@lucern/sdk 1.0.11 → 1.0.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (330) hide show
  1. package/CHANGELOG.md +3 -0
  2. package/dist/.generated +2 -0
  3. package/dist/accessControl.d.ts +19 -26
  4. package/dist/accessControl.js +195 -1423
  5. package/dist/adminClient.d.ts +52 -59
  6. package/dist/adminClient.js +364 -1142
  7. package/dist/answersClient.d.ts +5 -14
  8. package/dist/answersClient.js +19 -737
  9. package/dist/audience/index.d.ts +18 -18
  10. package/dist/audience/index.js +87 -90
  11. package/dist/audiencesClient.d.ts +19 -27
  12. package/dist/audiencesClient.js +107 -868
  13. package/dist/auditClient.d.ts +8 -15
  14. package/dist/auditClient.js +18 -791
  15. package/dist/authContext.d.ts +11 -16
  16. package/dist/authContext.js +122 -154
  17. package/dist/authDeviceClient.d.ts +8 -17
  18. package/dist/authDeviceClient.js +113 -102
  19. package/dist/beliefs/index.d.ts +15 -67
  20. package/dist/beliefs/index.js +17 -10181
  21. package/dist/beliefs/lifecycle.d.ts +10 -11
  22. package/dist/beliefs/lifecycle.js +78 -80
  23. package/dist/beliefsClient.d.ts +26 -32
  24. package/dist/beliefsClient.js +250 -990
  25. package/dist/boundaryClientSurface.d.ts +11 -16
  26. package/dist/boundaryClientSurface.js +49 -68
  27. package/dist/client.d.ts +64 -112
  28. package/dist/client.js +232 -10155
  29. package/dist/clientAssemblyTypes.d.ts +3 -3
  30. package/dist/clientAssemblyTypes.js +1 -2
  31. package/dist/clientConfig.d.ts +45 -59
  32. package/dist/clientConfig.js +1 -2
  33. package/dist/clientEvidenceCompat.d.ts +7 -14
  34. package/dist/clientEvidenceCompat.js +50 -64
  35. package/dist/clientGraphNamespaces.d.ts +3 -5
  36. package/dist/clientGraphNamespaces.js +170 -245
  37. package/dist/clientHelpers.d.ts +20 -25
  38. package/dist/clientHelpers.js +104 -127
  39. package/dist/clientKnowledgeNamespaces.d.ts +6 -53
  40. package/dist/clientKnowledgeNamespaces.js +502 -506
  41. package/dist/clientLocalHelpers.d.ts +11 -56
  42. package/dist/clientLocalHelpers.js +503 -732
  43. package/dist/clientPlatformNamespaces.d.ts +5 -53
  44. package/dist/clientPlatformNamespaces.js +229 -323
  45. package/dist/clientRuntime.d.ts +5 -53
  46. package/dist/clientRuntime.js +26 -30
  47. package/dist/clientWorkflowNamespaces.d.ts +6 -15
  48. package/dist/clientWorkflowNamespaces.js +529 -596
  49. package/dist/contextClient.d.ts +9 -17
  50. package/dist/contextClient.js +92 -805
  51. package/dist/contextFacade.d.ts +11 -2
  52. package/dist/contextFacade.js +10 -81
  53. package/dist/contextPackCompiler.d.ts +10 -11
  54. package/dist/contextPackCompiler.js +494 -1040
  55. package/dist/contextPackPolicy.d.ts +14 -15
  56. package/dist/contextPackPolicy.js +227 -305
  57. package/dist/contextPackSchema.d.ts +3 -3
  58. package/dist/contextPackSchema.js +169 -176
  59. package/dist/contextTypes.d.ts +14 -15
  60. package/dist/contextTypes.js +1 -2
  61. package/dist/contracts/api-enums.contract.d.ts +29 -30
  62. package/dist/contracts/api-enums.contract.js +162 -88
  63. package/dist/contracts/auth-session.contract.d.ts +13 -14
  64. package/dist/contracts/auth-session.contract.js +55 -52
  65. package/dist/contracts/context-pack.contract.d.ts +54 -55
  66. package/dist/contracts/context-pack.contract.js +160 -88
  67. package/dist/contracts/contextPack.d.ts +2 -1
  68. package/dist/contracts/contextPack.js +1 -97
  69. package/dist/contracts/index.d.ts +11 -12
  70. package/dist/contracts/index.js +10 -854
  71. package/dist/contracts/lens-filter.contract.d.ts +9 -10
  72. package/dist/contracts/lens-filter.contract.js +82 -58
  73. package/dist/contracts/lens-workflow.contract.d.ts +21 -23
  74. package/dist/contracts/lens-workflow.contract.js +48 -117
  75. package/dist/contracts/lensFilter.d.ts +2 -1
  76. package/dist/contracts/lensFilter.js +1 -71
  77. package/dist/contracts/lensWorkflow.d.ts +2 -2
  78. package/dist/contracts/lensWorkflow.js +1 -123
  79. package/dist/contracts/mcpTools.d.ts +16 -18
  80. package/dist/contracts/mcpTools.js +89 -123
  81. package/dist/contracts/prompt.contract.d.ts +4 -5
  82. package/dist/contracts/prompt.contract.js +23 -10
  83. package/dist/contracts/prompt.d.ts +2 -1
  84. package/dist/contracts/prompt.js +1 -11
  85. package/dist/contracts/sdk-tools.contract.d.ts +2 -1
  86. package/dist/contracts/sdk-tools.contract.js +1 -2
  87. package/dist/contracts/sdkTools.d.ts +2 -1
  88. package/dist/contracts/sdkTools.js +1 -26
  89. package/dist/contracts/tool-contracts.d.ts +2 -1
  90. package/dist/contracts/tool-contracts.js +1 -2
  91. package/dist/contracts/workflow-runtime.contract.d.ts +45 -46
  92. package/dist/contracts/workflow-runtime.contract.js +241 -228
  93. package/dist/contracts/workflowRuntime.d.ts +2 -1
  94. package/dist/contracts/workflowRuntime.js +1 -244
  95. package/dist/contradictions/index.d.ts +8 -60
  96. package/dist/contradictions/index.js +11 -10175
  97. package/dist/control-plane.d.ts +17 -24
  98. package/dist/control-plane.js +124 -840
