@suronai/sdk 0.1.36 → 0.1.38

package/package.json

@@ -1,28 +1,20 @@
-{
-  "name": "@suronai/sdk",
-  "version": "0.1.36",
-  "description": "App SDK for Suron — await vault() to load secrets",
-  "type": "module",
-  "main": "./src/index.js",
-  "types": "./index.d.ts",
-  "exports": {
-    ".": {
-      "types": "./index.d.ts",
-      "default": "./src/index.js"
-    }
-  },
-  "files": [
-    "src",
-    "index.d.ts"
-  ],
-  "scripts": {
-    "build": "node --check src/index.js src/vault.js src/errors.js src/poll.js src/decrypt.js",
-    "lint": "node --check src/index.js src/vault.js src/errors.js src/poll.js src/decrypt.js"
-  },
-  "dependencies": {
-    "@dotenvx/dotenvx": "latest"
-  },
-  "engines": {
-    "node": ">=18.0.0"
-  }
-}
+{
+  "name": "@suronai/sdk",
+  "version": "0.1.38",
+  "description": "Suron SDK — boot-gated secrets delivery",
+  "type": "module",
+  "main": "./src/index.js",
+  "exports": {
+    ".": "./src/index.js"
+  },
+  "files": [
+    "src"
+  ],
+  "scripts": {
+    "test": "node src/index.js"
+  },
+  "engines": {
+    "node": ">=18.0.0"
+  },
+  "dependencies": {}
+}

package/src/decrypt.js

@@ -1,29 +1,14 @@
-import { parse as dotenvxParse } from "@dotenvx/dotenvx";
-import { readFileSync } from "fs";
-import { join } from "path";
-
-/**
- * Decrypts the encrypted .env (in envDir) into process.env using dotenvx.
- *
- * We use dotenvx.parse(src, { privateKey }) rather than config():
- *   - parse() is the documented API that accepts privateKey directly
- *   - It decrypts in-memory without touching process.env or requiring
- *     DOTENV_PRIVATE_KEY to be set anywhere
- *   - We then assign the decrypted values into process.env ourselves,
- *     which is explicit and race-condition-free
- *
- * @param {string} privateKey  - 64-char hex secp256k1 private key from Suron
- * @param {string} envDir      - Directory containing the encrypted .env file
- */
-export function decryptEnv(privateKey, envDir = process.cwd()) {
-  const envPath = join(envDir, ".env");
-  const src = readFileSync(envPath, "utf-8");
-  const parsed = dotenvxParse(src, { privateKey });
-  for (const [key, value] of Object.entries(parsed)) {
-    // Skip dotenvx's own metadata keys — these are infrastructure, not app secrets.
-    // DOTENV_PUBLIC_KEY is stored in plaintext in the .env file by dotenvx and
-    // would otherwise pollute the app's runtime environment.
-    if (key.startsWith("DOTENV_PUBLIC_KEY") || key.startsWith("DOTENV_PRIVATE_KEY")) continue;
-    process.env[key] = value;
+export function parseEnv(plaintext) {
+  for (const line of plaintext.split("\n")) {
+    const trimmed = line.trim();
+    if (!trimmed || trimmed.startsWith("#")) continue;
+    const eq = trimmed.indexOf("=");
+    if (eq === -1) continue;
+    const key = trimmed.slice(0, eq).trim();
+    let val = trimmed.slice(eq + 1).trim();
+    if ((val.startsWith('"') && val.endsWith('"')) || (val.startsWith("'") && val.endsWith("'"))) {
+      val = val.slice(1, -1);
+    }
+    if (key) process.env[key] = val;
   }
 }

package/src/vault.js

@@ -1,104 +1,74 @@
 import { existsSync, readFileSync } from "fs";
 import { join } from "path";
 import { SuronConfigError, SuronAppNotFoundError, SuronRateLimitError, SuronDeniedError, SuronTimeoutError } from "./errors.js";
-import { pollUntilApproved } from "./poll.js";
-import { decryptEnv } from "./decrypt.js";
+import { parseEnv } from "./decrypt.js";
 
