mirror of
https://github.com/BigBodyCobain/Shadowbroker.git
synced 2026-05-28 10:01:31 +02:00
Shadowbroker
a930497e14
* fix(start-scripts): find bundled privacy_core.dll next to script start.bat and start.sh only checked the source-tree DLL path (``privacy-core/target/release/privacy_core.dll``), not the bundled location where MSI/AppImage/DMG installers stage the library directly next to the script in backend-runtime/. Users running start.bat from inside an MSI install dir (a documented workaround when the desktop shell crashes) saw a scary "install Rust" warning even though the DLL was sitting right next to them. See issue #319 for the user-reported confusion. Fix: add a fallback check for the bundled location before falling through to the "build privacy-core from source" warning. Source-tree behavior unchanged — the source path is still preferred when present. Also re-stamps the v0.9.81 source archive: ``release_digests.json`` v0.9.81 zip hash updated to point at the rebuilt source archive that contains these script changes. MSI/EXE/sig hashes are unchanged (the scripts live at the repo root, not inside the desktop bundle). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(#319): bundle start.bat + start.sh into the MSI/EXE installers Follow-up to the start-script DLL fallback fix in the prior commit. ChrisMTheMan's report on #319 made it clear the workaround flow was: 1. MSI install crashes on launch (different bug, fixed in v0.9.81) 2. User goes looking for start.bat to launch the backend manually 3. start.bat isn't in their install dir, so they go fetch it from GitHub 4. They get a working script but it doesn't know about the bundled privacy_core.dll layout, so they see a scary "install Rust" warning The prior commit fixed step 4. This commit fixes step 3 — start.bat and start.sh now ship inside the MSI/EXE installers (staged into backend-runtime/ next to the privacy_core.dll they expect to find). After the rebuild lands, an MSI user looking for these scripts finds them right inside their install dir, already pointing at the correct bundled DLL location. What changed ------------ * ``build-backend-runtime.cjs`` now has a ``stageStartScripts()`` step that copies start.bat and start.sh from the repo root into the staged backend-runtime/. Preserves the executable bit on .sh under POSIX. * ``release_digests.json`` v0.9.81 block hashes refreshed for the rebuilt MSI / EXE / source-zip (the scripts being bundled changed the MSI/EXE contents; the source zip also includes the start-script fix from the prior commit). ShadowBroker_v0.9.81.zip 6.06 MB af8c87ccdece8fbb9aadc6be63cce10d3fcba74e6d87ef83289dda6d555fd270 ShadowBroker_0.9.81_x64_en-US.msi 122.4 MB 8977c9a1c54e1f0d030436be9c4e3d81d766cc0080699eb747649095f360c7ff ShadowBroker_0.9.81_x64-setup.exe 76.5 MB 4e866fa0423c0c2470ed32f4809167a7815dc23ee7762b69e95681c1f3a28250 Post-merge plan --------------- Force-move the v0.9.81 tag to this commit and replace ALL release assets on the GitHub release: zip, msi, exe, both .sig files, latest.json, SHA256SUMS.txt, release-manifest.json. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
318 lines
11 KiB
Batchfile
318 lines
11 KiB
Batchfile
@echo off
|
|
title ShadowBroker - Global Threat Intercept
|
|
|
|
echo ===================================================
|
|
echo S H A D O W B R O K E R -- STARTUP
|
|
echo ===================================================
|
|
echo.
|
|
|
|
:: Remember where we started (project root)
|
|
set "ROOT=%~dp0"
|
|
:: Strip trailing backslash
|
|
if "%ROOT:~-1%"=="\" set "ROOT=%ROOT:~0,-1%"
|
|
|
|
:: Check for stale docker-compose.yml from pre-migration clones
|
|
findstr /R /C:"build:" "%ROOT%\docker-compose.yml" >nul 2>&1
|
|
if %errorlevel% equ 0 (
|
|
echo.
|
|
echo ================================================================
|
|
echo [!] WARNING: Your docker-compose.yml is outdated.
|
|
echo.
|
|
echo It contains 'build:' directives, which means Docker will
|
|
echo compile from local source instead of pulling pre-built images.
