npm - @etree/cli - Versions diffs - 2.0.1 → 2.0.3 - Mend

@etree/cli 2.0.1 → 2.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (20) hide show

package/dist/lib/crypto.d.ts +0 -15
package/dist/lib/crypto.js +28 -152
package/dist/lib/crypto.js.map +1 -1
package/package.json +8 -3
package/eslint.config.mjs +0 -4
package/src/commands/auth.ts +0 -258
package/src/commands/config.ts +0 -47
package/src/commands/init.ts +0 -187
package/src/commands/member.ts +0 -146
package/src/commands/secret.ts +0 -381
package/src/commands/shortcuts.ts +0 -25
package/src/commands/wallet.ts +0 -97
package/src/index.ts +0 -50
package/src/lib/api.ts +0 -57
package/src/lib/config.ts +0 -70
package/src/lib/crypto.ts +0 -173
package/src/lib/env-manager.ts +0 -60
package/src/lib/key-store.ts +0 -51
package/src/test-e2e.ts +0 -106
package/tsconfig.json +0 -18

package/src/commands/init.ts DELETED Viewed

@@ -1,187 +0,0 @@
-import { Command } from "commander";
-import inquirer from "inquirer";
-import chalk from "chalk";
-import ora from "ora";
-import { apiRequest } from "../lib/api";
-import { saveSession } from "../lib/config";
-import { generateKeys, derivePublicKey, shutdown } from "../lib/crypto";
-import { savePrivateKey, hasPrivateKey, getPrivateKey } from "../lib/key-store";
-export function registerInitCommand(program: Command): void {
-  program
-    .command("init")
-    .description("First-time setup — create an account or log in")
-    .action(async () => {
-      console.log(chalk.bold("\n🌲 Welcome to EnvTree!\n"));
-      const { action } = await inquirer.prompt([
-        {
-          type: "list",
-          name: "action",
-          message: "What would you like to do?",
-          choices: [
-            { name: "Create a new account", value: "signup" },
-            { name: "Log in to existing account", value: "login" },
-          ],
-        },
-      ]);
-      if (action === "signup") {
-        const answers = await inquirer.prompt([
-          { type: "input", name: "email", message: "Email:" },
-          { type: "input", name: "username", message: "Username:" },
-          {
-            type: "password",
-            name: "password",
-            message: "Password:",
-            mask: "*",
-          },
-          {
-            type: "password",
-            name: "confirmPassword",
-            message: "Confirm Password:",
-            mask: "*",
-          },
-        ]);
-        if (answers.password !== answers.confirmPassword) {
-          console.log(chalk.red("\n  Passwords do not match"));
-          return;
-        }
-        const spinner = ora("Creating account...").start();
-        try {
-          const result = await apiRequest(
-            "POST",
-            "/auth/signup",
-            {
-              email: answers.email,
-              password: answers.password,
-              username: answers.username,
-            },
-            false,
-          );
-          if (!result.session) {
-            spinner.succeed(
-              "Account created! Check your email, then run: et login",
-            );
-            return;
-          }
-          saveSession({
-            access_token: result.session.access_token,
-            refresh_token: result.session.refresh_token,
-            user_id: result.user.id,
-            email: answers.email,
-            username: answers.username,
-          });
-          spinner.text = "Generating encryption keys...";
-          const keys = await generateKeys();
-          savePrivateKey(keys.private_key);
-          await apiRequest("PUT", "/profile/public-key", {
-            public_key: keys.public_key,
-          });
-          spinner.succeed(chalk.green("All set! You're ready to go."));
-          console.log(
-            chalk.dim(`   User: ${answers.username} (${answers.email})`),
-          );
-          console.log("");
-          console.log(chalk.bold("  Next steps:"));
-          console.log(
-            chalk.cyan("    et wallet create my-project   ") +
-              chalk.dim("Create a wallet"),
-          );
-          console.log(
-            chalk.cyan('    et push my-project API_KEY "sk-..."  ') +
-              chalk.dim("Store a secret"),
-          );
-          console.log(
-            chalk.cyan("    et pull my-project            ") +
-              chalk.dim("Sync to .env"),
-          );
-          console.log("");
-        } catch (err: any) {
-          spinner.fail(chalk.red(`Signup failed: ${err.message}`));
-        } finally {
-          shutdown();
-        }
-      } else {
-        // Login flow
-        const answers = await inquirer.prompt([
-          { type: "input", name: "email", message: "Email:" },
-          {
-            type: "password",
-            name: "password",
-            message: "Password:",
