From 3b7acf7a61ee424e59a00753d89b1066c1685c2d Mon Sep 17 00:00:00 2001 From: jrhender Date: Mon, 16 Sep 2024 20:24:20 -0400 Subject: [PATCH 1/2] chore: move pnpm config to separate file Needed for rush-pnpm patch-commit to work Signed-off-by: jrhender --- common/config/rush/pnpm-config.json | 77 +++++++++++++++++++++++++++++ rush.json | 77 ----------------------------- 2 files changed, 77 insertions(+), 77 deletions(-) create mode 100644 common/config/rush/pnpm-config.json diff --git a/common/config/rush/pnpm-config.json b/common/config/rush/pnpm-config.json new file mode 100644 index 00000000..57fd6484 --- /dev/null +++ b/common/config/rush/pnpm-config.json @@ -0,0 +1,77 @@ +{ + /** + * Specifies the location of the PNPM store. There are two possible values: + * + * - "local" - use the "pnpm-store" folder in the current configured temp folder: + * "common/temp/pnpm-store" by default. + * - "global" - use PNPM's global store, which has the benefit of being shared + * across multiple repo folders, but the disadvantage of less isolation for builds + * (e.g. bugs or incompatibilities when two repos use different releases of PNPM) + * + * RUSH_PNPM_STORE_PATH will override the directory that will be used as the store + * + * In all cases, the store path will be overridden by the environment variable RUSH_PNPM_STORE_PATH. + * + * The default value is "local". + */ + // "pnpmStore": "local", + /** + * If true, then Rush will add the "--strict-peer-dependencies" option when invoking PNPM. + * This causes "rush install" to fail if there are unsatisfied peer dependencies, which is + * an invalid state that can cause build failures or incompatible dependency versions. + * (For historical reasons, JavaScript package managers generally do not treat this invalid + * state as an error.) + * + * The default value is false to avoid legacy compatibility issues. + * It is strongly recommended to set strictPeerDependencies=true. + */ + // "strictPeerDependencies": true, + /** + * Configures the strategy used to select versions during installation. + * + * This feature requires PNPM version 3.1 or newer. It corresponds to the "--resolution-strategy" command-line + * option for PNPM. Possible values are "fast" and "fewer-dependencies". PNPM's default is "fast", but this may + * be incompatible with certain packages, for example the "@types" packages from DefinitelyTyped. Rush's default + * is "fewer-dependencies", which causes PNPM to avoid installing a newer version if an already installed version + * can be reused; this is more similar to NPM's algorithm. + * + * After modifying this field, it's recommended to run "rush update --full" so that the package manager + * will recalculate all version selections. + */ + // "resolutionStrategy": "fast", + /** + * If true, then `rush install` will report an error if manual modifications + * were made to the PNPM shrinkwrap file without running "rush update" afterwards. + * + * This feature protects against accidental inconsistencies that may be introduced + * if the PNPM shrinkwrap file ("pnpm-lock.yaml") is manually edited. When this + * feature is enabled, "rush update" will append a hash to the file as a YAML comment, + * and then "rush update" and "rush install" will validate the hash. Note that this does not prohibit + * manual modifications, but merely requires "rush update" be run + * afterwards, ensuring that PNPM can report or repair any potential inconsistencies. + * + * To temporarily disable this validation when invoking "rush install", use the + * "--bypass-policy" command-line parameter. + * + * The default value is false. + */ + // "preventManualShrinkwrapChanges": true, + /** + * If true, then `rush install` will use the PNPM workspaces feature to perform the + * install. + * + * This feature uses PNPM to perform the entire monorepo install. When using workspaces, Rush will + * generate a "pnpm-workspace.yaml" file referencing all local projects to install. Rush will + * also generate a "pnpmfile.js" which is used to provide preferred versions support. When install + * is run, this pnpmfile will be used to replace dependency version ranges with a smaller subset + * of the original range. If the preferred version is not fully a subset of the original version + * range, it will be left as-is. After this, the pnpmfile.js provided in the repository (if one + * exists) will be called