New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@firebase/app
Advanced tools
@firebase/app - npm Package Compare versions
Comparing version 0.10.18-20250114135622 to 0.10.18-canary.01f36ea41
@@ -210,6 +210,8 @@ /** | ||
| * | ||
| * If the token fails local verification, or if the Auth service has failed to validate it when | ||
| * the Auth SDK is initialized, then a warning is logged to the console and the Auth SDK will not | ||
| * sign in a user on initialization. | ||
| * If the token fails local verification due to expiration or parsing errors, then a console error | ||
| * is logged at the time of initialization of the `FirebaseServerApp` instance. | ||
| * | ||
| * If the Auth service has failed to validate the token when the Auth SDK is initialized, then an | ||
| * warning is logged to the console and the Auth SDK will not sign in a user on initialization. | ||
| * | ||
| * If a user is successfully signed in, then the Auth instance's `onAuthStateChanged` callback | ||
@@ -222,2 +224,10 @@ * is invoked with the `User` object as per standard Auth flows. However, `User` objects | ||
| /** | ||
| * An optional App Check token. If provided, the Firebase SDKs that use App Check will utilize | ||
| * this App Check token in place of requiring an instance of App Check to be initialized. | ||
| * | ||
| * If the token fails local verification due to expiration or parsing errors, then a console error | ||
| * is logged at the time of initialization of the `FirebaseServerApp` instance. | ||
| */ | ||
| appCheckToken?: string; | ||
| /** | ||
| * An optional object. If provided, the Firebase SDK uses a `FinalizationRegistry` | ||
@@ -224,0 +234,0 @@ * object to monitor the garbage collection status of the provided object. The |
@@ -244,6 +244,8 @@ /** | ||
| * | ||
| * If the token fails local verification, or if the Auth service has failed to validate it when | ||
| * the Auth SDK is initialized, then a warning is logged to the console and the Auth SDK will not | ||
| * sign in a user on initialization. | ||
| * If the token fails local verification due to expiration or parsing errors, then a console error | ||
| * is logged at the time of initialization of the `FirebaseServerApp` instance. | ||
| * | ||
| * If the Auth service has failed to validate the token when the Auth SDK is initialized, then an | ||
| * warning is logged to the console and the Auth SDK will not sign in a user on initialization. | ||
| * | ||
| * If a user is successfully signed in, then the Auth instance's `onAuthStateChanged` callback | ||
@@ -256,2 +258,10 @@ * is invoked with the `User` object as per standard Auth flows. However, `User` objects | ||
| /** | ||
| * An optional App Check token. If provided, the Firebase SDKs that use App Check will utilize | ||
| * this App Check token in place of requiring an instance of App Check to be initialized. | ||
| * | ||
| * If the token fails local verification due to expiration or parsing errors, then a console error | ||
| * is logged at the time of initialization of the `FirebaseServerApp` instance. | ||
| */ | ||
| appCheckToken?: string; | ||
| /** | ||
| * An optional object. If provided, the Firebase SDK uses a `FinalizationRegistry` | ||
@@ -462,3 +472,3 @@ * object to monitor the garbage collection status of the provided object. The | ||
| */ | ||
| export declare function _isFirebaseServerApp(obj: FirebaseApp | FirebaseServerApp): obj is FirebaseServerApp; | ||
| export declare function _isFirebaseServerApp(obj: FirebaseApp | FirebaseServerApp | null | undefined): obj is FirebaseServerApp; | ||
