Merge remote-tracking branch 'origin/main' into feat/random-phrase-auth

.github/release-please-config.json

@@ -4,6 +4,8 @@
     "packages/access-client": {},
     "packages/access-api": {},
     "packages/capabilities": {},
-    "packages/upload-client": {}
+    "packages/upload-api": {},
+    "packages/upload-client": {},
+    "packages/w3up-client": {}
   }
 }

.github/release-please-manifest.json

@@ -1,6 +1,8 @@
 {
-  "packages/access-client": "9.4.0",
-  "packages/access-api": "4.11.0",
-  "packages/capabilities": "2.3.0",
-  "packages/upload-client": "6.0.0"
+  "packages/access-client": "11.0.1",
+  "packages/access-api": "5.2.1",
+  "packages/capabilities": "4.0.1",
+  "packages/upload-api": "2.0.0",
+  "packages/upload-client": "8.1.0",
+  "packages/w3up-client": "5.4.0"
 }

.github/workflows/access-api.yml

@@ -41,11 +41,3 @@ jobs:
       environment: staging
       environment_url: https://w3access-staging.protocol-labs.workers.dev
     secrets: inherit
-  deploy-dev:
-    needs: test
-    if: github.event_name == 'pull_request' && !contains(github.head_ref, 'release-please--branches')
-    uses: './.github/workflows/reusable-deploy-api.yml'
-    with:
-      environment: dev
-      environment_url: https://w3access-dev.protocol-labs.workers.dev
-    secrets: inherit

.github/workflows/release.yml

@@ -34,7 +34,9 @@ jobs:
     if: |
       contains(fromJson(needs.release.outputs.paths_released), 'packages/access-client') ||
       contains(fromJson(needs.release.outputs.paths_released), 'packages/capabilities') ||
-      contains(fromJson(needs.release.outputs.paths_released), 'packages/upload-client')
+      contains(fromJson(needs.release.outputs.paths_released), 'packages/upload-client') ||
+      contains(fromJson(needs.release.outputs.paths_released), 'packages/upload-api') ||
+      contains(fromJson(needs.release.outputs.paths_released), 'packages/w3up-client')
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3
@@ -48,7 +50,7 @@ jobs:
           cache: 'pnpm'
       - run: pnpm install
       - run: pnpm run build
-      - run: pnpm -r publish
+      - run: pnpm -r publish --access=public
         env:
           NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}
   docs:

.github/workflows/reusable-deploy-api.yml

@@ -24,6 +24,8 @@ on:
         required: true
       LOGTAIL_TOKEN:
         required: true
+      UCAN_LOG_BASIC_AUTH:
+        required: true
 
 jobs:
   deploy-api:
@@ -58,10 +60,12 @@ jobs:
             PRIVATE_KEY
             SENTRY_DSN
             LOGTAIL_TOKEN
+            UCAN_LOG_BASIC_AUTH
         env:
           POSTMARK_TOKEN: ${{ secrets.POSTMARK_TOKEN }}
           PRIVATE_KEY: ${{ secrets.PRIVATE_KEY }}
           SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
           SENTRY_UPLOAD: ${{ secrets.SENTRY_UPLOAD }}
           SENTRY_TOKEN: ${{ secrets.SENTRY_TOKEN }}
           LOGTAIL_TOKEN: ${{ secrets.LOGTAIL_TOKEN }}
+          UCAN_LOG_BASIC_AUTH: ${{ secrets.UCAN_LOG_BASIC_AUTH }}

.github/workflows/upload-api.yml

@@ -0,0 +1,76 @@
+name: Upload API
+env:
+  CI: true
+  FORCE_COLOR: 1
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - main
+    paths:
+      - 'packages/upload-api/**'
+      - '.github/workflows/upload-api.yml'
+      - 'pnpm-lock.yaml'
+      - '.env.tpl'
+  pull_request:
+    paths:
+      - 'packages/upload-api/**'
+      - '.github/workflows/upload-api.yml'
+      - 'pnpm-lock.yaml'
+      - '.env.tpl'
+jobs:
+  check:
+    name: Typecheck
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Install
+        uses: pnpm/[email protected]
+        with:
+          version: 7
+
+      - name: Setup
+        uses: actions/setup-node@v3
+        with:
+          node-version: 16
+          registry-url: https://registry.npmjs.org/
+          cache: 'pnpm'
+
+      - name: Prepare
+        run: pnpm install
+
+      - name: Check
+        uses: gozala/[email protected]
+        with:
+          project: packages/upload-api/tsconfig.json
+  test:
+    name: Test
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Install
+        uses: pnpm/[email protected]
+        with:
+          version: 7
+
+      - name: Setup
+        uses: actions/setup-node@v3
+        with:
+          node-version: 16
+          registry-url: https://registry.npmjs.org/
+          cache: 'pnpm'
+
+      - name: Build
+        run: |
+          pnpm install
+          pnpm run --if-present build
+
+      - name: Test
+        run: pnpm -r --filter @web3-storage/upload-api run test
+
+      - name: Dependency check
+        run: pnpm -r --filter @web3-storage/upload-api exec depcheck

