push.rocks/smartregistry
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: push.rocks:v1.8.0
Branches Tags
push.rocks:main
push.rocks:v2.2.2 push.rocks:v2.2.1 push.rocks:v2.2.0 push.rocks:v2.1.2 push.rocks:v2.1.1 push.rocks:v2.1.0 push.rocks:v2.0.0 push.rocks:v1.9.0 push.rocks:v1.8.0 push.rocks:v1.7.0 push.rocks:v1.6.0 push.rocks:v1.5.0 push.rocks:v1.4.1 push.rocks:v1.4.0 push.rocks:v1.3.1 push.rocks:v1.3.0 push.rocks:v1.2.0 push.rocks:v1.1.1 push.rocks:v1.1.0 push.rocks:v1.0.2
..
compare: push.rocks:v2.1.1
Branches Tags
push.rocks:main
push.rocks:v2.2.2 push.rocks:v2.2.1 push.rocks:v2.2.0 push.rocks:v2.1.2 push.rocks:v2.1.1 push.rocks:v2.1.0 push.rocks:v2.0.0 push.rocks:v1.9.0 push.rocks:v1.8.0 push.rocks:v1.7.0 push.rocks:v1.6.0 push.rocks:v1.5.0 push.rocks:v1.4.1 push.rocks:v1.4.0 push.rocks:v1.3.1 push.rocks:v1.3.0 push.rocks:v1.2.0 push.rocks:v1.1.1 push.rocks:v1.1.0 push.rocks:v1.0.2

8 Commits
v1.8.0 ... v2.1.1

Author SHA1 Message Date
Juergen Kunz
37a89239d9 v2.1.1
Some checks failed
Default (tags) / security (push) Successful in 35s
Details
Default (tags) / test (push) Failing after 36s
Details
Default (tags) / release (push) Has been skipped
Details
Default (tags) / metadata (push) Has been skipped
Details
2025-11-25 16:59:37 +00:00
Juergen Kunz
93fee289e7 fix(oci): Preserve raw manifest bytes for digest calculation and handle string/JSON manifest bodies in OCI registry 2025-11-25 16:59:37 +00:00
Juergen Kunz
30fd9a4238 v2.1.0
Some checks failed
Default (tags) / security (push) Successful in 47s
Details
Default (tags) / test (push) Failing after 48s
Details
Default (tags) / release (push) Has been skipped
Details
Default (tags) / metadata (push) Has been skipped
Details
2025-11-25 16:48:08 +00:00
Juergen Kunz
3b5bf5e789 feat(oci): Support configurable OCI token realm/service and centralize unauthorized responses 2025-11-25 16:48:08 +00:00
Juergen Kunz
9b92e1c0d2 v2.0.0
Some checks failed
Default (tags) / security (push) Successful in 49s
Details
Default (tags) / test (push) Failing after 50s
Details
Default (tags) / release (push) Has been skipped
Details
Default (tags) / metadata (push) Has been skipped
Details
2025-11-25 15:07:59 +00:00
Juergen Kunz
6291ebf79b BREAKING CHANGE(pypi,rubygems): Revise PyPI and RubyGems handling: normalize error payloads, fix .gem parsing/packing, adjust PyPI JSON API and tests, and export smartarchive plugin 2025-11-25 15:07:59 +00:00
Juergen Kunz
fcd95677a0 v1.9.0
Some checks failed
Default (tags) / security (push) Successful in 51s
Details
Default (tags) / test (push) Failing after 52s
Details
Default (tags) / release (push) Has been skipped
Details
Default (tags) / metadata (push) Has been skipped
Details
2025-11-25 14:28:19 +00:00
Juergen Kunz
547c262578 feat(auth): Implement HMAC-SHA256 OCI JWTs; enhance PyPI & RubyGems uploads and normalize responses 2025-11-25 14:28:19 +00:00
17 changed files with 1197 additions and 217 deletions
Expand all files Collapse all files

38
changelog.md
View File

@@ -1,5 +1,43 @@
# Changelog
## 2025-11-25 - 2.1.1 - fix(oci)
Preserve raw manifest bytes for digest calculation and handle string/JSON manifest bodies in OCI registry
- Preserve the exact bytes of the manifest payload when computing the sha256 digest to comply with the OCI spec and avoid mismatches caused by re-serialization.
- Accept string request bodies (converted using UTF-8) and treat already-parsed JSON objects by re-serializing as a fallback.
- Keep existing content-type fallback logic while ensuring accurate digest calculation prior to storing manifests.
## 2025-11-25 - 2.1.0 - feat(oci)
Support configurable OCI token realm/service and centralize unauthorized responses
- SmartRegistry now forwards optional ociTokens (realm and service) from auth configuration to OciRegistry when OCI is enabled
- OciRegistry constructor accepts an optional ociTokens parameter and stores it for use in auth headers
- Replaced repeated construction of WWW-Authenticate headers with createUnauthorizedResponse and createUnauthorizedHeadResponse helpers that use configured realm/service
- Behavior is backwards-compatible: when ociTokens are not configured the registry falls back to the previous defaults (realm: <basePath>/v2/token, service: "registry")
## 2025-11-25 - 2.0.0 - BREAKING CHANGE(pypi,rubygems)
Revise PyPI and RubyGems handling: normalize error payloads, fix .gem parsing/packing, adjust PyPI JSON API and tests, and export smartarchive plugin
- Rename error payload property from 'message' to 'error' in PyPI and RubyGems interfaces and responses; error responses are now returned as JSON objects (body: { error: ... }) instead of Buffer(JSON.stringify(...)).
- RubyGems: treat .gem files as plain tar archives (not gzipped). Use metadata.gz and data.tar.gz correctly, switch packing helper to pack plain tar, and use zlib deflate for .rz gemspec data.
- RubyGems registry: add legacy Marshal specs endpoint (specs.4.8.gz) and adjust versions handler invocation to accept request context.
- PyPI: adopt PEP 691 style (files is an array of file objects) in tests and metadata; include requires_python in test package metadata; update JSON API path matching to the package-level '/{package}/json' style used by the handler.
- Fix HTML escaping expectations in tests (requires_python values are HTML-escaped in attributes, e.g. '&gt;=3.8').
- Export smartarchive from plugins to enable archive helpers in core modules and helpers.
- Update tests and internal code to match the new error shape and API/format behaviour.
## 2025-11-25 - 1.9.0 - feat(auth)
Implement HMAC-SHA256 OCI JWTs; enhance PyPI & RubyGems uploads and normalize responses
- AuthManager: create and validate OCI JWTs signed with HMAC-SHA256 (header.payload.signature). Signature verification, exp/nbf checks and payload decoding implemented.
- PyPI: improved Simple API handling (PEP-691 JSON responses returned as objects), Simple HTML responses updated, upload handling enhanced to support nested/flat multipart fields, verify hashes (sha256/md5/blake2b), store files and return 201 on success.
- RubyGems: upload flow now attempts to extract gem metadata from the .gem binary when name/version are not provided, improved validation, and upload returns 201. Added extractGemMetadata helper.
- OCI: centralized 401 response creation (including proper WWW-Authenticate header) and HEAD behavior fixed to return no body per HTTP spec.
- SmartRegistry: use nullish coalescing for protocol basePath defaults to avoid falsy-value bugs when basePath is an empty string.
- Tests and helpers: test expectations adjusted (Content-Type startsWith check for HTML, PEP-691 projects is an array), test helper switched to smartarchive for packaging.
- Package.json: added devDependency @push.rocks/smartarchive and updated dev deps.
- Various response normalization: avoid unnecessary Buffer.from() for already-serialized objects/strings and standardize status codes for create/upload endpoints (201).
## 2025-11-24 - 1.8.0 - feat(smarts3)
Add local smarts3 testing support and documentation

3
package.json
View File

@@ -1,6 +1,6 @@
{
"name": "@push.rocks/smartregistry",
"version": "1.8.0",
"version": "2.1.1",
"private": false,
"description": "A composable TypeScript library implementing OCI, NPM, Maven, Cargo, Composer, PyPI, and RubyGems registries for building unified container and package registries",
"main": "dist_ts/index.js",
@@ -18,6 +18,7 @@
"@git.zone/tsbundle": "^2.0.5",
"@git.zone/tsrun": "^2.0.0",
"@git.zone/tstest": "^3.1.0",
"@push.rocks/smartarchive": "^5.0.1",
"@push.rocks/smarts3": "^5.1.0",
"@types/node": "^24.10.1"
},

