@blamejs/core 0.9.14 → 0.9.15

package/lib/backup/index.js

@@ -48,10 +48,10 @@
  *   PQC-encrypted backup bundles — sealed columns + audit chain + keyring.
  */
 
-var fs = require("fs");
+var nodeFs = require("fs");
 var os = require("os");
-var path = require("path");
-var crypto = require("../crypto");
+var nodePath = require("path");
+var bCrypto = require("../crypto");
 var atomicFile = require("../atomic-file");
 var backupBundle = require("./bundle");
 var backupManifest = require("./manifest");
@@ -93,16 +93,16 @@ function _isValidBundleId(s) {
 }
 
 function _generateBundleId() {
-  return atomicFile.pathTimestamp() + "-" + crypto.generateToken(4);
+  return atomicFile.pathTimestamp() + "-" + bCrypto.generateToken(4);
 }
 
 function _dirSize(p) {
   var total = 0;
-  var entries = fs.readdirSync(p, { withFileTypes: true });
+  var entries = nodeFs.readdirSync(p, { withFileTypes: true });
   for (var i = 0; i < entries.length; i++) {
-    var f = path.join(p, entries[i].name);
+    var f = nodePath.join(p, entries[i].name);
     if (entries[i].isDirectory()) total += _dirSize(f);
-    else if (entries[i].isFile()) total += fs.statSync(f).size;
+    else if (entries[i].isFile()) total += nodeFs.statSync(f).size;
   }
   return total;
 }
@@ -150,7 +150,7 @@ function localStorage(opts) {
       throw new BackupError("backup/bad-bundle-id",
         "bundleId must match the framework's timestamp+suffix format");
     }
-    return path.join(root, bundleId);
+    return nodePath.join(root, bundleId);
   }
 
   return {
@@ -158,7 +158,7 @@ function localStorage(opts) {
     async writeBundle(bundleId, sourceDir) {
       atomicFile.ensureDir(root);
       var dest = _bundlePath(bundleId);
-      if (fs.existsSync(dest)) {
+      if (nodeFs.existsSync(dest)) {
         throw new BackupError("backup/bundle-exists",
           "writeBundle: bundle '" + bundleId + "' already exists in storage");
       }
@@ -166,26 +166,26 @@ function localStorage(opts) {
     },
     async readBundle(bundleId, destDir) {
       var src = _bundlePath(bundleId);
-      if (!fs.existsSync(src)) {
+      if (!nodeFs.existsSync(src)) {
         throw new BackupError("backup/bundle-not-found",
           "readBundle: '" + bundleId + "' not in storage at " + root);
       }
-      if (fs.existsSync(destDir)) {
+      if (nodeFs.existsSync(destDir)) {
         throw new BackupError("backup/dest-exists",
           "readBundle: destDir already exists: " + destDir);
       }
       atomicFile.copyDirRecursive(src, destDir);
     },
     async listBundles() {
-      if (!fs.existsSync(root)) return [];
-      var entries = fs.readdirSync(root, { withFileTypes: true });
+      if (!nodeFs.existsSync(root)) return [];
+      var entries = nodeFs.readdirSync(root, { withFileTypes: true });
       var out = [];
       for (var i = 0; i < entries.length; i++) {
         if (!entries[i].isDirectory()) continue;
         if (!_isValidBundleId(entries[i].name)) continue;
-        var p = path.join(root, entries[i].name);
+        var p = nodePath.join(root, entries[i].name);
         var stat;
-        try { stat = fs.statSync(p); } catch (_e) { continue; }
+        try { stat = nodeFs.statSync(p); } catch (_e) { continue; }
         var size;
         try { size = _dirSize(p); } catch (_e) { size = 0; }
         out.push({
@@ -200,11 +200,11 @@ function localStorage(opts) {
     },
     async deleteBundle(bundleId) {
       var p = _bundlePath(bundleId);
-      if (!fs.existsSync(p)) return;
-      fs.rmSync(p, { recursive: true, force: true });
+      if (!nodeFs.existsSync(p)) return;
+      nodeFs.rmSync(p, { recursive: true, force: true });
     },
     async hasBundle(bundleId) {
-      try { return fs.existsSync(_bundlePath(bundleId)); }
+      try { return nodeFs.existsSync(_bundlePath(bundleId)); }
       catch (_e) { return false; }
     },
   };
@@ -285,10 +285,10 @@ async function _resolveVaultKeyJson(vaultKeyJsonOpt) {
  *   var path   = require("node:path");
  *   var os     = require("node:os");
  *
- *   var dataDir = fs.mkdtempSync(path.join(os.tmpdir(), "backup-data-"));
- *   var root    = fs.mkdtempSync(path.join(os.tmpdir(), "backup-root-"));
- *   fs.writeFileSync(path.join(dataDir, "db.enc"),     Buffer.from([1, 2, 3]));
- *   fs.writeFileSync(path.join(dataDir, "db.key.enc"), Buffer.from([4, 5, 6]));
+ *   var dataDir = nodeFs.mkdtempSync(nodePath.join(os.tmpdir(), "backup-data-"));
+ *   var root    = nodeFs.mkdtempSync(nodePath.join(os.tmpdir(), "backup-root-"));
+ *   nodeFs.writeFileSync(nodePath.join(dataDir, "db.enc"),     Buffer.from([1, 2, 3]));
+ *   nodeFs.writeFileSync(nodePath.join(dataDir, "db.key.enc"), Buffer.from([4, 5, 6]));
  *
  *   var engine = b.backup.create({
  *     dataDir:      dataDir,
@@ -308,7 +308,7 @@ async function _resolveVaultKeyJson(vaultKeyJsonOpt) {
  */
 function create(opts) {
   opts = opts || {};
-  if (typeof opts.dataDir !== "string" || !fs.existsSync(opts.dataDir)) {
+  if (typeof opts.dataDir !== "string" || !nodeFs.existsSync(opts.dataDir)) {
     throw new BackupError("backup/no-datadir",
       "create: opts.dataDir is required and must exist");
   }
@@ -456,7 +456,7 @@ function create(opts) {
     runOpts = runOpts || {};
     var t0 = Date.now();
     var bundleId = _generateBundleId();
-    var stagingDir = path.join(os.tmpdir(),
+    var stagingDir = nodePath.join(os.tmpdir(),
       "blamejs-backup-staging-" + bundleId.replace(/[:.]/g, "-"));
 
