@quenty/secrets 7.23.0 → 7.23.2-canary.547.11ae689.0

package/CHANGELOG.md

@@ -3,6 +3,29 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [7.23.2-canary.547.11ae689.0](https://github.com/Quenty/NevermoreEngine/compare/@quenty/secrets@7.23.0...@quenty/secrets@7.23.2-canary.547.11ae689.0) (2025-04-07)
+
+
+### Bug Fixes
+
+* Add types to packages ([2374fb2](https://github.com/Quenty/NevermoreEngine/commit/2374fb2b043cfbe0e9b507b3316eec46a4e353a0))
+* Bump package versions for republishing ([ba47c62](https://github.com/Quenty/NevermoreEngine/commit/ba47c62e32170bf74377b0c658c60b84306dc294))
+
+
+
+
+
+## [7.23.1](https://github.com/Quenty/NevermoreEngine/compare/@quenty/secrets@7.23.0...@quenty/secrets@7.23.1) (2025-04-07)
+
+
+### Bug Fixes
+
+* Add types to packages ([2374fb2](https://github.com/Quenty/NevermoreEngine/commit/2374fb2b043cfbe0e9b507b3316eec46a4e353a0))
+
+
+
+
+
 # [7.23.0](https://github.com/Quenty/NevermoreEngine/compare/@quenty/secrets@7.22.5...@quenty/secrets@7.23.0) (2025-04-02)
 
 **Note:** Version bump only for package @quenty/secrets

package/LICENSE.md

@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2014-2024 James Onnen (Quenty)
+Copyright (c) 2014-2025 James Onnen (Quenty)
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@quenty/secrets",
-  "version": "7.23.0",
+  "version": "7.23.2-canary.547.11ae689.0",
   "description": "Secrets storage system and API surface",
   "keywords": [
     "Roblox",
@@ -25,21 +25,21 @@
     "Quenty"
   ],
   "dependencies": {
-    "@quenty/cmdrservice": "^13.22.0",
-    "@quenty/datastore": "^13.20.0",
-    "@quenty/ellipticcurvecryptography": "^1.6.0",
-    "@quenty/loader": "^10.8.0",
-    "@quenty/maid": "^3.4.0",
-    "@quenty/permissionprovider": "^14.19.0",
-    "@quenty/promise": "^10.10.1",
-    "@quenty/remotefunctionutils": "^10.10.1",
-    "@quenty/remoting": "^12.18.0",
-    "@quenty/rx": "^13.17.0",
-    "@quenty/servicebag": "^11.11.1",
-    "@quenty/table": "^3.7.1"
+    "@quenty/cmdrservice": "13.22.2-canary.547.11ae689.0",
+    "@quenty/datastore": "13.20.2-canary.547.11ae689.0",
+    "@quenty/ellipticcurvecryptography": "1.6.2-canary.547.11ae689.0",
+    "@quenty/loader": "10.8.2-canary.547.11ae689.0",
+    "@quenty/maid": "3.4.2-canary.547.11ae689.0",
+    "@quenty/permissionprovider": "14.19.2-canary.547.11ae689.0",
+    "@quenty/promise": "10.10.3-canary.547.11ae689.0",
+    "@quenty/remotefunctionutils": "10.10.3-canary.547.11ae689.0",
+    "@quenty/remoting": "12.18.2-canary.547.11ae689.0",
+    "@quenty/rx": "13.17.2-canary.547.11ae689.0",
+    "@quenty/servicebag": "11.11.3-canary.547.11ae689.0",
+    "@quenty/table": "3.7.3-canary.547.11ae689.0"
   },
   "publishConfig": {
     "access": "public"
   },
-  "gitHead": "e8ea56930e65322fcffc05a1556d5df988068f0b"
+  "gitHead": "11ae6894c9c40c596e521dc1d2a71977af63752f"
 }

package/src/Client/SecretsServiceClient.lua

@@ -10,11 +10,12 @@ local SecretsCmdrTypeUtils = require("SecretsCmdrTypeUtils")
 local SecretsServiceConstants = require("SecretsServiceConstants")
 local RemoteFunctionUtils = require("RemoteFunctionUtils")
 local Promise = require("Promise")
+local _ServiceBag = require("ServiceBag")
 
 local SecretsServiceClient = {}
 SecretsServiceClient.ServiceName = "SecretsServiceClient"
 
