@getaegis/cli 0.8.1 → 0.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +38 -14
- package/dist/agent/agent.d.ts +1 -1
- package/dist/agent/agent.d.ts.map +1 -1
- package/dist/cli/commands/config.d.ts.map +1 -1
- package/dist/cli/commands/config.js +1 -1
- package/dist/cli/commands/config.js.map +1 -1
- package/dist/cli/commands/dashboard.d.ts.map +1 -1
- package/dist/cli/commands/dashboard.js +8 -2
- package/dist/cli/commands/dashboard.js.map +1 -1
- package/dist/cli/commands/db.d.ts +6 -0
- package/dist/cli/commands/db.d.ts.map +1 -0
- package/dist/cli/commands/db.js +139 -0
- package/dist/cli/commands/db.js.map +1 -0
- package/dist/cli/commands/gate.d.ts.map +1 -1
- package/dist/cli/commands/gate.js +8 -2
- package/dist/cli/commands/gate.js.map +1 -1
- package/dist/cli/commands/init.d.ts.map +1 -1
- package/dist/cli/commands/init.js +90 -24
- package/dist/cli/commands/init.js.map +1 -1
- package/dist/cli/commands/key.d.ts +6 -0
- package/dist/cli/commands/key.d.ts.map +1 -0
- package/dist/cli/commands/key.js +49 -0
- package/dist/cli/commands/key.js.map +1 -0
- package/dist/cli/commands/vault-manager.js +1 -1
- package/dist/cli/commands/vault-manager.js.map +1 -1
- package/dist/cli/commands/vault.d.ts.map +1 -1
- package/dist/cli/commands/vault.js +27 -3
- package/dist/cli/commands/vault.js.map +1 -1
- package/dist/cli/index.d.ts +2 -0
- package/dist/cli/index.d.ts.map +1 -1
- package/dist/cli/index.js +2 -0
- package/dist/cli/index.js.map +1 -1
- package/dist/cli.js +9 -2
- package/dist/cli.js.map +1 -1
- package/dist/config.d.ts +12 -0
- package/dist/config.d.ts.map +1 -1
- package/dist/config.js +54 -8
- package/dist/config.js.map +1 -1
- package/dist/dashboard/public/assets/{index-DkHiw9_f.js → index-Cah0_BKk.js} +1 -1
- package/dist/dashboard/public/index.html +1 -1
- package/dist/db.d.ts +13 -1
- package/dist/db.d.ts.map +1 -1
- package/dist/db.js +68 -49
- package/dist/db.js.map +1 -1
- package/dist/doctor.d.ts +1 -1
- package/dist/doctor.d.ts.map +1 -1
- package/dist/doctor.js +20 -0
- package/dist/doctor.js.map +1 -1
- package/dist/gate/gate.d.ts +24 -2
- package/dist/gate/gate.d.ts.map +1 -1
- package/dist/gate/gate.js +289 -62
- package/dist/gate/gate.js.map +1 -1
- package/dist/index.d.ts +2 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +1 -0
- package/dist/index.js.map +1 -1
- package/dist/key-storage/credential-manager-windows.d.ts +19 -0
- package/dist/key-storage/credential-manager-windows.d.ts.map +1 -0
- package/dist/key-storage/credential-manager-windows.js +87 -0
- package/dist/key-storage/credential-manager-windows.js.map +1 -0
- package/dist/key-storage/file-fallback.d.ts +21 -0
- package/dist/key-storage/file-fallback.d.ts.map +1 -0
- package/dist/key-storage/file-fallback.js +62 -0
- package/dist/key-storage/file-fallback.js.map +1 -0
- package/dist/key-storage/index.d.ts +6 -0
- package/dist/key-storage/index.d.ts.map +1 -0
- package/dist/key-storage/index.js +6 -0
- package/dist/key-storage/index.js.map +1 -0
- package/dist/key-storage/key-storage.d.ts +41 -0
- package/dist/key-storage/key-storage.d.ts.map +1 -0
- package/dist/key-storage/key-storage.js +70 -0
- package/dist/key-storage/key-storage.js.map +1 -0
- package/dist/key-storage/keychain-macos.d.ts +19 -0
- package/dist/key-storage/keychain-macos.d.ts.map +1 -0
- package/dist/key-storage/keychain-macos.js +51 -0
- package/dist/key-storage/keychain-macos.js.map +1 -0
- package/dist/key-storage/secret-service-linux.d.ts +19 -0
- package/dist/key-storage/secret-service-linux.d.ts.map +1 -0
- package/dist/key-storage/secret-service-linux.js +55 -0
- package/dist/key-storage/secret-service-linux.js.map +1 -0
- package/dist/ledger/ledger.d.ts +1 -1
- package/dist/ledger/ledger.d.ts.map +1 -1
- package/dist/metrics/metrics.d.ts +1 -1
- package/dist/metrics/metrics.d.ts.map +1 -1
- package/dist/metrics/metrics.js.map +1 -1
- package/dist/user/user.d.ts +1 -1
- package/dist/user/user.d.ts.map +1 -1
- package/dist/vault/crypto.js +1 -1
- package/dist/vault/vault-manager.d.ts +3 -3
- package/dist/vault/vault-manager.d.ts.map +1 -1
- package/dist/vault/vault-manager.js +14 -4
- package/dist/vault/vault-manager.js.map +1 -1
- package/dist/vault/vault.d.ts +1 -1
- package/dist/vault/vault.d.ts.map +1 -1
- package/dist/webhook/webhook.d.ts +1 -1
- package/dist/webhook/webhook.d.ts.map +1 -1
- package/package.json +6 -4
package/README.md
CHANGED
|
@@ -46,17 +46,30 @@ Aegis solves all four. Your agent makes HTTP calls through a local proxy. Aegis
|
|
|
46
46
|
npm install -g @getaegis/cli
|
|
47
47
|
|
|
48
48
|
# Initialize — generates master key, config file, and encrypted vault
|
|
49
|
+
aegis init
|
|
50
|
+
```
|
|
51
|
+
|
|
52
|
+
By default, `aegis init` stores the master key in your OS keychain (macOS Keychain, Windows Credential Manager, or Linux Secret Service). If no keychain is available, it falls back to a file at `.aegis/.master-key` (mode 0600).
|
|
53
|
+
|
|
54
|
+
Alternative storage modes:
|
|
55
|
+
|
|
56
|
+
```bash
|
|
57
|
+
# Store in .env file (for CI/headless environments)
|
|
58
|
+
aegis init --env-file
|
|
59
|
+
|
|
60
|
+
# Store in aegis.config.yaml (convenient for local dev, not recommended for production)
|
|
49
61
|
aegis init --write-secrets
|
|
62
|
+
|
|
63
|
+
# Check where your master key is stored
|
|
64
|
+
aegis key where
|
|
50
65
|
```
|
|
51
66
|
|
|
52
|
-
|
|
67
|
+
If you use `--env-file` or need to set the key manually:
|
|
53
68
|
|
|
54
69
|
```bash
|
|
55
70
|
export AEGIS_MASTER_KEY=<key from init>
|
|
56
71
|
```
|
|
57
72
|
|
|
58
|
-
With `--write-secrets`, the key is saved to `aegis.config.yaml` automatically (convenient for local dev, not recommended for production).
|
|
59
|
-
|
|
60
73
|
```bash
|
|
61
74
|
# Add a credential
|
|
62
75
|
aegis vault add \
|
|
@@ -95,6 +108,7 @@ curl http://localhost:3100/slack/api/auth.test \
|
|
|
95
108
|
| **RBAC** | Admin, operator, viewer roles with 16 granular permissions |
|
|
96
109
|
| **Multi-Vault** | Separate vaults for dev/staging/prod with isolated encryption keys |
|
|
97
110
|
| **Shamir's Secret Sharing** | M-of-N key splitting for team master key management |
|
|
111
|
+
| **Cross-Platform Key Storage** | OS keychain by default (macOS Keychain, Windows Credential Manager, Linux Secret Service) with file fallback |
|
|
98
112
|
| **TLS Support** | Optional HTTPS on Gate with cert/key configuration |
|
|
99
113
|
| **Configuration File** | `aegis.config.yaml` with env var overrides and CLI flag overrides |
|
|
100
114
|
|
|
@@ -121,7 +135,7 @@ The MCP server replicates the full Gate security pipeline: domain guard, agent a
|
|
|
121
135
|
|
|
122
136
|
## Agent Identity & Scoping
|
|
123
137
|
|
|
124
|
-
|
|
138
|
+
Agent authentication is **on by default**. Every request through Gate must include a valid `X-Aegis-Agent` header. Requests without a token get a helpful 401 error with instructions to create an agent.
|
|
125
139
|
|
|
126
140
|
```bash
|
|
127
141
|
# Register an agent — token is printed once, save it
|
|
@@ -133,13 +147,16 @@ aegis agent grant --agent "research-bot" --credential "slack-bot"
|
|
|
133
147
|
# Set per-agent rate limits
|
|
134
148
|
aegis agent set-rate-limit --agent "research-bot" --limit 50/min
|
|
135
149
|
|
|
136
|
-
# Start Gate
|
|
137
|
-
aegis gate
|
|
150
|
+
# Start Gate (agent auth is on by default)
|
|
151
|
+
aegis gate
|
|
138
152
|
|
|
139
153
|
# Agent must include its token in every request
|
|
140
154
|
curl http://localhost:3100/slack/api/auth.test \
|
|
141
155
|
-H "X-Target-Host: api.slack.com" \
|
|
142
156
|
-H "X-Aegis-Agent: aegis_a1b2c3d4..."
