@pgpm/encrypted-secrets 0.15.2 → 0.15.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/Makefile +1 -1
  2. package/README.md +17 -0
  3. package/package.json +4 -4
  4. package/pgpm-encrypted-secrets.control +1 -1
  5. /package/sql/{pgpm-encrypted-secrets--0.14.0.sql → pgpm-encrypted-secrets--0.15.2.sql} +0 -0
package/Makefile CHANGED
@@ -1,5 +1,5 @@
1
1
  EXTENSION = pgpm-encrypted-secrets
2
- DATA = sql/pgpm-encrypted-secrets--0.14.0.sql
2
+ DATA = sql/pgpm-encrypted-secrets--0.15.2.sql
3
3
 
4
4
  PG_CONFIG = pg_config
5
5
  PGXS := $(shell $(PG_CONFIG) --pgxs)
package/README.md CHANGED
@@ -446,6 +446,22 @@ SELECT encrypted_secrets.secrets_upsert('uuid', 'key', 'value');
446
446
  SELECT * FROM secrets_schema.secrets_table WHERE secrets_owned_field = 'uuid';
447
447
  ```
448
448
 
449
+ ### With PGPM roles
450
+
451
+ Ensure the standard roles exist before granting:
452
+
453
+ ```bash
454
+ pgpm admin-users bootstrap
455
+ ```
456
+
457
+ ```sql
458
+ -- Only authenticated users can manage secrets
459
+ GRANT EXECUTE ON FUNCTION encrypted_secrets.secrets_upsert TO authenticated;
460
+ GRANT EXECUTE ON FUNCTION encrypted_secrets.secrets_getter TO authenticated;
461
+ GRANT EXECUTE ON FUNCTION encrypted_secrets.secrets_verify TO authenticated;
462
+ GRANT EXECUTE ON FUNCTION encrypted_secrets.secrets_delete TO authenticated;
463
+ ```
464
+
449
465
  ### With @pgpm/jwt-claims
450
466
 
451
467
  Use JWT claims for owner context:
@@ -468,6 +484,7 @@ SELECT encrypted_secrets.secrets_getter(
468
484
 
469
485
  ## Dependencies
470
486
 
487
+ - PGPM roles (anonymous, authenticated, administrator)
471
488
  - `@pgpm/encrypted-secrets-table`: Storage layer
472
489
  - `@pgpm/verify`: Verification utilities
473
490
  - PostgreSQL pgcrypto extension (for encryption functions)
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@pgpm/encrypted-secrets",
3
- "version": "0.15.2",
3
+ "version": "0.15.3",
4
4
  "description": "Encrypted secrets management for PostgreSQL",
5
5
  "author": "Dan Lynch <pyramation@gmail.com>",
6
6
  "contributors": [
@@ -21,8 +21,8 @@
21
21
  "test:watch": "jest --watch"
22
22
  },
23
23
  "dependencies": {
24
- "@pgpm/encrypted-secrets-table": "0.15.2",
25
- "@pgpm/verify": "0.15.2"
24
+ "@pgpm/encrypted-secrets-table": "0.15.3",
25
+ "@pgpm/verify": "0.15.3"
26
26
  },
27
27
  "devDependencies": {
28
28
  "pgpm": "^1.0.0"
@@ -35,5 +35,5 @@
35
35
  "bugs": {
36
36
  "url": "https://github.com/constructive-io/pgpm-modules/issues"
37
37
  },
38
- "gitHead": "92a241bab64c7b20e85e55a7bd314089907fabba"
38
+ "gitHead": "187ed37f6b731132fe930acf5b5996b1e63ecca0"
39
39
  }
package/pgpm-encrypted-secrets.control CHANGED
@@ -1,6 +1,6 @@
1
1
  # pgpm-encrypted-secrets extension
2
2
  comment = 'pgpm-encrypted-secrets extension'
3
- default_version = '0.14.0'
3
+ default_version = '0.15.2'
4
4
  module_pathname = '$libdir/pgpm-encrypted-secrets'
5
5
  requires = 'pgcrypto,plpgsql,uuid-ossp,pgpm-encrypted-secrets-table,pgpm-verify'
6
6
  relocatable = false