@meistrari/vault-sdk 3.2.0 → 3.3.0

package/dist/index.cjs

@@ -1,23 +1,24 @@
 'use strict';
 
-const schemas = require('@meistrari/vault-shared/schemas');
+const zod = require('zod');
 const fileType = require('@meistrari/file-type');
 const mimeTypes = require('mime-types');
+const schemas = require('@meistrari/vault-shared/schemas');
 const vaultUtils = require('@meistrari/vault-shared/utils');
 
 function _interopDefaultCompat (e) { return e && typeof e === 'object' && 'default' in e ? e.default : e; }
 
 const vaultUtils__default = /*#__PURE__*/_interopDefaultCompat(vaultUtils);
 
-var __defProp$2 = Object.defineProperty;
-var __defNormalProp$2 = (obj, key, value) => key in obj ? __defProp$2(obj, key, { enumerable: true, configurable: true, writable: true, value }) : obj[key] = value;
-var __publicField$2 = (obj, key, value) => {
-  __defNormalProp$2(obj, typeof key !== "symbol" ? key + "" : key, value);
+var __defProp$3 = Object.defineProperty;
+var __defNormalProp$3 = (obj, key, value) => key in obj ? __defProp$3(obj, key, { enumerable: true, configurable: true, writable: true, value }) : obj[key] = value;
+var __publicField$3 = (obj, key, value) => {
+  __defNormalProp$3(obj, typeof key !== "symbol" ? key + "" : key, value);
   return value;
 };
 class DataTokenAuthStrategy {
   constructor(dataToken) {
-    __publicField$2(this, "dataToken");
+    __publicField$3(this, "dataToken");
     this.dataToken = dataToken;
   }
   getHeaders() {
@@ -28,7 +29,7 @@ class DataTokenAuthStrategy {
 }
 class APIKeyAuthStrategy {
   constructor(apiKey) {
-    __publicField$2(this, "apiKey");
+    __publicField$3(this, "apiKey");
     this.apiKey = apiKey;
   }
   getHeaders() {
@@ -68,116 +69,6 @@ function resolveConfig(config) {
   };
 }
 