|
|
echo You will NOT receive updates this way.
|
|
echo.
|
|
echo If you use Docker, re-clone the repository:
|
|
echo git clone https://github.com/BigBodyCobain/Shadowbroker.git
|
|
echo cd Shadowbroker
|
|
echo docker compose pull
|
|
echo docker compose up -d
|
|
echo ================================================================
|
|
echo.
|
|
)
|
|
|
|
:: Check for Python and pin the exact interpreter we will use later.
|
|
set "PYTHON_EXE="
|
|
for /f "usebackq delims=" %%p in (`python -c "import sys; print(sys.executable)" 2^>nul`) do if not defined PYTHON_EXE set "PYTHON_EXE=%%p"
|
|
if not defined PYTHON_EXE (
|
|
for /f "usebackq delims=" %%p in (`py -3.11 -c "import sys; print(sys.executable)" 2^>nul`) do if not defined PYTHON_EXE set "PYTHON_EXE=%%p"
|
|
)
|
|
if not defined PYTHON_EXE (
|
|
for /f "usebackq delims=" %%p in (`py -3 -c "import sys; print(sys.executable)" 2^>nul`) do if not defined PYTHON_EXE set "PYTHON_EXE=%%p"
|
|
)
|
|
if not defined PYTHON_EXE (
|
|
echo [!] ERROR: Python is not installed or not in PATH.
|
|
echo [!] Install Python 3.10-3.12 from https://python.org
|
|
echo [!] IMPORTANT: Check "Add to PATH" during install.
|
|
echo.
|
|
pause
|
|
exit /b 1
|
|
)
|
|
set "BACKEND_BASE_PYTHON=%PYTHON_EXE%"
|
|
|
|
:: Check Python version (warn if 3.13+)
|
|
for /f "tokens=2 delims= " %%v in ('"%PYTHON_EXE%" --version 2^>^&1') do set PYVER=%%v
|
|
echo [*] Found Python %PYVER%
|
|
for /f "tokens=1,2 delims=." %%a in ("%PYVER%") do (
|
|
if %%b GEQ 13 (
|
|
echo [!] WARNING: Python %PYVER% detected. Some packages may fail to build.
|
|
echo [!] Recommended: Python 3.10, 3.11, or 3.12.
|
|
echo.
|
|
)
|
|
)
|
|
|
|
:: Check for Node.js
|
|
where npm >nul 2>&1
|
|
if %errorlevel% neq 0 (
|
|
echo [!] ERROR: Node.js/npm is not installed or not in PATH.
|
|
echo [!] Install Node.js 18+ from https://nodejs.org
|
|
echo.
|
|
pause
|
|
exit /b 1
|
|
)
|
|
|
|
for /f "tokens=1 delims= " %%v in ('node --version 2^>^&1') do echo [*] Found Node.js %%v
|
|
|
|
:: ── AGGRESSIVE ZOMBIE CLEANUP ──────────────────────────────────────
|
|
echo.
|
|
echo [*] Clearing zombie processes...
|
|
|
|
:: Kill by port — catches processes in ANY state, not just LISTENING
|
|
for /f "tokens=5" %%a in ('netstat -ano ^| findstr ":8000 "') do (
|
|
taskkill /F /PID %%a >nul 2>&1
|
|
)
|
|
for /f "tokens=5" %%a in ('netstat -ano ^| findstr ":3000 "') do (
|
|
taskkill /F /PID %%a >nul 2>&1
|
|
)
|
|
for /f "tokens=5" %%a in ('netstat -ano ^| findstr ":8787 "') do (
|
|
taskkill /F /PID %%a >nul 2>&1
|
|
)
|
|
|
|
:: Brief pause to let OS release the ports
|
|
timeout /t 1 /nobreak >nul
|
|
|
|
:: Verify ports are actually free
|
|
netstat -ano | findstr ":8000 " | findstr "LISTENING" >nul 2>&1
|
|
if %errorlevel% equ 0 (
|
|
echo [!] WARNING: Port 8000 is still occupied! Waiting 3s for OS cleanup...
