@opencode-cloud/core
Advanced tools
@opencode-cloud/core - npm Package Compare versions
+1
-1
| [package] | ||
| name = "opencode-cloud-core" | ||
| version = "3.2.0" | ||
| version = "3.2.1" | ||
| edition = "2024" | ||
@@ -5,0 +5,0 @@ rust-version = "1.88" |
+1
-1
| { | ||
| "name": "@opencode-cloud/core", | ||
| "version": "3.2.0", | ||
| "version": "3.2.1", | ||
| "description": "Core NAPI bindings for opencode-cloud (internal package)", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
@@ -18,3 +18,3 @@ //! Configuration management for opencode-cloud | ||
| pub use paths::{get_config_dir, get_config_path, get_data_dir, get_hosts_path, get_pid_path}; | ||
| pub use schema::{Config, validate_bind_address}; | ||
| pub use schema::{CommitSha, Config, validate_bind_address}; | ||
| pub use validation::{ | ||
@@ -21,0 +21,0 @@ ValidationError, ValidationWarning, display_validation_error, display_validation_warning, |
+51
-0
@@ -7,3 +7,47 @@ //! Configuration schema for opencode-cloud | ||
| use std::net::{IpAddr, Ipv4Addr}; | ||
| use std::ops::Deref; | ||
| /// Validated opencode commit SHA (7-40 hex characters) | ||
| #[derive(Debug, Clone, Serialize, PartialEq, Eq)] | ||
| #[serde(transparent)] | ||
| pub struct CommitSha(String); | ||
| impl CommitSha { | ||
| pub fn parse(value: &str) -> Result<Self, String> { | ||
| let trimmed = value.trim(); | ||
| if trimmed.is_empty() { | ||
| return Err("Commit cannot be empty".to_string()); | ||
| } | ||
| if !(7..=40).contains(&trimmed.len()) { | ||
| return Err("Commit must be 7-40 hex characters".to_string()); | ||
| } | ||
| if !trimmed.chars().all(|c| c.is_ascii_hexdigit()) { | ||
| return Err("Commit must be a hexadecimal SHA".to_string()); | ||
| } | ||
| Ok(Self(trimmed.to_string())) | ||
| } | ||
| pub fn as_str(&self) -> &str { | ||
| &self.0 | ||
| } | ||
| } | ||
| impl Deref for CommitSha { | ||
| type Target = str; | ||
| fn deref(&self) -> &Self::Target { | ||
| self.as_str() | ||
| } | ||
| } | ||
| impl<'de> Deserialize<'de> for CommitSha { | ||
| fn deserialize<D>(deserializer: D) -> Result<Self, D::Error> | ||
| where | ||
| D: serde::Deserializer<'de>, | ||
| { | ||
| let value = String::deserialize(deserializer)?; | ||
| CommitSha::parse(&value).map_err(serde::de::Error::custom) | ||
| } | ||
| } | ||
| /// Main configuration structure for opencode-cloud | ||
@@ -116,2 +160,7 @@ /// | ||
| /// Override opencode commit used when building the Docker image (optional) | ||
| /// Must be a 7-40 character hex commit SHA. | ||
| #[serde(default)] | ||
| pub opencode_commit: Option<CommitSha>, | ||
| /// When to check for updates: 'always' (every start), 'once' (once per version), 'never' | ||
@@ -230,2 +279,3 @@ #[serde(default = "default_update_check")] | ||
| image_source: default_image_source(), | ||
| opencode_commit: None, | ||
| update_check: default_update_check(), | ||
@@ -372,2 +422,3 @@ mounts: Vec::new(), | ||
| image_source: default_image_source(), | ||
| opencode_commit: None, | ||
| update_check: default_update_check(), | ||
@@ -374,0 +425,0 @@ mounts: Vec::new(), |
@@ -38,3 +38,3 @@ # ============================================================================= | ||
| # Pin opencode fork commit used during build | ||
| ARG OPENCODE_COMMIT=798ccdba1265b7e5499ba49db2f99ca1dd4a15d7 | ||
| ARG OPENCODE_COMMIT=dac099a4892689d11abedb0fcc1098b50e0958c8 | ||
@@ -41,0 +41,0 @@ # OCI Labels for image metadata |
@@ -10,5 +10,23 @@ //! Embedded Dockerfile content | ||
| use std::collections::HashMap; | ||
| /// The Dockerfile for building the opencode-cloud-sandbox container image | ||
| pub const DOCKERFILE: &str = include_str!("Dockerfile"); | ||
| /// Build arg name for the opencode commit used in the Dockerfile. | ||
| pub const OPENCODE_COMMIT_BUILD_ARG: &str = "OPENCODE_COMMIT"; | ||
| /// Default opencode commit pinned in the Dockerfile. | ||
| pub const OPENCODE_COMMIT_DEFAULT: &str = "dac099a4892689d11abedb0fcc1098b50e0958c8"; | ||
| /// Build args for overriding the opencode commit in the Dockerfile. | ||
| pub fn build_args_for_opencode_commit( | ||
| maybe_commit: Option<&str>, | ||
| ) -> Option<HashMap<String, String>> { | ||
| let commit = maybe_commit?; | ||
| let mut args = HashMap::new(); | ||
| args.insert(OPENCODE_COMMIT_BUILD_ARG.to_string(), commit.to_string()); | ||
| Some(args) | ||
| } | ||
| // ============================================================================= | ||
@@ -15,0 +33,0 @@ // Docker Image Naming |
@@ -84,2 +84,3 @@ //! Docker image build and pull operations | ||
| no_cache: bool, | ||
| build_args: Option<HashMap<String, String>>, | ||
| ) -> Result<String, DockerError> { | ||
@@ -104,2 +105,3 @@ let tag = tag.unwrap_or(IMAGE_TAG_DEFAULT); | ||
| ); | ||
| let build_args = build_args.unwrap_or_default(); | ||
| let options = BuildImageOptions { | ||
@@ -112,2 +114,3 @@ t: full_name.clone(), | ||
| nocache: no_cache, | ||
| buildargs: build_args, | ||
| ..Default::default() | ||
@@ -114,0 +117,0 @@ }; |
@@ -41,3 +41,6 @@ //! Docker operations module | ||
| // Dockerfile constants | ||
| pub use dockerfile::{DOCKERFILE, IMAGE_NAME_DOCKERHUB, IMAGE_NAME_GHCR, IMAGE_TAG_DEFAULT}; | ||
| pub use dockerfile::{ | ||
| DOCKERFILE, IMAGE_NAME_DOCKERHUB, IMAGE_NAME_GHCR, IMAGE_TAG_DEFAULT, | ||
| OPENCODE_COMMIT_BUILD_ARG, OPENCODE_COMMIT_DEFAULT, build_args_for_opencode_commit, | ||
| }; | ||
@@ -44,0 +47,0 @@ // Image operations |
New alerts
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Fixed alerts
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
311720
0.76%