@lssm/integration.runtime 0.0.0-canary-20251217063201 → 0.0.0-canary-20251217072406

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. package/dist/health.js +69 -1
  2. package/dist/index.js +9 -1
  3. package/dist/runtime.js +186 -1
  4. package/dist/secrets/env-secret-provider.js +81 -1
  5. package/dist/secrets/gcp-secret-manager.js +229 -1
  6. package/dist/secrets/index.js +6 -1
  7. package/dist/secrets/manager.js +103 -1
  8. package/dist/secrets/provider.js +58 -1
  9. package/package.json +5 -5
package/dist/health.js CHANGED
@@ -1 +1,69 @@
1
- var e=class{telemetry;nowFn;constructor(e={}){this.telemetry=e.telemetry,this.nowFn=e.now??(()=>new Date)}async check(e,n){let r=this.nowFn();try{await n(e);let t=this.nowFn(),i={status:`connected`,checkedAt:t,latencyMs:t.getTime()-r.getTime()};return this.emitTelemetry(e,i,`success`),i}catch(n){let i=this.nowFn(),a=n instanceof Error?n.message:`Unknown error`,o=t(n),s={status:`error`,checkedAt:i,latencyMs:i.getTime()-r.getTime(),errorMessage:a,errorCode:o};return this.emitTelemetry(e,s,`error`,o,a),s}}emitTelemetry(e,t,n,r,i){this.telemetry&&this.telemetry.record({tenantId:e.tenantId,appId:e.appId,environment:e.environment,slotId:e.slotId,integrationKey:e.spec.meta.key,integrationVersion:e.spec.meta.version,connectionId:e.connection.meta.id,status:n,durationMs:t.latencyMs,errorCode:r,errorMessage:i,occurredAt:t.checkedAt??this.nowFn(),metadata:{...e.trace?{blueprint:`${e.trace.blueprintName}.v${e.trace.blueprintVersion}`,configVersion:e.trace.configVersion}:{},status:t.status}})}};function t(e){if(!e||typeof e!=`object`)return;let t=e;if(t.code!=null)return String(t.code)}export{e as IntegrationHealthService};
1
+ //#region src/health.ts
2
+ var IntegrationHealthService = class {
3
+ telemetry;
4
+ nowFn;
5
+ constructor(options = {}) {
6
+ this.telemetry = options.telemetry;
7
+ this.nowFn = options.now ?? (() => /* @__PURE__ */ new Date());
8
+ }
9
+ async check(context, executor) {
10
+ const start = this.nowFn();
11
+ try {
12
+ await executor(context);
13
+ const end = this.nowFn();
14
+ const result = {
15
+ status: "connected",
16
+ checkedAt: end,
17
+ latencyMs: end.getTime() - start.getTime()
18
+ };
19
+ this.emitTelemetry(context, result, "success");
20
+ return result;
21
+ } catch (error) {
22
+ const end = this.nowFn();
23
+ const message = error instanceof Error ? error.message : "Unknown error";
24
+ const code = extractErrorCode(error);
25
+ const result = {
26
+ status: "error",
27
+ checkedAt: end,
28
+ latencyMs: end.getTime() - start.getTime(),
29
+ errorMessage: message,
30
+ errorCode: code
31
+ };
32
+ this.emitTelemetry(context, result, "error", code, message);
33
+ return result;
34
+ }
35
+ }
36
+ emitTelemetry(context, result, status, errorCode, errorMessage) {
37
+ if (!this.telemetry) return;
38
+ this.telemetry.record({
39
+ tenantId: context.tenantId,
40
+ appId: context.appId,
41
+ environment: context.environment,
42
+ slotId: context.slotId,
43
+ integrationKey: context.spec.meta.key,
44
+ integrationVersion: context.spec.meta.version,
45
+ connectionId: context.connection.meta.id,
46
+ status,
47
+ durationMs: result.latencyMs,
48
+ errorCode,
49
+ errorMessage,
50
+ occurredAt: result.checkedAt ?? this.nowFn(),
51
+ metadata: {
52
+ ...context.trace ? {
53
+ blueprint: `${context.trace.blueprintName}.v${context.trace.blueprintVersion}`,
54
+ configVersion: context.trace.configVersion
55
+ } : {},
56
+ status: result.status
57
+ }
58
+ });
59
+ }
60
+ };
61
+ function extractErrorCode(error) {
62
+ if (!error || typeof error !== "object") return void 0;
63
+ const candidate = error;
64
+ if (candidate.code == null) return void 0;
65
+ return String(candidate.code);
66
+ }
67
+
68
+ //#endregion
69
+ export { IntegrationHealthService };
package/dist/index.js CHANGED
@@ -1 +1,9 @@
1
- import{IntegrationHealthService as e}from"./health.js";import{IntegrationCallGuard as t,connectionStatusLabel as n,ensureConnectionReady as r}from"./runtime.js";import{SecretProviderError as i,normalizeSecretPayload as a,parseSecretUri as o}from"./secrets/provider.js";import{GcpSecretManagerProvider as s}from"./secrets/gcp-secret-manager.js";import{EnvSecretProvider as c}from"./secrets/env-secret-provider.js";import{SecretProviderManager as l}from"./secrets/manager.js";import"./secrets/index.js";export{c as EnvSecretProvider,s as GcpSecretManagerProvider,t as IntegrationCallGuard,e as IntegrationHealthService,i as SecretProviderError,l as SecretProviderManager,n as connectionStatusLabel,r as ensureConnectionReady,a as normalizeSecretPayload,o as parseSecretUri};
1
+ import { IntegrationHealthService } from "./health.js";
2
+ import { IntegrationCallGuard, connectionStatusLabel, ensureConnectionReady } from "./runtime.js";
3
+ import { SecretProviderError, normalizeSecretPayload, parseSecretUri } from "./secrets/provider.js";
4
+ import { GcpSecretManagerProvider } from "./secrets/gcp-secret-manager.js";
5
+ import { EnvSecretProvider } from "./secrets/env-secret-provider.js";
6
+ import { SecretProviderManager } from "./secrets/manager.js";
7
+ import "./secrets/index.js";
8
+
9
+ export { EnvSecretProvider, GcpSecretManagerProvider, IntegrationCallGuard, IntegrationHealthService, SecretProviderError, SecretProviderManager, connectionStatusLabel, ensureConnectionReady, normalizeSecretPayload, parseSecretUri };
package/dist/runtime.js CHANGED
@@ -1 +1,186 @@
1
