 + }; 10 10 + 11 11 + /** 12 12 + * App environment with auth variables. 13 13 + */ 14 14 + export type AuthedAppEnv = { 15 15 + Bindings: Config; 16 16 + Variables: AuthVariables; 17 17 + };

+86

src/validation.ts

reviewed

··· 1 1 + import { parse, ValidationError, type BaseSchema } from "@atcute/lexicons/validations"; 2 2 + 3 3 + import { 4 4 + AppBskyActorProfile, 5 5 + AppBskyFeedGenerator, 6 6 + AppBskyFeedLike, 7 7 + AppBskyFeedPost, 8 8 + AppBskyFeedPostgate, 9 9 + AppBskyFeedRepost, 10 10 + AppBskyFeedThreadgate, 11 11 + AppBskyGraphBlock, 12 12 + AppBskyGraphFollow, 13 13 + AppBskyGraphList, 14 14 + AppBskyGraphListblock, 15 15 + AppBskyGraphListitem, 16 16 + AppBskyGraphStarterpack, 17 17 + AppBskyGraphVerification, 18 18 + AppBskyLabelerService, 19 19 + } from "@atcute/bluesky"; 20 20 + 21 21 + /** 22 22 + * Map of collection NSID to validation schema. 23 23 + */ 24 24 + const recordSchemas: Record<string, BaseSchema> = { 25 25 + "app.bsky.actor.profile": AppBskyActorProfile.mainSchema, 26 26 + "app.bsky.feed.generator": AppBskyFeedGenerator.mainSchema, 27 27 + "app.bsky.feed.like": AppBskyFeedLike.mainSchema, 28 28 + "app.bsky.feed.post": AppBskyFeedPost.mainSchema, 29 29 + "app.bsky.feed.postgate": AppBskyFeedPostgate.mainSchema, 30 30 + "app.bsky.feed.repost": AppBskyFeedRepost.mainSchema, 31 31 + "app.bsky.feed.threadgate": AppBskyFeedThreadgate.mainSchema, 32 32 + "app.bsky.graph.block": AppBskyGraphBlock.mainSchema, 33 33 + "app.bsky.graph.follow": AppBskyGraphFollow.mainSchema, 34 34 + "app.bsky.graph.list": AppBskyGraphList.mainSchema, 35 35 + "app.bsky.graph.listblock": AppBskyGraphListblock.mainSchema, 36 36 + "app.bsky.graph.listitem": AppBskyGraphListitem.mainSchema, 37 37 + "app.bsky.graph.starterpack": AppBskyGraphStarterpack.mainSchema, 38 38 + "app.bsky.graph.verification": AppBskyGraphVerification.mainSchema, 39 39 + "app.bsky.labeler.service": AppBskyLabelerService.mainSchema, 40 40 + }; 41 41 + 42 42 + /** 43 43 + * Record validator for AT Protocol records. 44 44 + * Uses optimistic validation: known schemas are validated, unknown are allowed. 45 45 + */ 46 46 + export class RecordValidator { 47 47 + private strictMode: boolean; 48 48 + 49 49 + constructor(options: { strict?: boolean } = {}) { 50 50 + this.strictMode = options.strict ?? false; 51 51 + } 52 52 + 53 53 + validateRecord(collection: string, record: unknown): void { 54 54 + const schema = recordSchemas[collection]; 55 55 + 56 56 + if (!schema) { 57 57 + if (this.strictMode) { 58 58 + throw new Error( 59 59 + `No lexicon schema loaded for collection: ${collection}`, 60 60 + ); 61 61 + } 62 62 + return; 63 63 + } 64 64 + 65 65 + try { 66 66 + parse(schema, record); 67 67 + } catch (error) { 68 68 + if (error instanceof ValidationError) { 69 69 + throw new Error( 70 70 + `Lexicon validation failed for ${collection}: ${error.message}`, 71 71 + ); 72 72 + } 73 73 + throw error; 74 74 + } 75 75 + } 76 76 + 77 77 + hasSchema(collection: string): boolean { 78 78 + return collection in recordSchemas; 79 79 + } 80 80 + 81 81 + getLoadedSchemas(): string[] { 82 82 + return Object.keys(recordSchemas); 83 83 + } 84 84 + } 85 85 + 86 86 + export const validator = new RecordValidator({ strict: false });

+23

src/xrpc/identity.ts

reviewed

··· 1 1 + import type { Context } from "hono"; 2 2 + import type { AuthedAppEnv } from "../types.js"; 3 3 + 4 4 + /** 5 5 + * Resolve handle - return our DID for our handle. 6 6 + * This is a simplified version; the full Cirrus identity module 7 7 + * with PLC operations and migration tokens will be added later. 8 8 + */ 9 9 + export async function resolveHandle( 10 10 + c: Context<AuthedAppEnv>, 11 11 + ): Promise<Response> { 12 12 + const handle = c.req.query("handle"); 13 13 + if (handle === c.env.HANDLE) { 14 14 + return c.json({ did: c.env.DID }); 15 15 + } 16 16 + return c.json( 17 17 + { 18 18 + error: "HandleNotFound", 19 19 + message: `Handle not found: ${handle}`, 20 20 + }, 21 21 + 404, 22 22 + ); 23 23 + }

