@getaegis/cli 0.8.1 → 0.9.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +38 -14
- package/dist/agent/agent.d.ts +1 -1
- package/dist/agent/agent.d.ts.map +1 -1
- package/dist/cli/commands/config.d.ts.map +1 -1
- package/dist/cli/commands/config.js +1 -1
- package/dist/cli/commands/config.js.map +1 -1
- package/dist/cli/commands/dashboard.d.ts.map +1 -1
- package/dist/cli/commands/dashboard.js +8 -2
- package/dist/cli/commands/dashboard.js.map +1 -1
- package/dist/cli/commands/db.d.ts +6 -0
- package/dist/cli/commands/db.d.ts.map +1 -0
- package/dist/cli/commands/db.js +139 -0
- package/dist/cli/commands/db.js.map +1 -0
- package/dist/cli/commands/gate.d.ts.map +1 -1
- package/dist/cli/commands/gate.js +8 -2
- package/dist/cli/commands/gate.js.map +1 -1
- package/dist/cli/commands/init.d.ts.map +1 -1
- package/dist/cli/commands/init.js +90 -24
- package/dist/cli/commands/init.js.map +1 -1
- package/dist/cli/commands/key.d.ts +6 -0
- package/dist/cli/commands/key.d.ts.map +1 -0
- package/dist/cli/commands/key.js +49 -0
- package/dist/cli/commands/key.js.map +1 -0
- package/dist/cli/commands/vault-manager.js +1 -1
- package/dist/cli/commands/vault-manager.js.map +1 -1
- package/dist/cli/commands/vault.d.ts.map +1 -1
- package/dist/cli/commands/vault.js +27 -3
- package/dist/cli/commands/vault.js.map +1 -1
- package/dist/cli/index.d.ts +2 -0
- package/dist/cli/index.d.ts.map +1 -1
- package/dist/cli/index.js +2 -0
- package/dist/cli/index.js.map +1 -1
- package/dist/cli.js +9 -2
- package/dist/cli.js.map +1 -1
- package/dist/config.d.ts +12 -0
- package/dist/config.d.ts.map +1 -1
- package/dist/config.js +54 -8
- package/dist/config.js.map +1 -1
- package/dist/dashboard/public/assets/{index-DkHiw9_f.js → index-Cah0_BKk.js} +1 -1
- package/dist/dashboard/public/index.html +1 -1
- package/dist/db.d.ts +13 -1
- package/dist/db.d.ts.map +1 -1
- package/dist/db.js +68 -49
- package/dist/db.js.map +1 -1
- package/dist/doctor.d.ts +1 -1
- package/dist/doctor.d.ts.map +1 -1
- package/dist/doctor.js +20 -0
- package/dist/doctor.js.map +1 -1
- package/dist/gate/gate.d.ts +24 -2
- package/dist/gate/gate.d.ts.map +1 -1
- package/dist/gate/gate.js +289 -62
- package/dist/gate/gate.js.map +1 -1
- package/dist/index.d.ts +2 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +1 -0
- package/dist/index.js.map +1 -1
- package/dist/key-storage/credential-manager-windows.d.ts +19 -0
- package/dist/key-storage/credential-manager-windows.d.ts.map +1 -0
- package/dist/key-storage/credential-manager-windows.js +87 -0
- package/dist/key-storage/credential-manager-windows.js.map +1 -0
- package/dist/key-storage/file-fallback.d.ts +21 -0
- package/dist/key-storage/file-fallback.d.ts.map +1 -0
- package/dist/key-storage/file-fallback.js +62 -0
- package/dist/key-storage/file-fallback.js.map +1 -0
- package/dist/key-storage/index.d.ts +6 -0
- package/dist/key-storage/index.d.ts.map +1 -0
- package/dist/key-storage/index.js +6 -0
- package/dist/key-storage/index.js.map +1 -0
- package/dist/key-storage/key-storage.d.ts +41 -0
- package/dist/key-storage/key-storage.d.ts.map +1 -0
- package/dist/key-storage/key-storage.js +70 -0
- package/dist/key-storage/key-storage.js.map +1 -0
- package/dist/key-storage/keychain-macos.d.ts +19 -0
- package/dist/key-storage/keychain-macos.d.ts.map +1 -0
- package/dist/key-storage/keychain-macos.js +51 -0
- package/dist/key-storage/keychain-macos.js.map +1 -0
- package/dist/key-storage/secret-service-linux.d.ts +19 -0
- package/dist/key-storage/secret-service-linux.d.ts.map +1 -0
- package/dist/key-storage/secret-service-linux.js +55 -0
- package/dist/key-storage/secret-service-linux.js.map +1 -0
- package/dist/ledger/ledger.d.ts +1 -1
- package/dist/ledger/ledger.d.ts.map +1 -1
- package/dist/metrics/metrics.d.ts +1 -1
- package/dist/metrics/metrics.d.ts.map +1 -1
- package/dist/metrics/metrics.js.map +1 -1
- package/dist/user/user.d.ts +1 -1
- package/dist/user/user.d.ts.map +1 -1
- package/dist/vault/crypto.js +1 -1
- package/dist/vault/vault-manager.d.ts +3 -3
- package/dist/vault/vault-manager.d.ts.map +1 -1
- package/dist/vault/vault-manager.js +14 -4
- package/dist/vault/vault-manager.js.map +1 -1
- package/dist/vault/vault.d.ts +1 -1
- package/dist/vault/vault.d.ts.map +1 -1
- package/dist/webhook/webhook.d.ts +1 -1
- package/dist/webhook/webhook.d.ts.map +1 -1
- package/package.json +12 -4
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* macOS Keychain backend via the `security` CLI.
|
|
3
|
+
*
|
|
4
|
+
* Uses `security add-generic-password` / `find-generic-password` /
|
|
5
|
+
* `delete-generic-password` which ship with every macOS install.
