Merge branch 'trunk' into gitbook

atsign-foundation · Dec 23, 2024 · 956399b · 956399b
2 parents 20777ea + 664d153
commit 956399b
Show file tree

Hide file tree

Showing 93 changed files with 6,030 additions and 116 deletions.
diff --git a/.github/workflows/c_release.yml b/.github/workflows/c_release.yml
@@ -91,7 +91,7 @@ jobs:
           Compress-Archive -Path sshnpd -Destination tarball/${{
           matrix.output-name }}.zip
       # upload the build
-      - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
+      - uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
         with:
           name:
             ${{ matrix.output-name }}_${{ matrix.compiler
@@ -125,13 +125,13 @@ jobs:
         with:
           ref: c_release-${{github.run_number}}
       - uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0
-      - uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1
+      - uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0
       - run: |
           docker buildx build -t atsigncompany/sshnpdc -f sshnpd/tools/Dockerfile.package \
           --platform ${{ matrix.platform }} -o type=tar,dest=bins.tar .
           mkdir tarballs
           tar -xvf bins.tar -C tarballs
-      - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
+      - uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
         with:
           name:
             ${{
@@ -163,13 +163,13 @@ jobs:
         with:
           ref: c_release-${{github.run_number}}
       - uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0
-      - uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1
+      - uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0
       - run: |
           docker buildx build -t atsigncompany/sshnpdcmusl -f sshnpd/tools/Dockerfile.musl \
           --platform ${{ matrix.platform }} -o type=tar,dest=bins.tar .
           mkdir tarballs
           tar -xvf bins.tar -C tarballs
-      - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
+      - uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
         with:
           name:
             ${{
@@ -191,7 +191,7 @@ jobs:
           cd ./packages
           mv c csshnpd-${{ github.ref_name }}
           tar -cvzf ../tarball/csshnpd-${{ github.ref_name }}.tar.gz csshnpd-${{ github.ref_name }}
-      - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
+      - uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
         with:
           name: csshnpd-src-${{github.ref_name}}-${{github.run_number}}-${{github.run_attempt}}
           path: ./tarball/csshnpd-${{ github.ref_name }}.tar.gz
@@ -243,7 +243,7 @@ jobs:
         working-directory: tarballs
         run: |
           echo "hashes=$(cat checksums.txt | base64 -w0)" >> "$GITHUB_OUTPUT"
-      - uses: actions/attest-build-provenance@c4fbc648846ca6f503a13a2281a5e7b98aa57202 # v2.0.1
+      - uses: actions/attest-build-provenance@7668571508540a607bdfd90a87a560489fe372eb # v2.1.0
         with:
           subject-path: "tarballs/**"
 

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -50,7 +50,7 @@ jobs:
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3.27.6
+        uses: github/codeql-action/init@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0
         with:
           languages: ${{ matrix.language }}
           # If you wish to specify custom queries, you can do so here or in a config file.
@@ -60,7 +60,7 @@ jobs:
       # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
       # If this step fails, then you should remove it and run the build manually (see below)
       - name: Autobuild
-        uses: github/codeql-action/autobuild@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3.27.6
+        uses: github/codeql-action/autobuild@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0
 
       # ℹ️ Command-line programs to run using the OS shell.
       # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@@ -73,6 +73,6 @@ jobs:
       #   ./location_of_script_within_repo/buildscript.sh
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3.27.6
+        uses: github/codeql-action/analyze@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0
         with:
           category: "/language:${{matrix.language}}"
diff --git a/.github/workflows/dockerhub_sshnpd.yml b/.github/workflows/dockerhub_sshnpd.yml
@@ -35,7 +35,7 @@ jobs:
       - name: Set up QEMU
         uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1
+        uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0
       - name: Login to Docker Hub
         uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
         with:

diff --git a/.github/workflows/multibuild.yaml b/.github/workflows/multibuild.yaml
@@ -159,7 +159,7 @@ jobs:
             --password "$MACOS_APPLE_ID_PASSWORD" \
             --wait
       # upload the build
-      - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
+      - uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
         with:
           name:
             ${{ matrix.output-name
@@ -189,15 +189,15 @@ jobs:
       - if: ${{ ! inputs.main_build_only }}
         uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0
       - if: ${{ ! inputs.main_build_only }}
-        uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1
+        uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0
       - if: ${{ ! inputs.main_build_only }}
         run: |
           docker buildx build -t atsigncompany/sshnptarball -f ./tools/multibuild/Dockerfile.package \
           --platform ${{ matrix.platform }} -o type=tar,dest=bins.tar .
           mkdir tarballs
           tar -xvf bins.tar -C tarballs
       - if: ${{ ! inputs.main_build_only }}
-        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
+        uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
         with:
           name:
             ${{ matrix.output-name
@@ -229,7 +229,7 @@ jobs:
           cp -r dist/* sshnp/web/admin/
           tar -cvzf tarball/sshnp-web-admin-noarch.tgz sshnp
       # upload the build
-      - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
+      - uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
         with:
           name:
             sshnp-web-admin-noarch-${{github.ref_name}}-${{github.run_number
@@ -258,7 +258,7 @@ jobs:
           REF=${{ github.ref }}
           TAG=${REF:11}
           write_metadata universal.sh sshnp_version "$TAG"
-      - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
+      - uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
         with:
           name: universal.sh-${{github.ref_name}}-${{github.run_number}}-${{github.run_attempt}}
           path: ./packages/dart/sshnoports/bundles/universal.sh
@@ -272,7 +272,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-      - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
+      - uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
         with:
           name: universal.ps1-${{github.ref_name}}-${{github.run_number}}-${{github.run_attempt}}
           path: ./packages/dart/sshnoports/bundles/universal.ps1
@@ -335,7 +335,7 @@ jobs:
         working-directory: tarballs
         run: |
           echo "hashes=$(cat checksums.txt | base64 -w0)" >> "$GITHUB_OUTPUT"
-      - uses: actions/attest-build-provenance@c4fbc648846ca6f503a13a2281a5e7b98aa57202 # v2.0.1
+      - uses: actions/attest-build-provenance@7668571508540a607bdfd90a87a560489fe372eb # v2.1.0
         with:
           subject-path: "tarballs/**"
 