|
|
timeout /t 3 /nobreak >nul
|
|
)
|
|
netstat -ano | findstr ":3000 " | findstr "LISTENING" >nul 2>&1
|
|
if %errorlevel% equ 0 (
|
|
echo [!] WARNING: Port 3000 is still occupied! Waiting 3s for OS cleanup...
|
|
timeout /t 3 /nobreak >nul
|
|
)
|
|
netstat -ano | findstr ":8787 " | findstr "LISTENING" >nul 2>&1
|
|
if %errorlevel% equ 0 (
|
|
echo [!] WARNING: Port 8787 is still occupied! Waiting 3s for OS cleanup...
|
|
timeout /t 3 /nobreak >nul
|
|
)
|
|
|
|
echo [*] Ports clear.
|
|
:: ────────────────────────────────────────────────────────────────────
|
|
|
|
echo.
|
|
echo [*] Setting up backend...
|
|
cd /d "%ROOT%\backend"
|
|
set "VENV_MARKER=.venv-dir"
|
|
set "PINNED_VENV_DIR="
|
|
if exist "%VENV_MARKER%" set /p PINNED_VENV_DIR=<"%VENV_MARKER%"
|
|
|
|
:: Check if UV is available (preferred, much faster installs)
|
|
where uv >nul 2>&1
|
|
if %errorlevel% neq 0 goto :use_pip
|
|
|
|
echo [*] Using UV for Python dependency management.
|
|
set "PRIMARY_VENV_DIR=venv"
|
|
if defined PINNED_VENV_DIR set "PRIMARY_VENV_DIR=%PINNED_VENV_DIR%"
|
|
set "REPAIR_VENV_DIR=venv-repair-%RANDOM%%RANDOM%"
|
|
set "VENV_DIR=%PRIMARY_VENV_DIR%"
|
|
set "VENV_PY=%VENV_DIR%\Scripts\python.exe"
|
|
if exist "%VENV_PY%" (
|
|
"%VENV_PY%" -V >nul 2>&1
|
|
if errorlevel 1 (
|
|
echo [*] Existing backend Python venv is stale. Rebuilding it...
|
|
rmdir /s /q "%PRIMARY_VENV_DIR%" >nul 2>&1
|
|
if exist "%PRIMARY_VENV_DIR%\" (
|
|
set "VENV_DIR=%REPAIR_VENV_DIR%"
|
|
echo [*] Primary venv could not be replaced cleanly. Falling back to %REPAIR_VENV_DIR%...
|
|
)
|
|
)
|
|
)
|
|
set "VENV_PY=%VENV_DIR%\Scripts\python.exe"
|
|
if /I not "%VENV_DIR%"=="%PRIMARY_VENV_DIR%" if exist "%VENV_PY%" (
|
|
"%VENV_PY%" -V >nul 2>&1
|
|
if errorlevel 1 rmdir /s /q "%VENV_DIR%" >nul 2>&1
|
|
)
|
|
set "BACKEND_VENV_DIR=%VENV_DIR%"
|
|
if not exist "%VENV_DIR%\" (
|
|
echo [*] Creating Python virtual environment...
|
|
if exist "%VENV_DIR%\" rmdir /s /q "%VENV_DIR%" >nul 2>&1
|
|
uv venv "%VENV_DIR%"
|
|
if errorlevel 1 (
|
|
echo [!] ERROR: Failed to create virtual environment.
|
|
pause
|
|
exit /b 1
|
|
)
|
|
)
|
|
"%VENV_PY%" -V >nul 2>&1
|
|
if errorlevel 1 (
|
|
echo [!] ERROR: Backend virtual environment could not start Python after repair.
|
|
pause
|
|
exit /b 1
|
|
)
|
|
echo [*] Installing Python dependencies via UV (fast)...
