npm - @kitsy/cnos - Versions diffs - 1.2.0 → 1.4.0 - Mend

@kitsy/cnos 1.2.0 → 1.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (65) hide show

package/README.md +3 -3
package/dist/build/index.cjs +1003 -121
package/dist/build/index.d.cts +1 -1
package/dist/build/index.d.ts +1 -1
package/dist/build/index.js +22 -10
package/dist/{chunk-APCTXRUN.js → chunk-APIU4GTB.js} +1012 -195
package/dist/chunk-EQSKV3DP.js +105 -0
package/dist/{chunk-MLQGYCO7.js → chunk-FWJC4Y2D.js} +1 -1
package/dist/{chunk-RD5WMHPM.js → chunk-HMM76UYZ.js} +1 -1
package/dist/{chunk-EIN55XXA.js → chunk-J4K4JUJL.js} +1 -1
package/dist/{chunk-SO5XREEU.js → chunk-JSBVYK2T.js} +32 -11
package/dist/chunk-LJD4SM32.js +189 -0
package/dist/{chunk-SXTMTACL.js → chunk-T6Y57KTT.js} +20 -31
package/dist/chunk-WCHX2QFY.js +115 -0
package/dist/{chunk-ZA74BO47.js → chunk-ZTPSFXWP.js} +1 -1
package/dist/configure/index.cjs +3021 -0
package/dist/configure/index.d.cts +12 -0
package/dist/configure/index.d.ts +12 -0
package/dist/configure/index.js +24 -0
package/dist/{envNaming-CcsqAel3.d.ts → envNaming-Dvm_LP2D.d.ts} +1 -1
package/dist/{envNaming-BTJpH93W.d.cts → envNaming-S4B-dHUx.d.cts} +1 -1
package/dist/index.cjs +1243 -186
package/dist/index.d.cts +2 -13
package/dist/index.d.ts +2 -13
package/dist/index.js +13 -25
package/dist/internal.cjs +1525 -81
package/dist/internal.d.cts +171 -14
package/dist/internal.d.ts +171 -14
package/dist/internal.js +652 -5
package/dist/plugin/basic-schema.cjs +29 -2
package/dist/plugin/basic-schema.d.cts +1 -1
package/dist/plugin/basic-schema.d.ts +1 -1
package/dist/plugin/basic-schema.js +2 -2
package/dist/plugin/cli-args.cjs +29 -2
package/dist/plugin/cli-args.d.cts +1 -1
package/dist/plugin/cli-args.d.ts +1 -1
package/dist/plugin/cli-args.js +2 -2
package/dist/plugin/dotenv.cjs +36 -9
package/dist/plugin/dotenv.d.cts +2 -2
package/dist/plugin/dotenv.d.ts +2 -2
package/dist/plugin/dotenv.js +2 -2
package/dist/plugin/env-export.cjs +31 -2
package/dist/plugin/env-export.d.cts +2 -2
package/dist/plugin/env-export.d.ts +2 -2
package/dist/plugin/env-export.js +2 -2
package/dist/plugin/filesystem.cjs +65 -91
package/dist/plugin/filesystem.d.cts +1 -1
package/dist/plugin/filesystem.d.ts +1 -1
package/dist/plugin/filesystem.js +2 -2
package/dist/plugin/process-env.cjs +105 -11
package/dist/plugin/process-env.d.cts +4 -3
package/dist/plugin/process-env.d.ts +4 -3
package/dist/plugin/process-env.js +6 -4
package/dist/{plugin-DkOIT5uI.d.cts → plugin-B4xwySxw.d.cts} +15 -2
package/dist/{plugin-DkOIT5uI.d.ts → plugin-B4xwySxw.d.ts} +15 -2
package/dist/runtime/index.cjs +1057 -136
package/dist/runtime/index.d.cts +1 -1
package/dist/runtime/index.d.ts +1 -1
package/dist/runtime/index.js +11 -186
package/dist/{toPublicEnv-C9clvXLo.d.ts → toPublicEnv-CvhGAfsB.d.ts} +1 -1
package/dist/{toPublicEnv-DvFeV3qG.d.cts → toPublicEnv-ggmphZFs.d.cts} +1 -1
package/package.json +11 -1
package/dist/chunk-JUHPBAEH.js +0 -20
package/dist/chunk-PQ4KSV76.js +0 -50
package/dist/chunk-WHUGFPE4.js +0 -49

