npm - @vellumai/credential-executor - Versions diffs - 0.6.6 → 0.7.1 - Mend

@vellumai/credential-executor 0.6.6 → 0.7.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (61) hide show

package/src/__tests__/toolstore.test.ts CHANGED Viewed

@@ -1,5 +1,12 @@
 import { describe, expect, test, beforeEach, afterEach } from "bun:test";
-import { mkdirSync, rmSync, existsSync, readFileSync, writeFileSync, symlinkSync } from "node:fs";
+import {
+  mkdirSync,
+  rmSync,
+  existsSync,
+  readFileSync,
+  writeFileSync,
+  symlinkSync,
+} from "node:fs";
 import { join } from "node:path";
 import { tmpdir } from "node:os";
 import { randomUUID } from "node:crypto";
@@ -47,11 +54,17 @@ function createTestArchive(
       { stdout: "pipe", stderr: "pipe" },
     );
     if (proc.exitCode !== 0) {
-      throw new Error(`Failed to create test archive: ${new TextDecoder().decode(proc.stderr).trim()}`);
+      throw new Error(
+        `Failed to create test archive: ${new TextDecoder().decode(proc.stderr).trim()}`,
+      );
     }
     return Buffer.from(readFileSync(archivePath));
   } finally {
-    try { rmSync(stagingDir, { recursive: true, force: true }); } catch { /* best effort */ }
+    try {
+      rmSync(stagingDir, { recursive: true, force: true });
+    } catch {
+      /* best effort */
+    }
   }
 }
@@ -78,11 +91,17 @@ function createSymlinkArchive(
       { stdout: "pipe", stderr: "pipe" },
     );
     if (proc.exitCode !== 0) {
-      throw new Error(`Failed to create symlink test archive: ${new TextDecoder().decode(proc.stderr).trim()}`);
+      throw new Error(
+        `Failed to create symlink test archive: ${new TextDecoder().decode(proc.stderr).trim()}`,
+      );
     }
     return Buffer.from(readFileSync(archivePath));
   } finally {
-    try { rmSync(stagingDir, { recursive: true, force: true }); } catch { /* best effort */ }
+    try {
+      rmSync(stagingDir, { recursive: true, force: true });
+    } catch {
+      /* best effort */
+    }
   }
 }
@@ -93,7 +112,10 @@ const SAMPLE_BUNDLE_BYTES = createTestArchive("bin/test-cli");
 const SAMPLE_BUNDLE_DIGEST = computeDigest(SAMPLE_BUNDLE_BYTES);
 /** A different archive to test digest mismatches. */
-const TAMPERED_BUNDLE_BYTES = createTestArchive("bin/test-cli", "#!/usr/bin/env bash\nrm -rf /\n");
+const TAMPERED_BUNDLE_BYTES = createTestArchive(
+  "bin/test-cli",
+  "#!/usr/bin/env bash\nrm -rf /\n",
+);
 /**
  * Build a minimal valid SecureCommandManifest for testing.
@@ -110,9 +132,7 @@ function buildSecureManifest(
     commandProfiles: {
       "read-data": {
         description: "Read-only data access",
-        allowedArgvPatterns: [
-          { name: "list", tokens: ["list", "<resource>"] },
-        ],
+        allowedArgvPatterns: [{ name: "list", tokens: ["list", "<resource>"] }],
         deniedSubcommands: ["admin"],
         allowedNetworkTargets: [
           { hostPattern: "api.example.com", protocols: ["https"] },
@@ -159,7 +179,7 @@ beforeEach(() => {
   mkdirSync(testTmpDir, { recursive: true });
   // Point CES data root to the temp directory so tests are isolated
-  process.env["BASE_DATA_DIR"] = testTmpDir;
+  process.env["CREDENTIAL_SECURITY_DIR"] = testTmpDir;
 });
 afterEach(() => {
@@ -168,7 +188,7 @@ afterEach(() => {
   } catch {
     // Best effort cleanup
   }
-  delete process.env["BASE_DATA_DIR"];
+  delete process.env["CREDENTIAL_SECURITY_DIR"];
 });
 // ---------------------------------------------------------------------------
@@ -280,7 +300,9 @@ describe("manifest validation helpers", () => {
     });
     test("rejects data: URL", () => {
-      const err = validateSourceUrl("data:application/octet-stream;base64,AA==");
+      const err = validateSourceUrl(
+        "data:application/octet-stream;base64,AA==",