-var __defProp$1 = Object.defineProperty;
-var __defNormalProp$1 = (obj, key, value) => key in obj ? __defProp$1(obj, key, { enumerable: true, configurable: true, writable: true, value }) : obj[key] = value;
-var __publicField$1 = (obj, key, value) => {
-  __defNormalProp$1(obj, typeof key !== "symbol" ? key + "" : key, value);
-  return value;
-};
-class Permalink {
-  constructor(vaultConfig, params) {
-    __publicField$1(this, "config");
-    __publicField$1(this, "id");
-    __publicField$1(this, "workspaceId");
-    __publicField$1(this, "createdAt");
-    __publicField$1(this, "createdBy");
-    __publicField$1(this, "expiresAt");
-    __publicField$1(this, "fileId");
-    __publicField$1(this, "baseUrl");
-    const config = resolveConfig(vaultConfig);
-    this.config = config;
-    this.id = params.id;
-    this.workspaceId = params.workspaceId;
-    this.createdAt = new Date(params.createdAt);
-    this.createdBy = params.createdBy;
-    this.expiresAt = params.expiresAt ? new Date(params.expiresAt) : null;
-    this.fileId = params.fileId;
-    this.baseUrl = config.vaultUrl;
-  }
-  /**
-   * The URL for the permalink.
-   */
-  get url() {
-    return new URL(`permalinks/${this.id}`, this.baseUrl);
-  }
-  /**
-   * Get a new permalink instance from its ID.
-   *
-   * @param vaultConfig - The vault config.
-   * @param id - The permalink ID.
-   * @returns The permalink.
-   */
-  static async fromId(vaultConfig, id) {
-    const config = resolveConfig(vaultConfig);
-    const response = await fetch(new URL(`permalinks/${id}/metadata`, config.vaultUrl), {
-      headers: config.authStrategy.getHeaders()
-    });
-    if (!response.ok) {
-      throw await FetchError.from(response.url, "GET", response);
-    }
-    const data = await response.json();
-    return new Permalink(config, data);
-  }
-  /**
-   * Create a new permalink.
-   *
-   * @param vaultConfig - The vault config.
-   * @param params - The parameters for the permalink.
-   * @param params.expiresIn - Time, in seconds, the permalink will be valid for.
-   * @param params.fileId - The ID of the file to create a permalink for.
-   * @param params.workspaceId - The ID of the workspace to create a permalink for.
-   *
-   * @param options - Additional options for the request.
-   * @param options.signal - The signal to abort the request.
-   *
-   * @returns The permalink.
-   */
-  static async create(vaultConfig, params, options) {
-    const config = resolveConfig(vaultConfig);
-    const { expiresIn } = params;
-    const expiresAt = expiresIn ? new Date(Date.now() + expiresIn * 1e3) : void 0;
-    const headers = config.authStrategy.getHeaders();
-    headers.append("x-compatibility-date", "2025-07-29");
-    headers.append("content-type", "application/json");
-    const body = expiresAt ? JSON.stringify({ expiresAt: expiresAt.toISOString() }) : "{}";
-    const response = await fetch(new URL(`files/${params.fileId}/permalinks`, config.vaultUrl), {
-      method: "POST",
-      signal: options?.signal,
-      headers,
-      body
-    });
-    if (!response.ok) {
-      throw await FetchError.from(response.url, "POST", response);
-    }
-    const data = await response.json();
-    return new Permalink(config, data);
-  }
-  /**
-   * Delete the permalink.
-   *
-   * @param options - Additional options for the request.
-   * @param options.signal - The signal to abort the request.
-   */
-  async delete(options) {
-    const response = await fetch(new URL(`permalinks/${this.id}`, this.baseUrl), {
-      method: "DELETE",
-      signal: options?.signal,
-      headers: this.config.authStrategy.getHeaders()
-    });
-    if (!response.ok) {
-      throw await FetchError.from(response.url, "DELETE", response);
-    }
-  }
-}
-
-async function blobToBase64(blob) {
-  const fileContent = new Uint8Array(await blob.arrayBuffer());
-  let content = "";
-  for (const part of fileContent)
-    content += String.fromCharCode(part);
-  return btoa(content);
-}
-
 async function getFileHash(blob) {
   const arrayBuffer = await blob.arrayBuffer();
   const hashBuffer = await crypto.subtle.digest("SHA-256", arrayBuffer);
@@ -224,6 +115,16 @@ async function detectFileMimeType(blob) {
   }
   return void 0;
 }
+function sanitizeFileName(name) {
+  if (!name.includes("\0"))
+    return name;
+  const sanitized = name.replace(/\0/g, "");
+  console.warn(
+    "[Vault SDK - WARNING] Null bytes found in file name and were removed.",
+    { original: name, sanitized }
+  );
+  return sanitized;
+}
 function basename(name, separator = "/") {
   if (!name)
     return void 0;
@@ -237,7 +138,7 @@ function getFileName(content) {
 }
 
 const name = "@meistrari/vault-sdk";
-const version = "3.2.0";
+const version = "3.3.0";
 const license = "UNLICENSED";
 const repository = {
 	type: "git",
@@ -265,13 +166,13 @@ const scripts = {
 };
 const dependencies = {
 	"@meistrari/file-type": "22.0.0",
-	"@meistrari/vault-shared": "0.1.1",
+	"@meistrari/vault-shared": "0.1.2",
 	"mime-types": "3.0.1",
 	ofetch: "1.4.1",
 	zod: "4.3.6"
 };
 const devDependencies = {
-	"@types/bun": "latest",
+	"@types/bun": "1.3.14",
 	"@types/mime-types": "3.0.1",
 	msw: "2.6.8",
 	unbuild: "2.0.0",
@@ -302,6 +203,194 @@ const packageJson = {
 const serviceName = typeof process !== "undefined" ? process?.env?.SERVICE_NAME : "";
 const userAgent = `vault-js-sdk:${packageJson.version}${serviceName ? `@${serviceName}` : ""}`.trim();
 
