@p0security/cli 0.10.0 → 0.11.0

package/dist/util.d.ts

@@ -1,13 +1,3 @@
-/** Copyright © 2024-present P0 Security
-
-This file is part of @p0security/cli
-
-@p0security/cli is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 3 of the License.
-
-@p0security/cli is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
-
-You should have received a copy of the GNU General Public License along with @p0security/cli. If not, see <https://www.gnu.org/licenses/>.
-**/
 import child_process from "node:child_process";
 export declare const P0_PATH: string;
 /** Waits the specified delay (in ms)
@@ -54,3 +44,4 @@ export declare const unexpectedValueError: (value: any) => Error;
  * @returns true if the strings are equal, ignoring case
  */
 export declare const ciEquals: (a: string, b: string) => boolean;
+export declare const delay: (ms: number) => Promise<unknown>;

package/dist/util.js

@@ -12,7 +12,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.ciEquals = exports.unexpectedValueError = exports.assertNever = exports.throwAssertNever = exports.exec = exports.timeout = exports.sleep = exports.P0_PATH = void 0;
+exports.delay = exports.ciEquals = exports.unexpectedValueError = exports.assertNever = exports.throwAssertNever = exports.exec = exports.timeout = exports.sleep = exports.P0_PATH = void 0;
 /** Copyright © 2024-present P0 Security
 
 This file is part of @p0security/cli
@@ -23,10 +23,11 @@ This file is part of @p0security/cli
 
 You should have received a copy of the GNU General Public License along with @p0security/cli. If not, see <https://www.gnu.org/licenses/>.
 **/
+const env_1 = require("./drivers/env");
 const node_child_process_1 = __importDefault(require("node:child_process"));
 const node_os_1 = __importDefault(require("node:os"));
 const node_path_1 = __importDefault(require("node:path"));
-exports.P0_PATH = node_path_1.default.join(node_os_1.default.homedir(), ".p0");
+exports.P0_PATH = node_path_1.default.join(node_os_1.default.homedir(), env_1.config.environment === "production" ? ".p0" : `.p0-${env_1.config.environment}`);
 /** Waits the specified delay (in ms)
  *
  * The returned promise is cancelable:
@@ -107,3 +108,6 @@ exports.unexpectedValueError = unexpectedValueError;
  */
 const ciEquals = (a, b) => a.localeCompare(b, undefined, { sensitivity: "accent" }) === 0;
 exports.ciEquals = ciEquals;
+const delay = (ms) => new Promise((resolve) => setTimeout(resolve, ms));
+exports.delay = delay;
+//# sourceMappingURL=util.js.map