|
|
157
|
+
|
|
158
|
+
# To disable agent auth (not recommended):
|
|
159
|
+
aegis gate --no-agent-auth
|
|
143
160
|
```
|
|
144
161
|
|
|
145
162
|
Tokens are SHA-256 hashed for storage — they cannot be recovered, only regenerated:
|
|
@@ -209,7 +226,8 @@ aegis vault add \
|
|
|
209
226
|
| `--ttl <days>` | *(none)* | Credential expires after this many days |
|
|
210
227
|
| `--rate-limit` | *(none)* | Rate limit: `100/min`, `1000/hour`, `10/sec` |
|
|
211
228
|
| `--body-inspection` | `block` | Scan outbound bodies for credential patterns: `off`, `warn`, `block` |
|
|
212
|
-
| `--header-name` | — | Custom header name (
|
|
229
|
+
| `--header-name` | — | Custom header name (for `--auth-type header`) |
|
|
230
|
+
| `--query-param` | `key` | Query parameter name (for `--auth-type query`) |
|
|
213
231
|
|
|
214
232
|
Update any field later:
|
|
215
233
|
|
|
@@ -226,7 +244,7 @@ Aegis supports four credential injection methods:
|
|
|
226
244
|
| `bearer` | `--auth-type bearer` (default) | `Authorization: Bearer <secret>` |
|
|
227
245
|
| `header` | `--auth-type header --header-name X-API-Key` | `X-API-Key: <secret>` |
|
|
228
246
|
| `basic` | `--auth-type basic` | `Authorization: Basic <base64(secret)>` |
|
|
229
|
-
| `query` | `--auth-type query` | Appends `?
|
|
247
|
+
| `query` | `--auth-type query --query-param api_key` | Appends `?api_key=<secret>` to the URL |
|
|
230
248
|
|
|
231
249
|
## Configuration
|
|
232
250
|
|
|
@@ -468,13 +486,15 @@ Runs diagnostics on your Aegis installation:
|
|
|
468
486
|
- Config file validation
|
|
469
487
|
- Database accessibility and schema
|
|
470
488
|
- Master key correctness (test decrypt)
|
|
489
|
+
- Key storage backend (keychain type and status)
|
|
471
490
|
- Expired or expiring-soon credentials
|
|
472
491
|
|
|
473
492
|
Returns pass/warn/fail for each check.
|
|
474
493
|
|
|
475
494
|
## Security Model
|
|
476
495
|
|
|
477
|
-
- **Encryption at rest** — AES-256-GCM with PBKDF2 key derivation (
|
|
496
|
+
- **Encryption at rest** — AES-256-GCM with PBKDF2 key derivation (210,000 iterations, SHA-512, random per-deployment salt)
|
|
497
|
+
- **Cross-platform key storage** — master key stored in OS keychain by default (macOS Keychain, Windows Credential Manager, Linux Secret Service). File fallback for CI/headless
|
|
478
498
|
- **Domain guard** — enforced on every outbound request. No bypass, no override. Wildcards supported (`*.slack.com`)
|
|
479
499
|
- **Credential scopes** — `read` (GET/HEAD/OPTIONS), `write` (POST/PUT/PATCH/DELETE), `*` (all). Enforced at the Gate before any request is forwarded
|
|
480
500
|
- **Header stripping** — agent-supplied `Authorization`, `X-API-Key`, `Proxy-Authorization` headers are removed before injection
|
|
@@ -484,13 +504,13 @@ Returns pass/warn/fail for each check.
|
|
|
484
504
|
- **TLS support** — optional HTTPS on Gate (`aegis gate --tls --cert <path> --key <path>`)
|
|
485
505
|
- **Graceful shutdown** — drains in-flight requests on SIGINT/SIGTERM
|
|
486
506
|
|
|
487
|
-
See [SECURITY_ARCHITECTURE.md](docs/SECURITY_ARCHITECTURE.md) for the full security design
|
|
507
|
+
See [SECURITY_ARCHITECTURE.md](docs/SECURITY_ARCHITECTURE.md) for the full security design and trust boundaries, and [THREAT_MODEL.md](docs/THREAT_MODEL.md) for the STRIDE threat analysis.
|
|
488
508
|
|
|
489
509
|
## CLI Reference
|
|
490
510
|
|
|
491
511
|
```
|
|
492
512
|
aegis init [--write-secrets] Initialize Aegis (master key + config)
|
|
493
|
-
aegis gate [--port] [--tls] [--
|
|
513
|
+
aegis gate [--port] [--tls] [--no-agent-auth] [--policies-dir] [--policy-mode]
|
|
494
514
|
Start the HTTP proxy
|
|
495
515
|
aegis dashboard [--port] [--gate-port] Start the web dashboard + Gate
|
|
496
516
|
|
|
@@ -552,8 +572,12 @@ aegis user regenerate-token --name <name> Regenerate user token
|
|
|
552
572
|
aegis mcp serve [--transport] [--port] Start the MCP server
|
|
553
573
|
aegis mcp config <claude|cursor|vscode> Generate MCP host config
|
|
554
574
|
|
|
575
|
+
aegis db backup [--output <path>] Backup the vault database
|
|
576
|
+
aegis db restore --input <path> [--force] Restore from a backup
|
|
577
|
+
|
|
555
578
|
aegis config validate Validate config file
|
|
556
579
|
aegis config show Show resolved configuration
|
|
580
|
+
aegis key where Show where the master key is stored
|
|
557
581
|
aegis doctor Health check diagnostics
|
|
558
582
|
```
|
|
559
583
|
|
|
@@ -561,7 +585,7 @@ aegis doctor Health check diagnostics
|
|
|
561
585
|
|
|
562
586
|
| Error | Cause | Fix |
|
|
563
587
|
|-------|-------|-----|
|
|
564
|
-
| `AEGIS_MASTER_KEY is not set` | No master key in config or
|
|
588
|
+
| `AEGIS_MASTER_KEY is not set` | No master key in config, env, or keychain | Run `aegis key where` to check storage, or `export AEGIS_MASTER_KEY=<key>` |
|
|
565
589
|
| `Invalid master key` | Wrong key for this vault | Check `AEGIS_MASTER_KEY` matches the key from `aegis init` |
|
|
566
590
|
| `Port 3100 is already in use` | Another process on that port | Use `aegis gate --port 3200` or stop the other process |
|
|
567
591
|
| `Database file is corrupted` | SQLite file damaged | Back up `.aegis/` and re-run `aegis init` |
|
|
@@ -590,8 +614,8 @@ See [CONTRIBUTING.md](CONTRIBUTING.md) for code style, PR process, and architect
|
|
|
590
614
|
|-------|------------|
|
|
591
615
|
| Language | TypeScript (ES2022, native ESM) |
|
|
592
616
|
| Runtime | Node.js ≥ 20 |
|
|
593
|
-
| Database | SQLite via better-sqlite3 (WAL mode) |
|
|
594
|
-
| Encryption | AES-256-GCM, PBKDF2 |
|
|
617
|
+
| Database | SQLite via better-sqlite3-multiple-ciphers (WAL mode, ChaCha20-Poly1305 encryption at rest) |
|
|
618
|
+
| Encryption | AES-256-GCM (field-level), ChaCha20-Poly1305 (full-database), PBKDF2 |
|
|
595
619
|
| Logging | pino (structured JSON, field-level redaction) |
|
|
596
620
|
| Metrics | prom-client (Prometheus) |
|
|
597
621
|
| CLI | Commander.js |
|
package/dist/agent/agent.d.ts
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"agent.d.ts","sourceRoot":"","sources":["../../src/agent/agent.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,QAAQ,MAAM,
|
|
1
|
+
{"version":3,"file":"agent.d.ts","sourceRoot":"","sources":["../../src/agent/agent.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,QAAQ,MAAM,iCAAiC,CAAC;AAI5D,MAAM,WAAW,KAAK;IACpB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,cAAe,SAAQ,KAAK;IAC3C,KAAK,EAAE,MAAM,CAAC;CACf;AAcD;;;;;;;;;GASG;AACH,qBAAa,aAAa;IAItB,OAAO,CAAC,EAAE;IAHZ,OAAO,CAAC,UAAU,CAAS;gBAGjB,EAAE,EAAE,QAAQ,CAAC,QAAQ,EAC7B,UAAU,EAAE,MAAM;IAKpB;;;;;;OAMG;IACH,GAAG,CAAC,MAAM,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,SAAS,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,cAAc;IAkCjE;;OAEG;IACH,IAAI,IAAI,KAAK,EAAE;IAQf;;OAEG;IACH,SAAS,CAAC,IAAI,EAAE,MAAM,GAAG,KAAK,GAAG,IAAI;IAOrC;;;;OAIG;IACH,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,KAAK,GAAG,IAAI;IAS1C;;OAEG;IACH,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO;IAS7B;;;;;;;;OAQG;IACH,eAAe,CAAC,IAAI,EAAE,MAAM,GAAG,cAAc,GAAG,IAAI;IAkCpD;;OAEG;IACH,KAAK,CAAC,MAAM,EAAE;QAAE,SAAS,EAAE,MAAM,CAAC;QAAC,YAAY,EAAE,MAAM,CAAA;KAAE,GAAG,IAAI;IAoBhE;;OAEG;IACH,MAAM,CAAC,MAAM,EAAE;QAAE,SAAS,EAAE,MAAM,CAAC;QAAC,YAAY,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO;IAapE;;OAEG;IACH,SAAS,CAAC,OAAO,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,GAAG,OAAO;IAQzD;;OAEG;IACH,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,EAAE;IAevC;;;OAGG;IACH,YAAY,CAAC,MAAM,EAAE;QAAE,SAAS,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,MAAM,GAAG,IAAI,CAAA;KAAE,GAAG,KAAK;IAmB5E,OAAO,CAAC,UAAU;CAUnB"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../../src/cli/commands/config.ts"],"names":[],"mappings":"AAAA;;GAEG;AAIH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAGzC,wBAAgB,QAAQ,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,
