Merge branch 'main' into without-dropzone-package

pingdotgg · Oct 24, 2024 · 6d86f6e · 6d86f6e
2 parents aac8916 + b10fafa
commit 6d86f6e
Show file tree

Hide file tree

Showing 26 changed files with 136 additions and 104 deletions.
diff --git a/.changeset/flat-seals-change.md b/.changeset/flat-seals-change.md
@@ -0,0 +1,5 @@
+---
+"@uploadthing/svelte": patch
+---
+
+chore: update svelte peer dep range
diff --git a/.changeset/orange-roses-sip.md b/.changeset/orange-roses-sip.md
@@ -0,0 +1,6 @@
+---
+"@uploadthing/shared": patch
+"uploadthing": patch
+---
+
+chore: redact sensitive fields from logs using `effect/Redacted`
diff --git a/.changeset/twenty-rings-unite.md b/.changeset/twenty-rings-unite.md
@@ -5,6 +5,8 @@
 "@uploadthing/react": minor
 "@uploadthing/solid": minor
 "@uploadthing/vue": minor
+"@uploadthing/nuxt": minor
+"@uploadthing/expo": minor
 ---
 
 feat: add support to specify route endpoint that supports "Go to Definition"
@@ -31,4 +33,4 @@ useUploadThing(
     endpoint={(routeRegistry) => routeRegistry.videoAndImage}
     { ... }
 />
-```
+```
diff --git a/.changeset/two-olives-shop.md b/.changeset/two-olives-shop.md
@@ -0,0 +1,5 @@
+---
+"@uploadthing/mime-types": patch
+---
+
+feat(@uploadthing/mime-types) add application/yaml as mime type
diff --git a/examples/backend-adapters/server/package.json b/examples/backend-adapters/server/package.json
@@ -12,15 +12,14 @@
     "dev:effect": "NODE_ENV=development PORT=3003 tsx watch src/effect-platform.ts"
   },
   "dependencies": {
-    "@effect/platform": "0.68.5",
-    "@effect/platform-node": "0.63.5",
-    "@effect/schema": "0.75.4",
+    "@effect/platform": "0.69.6",
+    "@effect/platform-node": "0.64.7",
     "@elysiajs/cors": "^1.1.1",
     "@fastify/cors": "^9.0.1",
     "@hono/node-server": "^1.8.2",
     "cors": "^2.8.5",
     "dotenv": "^16.4.5",
-    "effect": "3.9.2",
+    "effect": "3.10.2",
     "elysia": "^1.1.16",
     "express": "^4.18.2",
     "fastify": "^4.26.1",

diff --git a/package.json b/package.json
@@ -38,7 +38,7 @@
     "@actions/github": "^6.0.0",
     "@changesets/changelog-github": "^0.5.0",
     "@changesets/cli": "^2.27.1",
-    "@effect/vitest": "0.12.1",
+    "@effect/vitest": "0.13.1",
     "@ianvs/prettier-plugin-sort-imports": "^4.2.1",
     "@manypkg/cli": "^0.21.3",
     "@playwright/test": "1.45.0",

diff --git a/packages/mime-types/src/application.ts b/packages/mime-types/src/application.ts
@@ -2634,6 +2634,10 @@ export const application = {
     source: "iana",
     extensions: ["mxml", "xhvml", "xvml", "xvm"],
   },
+  "application/yaml": {
+    source: "iana",
+    extensions: ["yaml", "yml"],
+  },
   "application/yang": {
     source: "iana",
     extensions: ["yang"],

diff --git a/packages/shared/package.json b/packages/shared/package.json
@@ -36,7 +36,7 @@
   },
   "dependencies": {
     "@uploadthing/mime-types": "workspace:*",
-    "effect": "3.9.2",
+    "effect": "3.10.2",
     "sqids": "^0.3.0"
   },
   "devDependencies": {

diff --git a/packages/shared/src/crypto.ts b/packages/shared/src/crypto.ts
@@ -1,6 +1,7 @@
 import * as Encoding from "effect/Encoding";
 import * as Hash from "effect/Hash";
 import * as Micro from "effect/Micro";
+import * as Redacted from "effect/Redacted";
 import SQIds, { defaultOptions } from "sqids";
 
 import { UploadThingError } from "./error";
@@ -27,13 +28,16 @@ function shuffle(str: string, seed: string) {
   return chars.join("");
 }
 