|
|
6
|
+
*
|
|
7
|
+
* The key is stored in the user's login keychain under:
|
|
8
|
+
* service: "aegis" account: "master-key"
|
|
9
|
+
*/
|
|
10
|
+
import { execFileSync } from 'node:child_process';
|
|
11
|
+
import { commandExists } from './key-storage.js';
|
|
12
|
+
const SERVICE = 'aegis';
|
|
13
|
+
const ACCOUNT = 'master-key';
|
|
14
|
+
export class MacOSKeychainStorage {
|
|
15
|
+
name = 'macOS Keychain';
|
|
16
|
+
backend = 'macos-keychain';
|
|
17
|
+
isAvailable() {
|
|
18
|
+
return process.platform === 'darwin' && commandExists('security');
|
|
19
|
+
}
|
|
20
|
+
getKey() {
|
|
21
|
+
try {
|
|
22
|
+
const result = execFileSync('security', ['find-generic-password', '-a', ACCOUNT, '-s', SERVICE, '-w'], { stdio: ['pipe', 'pipe', 'pipe'], encoding: 'utf-8' });
|
|
23
|
+
const key = result.trim();
|
|
24
|
+
return key || undefined;
|
|
25
|
+
}
|
|
26
|
+
catch {
|
|
27
|
+
// Item not found (exit code 44) or other error
|
|
28
|
+
return undefined;
|
|
29
|
+
}
|
|
30
|
+
}
|
|
31
|
+
setKey(key) {
|
|
32
|
+
// -U flag updates if the item already exists (prevents "already exists" error)
|
|
33
|
+
try {
|
|
34
|
+
execFileSync('security', ['add-generic-password', '-a', ACCOUNT, '-s', SERVICE, '-w', key, '-U'], { stdio: 'pipe' });
|
|
35
|
+
}
|
|
36
|
+
catch (err) {
|
|
37
|
+
throw new Error(`Failed to store key in macOS Keychain: ${err.message}`);
|
|
38
|
+
}
|
|
39
|
+
}
|
|
40
|
+
deleteKey() {
|
|
41
|
+
try {
|
|
42
|
+
execFileSync('security', ['delete-generic-password', '-a', ACCOUNT, '-s', SERVICE], {
|
|
43
|
+
stdio: 'pipe',
|
|
44
|
+
});
|
|
45
|
+
}
|
|
46
|
+
catch {
|
|
47
|
+
// Item not found — nothing to delete
|
|
48
|
+
}
|
|
49
|
+
}
|
|
50
|
+
}
|
|
51
|
+
//# sourceMappingURL=keychain-macos.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"keychain-macos.js","sourceRoot":"","sources":["../../src/key-storage/keychain-macos.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAElD,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AAEjD,MAAM,OAAO,GAAG,OAAO,CAAC;AACxB,MAAM,OAAO,GAAG,YAAY,CAAC;AAE7B,MAAM,OAAO,oBAAoB;IACtB,IAAI,GAAG,gBAAgB,CAAC;IACxB,OAAO,GAAsB,gBAAgB,CAAC;IAEvD,WAAW;QACT,OAAO,OAAO,CAAC,QAAQ,KAAK,QAAQ,IAAI,aAAa,CAAC,UAAU,CAAC,CAAC;IACpE,CAAC;IAED,MAAM;QACJ,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,YAAY,CACzB,UAAU,EACV,CAAC,uBAAuB,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,EAC7D,EAAE,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,QAAQ,EAAE,OAAO,EAAE,CACvD,CAAC;YACF,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,EAAE,CAAC;YAC1B,OAAO,GAAG,IAAI,SAAS,CAAC;QAC1B,CAAC;QAAC,MAAM,CAAC;YACP,+CAA+C;YAC/C,OAAO,SAAS,CAAC;QACnB,CAAC;IACH,CAAC;IAED,MAAM,CAAC,GAAW;QAChB,+EAA+E;QAC/E,IAAI,CAAC;YACH,YAAY,CACV,UAAU,EACV,CAAC,sBAAsB,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,EAAE,IAAI,CAAC,EACvE,EAAE,KAAK,EAAE,MAAM,EAAE,CAClB,CAAC;QACJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,IAAI,KAAK,CAAC,0CAA2C,GAAa,CAAC,OAAO,EAAE,CAAC,CAAC;QACtF,CAAC;IACH,CAAC;IAED,SAAS;QACP,IAAI,CAAC;YACH,YAAY,CAAC,UAAU,EAAE,CAAC,yBAAyB,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,CAAC,EAAE;gBAClF,KAAK,EAAE,MAAM;aACd,CAAC,CAAC;QACL,CAAC;QAAC,MAAM,CAAC;YACP,qCAAqC;QACvC,CAAC;IACH,CAAC;CACF"}
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Linux Secret Service backend via `secret-tool` (libsecret).
|
|
3
|
+
*
|
|
4
|
+
* Works with GNOME Keyring, KDE Wallet, KeePassXC, or any implementation
|
|
5
|
+
* of the freedesktop.org Secret Service D-Bus API.
|
|
6
|
+
*
|
|
7
|
+
* The key is stored with attributes:
|
|
8
|
+
* application=aegis type=master-key
|
|
9
|
+
*/
|
|
10
|
+
import type { KeyStorage, KeyStorageBackend } from './key-storage.js';
|
|
11
|
+
export declare class LinuxSecretServiceStorage implements KeyStorage {
|
|
12
|
+
readonly name = "Linux Secret Service";
|
|
13
|
+
readonly backend: KeyStorageBackend;
|
|
14
|
+
isAvailable(): boolean;
|
|
15
|
+
getKey(): string | undefined;
|
|
16
|
+
setKey(key: string): void;
|
|
17
|
+
deleteKey(): void;
|
|
18
|
+
}
|
|
19
|
+
//# sourceMappingURL=secret-service-linux.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"secret-service-linux.d.ts","sourceRoot":"","sources":["../../src/key-storage/secret-service-linux.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAGH,OAAO,KAAK,EAAE,UAAU,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAMtE,qBAAa,yBAA0B,YAAW,UAAU;IAC1D,QAAQ,CAAC,IAAI,0BAA0B;IACvC,QAAQ,CAAC,OAAO,EAAE,iBAAiB,CAA0B;IAE7D,WAAW,IAAI,OAAO;IAItB,MAAM,IAAI,MAAM,GAAG,SAAS;IAc5B,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI;IAYzB,SAAS,IAAI,IAAI;CAOlB"}
|
|
@@ -0,0 +1,55 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Linux Secret Service backend via `secret-tool` (libsecret).
|
|
3
|
+
*
|
|
4
|
+
* Works with GNOME Keyring, KDE Wallet, KeePassXC, or any implementation
|
|
5
|
+
* of the freedesktop.org Secret Service D-Bus API.
|
|
6
|
+
*
|
|
7
|
+
* The key is stored with attributes:
|
|
8
|
+
* application=aegis type=master-key
|
|
9
|
+
*/
|
|
10
|
+
import { execFileSync } from 'node:child_process';
|
|
11
|
+
import { commandExists } from './key-storage.js';
|
|
12
|
+
const ATTRS = ['application', 'aegis', 'type', 'master-key'];
|
|
13
|
+
const LABEL = 'Aegis Master Key';
|
|
14
|
+
export class LinuxSecretServiceStorage {
|
|
15
|
+
name = 'Linux Secret Service';
|
|
16
|
+
backend = 'linux-secret-service';
|
|
17
|
+
isAvailable() {
|
|
18
|
+
return process.platform === 'linux' && commandExists('secret-tool');
|
|
19
|
+
}
|
|
20
|
+
getKey() {
|
|
21
|
+
try {
|
|
22
|
+
const result = execFileSync('secret-tool', ['lookup', ...ATTRS], {
|
|
23
|
+
stdio: ['pipe', 'pipe', 'pipe'],
|
|
24
|
+
encoding: 'utf-8',