.github/workflows/w3up-client.yml

@@ -0,0 +1,38 @@
+name: w3up-client
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - 'packages/w3up-client/**'
+      - '.github/workflows/w3up-client.yml'
+      - 'pnpm-lock.yaml'
+  pull_request:
+    paths:
+      - 'packages/w3up-client/**'
+      - '.github/workflows/w3up-client.yml'
+      - 'pnpm-lock.yaml'
+jobs:
+  test:
+    name: Test
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        working-directory: ./packages/w3up-client
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+      - name: Install
+        uses: pnpm/[email protected]
+        with:
+          version: 7
+      - name: Setup
+        uses: actions/setup-node@v3
+        with:
+          node-version: 18
+          registry-url: https://registry.npmjs.org/
+          cache: 'pnpm'
+      - run: pnpm --filter '@web3-storage/w3up-client...' install
+      - uses: ./packages/w3up-client/.github/actions/test
+        with:
+          w3up-client-dir: ./packages/w3up-client/

package.json

@@ -17,21 +17,12 @@
     "docs:markdown": "pnpm run build && docusaurus generate-typedoc"
   },
   "devDependencies": {
-    "@docusaurus/core": "^2.2.0",
+    "@docusaurus/core": "^2.3.1",
     "docusaurus-plugin-typedoc": "^0.18.0",
-    "lint-staged": "^13.1.0",
+    "lint-staged": "^13.2.0",
     "prettier": "2.8.3",
-    "simple-git-hooks": "^2.8.1",
     "typedoc-plugin-markdown": "^3.14.0",
-    "typescript": "4.9.5",
-    "wrangler": "^2.8.0"
-  },
-  "simple-git-hooks": {
-    "pre-commit": "npx lint-staged"
-  },
-  "lint-staged": {
-    "*.{js,ts,yml,json}": "prettier --write",
-    "*.js": "eslint --fix"
+    "typescript": "4.9.5"
   },
   "prettier": {
     "trailingComma": "es5",
@@ -44,7 +35,7 @@
   },
   "dependencies": {
     "depcheck": "^1.4.3",
-    "typedoc": "^0.23.22",
+    "typedoc": "^0.23.28",
     "typedoc-plugin-missing-exports": "^1.0.0"
   },
   "packageManager": "[email protected]",

