@lanonasis/cli 3.6.5 → 3.7.0

package/README.md

@@ -1,4 +1,4 @@
-# @lanonasis/cli v3.4.15 - Enhanced MCP & Interactive CLI Experience
+# @lanonasis/cli v3.7.0 - Enterprise Security & MCP Experience
 
 [![NPM Version](https://img.shields.io/npm/v/@lanonasis/cli)](https://www.npmjs.com/package/@lanonasis/cli)
 [![Downloads](https://img.shields.io/npm/dt/@lanonasis/cli)](https://www.npmjs.com/package/@lanonasis/cli)
@@ -53,7 +53,24 @@ memory list
 maas memory list
 ```
 
-## 🔐 Authentication Methods
+## 🔐 Security & Authentication
+
+### Enterprise-Grade SHA-256 Security (v3.7.0+)
+
+All API keys are now secured with SHA-256 cryptographic hashing:
+
+- ✅ **Automatic Hash Normalization**: Keys are automatically hashed before transmission
+- ✅ **Double-Hash Prevention**: Smart detection prevents re-hashing already hashed keys
+- ✅ **Cross-Platform Compatibility**: Works seamlessly across Node.js and browser environments
+- ✅ **Zero Configuration**: Security is automatic and transparent
+
+```typescript
+// Hash utilities are built-in and automatic
+// Your vendor keys are automatically secured
+onasis login --vendor-key pk_xxxxx.sk_xxxxx  // ✅ Automatically hashed
+```
+
+### Authentication Methods
 
 ### 1. Vendor Key Authentication (Recommended)
 

package/dist/commands/api-keys.d.ts

@@ -1,2 +1,3 @@
-declare const apiKeysCommand: any;
+import { Command } from 'commander';
+declare const apiKeysCommand: Command;
 export default apiKeysCommand;

package/dist/commands/api-keys.js

@@ -1,32 +1,27 @@
-"use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-const commander_1 = require("commander");
-const inquirer_1 = __importDefault(require("inquirer"));
-const chalk_1 = __importDefault(require("chalk"));
-const cli_table3_1 = __importDefault(require("cli-table3"));
-const api_js_1 = require("../utils/api.js");
-const formatting_js_1 = require("../utils/formatting.js");
+import { Command } from 'commander';
+import inquirer from 'inquirer';
+import chalk from 'chalk';
+import Table from 'cli-table3';
+import { apiClient } from '../utils/api.js';
+import { formatDate, truncateText } from '../utils/formatting.js';
 // Enhanced VPS-style color scheme
 const colors = {
-    primary: chalk_1.default.blue.bold,
-    success: chalk_1.default.green,
-    warning: chalk_1.default.yellow,
-    error: chalk_1.default.red,
-    info: chalk_1.default.cyan,
-    accent: chalk_1.default.magenta,
-    muted: chalk_1.default.gray,
-    highlight: chalk_1.default.white.bold
+    primary: chalk.blue.bold,
+    success: chalk.green,
+    warning: chalk.yellow,
+    error: chalk.red,
+    info: chalk.cyan,
+    accent: chalk.magenta,
+    muted: chalk.gray,
+    highlight: chalk.white.bold
 };
-const apiKeysCommand = new commander_1.Command('api-keys')
+const apiKeysCommand = new Command('api-keys')
     .alias('keys')
     .description(colors.info('🔐 Manage API keys securely with enterprise-grade encryption'));
 // ============================================================================
 // PROJECT COMMANDS
 // ============================================================================
-const projectsCommand = new commander_1.Command('projects')
+const projectsCommand = new Command('projects')
     .description(colors.accent('📁 Manage API key projects and organization'));
 projectsCommand
     .command('create')
@@ -43,7 +38,7 @@ projectsCommand
             organizationId: options.organizationId
         };
         if (options.interactive || !projectData.name || !projectData.organizationId) {
-            const answers = await inquirer_1.default.prompt([
+            const answers = await inquirer.prompt([
                 {
                     type: 'input',
                     name: 'name',
@@ -70,16 +65,16 @@ projectsCommand
             ]);
             projectData = { ...projectData, ...answers };
         }
-        const project = await api_js_1.apiClient.post('/api-keys/projects', projectData);
-        console.log(chalk_1.default.green('✅ Project created successfully!'));