package/dist/plugin/filesystem.js CHANGED Viewed

@@ -5,8 +5,8 @@ import {
   filesystemSecretsReader,
   filesystemValuesReader,
   yamlObjectToEntries
-} from "../chunk-SXTMTACL.js";
-import "../chunk-APCTXRUN.js";
+} from "../chunk-T6Y57KTT.js";
+import "../chunk-APIU4GTB.js";
 export {
   collectFilesystemLayerFiles,
   createFilesystemSecretsPlugin,

package/dist/plugin/process-env.cjs CHANGED Viewed

@@ -31,10 +31,26 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
 var process_env_exports = {};
 __export(process_env_exports, {
   createProcessEnvPlugin: () => createProcessEnvPlugin,
-  processEnvEntriesFromObject: () => processEnvEntriesFromObject
+  processEnvEntriesFromObject: () => processEnvEntriesFromObject,
+  processNamespaceEntriesFromContext: () => processNamespaceEntriesFromContext
 });
 module.exports = __toCommonJS(process_env_exports);
+// ../core/src/keychain/linux.ts
+var import_node_child_process = require("child_process");
+var import_node_util = require("util");
+var execFileAsync = (0, import_node_util.promisify)(import_node_child_process.execFile);
+// ../core/src/keychain/macos.ts
+var import_node_child_process2 = require("child_process");
+var import_node_util2 = require("util");
+var execFileAsync2 = (0, import_node_util2.promisify)(import_node_child_process2.execFile);
+// ../core/src/keychain/windows.ts
+var import_node_child_process3 = require("child_process");
+var import_node_util3 = require("util");
+var execFileAsync3 = (0, import_node_util3.promisify)(import_node_child_process3.execFile);
 // ../core/src/manifest/loadManifest.ts
 var import_promises2 = require("fs/promises");
 var import_node_path2 = __toESM(require("path"), 1);
@@ -59,14 +75,26 @@ var import_node_path4 = __toESM(require("path"), 1);
 var import_promises5 = require("fs/promises");
 var import_node_path5 = __toESM(require("path"), 1);
+// ../core/src/secrets/auditLog.ts
+var import_promises8 = require("fs/promises");
+var import_node_path8 = __toESM(require("path"), 1);
 // ../core/src/utils/secretStore.ts
 var import_node_crypto = require("crypto");
+var import_promises7 = require("fs/promises");
+var import_node_path7 = __toESM(require("path"), 1);
+// ../core/src/secrets/sessionStore.ts
 var import_promises6 = require("fs/promises");
 var import_node_path6 = __toESM(require("path"), 1);
+// ../core/src/secrets/prompt.ts
+var import_node_readline = __toESM(require("readline"), 1);
+var import_node_stream = require("stream");
 // ../core/src/runtime/dump.ts
-var import_promises7 = require("fs/promises");
-var import_node_path7 = __toESM(require("path"), 1);
+var import_promises9 = require("fs/promises");
+var import_node_path9 = __toESM(require("path"), 1);
 // ../core/src/utils/envNaming.ts
 function normalizeMappingConfig(config = {}) {
@@ -75,8 +103,8 @@ function normalizeMappingConfig(config = {}) {
     explicit: config.explicit ?? {}
   };
 }
-function fromScreamingSnake(path8) {
-  return path8.split("_").map((segment) => segment.trim().toLowerCase()).filter(Boolean).join(".");
+function fromScreamingSnake(path10) {
+  return path10.split("_").map((segment) => segment.trim().toLowerCase()).filter(Boolean).join(".");