to further modify package dependencies. + * + * This option is experimental. The default value is false. + */ + "useWorkspaces": true, + "globalPatchedDependencies": { + "@credo-ts/core@0.5.10": "patches/@credo-ts__core@0.5.10.patch" + } +} diff --git a/rush.json b/rush.json index 8c7fe760..1806bd90 100644 --- a/rush.json +++ b/rush.json @@ -28,83 +28,6 @@ // "npmVersion": "6.14.15", // "yarnVersion": "1.9.4", - /** - * Options that are only used when the PNPM package manager is selected - */ - "pnpmOptions": { - /** - * Specifies the location of the PNPM store. There are two possible values: - * - * - "local" - use the "pnpm-store" folder in the current configured temp folder: - * "common/temp/pnpm-store" by default. - * - "global" - use PNPM's global store, which has the benefit of being shared - * across multiple repo folders, but the disadvantage of less isolation for builds - * (e.g. bugs or incompatibilities when two repos use different releases of PNPM) - * - * RUSH_PNPM_STORE_PATH will override the directory that will be used as the store - * - * In all cases, the store path will be overridden by the environment variable RUSH_PNPM_STORE_PATH. - * - * The default value is "local". - */ - // "pnpmStore": "local", - /** - * If true, then Rush will add the "--strict-peer-dependencies" option when invoking PNPM. - * This causes "rush install" to fail if there are unsatisfied peer dependencies, which is - * an invalid state that can cause build failures or incompatible dependency versions. - * (For historical reasons, JavaScript package managers generally do not treat this invalid - * state as an error.) - * - * The default value is false to avoid legacy compatibility issues. - * It is strongly recommended to set strictPeerDependencies=true. - */ - // "strictPeerDependencies": true, - /** - * Configures the strategy used to select versions during installation. - * - * This feature requires PNPM version 3.1 or newer. It corresponds to the "--resolution-strategy" command-line - * option for PNPM. Possible values are "fast" and "fewer-dependencies". PNPM's default is "fast", but this may - * be incompatible with certain packages, for example the "@types" packages from DefinitelyTyped. Rush's default - * is "fewer-dependencies", which causes PNPM to avoid installing a newer version if an already installed version - * can be reused; this is more similar to NPM's algorithm. - * - * After modifying this field, it's recommended to run "rush update --full" so that the package manager - * will recalculate all version selections. - */ - // "resolutionStrategy": "fast", - /** - * If true, then `rush install` will report an error if manual modifications - * were made to the PNPM shrinkwrap file without running "rush update" afterwards. - * - * This feature protects against accidental inconsistencies that may be introduced - * if the PNPM shrinkwrap file ("pnpm-lock.yaml") is manually edited. When this - * feature is enabled, "rush update" will append a hash to the file as a YAML comment, - * and then "rush update" and "rush install" will validate the hash. Note that this does not prohibit - * manual modifications, but merely requires "rush update" be run - * afterwards, ensuring that PNPM can report or repair any potential inconsistencies. - * - * To temporarily disable this validation when invoking "rush install", use the - * "--bypass-policy" command-line parameter. - * - * The default value is false. - */ - // "preventManualShrinkwrapChanges": true, - /** - * If true, then `rush install` will use the PNPM workspaces feature to perform the - * install. - * - * This feature uses PNPM to perform the entire monorepo install. When using workspaces, Rush will - * generate a "pnpm-workspace.yaml" file referencing all local projects to install. Rush will - * also generate a "pnpmfile.js" which is used to provide preferred versions support. When install - * is run, this pnpmfile will be used to replace dependency version ranges with a smaller subset - * of the original range. If the preferred version is not fully a subset of the original version - * range, it will be left as-is. After this, the pnpmfile.js provided in the repository (if one - * exists) will be called to further modify package dependencies. - * - * This option is experimental. The default value is false. - */ - "useWorkspaces": true - }, /** * Older releases of the Node.js