|
|
25
|
+
});
|
|
26
|
+
const key = result.trim();
|
|
27
|
+
return key || undefined;
|
|
28
|
+
}
|
|
29
|
+
catch {
|
|
30
|
+
// Secret not found or D-Bus not available
|
|
31
|
+
return undefined;
|
|
32
|
+
}
|
|
33
|
+
}
|
|
34
|
+
setKey(key) {
|
|
35
|
+
try {
|
|
36
|
+
// secret-tool reads the password from stdin
|
|
37
|
+
execFileSync('secret-tool', ['store', '--label', LABEL, ...ATTRS], {
|
|
38
|
+
input: key,
|
|
39
|
+
stdio: ['pipe', 'pipe', 'pipe'],
|
|
40
|
+
});
|
|
41
|
+
}
|
|
42
|
+
catch (err) {
|
|
43
|
+
throw new Error(`Failed to store key in Secret Service: ${err.message}`);
|
|
44
|
+
}
|
|
45
|
+
}
|
|
46
|
+
deleteKey() {
|
|
47
|
+
try {
|
|
48
|
+
execFileSync('secret-tool', ['clear', ...ATTRS], { stdio: 'pipe' });
|
|
49
|
+
}
|
|
50
|
+
catch {
|
|
51
|
+
// Secret not found — nothing to delete
|
|
52
|
+
}
|
|
53
|
+
}
|
|
54
|
+
}
|
|
55
|
+
//# sourceMappingURL=secret-service-linux.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"secret-service-linux.js","sourceRoot":"","sources":["../../src/key-storage/secret-service-linux.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAElD,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AAEjD,MAAM,KAAK,GAAG,CAAC,aAAa,EAAE,OAAO,EAAE,MAAM,EAAE,YAAY,CAAC,CAAC;AAC7D,MAAM,KAAK,GAAG,kBAAkB,CAAC;AAEjC,MAAM,OAAO,yBAAyB;IAC3B,IAAI,GAAG,sBAAsB,CAAC;IAC9B,OAAO,GAAsB,sBAAsB,CAAC;IAE7D,WAAW;QACT,OAAO,OAAO,CAAC,QAAQ,KAAK,OAAO,IAAI,aAAa,CAAC,aAAa,CAAC,CAAC;IACtE,CAAC;IAED,MAAM;QACJ,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,YAAY,CAAC,aAAa,EAAE,CAAC,QAAQ,EAAE,GAAG,KAAK,CAAC,EAAE;gBAC/D,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC;gBAC/B,QAAQ,EAAE,OAAO;aAClB,CAAC,CAAC;YACH,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,EAAE,CAAC;YAC1B,OAAO,GAAG,IAAI,SAAS,CAAC;QAC1B,CAAC;QAAC,MAAM,CAAC;YACP,0CAA0C;YAC1C,OAAO,SAAS,CAAC;QACnB,CAAC;IACH,CAAC;IAED,MAAM,CAAC,GAAW;QAChB,IAAI,CAAC;YACH,4CAA4C;YAC5C,YAAY,CAAC,aAAa,EAAE,CAAC,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,GAAG,KAAK,CAAC,EAAE;gBACjE,KAAK,EAAE,GAAG;gBACV,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC;aAChC,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,IAAI,KAAK,CAAC,0CAA2C,GAAa,CAAC,OAAO,EAAE,CAAC,CAAC;QACtF,CAAC;IACH,CAAC;IAED,SAAS;QACP,IAAI,CAAC;YACH,YAAY,CAAC,aAAa,EAAE,CAAC,OAAO,EAAE,GAAG,KAAK,CAAC,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;QACtE,CAAC;QAAC,MAAM,CAAC;YACP,uCAAuC;QACzC,CAAC;IACH,CAAC;CACF"}
|
package/dist/ledger/ledger.d.ts
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ledger.d.ts","sourceRoot":"","sources":["../../src/ledger/ledger.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,QAAQ,MAAM,
|
|
1
|
+
{"version":3,"file":"ledger.d.ts","sourceRoot":"","sources":["../../src/ledger/ledger.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,QAAQ,MAAM,iCAAiC,CAAC;AAE5D,MAAM,MAAM,YAAY,GAAG,MAAM,GAAG,KAAK,CAAC;AAE1C,MAAM,WAAW,UAAU;IACzB,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,cAAc,EAAE,MAAM,GAAG,IAAI,CAAC;IAC9B,OAAO,EAAE,MAAM,CAAC;IAChB,YAAY,EAAE,MAAM,CAAC;IACrB,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,SAAS,GAAG,SAAS,GAAG,QAAQ,CAAC;IACzC,aAAa,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,gBAAgB,EAAE,MAAM,GAAG,IAAI,CAAC;IAChC,OAAO,EAAE,YAAY,CAAC;CACvB;AAED,MAAM,WAAW,WAAW;IAC1B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,MAAM,CAAC,EAAE,SAAS,GAAG,SAAS,GAAG,QAAQ,CAAC;IAC1C,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,qBAAa,MAAM;IACL,OAAO,CAAC,EAAE;gBAAF,EAAE,EAAE,QAAQ,CAAC,QAAQ;IAEzC;;OAEG;IACH,UAAU,CAAC,MAAM,EAAE;QACjB,YAAY,EAAE,MAAM,CAAC;QACrB,cAAc,EAAE,MAAM,CAAC;QACvB,OAAO,EAAE,MAAM,CAAC;QAChB,YAAY,EAAE,MAAM,CAAC;QACrB,MAAM,EAAE,MAAM,CAAC;QACf,IAAI,EAAE,MAAM,CAAC;QACb,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,gBAAgB,CAAC,EAAE,MAAM,CAAC;QAC1B,OAAO,CAAC,EAAE,YAAY,CAAC;KACxB,GAAG,IAAI;IAoBR;;OAEG;IACH,UAAU,CAAC,MAAM,EAAE;QACjB,OAAO,EAAE,MAAM,CAAC;QAChB,YAAY,EAAE,MAAM,CAAC;QACrB,MAAM,EAAE,MAAM,CAAC;QACf,IAAI,EAAE,MAAM,CAAC;QACb,MAAM,EAAE,MAAM,CAAC;QACf,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,gBAAgB,CAAC,EAAE,MAAM,CAAC;QAC1B,OAAO,CAAC,EAAE,YAAY,CAAC;KACxB,GAAG,IAAI;IAkBR;;OAEG;IACH,SAAS,CAAC,MAAM,EAAE;QAChB,OAAO,EAAE,MAAM,CAAC;QAChB,YAAY,EAAE,MAAM,CAAC;QACrB,MAAM,EAAE,MAAM,CAAC;QACf,IAAI,EAAE,MAAM,CAAC;QACb,MAAM,EAAE,MAAM,CAAC;QACf,OAAO,CAAC,EAAE,YAAY,CAAC;KACxB,GAAG,IAAI;IAgBR;;OAEG;IACH,KAAK,CAAC,MAAM,GAAE,WAAgB,GAAG,UAAU,EAAE;IAiE7C;;OAEG;IACH,KAAK,CACH,KAAK,CAAC,EAAE,MAAM,EACd,SAAS,CAAC,EAAE,MAAM,GACjB;QACD,KAAK,EAAE,MAAM,CAAC;QACd,OAAO,EAAE,MAAM,CAAC;QAChB,OAAO,EAAE,MAAM,CAAC;QAChB,MAAM,EAAE,MAAM,CAAC;QACf,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;KACnC;IA4CD;;OAEG;IACH,SAAS,CAAC,MAAM,GAAE,WAAgB,GAAG,MAAM;IAW3C;;OAEG;IACH,UAAU,CAAC,MAAM,GAAE,WAAgB,GAAG,MAAM;IAK5C;;;;OAIG;IACH,eAAe,CAAC,MAAM,GAAE,WAAgB,GAAG,MAAM;CAIlD"}
|
|
@@ -23,7 +23,7 @@ export interface MetricsOptions {
|
|
|
23
23
|
/** Default labels applied to every metric (e.g. `{ instance: 'prod-1' }`). */
|
|
24
24
|
defaultLabels?: Record<string, string>;
|
|
25
25
|
}
|
|
26
|
-
export type BlockReason = 'no_credential' | 'credential_expired' | 'credential_scope' | 'agent_auth_missing' | 'agent_auth_invalid' | 'agent_scope' | 'policy_violation' | 'policy_rate_limit' | 'agent_rate_limit' | 'credential_rate_limit' | 'domain_guard' | 'body_inspection';
|
|
26
|
+
export type BlockReason = 'no_credential' | 'credential_expired' | 'credential_scope' | 'agent_auth_missing' | 'agent_auth_invalid' | 'agent_scope' | 'policy_violation' | 'policy_rate_limit' | 'agent_rate_limit' | 'credential_rate_limit' | 'domain_guard' | 'body_inspection' | 'body_too_large' | 'agent_connection_limit';
|
|
27
27
|
/**
|
|
28
28
|
* Central metrics collector for Aegis.
