Pandipipas/scoreko-electron-dev
1
0
Fork 0
mirror of https://github.com/Pandipipas/scoreko-electron-dev.git synced 2026-06-05 21:22:07 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
7102e3dd012ff03b53fb3ed0809388e132737481
scoreko-electron-dev/docs/refactor/PHASE_4_SUMMARY.md
T
Pandipipas 865c3589bd Refactor NodeCG runtime preparation and update handling 
- Updated paths and configurations in doctor.mjs and prepare-nodecg-runtime.mjs to use new build-config.mjs imports.
- Enhanced runtime installation checks and permissions validation.
- Introduced new update configuration management in update-config.ts, including loading and validating update settings.
- Implemented update service for managing update checks and downloads in update-service.ts.
- Replaced update-utils.ts with update-schema.ts for better structure and clarity in update handling.
- Added comprehensive tests for update download and settings management.
- Ensured secure handling of download URLs and improved error handling in update processes.
2026-05-24 23:20:59 +02:00

4.1 KiB
Raw Blame History

Phase 4 Summary

Scope

Executed only the filesystem, updater, and packaging/build-config cleanup requested for this phase.

Documentation used as source of truth:

  • docs/refactor/ARCHITECTURE_AUDIT.md
  • docs/refactor/ARCHITECTURE_RULES.md
  • docs/refactor/TARGET_ARCHITECTURE.md
  • docs/refactor/MIGRATION_PLAN.md
  • docs/refactor/SESSION_HANDOFF.md

Filesystem And Paths

  • Added pure path helpers in src/main/app/paths.ts for:
    • managed NodeCG runtime storage under Electron userData
    • default update config location
    • update download temp directory
    • safe child-path resolution that rejects traversal and absolute-path escape
  • Updated runtime provisioning to use the managed-runtime path helper instead of rebuilding that storage path locally.
  • Added tests for update storage paths and path traversal rejection.

Updater

  • Reorganized updater modules toward the target architecture:
    • src/main/updates/update-service.ts
    • src/main/updates/update-config.ts
    • src/main/updates/update-schema.ts
    • src/main/updates/update-download.ts
  • Removed the older updater module names:
    • update-manager.ts
    • update-settings.ts
    • update-utils.ts
  • Added runtime validation for remote Gitea release metadata before building update state.
  • Added URL policy handling so packaged builds reject insecure HTTP update URLs and installer downloads.
  • Kept local development able to use HTTP update endpoints explicitly through the dev policy.
  • Changed installer download behavior to:
    • validate URL protocol before fetch
    • sanitize installer file names
    • constrain output to the safe temp download directory
    • write to a staging file first
    • finalize with atomic rename
    • clean staging files on failure
  • Kept dialogs and install handoff separate from schema parsing and download streaming.

Packaging And Build Config

  • Added scripts/build-config.mjs as the shared build-layout source for scripts.
  • Consolidated repeated script constants for:
    • Electron package root
    • parent Scoreko bundle root
    • packaged NodeCG runtime root
    • bundle name
    • generated bundle entries
    • prepared runtime entries
    • npm/electron cache locations
    • local binary path resolution
  • Updated packaging-related scripts to use the shared config:
    • scripts/build-scoreko-bundle.mjs
    • scripts/prepare-nodecg-runtime.mjs
    • scripts/rebuild-nodecg-native.mjs
    • scripts/doctor.mjs
  • Improved the missing parent-project error in build-scoreko-bundle.mjs so CI/local failures report the expected layout and missing markers.

Intentionally Not Changed

  • No UX changes.
  • No custom renderer.
  • No preload.
  • No IPC.
  • No Electron window behavior changes.
  • No NodeCG runtime model changes.
  • No user-owned runtime directory deletion changes.
  • No broad build framework introduced.
  • No any added.

Verification

Commands run successfully:

npm.cmd run typecheck
npm.cmd test
npm.cmd run lint
npm.cmd run doctor

Current test result:

65 tests passing

Packaging verification:

npm.cmd run pack

Result:

  • Passed with escalated filesystem permission, generating release/win-unpacked.
  • A later non-escalated rerun was blocked by the sandbox while writing generated bundle output in the parent Scoreko project (shared/dist). That rerun failed before packaging because of sandbox filesystem permissions, not because of a build error.
  • A final escalated rerun could not be started because the approval system rejected the escalation. Typecheck, tests, lint, and doctor were run successfully around the packaging verification.

Sanity searches:

rg -n "\bany\b|update-manager|update-settings|update-utils|ActualizaciÃ|estÃ|versiÃ|nodeIntegration:\s*true|webSecurity:\s*false|ipcMain|ipcRenderer|contextBridge|preload" src scripts docs/refactor

Result:

  • No any was introduced in production or test source.
  • No legacy updater module references remain in src.
  • No touched Spanish update text is mojibaked.
  • No production IPC or preload surface exists.
  • No unsafe Electron window settings were introduced.
  • Remaining IPC/preload matches are documentation and the regression test that guards the zero-surface policy.
Reference in New Issue View Git Blame Copy Permalink