@naturalcycles/nodejs-lib 13.45.4 → 14.0.0

package/dist/secret/secrets-encrypt.util.js

@@ -1,43 +1,39 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.secretsEncrypt = secretsEncrypt;
-const tslib_1 = require("tslib");
-const node_fs_1 = tslib_1.__importDefault(require("node:fs"));
-const node_path_1 = tslib_1.__importDefault(require("node:path"));
-const js_lib_1 = require("@naturalcycles/js-lib");
-const colors_1 = require("../colors/colors");
-const index_1 = require("../index");
-const crypto_util_1 = require("../security/crypto.util");
+import fs from 'node:fs';
+import path from 'node:path';
+import { _assert } from '@naturalcycles/js-lib';
+import { dimGrey, yellow } from '../colors/colors.js';
+import { fastGlob, fs2 } from '../index.js';
+import { encryptObject, encryptRandomIVBuffer } from '../security/crypto.util.js';
 /**
  * Encrypts all files in given directory (except *.enc), saves encrypted versions as filename.ext.enc.
  * Using provided encKey.
  */
-function secretsEncrypt(pattern, file, encKeyBuffer, del = false, jsonMode = false) {
+export function secretsEncrypt(pattern, file, encKeyBuffer, del = false, jsonMode = false) {
     const patterns = file
         ? [file]
         : [
             ...pattern,
             `!**/*.enc`, // excluding already encoded
         ];
-    const filenames = index_1.fastGlob.sync(patterns);
+    const filenames = fastGlob.sync(patterns);
     let encFilename;
     filenames.forEach(filename => {
         if (jsonMode) {
-            (0, js_lib_1._assert)(filename.endsWith('.plain.json'), `${node_path_1.default.basename(filename)} MUST end with '.plain.json'`);
+            _assert(filename.endsWith('.plain.json'), `${path.basename(filename)} MUST end with '.plain.json'`);
             encFilename = filename.replace('.plain', '');
-            const json = (0, crypto_util_1.encryptObject)(index_1.fs2.readJson(filename), encKeyBuffer);
-            index_1.fs2.writeJson(encFilename, json, { spaces: 2 });
+            const json = encryptObject(fs2.readJson(filename), encKeyBuffer);
+            fs2.writeJson(encFilename, json, { spaces: 2 });
         }
         else {
-            const plain = node_fs_1.default.readFileSync(filename);
-            const enc = (0, crypto_util_1.encryptRandomIVBuffer)(plain, encKeyBuffer);
+            const plain = fs.readFileSync(filename);
+            const enc = encryptRandomIVBuffer(plain, encKeyBuffer);
             encFilename = `${filename}.enc`;
-            node_fs_1.default.writeFileSync(encFilename, enc);
+            fs.writeFileSync(encFilename, enc);
         }
         if (del) {
-            node_fs_1.default.unlinkSync(filename);
+            fs.unlinkSync(filename);
         }
-        console.log(`  ${node_path_1.default.basename(filename)} > ${node_path_1.default.basename(encFilename)}`);
+        console.log(`  ${path.basename(filename)} > ${path.basename(encFilename)}`);
     });
-    console.log(`encrypted ${(0, colors_1.yellow)(filenames.length)} files in (${(0, colors_1.dimGrey)(pattern.join(' '))})`);
+    console.log(`encrypted ${yellow(filenames.length)} files in (${dimGrey(pattern.join(' '))})`);
 }

