@uagents/syncenv-cli 0.1.1

package/dist/chunk-OVEYHV4C.js

@@ -0,0 +1,333 @@
+// src/config/index.ts
+import fs from "fs/promises";
+import path from "path";
+import { SyncEnvClient, ApiError } from "@uagents/syncenv-client";
+import chalk from "chalk";
+import Conf from "conf";
+import yaml from "js-yaml";
+import { z } from "zod";
+var ProjectConfigSchema = z.object({
+  project: z.object({
+    name: z.string(),
+    id: z.string()
+  }),
+  defaults: z.object({
+    environment: z.string().default("dev"),
+    pushOnChange: z.boolean().default(false),
+    confirmOverwrite: z.boolean().default(true)
+  }),
+  encryption: z.object({
+    algorithm: z.string().default("AES-256-GCM"),
+    keyDerivation: z.string().default("Argon2id")
+  }),
+  environments: z.record(
+    z.object({
+      file: z.string(),
+      requireConfirmation: z.boolean().optional()
+    })
+  )
+});
+var defaultConfig = {
+  apiUrl: process.env.SYNCENV_API_URL || "https://syncenv.uagents.app"
+};
+var conf;
+try {
+  conf = new Conf({
+    projectName: "syncenv",
+    defaults: defaultConfig
+  });
+} catch {
+  conf = {
+    get: (key) => defaultConfig[key],
+    set: () => {
+    },
+    delete: () => {
+    },
+    clear: () => {
+    },
+    path: ""
+  };
+}
+function getConfig(key) {
+  return conf.get(key);
+}
+function setConfig(key, value) {
+  conf.set(key, value);
+}
+function deleteConfig(key) {
+  conf.delete(key);
+}
+function getConfigPath() {
+  return conf.path;
+}
+function isAuthenticated() {
+  const cookieHeader = getCookieHeader();
+  return !!cookieHeader && cookieHeader.includes("better-auth");
+}
+async function loadProjectConfig(cwd = process.cwd()) {
+  const configPath = path.join(cwd, ".envsyncrc");
+  try {
+    const content = await fs.readFile(configPath, "utf-8");
+    const parsed = yaml.load(content);
+    return ProjectConfigSchema.parse(parsed);
+  } catch (error) {
+    if (error.code === "ENOENT") {
+      return null;
+    }
+    throw new Error(`Failed to parse .envsyncrc: ${error.message}`);
+  }
+}
+async function saveProjectConfig(config, cwd = process.cwd()) {
+  const configPath = path.join(cwd, ".envsyncrc");
+  const content = yaml.dump(config, { indent: 2 });
+  await fs.writeFile(configPath, content, "utf-8");
+}
+async function hasProjectConfig(cwd = process.cwd()) {
+  try {
+    await fs.access(path.join(cwd, ".envsyncrc"));
+    return true;
+  } catch {
+    return false;
+  }
+}
+async function loadConfig() {
+  return {
+    apiUrl: conf.get("apiUrl") || defaultConfig.apiUrl,
+    authToken: conf.get("authToken"),
+    userId: conf.get("userId"),
+    userEmail: conf.get("userEmail")
+  };
+}
+async function fetchWithCookies(input, init) {
+  if (input instanceof Request) {
+    const url2 = input.url;
+    const cookieHeader2 = getCookieHeader();
+    const headers2 = {};
+    input.headers.forEach((value, key) => {
+      headers2[key] = value;
+    });
+    if (cookieHeader2) {
+      headers2["Cookie"] = cookieHeader2;
+    }
+    const response2 = await fetch(url2, {
+      method: input.method,
+      headers: headers2,
+      body: input.body
+    });
+    const setCookie2 = response2.headers.getSetCookie?.() || (response2.headers.get("set-cookie") ? [response2.headers.get("set-cookie")] : []);
+    if (setCookie2.length > 0) {
+      storeCookies(setCookie2);
+    }
+    return response2;
+  }
+  const url = input.toString();
+  const cookieHeader = getCookieHeader();
+  const headers = {
+    ...init?.headers
+  };
+  if (cookieHeader) {
+    headers["Cookie"] = cookieHeader;
+  }
+  const response = await fetch(url, {
+    ...init,
+    headers
+  });
+  const setCookie = response.headers.getSetCookie?.() || (response.headers.get("set-cookie") ? [response.headers.get("set-cookie")] : []);
+  if (setCookie.length > 0) {
+    storeCookies(setCookie);
+  }
+  return response;
+}
+function createClient() {
+  const apiUrl = conf.get("apiUrl") || defaultConfig.apiUrl;
+  return new SyncEnvClient({
+    baseUrl: apiUrl,
+    token: "",
+    // Cookie-based auth, no token needed
+    fetch: fetchWithCookies
+  });
+}
+var client = createClient();
+async function clearAuthState() {
+  const { clearCachedKEK, deleteKEKPassword, deleteEncryptedKEK } = await import("./secure-storage-UEK3LD5L.js");
+  clearCachedKEK();
+  await deleteKEKPassword();
+  deleteEncryptedKEK();
+  clearCookies();
+  deleteConfig("userId");
+  deleteConfig("userEmail");
+  deleteConfig("authToken");
+  deleteConfig("refreshToken");
+  deleteConfig("deviceId");
+  deleteConfig("deviceName");
+  deleteConfig("devicePublicKey");
+  deleteConfig("encryptedDevicePrivateKey");
+  client.setToken("");
+}
+function handleAuthError(_error) {
+  clearAuthState().catch(() => {
+  });
+  console.error(chalk.red("\n\u2717 Session expired or invalid"));
+  console.error(chalk.yellow("Your authentication session has expired or was revoked."));
+  console.error(chalk.yellow("This can happen when:"));