@@ -465,0 +475,0 @@ /** |
@@ -442,6 +442,8 @@ /** | ||
| * | ||
| * If the token fails local verification, or if the Auth service has failed to validate it when | ||
| * the Auth SDK is initialized, then a warning is logged to the console and the Auth SDK will not | ||
| * sign in a user on initialization. | ||
| * If the token fails local verification due to expiration or parsing errors, then a console error | ||
| * is logged at the time of initialization of the `FirebaseServerApp` instance. | ||
| * | ||
| * If the Auth service has failed to validate the token when the Auth SDK is initialized, then an | ||
| * warning is logged to the console and the Auth SDK will not sign in a user on initialization. | ||
| * | ||
| * If a user is successfully signed in, then the Auth instance's `onAuthStateChanged` callback | ||
@@ -454,2 +456,10 @@ * is invoked with the `User` object as per standard Auth flows. However, `User` objects | ||
| /** | ||
| * An optional App Check token. If provided, the Firebase SDKs that use App Check will utilize | ||
| * this App Check token in place of requiring an instance of App Check to be initialized. | ||
| * | ||
| * If the token fails local verification due to expiration or parsing errors, then a console error | ||
| * is logged at the time of initialization of the `FirebaseServerApp` instance. | ||
| */ | ||
| appCheckToken?: string; | ||
| /** | ||
| * An optional object. If provided, the Firebase SDK uses a `FinalizationRegistry` | ||
@@ -886,3 +896,3 @@ * object to monitor the garbage collection status of the provided object. The | ||
| */ | ||
| declare function _isFirebaseServerApp(obj: FirebaseApp | FirebaseServerApp): obj is FirebaseServerApp; | ||
| declare function _isFirebaseServerApp(obj: FirebaseApp | FirebaseServerApp | null | undefined): obj is FirebaseServerApp; | ||
| /** | ||
@@ -889,0 +899,0 @@ * Test only |
@@ -20,2 +20,3 @@ /** | ||
| import { HeartbeatsByUserAgent, HeartbeatService, HeartbeatsInIndexedDB, HeartbeatStorage, SingleDateHeartbeat } from './types'; | ||
| export declare const MAX_NUM_STORED_HEARTBEATS = 30; | ||
| export declare class HeartbeatServiceImpl implements HeartbeatService { | ||
@@ -85,1 +86,6 @@ private readonly container; | ||
| export declare function countBytes(heartbeatsCache: HeartbeatsByUserAgent[]): number; | ||
| /** | ||
| * Returns the index of the heartbeat with the earliest date. | ||
| * If the heartbeats array is empty, -1 is returned. | ||
| */ | ||
| export declare function getEarliestHeartbeatIdx(heartbeats: SingleDateHeartbeat[]): number; |
@@ -89,3 +89,3 @@ /** | ||
| */ | ||
| export declare function _isFirebaseServerApp(obj: FirebaseApp | FirebaseServerApp): obj is FirebaseServerApp; | ||
| export declare function _isFirebaseServerApp(obj: FirebaseApp | FirebaseServerApp | null | undefined): obj is FirebaseServerApp; | ||
| /** | ||
@@ -92,0 +92,0 @@ * Test only |
@@ -174,6 +174,8 @@ /** | ||
| * | ||
| * If the token fails local verification, or if the Auth service has failed to validate it when | ||
| * the Auth SDK is initialized, then a warning is logged to the console and the Auth SDK will not | ||
| * sign in a user on initialization. | ||
| * If the token fails local verification due to expiration or parsing errors, then a console error | ||
| * is logged at the time of initialization of the `FirebaseServerApp` instance. | ||
| * | ||
| * If the Auth service has failed to validate the token when the Auth SDK is initialized, then an | ||