  99. package/dist/controlObjectOwnership.d.ts +19 -20
  100. package/dist/controlObjectOwnership.js +207 -201
  101. package/dist/coreClient.d.ts +23 -28
  102. package/dist/coreClient.js +567 -692
  103. package/dist/customTools.d.ts +17 -21
  104. package/dist/customTools.js +221 -221
  105. package/dist/decisions/index.d.ts +7 -58
  106. package/dist/decisions/index.js +14 -10177
  107. package/dist/decisionsClient.d.ts +25 -32
  108. package/dist/decisionsClient.js +113 -913
  109. package/dist/domainContext.d.ts +2 -1
  110. package/dist/domainContext.js +1 -2
  111. package/dist/edges/index.d.ts +21 -73
  112. package/dist/edges/index.js +12 -10176
  113. package/dist/embeddingsClient.d.ts +22 -30
  114. package/dist/embeddingsClient.js +73 -922
  115. package/dist/eventingClient.d.ts +23 -31
  116. package/dist/eventingClient.js +89 -918
  117. package/dist/events.d.ts +48 -49
  118. package/dist/events.js +257 -241
  119. package/dist/eventsCore.d.ts +20 -29
  120. package/dist/eventsCore.js +86 -830
  121. package/dist/evidence/index.d.ts +9 -60
  122. package/dist/evidence/index.js +13 -10176
  123. package/dist/evidenceClient.d.ts +13 -22
  124. package/dist/evidenceClient.js +34 -751
  125. package/dist/facade/context.d.ts +7 -8
  126. package/dist/facade/context.js +73 -72
  127. package/dist/functionSurface.d.ts +2 -156
  128. package/dist/functionSurface.js +1 -1460
  129. package/dist/functionSurfaceClient.d.ts +2 -9
  130. package/dist/functionSurfaceClient.js +1 -1460
  131. package/dist/gatewayFacades.d.ts +79 -296
  132. package/dist/gatewayFacades.factories.d.ts +209 -14
  133. package/dist/gatewayFacades.factories.js +561 -2227
  134. package/dist/gatewayFacades.js +284 -2627
  135. package/dist/generated/functionSurface.d.ts +149 -0
  136. package/dist/generated/functionSurface.js +749 -0
  137. package/dist/graphAnalysisClient.d.ts +41 -49
  138. package/dist/graphAnalysisClient.js +185 -974
  139. package/dist/graphClient.d.ts +53 -60
  140. package/dist/graphClient.js +219 -1090
  141. package/dist/graphIntel.d.ts +2 -4
  142. package/dist/graphIntel.js +1 -2
  143. package/dist/graphIntelligence.d.ts +4 -2
  144. package/dist/graphIntelligence.js +2 -46
  145. package/dist/graphRecommendationsClient.d.ts +15 -23
  146. package/dist/graphRecommendationsClient.js +70 -849
  147. package/dist/graphStateClassifierClient.d.ts +17 -25
  148. package/dist/graphStateClassifierClient.js +67 -908
  149. package/dist/harnessClient.d.ts +40 -47
  150. package/dist/harnessClient.js +198 -993
  151. package/dist/identityClient.d.ts +25 -33
  152. package/dist/identityClient.js +245 -1186
  153. package/dist/index.d.ts +73 -69
  154. package/dist/index.js +72 -13313
  155. package/dist/infisicalRuntime.d.ts +12 -14
  156. package/dist/infisicalRuntime.js +290 -297
  157. package/dist/jobsClient.d.ts +24 -32
  158. package/dist/jobsClient.js +101 -916
  159. package/dist/learningClient.d.ts +8 -16
  160. package/dist/learningClient.js +45 -809
  161. package/dist/lenses/index.d.ts +13 -65
  162. package/dist/lenses/index.js +11 -10175
  163. package/dist/mcpClient.d.ts +14 -23
  164. package/dist/mcpClient.js +115 -856
  165. package/dist/modelRuntimeClient.d.ts +18 -26
  166. package/dist/modelRuntimeClient.js +74 -894
  167. package/dist/nodes/index.d.ts +7 -58
  168. package/dist/nodes/index.js +14 -10177
  169. package/dist/ontologies/index.d.ts +21 -73
  170. package/dist/ontologies/index.js +14 -10178
  171. package/dist/ontologyClient.d.ts +23 -31
  172. package/dist/ontologyClient.js +138 -924
  173. package/dist/ontologyLinksClient.d.ts +16 -24
  174. package/dist/ontologyLinksClient.js +76 -886
  175. package/dist/opinion.d.ts +5 -6
  176. package/dist/opinion.js +21 -25
  177. package/dist/orgGraphSearchClient.d.ts +19 -27
  178. package/dist/orgGraphSearchClient.js +89 -857
  179. package/dist/packRuntime.d.ts +2 -2
  180. package/dist/packRuntime.js +1 -2
  181. package/dist/packsClient.d.ts +30 -37
  182. package/dist/packsClient.js +131 -906
  183. package/dist/policyClient.d.ts +21 -29
  184. package/dist/policyClient.js +267 -1026
  185. package/dist/proof-attestation.json +1 -1
  186. package/dist/questions/index.d.ts +9 -60
  187. package/dist/questions/index.js +15 -10178
  188. package/dist/realtime/index.d.ts +20 -16
  189. package/dist/realtime/index.js +30 -19
  190. package/dist/realtime/refs.d.ts +4 -6
  191. package/dist/realtime/refs.js +12 -7
  192. package/dist/realtime-refs.d.ts +1 -0
  193. package/dist/realtime-refs.js +1 -0
  194. package/dist/realtime.d.ts +1 -0
  195. package/dist/realtime.js +1 -0
  196. package/dist/reportsClient.d.ts +10 -19
  197. package/dist/reportsClient.js +48 -836
  198. package/dist/schemaClient.d.ts +16 -23
  199. package/dist/schemaClient.js +62 -832
  200. package/dist/sdkSurface.d.ts +18 -25
  201. package/dist/sdkSurface.js +135 -106
  202. package/dist/secrets.d.ts +2 -1
  203. package/dist/secrets.js +1 -2
  204. package/dist/sourcesClient.d.ts +11 -18