-/**
- * @typedef {Object} VaultOptions
- * @property {string} [configPath]   - Dir containing .suron.json. Default: process.cwd()
- * @property {number} [timeout]      - Ms to wait for Telegram approval. Default: 300000
- * @property {number} [pollInterval] - Ms between status polls. Default: 3000
- */
+const BASE_URL = "https://suronai.com";
 
-/**
- * Reads and validates .suron.json from the given directory.
- * @param {string} dir
- * @returns {{ app: string, id: string, api_url?: string }}
- */
 function readSuronJson(dir) {
   const path = join(dir, ".suron.json");
-  if (!existsSync(path)) {
-    throw new SuronConfigError(`.suron.json not found in ${dir}. Run: suron init`);
-  }
-  let raw;
-  try {
-    raw = readFileSync(path, "utf-8");
-  } catch (err) {
-    throw new SuronConfigError(`.suron.json could not be read: ${err}`);
-  }
+  if (!existsSync(path)) throw new SuronConfigError(`.suron.json not found in ${dir}. Run: suron init`);
   let parsed;
-  try {
-    parsed = JSON.parse(raw);
-  } catch {
+  try { parsed = JSON.parse(readFileSync(path, "utf-8")); } catch {
     throw new SuronConfigError(".suron.json is malformed JSON");
   }
-  const app = typeof parsed.app === "string" ? parsed.app.trim() : "";
-  const id  = typeof parsed.id  === "string" ? parsed.id.trim()  : "";
-  if (!app || !id) {
-    throw new SuronConfigError(".suron.json is missing 'app' or 'id' field");
-  }
-  parsed.app = app;
-  parsed.id  = id;
-  return parsed;
+  const app_id = typeof parsed.app_id === "string" ? parsed.app_id.trim() : "";
+  const version = typeof parsed.version === "string" ? parsed.version.trim() : "";
+  if (!app_id || !version) throw new SuronConfigError(".suron.json is missing 'app_id' or 'version'");
+  return { app_id, version, app_name: parsed.app_name };
 }
 
-/**
- * Sends a boot request and returns the request_id.
- * @param {string} apiUrl
- * @param {string} appId
- * @returns {Promise<string>}
- */
-async function requestAccess(apiUrl, appId) {
+async function requestAccess(app_id) {
   let res;
   try {
-    res = await fetch(`${apiUrl}/request-access`, {
+    res = await fetch(`${BASE_URL}/request-access`, {
       method: "POST",
       headers: { "Content-Type": "application/json" },
-      body: JSON.stringify({ app_id: appId }),
+      body: JSON.stringify({ app_id }),
     });
   } catch (err) {
-    throw new Error(`Could not reach Suron API (${apiUrl}): ${err.message}`);
+    throw new Error(`Could not reach Suron API: ${err.message}`);
   }
-
-  if (res.status === 404) throw new SuronAppNotFoundError("App not found in Suron. Run: suron init");
+  if (res.status === 404) throw new SuronAppNotFoundError("App not found. Run: suron init");
   if (res.status === 429) throw new SuronRateLimitError("Rate limit exceeded — max 20 boot requests per app per hour.");
   if (!res.ok) {
     const text = await res.text().catch(() => "");
-    throw new Error(`Suron /request-access failed (${res.status}): ${text}`);
+    throw new Error(`/request-access failed (${res.status}): ${text}`);
   }
-
   const { request_id } = await res.json();
   return request_id;
 }
 