     // Flush the live DB to disk so the snapshot is current. Default
@@ -500,7 +500,7 @@ function create(opts) {
         progressCallback: runOpts.progressCallback,
       });
     } catch (e) {
-      try { fs.rmSync(stagingDir, { recursive: true, force: true }); } catch (_e) { /* best-effort tmpdir cleanup */ }
+      try { nodeFs.rmSync(stagingDir, { recursive: true, force: true }); } catch (_e) { /* best-effort tmpdir cleanup */ }
       _emitAudit("backup.failure",
         { bundleId: bundleId, reason: (e && e.message) || String(e) }, "failure");
       throw e;
@@ -509,7 +509,7 @@ function create(opts) {
     try {
       await storage.writeBundle(bundleId, stagingDir);
     } catch (e) {
-      try { fs.rmSync(stagingDir, { recursive: true, force: true }); } catch (_e) { /* best-effort tmpdir cleanup */ }
+      try { nodeFs.rmSync(stagingDir, { recursive: true, force: true }); } catch (_e) { /* best-effort tmpdir cleanup */ }
       _emitAudit("backup.failure",
         { bundleId: bundleId, reason: "storage.writeBundle: " + ((e && e.message) || String(e)) },
         "failure");
@@ -517,7 +517,7 @@ function create(opts) {
         "writing bundle to storage failed: " + ((e && e.message) || String(e)));
     }
 
-    try { fs.rmSync(stagingDir, { recursive: true, force: true }); } catch (_e) { /* best-effort */ }
+    try { nodeFs.rmSync(stagingDir, { recursive: true, force: true }); } catch (_e) { /* best-effort */ }
 
