@cipherstash/protect-ffi 0.26.0 → 0.28.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (142) hide show
  1. package/LICENSE.md +1 -1
  2. package/README.md +130 -14
  3. package/dist/wasm/protect_ffi_bg.js +53 -11
  4. package/dist/wasm/protect_ffi_bg.wasm +0 -0
  5. package/dist/wasm/protect_ffi_bg.wasm.d.ts +7 -7
  6. package/dist/wasm/protect_ffi_inline.js +1 -1
  7. package/lib/bigintWire.d.ts +56 -0
  8. package/lib/bigintWire.js +83 -0
  9. package/lib/eql-v3-types/Bigint.d.ts +13 -0
  10. package/lib/eql-v3-types/Bigint.js +2 -0
  11. package/lib/eql-v3-types/BigintEq.d.ts +15 -0
  12. package/lib/eql-v3-types/BigintEq.js +2 -0
  13. package/lib/eql-v3-types/BigintOrd.d.ts +15 -0
  14. package/lib/eql-v3-types/BigintOrd.js +2 -0
  15. package/lib/eql-v3-types/BigintOrdOpe.d.ts +15 -0
  16. package/lib/eql-v3-types/BigintOrdOpe.js +2 -0
  17. package/lib/eql-v3-types/BigintOrdOre.d.ts +15 -0
  18. package/lib/eql-v3-types/BigintOrdOre.js +2 -0
  19. package/lib/eql-v3-types/BloomFilter.d.ts +9 -0
  20. package/lib/eql-v3-types/BloomFilter.js +5 -0
  21. package/lib/eql-v3-types/Boolean.d.ts +13 -0
  22. package/lib/eql-v3-types/Boolean.js +2 -0
  23. package/lib/eql-v3-types/Ciphertext.d.ts +6 -0
  24. package/lib/eql-v3-types/Ciphertext.js +5 -0
  25. package/lib/eql-v3-types/Date.d.ts +13 -0
  26. package/lib/eql-v3-types/Date.js +2 -0
  27. package/lib/eql-v3-types/DateEq.d.ts +15 -0
  28. package/lib/eql-v3-types/DateEq.js +2 -0
  29. package/lib/eql-v3-types/DateOrd.d.ts +15 -0
  30. package/lib/eql-v3-types/DateOrd.js +2 -0
  31. package/lib/eql-v3-types/DateOrdOpe.d.ts +15 -0
  32. package/lib/eql-v3-types/DateOrdOpe.js +2 -0
  33. package/lib/eql-v3-types/DateOrdOre.d.ts +15 -0
  34. package/lib/eql-v3-types/DateOrdOre.js +2 -0
  35. package/lib/eql-v3-types/Double.d.ts +13 -0
  36. package/lib/eql-v3-types/Double.js +2 -0
  37. package/lib/eql-v3-types/DoubleEq.d.ts +15 -0
  38. package/lib/eql-v3-types/DoubleEq.js +2 -0
  39. package/lib/eql-v3-types/DoubleOrd.d.ts +15 -0
  40. package/lib/eql-v3-types/DoubleOrd.js +2 -0
  41. package/lib/eql-v3-types/DoubleOrdOpe.d.ts +15 -0
  42. package/lib/eql-v3-types/DoubleOrdOpe.js +2 -0
  43. package/lib/eql-v3-types/DoubleOrdOre.d.ts +15 -0
  44. package/lib/eql-v3-types/DoubleOrdOre.js +2 -0
  45. package/lib/eql-v3-types/Hmac256.d.ts +5 -0
  46. package/lib/eql-v3-types/Hmac256.js +5 -0
  47. package/lib/eql-v3-types/Identifier.d.ts +15 -0
  48. package/lib/eql-v3-types/Identifier.js +5 -0
  49. package/lib/eql-v3-types/Integer.d.ts +13 -0
  50. package/lib/eql-v3-types/Integer.js +2 -0
  51. package/lib/eql-v3-types/IntegerEq.d.ts +15 -0
  52. package/lib/eql-v3-types/IntegerEq.js +2 -0
  53. package/lib/eql-v3-types/IntegerOrd.d.ts +15 -0
  54. package/lib/eql-v3-types/IntegerOrd.js +2 -0
  55. package/lib/eql-v3-types/IntegerOrdOpe.d.ts +15 -0
  56. package/lib/eql-v3-types/IntegerOrdOpe.js +2 -0
  57. package/lib/eql-v3-types/IntegerOrdOre.d.ts +15 -0
