@vaultkeeper/test-helpers 0.1.1

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025-present Mike North
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/dist/index.cjs

@@ -0,0 +1,103 @@
+'use strict';
+
+var vaultkeeper = require('vaultkeeper');
+
+// src/in-memory-backend.ts
+var InMemoryBackend = class {
+  type = "memory";
+  displayName = "In-Memory Backend";
+  #store = /* @__PURE__ */ new Map();
+  /** @public */
+  isAvailable() {
+    return Promise.resolve(true);
+  }
+  /** @public */
+  store(id, secret) {
+    this.#store.set(id, secret);
+    return Promise.resolve();
+  }
+  /** @public */
+  retrieve(id) {
+    const val = this.#store.get(id);
+    if (val === void 0) {
+      return Promise.reject(new Error(`Secret not found: ${id}`));
+    }
+    return Promise.resolve(val);
+  }
+  /** @public */
+  delete(id) {
+    this.#store.delete(id);
+    return Promise.resolve();
+  }
+  /** @public */
+  exists(id) {
+    return Promise.resolve(this.#store.has(id));
+  }
+  /**
+   * Remove all stored secrets. Useful for test teardown.
+   * @public
+   */
+  clear() {
+    this.#store.clear();
+  }
+  /**
+   * The number of secrets currently stored.
+   * @public
+   */
+  get size() {
+    return this.#store.size;
+  }
+};
+var TEST_CONFIG = {
+  version: 1,
+  backends: [{ type: "memory", enabled: true }],
+  keyRotation: { gracePeriodDays: 1 },
+  defaults: { ttlMinutes: 5, trustTier: 1 },
+  developmentMode: { executables: ["dev"] }
+};
+var TestVault = class _TestVault {
+  /** The underlying VaultKeeper instance. */
+  keeper;
+  /** The in-memory backend used by this test vault. */
+  backend;
+  constructor(keeper, backend) {
+    this.keeper = keeper;
+    this.backend = backend;
+  }
+  /**
+   * Create a new TestVault, ready for use.
+   *
+   * @param options - Optional overrides for TTL and trust tier.
+   * @returns A fully-initialized TestVault.
+   *
+   * @public
+   */
+  static async create(options) {
+    const backend = new InMemoryBackend();
+    vaultkeeper.BackendRegistry.register("memory", () => backend);
+    const config = {
+      ...TEST_CONFIG,
+      defaults: {
+        ttlMinutes: options?.ttlMinutes ?? TEST_CONFIG.defaults.ttlMinutes,
+        trustTier: options?.trustTier ?? TEST_CONFIG.defaults.trustTier
+      }
+    };
+    const keeper = await vaultkeeper.VaultKeeper.init({
+      skipDoctor: true,
+      config
+    });
+    return new _TestVault(keeper, backend);
+  }
+  /**
+   * Reset the test vault by clearing all stored secrets.
+   * @public
+   */
+  reset() {
+    this.backend.clear();
+  }
+};
+
+exports.InMemoryBackend = InMemoryBackend;
+exports.TestVault = TestVault;
+//# sourceMappingURL=index.cjs.map
+//# sourceMappingURL=index.cjs.map

