WIP - add extractor, generate snippet_data

node_modules/signedsource/LICENSE

@@ -0,0 +1,31 @@
+BSD License
+
+For signedsource software
+
+Copyright (c) 2013-present, Facebook, Inc.
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+ * Redistributions of source code must retain the above copyright notice, this
+   list of conditions and the following disclaimer.
+
+ * Redistributions in binary form must reproduce the above copyright notice,
+   this list of conditions and the following disclaimer in the documentation
+   and/or other materials provided with the distribution.
+
+ * Neither the name Facebook nor the names of its contributors may be used to
+   endorse or promote products derived from this software without specific
+   prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR
+ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

node_modules/signedsource/PATENTS

@@ -0,0 +1,33 @@
+Additional Grant of Patent Rights Version 2
+
+"Software" means the signedsource software distributed by Facebook, Inc.
+
+Facebook, Inc. ("Facebook") hereby grants to each recipient of the Software
+("you") a perpetual, worldwide, royalty-free, non-exclusive, irrevocable
+(subject to the termination provision below) license under any Necessary
+Claims, to make, have made, use, sell, offer to sell, import, and otherwise
+transfer the Software. For avoidance of doubt, no license is granted under
+Facebook's rights in any patent claims that are infringed by (i) modifications
+to the Software made by you or any third party or (ii) the Software in
+combination with any software or other technology.
+
+The license granted hereunder will terminate, automatically and without notice,
+if you (or any of your subsidiaries, corporate affiliates or agents) initiate
+directly or indirectly, or take a direct financial interest in, any Patent
+Assertion: (i) against Facebook or any of its subsidiaries or corporate
+affiliates, (ii) against any party if such Patent Assertion arises in whole or
+in part from any software, technology, product or service of Facebook or any of
+its subsidiaries or corporate affiliates, or (iii) against any party relating
+to the Software. Notwithstanding the foregoing, if Facebook or any of its
+subsidiaries or corporate affiliates files a lawsuit alleging patent
+infringement against you in the first instance, and you respond by filing a
+patent infringement counterclaim in that lawsuit against that party that is
+unrelated to the Software, the license granted hereunder will not terminate
+under section (i) of this paragraph due to such counterclaim.
+
+A "Necessary Claim" is a claim of a patent owned by Facebook that is
+necessarily infringed by the Software standing alone.
+
+A "Patent Assertion" is any lawsuit or other action alleging direct, indirect,
+or contributory infringement or inducement to infringe any patent, including a
+cross-claim or counterclaim.

