校验原生壳能力声明一致性

移动壳配置检查校验声明能力来自共享 HostBridge 白名单桌面壳配置检查校验 runtime 能力与 URL hostCapabilities 一致文档补充新增 native capability 后必须运行双壳检查共享决策记录补充壳能力防漂移约束
2026-06-18 01:09:02 +08:00
parent 5c3b70caf1
commit ad883df307
5 changed files with 162 additions and 4 deletions
--- a/apps/desktop-shell/scripts/check-config.mjs
+++ b/apps/desktop-shell/scripts/check-config.mjs
@@ -10,6 +10,76 @@ const capability = JSON.parse(fs.readFileSync(capabilityPath, 'utf8'));
 const buildScriptPath = new URL('../src-tauri/build.rs', import.meta.url);
 const buildScript = fs.readFileSync(buildScriptPath, 'utf8');
 const iconPath = new URL('../src-tauri/icons/icon.png', import.meta.url);
+const sharedContractPath = new URL(
+  '../../../packages/shared/src/contracts/hostBridge.ts',
+  import.meta.url,
+);
+const sharedContractSource = fs.readFileSync(sharedContractPath, 'utf8');
+const mainPath = new URL('../src-tauri/src/main.rs', import.meta.url);
+const main = fs.readFileSync(mainPath, 'utf8');
+
+function extractStringArrayExport(source, exportName) {
+  const match = source.match(
+    new RegExp(`export const ${exportName}[^=]*= \\[([\\s\\S]*?)\\](?: as const)?;`),
+  );
+  if (!match) {
+    throw new Error(`unable to read ${exportName}`);
+  }
+
+  const entries = [...match[1].matchAll(/'([^']+)'/g)].map(
+    (entry) => entry[1],
+  );
+  if (match[1].includes('...HOST_BRIDGE_METHODS')) {
+    return [
+      ...extractStringArrayExport(source, 'HOST_BRIDGE_METHODS'),
+      ...entries,
+    ];
+  }
+
+  return entries;
+}
+
+function extractDesktopCapabilities(source) {
+  const match = source.match(/fn capabilities\(\)[^{]*\{[\s\S]*?vec!\[([\s\S]*?)\]\s*\}/);
+  if (!match) {
+    throw new Error('unable to read desktop shell capabilities');
+  }
+
+  return [...match[1].matchAll(/"([^"]+)"/g)].map((entry) => entry[1]);
+}
+
+function resolveHostCapabilitiesFromUrl(rawUrl) {
+  const url = new URL(rawUrl, 'https://app.genarrative.world/');
+  return (url.searchParams.get('hostCapabilities') ?? '')
+    .split(',')
+    .map((capability) => capability.trim())
+    .filter(Boolean);
+}
+
+function assertSameList(actual, expected, label) {
+  if (
+    actual.length !== expected.length ||
+    actual.some((value, index) => value !== expected[index])
+  ) {
+    throw new Error(
+      `${label} drifted: expected ${expected.join(', ')} but got ${actual.join(', ')}`,
+    );
+  }
+}
+
+const sharedCapabilities = extractStringArrayExport(
+  sharedContractSource,
+  'HOST_BRIDGE_CAPABILITIES',
+);
+const desktopCapabilities = extractDesktopCapabilities(main);
+const unknownDesktopCapabilities = desktopCapabilities.filter(
+  (capability) => !sharedCapabilities.includes(capability),
+);
+if (unknownDesktopCapabilities.length > 0) {
+  throw new Error(
+    `desktop shell declares unknown HostBridge capabilities: ${unknownDesktopCapabilities.join(', ')}`,
+  );
+}

 if (config.build?.frontendDist !== '../../../dist') {
  throw new Error('desktop shell must package the root H5 dist');
@@ -34,7 +104,6 @@ const requiredUrlParts = [
  'hostShell=tauri_desktop',
  'hostPlatform=unknown',
  'bridgeVersion=1',
-  'hostCapabilities=host.getRuntime,share.open,share.setTarget,navigation.openNativePage,app.openExternalUrl,app.setTitle,clipboard.writeText,file.exportText',
 ];

 for (const part of requiredUrlParts) {
@@ -46,6 +115,17 @@ for (const part of requiredUrlParts) {
  }
 }