|
|
29
29
|
*
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"metrics.d.ts","sourceRoot":"","sources":["../../src/metrics/metrics.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,EAAE,OAAO,EAAE,KAAK,EAA8B,SAAS,EAAE,KAAK,QAAQ,EAAE,MAAM,aAAa,CAAC;AACnG,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,mBAAmB,CAAC;AAI/C,MAAM,WAAW,cAAc;IAC7B,uEAAuE;IACvE,QAAQ,CAAC,EAAE,QAAQ,CAAC;IACpB,+DAA+D;IAC/D,KAAK,CAAC,EAAE,KAAK,CAAC;IACd,8EAA8E;IAC9E,aAAa,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CACxC;AAED,MAAM,MAAM,WAAW,GACnB,eAAe,GACf,oBAAoB,GACpB,kBAAkB,GAClB,oBAAoB,GACpB,oBAAoB,GACpB,aAAa,GACb,kBAAkB,GAClB,mBAAmB,GACnB,kBAAkB,GAClB,uBAAuB,GACvB,cAAc,GACd,iBAAiB,CAAC;
|
|
1
|
+
{"version":3,"file":"metrics.d.ts","sourceRoot":"","sources":["../../src/metrics/metrics.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,EAAE,OAAO,EAAE,KAAK,EAA8B,SAAS,EAAE,KAAK,QAAQ,EAAE,MAAM,aAAa,CAAC;AACnG,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,mBAAmB,CAAC;AAI/C,MAAM,WAAW,cAAc;IAC7B,uEAAuE;IACvE,QAAQ,CAAC,EAAE,QAAQ,CAAC;IACpB,+DAA+D;IAC/D,KAAK,CAAC,EAAE,KAAK,CAAC;IACd,8EAA8E;IAC9E,aAAa,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CACxC;AAED,MAAM,MAAM,WAAW,GACnB,eAAe,GACf,oBAAoB,GACpB,kBAAkB,GAClB,oBAAoB,GACpB,oBAAoB,GACpB,aAAa,GACb,kBAAkB,GAClB,mBAAmB,GACnB,kBAAkB,GAClB,uBAAuB,GACvB,cAAc,GACd,iBAAiB,GACjB,gBAAgB,GAChB,wBAAwB,CAAC;AAI7B;;;;;;;;;;;;;;;GAeG;AACH,qBAAa,YAAY;IACvB,QAAQ,CAAC,QAAQ,EAAE,QAAQ,CAAC;IAC5B,OAAO,CAAC,KAAK,CAAC,CAAQ;IAGtB,8DAA8D;IAC9D,QAAQ,CAAC,aAAa,EAAE,OAAO,CAAC;IAChC,uDAAuD;IACvD,QAAQ,CAAC,oBAAoB,EAAE,OAAO,CAAC;IAGvC,0EAA0E;IAC1E,QAAQ,CAAC,eAAe,EAAE,SAAS,CAAC;IAGpC,sCAAsC;IACtC,QAAQ,CAAC,gBAAgB,EAAE,KAAK,CAAC;gBAErB,OAAO,GAAE,cAAmB;IAoDxC;;OAEG;IACH,aAAa,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI;IASpF;;OAEG;IACH,aAAa,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI;IAQzE;;;;OAIG;IACH,iBAAiB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,IAAI;IAM9C;;;OAGG;IACH,OAAO,CAAC,uBAAuB;IAkC/B;;;OAGG;IACG,gBAAgB,IAAI,OAAO,CAAC,MAAM,CAAC;IAIzC;;OAEG;IACH,cAAc,IAAI,MAAM;IAIxB;;OAEG;IACH,KAAK,IAAI,IAAI;CAGd"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"metrics.js","sourceRoot":"","sources":["../../src/metrics/metrics.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,QAAQ,IAAI,cAAc,EAAE,SAAS,EAAiB,MAAM,aAAa,CAAC;
|
|
1
|
+
{"version":3,"file":"metrics.js","sourceRoot":"","sources":["../../src/metrics/metrics.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,QAAQ,IAAI,cAAc,EAAE,SAAS,EAAiB,MAAM,aAAa,CAAC;AA8BnG,oEAAoE;AAEpE;;;;;;;;;;;;;;;GAeG;AACH,MAAM,OAAO,YAAY;IACd,QAAQ,CAAW;IACpB,KAAK,CAAS;IAEtB,gEAAgE;IAChE,8DAA8D;IACrD,aAAa,CAAU;IAChC,uDAAuD;IAC9C,oBAAoB,CAAU;IAEvC,gEAAgE;IAChE,0EAA0E;IACjE,eAAe,CAAY;IAEpC,gEAAgE;IAChE,sCAAsC;IAC7B,gBAAgB,CAAQ;IAEjC,YAAY,UAA0B,EAAE;QACtC,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,cAAc,CAAC;QACnD,IAAI,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC;QAE3B,IAAI,OAAO,CAAC,aAAa,EAAE,CAAC;YAC1B,IAAI,CAAC,QAAQ,CAAC,gBAAgB,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;QACxD,CAAC;QAED,6DAA6D;QAC7D,IAAI,CAAC,aAAa,GAAG,IAAI,OAAO,CAAC;YAC/B,IAAI,EAAE,sBAAsB;YAC5B,IAAI,EAAE,gDAAgD;YACtD,UAAU,EAAE,CAAC,SAAS,EAAE,QAAQ,EAAE,QAAQ,EAAE,OAAO,CAAU;YAC7D,SAAS,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC;SAC3B,CAAC,CAAC;QAEH,IAAI,CAAC,oBAAoB,GAAG,IAAI,OAAO,CAAC;YACtC,IAAI,EAAE,8BAA8B;YACpC,IAAI,EAAE,iCAAiC;YACvC,UAAU,EAAE,CAAC,SAAS,EAAE,QAAQ,EAAE,OAAO,CAAU;YACnD,SAAS,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC;SAC3B,CAAC,CAAC;QAEH,6DAA6D;QAC7D,IAAI,CAAC,eAAe,GAAG,IAAI,SAAS,CAAC;YACnC,IAAI,EAAE,gCAAgC;YACtC,IAAI,EAAE,yCAAyC;YAC/C,UAAU,EAAE,CAAC,SAAS,CAAU;YAChC,8DAA8D;YAC9D,OAAO,EAAE,CAAC,KAAK,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC;YACtE,SAAS,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC;SAC3B,CAAC,CAAC;QAEH,8DAA8D;QAC9D,IAAI,CAAC,gBAAgB,GAAG,IAAI,KAAK,CAAC;YAChC,IAAI,EAAE,yBAAyB;YAC/B,IAAI,EAAE,iCAAiC;YACvC,UAAU,EAAE,CAAC,QAAQ,CAAU;YAC/B,SAAS,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC;YAC1B,4CAA4C;YAC5C,GAAG,CAAC,IAAI,CAAC,KAAK;gBACZ,CAAC,CAAC;oBACE,OAAO,EAAE,GAAG,EAAE;wBACZ,IAAI,CAAC,uBAAuB,EAAE,CAAC;oBACjC,CAAC;iBACF;gBACH,CAAC,CAAC,EAAE,CAAC;SACR,CAAC,CAAC;IACL,CAAC;IAED,kEAAkE;IAElE;;OAEG;IACH,aAAa,CAAC,OAAe,EAAE,MAAc,EAAE,MAAc,EAAE,KAAc;QAC3E,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC;YACrB,OAAO;YACP,MAAM;YACN,MAAM,EAAE,MAAM,CAAC,MAAM,CAAC;YACtB,KAAK,EAAE,KAAK,IAAI,EAAE;SACnB,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,aAAa,CAAC,OAAe,EAAE,MAAmB,EAAE,KAAc;QAChE,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC;YAC5B,OAAO;YACP,MAAM;YACN,KAAK,EAAE,KAAK,IAAI,EAAE;SACnB,CAAC,CAAC;IACL,CAAC;IAED;;;;OAIG;IACH,iBAAiB,CAAC,OAAe;QAC/B,OAAO,IAAI,CAAC,eAAe,CAAC,UAAU,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC;IACtD,CAAC;IAED,iEAAiE;IAEjE;;;OAGG;IACK,uBAAuB;QAC7B,IAAI,CAAC,IAAI,CAAC,KAAK;YAAE,OAAO;QAExB,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;QACtC,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,MAAM,WAAW,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;QAE5C,IAAI,MAAM,GAAG,CAAC,CAAC;QACf,IAAI,OAAO,GAAG,CAAC,CAAC;QAChB,IAAI,YAAY,GAAG,CAAC,CAAC;QAErB,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE,CAAC;YAC/B,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;gBACnB,MAAM,UAAU,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;gBAC5C,IAAI,UAAU,IAAI,GAAG,EAAE,CAAC;oBACtB,OAAO,EAAE,CAAC;gBACZ,CAAC;qBAAM,IAAI,UAAU,CAAC,OAAO,EAAE,GAAG,GAAG,CAAC,OAAO,EAAE,IAAI,WAAW,EAAE,CAAC;oBAC/D,YAAY,EAAE,CAAC;gBACjB,CAAC;qBAAM,CAAC;oBACN,MAAM,EAAE,CAAC;gBACX,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,4BAA4B;gBAC5B,MAAM,EAAE,CAAC;YACX,CAAC;QACH,CAAC;QAED,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,EAAE,MAAM,EAAE,QAAQ,EAAE,EAAE,MAAM,CAAC,CAAC;QACxD,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,EAAE,OAAO,CAAC,CAAC;QAC1D,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,EAAE,MAAM,EAAE,eAAe,EAAE,EAAE,YAAY,CAAC,CAAC;IACvE,CAAC;IAED,iEAAiE;IAEjE;;;OAGG;IACH,KAAK,CAAC,gBAAgB;QACpB,OAAO,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC;IACjC,CAAC;IAED;;OAEG;IACH,cAAc;QACZ,OAAO,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC;IACnC,CAAC;IAED;;OAEG;IACH,KAAK;QACH,IAAI,CAAC,QAAQ,CAAC,YAAY,EAAE,CAAC;IAC/B,CAAC;CACF"}
|
package/dist/user/user.d.ts
CHANGED
package/dist/user/user.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"user.d.ts","sourceRoot":"","sources":["../../src/user/user.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,QAAQ,MAAM,
|
|
1
|
+
{"version":3,"file":"user.d.ts","sourceRoot":"","sources":["../../src/user/user.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,QAAQ,MAAM,iCAAiC,CAAC;AAI5D;;;;;GAKG;AACH,MAAM,MAAM,QAAQ,GAAG,OAAO,GAAG,UAAU,GAAG,QAAQ,CAAC;AAEvD,eAAO,MAAM,WAAW,EAAE,SAAS,QAAQ,EAA6C,CAAC;AAEzF;;;GAGG;AACH,MAAM,MAAM,UAAU,GAClB,YAAY,GACZ,aAAa,GACb,cAAc,GACd,YAAY,GACZ,aAAa,GACb,aAAa,GACb,eAAe,GACf,YAAY,GACZ,aAAa,GACb,cAAc,GACd,cAAc,GACd,eAAe,GACf,WAAW,GACX,YAAY,GACZ,gBAAgB,GAChB,YAAY,CAAC;AAwCjB;;GAEG;AACH,wBAAgB,aAAa,CAAC,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,UAAU,GAAG,OAAO,CAE7E;AAED;;GAEG;AACH,wBAAgB,cAAc,CAAC,IAAI,EAAE,QAAQ,GAAG,WAAW,CAAC,UAAU,CAAC,CAEtE;AAID,MAAM,WAAW,IAAI;IACnB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,QAAQ,CAAC;IACf,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,aAAc,SAAQ,IAAI;IACzC,KAAK,EAAE,MAAM,CAAC;CACf;AAcD;;;;;;;;;;GAUG;AACH,qBAAa,YAAY;IAIrB,OAAO,CAAC,EAAE;IAHZ,OAAO,CAAC,UAAU,CAAS;gBAGjB,EAAE,EAAE,QAAQ,CAAC,QAAQ,EAC7B,UAAU,EAAE,MAAM;IAKpB;;;;OAIG;IACH,GAAG,CAAC,MAAM,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,QAAQ,CAAA;KAAE,GAAG,aAAa;IAsC5D;;OAEG;IACH,IAAI,IAAI,IAAI,EAAE;IAMd;;OAEG;IACH,SAAS,CAAC,IAAI,EAAE,MAAM,GAAG,IAAI,GAAG,IAAI;IAOpC;;;;OAIG;IACH,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,IAAI;IASzC;;OAEG;IACH,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO;IAK7B;;OAEG;IACH,UAAU,CAAC,MAAM,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,QAAQ,CAAA;KAAE,GAAG,IAAI;IAqB1D;;;;;;;OAOG;IACH,eAAe,CAAC,IAAI,EAAE,MAAM,GAAG,aAAa,GAAG,IAAI;IA6BnD;;OAEG;IACH,eAAe,CAAC,IAAI,EAAE,MAAM,EAAE,UAAU,EAAE,UAAU,GAAG,OAAO;IAM9D;;OAEG;IACH,KAAK,IAAI,MAAM;IAOf,OAAO,CAAC,SAAS;CAUlB"}
|
package/dist/vault/crypto.js
CHANGED
|
@@ -18,7 +18,7 @@ export function generateSalt() {
|
|
|
18
18
|
* @param salt Per-deployment salt (use {@link generateSalt} to create one)
|
|
19
19
|
*/
|
|
20
20
|
export function deriveKey(masterKey, salt = DEFAULT_SALT) {
|
|
21
|
-
return crypto.pbkdf2Sync(masterKey, salt,
|
|
21
|
+
return crypto.pbkdf2Sync(masterKey, salt, 210_000, KEY_LENGTH, 'sha512');
|
|
22
22
|
}
|
|
23
23
|
/**
|
|
24
24
|
* Encrypts a plaintext credential using AES-256-GCM.