 }
 function envVarToLogicalKey(envVar, config = {}) {
   const normalized = normalizeMappingConfig(config);
@@ -102,6 +130,11 @@ function envVarToLogicalKey(envVar, config = {}) {
 // ../../plugins/process-env/src/index.ts
 var PROCESS_ENV_PLUGIN_ID = "@kitsy/cnos/plugins/process-env";
+var PROCESS_GRAPH_OMIT = /* @__PURE__ */ new Set([
+  "__CNOS_GRAPH__",
+  "__CNOS_SECRET_PAYLOAD__",
+  "__CNOS_SESSION_KEY__"
+]);
 function processEnvEntriesFromObject(env, mapping = {}, workspaceId = "default") {
   return Object.entries(env).flatMap(([envVar, value]) => {
     if (typeof value !== "string") {
@@ -126,22 +159,83 @@ function processEnvEntriesFromObject(env, mapping = {}, workspaceId = "default")
     ];
   });
 }
+function processNamespaceEntriesFromContext(env, workspaceId = "default") {
+  const envEntries = Object.entries(env).filter((entry) => typeof entry[1] === "string").filter(([envVar]) => !PROCESS_GRAPH_OMIT.has(envVar)).map(([envVar, value]) => ({
+    key: `process.env.${envVar}`,
+    value,
+    namespace: "process",
+    sourceId: "process-runtime",
+    pluginId: PROCESS_ENV_PLUGIN_ID,
+    workspaceId,
+    origin: {
+      envVar
+    }
+  }));
+  const runtimeEntries = [
+    {
+      key: "process.cwd",
+      value: process.cwd(),
+      namespace: "process",
+      sourceId: "process-runtime",
+      pluginId: PROCESS_ENV_PLUGIN_ID,
+      workspaceId
+    },
+    {
+      key: "process.platform",
+      value: process.platform,
+      namespace: "process",
+      sourceId: "process-runtime",
+      pluginId: PROCESS_ENV_PLUGIN_ID,
+      workspaceId
+    },
+    {
+      key: "process.arch",
+      value: process.arch,
+      namespace: "process",
+      sourceId: "process-runtime",
+      pluginId: PROCESS_ENV_PLUGIN_ID,
+      workspaceId
+    },
+    {
+      key: "process.node.version",
+      value: process.version,
+      namespace: "process",
+      sourceId: "process-runtime",
+      pluginId: PROCESS_ENV_PLUGIN_ID,
+      workspaceId
+    },
+    {
+      key: "process.args.raw",
+      value: process.argv.slice(2),
+      namespace: "process",
+      sourceId: "process-runtime",
+      pluginId: PROCESS_ENV_PLUGIN_ID,
+      workspaceId
+    }
+  ];
+  return [...runtimeEntries, ...envEntries];
+}
 function createProcessEnvPlugin() {
   return {
     id: "process-env",
     kind: "loader",
     async load(context) {
       const config = context.manifestConfig;
-      return processEnvEntriesFromObject(
-        context.processEnv ?? process.env,
-        config.envMapping,
-        context.workspace.workspaceId
-      );
+      const env = context.processEnv ?? process.env;
+      return [
+        ...processEnvEntriesFromObject(
+          env,
+          config.envMapping,
+          context.workspace.workspaceId
+        ),
+        ...processNamespaceEntriesFromContext(env, context.workspace.workspaceId)
+      ];
     }
   };
 }
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
   createProcessEnvPlugin,
-  processEnvEntriesFromObject
+  processEnvEntriesFromObject,
+  processNamespaceEntriesFromContext
 });