+assertSameList(
+  resolveHostCapabilitiesFromUrl(mainWindow.url),
+  desktopCapabilities,
+  'desktop shell main window hostCapabilities',
+);
+assertSameList(
+  resolveHostCapabilitiesFromUrl(config.build?.devUrl ?? ''),
+  desktopCapabilities,
+  'desktop shell dev hostCapabilities',
+);
+
 const requiredPermissions = [
  'core:default',
  'allow-host-bridge-request',
@@ -86,9 +166,6 @@ if (icon.length < 10000) {
  throw new Error('desktop shell icon must use a real brand asset');
 }

-const mainPath = new URL('../src-tauri/src/main.rs', import.meta.url);
-const main = fs.readFileSync(mainPath, 'utf8');
-
 for (const snippet of requiredMainSnippets) {
  if (!main.includes(snippet)) {
    throw new Error(`desktop shell Rust host bridge missing ${snippet}`);
--- a/apps/mobile-shell/scripts/check-config.mjs
+++ b/apps/mobile-shell/scripts/check-config.mjs
@@ -8,11 +8,68 @@ const appPath = new URL('../App.tsx', import.meta.url);
 const appSource = fs.readFileSync(appPath, 'utf8');
 const bridgePath = new URL('../src/mobileHostBridge.ts', import.meta.url);
 const bridgeSource = fs.readFileSync(bridgePath, 'utf8');
+const sharedContractPath = new URL(
+  '../../../packages/shared/src/contracts/hostBridge.ts',
+  import.meta.url,
+);
+const sharedContractSource = fs.readFileSync(sharedContractPath, 'utf8');
 const packagePath = new URL('../package.json', import.meta.url);
 const packageConfig = JSON.parse(fs.readFileSync(packagePath, 'utf8'));
 const iconPath = new URL('../assets/icon.png', import.meta.url);
 const icon = PNG.sync.read(fs.readFileSync(iconPath));

+function extractStringArrayExport(source, exportName) {
+  const match = source.match(
+    new RegExp(`export const ${exportName}[^=]*= \\[([\\s\\S]*?)\\](?: as const)?;`),
+  );
+  if (!match) {
+    throw new Error(`unable to read ${exportName}`);
+  }
+
+  const entries = [...match[1].matchAll(/'([^']+)'/g)].map(
+    (entry) => entry[1],
+  );
+  if (match[1].includes('...HOST_BRIDGE_METHODS')) {
+    return [
+      ...extractStringArrayExport(source, 'HOST_BRIDGE_METHODS'),
+      ...entries,
+    ];
+  }
+
+  return entries;
+}
+
+const sharedCapabilities = extractStringArrayExport(
+  sharedContractSource,
+  'HOST_BRIDGE_CAPABILITIES',
+);
+const mobileCapabilities = extractStringArrayExport(
+  bridgeSource,
+  'MOBILE_HOST_CAPABILITIES',
+);
+const mobileCapabilitySet = new Set(mobileCapabilities);
+const unknownMobileCapabilities = mobileCapabilities.filter(
+  (capability) => !sharedCapabilities.includes(capability),
+);
+if (unknownMobileCapabilities.length > 0) {
+  throw new Error(
+    `mobile shell declares unknown HostBridge capabilities: ${unknownMobileCapabilities.join(', ')}`,
+  );
+}
+
+for (const capability of mobileCapabilities) {
+  const switchCase = `case '${capability}':`;
+  if (
+    capability !== 'host.events' &&
+    capability !== 'navigation.canGoBack' &&
+    !bridgeSource.includes(switchCase)
+  ) {
+    throw new Error(
+      `mobile shell declares ${capability} but does not handle it in HostBridge`,
+    );
+  }
+}
+
 if (appConfig.scheme !== 'genarrative') {
  throw new Error('mobile shell scheme must be genarrative');
 }
@@ -68,3 +125,24 @@ for (const snippet of [
    throw new Error(`mobile shell HostBridge missing ${snippet}`);
  }
 }
+
+const capabilityQuerySnippet = "capabilities: MOBILE_HOST_CAPABILITIES";
+if (!appSource.includes(capabilityQuerySnippet)) {
+  throw new Error('mobile shell URL must use MOBILE_HOST_CAPABILITIES');
+}
+
+for (const capability of [
+  'host.getRuntime',
+  'share.open',
+  'share.setTarget',
+  'navigation.openNativePage',
+  'navigation.canGoBack',
+  'app.openExternalUrl',
+  'clipboard.writeText',
+  'file.exportText',
+  'haptics.impact',
+]) {
+  if (!mobileCapabilitySet.has(capability)) {
+    throw new Error(`mobile shell capabilities missing ${capability}`);
+  }
+}