package/dist/security/crypto.util.js

@@ -1,49 +1,39 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.encryptRandomIVBuffer = encryptRandomIVBuffer;
-exports.decryptRandomIVBuffer = decryptRandomIVBuffer;
-exports.decryptObject = decryptObject;
-exports.encryptObject = encryptObject;
-exports.decryptString = decryptString;
-exports.encryptString = encryptString;
-exports.timingSafeStringEqual = timingSafeStringEqual;
-const tslib_1 = require("tslib");
-const node_crypto_1 = tslib_1.__importDefault(require("node:crypto"));
-const js_lib_1 = require("@naturalcycles/js-lib");
-const hash_util_1 = require("./hash.util");
+import crypto from 'node:crypto';
+import { _stringMapEntries } from '@naturalcycles/js-lib';
+import { md5AsBuffer, sha256AsBuffer } from './hash.util.js';
 const algorithm = 'aes-256-cbc';
 /**
  * Using aes-256-cbc.
  */
-function encryptRandomIVBuffer(input, secretKeyBuffer) {
+export function encryptRandomIVBuffer(input, secretKeyBuffer) {
     // sha256 to match aes-256 key length
-    const key = (0, hash_util_1.sha256AsBuffer)(secretKeyBuffer);
+    const key = sha256AsBuffer(secretKeyBuffer);
     // Random iv to achieve non-deterministic encryption (but deterministic decryption)
-    const iv = node_crypto_1.default.randomBytes(16);
-    const cipher = node_crypto_1.default.createCipheriv(algorithm, key, iv);
+    const iv = crypto.randomBytes(16);
+    const cipher = crypto.createCipheriv(algorithm, key, iv);
     return Buffer.concat([iv, cipher.update(input), cipher.final()]);
 }
 /**
  * Using aes-256-cbc.
  */
-function decryptRandomIVBuffer(input, secretKeyBuffer) {
+export function decryptRandomIVBuffer(input, secretKeyBuffer) {
     // sha256 to match aes-256 key length
-    const key = (0, hash_util_1.sha256AsBuffer)(secretKeyBuffer);
+    const key = sha256AsBuffer(secretKeyBuffer);
     // iv is first 16 bytes of encrypted buffer, the rest is payload
     const iv = input.subarray(0, 16);
     const payload = input.subarray(16);
-    const decipher = node_crypto_1.default.createDecipheriv(algorithm, key, iv);
+    const decipher = crypto.createDecipheriv(algorithm, key, iv);
     return Buffer.concat([decipher.update(payload), decipher.final()]);
 }
 /**
  * Decrypts all object values (base64 strings).
  * Returns object with decrypted values (utf8 strings).
  */
-function decryptObject(obj, secretKeyBuffer) {
+export function decryptObject(obj, secretKeyBuffer) {
     const { key, iv } = getCryptoParams(secretKeyBuffer);
     const r = {};
-    (0, js_lib_1._stringMapEntries)(obj).forEach(([k, v]) => {
-        const decipher = node_crypto_1.default.createDecipheriv(algorithm, key, iv);
+    _stringMapEntries(obj).forEach(([k, v]) => {
+        const decipher = crypto.createDecipheriv(algorithm, key, iv);
         r[k] = decipher.update(v, 'base64', 'utf8') + decipher.final('utf8');
     });
     return r;
@@ -52,11 +42,11 @@ function decryptObject(obj, secretKeyBuffer) {
  * Encrypts all object values (utf8 strings).
  * Returns object with encrypted values (base64 strings).
  */
-function encryptObject(obj, secretKeyBuffer) {
+export function encryptObject(obj, secretKeyBuffer) {
     const { key, iv } = getCryptoParams(secretKeyBuffer);
     const r = {};
-    (0, js_lib_1._stringMapEntries)(obj).forEach(([k, v]) => {
-        const cipher = node_crypto_1.default.createCipheriv(algorithm, key, iv);
+    _stringMapEntries(obj).forEach(([k, v]) => {
+        const cipher = crypto.createCipheriv(algorithm, key, iv);
         r[k] = cipher.update(v, 'utf8', 'base64') + cipher.final('base64');
     });
     return r;
@@ -67,9 +57,9 @@ function encryptObject(obj, secretKeyBuffer) {
  * Input is base64 string.
  * Output is utf8 string.
  */
-function decryptString(str, secretKeyBuffer) {
+export function decryptString(str, secretKeyBuffer) {
     const { key, iv } = getCryptoParams(secretKeyBuffer);
-    const decipher = node_crypto_1.default.createDecipheriv(algorithm, key, iv);
+    const decipher = crypto.createDecipheriv(algorithm, key, iv);
     return decipher.update(str, 'base64', 'utf8') + decipher.final('utf8');
 }
 /**
@@ -78,14 +68,14 @@ function decryptString(str, secretKeyBuffer) {
  * Input is utf8 string.
  * Output is base64 string.
  */
-function encryptString(str, secretKeyBuffer) {
+export function encryptString(str, secretKeyBuffer) {
     const { key, iv } = getCryptoParams(secretKeyBuffer);
-    const cipher = node_crypto_1.default.createCipheriv(algorithm, key, iv);
+    const cipher = crypto.createCipheriv(algorithm, key, iv);
     return cipher.update(str, 'utf8', 'base64') + cipher.final('base64');
 }
 function getCryptoParams(secretKeyBuffer) {
-    const key = (0, hash_util_1.sha256AsBuffer)(secretKeyBuffer);
-    const iv = (0, hash_util_1.md5AsBuffer)(Buffer.concat([secretKeyBuffer, key]));
+    const key = sha256AsBuffer(secretKeyBuffer);
+    const iv = md5AsBuffer(Buffer.concat([secretKeyBuffer, key]));
     return { key, iv };
 }
 /**
@@ -100,8 +90,8 @@ function getCryptoParams(secretKeyBuffer) {
  *
  * Returns true if inputs are equal, false otherwise.
  */
-function timingSafeStringEqual(s1, s2) {
+export function timingSafeStringEqual(s1, s2) {
     if (s1 === undefined || s2 === undefined || s1.length !== s2.length)
         return false;
-    return node_crypto_1.default.timingSafeEqual(Buffer.from(s1), Buffer.from(s2));
+    return crypto.timingSafeEqual(Buffer.from(s1), Buffer.from(s2));
 }

