@fsg-vault/agent 1.0.2 → 1.0.5

package/dist/proxy-register.js

@@ -1,8 +1,18 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 const proxy_1 = require("./proxy");
-// Using node-addon-api bindings
-const nativeVault = require('bindings')('fsg_vault');
+const path = require('path');
+// Using node-addon-api bindings. 
+// Prebuildify may name the file '@fsg-vault+agent.node' in some environments.
+let nativeVault;
+try {
+    nativeVault = require('bindings')('fsg_vault');
+}
+catch (e) {
+    // Fallback for prebuildify scoped naming
+    const prebuildPath = path.join(__dirname, '..', 'prebuilds', `${process.platform}-${process.arch}`, '@fsg-vault+agent.node');
+    nativeVault = require(prebuildPath);
+}
 // Fetching args passed from CLI
 const masterKey = process.env.FSG_MASTER_KEY;
 const ciphertext = process.env.FSG_CIPHERTEXT;

package/package.json

@@ -1,32 +1,32 @@
-{
-    "name": "@fsg-vault/agent",
-    "version": "1.0.2",
-    "description": "FSG Vault Agent CLI",
-    "main": "dist/cli.js",
-    "bin": {
-        "fsg-vault": "dist/cli.js",
-        "pg-specter": "dist/cli.js"
-    },
-    "files": [
-        "dist",
-        "src/native",
-        "binding.gyp"
-    ],
-    "scripts": {
-        "build": "tsc && node-gyp rebuild",
-        "prepublishOnly": "npm run build",
-        "test": "echo \"Error: no test specified\" && exit 1",
-        "dev": "ts-node src/cli.ts"
-    },
-    "dependencies": {
-        "bindings": "^1.5.0",
-        "commander": "^12.1.0",
-        "node-addon-api": "^8.0.0"
-    },
-    "devDependencies": {
-        "@types/node": "^20.12.12",
-        "node-gyp": "^10.1.0",
-        "ts-node": "^10.9.2",
-        "typescript": "^5.4.5"
-    }
+{
+    "name": "@fsg-vault/agent",
+    "version": "1.0.5",
+    "description": "FSG Vault Agent CLI",
+    "main": "dist/cli.js",
+    "bin": {
+        "fsg-vault": "./dist/cli.js",
+        "pg-specter": "./dist/cli.js"
+    },
+    "files": [
+        "dist",
+        "prebuilds"
+    ],
+    "scripts": {
+        "build": "tsc && prebuildify --napi --strip",
+        "prebuild": "prebuildify --napi --strip",
+        "prepublishOnly": "npm run build",
+        "dev": "ts-node src/cli.ts"
+    },
+    "dependencies": {
+        "bindings": "^1.5.0",
+        "commander": "^12.1.0",
+        "node-addon-api": "^8.0.0"
+    },
+    "devDependencies": {
+        "@types/node": "^20.12.12",
+        "node-gyp": "^10.1.0",
+        "prebuildify": "^6.0.1",
+        "ts-node": "^10.9.2",
+        "typescript": "^5.4.5"
+    }
 }

package/binding.gyp

@@ -1,14 +0,0 @@
-{
-  "targets": [
-    {
-      "target_name": "fsg_vault",
-      "cflags!": [ "-fno-exceptions" ],
-      "cflags_cc!": [ "-fno-exceptions" ],
-      "sources": [ "src/native/vault.cc" ],
-      "include_dirs": [
-        "<!@(node -p \"require('node-addon-api').include\")"
-      ],
-      "defines": [ "NAPI_DISABLE_CPP_EXCEPTIONS" ]
-    }
-  ]
-}

package/src/native/vault.cc

@@ -1,74 +0,0 @@
-#include <napi.h>
-#include <string>
-#include <unordered_map>
-
-// OS-specific mlock handling
-#ifdef _WIN32
-#include <windows.h>
-#define MLOCK(addr, len) VirtualLock((LPVOID)(addr), (SIZE_T)(len))
-#define MUNLOCK(addr, len) VirtualUnlock((LPVOID)(addr), (SIZE_T)(len))
-#else
-#include <sys/mman.h>
-#define MLOCK(addr, len) mlock((const void*)(addr), (size_t)(len))
-#define MUNLOCK(addr, len) munlock((const void*)(addr), (size_t)(len))
-#endif
-
-// In-memory secure vault
-std::unordered_map<std::string, std::string> secureEnv;
-
-// Store and lock the memory
-Napi::Value StoreSecret(const Napi::CallbackInfo& info) {
-    Napi::Env env = info.Env();
-    if (info.Length() < 2 || !info[0].IsString() || !info[1].IsString()) {
-        Napi::TypeError::New(env, "String expected").ThrowAsJavaScriptException();
-        return env.Null();
-    }
-
-    std::string key = info[0].As<Napi::String>().Utf8Value();
-    std::string value = info[1].As<Napi::String>().Utf8Value();
-
-    // Lock memory of the stored value
-    secureEnv[key] = value;
-    
-    // Attempt mlock on the string's internal buffer (Platform-dependent success rate)
-    // For a true implementation, custom allocators or pre-allocated pages would be better
-    int lockResult = MLOCK(secureEnv[key].data(), secureEnv[key].capacity());
-
-    return Napi::Boolean::New(env, lockResult == 0 || lockResult != 0); // Boolean representing storage success
-}
-
-// Retrieve and unlock
-Napi::Value GetAndZero(const Napi::CallbackInfo& info) {
-    Napi::Env env = info.Env();
-    if (info.Length() < 1 || !info[0].IsString()) {
-        Napi::TypeError::New(env, "String expected").ThrowAsJavaScriptException();
-        return env.Null();
-    }
-
-    std::string key = info[0].As<Napi::String>().Utf8Value();
-
-    if (secureEnv.find(key) != secureEnv.end()) {
-        std::string secret = secureEnv[key];
-        
-        // Return string to JS (Note: V8 will manage this new string's memory, which is a known JS limitation)
-        // In a true implementation, we would hook spawn() instead of passing to JS
-        return Napi::String::New(env, secret);
-    }
-
-    return env.Null();
-}
-
-Napi::Value HasKey(const Napi::CallbackInfo& info) {
-    Napi::Env env = info.Env();
-    std::string key = info[0].As<Napi::String>().Utf8Value();
-    return Napi::Boolean::New(env, secureEnv.find(key) != secureEnv.end());
-}
-
-Napi::Object Init(Napi::Env env, Napi::Object exports) {
-    exports.Set(Napi::String::New(env, "storeSecret"), Napi::Function::New(env, StoreSecret));
-    exports.Set(Napi::String::New(env, "getAndZero"), Napi::Function::New(env, GetAndZero));
-    exports.Set(Napi::String::New(env, "hasKey"), Napi::Function::New(env, HasKey));
-    return exports;
-}
-
-NODE_API_MODULE(fsg_vault, Init)