-        console.log(chalk_1.default.blue(`Project ID: ${project.id}`));
-        console.log(chalk_1.default.blue(`Name: ${project.name}`));
+        const project = await apiClient.post('/api-keys/projects', projectData);
+        console.log(chalk.green('✅ Project created successfully!'));
+        console.log(chalk.blue(`Project ID: ${project.id}`));
+        console.log(chalk.blue(`Name: ${project.name}`));
         if (project.description) {
-            console.log(chalk_1.default.blue(`Description: ${project.description}`));
+            console.log(chalk.blue(`Description: ${project.description}`));
         }
     }
     catch (error) {
-        console.error(chalk_1.default.red('❌ Failed to create project:'), error.message);
+        console.error(chalk.red('❌ Failed to create project:'), error.message);
         process.exit(1);
     }
 });
@@ -90,33 +85,33 @@ projectsCommand
     .option('--json', 'Output as JSON')
     .action(async (options) => {
     try {
-        const projects = await api_js_1.apiClient.get('/api-keys/projects');
+        const projects = await apiClient.get('/api-keys/projects');
         if (options.json) {
             console.log(JSON.stringify(projects, null, 2));
             return;
         }
         if (projects.length === 0) {
-            console.log(chalk_1.default.yellow('No projects found'));
+            console.log(chalk.yellow('No projects found'));
             return;
         }
-        const table = new cli_table3_1.default({
-            head: ['ID', 'Name', 'Description', 'Owner', 'Created'].map(h => chalk_1.default.cyan(h)),
+        const table = new Table({
+            head: ['ID', 'Name', 'Description', 'Owner', 'Created'].map(h => chalk.cyan(h)),
             style: { head: [], border: [] }
         });
         projects.forEach((project) => {
             table.push([
-                (0, formatting_js_1.truncateText)(project.id, 20),
+                truncateText(project.id, 20),
                 project.name,
-                (0, formatting_js_1.truncateText)(project.description || '-', 30),
-                (0, formatting_js_1.truncateText)(project.ownerId, 20),
-                (0, formatting_js_1.formatDate)(project.createdAt)
+                truncateText(project.description || '-', 30),
+                truncateText(project.ownerId, 20),
+                formatDate(project.createdAt)
             ]);
         });
         console.log(table.toString());
-        console.log(chalk_1.default.gray(`Total: ${projects.length} projects`));
+        console.log(chalk.gray(`Total: ${projects.length} projects`));
     }
     catch (error) {
-        console.error(chalk_1.default.red('❌ Failed to list projects:'), error.message);
+        console.error(chalk.red('❌ Failed to list projects:'), error.message);
         process.exit(1);
     }
 });
@@ -150,8 +145,8 @@ apiKeysCommand
             rotationFrequency: parseInt(options.rotationFrequency)
         };
         if (options.interactive || !keyData.name || !keyData.value || !keyData.projectId) {
-            const projects = await api_js_1.apiClient.get('/api-keys/projects');
-            const answers = await inquirer_1.default.prompt([
+            const projects = await apiClient.get('/api-keys/projects');
+            const answers = await inquirer.prompt([
                 {
                     type: 'input',
                     name: 'name',
@@ -230,7 +225,7 @@ apiKeysCommand
             ]);
             keyData = { ...keyData, ...answers };
         }
-        const apiKey = await api_js_1.apiClient.post('/api-keys', keyData);
+        const apiKey = await apiClient.post('/api-keys', keyData);
         console.log(colors.success('🔐 API key created successfully!'));
         console.log(colors.info('━'.repeat(50)));
         console.log(`${colors.highlight('Key ID:')} ${colors.primary(apiKey.id)}`);
@@ -258,7 +253,7 @@ apiKeysCommand
         if (options.projectId) {
             url += `?projectId=${options.projectId}`;
         }
-        const apiKeys = await api_js_1.apiClient.get(url);