package/dist/security/hash.util.js

@@ -1,67 +1,49 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.md5 = md5;
-exports.md5AsBuffer = md5AsBuffer;
-exports.sha256 = sha256;
-exports.sha256AsBuffer = sha256AsBuffer;
-exports.hash = hash;
-exports.hashAsBuffer = hashAsBuffer;
-exports.base64 = base64;
-exports.base64Url = base64Url;
-exports.base64ToString = base64ToString;
-exports.base64UrlToString = base64UrlToString;
-exports.base64ToBuffer = base64ToBuffer;
-exports.base64UrlToBuffer = base64UrlToBuffer;
-exports.stringToBase64 = stringToBase64;
-exports.stringToBase64Url = stringToBase64Url;
-exports.bufferToBase64 = bufferToBase64;
-exports.bufferToBase64Url = bufferToBase64Url;
-const node_crypto_1 = require("node:crypto");
-function md5(s, outputEncoding = 'hex') {
+import { hash as cryptoHash } from 'node:crypto';
+export function md5(s, outputEncoding = 'hex') {
     return hash(s, 'md5', outputEncoding);
 }
-function md5AsBuffer(s) {
+export function md5AsBuffer(s) {
     return hashAsBuffer(s, 'md5');
 }
-function sha256(s, outputEncoding = 'hex') {
+export function sha256(s, outputEncoding = 'hex') {
     return hash(s, 'sha256', outputEncoding);
 }
-function sha256AsBuffer(s) {
+export function sha256AsBuffer(s) {
     return hashAsBuffer(s, 'sha256');
 }
-function hash(s, algorithm, outputEncoding = 'hex') {
-    return (0, node_crypto_1.hash)(algorithm, s, outputEncoding);
+export function hash(s, algorithm, outputEncoding = 'hex') {
+    return cryptoHash(algorithm, s, outputEncoding);
 }
-function hashAsBuffer(s, algorithm) {
-    return (0, node_crypto_1.hash)(algorithm, s, 'buffer');
+export function hashAsBuffer(s, algorithm) {
+    return cryptoHash(algorithm, s, 'buffer');
 }
-function base64(s) {
+export function base64(s) {
     return (typeof s === 'string' ? Buffer.from(s) : s).toString('base64');
 }
-function base64Url(s) {
+export function base64Url(s) {
     return (typeof s === 'string' ? Buffer.from(s) : s).toString('base64url');
 }
-function base64ToString(strBase64) {
+export function base64ToString(strBase64) {
     return Buffer.from(strBase64, 'base64').toString('utf8');
 }
-function base64UrlToString(strBase64Url) {
+export function base64UrlToString(strBase64Url) {
     return Buffer.from(strBase64Url, 'base64url').toString('utf8');
 }
-function base64ToBuffer(strBase64) {
+export function base64ToBuffer(strBase64) {
     return Buffer.from(strBase64, 'base64');
 }
-function base64UrlToBuffer(strBase64Url) {
+export function base64UrlToBuffer(strBase64Url) {
     return Buffer.from(strBase64Url, 'base64url');
 }
-function stringToBase64(s) {
+export function stringToBase64(s) {
     return Buffer.from(s, 'utf8').toString('base64');
 }
-function stringToBase64Url(s) {
+export function stringToBase64Url(s) {
     return Buffer.from(s, 'utf8').toString('base64url');
 }
-function bufferToBase64(b) {
+export function bufferToBase64(b) {
     return b.toString('base64');
 }
-function bufferToBase64Url(b) {
+export function bufferToBase64Url(b) {
     return b.toString('base64url');
 }