+  console.error(chalk.yellow("  \u2022 You changed your password"));
+  console.error(chalk.yellow("  \u2022 You logged out from another device"));
+  console.error(chalk.yellow("  \u2022 Your session expired"));
+  console.error(chalk.yellow("  \u2022 Your account was disabled"));
+  console.error();
+  console.error(chalk.cyan("Please login again:"));
+  console.error(chalk.bold("  syncenv auth login"));
+  console.error();
+  process.exit(1);
+}
+async function getOrUnlockUserKEK() {
+  const { getCachedKEK, cacheKEKInMemory, getKEKPassword, saveEncryptedKEK } = await import("./secure-storage-UEK3LD5L.js");
+  const cached = getCachedKEK();
+  if (cached) return cached;
+  const password = await getKEKPassword();
+  if (!password) return null;
+  try {
+    const userKeys = await withAuthGuard(() => client.userKeys.get());
+    const { unlockUserKEK } = await import("./crypto-X7MZU7DV.js");
+    const kek = await unlockUserKEK(
+      password,
+      userKeys.encryptedUserKek,
+      userKeys.kekIv,
+      userKeys.kekSalt
+    );
+    if (!kek) {
+      const { deleteKEKPassword } = await import("./secure-storage-UEK3LD5L.js");
+      await deleteKEKPassword();
+      return null;
+    }
+    saveEncryptedKEK({
+      encryptedUserKek: userKeys.encryptedUserKek,
+      kekIv: userKeys.kekIv,
+      kekSalt: userKeys.kekSalt,
+      version: userKeys.version
+    });
+    cacheKEKInMemory(kek);
+    return kek;
+  } catch (err) {
+    if (err instanceof ApiError && err.statusCode === 404) {
+      return null;
+    }
+    throw err;
+  }
+}
+async function withAuthGuard(apiCall) {
+  try {
+    return await apiCall();
+  } catch (error) {
+    if (error instanceof ApiError && error.statusCode === 401) {
+      handleAuthError(error);
+    }
+    throw error;
+  }
+}
+
+// src/cookie-store.ts
+function parseSetCookie(setCookieValue) {
+  const parts = setCookieValue.split(";").map((p) => p.trim());
+  if (parts.length === 0) return null;
+  const [nameValue, ...attrParts] = parts;
+  const eqIndex = nameValue.indexOf("=");
+  if (eqIndex === -1) return null;
+  const name = nameValue.slice(0, eqIndex);
+  const value = nameValue.slice(eqIndex + 1);
+  const attributes = {};
+  for (const attr of attrParts) {
+    const [attrName, attrValue] = attr.split("=");
+    attributes[attrName.toLowerCase()] = attrValue ?? true;
+  }
+  return { name, value, attributes };
+}
+function loadCookies() {
+  const stored = getConfig("cookies");
+  if (!stored) return [];
+  try {
+    const parsed = JSON.parse(stored);
+    return parsed.map((c) => ({
+      ...c,
+      expires: c.expires ? new Date(c.expires) : void 0
+    }));
+  } catch {
+    return [];
+  }
+}
+function saveCookies(cookies) {
+  if (cookies.length === 0) {
+    deleteConfig("cookies");
+    return;
+  }
+  setConfig("cookies", JSON.stringify(cookies));
+}
+function storeCookies(setCookieHeaders) {
+  if (!setCookieHeaders) return;
+  const headers = Array.isArray(setCookieHeaders) ? setCookieHeaders : [setCookieHeaders];
+  const cookies = loadCookies();
+  for (const header of headers) {
+    const parsed = parseSetCookie(header);
+    if (!parsed) continue;
+    const existingIndex = cookies.findIndex((c) => c.name === parsed.name);
+    if (existingIndex !== -1) {
+      cookies.splice(existingIndex, 1);
+    }
+    const maxAge = parsed.attributes["max-age"];
+    if (parsed.value === "" || typeof maxAge === "string" && parseInt(maxAge, 10) <= 0) {
+      continue;
+    }
+    const cookie = {
+      name: parsed.name,
+      value: parsed.value,
+      path: typeof parsed.attributes.path === "string" ? parsed.attributes.path : "/",
+      httpOnly: parsed.attributes.httponly === true,
+      secure: parsed.attributes.secure === true,
+      sameSite: typeof parsed.attributes.samesite === "string" ? parsed.attributes.samesite : void 0
+    };
+    if (parsed.attributes.expires) {
+      cookie.expires = new Date(parsed.attributes.expires);
+    }
+    cookies.push(cookie);
+  }
+  saveCookies(cookies);
+}
+function getCookieHeader() {
+  const cookies = loadCookies();
+  const now = /* @__PURE__ */ new Date();
+  const validCookies = cookies.filter((c) => !c.expires || c.expires > now);
+  if (validCookies.length !== cookies.length) {
+    saveCookies(validCookies);
+  }
+  if (validCookies.length === 0) return void 0;
+  return validCookies.map((c) => `${c.name}=${c.value}`).join("; ");
+}
+function clearCookies() {
+  deleteConfig("cookies");
+}
+function hasValidSession() {
+  const header = getCookieHeader();
+  return !!header && header.includes("better-auth");
+}
+
+export {
+  loadCookies,
+  saveCookies,
+  storeCookies,
+  getCookieHeader,
+  clearCookies,
+  hasValidSession,
+  getConfig,
+  setConfig,
+  deleteConfig,
+  getConfigPath,
+  isAuthenticated,
+  loadProjectConfig,
+  saveProjectConfig,
+  hasProjectConfig,
+  loadConfig,
+  client,
+  clearAuthState,
+  getOrUnlockUserKEK,
+  withAuthGuard
+};