packages/access-api/CHANGELOG.md

@@ -1,5 +1,137 @@
 # Changelog
 
+## [5.2.1](https://github.com/web3-storage/w3protocol/compare/access-api-v5.2.0...access-api-v5.2.1) (2023-03-24)
+
+
+### Bug Fixes
+
+* center email validation layout ([#645](https://github.com/web3-storage/w3protocol/issues/645)) ([82a665c](https://github.com/web3-storage/w3protocol/commit/82a665cf34f36918e06e147778a4690ca2a8dbea))
+* release changes to email validation confirmation page ([#643](https://github.com/web3-storage/w3protocol/issues/643)) ([b2de5c6](https://github.com/web3-storage/w3protocol/commit/b2de5c62ad224eacc94dd018c73bd34b8e5c142a))
+
+## [5.2.0](https://github.com/web3-storage/w3protocol/compare/access-api-v5.1.5...access-api-v5.2.0) (2023-03-24)
+
+
+### Features
+
+* update access confirmation email ([#636](https://github.com/web3-storage/w3protocol/issues/636)) ([15c9503](https://github.com/web3-storage/w3protocol/commit/15c95030f46507affd7e68b7ef6b7449ba6e3ac8))
+
+
+### Bug Fixes
+
+* image color, typos in access email confirmation ([#638](https://github.com/web3-storage/w3protocol/issues/638)) ([539cb33](https://github.com/web3-storage/w3protocol/commit/539cb331ab9b66f8e2703f9ef8518518a7bcb299))
+
+## [5.1.5](https://github.com/web3-storage/w3protocol/compare/access-api-v5.1.4...access-api-v5.1.5) (2023-03-23)
+
+
+### Bug Fixes
+
+* do not include token in an error message ([#634](https://github.com/web3-storage/w3protocol/issues/634)) ([8043976](https://github.com/web3-storage/w3protocol/commit/8043976213fa1da252a31c4000876a22bcae3651))
+
+## [5.1.4](https://github.com/web3-storage/w3protocol/compare/access-api-v5.1.3...access-api-v5.1.4) (2023-03-23)
+
+
+### Bug Fixes
+
+* access-api utils/context no longer throws in staging and prod if UCAN configs are falsy ([#630](https://github.com/web3-storage/w3protocol/issues/630)) ([f7d1df3](https://github.com/web3-storage/w3protocol/commit/f7d1df3d6389d31ce245039b0663615956b24f85))
+* adjust how access-api uses config to build a ucanLog ([#627](https://github.com/web3-storage/w3protocol/issues/627)) ([30f6f77](https://github.com/web3-storage/w3protocol/commit/30f6f770fbabf60d2ab1b85dc985f057d3dbdbd7))
+* bug with how loadConfig reads UCAN_LOG_BASIC_AUTH ([#629](https://github.com/web3-storage/w3protocol/issues/629)) ([1580953](https://github.com/web3-storage/w3protocol/commit/15809534e839c5f89613aa1437b453b9976fd536))
+
+## [5.1.3](https://github.com/web3-storage/w3protocol/compare/access-api-v5.1.2...access-api-v5.1.3) (2023-03-23)
+
+
+### Bug Fixes
+
+* rm access/claim disabling in prod ([#624](https://github.com/web3-storage/w3protocol/issues/624)) ([5bfb7c9](https://github.com/web3-storage/w3protocol/commit/5bfb7c9aa9e2b9cd8a866e9d13f11bb941a1f521))
+
+## [5.1.2](https://github.com/web3-storage/w3protocol/compare/access-api-v5.1.1...access-api-v5.1.2) (2023-03-23)
+
+
+### Bug Fixes
+
+* ucan log connect only when url and token ([#607](https://github.com/web3-storage/w3protocol/issues/607)) ([5eef6cc](https://github.com/web3-storage/w3protocol/commit/5eef6ccb60ab46a7c2888c10d8f03420d7c81623))
+
+## [5.1.1](https://github.com/web3-storage/w3protocol/compare/access-api-v5.1.0...access-api-v5.1.1) (2023-03-23)
+
+
+### Bug Fixes
+
+* ucan log route needs path ([#618](https://github.com/web3-storage/w3protocol/issues/618)) ([789554b](https://github.com/web3-storage/w3protocol/commit/789554b31a37d85c0678670d9861a35cf4a186c9))
+
+## [5.1.0](https://github.com/web3-storage/w3protocol/compare/access-api-v5.0.0...access-api-v5.1.0) (2023-03-23)
+
+
+### Features
+
+* remove checks that disable some access/ functionality in prod ([#609](https://github.com/web3-storage/w3protocol/issues/609)) ([b970942](https://github.com/web3-storage/w3protocol/commit/b97094287301e83222f71508d6c0e3176357742f))
+
+
+### Bug Fixes
+
+* release please config ([#615](https://github.com/web3-storage/w3protocol/issues/615)) ([50eec61](https://github.com/web3-storage/w3protocol/commit/50eec61d95ed430761f8eb3f99323a2dfc504e8a))
+* set env for ucan log url ([#611](https://github.com/web3-storage/w3protocol/issues/611)) ([529aa55](https://github.com/web3-storage/w3protocol/commit/529aa558e72af751936127f13a7e5be20fb9ad17))
+
+## [5.0.0](https://github.com/web3-storage/w3protocol/compare/access-api-v5.0.0...access-api-v5.0.0) (2023-03-23)
+
+
+### Features
+
+* remove checks that disable some access/ functionality in prod ([#609](https://github.com/web3-storage/w3protocol/issues/609)) ([b970942](https://github.com/web3-storage/w3protocol/commit/b97094287301e83222f71508d6c0e3176357742f))
+
+
+### Bug Fixes
+
+* set env for ucan log url ([#611](https://github.com/web3-storage/w3protocol/issues/611)) ([529aa55](https://github.com/web3-storage/w3protocol/commit/529aa558e72af751936127f13a7e5be20fb9ad17))
+
+## [5.0.0](https://github.com/web3-storage/w3protocol/compare/access-api-v5.0.0...access-api-v5.0.0) (2023-03-23)
+
+
+### Features
+
+* remove checks that disable some access/ functionality in prod ([#609](https://github.com/web3-storage/w3protocol/issues/609)) ([b970942](https://github.com/web3-storage/w3protocol/commit/b97094287301e83222f71508d6c0e3176357742f))
+
+## [5.0.0](https://github.com/web3-storage/w3protocol/compare/access-api-v4.11.0...access-api-v5.0.0) (2023-03-23)
+
+
+### ⚠ BREAKING CHANGES
+
+* implement new account-based multi-device flow ([#433](https://github.com/web3-storage/w3protocol/issues/433))
+* upgrade capabilities to latest ucanto ([#463](https://github.com/web3-storage/w3protocol/issues/463))
+
+### Features
+
+* access-api handles provider/add invocations ([#462](https://github.com/web3-storage/w3protocol/issues/462)) ([5fb56f7](https://github.com/web3-storage/w3protocol/commit/5fb56f794529f3d4de2b4597c47503002767fabb))