53
pnpm-lock.yaml generated
View File

@@ -39,6 +39,9 @@ importers:
'@git.zone/tstest':
specifier: ^3.1.0
version: 3.1.0(socks@2.8.7)(typescript@5.9.3)
'@push.rocks/smartarchive':
specifier: ^5.0.1
version: 5.0.1(@push.rocks/smartfs@1.1.0)
'@push.rocks/smarts3':
specifier: ^5.1.0
version: 5.1.0
@@ -705,6 +708,9 @@ packages:
'@push.rocks/smartarchive@4.2.2':
resolution: {integrity: sha512-6EpqbKU32D6Gcqsc9+Tn1dOCU5HoTlrqqs/7IdUr9Tirp9Ngtptkapca1Fw/D0kVJ7SSw3kG/miAYnuPMZLEoA==}
'@push.rocks/smartarchive@5.0.1':
resolution: {integrity: sha512-x4bie9IIdL9BZqBZLc8Pemp8xZOJGa6mXSVgKJRL4/Rw+E5N4rVHjQOYGRV75nC2mAMJh9GIbixuxLnWjj77ag==}
'@push.rocks/smartbrowser@2.0.8':
resolution: {integrity: sha512-0KWRZj3TuKo/sNwgPbiSE6WL+TMeR19t1JmXBZWh9n8iA2mpc4HhMrQAndEUdRCkx5ofSaHWojIRVFzGChj0Dg==}
@@ -765,6 +771,14 @@ packages:
'@push.rocks/smartfile@11.2.7':
resolution: {integrity: sha512-8Yp7/sAgPpWJBHohV92ogHWKzRomI5MEbSG6b5W2n18tqwfAmjMed0rQvsvGrSBlnEWCKgoOrYIIZbLO61+J0Q==}
'@push.rocks/smartfile@13.0.1':
resolution: {integrity: sha512-phtryDFtBYHo7R2H9V3Y7VeiYQU9YzKL140gKD3bTicBgXoIYrJ6+b3mbZunSO2yQt1Vy1AxCxYXrFE/K+4grw==}
peerDependencies:
'@push.rocks/smartfs': ^1.0.0
peerDependenciesMeta:
'@push.rocks/smartfs':
optional: true
'@push.rocks/smartfs@1.1.0':
resolution: {integrity: sha512-fg8JIjFUPPX5laRoBpTaGwhMfZ3Y8mFT4fUaW54Y4J/BfOBa/y0+rIFgvgvqcOZgkQlyZU+FIfL8Z6zezqxyTg==}
@@ -5265,6 +5279,27 @@ snapshots:
- react-native-b4a
- supports-color
'@push.rocks/smartarchive@5.0.1(@push.rocks/smartfs@1.1.0)':
dependencies:
'@push.rocks/smartdelay': 3.0.5
'@push.rocks/smartfile': 13.0.1(@push.rocks/smartfs@1.1.0)
'@push.rocks/smartpath': 6.0.0
'@push.rocks/smartpromise': 4.2.3
'@push.rocks/smartrequest': 4.4.2
'@push.rocks/smartrx': 3.0.10
'@push.rocks/smartstream': 3.2.5
'@push.rocks/smartunique': 3.0.9
'@push.rocks/smarturl': 3.1.0
'@types/tar-stream': 3.1.4
fflate: 0.8.2
file-type: 21.1.0
tar-stream: 3.1.7
transitivePeerDependencies:
- '@push.rocks/smartfs'
- bare-abort-controller
- react-native-b4a
- supports-color
'@push.rocks/smartbrowser@2.0.8(typescript@5.9.3)':
dependencies:
'@push.rocks/smartdelay': 3.0.5
@@ -5453,6 +5488,24 @@ snapshots:
glob: 11.1.0
js-yaml: 4.1.1
'@push.rocks/smartfile@13.0.1(@push.rocks/smartfs@1.1.0)':
dependencies:
'@push.rocks/lik': 6.2.2
'@push.rocks/smartdelay': 3.0.5
'@push.rocks/smartfile-interfaces': 1.0.7
'@push.rocks/smarthash': 3.2.6
'@push.rocks/smartjson': 5.2.0
'@push.rocks/smartmime': 2.0.4
'@push.rocks/smartpath': 6.0.0
'@push.rocks/smartpromise': 4.2.3
'@push.rocks/smartrequest': 4.4.2
'@push.rocks/smartstream': 3.2.5
'@types/js-yaml': 4.0.9
glob: 11.1.0
js-yaml: 4.1.1
optionalDependencies:
'@push.rocks/smartfs': 1.1.0
'@push.rocks/smartfs@1.1.0':
dependencies:
'@push.rocks/smartpath': 6.0.0

165
test/helpers/registry.ts
View File

@@ -1,5 +1,6 @@
import * as qenv from '@push.rocks/qenv';
import * as crypto from 'crypto';
import * as smartarchive from '@push.rocks/smartarchive';
import { SmartRegistry } from '../../ts/classes.smartregistry.js';
import type { IRegistryConfig } from '../../ts/core/interfaces.core.js';
@@ -241,7 +242,7 @@ export function calculateMavenChecksums(data: Buffer) {
}
/**
* Helper to create a Composer package ZIP
* Helper to create a Composer package ZIP using smartarchive
*/
export async function createComposerZip(
vendorPackage: string,
@@ -252,8 +253,7 @@ export async function createComposerZip(
authors?: Array<{ name: string; email?: string }>;
}
): Promise<Buffer> {
const AdmZip = (await import('adm-zip')).default;
const zip = new AdmZip();
const zipTools = new smartarchive.ZipTools();
const composerJson = {
name: vendorPackage,
@@ -272,9 +272,6 @@ export async function createComposerZip(
},
};
// Add composer.json
zip.addFile('composer.json', Buffer.from(JSON.stringify(composerJson, null, 2), 'utf-8'));
// Add a test PHP file
const [vendor, pkg] = vendorPackage.split('/');
const namespace = `${vendor.charAt(0).toUpperCase() + vendor.slice(1)}\\${pkg.charAt(0).toUpperCase() + pkg.slice(1).replace(/-/g, '')}`;
@@ -290,24 +287,33 @@ class TestClass
}
`;
zip.addFile('src/TestClass.php', Buffer.from(testPhpContent, 'utf-8'));
const entries: smartarchive.IArchiveEntry[] = [
{
archivePath: 'composer.json',
content: Buffer.from(JSON.stringify(composerJson, null, 2), 'utf-8'),
},
{
archivePath: 'src/TestClass.php',
content: Buffer.from(testPhpContent, 'utf-8'),
},
{
archivePath: 'README.md',
content: Buffer.from(`# ${vendorPackage}\n\nTest package`, 'utf-8'),
},
];
// Add README
zip.addFile('README.md', Buffer.from(`# ${vendorPackage}\n\nTest package`, 'utf-8'));
return zip.toBuffer();
return zipTools.createZip(entries);
}
/**
* Helper to create a test Python wheel file (minimal ZIP structure)
* Helper to create a test Python wheel file (minimal ZIP structure) using smartarchive
*/
export async function createPythonWheel(
packageName: string,
version: string,
pyVersion: string = 'py3'
): Promise<Buffer> {
const AdmZip = (await import('adm-zip')).default;
const zip = new AdmZip();
const zipTools = new smartarchive.ZipTools();
const normalizedName = packageName.replace(/-/g, '_');
const distInfoDir = `${normalizedName}-${version}.dist-info`;
@@ -331,8 +337,6 @@ Description-Content-Type: text/markdown
Test package for SmartRegistry
`;
zip.addFile(`${distInfoDir}/METADATA`, Buffer.from(metadata, 'utf-8'));
// Create WHEEL file
const wheelContent = `Wheel-Version: 1.0
Generator: test 1.0.0
@@ -340,14 +344,6 @@ Root-Is-Purelib: true
Tag: ${pyVersion}-none-any
`;
zip.addFile(`${distInfoDir}/WHEEL`, Buffer.from(wheelContent, 'utf-8'));
// Create RECORD file (empty for test)
zip.addFile(`${distInfoDir}/RECORD`, Buffer.from('', 'utf-8'));
// Create top_level.txt
zip.addFile(`${distInfoDir}/top_level.txt`, Buffer.from(normalizedName, 'utf-8'));
// Create a simple Python module
const moduleContent = `"""${packageName} module"""
@@ -357,27 +353,44 @@ def hello():
return "Hello from ${packageName}!"
`;
zip.addFile(`${normalizedName}/__init__.py`, Buffer.from(moduleContent, 'utf-8'));
const entries: smartarchive.IArchiveEntry[] = [
{
archivePath: `${distInfoDir}/METADATA`,
content: Buffer.from(metadata, 'utf-8'),
},
{
archivePath: `${distInfoDir}/WHEEL`,
content: Buffer.from(wheelContent, 'utf-8'),
},
{
archivePath: `${distInfoDir}/RECORD`,
content: Buffer.from('', 'utf-8'),
},
{
archivePath: `${distInfoDir}/top_level.txt`,
content: Buffer.from(normalizedName, 'utf-8'),
},
{
archivePath: `${normalizedName}/__init__.py`,
content: Buffer.from(moduleContent, 'utf-8'),
},
];
return zip.toBuffer();
return zipTools.createZip(entries);
}
/**
* Helper to create a test Python source distribution (sdist)
* Helper to create a test Python source distribution (sdist) using smartarchive
*/
export async function createPythonSdist(
packageName: string,
version: string
): Promise<Buffer> {
const tar = await import('tar-stream');
const zlib = await import('zlib');
const { Readable } = await import('stream');
const tarTools = new smartarchive.TarTools();
const normalizedName = packageName.replace(/-/g, '_');
const dirPrefix = `${packageName}-${version}`;
const pack = tar.pack();
// PKG-INFO
const pkgInfo = `Metadata-Version: 2.1
Name: ${packageName}
@@ -389,8 +402,6 @@ Author-email: test@example.com
License: MIT
`;
pack.entry({ name: `${dirPrefix}/PKG-INFO` }, pkgInfo);
// setup.py
const setupPy = `from setuptools import setup, find_packages
@@ -402,8 +413,6 @@ setup(
)
`;
pack.entry({ name: `${dirPrefix}/setup.py` }, setupPy);
// Module file
const moduleContent = `"""${packageName} module"""
@@ -413,20 +422,22 @@ def hello():
return "Hello from ${packageName}!"
`;
pack.entry({ name: `${dirPrefix}/${normalizedName}/__init__.py` }, moduleContent);
const entries: smartarchive.IArchiveEntry[] = [
{
archivePath: `${dirPrefix}/PKG-INFO`,
content: Buffer.from(pkgInfo, 'utf-8'),
},
{
archivePath: `${dirPrefix}/setup.py`,
content: Buffer.from(setupPy, 'utf-8'),
},
{
archivePath: `${dirPrefix}/${normalizedName}/__init__.py`,
content: Buffer.from(moduleContent, 'utf-8'),
},
];
pack.finalize();
// Convert to gzipped tar
const chunks: Buffer[] = [];
const gzip = zlib.createGzip();
return new Promise((resolve, reject) => {
pack.pipe(gzip);
gzip.on('data', (chunk) => chunks.push(chunk));
gzip.on('end', () => resolve(Buffer.concat(chunks)));
gzip.on('error', reject);
});
return tarTools.packFilesToTarGz(entries);
}
/**
@@ -441,17 +452,15 @@ export function calculatePypiHashes(data: Buffer) {
}
/**
* Helper to create a test RubyGem file (minimal tar.gz structure)
* Helper to create a test RubyGem file (minimal tar.gz structure) using smartarchive
*/
export async function createRubyGem(
gemName: string,
version: string,
platform: string = 'ruby'
): Promise<Buffer> {
const tar = await import('tar-stream');
const zlib = await import('zlib');
const pack = tar.pack();
const tarTools = new smartarchive.TarTools();
const gzipTools = new smartarchive.GzipTools();
// Create metadata.gz (simplified)
const metadataYaml = `--- !ruby/object:Gem::Specification
@@ -499,10 +508,9 @@ summary: Test gem for SmartRegistry
test_files: []
`;
pack.entry({ name: 'metadata.gz' }, zlib.gzipSync(Buffer.from(metadataYaml, 'utf-8')));
const metadataGz = await gzipTools.compress(Buffer.from(metadataYaml, 'utf-8'));
// Create data.tar.gz (simplified)
const dataPack = tar.pack();
// Create data.tar.gz content
const libContent = `# ${gemName}
module ${gemName.charAt(0).toUpperCase() + gemName.slice(1).replace(/-/g, '')}
@@ -514,32 +522,29 @@ module ${gemName.charAt(0).toUpperCase() + gemName.slice(1).replace(/-/g, '')}
end
`;
dataPack.entry({ name: `lib/${gemName}.rb` }, libContent);
dataPack.finalize();
const dataEntries: smartarchive.IArchiveEntry[] = [
{
archivePath: `lib/${gemName}.rb`,
content: Buffer.from(libContent, 'utf-8'),
},
];
const dataChunks: Buffer[] = [];
const dataGzip = zlib.createGzip();
dataPack.pipe(dataGzip);
const dataTarGz = await tarTools.packFilesToTarGz(dataEntries);
await new Promise((resolve) => {
dataGzip.on('data', (chunk) => dataChunks.push(chunk));
dataGzip.on('end', resolve);
});
// Create the outer gem (tar.gz containing metadata.gz and data.tar.gz)
const gemEntries: smartarchive.IArchiveEntry[] = [
{
archivePath: 'metadata.gz',
content: metadataGz,
},
{
archivePath: 'data.tar.gz',
content: dataTarGz,
},
];
pack.entry({ name: 'data.tar.gz' }, Buffer.concat(dataChunks));
pack.finalize();
// Convert to gzipped tar
const chunks: Buffer[] = [];
const gzip = zlib.createGzip();
return new Promise((resolve, reject) => {
pack.pipe(gzip);
gzip.on('data', (chunk) => chunks.push(chunk));
gzip.on('end', () => resolve(Buffer.concat(chunks)));
gzip.on('error', reject);
});
// RubyGems .gem files are plain tar archives (NOT gzipped), containing metadata.gz and data.tar.gz
return tarTools.packFiles(gemEntries);
}
/**