  58. package/lib/eql-v3-types/IntegerOrdOre.js +2 -0
  59. package/lib/eql-v3-types/Numeric.d.ts +13 -0
  60. package/lib/eql-v3-types/Numeric.js +2 -0
  61. package/lib/eql-v3-types/NumericEq.d.ts +15 -0
  62. package/lib/eql-v3-types/NumericEq.js +2 -0
  63. package/lib/eql-v3-types/NumericOrd.d.ts +15 -0
  64. package/lib/eql-v3-types/NumericOrd.js +2 -0
  65. package/lib/eql-v3-types/NumericOrdOpe.d.ts +15 -0
  66. package/lib/eql-v3-types/NumericOrdOpe.js +2 -0
  67. package/lib/eql-v3-types/NumericOrdOre.d.ts +15 -0
  68. package/lib/eql-v3-types/NumericOrdOre.js +2 -0
  69. package/lib/eql-v3-types/OpeCllw.d.ts +9 -0
  70. package/lib/eql-v3-types/OpeCllw.js +5 -0
  71. package/lib/eql-v3-types/OreBlock256.d.ts +9 -0
  72. package/lib/eql-v3-types/OreBlock256.js +5 -0
  73. package/lib/eql-v3-types/OreCllw.d.ts +7 -0
  74. package/lib/eql-v3-types/OreCllw.js +5 -0
  75. package/lib/eql-v3-types/Real.d.ts +13 -0
  76. package/lib/eql-v3-types/Real.js +2 -0
  77. package/lib/eql-v3-types/RealEq.d.ts +15 -0
  78. package/lib/eql-v3-types/RealEq.js +2 -0
  79. package/lib/eql-v3-types/RealOrd.d.ts +15 -0
  80. package/lib/eql-v3-types/RealOrd.js +2 -0
  81. package/lib/eql-v3-types/RealOrdOpe.d.ts +15 -0
  82. package/lib/eql-v3-types/RealOrdOpe.js +2 -0
  83. package/lib/eql-v3-types/RealOrdOre.d.ts +15 -0
  84. package/lib/eql-v3-types/RealOrdOre.js +2 -0
  85. package/lib/eql-v3-types/SchemaVersion.d.ts +10 -0
  86. package/lib/eql-v3-types/SchemaVersion.js +5 -0
  87. package/lib/eql-v3-types/Selector.d.ts +5 -0
  88. package/lib/eql-v3-types/Selector.js +5 -0
  89. package/lib/eql-v3-types/Smallint.d.ts +13 -0
  90. package/lib/eql-v3-types/Smallint.js +2 -0
  91. package/lib/eql-v3-types/SmallintEq.d.ts +15 -0
  92. package/lib/eql-v3-types/SmallintEq.js +2 -0
  93. package/lib/eql-v3-types/SmallintOrd.d.ts +15 -0
  94. package/lib/eql-v3-types/SmallintOrd.js +2 -0
  95. package/lib/eql-v3-types/SmallintOrdOpe.d.ts +15 -0
  96. package/lib/eql-v3-types/SmallintOrdOpe.js +2 -0
  97. package/lib/eql-v3-types/SmallintOrdOre.d.ts +15 -0
  98. package/lib/eql-v3-types/SmallintOrdOre.js +2 -0
  99. package/lib/eql-v3-types/SteVecDocument.d.ts +15 -0
  100. package/lib/eql-v3-types/SteVecDocument.js +2 -0
  101. package/lib/eql-v3-types/SteVecEntry.d.ts +19 -0
  102. package/lib/eql-v3-types/SteVecEntry.js +2 -0
  103. package/lib/eql-v3-types/SteVecForm.d.ts +18 -0
  104. package/lib/eql-v3-types/SteVecForm.js +5 -0
  105. package/lib/eql-v3-types/SteVecQuery.d.ts +7 -0
  106. package/lib/eql-v3-types/SteVecQuery.js +2 -0
  107. package/lib/eql-v3-types/SteVecQueryEntry.d.ts +15 -0
  108. package/lib/eql-v3-types/SteVecQueryEntry.js +2 -0
  109. package/lib/eql-v3-types/SteVecTerm.d.ts +11 -0
  110. package/lib/eql-v3-types/SteVecTerm.js +2 -0
  111. package/lib/eql-v3-types/Text.d.ts +13 -0
  112. package/lib/eql-v3-types/Text.js +2 -0
  113. package/lib/eql-v3-types/TextEq.d.ts +15 -0
