@zintrust/core 1.8.5 → 2.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +12 -6
- package/src/cache/drivers/KVRemoteDriver.d.ts.map +1 -1
- package/src/cache/drivers/KVRemoteDriver.js +1 -1
- package/src/cli/cloudflare/CloudflareSecretSync.d.ts +10 -4
- package/src/cli/cloudflare/CloudflareSecretSync.d.ts.map +1 -1
- package/src/cli/cloudflare/CloudflareSecretSync.js +133 -23
- package/src/cli/commands/PutCommand.d.ts.map +1 -1
- package/src/cli/commands/PutCommand.js +26 -14
- package/src/cli/commands/WranglerProxyCommandUtils.d.ts.map +1 -1
- package/src/cli/commands/WranglerProxyCommandUtils.js +21 -1
- package/src/cli/d1/WranglerConfig.d.ts +1 -0
- package/src/cli/d1/WranglerConfig.d.ts.map +1 -1
- package/src/cli/d1/WranglerConfig.js +1 -1
- package/src/cli/d1/WranglerD1.d.ts.map +1 -1
- package/src/cli/d1/WranglerD1.js +1 -0
- package/src/cli/utils/EnvFileLoader.d.ts +1 -0
- package/src/cli/utils/EnvFileLoader.d.ts.map +1 -1
- package/src/cli/utils/EnvFileLoader.js +4 -0
- package/src/index.js +3 -3
- package/src/orm/adapters/D1RemoteAdapter.d.ts.map +1 -1
- package/src/orm/adapters/D1RemoteAdapter.js +1 -1
- package/src/orm/adapters/SqlProxyHttpAdapterShared.js +1 -1
- package/src/proxy/smtp/SmtpProxyServer.d.ts.map +1 -1
- package/src/proxy/smtp/SmtpProxyServer.js +1 -1
- package/src/security/JwtSessions.d.ts.map +1 -1
- package/src/security/JwtSessions.js +1 -1
- package/src/security/TokenRevocation.d.ts.map +1 -1
- package/src/security/TokenRevocation.js +1 -1
- package/src/tools/mail/MailMessage.d.ts.map +1 -1
- package/src/tools/mail/MailMessage.js +15 -1
- package/src/tools/mail/drivers/Cloudflare.d.ts.map +1 -1
- package/src/tools/mail/drivers/Cloudflare.js +8 -1
- package/src/tools/mail/drivers/Smtp.d.ts.map +1 -1
- package/src/tools/mail/drivers/Smtp.js +1 -1
- package/src/zintrust.plugins.d.ts +3 -6
- package/src/zintrust.plugins.d.ts.map +1 -1
- package/src/zintrust.plugins.js +3 -6
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@zintrust/core",
|
|
3
|
-
"version": "
|
|
3
|
+
"version": "2.0.0",
|
|
4
4
|
"description": "Production-grade TypeScript backend framework for JavaScript",
|
|
5
5
|
"homepage": "https://zintrust.com",
|
|
6
6
|
"repository": {
|
|
@@ -59,14 +59,14 @@
|
|
|
59
59
|
"dependencies": {
|
|
60
60
|
"@cloudflare/containers": "^0.3.4",
|
|
61
61
|
"bcryptjs": "^3.0.3",
|
|
62
|
-
"bullmq": "^5.76.
|
|
62
|
+
"bullmq": "^5.76.10",
|
|
63
63
|
"chalk": "^5.6.2",
|
|
64
64
|
"commander": "^14.0.3",
|
|
65
65
|
"inquirer": "^13.4.3",
|
|
66
66
|
"jsonwebtoken": "^9.0.3",
|
|
67
67
|
"mysql2": "^3.22.3",
|
|
68
|
-
"pg": "^8.
|
|
69
|
-
"tsx": "^4.22.