- import{performance as e}from"node:perf_hooks";var t=class{telemetry;maxAttempts;backoffMs;shouldRetry;sleep;now;constructor(e,t={}){this.secretProvider=e,this.telemetry=t.telemetry,this.maxAttempts=Math.max(1,t.maxAttempts??3),this.backoffMs=t.backoffMs??250,this.shouldRetry=t.shouldRetry??(e=>typeof e==`object`&&!!e&&`retryable`in e&&!!e.retryable),this.sleep=t.sleep??(e=>e<=0?Promise.resolve():new Promise(t=>setTimeout(t,e))),this.now=t.now??(()=>new Date)}async executeWithGuards(t,n,r,i,a){let o=this.findIntegration(t,i);if(!o)return this.failure({tenantId:i.tenantId,appId:i.appId,environment:i.environment,blueprintName:i.blueprintName,blueprintVersion:i.blueprintVersion,configVersion:i.configVersion,slotId:t,operation:n},void 0,{code:`SLOT_NOT_BOUND`,message:`Integration slot "${t}" is not bound for tenant "${i.tenantId}".`,retryable:!1},0);let s=o.connection.status;if(s===`disconnected`||s===`error`)return this.failure(this.makeContext(t,n,i),o,{code:`CONNECTION_NOT_READY`,message:`Integration connection "${o.connection.meta.label}" is in status "${s}".`,retryable:!1},0);let c=await this.fetchSecrets(o.connection),l=0,u=e.now();for(;l<this.maxAttempts;){l+=1;try{let r=await a(o.connection,c),s=e.now()-u;return this.emitTelemetry(this.makeContext(t,n,i),o,`success`,s),{success:!0,data:r,metadata:{latencyMs:s,connectionId:o.connection.meta.id,ownershipMode:o.connection.ownershipMode,attempts:l}}}catch(r){let a=e.now()-u;this.emitTelemetry(this.makeContext(t,n,i),o,`error`,a,this.errorCodeFor(r),r instanceof Error?r.message:String(r));let s=this.shouldRetry(r,l);if(!s||l>=this.maxAttempts)return{success:!1,error:{code:this.errorCodeFor(r),message:r instanceof Error?r.message:String(r),retryable:s,cause:r},metadata:{latencyMs:a,connectionId:o.connection.meta.id,ownershipMode:o.connection.ownershipMode,attempts:l}};await this.sleep(this.backoffMs)}}return{success:!1,error:{code:`UNKNOWN_ERROR`,message:`Integration call failed after retries.`,retryable:!1},metadata:{latencyMs:e.now()-u,connectionId:o.connection.meta.id,ownershipMode:o.connection.ownershipMode,attempts:this.maxAttempts}}}findIntegration(e,t){return t.integrations.find(t=>t.slot.slotId===e)}async fetchSecrets(e){if(!this.secretProvider.canHandle(e.secretRef))throw Error(`Secret provider "${this.secretProvider.id}" cannot handle reference "${e.secretRef}".`);let t=await this.secretProvider.getSecret(e.secretRef);return this.parseSecret(t)}parseSecret(e){let t=new TextDecoder().decode(e.data);try{let e=JSON.parse(t);if(e&&typeof e==`object`&&!Array.isArray(e)){let t=Object.entries(e).filter(([,e])=>typeof e==`string`||typeof e==`number`||typeof e==`boolean`);return Object.fromEntries(t.map(([e,t])=>[e,String(t)]))}}catch{}return{secret:t}}emitTelemetry(e,t,n,r,i,a){!this.telemetry||!t||this.telemetry.record({tenantId:e.tenantId,appId:e.appId,environment:e.environment,slotId:e.slotId,integrationKey:t.connection.meta.integrationKey,integrationVersion:t.connection.meta.integrationVersion,connectionId:t.connection.meta.id,status:n,durationMs:r,errorCode:i,errorMessage:a,occurredAt:this.now(),metadata:{blueprint:`${e.blueprintName}.v${e.blueprintVersion}`,configVersion:e.configVersion,operation:e.operation}})}failure(e,t,n,r){return t&&this.emitTelemetry(e,t,`error`,0,n.code,n.message),{success:!1,error:n,metadata:{latencyMs:0,connectionId:t?.connection.meta.id??`unknown`,ownershipMode:t?.connection.ownershipMode??`managed`,attempts:r}}}makeContext(e,t,n){return{tenantId:n.tenantId,appId:n.appId,environment:n.environment,blueprintName:n.blueprintName,blueprintVersion:n.blueprintVersion,configVersion:n.configVersion,slotId:e,operation:t}}errorCodeFor(e){return typeof e==`object`&&e&&`code`in e&&typeof e.code==`string`?e.code:`PROVIDER_ERROR`}};function n(e){let t=e.connection.status;if(t===`disconnected`||t===`error`)throw Error(`Integration connection "${e.connection.meta.label}" is in status "${t}".`)}function r(e){switch(e){case`connected`:return`connected`;case`disconnected`:return`disconnected`;case`error`:return`error`;case`unknown`:default:return`unknown`}}export{t as IntegrationCallGuard,r as connectionStatusLabel,n as ensureConnectionReady};
1
+ import { performance } from "node:perf_hooks";
2
+
3
+ //#region src/runtime.ts
4
+ const DEFAULT_MAX_ATTEMPTS = 3;
5
+ const DEFAULT_BACKOFF_MS = 250;
6
+ var IntegrationCallGuard = class {
7
+ telemetry;
8
+ maxAttempts;
9
+ backoffMs;
10
+ shouldRetry;
11
+ sleep;
12
+ now;
13
+ constructor(secretProvider, options = {}) {
14
+ this.secretProvider = secretProvider;
15
+ this.telemetry = options.telemetry;
16
+ this.maxAttempts = Math.max(1, options.maxAttempts ?? DEFAULT_MAX_ATTEMPTS);
17
+ this.backoffMs = options.backoffMs ?? DEFAULT_BACKOFF_MS;
18
+ this.shouldRetry = options.shouldRetry ?? ((error) => typeof error === "object" && error !== null && "retryable" in error && Boolean(error.retryable));
19
+ this.sleep = options.sleep ?? ((ms) => ms <= 0 ? Promise.resolve() : new Promise((resolve) => setTimeout(resolve, ms)));
20
+ this.now = options.now ?? (() => /* @__PURE__ */ new Date());
21
+ }
22
+ async executeWithGuards(slotId, operation, _input, resolvedConfig, executor) {
23
+ const integration = this.findIntegration(slotId, resolvedConfig);
24
+ if (!integration) return this.failure({
25
+ tenantId: resolvedConfig.tenantId,
26
+ appId: resolvedConfig.appId,
27
+ environment: resolvedConfig.environment,
28
+ blueprintName: resolvedConfig.blueprintName,
29
+ blueprintVersion: resolvedConfig.blueprintVersion,
30
+ configVersion: resolvedConfig.configVersion,
31
+ slotId,
32
+ operation
33
+ }, void 0, {
34
+ code: "SLOT_NOT_BOUND",
35
+ message: `Integration slot "${slotId}" is not bound for tenant "${resolvedConfig.tenantId}".`,
36
+ retryable: false
37
+ }, 0);
38
+ const status = integration.connection.status;
39
+ if (status === "disconnected" || status === "error") return this.failure(this.makeContext(slotId, operation, resolvedConfig), integration, {
40
+ code: "CONNECTION_NOT_READY",
41
+ message: `Integration connection "${integration.connection.meta.label}" is in status "${status}".`,
42
+ retryable: false
43
+ }, 0);
44
+ const secrets = await this.fetchSecrets(integration.connection);
45
+ let attempt = 0;
46
+ const started = performance.now();
47
+ while (attempt < this.maxAttempts) {
48
+ attempt += 1;
49
+ try {
50
+ const data = await executor(integration.connection, secrets);
51
+ const duration = performance.now() - started;
52
+ this.emitTelemetry(this.makeContext(slotId, operation, resolvedConfig), integration, "success", duration);
53
+ return {
54
+ success: true,
55
+ data,
56
+ metadata: {
57
+ latencyMs: duration,
58
+ connectionId: integration.connection.meta.id,
59
+ ownershipMode: integration.connection.ownershipMode,
60
+ attempts: attempt
61
+ }
62
+ };
63
+ } catch (error) {
64
+ const duration = performance.now() - started;
65
+ this.emitTelemetry(this.makeContext(slotId, operation, resolvedConfig), integration, "error", duration, this.errorCodeFor(error), error instanceof Error ? error.message : String(error));
66
+ const retryable = this.shouldRetry(error, attempt);
67
+ if (!retryable || attempt >= this.maxAttempts) return {
68
+ success: false,
69
+ error: {
70
+ code: this.errorCodeFor(error),
71
+ message: error instanceof Error ? error.message : String(error),
72
+ retryable,
73
+ cause: error
74
+ },
75
+ metadata: {
76
+ latencyMs: duration,
77
+ connectionId: integration.connection.meta.id,
78
+ ownershipMode: integration.connection.ownershipMode,
79
+ attempts: attempt
80
+ }
81
+ };
82
+ await this.sleep(this.backoffMs);
83
+ }
84
+ }
85
+ return {
86
+ success: false,
87
+ error: {
88
+ code: "UNKNOWN_ERROR",
89
+ message: "Integration call failed after retries.",
90
+ retryable: false
91
+ },
92
+ metadata: {
93
+ latencyMs: performance.now() - started,
94
+ connectionId: integration.connection.meta.id,
95
+ ownershipMode: integration.connection.ownershipMode,
96
+ attempts: this.maxAttempts
97
+ }
98
+ };
99
+ }
100
+ findIntegration(slotId, config) {
101
+ return config.integrations.find((integration) => integration.slot.slotId === slotId);
102
+ }
103
+ async fetchSecrets(connection) {
104
+ if (!this.secretProvider.canHandle(connection.secretRef)) throw new Error(`Secret provider "${this.secretProvider.id}" cannot handle reference "${connection.secretRef}".`);
105
+ const secret = await this.secretProvider.getSecret(connection.secretRef);
106
+ return this.parseSecret(secret);
107
+ }
108
+ parseSecret(secret) {
109
+ const text = new TextDecoder().decode(secret.data);
110
+ try {
111
+ const parsed = JSON.parse(text);
112
+ if (parsed && typeof parsed === "object" && !Array.isArray(parsed)) {
113
+ const entries = Object.entries(parsed).filter(([, value]) => typeof value === "string" || typeof value === "number" || typeof value === "boolean");
114
+ return Object.fromEntries(entries.map(([key, value]) => [key, String(value)]));
115
+ }
116
+ } catch {}
117
+ return { secret: text };
118
+ }
119
+ emitTelemetry(context, integration, status, durationMs, errorCode, errorMessage) {
120
+ if (!this.telemetry || !integration) return;
121
+ this.telemetry.record({
122
+ tenantId: context.tenantId,
123
+ appId: context.appId,
124
+ environment: context.environment,
125
+ slotId: context.slotId,
126
+ integrationKey: integration.connection.meta.integrationKey,
127
+ integrationVersion: integration.connection.meta.integrationVersion,
128
+ connectionId: integration.connection.meta.id,
129
+ status,
130
+ durationMs,
131
+ errorCode,
132
+ errorMessage,
133
+ occurredAt: this.now(),
134
+ metadata: {
135
+ blueprint: `${context.blueprintName}.v${context.blueprintVersion}`,
136
+ configVersion: context.configVersion,
137
+ operation: context.operation
138
+ }
139
+ });
140
+ }
141
+ failure(context, integration, error, attempts) {
142
+ if (integration) this.emitTelemetry(context, integration, "error", 0, error.code, error.message);
143
+ return {
144
+ success: false,
145
+ error,
146
+ metadata: {
147
+ latencyMs: 0,
148
+ connectionId: integration?.connection.meta.id ?? "unknown",
149
+ ownershipMode: integration?.connection.ownershipMode ?? "managed",
150
+ attempts
151
+ }
152
+ };
153
+ }
154
+ makeContext(slotId, operation, config) {
155
+ return {
156
+ tenantId: config.tenantId,
157
+ appId: config.appId,
158
+ environment: config.environment,
159
+ blueprintName: config.blueprintName,
160
+ blueprintVersion: config.blueprintVersion,
161
+ configVersion: config.configVersion,
162
+ slotId,
163
+ operation
164
+ };
165
+ }
166
+ errorCodeFor(error) {
167
+ if (typeof error === "object" && error !== null && "code" in error && typeof error.code === "string") return error.code;
168
+ return "PROVIDER_ERROR";
169
+ }
170
+ };
171
+ function ensureConnectionReady(integration) {
172
+ const status = integration.connection.status;
173
+ if (status === "disconnected" || status === "error") throw new Error(`Integration connection "${integration.connection.meta.label}" is in status "${status}".`);
174
+ }
175
+ function connectionStatusLabel(status) {
176
+ switch (status) {