-/**
- * Fetches the private key after approval. Single-use.
- * @param {string} apiUrl
- * @param {string} requestId
- * @returns {Promise<string>}
- */
-async function fetchKey(apiUrl, requestId) {
-  const res = await fetch(`${apiUrl}/fetch-key`, {
-    method: "POST",
-    headers: { "Content-Type": "application/json" },
-    body: JSON.stringify({ request_id: requestId }),
+async function pollUntilApproved(request_id, timeout, pollInterval) {
+  const deadline = Date.now() + timeout;
+  while (Date.now() < deadline) {
+    await new Promise(r => setTimeout(r, pollInterval));
+    let res;
+    try { res = await fetch(`${BASE_URL}/status?request_id=${encodeURIComponent(request_id)}`); } catch { continue; }
+    if (!res.ok) continue;
+    let status;
+    try { ({ status } = await res.json()); } catch { continue; }
+    if (status === "approved") return;
+    if (status === "denied") throw new SuronDeniedError("Boot denied.");
+  }
+  throw new SuronTimeoutError(`No approval received within ${timeout / 1000}s.`);
+}
+
+async function fetchVersion(app_id, version, request_id) {
+  const res = await fetch(`${BASE_URL}/apps/${app_id}/versions/${version}`, {
+    headers: {
+      "Content-Type": "application/json",
+      "X-Request-Id": request_id,
+    },
   });
   if (!res.ok) {
     const data = await res.json().catch(() => ({}));
-    throw new Error(`Suron /fetch-key failed (${res.status}): ${data.error ?? "unknown"}`);
+    throw new Error(`/apps/${app_id}/versions/${version} failed (${res.status}): ${data.error ?? "unknown"}`);
   }
-  const { private_key } = await res.json();
-  return private_key;
+  const { env_plaintext } = await res.json();
+  return env_plaintext;
 }
 
-/**
- * Waits for Telegram approval, then decrypts .env into process.env.
- * Runs silently — no stdout output under any circumstances.
- * Must be awaited before any code that reads process.env.
- * @param {VaultOptions} [options]
- * @returns {Promise<void>}
- */
 export async function vault(options = {}) {
   const {
     configPath   = process.cwd(),
@@ -106,44 +76,22 @@ export async function vault(options = {}) {
     pollInterval = 3_000,
   } = options;
 
-  const suronJson = readSuronJson(configPath);
-
-  const rawUrl = process.env.SURON_API_URL ?? suronJson.api_url;
-  if (!rawUrl) throw new SuronConfigError("SURON_API_URL not set. Run: suron login");
-  const apiUrl = rawUrl.replace(/\/$/, "");
-
-  const requestId = await requestAccess(apiUrl, suronJson.id);
-
-  await pollUntilApproved(apiUrl, requestId, timeout, pollInterval);
-
-  let privateKey = await fetchKey(apiUrl, requestId);
-  decryptEnv(privateKey, configPath);
-  // JS strings are immutable — assigning "" does not overwrite heap memory.
-  // The reference is dropped here so the GC can reclaim it normally.
-  privateKey = ""; // drop reference
+  const { app_id, version } = readSuronJson(configPath);
+  const request_id = await requestAccess(app_id);
+  await pollUntilApproved(request_id, timeout, pollInterval);
+  const env_plaintext = await fetchVersion(app_id, version, request_id);
+  parseEnv(env_plaintext);
 }
 
-/**
- * Drop-in safe wrapper around vault().
- * Handles all known Suron errors (including SuronRateLimitError) with
- * a console.error + process.exit(1). Unknown errors are re-thrown.
- *
- * Usage:
- *   import { config } from "@suronai/sdk";
- *   await config();
- *
- * @param {VaultOptions} [options]
- * @returns {Promise<void>}
- */
 export async function config(options = {}) {
   try {
     await vault(options);
   } catch (err) {
-    if (err instanceof SuronDeniedError)      { console.error("[suron] Boot denied.");                    process.exit(1); }
-    if (err instanceof SuronTimeoutError)     { console.error("[suron] Approval timed out.");             process.exit(1); }
-    if (err instanceof SuronRateLimitError)   { console.error("[suron]", err.message);                    process.exit(1); }
-    if (err instanceof SuronConfigError)      { console.error("[suron]", err.message);                    process.exit(1); }
-    if (err instanceof SuronAppNotFoundError) { console.error("[suron]", err.message);                    process.exit(1); }
+    if (err instanceof SuronDeniedError)      { process.stderr.write("[suron] Boot denied.\n");            process.exit(1); }
+    if (err instanceof SuronTimeoutError)     { process.stderr.write("[suron] Approval timed out.\n");     process.exit(1); }
+    if (err instanceof SuronRateLimitError)   { process.stderr.write(`[suron] ${err.message}\n`);          process.exit(1); }
+    if (err instanceof SuronConfigError)      { process.stderr.write(`[suron] ${err.message}\n`);          process.exit(1); }
+    if (err instanceof SuronAppNotFoundError) { process.stderr.write(`[suron] ${err.message}\n`);          process.exit(1); }
     throw err;
   }
 }