|
|
1
|
+
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../../src/cli/commands/config.ts"],"names":[],"mappings":"AAAA;;GAEG;AAIH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAGzC,wBAAgB,QAAQ,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CAiI/C"}
|
|
@@ -47,7 +47,7 @@ export function register(program) {
|
|
|
47
47
|
console.log(` Log level: ${config.logLevel}`);
|
|
48
48
|
console.log(` Log format: ${config.logFormat}`);
|
|
49
49
|
console.log(` Metrics: ${config.metricsEnabled ? 'enabled' : 'disabled'}`);
|
|
50
|
-
console.log(` Agent auth: ${config.requireAgentAuth ? 'required' : '
|
|
50
|
+
console.log(` Agent auth: ${config.requireAgentAuth ? 'required (default)' : 'disabled'}`);
|
|
51
51
|
console.log(` TLS: ${config.tls ? 'enabled' : 'disabled'}`);
|
|
52
52
|
console.log(` Policy mode: ${config.policyMode}`);
|
|
53
53
|
if (config.policiesDir) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.js","sourceRoot":"","sources":["../../../src/cli/commands/config.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAElC,OAAO,EAAE,cAAc,EAAE,SAAS,EAAE,eAAe,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AAEjG,MAAM,UAAU,QAAQ,CAAC,OAAgB;IACvC,MAAM,SAAS,GAAG,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,WAAW,CAAC,4BAA4B,CAAC,CAAC;IAEtF,SAAS;SACN,OAAO,CAAC,UAAU,CAAC;SACnB,WAAW,CAAC,oCAAoC,CAAC;SACjD,MAAM,CAAC,eAAe,EAAE,8DAA8D,CAAC;SACvF,MAAM,CAAC,CAAC,IAAuB,EAAE,EAAE;QAClC,mBAAmB;QACnB,MAAM,cAAc,GAAG,IAAI,CAAC,IAAI,IAAI,cAAc,EAAE,CAAC;QACrD,IAAI,CAAC,cAAc,EAAE,CAAC;YACpB,OAAO,CAAC,KAAK,CACX,6FAA6F,CAC9F,CAAC;YACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;QAClD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;YACjC,OAAO,CAAC,KAAK,CAAC,gCAAgC,YAAY,IAAI,CAAC,CAAC;YAChE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,mBAAmB,YAAY,IAAI,CAAC,CAAC;QAEjD,iBAAiB;QACjB,IAAI,MAA0C,CAAC;QAC/C,IAAI,CAAC;YACH,MAAM,GAAG,eAAe,CAAC,YAAY,CAAC,CAAC;QACzC,CAAC;QAAC,OAAO,GAAY,EAAE,CAAC;YACtB,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACjE,OAAO,CAAC,KAAK,CAAC,6BAA6B,OAAO,IAAI,CAAC,CAAC;YACxD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAChB,OAAO,CAAC,2BAA2B;QACrC,CAAC;QAED,6BAA6B;QAC7B,MAAM,MAAM,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC;QAE1C,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACxB,OAAO,CAAC,GAAG,CAAC,+BAA+B,CAAC,CAAC;YAE7C,oCAAoC;YACpC,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;YAC3B,OAAO,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAC;YACzC,OAAO,CAAC,GAAG,CAAC,wBAAwB,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;YACnD,OAAO,CAAC,GAAG,CAAC,wBAAwB,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC;YACxD,OAAO,CAAC,GAAG,CAAC,wBAAwB,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;YACtD,OAAO,CAAC,GAAG,CAAC,wBAAwB,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;YACvD,OAAO,CAAC,GAAG,CAAC,wBAAwB,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC;YACxD,OAAO,CAAC,GAAG,CAAC,wBAAwB,MAAM,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC;YACtF,OAAO,CAAC,GAAG,
|
|
1
|
+
{"version":3,"file":"config.js","sourceRoot":"","sources":["../../../src/cli/commands/config.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAElC,OAAO,EAAE,cAAc,EAAE,SAAS,EAAE,eAAe,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AAEjG,MAAM,UAAU,QAAQ,CAAC,OAAgB;IACvC,MAAM,SAAS,GAAG,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,WAAW,CAAC,4BAA4B,CAAC,CAAC;IAEtF,SAAS;SACN,OAAO,CAAC,UAAU,CAAC;SACnB,WAAW,CAAC,oCAAoC,CAAC;SACjD,MAAM,CAAC,eAAe,EAAE,8DAA8D,CAAC;SACvF,MAAM,CAAC,CAAC,IAAuB,EAAE,EAAE;QAClC,mBAAmB;QACnB,MAAM,cAAc,GAAG,IAAI,CAAC,IAAI,IAAI,cAAc,EAAE,CAAC;QACrD,IAAI,CAAC,cAAc,EAAE,CAAC;YACpB,OAAO,CAAC,KAAK,CACX,6FAA6F,CAC9F,CAAC;YACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;QAClD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;YACjC,OAAO,CAAC,KAAK,CAAC,gCAAgC,YAAY,IAAI,CAAC,CAAC;YAChE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,mBAAmB,YAAY,IAAI,CAAC,CAAC;QAEjD,iBAAiB;QACjB,IAAI,MAA0C,CAAC;QAC/C,IAAI,CAAC;YACH,MAAM,GAAG,eAAe,CAAC,YAAY,CAAC,CAAC;QACzC,CAAC;QAAC,OAAO,GAAY,EAAE,CAAC;YACtB,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACjE,OAAO,CAAC,KAAK,CAAC,6BAA6B,OAAO,IAAI,CAAC,CAAC;YACxD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAChB,OAAO,CAAC,2BAA2B;QACrC,CAAC;QAED,6BAA6B;QAC7B,MAAM,MAAM,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC;QAE1C,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACxB,OAAO,CAAC,GAAG,CAAC,+BAA+B,CAAC,CAAC;YAE7C,oCAAoC;YACpC,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;YAC3B,OAAO,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAC;YACzC,OAAO,CAAC,GAAG,CAAC,wBAAwB,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;YACnD,OAAO,CAAC,GAAG,CAAC,wBAAwB,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC;YACxD,OAAO,CAAC,GAAG,CAAC,wBAAwB,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;YACtD,OAAO,CAAC,GAAG,CAAC,wBAAwB,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;YACvD,OAAO,CAAC,GAAG,CAAC,wBAAwB,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC;YACxD,OAAO,CAAC,GAAG,CAAC,wBAAwB,MAAM,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC;YACtF,OAAO,CAAC,GAAG,CACT,wBAAwB,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,oBAAoB,CAAC,CAAC,CAAC,UAAU,EAAE,CACtF,CAAC;YACF,OAAO,CAAC,GAAG,CAAC,wBAAwB,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC;YAC3E,OAAO,CAAC,GAAG,CAAC,wBAAwB,MAAM,CAAC,UAAU,EAAE,CAAC,CAAC;YACzD,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;gBACvB,OAAO,CAAC,GAAG,CAAC,wBAAwB,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC;YAC5D,CAAC;YACD,OAAO,CAAC,GAAG,CACT,wBAAwB,MAAM,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,iBAAiB,MAAM,CAAC,SAAS,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,UAAU,EAAE,CAC5G,CAAC;YACF,OAAO,CAAC,GAAG,CAAC,wBAAwB,MAAM,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,CAAC;YAC5D,IAAI,MAAM,CAAC,GAAG,CAAC,SAAS,KAAK,iBAAiB,EAAE,CAAC;gBAC/C,OAAO,CAAC,GAAG,CAAC,wBAAwB,MAAM,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;YACzD,CAAC;YACD,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC/B,OAAO,CAAC,GAAG,CAAC,wBAAwB,MAAM,CAAC,QAAQ,CAAC,MAAM,aAAa,CAAC,CAAC;YAC3E,CAAC;YACD,OAAO,CAAC,GAAG,EAAE,CAAC;QAChB,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,OAAO,MAAM,CAAC,MAAM,+BAA+B,CAAC,CAAC;YACjE,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;gBAC3B,OAAO,CAAC,GAAG,CAAC,SAAS,KAAK,CAAC,IAAI,KAAK,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YACvD,CAAC;YACD,OAAO,CAAC,GAAG,EAAE,CAAC;YACd,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC,CAAC,CAAC;IAEL,SAAS;SACN,OAAO,CAAC,MAAM,CAAC;SACf,WAAW,CAAC,sDAAsD,CAAC;SACnE,MAAM,CAAC,GAAG,EAAE;QACX,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAE3B,OAAO,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAC;QACzC,IAAI,MAAM,CAAC,cAAc,EAAE,CAAC;YAC1B,OAAO,CAAC,GAAG,CAAC,aAAa,MAAM,CAAC,cAAc,EAAE,CAAC,CAAC;QACpD,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,mEAAmE,CAAC,CAAC;QACnF,CAAC;QACD,OAAO,CAAC,GAAG,EAAE,CAAC;QACd,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QACvB,OAAO,CAAC,GAAG,CAAC,2BAA2B,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;QACtD,OAAO,CAAC,GAAG,CAAC,2BAA2B,MAAM,CAAC,gBAAgB,EAAE,CAAC,CAAC;QAClE,IAAI,MAAM,CAAC,GAAG,EAAE,CAAC;YACf,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;YACxB,OAAO,CAAC,GAAG,CAAC,eAAe,MAAM,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;YAC9C,OAAO,CAAC,GAAG,CAAC,eAAe,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC;QAC/C,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QACxB,OAAO,CAAC,GAAG,CAAC,iBAAiB,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC;QACjD,OAAO,CAAC,GAAG,CAAC,iBAAiB,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;QAC/C,OAAO,CAAC,GAAG,CAAC,mBAAmB,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;QAC9E,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;QAChC,OAAO,CAAC,GAAG,CAAC,mBAAmB,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;QAClD,OAAO,CAAC,GAAG,CAAC,mBAAmB,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC;QACnD,OAAO,CAAC,GAAG,CAAC,mBAAmB,MAAM,CAAC,cAAc,EAAE,CAAC,CAAC;QACxD,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;QAC9B,OAAO,CAAC,GAAG,CAAC,kBAAkB,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC,CAAC;QAC1D,OAAO,CAAC,GAAG,CAAC,kBAAkB,MAAM,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC,CAAC;QACvD,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;YACvB,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;YAC3B,OAAO,CAAC,GAAG,CAAC,aAAa,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC;YAC/C,OAAO,CAAC,GAAG,CAAC,aAAa,MAAM,CAAC,UAAU,EAAE,CAAC,CAAC;QAChD,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,kBAAkB,MAAM,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,CAAC;QACtD,OAAO,CAAC,GAAG,CAAC,kBAAkB,MAAM,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;QACjD,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC/B,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;YAC3B,KAAK,MAAM,EAAE,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;gBACjC,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC;gBACpC,OAAO,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YACzD,CAAC;QACH,CAAC;QACD,OAAO,CAAC,GAAG,EAAE,CAAC;IAChB,CAAC,CAAC,CAAC;AACP,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"dashboard.d.ts","sourceRoot":"","sources":["../../../src/cli/commands/dashboard.ts"],"names":[],"mappings":"AAAA;;GAEG;AAIH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAezC,wBAAgB,QAAQ,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,
|
|
1
|
+
{"version":3,"file":"dashboard.d.ts","sourceRoot":"","sources":["../../../src/cli/commands/dashboard.ts"],"names":[],"mappings":"AAAA;;GAEG;AAIH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAezC,wBAAgB,QAAQ,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CAkO/C"}
|
|
@@ -25,7 +25,7 @@ export function register(program) {
|
|
|
25
25
|
.option('--tls', 'Enable TLS (HTTPS) on Gate')
|
|
26
26
|
.option('--cert <path>', 'Path to TLS certificate file (PEM)')
|
|
27
27
|
.option('--key <path>', 'Path to TLS private key file (PEM)')
|
|
28
|
-
.option('--
|
|
28
|
+
.option('--no-agent-auth', 'Disable agent authentication (allows any localhost process to use credentials)')
|
|
29
29
|
.option('--policies-dir <path>', 'Directory containing YAML policy files')
|
|
30
30
|
.option('--policy-mode <mode>', 'Policy enforcement mode: enforce, dry-run, or off')
|
|
31
31
|
.action(async (opts) => {
|
|
@@ -91,7 +91,7 @@ export function register(program) {
|
|
|
91
91
|
tlsConfig = { certPath, keyPath };
|
|
92
92
|
}
|
|
93
93
|
// Resolve policy: CLI flags → config file
|
|
94
|
-
const effectiveRequireAgentAuth = opts.
|
|
94
|
+
const effectiveRequireAgentAuth = opts.agentAuth !== undefined ? opts.agentAuth : config.requireAgentAuth;
|
|
95
95
|
const effectivePolicyMode = opts.policyMode ??
|
|
96
96
|
(config.policyMode === 'off' ? undefined : config.policyMode);
|
|
97
97
|
const policyDir = opts.policiesDir
|
|
@@ -133,6 +133,9 @@ export function register(program) {
|
|
|
133
133
|
webhooks: webhookManager,
|
|
134
134
|
metrics,
|
|
135
135
|
onAuditEntry: (entry) => dashboard.broadcast(entry),
|
|
136
|
+
maxBodySize: config.maxBodySize,
|
|
137
|
+
requestTimeout: config.requestTimeout,
|
|
138
|
+
maxConnectionsPerAgent: config.maxConnectionsPerAgent,
|
|
136
139
|
});
|
|
137
140
|
const protocol = tlsConfig ? 'https' : 'http';
|
|
138
141
|
console.log(`\n ╔══════════════════════════════════╗`);
|
|
@@ -144,6 +147,9 @@ export function register(program) {
|
|
|
144
147
|
if (effectiveRequireAgentAuth) {
|
|
145
148
|
console.log(' 🔑 Agent authentication required\n');
|
|
146
149
|
}
|
|
150
|
+
else {
|
|
151
|
+
console.log(' ⚠ Agent authentication disabled — any localhost process can use credentials\n');
|
|
152
|
+
}
|
|
147
153
|
if (metrics) {
|
|
148
154
|
console.log(' 📊 Metrics enabled (/_aegis/metrics)\n');
|
|
149
155
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"dashboard.js","sourceRoot":"","sources":["../../../src/cli/commands/dashboard.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAElC,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAC;AAC3D,OAAO,EAAE,KAAK,EAAE,YAAY,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AAC3D,OAAO,EAAE,IAAI,EAAE,MAAM,qBAAqB,CAAC;AAC3C,OAAO,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AAC/C,OAAO,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AACtD,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,sBAAsB,CAAC;AACxD,OAAO,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAC3C,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AACxD,OAAO,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAC7C,OAAO,EAAE,kBAAkB,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAElF,MAAM,UAAU,QAAQ,CAAC,OAAgB;IACvC,OAAO;SACJ,OAAO,CAAC,WAAW,CAAC;SACpB,WAAW,CAAC,iDAAiD,CAAC;SAC9D,MAAM,CAAC,mBAAmB,EAAE,iBAAiB,CAAC;SAC9C,MAAM,CAAC,6BAA6B,EAAE,uBAAuB,CAAC;SAC9D,MAAM,CAAC,OAAO,EAAE,4BAA4B,CAAC;SAC7C,MAAM,CAAC,eAAe,EAAE,oCAAoC,CAAC;SAC7D,MAAM,CAAC,cAAc,EAAE,oCAAoC,CAAC;SAC5D,MAAM,
|
|
1
|
+