package/dist/index.cjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/in-memory-backend.ts","../src/test-vault.ts"],"names":["BackendRegistry","VaultKeeper"],"mappings":";;;;;AAeO,IAAM,kBAAN,MAA+C;AAAA,EAC3C,IAAA,GAAO,QAAA;AAAA,EACP,WAAA,GAAc,mBAAA;AAAA,EACd,MAAA,uBAAa,GAAA,EAAoB;AAAA;AAAA,EAG1C,WAAA,GAAgC;AAC9B,IAAA,OAAO,OAAA,CAAQ,QAAQ,IAAI,CAAA;AAAA,EAC7B;AAAA;AAAA,EAGA,KAAA,CAAM,IAAY,MAAA,EAA+B;AAC/C,IAAA,IAAA,CAAK,MAAA,CAAO,GAAA,CAAI,EAAA,EAAI,MAAM,CAAA;AAC1B,IAAA,OAAO,QAAQ,OAAA,EAAQ;AAAA,EACzB;AAAA;AAAA,EAGA,SAAS,EAAA,EAA6B;AACpC,IAAA,MAAM,GAAA,GAAM,IAAA,CAAK,MAAA,CAAO,GAAA,CAAI,EAAE,CAAA;AAC9B,IAAA,IAAI,QAAQ,MAAA,EAAW;AACrB,MAAA,OAAO,QAAQ,MAAA,CAAO,IAAI,MAAM,CAAA,kBAAA,EAAqB,EAAE,EAAE,CAAC,CAAA;AAAA,IAC5D;AACA,IAAA,OAAO,OAAA,CAAQ,QAAQ,GAAG,CAAA;AAAA,EAC5B;AAAA;AAAA,EAGA,OAAO,EAAA,EAA2B;AAChC,IAAA,IAAA,CAAK,MAAA,CAAO,OAAO,EAAE,CAAA;AACrB,IAAA,OAAO,QAAQ,OAAA,EAAQ;AAAA,EACzB;AAAA;AAAA,EAGA,OAAO,EAAA,EAA8B;AACnC,IAAA,OAAO,QAAQ,OAAA,CAAQ,IAAA,CAAK,MAAA,CAAO,GAAA,CAAI,EAAE,CAAC,CAAA;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,KAAA,GAAc;AACZ,IAAA,IAAA,CAAK,OAAO,KAAA,EAAM;AAAA,EACpB;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,IAAI,IAAA,GAAe;AACjB,IAAA,OAAO,KAAK,MAAA,CAAO,IAAA;AAAA,EACrB;AACF;ACzDA,IAAM,WAAA,GAA2B;AAAA,EAC/B,OAAA,EAAS,CAAA;AAAA,EACT,UAAU,CAAC,EAAE,MAAM,QAAA,EAAU,OAAA,EAAS,MAAM,CAAA;AAAA,EAC5C,WAAA,EAAa,EAAE,eAAA,EAAiB,CAAA,EAAE;AAAA,EAClC,QAAA,EAAU,EAAE,UAAA,EAAY,CAAA,EAAG,WAAW,CAAA,EAAE;AAAA,EACxC,eAAA,EAAiB,EAAE,WAAA,EAAa,CAAC,KAAK,CAAA;AACxC,CAAA;AA+BO,IAAM,SAAA,GAAN,MAAM,UAAA,CAAU;AAAA;AAAA,EAEZ,MAAA;AAAA;AAAA,EAGA,OAAA;AAAA,EAED,WAAA,CAAY,QAAqB,OAAA,EAA0B;AACjE,IAAA,IAAA,CAAK,MAAA,GAAS,MAAA;AACd,IAAA,IAAA,CAAK,OAAA,GAAU,OAAA;AAAA,EACjB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,aAAa,OAAO,OAAA,EAAgD;AAClE,IAAA,MAAM,OAAA,GAAU,IAAI,eAAA,EAAgB;AAGpC,IAAAA,2BAAA,CAAgB,QAAA,CAAS,QAAA,EAAU,MAAM,OAAO,CAAA;AAEhD,IAAA,MAAM,MAAA,GAAsB;AAAA,MAC1B,GAAG,WAAA;AAAA,MACH,QAAA,EAAU;AAAA,QACR,UAAA,EAAY,OAAA,EAAS,UAAA,IAAc,WAAA,CAAY,QAAA,CAAS,UAAA;AAAA,QACxD,SAAA,EAAW,OAAA,EAAS,SAAA,IAAa,WAAA,CAAY,QAAA,CAAS;AAAA;AACxD,KACF;AAEA,IAAA,MAAM,MAAA,GAAS,MAAMC,uBAAA,CAAY,IAAA,CAAK;AAAA,MACpC,UAAA,EAAY,IAAA;AAAA,MACZ;AAAA,KACD,CAAA;AAED,IAAA,OAAO,IAAI,UAAA,CAAU,MAAA,EAAQ,OAAO,CAAA;AAAA,EACtC;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,KAAA,GAAc;AACZ,IAAA,IAAA,CAAK,QAAQ,KAAA,EAAM;AAAA,EACrB;AACF","file":"index.cjs","sourcesContent":["/**\n * In-memory secret backend for testing.\n */\n\nimport type { SecretBackend } from 'vaultkeeper'\n\n/**\n * A fully in-memory `SecretBackend` for testing.\n *\n * @remarks\n * This backend stores secrets in a plain `Map` and has no external\n * dependencies. It is suitable for unit, integration, and e2e tests.\n *\n * @public\n */\nexport class InMemoryBackend implements SecretBackend {\n  readonly type = 'memory'\n  readonly displayName = 'In-Memory Backend'\n  readonly #store = new Map<string, string>()\n\n  /** @public */\n  isAvailable(): Promise<boolean> {\n    return Promise.resolve(true)\n  }\n\n  /** @public */\n  store(id: string, secret: string): Promise<void> {\n    this.#store.set(id, secret)\n    return Promise.resolve()\n  }\n\n  /** @public */\n  retrieve(id: string): Promise<string> {\n    const val = this.#store.get(id)\n    if (val === undefined) {\n      return Promise.reject(new Error(`Secret not found: ${id}`))\n    }\n    return Promise.resolve(val)\n  }\n\n  /** @public */\n  delete(id: string): Promise<void> {\n    this.#store.delete(id)\n    return Promise.resolve()\n  }\n\n  /** @public */\n  exists(id: string): Promise<boolean> {\n    return Promise.resolve(this.