@quiltdata/benchling-webhook 0.5.4 → 0.6.0

package/dist/lib/s3-bucket-validator.js

@@ -0,0 +1,237 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.S3BucketValidator = void 0;
+const client_s3_1 = require("@aws-sdk/client-s3");
+/**
+ * S3 bucket access validator
+ *
+ * Validates S3 bucket access and permissions required for the webhook integration.
+ */
+class S3BucketValidator {
+    /**
+     * Validate S3 bucket access and permissions
+     *
+     * @param config - S3 bucket configuration
+     * @returns Validation result with access status and errors
+     */
+    static async validate(config) {
+        const errors = [];
+        // Validate bucket name format
+        if (!S3BucketValidator.validateBucketName(config.bucketName)) {
+            errors.push("Invalid bucket name format");
+            return {
+                hasAccess: false,
+                isConfigured: false,
+                errors,
+            };
+        }
+        // Validate region format
+        if (!S3BucketValidator.validateRegion(config.region)) {
+            errors.push("Invalid AWS region");
+            return {
+                hasAccess: false,
+                isConfigured: false,
+                errors,
+            };
+        }
+        // Create S3 client
+        const s3Client = new client_s3_1.S3Client({ region: config.region });
+        try {
+            // Check if bucket exists
+            const bucketExists = await S3BucketValidator.checkBucketExists(config.bucketName, config.region, s3Client);
+            if (!bucketExists) {
+                errors.push("Bucket does not exist");
+                return {
+                    hasAccess: false,
+                    isConfigured: false,
+                    errors,
+                };
+            }
+            // Test write permissions
+            const hasWritePermission = await S3BucketValidator.testWritePermission(config.bucketName, s3Client);
+            if (!hasWritePermission) {
+                errors.push("Insufficient write permissions");
+                return {
+                    hasAccess: false,
+                    isConfigured: false,
+                    hasWritePermission: false,
+                    errors,
+                };
+            }
+            // Test read permissions
+            const hasReadPermission = await S3BucketValidator.testReadPermission(config.bucketName, s3Client);
+            return {
+                hasAccess: true,
+                isConfigured: true,
+                hasWritePermission,
+                hasReadPermission,
+                errors: [],
+            };
+        }
+        catch (error) {
+            if (error instanceof Error) {
+                const errorName = error.name || "";
+                if (errorName === "NoSuchBucket") {
+                    errors.push("Bucket does not exist");
+                }
+                else if (errorName === "AccessDenied" || errorName === "Forbidden") {
+                    errors.push("Insufficient write permissions");
+                }
+                else {
+                    errors.push(`Validation error: ${error.message}`);
+                }
+            }
+            return {
+                hasAccess: false,
+                isConfigured: false,
+                errors,
+            };
+        }
+    }
+    /**
+     * Validate S3 bucket name format
+     *
+     * @param bucketName - Bucket name to validate
+     * @returns True if bucket name is valid
+     */
+    static validateBucketName(bucketName) {
+        if (!bucketName || bucketName.trim() === "") {
+            return false;