  205. package/dist/sourcesClient.js +18 -741
  206. package/dist/telemetryClient.d.ts +22 -30
  207. package/dist/telemetryClient.js +107 -931
  208. package/dist/toolRegistryClient.d.ts +27 -35
  209. package/dist/toolRegistryClient.js +116 -954
  210. package/dist/topics/index.d.ts +13 -64
  211. package/dist/topics/index.js +15 -10178
  212. package/dist/topicsClient.d.ts +19 -27
  213. package/dist/topicsClient.js +106 -894
  214. package/dist/types.d.ts +84 -87
  215. package/dist/types.js +1 -2
  216. package/dist/version.d.ts +2 -3
  217. package/dist/version.js +2 -5
  218. package/dist/workflowClient.d.ts +60 -65
  219. package/dist/workflowClient.js +343 -1219
  220. package/dist/worktrees/index.d.ts +16 -68
  221. package/dist/worktrees/index.js +14 -10178
  222. package/package.json +6 -6
  223. package/dist/accessControl.js.map +0 -1
  224. package/dist/adminClient.js.map +0 -1
  225. package/dist/answersClient.js.map +0 -1
  226. package/dist/audience/index.js.map +0 -1
  227. package/dist/audiencesClient.js.map +0 -1
  228. package/dist/auditClient.js.map +0 -1
  229. package/dist/authContext.js.map +0 -1
  230. package/dist/authDeviceClient.js.map +0 -1
  231. package/dist/beliefs/index.js.map +0 -1
  232. package/dist/beliefs/lifecycle.js.map +0 -1
  233. package/dist/beliefsClient.js.map +0 -1
  234. package/dist/boundaryClientSurface.js.map +0 -1
  235. package/dist/client.js.map +0 -1
  236. package/dist/clientAssemblyTypes.js.map +0 -1
  237. package/dist/clientConfig.js.map +0 -1
  238. package/dist/clientEvidenceCompat.js.map +0 -1
  239. package/dist/clientGraphNamespaces.js.map +0 -1
  240. package/dist/clientHelpers.js.map +0 -1
  241. package/dist/clientKnowledgeNamespaces.js.map +0 -1
  242. package/dist/clientLocalHelpers.js.map +0 -1
  243. package/dist/clientPlatformNamespaces.js.map +0 -1
  244. package/dist/clientRuntime.js.map +0 -1
  245. package/dist/clientWorkflowNamespaces.js.map +0 -1
  246. package/dist/contextClient.js.map +0 -1
  247. package/dist/contextFacade.js.map +0 -1
  248. package/dist/contextPackCompiler.js.map +0 -1
  249. package/dist/contextPackPolicy.js.map +0 -1
  250. package/dist/contextPackSchema.js.map +0 -1
  251. package/dist/contextTypes.js.map +0 -1
  252. package/dist/contracts/api-enums.contract.js.map +0 -1
  253. package/dist/contracts/auth-session.contract.js.map +0 -1
  254. package/dist/contracts/context-pack.contract.js.map +0 -1
  255. package/dist/contracts/contextPack.js.map +0 -1
  256. package/dist/contracts/index.js.map +0 -1
  257. package/dist/contracts/lens-filter.contract.js.map +0 -1
  258. package/dist/contracts/lens-workflow.contract.js.map +0 -1
  259. package/dist/contracts/lensFilter.js.map +0 -1
  260. package/dist/contracts/lensWorkflow.js.map +0 -1
  261. package/dist/contracts/mcpTools.js.map +0 -1
  262. package/dist/contracts/prompt.contract.js.map +0 -1
  263. package/dist/contracts/prompt.js.map +0 -1
  264. package/dist/contracts/sdk-tools.contract.js.map +0 -1
  265. package/dist/contracts/sdkTools.js.map +0 -1
  266. package/dist/contracts/tool-contracts.js.map +0 -1
  267. package/dist/contracts/workflow-runtime.contract.js.map +0 -1
  268. package/dist/contracts/workflowRuntime.js.map +0 -1
  269. package/dist/contradictions/index.js.map +0 -1
  270. package/dist/control-plane.js.map +0 -1
  271. package/dist/controlObjectOwnership.js.map +0 -1
  272. package/dist/coreClient.js.map +0 -1
  273. package/dist/customTools.js.map +0 -1
  274. package/dist/decisions/index.js.map +0 -1
  275. package/dist/decisionsClient.js.map +0 -1
  276. package/dist/domainContext.js.map +0 -1
  277. package/dist/edges/index.js.map +0 -1
  278. package/dist/embeddingsClient.js.map +0 -1
  279. package/dist/eventingClient.js.map +0 -1
  280. package/dist/events.js.map +0 -1
  281. package/dist/eventsCore.js.map +0 -1
  282. package/dist/evidence/index.js.map +0 -1
  283. package/dist/evidenceClient.js.map +0 -1
  284. package/dist/facade/context.js.map +0 -1
  285. package/dist/functionSurface.js.map +0 -1
  286. package/dist/functionSurfaceClient.js.map +0 -1
  287. package/dist/gatewayFacades.factories.js.map +0 -1
  288. package/dist/gatewayFacades.js.map +0 -1
  289. package/dist/graphAnalysisClient.js.map +0 -1
  290. package/dist/graphClient.js.map +0 -1
  291. package/dist/graphIntel.js.map +0 -1
  292. package/dist/graphIntelligence.js.map +0 -1
  293. package/dist/graphRecommendationsClient.js.map +0 -1
  294. package/dist/graphStateClassifierClient.js.map +0 -1
  295. package/dist/harnessClient.js.map +0 -1
  296. package/dist/identityClient.js.map +0 -1
  297. package/dist/index.js.map +0 -1
  298. package/dist/infisicalRuntime.js.map +0 -1
  299. package/dist/jobsClient.js.map +0 -1
  300. package/dist/learningClient.js.map +0 -1
  301. package/dist/lenses/index.js.map +0 -1
  302. package/dist/mcpClient.js.map +0 -1
  303. package/dist/modelRuntimeClient.js.map +0 -1
  304. package/dist/nodes/index.js.map +0 -1
  305. package/dist/ontologies/index.js.map +0 -1