#store.has(id))\n  }\n\n  /**\n   * Remove all stored secrets. Useful for test teardown.\n   * @public\n   */\n  clear(): void {\n    this.#store.clear()\n  }\n\n  /**\n   * The number of secrets currently stored.\n   * @public\n   */\n  get size(): number {\n    return this.#store.size\n  }\n}\n","/**\n * Pre-configured VaultKeeper for consumer tests.\n */\n\nimport type { VaultConfig } from 'vaultkeeper'\nimport { VaultKeeper, BackendRegistry } from 'vaultkeeper'\nimport { InMemoryBackend } from './in-memory-backend.js'\n\n/** Default test configuration with short TTL and dev-mode trust. */\nconst TEST_CONFIG: VaultConfig = {\n  version: 1,\n  backends: [{ type: 'memory', enabled: true }],\n  keyRotation: { gracePeriodDays: 1 },\n  defaults: { ttlMinutes: 5, trustTier: 1 },\n  developmentMode: { executables: ['dev'] },\n}\n\n/**\n * Options for creating a {@link TestVault}.\n * @public\n */\nexport interface TestVaultOptions {\n  /** Override the default TTL in minutes. */\n  ttlMinutes?: number | undefined\n  /** Override the default trust tier. */\n  trustTier?: 1 | 2 | 3 | undefined\n}\n\n/**\n * A pre-configured vault for consumer test workflows.\n *\n * @remarks\n * `TestVault` wraps a real `VaultKeeper` instance backed by an\n * {@link InMemoryBackend}. It skips doctor checks and uses dev-mode\n * identity, making it suitable for fast, hermetic tests.\n *\n * @example\n * ```ts\n * const vault = await TestVault.create()\n * await vault.backend.store('my-secret', 'hunter2')\n * const jwe = await vault.keeper.setup('my-secret')\n * const { token } = await vault.keeper.authorize(jwe)\n * ```\n *\n * @public\n */\nexport class TestVault {\n  /** The underlying VaultKeeper instance. */\n  readonly keeper: VaultKeeper\n\n  /** The in-memory backend used by this test vault. */\n  readonly backend: InMemoryBackend\n\n  private constructor(keeper: VaultKeeper, backend: InMemoryBackend) {\n    this.keeper = keeper\n    this.backend = backend\n  }\n\n  /**\n   * Create a new TestVault, ready for use.\n   *\n   * @param options - Optional overrides for TTL and trust tier.\n   * @returns A fully-initialized TestVault.\n   *\n   * @public\n   */\n  static async create(options?: TestVaultOptions): Promise<TestVault> {\n    const backend = new InMemoryBackend()\n\n    // Register the in-memory backend so VaultKeeper can resolve it\n    BackendRegistry.register('memory', () => backend)\n\n    const config: VaultConfig = {\n      ...TEST_CONFIG,\n      defaults: {\n        ttlMinutes: options?.ttlMinutes ?? TEST_CONFIG.defaults.ttlMinutes,\n        trustTier: options?.trustTier ?? TEST_CONFIG.defaults.trustTier,\n      },\n    }\n\n    const keeper = await VaultKeeper.init({\n      skipDoctor: true,\n      config,\n    })\n\n    return new TestVault(keeper, backend)\n  }\n\n  /**\n   * Reset the test vault by clearing all stored secrets.\n   * @public\n   */\n  reset(): void {\n    this.backend.clear()\n  }\n}\n"]}

package/dist/index.d.cts

@@ -0,0 +1,96 @@
+import { SecretBackend, VaultKeeper } from 'vaultkeeper';
+
+/**
+ * In-memory secret backend for testing.