+var __defProp$2 = Object.defineProperty;
+var __defNormalProp$2 = (obj, key, value) => key in obj ? __defProp$2(obj, key, { enumerable: true, configurable: true, writable: true, value }) : obj[key] = value;
+var __publicField$2 = (obj, key, value) => {
+  __defNormalProp$2(obj, typeof key !== "symbol" ? key + "" : key, value);
+  return value;
+};
+const compatibilityDate$1 = "2025-05-19";
+const PublicAssetUploadResponse = zod.z.object({
+  assetId: zod.z.string(),
+  assetUrl: zod.z.string().url(),
+  uploadUrl: zod.z.string().url(),
+  expiresAt: zod.z.string().datetime(),
+  uploadHeaders: zod.z.record(zod.z.string(), zod.z.string())
+});
+async function wrappedFetch$1(url, requestInit) {
+  const request = new Request(url, requestInit);
+  request.headers.set("User-Agent", userAgent);
+  request.headers.set("x-compatibility-date", compatibilityDate$1);
+  const response = await fetch(request);
+  if (!response.ok) {
+    throw await FetchError.from(request.url, request.method, response);
+  }
+  return response;
+}
+class VaultAsset {
+  constructor({ assetId, assetUrl, uploadUrl, expiresAt, uploadHeaders }) {
+    __publicField$2(this, "assetId");
+    __publicField$2(this, "assetUrl");
+    __publicField$2(this, "uploadUrl");
+    __publicField$2(this, "expiresAt");
+    __publicField$2(this, "uploadHeaders");
+    this.assetId = assetId;
+    this.assetUrl = new URL(assetUrl);
+    this.uploadUrl = new URL(uploadUrl);
+    this.expiresAt = new Date(expiresAt);
+    this.uploadHeaders = uploadHeaders;
+  }
+  static async create(vaultConfig, params, options) {
+    const config = resolveConfig(vaultConfig);
+    const headers = config.authStrategy.getHeaders();
+    headers.set("content-type", "application/json");
+    const response = await wrappedFetch$1(new URL("assets", config.vaultUrl), {
+      method: "POST",
+      signal: options?.signal,
+      headers,
+      body: JSON.stringify({
+        assetClass: params.assetClass,
+        mimeType: params.mimeType,
+        size: params.size
+      })
+    }).then(async (response2) => await response2.json()).then((data) => PublicAssetUploadResponse.safeParse(data));
+    if (!response.success) {
+      throw new Error(`Invalid response from vault service. ${JSON.stringify(response.error)}`);
+    }
+    return new VaultAsset(response.data);
+  }
+  static async fromContent(vaultConfig, content, params, options) {
+    const mimeType = params.mimeType ?? await detectFileMimeType(content) ?? "application/octet-stream";
+    const asset = await VaultAsset.create(vaultConfig, {
+      assetClass: params.assetClass,
+      mimeType,
+      size: content.size
+    }, options);
+    if (params.upload) {
+      await asset.upload(content, options);
+    }
+    return asset;
+  }
+  async upload(content, options) {
+    await wrappedFetch$1(this.uploadUrl, {
+      method: "PUT",
+      signal: options?.signal,
+      headers: new Headers(this.uploadHeaders),
+      body: content
+    });
+  }
+}
+
+var __defProp$1 = Object.defineProperty;
+var __defNormalProp$1 = (obj, key, value) => key in obj ? __defProp$1(obj, key, { enumerable: true, configurable: true, writable: true, value }) : obj[key] = value;
+var __publicField$1 = (obj, key, value) => {
+  __defNormalProp$1(obj, typeof key !== "symbol" ? key + "" : key, value);
+  return value;
+};
+class Permalink {
+  constructor(vaultConfig, params) {
+    __publicField$1(this, "config");
+    __publicField$1(this, "id");
+    __publicField$1(this, "workspaceId");
+    __publicField$1(this, "createdAt");
+    __publicField$1(this, "createdBy");
+    __publicField$1(this, "expiresAt");
+    __publicField$1(this, "fileId");
+    __publicField$1(this, "baseUrl");
+    const config = resolveConfig(vaultConfig);
+    this.config = config;
+    this.id = params.id;
+    this.workspaceId = params.workspaceId;
+    this.createdAt = new Date(params.createdAt);
+    this.createdBy = params.createdBy;
+    this.expiresAt = params.expiresAt ? new Date(params.expiresAt) : null;
+    this.fileId = params.fileId;
+    this.baseUrl = config.vaultUrl;
+  }
+  /**
+   * The URL for the permalink.
+   */
+  get url() {
+    return new URL(`permalinks/${this.id}`, this.baseUrl);
+  }
+  /**
+   * Get a new permalink instance from its ID.
+   *
+   * @param vaultConfig - The vault config.
+   * @param id - The permalink ID.
+   * @returns The permalink.
+   */
+  static async fromId(vaultConfig, id) {
+    const config = resolveConfig(vaultConfig);
+    const response = await fetch(new URL(`permalinks/${id}/metadata`, config.vaultUrl), {
+      headers: config.authStrategy.getHeaders()
+    });
+    if (!response.ok) {
+      throw await FetchError.from(response.url, "GET", response);
+    }
+    const data = await response.json();
+    return new Permalink(config, data);
+  }
+  /**
+   * Create a new permalink.
+   *
+   * @param vaultConfig - The vault config.
+   * @param params - The parameters for the permalink.