-            mask: "*",
-          },
-        ]);
-        const spinner = ora("Logging in...").start();
-        try {
-          const result = await apiRequest(
-            "POST",
-            "/auth/login",
-            {
-              email: answers.email,
-              password: answers.password,
-            },
-            false,
-          );
-          saveSession({
-            access_token: result.session.access_token,
-            refresh_token: result.session.refresh_token,
-            user_id: result.user.id,
-            email: result.user.email,
-            username: answers.email,
-          });
-          const profileResult = await apiRequest(
-            "GET",
-            "/profile/me",
-            undefined,
-            true,
-          );
-          if (profileResult.profile?.username) {
-            saveSession({
-              access_token: result.session.access_token,
-              refresh_token: result.session.refresh_token,
-              user_id: result.user.id,
-              email: result.user.email,
-              username: profileResult.profile.username,
-            });
-          }
-          // Always sync public key with server
-          if (hasPrivateKey()) {
-            spinner.text = "Syncing encryption keys...";
-            const pk = getPrivateKey()!;
-            const publicKey = await derivePublicKey(pk);
-            await apiRequest("PUT", "/profile/public-key", {
-              public_key: publicKey,
-            });
-          } else {
-            spinner.text = "Generating encryption keys...";
-            const keys = await generateKeys();
-            savePrivateKey(keys.private_key);
-            await apiRequest("PUT", "/profile/public-key", {
-              public_key: keys.public_key,
-            });
-          }
-          spinner.succeed(chalk.green("Logged in! You're ready to go."));
-          console.log(chalk.dim(`   User: ${result.user.email}`));
-          console.log("");
-        } catch (err: any) {
-          spinner.fail(chalk.red(`Login failed: ${err.message}`));
-        } finally {
-          shutdown();
-        }
-      }
-    });
-}

package/src/commands/member.ts DELETED Viewed

@@ -1,146 +0,0 @@
-import { Command } from "commander";
-import chalk from "chalk";
-import ora from "ora";
-import { api } from "../lib/api";
-/**
- * Helper: find a wallet ID by name from the user's wallets.
- */
-async function findWalletId(name: string): Promise<string | null> {
-  const result = await api.get("/wallets");
-  const owned = result.owned.find((w: any) => w.name === name);
-  if (owned) return owned.id;
-  const shared = result.shared.find((w: any) => w.name === name);
-  if (shared) return shared.id;
-  return null;
-}
-export function registerMemberCommands(program: Command): void {
-  const member = program.command("member").description("Manage wallet members");
-  // ── member add ──
-  member
-    .command("add <wallet> <username>")
-    .description("Add a member to a wallet")
-    .option("-r, --role <role>", "Role: admin, read, write", "read")
-    .action(
-      async (walletName: string, username: string, opts: { role: string }) => {
-        const spinner = ora("Adding member...").start();
-        try {
-          const walletId = await findWalletId(walletName);
-          if (!walletId) {
-            spinner.fail(chalk.red(`Wallet "${walletName}" not found`));
-            return;
-          }
-          const result = await api.post(`/wallets/${walletId}/members`, {
-            username,
-            role: opts.role,
-          });
-          spinner.succeed(
-            chalk.green(
-              `Added "${username}" as ${opts.role} to "${walletName}"`,
-            ),
-          );
-          if (result.public_key) {
-            console.log(
-              chalk.dim(
-                `   Their public key: ${result.public_key.substring(0, 20)}...`,
-              ),
-            );
-            console.log(
-              chalk.yellow(
-                "   ⚠ Remember to re-encrypt secrets for this user:",
-              ),
-            );
-            console.log(
-              chalk.yellow(`     envtree secret share ${walletName}`),
-            );
-          }
-        } catch (err: any) {
-          spinner.fail(chalk.red(`Failed: ${err.message}`));
-        }
-      },
-    );
-  // ── member list ──
-  member
-    .command("list <wallet>")
-    .alias("ls")
-    .description("List members of a wallet")
-    .action(async (walletName: string) => {
-      const spinner = ora("Fetching members...").start();
-      try {
-        const walletId = await findWalletId(walletName);
-        if (!walletId) {
-          spinner.fail(chalk.red(`Wallet "${walletName}" not found`));
-          return;
-        }
