Function bodies 30 total
setInputs function · javascript · L27-L30 (4 LOC)__fixtures__/core.js
export function setInputs(map) {
Object.keys(inputs).forEach((k) => delete inputs[k])
Object.assign(inputs, map)
}getInput function · javascript · L32-L38 (7 LOC)__fixtures__/core.js
export function getInput(name, options) {
const val = inputs[name] || ''
if (options?.required && !val) {
throw new Error(`Input required and not supplied: ${name}`)
}
return val
}setOutput function · javascript · L40-L42 (3 LOC)__fixtures__/core.js
export function setOutput(name, value) {
outputs[name] = value
}setFailed function · javascript · L44-L46 (3 LOC)__fixtures__/core.js
export function setFailed(message) {
errors.push(message)
}getOutputs function · javascript · L75-L77 (3 LOC)__fixtures__/core.js
export function getOutputs() {
return { ...outputs }
}getErrors function · javascript · L79-L81 (3 LOC)__fixtures__/core.js
export function getErrors() {
return [...errors]
}reset function · javascript · L83-L89 (7 LOC)__fixtures__/core.js
export function reset() {
Object.keys(inputs).forEach((k) => delete inputs[k])
Object.keys(outputs).forEach((k) => delete outputs[k])
errors.length = 0
summaryLines.length = 0
summary._buffer = ''
}Same scanner, your repo: https://repobility.com — Repobility
run function · javascript · L12-L53 (42 LOC)src/main.js
export async function run() {
try {
const command = core.getInput('command', { required: true })
const handler = COMMANDS[command]
if (!handler) {
core.setFailed(`Unknown command: "${command}". Available: ${Object.keys(COMMANDS).join(', ')}`)
return
}
const client = new SxtClient({
apiUrl: core.getInput('api-url') || undefined,
apiKey: core.getInput('api-key') || undefined,
authUrl: core.getInput('auth-url') || undefined,
authSecret: core.getInput('auth-secret') || undefined,
biscuitPrivateKey: core.getInput('biscuit-private-key') || undefined,
schemaName: core.getInput('schema-name', { required: true }),
originApp: core.getInput('origin-app') || undefined,
maxRetries: core.getInput('max-retries') ? Number(core.getInput('max-retries')) : undefined,
retryDelay: core.getInput('retry-delay') ? Number(core.getInput('retry-delay')) : undefined,
timeout: core.getInput('timeout') ? Number(core.getIparseList function · javascript · L55-L61 (7 LOC)src/main.js
function parseList(input) {
if (!input) return undefined
return input
.split(',')
.map((s) => s.trim())
.filter(Boolean)
}runQuery function · javascript · L63-L69 (7 LOC)src/main.js
async function runQuery(client) {
const sql = core.getInput('sql', { required: true })
const resources = parseList(core.getInput('resources'))
const queryType = core.getInput('query-type') || undefined
return client.query(sql, { resources, queryType })
}runExecute function · javascript · L71-L76 (6 LOC)src/main.js
async function runExecute(client) {
const sql = core.getInput('sql', { required: true })
const resources = parseList(core.getInput('resources'))
return client.execute(sql, { resources })
}runDdl function · javascript · L78-L81 (4 LOC)src/main.js
async function runDdl(client) {
const sql = core.getInput('sql', { required: true })
return client.ddl(sql)
}runListTables function · javascript · L83-L85 (3 LOC)src/main.js
async function runListTables(client) {
return client.listTables()
}runListChains function · javascript · L87-L90 (4 LOC)src/main.js
async function runListChains(client) {
const chain = core.getInput('chain') || undefined
return client.listChains(chain)
}writeSummary function · javascript · L92-L114 (23 LOC)src/main.js
function writeSummary(command, result) {
const heading = `Space and Time: ${command}`
if (Array.isArray(result) && result.length > 0) {
const columns = Object.keys(result[0])
