@townco/secret 0.1.8 → 0.1.10

package/dist/index.js

@@ -1,130 +1,137 @@
 import * as path from "node:path";
 import { EnvFile } from "./env-file";
 import { OnePassword } from "./onepassword";
+
 export { EnvFile } from "./env-file";
 export { OnePassword as OpItem } from "./onepassword";
+
 const ROOT_MARKER = ".root";
 const SECRET_FILE = ".env.in";
 const OP_VAULT = "app";
 const OP_ITEM = "dev";
 const findRoot = async (start = ".") => {
-    const startResolved = path.resolve(start);
-    const rootPath = path.join(startResolved, ROOT_MARKER);
-    if (await Bun.file(rootPath).exists())
-        return startResolved;
-    const parent = path.dirname(startResolved);
-    if (parent === "/") {
-        throw new Error("No root found");
-    }
-    return await findRoot(parent);
-};
-const withOpSignIn = (fn) => async (...args) => {
-    await OnePassword.signin();
-    return fn(...args);
+	const startResolved = path.resolve(start);
+	const rootPath = path.join(startResolved, ROOT_MARKER);
+	if (await Bun.file(rootPath).exists()) return startResolved;
+	const parent = path.dirname(startResolved);
+	if (parent === "/") {
+		throw new Error("No root found");
+	}
+	return await findRoot(parent);
 };
+const withOpSignIn =
+	(fn) =>
+	async (...args) => {
+		await OnePassword.signin();
+		return fn(...args);
+	};
 const readEnvFile = async (filePath) => {
-    const content = await Bun.file(filePath).text();
-    return EnvFile.parse(content);
+	const content = await Bun.file(filePath).text();
+	return EnvFile.parse(content);
 };
 const writeEnvFile = async (filePath, envFile) => {
-    await Bun.write(filePath, envFile.toString());
-};
-const withEnvFile = (fn) => async (...args) => {
-    const filePath = path.join(await findRoot(), SECRET_FILE);
-    const envFile = await readEnvFile(filePath);
-    const originalRecord = envFile.toRecord();
-    const result = fn({ ...originalRecord }, ...args);
-    // If the result is a Record<string, string>, write it back
-    if (result && typeof result === "object" && !Array.isArray(result)) {
-        const resultRecord = result;
-        // Check if this looks like a secrets record (all string values)
-        const isSecretsRecord = Object.values(resultRecord).every((v) => typeof v === "string");
-        if (isSecretsRecord) {
-            const resultSecrets = resultRecord;
-            // Delete keys that are in original but not in result
-            for (const key of Object.keys(originalRecord)) {
-                if (!(key in resultSecrets)) {
-                    envFile.delete(key);
-                }
-            }
-            // Update or add keys from result
-            for (const [key, value] of Object.entries(resultSecrets)) {
-                envFile.set(key, value);
-            }
-            await writeEnvFile(filePath, envFile);
-        }
-    }
-    return result;
+	await Bun.write(filePath, envFile.toString());
 };
+const withEnvFile =
+	(fn) =>
+	async (...args) => {
+		const filePath = path.join(await findRoot(), SECRET_FILE);
+		const envFile = await readEnvFile(filePath);
+		const originalRecord = envFile.toRecord();
+		const result = fn({ ...originalRecord }, ...args);
+		// If the result is a Record<string, string>, write it back
+		if (result && typeof result === "object" && !Array.isArray(result)) {
+			const resultRecord = result;
+			// Check if this looks like a secrets record (all string values)
+			const isSecretsRecord = Object.values(resultRecord).every(
+				(v) => typeof v === "string",
+			);
+			if (isSecretsRecord) {
+				const resultSecrets = resultRecord;
+				// Delete keys that are in original but not in result
+				for (const key of Object.keys(originalRecord)) {
+					if (!(key in resultSecrets)) {
+						envFile.delete(key);
+					}
+				}
+				// Update or add keys from result
+				for (const [key, value] of Object.entries(resultSecrets)) {
+					envFile.set(key, value);
+				}
+				await writeEnvFile(filePath, envFile);
+			}
+		}
+		return result;
+	};
 export const listSecrets = withOpSignIn(async () => {
-    const root = await findRoot();
-    const filePath = path.join(root, SECRET_FILE);
-    const envFile = await readEnvFile(filePath);
-    const secrets = envFile.toRecord();
-    // Fetch the dev item using OpItem
-    const opItem = await OnePassword.fetch(OP_VAULT, OP_ITEM);
-    const validations = [];
-    for (const [key, value] of Object.entries(secrets)) {
-        // Strip quotes from value if present
-        let unquotedValue = value;
-        if (value.startsWith('"') && value.endsWith('"')) {
-            unquotedValue = value.slice(1, -1);
-        }
-        const validation = {
-            key,
-            value: unquotedValue,
-            valid: true,
-        };
-        if (!validation.value.startsWith("op://")) {
-            validations.push(validation);