|
|
68
|
+
"pg": "^8.21.0",
|
|
69
|
+
"tsx": "^4.22.3"
|
|
70
70
|
},
|
|
71
71
|
"overrides": {
|
|
72
72
|
"ajv": "^8.18.0",
|
|
@@ -76,8 +76,8 @@
|
|
|
76
76
|
"@tootallnate/once": "3.0.1",
|
|
77
77
|
"node-forge": "^1.4.0",
|
|
78
78
|
"fast-uri": "3.1.2",
|
|
79
|
-
"fast-xml-builder": "1.2.0",
|
|
80
79
|
"fast-xml-parser": "5.8.0",
|
|
80
|
+
"protobufjs": "7.5.9",
|
|
81
81
|
"brace-expansion": "^5.0.5",
|
|
82
82
|
"picomatch": "^4.0.4",
|
|
83
83
|
"cross-spawn": "^7.0.5",
|
|
@@ -99,7 +99,13 @@
|
|
|
99
99
|
"http-proxy-agent": "7.0.2",
|
|
100
100
|
"retry-request": "8.0.2",
|
|
101
101
|
"gaxios": "7.1.4",
|
|
102
|
-
"teeny-request": "10.1.2"
|
|
102
|
+
"teeny-request": "10.1.2",
|
|
103
|
+
"braces": "^3.0.3",
|
|
104
|
+
"lodash": "^4.17.21",
|
|
105
|
+
"semver": "^7.6.3",
|
|
106
|
+
"tmp": "^0.2.4",
|
|
107
|
+
"ws": "^8.20.0",
|
|
108
|
+
"micromatch": "^4.0.8"
|
|
103
109
|
},
|
|
104
110
|
"bin": {
|
|
105
111
|
"zintrust": "bin/zintrust.js",
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"KVRemoteDriver.d.ts","sourceRoot":"","sources":["../../../../src/cache/drivers/KVRemoteDriver.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;
|
|
1
|
+
{"version":3,"file":"KVRemoteDriver.d.ts","sourceRoot":"","sources":["../../../../src/cache/drivers/KVRemoteDriver.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AAmZtD,eAAO,MAAM,cAAc;kBAvEM,WAAW;EAyE1C,CAAC;AAEH,eAAe,cAAc,CAAC"}
|
|
@@ -99,7 +99,7 @@ const createRemoteSettings = (settings) => ({
|
|
|
99
99
|
timeoutMs: settings.timeoutMs,
|
|
100
100
|
signaturePathPrefixToStrip: resolveSigningPrefix(settings.baseUrl),
|
|
101
101
|
missingUrlMessage: 'KV remote proxy URL is missing (KV_REMOTE_URL)',
|
|
102
|
-
missingCredentialsMessage:
|
|
102
|
+
missingCredentialsMessage: `KV remote signing credentials are missing (${['KV_REMOTE', 'KEY_ID'].join('_')} / ${['KV_REMOTE', 'SECRET'].join('_')})`,
|
|
103
103
|
messages: {
|
|
104
104
|
unauthorized: 'KV remote proxy unauthorized',
|
|
105
105
|
forbidden: 'KV remote proxy forbidden',
|
|
@@ -15,20 +15,26 @@ type CloudflareSecretSyncArgs = {
|
|
|
15
15
|
envPath: string;
|
|
16
16
|
dryRun?: boolean;
|
|
17
17
|
configGroups?: string[];
|
|
18
|
+
directKeys?: string[];
|
|
19
|
+
inlineValues?: Record<string, string>;
|
|
18
20
|
configPath?: string;
|
|
19
21
|
target?: string;
|
|
22
|
+
bulk?: boolean;
|
|
20
23
|
requireSelection?: boolean;
|
|
21
24
|
};
|
|
22
25
|
export type CloudflareSecretSyncResult = {
|
|
23
26
|
pushed: number;
|
|
27
|
+
pushedKeys: string[];
|
|
28
|
+
skippedEmptyKeys: string[];
|
|
24
29
|
failures: CloudflareSecretSyncFailure[];
|
|
25
30
|
selectedKeys: string[];
|
|
26
31
|
};
|
|
27
|
-
export declare const
|
|
28
|
-
export declare const
|
|
32
|
+
export declare const uniq: (items: string[]) => string[];
|
|
33
|
+
export declare const reportCloudflareSecretSync: (log: CloudflareSecretLog, result: Pick<CloudflareSecretSyncResult, "pushed" | "skippedEmptyKeys" | "failures">) => void;
|
|
34
|
+
export declare const syncCloudflareSecrets: ({ log, cwd, wranglerEnvs, envPath, dryRun, configGroups, directKeys, inlineValues, configPath, target, bulk, requireSelection, }: CloudflareSecretSyncArgs) => Promise<CloudflareSecretSyncResult>;
|
|
29
35
|
declare const _default: Readonly<{
|
|
30
|
-
syncCloudflareSecrets: ({ log, cwd, wranglerEnvs, envPath, dryRun, configGroups, configPath, target, requireSelection, }: CloudflareSecretSyncArgs) => Promise<CloudflareSecretSyncResult>;
|
|
31
|
-
reportCloudflareSecretSync: (log: CloudflareSecretLog, result: Pick<CloudflareSecretSyncResult, "pushed" | "failures">) => void;
|
|
36
|
+
