Sterister
e6fdf31b49
Some checks failed
Test / test (push) Has been cancelled
Cross-platform vectors / TypeScript vectors (bun) (push) Has been cancelled
Cross-platform vectors / Kotlin vectors (gradle) (push) Has been cancelled
Docker build and publish / docker (push) Has been cancelled
Publish / publish (push) Has been cancelled
V3.1 → V3.12 consolidated and tagged for the first GA release. Wire format unchanged from 0.4.x — 4.0 peers interoperate with 0.4.x peers byte-for-byte. The version bump is semantic: audit-cycle complete, opt-in surface fully exposed, threat model refreshed for every new surface. Highlights: - All 24 @shade/* packages bumped to 4.0.0 in lockstep. - CHANGELOG 4.0.0 section is the canonical manifest of what landed. - THREAT-MODEL extended (§10 fingerprint gates, §11 WebRTC P2P, §12 Web-Worker boundary) + residual-risks table refreshed. - OpenAPI now covers all 27 routes: prekey, transfer, KT, inbox, bridge, observer, /metrics, /healthz, /ready. - MIGRATION 0.3.x → 4.0 documented + smoke-tested against shade migrate-storage on a real SQLite DB. - docs/audit/REVIEW-BUNDLE.md + SCOPE.md ready for external reviewer. - scripts/soak.ts harness for the GA-stable 2-week soak window. - All V*.md plans archived under docs/archive/ with Status: Done. - Voice/Video carved out into V5.0; 4.0 audit focuses on the frozen non-realtime stack. Tests: TS 1000/1000 + Kotlin 11/11 cross-platform vectors green. Docker: gt.zyon.no/stian/shade-prekey:4.0.0 builds and reports version 4.0.0 on /health. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
46 lines
1.3 KiB
Markdown
46 lines
1.3 KiB
Markdown
# @shade/transport-bridge
|
|
|
|
Transport-agnostic delivery for Shade: **WS → SSE → long-poll**, in priority
|
|
order, behind a single `IncomingMessage` interface.
|
|
|
|
```ts
|
|
import {
|
|
FallbackBridgeTransport,
|
|
WsBridge,
|
|
SseBridge,
|
|
LongPollBridge,
|
|
} from '@shade/transport-bridge';
|
|
|
|
const auth = { crypto, signingPrivateKey, address: 'bob' };
|
|
|
|
const bridge = new FallbackBridgeTransport([
|
|
new WsBridge({ baseUrl, auth }),
|
|
new SseBridge({ baseUrl, auth }),
|
|
new LongPollBridge({ baseUrl, auth }),
|
|
]);
|
|
|
|
await bridge.connect({
|
|
onMessage: (msg) => {
|
|
// msg: { from: string; bytes: Uint8Array; receivedAt: number; msgId?: string }
|
|
},
|
|
});
|
|
|
|
console.log(bridge.activeKind); // "ws" | "sse" | "long-poll"
|
|
```
|
|
|
|
Pair with `createBridgeRoutes` in `@shade/inbox-server` to expose the
|
|
matching `/v1/bridge/{stream,poll,ws}` endpoints. Full design + threat
|
|
model in [`docs/transport.md`](../../docs/transport.md).
|
|
|
|
## What it solves
|
|
|
|
Browser extensions, strict corporate proxies, and edge runtimes routinely
|
|
block long-lived WebSockets. Apps that already use the Shade inbox shouldn't
|
|
have to write three custom delivery paths to handle the realistic mix of
|
|
hostile networks they ship into. This package is the canonical answer.
|
|
|
|
## Status
|
|
|
|
V3.7. Stable wire format, additive change to `@shade/inbox-server`. See
|
|
[CHANGELOG](../../CHANGELOG.md).
|