@clef-sh/core 0.1.18 → 0.1.19

package/dist/index.js

@@ -304,10 +304,10 @@ var require_lib = __commonJS({
     module2.exports.sync = writeFileSync7;
     module2.exports._getTmpname = getTmpname;
     module2.exports._cleanupOnExit = cleanupOnExit;
-    var fs19 = require("fs");
+    var fs21 = require("fs");
     var crypto5 = require("node:crypto");
     var { onExit } = require_cjs();
-    var path26 = require("path");
+    var path28 = require("path");
     var { promisify } = require("util");
     var activeFiles = {};
     var threadId = (function getId() {
@@ -325,7 +325,7 @@ var require_lib = __commonJS({
     function cleanupOnExit(tmpfile) {
       return () => {
         try {
-          fs19.unlinkSync(typeof tmpfile === "function" ? tmpfile() : tmpfile);
+          fs21.unlinkSync(typeof tmpfile === "function" ? tmpfile() : tmpfile);
         } catch {
         }
       };
@@ -360,13 +360,13 @@ var require_lib = __commonJS({
       let fd;
       let tmpfile;
       const removeOnExitHandler = onExit(cleanupOnExit(() => tmpfile));
-      const absoluteName = path26.resolve(filename);
+      const absoluteName = path28.resolve(filename);
       try {
         await serializeActiveFile(absoluteName);
-        const truename = await promisify(fs19.realpath)(filename).catch(() => filename);
+        const truename = await promisify(fs21.realpath)(filename).catch(() => filename);
         tmpfile = getTmpname(truename);
         if (!options.mode || !options.chown) {
-          const stats = await promisify(fs19.stat)(truename).catch(() => {
+          const stats = await promisify(fs21.stat)(truename).catch(() => {
           });
           if (stats) {
             if (options.mode == null) {
@@ -377,45 +377,45 @@ var require_lib = __commonJS({
             }
           }
         }
-        fd = await promisify(fs19.open)(tmpfile, "w", options.mode);
+        fd = await promisify(fs21.open)(tmpfile, "w", options.mode);
         if (options.tmpfileCreated) {
           await options.tmpfileCreated(tmpfile);
         }
         if (ArrayBuffer.isView(data)) {
-          await promisify(fs19.write)(fd, data, 0, data.length, 0);
+          await promisify(fs21.write)(fd, data, 0, data.length, 0);
         } else if (data != null) {
-          await promisify(fs19.write)(fd, String(data), 0, String(options.encoding || "utf8"));
+          await promisify(fs21.write)(fd, String(data), 0, String(options.encoding || "utf8"));
         }
         if (options.fsync !== false) {
-          await promisify(fs19.fsync)(fd);
+          await promisify(fs21.fsync)(fd);
         }
-        await promisify(fs19.close)(fd);
+        await promisify(fs21.close)(fd);
         fd = null;
         if (options.chown) {
-          await promisify(fs19.chown)(tmpfile, options.chown.uid, options.chown.gid).catch((err) => {
+          await promisify(fs21.chown)(tmpfile, options.chown.uid, options.chown.gid).catch((err) => {
             if (!isChownErrOk(err)) {
               throw err;
             }
           });
         }
         if (options.mode) {
-          await promisify(fs19.chmod)(tmpfile, options.mode).catch((err) => {
+          await promisify(fs21.chmod)(tmpfile, options.mode).catch((err) => {
             if (!isChownErrOk(err)) {
               throw err;
             }
           });
         }
-        await promisify(fs19.rename)(tmpfile, truename);
+        await promisify(fs21.rename)(tmpfile, truename);
       } finally {
         if (fd) {
-          await promisify(fs19.close)(fd).catch(
+          await promisify(fs21.close)(fd).catch(
             /* istanbul ignore next */
             () => {
             }
           );
         }
         removeOnExitHandler();
-        await promisify(fs19.unlink)(tmpfile).catch(() => {
+        await promisify(fs21.unlink)(tmpfile).catch(() => {
         });
         activeFiles[absoluteName].shift();
         if (activeFiles[absoluteName].length > 0) {
@@ -448,13 +448,13 @@ var require_lib = __commonJS({
         options = {};
       }
       try {
-        filename = fs19.realpathSync(filename);
+        filename = fs21.realpathSync(filename);
       } catch (ex) {
       }
       const tmpfile = getTmpname(filename);
       if (!options.mode || !options.chown) {
         try {
-          const stats = fs19.statSync(filename);
+          const stats = fs21.statSync(filename);
           options = Object.assign({}, options);
           if (!options.mode) {
             options.mode = stats.mode;
@@ -470,23 +470,23 @@ var require_lib = __commonJS({
       const removeOnExitHandler = onExit(cleanup);
       let threw = true;
       try {
-        fd = fs19.openSync(tmpfile, "w", options.mode || 438);
+        fd = fs21.openSync(tmpfile, "w", options.mode || 438);
         if (options.tmpfileCreated) {
           options.tmpfileCreated(tmpfile);
         }
         if (ArrayBuffer.isView(data)) {
-          fs19.writeSync(fd, data, 0, data.length, 0);
+          fs21.writeSync(fd, data, 0, data.length, 0);
         } else if (data != null) {
-          fs19.writeSync(fd, String(data), 0, String(options.encoding || "utf8"));
+          fs21.writeSync(fd, String(data), 0, String(options.encoding || "utf8"));
         }
         if (options.fsync !== false) {
-          fs19.fsyncSync(fd);
+          fs21.fsyncSync(fd);
         }
-        fs19.closeSync(fd);
+        fs21.closeSync(fd);
         fd = null;
         if (options.chown) {
           try {
-            fs19.chownSync(tmpfile, options.chown.uid, options.chown.gid);
+            fs21.chownSync(tmpfile, options.chown.uid, options.chown.gid);
           } catch (err) {
             if (!isChownErrOk(err)) {
               throw err;
@@ -495,19 +495,19 @@ var require_lib = __commonJS({
         }
         if (options.mode) {
           try {
-            fs19.chmodSync(tmpfile, options.mode);
+            fs21.chmodSync(tmpfile, options.mode);
           } catch (err) {
             if (!isChownErrOk(err)) {
               throw err;
             }
           }
         }
-        fs19.renameSync(tmpfile, filename);
+        fs21.renameSync(tmpfile, filename);
         threw = false;
       } finally {
         if (fd) {
           try {
-            fs19.closeSync(fd);
+            fs21.closeSync(fd);
           } catch (ex) {
           }
         }
@@ -546,54 +546,54 @@ var require_polyfills = __commonJS({
     }
     var chdir;
     module2.exports = patch;
-    function patch(fs19) {
+    function patch(fs21) {
       if (constants.hasOwnProperty("O_SYMLINK") && process.version.match(/^v0\.6\.[0-2]|^v0\.5\./)) {
-        patchLchmod(fs19);
-      }
-      if (!fs19.lutimes) {
-        patchLutimes(fs19);
-      }
-      fs19.chown = chownFix(fs19.chown);
-      fs19.fchown = chownFix(fs19.fchown);
-      fs19.lchown = chownFix(fs19.lchown);
-      fs19.chmod = chmodFix(fs19.chmod);
-      fs19.fchmod = chmodFix(fs19.fchmod);
-      fs19.lchmod = chmodFix(fs19.lchmod);
-      fs19.chownSync = chownFixSync(fs19.chownSync);
-      fs19.fchownSync = chownFixSync(fs19.fchownSync);
-      fs19.lchownSync = chownFixSync(fs19.lchownSync);
-      fs19.chmodSync = chmodFixSync(fs19.chmodSync);
-      fs19.fchmodSync = chmodFixSync(fs19.fchmodSync);
-      fs19.lchmodSync = chmodFixSync(fs19.lchmodSync);
-      fs19.stat = statFix(fs19.stat);
-      fs19.fstat = statFix(fs19.fstat);
-      fs19.lstat = statFix(fs19.lstat);
-      fs19.statSync = statFixSync(fs19.statSync);
-      fs19.fstatSync = statFixSync(fs19.fstatSync);
-      fs19.lstatSync = statFixSync(fs19.lstatSync);
-      if (fs19.chmod && !fs19.lchmod) {
-        fs19.lchmod = function(path26, mode, cb) {
+        patchLchmod(fs21);
+      }
+      if (!fs21.lutimes) {
+        patchLutimes(fs21);
+      }
+      fs21.chown = chownFix(fs21.chown);
+      fs21.fchown = chownFix(fs21.fchown);
+      fs21.lchown = chownFix(fs21.lchown);
+      fs21.chmod = chmodFix(fs21.chmod);
+      fs21.fchmod = chmodFix(fs21.fchmod);
+      fs21.lchmod = chmodFix(fs21.lchmod);
+      fs21.chownSync = chownFixSync(fs21.chownSync);
+      fs21.fchownSync = chownFixSync(fs21.fchownSync);
+      fs21.lchownSync = chownFixSync(fs21.lchownSync);
+      fs21.chmodSync = chmodFixSync(fs21.chmodSync);
+      fs21.fchmodSync = chmodFixSync(fs21.fchmodSync);
+      fs21.lchmodSync = chmodFixSync(fs21.lchmodSync);
+      fs21.stat = statFix(fs21.stat);
+      fs21.fstat = statFix(fs21.fstat);
+      fs21.lstat = statFix(fs21.lstat);
+      fs21.statSync = statFixSync(fs21.statSync);
+      fs21.fstatSync = statFixSync(fs21.fstatSync);
+      fs21.lstatSync = statFixSync(fs21.lstatSync);
+      if (fs21.chmod && !fs21.lchmod) {
+        fs21.lchmod = function(path28, mode, cb) {
           if (cb) process.nextTick(cb);
         };
-        fs19.lchmodSync = function() {
+        fs21.lchmodSync = function() {
         };
       }
-      if (fs19.chown && !fs19.lchown) {
-        fs19.lchown = function(path26, uid, gid, cb) {
+      if (fs21.chown && !fs21.lchown) {
+        fs21.lchown = function(path28, uid, gid, cb) {
           if (cb) process.nextTick(cb);
         };
-        fs19.lchownSync = function() {
+        fs21.lchownSync = function() {
         };
       }
       if (platform === "win32") {
-        fs19.rename = typeof fs19.rename !== "function" ? fs19.rename : (function(fs$rename) {
+        fs21.rename = typeof fs21.rename !== "function" ? fs21.rename : (function(fs$rename) {
           function rename(from, to, cb) {
             var start = Date.now();
             var backoff = 0;
             fs$rename(from, to, function CB(er) {
               if (er && (er.code === "EACCES" || er.code === "EPERM" || er.code === "EBUSY") && Date.now() - start < 6e4) {
                 setTimeout(function() {
-                  fs19.stat(to, function(stater, st) {
+                  fs21.stat(to, function(stater, st) {
                     if (stater && stater.code === "ENOENT")
                       fs$rename(from, to, CB);
                     else
@@ -609,9 +609,9 @@ var require_polyfills = __commonJS({
           }
           if (Object.setPrototypeOf) Object.setPrototypeOf(rename, fs$rename);
           return rename;
-        })(fs19.rename);
+        })(fs21.rename);
       }
-      fs19.read = typeof fs19.read !== "function" ? fs19.read : (function(fs$read) {
+      fs21.read = typeof fs21.read !== "function" ? fs21.read : (function(fs$read) {
         function read(fd, buffer, offset, length, position, callback_) {
           var callback;
           if (callback_ && typeof callback_ === "function") {
@@ -619,22 +619,22 @@ var require_polyfills = __commonJS({
             callback = function(er, _, __) {
               if (er && er.code === "EAGAIN" && eagCounter < 10) {
                 eagCounter++;
-                return fs$read.call(fs19, fd, buffer, offset, length, position, callback);
+                return fs$read.call(fs21, fd, buffer, offset, length, position, callback);
               }
               callback_.apply(this, arguments);
             };
           }
-          return fs$read.call(fs19, fd, buffer, offset, length, position, callback);
+          return fs$read.call(fs21, fd, buffer, offset, length, position, callback);
         }
         if (Object.setPrototypeOf) Object.setPrototypeOf(read, fs$read);
         return read;
-      })(fs19.read);
-      fs19.readSync = typeof fs19.readSync !== "function" ? fs19.readSync : /* @__PURE__ */ (function(fs$readSync) {
+      })(fs21.read);
+      fs21.readSync = typeof fs21.readSync !== "function" ? fs21.readSync : /* @__PURE__ */ (function(fs$readSync) {
         return function(fd, buffer, offset, length, position) {
           var eagCounter = 0;
           while (true) {
             try {
-              return fs$readSync.call(fs19, fd, buffer, offset, length, position);
+              return fs$readSync.call(fs21, fd, buffer, offset, length, position);
             } catch (er) {
               if (er.code === "EAGAIN" && eagCounter < 10) {
                 eagCounter++;
@@ -644,11 +644,11 @@ var require_polyfills = __commonJS({
             }
           }
         };
-      })(fs19.readSync);
-      function patchLchmod(fs20) {
-        fs20.lchmod = function(path26, mode, callback) {
-          fs20.open(
-            path26,
+      })(fs21.readSync);
+      function patchLchmod(fs22) {
+        fs22.lchmod = function(path28, mode, callback) {
+          fs22.open(
+            path28,
             constants.O_WRONLY | constants.O_SYMLINK,
             mode,
             function(err, fd) {
@@ -656,80 +656,80 @@ var require_polyfills = __commonJS({
                 if (callback) callback(err);
                 return;
               }
-              fs20.fchmod(fd, mode, function(err2) {
-                fs20.close(fd, function(err22) {
+              fs22.fchmod(fd, mode, function(err2) {
+                fs22.close(fd, function(err22) {
                   if (callback) callback(err2 || err22);
                 });
               });
             }
           );
         };
-        fs20.lchmodSync = function(path26, mode) {
-          var fd = fs20.openSync(path26, constants.O_WRONLY | constants.O_SYMLINK, mode);
+        fs22.lchmodSync = function(path28, mode) {
+          var fd = fs22.openSync(path28, constants.O_WRONLY | constants.O_SYMLINK, mode);
           var threw = true;
           var ret;
           try {
-            ret = fs20.fchmodSync(fd, mode);
+            ret = fs22.fchmodSync(fd, mode);
             threw = false;
           } finally {
             if (threw) {
               try {
-                fs20.closeSync(fd);
+                fs22.closeSync(fd);
               } catch (er) {
               }
             } else {
-              fs20.closeSync(fd);
+              fs22.closeSync(fd);
             }
           }
           return ret;
         };
       }
-      function patchLutimes(fs20) {
-        if (constants.hasOwnProperty("O_SYMLINK") && fs20.futimes) {
-          fs20.lutimes = function(path26, at, mt, cb) {
-            fs20.open(path26, constants.O_SYMLINK, function(er, fd) {
+      function patchLutimes(fs22) {
+        if (constants.hasOwnProperty("O_SYMLINK") && fs22.futimes) {
+          fs22.lutimes = function(path28, at, mt, cb) {
+            fs22.open(path28, constants.O_SYMLINK, function(er, fd) {
               if (er) {
                 if (cb) cb(er);
                 return;
               }
-              fs20.futimes(fd, at, mt, function(er2) {
-                fs20.close(fd, function(er22) {
+              fs22.futimes(fd, at, mt, function(er2) {
+                fs22.close(fd, function(er22) {
                   if (cb) cb(er2 || er22);
                 });
               });
             });
           };
-          fs20.lutimesSync = function(path26, at, mt) {
-            var fd = fs20.openSync(path26, constants.O_SYMLINK);
+          fs22.lutimesSync = function(path28, at, mt) {
+            var fd = fs22.openSync(path28, constants.O_SYMLINK);
             var ret;
             var threw = true;
             try {
-              ret = fs20.futimesSync(fd, at, mt);
+              ret = fs22.futimesSync(fd, at, mt);
               threw = false;
             } finally {
               if (threw) {
                 try {
-                  fs20.closeSync(fd);
+                  fs22.closeSync(fd);
                 } catch (er) {
                 }
               } else {
-                fs20.closeSync(fd);
+                fs22.closeSync(fd);
               }
             }
             return ret;
           };
-        } else if (fs20.futimes) {
-          fs20.lutimes = function(_a, _b, _c, cb) {
+        } else if (fs22.futimes) {
+          fs22.lutimes = function(_a, _b, _c, cb) {
             if (cb) process.nextTick(cb);
           };
-          fs20.lutimesSync = function() {
+          fs22.lutimesSync = function() {
           };
         }
       }
       function chmodFix(orig) {
         if (!orig) return orig;
         return function(target, mode, cb) {
-          return orig.call(fs19, target, mode, function(er) {
+          return orig.call(fs21, target, mode, function(er) {
             if (chownErOk(er)) er = null;
             if (cb) cb.apply(this, arguments);
           });
@@ -739,7 +739,7 @@ var require_polyfills = __commonJS({
         if (!orig) return orig;
         return function(target, mode) {
           try {
-            return orig.call(fs19, target, mode);
+            return orig.call(fs21, target, mode);
           } catch (er) {
             if (!chownErOk(er)) throw er;
           }
@@ -748,7 +748,7 @@ var require_polyfills = __commonJS({
       function chownFix(orig) {
         if (!orig) return orig;
         return function(target, uid, gid, cb) {
-          return orig.call(fs19, target, uid, gid, function(er) {
+          return orig.call(fs21, target, uid, gid, function(er) {
             if (chownErOk(er)) er = null;
             if (cb) cb.apply(this, arguments);
           });
@@ -758,7 +758,7 @@ var require_polyfills = __commonJS({
         if (!orig) return orig;
         return function(target, uid, gid) {
           try {
-            return orig.call(fs19, target, uid, gid);
+            return orig.call(fs21, target, uid, gid);
           } catch (er) {
             if (!chownErOk(er)) throw er;
           }
@@ -778,13 +778,13 @@ var require_polyfills = __commonJS({
             }
             if (cb) cb.apply(this, arguments);
           }
-          return options ? orig.call(fs19, target, options, callback) : orig.call(fs19, target, callback);
+          return options ? orig.call(fs21, target, options, callback) : orig.call(fs21, target, callback);
         };
       }
       function statFixSync(orig) {
         if (!orig) return orig;
         return function(target, options) {
-          var stats = options ? orig.call(fs19, target, options) : orig.call(fs19, target);
+          var stats = options ? orig.call(fs21, target, options) : orig.call(fs21, target);
           if (stats) {
             if (stats.uid < 0) stats.uid += 4294967296;
             if (stats.gid < 0) stats.gid += 4294967296;
@@ -813,16 +813,16 @@ var require_legacy_streams = __commonJS({
   "../../node_modules/graceful-fs/legacy-streams.js"(exports2, module2) {
     var Stream = require("stream").Stream;
     module2.exports = legacy;
-    function legacy(fs19) {
+    function legacy(fs21) {
       return {
         ReadStream,
         WriteStream
       };
-      function ReadStream(path26, options) {
-        if (!(this instanceof ReadStream)) return new ReadStream(path26, options);
+      function ReadStream(path28, options) {
+        if (!(this instanceof ReadStream)) return new ReadStream(path28, options);
         Stream.call(this);
         var self = this;
-        this.path = path26;
+        this.path = path28;
         this.fd = null;
         this.readable = true;
         this.paused = false;
@@ -856,7 +856,7 @@ var require_legacy_streams = __commonJS({
           });
           return;
         }
-        fs19.open(this.path, this.flags, this.mode, function(err, fd) {
+        fs21.open(this.path, this.flags, this.mode, function(err, fd) {
           if (err) {
             self.emit("error", err);
             self.readable = false;
@@ -867,10 +867,10 @@ var require_legacy_streams = __commonJS({
           self._read();
         });
       }
-      function WriteStream(path26, options) {
-        if (!(this instanceof WriteStream)) return new WriteStream(path26, options);
+      function WriteStream(path28, options) {
+        if (!(this instanceof WriteStream)) return new WriteStream(path28, options);
         Stream.call(this);
-        this.path = path26;
+        this.path = path28;
         this.fd = null;
         this.writable = true;
         this.flags = "w";
@@ -895,7 +895,7 @@ var require_legacy_streams = __commonJS({
         this.busy = false;
         this._queue = [];
         if (this.fd === null) {
-          this._open = fs19.open;
+          this._open = fs21.open;
           this._queue.push([this._open, this.path, this.flags, this.mode, void 0]);
           this.flush();
         }
@@ -930,7 +930,7 @@ var require_clone = __commonJS({
 // ../../node_modules/graceful-fs/graceful-fs.js
 var require_graceful_fs = __commonJS({
   "../../node_modules/graceful-fs/graceful-fs.js"(exports2, module2) {
-    var fs19 = require("fs");
+    var fs21 = require("fs");
     var polyfills = require_polyfills();
     var legacy = require_legacy_streams();
     var clone = require_clone();
@@ -962,12 +962,12 @@ var require_graceful_fs = __commonJS({
         m = "GFS4: " + m.split(/\n/).join("\nGFS4: ");
         console.error(m);
       };
-    if (!fs19[gracefulQueue]) {
+    if (!fs21[gracefulQueue]) {
       queue = global[gracefulQueue] || [];
-      publishQueue(fs19, queue);
-      fs19.close = (function(fs$close) {
+      publishQueue(fs21, queue);
+      fs21.close = (function(fs$close) {
         function close(fd, cb) {
-          return fs$close.call(fs19, fd, function(err) {
+          return fs$close.call(fs21, fd, function(err) {
             if (!err) {
               resetQueue();
             }
@@ -979,48 +979,48 @@ var require_graceful_fs = __commonJS({
           value: fs$close
         });
         return close;
-      })(fs19.close);
-      fs19.closeSync = (function(fs$closeSync) {
+      })(fs21.close);
+      fs21.closeSync = (function(fs$closeSync) {
         function closeSync2(fd) {
-          fs$closeSync.apply(fs19, arguments);
+          fs$closeSync.apply(fs21, arguments);
           resetQueue();
         }
         Object.defineProperty(closeSync2, previousSymbol, {
           value: fs$closeSync
         });
         return closeSync2;
-      })(fs19.closeSync);
+      })(fs21.closeSync);
       if (/\bgfs4\b/i.test(process.env.NODE_DEBUG || "")) {
         process.on("exit", function() {
-          debug(fs19[gracefulQueue]);
-          require("assert").equal(fs19[gracefulQueue].length, 0);
