@pdpp/local-collector 0.18.3 → 0.18.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/dist/polyfill-connectors/src/collector-build-info.js +3 -3
  2. package/dist/polyfill-connectors/src/static-secret-injection.js +76 -12
  3. package/package.json +1 -1
package/dist/polyfill-connectors/src/collector-build-info.js CHANGED
@@ -1,8 +1,8 @@
1
1
  const COLLECTOR_BUILD_SOURCE_SENTINEL = "source";
2
2
  const COLLECTOR_BUILD_INFO = {
3
- builtAt: "2026-06-26T09:42:50.991Z",
4
- revision: "25f16cff9bb5",
5
- version: "0.18.3",
3
+ builtAt: "2026-06-26T16:46:40.365Z",
4
+ revision: "8d71998bcba2",
5
+ version: "0.18.5",
6
6
  };
7
7
  function buildAgentVersion(info = COLLECTOR_BUILD_INFO) {
8
8
  return `${info.version}+${info.revision}`;
package/dist/polyfill-connectors/src/static-secret-injection.js CHANGED
@@ -1,4 +1,22 @@
1
1
  function freezeStaticSecretDescriptor(descriptor) {
2
+ const freezeMapping = (mapping) => {
3
+ if (mapping.secretEnvVars) {
4
+ Object.freeze(mapping.secretEnvVars);
5
+ }
6
+ if (mapping.secretFieldEnvVars) {
7
+ for (const value of Object.values(mapping.secretFieldEnvVars)) {
8
+ Object.freeze(value);
9
+ }
10
+ Object.freeze(mapping.secretFieldEnvVars);
11
+ }
12
+ if (mapping.setupFieldEnvVars) {
13
+ for (const value of Object.values(mapping.setupFieldEnvVars)) {
14
+ Object.freeze(value);
15
+ }
16
+ Object.freeze(mapping.setupFieldEnvVars);
17
+ }
18
+ return Object.freeze(mapping);
19
+ };
2
20
  if (descriptor.secretEnvVars) {
3
21
  Object.freeze(descriptor.secretEnvVars);
4
22
  }
@@ -14,9 +32,22 @@ function freezeStaticSecretDescriptor(descriptor) {
14
32
  }
15
33
  Object.freeze(descriptor.setupFieldEnvVars);
16
34
  }
35
+ if (descriptor.acceptedCredentialVariants) {
36
+ for (const variant of descriptor.acceptedCredentialVariants) {
37
+ freezeMapping(variant);
38
+ }
39
+ Object.freeze(descriptor.acceptedCredentialVariants);
40
+ }
17
41
  return Object.freeze(descriptor);
18
42
  }
19
43
  export const STATIC_SECRET_CONNECTOR_REGISTRY = Object.freeze({
44
+ amazon: freezeStaticSecretDescriptor({
45
+ credentialKind: "username_password",
46
+ secretFieldEnvVars: {
47
+ password: ["AMAZON_PASSWORD"],
48
+ username: ["AMAZON_USERNAME"],
49
+ },
50
+ }),
20
51
  chatgpt: freezeStaticSecretDescriptor({
21
52
  credentialKind: "username_password",
22
53
  secretFieldEnvVars: {
@@ -56,12 +87,33 @@ export const STATIC_SECRET_CONNECTOR_REGISTRY = Object.freeze({
56
87
  secretEnvVars: ["NOTION_API_TOKEN"],
57
88
  }),
58
89
  reddit: freezeStaticSecretDescriptor({
59
- credentialKind: "secret_bundle",
90
+ credentialKind: "username_password",
91
+ acceptedCredentialVariants: [
92
+ {
93
+ credentialKind: "secret_bundle",
94
+ secretFieldEnvVars: {
95
+ reddit_password: ["REDDIT_PASSWORD"],
96
+ reddit_username: ["REDDIT_USERNAME"],
97
+ },
98
+ },
99
+ ],
60
100
  secretFieldEnvVars: {
61
- reddit_username: ["REDDIT_USERNAME"],
62
- reddit_password: ["REDDIT_PASSWORD"],
63
- reddit_client_id: ["REDDIT_CLIENT_ID"],
64
- reddit_client_secret: ["REDDIT_CLIENT_SECRET"],
101
+ password: ["REDDIT_PASSWORD"],
102
+ username: ["REDDIT_USERNAME"],
103
+ },
104
+ }),
105
+ chase: freezeStaticSecretDescriptor({
106
+ credentialKind: "username_password",
107
+ secretFieldEnvVars: {
108
+ password: ["CHASE_PASSWORD"],
109
+ username: ["CHASE_USERNAME"],