+513

src/xrpc/repo.ts

reviewed

··· 1 1 + import type { Context } from "hono"; 2 2 + import { isDid } from "@atcute/lexicons/syntax"; 3 3 + import type { RepoManager } from "../repo-manager.js"; 4 4 + import type { AppEnv, AuthedAppEnv } from "../types.js"; 5 5 + import { validator } from "../validation.js"; 6 6 + import { detectContentType } from "../format.js"; 7 7 + 8 8 + function invalidRecordError( 9 9 + c: Context<AuthedAppEnv>, 10 10 + err: unknown, 11 11 + prefix?: string, 12 12 + ): Response { 13 13 + const message = err instanceof Error ? err.message : String(err); 14 14 + return c.json( 15 15 + { 16 16 + error: "InvalidRecord", 17 17 + message: prefix ? `${prefix}: ${message}` : message, 18 18 + }, 19 19 + 400, 20 20 + ); 21 21 + } 22 22 + 23 23 + function checkAccountDeactivatedError( 24 24 + c: Context<AuthedAppEnv>, 25 25 + err: unknown, 26 26 + ): Response | null { 27 27 + const message = err instanceof Error ? err.message : String(err); 28 28 + if (message.startsWith("AccountDeactivated:")) { 29 29 + return c.json( 30 30 + { 31 31 + error: "AccountDeactivated", 32 32 + message: 33 33 + "Account is deactivated. Call activateAccount to enable writes.", 34 34 + }, 35 35 + 403, 36 36 + ); 37 37 + } 38 38 + return null; 39 39 + } 40 40 + 41 41 + export async function describeRepo( 42 42 + c: Context<AppEnv>, 43 43 + repoManager: RepoManager, 44 44 + ): Promise<Response> { 45 45 + const repo = c.req.query("repo"); 46 46 + 47 47 + if (!repo) { 48 48 + return c.json( 49 49 + { error: "InvalidRequest", message: "Missing required parameter: repo" }, 50 50 + 400, 51 51 + ); 52 52 + } 53 53 + 54 54 + if (!isDid(repo)) { 55 55 + return c.json( 56 56 + { error: "InvalidRequest", message: "Invalid DID format" }, 57 57 + 400, 58 58 + ); 59 59 + } 60 60 + 61 61 + if (repo !== c.env.DID) { 62 62 + return c.json( 63 63 + { error: "RepoNotFound", message: `Repository not found: ${repo}` }, 64 64 + 404, 65 65 + ); 66 66 + } 67 67 + 68 68 + const data = await repoManager.describeRepo(); 69 69 + 70 70 + return c.json({ 71 71 + did: c.env.DID, 72 72 + handle: c.env.HANDLE, 73 73 + didDoc: { 74 74 + "@context": ["https://www.w3.org/ns/did/v1"], 75 75 + id: c.env.DID, 76 76 + alsoKnownAs: [`at://${c.env.HANDLE}`], 77 77 + verificationMethod: [ 78 78 + { 79 79 + id: `${c.env.DID}#atproto`, 80 80 + type: "Multikey", 81 81 + controller: c.env.DID, 82 82 + publicKeyMultibase: c.env.SIGNING_KEY_PUBLIC, 83 83 + }, 84 84 + ], 85 85 + }, 86 86 + collections: data.collections, 87 87 + handleIsCorrect: true, 88 88 + }); 89 89 + } 90 90 + 91 91 + export async function getRecord( 92 92 + c: Context<AppEnv>, 93 93 + repoManager: RepoManager, 94 94 + ): Promise<Response> { 95 95 + const repo = c.req.query("repo"); 96 96 + const collection = c.req.query("collection"); 97 97 + const rkey = c.req.query("rkey"); 98 98 + 99 99 + if (!repo || !collection || !rkey) { 100 100 + return c.json( 101 101 + { 102 102 + error: "InvalidRequest", 103 103 + message: "Missing required parameters: repo, collection, rkey", 104 104 + }, 105 105 + 400, 106 106 + ); 107 107 + } 108 108 + 109 109 + if (!isDid(repo)) { 110 110 + return c.json( 111 111 + { error: "InvalidRequest", message: "Invalid DID format" }, 112 112 + 400, 113 113 + ); 114 114 + } 115 115 + 116 116 + if (repo !== c.env.DID) { 117 117 + return c.json( 118 118 + { error: "RepoNotFound", message: `Repository not found: ${repo}` }, 119 119 + 404, 120 120 + ); 121 121 + } 122 122 + 123 123 + const result = await repoManager.getRecord(collection, rkey); 124 124 + 125 125 + if (!result) { 126 126 + return c.json( 127 127 + { 128 128 + error: "RecordNotFound", 129 129 + message: `Record not found: ${collection}/${rkey}`, 130 130 + }, 131 131 + 404, 132 132 + ); 133 133 + } 134 134 + 135 135 + return c.json({ 136 136 + uri: `at://${repo}/${collection}/${rkey}`, 137 137 + cid: result.cid, 138 138 + value: result.record, 139 139 + }); 140 140 + } 141 141 + 142 142 + export async function listRecords( 143 143 + c: Context<AppEnv>, 144 144 + repoManager: RepoManager, 145 145 + ): Promise<Response> { 146 146 + const repo = c.req.query("repo"); 147 147 + const collection = c.req.query("collection"); 148 148 + const limitStr = c.req.query("limit"); 149 149 + const cursor = c.req.query("cursor"); 150 150 + const reverseStr = c.req.query("reverse"); 151 151 + 152 152 + if (!repo || !collection) { 153 153 + return c.json( 154 154 + { 155 155 + error: "InvalidRequest", 156 156 + message: "Missing required parameters: repo, collection", 157 157 + }, 158 158 + 400, 159 159 + ); 160 160 + } 161 161 + 162 162 + if (!isDid(repo)) { 163 163 + return c.json( 164 164 + { error: "InvalidRequest", message: "Invalid DID format" }, 165 165 + 400, 166 166 + ); 167 167 + } 168 168 + 169 169 + if (repo !