-        const result = await api.get(`/wallets/${walletId}/members`);
-        spinner.stop();
-        console.log(chalk.bold(`\nMembers of "${walletName}"`));
-        // Owner
-        if (result.owner) {
-          console.log(
-            `   ${chalk.cyan(result.owner.username)} ${chalk.dim(`(${result.owner.email})`)} ${chalk.green("[owner]")}`,
-          );
-        }
-        // Members
-        if (result.members && result.members.length > 0) {
-          for (const m of result.members) {
-            const roleColor =
-              m.role === "admin"
-                ? chalk.magenta
-                : m.role === "write"
-                  ? chalk.blue
-                  : chalk.dim;
-            console.log(
-              `   ${chalk.cyan(m.user.username)} ${chalk.dim(`(${m.user.email})`)} ${roleColor(`[${m.role}]`)}`,
-            );
-          }
-        } else {
-          console.log(chalk.dim("   No additional members"));
-        }
-        console.log("");
-      } catch (err: any) {
-        spinner.fail(chalk.red(`Failed: ${err.message}`));
-      }
-    });
-  // ── member remove ──
-  member
-    .command("remove <wallet> <username>")
-    .description("Remove a member from a wallet")
-    .action(async (walletName: string, username: string) => {
-      const spinner = ora("Removing member...").start();
-      try {
-        const walletId = await findWalletId(walletName);
-        if (!walletId) {
-          spinner.fail(chalk.red(`Wallet "${walletName}" not found`));
-          return;
-        }
-        // Look up user ID by username
-        const profileResult = await api.get(`/profile/${username}`);
-        if (!profileResult.profile) {
-          spinner.fail(chalk.red(`User "${username}" not found`));
-          return;
-        }
-        await api.delete(
-          `/wallets/${walletId}/members/${profileResult.profile.id}`,
-        );
-        spinner.succeed(
-          chalk.green(`Removed "${username}" from "${walletName}"`),
-        );
-      } catch (err: any) {
-        spinner.fail(chalk.red(`Failed: ${err.message}`));
-      }
-    });
-}

package/src/commands/secret.ts DELETED Viewed

@@ -1,381 +0,0 @@
-import { Command } from "commander";
-import chalk from "chalk";
-import ora from "ora";
-import { api } from "../lib/api";
-import { encrypt, decrypt, shutdown } from "../lib/crypto";
-import { requirePrivateKey } from "../lib/key-store";
-import { updateEnvFile, ensureGitIgnore } from "../lib/env-manager";
-/**
- * Helper: find a wallet ID by name.
- */
-async function findWalletId(name: string): Promise<string | null> {
-  const result = await api.get("/wallets");
-  const owned = result.owned.find((w: any) => w.name === name);
-  if (owned) return owned.id;
-  const shared = result.shared.find((w: any) => w.name === name);
-  if (shared) return shared.id;
-  return null;
-}
-/**
- * Get all public keys of wallet members (owner + members).
- */
-async function getWalletPublicKeys(walletId: string): Promise<string[]> {
-  const result = await api.get(`/wallets/${walletId}/members`);
-  const keys: string[] = [];
-  if (result.owner?.public_key) {
-    keys.push(result.owner.public_key);
-  }
-  if (result.members) {
-    for (const m of result.members) {
-      if (m.user?.public_key) {
-        keys.push(m.user.public_key);
-      }
-    }
-  }
-  return keys;
-}
-/**
- * Shared logic for pushing a secret (used by `secret set` and top-level `push`).
- */
-export async function pushSecret(
-  walletName: string,
-  keyName: string,
-  value: string,
-): Promise<void> {
-  const spinner = ora("Encrypting and saving secret...").start();
-  try {
-    const walletId = await findWalletId(walletName);
-    if (!walletId) {
-      spinner.fail(chalk.red(`Wallet "${walletName}" not found`));
-      return;
-    }
-    spinner.text = "Fetching member public keys...";
-    const publicKeys = await getWalletPublicKeys(walletId);
-    if (publicKeys.length === 0) {
-      spinner.fail(chalk.red("No members with public keys found"));
-      return;
-    }
-    spinner.text = `Encrypting for ${publicKeys.length} member(s)...`;
-    const secrets = [];
-    for (const pk of publicKeys) {
-      const ciphertext = await encrypt(value, pk);
-      secrets.push({
-        key_name: keyName,
-        encrypted_value: ciphertext,
-        encrypted_for: pk,
-      });
-    }
-    spinner.text = "Uploading encrypted secrets...";
-    await api.post(`/wallets/${walletId}/secrets`, { secrets });
-    spinner.succeed(
-      chalk.green(
-        `Secret "${keyName}" saved (encrypted for ${publicKeys.length} member(s))`,
-      ),
-    );
-  } catch (err: any) {
-    spinner.fail(chalk.red(`Failed: ${err.message}`));
-  } finally {
-    shutdown();
-  }
-}
-/**
- * Shared logic for pulling secrets (used by `secret pull` and top-level `pull`).