package/dist/plugin/process-env.d.cts CHANGED Viewed

@@ -1,7 +1,8 @@
-import { L as LoaderPlugin, f as ConfigEntry } from '../plugin-DkOIT5uI.cjs';
-import { E as EnvMappingConfig } from '../envNaming-BTJpH93W.cjs';
+import { L as LoaderPlugin, a as ConfigEntry } from '../plugin-B4xwySxw.cjs';
+import { E as EnvMappingConfig } from '../envNaming-S4B-dHUx.cjs';
 declare function processEnvEntriesFromObject(env: Record<string, string | undefined>, mapping?: EnvMappingConfig, workspaceId?: string): ConfigEntry[];
+declare function processNamespaceEntriesFromContext(env: Record<string, string | undefined>, workspaceId?: string): ConfigEntry[];
 declare function createProcessEnvPlugin(): LoaderPlugin;
-export { createProcessEnvPlugin, processEnvEntriesFromObject };
+export { createProcessEnvPlugin, processEnvEntriesFromObject, processNamespaceEntriesFromContext };

package/dist/plugin/process-env.d.ts CHANGED Viewed

@@ -1,7 +1,8 @@
-import { L as LoaderPlugin, f as ConfigEntry } from '../plugin-DkOIT5uI.js';
-import { E as EnvMappingConfig } from '../envNaming-CcsqAel3.js';
+import { L as LoaderPlugin, a as ConfigEntry } from '../plugin-B4xwySxw.js';
+import { E as EnvMappingConfig } from '../envNaming-Dvm_LP2D.js';
 declare function processEnvEntriesFromObject(env: Record<string, string | undefined>, mapping?: EnvMappingConfig, workspaceId?: string): ConfigEntry[];
+declare function processNamespaceEntriesFromContext(env: Record<string, string | undefined>, workspaceId?: string): ConfigEntry[];
 declare function createProcessEnvPlugin(): LoaderPlugin;
-export { createProcessEnvPlugin, processEnvEntriesFromObject };
+export { createProcessEnvPlugin, processEnvEntriesFromObject, processNamespaceEntriesFromContext };

package/dist/plugin/process-env.js CHANGED Viewed

@@ -1,9 +1,11 @@
 import {
   createProcessEnvPlugin,
-  processEnvEntriesFromObject
-} from "../chunk-WHUGFPE4.js";
-import "../chunk-APCTXRUN.js";
+  processEnvEntriesFromObject,
+  processNamespaceEntriesFromContext
+} from "../chunk-WCHX2QFY.js";
+import "../chunk-APIU4GTB.js";
 export {
   createProcessEnvPlugin,
-  processEnvEntriesFromObject
+  processEnvEntriesFromObject,
+  processNamespaceEntriesFromContext
 };

package/dist/{plugin-DkOIT5uI.d.cts → plugin-B4xwySxw.d.cts} RENAMED Viewed

@@ -47,6 +47,16 @@ type ResolutionArrayPolicy = 'replace' | 'append' | 'unique-append';
 type NamespaceKind = 'data' | 'projection' | 'system';
 type NamespaceProjectionSource = 'promote' | 'envMapping';
 type VaultProviderName = 'local' | 'github-secrets' | (string & {});
+type VaultAuthMethod = 'passphrase' | 'environment' | 'token' | 'iam' | 'keychain';
+interface VaultAuthSourceConfig {
+    from?: string[];
+}
+interface VaultAuthDefinition {
+    method?: VaultAuthMethod;
+    passphrase?: VaultAuthSourceConfig;
+    token?: VaultAuthSourceConfig;
+    config?: Record<string, unknown>;
+}
 interface NamespaceDefinition {
     kind: NamespaceKind;
     shareable: boolean;
@@ -56,7 +66,8 @@ interface NamespaceDefinition {
 }
 interface VaultDefinition {
     provider: VaultProviderName;
-    passphrase?: string;
+    auth?: VaultAuthDefinition;
+    mapping?: Record<string, string>;
 }
 interface ManifestFile {
     version?: number;
@@ -228,6 +239,7 @@ interface CnosCreateOptions {
     profile?: string;
     workspace?: string;
     globalRoot?: string;
+    secretResolution?: 'eager' | 'lazy';
     cnosVersion?: string;
     plugins?: CnosPlugin[];
     cliArgs?: string[];
@@ -283,6 +295,7 @@ interface CnosPlugin {
     kind: CnosPluginKind;
 }
 interface LoaderContext {
+    manifest: NormalizedManifest;
     manifestConfig: Record<string, unknown>;
     profile: string;
     profileChain: string[];
@@ -334,4 +347,4 @@ interface ExporterPlugin extends CnosPlugin {
     export(graph: ResolvedGraph, context: ExportContext): Promise<ExportResult>;
 }
-export type { CnosCreateOptions as C, DumpPlanOptions as D, ExporterPlugin as E, InspectResult as I, LoaderPlugin as L, ManifestFile as M, NormalizedManifest as N, ResolvedGraph as R, ToEnvOptions as T, VaultDefinition as V, WorkspaceFile as W, DumpPlan as a, DumpOptions as b, DumpResult as c, CnosRuntime as d, CnosPlugin as e, ConfigEntry as f, LogicalKey as g, ToPublicEnvOptions as h, LoadManifestOptions as i, LoadedManifest as j, ValidationSummary as k, ValidationIssue as l, ValidatorPlugin as m, WorkspaceRoot as n, NamespaceName as o };
+export type { CnosCreateOptions as C, DumpPlanOptions as D, ExporterPlugin as E, InspectResult as I, LoaderPlugin as L, ManifestFile as M, NormalizedManifest as N, ResolvedGraph as R, ToEnvOptions as T, ValidatorPlugin as V, WorkspaceRoot as W, ConfigEntry as a, LogicalKey as b, ToPublicEnvOptions as c, DumpPlan as d, DumpOptions as e, DumpResult as f, CnosRuntime as g, CnosPlugin as h, NamespaceName as i, LoadManifestOptions as j, LoadedManifest as k, NamespaceDefinition as l, VaultDefinition as m, ValidationSummary as n, ValidationIssue as o, WorkspaceFile as p };