== c.env.DID) { 170 170 + return c.json( 171 171 + { error: "RepoNotFound", message: `Repository not found: ${repo}` }, 172 172 + 404, 173 173 + ); 174 174 + } 175 175 + 176 176 + const limit = Math.min(limitStr ? Number.parseInt(limitStr, 10) : 50, 100); 177 177 + const reverse = reverseStr === "true"; 178 178 + 179 179 + const result = await repoManager.listRecords(collection, { 180 180 + limit, 181 181 + cursor: cursor || undefined, 182 182 + reverse, 183 183 + }); 184 184 + 185 185 + return c.json(result); 186 186 + } 187 187 + 188 188 + export async function createRecord( 189 189 + c: Context<AuthedAppEnv>, 190 190 + repoManager: RepoManager, 191 191 + ): Promise<Response> { 192 192 + const body = await c.req.json(); 193 193 + const { repo, collection, rkey, record } = body; 194 194 + 195 195 + if (!repo || !collection || !record) { 196 196 + return c.json( 197 197 + { 198 198 + error: "InvalidRequest", 199 199 + message: "Missing required parameters: repo, collection, record", 200 200 + }, 201 201 + 400, 202 202 + ); 203 203 + } 204 204 + 205 205 + if (repo !== c.env.DID) { 206 206 + return c.json( 207 207 + { error: "InvalidRepo", message: `Invalid repository: ${repo}` }, 208 208 + 400, 209 209 + ); 210 210 + } 211 211 + 212 212 + try { 213 213 + validator.validateRecord(collection, record); 214 214 + } catch (err) { 215 215 + return invalidRecordError(c, err); 216 216 + } 217 217 + 218 218 + try { 219 219 + const result = await repoManager.createRecord(collection, rkey, record); 220 220 + return c.json(result); 221 221 + } catch (err) { 222 222 + const deactivatedError = checkAccountDeactivatedError(c, err); 223 223 + if (deactivatedError) return deactivatedError; 224 224 + throw err; 225 225 + } 226 226 + } 227 227 + 228 228 + export async function deleteRecord( 229 229 + c: Context<AuthedAppEnv>, 230 230 + repoManager: RepoManager, 231 231 + ): Promise<Response> { 232 232 + const body = await c.req.json(); 233 233 + const { repo, collection, rkey } = body; 234 234 + 235 235 + if (!repo || !collection || !rkey) { 236 236 + return c.json( 237 237 + { 238 238 + error: "InvalidRequest", 239 239 + message: "Missing required parameters: repo, collection, rkey", 240 240 + }, 241 241 + 400, 242 242 + ); 243 243 + } 244 244 + 245 245 + if (repo !== c.env.DID) { 246 246 + return c.json( 247 247 + { error: "InvalidRepo", message: `Invalid repository: ${repo}` }, 248 248 + 400, 249 249 + ); 250 250 + } 251 251 + 252 252 + try { 253 253 + const result = await repoManager.deleteRecord(collection, rkey); 254 254 + 255 255 + if (!result) { 256 256 + return c.json( 257 257 + { 258 258 + error: "RecordNotFound", 259 259 + message: `Record not found: ${collection}/${rkey}`, 260 260 + }, 261 261 + 404, 262 262 + ); 263 263 + } 264 264 + 265 265 + return c.json(result); 266 266 + } catch (err) { 267 267 + const deactivatedError = checkAccountDeactivatedError(c, err); 268 268 + if (deactivatedError) return deactivatedError; 269 269 + throw err; 270 270 + } 271 271 + } 272 272 + 273 273 + export async function putRecord( 274 274 + c: Context<AuthedAppEnv>, 275 275 + repoManager: RepoManager, 276 276 + ): Promise<Response> { 277 277 + const body = await c.req.json(); 278 278 + const { repo, collection, rkey, record } = body; 279 279 + 280 280 + if (!repo || !collection || !rkey || !record) { 281 281 + return c.json( 282 282 + { 283 283 + error: "InvalidRequest", 284 284 + message: "Missing required parameters: repo, collection, rkey, record", 285 285 + }, 286 286 + 400, 287 287 + ); 288 288 + } 289 289 + 290 290 + if (repo !== c.env.DID) { 291 291 + return c.json( 292 292 + { error: "InvalidRepo", message: `Invalid repository: ${repo}` }, 293 293 + 400, 294 294 + ); 295 295 + } 296 296 + 297 297 + try { 298 298 + validator.validateRecord(collection, record); 299 299 + } catch (err) { 300 300 + return invalidRecordError(c, err); 301 301 + } 302 302 + 303 303 + try { 304 304 + const result = await repoManager.putRecord(collection, rkey, record); 305 305 + return c.json(result); 306 306 + } catch (err) { 307 307 + const deactivatedError = checkAccountDeactivatedError(c, err); 308 308 + if (deactivatedError) return deactivatedError; 309 309 + return c.json( 310 310 + { 311 311 + error: "InvalidRequest", 312 312 + message: err instanceof Error ? err.message : String(err), 313 313 + }, 314 314 + 400, 315 315 + ); 316 316 + } 317 317 + } 318 318 + 319 319 + export async function applyWrites( 320 320 + c: Context<AuthedAppEnv>, 321 321 + repoManager: RepoManager, 322 322 + ): Promise<Response> { 323 323 + const body = await c.req.json(); 324 324 + const { repo, writes } = body; 325 325 + 326 326 + if (!repo || !writes || !Array.isArray(writes)) { 327 327 + return c.json( 328 328 + { 329 329 + error: "InvalidRequest", 330 330 + message: "Missing required parameters: repo, writes", 331 331 + }, 332 332 + 400, 333 333 + ); 334 334 + } 335 335 + 336 336 + if (repo !== c.env.DID) { 337 337 + return c.json( 338 338 + { error: "InvalidRepo", message: `Invalid repository: ${repo}` }, 339 339 + 400, 340 340 + ); 341 341 + } 342 342 + 343 343 + if (writes.length > 200) { 344 344 + return c.json( 345 345 + { error: "InvalidRequest", message: "Too many writes. Max: 200" }, 346 346 + 400, 347 347 + ); 348 348 + } 349 349 + 350 350 + for (let i = 0; i < writes.length; i++) { 351 351 + const write = writes[i]; 352 352 + if ( 353 353 + write.