+      );
       expect(err).not.toBeNull();
       expect(err).toContain("data:");
     });
@@ -375,7 +397,9 @@ describe("publishBundle — digest mismatch rejection", () => {
     if (existsSync(toolstoreDir)) {
       const { readdirSync } = require("node:fs");
       const entries = readdirSync(toolstoreDir) as string[];
-      const stagingDirs = entries.filter((e: string) => e.startsWith(".staging-"));
+      const stagingDirs = entries.filter((e: string) =>
+        e.startsWith(".staging-"),
+      );
       expect(stagingDirs).toHaveLength(0);
     }
   });
@@ -450,7 +474,10 @@ describe("publishBundle — immutable and deduplicated by digest", () => {
     expect(firstResult.success).toBe(true);
     // Publish a second, different bundle (real tar.gz archive)
-    const otherBytes = createTestArchive("bin/test-cli", "#!/usr/bin/env bash\necho other\n");
+    const otherBytes = createTestArchive(
+      "bin/test-cli",
+      "#!/usr/bin/env bash\necho other\n",
+    );
     const otherDigest = computeDigest(otherBytes);
     const otherManifest = buildSecureManifest({
       bundleDigest: otherDigest,
@@ -464,7 +491,8 @@ describe("publishBundle — immutable and deduplicated by digest", () => {
         expectedDigest: otherDigest,
         bundleId: "other-cli",
         version: "2.0.0",
-        sourceUrl: "https://releases.example.com/other-cli/v2.0.0/bundle.tar.gz",
+        sourceUrl:
+          "https://releases.example.com/other-cli/v2.0.0/bundle.tar.gz",
         secureCommandManifest: otherManifest,
       }),
     );
@@ -631,7 +659,9 @@ describe("publishBundle — symlink escape prevention", () => {
       // Create a real entrypoint
       const entrypointPath = join(stagingDir, "bin/test-cli");
       mkdirSync(join(stagingDir, "bin"), { recursive: true });
-      writeFileSync(entrypointPath, "#!/usr/bin/env bash\necho hello\n", { mode: 0o755 });
+      writeFileSync(entrypointPath, "#!/usr/bin/env bash\necho hello\n", {
+        mode: 0o755,
+      });
       // Create a symlink that escapes
       symlinkSync("/etc/passwd", join(stagingDir, "bin/evil-link"));
@@ -663,16 +693,27 @@ describe("publishBundle — symlink escape prevention", () => {
       expect(result.error).toContain("symlink");
       expect(result.error).toContain("outside the bundle directory");
     } finally {
-      try { rmSync(stagingDir, { recursive: true, force: true }); } catch { /* best effort */ }
+      try {
+        rmSync(stagingDir, { recursive: true, force: true });
+      } catch {
+        /* best effort */
+      }
     }
   });
   test("accepts bundle with internal symlinks (not escaping)", () => {
     // Create an archive with a symlink that points within the bundle
-    const stagingDir = join(tmpdir(), `ces-test-internal-symlink-${randomUUID()}`);
+    const stagingDir = join(
+      tmpdir(),
+      `ces-test-internal-symlink-${randomUUID()}`,
+    );
     try {
       mkdirSync(join(stagingDir, "bin"), { recursive: true });
-      writeFileSync(join(stagingDir, "bin/test-cli"), "#!/usr/bin/env bash\necho hello\n", { mode: 0o755 });
+      writeFileSync(
+        join(stagingDir, "bin/test-cli"),
+        "#!/usr/bin/env bash\necho hello\n",
+        { mode: 0o755 },
+      );
       // Create a symlink within the bundle: bin/alias -> test-cli (relative)
       symlinkSync("test-cli", join(stagingDir, "bin/alias"));
@@ -701,7 +742,11 @@ describe("publishBundle — symlink escape prevention", () => {
       expect(result.success).toBe(true);
     } finally {
-      try { rmSync(stagingDir, { recursive: true, force: true }); } catch { /* best effort */ }
+      try {
+        rmSync(stagingDir, { recursive: true, force: true });
+      } catch {
+        /* best effort */
+      }
     }
   });