+   * @param params.expiresIn - Time, in seconds, the permalink will be valid for.
+   * @param params.fileId - The ID of the file to create a permalink for.
+   * @param params.workspaceId - The ID of the workspace to create a permalink for.
+   *
+   * @param options - Additional options for the request.
+   * @param options.signal - The signal to abort the request.
+   *
+   * @returns The permalink.
+   */
+  static async create(vaultConfig, params, options) {
+    const config = resolveConfig(vaultConfig);
+    const { expiresIn } = params;
+    const expiresAt = expiresIn ? new Date(Date.now() + expiresIn * 1e3) : void 0;
+    const headers = config.authStrategy.getHeaders();
+    headers.append("x-compatibility-date", "2025-07-29");
+    headers.append("content-type", "application/json");
+    const body = expiresAt ? JSON.stringify({ expiresAt: expiresAt.toISOString() }) : "{}";
+    const response = await fetch(new URL(`files/${params.fileId}/permalinks`, config.vaultUrl), {
+      method: "POST",
+      signal: options?.signal,
+      headers,
+      body
+    });
+    if (!response.ok) {
+      throw await FetchError.from(response.url, "POST", response);
+    }
+    const data = await response.json();
+    return new Permalink(config, data);
+  }
+  /**
+   * Delete the permalink.
+   *
+   * @param options - Additional options for the request.
+   * @param options.signal - The signal to abort the request.
+   */
+  async delete(options) {
+    const response = await fetch(new URL(`permalinks/${this.id}`, this.baseUrl), {
+      method: "DELETE",
+      signal: options?.signal,
+      headers: this.config.authStrategy.getHeaders()
+    });
+    if (!response.ok) {
+      throw await FetchError.from(response.url, "DELETE", response);
+    }
+  }
+}
+
+async function blobToBase64(blob) {
+  const fileContent = new Uint8Array(await blob.arrayBuffer());
+  let content = "";
+  for (const part of fileContent)
+    content += String.fromCharCode(part);
+  return btoa(content);
+}
+
 var __defProp = Object.defineProperty;
 var __defNormalProp = (obj, key, value) => key in obj ? __defProp(obj, key, { enumerable: true, configurable: true, writable: true, value }) : obj[key] = value;
 var __publicField = (obj, key, value) => {
@@ -603,7 +692,8 @@ class VaultFile {
    */
   static async fromContent(params, options) {
     const { content, config: vaultConfig, upload = false, parentId, onMissingParent, onParentConflict } = params;
-    const name = basename(params.name) ?? getFileName(content);
+    const rawName = basename(params.name) ?? getFileName(content);
+    const name = rawName ? sanitizeFileName(rawName) : rawName;
     const config = resolveConfig(vaultConfig);
     const { vaultUrl, authStrategy } = config;
     const sha256sum = await getFileHash(content);
@@ -686,7 +776,8 @@ class VaultFile {
       onMissingParent,
       onParentConflict
     } = params;
-    const name = basename(params.name);
+    const rawName = basename(params.name);
+    const name = rawName ? sanitizeFileName(rawName) : rawName;
     const config = resolveConfig(vaultConfig);
     const file = new VaultFile({ config, name });
     await file._createFile({
@@ -727,7 +818,8 @@ class VaultFile {
     const config = resolveConfig(vaultConfig);
     const preparedFiles = await Promise.all(
       fileInputs.map(async (input) => {
-        const name = basename(input.name) ?? getFileName(input.content);
+        const rawName = basename(input.name) ?? getFileName(input.content);
+        const name = rawName ? sanitizeFileName(rawName) : rawName;
         const sha256sum = await getFileHash(input.content);
         const mimeType = input.mimeType ?? await detectFileMimeType(input.content);
         const size = input.content.size;
@@ -810,7 +902,8 @@ class VaultFile {
     const { files: fileInputs, config: vaultConfig } = params;
     const config = resolveConfig(vaultConfig);
     const preparedFiles = fileInputs.map((input) => {
-      const name = basename(input.name);
+      const rawName = basename(input.name);
+      const name = rawName ? sanitizeFileName(rawName) : rawName;
       const mimeType = input.contentType || "application/octet-stream";
       const size = input.contentLength;
       return { ...input, name, mimeType, size };
@@ -2010,12 +2103,22 @@ function vaultClient(vaultConfig) {
       config
     }, { signal: options?.signal });
   }
-  return { createFromContent, createFromReference, createFromStream, createFromContentBulk, createFromStreamBulk };
+  const assets = {
+    async create(params, options) {
+      return await VaultAsset.create(config, params, { signal: options?.signal });
+    },
+    async createFromContent(content, params, options) {
+      return await VaultAsset.fromContent(config, content, params, { signal: options?.signal });
+    }
+  };
+  return { createFromContent, createFromReference, createFromStream, createFromContentBulk, createFromStreamBulk, assets };
 }
 