  306. package/dist/ontologyClient.js.map +0 -1
  307. package/dist/ontologyLinksClient.js.map +0 -1
  308. package/dist/opinion.js.map +0 -1
  309. package/dist/orgGraphSearchClient.js.map +0 -1
  310. package/dist/packRuntime.js.map +0 -1
  311. package/dist/packsClient.js.map +0 -1
  312. package/dist/policyClient.js.map +0 -1
  313. package/dist/questions/index.js.map +0 -1
  314. package/dist/realtime/index.js.map +0 -1
  315. package/dist/realtime/refs.js.map +0 -1
  316. package/dist/reportsClient.js.map +0 -1
  317. package/dist/schemaClient.js.map +0 -1
  318. package/dist/sdk-tools.contract-B4c1Zr1o.d.ts +0 -22
  319. package/dist/sdkSurface.js.map +0 -1
  320. package/dist/secrets.js.map +0 -1
  321. package/dist/sourcesClient.js.map +0 -1
  322. package/dist/telemetryClient.js.map +0 -1
  323. package/dist/tool-contracts-BUiL9P6z.d.ts +0 -22
  324. package/dist/toolRegistryClient.js.map +0 -1
  325. package/dist/topics/index.js.map +0 -1
  326. package/dist/topicsClient.js.map +0 -1
  327. package/dist/types.js.map +0 -1
  328. package/dist/version.js.map +0 -1
  329. package/dist/workflowClient.js.map +0 -1
  330. package/dist/worktrees/index.js.map +0 -1
@@ -1,346 +1,339 @@
1
- import { INFISICAL_RUNTIME_MANIFEST, INFISICAL_RUNTIME_DEFAULT_PROJECT_ID, INFISICAL_RUNTIME_DEFAULT_API_URL, findInfisicalRuntimeSurface, findInfisicalRuntimePath, GENERATED_INFISICAL_RUNTIME_ENV } from '@lucern/contracts';
2
-
3
- // src/infisicalRuntime.ts
4
- var InfisicalRuntimeError = class extends Error {
5
- code;
6
- status;
7
- constructor(args) {
8
- super(args.message);
9
- this.name = "InfisicalRuntimeError";
10
- this.code = args.code;
11
- this.status = args.status;
12
- }
13
- };
14
- function readInfisicalRuntimeBootstrap(env = {}, overrides = {}) {
15
- if (isInfisicalRuntimeDisabled(env)) {
16
- return null;
17
- }
18
- const bootstrapEnv = INFISICAL_RUNTIME_MANIFEST.bootstrapEnv;
19
- const clientId = overrides.clientId ?? readFirst(env, bootstrapEnv.clientId);
20
- const clientSecret = overrides.clientSecret ?? readFirst(env, bootstrapEnv.clientSecret);
21
- const hasAuthSignal = Boolean(clientId || clientSecret);
22
- if (!hasAuthSignal) {
23
- return null;
24
- }
25
- if (!clientId || !clientSecret) {
26
- throw new InfisicalRuntimeError({
27
- code: "INFISICAL_BOOTSTRAP_INCOMPLETE",
28
- message: "Infisical runtime bootstrap requires both INFISICAL_CLIENT_ID and INFISICAL_CLIENT_SECRET."
29
- });
30
- }
31
- return {
32
- apiUrl: overrides.apiUrl ?? readFirst(env, bootstrapEnv.apiUrl) ?? INFISICAL_RUNTIME_DEFAULT_API_URL,
33
- projectId: overrides.projectId ?? readFirst(env, bootstrapEnv.projectId) ?? INFISICAL_RUNTIME_DEFAULT_PROJECT_ID,
34
- clientId,
35
- clientSecret,
36
- environment: normalizeInfisicalEnvironment(
37
- overrides.environment ?? readFirst(env, bootstrapEnv.environment)
38
- ),
39
- organizationSlug: overrides.organizationSlug ?? readFirst(env, bootstrapEnv.organizationSlug)
40
- };
41
- }
42
- function isInfisicalRuntimeDisabled(env = {}) {
43
- return INFISICAL_RUNTIME_MANIFEST.bootstrapEnv.disabled.some(
44
- (name) => isTruthyEnv(env[name])
45
- );
1
+ import { INFISICAL_RUNTIME_DEFAULT_API_URL, INFISICAL_RUNTIME_DEFAULT_PROJECT_ID, INFISICAL_RUNTIME_MANIFEST, findInfisicalRuntimePath, findInfisicalRuntimeSurface, GENERATED_INFISICAL_RUNTIME_ENV, } from "@lucern/contracts";
2
+ export class InfisicalRuntimeError extends Error {
3
+ code;
4
+ status;
5
+ constructor(args) {
6
+ super(args.message);
7
+ this.name = "InfisicalRuntimeError";
8
+ this.code = args.code;
9
+ this.status = args.status;
10
+ }
46
11
  }
47
- async function hydrateInfisicalRuntimeEnv(options) {
48
- const env = options.env ?? {};
49
- const baseBootstrap = readInfisicalRuntimeBootstrap(env, options.bootstrap);
50
- const bootstrap = baseBootstrap ? {
51
- ...baseBootstrap,
52
- ...Object.fromEntries(
53
- Object.entries(options.bootstrap ?? {}).filter(
54
- ([, value]) => value !== void 0
55
- )
56
- ),
57
- apiUrl: trimTrailingSlash(
58
- options.bootstrap?.apiUrl ?? baseBootstrap.apiUrl
59
- )
60
- } : null;
61
- if (!bootstrap) {
12
+ export function readInfisicalRuntimeBootstrap(env = {}, overrides = {}) {
13
+ if (isInfisicalRuntimeDisabled(env)) {
14
+ return null;
15
+ }
16
+ const bootstrapEnv = INFISICAL_RUNTIME_MANIFEST.bootstrapEnv;
17
+ const clientId = overrides.clientId ?? readFirst(env, bootstrapEnv.clientId);
18
+ const clientSecret = overrides.clientSecret ?? readFirst(env, bootstrapEnv.clientSecret);
19
+ const hasAuthSignal = Boolean(clientId || clientSecret);
20
+ if (!hasAuthSignal) {
21
+ return null;
22
+ }
23
+ if (!clientId || !clientSecret) {
24
+ throw new InfisicalRuntimeError({
25
+ code: "INFISICAL_BOOTSTRAP_INCOMPLETE",
26
+ message: "Infisical runtime bootstrap requires both INFISICAL_CLIENT_ID and INFISICAL_CLIENT_SECRET.",
27
+ });
28
+ }
62
29
  return {
63
- status: "disabled",
64
- surfaceId: options.surfaceId,
65
- values: {},
66
- sourcePaths: []
30
+ apiUrl: overrides.apiUrl ??