+          debug(fs21[gracefulQueue]);
+          require("assert").equal(fs21[gracefulQueue].length, 0);
         });
       }
     }
     var queue;
     if (!global[gracefulQueue]) {
-      publishQueue(global, fs19[gracefulQueue]);
-    }
-    module2.exports = patch(clone(fs19));
-    if (process.env.TEST_GRACEFUL_FS_GLOBAL_PATCH && !fs19.__patched) {
-      module2.exports = patch(fs19);
-      fs19.__patched = true;
-    }
-    function patch(fs20) {
-      polyfills(fs20);
-      fs20.gracefulify = patch;
-      fs20.createReadStream = createReadStream;
-      fs20.createWriteStream = createWriteStream;
-      var fs$readFile = fs20.readFile;
-      fs20.readFile = readFile;
-      function readFile(path26, options, cb) {
+      publishQueue(global, fs21[gracefulQueue]);
+    }
+    module2.exports = patch(clone(fs21));
+    if (process.env.TEST_GRACEFUL_FS_GLOBAL_PATCH && !fs21.__patched) {
+      module2.exports = patch(fs21);
+      fs21.__patched = true;
+    }
+    function patch(fs22) {
+      polyfills(fs22);
+      fs22.gracefulify = patch;
+      fs22.createReadStream = createReadStream;
+      fs22.createWriteStream = createWriteStream;
+      var fs$readFile = fs22.readFile;
+      fs22.readFile = readFile;
+      function readFile(path28, options, cb) {
         if (typeof options === "function")
           cb = options, options = null;
-        return go$readFile(path26, options, cb);
-        function go$readFile(path27, options2, cb2, startTime) {
-          return fs$readFile(path27, options2, function(err) {
+        return go$readFile(path28, options, cb);
+        function go$readFile(path29, options2, cb2, startTime) {
+          return fs$readFile(path29, options2, function(err) {
             if (err && (err.code === "EMFILE" || err.code === "ENFILE"))
-              enqueue([go$readFile, [path27, options2, cb2], err, startTime || Date.now(), Date.now()]);
+              enqueue([go$readFile, [path29, options2, cb2], err, startTime || Date.now(), Date.now()]);
             else {
               if (typeof cb2 === "function")
                 cb2.apply(this, arguments);
@@ -1028,16 +1028,16 @@ var require_graceful_fs = __commonJS({
           });
         }
       }
-      var fs$writeFile = fs20.writeFile;
-      fs20.writeFile = writeFile;
-      function writeFile(path26, data, options, cb) {
+      var fs$writeFile = fs22.writeFile;
+      fs22.writeFile = writeFile;
+      function writeFile(path28, data, options, cb) {
         if (typeof options === "function")
           cb = options, options = null;
-        return go$writeFile(path26, data, options, cb);
-        function go$writeFile(path27, data2, options2, cb2, startTime) {
-          return fs$writeFile(path27, data2, options2, function(err) {
+        return go$writeFile(path28, data, options, cb);
+        function go$writeFile(path29, data2, options2, cb2, startTime) {
+          return fs$writeFile(path29, data2, options2, function(err) {
             if (err && (err.code === "EMFILE" || err.code === "ENFILE"))
-              enqueue([go$writeFile, [path27, data2, options2, cb2], err, startTime || Date.now(), Date.now()]);
+              enqueue([go$writeFile, [path29, data2, options2, cb2], err, startTime || Date.now(), Date.now()]);
             else {
               if (typeof cb2 === "function")
                 cb2.apply(this, arguments);
@@ -1045,17 +1045,17 @@ var require_graceful_fs = __commonJS({
           });
         }
       }
-      var fs$appendFile = fs20.appendFile;
+      var fs$appendFile = fs22.appendFile;
       if (fs$appendFile)
-        fs20.appendFile = appendFile;
-      function appendFile(path26, data, options, cb) {
+        fs22.appendFile = appendFile;
+      function appendFile(path28, data, options, cb) {
         if (typeof options === "function")
           cb = options, options = null;
-        return go$appendFile(path26, data, options, cb);
-        function go$appendFile(path27, data2, options2, cb2, startTime) {
-          return fs$appendFile(path27, data2, options2, function(err) {
+        return go$appendFile(path28, data, options, cb);
+        function go$appendFile(path29, data2, options2, cb2, startTime) {
+          return fs$appendFile(path29, data2, options2, function(err) {
             if (err && (err.code === "EMFILE" || err.code === "ENFILE"))
-              enqueue([go$appendFile, [path27, data2, options2, cb2], err, startTime || Date.now(), Date.now()]);
+              enqueue([go$appendFile, [path29, data2, options2, cb2], err, startTime || Date.now(), Date.now()]);
             else {
               if (typeof cb2 === "function")
                 cb2.apply(this, arguments);
@@ -1063,9 +1063,9 @@ var require_graceful_fs = __commonJS({
           });
         }
       }
-      var fs$copyFile = fs20.copyFile;
+      var fs$copyFile = fs22.copyFile;
       if (fs$copyFile)
-        fs20.copyFile = copyFile;
+        fs22.copyFile = copyFile;
       function copyFile(src, dest, flags, cb) {
         if (typeof flags === "function") {
           cb = flags;
@@ -1083,34 +1083,34 @@ var require_graceful_fs = __commonJS({
           });
         }
       }
-      var fs$readdir = fs20.readdir;
-      fs20.readdir = readdir;
+      var fs$readdir = fs22.readdir;
+      fs22.readdir = readdir;
       var noReaddirOptionVersions = /^v[0-5]\./;
-      function readdir(path26, options, cb) {
+      function readdir(path28, options, cb) {
         if (typeof options === "function")
           cb = options, options = null;
-        var go$readdir = noReaddirOptionVersions.test(process.version) ? function go$readdir2(path27, options2, cb2, startTime) {
-          return fs$readdir(path27, fs$readdirCallback(
-            path27,
+        var go$readdir = noReaddirOptionVersions.test(process.version) ? function go$readdir2(path29, options2, cb2, startTime) {
+          return fs$readdir(path29, fs$readdirCallback(
+            path29,
             options2,
             cb2,
             startTime
           ));
-        } : function go$readdir2(path27, options2, cb2, startTime) {
-          return fs$readdir(path27, options2, fs$readdirCallback(
-            path27,
+        } : function go$readdir2(path29, options2, cb2, startTime) {
+          return fs$readdir(path29, options2, fs$readdirCallback(
+            path29,
             options2,
             cb2,
             startTime
           ));
         };
-        return go$readdir(path26, options, cb);
-        function fs$readdirCallback(path27, options2, cb2, startTime) {
+        return go$readdir(path28, options, cb);
+        function fs$readdirCallback(path29, options2, cb2, startTime) {
           return function(err, files) {
             if (err && (err.code === "EMFILE" || err.code === "ENFILE"))
               enqueue([
                 go$readdir,
-                [path27, options2, cb2],
+                [path29, options2, cb2],
                 err,
                 startTime || Date.now(),
                 Date.now()
@@ -1125,21 +1125,21 @@ var require_graceful_fs = __commonJS({
         }
       }
       if (process.version.substr(0, 4) === "v0.8") {
-        var legStreams = legacy(fs20);
+        var legStreams = legacy(fs22);
         ReadStream = legStreams.ReadStream;
         WriteStream = legStreams.WriteStream;
       }
-      var fs$ReadStream = fs20.ReadStream;
+      var fs$ReadStream = fs22.ReadStream;
       if (fs$ReadStream) {
         ReadStream.prototype = Object.create(fs$ReadStream.prototype);
         ReadStream.prototype.open = ReadStream$open;
       }
-      var fs$WriteStream = fs20.WriteStream;
+      var fs$WriteStream = fs22.WriteStream;
       if (fs$WriteStream) {
         WriteStream.prototype = Object.create(fs$WriteStream.prototype);
         WriteStream.prototype.open = WriteStream$open;
       }
-      Object.defineProperty(fs20, "ReadStream", {
+      Object.defineProperty(fs22, "ReadStream", {
         get: function() {
           return ReadStream;
         },
@@ -1149,7 +1149,7 @@ var require_graceful_fs = __commonJS({
         enumerable: true,
         configurable: true
       });
-      Object.defineProperty(fs20, "WriteStream", {
+      Object.defineProperty(fs22, "WriteStream", {
         get: function() {
           return WriteStream;
         },
@@ -1160,7 +1160,7 @@ var require_graceful_fs = __commonJS({
         configurable: true
       });
       var FileReadStream = ReadStream;
-      Object.defineProperty(fs20, "FileReadStream", {
+      Object.defineProperty(fs22, "FileReadStream", {
         get: function() {
           return FileReadStream;
         },
@@ -1171,7 +1171,7 @@ var require_graceful_fs = __commonJS({
         configurable: true
       });
       var FileWriteStream = WriteStream;
-      Object.defineProperty(fs20, "FileWriteStream", {
+      Object.defineProperty(fs22, "FileWriteStream", {
         get: function() {
           return FileWriteStream;
         },
@@ -1181,7 +1181,7 @@ var require_graceful_fs = __commonJS({
         enumerable: true,
         configurable: true
       });
-      function ReadStream(path26, options) {
+      function ReadStream(path28, options) {
         if (this instanceof ReadStream)
           return fs$ReadStream.apply(this, arguments), this;
         else
@@ -1201,7 +1201,7 @@ var require_graceful_fs = __commonJS({
           }
         });
       }
-      function WriteStream(path26, options) {
+      function WriteStream(path28, options) {
         if (this instanceof WriteStream)
           return fs$WriteStream.apply(this, arguments), this;
         else
@@ -1219,22 +1219,22 @@ var require_graceful_fs = __commonJS({
           }
         });
       }
-      function createReadStream(path26, options) {
-        return new fs20.ReadStream(path26, options);
+      function createReadStream(path28, options) {
+        return new fs22.ReadStream(path28, options);
       }
-      function createWriteStream(path26, options) {
-        return new fs20.WriteStream(path26, options);
+      function createWriteStream(path28, options) {
+        return new fs22.WriteStream(path28, options);
       }
-      var fs$open = fs20.open;
-      fs20.open = open;
-      function open(path26, flags, mode, cb) {
+      var fs$open = fs22.open;
+      fs22.open = open;
+      function open(path28, flags, mode, cb) {
         if (typeof mode === "function")
           cb = mode, mode = null;
-        return go$open(path26, flags, mode, cb);
-        function go$open(path27, flags2, mode2, cb2, startTime) {
-          return fs$open(path27, flags2, mode2, function(err, fd) {
+        return go$open(path28, flags, mode, cb);
+        function go$open(path29, flags2, mode2, cb2, startTime) {
+          return fs$open(path29, flags2, mode2, function(err, fd) {
             if (err && (err.code === "EMFILE" || err.code === "ENFILE"))
-              enqueue([go$open, [path27, flags2, mode2, cb2], err, startTime || Date.now(), Date.now()]);
+              enqueue([go$open, [path29, flags2, mode2, cb2], err, startTime || Date.now(), Date.now()]);
             else {
               if (typeof cb2 === "function")
                 cb2.apply(this, arguments);
@@ -1242,20 +1242,20 @@ var require_graceful_fs = __commonJS({
           });
         }
       }
-      return fs20;
+      return fs22;
     }
     function enqueue(elem) {
       debug("ENQUEUE", elem[0].name, elem[1]);
-      fs19[gracefulQueue].push(elem);
+      fs21[gracefulQueue].push(elem);
       retry();
     }
     var retryTimer;
     function resetQueue() {
       var now = Date.now();
-      for (var i = 0; i < fs19[gracefulQueue].length; ++i) {
-        if (fs19[gracefulQueue][i].length > 2) {
-          fs19[gracefulQueue][i][3] = now;
-          fs19[gracefulQueue][i][4] = now;
+      for (var i = 0; i < fs21[gracefulQueue].length; ++i) {
+        if (fs21[gracefulQueue][i].length > 2) {
+          fs21[gracefulQueue][i][3] = now;
+          fs21[gracefulQueue][i][4] = now;
         }
       }
       retry();
@@ -1263,9 +1263,9 @@ var require_graceful_fs = __commonJS({
     function retry() {
       clearTimeout(retryTimer);
       retryTimer = void 0;
-      if (fs19[gracefulQueue].length === 0)
+      if (fs21[gracefulQueue].length === 0)
         return;
-      var elem = fs19[gracefulQueue].shift();
+      var elem = fs21[gracefulQueue].shift();
       var fn = elem[0];
       var args = elem[1];
       var err = elem[2];
@@ -1287,7 +1287,7 @@ var require_graceful_fs = __commonJS({
           debug("RETRY", fn.name, args);
           fn.apply(null, args.concat([startTime]));
         } else {
-          fs19[gracefulQueue].push(elem);
+          fs21[gracefulQueue].push(elem);
         }
       }
       if (retryTimer === void 0) {
@@ -1722,10 +1722,10 @@ var require_mtime_precision = __commonJS({
   "../../node_modules/proper-lockfile/lib/mtime-precision.js"(exports2, module2) {
     "use strict";
     var cacheSymbol = /* @__PURE__ */ Symbol();
-    function probe(file, fs19, callback) {
-      const cachedPrecision = fs19[cacheSymbol];
+    function probe(file, fs21, callback) {
+      const cachedPrecision = fs21[cacheSymbol];
       if (cachedPrecision) {
-        return fs19.stat(file, (err, stat) => {
+        return fs21.stat(file, (err, stat) => {
           if (err) {
             return callback(err);
           }
@@ -1733,16 +1733,16 @@ var require_mtime_precision = __commonJS({
         });
       }
       const mtime = new Date(Math.ceil(Date.now() / 1e3) * 1e3 + 5);
-      fs19.utimes(file, mtime, mtime, (err) => {
+      fs21.utimes(file, mtime, mtime, (err) => {
         if (err) {
           return callback(err);
         }
-        fs19.stat(file, (err2, stat) => {
+        fs21.stat(file, (err2, stat) => {
           if (err2) {
             return callback(err2);
           }
           const precision = stat.mtime.getTime() % 1e3 === 0 ? "s" : "ms";
-          Object.defineProperty(fs19, cacheSymbol, { value: precision });
+          Object.defineProperty(fs21, cacheSymbol, { value: precision });
           callback(null, stat.mtime, precision);
         });
       });
@@ -1763,8 +1763,8 @@ var require_mtime_precision = __commonJS({
 var require_lockfile = __commonJS({
   "../../node_modules/proper-lockfile/lib/lockfile.js"(exports2, module2) {
     "use strict";
-    var path26 = require("path");
-    var fs19 = require_graceful_fs();
+    var path28 = require("path");
+    var fs21 = require_graceful_fs();
     var retry = require_retry2();
     var onExit = require_signal_exit();
     var mtimePrecision = require_mtime_precision();
@@ -1774,7 +1774,7 @@ var require_lockfile = __commonJS({
     }
     function resolveCanonicalPath(file, options, callback) {
       if (!options.realpath) {
-        return callback(null, path26.resolve(file));
+        return callback(null, path28.resolve(file));
       }
       options.fs.realpath(file, callback);
     }
@@ -1895,7 +1895,7 @@ var require_lockfile = __commonJS({
         update: null,
         realpath: true,
         retries: 0,
-        fs: fs19,
+        fs: fs21,
         onCompromised: (err) => {
           throw err;
         },
@@ -1939,7 +1939,7 @@ var require_lockfile = __commonJS({
     }
     function unlock(file, options, callback) {
       options = {
-        fs: fs19,
+        fs: fs21,
         realpath: true,
         ...options
       };
@@ -1961,7 +1961,7 @@ var require_lockfile = __commonJS({
       options = {
         stale: 1e4,
         realpath: true,
-        fs: fs19,
+        fs: fs21,
         ...options
       };
       options.stale = Math.max(options.stale || 0, 2e3);
@@ -2000,16 +2000,16 @@ var require_lockfile = __commonJS({
 var require_adapter = __commonJS({
   "../../node_modules/proper-lockfile/lib/adapter.js"(exports2, module2) {
     "use strict";
-    var fs19 = require_graceful_fs();
-    function createSyncFs(fs20) {
+    var fs21 = require_graceful_fs();
+    function createSyncFs(fs22) {
       const methods = ["mkdir", "realpath", "stat", "rmdir", "utimes"];
-      const newFs = { ...fs20 };
+      const newFs = { ...fs22 };
       methods.forEach((method) => {
         newFs[method] = (...args) => {
           const callback = args.pop();
           let ret;
           try {
-            ret = fs20[`${method}Sync`](...args);
+            ret = fs22[`${method}Sync`](...args);
           } catch (err) {
             return callback(err);
           }
@@ -2047,7 +2047,7 @@ var require_adapter = __commonJS({
     }
     function toSyncOptions(options) {
       options = { ...options };
-      options.fs = createSyncFs(options.fs || fs19);
+      options.fs = createSyncFs(options.fs || fs21);
       if (typeof options.retries === "number" && options.retries > 0 || options.retries && typeof options.retries.retries === "number" && options.retries.retries > 0) {
         throw Object.assign(new Error("Cannot use retries with the sync api"), { code: "ESYNC" });
       }
@@ -2702,7 +2702,7 @@ var require_age_encryption = __commonJS({
       };
     }
     // @__NO_SIDE_EFFECTS__
-    function join19(separator = "") {
+    function join20(separator = "") {
       astr("join", separator);
       return {
         encode: (from) => {
@@ -2832,9 +2832,9 @@ var require_age_encryption = __commonJS({
       decode(s) {
         return decodeBase64Builtin(s, false);
       }
-    } : /* @__PURE__ */ chain(/* @__PURE__ */ radix2(6), /* @__PURE__ */ alphabet("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"), /* @__PURE__ */ padding(6), /* @__PURE__ */ join19(""));
-    var base64nopad = /* @__PURE__ */ chain(/* @__PURE__ */ radix2(6), /* @__PURE__ */ alphabet("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"), /* @__PURE__ */ join19(""));
-    var BECH_ALPHABET = /* @__PURE__ */ chain(/* @__PURE__ */ alphabet("qpzry9x8gf2tvdw0s3jn54khce6mua7l"), /* @__PURE__ */ join19(""));
+    } : /* @__PURE__ */ chain(/* @__PURE__ */ radix2(6), /* @__PURE__ */ alphabet("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"), /* @__PURE__ */ padding(6), /* @__PURE__ */ join20(""));
+    var base64nopad = /* @__PURE__ */ chain(/* @__PURE__ */ radix2(6), /* @__PURE__ */ alphabet("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"), /* @__PURE__ */ join20(""));
+    var BECH_ALPHABET = /* @__PURE__ */ chain(/* @__PURE__ */ alphabet("qpzry9x8gf2tvdw0s3jn54khce6mua7l"), /* @__PURE__ */ join20(""));
     var POLYMOD_GENERATORS = [996825010, 642813549, 513874426, 1027748829, 705979059];
     function bech32Polymod(pre) {
       const b = pre >> 25;
@@ -9030,11 +9030,14 @@ __export(index_exports, {
   GitIntegration: () => GitIntegration,
   GitOperationError: () => GitOperationError,
   ImportRunner: () => ImportRunner,
+  InvalidArtifactError: () => InvalidArtifactError,
+  JsonEnvelopeBackend: () => JsonEnvelopeBackend,
   LintRunner: () => LintRunner,
   ManifestParser: () => ManifestParser,
   ManifestValidationError: () => ManifestValidationError,
   MatrixManager: () => MatrixManager,
   MemoryPackOutput: () => MemoryPackOutput,
+  PackBackendRegistry: () => PackBackendRegistry,
   PolicyEvaluator: () => PolicyEvaluator,
   PolicyParser: () => PolicyParser,
   PolicyValidationError: () => PolicyValidationError,
@@ -9063,6 +9066,7 @@ __export(index_exports, {
   TransactionPreflightError: () => TransactionPreflightError,
   TransactionRollbackError: () => TransactionRollbackError,
   VALID_KMS_PROVIDERS: () => VALID_KMS_PROVIDERS,
+  assertPackedArtifact: () => assertPackedArtifact,
   assertSops: () => assertSops,
   buildSigningPayload: () => buildSigningPayload,
   checkAll: () => checkAll,
@@ -9079,8 +9083,10 @@ __export(index_exports, {
   generateSigningKeyPair: () => generateSigningKeyPair,
   getPendingKeys: () => getPendingKeys,
   getRotations: () => getRotations,
+  isClefHsmArn: () => isClefHsmArn,
   isHighEntropy: () => isHighEntropy,
   isKmsEnvelope: () => isKmsEnvelope,
+  isPackedArtifact: () => isPackedArtifact,
   isPending: () => isPending,
   keyPreview: () => keyPreview,
   loadIgnoreRules: () => loadIgnoreRules,
@@ -9098,15 +9104,18 @@ __export(index_exports, {
   parseIgnoreContent: () => parseIgnoreContent,
   parseJson: () => parseJson,
   parseYaml: () => parseYaml,
+  pkcs11UriToSyntheticArn: () => pkcs11UriToSyntheticArn,
   readManifestYaml: () => readManifestYaml,
   recordRotation: () => recordRotation,
   redactValue: () => redactValue,
   removeAccessRequest: () => removeRequest,
   removeRotation: () => removeRotation,
   requestsFilePath: () => requestsFilePath,
+  resetKeyserviceResolution: () => resetKeyserviceResolution,
   resetSopsResolution: () => resetSopsResolution,
   resolveBackendConfig: () => resolveBackendConfig,
   resolveIdentitySecrets: () => resolveIdentitySecrets,
+  resolveKeyservicePath: () => resolveKeyservicePath,
   resolveRecipientsForEnvironment: () => resolveRecipientsForEnvironment,
   resolveSopsPath: () => resolveSopsPath,
   runCompliance: () => runCompliance,
@@ -9117,8 +9126,12 @@ __export(index_exports, {
   shouldIgnoreMatch: () => shouldIgnoreMatch,
   signEd25519: () => signEd25519,
   signKms: () => signKms,
+  spawnKeyservice: () => spawnKeyservice,
+  syntheticArnToPkcs11Uri: () => syntheticArnToPkcs11Uri,
+  tryBundledKeyservice: () => tryBundledKeyservice,
   upsertRequest: () => upsertRequest,
   validateAgePublicKey: () => validateAgePublicKey,
+  validatePackedArtifact: () => validatePackedArtifact,
   validateResetScope: () => validateResetScope,
   verifySignature: () => verifySignature,
   writeManifestYaml: () => writeManifestYaml,
@@ -9136,7 +9149,8 @@ function resolveBackendConfig(manifest, environment) {
     aws_kms_arn: manifest.sops.aws_kms_arn,
     gcp_kms_resource_id: manifest.sops.gcp_kms_resource_id,
     azure_kv_url: manifest.sops.azure_kv_url,
-    pgp_fingerprint: manifest.sops.pgp_fingerprint
+    pgp_fingerprint: manifest.sops.pgp_fingerprint,
+    pkcs11_uri: manifest.sops.pkcs11_uri
   };
 }
 function resolveRecipientsForEnvironment(manifest, environment) {
@@ -9283,7 +9297,8 @@ function keyPreview(key) {
 
