@http-forge/core 0.2.8 → 0.2.9

package/dist/infrastructure/environment/environment-config-service.d.ts

@@ -43,9 +43,24 @@ export declare class EnvironmentConfigService implements IEnvironmentConfigServi
     getEnvironmentNames(): string[];
     getSelectedEnvironment(): string;
     setSelectedEnvironment(envName: string): Promise<void>;
+    private getEnvOverridesStateKey;
+    /**
+     * Load persisted environment overrides from workspace state into the in-memory map.
+     * Called once at construction time.
+     */
+    private loadPersistedEnvironmentOverrides;
+    /**
+     * Persist current environment overrides to workspace state (fire-and-forget).
+     */
+    private persistEnvironmentOverrides;
     setEnvironmentVariable(key: string, value: unknown): void;
     deleteEnvironmentVariable(key: string): void;
     clearEnvironmentVariables(): void;
+    /**
+     * Reset all runtime environment overrides for the current environment.
+     * Equivalent to Postman's "Reset All" — reverts Current Values to Initial Values.
+     */
+    resetEnvironmentOverrides(envName?: string): Promise<void>;
     getEnvironmentVariableLocal(key: string): string | undefined;
     getEnvironmentVariableLocals(): Record<string, string>;
     setGlobalVariable(key: string, value: unknown): void;
@@ -55,12 +70,17 @@ export declare class EnvironmentConfigService implements IEnvironmentConfigServi
     getGlobalVariableLocals(): Record<string, string>;
     deleteGlobalVariable(key: string): void;
     clearGlobalVariables(): void;
-    private getSessionStateKey;
+    /** @deprecated Use setEnvironmentVariable instead */
     setSessionVariable(key: string, value: unknown): Promise<void>;
+    /** @deprecated Use getEnvironmentVariableLocal instead */
     getSessionVariable(key: string): string | undefined;
+    /** @deprecated Use getEnvironmentVariableLocals instead */
     getSessionVariables(): Record<string, string>;
+    /** @deprecated Use deleteEnvironmentVariable instead */
     deleteSessionVariable(key: string): Promise<void>;
+    /** @deprecated Use clearEnvironmentVariables instead */
     clearSessionVariables(): Promise<void>;
+    /** @deprecated Use getEnvironmentVariableLocal instead */
     hasSessionVariable(key: string): boolean;
     getResolvedEnvironment(envName?: string): ResolvedEnvironment | null;
     resolveVariables(input: string, envName?: string): string;

package/dist/infrastructure/execution/request-preparer.d.ts

@@ -9,12 +9,12 @@
  *
  * Used by both Request Tester (manual) and Collection Runner (batch).
  */
-import { IOAuth2TokenManager } from '../auth/interfaces';
 import { IEnvironmentConfigService, ResolvedEnvironment } from '../../types/environment-config';
-import { IHttpRequestService } from '../http/interfaces';
-import { IRequestPreprocessor } from '../http/request-preprocessor';
 import { IApplicationInfo } from '../../types/platform';
 import { ExecutionRequest, PreparedRequest } from '../../types/types';
+import { IOAuth2TokenManager } from '../auth/interfaces';
+import { IHttpRequestService } from '../http/interfaces';
+import { IRequestPreprocessor } from '../http/request-preprocessor';
 import { IRequestPreparer } from './request-preparer-interfaces';
 /**
  * RequestPreparer implementation

package/dist/infrastructure/script/request-script-session.d.ts

@@ -34,10 +34,8 @@ export declare class RequestScriptSession implements IRequestScriptSession {
     private _variables;
     private _collectionVariables;
     private _globals;
-    private _sessionVariables;
     private _environmentVariables;
     private _liveEnvironmentScope;
-    private _liveSessionScope;
     private _liveGlobalsScope;
     private _liveCollectionScope;
     private _nextRequest;