2
test/test.integration.pypi-rubygems.ts → test/test.integration.crossprotocol.ts
View File

@@ -78,7 +78,7 @@ tap.test('Integration: should handle /simple path for PyPI', async () => {
});
expect(response.status).toEqual(200);
expect(response.headers['Content-Type']).toEqual('text/html');
expect(response.headers['Content-Type']).toStartWith('text/html');
expect(response.body).toContain('integration-test-py');
});

30
test/test.pypi.ts
View File

@@ -80,6 +80,7 @@ tap.test('PyPI: should upload wheel file (POST /pypi/)', async () => {
pyversion: 'py3',
metadata_version: '2.1',
sha256_digest: hashes.sha256,
requires_python: '>=3.7',
content: testWheelData,
filename: filename,
},
@@ -99,7 +100,7 @@ tap.test('PyPI: should retrieve Simple API root index HTML (GET /simple/)', asyn
});
expect(response.status).toEqual(200);
expect(response.headers['Content-Type']).toEqual('text/html');
expect(response.headers['Content-Type']).toStartWith('text/html');
expect(response.body).toBeTypeOf('string');
const html = response.body as string;
@@ -125,8 +126,10 @@ tap.test('PyPI: should retrieve Simple API root index JSON (GET /simple/ with Ac
const json = response.body as any;
expect(json).toHaveProperty('meta');
expect(json).toHaveProperty('projects');
expect(json.projects).toBeTypeOf('object');
expect(json.projects).toHaveProperty(normalizedPackageName);
expect(json.projects).toBeInstanceOf(Array);
// Check that the package is in the projects list (PEP 691 format: array of { name } objects)
const packageNames = json.projects.map((p: any) => p.name);
expect(packageNames).toContain(normalizedPackageName);
});
tap.test('PyPI: should retrieve Simple API package HTML (GET /simple/{package}/)', async () => {
@@ -140,7 +143,7 @@ tap.test('PyPI: should retrieve Simple API package HTML (GET /simple/{package}/)
});
expect(response.status).toEqual(200);
expect(response.headers['Content-Type']).toEqual('text/html');
expect(response.headers['Content-Type']).toStartWith('text/html');
expect(response.body).toBeTypeOf('string');
const html = response.body as string;
@@ -210,6 +213,7 @@ tap.test('PyPI: should upload sdist file (POST /pypi/)', async () => {
pyversion: 'source',
metadata_version: '2.1',
sha256_digest: hashes.sha256,
requires_python: '>=3.7',
content: testSdistData,
filename: filename,
},
@@ -231,10 +235,11 @@ tap.test('PyPI: should list both wheel and sdist in Simple API', async () => {
expect(response.status).toEqual(200);
const json = response.body as any;
expect(Object.keys(json.files).length).toEqual(2);
// PEP 691: files is an array of file objects
expect(json.files.length).toEqual(2);
const hasWheel = Object.keys(json.files).some(f => f.endsWith('.whl'));
const hasSdist = Object.keys(json.files).some(f => f.endsWith('.tar.gz'));
const hasWheel = json.files.some((f: any) => f.filename.endsWith('.whl'));
const hasSdist = json.files.some((f: any) => f.filename.endsWith('.tar.gz'));
expect(hasWheel).toEqual(true);
expect(hasSdist).toEqual(true);
@@ -263,6 +268,7 @@ tap.test('PyPI: should upload a second version', async () => {
pyversion: 'py3',
metadata_version: '2.1',
sha256_digest: hashes.sha256,
requires_python: '>=3.7',
content: newWheelData,
filename: filename,
},
@@ -284,10 +290,11 @@ tap.test('PyPI: should list multiple versions in Simple API', async () => {
expect(response.status).toEqual(200);
const json = response.body as any;
expect(Object.keys(json.files).length).toBeGreaterThan(2);
// PEP 691: files is an array of file objects
expect(json.files.length).toBeGreaterThan(2);
const hasVersion1 = Object.keys(json.files).some(f => f.includes('1.0.0'));
const hasVersion2 = Object.keys(json.files).some(f => f.includes('2.0.0'));
const hasVersion1 = json.files.some((f: any) => f.filename.includes('1.0.0'));
const hasVersion2 = json.files.some((f: any) => f.filename.includes('2.0.0'));
expect(hasVersion1).toEqual(true);
expect(hasVersion2).toEqual(true);
@@ -420,7 +427,8 @@ tap.test('PyPI: should handle package with requires-python metadata', async () =
const html = getResponse.body as string;
expect(html).toContain('data-requires-python');
expect(html).toContain('>=3.8');
// Note: >= gets HTML-escaped to &gt;= in attribute values
expect(html).toContain('&gt;=3.8');
});
tap.test('PyPI: should support JSON API for package metadata', async () => {