- */
-export async function pullSecrets(
-  walletName: string,
-  opts: { output?: string; sync?: boolean },
-): Promise<void> {
-  const privateKey = requirePrivateKey();
-  const spinner = ora("Pulling secrets...").start();
-  try {
-    const walletId = await findWalletId(walletName);
-    if (!walletId) {
-      spinner.fail(chalk.red(`Wallet "${walletName}" not found`));
-      return;
-    }
-    const result = await api.get(`/wallets/${walletId}/secrets`);
-    if (result.secrets.length === 0) {
-      spinner.warn(chalk.yellow(`No secrets found in wallet "${walletName}"`));
-      return;
-    }
-    spinner.text = `Decrypting ${result.secrets.length} secret(s)...`;
-    const lines: string[] = [];
-    lines.push(`# EnvTree — ${walletName}`);
-    lines.push(`# Generated at ${new Date().toISOString()}`);
-    lines.push("");
-    const decrypted: { key: string; value: string }[] = [];
-    for (const secret of result.secrets) {
-      try {
-        const plaintext = await decrypt(secret.encrypted_value, privateKey);
-        lines.push(`${secret.key_name}=${plaintext}`);
-        decrypted.push({ key: secret.key_name, value: plaintext });
-      } catch {
-        lines.push(`# FAILED TO DECRYPT: ${secret.key_name}`);
-      }
-    }
-    const outputStr = lines.join("\n") + "\n";
-    if (opts.sync) {
-      // Sync directly into the local .env
-      spinner.text = "Syncing secrets to .env...";
-      for (const { key, value } of decrypted) {
-        updateEnvFile(key, value);
-      }
-      ensureGitIgnore(".env");
-      spinner.succeed(
-        chalk.green(
-          `${decrypted.length} secret(s) synced to .env`,
-        ),
-      );
-    } else if (opts.output) {
-      const fs = require("fs");
-      fs.writeFileSync(opts.output, outputStr);
-      spinner.succeed(
-        chalk.green(
-          `${result.secrets.length} secret(s) written to ${opts.output}`,
-        ),
-      );
-    } else {
-      spinner.stop();
-      console.log(outputStr);
-    }
-  } catch (err: any) {
-    spinner.fail(chalk.red(`Failed: ${err.message}`));
-  } finally {
-    shutdown();
-  }
-}
-export function registerSecretCommands(program: Command): void {
-  const secret = program
-    .command("secret")
-    .description("Manage encrypted secrets");
-  // ── secret set ──
-  secret
-    .command("set <wallet> <key> <value>")
-    .description("Encrypt & store a secret for all wallet members")
-    .action(pushSecret);
-  // ── secret update ──
-  secret
-    .command("update <wallet> <key> <value>")
-    .description("Update an existing secret's value (re-encrypts for all members)")
-    .action(pushSecret);
-  // ── secret get ──
-  secret
-    .command("get <wallet> <key>")
-    .description("Decrypt and display a specific secret")
-    .option("-s, --save", "Save the value to your local .env file")
-    .action(
-      async (
-        walletName: string,
-        keyName: string,
-        opts: { save?: boolean },
-      ) => {
-        const privateKey = requirePrivateKey();
-        const spinner = ora("Fetching and decrypting...").start();
-        try {
-          const walletId = await findWalletId(walletName);
-          if (!walletId) {
-            spinner.fail(chalk.red(`Wallet "${walletName}" not found`));
-            return;
-          }
-          const result = await api.get(`/wallets/${walletId}/secrets`);
-          const secret = result.secrets.find(
-            (s: any) => s.key_name === keyName,
-          );
-          if (!secret) {
-            spinner.fail(
-              chalk.red(
-                `Secret "${keyName}" not found in wallet "${walletName}"`,
-              ),
-            );
-            return;
-          }
-          spinner.text = "Decrypting...";
-          const plaintext = await decrypt(
-            secret.encrypted_value,
-            privateKey,
-          );
-          if (opts.save) {
-            spinner.text = "Saving to .env...";
-            updateEnvFile(keyName, plaintext);
-            ensureGitIgnore(".env");
-            spinner.succeed(
-              chalk.green(`Secret "${keyName}" saved to .env`),
-            );
-          } else {
-            spinner.stop();
-            console.log(`${chalk.cyan(keyName)}=${plaintext}`);
-          }
-        } catch (err: any) {
-          spinner.fail(chalk.red(`Failed: ${err.message}`));
-        } finally {
-          shutdown();