package/dist/util.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"util.js","sourceRoot":"","sources":["../src/util.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,uCAAuC;AACvC,4EAA+C;AAC/C,sDAAyB;AACzB,0DAA6B;AAEhB,QAAA,OAAO,GAAG,mBAAI,CAAC,IAAI,CAC9B,iBAAE,CAAC,OAAO,EAAE,EACZ,YAAM,CAAC,WAAW,KAAK,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,YAAM,CAAC,WAAW,EAAE,CAC1E,CAAC;AAEF;;;;;;;;GAQG;AACI,MAAM,KAAK,GAAG,CAAC,aAAqB,EAAE,EAAE;IAC7C,IAAI,KAAK,GAA+B,SAAS,CAAC;IAClD,MAAM,OAAO,GAAG,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,EAAE;QAC5C,KAAK,GAAG,UAAU,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;IAC7C,CAAC,CAAC,CAAC;IACH,OAAO,MAAM,CAAC,MAAM,CAAC,OAAO,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,YAAY,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;AACvE,CAAC,CAAC;AANW,QAAA,KAAK,SAMhB;AAEF;;;;GAIG;AACI,MAAM,OAAO,GAAG,CACrB,OAAgC,EAChC,aAAqB,EACrB,EAAE;IACF,MAAM,IAAI,GAAG,IAAA,aAAK,EAAC,aAAa,CAAC,CAAC;IAClC,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC,CAAC;IACnD,IAAI,MAAM,KAAK,SAAS;QAAE,MAAM,IAAI,KAAK,CAAC,SAAS,CAAC,CAAC;IACrD,IAAI,CAAC,MAAM,EAAE,CAAC;IACd,OAAO,MAAM,CAAC;AAChB,CAAC,CAAA,CAAC;AATW,QAAA,OAAO,WASlB;AAEF;;;GAGG;AACI,MAAM,IAAI,GAAG,CAClB,OAAe,EACf,IAAc,EACd,OAGC,EACD,EAAE;IACF,OAAA,IAAI,OAAO,CACT,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QAClB,IAAI;YACF,MAAM,GAAG,GAAa,EAAE,CAAC;YACzB,MAAM,GAAG,GAAa,EAAE,CAAC;YACzB,MAAM,KAAK,GAAG,4BAAa,CAAC,KAAK,CAAC,OAAO,EAAE,IAAI,kCAC1C,CAAC,OAAO,aAAP,OAAO,cAAP,OAAO,GAAI,EAAE,CAAC,KAClB,KAAK,EAAE,MAAM,IACb,CAAC;YACH,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;YAC5C,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;YAC5C,KAAK,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;gBACxB,MAAM,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAC9B,MAAM,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAC9B,MAAM,MAAM,GAAG,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;gBACxC,IAAI,IAAI,KAAK,CAAC,KAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,CAAA;oBAC9B,MAAM,CACJ,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,8BAA8B,CAAC,EAAE,MAAM,CAAC,CACjE,CAAC;gBACJ,OAAO,CAAC,MAAM,CAAC,CAAC;YAClB,CAAC,CAAC,CAAC;SACJ;QAAC,OAAO,KAAK,EAAE;YACd,MAAM,CAAC,KAAK,CAAC,CAAC;SACf;IACH,CAAC,CACF,CAAA;EAAA,CAAC;AAjCS,QAAA,IAAI,QAiCb;AAEG,MAAM,gBAAgB,GAAG,CAAC,KAAY,EAAE,EAAE;IAC/C,MAAM,IAAA,mBAAW,EAAC,KAAK,CAAC,CAAC;AAC3B,CAAC,CAAC;AAFW,QAAA,gBAAgB,oBAE3B;AAEK,MAAM,WAAW,GAAG,CAAC,KAAY,EAAE,EAAE;IAC1C,OAAO,IAAA,4BAAoB,EAAC,KAAK,CAAC,CAAC;AACrC,CAAC,CAAC;AAFW,QAAA,WAAW,eAEtB;AAEK,MAAM,oBAAoB,GAAG,CAAC,KAAU,EAAE,EAAE,CACjD,IAAI,KAAK,CAAC,gCAAgC,KAAK,sBAAsB,CAAC,CAAC;AAD5D,QAAA,oBAAoB,wBACwC;AAEzE;;;;;;;;;GASG;AACI,MAAM,QAAQ,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,EAAE,CAC/C,CAAC,CAAC,aAAa,CAAC,CAAC,EAAE,SAAS,EAAE,EAAE,WAAW,EAAE,QAAQ,EAAE,CAAC,KAAK,CAAC,CAAC;AADpD,QAAA,QAAQ,YAC4C;AAE1D,MAAM,KAAK,GAAG,CAAC,EAAU,EAAE,EAAE,CAClC,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC;AADvC,QAAA,KAAK,SACkC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@p0security/cli",
-  "version": "0.10.0",
+  "version": "0.11.0",
   "description": "Execute infra CLI commands with P0 grants",
   "main": "index.ts",
   "repository": {
@@ -12,6 +12,9 @@
   "bin": {
     "p0": "p0"
   },
+  "engines": {
+    "node": ">=20.14"
+  },
   "files": [
     "dist",
     "p0",
@@ -62,6 +65,7 @@
     "eslint-plugin-promise": "^6.1.1",
     "jest": "^29.7.0",
     "prettier": "^3.2.4",
+    "ts-node": "^10.9.2",
     "ts-jest": "^29.1.2"
   },
   "scripts": {

package/dist/plugins/ssh-agent/index.d.ts

@@ -1,4 +0,0 @@
-import { AgentArgs } from "./types";
-export declare const privateKeyExists: (args: AgentArgs) => Promise<boolean>;
-export declare const addPrivateKey: (args: AgentArgs) => Promise<boolean>;
-export declare const withSshAgent: <T>(args: AgentArgs, fn: () => Promise<T>) => Promise<T>;