 // src/manifest/parser.ts
 var CLEF_MANIFEST_FILENAME = "clef.yaml";
-var VALID_BACKENDS = ["age", "awskms", "gcpkms", "azurekv", "pgp"];
+var VALID_BACKENDS = ["age", "awskms", "gcpkms", "azurekv", "pgp", "hsm"];
+var PKCS11_URI_PATTERN = /^pkcs11:[a-zA-Z][a-zA-Z0-9_-]*=[^;]+/;
 var VALID_TOP_LEVEL_KEYS = [
   "version",
   "environments",
@@ -9442,12 +9457,27 @@ var ManifestParser = class {
             "environments"
           );
         }
+        if (backend === "hsm") {
+          if (typeof sopsOverride.pkcs11_uri !== "string") {
+            throw new ManifestValidationError(
+              `Environment '${envObj.name}' uses 'hsm' backend but is missing 'pkcs11_uri'.`,
+              "environments"
+            );
+          }
+          if (!PKCS11_URI_PATTERN.test(sopsOverride.pkcs11_uri)) {
+            throw new ManifestValidationError(
+              `Environment '${envObj.name}' has an invalid 'pkcs11_uri' '${sopsOverride.pkcs11_uri}'. Must start with 'pkcs11:' and contain at least one attribute (e.g. 'pkcs11:slot=0;label=clef-dek-wrapper').`,
+              "environments"
+            );
+          }
+        }
         result.sops = {
           backend,
           ...typeof sopsOverride.aws_kms_arn === "string" ? { aws_kms_arn: sopsOverride.aws_kms_arn } : {},
           ...typeof sopsOverride.gcp_kms_resource_id === "string" ? { gcp_kms_resource_id: sopsOverride.gcp_kms_resource_id } : {},
           ...typeof sopsOverride.azure_kv_url === "string" ? { azure_kv_url: sopsOverride.azure_kv_url } : {},
-          ...typeof sopsOverride.pgp_fingerprint === "string" ? { pgp_fingerprint: sopsOverride.pgp_fingerprint } : {}
+          ...typeof sopsOverride.pgp_fingerprint === "string" ? { pgp_fingerprint: sopsOverride.pgp_fingerprint } : {},
+          ...typeof sopsOverride.pkcs11_uri === "string" ? { pkcs11_uri: sopsOverride.pkcs11_uri } : {}
         };
       }
       if (envObj.recipients !== void 0) {
@@ -9579,7 +9609,7 @@ var ManifestParser = class {
     const sopsObj = obj.sops;
     if (!sopsObj.default_backend || typeof sopsObj.default_backend !== "string") {
       throw new ManifestValidationError(
-        "Field 'sops.default_backend' is required and must be one of: age, awskms, gcpkms, azurekv, pgp.",
+        `Field 'sops.default_backend' is required and must be one of: ${VALID_BACKENDS.join(", ")}.`,
         "sops.default_backend"
       );
     }
@@ -9606,13 +9636,32 @@ var ManifestParser = class {
         })
       }
     } : {};
+    if (sopsObj.pkcs11_uri !== void 0 && typeof sopsObj.pkcs11_uri !== "string") {
+      throw new ManifestValidationError(
+        "Field 'sops.pkcs11_uri' must be a string.",
+        "sops.pkcs11_uri"
+      );
+    }
+    if (typeof sopsObj.pkcs11_uri === "string" && !PKCS11_URI_PATTERN.test(sopsObj.pkcs11_uri)) {
+      throw new ManifestValidationError(
+        `Field 'sops.pkcs11_uri' has invalid format '${sopsObj.pkcs11_uri}'. Must start with 'pkcs11:' and contain at least one attribute (e.g. 'pkcs11:slot=0;label=clef-dek-wrapper').`,
+        "sops.pkcs11_uri"
+      );
+    }
+    if (sopsObj.default_backend === "hsm" && typeof sopsObj.pkcs11_uri !== "string") {
+      throw new ManifestValidationError(
+        "Field 'sops.pkcs11_uri' is required when sops.default_backend is 'hsm'.",
+        "sops.pkcs11_uri"
+      );
+    }
     const sopsConfig = {
       default_backend: sopsObj.default_backend,
       ...parsedAge,
       ...typeof sopsObj.aws_kms_arn === "string" ? { aws_kms_arn: sopsObj.aws_kms_arn } : {},
       ...typeof sopsObj.gcp_kms_resource_id === "string" ? { gcp_kms_resource_id: sopsObj.gcp_kms_resource_id } : {},
       ...typeof sopsObj.azure_kv_url === "string" ? { azure_kv_url: sopsObj.azure_kv_url } : {},
-      ...typeof sopsObj.pgp_fingerprint === "string" ? { pgp_fingerprint: sopsObj.pgp_fingerprint } : {}
+      ...typeof sopsObj.pgp_fingerprint === "string" ? { pgp_fingerprint: sopsObj.pgp_fingerprint } : {},
+      ...typeof sopsObj.pkcs11_uri === "string" ? { pkcs11_uri: sopsObj.pkcs11_uri } : {}
     };
     for (const env of environments) {
       if (env.recipients && env.recipients.length > 0) {
@@ -11577,6 +11626,39 @@ ${privateKey}
 `;
 }
 
+// src/sops/hsm-arn.ts
+var CLEF_HSM_ARN_RE = /^arn:aws[\w-]*:kms:[^:]+:\d+:alias\/clef-hsm\/(v\d+)\/([A-Za-z0-9_-]+)$/;
+var ARN_PREFIX = "arn:aws:kms:us-east-1:000000000000:alias/clef-hsm/v1/";
+var SUPPORTED_VERSION = "v1";
+function pkcs11UriToSyntheticArn(uri) {
+  if (!uri.startsWith("pkcs11:")) {
+    throw new Error(`Expected a pkcs11 URI starting with 'pkcs11:', got '${uri}'.`);
+  }
+  const payload = Buffer.from(uri, "utf8").toString("base64url");
+  const arn = ARN_PREFIX + payload;
+  if (!CLEF_HSM_ARN_RE.test(arn)) {
+    throw new Error(`Synthesized ARN failed self-validation: '${arn}'.`);
+  }
+  return arn;
+}
+function syntheticArnToPkcs11Uri(arn) {
+  const match = CLEF_HSM_ARN_RE.exec(arn);
+  if (!match) return null;
+  const [, version, payload] = match;
+  if (version !== SUPPORTED_VERSION) return null;
+  let decoded;
+  try {
+    decoded = Buffer.from(payload, "base64url").toString("utf8");
+  } catch {
+    return null;
+  }
+  if (!decoded.startsWith("pkcs11:")) return null;
+  return decoded;
+}
+function isClefHsmArn(arn) {
+  return CLEF_HSM_ARN_RE.test(arn);
+}
+
 // src/sops/client.ts
 function formatFromPath(filePath) {
   return filePath.endsWith(".json") ? "json" : "yaml";
@@ -11608,14 +11690,25 @@ var SopsClient = class {
    *   to the subprocess environment.
    * @param sopsPath - Optional explicit path to the sops binary. When omitted,
    *   resolved automatically via {@link resolveSopsPath}.
+   * @param keyserviceAddr - Optional address of an external SOPS KeyService
+   *   sidecar (e.g. `tcp://127.0.0.1:12345`). When set, every SOPS invocation
+   *   includes `--enable-local-keyservice=false --keyservice <addr>` so KMS
+   *   wrap/unwrap is routed to the sidecar (used for the HSM backend, where
+   *   the sidecar is `clef-keyservice` talking PKCS#11 to the HSM).
+   *
+   *   The flags are inserted **after** the SOPS subcommand — placing them
+   *   before is silently ignored by SOPS (a footgun discovered the first
+   *   time we shipped this).
    */
-  constructor(runner, ageKeyFile, ageKey, sopsPath) {
+  constructor(runner, ageKeyFile, ageKey, sopsPath, keyserviceAddr) {
     this.runner = runner;
     this.ageKeyFile = ageKeyFile;
     this.ageKey = ageKey;
     this.sopsCommand = sopsPath ?? resolveSopsPath().path;
+    this.keyserviceArgs = keyserviceAddr ? Object.freeze(["--enable-local-keyservice=false", "--keyservice", keyserviceAddr]) : Object.freeze([]);
   }
   sopsCommand;
+  keyserviceArgs;
   buildSopsEnv() {
     const env = {};
     if (this.ageKey) {
@@ -11640,7 +11733,7 @@ var SopsClient = class {
     const env = this.buildSopsEnv();
     const result = await this.runner.run(
       this.sopsCommand,
-      ["decrypt", "--output-type", fmt, filePath],
+      ["decrypt", ...this.keyserviceArgs, "--output-type", fmt, filePath],
       {
         ...env ? { env } : {}
       }
@@ -11707,6 +11800,7 @@ var SopsClient = class {
           "--config",
           configPath,
           "encrypt",
+          ...this.keyserviceArgs,
           ...args,
           "--input-type",
           fmt,
@@ -11763,7 +11857,7 @@ var SopsClient = class {
     const env = this.buildSopsEnv();
     const result = await this.runner.run(
       this.sopsCommand,
-      ["rotate", "-i", "--add-age", key, filePath],
+      ["rotate", ...this.keyserviceArgs, "-i", "--add-age", key, filePath],
       {
         ...env ? { env } : {}
       }
@@ -11787,7 +11881,7 @@ var SopsClient = class {
     const env = this.buildSopsEnv();
     const result = await this.runner.run(
       this.sopsCommand,
-      ["rotate", "-i", "--rm-age", key, filePath],
+      ["rotate", ...this.keyserviceArgs, "-i", "--rm-age", key, filePath],
       {
         ...env ? { env } : {}
       }
@@ -11902,7 +11996,14 @@ var SopsClient = class {
   }
   detectBackend(sops) {
     if (sops.age && Array.isArray(sops.age) && sops.age.length > 0) return "age";
-    if (sops.kms && Array.isArray(sops.kms) && sops.kms.length > 0) return "awskms";
+    if (sops.kms && Array.isArray(sops.kms) && sops.kms.length > 0) {
+      const kmsEntries = sops.kms;
+      const firstArn = kmsEntries[0]?.arn;
+      if (typeof firstArn === "string" && isClefHsmArn(firstArn)) {
+        return "hsm";
+      }
+      return "awskms";
+    }
     if (sops.gcp_kms && Array.isArray(sops.gcp_kms) && sops.gcp_kms.length > 0)
       return "gcpkms";
     if (sops.azure_kv && Array.isArray(sops.azure_kv) && sops.azure_kv.length > 0)
@@ -11920,6 +12021,13 @@ var SopsClient = class {
         const entries = sops.kms;
         return entries?.map((e) => String(e.arn ?? "")) ?? [];
       }
+      case "hsm": {
+        const entries = sops.kms;
+        return entries?.map((e) => {
+          const raw = String(e.arn ?? "");
+          return syntheticArnToPkcs11Uri(raw) ?? raw;
+        }) ?? [];
+      }
       case "gcpkms": {
         const entries = sops.gcp_kms;
         return entries?.map((e) => String(e.resource_id ?? "")) ?? [];
@@ -11945,7 +12053,8 @@ var SopsClient = class {
       aws_kms_arn: manifest.sops.aws_kms_arn,
       gcp_kms_resource_id: manifest.sops.gcp_kms_resource_id,
       azure_kv_url: manifest.sops.azure_kv_url,
-      pgp_fingerprint: manifest.sops.pgp_fingerprint
+      pgp_fingerprint: manifest.sops.pgp_fingerprint,
+      pkcs11_uri: manifest.sops.pkcs11_uri
     };
     switch (config.backend) {
       case "age": {
@@ -11977,13 +12086,172 @@ var SopsClient = class {
           args.push("--pgp", config.pgp_fingerprint);
         }
         break;
+      case "hsm":
+        if (config.pkcs11_uri) {
+          args.push("--kms", pkcs11UriToSyntheticArn(config.pkcs11_uri));
+        }
+        break;
     }
     return args;
   }
 };
 
-// src/lint/runner.ts
+// src/hsm/bundled.ts
+var fs14 = __toESM(require("fs"));
 var path12 = __toESM(require("path"));
+function tryBundledKeyservice() {
+  const platform = process.platform;
+  const arch = process.arch;
+  const archName = arch === "x64" ? "x64" : arch === "arm64" ? "arm64" : null;
+  if (!archName) return null;
+  const platformName = platform === "darwin" ? "darwin" : platform === "linux" ? "linux" : null;
+  if (!platformName) return null;
+  const packageName = `@clef-sh/keyservice-${platformName}-${archName}`;
+  const binName = "clef-keyservice";
+  try {
+    const packageMain = require.resolve(`${packageName}/package.json`);
+    const packageDir = path12.dirname(packageMain);
+    const binPath = path12.join(packageDir, "bin", binName);
+    return fs14.existsSync(binPath) ? binPath : null;
+  } catch {
+    return null;
+  }
+}
+
+// src/hsm/resolver.ts
+var fs15 = __toESM(require("fs"));
+var path13 = __toESM(require("path"));
+function validateKeyservicePath(candidate) {
+  if (!path13.isAbsolute(candidate)) {
+    throw new Error(`CLEF_KEYSERVICE_PATH must be an absolute path, got '${candidate}'.`);
+  }
+  const segments = candidate.split(/[/\\]/);
+  if (segments.includes("..")) {
+    throw new Error(
+      `CLEF_KEYSERVICE_PATH contains '..' path segments ('${candidate}'). Use an absolute path without directory traversal.`
+    );
+  }
+}
+var cached2;
+function resolveKeyservicePath() {
+  if (cached2) return cached2;
+  const envPath = process.env.CLEF_KEYSERVICE_PATH?.trim();
+  if (envPath) {
+    validateKeyservicePath(envPath);
+    if (!fs15.existsSync(envPath)) {
+      throw new Error(`CLEF_KEYSERVICE_PATH points to '${envPath}' but the file does not exist.`);
+    }
+    cached2 = { path: envPath, source: "env" };
+    return cached2;
+  }
+  const bundledPath = tryBundledKeyservice();
+  if (bundledPath) {
+    cached2 = { path: bundledPath, source: "bundled" };
+    return cached2;
+  }
+  cached2 = { path: "clef-keyservice", source: "system" };
+  return cached2;
+}
+function resetKeyserviceResolution() {
+  cached2 = void 0;
+}
+
+// src/hsm/keyservice.ts
+var import_child_process = require("child_process");
+var readline = __toESM(require("readline"));
+var PORT_REGEX = /^PORT=(\d+)$/;
+var STARTUP_TIMEOUT_MS = 5e3;
+var SHUTDOWN_TIMEOUT_MS = 3e3;
+async function spawnKeyservice(options) {
+  if (!options.pin && !options.pinFile) {
+    throw new Error(
+      "Keyservice requires a PIN. Set CLEF_PKCS11_PIN, CLEF_PKCS11_PIN_FILE, or .clef/config.yaml pkcs11_pin_file."
+    );
+  }
+  const args = ["--addr", "127.0.0.1:0", "--pkcs11-module", options.modulePath];
+  const childEnv = {
+    ...process.env,
+    ...options.extraEnv ?? {},
+    ...options.pin ? { CLEF_PKCS11_PIN: options.pin } : {},
+    ...options.pinFile ? { CLEF_PKCS11_PIN_FILE: options.pinFile } : {}
+  };
+  const child = (0, import_child_process.spawn)(options.binaryPath, args, {
+    stdio: ["ignore", "pipe", "pipe"],
+    env: childEnv
+  });
+  const port = await readPort(child);
+  return {
+    addr: `tcp://127.0.0.1:${port}`,
+    kill: () => killGracefully(child)
+  };
+}
+function readPort(child) {
+  return new Promise((resolve, reject) => {
+    let settled = false;
+    if (!child.stdout) {
+      reject(new Error("Keyservice child has no stdout pipe."));
+      return;
+    }
+    const rl = readline.createInterface({ input: child.stdout });
+    const settle = () => {
+      clearTimeout(timer);
+      rl.close();
+    };
+    const timer = setTimeout(() => {
+      if (!settled) {
+        settled = true;
+        settle();
+        child.kill("SIGKILL");
+        reject(
+          new Error(
+            `clef-keyservice did not report a port within ${STARTUP_TIMEOUT_MS}ms. Check that the PKCS#11 module path is valid and the PIN is correct.`
+          )
+        );
+      }
+    }, STARTUP_TIMEOUT_MS);
+    rl.on("line", (line) => {
+      const match = PORT_REGEX.exec(line);
+      if (match && !settled) {
+        settled = true;
+        settle();
+        resolve(parseInt(match[1], 10));
+      }
+    });
+    child.on("error", (err) => {
+      if (!settled) {
+        settled = true;
+        settle();
+        reject(new Error(`Failed to start clef-keyservice: ${err.message}`));
+      }
+    });
+    child.on("exit", (code) => {
+      if (!settled) {
+        settled = true;
+        settle();
+        reject(new Error(`clef-keyservice exited with code ${code} before reporting a port.`));
+      }
+    });
+  });
+}
+function killGracefully(child) {
+  return new Promise((resolve) => {
+    if (child.exitCode !== null) {
+      resolve();
+      return;
+    }
+    const timer = setTimeout(() => {
+      child.kill("SIGKILL");
+    }, SHUTDOWN_TIMEOUT_MS);
+    child.on("exit", () => {
+      clearTimeout(timer);
+      resolve();
+    });
+    child.kill("SIGTERM");
+  });
+}
+
+// src/lint/runner.ts
+var path14 = __toESM(require("path"));
 var LintRunner = class {
   constructor(matrixManager, schemaValidator, sopsClient) {
     this.matrixManager = matrixManager;
@@ -12083,7 +12351,7 @@ var LintRunner = class {
         }
         const ns = manifest.namespaces.find((n) => n.name === cell.namespace);
         if (ns?.schema) {
-          const schemaPath = path12.join(repoRoot, ns.schema);
+          const schemaPath = path14.join(repoRoot, ns.schema);
           try {
             const schema = this.schemaValidator.loadSchema(schemaPath);
             const result = this.schemaValidator.validate(decrypted.values, schema);
@@ -12370,14 +12638,14 @@ Use 'clef exec' to inject secrets directly into a process, or 'clef export --for
 };
 