     var summary = {
       bundleId:   bundleId,
@@ -675,11 +675,11 @@ function create(opts) {
         }
         // Newest bundle (storage.listBundles returns newest first).
         var bundleId = bundles[0].bundleId;
-        var stagingDir = path.join(testOpts.restoreTo,
+        var stagingDir = nodePath.join(testOpts.restoreTo,
           "test-" + bundleId.replace(/[:.]/g, "-"));
         // Refuse to overwrite an existing dir — operators get a fresh
         // restore every drill.
-        if (fs.existsSync(stagingDir)) {
+        if (nodeFs.existsSync(stagingDir)) {
           _emitAudit("backup.test.failed",
             { bundleId: bundleId, reason: "stagingDir already exists: " + stagingDir },
             "failure");
@@ -688,12 +688,12 @@ function create(opts) {
         var manifestPath, manifest, sigVerification;
         try {
           await storage.readBundle(bundleId, stagingDir);
-          manifestPath = path.join(stagingDir, "manifest.json");
-          if (!fs.existsSync(manifestPath)) {
+          manifestPath = nodePath.join(stagingDir, "manifest.json");
+          if (!nodeFs.existsSync(manifestPath)) {
             throw new BackupError("backup/test-no-manifest",
               "manifest.json missing under restored bundle " + bundleId);
           }
-          manifest = backupManifest.parse(fs.readFileSync(manifestPath, "utf8"));
+          manifest = backupManifest.parse(nodeFs.readFileSync(manifestPath, "utf8"));
           // Verify the manifest signature so a tampered backup test
           // surfaces here, not as a regulator finding later.
           sigVerification = backupManifest.verifySignature(manifest, {
@@ -740,7 +740,7 @@ function create(opts) {
           // Best-effort cleanup so the staging dir doesn't accumulate
           // across drills.
           if (testOpts.cleanup !== false) {
-            try { fs.rmSync(stagingDir, { recursive: true, force: true }); }
+            try { nodeFs.rmSync(stagingDir, { recursive: true, force: true }); }
             catch (_e) { /* tmpdir cleanup best-effort */ }
           }
         }
@@ -804,12 +804,12 @@ function verifyManifestSignature(target, opts) {
   opts = opts || {};
   var manifest;
   if (typeof target === "string") {
-    var manifestPath = path.join(target, "manifest.json");
-    if (!fs.existsSync(manifestPath)) {
+    var manifestPath = nodePath.join(target, "manifest.json");
+    if (!nodeFs.existsSync(manifestPath)) {
       throw new BackupError("backup/no-manifest",
         "verifyManifestSignature: manifest.json missing at " + manifestPath);
     }
-    try { manifest = backupManifest.parse(fs.readFileSync(manifestPath, "utf8")); }
+    try { manifest = backupManifest.parse(nodeFs.readFileSync(manifestPath, "utf8")); }
     catch (e) {
       throw new BackupError("backup/bad-manifest",
         "verifyManifestSignature: parse failed: " + ((e && e.message) || String(e)));

package/lib/budr.js

@@ -24,7 +24,7 @@
  *   Backup / Disaster-Recovery RTO/RPO declaration primitive for regulated workloads (HIPAA / DORA / ISO 22301:2019 / NIST SP 800-34).
  */
 
-var nb = require("./numeric-bounds");
+var numericBounds = require("./numeric-bounds");
 var validateOpts = require("./validate-opts");
 var audit = require("./audit");
 var { defineClass } = require("./framework-error");
@@ -85,8 +85,8 @@ function declare(opts) {
     throw BudrError.factory("BAD_SERVICE",
       "budr.declare: service must match " + SERVICE_RE);
   }
-  nb.requirePositiveFiniteIntIfPresent(opts.rtoMs, "budr.declare: rtoMs", BudrError, "BAD_RTO");
-  nb.requirePositiveFiniteIntIfPresent(opts.rpoMs, "budr.declare: rpoMs", BudrError, "BAD_RPO");
+  numericBounds.requirePositiveFiniteIntIfPresent(opts.rtoMs, "budr.declare: rtoMs", BudrError, "BAD_RTO");
+  numericBounds.requirePositiveFiniteIntIfPresent(opts.rpoMs, "budr.declare: rpoMs", BudrError, "BAD_RPO");
   if (typeof opts.rtoMs !== "number" || typeof opts.rpoMs !== "number") {
     throw BudrError.factory("BAD_TARGETS",
       "budr.declare: rtoMs and rpoMs are required positive integer milliseconds");

package/lib/bundler.js

@@ -26,7 +26,7 @@
  *   override via `opts.hashLen` between 4 and 64). Source maps written
  *   by an engine land as `<hashed>.<ext>.map` siblings.
  *
- *   Watch mode: `bundler.watch(callback)` arms `fs.watch` on each
+ *   Watch mode: `bundler.watch(callback)` arms `nodeFs.watch` on each
  *   entry's directory, debounces bursts via `opts.graceMs` (default
  *   100 ms), and rebuilds the entire entry set on change.
  *
@@ -43,12 +43,12 @@
  *   Client-side asset bundler — produces content-hashed `dist/<name>.<hash>.<ext>` files plus a `manifest.json` mapping logical name to hashed filename.
  */
 