diff --git a/.github/workflows/python-sshnpd-build-publish.yml b/.github/workflows/python-sshnpd-build-publish.yml
@@ -49,7 +49,7 @@ jobs:
         cp -r dist/ $GITHUB_WORKSPACE
 
     - name: Store the distribution packages
-      uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
+      uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
       with:
         name: sshnpd-python-package
         path: dist/
@@ -74,7 +74,7 @@ jobs:
         name: sshnpd-python-package
         path: dist/
     - name: Publish distribution to TestPyPI
-      uses: pypa/gh-action-pypi-publish@15c56dba361d8335944d31a2ecd17d700fc7bcbc # v1.12.2
+      uses: pypa/gh-action-pypi-publish@67339c736fd9354cd4f8cb0b744f2b82a74b5c70 # v1.12.3
       with:
         skip-existing: true
         attestations: true
@@ -99,7 +99,7 @@ jobs:
         name: sshnpd-python-package
         path: dist/
     - name: Publish distribution to PyPI
-      uses: pypa/gh-action-pypi-publish@15c56dba361d8335944d31a2ecd17d700fc7bcbc # v1.12.2
+      uses: pypa/gh-action-pypi-publish@67339c736fd9354cd4f8cb0b744f2b82a74b5c70 # v1.12.3
       with:
         attestations: true
 
@@ -145,7 +145,7 @@ jobs:
       run: |
         echo "hashes=$(cat checksums.txt | base64 -w0)" >> "$GITHUB_OUTPUT"
     - name: Attest the release artifacts
-      uses: actions/attest-build-provenance@c4fbc648846ca6f503a13a2281a5e7b98aa57202 # v2.0.1
+      uses: actions/attest-build-provenance@7668571508540a607bdfd90a87a560489fe372eb # v2.1.0
       with:
         subject-path: 'dist/**'
     - name: Upload artifact signatures to GitHub Release

diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
@@ -59,14 +59,14 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: "Upload artifact"
-        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
+        uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
         with:
           name: SARIF file
           path: results.sarif
           retention-days: 5
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3.27.6
+        uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0
         with:
           sarif_file: results.sarif
diff --git a/.github/workflows/unit_tests.yaml b/.github/workflows/unit_tests.yaml
@@ -31,7 +31,7 @@ jobs:
       - uses: dart-lang/setup-dart@e630b99d28a3b71860378cafdc2a067c71107f94 # v1.7.0
         with:
           sdk: ${{ matrix.dart-channel}}
-      - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
+      - uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
         with:
           go-version: "stable"
           cache-dependency-path: tools/osv-scanner/go.sum

diff --git a/packages/dart/noports_core/README.md b/packages/dart/noports_core/README.md
@@ -3,19 +3,20 @@
 [![GitHub License](https://img.shields.io/badge/license-BSD3-blue.svg)](./LICENSE)
 [![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/atsign-foundation/noports/badge)](https://api.securityscorecards.dev/projects/github.com/atsign-foundation/noports)
 
-# No Ports Core
+# NoPorts Core
 
-No Ports Core is the underlying library used to enable sshnoports and the rest of the No Ports suite.
+NoPorts Core is the shared library used to enable the rest of the NoPorts suite.
+This contains the heart of the NoPorts implementation.
 
 ## Examples
 
 ### CLI Example
 
-See the [sshnoports](https://github.com/atsign-foundation/noports/tree/trunk/packages/dart/sshnoports) project.
+See the [sshnoports](../sshnoports/README.md) project.
 
 ### Flutter Example
 
-See the [sshnp_flutter](https://github.com/atsign-foundation/noports/tree/trunk/packages/dart/sshnp_flutter) project.
+See the [npt_flutter](../npt_flutter/README.md) project.
 