+        const apiKeys = await apiClient.get(url);
         if (options.json) {
             console.log(JSON.stringify(apiKeys, null, 2));
             return;
@@ -270,7 +265,7 @@ apiKeysCommand
         }
         console.log(colors.primary('🔐 API Key Management'));
         console.log(colors.info('═'.repeat(80)));
-        const table = new cli_table3_1.default({
+        const table = new Table({
             head: ['ID', 'Name', 'Type', 'Environment', 'Status', 'Usage', 'Last Rotated'].map(h => colors.accent(h)),
             style: { head: [], border: [] }
         });
@@ -278,13 +273,13 @@ apiKeysCommand
             const statusColor = key.status === 'active' ? colors.success :
                 key.status === 'rotating' ? colors.warning : colors.error;
             table.push([
-                (0, formatting_js_1.truncateText)(key.id, 20),
+                truncateText(key.id, 20),
                 key.name,
                 key.keyType,
                 key.environment,
                 statusColor(key.status),
                 colors.highlight(key.usageCount.toString()),
-                (0, formatting_js_1.formatDate)(key.lastRotated)
+                formatDate(key.lastRotated)
             ]);
         });
         console.log(table.toString());
@@ -304,7 +299,7 @@ apiKeysCommand
     .option('--json', 'Output as JSON')
     .action(async (keyId, options) => {
     try {
-        const apiKey = await api_js_1.apiClient.get(`/api-keys/${keyId}`);
+        const apiKey = await apiClient.get(`/api-keys/${keyId}`);
         if (options.json) {
             console.log(JSON.stringify(apiKey, null, 2));
             return;
@@ -323,11 +318,11 @@ apiKeysCommand
         console.log(`${colors.highlight('Usage Count:')} ${colors.accent(apiKey.usageCount)}`);
         console.log(`${colors.highlight('Tags:')} ${colors.muted(apiKey.tags.join(', ') || 'None')}`);
         console.log(`${colors.highlight('Rotation Frequency:')} ${colors.info(apiKey.rotationFrequency)} days`);
-        console.log(`${colors.highlight('Last Rotated:')} ${colors.muted((0, formatting_js_1.formatDate)(apiKey.lastRotated))}`);
-        console.log(`${colors.highlight('Created:')} ${colors.muted((0, formatting_js_1.formatDate)(apiKey.createdAt))}`);
-        console.log(`${colors.highlight('Updated:')} ${colors.muted((0, formatting_js_1.formatDate)(apiKey.updatedAt))}`);
+        console.log(`${colors.highlight('Last Rotated:')} ${colors.muted(formatDate(apiKey.lastRotated))}`);
+        console.log(`${colors.highlight('Created:')} ${colors.muted(formatDate(apiKey.createdAt))}`);
+        console.log(`${colors.highlight('Updated:')} ${colors.muted(formatDate(apiKey.updatedAt))}`);
         if (apiKey.expiresAt) {
-            console.log(`${colors.highlight('Expires:')} ${colors.warning((0, formatting_js_1.formatDate)(apiKey.expiresAt))}`);
+            console.log(`${colors.highlight('Expires:')} ${colors.warning(formatDate(apiKey.expiresAt))}`);
         }
         console.log(colors.info('═'.repeat(60)));
     }
@@ -358,8 +353,8 @@ apiKeysCommand
         if (options.rotationFrequency)
             updateData.rotationFrequency = parseInt(options.rotationFrequency);
         if (options.interactive || Object.keys(updateData).length === 0) {
-            const current = await api_js_1.apiClient.get(`/api-keys/${keyId}`);
-            const answers = await inquirer_1.default.prompt([
+            const current = await apiClient.get(`/api-keys/${keyId}`);
+            const answers = await inquirer.prompt([
                 {
                     type: 'input',
                     name: 'name',
@@ -400,7 +395,7 @@ apiKeysCommand
             updateData = { ...updateData, ...answers };
             delete updateData.updateValue;
         }
-        const updatedKey = await api_js_1.apiClient.put(`/api-keys/${keyId}`, updateData);
+        const updatedKey = await apiClient.put(`/api-keys/${keyId}`, updateData);
         console.log(colors.success('🔄 API key updated successfully!'));
         console.log(colors.info('━'.repeat(40)));