|
|
cd /d "%ROOT%"
|
|
set "UV_PROJECT_ENVIRONMENT=%ROOT%\backend\%VENV_DIR%"
|
|
uv sync --frozen --no-dev
|
|
set "UV_PROJECT_ENVIRONMENT="
|
|
if %errorlevel% neq 0 goto :dep_fail
|
|
cd /d "%ROOT%\backend"
|
|
goto :deps_ok
|
|
|
|
:use_pip
|
|
echo [*] UV not found, using pip (install UV for faster installs: https://docs.astral.sh/uv/)
|
|
set "PRIMARY_VENV_DIR=venv"
|
|
if defined PINNED_VENV_DIR set "PRIMARY_VENV_DIR=%PINNED_VENV_DIR%"
|
|
set "REPAIR_VENV_DIR=venv-repair-%RANDOM%%RANDOM%"
|
|
set "VENV_DIR=%PRIMARY_VENV_DIR%"
|
|
set "VENV_PY=%VENV_DIR%\Scripts\python.exe"
|
|
if exist "%VENV_PY%" (
|
|
"%VENV_PY%" -V >nul 2>&1
|
|
if errorlevel 1 (
|
|
echo [*] Existing backend Python venv is stale. Rebuilding it...
|
|
rmdir /s /q "%PRIMARY_VENV_DIR%" >nul 2>&1
|
|
if exist "%PRIMARY_VENV_DIR%\" (
|
|
set "VENV_DIR=%REPAIR_VENV_DIR%"
|
|
echo [*] Primary venv could not be replaced cleanly. Falling back to %REPAIR_VENV_DIR%...
|
|
)
|
|
)
|
|
)
|
|
set "VENV_PY=%VENV_DIR%\Scripts\python.exe"
|
|
if /I not "%VENV_DIR%"=="%PRIMARY_VENV_DIR%" if exist "%VENV_PY%" (
|
|
"%VENV_PY%" -V >nul 2>&1
|
|
if errorlevel 1 rmdir /s /q "%VENV_DIR%" >nul 2>&1
|
|
)
|
|
set "BACKEND_VENV_DIR=%VENV_DIR%"
|
|
if not exist "%VENV_DIR%\" (
|
|
echo [*] Creating Python virtual environment...
|
|
if /I not "%VENV_DIR%"=="%PRIMARY_VENV_DIR%" if exist "%VENV_DIR%\" rmdir /s /q "%VENV_DIR%" >nul 2>&1
|
|
"%PYTHON_EXE%" -m venv "%VENV_DIR%"
|
|
if errorlevel 1 (
|
|
echo [!] ERROR: Failed to create virtual environment with %PYTHON_EXE%.
|
|
pause
|
|
exit /b 1
|
|
)
|
|
)
|
|
"%VENV_PY%" -V >nul 2>&1
|
|
if errorlevel 1 (
|
|
echo [!] ERROR: Backend virtual environment could not start Python after repair.
|
|
pause
|
|
exit /b 1
|
|
)
|
|
echo [*] Installing Python dependencies (this may take a minute)...
|
|
"%VENV_PY%" -m pip install -q .
|
|
if %errorlevel% neq 0 goto :dep_fail
|
|
goto :deps_ok
|
|
|
|
:dep_fail
|
|
echo.
|
|
echo [!] ERROR: Python dependency install failed. See errors above.
|
|
echo [!] If you see Rust/cargo errors, your Python version may be too new.
|
|
echo [!] Recommended: Python 3.10, 3.11, or 3.12.
|
|
echo.
|
|
cd /d "%ROOT%"
|
|
pause
|
|
exit /b 1
|
|
|
|
:deps_ok
|
|
> "%VENV_MARKER%" echo %VENV_DIR%
|
|
echo [*] Backend dependencies OK.
|
|
if not exist "node_modules\ws" (
|
|
echo [*] Installing backend Node.js dependencies...
|
|
call npm ci --omit=dev --silent
|
|
)
|
|
echo [*] Backend Node.js dependencies OK.
|
|
|
|
echo.
|
|
echo [*] Checking privacy-core shared library...
|
|
set "PRIVACY_CORE_DLL=%ROOT%\privacy-core\target\release\privacy_core.dll"
|
|
:: MSI/EXE installers stage privacy_core.dll directly in backend-runtime/
|
|
:: alongside this script. If somebody runs start.bat from an installed
|
|
:: app directory (no source checkout, no Rust toolchain), they shouldn't
|
|
:: see a spurious "install Rust" warning because the DLL is right next
|
|
:: to them — just at a different path than the source-tree build.