| * warning is logged to the console and the Auth SDK will not sign in a user on initialization. | ||
| * | ||
| * If a user is successfully signed in, then the Auth instance's `onAuthStateChanged` callback | ||
@@ -186,2 +188,10 @@ * is invoked with the `User` object as per standard Auth flows. However, `User` objects | ||
| /** | ||
| * An optional App Check token. If provided, the Firebase SDKs that use App Check will utilize | ||
| * this App Check token in place of requiring an instance of App Check to be initialized. | ||
| * | ||
| * If the token fails local verification due to expiration or parsing errors, then a console error | ||
| * is logged at the time of initialization of the `FirebaseServerApp` instance. | ||
| */ | ||
| appCheckToken?: string; | ||
| /** | ||
| * An optional object. If provided, the Firebase SDK uses a `FinalizationRegistry` | ||
@@ -188,0 +198,0 @@ * object to monitor the garbage collection status of the provided object. The |
@@ -20,2 +20,3 @@ /** | ||
| import { HeartbeatsByUserAgent, HeartbeatService, HeartbeatsInIndexedDB, HeartbeatStorage, SingleDateHeartbeat } from './types'; | ||
| export declare const MAX_NUM_STORED_HEARTBEATS = 30; | ||
| export declare class HeartbeatServiceImpl implements HeartbeatService { | ||
@@ -85,1 +86,6 @@ private readonly container; | ||
| export declare function countBytes(heartbeatsCache: HeartbeatsByUserAgent[]): number; | ||
| /** | ||
| * Returns the index of the heartbeat with the earliest date. | ||
| * If the heartbeats array is empty, -1 is returned. | ||
| */ | ||
| export declare function getEarliestHeartbeatIdx(heartbeats: SingleDateHeartbeat[]): number; |
@@ -89,3 +89,3 @@ /** | ||
| */ | ||
| export declare function _isFirebaseServerApp(obj: FirebaseApp | FirebaseServerApp): obj is FirebaseServerApp; | ||
| export declare function _isFirebaseServerApp(obj: FirebaseApp | FirebaseServerApp | null | undefined): obj is FirebaseServerApp; | ||
| /** | ||
@@ -92,0 +92,0 @@ * Test only |
@@ -174,6 +174,8 @@ /** | ||
| * | ||
| * If the token fails local verification, or if the Auth service has failed to validate it when | ||
| * the Auth SDK is initialized, then a warning is logged to the console and the Auth SDK will not | ||
| * sign in a user on initialization. | ||
| * If the token fails local verification due to expiration or parsing errors, then a console error | ||
| * is logged at the time of initialization of the `FirebaseServerApp` instance. | ||
| * | ||
| * If the Auth service has failed to validate the token when the Auth SDK is initialized, then an | ||
| * warning is logged to the console and the Auth SDK will not sign in a user on initialization. | ||
| * | ||
| * If a user is successfully signed in, then the Auth instance's `onAuthStateChanged` callback | ||
@@ -186,2 +188,10 @@ * is invoked with the `User` object as per standard Auth flows. However, `User` objects | ||
| /** | ||
| * An optional App Check token. If provided, the Firebase SDKs that use App Check will utilize | ||
| * this App Check token in place of requiring an instance of App Check to be initialized. | ||
| * | ||
| * If the token fails local verification due to expiration or parsing errors, then a console error | ||
| * is logged at the time of initialization of the `FirebaseServerApp` instance. | ||
| */ | ||
| appCheckToken?: string; | ||
| /** | ||
| * An optional object. If provided, the Firebase SDK uses a `FinalizationRegistry` | ||
@@ -188,0 +198,0 @@ * object to monitor the garbage collection status of the provided object. The |