package/README.md

@@ -1,131 +0,0 @@
-# @suronai/sdk
-
-Runtime SDK for [Suron](https://suronai.com) — a drop-in replacement for `dotenv` that gates every app boot behind a Telegram approval before secrets are decrypted into `process.env`.
-
-## Install
-
-```bash
-npm install @suronai/sdk
-```
-
-Requires Node.js 18+. Run [`suron init`](https://www.npmjs.com/package/@suronai/cli) in your project first.
-
----
-
-## Usage
-
-Replace your `dotenv` bootstrap at the very top of your entry point, before any `process.env` access:
-
-```js
-// before
-import { config } from 'dotenv'
-config()
-
-// after
-import { config } from '@suronai/sdk'
-await config()
-```
-
-That's it. When your app starts:
-
-1. Suron sends a message to your Telegram bot with an **Approve / Deny** button
-2. `await config()` blocks until you tap Approve
-3. Secrets are decrypted into `process.env` — your app continues normally
-4. If you tap Deny, or the timeout expires, the process exits with a clear message
-
-`suron init` can patch this automatically — it detects `dotenv` in your entry point and offers to replace it interactively.
-
----
-
-## Requirements
-
-- `.suron.json` in the working directory — created by `suron init`
-- Encrypted `.env` in the working directory — created by `suron init`
-- No extra environment variables needed — the API URL is stored in `.suron.json`
-
----
-
-## API
-
-### `config(options?)`
-
-Drop-in safe wrapper. Handles all known Suron errors with `console.error` + `process.exit(1)`. Only unexpected errors are re-thrown.
-
-```js
-import { config } from '@suronai/sdk'
-await config()
-```
-
-### `vault(options?)`
-
-Same as `config()` but throws on all errors, giving you full control over error handling:
-
-```js
-import { vault, SuronDeniedError, SuronTimeoutError, SuronConfigError, SuronAppNotFoundError } from '@suronai/sdk'
-
-try {
-  await vault()
-} catch (err) {
-  if (err instanceof SuronDeniedError)      { console.error('[suron] Boot denied.');        process.exit(1) }
-  if (err instanceof SuronTimeoutError)     { console.error('[suron] Approval timed out.'); process.exit(1) }
-  if (err instanceof SuronConfigError)      { console.error('[suron]', err.message);        process.exit(1) }
-  if (err instanceof SuronAppNotFoundError) { console.error('[suron]', err.message);        process.exit(1) }
-  throw err
-}
-```
-
-### Options
-
-Both `config()` and `vault()` accept the same options object:
-
-```js
-await config({
-  configPath:   '/custom/path', // dir containing .suron.json — default: process.cwd()
-  timeout:      300_000,        // ms to wait for Telegram approval — default: 5 minutes
-  pollInterval: 3_000,          // ms between /status polls — default: 3s
-})
-```
-
----
-
-## Errors
-
-| Class | Thrown when |
-|---|---|
-| `SuronConfigError` | `.suron.json` missing, malformed, or `SURON_API_URL` not set |
-| `SuronAppNotFoundError` | App not registered — run `suron init` |
-| `SuronRateLimitError` | More than 20 boot requests in 1 hour |
-| `SuronDeniedError` | You tapped Deny in Telegram |
-| `SuronTimeoutError` | No approval received within the timeout |
-
-`config()` exits the process for all errors except `SuronRateLimitError` and unknown errors, which are re-thrown. `vault()` always throws.
-
----
-
-## How it works
-
-```
-await config()
-  └─ reads .suron.json             # gets app_id and api_url
-  └─ POST /request-access          # triggers Telegram approval message
-  └─ GET  /status (polling)        # waits for Approve / Deny tap
-  └─ POST /fetch-key               # retrieves private key (single-use token)
-  └─ dotenvx.parse(.env, key)      # decrypts secrets into process.env
-```
-
-The private key never touches disk during runtime. It's received in memory, used to decrypt, and the reference is dropped immediately after.
-
----
-
-## Security
-
-- The SDK reads only `.suron.json` for the `app_id` — no access to `~/.suron-config`
-- The `MASTER_KEY` lives exclusively inside the Convex deployment — the SDK never sees it
-- `/fetch-key` is single-use — the token is consumed on first retrieval
-- `DOTENV_PUBLIC_KEY` and `DOTENV_PRIVATE_KEY` are filtered out of `process.env` after decryption
-
----
-
-## Related
-
-- [`@suronai/cli`](https://www.npmjs.com/package/@suronai/cli) — the CLI for setup and key rotation