-var path = require("path");
-var fs = require("fs");
-var crypto = require("./crypto");
+var nodePath = require("path");
+var nodeFs = require("fs");
+var bCrypto = require("./crypto");
 var atomicFile = require("./atomic-file");
 var logModule = require("./log");
-var nb = require("./numeric-bounds");
+var numericBounds = require("./numeric-bounds");
 var safeJson = require("./safe-json");
 var validateOpts = require("./validate-opts");
 var { defineClass } = require("./framework-error");
@@ -67,7 +67,7 @@ var DEFAULT_GRACE_MS = 100;
 function _hashContent(buf, hexLen) {
   // SHA3-512 → take the first hexLen hex chars. Same family as the
   // framework's other content fingerprints (no SHA-256 for new code).
-  return crypto.sha3Hash(buf).slice(0, hexLen);
+  return bCrypto.sha3Hash(buf).slice(0, hexLen);
 }
 
 function _hashedName(baseName, hash, ext) {
@@ -200,7 +200,7 @@ function _validateEngine(eng) {
  * Build a content-hashed asset pipeline for a fixed set of named
  * entries. The returned object exposes `build()` (one-shot rebuild,
  * resolves to `{ outputs, manifestPath, manifest, durationMs }`),
- * `watch(callback)` (arm `fs.watch` and debounce-rebuild on change),
+ * `watch(callback)` (arm `nodeFs.watch` and debounce-rebuild on change),
  * and `close()` (drop watchers and pending timers).
  *
  * Throws `BundlerError` at config time on missing / malformed entries,
@@ -257,7 +257,7 @@ function create(opts) {
 
   var entries     = Object.assign({}, opts.entries);
   var cwd         = opts.cwd || process.cwd();
-  var outdir      = path.isAbsolute(opts.outdir) ? opts.outdir : path.resolve(cwd, opts.outdir);
+  var outdir      = nodePath.isAbsolute(opts.outdir) ? opts.outdir : nodePath.resolve(cwd, opts.outdir);
   var manifestName = (opts.manifest === false || opts.manifest === null)
     ? null
     : (typeof opts.manifest === "string" && opts.manifest.length > 0
@@ -266,24 +266,24 @@ function create(opts) {
   var hashOn   = opts.hash !== false;
   var hashLen  = DEFAULT_HASH_LEN;
   if (opts.hashLen !== undefined) {
-    if (!nb.isPositiveFiniteInt(opts.hashLen) ||
+    if (!numericBounds.isPositiveFiniteInt(opts.hashLen) ||
         opts.hashLen < MIN_HASH_LEN || opts.hashLen > MAX_HASH_LEN) {
       throw new BundlerError("bundler/bad-hash-len",
         "bundler.create: opts.hashLen must be a positive finite integer " +
         "between " + MIN_HASH_LEN + " and " + MAX_HASH_LEN +
-        "; got " + nb.shape(opts.hashLen));
+        "; got " + numericBounds.shape(opts.hashLen));
     }
     hashLen = opts.hashLen;
   }
   var log      = opts.log || null;
 
-  // Test seam: tests pass a fake watcher so we don't actually fs.watch
+  // Test seam: tests pass a fake watcher so we don't actually nodeFs.watch
   var watchFn = opts._watch || function (dirOrFile, wopts, listener) {
-    return fs.watch(dirOrFile, wopts, listener);
+    return nodeFs.watch(dirOrFile, wopts, listener);
   };
   var setTimeoutFn  = opts._setTimeout  || setTimeout;
   var clearTimeoutFn = opts._clearTimeout || clearTimeout;
-  nb.requireNonNegativeFiniteIntIfPresent(opts.graceMs,
+  numericBounds.requireNonNegativeFiniteIntIfPresent(opts.graceMs,
     "bundler.create: opts.graceMs", BundlerError, "bundler/bad-grace-ms");
   var graceMs = opts.graceMs !== undefined ? opts.graceMs : DEFAULT_GRACE_MS;
 