110
+ },
111
+ }),
112
+ usaa: freezeStaticSecretDescriptor({
113
+ credentialKind: "username_password",
114
+ secretFieldEnvVars: {
115
+ password: ["USAA_PASSWORD"],
116
+ username: ["USAA_USERNAME"],
65
117
  },
66
118
  }),
67
119
  });
@@ -111,14 +163,26 @@ function secretBundleFields(connectorId, secret) {
111
163
  }
112
164
  return fields;
113
165
  }
114
- function assertRecoveredSecretMatches(connectorId, descriptor, recovered) {
166
+ function injectionMappingForRecoveredSecret(connectorId, descriptor, recovered) {
115
167
  if (!recovered || typeof recovered.secret !== "string" || recovered.secret.length === 0) {
116
168
  throw new StaticSecretInjectionError("recovered_secret_invalid", `Cannot inject an empty credential for connector '${connectorId}'.`);
117
169
  }
118
- if (recovered.credentialKind !== descriptor.credentialKind) {
119
- throw new StaticSecretInjectionError("credential_kind_mismatch", `Connector '${connectorId}' expects credential kind '${descriptor.credentialKind}', ` +
170
+ if (recovered.credentialKind === descriptor.credentialKind) {
171
+ return descriptor;
172
+ }
173
+ const variant = descriptor.acceptedCredentialVariants?.find((candidate) => candidate.credentialKind === recovered.credentialKind);
174
+ if (variant) {
175
+ return variant;
176
+ }
177
+ const expectedKinds = [
178
+ descriptor.credentialKind,
179
+ ...(descriptor.acceptedCredentialVariants ?? []).map((v) => v.credentialKind),
180
+ ];
181
+ if (!expectedKinds.includes(recovered.credentialKind)) {
182
+ throw new StaticSecretInjectionError("credential_kind_mismatch", `Connector '${connectorId}' expects credential kind '${expectedKinds.join("' or '")}', ` +
120
183
  `but the recovered credential is '${recovered.credentialKind}'.`);
121
184
  }
185
+ return descriptor;
122
186
  }
123
187
  function injectSingleSecret(fragment, envVars, secret) {
124
188
  for (const envVar of envVars ?? []) {
@@ -157,10 +221,10 @@ export function buildConnectionScopedSecretEnv(connectorId, recovered, sourceBin
157
221
  if (!descriptor) {
158
222
  throw new StaticSecretInjectionError("not_a_static_secret_connector", `Connector '${connectorId}' is not a known static-secret connector; refusing to invent secret env vars for it.`);
159
223
  }
160
- assertRecoveredSecretMatches(connectorId, descriptor, recovered);
224
+ const mapping = injectionMappingForRecoveredSecret(connectorId, descriptor, recovered);
161
225
  const fragment = {};
162
- injectSingleSecret(fragment, descriptor.secretEnvVars, recovered.secret);
163
- injectSecretBundle(fragment, connectorId, recovered.secret, descriptor.secretFieldEnvVars);
164
- injectSetupFields(fragment, descriptor.setupFieldEnvVars, sourceBinding);
226
+ injectSingleSecret(fragment, mapping.secretEnvVars, recovered.secret);
227
+ injectSecretBundle(fragment, connectorId, recovered.secret, mapping.secretFieldEnvVars);
228
+ injectSetupFields(fragment, mapping.setupFieldEnvVars, sourceBinding);
165
229
  return fragment;
166
230
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@pdpp/local-collector",
3
- "version": "0.18.3",
3
+ "version": "0.18.5",
4
4
  "description": "Publishable local collector runtime for PDPP: filesystem-class connectors (Claude Code, Codex) plus the device-exporter ingest client.",
5
5
  "type": "module",
6
6
  "private": false,