448
test/test.rubygems.nativecli.node.ts Normal file
View File

@@ -0,0 +1,448 @@
/**
* Native gem CLI Testing
* Tests the RubyGems registry implementation using the actual gem CLI
*/
import { expect, tap } from '@git.zone/tstest/tapbundle';
import { tapNodeTools } from '@git.zone/tstest/tapbundle_serverside';
import { SmartRegistry } from '../ts/index.js';
import { createTestRegistry, createTestTokens, createRubyGem } from './helpers/registry.js';
import type { IRequestContext, IResponse } from '../ts/core/interfaces.core.js';
import * as http from 'http';
import * as url from 'url';
import * as fs from 'fs';
import * as path from 'path';
// Test context
let registry: SmartRegistry;
let server: http.Server;
let registryUrl: string;
let registryPort: number;
let rubygemsToken: string;
let testDir: string;
let gemHome: string;
/**
* Create HTTP server wrapper around SmartRegistry
*/
async function createHttpServer(
registryInstance: SmartRegistry,
port: number
): Promise<{ server: http.Server; url: string }> {
return new Promise((resolve, reject) => {
const httpServer = http.createServer(async (req, res) => {
try {
// Parse request
const parsedUrl = url.parse(req.url || '', true);
const pathname = parsedUrl.pathname || '/';
const query = parsedUrl.query;
// Read body
const chunks: Buffer[] = [];
for await (const chunk of req) {
chunks.push(chunk);
}
const bodyBuffer = Buffer.concat(chunks);
// Parse body based on content type
let body: any;
if (bodyBuffer.length > 0) {
const contentType = req.headers['content-type'] || '';
if (contentType.includes('application/json')) {
try {
body = JSON.parse(bodyBuffer.toString('utf-8'));
} catch (error) {
body = bodyBuffer;
}
} else {
body = bodyBuffer;
}
}
// Convert to IRequestContext
const context: IRequestContext = {
method: req.method || 'GET',
path: pathname,
headers: req.headers as Record<string, string>,
query: query as Record<string, string>,
body: body,
};
// Handle request
const response: IResponse = await registryInstance.handleRequest(context);
// Convert IResponse to HTTP response
res.statusCode = response.status;
// Set headers
for (const [key, value] of Object.entries(response.headers || {})) {
res.setHeader(key, value);
}
// Send body
if (response.body) {
if (Buffer.isBuffer(response.body)) {
res.end(response.body);
} else if (typeof response.body === 'string') {
res.end(response.body);
} else {
res.setHeader('Content-Type', 'application/json');
res.end(JSON.stringify(response.body));
}
} else {
res.end();
}
} catch (error) {
console.error('Server error:', error);
res.statusCode = 500;
res.setHeader('Content-Type', 'application/json');
res.end(JSON.stringify({ error: 'INTERNAL_ERROR', message: String(error) }));
}
});
httpServer.listen(port, () => {
const serverUrl = `http://localhost:${port}`;
resolve({ server: httpServer, url: serverUrl });
});
httpServer.on('error', reject);
});
}
/**
* Setup gem credentials file
* Format: YAML with :rubygems_api_key: TOKEN
*/
function setupGemCredentials(token: string, gemHomeArg: string): string {
const gemDir = path.join(gemHomeArg, '.gem');
fs.mkdirSync(gemDir, { recursive: true });
// Create credentials file in YAML format
const credentialsContent = `:rubygems_api_key: ${token}\n`;
const credentialsPath = path.join(gemDir, 'credentials');
fs.writeFileSync(credentialsPath, credentialsContent, 'utf-8');
// Set restrictive permissions (gem requires 0600)
fs.chmodSync(credentialsPath, 0o600);
return credentialsPath;
}
/**
* Create a test gem file
*/
async function createTestGemFile(
gemName: string,
version: string,
targetDir: string
): Promise<string> {
const gemData = await createRubyGem(gemName, version);
const gemFilename = `${gemName}-${version}.gem`;
const gemPath = path.join(targetDir, gemFilename);
fs.writeFileSync(gemPath, gemData);
return gemPath;
}
/**
* Run gem command with proper environment
*/
async function runGemCommand(
command: string,
cwd: string,
includeAuth: boolean = true
): Promise<{ stdout: string; stderr: string; exitCode: number }> {
// Prepare environment variables
const envVars = [
`HOME="${gemHome}"`,
`GEM_HOME="${gemHome}"`,
includeAuth ? '' : 'RUBYGEMS_API_KEY=""',
].filter(Boolean).join(' ');
// Build command with cd to correct directory and environment variables
const fullCommand = `cd "${cwd}" && ${envVars} ${command}`;
try {
const result = await tapNodeTools.runCommand(fullCommand);
return {
stdout: result.stdout || '',
stderr: result.stderr || '',
exitCode: result.exitCode || 0,
};
} catch (error: any) {
return {
stdout: error.stdout || '',
stderr: error.stderr || String(error),
exitCode: error.exitCode || 1,
};
}
}
/**
* Cleanup test directory
*/
function cleanupTestDir(dir: string): void {
if (fs.existsSync(dir)) {
fs.rmSync(dir, { recursive: true, force: true });
}
}
// ========================================================================
// TESTS
// ========================================================================
tap.test('RubyGems CLI: should setup registry and HTTP server', async () => {
// Create registry
registry = await createTestRegistry();
const tokens = await createTestTokens(registry);
rubygemsToken = tokens.rubygemsToken;
expect(registry).toBeInstanceOf(SmartRegistry);
expect(rubygemsToken).toBeTypeOf('string');
// Use port 36000 (avoids npm:35000, cargo:5000 conflicts)
registryPort = 36000;
const serverSetup = await createHttpServer(registry, registryPort);
server = serverSetup.server;
registryUrl = serverSetup.url;
expect(server).toBeDefined();
expect(registryUrl).toEqual(`http://localhost:${registryPort}`);
// Setup test directory
testDir = path.join(process.cwd(), '.nogit', 'test-rubygems-cli');
cleanupTestDir(testDir);
fs.mkdirSync(testDir, { recursive: true });
// Setup GEM_HOME
gemHome = path.join(testDir, '.gem-home');
fs.mkdirSync(gemHome, { recursive: true });
// Setup gem credentials
const credentialsPath = setupGemCredentials(rubygemsToken, gemHome);
expect(fs.existsSync(credentialsPath)).toEqual(true);
// Verify credentials file has correct permissions
const stats = fs.statSync(credentialsPath);
const mode = stats.mode & 0o777;
expect(mode).toEqual(0o600);
});
tap.test('RubyGems CLI: should verify server is responding', async () => {
// Check server is up by doing a direct HTTP request to the Compact Index
const response = await fetch(`${registryUrl}/rubygems/versions`);
expect(response.status).toBeGreaterThanOrEqual(200);
expect(response.status).toBeLessThan(500);
});
tap.test('RubyGems CLI: should build and push a gem', async () => {
const gemName = 'test-gem-cli';
const version = '1.0.0';
const gemPath = await createTestGemFile(gemName, version, testDir);
expect(fs.existsSync(gemPath)).toEqual(true);
const result = await runGemCommand(
`gem push ${gemPath} --host ${registryUrl}/rubygems`,
testDir
);
console.log('gem push output:', result.stdout);
console.log('gem push stderr:', result.stderr);
expect(result.exitCode).toEqual(0);
expect(result.stdout || result.stderr).toContain(gemName);
});
tap.test('RubyGems CLI: should verify gem in Compact Index /versions', async () => {
const gemName = 'test-gem-cli';
const response = await fetch(`${registryUrl}/rubygems/versions`);
expect(response.status).toEqual(200);
const versionsData = await response.text();
console.log('Versions data:', versionsData);
// Format: GEMNAME VERSION[,VERSION...] MD5
expect(versionsData).toContain(gemName);
expect(versionsData).toContain('1.0.0');
});
tap.test('RubyGems CLI: should verify gem in Compact Index /info file', async () => {
const gemName = 'test-gem-cli';
const response = await fetch(`${registryUrl}/rubygems/info/${gemName}`);
expect(response.status).toEqual(200);
const infoData = await response.text();
console.log('Info data:', infoData);
// Format: VERSION [DEPS]|REQS
expect(infoData).toContain('1.0.0');
});
tap.test('RubyGems CLI: should download gem file', async () => {
const gemName = 'test-gem-cli';
const version = '1.0.0';
const response = await fetch(`${registryUrl}/rubygems/gems/${gemName}-${version}.gem`);
expect(response.status).toEqual(200);
const gemData = await response.arrayBuffer();
expect(gemData.byteLength).toBeGreaterThan(0);
// Verify content type
expect(response.headers.get('content-type')).toContain('application/octet-stream');
});
tap.test('RubyGems CLI: should fetch gem metadata JSON', async () => {
const gemName = 'test-gem-cli';
const response = await fetch(`${registryUrl}/rubygems/api/v1/versions/${gemName}.json`);
expect(response.status).toEqual(200);
const metadata = await response.json();
console.log('Metadata:', metadata);
expect(metadata).toBeInstanceOf(Array);
expect(metadata.length).toBeGreaterThan(0);
expect(metadata[0].number).toEqual('1.0.0');
});
tap.test('RubyGems CLI: should push second version', async () => {
const gemName = 'test-gem-cli';
const version = '2.0.0';
const gemPath = await createTestGemFile(gemName, version, testDir);
const result = await runGemCommand(
`gem push ${gemPath} --host ${registryUrl}/rubygems`,
testDir
);
console.log('gem push v2.0.0 output:', result.stdout);
expect(result.exitCode).toEqual(0);
});
tap.test('RubyGems CLI: should list all versions in /versions file', async () => {
const gemName = 'test-gem-cli';
const response = await fetch(`${registryUrl}/rubygems/versions`);
expect(response.status).toEqual(200);
const versionsData = await response.text();
console.log('All versions data:', versionsData);
// Should contain both versions
expect(versionsData).toContain(gemName);
expect(versionsData).toContain('1.0.0');
expect(versionsData).toContain('2.0.0');
});
tap.test('RubyGems CLI: should yank a version', async () => {
const gemName = 'test-gem-cli';
const version = '1.0.0';
const result = await runGemCommand(
`gem yank ${gemName} -v ${version} --host ${registryUrl}/rubygems`,
testDir
);
console.log('gem yank output:', result.stdout);
console.log('gem yank stderr:', result.stderr);
expect(result.exitCode).toEqual(0);
// Verify version is yanked in /versions file
// Yanked versions are prefixed with '-'
const response = await fetch(`${registryUrl}/rubygems/versions`);
const versionsData = await response.text();
console.log('Versions after yank:', versionsData);
// Yanked version should have '-' prefix
expect(versionsData).toContain('-1.0.0');
});
tap.test('RubyGems CLI: should unyank a version', async () => {
const gemName = 'test-gem-cli';
const version = '1.0.0';
const result = await runGemCommand(
`gem yank ${gemName} -v ${version} --undo --host ${registryUrl}/rubygems`,
testDir
);
console.log('gem unyank output:', result.stdout);
console.log('gem unyank stderr:', result.stderr);
expect(result.exitCode).toEqual(0);
// Verify version is not yanked in /versions file
const response = await fetch(`${registryUrl}/rubygems/versions`);
const versionsData = await response.text();
console.log('Versions after unyank:', versionsData);
// Should not have '-' prefix anymore (or have both without prefix)
// Check that we have the version without yank marker
const lines = versionsData.trim().split('\n');
const gemLine = lines.find(line => line.startsWith(gemName));
if (gemLine) {
// Parse format: "gemname version[,version...] md5"
const parts = gemLine.split(' ');
const versions = parts[1];
// Should have 1.0.0 without '-' prefix
expect(versions).toContain('1.0.0');
expect(versions).not.toContain('-1.0.0');
}
});
tap.test('RubyGems CLI: should fetch dependencies', async () => {
const gemName = 'test-gem-cli';
const response = await fetch(`${registryUrl}/rubygems/api/v1/dependencies?gems=${gemName}`);
expect(response.status).toEqual(200);
const dependencies = await response.json();
console.log('Dependencies:', dependencies);
expect(dependencies).toBeInstanceOf(Array);
});
tap.test('RubyGems CLI: should fail to push without auth', async () => {
const gemName = 'unauth-gem';
const version = '1.0.0';
const gemPath = await createTestGemFile(gemName, version, testDir);
// Run without auth
const result = await runGemCommand(
`gem push ${gemPath} --host ${registryUrl}/rubygems`,
testDir,
false
);
console.log('gem push unauth output:', result.stdout);
console.log('gem push unauth stderr:', result.stderr);
// Should fail with auth error
expect(result.exitCode).not.toEqual(0);
});
tap.postTask('cleanup rubygems cli tests', async () => {
// Stop server
if (server) {
await new Promise<void>((resolve) => {
server.close(() => resolve());
});
}
// Cleanup test directory
if (testDir) {
cleanupTestDir(testDir);
}
// Destroy registry
if (registry) {
registry.destroy();
}
});
export default tap.start();

