mirror of
https://github.com/Pandipipas/scoreko-electron-dev.git
synced 2026-06-06 05:32:06 +00:00
Refactor NodeCG runtime preparation and update handling
- Updated paths and configurations in doctor.mjs and prepare-nodecg-runtime.mjs to use new build-config.mjs imports. - Enhanced runtime installation checks and permissions validation. - Introduced new update configuration management in update-config.ts, including loading and validating update settings. - Implemented update service for managing update checks and downloads in update-service.ts. - Replaced update-utils.ts with update-schema.ts for better structure and clarity in update handling. - Added comprehensive tests for update download and settings management. - Ensured secure handling of download URLs and improved error handling in update processes.
This commit is contained in:
@@ -0,0 +1,121 @@
|
||||
# Phase 4 Summary
|
||||
|
||||
## Scope
|
||||
|
||||
Executed only the filesystem, updater, and packaging/build-config cleanup requested for this phase.
|
||||
|
||||
Documentation used as source of truth:
|
||||
|
||||
- `docs/refactor/ARCHITECTURE_AUDIT.md`
|
||||
- `docs/refactor/ARCHITECTURE_RULES.md`
|
||||
- `docs/refactor/TARGET_ARCHITECTURE.md`
|
||||
- `docs/refactor/MIGRATION_PLAN.md`
|
||||
- `docs/refactor/SESSION_HANDOFF.md`
|
||||
|
||||
## Filesystem And Paths
|
||||
|
||||
- Added pure path helpers in `src/main/app/paths.ts` for:
|
||||
- managed NodeCG runtime storage under Electron `userData`
|
||||
- default update config location
|
||||
- update download temp directory
|
||||
- safe child-path resolution that rejects traversal and absolute-path escape
|
||||
- Updated runtime provisioning to use the managed-runtime path helper instead of rebuilding that storage path locally.
|
||||
- Added tests for update storage paths and path traversal rejection.
|
||||
|
||||
## Updater
|
||||
|
||||
- Reorganized updater modules toward the target architecture:
|
||||
- `src/main/updates/update-service.ts`
|
||||
- `src/main/updates/update-config.ts`
|
||||
- `src/main/updates/update-schema.ts`
|
||||
- `src/main/updates/update-download.ts`
|
||||
- Removed the older updater module names:
|
||||
- `update-manager.ts`
|
||||
- `update-settings.ts`
|
||||
- `update-utils.ts`
|
||||
- Added runtime validation for remote Gitea release metadata before building update state.
|
||||
- Added URL policy handling so packaged builds reject insecure HTTP update URLs and installer downloads.
|
||||
- Kept local development able to use HTTP update endpoints explicitly through the dev policy.
|
||||
- Changed installer download behavior to:
|
||||
- validate URL protocol before fetch
|
||||
- sanitize installer file names
|
||||
- constrain output to the safe temp download directory
|
||||
- write to a staging file first
|
||||
- finalize with atomic rename
|
||||
- clean staging files on failure
|
||||
- Kept dialogs and install handoff separate from schema parsing and download streaming.
|
||||
|
||||
## Packaging And Build Config
|
||||
|
||||
- Added `scripts/build-config.mjs` as the shared build-layout source for scripts.
|
||||
- Consolidated repeated script constants for:
|
||||
- Electron package root
|
||||
- parent Scoreko bundle root
|
||||
- packaged NodeCG runtime root
|
||||
- bundle name
|
||||
- generated bundle entries
|
||||
- prepared runtime entries
|
||||
- npm/electron cache locations
|
||||
- local binary path resolution
|
||||
- Updated packaging-related scripts to use the shared config:
|
||||
- `scripts/build-scoreko-bundle.mjs`
|
||||
- `scripts/prepare-nodecg-runtime.mjs`
|
||||
- `scripts/rebuild-nodecg-native.mjs`
|
||||
- `scripts/doctor.mjs`
|
||||
- Improved the missing parent-project error in `build-scoreko-bundle.mjs` so CI/local failures report the expected layout and missing markers.
|
||||
|
||||
## Intentionally Not Changed
|
||||
|
||||
- No UX changes.
|
||||
- No custom renderer.
|
||||
- No preload.
|
||||
- No IPC.
|
||||
- No Electron window behavior changes.
|
||||
- No NodeCG runtime model changes.
|
||||
- No user-owned runtime directory deletion changes.
|
||||
- No broad build framework introduced.
|
||||
- No `any` added.
|
||||
|
||||
## Verification
|
||||
|
||||
Commands run successfully:
|
||||
|
||||
```text
|
||||
npm.cmd run typecheck
|
||||
npm.cmd test
|
||||
npm.cmd run lint
|
||||
npm.cmd run doctor
|
||||
```
|
||||
|
||||
Current test result:
|
||||
|
||||
```text
|
||||
65 tests passing
|
||||
```
|
||||
|
||||
Packaging verification:
|
||||
|
||||
```text
|
||||
npm.cmd run pack
|
||||
```
|
||||
|
||||
Result:
|
||||
|
||||
- Passed with escalated filesystem permission, generating `release/win-unpacked`.
|
||||
- A later non-escalated rerun was blocked by the sandbox while writing generated bundle output in the parent Scoreko project (`shared/dist`). That rerun failed before packaging because of sandbox filesystem permissions, not because of a build error.
|
||||
- A final escalated rerun could not be started because the approval system rejected the escalation. Typecheck, tests, lint, and doctor were run successfully around the packaging verification.
|
||||
|
||||
Sanity searches:
|
||||
|
||||
```text
|
||||
rg -n "\bany\b|update-manager|update-settings|update-utils|ActualizaciÃ|estÃ|versiÃ|nodeIntegration:\s*true|webSecurity:\s*false|ipcMain|ipcRenderer|contextBridge|preload" src scripts docs/refactor
|
||||
```
|
||||
|
||||
Result:
|
||||
|
||||
- No `any` was introduced in production or test source.
|
||||
- No legacy updater module references remain in `src`.
|
||||
- No touched Spanish update text is mojibaked.
|
||||
- No production IPC or preload surface exists.
|
||||
- No unsafe Electron window settings were introduced.
|
||||
- Remaining IPC/preload matches are documentation and the regression test that guards the zero-surface policy.
|
||||
Reference in New Issue
Block a user