 exports.APIKeyAuthStrategy = APIKeyAuthStrategy;
 exports.DataTokenAuthStrategy = DataTokenAuthStrategy;
 exports.FetchError = FetchError;
+exports.Permalink = Permalink;
+exports.VaultAsset = VaultAsset;
 exports.VaultFile = VaultFile;
 exports.convertS3UrlToVaultReference = convertS3UrlToVaultReference;
 exports.extractVaultFileIdFromS3Url = extractVaultFileIdFromS3Url;

package/dist/index.d.cts

@@ -28,6 +28,41 @@ type VaultConfig = {
     authStrategy: AuthStrategy;
 };
 
+type CreateAssetUploadParams = {
+    assetClass: string;
+    mimeType: string;
+    size?: number;
+};
+type CreateAssetFromContentParams = {
+    assetClass: string;
+    mimeType?: string;
+    upload?: boolean;
+};
+type VaultAssetParams = {
+    assetId: string;
+    assetUrl: string | URL;
+    uploadUrl: string | URL;
+    expiresAt: string | Date;
+    uploadHeaders: Record<string, string>;
+};
+declare class VaultAsset {
+    readonly assetId: string;
+    readonly assetUrl: URL;
+    readonly uploadUrl: URL;
+    readonly expiresAt: Date;
+    readonly uploadHeaders: Record<string, string>;
+    constructor({ assetId, assetUrl, uploadUrl, expiresAt, uploadHeaders }: VaultAssetParams);
+    static create(vaultConfig: VaultConfig, params: CreateAssetUploadParams, options?: {
+        signal?: AbortSignal;
+    }): Promise<VaultAsset>;
+    static fromContent(vaultConfig: VaultConfig, content: Blob | File, params: CreateAssetFromContentParams, options?: {
+        signal?: AbortSignal;
+    }): Promise<VaultAsset>;
+    upload(content: Blob | File, options?: {
+        signal?: AbortSignal;
+    }): Promise<void>;
+}
+
 declare class Permalink {
     private readonly config;
     readonly id: string;
@@ -1399,7 +1434,15 @@ declare function vaultClient(vaultConfig: VaultConfig): {
     }>, options?: {
         signal?: AbortSignal;
     }) => Promise<VaultFile[]>;
+    assets: {
+        create(params: CreateAssetUploadParams, options?: {
+            signal?: AbortSignal;
+        }): Promise<VaultAsset>;
+        createFromContent(content: Blob | File, params: CreateAssetFromContentParams, options?: {
+            signal?: AbortSignal;
+        }): Promise<VaultAsset>;
+    };
 };
 
