Sterister
b77b7e771c
Pull-mode httpClient + drainer + parallel RPCs against the same peer deteriorated after ~10s with `DecryptionError`. Two bugs combined: - `OutboundQueue.enqueue` woke `drain` waiters with a `since=0` snapshot, replaying already-processed events into `Shade.acceptTransferEnvelope` → `manager.decrypt` twice. The duplicate consumed an already-used skipped key and corrupted the Double Ratchet receive chain. - `ratchetDecrypt` then propagated the corruption: a same-DH message behind the chain with no cached skipped key fell through to `kdfChainKey` on the ahead state and rewound `chain.counter`, permanently desyncing the chain. Fix `OutboundQueue` to honor each waiter's `since`, and harden `ratchetDecrypt` so any future duplicate fails cleanly without mutating state. Adds regression coverage at all three layers. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
43 lines
952 B
JSON
43 lines
952 B
JSON
{
|
|
"name": "@shade/files",
|
|
"version": "4.2.1",
|
|
"type": "module",
|
|
"main": "src/index.ts",
|
|
"types": "src/index.ts",
|
|
"exports": {
|
|
".": {
|
|
"types": "./src/index.ts",
|
|
"import": "./src/index.ts"
|
|
},
|
|
"./react": {
|
|
"types": "./src/react/index.ts",
|
|
"import": "./src/react/index.ts"
|
|
}
|
|
},
|
|
"dependencies": {
|
|
"@shade/core": "workspace:*",
|
|
"@shade/crypto-web": "workspace:*",
|
|
"@shade/observability": "workspace:*",
|
|
"@shade/proto": "workspace:*",
|
|
"@shade/sdk": "workspace:*",
|
|
"@shade/streams": "workspace:*",
|
|
"@shade/transfer": "workspace:*",
|
|
"zod": "^3.23.8"
|
|
},
|
|
"peerDependencies": {
|
|
"react": "^18.0.0 || ^19.0.0"
|
|
},
|
|
"peerDependenciesMeta": {
|
|
"react": {
|
|
"optional": true
|
|
}
|
|
},
|
|
"devDependencies": {
|
|
"@shade/server": "workspace:*",
|
|
"@types/react": "^19.2.14",
|
|
"fast-check": "^3.22.0",
|
|
"happy-dom": "^15.11.7",
|
|
"react": "^19.2.5"
|
|
}
|
|
}
|