{"id":50961192,"url":"https://github.com/0xwonj/websh","last_synced_at":"2026-06-18T14:04:05.858Z","repository":{"id":352580998,"uuid":"1127791196","full_name":"0xwonj/websh","owner":"0xwonj","description":"A verifiable personal archive built on a browser-native virtual filesystem.","archived":false,"fork":false,"pushed_at":"2026-05-05T20:55:54.000Z","size":6860,"stargazers_count":3,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-05-05T22:33:50.867Z","etag":null,"topics":["cypherpunk","leptos","rust","shell","vfs","web-assembly","website"],"latest_commit_sha":null,"homepage":"https://wonjae.eth.limo","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"cc-by-sa-4.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/0xwonj.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-01-04T15:50:57.000Z","updated_at":"2026-05-05T20:56:08.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/0xwonj/websh","commit_stats":null,"previous_names":["0xwonj/websh"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/0xwonj/websh","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xwonj%2Fwebsh","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xwonj%2Fwebsh/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xwonj%2Fwebsh/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xwonj%2Fwebsh/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/0xwonj","download_url":"https://codeload.github.com/0xwonj/websh/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xwonj%2Fwebsh/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34493385,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-18T02:00:06.871Z","response_time":128,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cypherpunk","leptos","rust","shell","vfs","web-assembly","website"],"created_at":"2026-06-18T14:04:04.843Z","updated_at":"2026-06-18T14:04:05.842Z","avatar_url":"https://github.com/0xwonj.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"# websh\n\n```text\n             _       _\n __ __ _____| |__ __| |_\n \\ V  V / -_) '_ (_-\u003c ' \\\n  \\_/\\_/\\___|_.__/__/_||_|\n```\n\nWebsh is a verifiable personal archive backed by a Rust/WASM runtime and a browser-native virtual filesystem. It builds a static Leptos/WASM application that loads content manifests and runtime mounts into one canonical tree rooted at `/`, then exposes that tree through reader, ledger, and terminal views.\n\n## Workspace\n\nThe current workspace has four crates:\n\n| Crate | Role |\n|---|---|\n| `websh-core` | Shared domain types, filesystem engine, shell engine, runtime coordination, mempool helpers, attestation primitives, storage ports, and public facades. |\n| `websh-site` | Deployed-site identity and policy constants such as public key material, expected fingerprints, acknowledgement data, and site-specific copy. |\n| `websh-cli` | Native command adapter for content generation, attestation, deployment, mempool workflows, and mount setup. |\n| `websh-web` | Leptos browser adapter, `AppContext`, runtime services, IndexedDB/localStorage/sessionStorage adapters, feature views, and browser platform APIs. |\n\nArchitecture docs live in [docs/architecture/current.md](docs/architecture/current.md).\n\n## Prerequisites\n\n```bash\nrustup target add wasm32-unknown-unknown\ncargo install just\ncargo install trunk\ncargo install stylance-cli\ncargo install --locked cargo-deny\ncargo install cargo-machete\nnpm install\n```\n\nPlaywright browsers are required for E2E tests:\n\n```bash\nnpx playwright install\n```\n\nRelease signing and deployment use local tools: `gpg` is optional for PGP signatures, the Pinata CLI is required for `just pin`, and `gh` is required for mount/bootstrap workflows that touch GitHub repositories.