-export { APIKeyAuthStrategy, DataTokenAuthStrategy, FetchError, VaultFile, convertS3UrlToVaultReference, extractVaultFileIdFromS3Url, extractVaultReferences, getVaultParamsFromS3Url, isS3UrlExpired, isTaggedVaultPresignedUrl, isPresignedS3Url as isVaultFileS3Url, isVaultReference, vaultClient };
-export type { AuthStrategy, VaultConfig };
+export { APIKeyAuthStrategy, DataTokenAuthStrategy, FetchError, Permalink, VaultAsset, VaultFile, convertS3UrlToVaultReference, extractVaultFileIdFromS3Url, extractVaultReferences, getVaultParamsFromS3Url, isS3UrlExpired, isTaggedVaultPresignedUrl, isPresignedS3Url as isVaultFileS3Url, isVaultReference, vaultClient };
+export type { AuthStrategy, CreateAssetFromContentParams, CreateAssetUploadParams, VaultConfig };

package/dist/index.d.mts

@@ -28,6 +28,41 @@ type VaultConfig = {
     authStrategy: AuthStrategy;
 };
 
+type CreateAssetUploadParams = {
+    assetClass: string;
+    mimeType: string;
+    size?: number;
+};
+type CreateAssetFromContentParams = {
+    assetClass: string;
+    mimeType?: string;
+    upload?: boolean;
+};
+type VaultAssetParams = {
+    assetId: string;
+    assetUrl: string | URL;
+    uploadUrl: string | URL;
+    expiresAt: string | Date;
+    uploadHeaders: Record<string, string>;
+};
+declare class VaultAsset {
+    readonly assetId: string;
+    readonly assetUrl: URL;
+    readonly uploadUrl: URL;
+    readonly expiresAt: Date;
+    readonly uploadHeaders: Record<string, string>;
+    constructor({ assetId, assetUrl, uploadUrl, expiresAt, uploadHeaders }: VaultAssetParams);
+    static create(vaultConfig: VaultConfig, params: CreateAssetUploadParams, options?: {
+        signal?: AbortSignal;
+    }): Promise<VaultAsset>;
+    static fromContent(vaultConfig: VaultConfig, content: Blob | File, params: CreateAssetFromContentParams, options?: {
+        signal?: AbortSignal;
+    }): Promise<VaultAsset>;
+    upload(content: Blob | File, options?: {
+        signal?: AbortSignal;
+    }): Promise<void>;
+}
+
 declare class Permalink {
     private readonly config;
     readonly id: string;
@@ -1399,7 +1434,15 @@ declare function vaultClient(vaultConfig: VaultConfig): {
     }>, options?: {
         signal?: AbortSignal;
     }) => Promise<VaultFile[]>;
+    assets: {
+        create(params: CreateAssetUploadParams, options?: {
+            signal?: AbortSignal;
+        }): Promise<VaultAsset>;
+        createFromContent(content: Blob | File, params: CreateAssetFromContentParams, options?: {
+            signal?: AbortSignal;
+        }): Promise<VaultAsset>;
+    };
 };
 