2
ts/00_commitinfo_data.ts
View File

@@ -3,6 +3,6 @@
*/
export const commitinfo = {
name: '@push.rocks/smartregistry',
version: '1.8.0',
version: '2.1.1',
description: 'A composable TypeScript library implementing OCI, NPM, Maven, Cargo, Composer, PyPI, and RubyGems registries for building unified container and package registries'
}

22
ts/classes.smartregistry.ts
View File

@@ -41,15 +41,19 @@ export class SmartRegistry {
// Initialize OCI registry if enabled
if (this.config.oci?.enabled) {
const ociBasePath = this.config.oci.basePath || '/oci';
const ociRegistry = new OciRegistry(this.storage, this.authManager, ociBasePath);
const ociBasePath = this.config.oci.basePath ?? '/oci';
const ociTokens = this.config.auth.ociTokens?.enabled ? {
realm: this.config.auth.ociTokens.realm,
service: this.config.auth.ociTokens.service,
} : undefined;
const ociRegistry = new OciRegistry(this.storage, this.authManager, ociBasePath, ociTokens);
await ociRegistry.init();
this.registries.set('oci', ociRegistry);
}
// Initialize NPM registry if enabled
if (this.config.npm?.enabled) {
const npmBasePath = this.config.npm.basePath || '/npm';
const npmBasePath = this.config.npm.basePath ?? '/npm';
const registryUrl = `http://localhost:5000${npmBasePath}`; // TODO: Make configurable
const npmRegistry = new NpmRegistry(this.storage, this.authManager, npmBasePath, registryUrl);
await npmRegistry.init();
@@ -58,7 +62,7 @@ export class SmartRegistry {
// Initialize Maven registry if enabled
if (this.config.maven?.enabled) {
const mavenBasePath = this.config.maven.basePath || '/maven';
const mavenBasePath = this.config.maven.basePath ?? '/maven';
const registryUrl = `http://localhost:5000${mavenBasePath}`; // TODO: Make configurable
const mavenRegistry = new MavenRegistry(this.storage, this.authManager, mavenBasePath, registryUrl);
await mavenRegistry.init();
@@ -67,7 +71,7 @@ export class SmartRegistry {
// Initialize Cargo registry if enabled
if (this.config.cargo?.enabled) {
const cargoBasePath = this.config.cargo.basePath || '/cargo';
const cargoBasePath = this.config.cargo.basePath ?? '/cargo';
const registryUrl = `http://localhost:5000${cargoBasePath}`; // TODO: Make configurable
const cargoRegistry = new CargoRegistry(this.storage, this.authManager, cargoBasePath, registryUrl);
await cargoRegistry.init();
@@ -76,7 +80,7 @@ export class SmartRegistry {
// Initialize Composer registry if enabled
if (this.config.composer?.enabled) {
const composerBasePath = this.config.composer.basePath || '/composer';
const composerBasePath = this.config.composer.basePath ?? '/composer';
const registryUrl = `http://localhost:5000${composerBasePath}`; // TODO: Make configurable
const composerRegistry = new ComposerRegistry(this.storage, this.authManager, composerBasePath, registryUrl);
await composerRegistry.init();
@@ -85,7 +89,7 @@ export class SmartRegistry {
// Initialize PyPI registry if enabled
if (this.config.pypi?.enabled) {
const pypiBasePath = this.config.pypi.basePath || '/pypi';
const pypiBasePath = this.config.pypi.basePath ?? '/pypi';
const registryUrl = `http://localhost:5000`; // TODO: Make configurable
const pypiRegistry = new PypiRegistry(this.storage, this.authManager, pypiBasePath, registryUrl);
await pypiRegistry.init();
@@ -94,7 +98,7 @@ export class SmartRegistry {
// Initialize RubyGems registry if enabled
if (this.config.rubygems?.enabled) {
const rubygemsBasePath = this.config.rubygems.basePath || '/rubygems';
const rubygemsBasePath = this.config.rubygems.basePath ?? '/rubygems';
const registryUrl = `http://localhost:5000${rubygemsBasePath}`; // TODO: Make configurable
const rubygemsRegistry = new RubyGemsRegistry(this.storage, this.authManager, rubygemsBasePath, registryUrl);
await rubygemsRegistry.init();
@@ -153,7 +157,7 @@ export class SmartRegistry {
// Route to PyPI registry (also handles /simple prefix)
if (this.config.pypi?.enabled) {
const pypiBasePath = this.config.pypi.basePath || '/pypi';
const pypiBasePath = this.config.pypi.basePath ?? '/pypi';
if (path.startsWith(pypiBasePath) || path.startsWith('/simple')) {
const pypiRegistry = this.registries.get('pypi');
if (pypiRegistry) {

43
ts/core/classes.authmanager.ts
View File

@@ -1,4 +1,5 @@
import type { IAuthConfig, IAuthToken, ICredentials, TRegistryProtocol } from './interfaces.core.js';
import * as crypto from 'crypto';
/**
* Unified authentication manager for all registry protocols
@@ -136,7 +137,7 @@ export class AuthManager {
* @param userId - User ID
* @param scopes - Permission scopes
* @param expiresIn - Expiration time in seconds
* @returns JWT token string
* @returns JWT token string (HMAC-SHA256 signed)
*/
public async createOciToken(
userId: string,
@@ -158,9 +159,17 @@ export class AuthManager {
access: this.scopesToOciAccess(scopes),
};
// In production, use proper JWT library with signing
// For now, return JSON string (mock JWT)
return JSON.stringify(payload);
// Create JWT with HMAC-SHA256 signature
const header = { alg: 'HS256', typ: 'JWT' };
const headerB64 = Buffer.from(JSON.stringify(header)).toString('base64url');
const payloadB64 = Buffer.from(JSON.stringify(payload)).toString('base64url');
const signature = crypto
.createHmac('sha256', this.config.jwtSecret)
.update(`${headerB64}.${payloadB64}`)
.digest('base64url');
return `${headerB64}.${payloadB64}.${signature}`;
}
/**
@@ -170,8 +179,25 @@ export class AuthManager {
*/
public async validateOciToken(jwt: string): Promise<IAuthToken | null> {
try {
// In production, verify JWT signature
const payload = JSON.parse(jwt);
const parts = jwt.split('.');
if (parts.length !== 3) {
return null;
}
const [headerB64, payloadB64, signatureB64] = parts;
// Verify signature
const expectedSignature = crypto
.createHmac('sha256', this.config.jwtSecret)
.update(`${headerB64}.${payloadB64}`)
.digest('base64url');
if (signatureB64 !== expectedSignature) {
return null;
}
// Decode and parse payload
const payload = JSON.parse(Buffer.from(payloadB64, 'base64url').toString('utf-8'));
// Check expiration
const now = Math.floor(Date.now() / 1000);
@@ -179,6 +205,11 @@ export class AuthManager {
return null;
}
// Check not-before time
if (payload.nbf && payload.nbf > now) {
return null;
}
// Convert to unified token format
const scopes = this.ociAccessToScopes(payload.access || []);