$type === "com.atproto.repo.applyWrites#create" || 354 354 + write.$type === "com.atproto.repo.applyWrites#update" 355 355 + ) { 356 356 + try { 357 357 + validator.validateRecord(write.collection, write.value); 358 358 + } catch (err) { 359 359 + return invalidRecordError(c, err, `Write ${i}`); 360 360 + } 361 361 + } 362 362 + } 363 363 + 364 364 + try { 365 365 + const result = await repoManager.applyWrites(writes); 366 366 + return c.json(result); 367 367 + } catch (err) { 368 368 + const deactivatedError = checkAccountDeactivatedError(c, err); 369 369 + if (deactivatedError) return deactivatedError; 370 370 + return c.json( 371 371 + { 372 372 + error: "InvalidRequest", 373 373 + message: err instanceof Error ? err.message : String(err), 374 374 + }, 375 375 + 400, 376 376 + ); 377 377 + } 378 378 + } 379 379 + 380 380 + export async function uploadBlob( 381 381 + c: Context<AuthedAppEnv>, 382 382 + repoManager: RepoManager, 383 383 + ): Promise<Response> { 384 384 + let contentType = c.req.header("Content-Type"); 385 385 + 386 386 + const bytes = new Uint8Array(await c.req.arrayBuffer()); 387 387 + if (!contentType || contentType === "*/*") { 388 388 + contentType = detectContentType(bytes) || "application/octet-stream"; 389 389 + } 390 390 + 391 391 + const MAX_BLOB_SIZE = 60 * 1024 * 1024; 392 392 + if (bytes.length > MAX_BLOB_SIZE) { 393 393 + return c.json( 394 394 + { 395 395 + error: "BlobTooLarge", 396 396 + message: `Blob size ${bytes.length} exceeds maximum of ${MAX_BLOB_SIZE} bytes`, 397 397 + }, 398 398 + 400, 399 399 + ); 400 400 + } 401 401 + 402 402 + try { 403 403 + const blobRef = await repoManager.uploadBlob(bytes, contentType); 404 404 + return c.json({ blob: blobRef }); 405 405 + } catch (err) { 406 406 + if ( 407 407 + err instanceof Error && 408 408 + err.message.includes("Blob storage not configured") 409 409 + ) { 410 410 + return c.json( 411 411 + { 412 412 + error: "ServiceUnavailable", 413 413 + message: "Blob storage is not configured", 414 414 + }, 415 415 + 503, 416 416 + ); 417 417 + } 418 418 + throw err; 419 419 + } 420 420 + } 421 421 + 422 422 + export async function importRepo( 423 423 + c: Context<AuthedAppEnv>, 424 424 + repoManager: RepoManager, 425 425 + ): Promise<Response> { 426 426 + const contentType = c.req.header("Content-Type"); 427 427 + 428 428 + if (contentType !== "application/vnd.ipld.car") { 429 429 + return c.json( 430 430 + { 431 431 + error: "InvalidRequest", 432 432 + message: 433 433 + "Content-Type must be application/vnd.ipld.car for repository import", 434 434 + }, 435 435 + 400, 436 436 + ); 437 437 + } 438 438 + 439 439 + const carBytes = new Uint8Array(await c.req.arrayBuffer()); 440 440 + 441 441 + if (carBytes.length === 0) { 442 442 + return c.json( 443 443 + { error: "InvalidRequest", message: "Empty CAR file" }, 444 444 + 400, 445 445 + ); 446 446 + } 447 447 + 448 448 + const MAX_CAR_SIZE = 100 * 1024 * 1024; 449 449 + if (carBytes.length > MAX_CAR_SIZE) { 450 450 + return c.json( 451 451 + { 452 452 + error: "RepoTooLarge", 453 453 + message: `Repository size ${carBytes.length} exceeds maximum of ${MAX_CAR_SIZE} bytes`, 454 454 + }, 455 455 + 400, 456 456 + ); 457 457 + } 458 458 + 459 459 + try { 460 460 + const result = await repoManager.importRepo(carBytes); 461 461 + return c.json(result); 462 462 + } catch (err) { 463 463 + if (err instanceof Error) { 464 464 + if (err.message.includes("already exists")) { 465 465 + return c.json( 466 466 + { 467 467 + error: "RepoAlreadyExists", 468 468 + message: 469 469 + "Repository already exists. Cannot import over existing data.", 470 470 + }, 471 471 + 409, 472 472 + ); 473 473 + } 474 474 + if (err.message.includes("DID mismatch")) { 475 475 + return c.json( 476 476 + { error: "InvalidRepo", message: err.message }, 477 477 + 400, 478 478 + ); 479 479 + } 480 480 + if ( 481 481 + err.message.includes("no roots") || 482 482 + err.message.includes("no blocks") || 483 483 + err.message.includes("Invalid root") 484 484 + ) { 485 485 + return c.json( 486 486 + { 487 487 + error: "InvalidRepo", 488 488 + message: `Invalid CAR file: ${err.message}`, 489 489 + }, 490 490 + 400, 491 491 + ); 492 492 + } 493 493 + } 494 494 + throw err; 495 495 + } 496 496 + } 497 497 + 498 498 + export async function listMissingBlobs( 499 499 + c: Context<AuthedAppEnv>, 500 500 + repoManager: RepoManager, 501 501 + ): Promise<Response> { 502 502 + const limitStr = c.req.query("limit"); 503 503 + const cursor = c.req.query("cursor"); 504 504 + 505 505 + const limit = limitStr ? Math.min(Number.parseInt(limitStr, 10), 500) : 500; 506 506 + 507 507 + const result = await repoManager.listMissingBlobs( 508 508 + limit, 509 509 + cursor || undefined, 510 510 + ); 511 511 + 512 512 + return c.json(result); 513 513 + }