+        }
+        // S3 bucket naming rules:
+        // - 3-63 characters
+        // - lowercase letters, numbers, hyphens, dots
+        // - must start and end with letter or number
+        const bucketRegex = /^[a-z0-9][a-z0-9.-]{1,61}[a-z0-9]$/;
+        // Reject names with uppercase (invalid for S3)
+        if (bucketName !== bucketName.toLowerCase()) {
+            return false;
+        }
+        return bucketRegex.test(bucketName);
+    }
+    /**
+     * Validate AWS region format
+     *
+     * @param region - AWS region to validate
+     * @returns True if region format is valid
+     */
+    static validateRegion(region) {
+        if (!region || region.trim() === "") {
+            return false;
+        }
+        return S3BucketValidator.VALID_REGIONS.test(region);
+    }
+    /**
+     * Check if S3 bucket exists
+     *
+     * @param bucketName - Name of the bucket
+     * @param region - AWS region
+     * @param s3Client - Optional S3 client instance
+     * @returns True if bucket exists
+     */
+    static async checkBucketExists(bucketName, region, s3Client) {
+        const client = s3Client || new client_s3_1.S3Client({ region });
+        try {
+            const command = new client_s3_1.HeadBucketCommand({ Bucket: bucketName });
+            await client.send(command);
+            return true;
+        }
+        catch (error) {
+            const errorName = error.name || "";
+            if (errorName === "NoSuchBucket" || errorName === "NotFound") {
+                return false;
+            }
+            // For other errors (like AccessDenied), bucket exists but we can't access it
+            throw error;
+        }
+    }
+    /**
+     * Test write permissions on S3 bucket
+     *
+     * @param bucketName - Name of the bucket
+     * @param s3Client - S3 client instance
+     * @returns True if write permission is granted
+     */
+    static async testWritePermission(bucketName, s3Client) {
+        const testKey = `.benchling-webhook-test-${Date.now()}`;
+        try {
+            // Attempt to write a test object
+            const putCommand = new client_s3_1.PutObjectCommand({
+                Bucket: bucketName,
+                Key: testKey,
+                Body: "test",
+            });
+            await s3Client.send(putCommand);
+            // Clean up test object
+            const deleteCommand = new client_s3_1.DeleteObjectCommand({
+                Bucket: bucketName,
+                Key: testKey,
+            });
+            await s3Client.send(deleteCommand);
+            return true;
+        }
+        catch (error) {
+            const errorName = error.name || "";
+            if (errorName === "AccessDenied" || errorName === "Forbidden") {
+                return false;
+            }
+            throw error;
+        }
+    }
+    /**
+     * Test read permissions on S3 bucket
+     *
+     * @param bucketName - Name of the bucket
+     * @param s3Client - S3 client instance
+     * @returns True if read permission is granted
+     */
+    static async testReadPermission(bucketName, s3Client) {
+        const testKey = `.benchling-webhook-test-${Date.now()}`;
+        try {
+            // First, write a test object
+            const putCommand = new client_s3_1.PutObjectCommand({
+                Bucket: bucketName,
+                Key: testKey,
+                Body: "test",
+            });
+            await s3Client.send(putCommand);
+            // Attempt to read the test object
+            const getCommand = new client_s3_1.GetObjectCommand({
+                Bucket: bucketName,