  114. package/lib/eql-v3-types/TextEq.js +2 -0
  115. package/lib/eql-v3-types/TextMatch.d.ts +15 -0
  116. package/lib/eql-v3-types/TextMatch.js +2 -0
  117. package/lib/eql-v3-types/TextOrd.d.ts +17 -0
  118. package/lib/eql-v3-types/TextOrd.js +2 -0
  119. package/lib/eql-v3-types/TextOrdOpe.d.ts +17 -0
  120. package/lib/eql-v3-types/TextOrdOpe.js +2 -0
  121. package/lib/eql-v3-types/TextOrdOre.d.ts +17 -0
  122. package/lib/eql-v3-types/TextOrdOre.js +2 -0
  123. package/lib/eql-v3-types/TextSearch.d.ts +19 -0
  124. package/lib/eql-v3-types/TextSearch.js +2 -0
  125. package/lib/eql-v3-types/Timestamp.d.ts +13 -0
  126. package/lib/eql-v3-types/Timestamp.js +2 -0
  127. package/lib/eql-v3-types/TimestampEq.d.ts +15 -0
  128. package/lib/eql-v3-types/TimestampEq.js +2 -0
  129. package/lib/eql-v3-types/TimestampOrd.d.ts +15 -0
  130. package/lib/eql-v3-types/TimestampOrd.js +2 -0
  131. package/lib/eql-v3-types/TimestampOrdOpe.d.ts +15 -0
  132. package/lib/eql-v3-types/TimestampOrdOpe.js +2 -0
  133. package/lib/eql-v3-types/TimestampOrdOre.d.ts +15 -0
  134. package/lib/eql-v3-types/TimestampOrdOre.js +2 -0
  135. package/lib/eql-v3.d.ts +90 -0
  136. package/lib/eql-v3.js +6 -0
  137. package/lib/errors.d.ts +14 -0
  138. package/lib/errors.js +77 -0
  139. package/lib/index.cjs +43 -63
  140. package/lib/index.d.cts +86 -25
  141. package/lib/normalizeEncryptConfig.d.ts +1 -1
  142. package/package.json +12 -12
package/lib/index.d.cts CHANGED
@@ -1,34 +1,26 @@
1
1
  import { type CredentialOpts } from './credentials.js';
2
2
  import { type NativeEncryptConfig } from './normalizeEncryptConfig.js';
3
3
  export { withEnvCredentials, type EnvReader, type CredentialOpts, } from './credentials.js';
4
+ export * from './eql-v3.js';
5
+ import type { EncryptedV3, EncryptedV3Query } from './eql-v3.js';
6
+ import { type ProtectErrorCode } from './errors.js';
7
+ export { ProtectError, type ProtectErrorCode } from './errors.js';
4
8
  declare const sym: unique symbol;
5
9
  export type Client = {
6
10
  readonly [sym]: unknown;
7
11
  };
8
12
  declare module './load.cjs' {
9
13
  function newClient(opts: NativeNewClientOptions, strategy?: AuthStrategy): Promise<Client>;
10
- function encrypt(client: Client, opts: EncryptOptions): Promise<Encrypted>;
14
+ function encrypt(client: Client, opts: EncryptOptions): Promise<EncryptedPayload>;
11
15
  function decrypt(client: Client, opts: DecryptOptions): Promise<JsPlaintext>;
12
16
  function isEncrypted(encrypted: unknown): boolean;
13
- function encryptBulk(client: Client, opts: EncryptBulkOptions): Promise<Encrypted[]>;
17
+ function encryptBulk(client: Client, opts: EncryptBulkOptions): Promise<EncryptedPayload[]>;
14
18
  function decryptBulk(client: Client, opts: DecryptBulkOptions): Promise<JsPlaintext[]>;
15
19
  function decryptBulkFallible(client: Client, opts: DecryptBulkOptions): Promise<DecryptResult[]>;
16