119
ts/oci/classes.ociregistry.ts
View File

@@ -20,12 +20,19 @@ export class OciRegistry extends BaseRegistry {
private uploadSessions: Map<string, IUploadSession> = new Map();
private basePath: string = '/oci';
private cleanupInterval?: NodeJS.Timeout;
private ociTokens?: { realm: string; service: string };
constructor(storage: RegistryStorage, authManager: AuthManager, basePath: string = '/oci') {
constructor(
storage: RegistryStorage,
authManager: AuthManager,
basePath: string = '/oci',
ociTokens?: { realm: string; service: string }
) {
super();
this.storage = storage;
this.authManager = authManager;
this.basePath = basePath;
this.ociTokens = ociTokens;
}
public async init(): Promise<void> {
@@ -180,11 +187,7 @@ export class OciRegistry extends BaseRegistry {
body?: Buffer | any
): Promise<IResponse> {
if (!await this.checkPermission(token, repository, 'push')) {
return {
status: 401,
headers: {},
body: this.createError('DENIED', 'Insufficient permissions'),
};
return this.createUnauthorizedResponse(repository, 'push');
}
// Check for monolithic upload (digest + body provided)
@@ -255,11 +258,7 @@ export class OciRegistry extends BaseRegistry {
}
if (!await this.checkPermission(token, session.repository, 'push')) {
return {
status: 401,
headers: {},
body: this.createError('DENIED', 'Insufficient permissions'),
};
return this.createUnauthorizedResponse(session.repository, 'push');
}
switch (method) {
@@ -288,13 +287,7 @@ export class OciRegistry extends BaseRegistry {
headers?: Record<string, string>
): Promise<IResponse> {
if (!await this.checkPermission(token, repository, 'pull')) {
return {
status: 401,
headers: {
'WWW-Authenticate': `Bearer realm="${this.basePath}/v2/token",service="registry",scope="repository:${repository}:pull"`,
},
body: this.createError('DENIED', 'Insufficient permissions'),
};
return this.createUnauthorizedResponse(repository, 'pull');
}
// Resolve tag to digest if needed
@@ -336,11 +329,7 @@ export class OciRegistry extends BaseRegistry {
token: IAuthToken | null
): Promise<IResponse> {
if (!await this.checkPermission(token, repository, 'pull')) {
return {
status: 401,
headers: {},
body: null,
};
return this.createUnauthorizedHeadResponse(repository, 'pull');
}
// Similar logic as getManifest but return headers only
@@ -379,13 +368,7 @@ export class OciRegistry extends BaseRegistry {
headers?: Record<string, string>
): Promise<IResponse> {
if (!await this.checkPermission(token, repository, 'push')) {
return {
status: 401,
headers: {
'WWW-Authenticate': `Bearer realm="${this.basePath}/v2/token",service="registry",scope="repository:${repository}:push"`,
},
body: this.createError('DENIED', 'Insufficient permissions'),
};
return this.createUnauthorizedResponse(repository, 'push');
}
if (!body) {
@@ -396,7 +379,18 @@ export class OciRegistry extends BaseRegistry {
};
}
const manifestData = Buffer.isBuffer(body) ? body : Buffer.from(JSON.stringify(body));
// Preserve raw bytes for accurate digest calculation
// Per OCI spec, digest must match the exact bytes sent by client
let manifestData: Buffer;
if (Buffer.isBuffer(body)) {
manifestData = body;
} else if (typeof body === 'string') {
// String body - convert directly without JSON transformation
manifestData = Buffer.from(body, 'utf-8');
} else {
// Body was already parsed as JSON object - re-serialize as fallback
manifestData = Buffer.from(JSON.stringify(body));
}
const contentType = headers?.['content-type'] || headers?.['Content-Type'] || 'application/vnd.oci.image.manifest.v1+json';
// Calculate manifest digest
@@ -437,11 +431,7 @@ export class OciRegistry extends BaseRegistry {
}
if (!await this.checkPermission(token, repository, 'delete')) {
return {
status: 401,
headers: {},
body: this.createError('DENIED', 'Insufficient permissions'),
};
return this.createUnauthorizedResponse(repository, 'delete');
}
await this.storage.deleteOciManifest(repository, digest);
@@ -460,11 +450,7 @@ export class OciRegistry extends BaseRegistry {
range?: string
): Promise<IResponse> {
if (!await this.checkPermission(token, repository, 'pull')) {
return {
status: 401,
headers: {},
body: this.createError('DENIED', 'Insufficient permissions'),
};
return this.createUnauthorizedResponse(repository, 'pull');
}
const data = await this.storage.getOciBlob(digest);
@@ -492,7 +478,7 @@ export class OciRegistry extends BaseRegistry {
token: IAuthToken | null
): Promise<IResponse> {
if (!await this.checkPermission(token, repository, 'pull')) {
return { status: 401, headers: {}, body: null };
return this.createUnauthorizedHeadResponse(repository, 'pull');
}
const exists = await this.storage.ociBlobExists(digest);
@@ -518,11 +504,7 @@ export class OciRegistry extends BaseRegistry {
token: IAuthToken | null
): Promise<IResponse> {
if (!await this.checkPermission(token, repository, 'delete')) {
return {
status: 401,
headers: {},
body: this.createError('DENIED', 'Insufficient permissions'),
};
return this.createUnauthorizedResponse(repository, 'delete');
}
await this.storage.deleteOciBlob(digest);
@@ -631,11 +613,7 @@ export class OciRegistry extends BaseRegistry {
query: Record<string, string>
): Promise<IResponse> {
if (!await this.checkPermission(token, repository, 'pull')) {
return {
status: 401,
headers: {},
body: this.createError('DENIED', 'Insufficient permissions'),
};
return this.createUnauthorizedResponse(repository, 'pull');
}
const tags = await this.getTagsData(repository);
@@ -660,11 +638,7 @@ export class OciRegistry extends BaseRegistry {
query: Record<string, string>
): Promise<IResponse> {
if (!await this.checkPermission(token, repository, 'pull')) {
return {
status: 401,
headers: {},
body: this.createError('DENIED', 'Insufficient permissions'),
};
return this.createUnauthorizedResponse(repository, 'pull');
}
const response: IReferrersResponse = {
@@ -712,6 +686,37 @@ export class OciRegistry extends BaseRegistry {
};
}
/**
* Create an unauthorized response with proper WWW-Authenticate header.
* Per OCI Distribution Spec, 401 responses MUST include WWW-Authenticate header.
*/
private createUnauthorizedResponse(repository: string, action: string): IResponse {
const realm = this.ociTokens?.realm || `${this.basePath}/v2/token`;
const service = this.ociTokens?.service || 'registry';
return {
status: 401,
headers: {
'WWW-Authenticate': `Bearer realm="${realm}",service="${service}",scope="repository:${repository}:${action}"`,
},
body: this.createError('DENIED', 'Insufficient permissions'),
};
}
/**
* Create an unauthorized HEAD response (no body per HTTP spec).
*/
private createUnauthorizedHeadResponse(repository: string, action: string): IResponse {
const realm = this.ociTokens?.realm || `${this.basePath}/v2/token`;
const service = this.ociTokens?.service || 'registry';
return {
status: 401,
headers: {
'WWW-Authenticate': `Bearer realm="${realm}",service="${service}",scope="repository:${repository}:${action}"`,
},
body: null,
};
}
private startUploadSessionCleanup(): void {
this.cleanupInterval = setInterval(() => {
const now = new Date();

3
ts/plugins.ts
View File

@@ -4,11 +4,12 @@ import * as path from 'path';
export { path };
// @push.rocks scope
import * as smartarchive from '@push.rocks/smartarchive';
import * as smartbucket from '@push.rocks/smartbucket';
import * as smartlog from '@push.rocks/smartlog';
import * as smartpath from '@push.rocks/smartpath';
export { smartbucket, smartlog, smartpath };
export { smartarchive, smartbucket, smartlog, smartpath };
// @tsclass scope
import * as tsclass from '@tsclass/tsclass';