|
|
if not exist "%PRIVACY_CORE_DLL%" if exist "%ROOT%\privacy_core.dll" (
|
|
set "PRIVACY_CORE_DLL=%ROOT%\privacy_core.dll"
|
|
)
|
|
if not exist "%PRIVACY_CORE_DLL%" (
|
|
where cargo >nul 2>&1
|
|
if errorlevel 1 (
|
|
echo [!] WARNING: privacy-core DLL is missing and Rust/Cargo is not installed.
|
|
echo [!] Infonet private lanes and gates need this library.
|
|
echo [!] Install Rust from https://rustup.rs/ and run:
|
|
echo [!] cargo build --release --manifest-path "%ROOT%\privacy-core\Cargo.toml"
|
|
echo.
|
|
) else (
|
|
echo [*] Building privacy-core release DLL...
|
|
cd /d "%ROOT%"
|
|
cargo build --release --manifest-path "%ROOT%\privacy-core\Cargo.toml"
|
|
if errorlevel 1 (
|
|
echo [!] ERROR: privacy-core build failed. Infonet private lanes need this DLL.
|
|
echo.
|
|
pause
|
|
exit /b 1
|
|
)
|
|
cd /d "%ROOT%\backend"
|
|
)
|
|
)
|
|
if exist "%PRIVACY_CORE_DLL%" (
|
|
echo [*] privacy-core DLL OK.
|
|
"%VENV_PY%" "%ROOT%\scripts\refresh_privacy_core_pin.py"
|
|
if errorlevel 1 (
|
|
echo [!] WARNING: privacy-core trust pin refresh failed. Startup may fail if backend\.env pins an old hash.
|
|
echo.
|
|
)
|
|
)
|
|
|
|
cd /d "%ROOT%"
|
|
|
|
echo.
|
|
echo [*] Setting up frontend...
|
|
cd /d "%ROOT%\frontend"
|
|
set "FRONTEND_DEPS_OK=1"
|
|
if not exist "node_modules\" set "FRONTEND_DEPS_OK=0"
|
|
if "%FRONTEND_DEPS_OK%"=="1" node -e "require.resolve('next/dist/bin/next',{paths:['.']});require.resolve('lucide-react',{paths:['.']});require.resolve('maplibre-gl',{paths:['.']});require.resolve('@swc/helpers/_/_interop_require_default',{paths:['.']})" >nul 2>&1
|
|
if "%FRONTEND_DEPS_OK%"=="1" if errorlevel 1 set "FRONTEND_DEPS_OK=0"
|
|
if "%FRONTEND_DEPS_OK%"=="0" (
|
|
echo [*] Frontend install is missing required packages. Repairing with npm ci...
|
|
call npm ci
|
|
if errorlevel 1 (
|
|
echo [!] ERROR: frontend dependency install failed. See errors above.
|
|
cd /d "%ROOT%"
|
|
pause
|
|
exit /b 1
|
|
)
|
|
)
|
|
echo [*] Frontend dependencies OK.
|
|
|
|
echo.
|
|
echo ===================================================
|
|
echo Starting services...
|
|
echo Dashboard: http://localhost:3000
|
|
echo Keep this window open! Initial load takes ~10s.
|
|
echo This is the hardened web/local runtime, not the final native shell.
|
|
echo Security work must not come at the cost of unusable map responsiveness.
|
|
echo ===================================================
|
|
echo (Press Ctrl+C to stop)
|
|
echo.
|
|
|
|
start "ShadowBroker Runtime" powershell.exe -NoProfile -ExecutionPolicy Bypass -NoExit -File "%ROOT%\scripts\run-windows-runtime.ps1" -Root "%ROOT%"
|
|
exit /b 0
|
|
|
|
echo.
|
|
echo ===================================================
|
|
echo ShadowBroker has stopped. Check errors above.
|
|
echo ===================================================
|
|
pause
|