syncCloudflareSecrets: ({ log, cwd, wranglerEnvs, envPath, dryRun, configGroups, directKeys, inlineValues, configPath, target, bulk, requireSelection, }: CloudflareSecretSyncArgs) => Promise<CloudflareSecretSyncResult>;
|
|
37
|
+
reportCloudflareSecretSync: (log: CloudflareSecretLog, result: Pick<CloudflareSecretSyncResult, "pushed" | "skippedEmptyKeys" | "failures">) => void;
|
|
32
38
|
}>;
|
|
33
39
|
export default _default;
|
|
34
40
|
//# sourceMappingURL=CloudflareSecretSync.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"CloudflareSecretSync.d.ts","sourceRoot":"","sources":["../../../../src/cli/cloudflare/CloudflareSecretSync.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"CloudflareSecretSync.d.ts","sourceRoot":"","sources":["../../../../src/cli/cloudflare/CloudflareSecretSync.ts"],"names":[],"mappings":"AAaA,KAAK,mBAAmB,GAAG;IACzB,IAAI,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,IAAI,CAAC;IAChC,IAAI,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,IAAI,CAAC;IAChC,OAAO,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,IAAI,CAAC;CACrC,CAAC;AAEF,MAAM,MAAM,2BAA2B,GAAG;IACxC,WAAW,EAAE,MAAM,CAAC;IACpB,GAAG,EAAE,MAAM,CAAC;IACZ,MAAM,EAAE,MAAM,CAAC;CAChB,CAAC;AAcF,KAAK,wBAAwB,GAAG;IAC9B,GAAG,EAAE,mBAAmB,CAAC;IACzB,GAAG,EAAE,MAAM,CAAC;IACZ,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,YAAY,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACtC,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,gBAAgB,CAAC,EAAE,OAAO,CAAC;CAC5B,CAAC;AAEF,MAAM,MAAM,0BAA0B,GAAG;IACvC,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B,QAAQ,EAAE,2BAA2B,EAAE,CAAC;IACxC,YAAY,EAAE,MAAM,EAAE,CAAC;CACxB,CAAC;AASF,eAAO,MAAM,IAAI,GAAI,OAAO,MAAM,EAAE,KAAG,MAAM,EAY5C,CAAC;AAwSF,eAAO,MAAM,0BAA0B,GACrC,KAAK,mBAAmB,EACxB,QAAQ,IAAI,CAAC,0BAA0B,EAAE,QAAQ,GAAG,kBAAkB,GAAG,UAAU,CAAC,KACnF,IAcF,CAAC;AAEF,eAAO,MAAM,qBAAqB,GAAU,kIAazC,wBAAwB,KAAG,OAAO,CAAC,0BAA0B,CAiD/D,CAAC;;8JAjDC,wBAAwB,KAAG,OAAO,CAAC,0BAA0B,CAAC;sCA/B1D,mBAAmB,UAChB,IAAI,CAAC,0BAA0B,EAAE,QAAQ,GAAG,kBAAkB,GAAG,UAAU,CAAC,KACnF,IAAI;;AAgFP,wBAGG"}
|
|
@@ -3,10 +3,11 @@ import { resolveNpmPath } from '../../common/index.js';
|
|
|
3
3
|
import { appConfig } from '../../config/app.js';
|
|
4
4
|
import { ErrorFactory } from '../../exceptions/ZintrustError.js';
|
|
5
5
|
import { execFileSync } from '../../node-singletons/child-process.js';
|
|
6
|
-
import { existsSync } from '../../node-singletons/fs.js';
|
|
6
|
+
import { existsSync, mkdtempSync, rmSync, writeFileSync } from '../../node-singletons/fs.js';
|
|
7
|
+
import { tmpdir } from '../../node-singletons/os.js';
|
|
7
8
|
import * as path from '../../node-singletons/path.js';
|
|
8
9
|
import { EnvFile } from '../../toolkit/Secrets/EnvFile.js';
|
|
9
|
-
const uniq = (items) => {
|
|
10
|
+
export const uniq = (items) => {
|
|
10
11
|
const seen = new Set();
|
|
11
12
|
const out = [];
|
|
12
13
|
for (const item of items) {
|
|
@@ -18,6 +19,19 @@ const uniq = (items) => {
|
|
|
18
19
|
}
|
|
19
20
|
return out;
|
|
20
21
|
};
|
|
22
|
+
const createSyncProgress = () => {
|
|
23
|
+
return {
|
|
24
|
+
pushed: 0,
|
|
25
|
+
pushedKeys: [],
|
|
26
|
+
skippedEmptyKeys: [],
|
|
27
|
+
failures: [],
|
|
28
|
+
};
|
|
29
|
+
};
|
|
30
|
+
const forEachWranglerEnv = (wranglerEnvs, callback) => {
|
|
31
|
+
for (const wranglerEnv of wranglerEnvs) {
|
|
32
|
+
callback(wranglerEnv, describeWranglerEnv(wranglerEnv));
|
|
33
|
+
}
|
|
34
|
+
};
|
|
21
35
|
const getConfigArray = (config, key) => {
|
|
22
36
|
const raw = config[key];
|
|
23
37
|
if (!Array.isArray(raw))
|
|
@@ -29,6 +43,12 @@ const resolveValue = (key, envMap) => {
|
|
|
29
43
|
const fromProcess = process.env[key];
|
|
30
44
|
