From e715e7bce4049584b8b0ee9b6d76b5a959a66d25 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 15 Mar 2026 08:52:49 +0800 Subject: [PATCH 01/10] build(deps): bump flatted in the npm_and_yarn group across 1 directory (#413) Bumps the npm_and_yarn group with 1 update in the / directory: [flatted](https://github.com/WebReflection/flatted). Updates `flatted` from 3.3.3 to 3.4.1 - [Commits](https://github.com/WebReflection/flatted/compare/v3.3.3...v3.4.1) --- updated-dependencies: - dependency-name: flatted dependency-version: 3.4.1 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- pnpm-lock.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 2f5f55f..80c9e6d 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -1751,8 +1751,8 @@ packages: resolution: {integrity: sha512-f7ccFPK3SXFHpx15UIGyRJ/FJQctuKZ0zVuN3frBo4HnK3cay9VEW0R6yPYFHC0AgqhukPzKjq22t5DmAyqGyw==} engines: {node: '>=16'} - flatted@3.3.3: - resolution: {integrity: sha512-GX+ysw4PBCz0PzosHDepZGANEuFCMLrnRTiEy9McGjmkCQYwRq4A/X786G/fjM/+OjsWSU1ZrY5qyARZmO/uwg==} + flatted@3.4.1: + resolution: {integrity: sha512-IxfVbRFVlV8V/yRaGzk0UVIcsKKHMSfYw66T/u4nTwlWteQePsxe//LjudR1AMX4tZW3WFCh3Zqa/sjlqpbURQ==} fn.name@1.1.0: resolution: {integrity: sha512-GRnmB5gPyJpAhTQdSZTSp9uaPSvl09KoYcMQtsB9rQoOmzs9dH6ffeccH+Z+cv6P68Hu5bC6JjRh4Ah/mHSNRw==} @@ -5219,10 +5219,10 @@ snapshots: flat-cache@4.0.1: dependencies: - flatted: 3.3.3 + flatted: 3.4.1 keyv: 4.5.4 - flatted@3.3.3: {} + flatted@3.4.1: {} fn.name@1.1.0: {} From 269447a18e1032c74d1b5ba7f915e4e759673e07 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 22 Mar 2026 16:21:55 +0800 Subject: [PATCH 02/10] build(deps): bump flatted in the npm_and_yarn group across 1 directory (#414) Bumps the npm_and_yarn group with 1 update in the / directory: [flatted](https://github.com/WebReflection/flatted). Updates `flatted` from 3.4.1 to 3.4.2 - [Commits](https://github.com/WebReflection/flatted/compare/v3.4.1...v3.4.2) --- updated-dependencies: - dependency-name: flatted dependency-version: 3.4.2 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- pnpm-lock.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 80c9e6d..07cb334 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -1751,8 +1751,8 @@ packages: resolution: {integrity: sha512-f7ccFPK3SXFHpx15UIGyRJ/FJQctuKZ0zVuN3frBo4HnK3cay9VEW0R6yPYFHC0AgqhukPzKjq22t5DmAyqGyw==} engines: {node: '>=16'} - flatted@3.4.1: - resolution: {integrity: sha512-IxfVbRFVlV8V/yRaGzk0UVIcsKKHMSfYw66T/u4nTwlWteQePsxe//LjudR1AMX4tZW3WFCh3Zqa/sjlqpbURQ==} + flatted@3.4.2: + resolution: {integrity: sha512-PjDse7RzhcPkIJwy5t7KPWQSZ9cAbzQXcafsetQoD7sOJRQlGikNbx7yZp2OotDnJyrDcbyRq3Ttb18iYOqkxA==} fn.name@1.1.0: resolution: {integrity: sha512-GRnmB5gPyJpAhTQdSZTSp9uaPSvl09KoYcMQtsB9rQoOmzs9dH6ffeccH+Z+cv6P68Hu5bC6JjRh4Ah/mHSNRw==} @@ -5219,10 +5219,10 @@ snapshots: flat-cache@4.0.1: dependencies: - flatted: 3.4.1 + flatted: 3.4.2 keyv: 4.5.4 - flatted@3.4.1: {} + flatted@3.4.2: {} fn.name@1.1.0: {} From 64c4881dbc9357f160653ad316894fd78ae7cccb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 26 Mar 2026 16:43:58 +0800 Subject: [PATCH 03/10] build(deps): bump picomatch in the npm_and_yarn group across 1 directory (#415) Bumps the npm_and_yarn group with 1 update in the / directory: [picomatch](https://github.com/micromatch/picomatch). Updates `picomatch` from 2.3.1 to 2.3.2 - [Release notes](https://github.com/micromatch/picomatch/releases) - [Changelog](https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md) - [Commits](https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2) --- updated-dependencies: - dependency-name: picomatch dependency-version: 2.3.2 