package/index.d.ts

@@ -1,37 +0,0 @@
-export interface VaultOptions {
-  /** Directory containing .suron.json. Default: process.cwd() */
-  configPath?: string;
-  /** Milliseconds to wait for Telegram approval. Default: 300000 (5 min) */
-  timeout?: number;
-  /** Milliseconds between status polls. Default: 3000 */
-  pollInterval?: number;
-}
-
-/**
- * Drop-in replacement for `dotenv`'s config().
- *
- * Waits for Telegram approval, then decrypts .env into process.env.
- * Handles all known Suron errors with console.error + process.exit(1).
- * Unknown errors are re-thrown.
- *
- * Usage:
- *   import { config } from '@suronai/sdk'
- *   await config()
- *
- * Must be awaited before any code that reads process.env.
- */
-export function config(options?: VaultOptions): Promise<void>;
-
-/**
- * Low-level vault. Waits for Telegram approval, then decrypts .env into process.env.
- * Throws on all errors — use config() if you want automatic error handling.
- * Must be awaited before any code that reads process.env.
- */
-export function vault(options?: VaultOptions): Promise<void>;
-
-export class SuronError extends Error {}
-export class SuronConfigError extends SuronError {}
-export class SuronAppNotFoundError extends SuronError {}
-export class SuronRateLimitError extends SuronError {}
-export class SuronDeniedError extends SuronError {}
-export class SuronTimeoutError extends SuronError {}

package/src/poll.js

@@ -1,55 +0,0 @@
-import { SuronDeniedError, SuronTimeoutError } from "./errors.js";
-
-/**
- * Polls /status until the request is approved, denied, or times out.
- * @param {string} apiUrl
- * @param {string} requestId
- * @param {number} [timeout]
- * @param {number} [pollInterval]
- * @returns {Promise<void>}
- */
-export async function pollUntilApproved(
-  apiUrl,
-  requestId,
-  timeout      = 300_000,
-  pollInterval = 3_000
-) {
-  const deadline = Date.now() + timeout;
-
-  while (Date.now() < deadline) {
-    await sleep(pollInterval);
-
-    let res;
-    try {
-      res = await fetch(`${apiUrl}/status?request_id=${encodeURIComponent(requestId)}`);
-    } catch {
-      // Network hiccup — keep polling
-      continue;
-    }
-
-    if (!res.ok) continue; // Transient error — keep polling
-
-    let status;
-    try {
-      ({ status } = await res.json());
-    } catch {
-      // Malformed JSON — treat as transient and keep polling
-      continue;
-    }
-
-    if (status === "approved") return;
-    if (status === "denied") {
-      throw new SuronDeniedError("Boot denied — you tapped Deny in Telegram.");
-    }
-    // "pending" → keep polling
-  }
-
-  throw new SuronTimeoutError(
-    `No Telegram approval received within ${timeout / 1000}s.`
-  );
-}
-
-/** @param {number} ms @returns {Promise<void>} */
-function sleep(ms) {
-  return new Promise((resolve) => setTimeout(resolve, ms));
-}