- function encryptQuery(client: Client, opts: EncryptQueryOptions): Promise<Encrypted | EncryptedQuery>;
17
- function encryptQueryBulk(client: Client, opts: EncryptQueryBulkOptions): Promise<(Encrypted | EncryptedQuery)[]>;
20
+ function encryptQuery(client: Client, opts: EncryptQueryOptions): Promise<Encrypted | EncryptedQuery | EncryptedV3Query>;
21
+ function encryptQueryBulk(client: Client, opts: EncryptQueryBulkOptions): Promise<(Encrypted | EncryptedQuery | EncryptedV3Query)[]>;
18
22
  function ensureKeyset(opts: EnsureKeysetOpts): Promise<EnsureKeysetResult>;
19
23
  }
20
- export type ProtectErrorCode = 'INVARIANT_VIOLATION' | 'UNKNOWN_QUERY_OP' | 'UNKNOWN_COLUMN' | 'MISSING_INDEX' | 'INVALID_QUERY_INPUT' | 'INVALID_JSON_PATH' | 'STE_VEC_REQUIRES_JSON_CAST_AS' | 'MATCH_REQUIRES_TEXT' | 'UNSUPPORTED_CONFIG_VERSION' | 'UNKNOWN';
21
- export declare class ProtectError extends Error {
22
- code: ProtectErrorCode;
23
- details?: unknown;
24
- cause?: unknown;
25
- constructor(opts: {
26
- code: ProtectErrorCode;
27
- message: string;
28
- details?: unknown;
29
- cause?: unknown;
30
- });
31
- }
32
24
  export type DecryptResult = {
33
25
  data: JsPlaintext;
34
26
  } | {
@@ -36,14 +28,35 @@ export type DecryptResult = {
36
28
  code?: ProtectErrorCode;
37
29
  };
38
30
  export declare function newClient(opts: NewClientOptions): Promise<Client>;
39
- export declare function encrypt(client: Client, opts: EncryptOptions): Promise<Encrypted>;
31
+ export declare function encrypt(client: Client, opts: EncryptOptions): Promise<EncryptedPayload>;
40
32
  export declare function decrypt(client: Client, opts: DecryptOptions): Promise<JsPlaintext>;
33
+ /**
34
+ * True when `encrypted` is a stored EQL payload in EITHER wire format:
35
+ * an EQL v2.3 payload (`k: "ct"` / `k: "sv"`) or an EQL v3 payload
36
+ * (`{v: 3, i, c}` scalar or `{v: 3, k: "sv", i, sv}` SteVec document).
37
+ * Query payloads (including the v3 containment needle) are not stored
38
+ * payloads and return false.
39
+ */
41
40
  export declare function isEncrypted(encrypted: unknown): boolean;
42
- export declare function encryptBulk(client: Client, opts: EncryptBulkOptions): Promise<Encrypted[]>;
41
+ export declare function encryptBulk(client: Client, opts: EncryptBulkOptions): Promise<EncryptedPayload[]>;
43
42
  export declare function decryptBulk(client: Client, opts: DecryptBulkOptions): Promise<JsPlaintext[]>;
44
43
  export declare function decryptBulkFallible(client: Client, opts: DecryptBulkOptions): Promise<DecryptResult[]>;
45
- export declare function encryptQuery(client: Client, opts: EncryptQueryOptions): Promise<Encrypted | EncryptedQuery>;
46
- export declare function encryptQueryBulk(client: Client, opts: EncryptQueryBulkOptions): Promise<(Encrypted | EncryptedQuery)[]>;
44
+ /**
45
+ * Encrypt a query term.
46
+ *
47
+ * Under `eqlVersion: 2` (default) this returns the v2 shapes ({@link
48
+ * Encrypted} for JSON containment, {@link EncryptedQuery} otherwise).