\n\n## Development\n\n```bash\njust serve\n```\n\nThe dev server listens on `http://127.0.0.1:8080` and writes dev artifacts to `dist-dev/`. The pre-build hook chain runs Stylance, `websh-cli content manifest`, and `websh-cli attest build`. Development Trunk profiles skip the full attestation build unless `--force` is passed to the CLI command directly.\n\nThe browser app is hash-routed. The canonical root URL is `/#/`; content and app routes use the same hash model, for example `/#/ledger` and `/#/writing/example`. Clean deep paths such as `/writing/example` are best-effort only and require a host-level fallback to `index.html`; IPFS/path-gateway deployments should use hash URLs.\n\n## Build\n\n```bash\njust build\n```\n\nRelease builds write `dist/`. The release Trunk profile refreshes content manifests, `content/.websh/ledger.json`, and `assets/crypto/attestations.json`. Set `WEBSH_NO_SIGN=1` to refresh pending subjects without invoking GPG signing.\n\n## Verification\n\n```bash\njust verify\n```\n\nFocused checks:\n\n```bash\njust deps-check\njust web-wasm-test\nnpm run lint:css\nnpm run docs:drift\nnpm run perf:budgets\nnpm run perf:content\nnpm run e2e\n```\n\n`npm run perf:budgets` expects a release `dist/` tree. `npm run perf:content` expects a running app at `http://127.0.0.1:4173` unless `WEBSH_PERF_BASE_URL` or `WEBSH_E2E_BASE_URL` is set.\n\nSee [docs/architecture/verification.md](docs/architecture/verification.md) for the maintained command list behind `just verify`.\n\n## Content And Attestations\n\nContent lives under `content/`. The manifest pipeline parses frontmatter, computes derived fields, keeps sidecars current, and writes `content/manifest.json`.\n\n```bash\ncargo run --bin websh-cli -- content manifest\n```\n\nThe attestation pipeline refreshes sidecars, `content/.websh/ledger.json`, subjects, and `assets/crypto/attestations.json`. It signs missing PGP attestations when the expected signing key is available.\n\n```bash\ncargo run --bin websh-cli -- attest\ncargo run --bin websh-cli -- attest build --force\nWEBSH_NO_SIGN=1 cargo run --bin websh-cli -- attest build --force\n```\n\n## Browser Shell\n\nCommon read commands:\n\n- `ls [dir]`\n- `cd \u003cdir\u003e`\n- `pwd`\n- `cat \u003cfile\u003e`\n- `help`, `whoami`, `id`, `theme`, `clear`, `echo`\n- `grep`, `head`, `tail`, `wc` through pipelines\n- `export` / `unset` for user environment variables\n- `login` / `logout` for wallet session state\n\nAdmin write commands stage local changes in IndexedDB:\n\n- `touch \u003cpath\u003e`\n- `mkdir \u003cpath\u003e`\n- `rm [-r] \u003cpath\u003e`\n- `rmdir \u003cpath\u003e`\n- `edit \u003cpath\u003e`\n- `echo \"body\" \u003e \u003cpath\u003e`\n- `sync status`\n- `sync commit \u003cmessage\u003e`\n- `sync refresh`\n- `sync auth set \u003cgithub_pat\u003e` / `sync auth clear`\n\nCommits go through the strict mount-root backend and use GitHub compare-and-swap with the expected remote head. If the remote moved, the commit fails instead of clobbering newer content.\n\n## Deploy\n\n```bash\njust pin\n```\n\nThe deploy command builds the release bundle, uploads `dist/` to Pinata, writes `.last-cid`, and prints an `ipfs://...` contenthash for ENS. It reads `.env` for child-process environment variables such as Pinata credentials.\n\n## Styling\n\nCSS uses Stylance modules and a token hierarchy:\n\n- `assets/tokens/primitive.css`\n- `assets/tokens/semantic.css`\n- `assets/tokens/breakpoints.css`\n- `assets/tokens/typography.css`\n- `assets/themes/*.css`\n- `assets/base.css`\n- `crates/websh-web/src/**/*.module.css`\n\nComponent CSS should use semantic tokens. `npm run lint:css` enforces the current token policy.\n\n## License\n\nSee [LICENSE](LICENSE). Source code and published content are licensed under `CC-BY-SA-4.0`.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F0xwonj%2Fwebsh","html_url":"https://awesome.ecosyste.ms/projects/github.com%2F0xwonj%2Fwebsh","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F0xwonj%2Fwebsh/lists"}