package/dist/security/id.util.js

@@ -1,25 +1,18 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.stringIdBase62 = void 0;
-exports.stringId = stringId;
-exports.stringIdBase64 = stringIdBase64;
-exports.stringIdBase64Url = stringIdBase64Url;
-exports.stringIdNonAmbiguous = stringIdNonAmbiguous;
-const node_crypto_1 = require("node:crypto");
-const nanoid_1 = require("./nanoid");
+import { randomBytes } from 'node:crypto';
+import { ALPHABET_ALPHANUMERIC, ALPHABET_ALPHANUMERIC_LOWERCASE, ALPHABET_NONAMBIGUOUS, nanoIdCustomAlphabet, } from './nanoid.js';
 /**
  * Generate cryptographically-secure string id.
  * Powered by `nanoid`.
  */
-function stringId(length = 16, alphabet = nanoid_1.ALPHABET_ALPHANUMERIC_LOWERCASE) {
-    return (0, nanoid_1.nanoIdCustomAlphabet)(alphabet, length)();
+export function stringId(length = 16, alphabet = ALPHABET_ALPHANUMERIC_LOWERCASE) {
+    return nanoIdCustomAlphabet(alphabet, length)();
 }
 /**
  * Generate a string id of Base62 alphabet (same as "alphanumeric": A-Za-z0-9)
  *
  * Length is 16 (non-configurable currently).
  */
-exports.stringIdBase62 = (0, nanoid_1.nanoIdCustomAlphabet)(nanoid_1.ALPHABET_ALPHANUMERIC, 16);
+export const stringIdBase62 = nanoIdCustomAlphabet(ALPHABET_ALPHANUMERIC, 16);
 /**
  * Generate a string id of Base64 alphabet: A-Za-z0-9+/
  *
@@ -28,8 +21,8 @@ exports.stringIdBase62 = (0, nanoid_1.nanoIdCustomAlphabet)(nanoid_1.ALPHABET_AL
  *
  * Dividable by 4 lengths produce ids with no padding `=` characters, which is optimal.
  */
-function stringIdBase64(size = 16) {
-    return (0, node_crypto_1.randomBytes)(size * 0.75).toString('base64');
+export function stringIdBase64(size = 16) {
+    return randomBytes(size * 0.75).toString('base64');
 }
 /**
  * Generate a string id of Base64url alphabet: A-Za-z0-9-_
@@ -39,8 +32,8 @@ function stringIdBase64(size = 16) {
  *
  * Base64url always produces strings without a padding character `=`, by design.
  */
-function stringIdBase64Url(size = 16) {
-    return (0, node_crypto_1.randomBytes)(size * 0.75).toString('base64url');
+export function stringIdBase64Url(size = 16) {
+    return randomBytes(size * 0.75).toString('base64url');
 }
 /**
  * Generate cryptographically-secure string id with non-ambiguous characters only,
@@ -48,6 +41,6 @@ function stringIdBase64Url(size = 16) {
  *
  * Default length is 16.
  */
-function stringIdNonAmbiguous(size = 16) {
-    return stringId(size, nanoid_1.ALPHABET_NONAMBIGUOUS);
+export function stringIdNonAmbiguous(size = 16) {
+    return stringId(size, ALPHABET_NONAMBIGUOUS);
 }

package/dist/security/nanoid.js

@@ -1,25 +1,20 @@
-"use strict";
 /*
 
 This file is "vendored" from Nanoid, all credit is to Nanoid authors:
 https://github.com/ai/nanoid/
 