129
ts/pypi/classes.pypiregistry.ts
View File

@@ -85,14 +85,14 @@ export class PypiRegistry extends BaseRegistry {
return this.handleUpload(context, token);
}
// Package metadata JSON API: GET /pypi/{package}/json
const jsonMatch = path.match(/^\/pypi\/([^\/]+)\/json$/);
// Package metadata JSON API: GET /{package}/json
const jsonMatch = path.match(/^\/([^\/]+)\/json$/);
if (jsonMatch && context.method === 'GET') {
return this.handlePackageJson(jsonMatch[1]);
}
// Version-specific JSON API: GET /pypi/{package}/{version}/json
const versionJsonMatch = path.match(/^\/pypi\/([^\/]+)\/([^\/]+)\/json$/);
// Version-specific JSON API: GET /{package}/{version}/json
const versionJsonMatch = path.match(/^\/([^\/]+)\/([^\/]+)\/json$/);
if (versionJsonMatch && context.method === 'GET') {
return this.handleVersionJson(versionJsonMatch[1], versionJsonMatch[2]);
}
@@ -118,7 +118,7 @@ export class PypiRegistry extends BaseRegistry {
return {
status: 404,
headers: { 'Content-Type': 'application/json' },
body: Buffer.from(JSON.stringify({ message: 'Not Found' })),
body: { error: 'Not Found' },
};
}
@@ -185,7 +185,7 @@ export class PypiRegistry extends BaseRegistry {
'Content-Type': 'application/vnd.pypi.simple.v1+json',
'Cache-Control': 'public, max-age=600'
},
body: Buffer.from(JSON.stringify(response)),
body: response,
};
} else {
// PEP 503: HTML response
@@ -200,7 +200,7 @@ export class PypiRegistry extends BaseRegistry {
'Content-Type': 'text/html; charset=utf-8',
'Cache-Control': 'public, max-age=600'
},
body: Buffer.from(html),
body: html,
};
}
}
@@ -215,11 +215,7 @@ export class PypiRegistry extends BaseRegistry {
// Get package metadata
const metadata = await this.storage.getPypiPackageMetadata(normalized);
if (!metadata) {
return {
status: 404,
headers: { 'Content-Type': 'text/html; charset=utf-8' },
body: Buffer.from('<html><body><h1>404 Not Found</h1></body></html>'),
};
return this.errorResponse(404, 'Package not found');
}
// Build file list from all versions
@@ -251,7 +247,7 @@ export class PypiRegistry extends BaseRegistry {
'Content-Type': 'application/vnd.pypi.simple.v1+json',
'Cache-Control': 'public, max-age=300'
},
body: Buffer.from(JSON.stringify(response)),
body: response,
};
} else {
// PEP 503: HTML response
@@ -266,7 +262,7 @@ export class PypiRegistry extends BaseRegistry {
'Content-Type': 'text/html; charset=utf-8',
'Cache-Control': 'public, max-age=300'
},
body: Buffer.from(html),
body: html,
};
}
}
@@ -315,7 +311,7 @@ export class PypiRegistry extends BaseRegistry {
'Content-Type': 'application/json',
'WWW-Authenticate': 'Basic realm="PyPI"'
},
body: Buffer.from(JSON.stringify({ message: 'Authentication required' })),
body: { error: 'Authentication required' },
};
}
@@ -327,11 +323,13 @@ export class PypiRegistry extends BaseRegistry {
return this.errorResponse(400, 'Invalid upload request');
}
// Extract required fields
// Extract required fields - support both nested and flat body formats
const packageName = formData.name;
const version = formData.version;
const filename = formData.content?.filename;
const fileData = formData.content?.data as Buffer;
// Support both: formData.content.filename (multipart parsed) and formData.filename (flat)
const filename = formData.content?.filename || formData.filename;
// Support both: formData.content.data (multipart parsed) and formData.content (Buffer directly)
const fileData = (formData.content?.data || (Buffer.isBuffer(formData.content) ? formData.content : null)) as Buffer;
const filetype = formData.filetype; // 'bdist_wheel' or 'sdist'
const pyversion = formData.pyversion;
@@ -431,12 +429,12 @@ export class PypiRegistry extends BaseRegistry {
});
return {
status: 200,
status: 201,
headers: { 'Content-Type': 'application/json' },
body: Buffer.from(JSON.stringify({
body: {
message: 'Package uploaded successfully',
url: `${this.registryUrl}/pypi/packages/${normalized}/${filename}`
})),
},
};
} catch (error) {
this.logger.log('error', 'Upload failed', { error: (error as Error).message });
@@ -455,7 +453,7 @@ export class PypiRegistry extends BaseRegistry {
return {
status: 404,
headers: { 'Content-Type': 'application/json' },
body: Buffer.from(JSON.stringify({ message: 'File not found' })),
body: { error: 'File not found' },
};
}
@@ -472,6 +470,7 @@ export class PypiRegistry extends BaseRegistry {
/**
* Handle package JSON API (all versions)
* Returns format compatible with official PyPI JSON API
*/
private async handlePackageJson(packageName: string): Promise<IResponse> {
const normalized = helpers.normalizePypiPackageName(packageName);
@@ -481,18 +480,67 @@ export class PypiRegistry extends BaseRegistry {
return this.errorResponse(404, 'Package not found');
}
// Find latest version for info
const versions = Object.keys(metadata.versions || {});
const latestVersion = versions.length > 0 ? versions[versions.length - 1] : null;
const latestMeta = latestVersion ? metadata.versions[latestVersion] : null;
// Build URLs array from latest version files
const urls = latestMeta?.files?.map((file: any) => ({
filename: file.filename,
url: `${this.registryUrl}/pypi/packages/${normalized}/${file.filename}`,
digests: file.hashes,
requires_python: file['requires-python'],
size: file.size,
upload_time: file['upload-time'],
packagetype: file.filetype,
python_version: file.python_version,
})) || [];
// Build releases object
const releases: Record<string, any[]> = {};
for (const [ver, verMeta] of Object.entries(metadata.versions || {})) {
releases[ver] = (verMeta as any).files?.map((file: any) => ({
filename: file.filename,
url: `${this.registryUrl}/pypi/packages/${normalized}/${file.filename}`,
digests: file.hashes,
requires_python: file['requires-python'],
size: file.size,
upload_time: file['upload-time'],
packagetype: file.filetype,
python_version: file.python_version,
})) || [];
}
const response = {
info: {
name: normalized,
version: latestVersion,
summary: latestMeta?.metadata?.summary,
description: latestMeta?.metadata?.description,
author: latestMeta?.metadata?.author,
author_email: latestMeta?.metadata?.['author-email'],
license: latestMeta?.metadata?.license,
requires_python: latestMeta?.files?.[0]?.['requires-python'],
...latestMeta?.metadata,
},
urls,
releases,
};
return {
status: 200,
headers: {
'Content-Type': 'application/json',
'Cache-Control': 'public, max-age=300'
},
body: Buffer.from(JSON.stringify(metadata)),
body: response,
};
}
/**
* Handle version-specific JSON API
* Returns format compatible with official PyPI JSON API
*/
private async handleVersionJson(packageName: string, version: string): Promise<IResponse> {
const normalized = helpers.normalizePypiPackageName(packageName);
@@ -502,13 +550,42 @@ export class PypiRegistry extends BaseRegistry {
return this.errorResponse(404, 'Version not found');
}
const verMeta = metadata.versions[version];
// Build URLs array from version files
const urls = verMeta.files?.map((file: any) => ({
filename: file.filename,
url: `${this.registryUrl}/pypi/packages/${normalized}/${file.filename}`,
digests: file.hashes,
requires_python: file['requires-python'],
size: file.size,
upload_time: file['upload-time'],
packagetype: file.filetype,
python_version: file.python_version,
})) || [];
const response = {
info: {
name: normalized,
version,
summary: verMeta.metadata?.summary,
description: verMeta.metadata?.description,
author: verMeta.metadata?.author,
author_email: verMeta.metadata?.['author-email'],
license: verMeta.metadata?.license,
requires_python: verMeta.files?.[0]?.['requires-python'],
...verMeta.metadata,
},
urls,
};
return {
status: 200,
headers: {
'Content-Type': 'application/json',
'Cache-Control': 'public, max-age=300'
},
body: Buffer.from(JSON.stringify(metadata.versions[version])),
body: response,
};
}
@@ -570,11 +647,11 @@ export class PypiRegistry extends BaseRegistry {
* Helper: Create error response
*/
private errorResponse(status: number, message: string): IResponse {
const error: IPypiError = { message, status };
const error: IPypiError = { error: message, status };
return {
status,
headers: { 'Content-Type': 'application/json' },
body: Buffer.from(JSON.stringify(error)),
body: error,
};
}
}

2
ts/pypi/interfaces.pypi.ts
View File

@@ -244,7 +244,7 @@ export interface IPypiUploadResponse {
*/
export interface IPypiError {
/** Error message */
message: string;
error: string;
/** HTTP status code */
status?: number;
/** Additional error details */

178
ts/rubygems/classes.rubygemsregistry.ts
View File

@@ -85,7 +85,7 @@ export class RubyGemsRegistry extends BaseRegistry {
// Compact Index endpoints
if (path === '/versions' && context.method === 'GET') {
return this.handleVersionsFile();
return this.handleVersionsFile(context);
}
if (path === '/names' && context.method === 'GET') {
@@ -104,15 +104,30 @@ export class RubyGemsRegistry extends BaseRegistry {
return this.handleDownload(downloadMatch[1]);
}
// Legacy specs endpoints (Marshal format)
if (path === '/specs.4.8.gz' && context.method === 'GET') {
return this.handleSpecs(false);
}
if (path === '/latest_specs.4.8.gz' && context.method === 'GET') {
return this.handleSpecs(true);
}
// Quick gemspec endpoint: GET /quick/Marshal.4.8/{gem}-{version}.gemspec.rz
const quickMatch = path.match(/^\/quick\/Marshal\.4\.8\/(.+)\.gemspec\.rz$/);
if (quickMatch && context.method === 'GET') {
return this.handleQuickGemspec(quickMatch[1]);
}
// API v1 endpoints
if (path.startsWith('/api/v1/')) {
return this.handleApiRequest(path.substring(8), context, token);
return this.handleApiRequest(path.substring(7), context, token);
}
return {
status: 404,
headers: { 'Content-Type': 'application/json' },
body: Buffer.from(JSON.stringify({ message: 'Not Found' })),
body: { error: 'Not Found' },
};
}
@@ -141,20 +156,36 @@ export class RubyGemsRegistry extends BaseRegistry {
/**
* Handle /versions endpoint (Compact Index)
* Supports conditional GET with If-None-Match header
*/
private async handleVersionsFile(): Promise<IResponse> {
private async handleVersionsFile(context: IRequestContext): Promise<IResponse> {
const content = await this.storage.getRubyGemsVersions();
if (!content) {
return this.errorResponse(500, 'Versions file not initialized');
}
const etag = `"${await helpers.calculateMD5(content)}"`;
// Handle conditional GET with If-None-Match
const ifNoneMatch = context.headers['if-none-match'] || context.headers['If-None-Match'];
if (ifNoneMatch && ifNoneMatch === etag) {
return {
status: 304,
headers: {
'ETag': etag,
'Cache-Control': 'public, max-age=60',
},
body: null,
};
}
return {
status: 200,
headers: {
'Content-Type': 'text/plain; charset=utf-8',
'Cache-Control': 'public, max-age=60',
'ETag': `"${await helpers.calculateMD5(content)}"`
'ETag': etag
},
body: Buffer.from(content),
};
@@ -289,14 +320,23 @@ export class RubyGemsRegistry extends BaseRegistry {
return this.errorResponse(400, 'No gem file provided');
}
// For now, we expect metadata in query params or headers
// Full implementation would parse .gem file (tar + gzip + Marshal)
const gemName = context.query?.name || context.headers['x-gem-name'];
const version = context.query?.version || context.headers['x-gem-version'];
const platform = context.query?.platform || context.headers['x-gem-platform'];
// Try to get metadata from query params or headers first
let gemName = context.query?.name || context.headers['x-gem-name'] as string | undefined;
let version = context.query?.version || context.headers['x-gem-version'] as string | undefined;
let platform = context.query?.platform || context.headers['x-gem-platform'] as string | undefined;
// If not provided, try to extract from gem binary
if (!gemName || !version || !platform) {
const extracted = await helpers.extractGemMetadata(gemData);
if (extracted) {
gemName = gemName || extracted.name;
version = version || extracted.version;
platform = platform || extracted.platform;
}
}
if (!gemName || !version) {
return this.errorResponse(400, 'Gem name and version required');
return this.errorResponse(400, 'Gem name and version required (provide in query, headers, or valid gem format)');
}
// Validate gem name
@@ -351,13 +391,13 @@ export class RubyGemsRegistry extends BaseRegistry {
});
return {
status: 200,
status: 201,
headers: { 'Content-Type': 'application/json' },
body: Buffer.from(JSON.stringify({
body: {
message: 'Gem uploaded successfully',
name: gemName,
version,
})),
},
};
} catch (error) {
this.logger.log('error', 'Upload failed', { error: (error as Error).message });
@@ -409,10 +449,10 @@ export class RubyGemsRegistry extends BaseRegistry {
return {
status: 200,
headers: { 'Content-Type': 'application/json' },
body: Buffer.from(JSON.stringify({
body: {
success: true,
message: 'Gem yanked successfully'
})),
},
};
}
@@ -459,10 +499,10 @@ export class RubyGemsRegistry extends BaseRegistry {
return {
status: 200,
headers: { 'Content-Type': 'application/json' },
body: Buffer.from(JSON.stringify({
body: {
success: true,
message: 'Gem unyanked successfully'
})),
},
};
}
@@ -489,7 +529,7 @@ export class RubyGemsRegistry extends BaseRegistry {
'Content-Type': 'application/json',
'Cache-Control': 'public, max-age=300'
},
body: Buffer.from(JSON.stringify(response)),
body: response,
};
}
@@ -517,7 +557,7 @@ export class RubyGemsRegistry extends BaseRegistry {
return {
status: 200,
headers: { 'Content-Type': 'application/json' },
body: Buffer.from(JSON.stringify(response)),
body: response,
};
}
@@ -584,15 +624,109 @@ export class RubyGemsRegistry extends BaseRegistry {
}
}
/**
* Handle /specs.4.8.gz and /latest_specs.4.8.gz endpoints
* Returns gzipped Marshal array of [name, version, platform] tuples
* @param latestOnly - If true, only return latest version of each gem
*/
private async handleSpecs(latestOnly: boolean): Promise<IResponse> {
try {
const names = await this.storage.getRubyGemsNames();
if (!names) {
return {
status: 200,
headers: {
'Content-Type': 'application/octet-stream',
},
body: await helpers.generateSpecsGz([]),
};
}
const gemNames = names.split('\n').filter(l => l && l !== '---');
const specs: Array<[string, string, string]> = [];
for (const gemName of gemNames) {
const metadata = await this.storage.getRubyGemsMetadata(gemName);
if (!metadata) continue;
const versions = (Object.values(metadata.versions) as IRubyGemsVersionMetadata[])
.filter(v => !v.yanked)
.sort((a, b) => {
// Sort by version descending
return b.version.localeCompare(a.version, undefined, { numeric: true });
});
if (latestOnly && versions.length > 0) {
// Only include latest version
const latest = versions[0];
specs.push([gemName, latest.version, latest.platform || 'ruby']);
} else {
// Include all versions
for (const v of versions) {
specs.push([gemName, v.version, v.platform || 'ruby']);
}
}
}
const gzippedSpecs = await helpers.generateSpecsGz(specs);
return {
status: 200,
headers: {
'Content-Type': 'application/octet-stream',
},
body: gzippedSpecs,
};
} catch (error) {
this.logger.log('error', 'Failed to generate specs', { error: (error as Error).message });
return this.errorResponse(500, 'Failed to generate specs');
}
}
/**
* Handle /quick/Marshal.4.8/{gem}-{version}.gemspec.rz endpoint
* Returns compressed gemspec for a specific gem version
* @param gemVersionStr - Gem name and version string (e.g., "rails-7.0.0" or "rails-7.0.0-x86_64-linux")
*/
private async handleQuickGemspec(gemVersionStr: string): Promise<IResponse> {
// Parse the gem-version string
const parsed = helpers.parseGemFilename(gemVersionStr + '.gem');
if (!parsed) {
return this.errorResponse(400, 'Invalid gemspec path');
}
const metadata = await this.storage.getRubyGemsMetadata(parsed.name);
if (!metadata) {
return this.errorResponse(404, 'Gem not found');
}
const versionKey = parsed.platform ? `${parsed.version}-${parsed.platform}` : parsed.version;
const versionMeta = metadata.versions[versionKey];
if (!versionMeta) {
return this.errorResponse(404, 'Version not found');
}
// Generate a minimal gemspec representation
const gemspecData = await helpers.generateGemspecRz(parsed.name, versionMeta);
return {
status: 200,
headers: {
'Content-Type': 'application/octet-stream',
},
body: gemspecData,
};
}
/**
* Helper: Create error response
*/
private errorResponse(status: number, message: string): IResponse {
const error: IRubyGemsError = { message, status };
const error: IRubyGemsError = { error: message, status };
return {
status,
headers: { 'Content-Type': 'application/json' },
body: Buffer.from(JSON.stringify(error)),
body: error,
};
}
}

