@cipherstash/protect-ffi 0.16.1 → 0.17.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +15 -6
- package/lib/index.d.cts +16 -6
- package/package.json +8 -9
package/README.md
CHANGED
|
@@ -143,13 +143,22 @@ PGHOST=localhost
|
|
|
143
143
|
```
|
|
144
144
|
|
|
145
145
|
To run integration tests:
|
|
146
|
+
```sh
|
|
147
|
+
mise setup
|
|
148
|
+
mise test:integration
|
|
149
|
+
```
|
|
150
|
+
|
|
151
|
+
You can also run the integration tests in "watch" mode:
|
|
152
|
+
|
|
153
|
+
```sh
|
|
154
|
+
mise test:integration --watch
|
|
146
155
|
```
|
|
147
|
-
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
|
|
156
|
+
|
|
157
|
+
By default lock context tests are not included because invalid lock contexts fire security warnings in ZeroKMS.
|
|
158
|
+
To include these, run:
|
|
159
|
+
|
|
160
|
+
```sh
|
|
161
|
+
mise test:integration:all
|
|
153
162
|
```
|
|
154
163
|
|
|
155
164
|
## Releasing
|
package/lib/index.d.cts
CHANGED
|
@@ -6,9 +6,9 @@ export type Client = {
|
|
|
6
6
|
declare module './load.cjs' {
|
|
7
7
|
function newClient(opts: NewClientOptions): Promise<Client>;
|
|
8
8
|
function encrypt(client: Client, opts: EncryptOptions): Promise<Encrypted>;
|
|
9
|
-
function decrypt(client: Client, opts: DecryptOptions): Promise<
|
|
9
|
+
function decrypt(client: Client, opts: DecryptOptions): Promise<JsPlaintext>;
|
|
10
10
|
function encryptBulk(client: Client, opts: EncryptBulkOptions): Promise<Encrypted[]>;
|
|
11
|
-
function decryptBulk(client: Client, opts: DecryptBulkOptions): Promise<
|
|
11
|
+
function decryptBulk(client: Client, opts: DecryptBulkOptions): Promise<JsPlaintext[]>;
|
|
12
12
|
function decryptBulkFallible(client: Client, opts: DecryptBulkOptions): Promise<DecryptResult[]>;
|
|
13
13
|
}
|
|
14
14
|
export type DecryptResult = {
|
|
@@ -17,13 +17,13 @@ export type DecryptResult = {
|
|
|
17
17
|
error: string;
|
|
18
18
|
};
|
|
19
19
|
export type EncryptPayload = {
|
|
20
|
-
plaintext:
|
|
20
|
+
plaintext: JsPlaintext;
|
|
21
21
|
column: string;
|
|
22
22
|
table: string;
|
|
23
23
|
lockContext?: Context;
|
|
24
24
|
};
|
|
25
25
|
export type BulkDecryptPayload = {
|
|
26
|
-
ciphertext:
|
|
26
|
+
ciphertext: Encrypted;
|
|
27
27
|
lockContext?: Context;
|
|
28
28
|
};
|
|
29
29
|
export type CtsToken = {
|
|
@@ -54,6 +54,15 @@ export type Column = {
|
|
|
54
54
|
indexes?: Indexes;
|
|
55
55
|
};
|
|
56
56
|
export type CastAs = 'big_int' | 'boolean' | 'date' | 'real' | 'double' | 'int' | 'small_int' | 'text' | 'jsonb';
|
|
57
|
+
type TablesOf<C extends EncryptConfig> = C['tables'];
|
|
58
|
+
export type Identifier<C extends EncryptConfig> = {
|
|
59
|
+
[T in keyof TablesOf<C>]: {
|
|
60
|
+
[CName in keyof TablesOf<C>[T]]: {