@@ -292,7 +292,7 @@ function create(opts) {
   var watching      = false;
 
   function _resolveEntry(p) {
-    return path.isAbsolute(p) ? p : path.resolve(cwd, p);
+    return nodePath.isAbsolute(p) ? p : nodePath.resolve(cwd, p);
   }
 
   var _logVia = logModule.makeViaOrFallback(log, bootLog);
@@ -308,9 +308,9 @@ function create(opts) {
     for (var i = 0; i < names.length; i++) {
       var name = names[i];
       var entryPath = _resolveEntry(entries[name]);
-      var ext = path.extname(entryPath);
+      var ext = nodePath.extname(entryPath);
       var raw;
-      try { raw = fs.readFileSync(entryPath); }
+      try { raw = nodeFs.readFileSync(entryPath); }
       catch (e) {
         throw new BundlerError("bundler/read-failed",
           "could not read entry '" + name + "' at " + entryPath +
@@ -333,7 +333,7 @@ function create(opts) {
       var sourceMap = transformed && transformed.sourceMap;
       var hash = hashOn ? _hashContent(content, hashLen) : null;
       var outName = hashOn ? _hashedName(name, hash, ext) : (name + ext);
-      var outPath = path.join(outdir, outName);
+      var outPath = nodePath.join(outdir, outName);
       // atomic-file write so a concurrent reader (the http server
       // serving outdir) never sees a partial file
       atomicFile.writeSync(outPath, content, { mode: 0o644 });
@@ -360,7 +360,7 @@ function create(opts) {
 
     var manifestPath = null;
     if (manifestName) {
-      manifestPath = path.join(outdir, manifestName);
+      manifestPath = nodePath.join(outdir, manifestName);
       atomicFile.writeSync(
         manifestPath,
         safeJson.stringify(manifest, null, 2) + "\n",
@@ -407,8 +407,8 @@ function create(opts) {
         // Watch the entry's directory (single-file watches are flaky
         // across editors that write-then-rename). Filter events to the
         // entry's basename only.
-        var dir = path.dirname(entryPath);
-        var base = path.basename(entryPath);
+        var dir = nodePath.dirname(entryPath);
+        var base = nodePath.basename(entryPath);
         var w;
         try {
           w = watchFn(dir, { persistent: false }, function (eventType, filename) {

package/lib/circuit-breaker.js

@@ -24,7 +24,7 @@
  *   Top-level circuit-breaker primitive.
  */
 
-var retry = require("./retry");
+var retryHelper = require("./retry");
 
 /**
  * @primitive b.circuitBreaker.create
@@ -80,14 +80,14 @@ function create(opts) {
   // Caught by hermitstash-sync operator review against v0.9.12.
   opts = opts || {};
   var name = (opts && typeof opts.name === "string") ? opts.name : "";
-  return new retry.CircuitBreaker(name, opts);
+  return new retryHelper.CircuitBreaker(name, opts);
 }
 
 module.exports = {
   create:         create,
-  CircuitBreaker: retry.CircuitBreaker,
+  CircuitBreaker: retryHelper.CircuitBreaker,
   // Forward the error class so operators catching breaker rejections
   // can `instanceof` against the framework's RetryError without
   // requiring a separate b.retry import.
-  RetryError:     retry.RetryError,
+  RetryError:     retryHelper.RetryError,
 };

package/lib/cli.js

@@ -34,9 +34,9 @@
  * before encryption or temporarily switch the file to plaintext.
  */
 
-var fs = require("node:fs");
+var nodeFs = require("node:fs");
 var os = require("node:os");
-var path = require("path");
+var nodePath = require("path");
 var apiSnapshot = require("./api-snapshot");
 var argParser = require("./arg-parser");
 var auditChain = require("./audit-chain");
@@ -44,9 +44,8 @@ var auditTools = require("./audit-tools");
 var backup = require("./backup");
 var canonicalJson = require("./canonical-json");
 var cliHelpers = require("./cli-helpers");
-var constants = require("./constants");
-var C = constants;
-var crypto = require("./crypto");
+var C = require("./constants");
+var bCrypto = require("./crypto");
 var dev = require("./dev");
 var fileType = require("./file-type");
 var migrations = require("./migrations");
@@ -86,8 +85,8 @@ function _parseArgs(argv) {
 
 function _resolvePath(p, cwd) {
   if (!p) return p;
-  if (path.isAbsolute(p)) return p;
-  return path.resolve(cwd || process.cwd(), p);
+  if (nodePath.isAbsolute(p)) return p;
+  return nodePath.resolve(cwd || process.cwd(), p);
 }
 