177
+ case "connected": return "connected";
178
+ case "disconnected": return "disconnected";
179
+ case "error": return "error";
180
+ case "unknown":
181
+ default: return "unknown";
182
+ }
183
+ }
184
+
185
+ //#endregion
186
+ export { IntegrationCallGuard, connectionStatusLabel, ensureConnectionReady };
package/dist/secrets/env-secret-provider.js CHANGED
@@ -1 +1,81 @@
1
- import{SecretProviderError as e,parseSecretUri as t}from"./provider.js";var n=class{id=`env`;aliases;constructor(e={}){this.aliases=e.aliases??{}}canHandle(e){let t=this.resolveEnvKey(e);return t!==void 0&&process.env[t]!==void 0}async getSecret(t){let n=this.resolveEnvKey(t);if(!n)throw new e({message:`Unable to resolve environment variable for reference "${t}".`,provider:this.id,reference:t,code:`INVALID`});let r=process.env[n];if(r===void 0)throw new e({message:`Environment variable "${n}" not found for reference "${t}".`,provider:this.id,reference:t,code:`NOT_FOUND`});return{data:Buffer.from(r,`utf-8`),version:`current`,metadata:{source:`env`,envKey:n},retrievedAt:new Date}}async setSecret(e,t){throw this.forbiddenError(`setSecret`,e)}async rotateSecret(e,t){throw this.forbiddenError(`rotateSecret`,e)}async deleteSecret(e){throw this.forbiddenError(`deleteSecret`,e)}resolveEnvKey(e){if(e){if(this.aliases[e])return this.aliases[e];if(!e.includes(`://`))return e;try{let n=t(e);return n.provider===`env`?n.path:n.extras?.env?n.extras.env:this.deriveEnvKey(n.path)}catch{return e}}}deriveEnvKey(e){if(e)return e.split(/[\/:\-\.]/).filter(Boolean).map(e=>e.replace(/[^a-zA-Z0-9]/g,`_`).replace(/_{2,}/g,`_`).toUpperCase()).join(`_`)}forbiddenError(t,n){return new e({message:`EnvSecretProvider is read-only. "${t}" is not allowed for ${n}.`,provider:this.id,reference:n,code:`FORBIDDEN`})}};export{n as EnvSecretProvider};
1
+ import { SecretProviderError, parseSecretUri } from "./provider.js";
2
+
3
+ //#region src/secrets/env-secret-provider.ts
4
+ /**
5
+ * Environment-variable backed secret provider. Read-only by design.
6
+ * Allows overriding other secret providers by deriving environment variable
7
+ * names from secret references (or by using explicit aliases).
8
+ */
9
+ var EnvSecretProvider = class {
10
+ id = "env";
11
+ aliases;
12
+ constructor(options = {}) {
13
+ this.aliases = options.aliases ?? {};
14
+ }
15
+ canHandle(reference) {
16
+ const envKey = this.resolveEnvKey(reference);
17
+ return envKey !== void 0 && process.env[envKey] !== void 0;
18
+ }
19
+ async getSecret(reference) {
20
+ const envKey = this.resolveEnvKey(reference);
21
+ if (!envKey) throw new SecretProviderError({
22
+ message: `Unable to resolve environment variable for reference "${reference}".`,
23
+ provider: this.id,
24
+ reference,
25
+ code: "INVALID"
26
+ });
27
+ const value = process.env[envKey];
28
+ if (value === void 0) throw new SecretProviderError({
29
+ message: `Environment variable "${envKey}" not found for reference "${reference}".`,
30
+ provider: this.id,
31
+ reference,
32
+ code: "NOT_FOUND"
33
+ });
34
+ return {
35
+ data: Buffer.from(value, "utf-8"),
36
+ version: "current",
37
+ metadata: {
38
+ source: "env",
39
+ envKey
40
+ },
41
+ retrievedAt: /* @__PURE__ */ new Date()
42
+ };
43
+ }
44
+ async setSecret(reference, _payload) {
45
+ throw this.forbiddenError("setSecret", reference);
46
+ }
47
+ async rotateSecret(reference, _payload) {
48
+ throw this.forbiddenError("rotateSecret", reference);
49
+ }
50
+ async deleteSecret(reference) {
51
+ throw this.forbiddenError("deleteSecret", reference);
52
+ }
53
+ resolveEnvKey(reference) {
54
+ if (!reference) return;
55
+ if (this.aliases[reference]) return this.aliases[reference];
56
+ if (!reference.includes("://")) return reference;
57
+ try {
58
+ const parsed = parseSecretUri(reference);
59
+ if (parsed.provider === "env") return parsed.path;
60
+ if (parsed.extras?.env) return parsed.extras.env;
61
+ return this.deriveEnvKey(parsed.path);
62
+ } catch {
63
+ return reference;
64
+ }
65
+ }
66
+ deriveEnvKey(path) {
67
+ if (!path) return void 0;
68
+ return path.split(/[\/:\-\.]/).filter(Boolean).map((segment) => segment.replace(/[^a-zA-Z0-9]/g, "_").replace(/_{2,}/g, "_").toUpperCase()).join("_");
69
+ }
70
+ forbiddenError(operation, reference) {
71
+ return new SecretProviderError({
72
+ message: `EnvSecretProvider is read-only. "${operation}" is not allowed for ${reference}.`,
73
+ provider: this.id,
74
+ reference,
75
+ code: "FORBIDDEN"
76
+ });
77
+ }
78
+ };
79
+
80
+ //#endregion
81
+ export { EnvSecretProvider };
package/dist/secrets/gcp-secret-manager.js CHANGED
@@ -1 +1,229 @@
1
- import{SecretProviderError as e,normalizeSecretPayload as t,parseSecretUri as n}from"./provider.js";import{SecretManagerServiceClient as r,protos as i}from"@google-cloud/secret-manager";const a={automatic:{}};var o=class{id=`gcp-secret-manager`;client;explicitProjectId;replication;constructor(e={}){this.client=e.client??new r(e.clientOptions??{}),this.explicitProjectId=e.projectId,this.replication=e.defaultReplication??a}canHandle(e){try{return n(e).provider===`gcp`}catch{return!1}}async getSecret(t,n,r){let i=this.parseReference(t),a=this.buildVersionName(i,n?.version);try{let[n]=await this.client.accessSecretVersion({name:a},r??{}),i=n.payload;if(!i?.data)throw new e({message:`Secret payload empty for ${a}`,provider:this.id,reference:t,code:`UNKNOWN`});let o=s(n.name??a);return{data:i.data,version:o,metadata:i.dataCrc32c?