 // src/import/index.ts
-var path14 = __toESM(require("path"));
+var path16 = __toESM(require("path"));
 
 // src/import/parsers.ts
-var path13 = __toESM(require("path"));
+var path15 = __toESM(require("path"));
 var YAML8 = __toESM(require("yaml"));
 function detectFormat(filePath, content) {
-  const base = path13.basename(filePath);
-  const ext = path13.extname(filePath).toLowerCase();
+  const base = path15.basename(filePath);
+  const ext = path15.extname(filePath).toLowerCase();
   if (base === ".env" || base.startsWith(".env.")) {
     return "dotenv";
   }
@@ -12543,7 +12811,7 @@ var ImportRunner = class {
    */
   async import(target, sourcePath, content, manifest, repoRoot, options) {
     const [ns, env] = target.split("/");
-    const filePath = path14.join(
+    const filePath = path16.join(
       repoRoot,
       manifest.file_pattern.replace("{namespace}", ns).replace("{environment}", env)
     );
@@ -12595,7 +12863,7 @@ var ImportRunner = class {
     if (imported.length === 0) {
       return { imported, skipped, failed, warnings, dryRun: false };
     }
-    const relCellPath = path14.relative(repoRoot, filePath);
+    const relCellPath = path16.relative(repoRoot, filePath);
     const relMetaPath = relCellPath.replace(/\.enc\.(yaml|json)$/, ".clef-meta.yaml");
     await this.tx.run(repoRoot, {
       description: `clef import ${target}: ${imported.length} key(s)`,
@@ -12614,7 +12882,7 @@ var ImportRunner = class {
 };
 
 // src/recipients/index.ts
-var path15 = __toESM(require("path"));
+var path17 = __toESM(require("path"));
 function parseRecipientEntry(entry) {
   if (typeof entry === "string") {
     return { key: entry };
@@ -12739,7 +13007,7 @@ var RecipientManager = class {
     const reEncryptedFiles = [];
     await this.tx.run(repoRoot, {
       description: environment ? `clef recipients add ${keyPreview(normalizedKey)} -e ${environment}` : `clef recipients add ${keyPreview(normalizedKey)}`,
-      paths: [...cells.map((c) => path15.relative(repoRoot, c.filePath)), CLEF_MANIFEST_FILENAME],
+      paths: [...cells.map((c) => path17.relative(repoRoot, c.filePath)), CLEF_MANIFEST_FILENAME],
       mutate: async () => {
         const doc = readManifestYaml(repoRoot);
         const recipients = environment ? ensureEnvironmentRecipientsArray(doc, environment) : ensureRecipientsArray(doc);
@@ -12798,7 +13066,7 @@ var RecipientManager = class {
     const reEncryptedFiles = [];
     await this.tx.run(repoRoot, {
       description: environment ? `clef recipients remove ${keyPreview(trimmedKey)} -e ${environment}` : `clef recipients remove ${keyPreview(trimmedKey)}`,
-      paths: [...cells.map((c) => path15.relative(repoRoot, c.filePath)), CLEF_MANIFEST_FILENAME],
+      paths: [...cells.map((c) => path17.relative(repoRoot, c.filePath)), CLEF_MANIFEST_FILENAME],
       mutate: async () => {
         const doc = readManifestYaml(repoRoot);
         const recipients = environment ? ensureEnvironmentRecipientsArray(doc, environment) : ensureRecipientsArray(doc);
@@ -12827,19 +13095,19 @@ var RecipientManager = class {
 };
 
 // src/recipients/requests.ts
-var fs14 = __toESM(require("fs"));
-var path16 = __toESM(require("path"));
+var fs16 = __toESM(require("fs"));
+var path18 = __toESM(require("path"));
 var YAML9 = __toESM(require("yaml"));
 var REQUESTS_FILENAME = ".clef-requests.yaml";
 var HEADER_COMMENT2 = "# Pending recipient access requests. Approve with: clef recipients approve <label>\n";
 function requestsFilePath(repoRoot) {
-  return path16.join(repoRoot, REQUESTS_FILENAME);
+  return path18.join(repoRoot, REQUESTS_FILENAME);
 }
 function loadRequests(repoRoot) {
   const filePath = requestsFilePath(repoRoot);
   try {
-    if (!fs14.existsSync(filePath)) return [];
-    const content = fs14.readFileSync(filePath, "utf-8");
+    if (!fs16.existsSync(filePath)) return [];
+    const content = fs16.readFileSync(filePath, "utf-8");
     const parsed = YAML9.parse(content);
     if (!parsed || !Array.isArray(parsed.requests)) return [];
     return parsed.requests.map((r) => ({
@@ -12856,7 +13124,7 @@ function saveRequests(repoRoot, requests) {
   const filePath = requestsFilePath(repoRoot);
   if (requests.length === 0) {
     try {
-      fs14.unlinkSync(filePath);
+      fs16.unlinkSync(filePath);
     } catch {
     }
     return;
@@ -12872,7 +13140,7 @@ function saveRequests(repoRoot, requests) {
       return raw;
     })
   };
-  fs14.writeFileSync(filePath, HEADER_COMMENT2 + YAML9.stringify(data), "utf-8");
+  fs16.writeFileSync(filePath, HEADER_COMMENT2 + YAML9.stringify(data), "utf-8");
 }
 function upsertRequest(repoRoot, key, label, environment) {
   const requests = loadRequests(repoRoot);
@@ -12908,7 +13176,7 @@ function findInList(requests, identifier) {
 }
 
 // src/drift/detector.ts
-var path17 = __toESM(require("path"));
+var path19 = __toESM(require("path"));
 var DriftDetector = class {
   parser = new ManifestParser();
   matrix = new MatrixManager();
@@ -12921,8 +13189,8 @@ var DriftDetector = class {
    * @returns Drift result with any issues found.
    */
   detect(localRoot, remoteRoot, namespaceFilter) {
-    const localManifest = this.parser.parse(path17.join(localRoot, CLEF_MANIFEST_FILENAME));
-    const remoteManifest = this.parser.parse(path17.join(remoteRoot, CLEF_MANIFEST_FILENAME));
+    const localManifest = this.parser.parse(path19.join(localRoot, CLEF_MANIFEST_FILENAME));
+    const remoteManifest = this.parser.parse(path19.join(remoteRoot, CLEF_MANIFEST_FILENAME));
     const localCells = this.matrix.resolveMatrix(localManifest, localRoot);
     const remoteCells = this.matrix.resolveMatrix(remoteManifest, remoteRoot);
     const localEnvNames = localManifest.environments.map((e) => e.name);
@@ -12986,7 +13254,7 @@ var DriftDetector = class {
 };
 
 // src/report/generator.ts
-var path18 = __toESM(require("path"));
+var path20 = __toESM(require("path"));
 
 // src/report/sanitizer.ts
 var ReportSanitizer = class {
@@ -13142,7 +13410,7 @@ var ReportGenerator = class {
     let manifest = null;
     try {
       const parser = new ManifestParser();
-      manifest = parser.parse(path18.join(repoRoot, "clef.yaml"));
+      manifest = parser.parse(path20.join(repoRoot, "clef.yaml"));
     } catch {
       const emptyManifest = {
         manifestVersion: 0,
@@ -13620,7 +13888,7 @@ var SopsMergeDriver = class {
 };
 
 // src/merge/metadata-driver.ts
-var fs15 = __toESM(require("fs"));
+var fs17 = __toESM(require("fs"));
 var YAML10 = __toESM(require("yaml"));
 var HEADER_COMMENT3 = "# Managed by Clef. Do not edit manually.\n";
 function parseMetadata(content) {
@@ -13723,14 +13991,14 @@ function mergeMetadataContents(oursContent, theirsContent) {
   return serializeMetadata({ version: 1, pending, rotations });
 }
 function mergeMetadataFiles(_basePath, oursPath, theirsPath) {
-  const oursContent = fs15.existsSync(oursPath) ? fs15.readFileSync(oursPath, "utf-8") : "";
-  const theirsContent = fs15.existsSync(theirsPath) ? fs15.readFileSync(theirsPath, "utf-8") : "";
+  const oursContent = fs17.existsSync(oursPath) ? fs17.readFileSync(oursPath, "utf-8") : "";
+  const theirsContent = fs17.existsSync(theirsPath) ? fs17.readFileSync(theirsPath, "utf-8") : "";
   const merged = mergeMetadataContents(oursContent, theirsContent);
-  fs15.writeFileSync(oursPath, merged, "utf-8");
+  fs17.writeFileSync(oursPath, merged, "utf-8");
 }
 
 // src/service-identity/manager.ts
-var path19 = __toESM(require("path"));
+var path21 = __toESM(require("path"));
 var ServiceIdentityManager = class {
   constructor(encryption, matrixManager, tx) {
     this.encryption = encryption;
@@ -13742,7 +14010,7 @@ var ServiceIdentityManager = class {
    * to seed TransactionManager.run's `paths` argument.
    */
   txPaths(repoRoot, cells) {
-    return [...cells.map((c) => path19.relative(repoRoot, c.filePath)), CLEF_MANIFEST_FILENAME];
+    return [...cells.map((c) => path21.relative(repoRoot, c.filePath)), CLEF_MANIFEST_FILENAME];
   }
   /**
    * Create a new service identity with per-environment age key pairs or KMS envelope config.
@@ -14264,8 +14532,8 @@ var ServiceIdentityManager = class {
 };
 