49
+ *
50
+ * Under `eqlVersion: 3` only JSON containment queries are supported and
51
+ * return the `eql_v3.jsonb_query` needle ({@link EncryptedV3Query}). Scalar
52
+ * index queries (`unique` / `ore` / `ope` / `match`) and `ste_vec_selector`
53
+ * queries
54
+ * throw `EQL_V3_QUERY_UNSUPPORTED` — no EQL v3 scalar/selector query wire
55
+ * shape exists yet, so those queries require an `eqlVersion: 2` client.
56
+ */
57
+ export declare function encryptQuery(client: Client, opts: EncryptQueryOptions): Promise<Encrypted | EncryptedQuery | EncryptedV3Query>;
58
+ /** Bulk variant of {@link encryptQuery} — same EQL v3 restrictions apply. */
59
+ export declare function encryptQueryBulk(client: Client, opts: EncryptQueryBulkOptions): Promise<(Encrypted | EncryptedQuery | EncryptedV3Query)[]>;
47
60
  /**
48
61
  * Test-only helper: ensures a keyset with the given name exists, creating it if necessary,
49
62
  * and grants the current client access. Not safe for concurrent use — intended for
@@ -57,7 +70,7 @@ export type EncryptPayload = {
57
70
  lockContext?: Context;
58
71
  };
59
72
  export type BulkDecryptPayload = {
60
- ciphertext: Encrypted;
73
+ ciphertext: EncryptedPayload;
61
74
  lockContext?: Context;
62
75
  };
63
76
  export type Context = {
@@ -79,6 +92,13 @@ export type Context = {
79
92
  * ```
80
93
  */
81
94
  export type Encrypted = EncryptedScalar | EncryptedSteVec;
95
+ /**
96
+ * A stored payload in EITHER wire format: EQL v2.3 ({@link Encrypted}) or
97
+ * EQL v3 ({@link EncryptedV3}). {@link encrypt} / {@link encryptBulk} return
98
+ * the format selected by the client's `eqlVersion`; {@link decrypt} accepts
99
+ * both regardless of `eqlVersion` (data-migration scenarios).
100
+ */
101
+ export type EncryptedPayload = Encrypted | EncryptedV3;
82
102
  /** Scalar EQL v2.3 storage payload (`k: "ct"`). */
83
103
  export type EncryptedScalar = {
84
104
  k: 'ct';
@@ -192,7 +212,7 @@ export type Column = {
192
212
  cast_as?: CastAs;
193
213
  indexes?: Indexes;
194
214
  };
195
- export type CastAs = 'bigint' | 'boolean' | 'date' | 'number' | 'string' | 'text' | 'timestamp' | 'json';
215
+ export type CastAs = 'bigint' | 'boolean' | 'date' | 'decimal' | 'int' | 'number' | 'small_int' | 'string' | 'text' | 'timestamp' | 'json';
196
216
  type TablesOf<C extends EncryptConfig> = C['tables'];
197
217
  export type Identifier<C extends EncryptConfig> = {
198
218
  [T in keyof TablesOf<C>]: {
@@ -204,11 +224,13 @@ export type Identifier<C extends EncryptConfig> = {
204
224
  }[keyof TablesOf<C>];
205
225
  export type Indexes = {
206
226
  ore?: OreIndexOpts;
227
+ ope?: OpeIndexOpts;
207
228
  unique?: UniqueIndexOpts;
208
229
  match?: MatchIndexOpts;
209
230
  ste_vec?: SteVecIndexOpts;
210
231
  };
211
232
  export type OreIndexOpts = Record<string, never>;
233
+ export type OpeIndexOpts = Record<string, never>;
212
234
  export type UniqueIndexOpts = {
213
235
  token_filters?: TokenFilter[];
214
236
  };
@@ -257,6 +279,21 @@ export type NewClientOptions = {
257
279
  * AutoStrategy from env / profile / `clientOpts.creds`.
258
280
  */
259
281
  strategy?: AuthStrategy;
282
+ /**
283
+ * EQL wire version this client emits. Defaults to `2` (the
284
+ * `eql_v2_encrypted` payload format).