+* access-api serves access/claim invocations ([#456](https://github.com/web3-storage/w3protocol/issues/456)) ([baacf35](https://github.com/web3-storage/w3protocol/commit/baacf3553ce8de0ca75e0815da849cca65ec880a))
+* access/authorize confirmation email click results in a delegation back to the issuer did:key so that access/claim works ([#460](https://github.com/web3-storage/w3protocol/issues/460)) ([a466a7d](https://github.com/web3-storage/w3protocol/commit/a466a7de4e5b3d9c727307dd781f5e5c9b7cdf0a))
+* allow multiple providers ([#595](https://github.com/web3-storage/w3protocol/issues/595)) ([96c5a2e](https://github.com/web3-storage/w3protocol/commit/96c5a2e5a03432d8483d044ae10f6f3e03c2710c))
+* define `access/confirm` handler and use it in ucanto-test-utils registerSpaces + validate-email handler ([#530](https://github.com/web3-storage/w3protocol/issues/530)) ([b1bbc90](https://github.com/web3-storage/w3protocol/commit/b1bbc907c96cfc7788f50fb0c154d9b54894e03e))
+* handle access/delegate invocations without error ([#427](https://github.com/web3-storage/w3protocol/issues/427)) ([4f0bd1c](https://github.com/web3-storage/w3protocol/commit/4f0bd1c1cd3cfb1c848892ad418c6d7b2197045a))
+* if POST /validate-email?mode=authorize catches error w/ too big qr code ([#516](https://github.com/web3-storage/w3protocol/issues/516)) ([d0df525](https://github.com/web3-storage/w3protocol/commit/d0df52554bf2d80a6be11da631ad41a5ce7675ca))
+* implement new account-based multi-device flow ([#433](https://github.com/web3-storage/w3protocol/issues/433)) ([1ddc6a0](https://github.com/web3-storage/w3protocol/commit/1ddc6a0c53f8cdb6837a315d8aaf567100dfb8d7))
+* includes proofs chains in the delegated authorization chain ([#467](https://github.com/web3-storage/w3protocol/issues/467)) ([5144293](https://github.com/web3-storage/w3protocol/commit/5144293deabd9d5380448ae288e089ef2652def7))
+* move access-api delegation bytes out of d1 and into r2 ([#578](https://github.com/web3-storage/w3protocol/issues/578)) ([4510c9a](https://github.com/web3-storage/w3protocol/commit/4510c9a8c4389ca975d66f5c9592bce326bbc1c7))
+* move validation flow to a Durable Object to make it ⏩ fast ⏩ fast ⏩ fast ⏩  ([#449](https://github.com/web3-storage/w3protocol/issues/449)) ([02d7552](https://github.com/web3-storage/w3protocol/commit/02d75522b1ed794d267880e5f8a4fc3964066992))
+* provision provider type is now the DID of the w3s service ([#528](https://github.com/web3-storage/w3protocol/issues/528)) ([6a72855](https://github.com/web3-storage/w3protocol/commit/6a72855db4d6e838e9948f3951fdb5ef324eec95))
+* space/info will not error for spaces that have had storage provider added via provider/add ([#510](https://github.com/web3-storage/w3protocol/issues/510)) ([ea4e872](https://github.com/web3-storage/w3protocol/commit/ea4e872475c74165b08016c210e65b4062a2ffb6))
+* upgrade capabilities to latest ucanto ([#463](https://github.com/web3-storage/w3protocol/issues/463)) ([2d786ee](https://github.com/web3-storage/w3protocol/commit/2d786ee81a6eb72c4782548ad3e3796fe3947fa5))
+* upgrade to new ucanto ([#498](https://github.com/web3-storage/w3protocol/issues/498)) ([dcb41a9](https://github.com/web3-storage/w3protocol/commit/dcb41a9981c2b6bebbdbd29debcad9f510383680))
+* write invocations and receipts into ucan log ([#592](https://github.com/web3-storage/w3protocol/issues/592)) ([754bf52](https://github.com/web3-storage/w3protocol/commit/754bf522530c183807e10baca12574f2f1f058f6))
+
+
+### Bug Fixes
+
+* access/delegate checks hasStorageProvider(space) in a way that provider/add allows access/delegate ([#483](https://github.com/web3-storage/w3protocol/issues/483)) ([f4c640d](https://github.com/web3-storage/w3protocol/commit/f4c640d4127d511fb55a9160f22e1c9042b35994))
+* adjust migration 0005 to keep delegations table but create new used delegations_v2 ([#469](https://github.com/web3-storage/w3protocol/issues/469)) ([a205ad1](https://github.com/web3-storage/w3protocol/commit/a205ad13f425675e8aac2ec4f06294d0134c8112))
+* adjust migration 0005 to not do a drop table and instead rename delegations -> delegations_old and create a new delegations ([#468](https://github.com/web3-storage/w3protocol/issues/468)) ([6c8242d](https://github.com/web3-storage/w3protocol/commit/6c8242db6708fa7129f51ad22e1b64d244a2c9fe))
+* allow injecting email ([#466](https://github.com/web3-storage/w3protocol/issues/466)) ([e19847f](https://github.com/web3-storage/w3protocol/commit/e19847fef804fed33f709ec8b78640fff21ca01e))
+* DbDelegationsStorage#find throws UnexpectedDelegation w/ { row } if failed bytesToDelegations ([#476](https://github.com/web3-storage/w3protocol/issues/476)) ([a6dafcb](https://github.com/web3-storage/w3protocol/commit/a6dafcb0c44b20fa87bbe81d7a982fb13387084e))
+* DbProvisionsStorage putMany doesnt error on cid col conflict ([#517](https://github.com/web3-storage/w3protocol/issues/517)) ([c1fea63](https://github.com/web3-storage/w3protocol/commit/c1fea63bd2e60326d8587079a8bbc810db8c741f))
+* delegations model tries to handle if row.bytes is Array not Buffer (e.g. cloudflare) ([#478](https://github.com/web3-storage/w3protocol/issues/478)) ([030e7b7](https://github.com/web3-storage/w3protocol/commit/030e7b7fe7b712d0e828ba2a1777d8f4e0a11eb5))
+
+
+### Miscellaneous Chores
+
+* **access-client:** release 11.0.0-rc.0 ([#573](https://github.com/web3-storage/w3protocol/issues/573)) ([be4386d](https://github.com/web3-storage/w3protocol/commit/be4386d66ceea393f289adb3c79273c250542807))
+
 ## [4.11.0](https://github.com/web3-storage/w3protocol/compare/access-api-v4.10.0...access-api-v4.11.0) (2023-02-21)
 