         console.log(`${colors.highlight('Name:')} ${colors.accent(updatedKey.name)}`);
@@ -425,8 +420,8 @@ apiKeysCommand
     .action(async (keyId, options) => {
     try {
         if (!options.force) {
-            const apiKey = await api_js_1.apiClient.get(`/api-keys/${keyId}`);
-            const { confirm } = await inquirer_1.default.prompt([
+            const apiKey = await apiClient.get(`/api-keys/${keyId}`);
+            const { confirm } = await inquirer.prompt([
                 {
                     type: 'confirm',
                     name: 'confirm',
@@ -439,7 +434,7 @@ apiKeysCommand
                 return;
             }
         }
-        await api_js_1.apiClient.delete(`/api-keys/${keyId}`);
+        await apiClient.delete(`/api-keys/${keyId}`);
         console.log(colors.success('🗑️  API key deleted successfully!'));
     }
     catch (error) {
@@ -450,7 +445,7 @@ apiKeysCommand
 // ============================================================================
 // MCP COMMANDS
 // ============================================================================
-const mcpCommand = new commander_1.Command('mcp')
+const mcpCommand = new Command('mcp')
     .description(colors.accent('🤖 Model Context Protocol (MCP) - Secure AI agent access'));
 mcpCommand
     .command('register-tool')
@@ -483,7 +478,7 @@ mcpCommand
             riskLevel: options.riskLevel
         };
         if (options.interactive || !toolData.toolId || !toolData.toolName || !toolData.organizationId) {
-            const answers = await inquirer_1.default.prompt([
+            const answers = await inquirer.prompt([
                 {
                     type: 'input',
                     name: 'toolId',
@@ -569,7 +564,7 @@ mcpCommand
             delete toolData.maxConcurrentSessions;
             delete toolData.maxSessionDuration;
         }
-        const tool = await api_js_1.apiClient.post('/api-keys/mcp/tools', toolData);
+        const tool = await apiClient.post('/api-keys/mcp/tools', toolData);
         console.log(colors.success('🤖 MCP tool registered successfully!'));
         console.log(colors.info('━'.repeat(50)));
         console.log(`${colors.highlight('Tool ID:')} ${colors.primary(tool.toolId)}`);
@@ -589,7 +584,7 @@ mcpCommand
     .option('--json', 'Output as JSON')
     .action(async (options) => {
     try {
-        const tools = await api_js_1.apiClient.get('/api-keys/mcp/tools');
+        const tools = await apiClient.get('/api-keys/mcp/tools');
         if (options.json) {
             console.log(JSON.stringify(tools, null, 2));
             return;
@@ -601,7 +596,7 @@ mcpCommand
         }
         console.log(colors.primary('🤖 Registered MCP Tools'));
         console.log(colors.info('═'.repeat(80)));
-        const table = new cli_table3_1.default({
+        const table = new Table({
             head: ['Tool ID', 'Name', 'Risk Level', 'Status', 'Auto Approve', 'Created'].map(h => colors.accent(h)),
             style: { head: [], border: [] }
         });
@@ -614,7 +609,7 @@ mcpCommand
                 tool.riskLevel,
                 statusColor(tool.status),
                 tool.autoApprove ? colors.success('Yes') : colors.error('No'),
-                (0, formatting_js_1.formatDate)(tool.createdAt)
+                formatDate(tool.createdAt)
             ]);
         });
         console.log(table.toString());
@@ -649,8 +644,8 @@ mcpCommand
         };
         if (options.interactive || !requestData.toolId || !requestData.organizationId ||
             requestData.keyNames.length === 0 || !requestData.environment || !requestData.justification) {
-            const tools = await api_js_1.apiClient.get('/api-keys/mcp/tools');
-            const answers = await inquirer_1.default.prompt([
+            const tools = await apiClient.get('/api-keys/mcp/tools');
+            const answers = await inquirer.prompt([
                 {
                     type: 'list',
                     name: 'toolId',
@@ -700,7 +695,7 @@ mcpCommand
             ]);