-        }
-      },
-    );
-  // ── secret list ──
-  secret
-    .command("list <wallet>")
-    .alias("ls")
-    .description("List all secret keys in a wallet")
-    .action(async (walletName: string) => {
-      const spinner = ora("Fetching secrets...").start();
-      try {
-        const walletId = await findWalletId(walletName);
-        if (!walletId) {
-          spinner.fail(chalk.red(`Wallet "${walletName}" not found`));
-          return;
-        }
-        const result = await api.get(`/wallets/${walletId}/secrets/all`);
-        spinner.stop();
-        if (result.keys.length === 0) {
-          console.log(chalk.yellow(`No secrets in wallet "${walletName}"`));
-          return;
-        }
-        console.log(chalk.bold(`\nSecrets in "${walletName}"`));
-        for (const key of result.keys) {
-          console.log(`   ${chalk.cyan(key)}`);
-        }
-        console.log(chalk.dim(`\n   ${result.keys.length} secret(s) total\n`));
-      } catch (err: any) {
-        spinner.fail(chalk.red(`Failed: ${err.message}`));
-      }
-    });
-  // ── secret pull ──
-  secret
-    .command("pull <wallet>")
-    .description("Pull and decrypt all secrets")
-    .option("-o, --output <file>", "Write to a file instead of stdout")
-    .option("--sync", "Sync all secrets directly to your local .env")
-    .action(
-      async (
-        walletName: string,
-        opts: { output?: string; sync?: boolean },
-      ) => {
-        await pullSecrets(walletName, opts);
-      },
-    );
-  // ── secret delete ──
-  secret
-    .command("delete <wallet> <key>")
-    .alias("rm")
-    .description("Delete a secret from a wallet")
-    .action(async (walletName: string, keyName: string) => {
-      const spinner = ora("Deleting secret...").start();
-      try {
-        const walletId = await findWalletId(walletName);
-        if (!walletId) {
-          spinner.fail(chalk.red(`Wallet "${walletName}" not found`));
-          return;
-        }
-        const result = await api.get(`/wallets/${walletId}/secrets`);
-        const secret = result.secrets.find(
-          (s: any) => s.key_name === keyName,
-        );
-        if (!secret) {
-          spinner.fail(chalk.red(`Secret "${keyName}" not found`));
-          return;
-        }
-        await api.delete(`/wallets/${walletId}/secrets/${secret.id}`);
-        spinner.succeed(
-          chalk.green(`Secret "${keyName}" deleted from "${walletName}"`),
-        );
-      } catch (err: any) {
-        spinner.fail(chalk.red(`Failed: ${err.message}`));
-      }
-    });
-  // ── secret share ──
-  secret
-    .command("share <wallet>")
-    .description("Re-encrypt all secrets for all current wallet members")
-    .action(async (walletName: string) => {
-      const privateKey = requirePrivateKey();
-      const spinner = ora(
-        "Re-encrypting secrets for all members...",
-      ).start();
-      try {
-        const walletId = await findWalletId(walletName);
-        if (!walletId) {
-          spinner.fail(chalk.red(`Wallet "${walletName}" not found`));
-          return;
-        }
-        const mySecrets = await api.get(`/wallets/${walletId}/secrets`);
-        if (mySecrets.secrets.length === 0) {
-          spinner.warn(chalk.yellow("No secrets to share"));
-          return;
-        }
-        const publicKeys = await getWalletPublicKeys(walletId);
-        spinner.text = `Re-encrypting ${mySecrets.secrets.length} secret(s) for ${publicKeys.length} member(s)...`;
-        const allSecrets = [];
-        for (const secret of mySecrets.secrets) {
-          const plaintext = await decrypt(
-            secret.encrypted_value,
-            privateKey,
-          );
-          for (const pk of publicKeys) {
-            const ciphertext = await encrypt(plaintext, pk);
-            allSecrets.push({
-              key_name: secret.key_name,
-              encrypted_value: ciphertext,
-              encrypted_for: pk,
-            });
-          }
-        }
-        await api.post(`/wallets/${walletId}/secrets`, {
-          secrets: allSecrets,
-        });
-        spinner.succeed(
-          chalk.green(
-            `${mySecrets.secrets.length} secret(s) re-encrypted for ${publicKeys.length} member(s)`,
-          ),
-        );
-      } catch (err: any) {
-        spinner.fail(chalk.red(`Failed: ${err.message}`));
-      } finally {
-        shutdown();
-      }
-    });
-}