return fromFile ?? fromProcess ?? '';
|
|
31
45
|
};
|
|
46
|
+
const resolveValueWithOverrides = (key, envMap, inlineValues) => {
|
|
47
|
+
const inlineValue = inlineValues[key];
|
|
48
|
+
if (typeof inlineValue === 'string')
|
|
49
|
+
return inlineValue;
|
|
50
|
+
return resolveValue(key, envMap);
|
|
51
|
+
};
|
|
32
52
|
const getPutTimeoutMs = () => {
|
|
33
53
|
const raw = process.env['ZT_PUT_TIMEOUT_MS'];
|
|
34
54
|
if (typeof raw !== 'string')
|
|
@@ -38,13 +58,20 @@ const getPutTimeoutMs = () => {
|
|
|
38
58
|
return 120000;
|
|
39
59
|
return parsed;
|
|
40
60
|
};
|
|
61
|
+
const describeWranglerEnv = (wranglerEnv) => wranglerEnv.trim() === '' ? 'top-level worker' : wranglerEnv;
|
|
41
62
|
const putSecret = (wranglerEnv, key, value, configPath) => {
|
|
42
63
|
const npmPath = resolveNpmPath();
|
|
43
64
|
const args = ['exec', '--yes', '--', 'wrangler'];
|
|
44
65
|
if (typeof configPath === 'string' && configPath.trim() !== '') {
|
|
45
66
|
args.push('--config', configPath.trim());
|
|
46
67
|
}
|
|
47
|
-
args.push('secret', 'put', key
|
|
68
|
+
args.push('secret', 'put', key);
|
|
69
|
+
if (wranglerEnv.trim() === '') {
|
|
70
|
+
args.push('--env=');
|
|
71
|
+
}
|
|
72
|
+
else {
|
|
73
|
+
args.push('--env', wranglerEnv);
|
|
74
|
+
}
|
|
48
75
|
execFileSync(npmPath, args, {
|
|
49
76
|
stdio: ['pipe', 'inherit', 'inherit'],
|
|
50
77
|
input: value,
|
|
@@ -54,8 +81,33 @@ const putSecret = (wranglerEnv, key, value, configPath) => {
|
|
|
54
81
|
env: appConfig.getSafeEnv(),
|
|
55
82
|
});
|
|
56
83
|
};
|
|
84
|
+
const putSecretBulk = (wranglerEnv, payloadPath, configPath) => {
|
|
85
|
+
const npmPath = resolveNpmPath();
|
|
86
|
+
const args = ['exec', '--yes', '--', 'wrangler'];
|
|
87
|
+
if (typeof configPath === 'string' && configPath.trim() !== '') {
|
|
88
|
+
args.push('--config', configPath.trim());
|
|
89
|
+
}
|
|
90
|
+
args.push('secret', 'bulk', payloadPath);
|
|
91
|
+
if (wranglerEnv.trim() === '') {
|
|
92
|
+
args.push('--env=');
|
|
93
|
+
}
|
|
94
|
+
else {
|
|
95
|
+
args.push('--env', wranglerEnv);
|
|
96
|
+
}
|
|
97
|
+
execFileSync(npmPath, args, {
|
|
98
|
+
stdio: ['ignore', 'inherit', 'inherit'],
|
|
99
|
+
encoding: 'utf8',
|
|
100
|
+
timeout: getPutTimeoutMs(),
|
|
101
|
+
killSignal: 'SIGTERM',
|
|
102
|
+
env: appConfig.getSafeEnv(),
|
|
103
|
+
});
|
|
104
|
+
};
|
|
57
105
|
const getFailureReason = (error) => error instanceof Error ? error.message : String(error);
|
|
58
|
-
const resolveSelectedKeys = ({ log, config, cwd, wranglerEnvs, configGroups = [], configPath, target, requireSelection, }) => {
|
|
106
|
+
const resolveSelectedKeys = ({ log, config, cwd, wranglerEnvs, configGroups = [], directKeys = [], configPath, target, requireSelection, }) => {
|
|
107
|
+
const selectedDirectKeys = uniq(directKeys);
|
|
108
|
+
if (selectedDirectKeys.length > 0) {
|
|
109
|
+
return selectedDirectKeys;
|
|
110
|
+
}
|
|
59
111
|
const explicitKeys = uniq(configGroups.flatMap((groupKey) => {
|
|
60
112
|
const keys = getConfigArray(config, groupKey);
|
|
61
113
|
if (keys.length === 0) {
|
|
@@ -76,46 +128,101 @@ const resolveSelectedKeys = ({ log, config, cwd, wranglerEnvs, configGroups = []
|
|
|
76
128
|
return selectedKeys;
|
|
77
129
|
}
|
|
78
130
|
throw ErrorFactory.createCliError(configGroups.length === 0
|
|
79
|
-
? 'No secret keys resolved from .zintrust.json cloudflare.shared_env/cloudflare.targets/cloudflare.wrangler_envs. Use --var <group
|
|
131
|
+
? 'No secret keys resolved from explicit keys or .zintrust.json cloudflare.shared_env/cloudflare.targets/cloudflare.wrangler_envs. Use --key/--keys, --var <group>, or add a Cloudflare env manifest.'