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- pnpm-lock.yaml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 07cb334..29e51aa 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -2594,12 +2594,12 @@ packages: picocolors@1.1.1: resolution: {integrity: sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==} - picomatch@2.3.1: - resolution: {integrity: sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==} + picomatch@2.3.2: + resolution: {integrity: sha512-V7+vQEJ06Z+c5tSye8S+nHUfI51xoXIXjHQ99cQtKUkQqqO1kO/KCJUfZXuB47h/YBlDhah2H3hdUGXn8ie0oA==} engines: {node: '>=8.6'} - picomatch@4.0.3: - resolution: {integrity: sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q==} + picomatch@4.0.4: + resolution: {integrity: sha512-QP88BAKvMam/3NxH6vj2o21R6MjxZUAd6nlwAS/pnGvN9IVLocLHxGYIzFhg6fUQ+5th6P4dv4eW9jX3DSIj7A==} engines: {node: '>=12'} pidtree@0.6.0: @@ -4484,7 +4484,7 @@ snapshots: anymatch@3.1.3: dependencies: normalize-path: 3.0.0 - picomatch: 2.3.1 + picomatch: 2.3.2 arg@4.1.3: {} @@ -5815,7 +5815,7 @@ snapshots: chalk: 4.1.2 ci-info: 4.3.1 graceful-fs: 4.2.11 - picomatch: 4.0.3 + picomatch: 4.0.4 jest-validate@30.2.0: dependencies: @@ -6000,7 +6000,7 @@ snapshots: micromatch@4.0.8: dependencies: braces: 3.0.3 - picomatch: 2.3.1 + picomatch: 2.3.2 mime-db@1.52.0: {} @@ -6181,9 +6181,9 @@ snapshots: picocolors@1.1.1: {} - picomatch@2.3.1: {} + picomatch@2.3.2: {} - picomatch@4.0.3: {} + picomatch@4.0.4: {} pidtree@0.6.0: {} @@ -6254,7 +6254,7 @@ snapshots: readdirp@3.6.0: dependencies: - picomatch: 2.3.1 + picomatch: 2.3.2 require-directory@2.1.1: {} From 14160f3a7d9ece6a99a273edf59623a15c99a013 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 26 Mar 2026 18:47:56 +0800 Subject: [PATCH 04/10] build(deps): bump yaml in the npm_and_yarn group across 1 directory (#416) Bumps the npm_and_yarn group with 1 update in the / directory: [yaml](https://github.com/eemeli/yaml). Updates `yaml` from 2.7.0 to 2.8.3 - [Release notes](https://github.com/eemeli/yaml/releases) - [Commits](https://github.com/eemeli/yaml/compare/v2.7.0...v2.8.3) --- updated-dependencies: - dependency-name: yaml dependency-version: 2.8.3 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- pnpm-lock.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 29e51aa..4394a48 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -3214,9 +3214,9 @@ packages: resolution: {integrity: sha512-YgvUTfwqyc7UXVMrB+SImsVYSmTS8X/tSrtdNZMImM+n7+QTriRXyXim0mBrTXNeqzVF0KWGgHPeiyViFFrNDw==} engines: {node: '>=18'} - yaml@2.7.0: - resolution: {integrity: sha512-+hSoy/QHluxmC9kCIJyL/uyFmLmc+e5CFR5Wa+bpIhIj85LVb9ZH2nVnqrHoSvKogwODv0ClqZkmiSSaIH5LTA==} - engines: {node: '>= 14'} + yaml@2.8.3: + resolution: {integrity: sha512-AvbaCLOO2Otw/lW5bmh9d/WEdcDFdQp2Z2ZUH3pX9U2ihyUY0nvLv7J6TrWowklRGPYbB/IuIMfYgxaCPg5Bpg==} + engines: {node: '>= 14.6'} hasBin: true yargs-parser@21.1.1: @@ -5921,7 +5921,7 @@ snapshots: micromatch: 4.0.8 pidtree: 0.6.0 string-argv: 0.3.2 - yaml: 2.7.0 + yaml: 2.8.3 transitivePeerDependencies: - supports-color @@ -6803,7 +6803,7 @@ snapshots: yallist@5.0.0: {} - yaml@2.7.0: {} + yaml@2.8.3: {} yargs-parser@21.1.1: {} From 29a234bdc1085da46a56a93aeb05446a5c4f6e3a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 28 Mar 2026 12:05:55 +0800 Subject: [PATCH 05/10] build(deps): bump the npm_and_yarn group across 1 directory with 2 updates (#417) Bumps the npm_and_yarn group with 2 updates in the / directory: [brace-expansion](https://github.com/juliangruber/brace-expansion) and [handlebars](https://github.com/handlebars-lang/handlebars.js). Updates `brace-expansion` from 1.1.12 to 1.1.13 - [Release