+396

src/xrpc/server.ts

reviewed

··· 1 1 + import type { Context } from "hono"; 2 2 + import type { RepoManager } from "../repo-manager.js"; 3 3 + import { createServiceJwt, getSigningKeypair } from "../service-auth.js"; 4 4 + import { 5 5 + createAccessToken, 6 6 + createRefreshToken, 7 7 + verifyPassword, 8 8 + verifyAccessToken, 9 9 + verifyRefreshToken, 10 10 + TokenExpiredError, 11 11 + } from "../session.js"; 12 12 + import type { AppEnv, AuthedAppEnv } from "../types.js"; 13 13 + 14 14 + export async function describeServer(c: Context<AppEnv>): Promise<Response> { 15 15 + return c.json({ 16 16 + did: c.env.DID, 17 17 + availableUserDomains: [], 18 18 + inviteCodeRequired: false, 19 19 + }); 20 20 + } 21 21 + 22 22 + export async function createSession( 23 23 + c: Context<AppEnv>, 24 24 + repoManager: RepoManager, 25 25 + ): Promise<Response> { 26 26 + const body = await c.req.json<{ 27 27 + identifier: string; 28 28 + password: string; 29 29 + }>(); 30 30 + 31 31 + const { identifier, password } = body; 32 32 + 33 33 + if (!identifier || !password) { 34 34 + return c.json( 35 35 + { error: "InvalidRequest", message: "Missing identifier or password" }, 36 36 + 400, 37 37 + ); 38 38 + } 39 39 + 40 40 + if (identifier !== c.env.HANDLE && identifier !== c.env.DID) { 41 41 + return c.json( 42 42 + { 43 43 + error: "AuthenticationRequired", 44 44 + message: "Invalid identifier or password", 45 45 + }, 46 46 + 401, 47 47 + ); 48 48 + } 49 49 + 50 50 + const passwordValid = await verifyPassword(password, c.env.PASSWORD_HASH); 51 51 + if (!passwordValid) { 52 52 + return c.json( 53 53 + { 54 54 + error: "AuthenticationRequired", 55 55 + message: "Invalid identifier or password", 56 56 + }, 57 57 + 401, 58 58 + ); 59 59 + } 60 60 + 61 61 + const serviceDid = `did:web:${c.env.PDS_HOSTNAME}`; 62 62 + const accessJwt = await createAccessToken( 63 63 + c.env.JWT_SECRET, 64 64 + c.env.DID, 65 65 + serviceDid, 66 66 + ); 67 67 + const refreshJwt = await createRefreshToken( 68 68 + c.env.JWT_SECRET, 69 69 + c.env.DID, 70 70 + serviceDid, 71 71 + ); 72 72 + 73 73 + const { email: storedEmail } = await repoManager.getEmail(); 74 74 + const email = storedEmail || c.env.EMAIL; 75 75 + 76 76 + return c.json({ 77 77 + accessJwt, 78 78 + refreshJwt, 79 79 + handle: c.env.HANDLE, 80 80 + did: c.env.DID, 81 81 + ...(email ? { email } : {}), 82 82 + emailConfirmed: true, 83 83 + active: true, 84 84 + }); 85 85 + } 86 86 + 87 87 + export async function refreshSession( 88 88 + c: Context<AppEnv>, 89 89 + repoManager: RepoManager, 90 90 + ): Promise<Response> { 91 91 + const authHeader = c.req.header("Authorization"); 92 92 + 93 93 + if (!authHeader?.startsWith("Bearer ")) { 94 94 + return c.json( 95 95 + { error: "AuthenticationRequired", message: "Refresh token required" }, 96 96 + 401, 97 97 + ); 98 98 + } 99 99 + 100 100 + const token = authHeader.slice(7); 101 101 + const serviceDid = `did:web:${c.env.PDS_HOSTNAME}`; 102 102 + 103 103 + try { 104 104 + const payload = await verifyRefreshToken( 105 105 + token, 106 106 + c.env.JWT_SECRET, 107 107 + serviceDid, 108 108 + ); 109 109 + 110 110 + if (payload.sub !== c.env.DID) { 111 111 + return c.json( 112 112 + { 113 113 + error: "AuthenticationRequired", 114 114 + message: "Invalid refresh token", 115 115 + }, 116 116 + 401, 117 117 + ); 118 118 + } 119 119 + 120 120 + const accessJwt = await createAccessToken( 121 121 + c.env.JWT_SECRET, 122 122 + c.env.DID, 123 123 + serviceDid, 124 124 + ); 125 125 + const refreshJwt = await createRefreshToken( 126 126 + c.env.JWT_SECRET, 127 127 + c.env.DID, 128 128 + serviceDid, 129 129 + ); 130 130 + 131 131 + const { email: storedEmail } = await repoManager.getEmail(); 132 132 + const email = storedEmail || c.env.EMAIL; 133 133 + 134 134 + return c.json({ 135 135 + accessJwt, 136 136 + refreshJwt, 137 137 + handle: c.env.HANDLE, 138 138 + did: c.env.DID, 139 139 + ...(email ? { email } : {}), 140 140 + emailConfirmed: true, 141 141 + active: true, 142 142 + }); 143 143 + } catch (err) { 144 144 + if (err instanceof TokenExpiredError) { 145 145 + return c.json( 146 146 + { error: "ExpiredToken", message: err.message }, 147 147 + 400, 148 148 + ); 149 149 + } 150 150 + return c.json( 151 151 + { 152 152 + error: "InvalidToken", 153 153 + message: err instanceof Error ? err.message : "Invalid refresh token", 154 154 + }, 155 155 + 400, 156 156 + ); 157 157 + } 158 158 + } 159 159 + 160 160 + export async function getSession( 161 161 + c: Context<AppEnv>, 162 162 + repoManager: RepoManager, 163 163 + ): Promise<Response> { 164 164 + const authHeader = c.req.header("Authorization"); 165 165 + 166 166 + if (!authHeader?.startsWith("Bearer ")) { 167 167 + return c.json( 168 168 + { error: "AuthenticationRequired", message: "Access token required" }, 169 169 + 401, 170 170 + ); 171 171 + } 172 172 + 173 173 + const token = authHeader.slice(7); 174 174 + const serviceDid = `did:web:${c.env.PDS_HOSTNAME}`; 175 175 + 176 176 + if (token === c.env.AUTH_TOKEN) { 177 177 + const { email: storedEmail } = await repoManager.getEmail(); 178 178 + const email = storedEmail || c.env.EMAIL; 179 179 + return c.json({ 180 180 + handle: c.env.HANDLE, 181 181 + did: c.env.DID, 182 182 + ...(email ? { email } : {}), 183 183 + emailConfirmed: true, 184 184 + active: true, 185 185 + }); 186 186 + } 187 187 + 188 188 + try { 189 189 + const payload = await verifyAccessToken( 190 190 + token, 191 191 + c.env.JWT_SECRET, 192 192 + serviceDid, 193 193 + ); 194 194 + 195 195 + if (payload.sub !