| import { Component, ComponentContainer } from '@firebase/component'; | ||
| import { Logger, setUserLogHandler, setLogLevel as setLogLevel$1 } from '@firebase/logger'; | ||
| import { ErrorFactory, getDefaultAppConfig, deepEqual, isBrowser, isWebWorker, FirebaseError, base64urlEncodeWithoutPadding, isIndexedDBAvailable, validateIndexedDBOpenable } from '@firebase/util'; | ||
| import { ErrorFactory, base64Decode, getDefaultAppConfig, deepEqual, isBrowser, isWebWorker, FirebaseError, base64urlEncodeWithoutPadding, isIndexedDBAvailable, validateIndexedDBOpenable } from '@firebase/util'; | ||
| export { FirebaseError } from '@firebase/util'; | ||
@@ -61,3 +61,3 @@ import { openDB } from 'idb'; | ||
| const name$q = "@firebase/app"; | ||
| const version$1 = "0.10.18-20250114135622"; | ||
| const version$1 = "0.10.18-canary.01f36ea41"; | ||
@@ -133,3 +133,3 @@ /** | ||
| const name = "firebase"; | ||
| const version = "11.2.0-20250114135622"; | ||
| const version = "11.2.0-canary.01f36ea41"; | ||
@@ -312,2 +312,5 @@ /** | ||
| function _isFirebaseServerApp(obj) { | ||
| if (obj === null || obj === undefined) { | ||
| return false; | ||
| } | ||
| return obj.settings !== undefined; | ||
@@ -443,2 +446,23 @@ } | ||
| */ | ||
| // Parse the token and check to see if the `exp` claim is in the future. | ||
| // Reports an error to the console if the token or claim could not be parsed, or if `exp` is in | ||
| // the past. | ||
| function validateTokenTTL(base64Token, tokenName) { | ||
| const secondPart = base64Decode(base64Token.split('.')[1]); | ||
| if (secondPart === null) { | ||
| console.error(`FirebaseServerApp ${tokenName} is invalid: second part could not be parsed.`); | ||
| return; | ||
| } | ||
| const expClaim = JSON.parse(secondPart).exp; | ||
| if (expClaim === undefined) { | ||
| console.error(`FirebaseServerApp ${tokenName} is invalid: expiration claim could not be parsed`); | ||
| return; | ||
| } | ||
| const exp = JSON.parse(secondPart).exp * 1000; | ||
| const now = new Date().getTime(); | ||
| const diff = exp - now; | ||
| if (diff <= 0) { | ||
| console.error(`FirebaseServerApp ${tokenName} is invalid: the token has expired.`); | ||
| } | ||
| } | ||
| class FirebaseServerAppImpl extends FirebaseAppImpl { | ||
@@ -465,2 +489,10 @@ constructor(options, serverConfig, name, container) { | ||
| this._serverConfig = Object.assign({ automaticDataCollectionEnabled }, serverConfig); | ||
| // Ensure that the current time is within the `authIdtoken` window of validity. | ||
| if (this._serverConfig.authIdToken) { | ||
| validateTokenTTL(this._serverConfig.authIdToken, 'authIdToken'); | ||
| } | ||
| // Ensure that the current time is within the `appCheckToken` window of validity. | ||
| if (this._serverConfig.appCheckToken) { | ||
| validateTokenTTL(this._serverConfig.appCheckToken, 'appCheckToken'); | ||
| } | ||
| this._finalizationRegistry = null; | ||
@@ -886,4 +918,3 @@ if (typeof FinalizationRegistry !== 'undefined') { | ||
| const MAX_HEADER_BYTES = 1024; | ||
| // 30 days | ||
| const STORED_HEARTBEAT_RETENTION_MAX_MILLIS = 30 * 24 * 60 * 60 * 1000; | ||
| const MAX_NUM_STORED_HEARTBEATS = 30; | ||
| class HeartbeatServiceImpl { | ||
@@ -942,10 +973,9 @@ constructor(container) { | ||
| this._heartbeatsCache.heartbeats.push({ date, agent }); | ||
| // If the number of stored heartbeats exceeds the maximum number of stored heartbeats, remove the heartbeat with the earliest date. | ||
| // Since this is executed each time a heartbeat is pushed, the limit can only be exceeded by one, so only one needs to be removed. | ||