  */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.ALPHABET_BASE64_URL = exports.ALPHABET_BASE64 = exports.ALPHABET_ALPHANUMERIC = exports.ALPHABET_ALPHANUMERIC_UPPERCASE = exports.ALPHABET_ALPHANUMERIC_LOWERCASE = exports.ALPHABET_UPPERCASE = exports.ALPHABET_LOWERCASE = exports.ALPHABET_NUMBER = exports.ALPHABET_NONAMBIGUOUS = void 0;
-exports.nanoIdCustomAlphabet = nanoIdCustomAlphabet;
-exports.nanoid = nanoid;
 /* eslint-disable */
-const node_crypto_1 = require("node:crypto");
-exports.ALPHABET_NONAMBIGUOUS = '23456789ABCDEFGHJKLMNPQRSTUVWXYZ';
-exports.ALPHABET_NUMBER = '0123456789';
-exports.ALPHABET_LOWERCASE = 'abcdefghijklmnopqrstuvwxyz';
-exports.ALPHABET_UPPERCASE = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
-exports.ALPHABET_ALPHANUMERIC_LOWERCASE = [exports.ALPHABET_NUMBER, exports.ALPHABET_LOWERCASE].join('');
-exports.ALPHABET_ALPHANUMERIC_UPPERCASE = [exports.ALPHABET_NUMBER, exports.ALPHABET_UPPERCASE].join('');
-exports.ALPHABET_ALPHANUMERIC = [exports.ALPHABET_NUMBER, exports.ALPHABET_LOWERCASE, exports.ALPHABET_UPPERCASE].join('');
-exports.ALPHABET_BASE64 = [exports.ALPHABET_ALPHANUMERIC, '+/'].join('');
-exports.ALPHABET_BASE64_URL = [exports.ALPHABET_ALPHANUMERIC, '-_'].join('');
+import { randomFillSync } from 'node:crypto';
+export const ALPHABET_NONAMBIGUOUS = '23456789ABCDEFGHJKLMNPQRSTUVWXYZ';
+export const ALPHABET_NUMBER = '0123456789';
+export const ALPHABET_LOWERCASE = 'abcdefghijklmnopqrstuvwxyz';
+export const ALPHABET_UPPERCASE = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
+export const ALPHABET_ALPHANUMERIC_LOWERCASE = [ALPHABET_NUMBER, ALPHABET_LOWERCASE].join('');
+export const ALPHABET_ALPHANUMERIC_UPPERCASE = [ALPHABET_NUMBER, ALPHABET_UPPERCASE].join('');
+export const ALPHABET_ALPHANUMERIC = [ALPHABET_NUMBER, ALPHABET_LOWERCASE, ALPHABET_UPPERCASE].join('');
+export const ALPHABET_BASE64 = [ALPHABET_ALPHANUMERIC, '+/'].join('');
+export const ALPHABET_BASE64_URL = [ALPHABET_ALPHANUMERIC, '-_'].join('');
 // It is best to make fewer, larger requests to the crypto module to
 // avoid system call overhead. So, random numbers are generated in a
 // pool. The pool is a Buffer that is larger than the initial random
@@ -31,11 +26,11 @@ let poolOffset;
 function fillPool(bytes) {
     if (!pool || pool.length < bytes) {
         pool = Buffer.allocUnsafe(bytes * POOL_SIZE_MULTIPLIER);
-        (0, node_crypto_1.randomFillSync)(pool);
+        randomFillSync(pool);
         poolOffset = 0;
     }
     else if (poolOffset + bytes > pool.length) {
-        (0, node_crypto_1.randomFillSync)(pool);
+        randomFillSync(pool);
         poolOffset = 0;
     }
     poolOffset += bytes;
@@ -77,10 +72,10 @@ function customRandom(alphabet, defaultSize, getRandom) {
         }
     };
 }
-function nanoIdCustomAlphabet(alphabet, size = 21) {
+export function nanoIdCustomAlphabet(alphabet, size = 21) {
     return customRandom(alphabet, size, random);
 }
-function nanoid(size = 21) {
+export function nanoid(size = 21) {
     // `-=` convert `size` to number to prevent `valueOf` abusing
     fillPool((size -= 0));
     let id = '';
@@ -91,7 +86,7 @@ function nanoid(size = 21) {
         // range to the 0-63 value range. Therefore, adding hacks, such
         // as empty string fallback or magic numbers, is unneccessary because
         // the bitmask trims bytes down to the alphabet size.
-        id += exports.ALPHABET_BASE64_URL[pool[i] & 63];
+        id += ALPHABET_BASE64_URL[pool[i] & 63];
     }
     return id;
 }

