mirror of https://github.com/openclaw/openclaw.git
100 lines
2.7 KiB
TypeScript
100 lines
2.7 KiB
TypeScript
type InstallScanLogger = {
|
|
warn?: (message: string) => void;
|
|
};
|
|
|
|
export type InstallSafetyOverrides = {
|
|
dangerouslyForceUnsafeInstall?: boolean;
|
|
};
|
|
|
|
export type InstallSecurityScanResult = {
|
|
blocked?: {
|
|
code?: "security_scan_blocked" | "security_scan_failed";
|
|
reason: string;
|
|
};
|
|
};
|
|
|
|
export type PluginInstallRequestKind =
|
|
| "plugin-dir"
|
|
| "plugin-archive"
|
|
| "plugin-file"
|
|
| "plugin-npm";
|
|
|
|
export type SkillInstallSpecMetadata = {
|
|
id?: string;
|
|
kind: "brew" | "node" | "go" | "uv" | "download";
|
|
label?: string;
|
|
bins?: string[];
|
|
os?: string[];
|
|
formula?: string;
|
|
package?: string;
|
|
module?: string;
|
|
url?: string;
|
|
archive?: string;
|
|
extract?: boolean;
|
|
stripComponents?: number;
|
|
targetDir?: string;
|
|
};
|
|
|
|
async function loadInstallSecurityScanRuntime() {
|
|
return await import("./install-security-scan.runtime.js");
|
|
}
|
|
|
|
export async function scanBundleInstallSource(
|
|
params: InstallSafetyOverrides & {
|
|
logger: InstallScanLogger;
|
|
pluginId: string;
|
|
sourceDir: string;
|
|
requestKind?: PluginInstallRequestKind;
|
|
requestedSpecifier?: string;
|
|
mode?: "install" | "update";
|
|
version?: string;
|
|
},
|
|
): Promise<InstallSecurityScanResult | undefined> {
|
|
const { scanBundleInstallSourceRuntime } = await loadInstallSecurityScanRuntime();
|
|
return await scanBundleInstallSourceRuntime(params);
|
|
}
|
|
|
|
export async function scanPackageInstallSource(
|
|
params: InstallSafetyOverrides & {
|
|
extensions: string[];
|
|
logger: InstallScanLogger;
|
|
packageDir: string;
|
|
pluginId: string;
|
|
requestKind?: PluginInstallRequestKind;
|
|
requestedSpecifier?: string;
|
|
mode?: "install" | "update";
|
|
packageName?: string;
|
|
manifestId?: string;
|
|
version?: string;
|
|
},
|
|
): Promise<InstallSecurityScanResult | undefined> {
|
|
const { scanPackageInstallSourceRuntime } = await loadInstallSecurityScanRuntime();
|
|
return await scanPackageInstallSourceRuntime(params);
|
|
}
|
|
|
|
export async function scanFileInstallSource(
|
|
params: InstallSafetyOverrides & {
|
|
filePath: string;
|
|
logger: InstallScanLogger;
|
|
mode?: "install" | "update";
|
|
pluginId: string;
|
|
requestedSpecifier?: string;
|
|
},
|
|
): Promise<InstallSecurityScanResult | undefined> {
|
|
const { scanFileInstallSourceRuntime } = await loadInstallSecurityScanRuntime();
|
|
return await scanFileInstallSourceRuntime(params);
|
|
}
|
|
|
|
export async function scanSkillInstallSource(params: {
|
|
dangerouslyForceUnsafeInstall?: boolean;
|
|
installId: string;
|
|
installSpec?: SkillInstallSpecMetadata;
|
|
logger: InstallScanLogger;
|
|
origin: string;
|
|
skillName: string;
|
|
sourceDir: string;
|
|
}): Promise<InstallSecurityScanResult | undefined> {
|
|
const { scanSkillInstallSourceRuntime } = await loadInstallSecurityScanRuntime();
|
|
return await scanSkillInstallSourceRuntime(params);
|
|
}
|