package/src/__tests__/transport.test.ts CHANGED Viewed

@@ -21,7 +21,7 @@ import {
   CES_PROTOCOL_VERSION,
   type HandshakeAck,
   type RpcEnvelope,
-} from "@vellumai/ces-contracts";
+} from "@vellumai/service-contracts/credential-rpc";
 import { getCesDataRoot, getBootstrapSocketPath, getHealthPort } from "../paths.js";
 import { CesRpcServer, type RpcHandlerRegistry } from "../server.js";
@@ -393,16 +393,25 @@ describe("CES data paths", () => {
   });
   test("getBootstrapSocketPath respects CES_BOOTSTRAP_SOCKET env var", () => {
-    const saved = process.env["CES_BOOTSTRAP_SOCKET"];
+    const savedSocket = process.env["CES_BOOTSTRAP_SOCKET"];
+    const savedDir = process.env["CES_BOOTSTRAP_SOCKET_DIR"];
+    // CES_BOOTSTRAP_SOCKET_DIR takes precedence; clear it so the
+    // CES_BOOTSTRAP_SOCKET fallback is actually exercised.
+    delete process.env["CES_BOOTSTRAP_SOCKET_DIR"];
     process.env["CES_BOOTSTRAP_SOCKET"] = "/tmp/test-ces.sock";
     try {
       expect(getBootstrapSocketPath()).toBe("/tmp/test-ces.sock");
     } finally {
-      if (saved !== undefined) {
-        process.env["CES_BOOTSTRAP_SOCKET"] = saved;
+      if (savedSocket !== undefined) {
+        process.env["CES_BOOTSTRAP_SOCKET"] = savedSocket;
       } else {
         delete process.env["CES_BOOTSTRAP_SOCKET"];
       }
+      if (savedDir !== undefined) {
+        process.env["CES_BOOTSTRAP_SOCKET_DIR"] = savedDir;
+      } else {
+        delete process.env["CES_BOOTSTRAP_SOCKET_DIR"];
+      }
     }
   });
 });

package/src/audit/store.ts CHANGED Viewed

@@ -3,7 +3,7 @@
  *
  * Persists token-free audit record summaries to `audit.jsonl` inside
  * the CES-private data root. Each line is a self-contained JSON object
- * conforming to the `AuditRecordSummary` schema from `@vellumai/ces-contracts`.
+ * conforming to the `AuditRecordSummary` schema from `@vellumai/service-contracts`.
  *
  * Design principles:
  * - **Append-only**: Records are appended one per line. The file is never
@@ -27,7 +27,7 @@ import {
 } from "node:fs";
 import { dirname, join } from "node:path";
-import type { AuditRecordSummary } from "@vellumai/ces-contracts";
+import type { AuditRecordSummary } from "@vellumai/service-contracts/credential-rpc";
 import { getCesAuditDir } from "../paths.js";