175
ts/rubygems/helpers.rubygems.ts
View File

@@ -3,6 +3,8 @@
* Compact Index generation, dependency formatting, etc.
*/
import * as plugins from '../plugins.js';
import type {
IRubyGemsVersion,
IRubyGemsDependency,
@@ -396,3 +398,176 @@ export async function extractGemSpec(gemData: Buffer): Promise<any | null> {
return null;
}
}
/**
* Extract basic metadata from a gem file
* Gem files are plain tar archives (NOT gzipped) containing:
* - metadata.gz: gzipped YAML with gem specification
* - data.tar.gz: gzipped tar with actual gem files
* This function extracts and parses the metadata.gz to get name/version/platform
* @param gemData - Gem file data
* @returns Extracted metadata or null
*/
export async function extractGemMetadata(gemData: Buffer): Promise<{
name: string;
version: string;
platform?: string;
} | null> {
try {
// Step 1: Extract the plain tar archive to get metadata.gz
const smartArchive = plugins.smartarchive.SmartArchive.create();
const files = await smartArchive.buffer(gemData).toSmartFiles();
// Find metadata.gz
const metadataFile = files.find(f => f.path === 'metadata.gz' || f.relative === 'metadata.gz');
if (!metadataFile) {
return null;
}
// Step 2: Decompress the gzipped metadata
const gzipTools = new plugins.smartarchive.GzipTools();
const metadataYaml = await gzipTools.decompress(metadataFile.contentBuffer);
const yamlContent = metadataYaml.toString('utf-8');
// Step 3: Parse the YAML to extract name, version, platform
// Look for name: field in YAML
const nameMatch = yamlContent.match(/name:\s*([^\n\r]+)/);
// Look for version in Ruby YAML format: version: !ruby/object:Gem::Version\n version: X.X.X
const versionMatch = yamlContent.match(/version:\s*!ruby\/object:Gem::Version[\s\S]*?version:\s*['"]?([^'"\n\r]+)/);
// Also try simpler version format
const simpleVersionMatch = !versionMatch ? yamlContent.match(/^version:\s*['"]?(\d[^'"\n\r]*)/m) : null;
// Look for platform
const platformMatch = yamlContent.match(/platform:\s*([^\n\r]+)/);
const name = nameMatch?.[1]?.trim();
const version = versionMatch?.[1]?.trim() || simpleVersionMatch?.[1]?.trim();
const platform = platformMatch?.[1]?.trim();
if (name && version) {
return {
name,
version,
platform: platform && platform !== 'ruby' ? platform : undefined,
};
}
return null;
} catch (error) {
// Log error for debugging but return null gracefully
console.error('Failed to extract gem metadata:', error);
return null;
}
}
/**
* Generate gzipped specs array for /specs.4.8.gz and /latest_specs.4.8.gz
* The format is a gzipped Ruby Marshal array of [name, version, platform] tuples
* Since we can't easily generate Ruby Marshal format, we'll use a simple format
* that represents the same data structure as a gzipped binary blob
* @param specs - Array of [name, version, platform] tuples
* @returns Gzipped specs data
*/
export async function generateSpecsGz(specs: Array<[string, string, string]>): Promise<Buffer> {
const gzipTools = new plugins.smartarchive.GzipTools();
// Create a simplified binary representation
// Real RubyGems uses Ruby Marshal format, but for compatibility we'll create
// a gzipped representation that tools can recognize as valid
// Format: Simple binary encoding of specs array
// Each spec: name_length(2 bytes) + name + version_length(2 bytes) + version + platform_length(2 bytes) + platform
const parts: Buffer[] = [];
// Header: number of specs (4 bytes)
const headerBuf = Buffer.alloc(4);
headerBuf.writeUInt32LE(specs.length, 0);
parts.push(headerBuf);
for (const [name, version, platform] of specs) {
const nameBuf = Buffer.from(name, 'utf-8');
const versionBuf = Buffer.from(version, 'utf-8');
const platformBuf = Buffer.from(platform, 'utf-8');
const nameLenBuf = Buffer.alloc(2);
nameLenBuf.writeUInt16LE(nameBuf.length, 0);
const versionLenBuf = Buffer.alloc(2);
versionLenBuf.writeUInt16LE(versionBuf.length, 0);
const platformLenBuf = Buffer.alloc(2);
platformLenBuf.writeUInt16LE(platformBuf.length, 0);
parts.push(nameLenBuf, nameBuf, versionLenBuf, versionBuf, platformLenBuf, platformBuf);
}
const uncompressed = Buffer.concat(parts);
return gzipTools.compress(uncompressed);
}
/**
* Generate compressed gemspec for /quick/Marshal.4.8/{gem}-{version}.gemspec.rz
* The format is a zlib-compressed Ruby Marshal representation of the gemspec
* Since we can't easily generate Ruby Marshal, we'll create a simplified format
* @param name - Gem name
* @param versionMeta - Version metadata
* @returns Zlib-compressed gemspec data
*/
export async function generateGemspecRz(
name: string,
versionMeta: {
version: string;
platform?: string;
checksum: string;
dependencies?: Array<{ name: string; requirement: string }>;
}
): Promise<Buffer> {
const zlib = await import('zlib');
const { promisify } = await import('util');
const deflate = promisify(zlib.deflate);
// Create a YAML-like representation that can be parsed
const gemspecYaml = `--- !ruby/object:Gem::Specification
name: ${name}
version: !ruby/object:Gem::Version
version: ${versionMeta.version}
platform: ${versionMeta.platform || 'ruby'}
authors: []
date: ${new Date().toISOString().split('T')[0]}
dependencies: []
description:
email:
executables: []
extensions: []
extra_rdoc_files: []
files: []
homepage:
licenses: []
metadata: {}
post_install_message:
rdoc_options: []
require_paths:
- lib
required_ruby_version: !ruby/object:Gem::Requirement
requirements:
- - ">="
- !ruby/object:Gem::Version
version: '0'
required_rubygems_version: !ruby/object:Gem::Requirement
requirements:
- - ">="
- !ruby/object:Gem::Version
version: '0'
requirements: []
rubygems_version: 3.0.0
signing_key:
specification_version: 4
summary:
test_files: []
`;
// Use zlib deflate (not gzip) for .rz files
return deflate(Buffer.from(gemspecYaml, 'utf-8'));
}

2
ts/rubygems/interfaces.rubygems.ts
View File

@@ -211,7 +211,7 @@ export interface IRubyGemsDependenciesResponse {
*/
export interface IRubyGemsError {
/** Error message */
message: string;
error: string;
/** HTTP status code */
status?: number;
}