+ */
+
+/**
+ * A fully in-memory `SecretBackend` for testing.
+ *
+ * @remarks
+ * This backend stores secrets in a plain `Map` and has no external
+ * dependencies. It is suitable for unit, integration, and e2e tests.
+ *
+ * @public
+ */
+declare class InMemoryBackend implements SecretBackend {
+    #private;
+    readonly type = "memory";
+    readonly displayName = "In-Memory Backend";
+    /** @public */
+    isAvailable(): Promise<boolean>;
+    /** @public */
+    store(id: string, secret: string): Promise<void>;
+    /** @public */
+    retrieve(id: string): Promise<string>;
+    /** @public */
+    delete(id: string): Promise<void>;
+    /** @public */
+    exists(id: string): Promise<boolean>;
+    /**
+     * Remove all stored secrets. Useful for test teardown.
+     * @public
+     */
+    clear(): void;
+    /**
+     * The number of secrets currently stored.
+     * @public
+     */
+    get size(): number;
+}
+
+/**
+ * Pre-configured VaultKeeper for consumer tests.
+ */
+
+/**
+ * Options for creating a {@link TestVault}.
+ * @public
+ */
+interface TestVaultOptions {
+    /** Override the default TTL in minutes. */
+    ttlMinutes?: number | undefined;
+    /** Override the default trust tier. */
+    trustTier?: 1 | 2 | 3 | undefined;
+}
+/**
+ * A pre-configured vault for consumer test workflows.
+ *
+ * @remarks
+ * `TestVault` wraps a real `VaultKeeper` instance backed by an
+ * {@link InMemoryBackend}. It skips doctor checks and uses dev-mode
+ * identity, making it suitable for fast, hermetic tests.
+ *
+ * @example
+ * ```ts
+ * const vault = await TestVault.create()
+ * await vault.backend.store('my-secret', 'hunter2')
+ * const jwe = await vault.keeper.setup('my-secret')
+ * const { token } = await vault.keeper.authorize(jwe)
+ * ```
+ *
+ * @public
+ */
+declare class TestVault {
+    /** The underlying VaultKeeper instance. */
+    readonly keeper: VaultKeeper;
+    /** The in-memory backend used by this test vault. */
+    readonly backend: InMemoryBackend;
+    private constructor();
+    /**
+     * Create a new TestVault, ready for use.
+     *
+     * @param options - Optional overrides for TTL and trust tier.
+     * @returns A fully-initialized TestVault.
+     *
+     * @public
+     */
+    static create(options?: TestVaultOptions): Promise<TestVault>;
+    /**
+     * Reset the test vault by clearing all stored secrets.
+     * @public
+     */
+    reset(): void;
+}
+
+export { InMemoryBackend, TestVault, type TestVaultOptions };

package/dist/index.d.ts

@@ -0,0 +1,96 @@
+import { SecretBackend, VaultKeeper } from 'vaultkeeper';
+
+/**
+ * In-memory secret backend for testing.
+ */
+
+/**
+ * A fully in-memory `SecretBackend` for testing.
+ *
+ * @remarks
+ * This backend stores secrets in a plain `Map` and has no external
+ * dependencies. It is suitable for unit, integration, and e2e tests.