{crc32c:i.dataCrc32c.toString()}:void 0,retrievedAt:new Date}}catch(e){throw c({error:e,provider:this.id,reference:t,operation:`access`})}}async setSecret(n,r){let i=this.parseReference(n),{secretName:a}=this.buildNames(i),o=t(r);await this.ensureSecretExists(i,r);try{let t=await this.client.addSecretVersion({parent:a,payload:{data:o}});if(!t)throw new e({message:`No version returned when adding secret version for ${a}`,provider:this.id,reference:n,code:`UNKNOWN`});let[r]=t,i=r?.name??`${a}/versions/latest`;return{reference:`gcp://${i}`,version:s(i)??`latest`}}catch(e){throw c({error:e,provider:this.id,reference:n,operation:`addSecretVersion`})}}async rotateSecret(e,t){return this.setSecret(e,t)}async deleteSecret(e){let t=this.parseReference(e),{secretName:n}=this.buildNames(t);try{await this.client.deleteSecret({name:n})}catch(t){throw c({error:t,provider:this.id,reference:e,operation:`delete`})}}parseReference(t){let r=n(t);if(r.provider!==`gcp`)throw new e({message:`Unsupported secret provider: ${r.provider}`,provider:this.id,reference:t,code:`INVALID`});let i=r.path.split(`/`).filter(Boolean);if(i.length<4||i[0]!==`projects`)throw new e({message:`Expected secret reference format gcp://projects/{project}/secrets/{secret}[(/versions/{version})] but received "${r.path}"`,provider:this.id,reference:t,code:`INVALID`});let a=i[1]??this.explicitProjectId;if(!a)throw new e({message:`Unable to resolve project or secret from reference "${r.path}"`,provider:this.id,reference:t,code:`INVALID`});let o=i.indexOf(`secrets`);if(o===-1||o+1>=i.length)throw new e({message:`Unable to resolve project or secret from reference "${r.path}"`,provider:this.id,reference:t,code:`INVALID`});let s=a,c=i[o+1];if(!c)throw new e({message:`Unable to resolve secret ID from reference "${r.path}"`,provider:this.id,reference:t,code:`INVALID`});let l=c,u=i.indexOf(`versions`);return{projectId:s,secretId:l,version:r.extras?.version??(u!==-1&&u+1<i.length?i[u+1]:void 0)}}buildNames(t){let n=t.projectId??this.explicitProjectId;if(!n)throw new e({message:`Project ID must be provided either in reference or provider configuration`,provider:this.id,reference:`gcp://projects//secrets/${t.secretId}`,code:`INVALID`});let r=`projects/${n}`;return{projectParent:r,secretName:`${r}/secrets/${t.secretId}`}}buildVersionName(e,t){let{secretName:n}=this.buildNames(e);return`${n}/versions/${t??e.version??`latest`}`}async ensureSecretExists(e,t){let{secretName:n,projectParent:r}=this.buildNames(e);try{await this.client.getSecret({name:n})}catch(i){let a=c({error:i,provider:this.id,reference:`gcp://${n}`,operation:`getSecret`,suppressThrow:!0});if(!a||a.code!==`NOT_FOUND`)throw a||i;try{await this.client.createSecret({parent:r,secretId:e.secretId,secret:{replication:this.replication,labels:t.labels}})}catch(e){throw c({error:e,provider:this.id,reference:`gcp://${n}`,operation:`createSecret`})}}}};function s(e){let t=e.split(`/`).filter(Boolean),n=t.indexOf(`versions`);if(!(n===-1||n+1>=t.length))return t[n+1]}function c(t){let{error:n,provider:r,reference:i,operation:a,suppressThrow:o}=t;if(n instanceof e)return n;let s=l(n),c=new e({message:n instanceof Error?n.message:`Unknown error during ${a}`,provider:r,reference:i,code:s,cause:n});if(o)return c;throw c}function l(e){if(typeof e!=`object`||!e)return`UNKNOWN`;let t=e.code;return t===5||t===`NOT_FOUND`?`NOT_FOUND`:t===6||t===`ALREADY_EXISTS`?`INVALID`:t===7||t===`PERMISSION_DENIED`||t===403?`FORBIDDEN`:t===3||t===`INVALID_ARGUMENT`?`INVALID`:`UNKNOWN`}export{o as GcpSecretManagerProvider};
1
+ import { SecretProviderError, normalizeSecretPayload, parseSecretUri } from "./provider.js";
2
+ import { SecretManagerServiceClient, protos } from "@google-cloud/secret-manager";
3
+
4
+ //#region src/secrets/gcp-secret-manager.ts
5
+ const DEFAULT_REPLICATION = { automatic: {} };
6
+ var GcpSecretManagerProvider = class {
7
+ id = "gcp-secret-manager";
8
+ client;
9
+ explicitProjectId;
10
+ replication;
11
+ constructor(options = {}) {
12
+ this.client = options.client ?? new SecretManagerServiceClient(options.clientOptions ?? {});
13
+ this.explicitProjectId = options.projectId;
14
+ this.replication = options.defaultReplication ?? DEFAULT_REPLICATION;
15
+ }
16
+ canHandle(reference) {
17
+ try {
18
+ return parseSecretUri(reference).provider === "gcp";
19
+ } catch {
20
+ return false;
21
+ }
22
+ }
23
+ async getSecret(reference, options, callOptions) {
24
+ const location = this.parseReference(reference);
25
+ const secretVersionName = this.buildVersionName(location, options?.version);
26
+ try {
27
+ const [result] = await this.client.accessSecretVersion({ name: secretVersionName }, callOptions ?? {});
28
+ const payload = result.payload;
29
+ if (!payload?.data) throw new SecretProviderError({
30
+ message: `Secret payload empty for ${secretVersionName}`,
31
+ provider: this.id,
32
+ reference,
33
+ code: "UNKNOWN"
34
+ });
35
+ const version = extractVersionFromName(result.name ?? secretVersionName);
36
+ return {
37
+ data: payload.data,
38
+ version,
39
+ metadata: payload.dataCrc32c ? { crc32c: payload.dataCrc32c.toString() } : void 0,
40
+ retrievedAt: /* @__PURE__ */ new Date()
41
+ };
42
+ } catch (error) {
43
+ throw toSecretProviderError({
44
+ error,
45
+ provider: this.id,
46
+ reference,
47
+ operation: "access"
48
+ });
49
+ }
50
+ }
51
+ async setSecret(reference, payload) {
52
+ const location = this.parseReference(reference);
53
+ const { secretName } = this.buildNames(location);
54
+ const data = normalizeSecretPayload(payload);
55
+ await this.ensureSecretExists(location, payload);