-export { APIKeyAuthStrategy, DataTokenAuthStrategy, FetchError, VaultFile, convertS3UrlToVaultReference, extractVaultFileIdFromS3Url, extractVaultReferences, getVaultParamsFromS3Url, isS3UrlExpired, isTaggedVaultPresignedUrl, isPresignedS3Url as isVaultFileS3Url, isVaultReference, vaultClient };
-export type { AuthStrategy, VaultConfig };
+export { APIKeyAuthStrategy, DataTokenAuthStrategy, FetchError, Permalink, VaultAsset, VaultFile, convertS3UrlToVaultReference, extractVaultFileIdFromS3Url, extractVaultReferences, getVaultParamsFromS3Url, isS3UrlExpired, isTaggedVaultPresignedUrl, isPresignedS3Url as isVaultFileS3Url, isVaultReference, vaultClient };
+export type { AuthStrategy, CreateAssetFromContentParams, CreateAssetUploadParams, VaultConfig };

package/dist/index.d.ts

@@ -28,6 +28,41 @@ type VaultConfig = {
     authStrategy: AuthStrategy;
 };
 
+type CreateAssetUploadParams = {
+    assetClass: string;
+    mimeType: string;
+    size?: number;
+};
+type CreateAssetFromContentParams = {
+    assetClass: string;
+    mimeType?: string;
+    upload?: boolean;
+};
+type VaultAssetParams = {
+    assetId: string;
+    assetUrl: string | URL;
+    uploadUrl: string | URL;
+    expiresAt: string | Date;
+    uploadHeaders: Record<string, string>;
+};
+declare class VaultAsset {
+    readonly assetId: string;
+    readonly assetUrl: URL;
+    readonly uploadUrl: URL;
+    readonly expiresAt: Date;
+    readonly uploadHeaders: Record<string, string>;
+    constructor({ assetId, assetUrl, uploadUrl, expiresAt, uploadHeaders }: VaultAssetParams);
+    static create(vaultConfig: VaultConfig, params: CreateAssetUploadParams, options?: {
+        signal?: AbortSignal;
+    }): Promise<VaultAsset>;
+    static fromContent(vaultConfig: VaultConfig, content: Blob | File, params: CreateAssetFromContentParams, options?: {
+        signal?: AbortSignal;
+    }): Promise<VaultAsset>;
+    upload(content: Blob | File, options?: {
+        signal?: AbortSignal;
+    }): Promise<void>;
+}
+
 declare class Permalink {
     private readonly config;
     readonly id: string;
@@ -1399,7 +1434,15 @@ declare function vaultClient(vaultConfig: VaultConfig): {
     }>, options?: {
         signal?: AbortSignal;
     }) => Promise<VaultFile[]>;
+    assets: {
+        create(params: CreateAssetUploadParams, options?: {
+            signal?: AbortSignal;
+        }): Promise<VaultAsset>;
+        createFromContent(content: Blob | File, params: CreateAssetFromContentParams, options?: {
+            signal?: AbortSignal;
+        }): Promise<VaultAsset>;
+    };
 };
 
-export { APIKeyAuthStrategy, DataTokenAuthStrategy, FetchError, VaultFile, convertS3UrlToVaultReference, extractVaultFileIdFromS3Url, extractVaultReferences, getVaultParamsFromS3Url, isS3UrlExpired, isTaggedVaultPresignedUrl, isPresignedS3Url as isVaultFileS3Url, isVaultReference, vaultClient };
-export type { AuthStrategy, VaultConfig };
+export { APIKeyAuthStrategy, DataTokenAuthStrategy, FetchError, Permalink, VaultAsset, VaultFile, convertS3UrlToVaultReference, extractVaultFileIdFromS3Url, extractVaultReferences, getVaultParamsFromS3Url, isS3UrlExpired, isTaggedVaultPresignedUrl, isPresignedS3Url as isVaultFileS3Url, isVaultReference, vaultClient };
+export type { AuthStrategy, CreateAssetFromContentParams, CreateAssetUploadParams, VaultConfig };