-function SecretsServiceClient:Init(serviceBag)
+function SecretsServiceClient:Init(serviceBag: _ServiceBag.ServiceBag)
 	assert(not self._serviceBag, "Already initialized")
 	self._serviceBag = assert(serviceBag, "No serviceBag")
 	self._maid = Maid.new()

package/src/Server/Cmdr/SecretsCommandService.lua

@@ -6,17 +6,18 @@ local require = require(script.Parent.loader).load(script)
 
 local SecretsCmdrTypeUtils = require("SecretsCmdrTypeUtils")
 local Maid = require("Maid")
+local _ServiceBag = require("ServiceBag")
 
 local SecretsCommandService = {}
 SecretsCommandService.ServiceName = "SecretsCommandService"
 
-function SecretsCommandService:Init(serviceBag)
+function SecretsCommandService:Init(serviceBag: _ServiceBag.ServiceBag)
 	assert(not self._serviceBag, "Already initialized")
 	self._serviceBag = assert(serviceBag, "No serviceBag")
 	self._maid = Maid.new()
 
 	self._cmdrService = self._serviceBag:GetService(require("CmdrService"))
-	self._secretsService = self._serviceBag:GetService(require("SecretsService"))
+	self._secretsService = self._serviceBag:GetService((require :: any)("SecretsService"))
 end
 
 function SecretsCommandService:Start()
@@ -123,14 +124,14 @@ function SecretsCommandService:_registerCommands()
 
 		local maxKeyLength = 6
 		local maxValueLength = 5
-		for key, value in pairs(secrets) do
+		for key, value in secrets do
 			maxKeyLength = math.max(maxKeyLength, #key)
 			maxValueLength = math.max(maxValueLength, #value)
 		end
 
 		local output = string.format("\n%-" .. maxKeyLength .. "s %-" .. maxValueLength .. "s", "Secret", "Value")
 		output = output .. string.format("\n%s %s", string.rep("-", maxKeyLength), string.rep("-", maxValueLength))
-		for key, value in pairs(secrets) do
+		for key, value in secrets do
 			output = output .. string.format("\n%-" .. maxKeyLength .. "s %-" .. maxValueLength .. "s", key, value)
 		end
 		output = output .. string.format("\n%s %s", string.rep("-", maxKeyLength), string.rep("-", maxValueLength))

package/src/Server/SecretsService.lua

@@ -10,11 +10,12 @@ local GetRemoteFunction = require("GetRemoteFunction")
 local Promise = require("Promise")
 local Observable = require("Observable")
 local EllipticCurveCryptography = require("EllipticCurveCryptography")
+local _ServiceBag = require("ServiceBag")
 
 local SecretsService = {}
 SecretsService.ServiceName = "SecretsService"
 
-function SecretsService:Init(serviceBag)
+function SecretsService:Init(serviceBag: _ServiceBag.ServiceBag)
 	assert(not self._serviceBag, "Already initialized")
 	self._serviceBag = assert(serviceBag, "No serviceBag")
 	self._maid = Maid.new()
@@ -39,7 +40,7 @@ end
 
 	@param seed number
 ]=]
-function SecretsService:SetPublicKeySeed(seed)
+function SecretsService:SetPublicKeySeed(seed: number)
 	assert(type(seed) == "number", "Bad seed")
 
 	local private, public = EllipticCurveCryptography.keypair(seed or EllipticCurveCryptography.random.random())
@@ -64,23 +65,22 @@ end
 	@param secretKey string
 	@return Promise<string>
 ]=]
-function SecretsService:PromiseSecret(secretKey)
+function SecretsService:PromiseSecret(secretKey: string)
 	assert(type(secretKey) == "string", "Bad secretKey")
 