| if (this._heartbeatsCache.heartbeats.length > MAX_NUM_STORED_HEARTBEATS) { | ||
| const earliestHeartbeatIdx = getEarliestHeartbeatIdx(this._heartbeatsCache.heartbeats); | ||
| this._heartbeatsCache.heartbeats.splice(earliestHeartbeatIdx, 1); | ||
| } | ||
| } | ||
| // Remove entries older than 30 days. | ||
| this._heartbeatsCache.heartbeats = | ||
| this._heartbeatsCache.heartbeats.filter(singleDateHeartbeat => { | ||
| const hbTimestamp = new Date(singleDateHeartbeat.date).valueOf(); | ||
| const now = Date.now(); | ||
| return now - hbTimestamp <= STORED_HEARTBEAT_RETENTION_MAX_MILLIS; | ||
| }); | ||
| return this._storage.overwrite(this._heartbeatsCache); | ||
@@ -1125,2 +1155,20 @@ } | ||
| } | ||
| /** | ||
| * Returns the index of the heartbeat with the earliest date. | ||
| * If the heartbeats array is empty, -1 is returned. | ||
| */ | ||
| function getEarliestHeartbeatIdx(heartbeats) { | ||
| if (heartbeats.length === 0) { | ||
| return -1; | ||
| } | ||
| let earliestHeartbeatIdx = 0; | ||
| let earliestHeartbeatDate = heartbeats[0].date; | ||
| for (let i = 1; i < heartbeats.length; i++) { | ||
| if (heartbeats[i].date < earliestHeartbeatDate) { | ||
| earliestHeartbeatDate = heartbeats[i].date; | ||
| earliestHeartbeatIdx = i; | ||
| } | ||
| } | ||
| return earliestHeartbeatIdx; | ||
| } | ||
@@ -1127,0 +1175,0 @@ /** |
@@ -64,3 +64,3 @@ 'use strict'; | ||
| const name$q = "@firebase/app"; | ||
| const version$1 = "0.10.18-20250114135622"; | ||
| const version$1 = "0.10.18-canary.01f36ea41"; | ||
@@ -136,3 +136,3 @@ /** | ||
| const name = "firebase"; | ||
| const version = "11.2.0-20250114135622"; | ||
| const version = "11.2.0-canary.01f36ea41"; | ||
@@ -315,2 +315,5 @@ /** | ||
| function _isFirebaseServerApp(obj) { | ||
| if (obj === null || obj === undefined) { | ||
| return false; | ||
| } | ||
| return obj.settings !== undefined; | ||
@@ -446,2 +449,23 @@ } | ||
| */ | ||
| // Parse the token and check to see if the `exp` claim is in the future. | ||
| // Reports an error to the console if the token or claim could not be parsed, or if `exp` is in | ||
| // the past. | ||
| function validateTokenTTL(base64Token, tokenName) { | ||
| const secondPart = util.base64Decode(base64Token.split('.')[1]); | ||
| if (secondPart === null) { | ||
| console.error(`FirebaseServerApp ${tokenName} is invalid: second part could not be parsed.`); | ||
| return; | ||
| } | ||
| const expClaim = JSON.parse(secondPart).exp; | ||
| if (expClaim === undefined) { | ||
| console.error(`FirebaseServerApp ${tokenName} is invalid: expiration claim could not be parsed`); | ||
| return; | ||
| } | ||
| const exp = JSON.parse(secondPart).exp * 1000; | ||
| const now = new Date().getTime(); | ||
| const diff = exp - now; | ||
| if (diff <= 0) { | ||
| console.error(`FirebaseServerApp ${tokenName} is invalid: the token has expired.`); | ||
| } | ||
| } | ||
| class FirebaseServerAppImpl extends FirebaseAppImpl { | ||
@@ -468,2 +492,10 @@ constructor(options, serverConfig, name, container) { | ||
| this._serverConfig = Object.assign({ automaticDataCollectionEnabled }, serverConfig); | ||
| // Ensure that the current time is within the `authIdtoken` window of validity. | ||
| if (this._serverConfig.authIdToken) { | ||
| validateTokenTTL(this._serverConfig.authIdToken, 'authIdToken'); | ||
| } | ||
| // Ensure that the current time is within the `appCheckToken` window of validity. | ||
| if (this._serverConfig.appCheckToken) { | ||
| validateTokenTTL(this._serverConfig.appCheckToken, 'appCheckToken'); | ||