56
+ try {
57
+ const response = await this.client.addSecretVersion({
58
+ parent: secretName,
59
+ payload: { data }
60
+ });
61
+ if (!response) throw new SecretProviderError({
62
+ message: `No version returned when adding secret version for ${secretName}`,
63
+ provider: this.id,
64
+ reference,
65
+ code: "UNKNOWN"
66
+ });
67
+ const [version] = response;
68
+ const versionName = version?.name ?? `${secretName}/versions/latest`;
69
+ return {
70
+ reference: `gcp://${versionName}`,
71
+ version: extractVersionFromName(versionName) ?? "latest"
72
+ };
73
+ } catch (error) {
74
+ throw toSecretProviderError({
75
+ error,
76
+ provider: this.id,
77
+ reference,
78
+ operation: "addSecretVersion"
79
+ });
80
+ }
81
+ }
82
+ async rotateSecret(reference, payload) {
83
+ return this.setSecret(reference, payload);
84
+ }
85
+ async deleteSecret(reference) {
86
+ const location = this.parseReference(reference);
87
+ const { secretName } = this.buildNames(location);
88
+ try {
89
+ await this.client.deleteSecret({ name: secretName });
90
+ } catch (error) {
91
+ throw toSecretProviderError({
92
+ error,
93
+ provider: this.id,
94
+ reference,
95
+ operation: "delete"
96
+ });
97
+ }
98
+ }
99
+ parseReference(reference) {
100
+ const parsed = parseSecretUri(reference);
101
+ if (parsed.provider !== "gcp") throw new SecretProviderError({
102
+ message: `Unsupported secret provider: ${parsed.provider}`,
103
+ provider: this.id,
104
+ reference,
105
+ code: "INVALID"
106
+ });
107
+ const segments = parsed.path.split("/").filter(Boolean);
108
+ if (segments.length < 4 || segments[0] !== "projects") throw new SecretProviderError({
109
+ message: `Expected secret reference format gcp://projects/{project}/secrets/{secret}[(/versions/{version})] but received "${parsed.path}"`,
110
+ provider: this.id,
111
+ reference,
112
+ code: "INVALID"
113
+ });
114
+ const projectIdCandidate = segments[1] ?? this.explicitProjectId;
115
+ if (!projectIdCandidate) throw new SecretProviderError({
116
+ message: `Unable to resolve project or secret from reference "${parsed.path}"`,
117
+ provider: this.id,
118
+ reference,
119
+ code: "INVALID"
120
+ });
121
+ const indexOfSecrets = segments.indexOf("secrets");
122
+ if (indexOfSecrets === -1 || indexOfSecrets + 1 >= segments.length) throw new SecretProviderError({
123
+ message: `Unable to resolve project or secret from reference "${parsed.path}"`,
124
+ provider: this.id,
125
+ reference,
126
+ code: "INVALID"
127
+ });
128
+ const resolvedProjectId = projectIdCandidate;
129
+ const secretIdCandidate = segments[indexOfSecrets + 1];
130
+ if (!secretIdCandidate) throw new SecretProviderError({
131
+ message: `Unable to resolve secret ID from reference "${parsed.path}"`,
132
+ provider: this.id,
133
+ reference,
134
+ code: "INVALID"
135
+ });
136
+ const secretId = secretIdCandidate;
137
+ const indexOfVersions = segments.indexOf("versions");
138
+ return {
139
+ projectId: resolvedProjectId,
140
+ secretId,
141
+ version: parsed.extras?.version ?? (indexOfVersions !== -1 && indexOfVersions + 1 < segments.length ? segments[indexOfVersions + 1] : void 0)
142
+ };
143
+ }
144
+ buildNames(location) {
145
+ const projectId = location.projectId ?? this.explicitProjectId;
146
+ if (!projectId) throw new SecretProviderError({
147
+ message: "Project ID must be provided either in reference or provider configuration",
148
+ provider: this.id,
149
+ reference: `gcp://projects//secrets/${location.secretId}`,
150
+ code: "INVALID"
151
+ });
152
+ const projectParent = `projects/${projectId}`;
153
+ return {
154
+ projectParent,
155
+ secretName: `${projectParent}/secrets/${location.secretId}`
156
+ };
157
+ }
158
+ buildVersionName(location, explicitVersion) {
159
+ const { secretName } = this.buildNames(location);
160
+ return `${secretName}/versions/${explicitVersion ?? location.version ?? "latest"}`;
161
+ }
162
+ async ensureSecretExists(location, payload) {
163
+ const { secretName, projectParent } = this.buildNames(location);
164
+ try {
165
+ await this.client.getSecret({ name: secretName });
166
+ } catch (error) {
167
+ const providerError = toSecretProviderError({
168
+ error,
169
+ provider: this.id,
170
+ reference: `gcp://${secretName}`,
171
+ operation: "getSecret",
172
+ suppressThrow: true
173
+ });
174
+ if (!providerError || providerError.code !== "NOT_FOUND") {
175
+ if (providerError) throw providerError;
176
+ throw error;
177
+ }
178
+ try {
179
+ await this.client.createSecret({
180
+ parent: projectParent,
181
+ secretId: location.secretId,
182
+ secret: {
183
+ replication: this.replication,
184
+ labels: payload.labels
185
+ }
186
+ });
187
+ } catch (creationError) {
188
+ throw toSecretProviderError({
189
+ error: creationError,
190
+ provider: this.id,
191
+ reference: `gcp://${secretName}`,
192
+ operation: "createSecret"
193
+ });
194
+ }
195
+ }
196
+ }
197
+ };
198
+ function extractVersionFromName(name) {
199
+ const segments = name.split("/").filter(Boolean);
200
+ const index = segments.indexOf("versions");
201
+ if (index === -1 || index + 1 >= segments.length) return;
202
+ return segments[index + 1];
203
+ }
204
+ function toSecretProviderError(params) {
205
+ const { error, provider, reference, operation, suppressThrow } = params;
206
+ if (error instanceof SecretProviderError) return error;
207
+ const code = deriveErrorCode(error);
208
+ const providerError = new SecretProviderError({
209
+ message: error instanceof Error ? error.message : `Unknown error during ${operation}`,