package/src/cli.ts ADDED Viewed

@@ -0,0 +1,158 @@
+#!/usr/bin/env bun
+/**
+ * CES CLI — lightweight credential CRUD for the CES container.
+ *
+ * Operates directly on the encrypted key store (`keys.enc` + `store.key`)
+ * without requiring the RPC server, HTTP routes, or a running assistant.
+ *
+ * Usage:
+ *   ces list
+ *   ces get <account>
+ *   ces set <account> <value>
+ *   ces delete <account>
+ *
+ * Account format: `credential/<service>/<field>` (e.g. `credential/vellum/platform_organization_id`)
+ *
+ * Environment variables:
+ *   CREDENTIAL_SECURITY_DIR — directory containing `keys.enc` + `store.key`
+ *   CES_ASSISTANT_DATA_MOUNT — fallback root for `<mount>/.vellum/protected/`
+ *
+ * When neither is set, defaults to `~/.vellum/protected/` (local mode).
+ */
+import { join } from "node:path";
+import { homedir } from "node:os";
+import { createLocalSecureKeyBackend } from "./materializers/local-secure-key-backend.js";
+// ---------------------------------------------------------------------------
+// Path resolution (mirrors managed-main.ts)
+// ---------------------------------------------------------------------------
+function resolveVellumRoot(): string {
+  const secDir = process.env["CREDENTIAL_SECURITY_DIR"]?.trim();
+  if (secDir) {
+    // CREDENTIAL_SECURITY_DIR points directly at the dir containing
+    // keys.enc, but createLocalSecureKeyBackend wants the parent
+    // (.vellum root) and appends /protected/ itself — unless
+    // CREDENTIAL_SECURITY_DIR is set, in which case the backend reads
+    // from that dir directly. So we pass dirname(secDir) as vellumRoot.
+    // Actually, looking at resolveSecurityDir(): if CREDENTIAL_SECURITY_DIR
+    // is set it uses that directly, ignoring vellumRoot. So vellumRoot
+    // can be anything — the env var takes precedence.
+    return join(secDir, "..");
+  }
+  const mount = process.env["CES_ASSISTANT_DATA_MOUNT"]?.trim();
+  if (mount) {
+    return join(mount, ".vellum");
+  }
+  return join(homedir(), ".vellum");
+}
+// ---------------------------------------------------------------------------
+// CLI
+// ---------------------------------------------------------------------------
+async function main(): Promise<void> {
+  const [command, ...args] = process.argv.slice(2);
+  if (!command || command === "--help" || command === "-h") {
+    printUsage();
+    process.exit(0);
+  }
+  const vellumRoot = resolveVellumRoot();
+  const backend = createLocalSecureKeyBackend(vellumRoot);
+  switch (command) {
+    case "list": {
+      const accounts = await backend.list();
+      if (accounts.length === 0) {
+        console.log("(no credentials stored)");
+      } else {
+        for (const account of accounts.sort()) {
+          console.log(account);
+        }
+      }
+      break;
+    }
+    case "get": {
+      const account = args[0];
+      if (!account) {
+        console.error("Usage: ces get <account>");
+        process.exit(1);
+      }
+      const value = await backend.get(account);
+      if (value === undefined) {
+        console.error(`Not found: ${account}`);
+        process.exit(1);
+      }
+      // Write raw value to stdout (no trailing newline for piping)
+      process.stdout.write(value);
+      break;
+    }
+    case "set": {
+      const account = args[0];
+      const value = args[1];
+      if (!account || value === undefined) {
+        console.error("Usage: ces set <account> <value>");
+        process.exit(1);
+      }
+      const ok = await backend.set(account, value);
+      if (ok) {
+        console.log(`Set: ${account}`);
+      } else {
+        console.error(`Failed to set: ${account}`);
+        process.exit(1);
+      }
+      break;
+    }
+    case "delete": {
+      const account = args[0];
+      if (!account) {
+        console.error("Usage: ces delete <account>");
+        process.exit(1);
+      }
+      const result = await backend.delete(account);
+      if (result === "deleted") {
+        console.log(`Deleted: ${account}`);
+      } else {
+        console.error(`Not found: ${account}`);
+        process.exit(1);
+      }
+      break;
+    }
+    default:
+      console.error(`Unknown command: ${command}`);
+      printUsage();
+      process.exit(1);
+  }
+}
+function printUsage(): void {
+  console.log(`CES CLI — credential CRUD for the encrypted key store
+Usage:
+  ces list                     List all credential accounts
+  ces get <account>            Get a credential value
+  ces set <account> <value>    Set a credential value
+  ces delete <account>         Delete a credential
+Account format:
+  credential/<service>/<field>
+  Example: credential/vellum/platform_organization_id
+Environment:
+  CREDENTIAL_SECURITY_DIR    Directory containing keys.enc + store.key
+  CES_ASSISTANT_DATA_MOUNT   Fallback: <mount>/.vellum/protected/`);
+}
+main().catch((err) => {
+  console.error(`Fatal: ${err instanceof Error ? err.message : err}`);
+  process.exit(1);
+});

package/src/commands/executor.ts CHANGED Viewed

@@ -74,7 +74,7 @@ import {
   type WorkspaceOutput,
   type CopybackResult,
 } from "./workspace.js";
-import { hashProposal, type AuditRecordSummary, type CommandGrantProposal } from "@vellumai/ces-contracts";
+import { hashProposal, type AuditRecordSummary, type CommandGrantProposal } from "@vellumai/service-contracts/credential-rpc";
 import type { AuditStore } from "../audit/store.js";
 import type { PersistentGrantStore } from "../grants/persistent-store.js";
@@ -737,7 +737,7 @@ function checkGrant(
   // Check temporary grants — build the same proposal shape that the
   // approval bridge produces, then hash with the canonical algorithm
-  // from `@vellumai/ces-contracts` so the hashes align.
+  // from `@vellumai/service-contracts` so the hashes align.
   const tempProposal: CommandGrantProposal = {
     type: "command",
     credentialHandle: request.credentialHandle,