| } | ||
| this._finalizationRegistry = null; | ||
@@ -889,4 +921,3 @@ if (typeof FinalizationRegistry !== 'undefined') { | ||
| const MAX_HEADER_BYTES = 1024; | ||
| // 30 days | ||
| const STORED_HEARTBEAT_RETENTION_MAX_MILLIS = 30 * 24 * 60 * 60 * 1000; | ||
| const MAX_NUM_STORED_HEARTBEATS = 30; | ||
| class HeartbeatServiceImpl { | ||
@@ -945,10 +976,9 @@ constructor(container) { | ||
| this._heartbeatsCache.heartbeats.push({ date, agent }); | ||
| // If the number of stored heartbeats exceeds the maximum number of stored heartbeats, remove the heartbeat with the earliest date. | ||
| // Since this is executed each time a heartbeat is pushed, the limit can only be exceeded by one, so only one needs to be removed. | ||
| if (this._heartbeatsCache.heartbeats.length > MAX_NUM_STORED_HEARTBEATS) { | ||
| const earliestHeartbeatIdx = getEarliestHeartbeatIdx(this._heartbeatsCache.heartbeats); | ||
| this._heartbeatsCache.heartbeats.splice(earliestHeartbeatIdx, 1); | ||
| } | ||
| } | ||
| // Remove entries older than 30 days. | ||
| this._heartbeatsCache.heartbeats = | ||
| this._heartbeatsCache.heartbeats.filter(singleDateHeartbeat => { | ||
| const hbTimestamp = new Date(singleDateHeartbeat.date).valueOf(); | ||
| const now = Date.now(); | ||
| return now - hbTimestamp <= STORED_HEARTBEAT_RETENTION_MAX_MILLIS; | ||
| }); | ||
| return this._storage.overwrite(this._heartbeatsCache); | ||
@@ -1128,2 +1158,20 @@ } | ||
| } | ||
| /** | ||
| * Returns the index of the heartbeat with the earliest date. | ||
| * If the heartbeats array is empty, -1 is returned. | ||
| */ | ||
| function getEarliestHeartbeatIdx(heartbeats) { | ||
| if (heartbeats.length === 0) { | ||
| return -1; | ||
| } | ||
| let earliestHeartbeatIdx = 0; | ||
| let earliestHeartbeatDate = heartbeats[0].date; | ||
| for (let i = 1; i < heartbeats.length; i++) { | ||
| if (heartbeats[i].date < earliestHeartbeatDate) { | ||
| earliestHeartbeatDate = heartbeats[i].date; | ||
| earliestHeartbeatIdx = i; | ||
| } | ||
| } | ||
| return earliestHeartbeatIdx; | ||
| } | ||
@@ -1130,0 +1178,0 @@ /** |
| { | ||
| "name": "@firebase/app", | ||
| "version": "0.10.18-20250114135622", | ||
| "version": "0.10.18-canary.01f36ea41", | ||
| "description": "The primary entrypoint to the Firebase JS SDK", | ||
@@ -40,5 +40,5 @@ "author": "Firebase <firebase-support@google.com> (https://firebase.google.com/)", | ||
| "dependencies": { | ||
| "@firebase/util": "1.10.3-20250114135622", | ||
| "@firebase/logger": "0.4.4", | ||
| "@firebase/component": "0.6.12-20250114135622", | ||
| "@firebase/util": "1.10.3-canary.01f36ea41", | ||
| "@firebase/logger": "0.4.4-canary.01f36ea41", | ||
| "@firebase/component": "0.6.12-canary.01f36ea41", | ||
| "idb": "7.1.1", | ||
@@ -49,3 +49,3 @@ "tslib": "^2.1.0" | ||
| "devDependencies": { | ||
| "@rollup/plugin-json": "4.1.0", | ||
| "@rollup/plugin-json": "6.1.0", | ||
| "rollup": "2.79.1", | ||
@@ -52,0 +52,0 @@ "rollup-plugin-replace": "2.2.0", |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
No alert changes
Improved metrics
- Total package byte prevSize
- increased by4.02%
397661
- Lines of code
- increased by2.51%
6442
Dependency changes
+ Added@firebase/component@0.6.12-canary.01f36ea41(transitive)
+ Added@firebase/logger@0.4.4-canary.01f36ea41(transitive)
+ Added@firebase/util@1.10.3-canary.01f36ea41(transitive)
- Removed@firebase/component@0.6.12-20250114135622(transitive)
- Removed@firebase/logger@0.4.4(transitive)
- Removed@firebase/util@1.10.3-20250114135622(transitive)