== c.env.DID) { 196 196 + return c.json( 197 197 + { 198 198 + error: "AuthenticationRequired", 199 199 + message: "Invalid access token", 200 200 + }, 201 201 + 401, 202 202 + ); 203 203 + } 204 204 + 205 205 + const { email: storedEmail } = await repoManager.getEmail(); 206 206 + const email = storedEmail || c.env.EMAIL; 207 207 + return c.json({ 208 208 + handle: c.env.HANDLE, 209 209 + did: c.env.DID, 210 210 + ...(email ? { email } : {}), 211 211 + emailConfirmed: true, 212 212 + active: true, 213 213 + }); 214 214 + } catch (err) { 215 215 + if (err instanceof TokenExpiredError) { 216 216 + return c.json( 217 217 + { error: "ExpiredToken", message: err.message }, 218 218 + 400, 219 219 + ); 220 220 + } 221 221 + return c.json( 222 222 + { 223 223 + error: "InvalidToken", 224 224 + message: err instanceof Error ? err.message : "Invalid access token", 225 225 + }, 226 226 + 401, 227 227 + ); 228 228 + } 229 229 + } 230 230 + 231 231 + export async function deleteSession(c: Context<AppEnv>): Promise<Response> { 232 232 + return c.json({}); 233 233 + } 234 234 + 235 235 + export async function checkAccountStatus( 236 236 + c: Context<AuthedAppEnv>, 237 237 + repoManager: RepoManager, 238 238 + ): Promise<Response> { 239 239 + try { 240 240 + const status = await repoManager.getRepoStatus(); 241 241 + const active = await repoManager.getActive(); 242 242 + 243 243 + const [repoBlocks, indexedRecords, expectedBlobs, importedBlobs] = 244 244 + await Promise.all([ 245 245 + repoManager.countBlocks(), 246 246 + repoManager.countRecords(), 247 247 + repoManager.countExpectedBlobs(), 248 248 + repoManager.countImportedBlobs(), 249 249 + ]); 250 250 + 251 251 + const activated = active || indexedRecords > 0; 252 252 + 253 253 + return c.json({ 254 254 + activated, 255 255 + active, 256 256 + validDid: true, 257 257 + repoCommit: status.head, 258 258 + repoRev: status.rev, 259 259 + repoBlocks, 260 260 + indexedRecords, 261 261 + privateStateValues: null, 262 262 + expectedBlobs, 263 263 + importedBlobs, 264 264 + }); 265 265 + } catch { 266 266 + return c.json({ 267 267 + activated: false, 268 268 + active: false, 269 269 + validDid: true, 270 270 + repoCommit: null, 271 271 + repoRev: null, 272 272 + repoBlocks: 0, 273 273 + indexedRecords: 0, 274 274 + privateStateValues: null, 275 275 + expectedBlobs: 0, 276 276 + importedBlobs: 0, 277 277 + }); 278 278 + } 279 279 + } 280 280 + 281 281 + export async function getServiceAuth( 282 282 + c: Context<AuthedAppEnv>, 283 283 + ): Promise<Response> { 284 284 + const aud = c.req.query("aud"); 285 285 + const lxm = c.req.query("lxm") || null; 286 286 + 287 287 + if (!aud) { 288 288 + return c.json( 289 289 + { error: "InvalidRequest", message: "Missing required parameter: aud" }, 290 290 + 400, 291 291 + ); 292 292 + } 293 293 + 294 294 + const keypair = await getSigningKeypair(c.env.SIGNING_KEY); 295 295 + const token = await createServiceJwt({ 296 296 + iss: c.env.DID, 297 297 + aud, 298 298 + lxm, 299 299 + keypair, 300 300 + }); 301 301 + 302 302 + return c.json({ token }); 303 303 + } 304 304 + 305 305 + export async function activateAccount( 306 306 + c: Context<AuthedAppEnv>, 307 307 + repoManager: RepoManager, 308 308 + ): Promise<Response> { 309 309 + try { 310 310 + await repoManager.activateAccount(); 311 311 + return c.json({ success: true }); 312 312 + } catch (err) { 313 313 + return c.json( 314 314 + { 315 315 + error: "InternalServerError", 316 316 + message: err instanceof Error ? err.message : "Unknown error", 317 317 + }, 318 318 + 500, 319 319 + ); 320 320 + } 321 321 + } 322 322 + 323 323 + export async function deactivateAccount( 324 324 + c: Context<AuthedAppEnv>, 325 325 + repoManager: RepoManager, 326 326 + ): Promise<Response> { 327 327 + try { 328 328 + await repoManager.deactivateAccount(); 329 329 + return c.json({ success: true }); 330 330 + } catch (err) { 331 331 + return c.json( 332 332 + { 333 333 + error: "InternalServerError", 334 334 + message: err instanceof Error ? err.message : "Unknown error", 335 335 + }, 336 336 + 500, 337 337 + ); 338 338 + } 339 339 + } 340 340 + 341 341 + export async function requestEmailUpdate( 342 342 + c: Context<AuthedAppEnv>, 343 343 + ): Promise<Response> { 344 344 + return c.json({ tokenRequired: false }); 345 345 + } 346 346 + 347 347 + export async function requestEmailConfirmation( 348 348 + c: Context<AuthedAppEnv>, 349 349 + ): Promise<Response> { 350 350 + return c.json({}); 351 351 + } 352 352 + 353 353 + export async function updateEmail( 354 354 + c: Context<AuthedAppEnv>, 355 355 + repoManager: RepoManager, 356 356 + ): Promise<Response> { 357 357 + const body = await c.req.json<{ email: string }>(); 358 358 + 359 359 + if (!body.email) { 360 360 + return c.json( 361 361 + { error: "InvalidRequest", message: "Missing required field: email" }, 362 362 + 400, 363 363 + ); 364 364 + } 365 365 + 366 366 + await repoManager.updateEmail(body.email); 367 367 + return c.json({}); 368 368 + } 369 369 + 370 370 + export async function resetMigration( 371 371 + c: Context<AuthedAppEnv>, 372 372 + repoManager: RepoManager, 373 373 + ): Promise<Response> { 374 374 + try { 375 375 + const result = await repoManager.resetMigration(); 376 376 + return c.json(result); 377 377 + } catch (err) { 378 378 + const message = err instanceof Error ? err.message : "Unknown error"; 379 379 + 380 380 + if (message.includes("AccountActive")) { 381 381 + return c.json( 382 382 + { 383 383 + error: "AccountActive", 384 384 + message: 385 385 + "Cannot reset migration on an active account. Deactivate first.", 386 386 + }, 387 387 + 400, 388 388 + ); 389 389 + } 390 390 + 391 391 + return c.json( 392 392 + { error: "InternalServerError", message }, 393 393 + 500, 394 394 + ); 395 395 + } 396 396 + }