210
+ provider,
211
+ reference,
212
+ code,
213
+ cause: error
214
+ });
215
+ if (suppressThrow) return providerError;
216
+ throw providerError;
217
+ }
218
+ function deriveErrorCode(error) {
219
+ if (typeof error !== "object" || error === null) return "UNKNOWN";
220
+ const code = error.code;
221
+ if (code === 5 || code === "NOT_FOUND") return "NOT_FOUND";
222
+ if (code === 6 || code === "ALREADY_EXISTS") return "INVALID";
223
+ if (code === 7 || code === "PERMISSION_DENIED" || code === 403) return "FORBIDDEN";
224
+ if (code === 3 || code === "INVALID_ARGUMENT") return "INVALID";
225
+ return "UNKNOWN";
226
+ }
227
+
228
+ //#endregion
229
+ export { GcpSecretManagerProvider };
package/dist/secrets/index.js CHANGED
@@ -1 +1,6 @@
1
- import{SecretProviderError as e,normalizeSecretPayload as t,parseSecretUri as n}from"./provider.js";import{GcpSecretManagerProvider as r}from"./gcp-secret-manager.js";import{EnvSecretProvider as i}from"./env-secret-provider.js";import{SecretProviderManager as a}from"./manager.js";export{i as EnvSecretProvider,r as GcpSecretManagerProvider,e as SecretProviderError,a as SecretProviderManager,t as normalizeSecretPayload,n as parseSecretUri};
1
+ import { SecretProviderError, normalizeSecretPayload, parseSecretUri } from "./provider.js";
2
+ import { GcpSecretManagerProvider } from "./gcp-secret-manager.js";
3
+ import { EnvSecretProvider } from "./env-secret-provider.js";
4
+ import { SecretProviderManager } from "./manager.js";
5
+
6
+ export { EnvSecretProvider, GcpSecretManagerProvider, SecretProviderError, SecretProviderManager, normalizeSecretPayload, parseSecretUri };
package/dist/secrets/manager.js CHANGED
@@ -1 +1,103 @@
1
- import{SecretProviderError as e}from"./provider.js";var t=class{id;providers=[];registrationCounter=0;constructor(e={}){this.id=e.id??`secret-provider-manager`;let t=e.providers??[];for(let e of t)this.register(e.provider,{priority:e.priority})}register(e,t={}){return this.providers.push({provider:e,priority:t.priority??0,order:this.registrationCounter++}),this.providers.sort((e,t)=>e.priority===t.priority?e.order-t.order:t.priority-e.priority),this}canHandle(e){return this.providers.some(({provider:t})=>n(t,e))}async getSecret(t,r){let i=[];for(let{provider:a}of this.providers)if(n(a,t))try{return await a.getSecret(t,r)}catch(t){if(t instanceof e){if(i.push(t),t.code!==`NOT_FOUND`)break;continue}throw t}throw this.composeError(`getSecret`,t,i,r?.version)}async setSecret(e,t){return this.delegateToFirst(`setSecret`,e,n=>n.setSecret(e,t))}async rotateSecret(e,t){return this.delegateToFirst(`rotateSecret`,e,n=>n.rotateSecret(e,t))}async deleteSecret(e){await this.delegateToFirst(`deleteSecret`,e,t=>t.deleteSecret(e))}async delegateToFirst(t,r,i){let a=[];for(let{provider:t}of this.providers)if(n(t,r))try{return await i(t)}catch(t){if(t instanceof e){a.push(t);continue}throw t}throw this.composeError(t,r,a)}composeError(t,n,r,i){if(r.length===1){let[e]=r;if(e)return e}let a=[`No registered secret provider could ${t}`,`reference "${n}"`];return i&&a.push(`(version: ${i})`),r.length>1&&a.push(`Attempts: ${r.map(e=>`${e.provider}:${e.code}`).join(`, `)}`),new e({message:a.join(` `),provider:this.id,reference:n,code:r.length>0?r[r.length-1].code:`UNKNOWN`,cause:r})}};function n(e,t){try{return e.canHandle(t)}catch{return!1}}export{t as SecretProviderManager};
1
+ import { SecretProviderError } from "./provider.js";
2
+
3
+ //#region src/secrets/manager.ts
4
+ /**
5
+ * Composite secret provider that delegates to registered providers.
6
+ * Providers are attempted in order of descending priority, respecting the
7
+ * registration order for ties. This enables privileged overrides (e.g.
8
+ * environment variables) while still supporting durable backends like GCP
9
+ * Secret Manager.
10
+ */
11
+ var SecretProviderManager = class {
12
+ id;
13
+ providers = [];
14
+ registrationCounter = 0;
15
+ constructor(options = {}) {
16
+ this.id = options.id ?? "secret-provider-manager";
17
+ const initialProviders = options.providers ?? [];
18
+ for (const entry of initialProviders) this.register(entry.provider, { priority: entry.priority });
19
+ }
20
+ register(provider, options = {}) {
21
+ this.providers.push({
22
+ provider,
23
+ priority: options.priority ?? 0,
24
+ order: this.registrationCounter++
25
+ });
26
+ this.providers.sort((a, b) => {
27
+ if (a.priority !== b.priority) return b.priority - a.priority;
28
+ return a.order - b.order;
29
+ });
30
+ return this;
31
+ }
32
+ canHandle(reference) {
33
+ return this.providers.some(({ provider }) => safeCanHandle(provider, reference));
34
+ }
35
+ async getSecret(reference, options) {
36
+ const errors = [];
37
+ for (const { provider } of this.providers) {
38
+ if (!safeCanHandle(provider, reference)) continue;
39
+ try {
40
+ return await provider.getSecret(reference, options);
41
+ } catch (error) {
42
+ if (error instanceof SecretProviderError) {
43
+ errors.push(error);
44
+ if (error.code !== "NOT_FOUND") break;
45
+ continue;
46
+ }
47
+ throw error;
48
+ }
49
+ }
50
+ throw this.composeError("getSecret", reference, errors, options?.version);
51
+ }
52
+ async setSecret(reference, payload) {
53
+ return this.delegateToFirst("setSecret", reference, (provider) => provider.setSecret(reference, payload));
54
+ }
55
+ async rotateSecret(reference, payload) {
56
+ return this.delegateToFirst("rotateSecret", reference, (provider) => provider.rotateSecret(reference, payload));
57
+ }
58