 function _openSqlite(dbPath) {
@@ -432,12 +431,12 @@ function _resolveTargetModule(modulePath, ctx) {
   // extensibility surfaces by definition can't be statically traced by a
   // bundler — anyone bundling this CLI surface into SEA/pkg accepts that
   // runtime --module=<path> arguments won't resolve. Internal framework
-  // code never reaches this path.
+  // code never reaches this nodePath.
   if (!modulePath) {
-    var root = path.resolve(__dirname, "..");
-    return require(path.join(root, "index.js"));   // allow:dynamic-require — operator-extensibility entry point
+    var root = nodePath.resolve(__dirname, "..");
+    return require(nodePath.join(root, "index.js"));   // allow:dynamic-require — operator-extensibility entry point
   }
-  var abs = path.isAbsolute(modulePath) ? modulePath : path.resolve(ctx.cwd, modulePath);
+  var abs = nodePath.isAbsolute(modulePath) ? modulePath : nodePath.resolve(ctx.cwd, modulePath);
   delete require.cache[require.resolve(abs)];
   return require(abs);                              // allow:dynamic-require — operator-extensibility entry point
 }
@@ -453,7 +452,7 @@ function _runApiSnapshot(args, ctx) {
   }
   var sub = args.pos[0];
   var file = String(args.flags.file || "./api-snapshot.json");
-  var filePath = path.isAbsolute(file) ? file : path.resolve(ctx.cwd, file);
+  var filePath = nodePath.isAbsolute(file) ? file : nodePath.resolve(ctx.cwd, file);
   var modulePathOpt = typeof args.flags.module === "string" ? args.flags.module : null;
 
   if (sub === "capture") {
@@ -559,7 +558,7 @@ function _resolvePassphrase(args, ctx) {
 
 function _resolveOutPath(p, ctx) {
   if (!p) return null;
-  return path.isAbsolute(p) ? p : path.resolve(ctx.cwd, p);
+  return nodePath.isAbsolute(p) ? p : nodePath.resolve(ctx.cwd, p);
 }
 
 async function _runAudit(args, ctx) {
@@ -782,8 +781,8 @@ function _resolveRestoreBundleSelector(args, ctx, report, requireBundle) {
   if (bundleFlag && bundleFlag !== true) {
     var bundlePath = _resolvePath(String(bundleFlag), ctx.cwd);
     return {
-      storageRoot: path.dirname(bundlePath),
-      bundleId:    path.basename(bundlePath),
+      storageRoot: nodePath.dirname(bundlePath),
+      bundleId:    nodePath.basename(bundlePath),
     };
   }
   if (storageRootFlag && storageRootFlag !== true) {
@@ -862,7 +861,7 @@ async function _runRestore(args, ctx) {
       // its closure captures them; pass placeholders since inspect doesn't
       // touch them.
       var rI = restore.create({
-        dataDir: path.join(os.tmpdir(), "blamejs-restore-inspect-noop"),
+        dataDir: nodePath.join(os.tmpdir(), "blamejs-restore-inspect-noop"),
         storage: storageI,
         passphrase: "inspect-only-not-used",
         audit: false,
@@ -943,7 +942,7 @@ async function _runRestore(args, ctx) {
     if (rollbackTarget && rollbackTarget !== true) {
       // operator can pass either a full path or just the basename inside rollback-root
       var rt = String(rollbackTarget);
-      targetPath = path.isAbsolute(rt) ? rt : path.resolve(rollbackRootR, rt);
+      targetPath = nodePath.isAbsolute(rt) ? rt : nodePath.resolve(rollbackRootR, rt);
     } else {
       // Default to most-recent rollback point (mirrors restore.create().rollback()).
       var ptsR;
@@ -1245,8 +1244,8 @@ async function _runBackup(args, ctx) {
   }
 
   if (sub === "verify") {
-    var stagingDir = path.join(os.tmpdir(),
-      "blamejs-backup-verify-" + crypto.generateToken(C.BYTES.bytes(8)));
+    var stagingDir = nodePath.join(os.tmpdir(),
+      "blamejs-backup-verify-" + bCrypto.generateToken(C.BYTES.bytes(8)));
     try {
       var r = await restoreBundle.extract({
         bundleDir:  bundleDir,
@@ -1260,7 +1259,7 @@ async function _runBackup(args, ctx) {
     } catch (e) {
       return report.error((e && e.message) || String(e));
     } finally {
-      try { fs.rmSync(stagingDir, { recursive: true, force: true }); } catch (_e) { /* best-effort */ }
+      try { nodeFs.rmSync(stagingDir, { recursive: true, force: true }); } catch (_e) { /* best-effort */ }
     }
   }
 