+323

src/xrpc/sync.ts

reviewed

··· 1 1 + import type { Context } from "hono"; 2 2 + import { isDid, isNsid, isRecordKey } from "@atcute/lexicons/syntax"; 3 3 + import type { RepoManager } from "../repo-manager.js"; 4 4 + import type { AppEnv } from "../types.js"; 5 5 + import { detectContentType } from "../format.js"; 6 6 + 7 7 + export async function getRepo( 8 8 + c: Context<AppEnv>, 9 9 + repoManager: RepoManager, 10 10 + ): Promise<Response> { 11 11 + const did = c.req.query("did"); 12 12 + 13 13 + if (!did) { 14 14 + return c.json( 15 15 + { error: "InvalidRequest", message: "Missing required parameter: did" }, 16 16 + 400, 17 17 + ); 18 18 + } 19 19 + 20 20 + if (!isDid(did)) { 21 21 + return c.json( 22 22 + { error: "InvalidRequest", message: "Invalid DID format" }, 23 23 + 400, 24 24 + ); 25 25 + } 26 26 + 27 27 + if (did !== c.env.DID) { 28 28 + return c.json( 29 29 + { error: "RepoNotFound", message: `Repository not found for DID: ${did}` }, 30 30 + 404, 31 31 + ); 32 32 + } 33 33 + 34 34 + const carBytes = await repoManager.getRepoCar(); 35 35 + 36 36 + return new Response(carBytes, { 37 37 + status: 200, 38 38 + headers: { 39 39 + "Content-Type": "application/vnd.ipld.car", 40 40 + "Content-Length": carBytes.length.toString(), 41 41 + }, 42 42 + }); 43 43 + } 44 44 + 45 45 + export async function getRepoStatus( 46 46 + c: Context<AppEnv>, 47 47 + repoManager: RepoManager, 48 48 + ): Promise<Response> { 49 49 + const did = c.req.query("did"); 50 50 + 51 51 + if (!did) { 52 52 + return c.json( 53 53 + { error: "InvalidRequest", message: "Missing required parameter: did" }, 54 54 + 400, 55 55 + ); 56 56 + } 57 57 + 58 58 + if (!isDid(did)) { 59 59 + return c.json( 60 60 + { error: "InvalidRequest", message: "Invalid DID format" }, 61 61 + 400, 62 62 + ); 63 63 + } 64 64 + 65 65 + if (did !== c.env.DID) { 66 66 + return c.json( 67 67 + { error: "RepoNotFound", message: `Repository not found for DID: ${did}` }, 68 68 + 404, 69 69 + ); 70 70 + } 71 71 + 72 72 + const data = await repoManager.getRepoStatus(); 73 73 + 74 74 + return c.json({ 75 75 + did: data.did, 76 76 + active: true, 77 77 + status: "active", 78 78 + rev: data.rev, 79 79 + }); 80 80 + } 81 81 + 82 82 + export async function listRepos( 83 83 + c: Context<AppEnv>, 84 84 + repoManager: RepoManager, 85 85 + ): Promise<Response> { 86 86 + const data = await repoManager.getRepoStatus(); 87 87 + 88 88 + return c.json({ 89 89 + repos: [ 90 90 + { 91 91 + did: data.did, 92 92 + head: data.head, 93 93 + rev: data.rev, 94 94 + active: true, 95 95 + }, 96 96 + ], 97 97 + }); 98 98 + } 99 99 + 100 100 + export async function listBlobs( 101 101 + c: Context<AppEnv>, 102 102 + repoManager: RepoManager, 103 103 + ): Promise<Response> { 104 104 + const did = c.req.query("did"); 105 105 + 106 106 + if (!did) { 107 107 + return c.json( 108 108 + { error: "InvalidRequest", message: "Missing required parameter: did" }, 109 109 + 400, 110 110 + ); 111 111 + } 112 112 + 113 113 + if (!isDid(did)) { 114 114 + return c.json( 115 115 + { error: "InvalidRequest", message: "Invalid DID format" }, 116 116 + 400, 117 117 + ); 118 118 + } 119 119 + 120 120 + if (did !== c.env.DID) { 121 121 + return c.json( 122 122 + { error: "RepoNotFound", message: `Repository not found for DID: ${did}` }, 123 123 + 404, 124 124 + ); 125 125 + } 126 126 + 127 127 + if (!repoManager.blobStore) { 128 128 + return c.json({ cids: [] }); 129 129 + } 130 130 + 131 131 + const cursor = c.req.query("cursor"); 132 132 + const limit = Math.min(Number(c.req.query("limit")) || 500, 1000); 133 133 + 134 134 + const result = repoManager.blobStore.listBlobs(limit, cursor || undefined); 135 135 + 136 136 + const response: { cids: string[]; cursor?: string } = { cids: result.cids }; 137 137 + if (result.cursor) { 138 138 + response.cursor = result.cursor; 139 139 + } 140 140 + 141 141 + return c.json(response); 142 142 + } 143 143 + 144 144 + export async function getBlocks( 145 145 + c: Context<AppEnv>, 146 146 + repoManager: RepoManager, 147 147 + ): Promise<Response> { 148 148 + const did = c.req.query("did"); 149 149 + const cidsParam = c.req.queries("cids"); 150 150 + 151 151 + if (!did) { 152 152 + return c.json( 153 153 + { error: "InvalidRequest", message: "Missing required parameter: did" }, 154 154 + 400, 155 155 + ); 156 156 + } 157 157 + 158 158 + if (!cidsParam || cidsParam.length === 0) { 159 159 + return c.json( 160 160 + { error: "InvalidRequest", message: "Missing required parameter: cids" }, 161 161 + 400, 162 162 + ); 163 163 + } 164 164 + 165 165 + if (!isDid(did)) { 166 166 + return c.json( 167 167 + { error: "InvalidRequest", message: "Invalid DID format" }, 168 168 + 400, 169 169 + ); 170 170 + } 171 171 + 172 172 + if (did !