const headerRow = columns.map((c) => ({ data: c, header: true }))
const dataRows = result.slice(0, 20).map((row) => columns.map((c) => String(row[c] ?? '')))
core.summary.addHeading(heading, 3)
if (result.length > 20) {
core.summary.addRaw(`Showing 20 of ${result.length} rows\n\n`)
}
core.summary.addTable([headerRow, ...dataRows]).write()
return
}
core.summary
.addHeading(heading, 3)
.addCodeBlock(JSON.stringify(result, null, 2), 'json')
.write()
}Repobility · severity-and-effort ranking · https://repobility.com
SxtError class · javascript · L26-L34 (9 LOC)src/sxt.js
export class SxtError extends Error {
constructor(message, { status, body, code } = {}) {
super(message)
this.name = 'SxtError'
this.status = status
this.body = body
this.code = code
}
}constructor method · javascript · L27-L33 (7 LOC)src/sxt.js
constructor(message, { status, body, code } = {}) {
super(message)
this.name = 'SxtError'
this.status = status
this.body = body
this.code = code
}SxtClient class · javascript · L36-L391 (356 LOC)src/sxt.js
export class SxtClient {
constructor({
apiUrl,
apiKey,
authUrl,
authSecret,
biscuitPrivateKey,
schemaName,
originApp = 'w3-sxt-action',
maxRetries = 3,
retryDelay = 2,
timeout = 30,
} = {}) {
if (!schemaName) throw new SxtError('schema-name is required', { code: 'MISSING_SCHEMA' })
// Determine auth mode
// JWT mode: either explicit auth-url + auth-secret, or api-key with JWT bootstrap
this.jwtMode = Boolean(authUrl && authSecret) || Boolean(apiKey)
this.hasExplicitAuth = Boolean(authUrl && authSecret)
if (!apiKey && !this.hasExplicitAuth) {
throw new SxtError(
'Authentication required: provide api-key (recommended) or auth-url + auth-secret',
{ code: 'MISSING_AUTH' },
)
}
// Auth config
this.apiKey = apiKey
this.authUrl = authUrl
this.authSecret = authSecret
this.biscuitPrivateKey = biscuitPrivateKey
// API URL
this.apiUrl = apiUrl ? apiUrl.replace(/\/+$/constructor method · javascript · L37-L80 (44 LOC)src/sxt.js
constructor({
apiUrl,
apiKey,
authUrl,
authSecret,
biscuitPrivateKey,
schemaName,
originApp = 'w3-sxt-action',
maxRetries = 3,
retryDelay = 2,
timeout = 30,
} = {}) {
if (!schemaName) throw new SxtError('schema-name is required', { code: 'MISSING_SCHEMA' })
// Determine auth mode
// JWT mode: either explicit auth-url + auth-secret, or api-key with JWT bootstrap
this.jwtMode = Boolean(authUrl && authSecret) || Boolean(apiKey)
this.hasExplicitAuth = Boolean(authUrl && authSecret)
if (!apiKey && !this.hasExplicitAuth) {
throw new SxtError(
'Authentication required: provide api-key (recommended) or auth-url + auth-secret',
{ code: 'MISSING_AUTH' },
)
}
// Auth config
this.apiKey = apiKey
this.authUrl = authUrl
this.authSecret = authSecret
this.biscuitPrivateKey = biscuitPrivateKey
// API URL
this.apiUrl = apiUrl ? apiUrl.replace(/\/+$/, '') : DEFAULT_PROXY_URLexecute method · javascript · L117-L120 (4 LOC)src/sxt.js
async execute(sql, { resources } = {}) {
if (!sql) throw new SxtError('sql is required', { code: 'MISSING_SQL' })
return this.executeSql(sql, { resources })
}ddl method · javascript · L128-L131 (4 LOC)src/sxt.js
async ddl(sql) {
if (!sql) throw new SxtError('sql is required', { code: 'MISSING_SQL' })
return this.executeSql(sql)
}listTables method · javascript · L138-L141 (4 LOC)src/sxt.js
async listTables() {
const sql = `SHOW TABLES IN ${this.schemaName}`
return this.executeSql(sql)
}listChains method · javascript · L149-L153 (5 LOC)src/sxt.js
async listChains(chain) {
const schema = chain ? chain.toUpperCase() : 'ETHEREUM'
const sql = `SELECT BLOCK_NUMBER, TIME_STAMP FROM ${schema}.BLOCKS ORDER BY BLOCK_NUMBER DESC LIMIT 5`
return this.executeSql(sql)
}Open data scored by Repobility · https://repobility.com
executeSql method · javascript · L159-L178 (20 LOC)src/sxt.js