 

packages/access-api/migrations/0005_drop_delegations_audience_to_accounts_did_fk.sql

@@ -5,14 +5,11 @@ goal: remove the foreign key constraint on delegations.audience -> accounts.did.
 We want to be able to store delegations whose audience is not an account did.
 
 sqlite doesn't support `alter table drop constraint`.
-So here we will:
-* create delegations_new table without the constraint
-* insert all from delegations -> delegations_new
-* rename delegations_new -> delegations
+AND cloudflare d1 doesn't support `DROP TABLE`
 */
 
 CREATE TABLE
-    IF NOT EXISTS delegations_new (
+    IF NOT EXISTS delegations_v2 (
         cid TEXT NOT NULL PRIMARY KEY,
         bytes BLOB NOT NULL,
         audience TEXT NOT NULL,
@@ -23,8 +20,5 @@ CREATE TABLE
         UNIQUE (cid)
     );
 
-INSERT INTO delegations_new (cid, bytes, audience, issuer, expiration, inserted_at, updated_at)
+INSERT INTO delegations_v2 (cid, bytes, audience, issuer, expiration, inserted_at, updated_at)
 SELECT cid, bytes, audience, issuer, expiration, inserted_at, updated_at FROM delegations;
-
-DROP TABLE delegations;
-ALTER TABLE delegations_new RENAME TO delegations;