31
+ readFirst(env, bootstrapEnv.apiUrl) ??
32
+ INFISICAL_RUNTIME_DEFAULT_API_URL,
33
+ projectId: overrides.projectId ??
34
+ readFirst(env, bootstrapEnv.projectId) ??
35
+ INFISICAL_RUNTIME_DEFAULT_PROJECT_ID,
36
+ clientId,
37
+ clientSecret,
38
+ environment: normalizeInfisicalEnvironment(overrides.environment ?? readFirst(env, bootstrapEnv.environment)),
39
+ organizationSlug: overrides.organizationSlug ??
40
+ readFirst(env, bootstrapEnv.organizationSlug),
67
41
  };
68
- }
69
- const surface = findInfisicalRuntimeSurface(options.surfaceId);
70
- if (!surface) {
71
- throw new InfisicalRuntimeError({
72
- code: "INFISICAL_UNKNOWN_SURFACE",
73
- message: `Unknown Lucern Infisical runtime surface: ${options.surfaceId}.`
74
- });
75
- }
76
- const fallbackDelivery = surface.fallback;
77
- if (surface.delivery !== "runtime_fetch" && fallbackDelivery !== "runtime_fetch") {
78
- throw new InfisicalRuntimeError({
79
- code: "INFISICAL_UNSUPPORTED_SURFACE_DELIVERY",
80
- message: `${surface.id} uses ${surface.delivery}; runtime fetch is only valid for runtime_fetch surfaces or surfaces with a runtime_fetch fallback.`
81
- });
82
- }
83
- const fetchImpl = options.fetchImpl ?? globalThis.fetch;
84
- if (typeof fetchImpl !== "function") {
85
- throw new InfisicalRuntimeError({
86
- code: "INFISICAL_FETCH_UNAVAILABLE",
87
- message: "No fetch implementation is available for Infisical runtime hydration."
88
- });
89
- }
90
- const token = await loginWithUniversalAuth(bootstrap, fetchImpl);
91
- const values = {};
92
- const missingRequired = [];
93
- const sourcePaths = /* @__PURE__ */ new Set();
94
- const variables = options.includeGeneratedSurfaceVariables ? generatedSurfaceVariables(options.surfaceId) : contractSurfaceVariables(surface.sourcePathIds);
95
- for (const runtimeVariable of variables) {
96
- sourcePaths.add(runtimeVariable.secretPath);
97
- const secretValue = await readVariableSecret({
98
- bootstrap,
99
- fetchImpl,
100
- token,
101
- secretPath: runtimeVariable.secretPath,
102
- variable: runtimeVariable
103
- });
104
- if (!secretValue) {
105
- if (runtimeVariable.required) {
106
- missingRequired.push(runtimeVariable.name);
107
- }
108
- continue;
42
+ }
43
+ export function isInfisicalRuntimeDisabled(env = {}) {
44
+ return INFISICAL_RUNTIME_MANIFEST.bootstrapEnv.disabled.some((name) => isTruthyEnv(env[name]));
45
+ }
46
+ export async function hydrateInfisicalRuntimeEnv(options) {
47
+ const env = options.env ?? {};
48
+ const baseBootstrap = readInfisicalRuntimeBootstrap(env, options.bootstrap);
49
+ const bootstrap = baseBootstrap
50
+ ? {
51
+ ...baseBootstrap,
52
+ ...Object.fromEntries(Object.entries(options.bootstrap ?? {}).filter(([, value]) => value !== undefined)),
53
+ apiUrl: trimTrailingSlash(options.bootstrap?.apiUrl ?? baseBootstrap.apiUrl),
54
+ }
55
+ : null;
56
+ if (!bootstrap) {
57
+ return {
58
+ status: "disabled",
59
+ surfaceId: options.surfaceId,
60
+ values: {},
61
+ sourcePaths: [],
62
+ };
109
63
  }
110
- values[runtimeVariable.name] = secretValue.value;
111
- for (const alias of runtimeVariable.aliases ?? []) {
112
- values[alias] = secretValue.value;
64
+ const surface = findInfisicalRuntimeSurface(options.surfaceId);
65
+ if (!surface) {
66
+ throw new InfisicalRuntimeError({
67
+ code: "INFISICAL_UNKNOWN_SURFACE",
68
+ message: `Unknown Lucern Infisical runtime surface: ${options.surfaceId}.`,
69
+ });
113
70
  }
114
- }
115
- if (missingRequired.length > 0) {
116
- throw new InfisicalRuntimeError({
117
- code: "INFISICAL_REQUIRED_SECRETS_MISSING",
118
- message: `Missing required Infisical runtime secrets: ${missingRequired.join(", ")}.`
119
- });
120
- }
121
- return {
122
- status: "hydrated",
123
- surfaceId: options.surfaceId,
124
- environment: bootstrap.environment,
125
- values,
126
- sourcePaths: [...sourcePaths]
127
- };
71
+ const fallbackDelivery = surface.fallback;
72
+ if (surface.delivery !== "runtime_fetch" &&
73
+ fallbackDelivery !== "runtime_fetch") {
74
+ throw new InfisicalRuntimeError({
75
+ code: "INFISICAL_UNSUPPORTED_SURFACE_DELIVERY",
76
+ message: `${surface.id} uses ${surface.delivery}; runtime fetch is only valid for runtime_fetch surfaces or surfaces with a runtime_fetch fallback.`,
77
+ });
78