+                Key: testKey,
+            });
+            await s3Client.send(getCommand);
+            // Clean up test object
+            const deleteCommand = new client_s3_1.DeleteObjectCommand({
+                Bucket: bucketName,
+                Key: testKey,
+            });
+            await s3Client.send(deleteCommand);
+            return true;
+        }
+        catch (error) {
+            const errorName = error.name || "";
+            if (errorName === "AccessDenied" || errorName === "Forbidden") {
+                return false;
+            }
+            // If we can't read, still try to clean up
+            try {
+                const deleteCommand = new client_s3_1.DeleteObjectCommand({
+                    Bucket: bucketName,
+                    Key: testKey,
+                });
+                await s3Client.send(deleteCommand);
+            }
+            catch {
+                // Ignore cleanup errors
+            }
+            throw error;
+        }
+    }
+}
+exports.S3BucketValidator = S3BucketValidator;
+/**
+ * Valid AWS region patterns
+ */
+S3BucketValidator.VALID_REGIONS = /^(us|eu|ap|sa|ca|me|af|cn|us-gov)-(north|south|east|west|central|northeast|southeast|southwest|northwest)-\d+$/;
+//# sourceMappingURL=s3-bucket-validator.js.map

package/dist/lib/s3-bucket-validator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"s3-bucket-validator.js","sourceRoot":"","sources":["../../lib/s3-bucket-validator.ts"],"names":[],"mappings":";;;AAAA,kDAA0H;AAqB1H;;;;GAIG;AACH,MAAa,iBAAiB;IAM1B;;;;;OAKG;IACI,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAsB;QAC/C,MAAM,MAAM,GAAa,EAAE,CAAC;QAE5B,8BAA8B;QAC9B,IAAI,CAAC,iBAAiB,CAAC,kBAAkB,CAAC,MAAM,CAAC,UAAU,CAAC,EAAE,CAAC;YAC3D,MAAM,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;YAC1C,OAAO;gBACH,SAAS,EAAE,KAAK;gBAChB,YAAY,EAAE,KAAK;gBACnB,MAAM;aACT,CAAC;QACN,CAAC;QAED,yBAAyB;QACzB,IAAI,CAAC,iBAAiB,CAAC,cAAc,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;YACnD,MAAM,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;YAClC,OAAO;gBACH,SAAS,EAAE,KAAK;gBAChB,YAAY,EAAE,KAAK;gBACnB,MAAM;aACT,CAAC;QACN,CAAC;QAED,mBAAmB;QACnB,MAAM,QAAQ,GAAG,IAAI,oBAAQ,CAAC,EAAE,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;QAEzD,IAAI,CAAC;YACD,yBAAyB;YACzB,MAAM,YAAY,GAAG,MAAM,iBAAiB,CAAC,iBAAiB,CAC1D,MAAM,CAAC,UAAU,EACjB,MAAM,CAAC,MAAM,EACb,QAAQ,CACX,CAAC;YAEF,IAAI,CAAC,YAAY,EAAE,CAAC;gBAChB,MAAM,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;gBACrC,OAAO;oBACH,SAAS,EAAE,KAAK;oBAChB,YAAY,EAAE,KAAK;oBACnB,MAAM;iBACT,CAAC;YACN,CAAC;YAED,yBAAyB;YACzB,MAAM,kBAAkB,GAAG,MAAM,iBAAiB,CAAC,mBAAmB,CAClE,MAAM,CAAC,UAAU,EACjB,QAAQ,CACX,CAAC;YAEF,IAAI,CAAC,kBAAkB,EAAE,CAAC;gBACtB,MAAM,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC;gBAC9C,OAAO;oBACH,SAAS,EAAE,KAAK;oBAChB,YAAY,EAAE,KAAK;oBACnB,kBAAkB,EAAE,KAAK;oBACzB,MAAM;iBACT,CAAC;YACN,CAAC;YAED,wBAAwB;YACxB,MAAM,iBAAiB,GAAG,MAAM,iBAAiB,CAAC,kBAAkB,CAChE,MAAM,CAAC,UAAU,EACjB,QAAQ,CACX,CAAC;YAEF,OAAO;gBACH,SAAS,EAAE,IAAI;gBACf,YAAY,EAAE,IAAI;gBAClB,kBAAkB;gBAClB,iBAAiB;gBACjB,MAAM,EAAE,EAAE;aACb,CAAC;QACN,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,IAAI,KAAK,YAAY,KAAK,EAAE,CAAC;gBACzB,MAAM,SAAS,GAAI,KAAyB,CAAC,IAAI,IAAI,EAAE,CAAC;gBAExD,IAAI,SAAS,KAAK,cAAc,EAAE,CAAC;oBAC/B,MAAM,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;gBACzC,CAAC;qBAAM,IAAI,SAAS,KAAK,cAAc,IAAI,SAAS,KAAK,WAAW,EAAE,CAAC;oBACnE,MAAM,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC;gBAClD,CAAC;qBAAM,CAAC;oBACJ,MAAM,CAAC,IAAI,CAAC,qBAAqB,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;gBACtD,CAAC;YACL,CAAC;YAED,OAAO;gBACH,SAAS,EAAE,KAAK;gBAChB,YAAY,EAAE,KAAK;gBACnB,MAAM;aACT,CAAC;QACN,CAAC;IACL,CAAC;IAED;;;;;OAKG;IACI,MAAM,CAAC,kBAAkB,CAAC,UAAkB;QAC/C,IAAI,CAAC,UAAU,IAAI,UAAU,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;YAC1C,OAAO,KAAK,CAAC;QACjB,CAAC;QAED,0BAA0B;QAC1B,oBAAoB;QACpB,8CAA8C;QAC9C,6CAA6C;QAC7C,MAAM,WAAW,GAAG,oCAAoC,CAAC;QAEzD,+CAA+C;QAC/C,IAAI,UAAU,KAAK,UAAU,CAAC,WAAW,EAAE,EAAE,CAAC;YAC1C,OAAO,KAAK,CAAC;QACjB,CAAC;QAED,OAAO,WAAW,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACxC,CAAC;IAED;;;;;OAKG;IACI,MAAM,CAAC,cAAc,CAAC,MAAc;QACvC,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;YAClC,OAAO,KAAK,CAAC;QACjB,CAAC;QAED,OAAO,iBAAiB,CAAC,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACxD,CAAC;IAED;;;;;;;OAOG;IACI,MAAM,CAAC,KAAK,CAAC,iBAAiB,CACjC,UAAkB,EAClB,MAAc,EACd,QAAmB;QAEnB,MAAM,MAAM,GAAG,QAAQ,IAAI,IAAI,oBAAQ,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC;QAEpD,IAAI,CAAC;YACD,MAAM,OAAO,GAAG,IAAI,6BAAiB,CAAC,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC,CAAC;YAC9D,MAAM,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAC3B,OAAO,IAAI,CAAC;QAChB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,MAAM,SAAS,GAAI,KAAyB,CAAC,IAAI,IAAI,EAAE,CAAC;YACxD,IAAI,SAAS,KAAK,cAAc,IAAI,SAAS,KAAK,UAAU,EAAE,CAAC;gBAC3D,OAAO,KAAK,CAAC;YACjB,CAAC;YACD,6EAA6E;YAC7E,MAAM,KAAK,CAAC;QAChB,CAAC;IACL,CAAC;IAED;;;;;;OAMG;IACK,MAAM,CAAC,KAAK,CAAC,mBAAmB,CACpC,UAAkB,EAClB,QAAkB;QAElB,MAAM,OAAO,GAAG,2BAA2B,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;QAExD,IAAI,CAAC;YACD,iCAAiC;YACjC,MAAM,UAAU,GAAG,IAAI,4BAAgB,CAAC;gBACpC,MAAM,EAAE,UAAU;gBAClB,GAAG,EAAE,OAAO;gBACZ,IAAI,EAAE,MAAM;aACf,CAAC,CAAC;YACH,MAAM,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAEhC,uBAAuB;YACvB,MAAM,aAAa,GAAG,IAAI,+BAAmB,CAAC;gBAC1C,MAAM,EAAE,UAAU;gBAClB,GAAG,EAAE,OAAO;aACf,CAAC,CAAC;YACH,MAAM,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;YAEnC,OAAO,IAAI,CAAC;QAChB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,MAAM,SAAS,GAAI,KAAyB,CAAC,IAAI,IAAI,EAAE,CAAC;YACxD,IAAI,SAAS,KAAK,cAAc,IAAI,SAAS,KAAK,WAAW,EAAE,CAAC;gBAC5D,OAAO,KAAK,CAAC;YACjB,CAAC;YACD,MAAM,KAAK,CAAC;QAChB,CAAC;IACL,CAAC;IAED;;;;;;OAMG;IACK,MAAM,CAAC,KAAK,CAAC,kBAAkB,CACnC,UAAkB,EAClB,QAAkB;QAElB,MAAM,OAAO,GAAG,2BAA2B,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;QAExD,IAAI,CAAC;YACD,6BAA6B;YAC7B,MAAM,UAAU,GAAG,IAAI,4BAAgB,CAAC;gBACpC,MAAM,EAAE,UAAU;gBAClB,GAAG,EAAE,OAAO;gBACZ,IAAI,EAAE,MAAM;aACf,CAAC,CAAC;YACH,MAAM,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAEhC,kCAAkC;YAClC,MAAM,UAAU,GAAG,IAAI,4BAAgB,CAAC;gBACpC,MAAM,EAAE,UAAU;gBAClB,GAAG,EAAE,OAAO;aACf,CAAC,CAAC;YACH,MAAM,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAEhC,uBAAuB;YACvB,MAAM,aAAa,GAAG,IAAI,+BAAmB,CAAC;gBAC1C,MAAM,EAAE,UAAU;gBAClB,GAAG,EAAE,OAAO;aACf,CAAC,CAAC;YACH,MAAM,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;YAEnC,OAAO,IAAI,CAAC;QAChB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,MAAM,SAAS,GAAI,KAAyB,CAAC,IAAI,IAAI,EAAE,CAAC;YACxD,IAAI,SAAS,KAAK,cAAc,IAAI,SAAS,KAAK,WAAW,EAAE,CAAC;gBAC5D,OAAO,KAAK,CAAC;YACjB,CAAC;YACD,0CAA0C;YAC1C,IAAI,CAAC;gBACD,MAAM,aAAa,GAAG,IAAI,+BAAmB,CAAC;oBAC1C,MAAM,EAAE,UAAU;oBAClB,GAAG,EAAE,OAAO;iBACf,CAAC,CAAC;gBACH,MAAM,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;YACvC,CAAC;YAAC,MAAM,CAAC;gBACL,wBAAwB;YAC5B,CAAC;YACD,MAAM,KAAK,CAAC;QAChB,CAAC;IACL,CAAC;;AA1QL,8CA2QC;AA1QG;;GAEG;AACqB,+BAAa,GAAG,gHAAgH,CAAC"}

package/dist/lib/types/config.d.ts

@@ -0,0 +1,398 @@
+/**
+ * Comprehensive Type Definitions for XDG Configuration System
+ *
+ * This module defines all TypeScript types and interfaces for the
+ * XDG-compliant configuration management system.