{"version":3,"file":"dashboard.js","sourceRoot":"","sources":["../../../src/cli/commands/dashboard.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAElC,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAC;AAC3D,OAAO,EAAE,KAAK,EAAE,YAAY,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AAC3D,OAAO,EAAE,IAAI,EAAE,MAAM,qBAAqB,CAAC;AAC3C,OAAO,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AAC/C,OAAO,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AACtD,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,sBAAsB,CAAC;AACxD,OAAO,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAC3C,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AACxD,OAAO,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAC7C,OAAO,EAAE,kBAAkB,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAElF,MAAM,UAAU,QAAQ,CAAC,OAAgB;IACvC,OAAO;SACJ,OAAO,CAAC,WAAW,CAAC;SACpB,WAAW,CAAC,iDAAiD,CAAC;SAC9D,MAAM,CAAC,mBAAmB,EAAE,iBAAiB,CAAC;SAC9C,MAAM,CAAC,6BAA6B,EAAE,uBAAuB,CAAC;SAC9D,MAAM,CAAC,OAAO,EAAE,4BAA4B,CAAC;SAC7C,MAAM,CAAC,eAAe,EAAE,oCAAoC,CAAC;SAC7D,MAAM,CAAC,cAAc,EAAE,oCAAoC,CAAC;SAC5D,MAAM,CACL,iBAAiB,EACjB,gFAAgF,CACjF;SACA,MAAM,CAAC,uBAAuB,EAAE,wCAAwC,CAAC;SACzE,MAAM,CAAC,sBAAsB,EAAE,mDAAmD,CAAC;SACnF,MAAM,CACL,KAAK,EAAE,IASN,EAAE,EAAE;QACH,2BAA2B;QAC3B,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;YACd,MAAM,CAAC,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;YACzC,YAAY,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC;QAC/B,CAAC;QACD,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YACvB,MAAM,EAAE,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,aAAa,EAAE,EAAE,CAAC,CAAC;YACnD,YAAY,CAAC,EAAE,EAAE,gBAAgB,CAAC,CAAC;QACrC,CAAC;QACD,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;YACpB,YAAY,CAAC,IAAI,CAAC,UAAU,EAAE,kBAAkB,EAAE,aAAa,CAAC,CAAC;QACnE,CAAC;QAED,IAAI,MAAoC,CAAC;QACzC,IAAI,CAAC;YACH,MAAM,GAAG,SAAS,EAAE,CAAC;QACvB,CAAC;QAAC,OAAO,GAAY,EAAE,CAAC;YACtB,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC7D,OAAO,CAAC,KAAK,CAAC,OAAO,GAAG,IAAI,CAAC,CAAC;YAC9B,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QACD,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC;QAC1E,MAAM,aAAa,GAAG,IAAI,CAAC,aAAa;YACtC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,aAAa,EAAE,EAAE,CAAC;YACzC,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC;QAE1B,IAAI,EAA4B,CAAC;QACjC,IAAI,CAAC;YACH,EAAE,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC;YACnB,OAAO,CAAC,EAAE,CAAC,CAAC;QACd,CAAC;QAAC,OAAO,GAAY,EAAE,CAAC;YACtB,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC7D,OAAO,CAAC,KAAK,CAAC,6BAA6B,GAAG,IAAI,CAAC,CAAC;YACpD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;YACtB,OAAO,CAAC,KAAK,CACX,6FAA6F,CAC9F,CAAC;YACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,MAAM,GAAG,GAAG,SAAS,CAAC,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC;QAC9D,eAAe,CAAC,EAAE,EAAE,GAAG,EAAE,gBAAgB,CAAC,CAAC;QAE3C,MAAM,aAAa,GAAG,IAAI,KAAK,CAAC,EAAE,EAAE,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC;QAC5E,MAAM,MAAM,GAAG,IAAI,MAAM,CAAC,EAAE,CAAC,CAAC;QAC9B,MAAM,QAAQ,GAAG,IAAI,aAAa,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;QAC5C,MAAM,YAAY,GAAG,IAAI,YAAY,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;QAE/C,uCAAuC;QACvC,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,IAAI,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;QACxC,IAAI,SAA4D,CAAC;QACjE,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,QAAQ,GACZ,IAAI,CAAC,IAAI,IAAI,MAAM,CAAC,GAAG,EAAE,IAAI,IAAI,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,OAAO,EAAE,WAAW,CAAC,CAAC;YAClF,MAAM,OAAO,GACX,IAAI,CAAC,GAAG,IAAI,MAAM,CAAC,GAAG,EAAE,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,OAAO,EAAE,WAAW,CAAC,CAAC;YAEhF,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC7B,OAAO,CAAC,KAAK,CACX,oCAAoC,QAAQ,qDAAqD,CAClG,CAAC;gBACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;YACD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC5B,OAAO,CAAC,KAAK,CACX,oCAAoC,OAAO,qDAAqD,CACjG,CAAC;gBACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;YAED,SAAS,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC;QACpC,CAAC;QAED,0CAA0C;QAC1C,MAAM,yBAAyB,GAC7B,IAAI,CAAC,SAAS,KAAK,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,gBAAgB,CAAC;QAC1E,MAAM,mBAAmB,GACtB,IAAI,CAAC,UAAgD;YACtD,CAAC,MAAM,CAAC,UAAU,KAAK,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAE,MAAM,CAAC,UAAoC,CAAC,CAAC;QAC3F,MAAM,SAAS,GAAG,IAAI,CAAC,WAAW;YAChC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC;YAChC,CAAC,CAAC,MAAM,CAAC,WAAW;gBAClB,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,WAAW,CAAC;gBAClC,CAAC,CAAC,SAAS,CAAC;QAEhB,IAAI,SAAS,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YAC3C,OAAO,CAAC,KAAK,CACX,qCAAqC,SAAS,mEAAmE,CAClH,CAAC;YACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,MAAM,cAAc,GAAG,IAAI,cAAc,CAAC,EAAE,EAAE,EAAE,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;QAE7E,gDAAgD;QAChD,MAAM,OAAO,GAAG,MAAM,CAAC,cAAc;YACnC,CAAC,CAAC,IAAI,YAAY,CAAC,EAAE,KAAK,EAAE,aAAa,EAAE,CAAC;YAC5C,CAAC,CAAC,SAAS,CAAC;QAEd,+BAA+B;QAC/B,MAAM,SAAS,GAAG,IAAI,eAAe,CAAC;YACpC,IAAI,EAAE,aAAa;YACnB,KAAK,EAAE,aAAa;YACpB,MAAM;YACN,aAAa,EAAE,QAAQ;YACvB,YAAY;YACZ,WAAW,EAAE,KAAK;YAClB,QAAQ,EAAE,IAAI;YACd,QAAQ,EAAE,MAAM,CAAC,QAAQ;SAC1B,CAAC,CAAC;QAEH,qDAAqD;QACrD,MAAM,IAAI,GAAG,IAAI,IAAI,CAAC;YACpB,IAAI,EAAE,QAAQ;YACd,KAAK,EAAE,aAAa;YACpB,MAAM;YACN,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,GAAG,EAAE,SAAS;YACd,aAAa,EAAE,QAAQ;YACvB,gBAAgB,EAAE,yBAAyB;YAC3C,SAAS;YACT,UAAU,EAAE,mBAAmB;YAC/B,QAAQ,EAAE,cAAc;YACxB,OAAO;YACP,YAAY,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,SAAS,CAAC,SAAS,CAAC,KAAK,CAAC;YACnD,WAAW,EAAE,MAAM,CAAC,WAAW;YAC/B,cAAc,EAAE,MAAM,CAAC,cAAc;YACrC,sBAAsB,EAAE,MAAM,CAAC,sBAAsB;SACtD,CAAC,CAAC;QAEH,MAAM,QAAQ,GAAG,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC;QAE9C,OAAO,CAAC,GAAG,CAAC,0CAA0C,CAAC,CAAC;QACxD,OAAO,CAAC,GAAG,CAAC,6BAA6B,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;QAChE,OAAO,CAAC,GAAG,CAAC,0CAA0C,CAAC,CAAC;QAExD,IAAI,SAAS,EAAE,CAAC;YACd,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;QACpC,CAAC;QAED,IAAI,yBAAyB,EAAE,CAAC;YAC9B,OAAO,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC;QACtD,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CACT,kFAAkF,CACnF,CAAC;QACJ,CAAC;QAED,IAAI,OAAO,EAAE,CAAC;YACZ,OAAO,CAAC,GAAG,CAAC,0CAA0C,CAAC,CAAC;QAC1D,CAAC;QAED,MAAM,KAAK,GAAG,aAAa,CAAC,IAAI,EAAE,CAAC;QACnC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACvB,OAAO,CAAC,GAAG,CAAC,gEAAgE,CAAC,CAAC;QAChF,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,MAAM,yBAAyB,CAAC,CAAC;QAC1D,CAAC;QAED,MAAM,SAAS,CAAC,KAAK,EAAE,CAAC;QACxB,MAAM,IAAI,CAAC,KAAK,EAAE,CAAC;QACnB,SAAS,CAAC,aAAa,CAAC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;QAElD,OAAO,CAAC,GAAG,CAAC,gBAAgB,QAAQ,gBAAgB,IAAI,CAAC,aAAa,EAAE,CAAC,CAAC;QAC1E,OAAO,CAAC,GAAG,CAAC,iCAAiC,SAAS,CAAC,aAAa,IAAI,CAAC,CAAC;QAC1E,OAAO,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAC;QAEzC,oBAAoB;QACpB,IAAI,kBAAkB,GAAG,KAAK,CAAC;QAC/B,MAAM,QAAQ,GAAG,KAAK,IAAmB,EAAE;YACzC,IAAI,kBAAkB,EAAE,CAAC;gBACvB,OAAO,CAAC,GAAG,CAAC,+CAA+C,CAAC,CAAC;gBAC7D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;YACD,kBAAkB,GAAG,IAAI,CAAC;YAC1B,OAAO,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC;YAEpD,SAAS,CAAC,aAAa,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;YACrC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;YACjC,MAAM,SAAS,CAAC,IAAI,EAAE,CAAC;YAEvB,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;gBACnB,OAAO,CAAC,GAAG,CAAC,qCAAqC,CAAC,CAAC;YACrD,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,GAAG,CACT,0BAA0B,MAAM,CAAC,aAAa,mCAAmC,CAClF,CAAC;YACJ,CAAC;YAED,EAAE,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAC;YAC5C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC,CAAC;QACF,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;QAC/B,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;IAClC,CAAC,CACF,CAAC;AACN,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"db.d.ts","sourceRoot":"","sources":["../../../src/cli/commands/db.ts"],"names":[],"mappings":"AAAA;;GAEG;AAKH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAOzC,wBAAgB,QAAQ,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CA8I/C"}
|
|
@@ -0,0 +1,139 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Database commands: backup, restore.