 	return self:_promiseSubstore():Then(function(substore)
-		return self._maid:GivePromise(substore:Load(secretKey))
-			:Then(function(data)
-				if type(data) ~= "table" then
-					return Promise.resolved(nil)
+		return self._maid:GivePromise(substore:Load(secretKey)):Then(function(data)
+			if type(data) ~= "table" then
+				return Promise.resolved(nil)
+			else
+				local ok, value = self:_decrypt(data)
+				if ok then
+					return value
 				else
-					local ok, value = self:_decrypt(data)
-					if ok then
-						return value
-					else
-						return Promise.rejected(value or "Failed to decrypt result")
-					end
+					return Promise.rejected(value or "Failed to decrypt result")
 				end
-			end)
+			end
+		end)
 	end)
 end
 
@@ -89,23 +89,22 @@ end
 
 	@return @return Promise<{string}>
 ]=]
-function SecretsService:PromiseAllSecrets()
+function SecretsService:PromiseAllSecrets(): Promise.Promise<{ string }>
 	return self:_promiseSubstore():Then(function(substore)
-		return self._maid:GivePromise(substore:LoadAll())
-			:Then(function(secretsList)
-				local secretMap = {}
-
-				for key, secretData in pairs(secretsList) do
-					local ok, decrypted = self:_decrypt(secretData)
-					if ok then
-						secretMap[key] = decrypted
-					else
-						warn(string.format("[SecretsService] - Failed to decrypt %q", key))
-					end
+		return self._maid:GivePromise(substore:LoadAll()):Then(function(secretsList)
+			local secretMap = {}
+
+			for key, secretData in secretsList do
+				local ok, decrypted = self:_decrypt(secretData)
+				if ok then
+					secretMap[key] = decrypted
+				else
+					warn(string.format("[SecretsService] - Failed to decrypt %q", key))
 				end
+			end
 
-				return secretMap
-			end)
+			return secretMap
+		end)
 	end)
 end
 
@@ -115,26 +114,29 @@ end
 	@param secretKey string
 	@return Observable<string>
 ]=]
-function SecretsService:ObserveSecret(secretKey)
+function SecretsService:ObserveSecret(secretKey: string): Observable.Observable<string>
 	assert(type(secretKey) == "string", "Bad secretKey")
 
 	return Observable.new(function(sub)
 		local maid = Maid.new()
 
 		maid:GivePromise(self:_promiseSubstore():Then(function(substore)
-			maid:GivePromise(substore:Observe(secretKey):Subscribe(function(data)
-				if type(data) ~= "table" then
-					sub:Fire(nil)
-				else
-					local ok, value = self:_decrypt(data)
-					if ok then
-						sub:Fire(value)
+			maid:GivePromise(
+				substore:Observe(secretKey):Subscribe(function(data)
+					if type(data) ~= "table" then
+						sub:Fire(nil)
 					else
-						-- TODO: Maybe brio instead?
-						sub:Fail(value or "Failed to decrypt result")
+						local ok, value = self:_decrypt(data)
+						if ok then
+							sub:Fire(value)
+						else
+							-- TODO: Maybe brio instead?
+							sub:Fail(value or "Failed to decrypt result")
+						end
 					end
-				end
-			end), sub:GetFailComplete())
+				end),
+				sub:GetFailComplete()
+			)
 		end, function(err)
 			sub:Fail(err or "Failed to get datastore")
 		end))
@@ -148,10 +150,10 @@ end
 
 	@param secretKey string
 ]=]
-function SecretsService:DeleteSecret(secretKey)
+function SecretsService:DeleteSecret(secretKey: string): Promise.Promise<()>
 	assert(type(secretKey) == "string", "Bad secretKey")
 
-	self:_promiseSubstore():Then(function(substore)
+	return self:_promiseSubstore():Then(function(substore)
 		substore:Delete(secretKey)
 	end)
 end
@@ -162,7 +164,7 @@ end
 	@param secretKey string
 	@param value string
 ]=]
-function SecretsService:StoreSecret(secretKey, value)
+function SecretsService:StoreSecret(secretKey: string, value: string)
 	assert(type(secretKey) == "string", "Bad secretKey")
 	assert(type(value) == "string", "Bad value")
 