+ *
+ * @module types/config
+ */
+/**
+ * Configuration profile identifier
+ * Profiles allow multiple named configurations (e.g., "default", "dev", "prod")
+ */
+export type ProfileName = string;
+/**
+ * Configuration type identifier
+ */
+export type ConfigType = "user" | "derived" | "deploy" | "complete";
+/**
+ * User Configuration
+ *
+ * User-provided settings that define the core configuration.
+ * This is the primary configuration file edited by users.
+ */
+export interface UserConfig {
+    /**
+     * Quilt catalog URL (e.g., "https://quilt.example.com")
+     */
+    quiltCatalog?: string;
+    /**
+     * Quilt user bucket name for package storage
+     */
+    quiltUserBucket?: string;
+    /**
+     * Quilt database (Athena/Glue) identifier
+     */
+    quiltDatabase?: string;
+    /**
+     * Quilt CloudFormation stack ARN
+     */
+    quiltStackArn?: string;
+    /**
+     * AWS region for Quilt resources
+     */
+    quiltRegion?: string;
+    /**
+     * Benchling tenant identifier
+     */
+    benchlingTenant?: string;
+    /**
+     * Benchling OAuth client ID
+     */
+    benchlingClientId?: string;
+    /**
+     * Benchling OAuth client secret (stored in Secrets Manager in production)
+     */
+    benchlingClientSecret?: string;
+    /**
+     * Benchling app definition ID
+     */
+    benchlingAppDefinitionId?: string;
+    /**
+     * S3 bucket for Benchling package storage
+     */
+    benchlingPkgBucket?: string;
+    /**
+     * Benchling test entry ID (optional, for validation)
+     */
+    benchlingTestEntry?: string;
+    /**
+     * AWS Secrets Manager secret ARN for Benchling credentials
+     */
+    benchlingSecretArn?: string;
+    /**
+     * AWS account ID for CDK deployment
+     */
+    cdkAccount?: string;
+    /**
+     * AWS region for CDK deployment
+     */
+    cdkRegion?: string;
+    /**
+     * AWS profile to use for deployment operations
+     */
+    awsProfile?: string;
+    /**
+     * SQS queue ARN for package creation
+     */
+    queueArn?: string;
+    /**
+     * S3 key prefix for Benchling packages
+     */
+    pkgPrefix?: string;
+    /**
+     * Package metadata key (e.g., "experiment_id")
+     */
+    pkgKey?: string;
+    /**
+     * Logging level (DEBUG, INFO, WARNING, ERROR)
+     */
+    logLevel?: string;
+    /**
+     * Comma-separated IP allowlist for webhook access
+     */
+    webhookAllowList?: string;
+    /**
+     * Enable webhook signature verification
+     */
+    enableWebhookVerification?: string;
+    /**
+     * Create ECR repository flag
+     */
+    createEcrRepository?: string;
+    /**
+     * ECR repository name
+     */
+    ecrRepositoryName?: string;
+    /**
+     * Docker image tag
+     */
+    imageTag?: string;
+    /**
+     * Configuration metadata (optional)
+     */
+    _metadata?: ConfigMetadata;
+}
+/**
+ * Derived Configuration
+ *
+ * Configuration values inferred from CLI tools (e.g., quilt3 config)
+ * or computed from user configuration.