== c.env.DID) { 173 173 + return c.json( 174 174 + { error: "RepoNotFound", message: `Repository not found for DID: ${did}` }, 175 175 + 404, 176 176 + ); 177 177 + } 178 178 + 179 179 + const carBytes = await repoManager.getBlocks(cidsParam); 180 180 + 181 181 + return new Response(carBytes, { 182 182 + status: 200, 183 183 + headers: { 184 184 + "Content-Type": "application/vnd.ipld.car", 185 185 + "Content-Length": carBytes.length.toString(), 186 186 + }, 187 187 + }); 188 188 + } 189 189 + 190 190 + export async function getBlob( 191 191 + c: Context<AppEnv>, 192 192 + repoManager: RepoManager, 193 193 + ): Promise<Response> { 194 194 + const did = c.req.query("did"); 195 195 + const cid = c.req.query("cid"); 196 196 + 197 197 + if (!did || !cid) { 198 198 + return c.json( 199 199 + { error: "InvalidRequest", message: "Missing required parameters: did, cid" }, 200 200 + 400, 201 201 + ); 202 202 + } 203 203 + 204 204 + if (!isDid(did)) { 205 205 + return c.json( 206 206 + { error: "InvalidRequest", message: "Invalid DID format" }, 207 207 + 400, 208 208 + ); 209 209 + } 210 210 + 211 211 + if (did !== c.env.DID) { 212 212 + return c.json( 213 213 + { error: "RepoNotFound", message: `Repository not found for DID: ${did}` }, 214 214 + 404, 215 215 + ); 216 216 + } 217 217 + 218 218 + if (!repoManager.blobStore) { 219 219 + return c.json( 220 220 + { error: "ServiceUnavailable", message: "Blob storage is not configured" }, 221 221 + 503, 222 222 + ); 223 223 + } 224 224 + 225 225 + const blob = repoManager.blobStore.getBlob(cid); 226 226 + 227 227 + if (!blob) { 228 228 + return c.json( 229 229 + { error: "BlobNotFound", message: `Blob not found: ${cid}` }, 230 230 + 404, 231 231 + ); 232 232 + } 233 233 + 234 234 + let contentType = blob.mimeType; 235 235 + if (!contentType || contentType === "*/*") { 236 236 + contentType = 237 237 + detectContentType(blob.bytes) || "application/octet-stream"; 238 238 + } 239 239 + 240 240 + return new Response(blob.bytes, { 241 241 + status: 200, 242 242 + headers: { 243 243 + "Content-Type": contentType, 244 244 + "Content-Length": blob.size.toString(), 245 245 + }, 246 246 + }); 247 247 + } 248 248 + 249 249 + export async function getRecord( 250 250 + c: Context<AppEnv>, 251 251 + repoManager: RepoManager, 252 252 + ): Promise<Response> { 253 253 + const did = c.req.query("did"); 254 254 + const collection = c.req.query("collection"); 255 255 + const rkey = c.req.query("rkey"); 256 256 + 257 257 + if (!did) { 258 258 + return c.json( 259 259 + { error: "InvalidRequest", message: "Missing required parameter: did" }, 260 260 + 400, 261 261 + ); 262 262 + } 263 263 + 264 264 + if (!collection) { 265 265 + return c.json( 266 266 + { error: "InvalidRequest", message: "Missing required parameter: collection" }, 267 267 + 400, 268 268 + ); 269 269 + } 270 270 + 271 271 + if (!rkey) { 272 272 + return c.json( 273 273 + { error: "InvalidRequest", message: "Missing required parameter: rkey" }, 274 274 + 400, 275 275 + ); 276 276 + } 277 277 + 278 278 + if (!isDid(did)) { 279 279 + return c.json( 280 280 + { error: "InvalidRequest", message: "Invalid DID format" }, 281 281 + 400, 282 282 + ); 283 283 + } 284 284 + 285 285 + if (!isNsid(collection)) { 286 286 + return c.json( 287 287 + { error: "InvalidRequest", message: "Invalid collection format (must be NSID)" }, 288 288 + 400, 289 289 + ); 290 290 + } 291 291 + 292 292 + if (!isRecordKey(rkey)) { 293 293 + return c.json( 294 294 + { error: "InvalidRequest", message: "Invalid rkey format" }, 295 295 + 400, 296 296 + ); 297 297 + } 298 298 + 299 299 + if (did !== c.env.DID) { 300 300 + return c.json( 301 301 + { error: "RepoNotFound", message: `Repository not found for DID: ${did}` }, 302 302 + 404, 303 303 + ); 304 304 + } 305 305 + 306 306 + try { 307 307 + const carBytes = await repoManager.getRecordProof(collection, rkey); 308 308 + 309 309 + return new Response(carBytes, { 310 310 + status: 200, 311 311 + headers: { 312 312 + "Content-Type": "application/vnd.ipld.car", 313 313 + "Content-Length": carBytes.length.toString(), 314 314 + }, 315 315 + }); 316 316 + } catch (err) { 317 317 + console.error("Error getting record proof:", err); 318 318 + return c.json( 319 319 + { error: "InternalServerError", message: "Failed to get record proof" }, 320 320 + 500, 321 321 + ); 322 322 + } 323 323 + }

+20

tsconfig.json

reviewed

··· 1 1 + { 2 2 + "compilerOptions": { 3 3 + "target": "ES2022", 4 4 + "module": "NodeNext", 5 5 + "moduleResolution": "NodeNext", 6 6 + "lib": ["ES2022"], 7 7 + "outDir": "dist", 8 8 + "rootDir": "src", 9 9 + "strict": true, 10 10 + "esModuleInterop": true, 11 11 + "skipLibCheck": true, 12 12 + "forceConsistentCasingInFileNames": true, 13 13 + "resolveJsonModule": true, 14 14 + "declaration": true, 15 15 + "declarationMap": true, 16 16 + "sourceMap": true 17 17 + }, 18 18 + "include": ["src"], 19 19 + "exclude": ["node_modules", "dist"] 20 20 + }