 // src/structure/manager.ts
-var fs16 = __toESM(require("fs"));
-var path20 = __toESM(require("path"));
+var fs18 = __toESM(require("fs"));
+var path22 = __toESM(require("path"));
 var StructureManager = class {
   constructor(matrixManager, encryption, tx) {
     this.matrixManager = matrixManager;
@@ -14286,15 +14554,15 @@ var StructureManager = class {
     this.assertValidIdentifier("namespace", name);
     const newCellPaths = manifest.environments.map((env) => ({
       environment: env.name,
-      filePath: path20.join(
+      filePath: path22.join(
         repoRoot,
         manifest.file_pattern.replace("{namespace}", name).replace("{environment}", env.name)
       )
     }));
     for (const cell of newCellPaths) {
-      if (fs16.existsSync(cell.filePath)) {
+      if (fs18.existsSync(cell.filePath)) {
         throw new Error(
-          `Cannot add namespace '${name}': file '${path20.relative(repoRoot, cell.filePath)}' already exists.`
+          `Cannot add namespace '${name}': file '${path22.relative(repoRoot, cell.filePath)}' already exists.`
         );
       }
     }
@@ -14313,7 +14581,7 @@ var StructureManager = class {
     await this.tx.run(repoRoot, {
       description: `clef namespace add ${name}`,
       paths: [
-        ...newCellPaths.map((c) => path20.relative(repoRoot, c.filePath)),
+        ...newCellPaths.map((c) => path22.relative(repoRoot, c.filePath)),
         CLEF_MANIFEST_FILENAME
       ],
       mutate: async () => {
@@ -14358,15 +14626,15 @@ var StructureManager = class {
     this.assertValidIdentifier("environment", name);
     const newCellPaths = manifest.namespaces.map((ns) => ({
       namespace: ns.name,
-      filePath: path20.join(
+      filePath: path22.join(
         repoRoot,
         manifest.file_pattern.replace("{namespace}", ns.name).replace("{environment}", name)
       )
     }));
     for (const cell of newCellPaths) {
-      if (fs16.existsSync(cell.filePath)) {
+      if (fs18.existsSync(cell.filePath)) {
         throw new Error(
-          `Cannot add environment '${name}': file '${path20.relative(repoRoot, cell.filePath)}' already exists.`
+          `Cannot add environment '${name}': file '${path22.relative(repoRoot, cell.filePath)}' already exists.`
         );
       }
     }
@@ -14385,7 +14653,7 @@ var StructureManager = class {
     await this.tx.run(repoRoot, {
       description: `clef env add ${name}`,
       paths: [
-        ...newCellPaths.map((c) => path20.relative(repoRoot, c.filePath)),
+        ...newCellPaths.map((c) => path22.relative(repoRoot, c.filePath)),
         CLEF_MANIFEST_FILENAME
       ],
       mutate: async () => {
@@ -14448,7 +14716,7 @@ var StructureManager = class {
       paths: this.deletePaths(repoRoot, cellsToDelete),
       mutate: async () => {
         for (const cell of cellsToDelete) {
-          fs16.unlinkSync(cell.filePath);
+          fs18.unlinkSync(cell.filePath);
           this.unlinkMetaSibling(cell.filePath);
         }
         const doc = readManifestYaml(repoRoot);
@@ -14498,7 +14766,7 @@ var StructureManager = class {
       paths: this.deletePaths(repoRoot, cellsToDelete),
       mutate: async () => {
         for (const cell of cellsToDelete) {
-          fs16.unlinkSync(cell.filePath);
+          fs18.unlinkSync(cell.filePath);
           this.unlinkMetaSibling(cell.filePath);
         }
         const doc = readManifestYaml(repoRoot);
@@ -14540,9 +14808,9 @@ var StructureManager = class {
     const renamePairs = isRename ? this.collectRenamePairs(manifest, repoRoot, name, opts.rename, "namespace") : [];
     if (isRename) {
       for (const pair of renamePairs) {
-        if (fs16.existsSync(pair.to)) {
+        if (fs18.existsSync(pair.to)) {
           throw new Error(
-            `Rename target '${path20.relative(repoRoot, pair.to)}' already exists. Move or remove it first.`
+            `Rename target '${path22.relative(repoRoot, pair.to)}' already exists. Move or remove it first.`
           );
         }
       }
@@ -14583,9 +14851,9 @@ var StructureManager = class {
     const renamePairs = isRename ? this.collectRenamePairs(manifest, repoRoot, name, opts.rename, "environment") : [];
     if (isRename) {
       for (const pair of renamePairs) {
-        if (fs16.existsSync(pair.to)) {
+        if (fs18.existsSync(pair.to)) {
           throw new Error(
-            `Rename target '${path20.relative(repoRoot, pair.to)}' already exists. Move or remove it first.`
+            `Rename target '${path22.relative(repoRoot, pair.to)}' already exists. Move or remove it first.`
           );
         }
       }
@@ -14620,7 +14888,7 @@ var StructureManager = class {
       const newCellPath = this.swapAxisInCellPath(repoRoot, manifest, cell, axis, newName);
       pairs.push({ from: cell.filePath, to: newCellPath });
       const oldMeta = cell.filePath.replace(/\.enc\.(yaml|json)$/, ".clef-meta.yaml");
-      if (fs16.existsSync(oldMeta)) {
+      if (fs18.existsSync(oldMeta)) {
         const newMeta = newCellPath.replace(/\.enc\.(yaml|json)$/, ".clef-meta.yaml");
         pairs.push({ from: oldMeta, to: newMeta });
       }
@@ -14635,7 +14903,7 @@ var StructureManager = class {
   swapAxisInCellPath(repoRoot, manifest, cell, axis, newName) {
     const ns = axis === "namespace" ? newName : cell.namespace;
     const env = axis === "environment" ? newName : cell.environment;
-    return path20.join(
+    return path22.join(
       repoRoot,
       manifest.file_pattern.replace("{namespace}", ns).replace("{environment}", env)
     );
@@ -14647,8 +14915,8 @@ var StructureManager = class {
   txPaths(repoRoot, renamePairs) {
     const paths = /* @__PURE__ */ new Set();
     for (const pair of renamePairs) {
-      paths.add(path20.relative(repoRoot, pair.from));
-      paths.add(path20.relative(repoRoot, pair.to));
+      paths.add(path22.relative(repoRoot, pair.from));
+      paths.add(path22.relative(repoRoot, pair.to));
     }
     paths.add(CLEF_MANIFEST_FILENAME);
     return [...paths];
@@ -14659,11 +14927,11 @@ var StructureManager = class {
    */
   applyRenames(pairs) {
     for (const pair of pairs) {
-      const targetDir = path20.dirname(pair.to);
-      if (!fs16.existsSync(targetDir)) {
-        fs16.mkdirSync(targetDir, { recursive: true });
+      const targetDir = path22.dirname(pair.to);
+      if (!fs18.existsSync(targetDir)) {
+        fs18.mkdirSync(targetDir, { recursive: true });
       }
-      fs16.renameSync(pair.from, pair.to);
+      fs18.renameSync(pair.from, pair.to);
     }
   }
   /**
@@ -14674,10 +14942,10 @@ var StructureManager = class {
   deletePaths(repoRoot, cells) {
     const paths = /* @__PURE__ */ new Set();
     for (const cell of cells) {
-      paths.add(path20.relative(repoRoot, cell.filePath));
+      paths.add(path22.relative(repoRoot, cell.filePath));
       const meta = cell.filePath.replace(/\.enc\.(yaml|json)$/, ".clef-meta.yaml");
-      if (fs16.existsSync(meta)) {
-        paths.add(path20.relative(repoRoot, meta));
+      if (fs18.existsSync(meta)) {
+        paths.add(path22.relative(repoRoot, meta));
       }
     }
     paths.add(CLEF_MANIFEST_FILENAME);
@@ -14690,8 +14958,8 @@ var StructureManager = class {
    */
   unlinkMetaSibling(cellPath) {
     const meta = cellPath.replace(/\.enc\.(yaml|json)$/, ".clef-meta.yaml");
-    if (fs16.existsSync(meta)) {
-      fs16.unlinkSync(meta);
+    if (fs18.existsSync(meta)) {
+      fs18.unlinkSync(meta);
     }
   }
   /**
@@ -14836,20 +15104,20 @@ async function resolveIdentitySecrets(identityName, environment, manifest, repoR
 var crypto4 = __toESM(require("crypto"));
 
 // src/artifact/output.ts
-var fs17 = __toESM(require("fs"));
-var path21 = __toESM(require("path"));
+var fs19 = __toESM(require("fs"));
+var path23 = __toESM(require("path"));
 var FilePackOutput = class {
   constructor(outputPath) {
     this.outputPath = outputPath;
   }
   async write(_artifact, json) {
-    const outputDir = path21.dirname(this.outputPath);
-    if (!fs17.existsSync(outputDir)) {
-      fs17.mkdirSync(outputDir, { recursive: true });
+    const outputDir = path23.dirname(this.outputPath);
+    if (!fs19.existsSync(outputDir)) {
+      fs19.mkdirSync(outputDir, { recursive: true });
     }
     const tmpOutput = `${this.outputPath}.tmp.${process.pid}`;
-    fs17.writeFileSync(tmpOutput, json, "utf-8");
-    fs17.renameSync(tmpOutput, this.outputPath);
+    fs19.writeFileSync(tmpOutput, json, "utf-8");
+    fs19.renameSync(tmpOutput, this.outputPath);
   }
 };
 var MemoryPackOutput = class {
@@ -15056,28 +15324,187 @@ var ArtifactPacker = class {
     const json = JSON.stringify(artifact, null, 2);
     const output = config.output ?? new FilePackOutput(config.outputPath ?? "artifact.json");
     await output.write(artifact, json);
+    const keys = Object.keys(resolved.values);
     return {
       outputPath: config.outputPath ?? "",
       namespaceCount: resolved.identity.namespaces.length,
-      keyCount: Object.keys(resolved.values).length,
+      keyCount: keys.length,
+      keys,
       artifactSize: Buffer.byteLength(json, "utf-8"),
       revision: artifact.revision
     };
   }
 };
 