-export const signPayload = (payload: string, secret: string) =>
+export const signPayload = (
+  payload: string,
+  secret: Redacted.Redacted<string>,
+) =>
   Micro.gen(function* () {
     const signingKey = yield* Micro.tryPromise({
       try: () =>
         crypto.subtle.importKey(
           "raw",
-          encoder.encode(secret),
+          encoder.encode(Redacted.value(secret)),
           algorithm,
           false,
           ["sign"],
@@ -61,13 +65,13 @@ export const signPayload = (payload: string, secret: string) =>
 export const verifySignature = (
   payload: string,
   signature: string | null,
-  secret: string,
+  secret: Redacted.Redacted<string>,
 ) =>
   Micro.gen(function* () {
     const sig = signature?.slice(signaturePrefix.length);
     if (!sig) return false;
 
-    const secretBytes = encoder.encode(secret);
+    const secretBytes = encoder.encode(Redacted.value(secret));
     const signingKey = yield* Micro.promise(() =>
       crypto.subtle.importKey("raw", secretBytes, algorithm, false, ["verify"]),
     );
@@ -131,7 +135,7 @@ export const verifyKey = (key: string, appId: string) =>
 
 export const generateSignedURL = (
   url: string | URL,
-  secretKey: string,
+  secretKey: Redacted.Redacted<string>,
   opts: {
     ttlInSeconds?: Time | undefined;
     data?: Record<string, string | number | boolean | null | undefined>;

diff --git a/packages/shared/test/crypto.test.ts b/packages/shared/test/crypto.test.ts
@@ -1,6 +1,6 @@
 import { it } from "@effect/vitest";
 import * as Effect from "effect/Effect";
-import * as Exit from "effect/Exit";
+import * as Redacted from "effect/Redacted";
 import { describe, expect } from "vitest";
 
 import {
@@ -14,7 +14,7 @@ import {
 describe("crypto sign / verify", () => {
   it.effect("signs and verifies a payload", () =>
     Effect.gen(function* () {
-      const secret = "foo-123";
+      const secret = Redacted.make("foo-123");
       const payload = "hello world";
 
       const sig = yield* signPayload(payload, secret);
@@ -26,7 +26,7 @@ describe("crypto sign / verify", () => {
 
   it.effect("doesn't verify a payload with a bad signature", () =>
     Effect.gen(function* () {
-      const secret = "foo-123";
+      const secret = Redacted.make("foo-123");
       const payload = "hello world";
 
       const sig = yield* signPayload(payload, secret);
@@ -38,11 +38,15 @@ describe("crypto sign / verify", () => {
 
   it.effect("doesn't verify a payload with a bad secret", () =>
     Effect.gen(function* () {
-      const secret = "foo-123";
+      const secret = Redacted.make("foo-123");
       const payload = "hello world";
 
       const sig = yield* signPayload(payload, secret);
-      const verified = yield* verifySignature(payload, sig, "bad");
+      const verified = yield* verifySignature(
+        payload,
+        sig,
+        Redacted.make("bad"),
+      );
 
       expect(verified).toBe(false);
     }),
@@ -51,7 +55,7 @@ describe("crypto sign / verify", () => {
   it.effect("generates a signed URL", () =>
     Effect.gen(function* () {
       const url = "https://example.com";
-      const secret = "foo-123";
+      const secret = Redacted.make("foo-123");
 
       const signedURL = yield* generateSignedURL(url, secret, {
         ttlInSeconds: 60 * 60,
@@ -67,7 +71,7 @@ describe("crypto sign / verify", () => {
   it.effect("generates and verifies a signed URL", () =>
     Effect.gen(function* () {
       const url = "https://example.com";
-      const secret = "foo-123";
+      const secret = Redacted.make("foo-123");
 
       const signedURL = yield* generateSignedURL(url, secret, {
         ttlInSeconds: 60 * 60,

diff --git a/packages/svelte/package.json b/packages/svelte/package.json
@@ -29,7 +29,7 @@
     "!dist/**/*.spec.*"
   ],
   "peerDependencies": {
-    "svelte": "^4.0.0 || ^5.0.0-next.0",
+    "svelte": "^4.0.0 || ^5.0.0",
     "uploadthing": "^7.0.0"
   },
   "dependencies": {

diff --git a/packages/uploadthing/package.json b/packages/uploadthing/package.json
@@ -150,11 +150,10 @@
     "typecheck": "tsc --noEmit"
   },
   "dependencies": {
-    "@effect/platform": "0.68.5",
-    "@effect/schema": "0.75.4",
+    "@effect/platform": "0.69.6",
     "@uploadthing/mime-types": "workspace:*",
     "@uploadthing/shared": "workspace:*",
-    "effect": "3.9.2"
+    "effect": "3.10.2"
   },
   "devDependencies": {
     "@remix-run/server-runtime": "^2.12.0",