async executeSql(sql, { resources, queryType } = {}) {
const endpoint = '/v1/sql'
const biscuit = this.biscuitPrivateKey ? this.generateBiscuit(sql) : null
const token = await this.getToken()
const body = {
sqlText: sql,
...(biscuit && { biscuits: [biscuit] }),
...(resources?.length && { resources }),
...(queryType && { queryType }),
}
// Always include API key when available (proxy requires it),
// plus Bearer token for JWT-authenticated requests
const auth = {}
if (this.apiKey) auth.apiKey = this.apiKey
if (token) auth.bearer = token
return this.requestWithRetry('POST', endpoint, body, auth)
}invalidateToken method · javascript · L247-L250 (4 LOC)src/sxt.js
invalidateToken() {
this.cachedToken = null
this.tokenExpiresAt = 0
}generateBiscuit method · javascript · L261-L287 (27 LOC)src/sxt.js
generateBiscuit(sql) {
try {
const operation = this.detectOperation(sql)
const resource = this.extractResource(sql)
const payload = {
operation,
resource: resource.toLowerCase(),
timestamp: Math.floor(Date.now() / 1000),
}
const payloadStr = JSON.stringify(payload)
const keyBuffer = Buffer.from(this.biscuitPrivateKey, 'hex')
const sign = createSign('Ed25519')
sign.update(payloadStr)
const signature = sign.sign({ key: keyBuffer, format: 'der', type: 'pkcs8' })
const biscuitData = {
payload: Buffer.from(payloadStr).toString('base64'),
signature: signature.toString('base64'),
}
return Buffer.from(JSON.stringify(biscuitData)).toString('base64')
} catch {
return null
}
}detectOperation method · javascript · L289-L299 (11 LOC)src/sxt.js
detectOperation(sql) {
const trimmed = sql.trim().toUpperCase()
if (trimmed.startsWith('SELECT')) return 'dql_select'
if (trimmed.startsWith('INSERT')) return 'dml_insert'
if (trimmed.startsWith('UPDATE')) return 'dml_update'
if (trimmed.startsWith('DELETE')) return 'dml_delete'
if (trimmed.startsWith('CREATE')) return 'ddl_create'
if (trimmed.startsWith('DROP')) return 'ddl_drop'
if (trimmed.startsWith('ALTER')) return 'ddl_alter'
return 'dql_select'
}requestWithRetry method · javascript · L311-L341 (31 LOC)src/sxt.js
async requestWithRetry(method, path, body, auth) {
let lastError
for (let attempt = 0; attempt <= this.maxRetries; attempt++) {
try {
return await this.request(method, path, body, auth)
} catch (error) {
lastError = error
if (error.status === 401 && this.jwtMode && attempt < this.maxRetries) {
this.invalidateToken()
auth = { bearer: await this.getToken() }
continue
}
if (error.status === 429 && attempt < this.maxRetries) {
await this.sleep(this.retryDelay * 1000 * Math.pow(2, attempt))
continue
}
if (error.status >= 500 && attempt < this.maxRetries) {
await this.sleep(this.retryDelay * 1000 * Math.pow(2, attempt))
continue
}
throw error
}
}
throw lastError
}request method · javascript · L343-L386 (44 LOC)src/sxt.js
async request(method, path, body, auth) {
const url = `${this.apiUrl}${path}`
const headers = {
'Content-Type': 'application/json',
Accept: 'application/json',
originApp: this.originApp,
}
if (auth.apiKey) {
headers.apikey = auth.apiKey
}
if (auth.bearer) {
headers.Authorization = `Bearer ${auth.bearer}`
}
const options = { method, headers, signal: AbortSignal.timeout(this.timeout) }
if (body) options.body = JSON.stringify(body)
const response = await fetch(url, options)
const text = await response.text()
if (!response.ok) {
throw new SxtError(`SxT API error: ${response.status}`, {
status: response.status,
body: text,
code: response.status === 429 ? 'RATE_LIMIT' : 'API_ERROR',
})
}
// DDL operations (CREATE, DROP) may return empty body on success
if (!text || !text.trim()) {
return { success: true }
}
try {
return JSON.parse(text)
sleep method · javascript · L388-L390 (3 LOC)src/sxt.js
sleep(ms) {
return new Promise((resolve) => setTimeout(resolve, ms))
}