engine may be missing features required by your system. * Other releases may have bugs. In particular, the "latest" version will not be a From dd3d364713573680e3090b6aa69cd38e47215353 Mon Sep 17 00:00:00 2001 From: jrhender Date: Mon, 16 Sep 2024 20:36:38 -0400 Subject: [PATCH 2/2] fix: temporary patch of credo for didAuth presentations Ideally, a permanent upstream fix can be made in Credo. Signed-off-by: jrhender --- common/config/rush/pnpm-lock.yaml | 16 +++++++++++----- common/pnpm-patches/@credo-ts__core@0.5.10.patch | 13 +++++++++++++ 2 files changed, 24 insertions(+), 5 deletions(-) create mode 100644 common/pnpm-patches/@credo-ts__core@0.5.10.patch diff --git a/common/config/rush/pnpm-lock.yaml b/common/config/rush/pnpm-lock.yaml index ff276b86..987e1a6a 100644 --- a/common/config/rush/pnpm-lock.yaml +++ b/common/config/rush/pnpm-lock.yaml @@ -4,6 +4,11 @@ settings: autoInstallPeers: true excludeLinksFromLockfile: false +patchedDependencies: + '@credo-ts/core@0.5.10': + hash: vxhh4qvntk5wpgrlz27ksgqauu + path: patches/@credo-ts__core@0.5.10.patch + importers: .: {} @@ -15,7 +20,7 @@ importers: version: 0.5.10(@hyperledger/aries-askar-shared@0.2.3)(expo@51.0.30)(react-native@0.75.2) '@credo-ts/core': specifier: ^0.5.3 - version: 0.5.10(expo@51.0.30)(react-native@0.75.2) + version: 0.5.10(patch_hash=vxhh4qvntk5wpgrlz27ksgqauu)(expo@51.0.30)(react-native@0.75.2) '@credo-ts/node': specifier: ^0.5.3 version: 0.5.10(expo@51.0.30)(react-native@0.75.2) @@ -184,7 +189,7 @@ importers: version: 0.5.10(@hyperledger/aries-askar-shared@0.2.3)(expo@51.0.30)(react-native@0.75.2) '@credo-ts/core': specifier: ^0.5.3 - version: 0.5.10(expo@51.0.30)(react-native@0.75.2) + version: 0.5.10(patch_hash=vxhh4qvntk5wpgrlz27ksgqauu)(expo@51.0.30)(react-native@0.75.2) '@credo-ts/node': specifier: ^0.5.3 version: 0.5.10(expo@51.0.30)(react-native@0.75.2) @@ -2153,7 +2158,7 @@ packages: '@animo-id/expo-secure-environment': optional: true dependencies: - '@credo-ts/core': 0.5.10(expo@51.0.30)(react-native@0.75.2) + '@credo-ts/core': 0.5.10(patch_hash=vxhh4qvntk5wpgrlz27ksgqauu)(expo@51.0.30)(react-native@0.75.2) '@hyperledger/aries-askar-shared': 0.2.3 bn.js: 5.2.1 class-transformer: 0.5.1 @@ -2169,7 +2174,7 @@ packages: - web-streams-polyfill dev: false - /@credo-ts/core@0.5.10(expo@51.0.30)(react-native@0.75.2): + /@credo-ts/core@0.5.10(patch_hash=vxhh4qvntk5wpgrlz27ksgqauu)(expo@51.0.30)(react-native@0.75.2): resolution: {integrity: sha512-Y9AysZqiLURxJpu4SO8/rZ6wZ3mSZjvn0WorFLUREMcySCX/z+flYIOSkdE5YALvBy6luzqcEFB01qkpgfH6hw==} dependencies: '@digitalcredentials/jsonld': 6.0.0(expo@51.0.30)(react-native@0.75.2) @@ -2220,13 +2225,14 @@ packages: - supports-color - web-streams-polyfill dev: false + patched: true /@credo-ts/node@0.5.10(expo@51.0.30)(react-native@0.75.2): resolution: {integrity: sha512-x82G3vXVZ2tOVWVAw1Gc/jzNgeH2LrtLJ8qn251IpcELQraVaZHfUqFE3avlW0RSs8I/VhtNaJlOMj1x6zfsHg==} dependencies: '@2060.io/ffi-napi': 4.0.9 '@2060.io/ref-napi': 3.0.6 - '@credo-ts/core': 0.5.10(expo@51.0.30)(react-native@0.75.2) + '@credo-ts/core': 0.5.10(patch_hash=vxhh4qvntk5wpgrlz27ksgqauu)(expo@51.0.30)(react-native@0.75.2) '@types/express': 4.17.21 express: 4.19.2 ws: 8.18.0 diff --git a/common/pnpm-patches/@credo-ts__core@0.5.10.patch b/common/pnpm-patches/@credo-ts__core@0.5.10.patch new file mode 100644 index 00000000..04f49888 --- /dev/null +++ b/common/pnpm-patches/@credo-ts__core@0.5.10.patch @@ -0,0 +1,13 @@ +diff --git a/build/modules/vc/data-integrity/W3cJsonLdCredentialService.js b/build/modules/vc/data-integrity/W3cJsonLdCredentialService.js +index c833d0108e8852127afac1c87cffca0aba1268dc..e3391b11fd9b7b7fe85b027eb68ea110e4324499 100644 +--- a/build/modules/vc/data-integrity/W3cJsonLdCredentialService.js ++++ b/build/modules/vc/data-integrity/W3cJsonLdCredentialService.js +@@ -179,7 +179,7 @@ let W3cJsonLdCredentialService = class W3cJsonLdCredentialService { + domain: options.domain, + documentLoader: this.w3cCredentialsModuleConfig.documentLoader(agentContext), + }); +- return utils_1.JsonTransformer.fromJSON(result, W3cJsonLdVerifiablePresentation_1.W3cJsonLdVerifiablePresentation); ++ return utils_1.JsonTransformer.fromJSON(result, W3cJsonLdVerifiablePresentation_1.W3cJsonLdVerifiablePresentation, { validate: !(result.verifiableCredential === undefined) }); + } + /** + * Verifies a presentation including the credentials it includes