diff --git a/packages/uploadthing/src/internal/config.test.ts b/packages/uploadthing/src/internal/config.test.ts
@@ -1,9 +1,10 @@
 import { after } from "node:test";
-import * as S from "@effect/schema/Schema";
 import { it } from "@effect/vitest";
 import * as Effect from "effect/Effect";
 import * as Exit from "effect/Exit";
 import * as Layer from "effect/Layer";
+import * as Redacted from "effect/Redacted";
+import * as S from "effect/Schema";
 import { afterEach, beforeEach, describe, expect } from "vitest";
 
 import { UploadThingError } from "@uploadthing/shared";
@@ -12,12 +13,12 @@ import { configProvider, IngestUrl, IsDevelopment, UTToken } from "./config";
 import { ParsedToken, UploadThingToken } from "./shared-schemas";
 
 const app1TokenData = {
-  apiKey: "sk_foo",
+  apiKey: Redacted.make("sk_foo"),
   appId: "app-1",
   regions: ["fra1"] as const,
 };
 const app2TokenData = {
-  apiKey: "sk_bar",
+  apiKey: Redacted.make("sk_bar"),
   appId: "app-2",
   regions: ["dub1"] as const,
 };

diff --git a/packages/uploadthing/src/internal/config.ts b/packages/uploadthing/src/internal/config.ts
@@ -1,7 +1,7 @@
-import * as S from "@effect/schema/Schema";
 import * as Config from "effect/Config";
 import * as ConfigProvider from "effect/ConfigProvider";
 import * as Effect from "effect/Effect";
+import * as S from "effect/Schema";
 
 import {
   filterDefinedObjectValues,

diff --git a/packages/uploadthing/src/internal/handler.ts b/packages/uploadthing/src/internal/handler.ts
@@ -8,11 +8,12 @@ import {
   HttpServerRequest,
   HttpServerResponse,
 } from "@effect/platform";
-import * as S from "@effect/schema/Schema";
 import * as Config from "effect/Config";
 import * as Context from "effect/Context";
 import * as Effect from "effect/Effect";
 import * as Match from "effect/Match";
+import * as Redacted from "effect/Redacted";
+import * as S from "effect/Schema";
 
 import {
   fillInputRouteConfig,
@@ -367,7 +368,7 @@ const handleCallbackRequest = (opts: {
       yield* HttpClientRequest.post(`/callback-result`).pipe(
         HttpClientRequest.prependUrl(baseUrl),
         HttpClientRequest.setHeaders({
-          "x-uploadthing-api-key": apiKey,
+          "x-uploadthing-api-key": Redacted.value(apiKey),
           "x-uploadthing-version": pkgJson.version,
           "x-uploadthing-be-adapter": beAdapter,
           "x-uploadthing-fe-package": fePackage,
@@ -594,7 +595,7 @@ const handleUploadAction = (opts: {
     const metadataRequest = HttpClientRequest.post("/route-metadata").pipe(
       HttpClientRequest.prependUrl(ingestUrl),
       HttpClientRequest.setHeaders({
-        "x-uploadthing-api-key": apiKey,
+        "x-uploadthing-api-key": Redacted.value(apiKey),
         "x-uploadthing-version": pkgJson.version,
         "x-uploadthing-be-adapter": beAdapter,
         "x-uploadthing-fe-package": fePackage,

diff --git a/packages/uploadthing/src/internal/jsonl.test.ts b/packages/uploadthing/src/internal/jsonl.test.ts
@@ -1,6 +1,7 @@
 import { it } from "@effect/vitest";
 import * as Effect from "effect/Effect";
 import * as Exit from "effect/Exit";
+import * as Redacted from "effect/Redacted";
 import * as Stream from "effect/Stream";
 import { beforeEach, describe, expect, vi } from "vitest";
 