|
|
3
|
+
*/
|
|
4
|
+
import * as fs from 'node:fs';
|
|
5
|
+
import * as path from 'node:path';
|
|
6
|
+
import Database from 'better-sqlite3-multiple-ciphers';
|
|
7
|
+
import { getConfig } from '../../config.js';
|
|
8
|
+
import { deriveDbKey, getDb, getVaultSalt, migrate } from '../../db.js';
|
|
9
|
+
import { deriveKey } from '../../vault/index.js';
|
|
10
|
+
import { VaultManager } from '../../vault/vault-manager.js';
|
|
11
|
+
import { requireUserAuth } from '../auth.js';
|
|
12
|
+
export function register(program) {
|
|
13
|
+
const dbCmd = program.command('db').description('Database backup and restore');
|
|
14
|
+
dbCmd
|
|
15
|
+
.command('backup')
|
|
16
|
+
.description('Create a backup of the current vault database')
|
|
17
|
+
.option('-o, --output <path>', 'Output file path', './aegis-backup.db')
|
|
18
|
+
.action(async (opts) => {
|
|
19
|
+
const config = getConfig();
|
|
20
|
+
const db = getDb(config);
|
|
21
|
+
migrate(db);
|
|
22
|
+
const key = deriveKey(config.masterKey, getVaultSalt(config));
|
|
23
|
+
requireUserAuth(db, key, 'vault:manage');
|
|
24
|
+
const outputPath = path.resolve(opts.output);
|
|
25
|
+
const outputDir = path.dirname(outputPath);
|
|
26
|
+
if (!fs.existsSync(outputDir)) {
|
|
27
|
+
fs.mkdirSync(outputDir, { recursive: true });
|
|
28
|
+
}
|
|
29
|
+
if (fs.existsSync(outputPath)) {
|
|
30
|
+
console.error(`\n✗ Backup file already exists: ${outputPath}`);
|
|
31
|
+
console.error(` Remove it first or choose a different path.\n`);
|
|
32
|
+
db.close();
|
|
33
|
+
process.exit(1);
|
|
34
|
+
}
|
|
35
|
+
try {
|
|
36
|
+
console.log(`\n Backing up database to: ${outputPath}`);
|
|
37
|
+
await db.backup(outputPath);
|
|
38
|
+
db.close();
|
|
39
|
+
// Verify the backup is valid
|
|
40
|
+
const backupDb = new Database(outputPath, { readonly: true });
|
|
41
|
+
if (config.masterKey) {
|
|
42
|
+
const salt = getVaultSalt(config);
|
|
43
|
+
const dbKey = deriveDbKey(config.masterKey, salt);
|
|
44
|
+
backupDb.pragma(`key="x'${dbKey.toString('hex')}'"`);
|
|
45
|
+
}
|
|
46
|
+
const tables = backupDb
|
|
47
|
+
.prepare("SELECT count(*) as cnt FROM sqlite_master WHERE type='table'")
|
|
48
|
+
.get();
|
|
49
|
+
backupDb.close();
|
|
50
|
+
const stats = fs.statSync(outputPath);
|
|
51
|
+
const sizeKb = (stats.size / 1024).toFixed(1);
|
|
52
|
+
console.log(` ✓ Backup complete (${sizeKb} KB, ${tables.cnt} tables)\n`);
|
|
53
|
+
}
|
|
54
|
+
catch (err) {
|
|
55
|
+
db.close();
|
|
56
|
+
const message = err instanceof Error ? err.message : String(err);
|
|
57
|
+
console.error(`\n✗ Backup failed: ${message}\n`);
|
|
58
|
+
process.exit(1);
|
|
59
|
+
}
|
|
60
|
+
});
|
|
61
|
+
dbCmd
|
|
62
|
+
.command('restore')
|
|
63
|
+
.description('Restore a vault database from a backup file')
|
|
64
|
+
.requiredOption('-i, --input <path>', 'Backup file to restore from')
|
|
65
|
+
.option('--force', 'Overwrite the current database without confirmation')
|
|
66
|
+
.action((opts) => {
|
|
67
|
+
const config = getConfig();
|
|
68
|
+
const inputPath = path.resolve(opts.input);
|
|
69
|
+
if (!fs.existsSync(inputPath)) {
|
|
70
|
+
console.error(`\n✗ Backup file not found: ${inputPath}\n`);
|
|
71
|
+
process.exit(1);
|
|
72
|
+
}
|
|
73
|
+
// Verify the backup is a valid (possibly encrypted) SQLite database
|
|
74
|
+
try {
|
|
75
|
+
const backupDb = new Database(inputPath, { readonly: true });
|
|
76
|
+
if (config.masterKey) {
|
|
77
|
+
const salt = getVaultSalt(config);
|
|
78
|
+
const dbKey = deriveDbKey(config.masterKey, salt);
|
|
79
|
+
backupDb.pragma(`key="x'${dbKey.toString('hex')}'"`);
|
|
80
|
+
}
|
|
81
|
+
const tables = backupDb
|
|
82
|
+
.prepare("SELECT count(*) as cnt FROM sqlite_master WHERE type='table'")
|
|
83
|
+
.get();
|
|
84
|
+
if (tables.cnt === 0) {
|
|
85
|
+
backupDb.close();
|
|
86
|
+
console.error('\n✗ Backup file contains no tables — this does not look like an Aegis database.\n');
|
|
87
|
+
process.exit(1);
|
|
88
|
+
}
|
|
89
|
+
backupDb.close();
|
|
90
|
+
}
|
|
91
|
+
catch (err) {
|
|
92
|
+
const message = err instanceof Error ? err.message : String(err);
|
|
93
|
+
console.error(`\n✗ Backup file is not a valid Aegis database: ${message}\n`);
|
|
94
|
+
process.exit(1);
|
|
95
|
+
}
|
|
96
|
+
// Resolve the current database path
|
|
97
|
+
const manager = new VaultManager(config.dataDir);
|
|
98
|
+
const info = manager.getVaultInfo(config.vaultName);
|
|
99
|
+
const dbPath = info
|
|
100
|
+
? path.join(config.dataDir, info.dbPath)
|
|
101
|
+
: path.join(config.dataDir, 'aegis.db');
|
|
102
|
+
if (fs.existsSync(dbPath) && !opts.force) {
|
|
103
|
+
console.error(`\n✗ Database already exists at: ${dbPath}`);
|
|
104
|
+
console.error(` Use --force to overwrite, or back up first with: aegis db backup\n`);
|
|
105
|
+
process.exit(1);
|
|
106
|
+
}
|
|
107
|
+
try {
|
|
108
|
+
// Ensure directory exists
|
|
109
|
+
const dir = path.dirname(dbPath);
|
|
110
|
+
if (!fs.existsSync(dir)) {
|
|
111
|
+
fs.mkdirSync(dir, { recursive: true });
|
|
112
|
+
}
|
|
113
|
+
// Remove WAL and SHM files from the target (stale journal files cause issues)
|
|
114
|
+
for (const suffix of ['-wal', '-shm']) {
|
|
115
|
+
const walPath = `${dbPath}${suffix}`;
|
|
116
|
+
if (fs.existsSync(walPath)) {
|
|
117
|
+
fs.unlinkSync(walPath);
|
|
118
|
+
}
|
|
119
|
+
}
|
|
120
|
+
// Copy the backup file to the database path
|
|
121
|
+
fs.copyFileSync(inputPath, dbPath);
|
|
122
|
+
// Verify the restored database works
|
|
123
|
+
const db = getDb(config);
|
|
124
|
+
migrate(db);
|
|
125
|
+
const tables = db
|
|
126
|
+
.prepare("SELECT count(*) as cnt FROM sqlite_master WHERE type='table'")
|
|
127
|
+
.get();
|
|
128
|
+
db.close();
|
|
129
|
+
console.log(`\n ✓ Database restored from: ${inputPath}`);
|
|
130
|
+
console.log(` ✓ ${tables.cnt} tables verified\n`);
|
|
131
|
+
}
|
|
132
|
+
catch (err) {
|
|
133
|
+
const message = err instanceof Error ? err.message : String(err);
|
|
134
|
+
console.error(`\n✗ Restore failed: ${message}\n`);
|
|
135
|
+
process.exit(1);
|
|
136
|
+
}
|
|
137
|
+
});
|
|
138
|
+
}
|
|
139
|
+
//# sourceMappingURL=db.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"db.js","sourceRoot":"","sources":["../../../src/cli/commands/db.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,QAAQ,MAAM,iCAAiC,CAAC;AAEvD,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EAAE,WAAW,EAAE,KAAK,EAAE,YAAY,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AACxE,OAAO,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAC;AACjD,OAAO,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAC;AAC5D,OAAO,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAE7C,MAAM,UAAU,QAAQ,CAAC,OAAgB;IACvC,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,WAAW,CAAC,6BAA6B,CAAC,CAAC;IAE/E,KAAK;SACF,OAAO,CAAC,QAAQ,CAAC;SACjB,WAAW,CAAC,+CAA+C,CAAC;SAC5D,MAAM,CAAC,qBAAqB,EAAE,kBAAkB,EAAE,mBAAmB,CAAC;SACtE,MAAM,CAAC,KAAK,EAAE,IAAwB,EAAE,EAAE;QACzC,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,EAAE,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC;QACzB,OAAO,CAAC,EAAE,CAAC,CAAC;QACZ,MAAM,GAAG,GAAG,SAAS,CAAC,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC;QAC9D,eAAe,CAAC,EAAE,EAAE,GAAG,EAAE,cAAc,CAAC,CAAC;QAEzC,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC7C,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QAC3C,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YAC9B,EAAE,CAAC,SAAS,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC/C,CAAC;QAED,IAAI,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YAC9B,OAAO,CAAC,KAAK,CAAC,mCAAmC,UAAU,EAAE,CAAC,CAAC;YAC/D,OAAO,CAAC,KAAK,CAAC,iDAAiD,CAAC,CAAC;YACjE,EAAE,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,IAAI,CAAC;YACH,OAAO,CAAC,GAAG,CAAC,+BAA+B,UAAU,EAAE,CAAC,CAAC;YACzD,MAAM,EAAE,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;YAC5B,EAAE,CAAC,KAAK,EAAE,CAAC;YAEX,6BAA6B;YAC7B,MAAM,QAAQ,GAAG,IAAI,QAAQ,CAAC,UAAU,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC;YAC9D,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