+ *
+ * @public
+ */
+declare class InMemoryBackend implements SecretBackend {
+    #private;
+    readonly type = "memory";
+    readonly displayName = "In-Memory Backend";
+    /** @public */
+    isAvailable(): Promise<boolean>;
+    /** @public */
+    store(id: string, secret: string): Promise<void>;
+    /** @public */
+    retrieve(id: string): Promise<string>;
+    /** @public */
+    delete(id: string): Promise<void>;
+    /** @public */
+    exists(id: string): Promise<boolean>;
+    /**
+     * Remove all stored secrets. Useful for test teardown.
+     * @public
+     */
+    clear(): void;
+    /**
+     * The number of secrets currently stored.
+     * @public
+     */
+    get size(): number;
+}
+
+/**
+ * Pre-configured VaultKeeper for consumer tests.
+ */
+
+/**
+ * Options for creating a {@link TestVault}.
+ * @public
+ */
+interface TestVaultOptions {
+    /** Override the default TTL in minutes. */
+    ttlMinutes?: number | undefined;
+    /** Override the default trust tier. */
+    trustTier?: 1 | 2 | 3 | undefined;
+}
+/**
+ * A pre-configured vault for consumer test workflows.
+ *
+ * @remarks
+ * `TestVault` wraps a real `VaultKeeper` instance backed by an
+ * {@link InMemoryBackend}. It skips doctor checks and uses dev-mode
+ * identity, making it suitable for fast, hermetic tests.
+ *
+ * @example
+ * ```ts
+ * const vault = await TestVault.create()
+ * await vault.backend.store('my-secret', 'hunter2')
+ * const jwe = await vault.keeper.setup('my-secret')
+ * const { token } = await vault.keeper.authorize(jwe)
+ * ```
+ *
+ * @public
+ */
+declare class TestVault {
+    /** The underlying VaultKeeper instance. */
+    readonly keeper: VaultKeeper;
+    /** The in-memory backend used by this test vault. */
+    readonly backend: InMemoryBackend;
+    private constructor();
+    /**
+     * Create a new TestVault, ready for use.
+     *
+     * @param options - Optional overrides for TTL and trust tier.
+     * @returns A fully-initialized TestVault.
+     *
+     * @public
+     */
+    static create(options?: TestVaultOptions): Promise<TestVault>;
+    /**
+     * Reset the test vault by clearing all stored secrets.
+     * @public
+     */
+    reset(): void;
+}
+
+export { InMemoryBackend, TestVault, type TestVaultOptions };

package/dist/index.js

@@ -0,0 +1,100 @@
+import { BackendRegistry, VaultKeeper } from 'vaultkeeper';
+
+// src/in-memory-backend.ts
+var InMemoryBackend = class {
+  type = "memory";
+  displayName = "In-Memory Backend";
+  #store = /* @__PURE__ */ new Map();
+  /** @public */
+  isAvailable() {
+    return Promise.resolve(true);
+  }
+  /** @public */
+  store(id, secret) {
+    this.#store.set(id, secret);
+    return Promise.resolve();
+  }
+  /** @public */
+  retrieve(id) {
+    const val = this.#store.get(id);
+    if (val === void 0) {
+      return Promise.reject(new Error(`Secret not found: ${id}`));
+    }
+    return Promise.resolve(val);
+  }
+  /** @public */
+  delete(id) {
+    this.#store.delete(id);
+    return Promise.resolve();
+  }
+  /** @public */
+  exists(id) {
+    return Promise.resolve(this.#store.has(id));
+  }
+  /**
+   * Remove all stored secrets. Useful for test teardown.
+   * @public
+   */
+  clear() {
+    this.#store.clear();
+  }
+  /**
+   * The number of secrets currently stored.
+   * @public
+   */
+  get size() {
+    return this.#store.size;
+  }
+};
+var TEST_CONFIG = {
+  version: 1,
+  backends: [{ type: "memory", enabled: true }],
+  keyRotation: { gracePeriodDays: 1 },
+  defaults: { ttlMinutes: 5, trustTier: 1 },
+  developmentMode: { executables: ["dev"] }
+};
+var TestVault = class _TestVault {
+  /** The underlying VaultKeeper instance. */
+  keeper;
+  /** The in-memory backend used by this test vault. */
+  backend;
+  constructor(keeper, backend) {
+    this.keeper = keeper;
+    this.backend = backend;
+  }
+  /**
+   * Create a new TestVault, ready for use.