@@ -174,8 +176,8 @@ function SecretsService:StoreSecret(secretKey, value)
 
 		-- TODO: Encode byte array in more efficient structure for JSON
 		local toStore = {
-			encrypted = setmetatable(table.clone(encrypted), nil); -- remove metatable
-			signature = setmetatable(table.clone(signature), nil); -- remove metatable
+			encrypted = setmetatable(table.clone(encrypted), nil), -- remove metatable
+			signature = setmetatable(table.clone(signature), nil), -- remove metatable
 		}
 
 		substore:Store(secretKey, toStore)
@@ -185,9 +187,9 @@ end
 --[=[
 	Clears all the secrets stored in the datastore
 
-	@return { string }
+	@return Promise<()>
 ]=]
-function SecretsService:ClearAllSecrets()
+function SecretsService:ClearAllSecrets(): Promise.Promise<()>
 	return self:_promiseSubstore():Then(function(substore)
 		return substore:Wipe()
 	end)
@@ -196,9 +198,9 @@ end
 --[=[
 	Gets a list of all available secret keys for the game
 
-	@return { string }
+	@return Promise<{ string }>
 ]=]
-function SecretsService:PromiseSecretKeyNamesList()
+function SecretsService:PromiseSecretKeyNamesList(): Promise.Promise<{ string }>
 	return self:_promiseSubstore():Then(function(substore)
 		return substore:PromiseKeyList()
 	end)
@@ -211,16 +213,24 @@ function SecretsService:_warnAboutNoPublicKeyStoredInSourceCode()
 	end
 end
 
-function SecretsService:_getInstructions()
-	local instructions = "[SecretsService.StoreSecret] - Security - Current private key seed is GameId, which is guessable."
+function SecretsService:_getInstructions(): string
+	local instructions =
+		"[SecretsService.StoreSecret] - Security - Current private key seed is GameId, which is guessable."
 	instructions = instructions .. "\n\tTIP: This is only applicable if we're storing API keys for use in here."
-	instructions = instructions .. "\n\tTIP: If you set the private key seed in source code, attackers need source code AND datastore access"
-	instructions = instructions .. "\n\tTIP: Call `serviceBag:GetService(require(\"SecretsService\")):SetPublicKeySeed(UNIQUE_RANDOM_NUMBER_HERE)` to suppress this warning."
+	instructions = instructions
+		.. "\n\tTIP: If you set the private key seed in source code, attackers need source code AND datastore access"
+	instructions = instructions
+		.. '\n\tTIP: Call `serviceBag:GetService(require("SecretsService")):SetPublicKeySeed(UNIQUE_RANDOM_NUMBER_HERE)` to suppress this warning.'
 	instructions = instructions .. "\n\tTIP: This will invalidate previous secrets stored."
 	return instructions
 end
 
-function SecretsService:_decrypt(data)
+export type SecretsData = {
+	encrypted: { number },
+	signature: { number },
+}
+
+function SecretsService:_decrypt(data: SecretsData): (boolean?, string)
 	assert(type(data) == "table", "Bad data")
 	assert(data.encrypted ~= nil, "Bad data.encrypted")
 	assert(data.signature ~= nil, "Bad data.signature")

package/src/Shared/Cmdr/SecretsCmdrTypeUtils.lua

@@ -2,8 +2,6 @@
 	@class SecretsCmdrTypeUtils
 ]=]
 
-local require = require(script.Parent.loader).load(script)
-
 local SecretsCmdrTypeUtils = {}
 
 function SecretsCmdrTypeUtils.registerSecretKeyTypes(cmdr, secretsService)
@@ -19,7 +17,7 @@ end
 function SecretsCmdrTypeUtils.makeSecretKeyType(cmdr, secretsService, isRequired)
 	return {
 		Transform = function(text)
-			local secretNames = secretsService:PromiseSecretKeyNamesList():Wait();
+		local secretNames = secretsService:PromiseSecretKeyNamesList():Wait()
 			local list
 			if not isRequired then
 				list = table.clone(secretNames)