;gBACrB,MAAM,IAAI,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;gBAClC,MAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;gBAClD,QAAQ,CAAC,MAAM,CAAC,UAAU,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YACvD,CAAC;YACD,MAAM,MAAM,GAAG,QAAQ;iBACpB,OAAO,CAAC,8DAA8D,CAAC;iBACvE,GAAG,EAAqB,CAAC;YAC5B,QAAQ,CAAC,KAAK,EAAE,CAAC;YAEjB,MAAM,KAAK,GAAG,EAAE,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;YACtC,MAAM,MAAM,GAAG,CAAC,KAAK,CAAC,IAAI,GAAG,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;YAE9C,OAAO,CAAC,GAAG,CAAC,wBAAwB,MAAM,QAAQ,MAAM,CAAC,GAAG,YAAY,CAAC,CAAC;QAC5E,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,EAAE,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACjE,OAAO,CAAC,KAAK,CAAC,sBAAsB,OAAO,IAAI,CAAC,CAAC;YACjD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC,CAAC,CAAC;IAEL,KAAK;SACF,OAAO,CAAC,SAAS,CAAC;SAClB,WAAW,CAAC,6CAA6C,CAAC;SAC1D,cAAc,CAAC,oBAAoB,EAAE,6BAA6B,CAAC;SACnE,MAAM,CAAC,SAAS,EAAE,qDAAqD,CAAC;SACxE,MAAM,CAAC,CAAC,IAAwC,EAAE,EAAE;QACnD,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAE3C,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YAC9B,OAAO,CAAC,KAAK,CAAC,8BAA8B,SAAS,IAAI,CAAC,CAAC;YAC3D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,oEAAoE;QACpE,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,IAAI,QAAQ,CAAC,SAAS,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC;YAC7D,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;gBACrB,MAAM,IAAI,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;gBAClC,MAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;gBAClD,QAAQ,CAAC,MAAM,CAAC,UAAU,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YACvD,CAAC;YACD,MAAM,MAAM,GAAG,QAAQ;iBACpB,OAAO,CAAC,8DAA8D,CAAC;iBACvE,GAAG,EAAqB,CAAC;YAC5B,IAAI,MAAM,CAAC,GAAG,KAAK,CAAC,EAAE,CAAC;gBACrB,QAAQ,CAAC,KAAK,EAAE,CAAC;gBACjB,OAAO,CAAC,KAAK,CACX,mFAAmF,CACpF,CAAC;gBACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;YACD,QAAQ,CAAC,KAAK,EAAE,CAAC;QACnB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACjE,OAAO,CAAC,KAAK,CAAC,kDAAkD,OAAO,IAAI,CAAC,CAAC;YAC7E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,oCAAoC;QACpC,MAAM,OAAO,GAAG,IAAI,YAAY,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QACjD,MAAM,IAAI,GAAG,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QACpD,MAAM,MAAM,GAAG,IAAI;YACjB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC;YACxC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;QAE1C,IAAI,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;YACzC,OAAO,CAAC,KAAK,CAAC,mCAAmC,MAAM,EAAE,CAAC,CAAC;YAC3D,OAAO,CAAC,KAAK,CAAC,sEAAsE,CAAC,CAAC;YACtF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,IAAI,CAAC;YACH,0BAA0B;YAC1B,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;YACjC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;gBACxB,EAAE,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YACzC,CAAC;YAED,8EAA8E;YAC9E,KAAK,MAAM,MAAM,IAAI,CAAC,MAAM,EAAE,MAAM,CAAC,EAAE,CAAC;gBACtC,MAAM,OAAO,GAAG,GAAG,MAAM,GAAG,MAAM,EAAE,CAAC;gBACrC,IAAI,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;oBAC3B,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;gBACzB,CAAC;YACH,CAAC;YAED,4CAA4C;YAC5C,EAAE,CAAC,YAAY,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;YAEnC,qCAAqC;YACrC,MAAM,EAAE,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC;YACzB,OAAO,CAAC,EAAE,CAAC,CAAC;YACZ,MAAM,MAAM,GAAG,EAAE;iBACd,OAAO,CAAC,8DAA8D,CAAC;iBACvE,GAAG,EAAqB,CAAC;YAC5B,EAAE,CAAC,KAAK,EAAE,CAAC;YAEX,OAAO,CAAC,GAAG,CAAC,iCAAiC,SAAS,EAAE,CAAC,CAAC;YAC1D,OAAO,CAAC,GAAG,CAAC,OAAO,MAAM,CAAC,GAAG,oBAAoB,CAAC,CAAC;QACrD,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACjE,OAAO,CAAC,KAAK,CAAC,uBAAuB,OAAO,IAAI,CAAC,CAAC;YAClD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC,CAAC,CAAC;AACP,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"gate.d.ts","sourceRoot":"","sources":["../../../src/cli/commands/gate.ts"],"names":[],"mappings":"AAAA;;GAEG;AAIH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAazC,wBAAgB,QAAQ,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,
|
|
1
|
+
{"version":3,"file":"gate.d.ts","sourceRoot":"","sources":["../../../src/cli/commands/gate.ts"],"names":[],"mappings":"AAAA;;GAEG;AAIH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAazC,wBAAgB,QAAQ,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CAkP/C"}
|
|
@@ -22,7 +22,7 @@ export function register(program) {
|
|
|
22
22
|
.option('--tls', 'Enable TLS (HTTPS) on Gate')
|
|
23
23
|
.option('--cert <path>', 'Path to TLS certificate file (PEM)')
|
|
24
24
|
.option('--key <path>', 'Path to TLS private key file (PEM)')
|
|
25
|
-
.option('--
|
|
25
|
+
.option('--no-agent-auth', 'Disable agent authentication (allows any localhost process to use credentials)')
|
|
26
26
|
.option('--policies-dir <path>', 'Directory containing YAML policy files')
|
|
27
27
|
.option('--policy-mode <mode>', 'Policy enforcement mode: enforce, dry-run, or off')
|
|
28
28
|
.action(async (opts) => {
|
|
@@ -80,7 +80,7 @@ export function register(program) {
|
|
|
80
80
|
}
|
|
81
81
|
const registry = new AgentRegistry(db, key);
|
|
82
82
|
// Resolve policy: CLI flags → config file
|
|
83
|
-
const effectiveRequireAgentAuth = opts.
|
|
83
|
+
const effectiveRequireAgentAuth = opts.agentAuth !== undefined ? opts.agentAuth : config.requireAgentAuth;
|
|
84
84
|
const effectivePolicyMode = opts.policyMode ??
|
|
85
85
|
(config.policyMode === 'off' ? undefined : config.policyMode);
|
|
86
86
|
const policyDir = opts.policiesDir
|
|
@@ -109,6 +109,9 @@ export function register(program) {
|
|
|
109
109
|
policyMode: effectivePolicyMode,
|
|
110
110
|
webhooks: webhookManager,
|
|
111
111
|
metrics,
|
|
112
|
+
maxBodySize: config.maxBodySize,
|
|
113
|
+
requestTimeout: config.requestTimeout,
|
|
114
|
+
maxConnectionsPerAgent: config.maxConnectionsPerAgent,
|
|
112
115
|
});
|
|
113
116
|
const protocol = tlsConfig ? 'https' : 'http';
|
|
114
117
|
console.log(`\n ╔══════════════════════════════════╗`);
|
|
@@ -124,6 +127,9 @@ export function register(program) {
|
|
|
124
127
|
if (effectiveRequireAgentAuth) {
|
|
125
128
|
console.log(' 🔑 Agent authentication required (X-Aegis-Agent header)\n');
|
|
126
129
|
}
|
|
130
|
+
else {
|
|
131
|
+
console.log(' ⚠ Agent authentication disabled (--no-agent-auth) — any localhost process can use credentials\n');
|
|
132
|
+
}
|
|
127
133
|
if (metrics) {
|
|
128
134
|
console.log(' 📊 Metrics enabled (/_aegis/metrics)\n');
|
|
129
135
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"gate.js","sourceRoot":"","sources":["../../../src/cli/commands/gate.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAElC,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EAAE,KAAK,EAAE,YAAY,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AAC3D,OAAO,EAAE,IAAI,EAAE,MAAM,qBAAqB,CAAC;AAC3C,OAAO,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AAC/C,OAAO,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AACtD,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,sBAAsB,CAAC;AACxD,OAAO,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAC3C,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AACxD,OAAO,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAC7C,OAAO,EAAE,kBAAkB,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAElF,MAAM,UAAU,QAAQ,CAAC,OAAgB;IACvC,OAAO;SACJ,OAAO,CAAC,MAAM,CAAC;SACf,WAAW,CAAC,4BAA4B,CAAC;SACzC,MAAM,CAAC,mBAAmB,EAAE,mBAAmB,CAAC;SAChD,MAAM,CAAC,OAAO,EAAE,4BAA4B,CAAC;SAC7C,MAAM,CAAC,eAAe,EAAE,oCAAoC,CAAC;SAC7D,MAAM,CAAC,cAAc,EAAE,oCAAoC,CAAC;SAC5D,MAAM,
|
|
1
|
+