285
+ *
286
+ * With `3`, {@link encrypt} / {@link encryptBulk} return {@link
287
+ * EncryptedV3} payloads for the `eql_v3` per-capability domains
288
+ * (`eql_v3.text_eq`, `eql_v3.integer_ord_ore`, `eql_v3.json`, …), derived
289
+ * from each column's `cast_as` + indexes. {@link decrypt} accepts BOTH
290
+ * formats regardless of this setting.
291
+ *
292
+ * v3 limitation: {@link encryptQuery} supports only JSON containment
293
+ * queries — scalar-index and selector queries throw
294
+ * `EQL_V3_QUERY_UNSUPPORTED` until a v3 scalar query wire shape exists.
295
+ */
296
+ eqlVersion?: 2 | 3;
260
297
  };
261
298
  /**
262
299
  * Auth strategy shape compatible with `@cipherstash/auth` strategies (e.g.
@@ -271,6 +308,7 @@ export type AuthStrategy = {
271
308
  type NativeNewClientOptions = {
272
309
  encryptConfig: NativeEncryptConfig;
273
310
  clientOpts?: ClientOpts;
311
+ eqlVersion?: 2 | 3;
274
312
  };
275
313
  export type ClientOpts = CredentialOpts & {
276
314
  keyset?: KeysetIdentifier;
@@ -287,7 +325,29 @@ export type EnsureKeysetResult = {
287
325
  id: string;
288
326
  name: string;
289
327
  };
290
- export type JsPlaintext = string | number | boolean | Record<string, unknown> | JsPlaintext[];
328
+ /**
329
+ * A plaintext value accepted by {@link encrypt} / {@link encryptBulk} /
330
+ * {@link encryptQuery} and returned by {@link decrypt} / {@link decryptBulk} /
331
+ * {@link decryptBulkFallible} (in the `data` arm of each result).
332
+ *
333
+ * `bigint` support (encrypted `cast_as: 'bigint'` columns store signed
334
+ * 64-bit integers):
335
+ *
336
+ * - **Input**: a top-level `bigint` plaintext is accepted alongside
337
+ * `number`. Values outside the i64 range (-2^63 to 2^63 - 1) throw a
338
+ * `RangeError` at the boundary — this covers index-term generation too,
339
+ * since terms derive from the same value. `number` inputs keep the
340
+ * existing exact-integer guard (fractional, non-finite, or beyond-2^53
341
+ * inexact values are rejected). `bigint` values nested inside JSON
342
+ * objects/arrays are NOT supported (JSON has no bigint) and throw a
343
+ * `TypeError` on both Neon and wasm — plaintexts follow
344
+ * `JSON.stringify` semantics on both platforms.
345
+ * - **Output** (BREAKING since the introduction of bigint support):
346
+ * decrypting a `cast_as: 'bigint'` column ALWAYS returns a `bigint`,
347
+ * even for values that fit in a JS number. Previous releases returned a
348
+ * `number`, silently losing precision beyond `Number.MAX_SAFE_INTEGER`.
349
+ */
350
+ export type JsPlaintext = string | number | boolean | bigint | Record<string, unknown> | JsPlaintext[];
291
351
  export type EncryptOptions = {
292
352
  plaintext: JsPlaintext;
293
353
  column: string;
@@ -300,7 +360,8 @@ export type EncryptBulkOptions = {
300
360
  unverifiedContext?: Record<string, unknown>;
301
361
  };
302
362
  export type DecryptOptions = {
303
- ciphertext: Encrypted;
363
+ /** A stored payload in either wire format (EQL v2.3 or EQL v3). */
364
+ ciphertext: EncryptedPayload;
304
365
  lockContext?: Context;
305
366
  unverifiedContext?: Record<string, unknown>;
306
367
  };
@@ -308,7 +369,7 @@ export type DecryptBulkOptions = {
308
369
  ciphertexts: BulkDecryptPayload[];
309
370
  unverifiedContext?: Record<string, unknown>;
310
371
  };
311
- export type IndexTypeName = 'ste_vec' | 'match' | 'ore' | 'unique';
372
+ export type IndexTypeName = 'ste_vec' | 'match' | 'ore' | 'ope' | 'unique';
312
373
  export type QueryOpName = 'default' | 'ste_vec_selector' | 'ste_vec_term';
313
374
  export type EncryptQueryOptions = {
314
375
  plaintext: JsPlaintext;
@@ -6,7 +6,7 @@ import type { Column, EncryptConfig } from './index.cjs';
6
6
  * their canonical equivalents (`text`, `float`, `big_int`) before being
7
7
  * handed to the native side.