+ async deleteSecret(reference) {
59
+ await this.delegateToFirst("deleteSecret", reference, (provider) => provider.deleteSecret(reference));
60
+ }
61
+ async delegateToFirst(operation, reference, invoker) {
62
+ const errors = [];
63
+ for (const { provider } of this.providers) {
64
+ if (!safeCanHandle(provider, reference)) continue;
65
+ try {
66
+ return await invoker(provider);
67
+ } catch (error) {
68
+ if (error instanceof SecretProviderError) {
69
+ errors.push(error);
70
+ continue;
71
+ }
72
+ throw error;
73
+ }
74
+ }
75
+ throw this.composeError(operation, reference, errors);
76
+ }
77
+ composeError(operation, reference, errors, version) {
78
+ if (errors.length === 1) {
79
+ const [singleError] = errors;
80
+ if (singleError) return singleError;
81
+ }
82
+ const messageParts = [`No registered secret provider could ${operation}`, `reference "${reference}"`];
83
+ if (version) messageParts.push(`(version: ${version})`);
84
+ if (errors.length > 1) messageParts.push(`Attempts: ${errors.map((error) => `${error.provider}:${error.code}`).join(", ")}`);
85
+ return new SecretProviderError({
86
+ message: messageParts.join(" "),
87
+ provider: this.id,
88
+ reference,
89
+ code: errors.length > 0 ? errors[errors.length - 1].code : "UNKNOWN",
90
+ cause: errors
91
+ });
92
+ }
93
+ };
94
+ function safeCanHandle(provider, reference) {
95
+ try {
96
+ return provider.canHandle(reference);
97
+ } catch {
98
+ return false;
99
+ }
100
+ }
101
+
102
+ //#endregion
103
+ export { SecretProviderManager };
package/dist/secrets/provider.js CHANGED
@@ -1 +1,58 @@
1
- import{Buffer as e}from"node:buffer";var t=class extends Error{provider;reference;code;cause;constructor(e){super(e.message),this.name=`SecretProviderError`,this.provider=e.provider,this.reference=e.reference,this.code=e.code??`UNKNOWN`,this.cause=e.cause}};function n(e){if(!e)throw new t({message:`Secret reference cannot be empty`,provider:`unknown`,reference:e,code:`INVALID`});let[n,r]=e.split(`://`);if(!n||!r)throw new t({message:`Invalid secret reference: ${e}`,provider:`unknown`,reference:e,code:`INVALID`});let i=r.indexOf(`?`);if(i===-1)return{provider:n,path:r};let a=r.slice(0,i),o=r.slice(i+1);return{provider:n,path:a,extras:Object.fromEntries(o.split(`&`).filter(Boolean).map(e=>{let[t,n]=e.split(`=`),r=t??``,i=n??``;return[decodeURIComponent(r),decodeURIComponent(i)]}))}}function r(t){return t.data instanceof Uint8Array?t.data:t.encoding===`base64`?e.from(t.data,`base64`):t.encoding===`binary`?e.from(t.data,`binary`):e.from(t.data,`utf-8`)}export{t as SecretProviderError,r as normalizeSecretPayload,n as parseSecretUri};
1
+ import { Buffer } from "node:buffer";
2
+
3
+ //#region src/secrets/provider.ts
4
+ var SecretProviderError = class extends Error {
5
+ provider;
6
+ reference;
7
+ code;
8
+ cause;
9
+ constructor(params) {
10
+ super(params.message);
11
+ this.name = "SecretProviderError";
12
+ this.provider = params.provider;
13
+ this.reference = params.reference;
14
+ this.code = params.code ?? "UNKNOWN";
15
+ this.cause = params.cause;
16
+ }
17
+ };
18
+ function parseSecretUri(reference) {
19
+ if (!reference) throw new SecretProviderError({
20
+ message: "Secret reference cannot be empty",
21
+ provider: "unknown",
22
+ reference,
23
+ code: "INVALID"
24
+ });
25
+ const [scheme, rest] = reference.split("://");
26
+ if (!scheme || !rest) throw new SecretProviderError({
27
+ message: `Invalid secret reference: ${reference}`,
28
+ provider: "unknown",
29
+ reference,
30
+ code: "INVALID"
31
+ });
32
+ const queryIndex = rest.indexOf("?");
33
+ if (queryIndex === -1) return {
34
+ provider: scheme,
35
+ path: rest
36
+ };
37
+ const path = rest.slice(0, queryIndex);
38
+ const query = rest.slice(queryIndex + 1);
39
+ return {
40
+ provider: scheme,
41
+ path,
42
+ extras: Object.fromEntries(query.split("&").filter(Boolean).map((pair) => {
43
+ const [keyRaw, valueRaw] = pair.split("=");
44
+ const key = keyRaw ?? "";
45
+ const value = valueRaw ?? "";
46
+ return [decodeURIComponent(key), decodeURIComponent(value)];
47
+ }))
48
+ };
49
+ }
50
+ function normalizeSecretPayload(payload) {
51
+ if (payload.data instanceof Uint8Array) return payload.data;
52
+ if (payload.encoding === "base64") return Buffer.from(payload.data, "base64");
53
+ if (payload.encoding === "binary") return Buffer.from(payload.data, "binary");
54
+ return Buffer.from(payload.data, "utf-8");
55
+ }
56
+
57
+ //#endregion
58
+ export { SecretProviderError, normalizeSecretPayload, parseSecretUri };
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@lssm/integration.runtime",
3
- "version": "0.0.0-canary-20251217063201",
3
+ "version": "0.0.0-canary-20251217072406",
4
4
  "type": "module",
5
5
  "main": "./dist/index.js",
6
6
  "module": "./dist/index.js",
@@ -23,14 +23,14 @@
23
23
  "test": "bun test"
24
24
  },
25
25
  "dependencies": {
26
- "@lssm/lib.contracts": "0.0.0-canary-20251217063201",
27
- "@lssm/lib.logger": "0.0.0-canary-20251217063201",
26
+ "@lssm/lib.contracts": "0.0.0-canary-20251217072406",
27
+ "@lssm/lib.logger": "0.0.0-canary-20251217072406",
28
28
  "@google-cloud/secret-manager": "^6.1.1",
29
29
  "google-gax": "^5.0.0"
30
30
  },
31
31
  "devDependencies": {
32
- "@lssm/tool.tsdown": "0.0.0-canary-20251217063201",
33
- "@lssm/tool.typescript": "0.0.0-canary-20251217063201",
32
+ "@lssm/tool.tsdown": "0.0.0-canary-20251217072406",
33
+ "@lssm/tool.typescript": "0.0.0-canary-20251217072406",
34
34
  "tsdown": "^0.17.4",
35
35
  "typescript": "^5.9.3"
36
36
  },