+// src/artifact/guards.ts
+var InvalidArtifactError = class extends ClefError {
+  constructor(message) {
+    super(
+      message,
+      "Ensure the artifact was produced by a compatible clef version and was not tampered with."
+    );
+    this.name = "InvalidArtifactError";
+  }
+};
+var VALID_SIGNATURE_ALGORITHMS = ["Ed25519", "ECDSA_SHA256"];
+function isKmsEnvelope2(x) {
+  if (typeof x !== "object" || x === null) return false;
+  const o = x;
+  return typeof o.provider === "string" && typeof o.keyId === "string" && typeof o.wrappedKey === "string" && typeof o.algorithm === "string" && typeof o.iv === "string" && typeof o.authTag === "string";
+}
+function validatePackedArtifact(x) {
+  if (typeof x !== "object" || x === null) {
+    return { valid: false, reason: "expected object" };
+  }
+  const o = x;
+  if (o.version !== 1) {
+    return { valid: false, reason: `unsupported version: ${String(o.version)}` };
+  }
+  if (typeof o.identity !== "string") {
+    return { valid: false, reason: "missing or invalid 'identity' (expected string)" };
+  }
+  if (typeof o.environment !== "string") {
+    return { valid: false, reason: "missing or invalid 'environment' (expected string)" };
+  }
+  if (typeof o.packedAt !== "string") {
+    return { valid: false, reason: "missing or invalid 'packedAt' (expected string)" };
+  }
+  if (typeof o.revision !== "string") {
+    return { valid: false, reason: "missing or invalid 'revision' (expected string)" };
+  }
+  if (typeof o.ciphertextHash !== "string") {
+    return { valid: false, reason: "missing or invalid 'ciphertextHash' (expected string)" };
+  }
+  if (typeof o.ciphertext !== "string") {
+    return { valid: false, reason: "missing or invalid 'ciphertext' (expected string)" };
+  }
+  if (o.envelope !== void 0 && !isKmsEnvelope2(o.envelope)) {
+    return { valid: false, reason: "invalid 'envelope' (expected KmsEnvelope shape)" };
+  }
+  if (o.expiresAt !== void 0 && typeof o.expiresAt !== "string") {
+    return { valid: false, reason: "invalid 'expiresAt' (expected string)" };
+  }
+  if (o.revokedAt !== void 0 && typeof o.revokedAt !== "string") {
+    return { valid: false, reason: "invalid 'revokedAt' (expected string)" };
+  }
+  if (o.signature !== void 0 && typeof o.signature !== "string") {
+    return { valid: false, reason: "invalid 'signature' (expected string)" };
+  }
+  if (o.signatureAlgorithm !== void 0 && !VALID_SIGNATURE_ALGORITHMS.includes(o.signatureAlgorithm)) {
+    return {
+      valid: false,
+      reason: `invalid 'signatureAlgorithm': expected one of ${VALID_SIGNATURE_ALGORITHMS.join(", ")}`
+    };
+  }
+  return { valid: true, value: o };
+}
+function isPackedArtifact(x) {
+  return validatePackedArtifact(x).valid;
+}
+function assertPackedArtifact(x, context) {
+  const result = validatePackedArtifact(x);
+  if (!result.valid) {
+    const prefix = context ? `${context}: ` : "";
+    throw new InvalidArtifactError(`${prefix}${result.reason}`);
+  }
+}
+
+// src/pack/registry.ts
+var PackBackendRegistry = class {
+  factories = /* @__PURE__ */ new Map();
+  /**
+   * Register a backend factory under the given id. Throws if a backend
+   * with the same id is already registered — collisions surface as a clear
+   * error rather than a silent overwrite.
+   */
+  register(id, factory) {
+    if (this.factories.has(id)) {
+      throw new Error(`Pack backend "${id}" is already registered.`);
+    }
+    this.factories.set(id, factory);
+  }
+  /** Whether a backend with the given id has been registered. */
+  has(id) {
+    return this.factories.has(id);
+  }
+  /** Registered backend ids, in registration order. */
+  list() {
+    return [...this.factories.keys()];
+  }
+  /**
+   * Resolve a backend by id. Throws if unknown. Factories may be async so
+   * a plugin package can defer construction (e.g. loading a heavy SDK only
+   * when the backend is actually used).
+   */
+  async resolve(id) {
+    const factory = this.factories.get(id);
+    if (!factory) {
+      const available = this.list().join(", ") || "(none)";
+      throw new Error(`Unknown pack backend "${id}". Available backends: ${available}`);
+    }
+    return await factory();
+  }
+};
+
+// src/pack/backends/json-envelope.ts
+var JsonEnvelopeBackend = class {
+  id = "json-envelope";
+  description = "Write the Clef JSON artifact envelope to a local file (default).";
+  validateOptions(raw) {
+    const opts = raw;
+    if (opts.signingKey && opts.signingKmsKeyId) {
+      throw new Error(
+        "Cannot specify both signingKey (Ed25519) and signingKmsKeyId (KMS). Choose one."
+      );
+    }
+    if (!opts.outputPath && !opts.output) {
+      throw new Error("json-envelope backend requires an 'outputPath' or 'output' option.");
+    }
+  }
+  async pack(req) {
+    const opts = req.backendOptions;
+    const packer = new ArtifactPacker(
+      req.services.encryption,
+      new MatrixManager(),
+      req.services.kms
+    );
+    const output = opts.output ?? (opts.outputPath ? new FilePackOutput(opts.outputPath) : void 0);
+    const result = await packer.pack(
+      {
+        identity: req.identity,
+        environment: req.environment,
+        outputPath: opts.outputPath,
+        output,
+        ttl: req.ttl,
+        signingKey: opts.signingKey,
+        signingKmsKeyId: opts.signingKmsKeyId
+      },
+      req.manifest,
+      req.repoRoot
+    );
+    return {
+      ...result,
+      backend: this.id,
+      details: {
+        outputPath: opts.outputPath ?? null
+      }
+    };
+  }
+};
+
 // src/kms/types.ts
 var VALID_KMS_PROVIDERS = ["aws", "gcp", "azure"];
 
 // src/migration/backend.ts
-var path22 = __toESM(require("path"));
+var path24 = __toESM(require("path"));
 var YAML11 = __toESM(require("yaml"));
 var BACKEND_KEY_FIELDS = {
   age: void 0,
   awskms: "aws_kms_arn",
   gcpkms: "gcp_kms_resource_id",
   azurekv: "azure_kv_url",
-  pgp: "pgp_fingerprint"
+  pgp: "pgp_fingerprint",
+  hsm: "pkcs11_uri"
 };
 var ALL_KEY_FIELDS = Object.values(BACKEND_KEY_FIELDS).filter(
   (v) => v !== void 0
@@ -15187,7 +15614,7 @@ var BackendMigrator = class {
       await this.tx.run(repoRoot, {
         description: environment ? `clef migrate-backend ${target.backend}: ${environment}` : `clef migrate-backend ${target.backend}`,
         paths: [
-          ...toMigrate.map((c) => path22.relative(repoRoot, c.filePath)),
+          ...toMigrate.map((c) => path24.relative(repoRoot, c.filePath)),
           CLEF_MANIFEST_FILENAME
         ],
         mutate: async () => {
@@ -15285,7 +15712,7 @@ var BackendMigrator = class {
 };
 
 // src/reset/manager.ts
-var path23 = __toESM(require("path"));
+var path25 = __toESM(require("path"));
 var ResetManager = class {
   constructor(matrixManager, encryption, schemaValidator, tx) {
     this.matrixManager = matrixManager;
@@ -15310,11 +15737,11 @@ var ResetManager = class {
       txPaths.push(CLEF_MANIFEST_FILENAME);
     }
     for (const cell of targetCells) {
-      txPaths.push(path23.relative(repoRoot, cell.filePath));
+      txPaths.push(path25.relative(repoRoot, cell.filePath));
       const cellKeys = keyPlan.get(cell.namespace) ?? [];
       if (cellKeys.length > 0) {
         txPaths.push(
-          path23.relative(repoRoot, cell.filePath.replace(/\.enc\.(yaml|json)$/, ".clef-meta.yaml"))
+          path25.relative(repoRoot, cell.filePath.replace(/\.enc\.(yaml|json)$/, ".clef-meta.yaml"))
         );
       }
     }
@@ -15402,7 +15829,7 @@ var ResetManager = class {
     for (const namespace of namespaces) {
       const nsDef = manifest.namespaces.find((n) => n.name === namespace);
       if (nsDef?.schema) {
-        const schema = this.schemaValidator.loadSchema(path23.join(repoRoot, nsDef.schema));
+        const schema = this.schemaValidator.loadSchema(path25.join(repoRoot, nsDef.schema));
         plan.set(namespace, Object.keys(schema.keys));
         continue;
       }
@@ -15481,7 +15908,7 @@ function withBackendOverride(manifest, envNames, backend, key) {
 }
 
 // src/sync/manager.ts
-var path24 = __toESM(require("path"));
+var path26 = __toESM(require("path"));
 var SyncManager = class {
   constructor(matrixManager, encryption, tx) {
     this.matrixManager = matrixManager;
@@ -15550,7 +15977,7 @@ var SyncManager = class {
     }
     const txPaths = [];
     for (const cell of syncPlan.cells) {
-      const rel = path24.relative(repoRoot, cell.filePath);
+      const rel = path26.relative(repoRoot, cell.filePath);
       txPaths.push(rel);
       txPaths.push(rel.replace(/\.enc\.(yaml|json)$/, ".clef-meta.yaml"));
     }
@@ -15589,7 +16016,7 @@ var SyncManager = class {
 };
 
 // src/policy/parser.ts
-var fs18 = __toESM(require("fs"));
+var fs20 = __toESM(require("fs"));
 var YAML12 = __toESM(require("yaml"));
 
 // src/policy/types.ts
@@ -15611,7 +16038,7 @@ var PolicyParser = class {
   parse(filePath) {
     let raw;
     try {
-      raw = fs18.readFileSync(filePath, "utf-8");
+      raw = fs20.readFileSync(filePath, "utf-8");
     } catch {
       throw new PolicyValidationError(`Could not read policy file at '${filePath}'.`);
     }
@@ -15639,7 +16066,7 @@ var PolicyParser = class {
    * not exist. Any other read or validation error throws.
    */
   load(filePath) {
-    if (!fs18.existsSync(filePath)) return DEFAULT_POLICY;
+    if (!fs20.existsSync(filePath)) return DEFAULT_POLICY;
     return this.parse(filePath);
   }
   validate(raw) {
@@ -15832,13 +16259,13 @@ var ComplianceGenerator = class {
 };
 
 // src/compliance/run.ts
-var path25 = __toESM(require("path"));
+var path27 = __toESM(require("path"));
 var UNKNOWN = "unknown";
 async function runCompliance(opts) {
   const start = Date.now();
   const repoRoot = opts.repoRoot ?? process.cwd();
-  const manifestPath = opts.manifestPath ?? path25.join(repoRoot, "clef.yaml");
-  const policyPath = opts.policyPath ?? path25.join(repoRoot, CLEF_POLICY_FILENAME);
+  const manifestPath = opts.manifestPath ?? path27.join(repoRoot, "clef.yaml");
+  const policyPath = opts.policyPath ?? path27.join(repoRoot, CLEF_POLICY_FILENAME);
   const include = {
     scan: opts.include?.scan ?? true,
     lint: opts.include?.lint ?? true,
@@ -15884,7 +16311,7 @@ async function evaluateMatrix(args) {
   return Promise.all(
     cells.map(async (cell) => {
       const metadata = await args.sopsClient.getMetadata(cell.filePath);
-      const relPath = path25.relative(args.repoRoot, cell.filePath).replace(/\\/g, "/");
+      const relPath = path27.relative(args.repoRoot, cell.filePath).replace(/\\/g, "/");
       const keys = readSopsKeyNames(cell.filePath) ?? [];
       const rotations = await getRotations(cell.filePath);
       return evaluator.evaluateFile(relPath, cell.environment, metadata, keys, rotations, args.now);
@@ -15963,11 +16390,14 @@ async function detectRepo(runner, repoRoot) {
   GitIntegration,
   GitOperationError,
   ImportRunner,
+  InvalidArtifactError,
+  JsonEnvelopeBackend,
   LintRunner,
   ManifestParser,
   ManifestValidationError,
   MatrixManager,
   MemoryPackOutput,
+  PackBackendRegistry,
   PolicyEvaluator,
   PolicyParser,
   PolicyValidationError,
@@ -15996,6 +16426,7 @@ async function detectRepo(runner, repoRoot) {
   TransactionPreflightError,
   TransactionRollbackError,
   VALID_KMS_PROVIDERS,
+  assertPackedArtifact,
   assertSops,
   buildSigningPayload,
   checkAll,
@@ -16012,8 +16443,10 @@ async function detectRepo(runner, repoRoot) {
   generateSigningKeyPair,
   getPendingKeys,
   getRotations,
+  isClefHsmArn,
   isHighEntropy,
   isKmsEnvelope,
+  isPackedArtifact,
   isPending,
   keyPreview,
   loadIgnoreRules,
@@ -16031,15 +16464,18 @@ async function detectRepo(runner, repoRoot) {
   parseIgnoreContent,
   parseJson,
   parseYaml,
+  pkcs11UriToSyntheticArn,
   readManifestYaml,
   recordRotation,
   redactValue,
   removeAccessRequest,
   removeRotation,
   requestsFilePath,
+  resetKeyserviceResolution,
   resetSopsResolution,
   resolveBackendConfig,
   resolveIdentitySecrets,
+  resolveKeyservicePath,
   resolveRecipientsForEnvironment,
   resolveSopsPath,
   runCompliance,
@@ -16050,8 +16486,12 @@ async function detectRepo(runner, repoRoot) {
   shouldIgnoreMatch,
   signEd25519,
   signKms,
+  spawnKeyservice,
+  syntheticArnToPkcs11Uri,
+  tryBundledKeyservice,
   upsertRequest,
   validateAgePublicKey,
+  validatePackedArtifact,
   validateResetScope,
   verifySignature,
   writeManifestYaml,