release(v4.0.0): Shade GA — V3.x consolidation + audit prep
Some checks failed
Test / test (push) Has been cancelled
Cross-platform vectors / TypeScript vectors (bun) (push) Has been cancelled
Cross-platform vectors / Kotlin vectors (gradle) (push) Has been cancelled
Docker build and publish / docker (push) Has been cancelled
Publish / publish (push) Has been cancelled
Some checks failed
Test / test (push) Has been cancelled
Cross-platform vectors / TypeScript vectors (bun) (push) Has been cancelled
Cross-platform vectors / Kotlin vectors (gradle) (push) Has been cancelled
Docker build and publish / docker (push) Has been cancelled
Publish / publish (push) Has been cancelled
V3.1 → V3.12 consolidated and tagged for the first GA release. Wire format unchanged from 0.4.x — 4.0 peers interoperate with 0.4.x peers byte-for-byte. The version bump is semantic: audit-cycle complete, opt-in surface fully exposed, threat model refreshed for every new surface. Highlights: - All 24 @shade/* packages bumped to 4.0.0 in lockstep. - CHANGELOG 4.0.0 section is the canonical manifest of what landed. - THREAT-MODEL extended (§10 fingerprint gates, §11 WebRTC P2P, §12 Web-Worker boundary) + residual-risks table refreshed. - OpenAPI now covers all 27 routes: prekey, transfer, KT, inbox, bridge, observer, /metrics, /healthz, /ready. - MIGRATION 0.3.x → 4.0 documented + smoke-tested against shade migrate-storage on a real SQLite DB. - docs/audit/REVIEW-BUNDLE.md + SCOPE.md ready for external reviewer. - scripts/soak.ts harness for the GA-stable 2-week soak window. - All V*.md plans archived under docs/archive/ with Status: Done. - Voice/Video carved out into V5.0; 4.0 audit focuses on the frozen non-realtime stack. Tests: TS 1000/1000 + Kotlin 11/11 cross-platform vectors green. Docker: gt.zyon.no/stian/shade-prekey:4.0.0 builds and reports version 4.0.0 on /health. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -0,0 +1,88 @@
|
||||
import { describe, test, expect, beforeEach, afterEach } from 'bun:test';
|
||||
import { unlinkSync, existsSync } from 'node:fs';
|
||||
import { tmpdir } from 'node:os';
|
||||
import { join } from 'node:path';
|
||||
import { SQLiteStorage } from '../src/index.js';
|
||||
|
||||
describe('SQLiteStorage — peer_verifications (V3.3)', () => {
|
||||
let path: string;
|
||||
let storage: SQLiteStorage;
|
||||
|
||||
beforeEach(() => {
|
||||
path = join(tmpdir(), `shade-test-${Date.now()}-${Math.random().toString(36).slice(2)}.db`);
|
||||
storage = new SQLiteStorage(path);
|
||||
});
|
||||
|
||||
afterEach(() => {
|
||||
storage.close();
|
||||
if (existsSync(path)) unlinkSync(path);
|
||||
});
|
||||
|
||||
test('round trip: save → get → remove', async () => {
|
||||
await storage.savePeerVerification({
|
||||
peerAddress: 'bob',
|
||||
fingerprint: '12345 67890 12345 67890 12345 67890 12345 67890 12345 67890 12345 67890',
|
||||
verifiedAt: 1_700_000_000_000,
|
||||
verifiedBy: 'user',
|
||||
identityVersion: 1,
|
||||
});
|
||||
|
||||
const v = await storage.getPeerVerification('bob');
|
||||
expect(v).not.toBeNull();
|
||||
expect(v!.peerAddress).toBe('bob');
|
||||
expect(v!.verifiedBy).toBe('user');
|
||||
expect(v!.identityVersion).toBe(1);
|
||||
|
||||
await storage.removePeerVerification('bob');
|
||||
expect(await storage.getPeerVerification('bob')).toBeNull();
|
||||
});
|
||||
|
||||
test('upsert overwrites on duplicate peer_address', async () => {
|
||||
await storage.savePeerVerification({
|
||||
peerAddress: 'bob',
|
||||
fingerprint: 'fp-1',
|
||||
verifiedAt: 1,
|
||||
verifiedBy: 'user',
|
||||
identityVersion: 1,
|
||||
});
|
||||
await storage.savePeerVerification({
|
||||
peerAddress: 'bob',
|
||||
fingerprint: 'fp-2',
|
||||
verifiedAt: 2,
|
||||
verifiedBy: 'transitive',
|
||||
identityVersion: 2,
|
||||
});
|
||||
|
||||
const v = await storage.getPeerVerification('bob');
|
||||
expect(v!.fingerprint).toBe('fp-2');
|
||||
expect(v!.verifiedBy).toBe('transitive');
|
||||
expect(v!.identityVersion).toBe(2);
|
||||
});
|
||||
|
||||
test('identity-version starts at 1 and increments via bump', async () => {
|
||||
expect(await storage.getPeerIdentityVersion('alice')).toBe(1);
|
||||
expect(await storage.bumpPeerIdentityVersion('alice')).toBe(2);
|
||||
expect(await storage.bumpPeerIdentityVersion('alice')).toBe(3);
|
||||
expect(await storage.getPeerIdentityVersion('alice')).toBe(3);
|
||||
// Independent counter per peer
|
||||
expect(await storage.getPeerIdentityVersion('bob')).toBe(1);
|
||||
});
|
||||
|
||||
test('survives reopen', async () => {
|
||||
await storage.savePeerVerification({
|
||||
peerAddress: 'bob',
|
||||
fingerprint: 'fp',
|
||||
verifiedAt: 42,
|
||||
verifiedBy: 'user',
|
||||
identityVersion: 5,
|
||||
});
|
||||
await storage.bumpPeerIdentityVersion('bob');
|
||||
storage.close();
|
||||
|
||||
storage = new SQLiteStorage(path);
|
||||
const v = await storage.getPeerVerification('bob');
|
||||
expect(v!.fingerprint).toBe('fp');
|
||||
expect(v!.identityVersion).toBe(5);
|
||||
expect(await storage.getPeerIdentityVersion('bob')).toBe(2);
|
||||
});
|
||||
});
|
||||
Reference in New Issue
Block a user