package/src/grants/rpc-handlers.ts CHANGED Viewed

@@ -23,7 +23,7 @@ import type {
   ListAuditRecords,
   ListAuditRecordsResponse,
   PersistentGrantRecord,
-} from "@vellumai/ces-contracts";
+} from "@vellumai/service-contracts/credential-rpc";
 import type { PersistentGrantStore, PersistentGrant } from "./persistent-store.js";
 import type { TemporaryGrantStore } from "./temporary-store.js";

package/src/http/__tests__/credential-routes-normalization.test.ts ADDED Viewed

@@ -0,0 +1,202 @@
+/**
+ * Tests for credential account key normalization in the HTTP routes.
+ *
+ * Verifies that colon-separated account names (e.g. `vellum:platform_organization_id`)
+ * are transparently normalized to the internal slash-separated format
+ * (e.g. `credential/vellum/platform_organization_id`) so that credentials
+ * stored via direct HTTP are findable by the gateway and assistant.
+ */
+import { describe, it, expect } from "bun:test";
+import { handleCredentialRoute } from "../credential-routes.js";
+import type { CredentialRouteDeps } from "../credential-routes.js";
+import type { SecureKeyBackend } from "@vellumai/credential-storage";
+// ---------------------------------------------------------------------------
+// Helpers
+// ---------------------------------------------------------------------------
+const SERVICE_TOKEN = "test-token-normalization";
+function makeDeps(): { deps: CredentialRouteDeps; store: Map<string, string> } {
+  const store = new Map<string, string>();
+  const backend: SecureKeyBackend = {
+    get: async (account: string) => store.get(account),
+    set: async (account: string, value: string) => {
+      store.set(account, value);
+      return true;
+    },
+    delete: async (account: string) => {
+      if (!store.has(account)) return "not-found";
+      store.delete(account);
+      return "deleted";
+    },
+    list: async () => [...store.keys()],
+  };
+  return { deps: { backend, serviceToken: SERVICE_TOKEN }, store };
+}
+function makeRequest(
+  method: string,
+  path: string,
+  body?: unknown,
+): Request {
+  const url = `http://localhost:8090${path}`;
+  const headers: Record<string, string> = {
+    "Content-Type": "application/json",
+    Authorization: `Bearer ${SERVICE_TOKEN}`,
+  };
+  const init: RequestInit = { method, headers };
+  if (body !== undefined) {
+    init.body = JSON.stringify(body);
+  }
+  return new Request(url, init);
+}
+// ---------------------------------------------------------------------------
+// Tests
+// ---------------------------------------------------------------------------
+describe("credential route key normalization", () => {
+  it("normalizes colon-separated key on POST (set)", async () => {
+    const { deps, store } = makeDeps();
+    const req = makeRequest(
+      "POST",
+      "/v1/credentials/vellum%3Aplatform_organization_id",
+      { value: "org-uuid-123" },
+    );
+    const res = await handleCredentialRoute(req, deps);
+    expect(res).not.toBeNull();
+    expect(res!.status).toBe(200);
+    const body = await res!.json();
+    expect(body.ok).toBe(true);
+    expect(body.account).toBe("credential/vellum/platform_organization_id");
+    // Verify it was stored under the normalized key
+    expect(store.get("credential/vellum/platform_organization_id")).toBe("org-uuid-123");
+    expect(store.has("vellum:platform_organization_id")).toBe(false);
+  });
+  it("normalizes colon-separated key on GET", async () => {
+    const { deps, store } = makeDeps();
+    store.set("credential/vellum/platform_user_id", "user-uuid-456");
+    const req = makeRequest(
+      "GET",
+      "/v1/credentials/vellum%3Aplatform_user_id",
+    );
+    const res = await handleCredentialRoute(req, deps);
+    expect(res).not.toBeNull();
+    expect(res!.status).toBe(200);
+    const body = await res!.json();
+    expect(body.value).toBe("user-uuid-456");
+  });
+  it("normalizes colon-separated key on DELETE", async () => {
