this repo has no description
Deploy info
+52
-2
+25
README.md
+25
README.md
···
68
68
- `dev.keytrace.key` - Daily signing key for attestations
69
69
- `dev.keytrace.signature` - Cryptographic attestation structure
70
70
71
+
## Deployment
72
+
73
+
### Publishing Packages
74
+
75
+
Use the deploy script to bump versions and publish all packages to npm:
76
+
77
+
```bash
78
+
./scripts/deploy.sh patch # 0.0.1 → 0.0.2
79
+
./scripts/deploy.sh minor # 0.0.2 → 0.1.0
80
+
./scripts/deploy.sh major # 0.1.0 → 1.0.0
81
+
```
82
+
83
+
This will:
84
+
1. Bump versions in `@keytrace/runner`, `@keytrace/verify`, and `@keytrace/lexicon`
85
+
2. Build all packages
86
+
3. Publish to npm
87
+
4. Create a git commit and tag
88
+
89
+
After running, push to remote:
90
+
91
+
```bash
92
+
git push && git push --tags
93
+
```
94
+
95
+
71
96
## License
72
97
73
98
MIT
+6
-1
apps/keytrace.dev/.env.example
+6
-1
apps/keytrace.dev/.env.example
···
4
4
# Session secret (generate a secure random string for production)
5
5
NUXT_SESSION_SECRET=your-secret-key-here
6
6
7
-
# Scaleway Object Storage (S3-compatible)
7
+
# S3 configuration for session storage
8
8
NUXT_S3_BUCKET=keytrace-sessions
9
9
NUXT_S3_REGION=fr-par
10
10
NUXT_S3_ACCESS_KEY_ID=your-access-key
11
11
NUXT_S3_SECRET_ACCESS_KEY=your-secret-key
12
+
12
13
# Optional: custom endpoint (defaults to https://s3.{region}.scw.cloud)
13
14
# NUXT_S3_ENDPOINT=https://s3.fr-par.scw.cloud
15
+
16
+
# Keytrace service account credentials (for writing claims to user repos)
17
+
NUXT_KEYTRACE_DID=did:plc:your-service-account-did
18
+
NUXT_KEYTRACE_PASSWORD=your-app-password
+21
-1
apps/keytrace.dev/server/utils/recent-claims.ts
+21
-1
apps/keytrace.dev/server/utils/recent-claims.ts
···
21
21
const FEED_KEY = "recent-claims.json";
22
22
const MAX_ITEMS = 50;
23
23
24
+
// Track last known feed size to detect unexpected empty reads
25
+
let lastKnownFeedSize = 0;
26
+
24
27
/**
25
28
* Add a claim to the recent claims feed.
26
29
* Prepends to the list, trims to 50 items, and saves.
30
+
* Includes safeguard against S3 read failures that would wipe the feed.
27
31
*/
28
32
export async function addRecentClaim(claim: RecentClaim): Promise<void> {
29
33
const feed = await getRecentClaims();
34
+
35
+
// Safeguard: if we previously had data but now read empty, S3 may have failed
36
+
// Don't overwrite - log warning and skip save to prevent data loss
37
+
if (feed.length === 0 && lastKnownFeedSize > 5) {
38
+
console.warn(
39
+
`[recent-claims] Read returned empty but last known size was ${lastKnownFeedSize}. ` +
40
+
`Skipping save to prevent data loss. New claim not added: ${claim.subject}`,
41
+
);
42
+
return;
43
+
}
44
+
30
45
feed.unshift(claim);
31
46
if (feed.length > MAX_ITEMS) feed.length = MAX_ITEMS;
47
+
lastKnownFeedSize = feed.length;
32
48
await saveJson(FEED_KEY, feed);
33
49
}
34
50
···
36
52
* Get the recent claims feed from storage.
37
53
*/
38
54
export async function getRecentClaims(): Promise<RecentClaim[]> {
39
-
return (await loadJson<RecentClaim[]>(FEED_KEY)) ?? [];
55
+
const feed = (await loadJson<RecentClaim[]>(FEED_KEY)) ?? [];
56
+
if (feed.length > 0) {
57
+
lastKnownFeedSize = feed.length;
58
+
}
59
+
return feed;
40
60
}