package/dist/cookie-store-Z6DNTUGS.js

@@ -0,0 +1,16 @@
+import {
+  clearCookies,
+  getCookieHeader,
+  hasValidSession,
+  loadCookies,
+  saveCookies,
+  storeCookies
+} from "./chunk-OVEYHV4C.js";
+export {
+  clearCookies,
+  getCookieHeader,
+  hasValidSession,
+  loadCookies,
+  saveCookies,
+  storeCookies
+};

package/dist/crypto-X7MZU7DV.js

@@ -0,0 +1,58 @@
+import {
+  base64ToBuffer,
+  bufferToBase64,
+  decryptContent,
+  decryptDEK,
+  decryptDek,
+  decryptEnvFile,
+  decryptUserKEK,
+  deriveKEK,
+  deriveKeys,
+  encryptContent,
+  encryptDEK,
+  encryptDek,
+  encryptEnvFile,
+  encryptUserKEK,
+  exportDEK,
+  exportKEK,
+  generateContentHash,
+  generateDEK,
+  generateDek,
+  generateSalt,
+  generateUserKEK,
+  hashContent,
+  importDEK,
+  importKEK,
+  reencryptUserKEK,
+  setupUserKEK,
+  unlockUserKEK
+} from "./chunk-NV6H5OGL.js";
+export {
+  base64ToBuffer,
+  bufferToBase64,
+  decryptContent,
+  decryptDEK,
+  decryptDek,
+  decryptEnvFile,
+  decryptUserKEK,
+  deriveKEK,
+  deriveKeys,
+  encryptContent,
+  encryptDEK,
+  encryptDek,
+  encryptEnvFile,
+  encryptUserKEK,
+  exportDEK,
+  exportKEK,
+  generateContentHash,
+  generateDEK,
+  generateDek,
+  generateSalt,
+  generateUserKEK,
+  hashContent,
+  importDEK,
+  importKEK,
+  reencryptUserKEK,
+  setupUserKEK,
+  unlockUserKEK
+};