node_modules/signedsource/index.js

@@ -0,0 +1,117 @@
+/**
+ * Copyright (c) 2015-present, Facebook, Inc.
+ * All rights reserved.
+ *
+ * This source code is licensed under the BSD-style license found in the
+ * LICENSE file in the root directory of this source tree. An additional grant
+ * of patent rights can be found in the PATENTS file in the same directory.
+ */
+'use strict';
+
+const crypto = require('crypto');
+
+const GENERATED = '@' + 'generated';
+const OLDTOKEN = '<<SignedSource::*O*zOeWoEQle#+L!plEphiEmie@I>>';
+const NEWTOKEN = '<<SignedSource::*O*zOeWoEQle#+L!plEphiEmie@IsG>>';
+const TOKENS = [NEWTOKEN, OLDTOKEN];
+const PATTERN = new RegExp(`${GENERATED} (?:SignedSource<<([a-f0-9]{32})>>)`);
+
+const TokenNotFoundError = new Error(
+  `SignedSource.signFile(...): Cannot sign file without token: ${NEWTOKEN}`
+);
+
+function hash(data, encoding) {
+  const md5sum = crypto.createHash('md5');
+  md5sum.update(data, encoding);
+  return md5sum.digest('hex');
+}
+
+/**
+ * Utility for signing and verifying the signature of a file. This is useful for
+ * ensuring that the contents of a generated file are not contaminated by manual
+ * changes. Example usage:
+ *
+ *   const myFile = `
+ *     // ${SignedSource.getSigningToken()}
+ *
+ *     console.log('My generated file.');
+ *   `;
+ *   const mySignedFile = SignedSource.signFile(myFile);
+ *
+ */
+const SignedSource = {
+  TokenNotFoundError,
+
+  /**
+   * Gets the signing token to be embedded in the file you wish to be signed.
+   */
+  getSigningToken() {
+    return `${GENERATED} ${NEWTOKEN}`;
+  },
+
+  /**
+   * Checks whether a file is signed *without* verifying the signature.
+   */
+  isSigned(data) {
+    return !PATTERN.exec(data);
+  },
+
+  /**
+   * Signs a source file which contains a signing token. Signing modifies only
+   * the signing token, so the token should be placed inside a comment in order
+   * for signing to not change code semantics.
+   */
+  signFile(data) {
+    if (!data.includes(NEWTOKEN)) {
+      if (SignedSource.isSigned(data)) {
+        // Signing a file that was previously signed.
+        data = data.replace(PATTERN, SignedSource.getSigningToken());
+      } else {
+        throw TokenNotFoundError;
+      }
+    }
+    return data.replace(NEWTOKEN, `SignedSource<<${hash(data, 'utf8')}>>`);
+  },
+
+  /**
+   * Verifies the signature in a signed file.
+   */
+  verifySignature(data) {
+    const matches = PATTERN.exec(data);
+    if (!matches) {
+      throw new Error(
+        'SignedSource.verifySignature(...): Cannot verify signature of an ' +
+        'unsigned file.'
+      );
+    }
+    const actual = matches[1];
+    // Replace signature with `NEWTOKEN` and hash to see if it matches the hash
+    // in the file. For backwards compatibility, also try `OLDTOKEN`.
+    return TOKENS.some(token => {
+      const unsigned = data.replace(PATTERN, `${GENERATED} ${token}`);
+      return hash(unsigned, 'utf8') === actual;
+    });
+  },
+};
+
+// @deprecated
+SignedSource.SIGN_OK = {message: 'ok'};
+SignedSource.SIGN_INVALID = new Error('invalid');
+SignedSource.SIGN_UNSIGNED = new Error('unsigned');
+SignedSource.signing_token = SignedSource.getSigningToken;
+SignedSource.is_signed = SignedSource.isSigned;
+SignedSource.sign = data => ({
+  first_time: data.includes(NEWTOKEN),
+  signed_data: SignedSource.signFile(data),
+});
+SignedSource.verify_signature = data => {
+  try {
+    return SignedSource.verifySignature(data)
+      ? SignedSource.SIGN_OK
+      : SignedSource.SIGN_INVALID;
+  } catch (_) {
+    return SignedSource.SIGN_UNSIGNED;
+  }
+};
+
+module.exports = SignedSource;

node_modules/signedsource/package.json

@@ -0,0 +1,32 @@
+{
+  "_from": "signedsource@^1.0.0",
+  "_id": "signedsource@1.0.0",
+  "_inBundle": false,
+  "_integrity": "sha1-HdrOSYF5j5O9gzlzgD2A1S6TrWo=",
+  "_location": "/signedsource",
+  "_phantomChildren": {},
+  "_requested": {
+    "type": "range",
+    "registry": true,
+    "raw": "signedsource@^1.0.0",
+    "name": "signedsource",
+    "escapedName": "signedsource",
+    "rawSpec": "^1.0.0",
+    "saveSpec": null,
+    "fetchSpec": "^1.0.0"
+  },
+  "_requiredBy": [
+    "/@gatsbyjs/relay-compiler"
+  ],
+  "_resolved": "https://registry.npmjs.org/signedsource/-/signedsource-1.0.0.tgz",
+  "_shasum": "1ddace4981798f93bd833973803d80d52e93ad6a",
+  "_spec": "signedsource@^1.0.0",
+  "_where": "/Users/stefanfejes/Projects/30-seconds-of-python-code/node_modules/@gatsbyjs/relay-compiler",
+  "bundleDependencies": false,
+  "deprecated": false,
+  "description": "This package exports utilities to sign and verify generated files.",
+  "license": "BSD-3-Clause",
+  "main": "index.js",
+  "name": "signedsource",
+  "version": "1.0.0"
+}