 ## Maintainers
 

diff --git a/packages/dart/npt_flutter/README.md b/packages/dart/npt_flutter/README.md
@@ -1,16 +1,21 @@
-# npt_flutter
+<a href="https://atsign.com#gh-light-mode-only"><img width=250px src="https://atsign.com/wp-content/uploads/2022/05/atsign-logo-horizontal-color2022.svg#gh-light-mode-only" alt="The Atsign Foundation"></a><a href="https://atsign.com#gh-dark-mode-only"><img width=250px src="https://atsign.com/wp-content/uploads/2023/08/atsign-logo-horizontal-reverse2022-Color.svg#gh-dark-mode-only" alt="The Atsign Foundation"></a>
 
-A new Flutter project.
+# NoPorts Desktop
+
+This is the source code for the NoPorts Desktop application.
+See [the website](https://noports.com) for more information, or its companion
+[documentation site](https://docs.noports.com) for technical and usage
+information.
 
 ## Getting Started
 
-This project is a starting point for a Flutter application.
+## Building From Source
 
-A few resources to get you started if this is your first Flutter project:
+Building from source is possible and will work with already activated atSigns.
+However, without a valid API key, activating newly registered atSigns is not
+possible. You can circumvent this by either:
 
-- [Lab: Write your first Flutter app](https://docs.flutter.dev/get-started/codelab)
-- [Cookbook: Useful Flutter samples](https://docs.flutter.dev/cookbook)
+- Downloading the app from the store
+- Use the [at_activate binary](../sshnoports/README.md) to activate first, then
+  load the generated .atkeys file into the app.
 
-For help getting started with Flutter development, view the
-[online documentation](https://docs.flutter.dev/), which offers tutorials,
-samples, guidance on mobile development, and a full API reference.
diff --git a/packages/dart/npt_flutter/lib/features/onboarding/widgets/activate_atsign_dialog.dart b/packages/dart/npt_flutter/lib/features/onboarding/widgets/activate_atsign_dialog.dart
@@ -1,10 +1,12 @@
 import 'dart:convert';
 
 import 'package:at_onboarding_flutter/at_onboarding_flutter.dart';
+import 'package:at_server_status/at_server_status.dart';
 import 'package:flutter/material.dart';
 import 'package:flutter_gen/gen_l10n/app_localizations.dart';
 import 'package:npt_flutter/app.dart';
 import 'package:npt_flutter/features/onboarding/util/activate_util.dart';
+import 'package:npt_flutter/features/onboarding/util/onboarding_util.dart';
 import 'package:npt_flutter/widgets/spinner.dart';
 import 'package:pin_code_fields/pin_code_fields.dart';
 
@@ -14,12 +16,16 @@ class ActivateAtsignDialog extends StatefulWidget {
   final String apiKey;
   final String atSign;
   final AtOnboardingConfig config;
+  final bool waitForTeapot;
+  final NoPortsOnboardingUtil onboardingUtil;
   const ActivateAtsignDialog({
     super.key,
     required this.atSign,
     required this.apiKey,
     required this.config,
     required this.registrarUrl,
+    required this.waitForTeapot,
+    required this.onboardingUtil,
   });
 
   @override
@@ -170,6 +176,10 @@ class _ActivateAtsignDialogState extends State<ActivateAtsignDialog> {
                   status = ActivationStatus.activating;
                 });
 
+                // This does two things:
+                // 1. If the atSign is not in teapot, it will (assuming success)
+                //    start activating the atSign as if you hit "Activate" in the dashboard
+                // 2. It will trigger the email/text OTP
                 var (:cramkey, :errorMessage) = await util.verifyActivation(
                   atsign: widget.atSign,
                   otp: pinController.text,
@@ -191,6 +201,41 @@ class _ActivateAtsignDialogState extends State<ActivateAtsignDialog> {
                   return;
                 }
 
+                // If the atSign wasn't in teapot when we arrived at this screen,
+                // we should wait until the atSign is in teapot
+                if (widget.waitForTeapot) {
+                  int round = 1;
+                  getStatus() async {
+                    return (await widget.onboardingUtil.atServerStatus(widget.atSign)).status();
+                  }
+
+                  AtSignStatus? atSignStatus = await getStatus();
+                  while (atSignStatus != AtSignStatus.teapot) {
+                    // 6 * 5 = 30 seconds
+                    // 12 * 5 = 60 seconds
+                    if (round > 12) {
+                      break;
+                    }
+                    await Future.delayed(const Duration(seconds: 5));
+                    round++;
+                    atSignStatus = (await getStatus());
+                  }
+
+                  // If the Atsign is still not in teapot after the waiting period
+                  // Then return an error
+                  if (atSignStatus != AtSignStatus.teapot) {
+                    if (mounted) {
+                      Navigator.of(context).pop(
+                        AtOnboardingResult.error(message: strings.errorAuthenticationTimedOut),
+                      );
+                    }
+                    return;
+                  }
+                }
+
+                // Assuming we got the correct OTP, and we are in teapot,
+                // being activation: Generating keys, bootstrapping server, etc.
+                // i.e. all the stuff to go from teapot -> activated
                 var result = await util.onboardFromCramKey(
                   atsign: widget.atSign,
                   cramkey: cramkey,