+   *
+   * @param options - Optional overrides for TTL and trust tier.
+   * @returns A fully-initialized TestVault.
+   *
+   * @public
+   */
+  static async create(options) {
+    const backend = new InMemoryBackend();
+    BackendRegistry.register("memory", () => backend);
+    const config = {
+      ...TEST_CONFIG,
+      defaults: {
+        ttlMinutes: options?.ttlMinutes ?? TEST_CONFIG.defaults.ttlMinutes,
+        trustTier: options?.trustTier ?? TEST_CONFIG.defaults.trustTier
+      }
+    };
+    const keeper = await VaultKeeper.init({
+      skipDoctor: true,
+      config
+    });
+    return new _TestVault(keeper, backend);
+  }
+  /**
+   * Reset the test vault by clearing all stored secrets.
+   * @public
+   */
+  reset() {
+    this.backend.clear();
+  }
+};
+
+export { InMemoryBackend, TestVault };
+//# sourceMappingURL=index.js.map
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/in-memory-backend.ts","../src/test-vault.ts"],"names":[],"mappings":";;;AAeO,IAAM,kBAAN,MAA+C;AAAA,EAC3C,IAAA,GAAO,QAAA;AAAA,EACP,WAAA,GAAc,mBAAA;AAAA,EACd,MAAA,uBAAa,GAAA,EAAoB;AAAA;AAAA,EAG1C,WAAA,GAAgC;AAC9B,IAAA,OAAO,OAAA,CAAQ,QAAQ,IAAI,CAAA;AAAA,EAC7B;AAAA;AAAA,EAGA,KAAA,CAAM,IAAY,MAAA,EAA+B;AAC/C,IAAA,IAAA,CAAK,MAAA,CAAO,GAAA,CAAI,EAAA,EAAI,MAAM,CAAA;AAC1B,IAAA,OAAO,QAAQ,OAAA,EAAQ;AAAA,EACzB;AAAA;AAAA,EAGA,SAAS,EAAA,EAA6B;AACpC,IAAA,MAAM,GAAA,GAAM,IAAA,CAAK,MAAA,CAAO,GAAA,CAAI,EAAE,CAAA;AAC9B,IAAA,IAAI,QAAQ,MAAA,EAAW;AACrB,MAAA,OAAO,QAAQ,MAAA,CAAO,IAAI,MAAM,CAAA,kBAAA,EAAqB,EAAE,EAAE,CAAC,CAAA;AAAA,IAC5D;AACA,IAAA,OAAO,OAAA,CAAQ,QAAQ,GAAG,CAAA;AAAA,EAC5B;AAAA;AAAA,EAGA,OAAO,EAAA,EAA2B;AAChC,IAAA,IAAA,CAAK,MAAA,CAAO,OAAO,EAAE,CAAA;AACrB,IAAA,OAAO,QAAQ,OAAA,EAAQ;AAAA,EACzB;AAAA;AAAA,EAGA,OAAO,EAAA,EAA8B;AACnC,IAAA,OAAO,QAAQ,OAAA,CAAQ,IAAA,CAAK,MAAA,CAAO,GAAA,CAAI,EAAE,CAAC,CAAA;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,KAAA,GAAc;AACZ,IAAA,IAAA,CAAK,OAAO,KAAA,EAAM;AAAA,EACpB;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,IAAI,IAAA,GAAe;AACjB,IAAA,OAAO,KAAK,MAAA,CAAO,IAAA;AAAA,EACrB;AACF;ACzDA,IAAM,WAAA,GAA2B;AAAA,EAC/B,OAAA,EAAS,CAAA;AAAA,EACT,UAAU,CAAC,EAAE,MAAM,QAAA,EAAU,OAAA,EAAS,MAAM,CAAA;AAAA,EAC5C,WAAA,EAAa,EAAE,eAAA,EAAiB,CAAA,EAAE;AAAA,EAClC,QAAA,EAAU,EAAE,UAAA,EAAY,CAAA,EAAG,WAAW,CAAA,EAAE;AAAA,EACxC,eAAA,EAAiB,EAAE,WAAA,EAAa,CAAC,KAAK,CAAA;AACxC,CAAA;AA+BO,IAAM,SAAA,GAAN,MAAM,UAAA,CAAU;AAAA;AAAA,EAEZ,MAAA;AAAA;AAAA,EAGA,OAAA;AAAA,EAED,WAAA,CAAY,QAAqB,OAAA,EAA0B;AACjE,IAAA,IAAA,CAAK,MAAA,GAAS,MAAA;AACd,IAAA,IAAA,CAAK,OAAA,GAAU,OAAA;AAAA,EACjB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,aAAa,OAAO,OAAA,EAAgD;AAClE,IAAA,MAAM,OAAA,GAAU,IAAI,eAAA,EAAgB;AAGpC,IAAA,eAAA,CAAgB,QAAA,CAAS,QAAA,EAAU,MAAM,OAAO,CAAA;AAEhD,IAAA,MAAM,MAAA,GAAsB;AAAA,MAC1B,GAAG,WAAA;AAAA,MACH,QAAA,EAAU;AAAA,QACR,UAAA,EAAY,OAAA,EAAS,UAAA,IAAc,WAAA,CAAY,QAAA,CAAS,UAAA;AAAA,QACxD,SAAA,EAAW,OAAA,EAAS,SAAA,IAAa,WAAA,CAAY,QAAA,CAAS;AAAA;AACxD,KACF;AAEA,IAAA,MAAM,MAAA,GAAS,MAAM,WAAA,CAAY,IAAA,CAAK;AAAA,MACpC,UAAA,EAAY,IAAA;AAAA,MACZ;AAAA,KACD,CAAA;AAED,IAAA,OAAO,IAAI,UAAA,CAAU,MAAA,EAAQ,OAAO,CAAA;AAAA,EACtC;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,KAAA,GAAc;AACZ,IAAA,IAAA,CAAK,QAAQ,KAAA,EAAM;AAAA,EACrB;AACF","file":"index.js","sourcesContent":["/**\n * In-memory secret backend for testing.