notes](https://github.com/juliangruber/brace-expansion/releases) - [Commits](https://github.com/juliangruber/brace-expansion/compare/v1.1.12...v1.1.13) Updates `handlebars` from 4.7.8 to 4.7.9 - [Release notes](https://github.com/handlebars-lang/handlebars.js/releases) - [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/v4.7.9/release-notes.md) - [Commits](https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9) --- updated-dependencies: - dependency-name: brace-expansion dependency-version: 1.1.13 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: handlebars dependency-version: 4.7.9 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- pnpm-lock.yaml | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 4394a48..51baec4 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -1214,11 +1214,11 @@ packages: resolution: {integrity: sha512-oP5VkATKlNwcgvxi0vM0p/D3n2C3EReYVX+DNYs5TjZFn/oQt2j+4sVJtSMr18pdRr8wjTcBl6LoV+FUwzPmNA==} engines: {node: '>=18'} - brace-expansion@1.1.12: - resolution: {integrity: sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==} + brace-expansion@1.1.13: + resolution: {integrity: sha512-9ZLprWS6EENmhEOpjCYW2c8VkmOvckIJZfkr7rBW6dObmfgJ/L1GpSYW5Hpo9lDz4D1+n0Ckz8rU7FwHDQiG/w==} - brace-expansion@5.0.3: - resolution: {integrity: sha512-fy6KJm2RawA5RcHkLa1z/ScpBeA762UF9KmZQxwIbDtRJrgLzM10depAiEQ+CXYcoiqW1/m96OAAoke2nE9EeA==} + brace-expansion@5.0.5: + resolution: {integrity: sha512-VZznLgtwhn+Mact9tfiwx64fA9erHH/MCXEUfB/0bX/6Fz6ny5EGTXYltMocqg4xFAQZtnO3DHWWXi8RiuN7cQ==} engines: {node: 18 || 20 || >=22} braces@3.0.3: @@ -1872,8 +1872,8 @@ packages: graphemer@1.4.0: resolution: {integrity: sha512-EtKwoO6kxCL9WO5xipiHTZlSzBm7WLT627TqC/uVRd0HKmq8NXyebnNYxDoBi7wt8eTWrUrKXCOVaFq9x1kgag==} - handlebars@4.7.8: - resolution: {integrity: sha512-vafaFqs8MZkRrSX7sFVUdo3ap/eNiLnb4IakshzvP56X5Nr1iGKAIqdX6tMlm6HcNRIkr6AxO5jFEoJzzpT8aQ==} + handlebars@4.7.9: + resolution: {integrity: sha512-4E71E0rpOaQuJR2A3xDZ+GM1HyWYv1clR58tC8emQNeQe3RH7MAzSbat+V0wG78LQBo6m6bzSG/L4pBuCsgnUQ==} engines: {node: '>=0.4.7'} hasBin: true @@ -4615,12 +4615,12 @@ snapshots: transitivePeerDependencies: - supports-color - brace-expansion@1.1.12: + brace-expansion@1.1.13: dependencies: balanced-match: 1.0.2 concat-map: 0.0.1 - brace-expansion@5.0.3: + brace-expansion@5.0.5: dependencies: balanced-match: 4.0.4 @@ -5341,7 +5341,7 @@ snapshots: graphemer@1.4.0: {} - handlebars@4.7.8: + handlebars@4.7.9: dependencies: minimist: 1.2.8 neo-async: 2.6.2 @@ -6026,11 +6026,11 @@ snapshots: minimatch@3.1.5: dependencies: - brace-expansion: 1.1.12 + brace-expansion: 1.1.13 minimatch@9.0.8: dependencies: - brace-expansion: 5.0.3 + brace-expansion: 5.0.5 minimist@1.2.8: {} @@ -6561,7 +6561,7 @@ snapshots: dependencies: bs-logger: 0.2.6 fast-json-stable-stringify: 2.1.0 - handlebars: 4.7.8 + handlebars: 4.7.9 jest: 30.2.0(@types/node@20.17.24)(ts-node@10.9.2(@types/node@20.17.24)(typescript@5.8.2)) json5: 2.2.3 lodash.memoize: 4.1.2 From fe80fc733bc32044df25e8c53d349dbd7fbc2be3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 28 Mar 2026 17:26:14 +0800 Subject: [PATCH 06/10] build(deps): bump path-to-regexp (#418) Bumps the npm_and_yarn group with 1 update in the / directory: [path-to-regexp](https://github.com/pillarjs/path-to-regexp). Updates `path-to-regexp` from 8.3.0 to 8.4.0 - [Release notes](https://github.com/pillarjs/path-to-regexp/releases) - [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md) - [Commits](https://github.com/pillarjs/path-to-regexp/compare/v8.3.0...v8.4.0) --- updated-dependencies: - dependency-name: path-to-regexp dependency-version: 8.4.0 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- pnpm-lock.