-            continue;
-        }
-        // Check if field exists in 1Password item
-        if (opItem.has(key)) {
-            validation.valid = false;
-            validation.error = `Field '${key}' not found in 1Password item`;
-            validations.push(validation);
-            continue;
-        }
-        // Build expected op:// reference
-        const expectedRef = opItem.getReference(key);
-        // Compare the value from .env.in with expected reference
-        if (unquotedValue !== expectedRef) {
-            validation.valid = false;
-            validation.error = `Reference mismatch: expected '${expectedRef}', got '${unquotedValue}'`;
-            validations.push(validation);
-            continue;
-        }
-        validations.push(validation);
-    }
-    return validations;
+	const root = await findRoot();
+	const filePath = path.join(root, SECRET_FILE);
+	const envFile = await readEnvFile(filePath);
+	const secrets = envFile.toRecord();
+	// Fetch the dev item using OpItem
+	const opItem = await OnePassword.fetch(OP_VAULT, OP_ITEM);
+	const validations = [];
+	for (const [key, value] of Object.entries(secrets)) {
+		// Strip quotes from value if present
+		let unquotedValue = value;
+		if (value.startsWith('"') && value.endsWith('"')) {
+			unquotedValue = value.slice(1, -1);
+		}
+		const validation = {
+			key,
+			value: unquotedValue,
+			valid: true,
+		};
+		if (!validation.value.startsWith("op://")) {
+			validations.push(validation);
+			continue;
+		}
+		// Check if field exists in 1Password item
+		if (opItem.has(key)) {
+			validation.valid = false;
+			validation.error = `Field '${key}' not found in 1Password item`;
+			validations.push(validation);
+			continue;
+		}
+		// Build expected op:// reference
+		const expectedRef = opItem.getReference(key);
+		// Compare the value from .env.in with expected reference
+		if (unquotedValue !== expectedRef) {
+			validation.valid = false;
+			validation.error = `Reference mismatch: expected '${expectedRef}', got '${unquotedValue}'`;
+			validations.push(validation);
+			continue;
+		}
+		validations.push(validation);
+	}
+	return validations;
 });
 export const createSecret = withOpSignIn(async (name, value) => {
-    // Fetch the item, update it, and sync
-    const opItem = await OnePassword.fetch(OP_VAULT, OP_ITEM);
-    opItem.set(name, value);
-    await opItem.sync();
-    // Update the env file with the secret reference
-    await withEnvFile((secrets) => {
-        secrets[name] = opItem.getReference(name);
-        return secrets;
-    })();
+	// Fetch the item, update it, and sync
+	const opItem = await OnePassword.fetch(OP_VAULT, OP_ITEM);
+	opItem.set(name, value);
+	await opItem.sync();
+	// Update the env file with the secret reference
+	await withEnvFile((secrets) => {
+		secrets[name] = opItem.getReference(name);
+		return secrets;
+	})();
 });
 export const deleteSecret = withOpSignIn(async (name) => {
-    // Fetch the item, delete the field, and sync
-    const opItem = await OnePassword.fetch(OP_VAULT, OP_ITEM);
-    opItem.delete(name);
-    await opItem.sync();
-    // Update the env file by removing the secret
-    await withEnvFile((secrets, fieldName) => {
-        delete secrets[fieldName];
-        return secrets;
-    })(name);
+	// Fetch the item, delete the field, and sync
+	const opItem = await OnePassword.fetch(OP_VAULT, OP_ITEM);
+	opItem.delete(name);
+	await opItem.sync();
+	// Update the env file by removing the secret
+	await withEnvFile((secrets, fieldName) => {
+		delete secrets[fieldName];
+		return secrets;
+	})(name);
 });
 export const genenv = withOpSignIn(async () => {
-    const root = await findRoot();
-    const inputPath = path.join(root, SECRET_FILE);
-    const outputPath = path.join(root, ".env");
-    // Use OpItem to inject and resolve secret references
-    await OnePassword.inject(inputPath, outputPath);
+	const root = await findRoot();
+	const inputPath = path.join(root, SECRET_FILE);
+	const outputPath = path.join(root, ".env");
+	// Use OpItem to inject and resolve secret references
+	await OnePassword.inject(inputPath, outputPath);
 });

package/dist/onepassword.d.ts

@@ -2,101 +2,107 @@ import type { FullItem } from "@1password/connect";
 /**
  * Represents a change to be made to a 1Password item
  */
-type OnePasswordChange = {
-    type: "add";
-    key: string;
-    value: string;
-} | {
-    type: "update";
-    key: string;
-    value: string;
-} | {
-    type: "delete";
-    key: string;
-};
+type OnePasswordChange =
+	| {
+			type: "add";
+			key: string;
+			value: string;
+	  }
+	| {
+			type: "update";
+			key: string;
+			value: string;
+	  }
+	| {
+			type: "delete";
+			key: string;
+	  };
 /**
  * A data structure that represents a 1Password item and provides
  * methods to detect changes and generate appropriate `op` CLI commands.