@@ -13,7 +14,8 @@ const te = new TextEncoder();
 
 const createChunk = (_payload: unknown) => {
   const payload = JSON.stringify(_payload);
-  return Effect.map(signPayload(payload, "sk_123"), (signature) =>
+  const secret = Redacted.make("sk_123");
+  return Effect.map(signPayload(payload, secret), (signature) =>
     JSON.stringify(
       MetadataFetchStreamPart.make({ payload, signature, hook: "callback" }),
     ),

diff --git a/packages/uploadthing/src/internal/jsonl.ts b/packages/uploadthing/src/internal/jsonl.ts
@@ -1,5 +1,5 @@
-import * as S from "@effect/schema/Schema";
 import * as Effect from "effect/Effect";
+import * as S from "effect/Schema";
 import * as Stream from "effect/Stream";
 
 export const handleJsonLineStream =

diff --git a/packages/uploadthing/src/internal/route-config.ts b/packages/uploadthing/src/internal/route-config.ts
@@ -1,6 +1,6 @@
-import type * as S from "@effect/schema/Schema";
 import * as Data from "effect/Data";
 import * as Effect from "effect/Effect";
+import type * as S from "effect/Schema";
 
 import type {
   ExpandedRouteConfig,

diff --git a/packages/uploadthing/src/internal/runtime.ts b/packages/uploadthing/src/internal/runtime.ts
@@ -1,4 +1,5 @@
-import { FetchHttpClient } from "@effect/platform";
+import { FetchHttpClient, Headers } from "@effect/platform";
+import * as FiberRef from "effect/FiberRef";
 import * as Layer from "effect/Layer";
 import * as ManagedRuntime from "effect/ManagedRuntime";
 
@@ -12,8 +13,20 @@ export const makeRuntime = (fetch: FetchEsque, config: unknown) => {
     FetchHttpClient.layer,
     Layer.succeed(FetchHttpClient.Fetch, fetch as typeof globalThis.fetch),
   );
+
+  const withRedactedHeaders = Layer.effectDiscard(
+    FiberRef.update(Headers.currentRedactedNames, (_) =>
+      _.concat(["x-uploadthing-api-key"]),
+    ),
+  );
+
   const layer = Layer.provide(
-    Layer.mergeAll(withLogFormat, withMinimalLogLevel, fetchHttpClient),
+    Layer.mergeAll(
+      withLogFormat,
+      withMinimalLogLevel,
+      fetchHttpClient,
+      withRedactedHeaders,
+    ),
     Layer.setConfigProvider(configProvider(config)),
   );
   return ManagedRuntime.make(layer);

diff --git a/packages/uploadthing/src/internal/shared-schemas.ts b/packages/uploadthing/src/internal/shared-schemas.ts
@@ -1,4 +1,4 @@
-import * as S from "@effect/schema/Schema";
+import * as S from "effect/Schema";
 
 import type { Json } from "@uploadthing/shared";
 import { ValidACLs, ValidContentDispositions } from "@uploadthing/shared";
@@ -28,7 +28,7 @@ const DecodeString = S.transform(S.Uint8ArrayFromSelf, S.String, {
 });
 
 export const ParsedToken = S.Struct({
-  apiKey: S.String.pipe(S.startsWith("sk_")),
+  apiKey: S.Redacted(S.String.pipe(S.startsWith("sk_"))),
   appId: S.String,
   regions: S.NonEmptyArray(S.String),
   ingestHost: S.String.pipe(

diff --git a/packages/uploadthing/src/internal/types.ts b/packages/uploadthing/src/internal/types.ts
@@ -1,6 +1,6 @@
-import type { Schema } from "@effect/schema/Schema";
 import type * as Config from "effect/Config";
 import type * as LogLevel from "effect/LogLevel";
+import type { Schema } from "effect/Schema";
 
 import type {
   ErrorMessage,

diff --git a/packages/uploadthing/src/sdk/index.ts b/packages/uploadthing/src/sdk/index.ts
@@ -4,11 +4,12 @@ import {
   HttpClientRequest,
   HttpClientResponse,
 } from "@effect/platform";
-import * as S from "@effect/schema/Schema";
 import * as Arr from "effect/Array";
 import * as Effect from "effect/Effect";
 import type * as ManagedRuntime from "effect/ManagedRuntime";
 import * as Predicate from "effect/Predicate";
+import * as Redacted from "effect/Redacted";
+import * as S from "effect/Schema";
 
 import type {
   ACL,
@@ -76,7 +77,7 @@ export class UTApi {
         HttpClientRequest.setHeaders({
           "x-uploadthing-version": UPLOADTHING_VERSION,
           "x-uploadthing-be-adapter": "server-sdk",
-          "x-uploadthing-api-key": apiKey,
+          "x-uploadthing-api-key": Redacted.value(apiKey),
         }),
         httpClient.execute,
         Effect.tapBoth({