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 51baec4..e710702 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -2584,8 +2584,8 @@ packages: resolution: {integrity: sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==} engines: {node: '>=16 || 14 >=14.18'} - path-to-regexp@8.3.0: - resolution: {integrity: sha512-7jdwVIRtsP8MYpdXSwOS0YdD0Du+qOoF/AEPIt88PcCFrZCzx41oxku1jD88hZBwbNUIEfpqvuhjFaMAqMTWnA==} + path-to-regexp@8.4.0: + resolution: {integrity: sha512-PuseHIvAnz3bjrM2rGJtSgo1zjgxapTLZ7x2pjhzWwlp4SJQgK3f3iZIQwkpEnBaKz6seKBADpM4B4ySkuYypg==} path-type@4.0.0: resolution: {integrity: sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw==} @@ -6175,7 +6175,7 @@ snapshots: lru-cache: 10.4.3 minipass: 7.1.3 - path-to-regexp@8.3.0: {} + path-to-regexp@8.4.0: {} path-type@4.0.0: {} @@ -6300,7 +6300,7 @@ snapshots: depd: 2.0.0 is-promise: 4.0.0 parseurl: 1.3.3 - path-to-regexp: 8.3.0 + path-to-regexp: 8.4.0 transitivePeerDependencies: - supports-color From fb506f45e47b8947cf5891b991f0a3973c043f8b Mon Sep 17 00:00:00 2001 From: RetricSu Date: Mon, 30 Mar 2026 11:28:14 +0800 Subject: [PATCH 07/10] fix(create): ensure CKB binary and devnet config before generating scripts (#419) * fix(create): add imports for binary installation * fix(create): ensure CKB binary and devnet config before generating scripts Fix issue #396 where offckb create fails if user hasn't run offckb node first. Changes: - Add imports for installCKBBinary, initChainIfNeeded, readSettings - Call installCKBBinary to download CKB binary if not exists - Call initChainIfNeeded to initialize devnet config if not exists - Both calls happen before genSystemScriptsJsonFile to ensure dependencies are ready This makes offckb create self-sufficient and doesn't require prior offckb node execution. * chore: add changeset for issue #396 fix --- .changeset/vast-ravens-invent.md | 16 ++++++++++++++++ src/cmd/create.ts | 8 ++++++++ 2 files changed, 24 insertions(+) create mode 100644 .changeset/vast-ravens-invent.md diff --git a/.changeset/vast-ravens-invent.md b/.changeset/vast-ravens-invent.md new file mode 100644 index 0000000..a92722a --- /dev/null +++ b/.changeset/vast-ravens-invent.md @@ -0,0 +1,16 @@ +--- +'@offckb/cli': patch +--- + +fix(create): ensure CKB binary and devnet config before generating scripts + +Fix issue #396 where `offckb create` failed if user hasn't run `offckb node` first. + +**Changes:** + +- Add imports for `installCKBBinary`, `initChainIfNeeded`, and `readSettings` +- Call `installCKBBinary` to download CKB binary if not exists +- Call `initChainIfNeeded` to initialize devnet config if not exists +- Both calls happen before `genSystemScriptsJsonFile` to ensure dependencies are ready + +This makes `offckb create` self-sufficient and doesn't require prior `offckb node` execution. diff --git a/src/cmd/create.ts b/src/cmd/create.ts index b9832b0..88dcf89 100644 --- a/src/cmd/create.ts +++ b/src/cmd/create.ts @@ -6,6 +6,9 @@ import { InteractivePrompts } from '../templates/prompts'; import { genSystemScriptsJsonFile } from '../scripts/gen'; import { CKBDebugger } from '../tools/ckb-debugger'; import { logger } from '../util/logger'; +import { installCKBBinary as _installCKBBinary } from '../node/install'; +import { initChainIfNeeded as _initChainIfNeeded } from '../node/init-chain'; +import { readSettings } from '../cfg/setting'; export interface CreateScriptProjectOptions { manager?: 'pnpm' | 'yarn' | 'npm'; @@ -100,6 +103,11 @@ export async function createScriptProject(name?: string, options: CreateScriptPr await processor.generateProject(fullProjectPath, contextWithPath); + const _settings = readSettings(); + + await _installCKBBinary(_settings.bins.defaultCKBVersion); + await _initChainIfNeeded(); + // Generate system-scripts.json logger.info('🔧 Generating system scripts configuration...'); try { From a5592dc6da0a8925dc35013fb982eedac562fbbe Mon Sep 17 00:00:00 2001 From: RetricSu Date: Mon, 30 Mar 2026 14:07:41 +0800 Subject: [PATCH 08/10] feat: upgrade default CKB version to 0.205.0 (#421) --- .changeset/dry-actors-open.md | 12 ++++++++++++ src/cfg/setting.ts | 2 +- 2 files changed, 13 insertions(+), 1 deletion(-) create mode 100644 .changeset/dry-actors-open.md diff --git a/.changeset/dry-actors-open.md b/.changeset/dry-actors-open.md new file mode 100644 index 0000000..9912e16 --- /dev/null +++ b/.changeset/dry-actors-open.md @@ -0,0 +1,12 @@ +--- +'@offckb/cli': patch +--- + +Upgrade default CKB version from 0.201.0 to 0.205.0 + +CKB v0.205.0 includes: + +- Terminal module for CKB-TUI +- Proxy protocol support +- RPC logs subscription +- Rust toolchain upgrade to 1.92.0 diff --git a/src/cfg/setting.ts b/src/cfg/setting.ts index 35e94f2..962ac1a 100644 --- a/src/cfg/setting.ts +++ b/src/cfg/setting.ts @@ -62,7 +62,7 @@ export const defaultSettings: Settings = { proxy: undefined, bins: { rootFolder: path.resolve(dataPath, 'bins'), - defaultCKBVersion: '0.201.0', + defaultCKBVersion: '0.205.0', downloadPath: path.resolve(cachePath, 'download'), }, devnet: { From 8da140dc171370fe84ef7de3d689be8d60e2068b Mon Sep 17 00:00:00 2001 From: RetricSu Date: Wed, 8 Apr 2026 06:59:38 +0800 Subject: [PATCH 09/10] fix(cli): standardize private key inputs and fix 0x prefix parsing error (#423) * fix(cli): normalize private key and 0x prefix validation This fixes issue #422 by catching whitespace and padding issues, validating length and properly standardizing the 0x prefix to prevent confusing downstream ckb-ccc cryptography errors. * chore: add changeset for private key parsing fix * fix(cli): address copilot review feedback --- .changeset/fix-privkey-prefix.md | 5 ++++ src/sdk/ckb.ts | 5 ++-- src/util/validator.ts | 40 +++++++++++++++++++++++++++ tests/validator.test.ts | 46 ++++++++++++++++++++++++++++++++ 4 files changed, 94 insertions(+), 2 deletions(-) create mode 100644 .changeset/fix-privkey-prefix.md create mode 100644 tests/validator.test.ts diff --git a/.changeset/fix-privkey-prefix.md b/.changeset/fix-privkey-prefix.md new file mode 100644 index 0000000..a420ec6 --- /dev/null +++ b/.changeset/fix-privkey-prefix.md @@ -0,0 +1,5 @@ +--- +"@offckb/cli": patch +--- + +fix(cli): standardize private key inputs and fix 0x prefix parsing error (#422) diff --git a/src/sdk/ckb.ts b/src/sdk/ckb.ts index 5276de7..1c07cdc 100644 --- a/src/sdk/ckb.ts +++ b/src/sdk/ckb.ts @@ -2,7 +2,7 @@ // to replace lumos with ccc import { ccc, ClientPublicMainnet, ClientPublicTestnet, OutPointLike, Script } from '@ckb-ccc/core'; -import { isValidNetworkString } from '../util/validator'; +import { isValidNetworkString, normalizePrivKey } from '../util/validator'; import { networks } from './network'; import { buildCCCDevnetKnownScripts } from '../scripts/private'; import { Migration } from '../deploy/migration'; @@ -81,7 +81,8 @@ export class CKB { } buildSigner(privateKey: HexString) { - const signer = new ccc.SignerCkbPrivateKey(this.client, privateKey); + const normalizedKey = normalizePrivKey(privateKey); + const signer = new ccc.SignerCkbPrivateKey(this.client, normalizedKey); return signer; } diff --git a/src/util/validator.ts b/src/util/validator.ts index 5566e52..53e9fe7 100644 --- a/src/util/validator.ts +++ b/src/util/validator.ts @@ -73,3 +73,43 @@ export function isValidVersion(version: unknown): boolean { // Test the version against the regex return versionRegex.test(version); } + +export function normalizePrivKey(privKey: string): string { + // Trim surrounding whitespaces + let key = privKey ? privKey.trim() : ''; + + if (!key) { + throw new Error('Private key is required.'); + } + + // Strip surrounding quotes + if (key.startsWith('"') && key.endsWith('"')) { + key = key.slice(1, -1); + } + if (key.startsWith("'") && key.endsWith("'")) { + key = key.slice(1, -1); + } + + // Trim again to normalize whitespace that was inside surrounding quotes + key = key.trim(); + + // Remove standard 0x/0X prefix if it exists manually for normalization + if (/^0x/i.test(key)) { + key = key.slice(2); + } + + // Validate only hex characters are left + if (!/^[0-9a-fA-F]+$/.test(key)) { + throw new Error('Invalid private key: contains non-hexadecimal characters.'); + } + + // Enforce exactly 32 bytes length + if (key.length !== 64) { + throw new Error( + `Invalid private key length: expected 32 bytes (64 hex characters), but got ${key.length} characters (excluding 0x prefix).`, + ); + } + + // Return the formally strictly padded ckb format `0x` string + return '0x' + key; +} diff --git a/tests/validator.test.ts b/tests/validator.test.ts new file mode 100644 index 0000000..9b57b26 --- /dev/null +++ b/tests/validator.test.ts @@ -0,0 +1,46 @@ +import { normalizePrivKey } from '../src/util/validator'; + +describe('normalizePrivKey', () => { + const validHex64 = '1234567812345678123456781234567812345678123456781234567812345678'; + + it('should throw an error for empty or formatting values', () => { + expect(() => normalizePrivKey('')).toThrow('Private key is required.'); + expect(() => normalizePrivKey(' ')).toThrow('Private key is required.'); + }); + + it('should accept a 64-character hex string without 0x prefix', () => { + const key = validHex64; + expect(normalizePrivKey(key)).toBe('0x' + key); + }); + + it('should accept a 64-character hex string with 0x prefix', () => { + const key = '0x' + validHex64; + expect(normalizePrivKey(key)).toBe('0x' + validHex64); + }); + + it('should accept a 64-character hex string with 0X prefix (case-insensitive)', () => { + const key = '0X' + validHex64; + expect(normalizePrivKey(key)).toBe('0x' + validHex64); + }); + + it('should correctly trim spaces inside quotes', () => { + const key = `' 0x${validHex64} '`; + expect(normalizePrivKey(key)).toBe('0x' + validHex64); + + const key2 = `" 0X${validHex64} "`; + expect(normalizePrivKey(key2)).toBe('0x' + validHex64); + }); + + it('should throw an error if the key contains non-hexadecimal characters', () => { + const invalidHex = validHex64.slice(0, -1) + 'G'; // Replace last char with 'G' (invalid hex) + expect(() => normalizePrivKey(invalidHex)).toThrow('Invalid private key: contains non-hexadecimal characters.'); + }); + + it('should throw an error if the key length is incorrect', () => { + const shortKey = validHex64.slice(0, 62); + expect(() => normalizePrivKey(shortKey)).toThrow('Invalid private key length'); + + const longKey = validHex64 + '12'; + expect(() => normalizePrivKey(longKey)).toThrow('Invalid private key length'); + }); +}); From eff13feb3dc7c2879d12d981f921589589011c35 Mon Sep 17 00:00:00 2001 From: RetricSu Date: Wed, 8 Apr 2026 08:13:25 +0800 Subject: [PATCH 10/10] Bump version from 0.4.5 to 0.4.6 (#424) --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index f072412..6dd29ce 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@offckb/cli", - "version": "0.4.5", + "version": "0.4.6", "description": "ckb development network for your first try", "author": "CKB EcoFund", "license": "MIT",