package/dist/security/secret.util.js

@@ -1,16 +1,6 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.loadSecretsFromEnv = loadSecretsFromEnv;
-exports.removeSecretsFromEnv = removeSecretsFromEnv;
-exports.loadSecretsFromEncryptedJsonFile = loadSecretsFromEncryptedJsonFile;
-exports.loadSecretsFromEncryptedJsonFileValues = loadSecretsFromEncryptedJsonFileValues;
-exports.secret = secret;
-exports.secretOptional = secretOptional;
-exports.getSecretMap = getSecretMap;
-exports.setSecretMap = setSecretMap;
-const node_fs_1 = require("node:fs");
-const js_lib_1 = require("@naturalcycles/js-lib");
-const crypto_util_1 = require("./crypto.util");
+import { existsSync, readFileSync } from 'node:fs';
+import { _assert, _jsonParseIfPossible } from '@naturalcycles/js-lib';
+import { decryptObject, decryptRandomIVBuffer } from './crypto.util.js';
 let loaded = false;
 const secretMap = {};
 /**
@@ -19,8 +9,8 @@ const secretMap = {};
  *
  * Does NOT delete previous secrets from secretMap.
  */
-function loadSecretsFromEnv() {
-    require('dotenv').config(); // ensure .env is loaded
+export function loadSecretsFromEnv() {
+    // require('dotenv').config() // ensure .env is loaded
     const secrets = {};
     Object.keys(process.env)
         .filter(k => k.toUpperCase().startsWith('SECRET_'))
@@ -35,7 +25,7 @@ function loadSecretsFromEnv() {
 /**
  * Removes process.env.SECRET_*
  */
-function removeSecretsFromEnv() {
+export function removeSecretsFromEnv() {
     Object.keys(process.env)
         .filter(k => k.toUpperCase().startsWith('SECRET_'))
         .forEach(k => delete process.env[k]);
@@ -48,17 +38,17 @@ function removeSecretsFromEnv() {
  * Whole file is encrypted.
  * For "json-values encrypted" style - use `loadSecretsFromEncryptedJsonFileValues`
  */
-function loadSecretsFromEncryptedJsonFile(filePath, secretEncryptionKey) {
-    (0, js_lib_1._assert)((0, node_fs_1.existsSync)(filePath), `loadSecretsFromEncryptedJsonFile() cannot load from path: ${filePath}`);
+export function loadSecretsFromEncryptedJsonFile(filePath, secretEncryptionKey) {
+    _assert(existsSync(filePath), `loadSecretsFromEncryptedJsonFile() cannot load from path: ${filePath}`);
     let secrets;
     if (secretEncryptionKey) {
-        const buf = (0, node_fs_1.readFileSync)(filePath);
+        const buf = readFileSync(filePath);
         const encKeyBuffer = Buffer.from(secretEncryptionKey, 'base64');
-        const plain = (0, crypto_util_1.decryptRandomIVBuffer)(buf, encKeyBuffer).toString('utf8');
+        const plain = decryptRandomIVBuffer(buf, encKeyBuffer).toString('utf8');
         secrets = JSON.parse(plain);
     }
     else {
-        secrets = JSON.parse((0, node_fs_1.readFileSync)(filePath, 'utf8'));
+        secrets = JSON.parse(readFileSync(filePath, 'utf8'));
     }
     Object.entries(secrets).forEach(([k, v]) => (secretMap[k.toUpperCase()] = v));
     loaded = true;
@@ -70,12 +60,12 @@ function loadSecretsFromEncryptedJsonFile(filePath, secretEncryptionKey) {
  * Whole file is NOT encrypted, but instead individual json values ARE encrypted..
  * For whole-file encryption - use `loadSecretsFromEncryptedJsonFile`
  */
-function loadSecretsFromEncryptedJsonFileValues(filePath, secretEncryptionKey) {
-    (0, js_lib_1._assert)((0, node_fs_1.existsSync)(filePath), `loadSecretsFromEncryptedJsonFileValues() cannot load from path: ${filePath}`);
-    let secrets = JSON.parse((0, node_fs_1.readFileSync)(filePath, 'utf8'));
+export function loadSecretsFromEncryptedJsonFileValues(filePath, secretEncryptionKey) {
+    _assert(existsSync(filePath), `loadSecretsFromEncryptedJsonFileValues() cannot load from path: ${filePath}`);
+    let secrets = JSON.parse(readFileSync(filePath, 'utf8'));
     if (secretEncryptionKey) {
         const encKeyBuffer = Buffer.from(secretEncryptionKey, 'base64');
-        secrets = (0, crypto_util_1.decryptObject)(secrets, encKeyBuffer);
+        secrets = decryptObject(secrets, encKeyBuffer);
     }
     Object.entries(secrets).forEach(([k, v]) => (secretMap[k.toUpperCase()] = v));
     loaded = true;
@@ -83,31 +73,31 @@ function loadSecretsFromEncryptedJsonFileValues(filePath, secretEncryptionKey) {
         .map(s => s.toUpperCase())
         .join(', ')}`);
 }
-function secret(k, parseJson = false) {
+export function secret(k, parseJson = false) {
     const v = secretOptional(k, parseJson);
     if (!v) {
         throw new Error(`secret(${k.toUpperCase()}) not found!`);
     }
     return v;
 }
-function secretOptional(k, parseJson = false) {
+export function secretOptional(k, parseJson = false) {
     requireLoaded();
     let v = secretMap[k.toUpperCase()];
     if (!v)
         return;
     if (parseJson) {
-        v = (0, js_lib_1._jsonParseIfPossible)(v);
+        v = _jsonParseIfPossible(v);
     }
     return v;
 }
-function getSecretMap() {
+export function getSecretMap() {
     requireLoaded();
     return secretMap;
 }
 /**
  * REPLACES secretMap with new map.
  */
-function setSecretMap(map) {
+export function setSecretMap(map) {
     Object.keys(secretMap).forEach(k => delete secretMap[k]);
     Object.entries(map).forEach(([k, v]) => (secretMap[k.toUpperCase()] = v));
     console.log(`setSecretMap set ${Object.keys(secretMap).length} secret(s): ${Object.keys(map)