8
8
  */
9
- export type NativeCastAs = 'text' | 'float' | 'big_int' | 'boolean' | 'date' | 'json' | 'timestamp';
9
+ export type NativeCastAs = 'text' | 'float' | 'big_int' | 'boolean' | 'date' | 'decimal' | 'int' | 'json' | 'small_int' | 'timestamp';
10
10
  /** A column after normalization — `cast_as` is in the canonical vocabulary. */
11
11
  export type NativeColumn = Omit<Column, 'cast_as'> & {
12
12
  cast_as?: NativeCastAs;
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@cipherstash/protect-ffi",
3
- "version": "0.26.0",
3
+ "version": "0.28.0",
4
4
  "repository": {
5
5
  "type": "git",
6
6
  "url": "git+https://github.com/cipherstash/protectjs-ffi.git"
@@ -9,11 +9,11 @@
9
9
  "url": "https://github.com/cipherstash/protectjs-ffi/issues"
10
10
  },
11
11
  "homepage": "https://github.com/cipherstash/protectjs-ffi#readme",
12
- "description": "",
12
+ "description": "Native FFI bindings to the CipherStash Client SDK — powers @cipherstash/stack",
13
13
  "main": "./lib/index.cjs",
14
14
  "scripts": {
15
15
  "test": "npm run test:typecheck && npm run test:unit && npm run test:lint && npm run test:format && npm run test:rust",
16
- "test:typecheck": "tsc",
16
+ "test:typecheck": "tsc && tsc -p tsconfig.test.json",
17
17
  "test:unit": "vitest run",
18
18
  "test:rust": "cargo test",
19
19
  "test:lint": "npm run test:lint:ts",
@@ -32,14 +32,14 @@
32
32
  "cross": "npm run cross-build -- --release",
33
33
  "zigbuild": "npm run zig-build -- --release",
34
34
  "prepack": "tsc &&neon update",
35
- "version": "neon bump --binaries platforms && git add .",
35
+ "version": "neon bump --binaries platforms && node scripts/changelog-release.mjs && git add .",
36
36
  "release": "gh workflow run release.yml -f dryrun=false -f version=patch",
37
37
  "dryrun": "gh workflow run release.yml -f dryrun=true -f version=patch",
38
38
  "build:wasm": "wasm-pack build crates/protect-ffi --target bundler --out-dir ../../dist/wasm --no-pack",
39
39
  "postbuild:wasm": "node scripts/inline-wasm.mjs"
40
40
  },
41
- "author": "",
42
- "license": "ISC",
41
+ "author": "CipherStash <humans@cipherstash.com>",
42
+ "license": "MIT",
43
43
  "exports": {
44
44
  ".": {
45
45
  "node": {
@@ -103,11 +103,11 @@
103
103
  "vite": "^8.0.5"
104
104
  },
105
105
  "optionalDependencies": {
106
- "@cipherstash/protect-ffi-darwin-x64": "0.26.0",
107
- "@cipherstash/protect-ffi-darwin-arm64": "0.26.0",
108
- "@cipherstash/protect-ffi-win32-x64-msvc": "0.26.0",
109
- "@cipherstash/protect-ffi-linux-x64-gnu": "0.26.0",
110
- "@cipherstash/protect-ffi-linux-arm64-gnu": "0.26.0",
111
- "@cipherstash/protect-ffi-linux-x64-musl": "0.26.0"
106
+ "@cipherstash/protect-ffi-darwin-x64": "0.28.0",
107
+ "@cipherstash/protect-ffi-darwin-arm64": "0.28.0",
108
+ "@cipherstash/protect-ffi-win32-x64-msvc": "0.28.0",
109
+ "@cipherstash/protect-ffi-linux-x64-gnu": "0.28.0",
110
+ "@cipherstash/protect-ffi-linux-arm64-gnu": "0.28.0",
111
+ "@cipherstash/protect-ffi-linux-x64-musl": "0.28.0"
112
112
  }
113
113
  }