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import Database from 'better-sqlite3';
|
|
1
|
+
import Database from 'better-sqlite3-multiple-ciphers';
|
|
2
2
|
/**
|
|
3
3
|
* Metadata for a named vault (stored in the registry).
|
|
4
4
|
* Master keys are NEVER stored — the user must provide them.
|
|
@@ -31,7 +31,7 @@ export declare class VaultManager {
|
|
|
31
31
|
* Create a new named vault with its own database and salt.
|
|
32
32
|
* Returns the generated salt (the caller provides the master key).
|
|
33
33
|
*/
|
|
34
|
-
create(name: string): {
|
|
34
|
+
create(name: string, masterKey?: string): {
|
|
35
35
|
salt: string;
|
|
36
36
|
dbPath: string;
|
|
37
37
|
};
|
|
@@ -51,7 +51,7 @@ export declare class VaultManager {
|
|
|
51
51
|
* Open the SQLite database for a named vault.
|
|
52
52
|
* Caller is responsible for closing the returned database.
|
|
53
53
|
*/
|
|
54
|
-
openDb(name: string): Database.Database;
|
|
54
|
+
openDb(name: string, masterKey?: string): Database.Database;
|
|
55
55
|
/**
|
|
56
56
|
* Get the salt for a named vault.
|
|
57
57
|
*/
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"vault-manager.d.ts","sourceRoot":"","sources":["../../src/vault/vault-manager.ts"],"names":[],"mappings":"AAEA,OAAO,QAAQ,MAAM,
|
|
1
|
+
{"version":3,"file":"vault-manager.d.ts","sourceRoot":"","sources":["../../src/vault/vault-manager.ts"],"names":[],"mappings":"AAEA,OAAO,QAAQ,MAAM,iCAAiC,CAAC;AAIvD;;;GAGG;AACH,MAAM,WAAW,SAAS;IACxB,uDAAuD;IACvD,IAAI,EAAE,MAAM,CAAC;IACb,wDAAwD;IACxD,MAAM,EAAE,MAAM,CAAC;IACf,iDAAiD;IACjD,IAAI,EAAE,MAAM,CAAC;IACb,kDAAkD;IAClD,SAAS,EAAE,MAAM,CAAC;CACnB;AAMD;;;;;;;;GAQG;AACH,qBAAa,YAAY;IAIX,OAAO,CAAC,OAAO;IAH3B,OAAO,CAAC,YAAY,CAAS;IAC7B,OAAO,CAAC,SAAS,CAAS;gBAEN,OAAO,EAAE,MAAM;IAKnC;;;OAGG;IACH,MAAM,CAAC,IAAI,EAAE,MAAM,EAAE,SAAS,CAAC,EAAE,MAAM,GAAG;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAE;IAgD1E;;OAEG;IACH,IAAI,IAAI,SAAS,EAAE;IAInB;;OAEG;IACH,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,IAAI;IA2B1B;;OAEG;IACH,YAAY,CAAC,IAAI,EAAE,MAAM,GAAG,SAAS,GAAG,SAAS;IAIjD;;;OAGG;IACH,MAAM,CAAC,IAAI,EAAE,MAAM,EAAE,SAAS,CAAC,EAAE,MAAM,GAAG,QAAQ,CAAC,QAAQ;IA0B3D;;OAEG;IACH,OAAO,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM;IAU7B,OAAO,CAAC,YAAY;IAQpB,OAAO,CAAC,YAAY;CAMrB"}
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import * as fs from 'node:fs';
|
|
2
2
|
import * as path from 'node:path';
|
|
3
|
-
import Database from 'better-sqlite3';
|
|
4
|
-
import { migrate } from '../db.js';
|
|
3
|
+
import Database from 'better-sqlite3-multiple-ciphers';
|
|
4
|
+
import { deriveDbKey, migrate } from '../db.js';
|
|
5
5
|
import { generateSalt } from './crypto.js';
|
|
6
6
|
/**
|
|
7
7
|
* Manages multiple named vaults, each with its own SQLite database
|
|
@@ -25,7 +25,7 @@ export class VaultManager {
|
|
|
25
25
|
* Create a new named vault with its own database and salt.
|
|
26
26
|
* Returns the generated salt (the caller provides the master key).
|
|
27
27
|
*/
|
|
28
|
-
create(name) {
|
|
28
|
+
create(name, masterKey) {
|
|
29
29
|
if (!name) {
|
|
30
30
|
throw new Error('Vault name is required.');
|
|
31
31
|
}
|
|
@@ -45,6 +45,11 @@ export class VaultManager {
|
|
|
45
45
|
const salt = generateSalt();
|
|
46
46
|
// Create and initialize the database with the full schema
|
|
47
47
|
const db = new Database(absoluteDbPath);
|
|
48
|
+
// Encrypt the new vault database from creation
|
|
49
|
+
if (masterKey) {
|
|
50
|
+
const dbKey = deriveDbKey(masterKey, salt);
|
|
51
|
+
db.pragma(`key="x'${dbKey.toString('hex')}'"`);
|
|
52
|
+
}
|
|
48
53
|
db.pragma('journal_mode = WAL');
|
|
49
54
|
migrate(db);
|
|
50
55
|
db.close();
|
|
@@ -100,7 +105,7 @@ export class VaultManager {
|
|
|
100
105
|
* Open the SQLite database for a named vault.
|
|
101
106
|
* Caller is responsible for closing the returned database.
|
|
102
107
|
*/
|
|
103
|
-
openDb(name) {
|
|
108
|
+
openDb(name, masterKey) {
|
|
104
109
|
const info = this.getVaultInfo(name);
|
|
105
110
|
if (!info) {
|
|
106
111
|
throw new Error(`Vault "${name}" not found. Create it with: aegis vault create --name ${name}`);
|
|
@@ -110,6 +115,11 @@ export class VaultManager {
|
|
|
110
115
|
throw new Error(`Vault database file not found: ${absoluteDbPath}`);
|
|
111
116
|
}
|
|
112
117
|
const db = new Database(absoluteDbPath);
|
|
118
|
+
// Decrypt the vault database when a master key is available
|
|
119
|
+
if (masterKey) {
|
|
120
|
+
const dbKey = deriveDbKey(masterKey, info.salt);
|
|
121
|
+
db.pragma(`key="x'${dbKey.toString('hex')}'"`);
|
|
122
|
+
}
|
|
113
123
|
db.pragma('journal_mode = WAL');
|
|
114
124
|
migrate(db);
|
|
115
125
|
return db;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"vault-manager.js","sourceRoot":"","sources":["../../src/vault/vault-manager.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,QAAQ,MAAM,
|
|
1
|
+
{"version":3,"file":"vault-manager.js","sourceRoot":"","sources":["../../src/vault/vault-manager.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,QAAQ,MAAM,iCAAiC,CAAC;AACvD,OAAO,EAAE,WAAW,EAAE,OAAO,EAAE,MAAM,UAAU,CAAC;AAChD,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAqB3C;;;;;;;;GAQG;AACH,MAAM,OAAO,YAAY;IAIH;IAHZ,YAAY,CAAS;IACrB,SAAS,CAAS;IAE1B,YAAoB,OAAe;QAAf,YAAO,GAAP,OAAO,CAAQ;QACjC,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QACtD,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;IAChD,CAAC;IAED;;;OAGG;IACH,MAAM,CAAC,IAAY,EAAE,SAAkB;QACrC,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;QAC7C,CAAC;QACD,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACnC,MAAM,IAAI,KAAK,CAAC,0EAA0E,CAAC,CAAC;QAC9F,CAAC;QAED,MAAM,QAAQ,GAAG,IAAI,CAAC,YAAY,EAAE,CAAC;QACrC,IAAI,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,IAAI,CAAC,EAAE,CAAC;YACjD,MAAM,IAAI,KAAK,CAAC,UAAU,IAAI,mBAAmB,CAAC,CAAC;QACrD,CAAC;QAED,iCAAiC;QACjC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC;YACnC,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QACpD,CAAC;QAED,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,GAAG,IAAI,KAAK,CAAC,CAAC;QACjD,MAAM,cAAc,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QACvD,MAAM,IAAI,GAAG,YAAY,EAAE,CAAC;QAE5B,0DAA0D;QAC1D,MAAM,EAAE,GAAG,IAAI,QAAQ,CAAC,cAAc,CAAC,CAAC;QAExC,+CAA+C;QAC/C,IAAI,SAAS,EAAE,CAAC;YACd,MAAM,KAAK,GAAG,WAAW,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;YAC3C,EAAE,CAAC,MAAM,CAAC,UAAU,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QACjD,CAAC;QAED,EAAE,CAAC,MAAM,CAAC,oBAAoB,CAAC,CAAC;QAChC,OAAO,CAAC,EAAE,CAAC,CAAC;QACZ,EAAE,CAAC,KAAK,EAAE,CAAC;QAEX,qBAAqB;QACrB,MAAM,IAAI,GAAc;YACtB,IAAI;YACJ,MAAM;YACN,IAAI;YACJ,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACpC,CAAC;QACF,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC3B,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC;QAE5B,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;IAC1B,CAAC;IAED;;OAEG;IACH,IAAI;QACF,OAAO,IAAI,CAAC,YAAY,EAAE,CAAC,MAAM,CAAC;IACpC,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,IAAY;QACjB,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;QAC7C,CAAC;QAED,MAAM,QAAQ,GAAG,IAAI,CAAC,YAAY,EAAE,CAAC;QACrC,MAAM,KAAK,GAAG,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,IAAI,CAAC,CAAC;QAChE,IAAI,KAAK,KAAK,CAAC,CAAC,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,UAAU,IAAI,cAAc,CAAC,CAAC;QAChD,CAAC;QAED,MAAM,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACzC,MAAM,cAAc,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,SAAS,CAAC,MAAM,CAAC,CAAC;QAEjE,yCAAyC;QACzC,KAAK,MAAM,MAAM,IAAI,CAAC,EAAE,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,CAAC;YAC1C,MAAM,QAAQ,GAAG,GAAG,cAAc,GAAG,MAAM,EAAE,CAAC;YAC9C,IAAI,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC5B,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;YAC1B,CAAC;QACH,CAAC;QAED,uBAAuB;QACvB,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QACjC,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC;IAC9B,CAAC;IAED;;OAEG;IACH,YAAY,CAAC,IAAY;QACvB,OAAO,IAAI,CAAC,YAAY,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,IAAI,CAAC,CAAC;IACjE,CAAC;IAED;;;OAGG;IACH,MAAM,CAAC,IAAY,EAAE,SAAkB;QACrC,MAAM,IAAI,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC;QACrC,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,KAAK,CACb,UAAU,IAAI,0DAA0D,IAAI,EAAE,CAC/E,CAAC;QACJ,CAAC;QAED,MAAM,cAAc,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;QAC5D,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,cAAc,CAAC,EAAE,CAAC;YACnC,MAAM,IAAI,KAAK,CAAC,kCAAkC,cAAc,EAAE,CAAC,CAAC;QACtE,CAAC;QAED,MAAM,EAAE,GAAG,IAAI,QAAQ,CAAC,cAAc,CAAC,CAAC;QAExC,4DAA4D;QAC5D,IAAI,SAAS,EAAE,CAAC;YACd,MAAM,KAAK,GAAG,WAAW,CAAC,SAAS,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;YAChD,EAAE,CAAC,MAAM,CAAC,UAAU,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QACjD,CAAC;QAED,EAAE,CAAC,MAAM,CAAC,oBAAoB,CAAC,CAAC;QAChC,OAAO,CAAC,EAAE,CAAC,CAAC;QACZ,OAAO,EAAE,CAAC;IACZ,CAAC;IAED;;OAEG;IACH,OAAO,CAAC,IAAY;QAClB,MAAM,IAAI,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC;QACrC,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,KAAK,CACb,UAAU,IAAI,0DAA0D,IAAI,EAAE,CAC/E,CAAC;QACJ,CAAC;QACD,OAAO,IAAI,CAAC,IAAI,CAAC;IACnB,CAAC;IAEO,YAAY;QAClB,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC;YACtC,OAAO,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC;QACxB,CAAC;QACD,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;QAC5D,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAkB,CAAC;IAC9C,CAAC;IAEO,YAAY,CAAC,QAAuB;QAC1C,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YACjC,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAClD,CAAC;QACD,EAAE,CAAC,aAAa,CAAC,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC;IAClF,CAAC;CACF"}
|
package/dist/vault/vault.d.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import type Database from 'better-sqlite3';
|
|
1
|
+
import type Database from 'better-sqlite3-multiple-ciphers';
|
|
2
2
|
import type { BodyInspectionMode } from '../gate/body-inspector.js';
|
|
3
3
|
export type AuthType = 'bearer' | 'header' | 'query' | 'basic';
|
|
4
4
|
export interface Credential {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"vault.d.ts","sourceRoot":"","sources":["../../src/vault/vault.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,QAAQ,MAAM,
|
|
1
|
+
{"version":3,"file":"vault.d.ts","sourceRoot":"","sources":["../../src/vault/vault.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,QAAQ,MAAM,iCAAiC,CAAC;AAC5D,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,2BAA2B,CAAC;AAIpE,MAAM,MAAM,QAAQ,GAAG,QAAQ,GAAG,QAAQ,GAAG,OAAO,GAAG,OAAO,CAAC;AAE/D,MAAM,WAAW,UAAU;IACzB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,QAAQ,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,cAAc,EAAE,kBAAkB,CAAC;IACnC,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,oBAAqB,SAAQ,UAAU;IACtD,MAAM,EAAE,MAAM,CAAC;CAChB;AAoBD,qBAAa,KAAK;IAKd,OAAO,CAAC,EAAE;IAJZ,gEAAgE;IAChE,OAAO,CAAC,UAAU,CAAS;gBAGjB,EAAE,EAAE,QAAQ,CAAC,QAAQ,EAC7B,SAAS,EAAE,MAAM,EACjB,IAAI,GAAE,MAAM,GAAG,MAAyB;IAW1C;;;;OAIG;IACH,OAAO,CAAC,SAAS;IAkBjB;;OAEG;IACH,8CAA8C;IAC9C,MAAM,CAAC,QAAQ,CAAC,gBAAgB,SAAc;IAE9C,sDAAsD;IACtD,MAAM,CAAC,QAAQ,CAAC,eAAe,OAAO;IAEtC,GAAG,CAAC,MAAM,EAAE;QACV,IAAI,EAAE,MAAM,CAAC;QACb,OAAO,EAAE,MAAM,CAAC;QAChB,MAAM,EAAE,MAAM,CAAC;QACf,QAAQ,CAAC,EAAE,QAAQ,CAAC;QACpB,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,OAAO,EAAE,MAAM,EAAE,CAAC;QAClB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;QAClB,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,cAAc,CAAC,EAAE,kBAAkB,CAAC;KACrC,GAAG,UAAU;IAgEd;;;OAGG;IACH,MAAM,CAAC,MAAM,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,MAAM,CAAC;QAAC,gBAAgB,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,UAAU;IAoD1F;;;OAGG;IACH,MAAM,CAAC,MAAM,EAAE;QACb,IAAI,EAAE,MAAM,CAAC;QACb,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;QACnB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;QAClB,QAAQ,CAAC,EAAE,QAAQ,CAAC;QACpB,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;QAC1B,cAAc,CAAC,EAAE,kBAAkB,CAAC;KACrC,GAAG,UAAU;IA2Cd;;OAEG;IACH,SAAS,CAAC,UAAU,EAAE,UAAU,GAAG,OAAO;IAK1C;;OAEG;IACH,IAAI,IAAI,UAAU,EAAE;IAQpB;;OAEG;IACH,SAAS,CAAC,IAAI,EAAE,MAAM,GAAG,oBAAoB,GAAG,IAAI;IAmBpD;;OAEG;IACH,YAAY,CAAC,OAAO,EAAE,MAAM,GAAG,oBAAoB,GAAG,IAAI;IAmB1D;;OAEG;IACH,YAAY,CAAC,QAAQ,EAAE,MAAM,GAAG,oBAAoB,GAAG,IAAI;IAqB3D;;OAEG;IACH,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO;IAK7B;;;OAGG;IACH,aAAa,CAAC,QAAQ,EAAE,MAAM,EAAE,cAAc,EAAE,MAAM,EAAE,GAAG,OAAO;IAiBlE,OAAO,CAAC,eAAe;CAgBxB"}
|
|
@@ -7,7 +7,7 @@
|
|
|
7
7
|
* Delivery is best-effort: retries up to 3 times with exponential backoff.