+ */
+export interface DerivedConfig extends UserConfig {
+    /**
+     * Catalog URL inferred from quilt3 CLI
+     */
+    catalogUrl?: string;
+    /**
+     * Metadata tracking inference source and timestamp
+     */
+    _metadata?: ConfigMetadata & {
+        inferredAt?: string;
+        inferredFrom?: string;
+    };
+}
+/**
+ * Deployment Configuration
+ *
+ * Configuration artifacts generated during deployment.
+ * Contains deployment-specific values like webhook URLs and stack ARNs.
+ */
+export interface DeploymentConfig extends DerivedConfig {
+    /**
+     * Deployed webhook endpoint URL
+     */
+    webhookEndpoint?: string;
+    /**
+     * Deployed webhook URL (alias for webhookEndpoint)
+     */
+    webhookUrl?: string;
+    /**
+     * CloudFormation stack ARN
+     */
+    stackArn?: string;
+    /**
+     * Deployment timestamp
+     */
+    deploymentTimestamp?: string;
+    /**
+     * ISO timestamp of deployment
+     */
+    deployedAt?: string;
+    /**
+     * Metadata tracking deployment details
+     */
+    _metadata?: ConfigMetadata & {
+        deployedAt?: string;
+        deployedBy?: string;
+        stackName?: string;
+    };
+}
+/**
+ * Configuration Metadata
+ *
+ * Tracks configuration provenance, timestamps, and versioning.
+ */
+export interface ConfigMetadata {
+    /**
+     * ISO timestamp when configuration was saved
+     */
+    savedAt?: string;
+    /**
+     * Source of configuration (e.g., "cli", "wizard", "manual")
+     */
+    source?: string;
+    /**
+     * Configuration version
+     */
+    version?: string;
+    /**
+     * Additional metadata fields
+     */
+    [key: string]: string | undefined;
+}
+/**
+ * Complete Configuration
+ *
+ * Merged configuration from all sources (user + derived + deploy).
+ */
+export type CompleteConfig = DeploymentConfig;
+/**
+ * Configuration Set
+ *
+ * Collection of configurations for merging operations.
+ */
+export interface ConfigSet {
+    user?: UserConfig;
+    derived?: DerivedConfig;
+    deploy?: DeploymentConfig;
+}
+/**
+ * Configuration Profile
+ *
+ * Named configuration with metadata for profile management.
+ */
+export interface ConfigProfile {
+    /**
+     * Profile name (e.g., "default", "dev", "prod")
+     */
+    name: ProfileName;
+    /**
+     * User configuration for this profile
+     */
+    user?: UserConfig;
+    /**
+     * Derived configuration for this profile
+     */
+    derived?: DerivedConfig;
+    /**
+     * Deployment configuration for this profile
+     */
+    deploy?: DeploymentConfig;
+    /**
+     * Profile metadata
+     */
+    metadata?: {
+        createdAt?: string;
+        updatedAt?: string;
+        description?: string;
+    };
+}
+/**
+ * Configuration Validation Result
+ *
+ * Result of configuration validation operations.
+ */
+export interface ValidationResult {
+    /**
+     * Whether the configuration is valid
+     */
+    isValid: boolean;
+    /**
+     * Validation errors (if any)
+     */
+    errors: string[];
+    /**
+     * Validation warnings (non-fatal issues)
+     */
+    warnings?: string[];
+    /**
+     * Additional validation details
+     */
+    details?: Record<string, unknown>;
+}
+/**
+ * XDG Configuration Paths
+ *
+ * File paths for XDG-compliant configuration storage.