package/dist/slack/slack.service.d.ts

@@ -1,5 +1,5 @@
 import type { AnyObject, CommonLogger, CommonLogLevel } from '@naturalcycles/js-lib';
-import type { SlackAttachmentField, SlackMessage, SlackServiceCfg } from './slack.service.model';
+import type { SlackAttachmentField, SlackMessage, SlackServiceCfg } from './slack.service.model.js';
 /**
  * Has 2 main methods:
  *

package/dist/slack/slack.service.js

@@ -1,9 +1,5 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.SlackService = void 0;
-exports.slackDefaultMessagePrefixHook = slackDefaultMessagePrefixHook;
-const js_lib_1 = require("@naturalcycles/js-lib");
-const __1 = require("..");
+import { _omit, commonLoggerMinLevel, getFetcher, localTime, PQueue } from '@naturalcycles/js-lib';
+import { _inspect } from '../index.js';
 const GAE = !!process.env['GAE_INSTANCE'];
 const DEFAULTS = {
     username: 'bot',
@@ -27,7 +23,7 @@ const INSPECT_OPT = {
  * .send method has a shortcut:
  * .send(string, ctx?: CTX)
  */
-class SlackService {
+export class SlackService {
     constructor(cfg) {
         this.cfg = {
             messagePrefixHook: slackDefaultMessagePrefixHook,
@@ -38,7 +34,7 @@ class SlackService {
                 ...cfg.inspectOptions,
             },
         };
-        this.fetcher = (0, js_lib_1.getFetcher)({
+        this.fetcher = getFetcher({
             timeoutSeconds: 90,
         });
     }
@@ -72,10 +68,10 @@ class SlackService {
         let text;
         // Array has a special treatment here
         if (Array.isArray(msg.items)) {
-            text = msg.items.map(t => (0, __1._inspect)(t, inspectOptions)).join('\n');
+            text = msg.items.map(t => _inspect(t, inspectOptions)).join('\n');
         }
         else {
-            text = (0, __1._inspect)(msg.items, inspectOptions);
+            text = _inspect(msg.items, inspectOptions);
         }
         // Wrap in markdown-text-block if it's anything but plain String
         if (typeof msg.items !== 'string') {
@@ -87,7 +83,7 @@ class SlackService {
         const prefix = await messagePrefixHook(msg);
         if (prefix === null)
             return; // filtered out!
-        const json = (0, js_lib_1._omit)({
+        const json = _omit({
             ...DEFAULTS,
             ...this.cfg.defaults,
             ...msg,
@@ -119,19 +115,18 @@ class SlackService {
     getCommonLogger(opt) {
         const { minLogLevel = 'log', logChannel, warnChannel, errorChannel } = opt;
         const defaultChannel = this.cfg.defaults?.channel || DEFAULTS.channel;
-        const q = new js_lib_1.PQueue({
+        const q = new PQueue({
             concurrency: 1,
         });
-        return (0, js_lib_1.commonLoggerMinLevel)({
+        return commonLoggerMinLevel({
             log: (...args) => q.push(() => this.send({ items: args, channel: logChannel || defaultChannel })),
             warn: (...args) => q.push(() => this.send({ items: args, channel: warnChannel || defaultChannel })),
             error: (...args) => q.push(() => this.send({ items: args, channel: errorChannel || defaultChannel })),
         }, minLogLevel);
     }
 }
-exports.SlackService = SlackService;
-function slackDefaultMessagePrefixHook(msg) {
-    const tokens = [js_lib_1.localTime.now().toPretty()];
+export function slackDefaultMessagePrefixHook(msg) {
+    const tokens = [localTime.now().toPretty()];
     const { ctx } = msg;
     // AppEngine-specific decoration
     if (GAE && ctx && typeof ctx === 'object' && typeof ctx.header === 'function') {