             requestData = { ...requestData, ...answers };
         }
-        const response = await api_js_1.apiClient.post('/api-keys/mcp/request-access', requestData);
+        const response = await apiClient.post('/api-keys/mcp/request-access', requestData);
         console.log(colors.success('🔐 Access request created successfully!'));
         console.log(colors.info('━'.repeat(50)));
         console.log(`${colors.highlight('Request ID:')} ${colors.primary(response.requestId)}`);
@@ -716,7 +711,7 @@ mcpCommand
 // ============================================================================
 // ANALYTICS COMMANDS
 // ============================================================================
-const analyticsCommand = new commander_1.Command('analytics')
+const analyticsCommand = new Command('analytics')
     .description('View API key usage analytics and security events');
 analyticsCommand
     .command('usage')
@@ -735,27 +730,27 @@ analyticsCommand
         if (params.toString()) {
             url += `?${params.toString()}`;
         }
-        const analytics = await api_js_1.apiClient.get(url);
+        const analytics = await apiClient.get(url);
         if (options.json) {
             console.log(JSON.stringify(analytics, null, 2));
             return;
         }
         if (analytics.length === 0) {
-            console.log(chalk_1.default.yellow('No usage data found'));
+            console.log(chalk.yellow('No usage data found'));
             return;
         }
-        const table = new cli_table3_1.default({
-            head: ['Key ID', 'Operation', 'Tool ID', 'Success', 'Timestamp'].map(h => chalk_1.default.cyan(h)),
+        const table = new Table({
+            head: ['Key ID', 'Operation', 'Tool ID', 'Success', 'Timestamp'].map(h => chalk.cyan(h)),
             style: { head: [], border: [] }
         });
         analytics.forEach((entry) => {
             const successColor = entry.success ? colors.success('✓') : colors.error('✗');
             table.push([
-                (0, formatting_js_1.truncateText)(entry.keyId || '-', 20),
+                truncateText(entry.keyId || '-', 20),
                 entry.operation,
-                (0, formatting_js_1.truncateText)(entry.toolId || '-', 15),
+                truncateText(entry.toolId || '-', 15),
                 successColor,
-                (0, formatting_js_1.formatDate)(entry.timestamp)
+                formatDate(entry.timestamp)
             ]);
         });
         console.log(table.toString());
@@ -779,7 +774,7 @@ analyticsCommand
         if (options.severity) {
             url += `?severity=${options.severity}`;
         }
-        const events = await api_js_1.apiClient.get(url);
+        const events = await apiClient.get(url);
         if (options.json) {
             console.log(JSON.stringify(events, null, 2));
             return;
@@ -790,7 +785,7 @@ analyticsCommand
         }
         console.log(colors.primary('🛡️  Security Events Monitor'));
         console.log(colors.info('═'.repeat(80)));
-        const table = new cli_table3_1.default({
+        const table = new Table({
             head: ['Event Type', 'Severity', 'Description', 'Resolved', 'Timestamp'].map(h => colors.accent(h)),
             style: { head: [], border: [] }
         });
@@ -801,9 +796,9 @@ analyticsCommand
             table.push([
                 event.eventType,
                 severityColor(event.severity.toUpperCase()),
-                (0, formatting_js_1.truncateText)(event.description, 40),
+                truncateText(event.description, 40),
                 event.resolved ? colors.success('✓') : colors.warning('Pending'),
-                (0, formatting_js_1.formatDate)(event.timestamp)
+                formatDate(event.timestamp)
             ]);
         });
         console.log(table.toString());
@@ -820,4 +815,4 @@ analyticsCommand
 apiKeysCommand.addCommand(projectsCommand);
 apiKeysCommand.addCommand(mcpCommand);
 apiKeysCommand.addCommand(analyticsCommand);
-exports.default = apiKeysCommand;
+export default apiKeysCommand;