+ }
79
+ const fetchImpl = options.fetchImpl ?? globalThis.fetch;
80
+ if (typeof fetchImpl !== "function") {
81
+ throw new InfisicalRuntimeError({
82
+ code: "INFISICAL_FETCH_UNAVAILABLE",
83
+ message: "No fetch implementation is available for Infisical runtime hydration.",
84
+ });
85
+ }
86
+ const token = await loginWithUniversalAuth(bootstrap, fetchImpl);
87
+ const values = {};
88
+ const missingRequired = [];
89
+ const sourcePaths = new Set();
90
+ const variables = options.includeGeneratedSurfaceVariables
91
+ ? generatedSurfaceVariables(options.surfaceId)
92
+ : contractSurfaceVariables(surface.sourcePathIds);
93
+ for (const runtimeVariable of variables) {
94
+ sourcePaths.add(runtimeVariable.secretPath);
95
+ const secretValue = await readVariableSecret({
96
+ bootstrap,
97
+ fetchImpl,
98
+ token,
99
+ secretPath: runtimeVariable.secretPath,
100
+ variable: runtimeVariable,
101
+ });
102
+ if (!secretValue) {
103
+ if (runtimeVariable.required) {
104
+ missingRequired.push(runtimeVariable.name);
105
+ }
106
+ continue;
107
+ }
108
+ values[runtimeVariable.name] = secretValue.value;
109
+ for (const alias of runtimeVariable.aliases ?? []) {
110
+ values[alias] = secretValue.value;
111
+ }
112
+ }
113
+ if (missingRequired.length > 0) {
114
+ throw new InfisicalRuntimeError({
115
+ code: "INFISICAL_REQUIRED_SECRETS_MISSING",
116
+ message: `Missing required Infisical runtime secrets: ${missingRequired.join(", ")}.`,
117
+ });
118
+ }
119
+ return {
120
+ status: "hydrated",
121
+ surfaceId: options.surfaceId,
122
+ environment: bootstrap.environment,
123
+ values,
124
+ sourcePaths: [...sourcePaths],
125
+ };
128
126
  }
129
- function applyInfisicalRuntimeEnv(result, targetEnv, options = {}) {
130
- for (const [key, value] of Object.entries(result.values)) {
131
- if (options.overrideExisting || !targetEnv[key]) {
132
- targetEnv[key] = value;
127
+ export function applyInfisicalRuntimeEnv(result, targetEnv, options = {}) {
128
+ for (const [key, value] of Object.entries(result.values)) {
129
+ if (options.overrideExisting || !targetEnv[key]) {
130
+ targetEnv[key] = value;
131
+ }
133
132
  }
134
- }
135
133
  }
136
134
  function normalizeInfisicalEnvironment(value) {
137
- if (value === "dev" || value === "staging" || value === "prod") {
138
- return value;
139
- }
140
- if (value === "development") {
141
- return "dev";
142
- }
143
- if (value === "production") {
135
+ if (value === "dev" || value === "staging" || value === "prod") {
136
+ return value;
137
+ }
138
+ if (value === "development") {
139
+ return "dev";
140
+ }
141
+ if (value === "production") {
142
+ return "prod";
143
+ }
144
144
  return "prod";
145
- }
146
- return "prod";
147
145
  }
148
146
  async function loginWithUniversalAuth(bootstrap, fetchImpl) {
149
- const response = await fetchImpl(
150
- `${trimTrailingSlash(bootstrap.apiUrl)}/api/v1/auth/universal-auth/login`,
151
- {
152
- method: "POST",
153
- headers: {
154
- "Content-Type": "application/json"
155
- },
156
- body: JSON.stringify({
157
- clientId: bootstrap.clientId,
158
- clientSecret: bootstrap.clientSecret,
159
- ...bootstrap.organizationSlug ? { organizationSlug: bootstrap.organizationSlug } : {}
160
- })
161
- }
162
- );
163
- const body = await readJson(response);
164
- if (!response.ok) {
165
- throw new InfisicalRuntimeError({
166
- code: "INFISICAL_UNIVERSAL_AUTH_FAILED",
167
- status: response.status,
168
- message: `Infisical Universal Auth failed with HTTP ${response.status}: ${messageFromBody(body)}`
147
+ const response = await fetchImpl(`${trimTrailingSlash(bootstrap.apiUrl)}/api/v1/auth/universal-auth/login`, {
148
+ method: "POST",
149
+ headers: {
150
+ "Content-Type": "application/json",
151
+ },
152
+ body: JSON.stringify({
153
+ clientId: bootstrap.clientId,
154
+ clientSecret: bootstrap.clientSecret,
155
+ ...(bootstrap.organizationSlug
156
+ ? { organizationSlug: bootstrap.organizationSlug }
157
+ : {}),
158
+ }),
169
159
  });
170
- }
171
- const accessToken = readNestedString(body, ["accessToken"]);
172
- if (!accessToken) {
173
- throw new InfisicalRuntimeError({
174
- code: "INFISICAL_UNIVERSAL_AUTH_INVALID_RESPONSE",
175
- message: "Infisical Universal Auth response did not include accessToken."