\n */\n\nimport type { SecretBackend } from 'vaultkeeper'\n\n/**\n * A fully in-memory `SecretBackend` for testing.\n *\n * @remarks\n * This backend stores secrets in a plain `Map` and has no external\n * dependencies. It is suitable for unit, integration, and e2e tests.\n *\n * @public\n */\nexport class InMemoryBackend implements SecretBackend {\n  readonly type = 'memory'\n  readonly displayName = 'In-Memory Backend'\n  readonly #store = new Map<string, string>()\n\n  /** @public */\n  isAvailable(): Promise<boolean> {\n    return Promise.resolve(true)\n  }\n\n  /** @public */\n  store(id: string, secret: string): Promise<void> {\n    this.#store.set(id, secret)\n    return Promise.resolve()\n  }\n\n  /** @public */\n  retrieve(id: string): Promise<string> {\n    const val = this.#store.get(id)\n    if (val === undefined) {\n      return Promise.reject(new Error(`Secret not found: ${id}`))\n    }\n    return Promise.resolve(val)\n  }\n\n  /** @public */\n  delete(id: string): Promise<void> {\n    this.#store.delete(id)\n    return Promise.resolve()\n  }\n\n  /** @public */\n  exists(id: string): Promise<boolean> {\n    return Promise.resolve(this.#store.has(id))\n  }\n\n  /**\n   * Remove all stored secrets. Useful for test teardown.\n   * @public\n   */\n  clear(): void {\n    this.#store.clear()\n  }\n\n  /**\n   * The number of secrets currently stored.\n   * @public\n   */\n  get size(): number {\n    return this.#store.size\n  }\n}\n","/**\n * Pre-configured VaultKeeper for consumer tests.\n */\n\nimport type { VaultConfig } from 'vaultkeeper'\nimport { VaultKeeper, BackendRegistry } from 'vaultkeeper'\nimport { InMemoryBackend } from './in-memory-backend.js'\n\n/** Default test configuration with short TTL and dev-mode trust. */\nconst TEST_CONFIG: VaultConfig = {\n  version: 1,\n  backends: [{ type: 'memory', enabled: true }],\n  keyRotation: { gracePeriodDays: 1 },\n  defaults: { ttlMinutes: 5, trustTier: 1 },\n  developmentMode: { executables: ['dev'] },\n}\n\n/**\n * Options for creating a {@link TestVault}.\n * @public\n */\nexport interface TestVaultOptions {\n  /** Override the default TTL in minutes. */\n  ttlMinutes?: number | undefined\n  /** Override the default trust tier. */\n  trustTier?: 1 | 2 | 3 | undefined\n}\n\n/**\n * A pre-configured vault for consumer test workflows.\n *\n * @remarks\n * `TestVault` wraps a real `VaultKeeper` instance backed by an\n * {@link InMemoryBackend}. It skips doctor checks and uses dev-mode\n * identity, making it suitable for fast, hermetic tests.