+ */
+export interface XDGConfigPaths {
+    /**
+     * Path to user configuration file
+     */
+    userConfig: string;
+    /**
+     * Path to derived configuration file
+     */
+    derivedConfig: string;
+    /**
+     * Path to deployment configuration file
+     */
+    deployConfig: string;
+}
+/**
+ * Profile Management Options
+ */
+export interface ProfileOptions {
+    /**
+     * Base configuration directory (defaults to ~/.config/benchling-webhook)
+     */
+    baseDir?: string;
+    /**
+     * Profile name to use
+     */
+    profile?: ProfileName;
+    /**
+     * Create profile if it doesn't exist
+     */
+    createIfMissing?: boolean;
+}
+/**
+ * Configuration Read Options
+ */
+export interface ConfigReadOptions {
+    /**
+     * Configuration type to read
+     */
+    type: ConfigType;
+    /**
+     * Profile name (defaults to "default")
+     */
+    profile?: ProfileName;
+    /**
+     * Throw error if file doesn't exist
+     */
+    throwIfMissing?: boolean;
+    /**
+     * Validate schema after reading
+     */
+    validate?: boolean;
+}
+/**
+ * Configuration Write Options
+ */
+export interface ConfigWriteOptions {
+    /**
+     * Configuration type to write
+     */
+    type: ConfigType;
+    /**
+     * Profile name (defaults to "default")
+     */
+    profile?: ProfileName;
+    /**
+     * Create backup before writing
+     */
+    backup?: boolean;
+    /**
+     * Validate schema before writing
+     */
+    validate?: boolean;
+    /**
+     * Add metadata to configuration
+     */
+    addMetadata?: boolean;
+}
+/**
+ * AWS Profile Configuration
+ *
+ * Integration with AWS credentials and profiles.
+ */
+export interface AWSProfileConfig {
+    /**
+     * AWS profile name from ~/.aws/credentials
+     */
+    profileName: string;
+    /**
+     * AWS region
+     */
+    region?: string;
+    /**
+     * AWS account ID
+     */
+    accountId?: string;
+}
+/**
+ * Quilt CLI Configuration
+ *
+ * Configuration inferred from quilt3 CLI.
+ */
+export interface QuiltCLIConfig {
+    /**
+     * Catalog URL from quilt3 config
+     */
+    catalog?: string;
+    /**
+     * Default bucket from quilt3 config
+     */
+    defaultBucket?: string;
+    /**
+     * AWS region from quilt3 config
+     */
+    region?: string;
+    /**
+     * Registry URL from quilt3 config
+     */
+    registryUrl?: string;
+}
+//# sourceMappingURL=config.d.ts.map

package/dist/lib/types/config.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../../lib/types/config.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH;;;GAGG;AACH,MAAM,MAAM,WAAW,GAAG,MAAM,CAAC;AAEjC;;GAEG;AACH,MAAM,MAAM,UAAU,GAAG,MAAM,GAAG,SAAS,GAAG,QAAQ,GAAG,UAAU,CAAC;AAEpE;;;;;GAKG;AACH,MAAM,WAAW,UAAU;IACvB;;OAEG;IACH,YAAY,CAAC,EAAE,MAAM,CAAC;IAEtB;;OAEG;IACH,eAAe,CAAC,EAAE,MAAM,CAAC;IAEzB;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB;;OAEG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB;;OAEG;IACH,eAAe,CAAC,EAAE,MAAM,CAAC;IAEzB;;OAEG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAE3B;;OAEG;IACH,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAE/B;;OAEG;IACH,wBAAwB,CAAC,EAAE,MAAM,CAAC;IAElC;;OAEG;IACH,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAE5B;;OAEG;IACH,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAE5B;;OAEG;IACH,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAE5B;;OAEG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;OAEG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;OAEG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB;;OAEG;IACH,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAE1B;;OAEG;IACH,yBAAyB,CAAC,EAAE,MAAM,CAAC;IAEnC;;OAEG;IACH,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAE7B;;OAEG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAE3B;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB;;OAEG;IACH,SAAS,CAAC,EAAE,cAAc,CAAC;CAC9B;AAED;;;;;GAKG;AACH,MAAM,WAAW,aAAc,SAAQ,UAAU;IAC7C;;OAEG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,SAAS,CAAC,EAAE,cAAc,GAAG;QACzB,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,YAAY,CAAC,EAAE,MAAM,CAAC;KACzB,CAAC;CACL;AAED;;;;;GAKG;AACH,MAAM,WAAW,gBAAiB,SAAQ,aAAa;IACnD;;OAEG;IACH,eAAe,CAAC,EAAE,MAAM,CAAC;IAEzB;;OAEG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB;;OAEG;IACH,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAE7B;;OAEG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,SAAS,CAAC,EAAE,cAAc,GAAG;QACzB,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,SAAS,CAAC,EAAE,MAAM,CAAC;KACtB,CAAC;CACL;AAED;;;;GAIG;AACH,MAAM,WAAW,cAAc;IAC3B;;OAEG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB;;OAEG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB;;OAEG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB;;OAEG;IACH,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAAC;CACrC;AAED;;;;GAIG;AACH,MAAM,MAAM,cAAc,GAAG,gBAAgB,CAAC;AAE9C;;;;GAIG;AACH,MAAM,WAAW,SAAS;IACtB,IAAI,CAAC,EAAE,UAAU,CAAC;IAClB,OAAO,CAAC,EAAE,aAAa,CAAC;IACxB,MAAM,CAAC,EAAE,gBAAgB,CAAC;CAC7B;AAED;;;;GAIG;AACH,MAAM,WAAW,aAAa;IAC1B;;OAEG;IACH,IAAI,EAAE,WAAW,CAAC;IAElB;;OAEG;IACH,IAAI,CAAC,EAAE,UAAU,CAAC;IAElB;;OAEG;IACH,OAAO,CAAC,EAAE,aAAa,CAAC;IAExB;;OAEG;IACH,MAAM,CAAC,EAAE,gBAAgB,CAAC;IAE1B;;OAEG;IACH,QAAQ,CAAC,EAAE;QACP,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,WAAW,CAAC,EAAE,MAAM,CAAC;KACxB,CAAC;CACL;AAED;;;;GAIG;AACH,MAAM,WAAW,gBAAgB;IAC7B;;OAEG;IACH,OAAO,EAAE,OAAO,CAAC;IAEjB;;OAEG;IACH,MAAM,EAAE,MAAM,EAAE,CAAC;IAEjB;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IAEpB;;OAEG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACrC;AAED;;;;GAIG;AACH,MAAM,WAAW,cAAc;IAC3B;;OAEG;IACH,UAAU,EAAE,MAAM,CAAC;IAEnB;;OAEG;IACH,aAAa,EAAE,MAAM,CAAC;IAEtB;;OAEG;IACH,YAAY,EAAE,MAAM,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC3B;;OAEG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB;;OAEG;IACH,OAAO,CAAC,EAAE,WAAW,CAAC;IAEtB;;OAEG;IACH,eAAe,CAAC,EAAE,OAAO,CAAC;CAC7B;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAC9B;;OAEG;IACH,IAAI,EAAE,UAAU,CAAC;IAEjB;;OAEG;IACH,OAAO,CAAC,EAAE,WAAW,CAAC;IAEtB;;OAEG;IACH,cAAc,CAAC,EAAE,OAAO,CAAC;IAEzB;;OAEG;IACH,QAAQ,CAAC,EAAE,OAAO,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IAC/B;;OAEG;IACH,IAAI,EAAE,UAAU,CAAC;IAEjB;;OAEG;IACH,OAAO,CAAC,EAAE,WAAW,CAAC;IAEtB;;OAEG;IACH,MAAM,CAAC,EAAE,OAAO,CAAC;IAEjB;;OAEG;IACH,QAAQ,CAAC,EAAE,OAAO,CAAC;IAEnB;;OAEG;IACH,WAAW,CAAC,EAAE,OAAO,CAAC;CACzB;AAED;;;;GAIG;AACH,MAAM,WAAW,gBAAgB;IAC7B;;OAEG;IACH,WAAW,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;;;GAIG;AACH,MAAM,WAAW,cAAc;IAC3B;;OAEG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB;;OAEG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB;;OAEG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;CACxB"}

package/dist/lib/types/config.js

@@ -0,0 +1,11 @@
+"use strict";
+/**
+ * Comprehensive Type Definitions for XDG Configuration System
+ *
+ * This module defines all TypeScript types and interfaces for the
+ * XDG-compliant configuration management system.
+ *
+ * @module types/config
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=config.js.map

package/dist/lib/types/config.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.js","sourceRoot":"","sources":["../../../lib/types/config.ts"],"names":[],"mappings":";AAAA;;;;;;;GAOG"}