{"version":3,"file":"gate.js","sourceRoot":"","sources":["../../../src/cli/commands/gate.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAElC,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EAAE,KAAK,EAAE,YAAY,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AAC3D,OAAO,EAAE,IAAI,EAAE,MAAM,qBAAqB,CAAC;AAC3C,OAAO,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AAC/C,OAAO,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AACtD,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,sBAAsB,CAAC;AACxD,OAAO,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAC3C,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AACxD,OAAO,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAC7C,OAAO,EAAE,kBAAkB,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAElF,MAAM,UAAU,QAAQ,CAAC,OAAgB;IACvC,OAAO;SACJ,OAAO,CAAC,MAAM,CAAC;SACf,WAAW,CAAC,4BAA4B,CAAC;SACzC,MAAM,CAAC,mBAAmB,EAAE,mBAAmB,CAAC;SAChD,MAAM,CAAC,OAAO,EAAE,4BAA4B,CAAC;SAC7C,MAAM,CAAC,eAAe,EAAE,oCAAoC,CAAC;SAC7D,MAAM,CAAC,cAAc,EAAE,oCAAoC,CAAC;SAC5D,MAAM,CACL,iBAAiB,EACjB,gFAAgF,CACjF;SACA,MAAM,CAAC,uBAAuB,EAAE,wCAAwC,CAAC;SACzE,MAAM,CAAC,sBAAsB,EAAE,mDAAmD,CAAC;SACnF,MAAM,CACL,KAAK,EAAE,IAQN,EAAE,EAAE;QACH,2BAA2B;QAC3B,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;YACd,MAAM,CAAC,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;YACzC,YAAY,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC;QAC/B,CAAC;QACD,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;YACpB,YAAY,CAAC,IAAI,CAAC,UAAU,EAAE,kBAAkB,EAAE,aAAa,CAAC,CAAC;QACnE,CAAC;QAED,IAAI,MAAoC,CAAC;QACzC,IAAI,CAAC;YACH,MAAM,GAAG,SAAS,EAAE,CAAC;QACvB,CAAC;QAAC,OAAO,GAAY,EAAE,CAAC;YACtB,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC7D,OAAO,CAAC,KAAK,CAAC,OAAO,GAAG,IAAI,CAAC,CAAC;YAC9B,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QACD,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC;QAEtE,IAAI,EAA4B,CAAC;QACjC,IAAI,CAAC;YACH,EAAE,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC;YACnB,OAAO,CAAC,EAAE,CAAC,CAAC;QACd,CAAC;QAAC,OAAO,GAAY,EAAE,CAAC;YACtB,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC7D,OAAO,CAAC,KAAK,CAAC,6BAA6B,GAAG,IAAI,CAAC,CAAC;YACpD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;YACtB,OAAO,CAAC,KAAK,CACX,6FAA6F,CAC9F,CAAC;YACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,MAAM,GAAG,GAAG,SAAS,CAAC,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC;QAC9D,eAAe,CAAC,EAAE,EAAE,GAAG,EAAE,YAAY,CAAC,CAAC;QAEvC,MAAM,aAAa,GAAG,IAAI,KAAK,CAAC,EAAE,EAAE,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC;QAC5E,MAAM,MAAM,GAAG,IAAI,MAAM,CAAC,EAAE,CAAC,CAAC;QAE9B,uCAAuC;QACvC,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,IAAI,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;QACxC,IAAI,SAA4D,CAAC;QACjE,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,QAAQ,GACZ,IAAI,CAAC,IAAI,IAAI,MAAM,CAAC,GAAG,EAAE,IAAI,IAAI,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,OAAO,EAAE,WAAW,CAAC,CAAC;YAClF,MAAM,OAAO,GACX,IAAI,CAAC,GAAG,IAAI,MAAM,CAAC,GAAG,EAAE,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,OAAO,EAAE,WAAW,CAAC,CAAC;YAEhF,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC7B,OAAO,CAAC,KAAK,CACX,oCAAoC,QAAQ,4IAA4I,CACzL,CAAC;gBACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;YACD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC5B,OAAO,CAAC,KAAK,CACX,oCAAoC,OAAO,4IAA4I,CACxL,CAAC;gBACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;YAED,SAAS,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC;QACpC,CAAC;QAED,MAAM,QAAQ,GAAG,IAAI,aAAa,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;QAE5C,0CAA0C;QAC1C,MAAM,yBAAyB,GAC7B,IAAI,CAAC,SAAS,KAAK,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,gBAAgB,CAAC;QAC1E,MAAM,mBAAmB,GACtB,IAAI,CAAC,UAAgD;YACtD,CAAC,MAAM,CAAC,UAAU,KAAK,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAE,MAAM,CAAC,UAAoC,CAAC,CAAC;QAC3F,MAAM,SAAS,GAAG,IAAI,CAAC,WAAW;YAChC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC;YAChC,CAAC,CAAC,MAAM,CAAC,WAAW;gBAClB,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,WAAW,CAAC;gBAClC,CAAC,CAAC,SAAS,CAAC;QAEhB,IAAI,SAAS,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YAC3C,OAAO,CAAC,KAAK,CACX,qCAAqC,SAAS,mEAAmE,CAClH,CAAC;YACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,MAAM,cAAc,GAAG,IAAI,cAAc,CAAC,EAAE,EAAE,EAAE,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;QAE7E,gDAAgD;QAChD,MAAM,OAAO,GAAG,MAAM,CAAC,cAAc;YACnC,CAAC,CAAC,IAAI,YAAY,CAAC,EAAE,KAAK,EAAE,aAAa,EAAE,CAAC;YAC5C,CAAC,CAAC,SAAS,CAAC;QAEd,MAAM,IAAI,GAAG,IAAI,IAAI,CAAC;YACpB,IAAI;YACJ,KAAK,EAAE,aAAa;YACpB,MAAM;YACN,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,GAAG,EAAE,SAAS;YACd,aAAa,EAAE,QAAQ;YACvB,gBAAgB,EAAE,yBAAyB;YAC3C,SAAS;YACT,UAAU,EAAE,mBAAmB;YAC/B,QAAQ,EAAE,cAAc;YACxB,OAAO;YACP,WAAW,EAAE,MAAM,CAAC,WAAW;YAC/B,cAAc,EAAE,MAAM,CAAC,cAAc;YACrC,sBAAsB,EAAE,MAAM,CAAC,sBAAsB;SACtD,CAAC,CAAC;QAEH,MAAM,QAAQ,GAAG,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC;QAE9C,OAAO,CAAC,GAAG,CAAC,0CAA0C,CAAC,CAAC;QACxD,OAAO,CAAC,GAAG,CAAC,0BAA0B,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;QAC7D,OAAO,CAAC,GAAG,CAAC,0CAA0C,CAAC,CAAC;QAExD,IAAI,SAAS,EAAE,CAAC;YACd,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;QACpC,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CACT,oFAAoF,CACrF,CAAC;YACF,OAAO,CAAC,GAAG,CACT,mFAAmF,CACpF,CAAC;QACJ,CAAC;QAED,IAAI,yBAAyB,EAAE,CAAC;YAC9B,OAAO,CAAC,GAAG,CAAC,6DAA6D,CAAC,CAAC;QAC7E,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CACT,oGAAoG,CACrG,CAAC;QACJ,CAAC;QAED,IAAI,OAAO,EAAE,CAAC;YACZ,OAAO,CAAC,GAAG,CAAC,0CAA0C,CAAC,CAAC;QAC1D,CAAC;QAED,IAAI,SAAS,EAAE,CAAC;YACd,MAAM,SAAS,GACb,mBAAmB,KAAK,SAAS,CAAC,CAAC,CAAC,oBAAoB,CAAC,CAAC,CAAC,4BAA4B,CAAC;YAC1F,OAAO,CAAC,GAAG,CAAC,kBAAkB,SAAS,EAAE,CAAC,CAAC;YAC3C,OAAO,CAAC,GAAG,CAAC,kBAAkB,SAAS,IAAI,CAAC,CAAC;QAC/C,CAAC;QAED,IAAI,MAAM,CAAC,cAAc,EAAE,CAAC;YAC1B,OAAO,CAAC,GAAG,CAAC,kBAAkB,MAAM,CAAC,cAAc,IAAI,CAAC,CAAC;QAC3D,CAAC;QAED,MAAM,KAAK,GAAG,aAAa,CAAC,IAAI,EAAE,CAAC;QACnC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACvB,OAAO,CAAC,GAAG,CAAC,gEAAgE,CAAC,CAAC;QAChF,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,MAAM,0BAA0B,CAAC,CAAC;YACzD,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;gBACtB,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,OAAO,MAAM,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,QAAQ,GAAG,CAAC,CAAC;YAC5E,CAAC;YACD,OAAO,CAAC,GAAG,EAAE,CAAC;QAChB,CAAC;QAED,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,KAAK,EAAE,CAAC;QACrB,CAAC;QAAC,OAAO,GAAY,EAAE,CAAC;YACtB,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACjE,OAAO,CAAC,KAAK,CAAC,6BAA6B,OAAO,IAAI,CAAC,CAAC;YACxD,EAAE,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,gDAAgD,QAAQ,gBAAgB,IAAI,EAAE,CAAC,CAAC;QAC5F,OAAO,CAAC,GAAG,CACT,wBAAwB,QAAQ,gBAAgB,IAAI,+BAA+B,CACpF,CAAC;QACF,OAAO,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAC;QAEzC,oBAAoB;QACpB,IAAI,kBAAkB,GAAG,KAAK,CAAC;QAC/B,MAAM,QAAQ,GAAG,KAAK,IAAI,EAAE;YAC1B,IAAI,kBAAkB,EAAE,CAAC;gBACvB,OAAO,CAAC,GAAG,CAAC,+CAA+C,CAAC,CAAC;gBAC7D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;YACD,kBAAkB,GAAG,IAAI,CAAC;YAC1B,OAAO,CAAC,GAAG,CAAC,iCAAiC,CAAC,CAAC;YAC/C,OAAO,CAAC,GAAG,CAAC,wCAAwC,CAAC,CAAC;YAEtD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;YAEjC,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;gBACnB,OAAO,CAAC,GAAG,CAAC,qCAAqC,CAAC,CAAC;YACrD,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,GAAG,CACT,0BAA0B,MAAM,CAAC,aAAa,mCAAmC,CAClF,CAAC;YACJ,CAAC;YAED,iDAAiD;YACjD,MAAM,CAAC,SAAS,CAAC;gBACf,OAAO,EAAE,QAAQ;gBACjB,YAAY,EAAE,WAAW;gBACzB,MAAM,EAAE,UAAU;gBAClB,IAAI,EAAE,GAAG;gBACT,MAAM,EAAE,MAAM,CAAC,OAAO;oBACpB,CAAC,CAAC,0CAA0C;oBAC5C,CAAC,CAAC,qBAAqB,MAAM,CAAC,aAAa,0BAA0B;aACxE,CAAC,CAAC;YAEH,EAAE,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,CAAC,GAAG,CAAC,yBAAyB,CAAC,CAAC;YACvC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC,CAAC;QACF,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;QAC/B,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;IAClC,CAAC,CACF,CAAC;AACN,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"init.d.ts","sourceRoot":"","sources":["../../../src/cli/commands/init.ts"],"names":[],"mappings":"AAAA;;GAEG;AAKH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;
|
|
1
|
+
{"version":3,"file":"init.d.ts","sourceRoot":"","sources":["../../../src/cli/commands/init.ts"],"names":[],"mappings":"AAAA;;GAEG;AAKH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAMzC,wBAAgB,QAAQ,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CAwL/C"}
|