|
|
8
8
|
* Failed deliveries are logged but never block the request pipeline.
|
|
9
9
|
*/
|
|
10
|
-
import type Database from 'better-sqlite3';
|
|
10
|
+
import type Database from 'better-sqlite3-multiple-ciphers';
|
|
11
11
|
import type { Vault } from '../vault/index.js';
|
|
12
12
|
/**
|
|
13
13
|
* Event types that can trigger webhook notifications.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"webhook.d.ts","sourceRoot":"","sources":["../../src/webhook/webhook.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAKH,OAAO,KAAK,QAAQ,MAAM,
|
|
1
|
+
{"version":3,"file":"webhook.d.ts","sourceRoot":"","sources":["../../src/webhook/webhook.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAKH,OAAO,KAAK,QAAQ,MAAM,iCAAiC,CAAC;AAG5D,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,mBAAmB,CAAC;AAI/C;;GAEG;AACH,MAAM,MAAM,gBAAgB,GACxB,iBAAiB,GACjB,mBAAmB,GACnB,qBAAqB,GACrB,oBAAoB,GACpB,iBAAiB,CAAC;AAEtB,eAAO,MAAM,mBAAmB,EAAE,SAAS,gBAAgB,EAMjD,CAAC;AAEX;;GAEG;AACH,MAAM,WAAW,OAAO;IACtB,EAAE,EAAE,MAAM,CAAC;IACX,GAAG,EAAE,MAAM,CAAC;IACZ,MAAM,EAAE,gBAAgB,EAAE,CAAC;IAC3B,oCAAoC;IACpC,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,wDAAwD;IACxD,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,sBAAsB;IACtB,EAAE,EAAE,MAAM,CAAC;IACX,iBAAiB;IACjB,KAAK,EAAE,gBAAgB,CAAC;IACxB,yBAAyB;IACzB,SAAS,EAAE,MAAM,CAAC;IAClB,6BAA6B;IAC7B,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CAClC;AAWD,MAAM,WAAW,qBAAqB;IACpC,EAAE,EAAE,QAAQ,CAAC,QAAQ,CAAC;IACtB,QAAQ,CAAC,EAAE,OAAO,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC;IAC/C,wDAAwD;IACxD,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,+DAA+D;IAC/D,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,6CAA6C;IAC7C,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,kCAAkC;IAClC,cAAc,CAAC,EAAE,CACf,GAAG,EAAE,MAAM,EACX,OAAO,EAAE,MAAM,EACf,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,KAC5B,OAAO,CAAC,MAAM,CAAC,CAAC;CACtB;AAID,qBAAa,cAAc;IACzB,OAAO,CAAC,EAAE,CAAoB;IAC9B,OAAO,CAAC,MAAM,CAAc;IAC5B,OAAO,CAAC,UAAU,CAAS;IAC3B,OAAO,CAAC,WAAW,CAAS;IAC5B,OAAO,CAAC,SAAS,CAAS;IAC1B,OAAO,CAAC,aAAa,CAAC,CAID;gBAET,OAAO,EAAE,qBAAqB;IAc1C;;OAEG;IACH,GAAG,CAAC,MAAM,EAAE;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,gBAAgB,EAAE,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO;IA0CjF;;OAEG;IACH,IAAI,IAAI,OAAO,EAAE;IAQjB;;OAEG;IACH,OAAO,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,GAAG,IAAI;IAQnC;;OAEG;IACH,MAAM,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO;IAW3B;;;OAGG;IACH,IAAI,CAAC,KAAK,EAAE,gBAAgB,EAAE,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI;IA8BrE;;OAEG;YACW,OAAO;IAiDrB;;OAEG;IACH,OAAO,CAAC,IAAI;IAuCZ;;;;OAIG;IACH,OAAO,CAAC,IAAI;IAMZ;;OAEG;IACH,OAAO,CAAC,KAAK;IAIb,OAAO,CAAC,YAAY;IAapB;;;;OAIG;IACH,wBAAwB,CAAC,KAAK,EAAE,KAAK,EAAE,aAAa,SAAI,GAAG,MAAM;CAgDlE"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@getaegis/cli",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.9.1",
|
|
4
4
|
"mcpName": "io.github.getaegis/aegis",
|
|
5
5
|
"description": "Credential isolation for AI agents. Store, guard, and record — your agent never sees your API keys.",
|
|
6
6
|
"type": "module",
|
|
@@ -33,6 +33,8 @@
|
|
|
33
33
|
"format": "biome format --write src/ tests/",
|
|
34
34
|
"typecheck": "tsc --noEmit",
|
|
35
35
|
"verify": "biome check src/ tests/ && tsc --noEmit",
|
|
36
|
+
"bench": "tsx benchmarks/run.ts",
|
|
37
|
+
"bench:memory": "tsx --expose-gc benchmarks/memory-check.ts",
|
|
36
38
|
"prepublishOnly": "yarn build && yarn test",
|
|
37
39
|
"prepare": "husky",
|
|
38
40
|
"release": "release-it"
|
|
@@ -55,7 +57,7 @@
|
|
|
55
57
|
"dependencies": {
|
|
56
58
|
"@modelcontextprotocol/sdk": "^1.27.1",
|
|
57
59
|
"@types/ws": "^8.18.1",
|
|
58
|
-
"better-sqlite3": "^
|
|
60
|
+
"better-sqlite3-multiple-ciphers": "^12.6.2",
|
|
59
61
|
"chalk": "^5.4.1",
|
|
60
62
|
"commander": "^13.1.0",
|
|
61
63
|
"pino": "^10.3.1",
|
|
@@ -68,9 +70,9 @@
|
|
|
68
70
|
"devDependencies": {
|
|
69
71
|
"@biomejs/biome": "^2.4.4",
|
|
70
72
|
"@release-it/conventional-changelog": "^10.0.5",
|
|
71
|
-
"@types/
|
|
73
|
+
"@types/autocannon": "^7.12.7",
|
|
72
74
|
"@types/node": "^22.13.0",
|
|
73
|
-
"
|
|
75
|
+
"autocannon": "^8.0.0",
|
|
74
76
|
"husky": "^9.1.7",
|
|
75
77
|
"lint-staged": "^16.2.7",
|
|
76
78
|
"pino-pretty": "^13.1.3",
|
|
@@ -82,5 +84,11 @@
|
|
|
82
84
|
"engines": {
|
|
83
85
|
"node": ">=20.0.0"
|
|
84
86
|
},
|
|
87
|
+
"resolutions": {
|
|
88
|
+
"tar": ">=7.5.11",
|
|
89
|
+
"rollup": ">=4.59.0",
|
|
90
|
+
"hono": ">=4.12.7",
|
|
91
|
+
"minimatch": ">=10.2.3"
|
|
92
|
+
},
|
|
85
93
|
"packageManager": "yarn@4.12.0+sha512.f45ab632439a67f8bc759bf32ead036a1f413287b9042726b7cc4818b7b49e14e9423ba49b18f9e06ea4941c1ad062385b1d8760a8d5091a1a31e5f6219afca8"
|
|
86
94
|
}
|