@vizamodo/runtime-primitives 1.1.10 → 1.1.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/dist/github/put-secret.d.ts +1 -1
  2. package/dist/github/put-secret.js +7 -3
  3. package/dist/github/put-secrets.js +1 -1
  4. package/package.json +2 -2
package/dist/github/put-secret.d.ts CHANGED
@@ -1,6 +1,6 @@
1
1
  export declare function base64ToBytes(b64: string): Uint8Array;
2
2
  export declare function bytesToBase64(bytes: Uint8Array): string;
3
- export declare function encryptSecret(recipientPub: Uint8Array, secret: string): string;
3
+ export declare function encryptSecret(recipientPub: string | Uint8Array, secret: string): Promise<string>;
4
4
  export declare function getPublicKey(repo: string, environment: string, headers: Record<string, string>): Promise<{
5
5
  key_id: string;
6
6
  key: string;
package/dist/github/put-secret.js CHANGED
@@ -1,4 +1,4 @@
1
- import sealedbox from "tweetnacl-sealedbox-js";
1
+ import sodium from "libsodium-wrappers";
2
2
  import { repoUrl } from "./github-env";
3
3
  // ─────────────────────────────────────────────
4
4
  // Crypto
@@ -18,9 +18,13 @@ export function bytesToBase64(bytes) {
18
18
  }
19
19
  return btoa(parts.join(""));
20
20
  }
21
- export function encryptSecret(recipientPub, secret) {
21
+ export async function encryptSecret(recipientPub, secret) {
22
+ await sodium.ready;
23
+ // Chuyển đổi public key từ string (base64) sang Uint8Array nếu cần
24
+ const bkey = typeof recipientPub === "string" ? base64ToBytes(recipientPub) : recipientPub;
22
25
  const messageBytes = new TextEncoder().encode(secret);
23
- const sealed = sealedbox.seal(messageBytes, recipientPub);
26
+ // Thực hiện hóa
27
+ const sealed = sodium.crypto_box_seal(messageBytes, bkey);
24
28
  return bytesToBase64(sealed);
25
29
  }
26
30
  // ─────────────────────────────────────────────
package/dist/github/put-secrets.js CHANGED
@@ -17,7 +17,7 @@ export async function putGithubSecretsParallel(repo, environment, secrets, heade
17
17
  for (let i = 0; i < entries.length; i += concurrency) {
18
18
  const batch = entries.slice(i, i + concurrency);
19
19
  await Promise.all(batch.map(async ([name, plaintext]) => {
20
- const encryptedValue = encryptSecret(recipientPub, plaintext);
20
+ const encryptedValue = await encryptSecret(recipientPub, plaintext);
21
21
  await putSecret(repo, environment, name, encryptedValue, key_id, headers);
22
22
  }));
23
23
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@vizamodo/runtime-primitives",
3
- "version": "1.1.10",
3
+ "version": "1.1.11",
4
4
  "description": "Edge-compatible runtime primitives for AWS, GitHub, crypto, and caching used across Viza services",
5
5
  "type": "module",
6
6
  "main": "dist/index.js",
@@ -25,7 +25,7 @@
25
25
  "dependencies": {
26
26
  "@vizamodo/aws-runtime-core": "^0.4.38",
27
27
  "age-encryption": "^0.3.0",
28
- "tweetnacl-sealedbox-js": "^1.2.0"
28
+ "libsodium-wrappers": "^0.8.3"
29
29
  },
30
30
  "devDependencies": {
31
31
  "@types/node": "^25.6.0",