  */
 export declare class OnePassword {
-    private vault;
-    private item;
-    private fields;
-    private originalFields;
-    constructor(vault: string, item: string, fields?: Map<string, string>);
-    /**
-     * Create an OpItem from a 1Password FullItem JSON response
-     */
-    static fromFullItem(vault: string, itemName: string, fullItem: FullItem): OnePassword;
-    /**
-     * Fetch an OpItem from 1Password using the CLI
-     */
-    static fetch(vault: string, item: string): Promise<OnePassword>;
-    /**
-     * Sign in to 1Password CLI
-     */
-    static signin(): Promise<void>;
-    /**
-     * Get a field value
-     */
-    get(key: string): string | undefined;
-    /**
-     * Set a field value (marks as changed)
-     */
-    set(key: string, value: string): this;
-    /**
-     * Delete a field (marks as deleted)
-     */
-    delete(key: string): this;
-    /**
-     * Check if a field exists
-     */
-    has(key: string): boolean;
-    /**
-     * Get all field keys
-     */
-    keys(): string[];
-    /**
-     * Get all fields as a record
-     */
-    toRecord(): Record<string, string>;
-    /**
-     * Get all field entries
-     */
-    entries(): IterableIterator<[string, string]>;
-    /**
-     * Build an op:// reference for a field
-     */
-    getReference(key: string): string;
-    /**
-     * Detect changes between original and current state
-     */
-    detectChanges(): OnePasswordChange[];
-    /**
-     * Generate op CLI arguments for a single change
-     */
-    private buildEditArgs;
-    /**
-     * Apply all changes to 1Password using the op CLI
-     * Returns the number of changes applied
-     */
-    sync(): Promise<number>;
-    /**
-     * Inject secrets from a template file to an output file
-     * This resolves op:// references to actual values
-     */
-    static inject(inputPath: string, outputPath: string): Promise<void>;
-    /**
-     * Create a clone of this OpItem
-     */
-    clone(): OnePassword;
-    /**
-     * Reset to original state (discard changes)
-     */
-    reset(): this;
-    /**
-     * Check if there are unsaved changes
-     */
-    hasChanges(): boolean;
+	private vault;
+	private item;
+	private fields;
+	private originalFields;
+	constructor(vault: string, item: string, fields?: Map<string, string>);
+	/**
+	 * Create an OpItem from a 1Password FullItem JSON response
+	 */
+	static fromFullItem(
+		vault: string,
+		itemName: string,
+		fullItem: FullItem,
+	): OnePassword;
+	/**
+	 * Fetch an OpItem from 1Password using the CLI
+	 */
+	static fetch(vault: string, item: string): Promise<OnePassword>;
+	/**
+	 * Sign in to 1Password CLI
+	 */
+	static signin(): Promise<void>;
+	/**
+	 * Get a field value
+	 */
+	get(key: string): string | undefined;
+	/**
+	 * Set a field value (marks as changed)
+	 */
+	set(key: string, value: string): this;
+	/**
+	 * Delete a field (marks as deleted)
+	 */
+	delete(key: string): this;
+	/**
+	 * Check if a field exists
+	 */
+	has(key: string): boolean;
+	/**
+	 * Get all field keys
+	 */
+	keys(): string[];
+	/**
+	 * Get all fields as a record
+	 */
+	toRecord(): Record<string, string>;
+	/**
+	 * Get all field entries
+	 */
+	entries(): IterableIterator<[string, string]>;
+	/**
+	 * Build an op:// reference for a field
+	 */
+	getReference(key: string): string;
+	/**
+	 * Detect changes between original and current state
+	 */
+	detectChanges(): OnePasswordChange[];
+	/**
+	 * Generate op CLI arguments for a single change
+	 */
+	private buildEditArgs;
+	/**
+	 * Apply all changes to 1Password using the op CLI
+	 * Returns the number of changes applied
+	 */
+	sync(): Promise<number>;
+	/**
+	 * Inject secrets from a template file to an output file
+	 * This resolves op:// references to actual values
+	 */
+	static inject(inputPath: string, outputPath: string): Promise<void>;
+	/**
+	 * Create a clone of this OpItem
+	 */
+	clone(): OnePassword;
+	/**
+	 * Reset to original state (discard changes)
+	 */
+	reset(): this;
+	/**
+	 * Check if there are unsaved changes
+	 */
+	hasChanges(): boolean;
 }
-export {};