@@ -1461,7 +1460,7 @@ async function _runMtls(args, ctx) {
           validityDays: daysP,
         });
         if (outPath) {
-          fs.writeFileSync(outPath, p12.p12, { mode: 0o600 });
+          nodeFs.writeFileSync(outPath, p12.p12, { mode: 0o600 });
           report.write("p12 written: " + outPath);
         } else {
           // No --out: stream the bytes to stdout for piping. Operators
@@ -1838,7 +1837,7 @@ function _runFileType(args, ctx) {
   if (!file) return report.error("file path is required (positional arg after 'detect')", 2);
   var resolved = _resolvePath(String(file), ctx.cwd);
   var buf;
-  try { buf = fs.readFileSync(resolved); }
+  try { buf = nodeFs.readFileSync(resolved); }
   catch (e) {
     return report.error("read failed: " + ((e && e.message) || String(e)));
   }
@@ -1915,7 +1914,7 @@ async function _runPassword(args, ctx) {
   }
   var plaintext;
   if (args.flags.stdin) {
-    try { plaintext = fs.readFileSync(0, "utf8").replace(/\r?\n$/, ""); }
+    try { plaintext = nodeFs.readFileSync(0, "utf8").replace(/\r?\n$/, ""); }
     catch (e) { return report.error("stdin read failed: " + ((e && e.message) || String(e))); }
   } else if (args.flags.plaintext && args.flags.plaintext !== true) {
     plaintext = String(args.flags.plaintext);
@@ -2231,7 +2230,7 @@ async function main(argv, opts) {
 
   // Top-level flags handled before subcommand dispatch
   if (args.flags.version || args.flags.v) {
-    _writeLine(ctx.stdout, constants.version);
+    _writeLine(ctx.stdout, C.version);
     return 0;
   }
 
@@ -2246,7 +2245,7 @@ async function main(argv, opts) {
   //                                 subcommand's per-command usage
   //                                 reachable via `--help` without
   //                                 each handler having to special-case
-  //                                 the flag-only-no-subcommand path.
+  //                                 the flag-only-no-subcommand nodePath.
   if (cmd === undefined) { _printTopHelp(ctx); return 0; }
   if (args.flags.help || args.flags.h) {
     args = _parseArgs(["help", cmd]);
@@ -2273,7 +2272,7 @@ async function main(argv, opts) {
     _printTopHelp(ctx);
     return 0;
   }
-  if (cmd === "version") { _writeLine(ctx.stdout, constants.version); return 0; }
+  if (cmd === "version") { _writeLine(ctx.stdout, C.version); return 0; }
 
   var rest = { pos: args.pos.slice(1), flags: args.flags };
   if (cmd === "migrate")      return await _runMigrate(rest, ctx);

package/lib/cluster.js

@@ -45,7 +45,7 @@
  */
 var C = require("./constants");
 var clusterProviderDb = require("./cluster-provider-db");
-var crypto = require("./crypto");
+var bCrypto = require("./crypto");
 var lazyRequire = require("./lazy-require");
 var { boot } = require("./log");
 var safeAsync = require("./safe-async");
@@ -428,7 +428,7 @@ function _vaultKeyFingerprint() {
   if (!keys || !keys.publicKey || !keys.ecPublicKey) return null;
   // Domain-separation prefix so this fingerprint can't be confused
   // with a hash of the same bytes computed elsewhere in the framework.
-  return crypto.sha3Hash("blamejs/cluster-state/v1\n" +
+  return bCrypto.sha3Hash("blamejs/cluster-state/v1\n" +
                          keys.publicKey + "\n" +
                          keys.ecPublicKey);
 }

package/lib/compliance-sanctions.js

@@ -483,9 +483,9 @@ function create(opts) {
   // ignorable for the audit-trail use case (operators store the
   // ruleVersion + entry count alongside).
   function snapshot() {
-    var crypto = require("crypto");
+    var nodeCrypto = require("crypto");
     var ids = index.map(function (e) { return e.id; }).sort();
-    var hash = crypto.createHash("sha3-512");
+    var hash = nodeCrypto.createHash("sha3-512");
     for (var i = 0; i < ids.length; i++) hash.update(ids[i]);
     return {
       algorithm:    algorithm,