package/dist/infrastructure/script/script-executor.d.ts

@@ -49,10 +49,6 @@ export declare class ScriptExecutor implements IScriptExecutor {
      * Create environment variable scope with change callbacks
      */
     private createEnvironmentScope;
-    /**
-     * Create session variable scope with change callbacks
-     */
-    private createSessionScope;
     /**
      * Create sendRequest function using httpService
      */

package/dist/infrastructure/script/vm-script-executor.adapter.d.ts

@@ -5,7 +5,7 @@
  * The legacy ScriptExecutor uses `createRequestSession()` pattern;
  * this adapter translates to the simpler `executePreRequest` / `executePostResponse` port API.
  */
-import { IScriptExecutor as IScriptExecutorPort, IScriptSession, IScriptResult } from '../../ports/executors/script-executor.interface';
+import { IScriptExecutor as IScriptExecutorPort, IScriptResult, IScriptSession } from '../../ports/executors/script-executor.interface';
 import { HttpResponse } from '../../types/types';
 import { ScriptExecutor } from './script-executor';
 /**

package/dist/infrastructure/security/sensitive-data-redactor.d.ts

@@ -41,3 +41,77 @@ export declare function redactFullResponse(response: FullResponse): FullResponse
  * Redact sensitive data from a FullResultDetails (suite test result).
  */
 export declare function redactFullResultDetails(result: FullResultDetails): FullResultDetails;
+/** A single warning about a hardcoded sensitive value. */
+export interface SensitiveDataWarning {
+    /** Where the issue was found (e.g. "header", "auth", "body", "query", "url") */
+    location: string;
+    /** The field name that matched (e.g. "Authorization", "password") */
+    field: string;
+    /** Human-readable guidance */
+    message: string;
+}
+/**
+ * Check a request for hardcoded sensitive data that should use environment
+ * variables instead. Returns an array of warnings. An empty array means the
+ * request is safe to save.
+ *
+ * Only values that are NOT `{{variable}}` template references are flagged.
+ */
+export declare function detectSensitiveData(request: {
+    url?: string;
+    headers?: Record<string, string> | Array<{
+        key: string;
+        value: string;
+        enabled?: boolean;
+    }>;
+    query?: Record<string, string> | Array<{
+        key: string;
+        value: string;
+        enabled?: boolean;
+    }>;
+    body?: any;
+    auth?: any;
+}): SensitiveDataWarning[];
+/**
+ * A single sensitive value that can be extracted to a .local.json variable.
+ */
+export interface SensitiveExtraction {
+    /** Where the value was found */
+    location: 'header' | 'query' | 'body' | 'auth' | 'url';
+    /** The field name / key (e.g. "Authorization", "password") */
+    field: string;
+    /** Dot-path for nested body fields (e.g. "credentials.secret") */
+    path?: string;
+    /** The hardcoded value to extract */
+    value: string;
+    /** Suggested variable name for the .local.json file */
+    variableName: string;
+}
+/**
+ * Scan a request and build an extraction plan: a list of all hardcoded sensitive
+ * values with their locations and suggested variable names.
+ *
+ * The caller can use this plan to:
+ * 1. Write the values to a .local.json environment file
+ * 2. Replace each value with {{variableName}} in the request before saving
+ */
+export declare function buildExtractionPlan(request: {
+    url?: string;
+    headers?: Record<string, string> | Array<{
+        key: string;
+        value: string;
+        enabled?: boolean;
+    }>;
+    query?: Record<string, string> | Array<{
+        key: string;
+        value: string;
+        enabled?: boolean;
+    }>;
+    body?: any;
+    auth?: any;
+}): SensitiveExtraction[];
+/**
+ * Apply an extraction plan to a request: replace hardcoded values with {{variableName}}.
+ * Returns a deep copy of the request with all sensitive values replaced.
+ */
+export declare function applyExtractionPlan(request: any, plan: SensitiveExtraction[]): any;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@http-forge/core",
-  "version": "0.2.8",
+  "version": "0.2.9",
   "description": "Headless HTTP testing engine with Postman collection support, dynamic variables, and script-based automation.",
   "main": "./dist/index.js",
   "module": "./dist/index.mjs",