176
- });
177
- }
178
- return accessToken;
160
+ const body = await readJson(response);
161
+ if (!response.ok) {
162
+ throw new InfisicalRuntimeError({
163
+ code: "INFISICAL_UNIVERSAL_AUTH_FAILED",
164
+ status: response.status,
165
+ message: `Infisical Universal Auth failed with HTTP ${response.status}: ${messageFromBody(body)}`,
166
+ });
167
+ }
168
+ const accessToken = readNestedString(body, ["accessToken"]);
169
+ if (!accessToken) {
170
+ throw new InfisicalRuntimeError({
171
+ code: "INFISICAL_UNIVERSAL_AUTH_INVALID_RESPONSE",
172
+ message: "Infisical Universal Auth response did not include accessToken.",
173
+ });
174
+ }
175
+ return accessToken;
179
176
  }
180
177
  async function readVariableSecret(args) {
181
- const names = [args.variable.name, ...args.variable.aliases ?? []];
182
- for (const name of names) {
183
- const value = await readSecretValue({
184
- bootstrap: args.bootstrap,
185
- fetchImpl: args.fetchImpl,
186
- token: args.token,
187
- secretPath: args.secretPath,
188
- name,
189
- optional: true
190
- });
191
- if (value) {
192
- return { name, value };
178
+ const names = [args.variable.name, ...(args.variable.aliases ?? [])];
179
+ for (const name of names) {
180
+ const value = await readSecretValue({
181
+ bootstrap: args.bootstrap,
182
+ fetchImpl: args.fetchImpl,
183
+ token: args.token,
184
+ secretPath: args.secretPath,
185
+ name,
186
+ optional: true,
187
+ });
188
+ if (value) {
189
+ return { name, value };
190
+ }
193
191
  }
194
- }
195
- return null;
192
+ return null;
196
193
  }
197
194
  function contractSurfaceVariables(sourcePathIds) {
198
- return sourcePathIds.flatMap((pathId) => {
199
- const path = findInfisicalRuntimePath(pathId);
200
- if (!path) {
201
- throw new InfisicalRuntimeError({
202
- code: "INFISICAL_UNKNOWN_PATH",
203
- message: `Unknown Lucern Infisical runtime path: ${pathId}.`
204
- });
205
- }
206
- return path.variables.map((variable) => ({
207
- ...variable,
208
- secretPath: path.secretPath
209
- }));
210
- });
195
+ return sourcePathIds.flatMap((pathId) => {
196
+ const path = findInfisicalRuntimePath(pathId);
197
+ if (!path) {
198
+ throw new InfisicalRuntimeError({
199
+ code: "INFISICAL_UNKNOWN_PATH",
200
+ message: `Unknown Lucern Infisical runtime path: ${pathId}.`,
201
+ });
202
+ }
203
+ return path.variables.map((variable) => ({
204
+ ...variable,
205
+ secretPath: path.secretPath,
206
+ }));
207
+ });
211
208
  }
212
209
  function generatedSurfaceVariables(surfaceId) {
213
- const surface = GENERATED_INFISICAL_RUNTIME_ENV.surfaces[surfaceId];
214
- if (!surface) {
215
- throw new InfisicalRuntimeError({
216
- code: "INFISICAL_UNKNOWN_SURFACE",
217
- message: `Unknown generated Lucern Infisical runtime surface: ${surfaceId}.`
218
- });
219
- }
220
- return surface.variables.map(generatedVariableToRuntimeVariable);
210
+ const surface = GENERATED_INFISICAL_RUNTIME_ENV.surfaces[surfaceId];
211
+ if (!surface) {
212
+ throw new InfisicalRuntimeError({
213
+ code: "INFISICAL_UNKNOWN_SURFACE",
214
+ message: `Unknown generated Lucern Infisical runtime surface: ${surfaceId}.`,
215
+ });
216
+ }
217
+ return surface.variables.map(generatedVariableToRuntimeVariable);
221
218
  }
222
219
  function generatedVariableToRuntimeVariable(variable) {
223
- const aliases = /* @__PURE__ */ new Set([
224
- ...variable.envNames.filter((name) => name !== variable.canonicalName),
225
- ...variable.aliases
226
- ]);
227
- return {
228
- name: variable.canonicalName,
229
- required: variable.required,
230
- secret: variable.secret,
231
- public: variable.public,
232
- aliases: [...aliases],
233
- description: variable.description,
234
- secretPath: variable.sourcePath
235
- };
220
+ const aliases = new Set([
221
+ ...variable.envNames.filter((name) => name !== variable.canonicalName),
222
+ ...variable.aliases,
223
+ ]);
224
+ return {
225
+ name: variable.canonicalName,
226
+ required: variable.required,
227
+ secret: variable.secret,
228
+ public: variable.public,
229
+ aliases: [...aliases],
230
+ description: variable.description,
231
+ secretPath: variable.sourcePath,
232
+ };
236
233
  }
237
234
  async function readSecretValue(args) {
238
- const params = new URLSearchParams({
239
- projectId: args.bootstrap.projectId,
240
- environment: args.bootstrap.environment,
241
- secretPath: args.secretPath,
242
- type: "shared",
243
- viewSecretValue: "true",
244
- expandSecretReferences: "true",
245
- includeImports: "true"
246
- });
247
- const response = await args.fetchImpl(
248
- `${trimTrailingSlash(args.bootstrap.apiUrl)}/api/v4/secrets/${encodeURIComponent(args.name)}?${params.toString()}`,
249
- {
250
- method: "GET",
251
- headers: {
252
- Authorization: `Bearer ${args.token}`
253
- }
254
- }
255
- );
256
- const body = await readJson(response);
257
- if (response.status === 404 && args.optional) {
258
- return null;
259
- }
260
- if (!response.ok) {
261
- throw new InfisicalRuntimeError({
262
- code: "INFISICAL_SECRET_READ_FAILED",
263
- status: response.status,
264
- message: `Infisical secret ${args.name} read failed with HTTP ${response.status}: ${messageFromBody(body)}`
235
+ const params = new URLSearchParams({
236
+ projectId: args.bootstrap.projectId,
237
+ environment: args.bootstrap.environment,
238
+ secretPath: args.secretPath,
239
+ type: "shared",
240
+ viewSecretValue: "true",
241
+ expandSecretReferences: "true",
242
+ includeImports: "true",
243
+ });
244
+ const response = await args.fetchImpl(`${trimTrailingSlash(args.bootstrap.apiUrl)}/api/v4/secrets/${encodeURIComponent(args.name)}?${params.toString()}`, {
245
+ method: "GET",
246
+ headers: {
247
+ Authorization: `Bearer ${args.token}`,
248
+ },
265
249
  });
266
- }
267
- return readNestedString(body, ["secret", "secretValue"]);
250
+ const body = await readJson(response);
251
+ if (response.status === 404 && args.optional) {
252
+ return null;
253
+ }
254
+ if (!response.ok) {
255
+ throw new InfisicalRuntimeError({
256
+ code: "INFISICAL_SECRET_READ_FAILED",
257
+ status: response.status,
258
+ message: `Infisical secret ${args.name} read failed with HTTP ${response.status}: ${messageFromBody(body)}`,
259
+ });
260
+ }
261
+ return readNestedString(body, ["secret", "secretValue"]);
268
262
  }
269
263
  async function readJson(response) {
270
- try {
271
- return await response.json();
272
- } catch (error) {
273
- debugInfisicalRuntimeFallback("response.json", error);
274
- return void 0;
275
- }
264
+ try {
265
+ return await response.json();
266
+ }
267
+ catch (error) {
268
+ debugInfisicalRuntimeFallback("response.json", error);
269
+ return undefined;
270
+ }
276
271
  }
277
272
  function isRecord(value) {
278
- return value !== null && typeof value === "object" && !Array.isArray(value);
273
+ return value !== null && typeof value === "object" && !Array.isArray(value);
279
274
  }
280
275
  function readNestedString(value, path) {
281
- let current = value;
282
- for (const key of path) {
283
- if (!isRecord(current) || !(key in current)) {
284
- return null;
276
+ let current = value;
277
+ for (const key of path) {
278
+ if (!isRecord(current) || !(key in current)) {
279
+ return null;
280
+ }
281
+ current = current[key];
285
282
  }
286
- current = current[key];
287
- }
288
- return typeof current === "string" && current.length > 0 ? current : null;
283
+ return typeof current === "string" && current.length > 0 ? current : null;
289
284
  }
290
285
  function messageFromBody(body) {
291
- if (!isRecord(body)) {
292
- return "no response body";
293
- }
294
- for (const key of ["message", "error", "errorMessage"]) {
295
- if (typeof body[key] === "string") {
296
- return body[key];
286
+ if (!isRecord(body)) {
287
+ return "no response body";
297
288
  }
298
- }
299
- return JSON.stringify(body);
289
+ for (const key of ["message", "error", "errorMessage"]) {
290
+ if (typeof body[key] === "string") {
291
+ return body[key];
292
+ }
293
+ }
294
+ return JSON.stringify(body);
300
295
  }
301
296
  function readFirst(env, names) {
302
- for (const name of names) {
303
- const value = env[name]?.trim();
304
- if (value) {
305
- return value;
297
+ for (const name of names) {
298
+ const value = env[name]?.trim();
299
+ if (value) {
300
+ return value;
301
+ }
306
302
  }
307
- }
308
- return void 0;
303
+ return undefined;
309
304
  }
310
305
  function isTruthyEnv(value) {
311
- return ["1", "true", "yes", "on"].includes(value?.toLowerCase() ?? "");
306
+ return ["1", "true", "yes", "on"].includes(value?.toLowerCase() ?? "");
312
307
  }
313
308
  function trimTrailingSlash(value) {
314
- return value.replace(/\/+$/u, "");
309
+ return value.replace(/\/+$/u, "");
315
310
  }
316
311
  function debugInfisicalRuntimeFallback(message, error) {
317
- const env = globalThis.process?.env;
318
- if (env?.LUCERN_COMPAT_FALLBACK_DEBUG !== "1" && env?.LUCERN_INFISICAL_RUNTIME_DEBUG !== "1") {
319
- return;
320
- }
321
- console.debug(`[infisical-runtime] ${message}`, {
322
- error: formatInfisicalRuntimeError(error)
323
- });
312
+ const env = globalThis.process?.env;
313
+ if (env?.LUCERN_COMPAT_FALLBACK_DEBUG !== "1" &&
314
+ env?.LUCERN_INFISICAL_RUNTIME_DEBUG !== "1") {
315
+ return;
316
+ }
317
+ console.debug(`[infisical-runtime] ${message}`, {
318
+ error: formatInfisicalRuntimeError(error),
319
+ });
324
320
  }
325
321
  function formatInfisicalRuntimeError(error) {
326
- if (error instanceof Error) {
327
- return `${error.name}: ${error.message}`;
328
- }
329
- if (typeof error === "string") {
330
- return error;
331
- }
332
- if (typeof error === "number" || typeof error === "boolean") {
333
- return String(error);
334
- }
335
- if (error && typeof error === "object") {
336
- const keys = Object.keys(error).slice(0, 5);
337
- if (keys.length > 0) {
338
- return `Unknown Infisical runtime error object with keys: ${keys.join(", ")}`;
322
+ if (error instanceof Error) {
323
+ return `${error.name}: ${error.message}`;
324
+ }
325
+ if (typeof error === "string") {
326
+ return error;
327
+ }
328
+ if (typeof error === "number" || typeof error === "boolean") {
329
+ return String(error);
330
+ }
331
+ if (error && typeof error === "object") {
332
+ const keys = Object.keys(error).slice(0, 5);
333
+ if (keys.length > 0) {
334
+ return `Unknown Infisical runtime error object with keys: ${keys.join(", ")}`;
335
+ }
339
336
  }
340
- }
341
- return "Unknown Infisical runtime error shape";
337
+ return "Unknown Infisical runtime error shape";
342
338
  }
343
-
344
- export { InfisicalRuntimeError, applyInfisicalRuntimeEnv, hydrateInfisicalRuntimeEnv, isInfisicalRuntimeDisabled, readInfisicalRuntimeBootstrap };
345
- //# sourceMappingURL=infisicalRuntime.js.map
346
339
  //# sourceMappingURL=infisicalRuntime.js.map