+    const { deps, store } = makeDeps();
+    store.set("credential/vellum/temp_cred", "temp-value");
+    const req = makeRequest(
+      "DELETE",
+      "/v1/credentials/vellum%3Atemp_cred",
+    );
+    const res = await handleCredentialRoute(req, deps);
+    expect(res).not.toBeNull();
+    expect(res!.status).toBe(200);
+    expect(store.has("credential/vellum/temp_cred")).toBe(false);
+  });
+  it("passes through keys already in credential/ format", async () => {
+    const { deps, store } = makeDeps();
+    const req = makeRequest(
+      "POST",
+      "/v1/credentials/credential%2Fvellum%2Fassistant_api_key",
+      { value: "api-key-789" },
+    );
+    const res = await handleCredentialRoute(req, deps);
+    expect(res).not.toBeNull();
+    expect(res!.status).toBe(200);
+    expect(store.get("credential/vellum/assistant_api_key")).toBe("api-key-789");
+  });
+  it("passes through oauth/ prefixed keys", async () => {
+    const { deps, store } = makeDeps();
+    const req = makeRequest(
+      "POST",
+      "/v1/credentials/oauth%2Fconnection%2Faccess_token",
+      { value: "token-abc" },
+    );
+    const res = await handleCredentialRoute(req, deps);
+    expect(res).not.toBeNull();
+    expect(res!.status).toBe(200);
+    expect(store.get("oauth/connection/access_token")).toBe("token-abc");
+  });
+  it("normalizes colon-separated keys in bulk set", async () => {
+    const { deps, store } = makeDeps();
+    const req = makeRequest("POST", "/v1/credentials/bulk", {
+      credentials: [
+        { account: "vellum:platform_organization_id", value: "org-1" },
+        { account: "vellum:platform_user_id", value: "user-1" },
+        { account: "credential/vellum/assistant_api_key", value: "key-1" },
+      ],
+    });
+    const res = await handleCredentialRoute(req, deps);
+    expect(res).not.toBeNull();
+    expect(res!.status).toBe(200);
+    const body = await res!.json();
+    expect(body.results).toHaveLength(3);
+    expect(body.results[0].account).toBe("credential/vellum/platform_organization_id");
+    expect(body.results[1].account).toBe("credential/vellum/platform_user_id");
+    expect(body.results[2].account).toBe("credential/vellum/assistant_api_key");
+    expect(store.get("credential/vellum/platform_organization_id")).toBe("org-1");
+    expect(store.get("credential/vellum/platform_user_id")).toBe("user-1");
+    expect(store.get("credential/vellum/assistant_api_key")).toBe("key-1");
+  });
+  it("splits multi-colon keys at the last colon", async () => {
+    const { deps, store } = makeDeps();
+    const req = makeRequest(
+      "POST",
+      "/v1/credentials/integration%3Agoogle%3Aaccess_token",
+      { value: "google-token" },
+    );
+    const res = await handleCredentialRoute(req, deps);
+    expect(res).not.toBeNull();
+    expect(res!.status).toBe(200);
+    const body = await res!.json();
+    // "integration:google:access_token" splits at last colon →
+    // service="integration:google", field="access_token"
+    expect(body.account).toBe("credential/integration:google/access_token");
+    expect(store.get("credential/integration:google/access_token")).toBe("google-token");
+  });
+  it("returns normalized key in response body", async () => {
+    const { deps } = makeDeps();
+    const req = makeRequest(
+      "POST",
+      "/v1/credentials/slack_channel%3Abot_token",
+      { value: "xoxb-test" },
+    );
+    const res = await handleCredentialRoute(req, deps);
+    const body = await res!.json();
+    expect(body.account).toBe("credential/slack_channel/bot_token");
+  });
+});

package/src/http/audit.ts CHANGED Viewed

@@ -15,7 +15,7 @@
 import { randomUUID } from "node:crypto";
-import type { AuditRecordSummary } from "@vellumai/ces-contracts";
+import type { AuditRecordSummary } from "@vellumai/service-contracts/credential-rpc";
 import { derivePathTemplate } from "./path-template.js";
 // ---------------------------------------------------------------------------