package/dist/plugins/ssh-agent/index.js

@@ -1,102 +0,0 @@
-"use strict";
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.withSshAgent = exports.addPrivateKey = exports.privateKeyExists = void 0;
-/** Copyright © 2024-present P0 Security
-
-This file is part of @p0security/cli
-
-@p0security/cli is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 3 of the License.
-
-@p0security/cli is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
-
-You should have received a copy of the GNU General Public License along with @p0security/cli. If not, see <https://www.gnu.org/licenses/>.
-**/
-const keys_1 = require("../../common/keys");
-const subprocess_1 = require("../../common/subprocess");
-const stdio_1 = require("../../drivers/stdio");
-const isSshAgentRunning = (args) => __awaiter(void 0, void 0, void 0, function* () {
-    try {
-        if (args.debug)
-            (0, stdio_1.print2)("Searching for active ssh-agents");
-        // TODO: There's a possible edge-case but unlikely that ssh-agent has an invalid process or PID.
-        // We can check to see if the active PID matches the current socket to mitigate this.
-        yield (0, subprocess_1.asyncSpawn)(args, `pgrep`, ["-x", "ssh-agent"]);
-        if (args.debug)
-            (0, stdio_1.print2)("At least one SSH agent is running");
-        return true;
-    }
-    catch (_a) {
-        if (args.debug)
-            (0, stdio_1.print2)("No SSH agent is running!");
-        return false;
-    }
-});
-const isSshAgentAuthSocketSet = (args) => __awaiter(void 0, void 0, void 0, function* () {
-    try {
-        yield (0, subprocess_1.asyncSpawn)(args, `sh`, ["-c", '[ -n "$SSH_AUTH_SOCK" ]']);
-        if (args.debug)
-            (0, stdio_1.print2)(`SSH_AUTH_SOCK=${process.env.SSH_AUTH_SOCK}`);
-        return true;
-    }
-    catch (_b) {
-        if (args.debug)
-            (0, stdio_1.print2)("SSH_AUTH_SOCK is not set!");
-        return false;
-    }
-});
-const privateKeyExists = (args) => __awaiter(void 0, void 0, void 0, function* () {
-    try {
-        yield (0, subprocess_1.asyncSpawn)(args, `sh`, [
-            "-c",
-            `KEY_PATH="${keys_1.PRIVATE_KEY_PATH}" && KEY_FINGERPRINT=$(ssh-keygen -lf "$KEY_PATH" | awk '{print $2}') && ssh-add -l | grep -q "$KEY_FINGERPRINT" && exit 0 || exit 1`,
-        ]);
-        if (args.debug)
-            (0, stdio_1.print2)("Private key exists in ssh agent");
-        return true;
-    }
-    catch (_c) {
-        if (args.debug)
-            (0, stdio_1.print2)("Private key does not exist in ssh agent");
-        return false;
-    }
-});
-exports.privateKeyExists = privateKeyExists;
-const addPrivateKey = (args) => __awaiter(void 0, void 0, void 0, function* () {
-    try {
-        yield (0, subprocess_1.asyncSpawn)(args, `ssh-add`, [
-            keys_1.PRIVATE_KEY_PATH,
-            ...(args.debug ? ["-v", "-v", "-v"] : ["-q"]),
-        ]);
-        if (args.debug)
-            (0, stdio_1.print2)("Private key added to ssh agent");
-        return true;
-    }
-    catch (_d) {
-        if (args.debug)
-            (0, stdio_1.print2)("Failed to add private key to ssh agent");
-        return false;
-    }
-});
-exports.addPrivateKey = addPrivateKey;
-const withSshAgent = (args, fn) => __awaiter(void 0, void 0, void 0, function* () {
-    const isRunning = yield isSshAgentRunning(args);
-    const hasSocket = yield isSshAgentAuthSocketSet(args);
-    if (!isRunning || !hasSocket) {
-        throw "SSH agent is not running. Please start it by running: eval $(ssh-agent)";
-    }
-    const hasKey = yield (0, exports.privateKeyExists)(args);
-    if (!hasKey) {
-        yield (0, exports.addPrivateKey)(args);
-    }
-    return yield fn();
-});
-exports.withSshAgent = withSshAgent;

package/dist/plugins/ssh-agent/types.d.ts

@@ -1,13 +0,0 @@
-/** Copyright © 2024-present P0 Security
-
-This file is part of @p0security/cli
-
-@p0security/cli is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 3 of the License.
-
-@p0security/cli is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
-
-You should have received a copy of the GNU General Public License along with @p0security/cli. If not, see <https://www.gnu.org/licenses/>.
-**/
-export declare type AgentArgs = {
-    debug?: boolean;
-};

package/dist/plugins/ssh-agent/types.js

@@ -1,2 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });