vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-06 10:30:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(plugin-sdk): sort safe root alias subpaths

Browse Source
This commit is contained in:
Vincent Koc
2026-04-14 17:49:33 +01:00
parent e31dfa9897
commit 16851e2d55
2 changed files with 34 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/plugin-sdk/root-alias.cjs
View File

@@ -113,7 +113,9 @@ function listPluginSdkExportedSubpaths() {
const packageJson = JSON.parse(fs.readFileSync(packageJsonPath, "utf8"));
subpaths = Object.keys(packageJson.exports ?? {})
.filter((key) => key.startsWith("./plugin-sdk/"))
.map((key) => key.slice("./plugin-sdk/".length));
.map((key) => key.slice("./plugin-sdk/".length))
.filter((subpath) => /^[A-Za-z0-9][A-Za-z0-9_-]*$/.test(subpath))
.toSorted();
} catch {
subpaths = [];
}

31
src/plugins/contracts/plugin-sdk-root-alias.test.ts
View File

@@ -26,6 +26,7 @@ function loadRootAliasWithStubs(options?: {
env?: Record<string, string | undefined>;
monolithicExports?: Record<string | symbol, unknown>;
aliasPath?: string;
packageExports?: Record<string, unknown>;
platform?: string;
}) {
let createJitiCalls = 0;
@@ -63,6 +64,7 @@ function loadRootAliasWithStubs(options?: {
JSON.stringify({
exports: {
"./plugin-sdk/group-access": { default: "./dist/plugin-sdk/group-access.js" },
...options?.packageExports,
},
}),
existsSync: (targetPath: string) => {
@@ -274,6 +276,35 @@ describe("plugin-sdk root alias", () => {
});
});
it("keeps bootstrap plugin-sdk aliases deterministic and ignores unsafe subpaths", () => {
const lazyModule = loadRootAliasWithStubs({
distExists: true,
packageExports: {
"./plugin-sdk/zeta": { default: "./dist/plugin-sdk/zeta.js" },
"./plugin-sdk/../escape": { default: "./dist/plugin-sdk/escape.js" },
"./plugin-sdk/alpha": { default: "./dist/plugin-sdk/alpha.js" },
},
monolithicExports: {
slowHelper: (): string => "loaded",
},
});
expect((lazyModule.moduleExports.slowHelper as () => string)()).toBe("loaded");
const aliasKeys = Object.keys(
(lazyModule.createJitiOptions.at(-1)?.alias ?? {}) as Record<string, string>,
);
expect(aliasKeys).toEqual([
"openclaw/plugin-sdk",
"@openclaw/plugin-sdk",
"openclaw/plugin-sdk/alpha",
"@openclaw/plugin-sdk/alpha",
"openclaw/plugin-sdk/group-access",
"@openclaw/plugin-sdk/group-access",
"openclaw/plugin-sdk/zeta",
"@openclaw/plugin-sdk/zeta",
]);
});
it("prefers hashed dist diagnostic events chunks before falling back to src", () => {
const packageRoot = createPackageRoot();
const distAliasPath = createDistAliasPath();