package/dist/{plugin-DkOIT5uI.d.ts → plugin-B4xwySxw.d.ts} RENAMED Viewed

@@ -47,6 +47,16 @@ type ResolutionArrayPolicy = 'replace' | 'append' | 'unique-append';
 type NamespaceKind = 'data' | 'projection' | 'system';
 type NamespaceProjectionSource = 'promote' | 'envMapping';
 type VaultProviderName = 'local' | 'github-secrets' | (string & {});
+type VaultAuthMethod = 'passphrase' | 'environment' | 'token' | 'iam' | 'keychain';
+interface VaultAuthSourceConfig {
+    from?: string[];
+}
+interface VaultAuthDefinition {
+    method?: VaultAuthMethod;
+    passphrase?: VaultAuthSourceConfig;
+    token?: VaultAuthSourceConfig;
+    config?: Record<string, unknown>;
+}
 interface NamespaceDefinition {
     kind: NamespaceKind;
     shareable: boolean;
@@ -56,7 +66,8 @@ interface NamespaceDefinition {
 }
 interface VaultDefinition {
     provider: VaultProviderName;
-    passphrase?: string;
+    auth?: VaultAuthDefinition;
+    mapping?: Record<string, string>;
 }
 interface ManifestFile {
     version?: number;
@@ -228,6 +239,7 @@ interface CnosCreateOptions {
     profile?: string;
     workspace?: string;
     globalRoot?: string;
+    secretResolution?: 'eager' | 'lazy';
     cnosVersion?: string;
     plugins?: CnosPlugin[];
     cliArgs?: string[];
@@ -283,6 +295,7 @@ interface CnosPlugin {
     kind: CnosPluginKind;
 }
 interface LoaderContext {
+    manifest: NormalizedManifest;
     manifestConfig: Record<string, unknown>;
     profile: string;
     profileChain: string[];
@@ -334,4 +347,4 @@ interface ExporterPlugin extends CnosPlugin {
     export(graph: ResolvedGraph, context: ExportContext): Promise<ExportResult>;
 }
-export type { CnosCreateOptions as C, DumpPlanOptions as D, ExporterPlugin as E, InspectResult as I, LoaderPlugin as L, ManifestFile as M, NormalizedManifest as N, ResolvedGraph as R, ToEnvOptions as T, VaultDefinition as V, WorkspaceFile as W, DumpPlan as a, DumpOptions as b, DumpResult as c, CnosRuntime as d, CnosPlugin as e, ConfigEntry as f, LogicalKey as g, ToPublicEnvOptions as h, LoadManifestOptions as i, LoadedManifest as j, ValidationSummary as k, ValidationIssue as l, ValidatorPlugin as m, WorkspaceRoot as n, NamespaceName as o };
+export type { CnosCreateOptions as C, DumpPlanOptions as D, ExporterPlugin as E, InspectResult as I, LoaderPlugin as L, ManifestFile as M, NormalizedManifest as N, ResolvedGraph as R, ToEnvOptions as T, ValidatorPlugin as V, WorkspaceRoot as W, ConfigEntry as a, LogicalKey as b, ToPublicEnvOptions as c, DumpPlan as d, DumpOptions as e, DumpResult as f, CnosRuntime as g, CnosPlugin as h, NamespaceName as i, LoadManifestOptions as j, LoadedManifest as k, NamespaceDefinition as l, VaultDefinition as m, ValidationSummary as n, ValidationIssue as o, WorkspaceFile as p };