|
|
61
|
+
table: T;
|
|
62
|
+
column: CName;
|
|
63
|
+
};
|
|
64
|
+
}[keyof TablesOf<C>[T]];
|
|
65
|
+
}[keyof TablesOf<C>];
|
|
57
66
|
export type Indexes = {
|
|
58
67
|
ore?: OreIndexOpts;
|
|
59
68
|
unique?: UniqueIndexOpts;
|
|
@@ -93,8 +102,9 @@ export type ClientOpts = {
|
|
|
93
102
|
clientId?: string;
|
|
94
103
|
clientKey?: string;
|
|
95
104
|
};
|
|
105
|
+
export type JsPlaintext = string | number | Record<string, unknown> | JsPlaintext[];
|
|
96
106
|
export type EncryptOptions = {
|
|
97
|
-
plaintext:
|
|
107
|
+
plaintext: JsPlaintext;
|
|
98
108
|
column: string;
|
|
99
109
|
table: string;
|
|
100
110
|
lockContext?: Context;
|
|
@@ -107,7 +117,7 @@ export type EncryptBulkOptions = {
|
|
|
107
117
|
unverifiedContext?: Record<string, unknown>;
|
|
108
118
|
};
|
|
109
119
|
export type DecryptOptions = {
|
|
110
|
-
ciphertext:
|
|
120
|
+
ciphertext: Encrypted;
|
|
111
121
|
lockContext?: Context;
|
|
112
122
|
serviceToken?: CtsToken;
|
|
113
123
|
unverifiedContext?: Record<string, unknown>;
|
package/package.json
CHANGED
|
@@ -1,16 +1,15 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@cipherstash/protect-ffi",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.17.0",
|
|
4
4
|
"description": "",
|
|
5
5
|
"main": "./lib/index.cjs",
|
|
6
6
|
"scripts": {
|
|
7
7
|
"test": "npm run test:typecheck && npm run test:lint && npm run test:format && npm run test:rust",
|
|
8
8
|
"test:typecheck": "tsc",
|
|
9
9
|
"test:rust": "cargo test",
|
|
10
|
-
"test:lint": "npm run test:lint:
|
|
10
|
+
"test:lint": "npm run test:lint:ts",
|
|
11
11
|
"test:lint:ts": "biome lint",
|
|
12
|
-
"test:
|
|
13
|
-
"test:format": "npm run test:format:rust && npm run test:format:ts",
|
|
12
|
+
"test:format": "npm run test:format:ts",
|
|
14
13
|
"test:format:ts": "biome format",
|
|
15
14
|
"test:format:rust": "cargo fmt --check",
|
|
16
15
|
"cargo-build": "tsc &&cargo build --message-format=json-render-diagnostics > cargo.log",
|
|
@@ -61,10 +60,10 @@
|
|
|
61
60
|
"@neon-rs/load": "^0.1.82"
|
|
62
61
|
},
|
|
63
62
|
"optionalDependencies": {
|
|
64
|
-
"@cipherstash/protect-ffi-win32-x64-msvc": "0.
|
|
65
|
-
"@cipherstash/protect-ffi-darwin-x64": "0.
|
|
66
|
-
"@cipherstash/protect-ffi-darwin-arm64": "0.
|
|
67
|
-
"@cipherstash/protect-ffi-linux-x64-gnu": "0.
|
|
68
|
-
"@cipherstash/protect-ffi-linux-arm64-gnu": "0.
|
|
63
|
+
"@cipherstash/protect-ffi-win32-x64-msvc": "0.17.0",
|
|
64
|
+
"@cipherstash/protect-ffi-darwin-x64": "0.17.0",
|
|
65
|
+
"@cipherstash/protect-ffi-darwin-arm64": "0.17.0",
|
|
66
|
+
"@cipherstash/protect-ffi-linux-x64-gnu": "0.17.0",
|
|
67
|
+
"@cipherstash/protect-ffi-linux-arm64-gnu": "0.17.0"
|
|
69
68
|
}
|
|
70
69
|
}
|