package/dist/slack/slack.service.model.d.ts

@@ -1,5 +1,5 @@
 import type { AnyObject, CommonLogger } from '@naturalcycles/js-lib';
-import type { InspectAnyOptions } from '..';
+import type { InspectAnyOptions } from '../index.js';
 /**
  * Properties that exists both in SlackApiBody (as per Slack API) and SlackMessage (our abstraction).
  */

package/dist/slack/slack.service.model.js

@@ -1,2 +1 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
+export {};

package/dist/stream/ndjson/ndjson.model.js

@@ -1,9 +1,6 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.NDJsonStats = void 0;
-const js_lib_1 = require("@naturalcycles/js-lib");
-const colors_1 = require("../../colors/colors");
-class NDJsonStats {
+import { _hb, _ms } from '@naturalcycles/js-lib';
+import { boldWhite, dimWhite } from '../../colors/colors.js';
+export class NDJsonStats {
     static create(o = {}) {
         return Object.assign(new NDJsonStats(), o);
     }
@@ -38,11 +35,10 @@ class NDJsonStats {
     }
     toPretty(name) {
         return [
-            `Processed ${name ? (0, colors_1.boldWhite)(name) + ': ' : ''}${(0, colors_1.dimWhite)(this.rows)} rows, ${(0, colors_1.dimWhite)((0, js_lib_1._hb)(this.sizeBytes))} in ${(0, colors_1.dimWhite)((0, js_lib_1._ms)(this.tookMillis))}`,
-            (0, colors_1.dimWhite)(this.rpsTotal + ' rows/sec'),
-            (0, colors_1.dimWhite)((0, js_lib_1._hb)(this.avgBytesPerRow) + '/row'),
-            (0, colors_1.dimWhite)((0, js_lib_1._hb)(this.bpsTotal) + '/sec'),
+            `Processed ${name ? boldWhite(name) + ': ' : ''}${dimWhite(this.rows)} rows, ${dimWhite(_hb(this.sizeBytes))} in ${dimWhite(_ms(this.tookMillis))}`,
+            dimWhite(this.rpsTotal + ' rows/sec'),
+            dimWhite(_hb(this.avgBytesPerRow) + '/row'),
+            dimWhite(_hb(this.bpsTotal) + '/sec'),
         ].join(', ');
     }
 }
-exports.NDJsonStats = NDJsonStats;

package/dist/stream/ndjson/ndjsonMap.d.ts

@@ -1,5 +1,5 @@
 import type { AbortableAsyncMapper } from '@naturalcycles/js-lib';
-import type { TransformLogProgressOptions, TransformMapOptions } from '../..';
+import type { TransformLogProgressOptions, TransformMapOptions } from '../../index.js';
 export interface NDJSONMapOptions<IN = any, OUT = IN> extends TransformMapOptions<IN, OUT>, TransformLogProgressOptions<IN> {
     inputFilePath: string;
     outputFilePath: string;