\n *\n * @example\n * ```ts\n * const vault = await TestVault.create()\n * await vault.backend.store('my-secret', 'hunter2')\n * const jwe = await vault.keeper.setup('my-secret')\n * const { token } = await vault.keeper.authorize(jwe)\n * ```\n *\n * @public\n */\nexport class TestVault {\n  /** The underlying VaultKeeper instance. */\n  readonly keeper: VaultKeeper\n\n  /** The in-memory backend used by this test vault. */\n  readonly backend: InMemoryBackend\n\n  private constructor(keeper: VaultKeeper, backend: InMemoryBackend) {\n    this.keeper = keeper\n    this.backend = backend\n  }\n\n  /**\n   * Create a new TestVault, ready for use.\n   *\n   * @param options - Optional overrides for TTL and trust tier.\n   * @returns A fully-initialized TestVault.\n   *\n   * @public\n   */\n  static async create(options?: TestVaultOptions): Promise<TestVault> {\n    const backend = new InMemoryBackend()\n\n    // Register the in-memory backend so VaultKeeper can resolve it\n    BackendRegistry.register('memory', () => backend)\n\n    const config: VaultConfig = {\n      ...TEST_CONFIG,\n      defaults: {\n        ttlMinutes: options?.ttlMinutes ?? TEST_CONFIG.defaults.ttlMinutes,\n        trustTier: options?.trustTier ?? TEST_CONFIG.defaults.trustTier,\n      },\n    }\n\n    const keeper = await VaultKeeper.init({\n      skipDoctor: true,\n      config,\n    })\n\n    return new TestVault(keeper, backend)\n  }\n\n  /**\n   * Reset the test vault by clearing all stored secrets.\n   * @public\n   */\n  reset(): void {\n    this.backend.clear()\n  }\n}\n"]}

package/package.json

@@ -0,0 +1,51 @@
+{
+  "name": "@vaultkeeper/test-helpers",
+  "version": "0.1.1",
+  "description": "Test utilities for vaultkeeper consumers",
+  "type": "module",
+  "main": "./dist/index.cjs",
+  "module": "./dist/index.js",
+  "types": "./dist/test-helpers-public.d.ts",
+  "exports": {
+    ".": {
+      "import": {
+        "types": "./dist/index.d.ts",
+        "default": "./dist/index.js"
+      },
+      "require": {
+        "types": "./dist/index.d.cts",
+        "default": "./dist/index.cjs"
+      }
+    }
+  },
+  "files": [
+    "dist"
+  ],
+  "engines": {
+    "node": ">=20.0.0"
+  },
+  "keywords": [],
+  "author": "Mike North <michael.l.north@gmail.com>",
+  "license": "MIT",
+  "publishConfig": {
+    "access": "public"
+  },
+  "dependencies": {
+    "vaultkeeper": "0.2.0"
+  },
+  "devDependencies": {
+    "@microsoft/api-extractor": "^7.57.2",
+    "@types/node": "^22.0.0",
+    "tsup": "^8.0.0"
+  },
+  "scripts": {
+    "build": "tsup",
+    "clean": "node -e \"import('node:fs').then(fs=>fs.rmSync('dist',{recursive:true,force:true}))\"",
+    "test": "vitest run",
+    "check:typecheck": "tsc --noEmit",
+    "check:lint-ts": "eslint .",
+    "check:api-report": "api-extractor run",
+    "check": "pnpm check:typecheck && pnpm check:lint-ts && pnpm check:api-report",
+    "generate:api-report": "api-extractor run --local"
+  }
+}