|
|
80
132
|
: 'No secret keys resolved from selected groups.');
|
|
81
133
|
};
|
|
82
|
-
const
|
|
83
|
-
|
|
84
|
-
const
|
|
85
|
-
|
|
134
|
+
const resolveBulkPayload = (log, wranglerEnv, selectedKeys, envMap, inlineValues) => {
|
|
135
|
+
const payload = {};
|
|
136
|
+
const includedKeys = [];
|
|
137
|
+
const skippedEmptyKeys = [];
|
|
138
|
+
const wranglerEnvLabel = describeWranglerEnv(wranglerEnv);
|
|
139
|
+
for (const key of selectedKeys) {
|
|
140
|
+
const value = resolveValueWithOverrides(key, envMap, inlineValues);
|
|
141
|
+
if (value.trim() === '') {
|
|
142
|
+
log.warn(`skip ${key} -> ${wranglerEnvLabel}: empty value`);
|
|
143
|
+
skippedEmptyKeys.push(key);
|
|
144
|
+
continue;
|
|
145
|
+
}
|
|
146
|
+
payload[key] = value;
|
|
147
|
+
includedKeys.push(key);
|
|
148
|
+
}
|
|
149
|
+
return { payload, includedKeys, skippedEmptyKeys };
|
|
150
|
+
};
|
|
151
|
+
const processSecretSync = (log, wranglerEnvs, selectedKeys, envMap, dryRun, configPath, inlineValues) => {
|
|
152
|
+
const progress = createSyncProgress();
|
|
153
|
+
forEachWranglerEnv(wranglerEnvs, (wranglerEnv, wranglerEnvLabel) => {
|
|
86
154
|
for (const key of selectedKeys) {
|
|
87
|
-
const value =
|
|
155
|
+
const value = resolveValueWithOverrides(key, envMap, inlineValues);
|
|
88
156
|
if (value.trim() === '') {
|
|
89
|
-
|
|
157
|
+
log.warn(`skip ${key} -> ${wranglerEnvLabel}: empty value`);
|
|
158
|
+
progress.skippedEmptyKeys.push(key);
|
|
90
159
|
continue;
|
|
91
160
|
}
|
|
92
161
|
try {
|
|
93
162
|
if (!dryRun) {
|
|
94
|
-
log.info(`putting ${key} -> ${
|
|
163
|
+
log.info(`putting ${key} -> ${wranglerEnvLabel}...`);
|
|
95
164
|
putSecret(wranglerEnv, key, value, configPath);
|
|
96
165
|
}
|
|
97
|
-
pushed += 1;
|
|
98
|
-
|
|
166
|
+
progress.pushed += 1;
|
|
167
|
+
progress.pushedKeys.push(key);
|
|
168
|
+
log.info(`${dryRun ? '[dry-run] ' : ''}put ${key} -> ${wranglerEnvLabel}`);
|
|
99
169
|
}
|
|
100
170
|
catch (error) {
|
|
101
|
-
failures.push({ wranglerEnv, key, reason: getFailureReason(error) });
|
|
171
|
+
progress.failures.push({ wranglerEnv, key, reason: getFailureReason(error) });
|
|
102
172
|
}
|
|
103
173
|
}
|
|
104
|
-
}
|
|
105
|
-
return
|
|
174
|
+
});
|
|
175
|
+
return progress;
|
|
176
|
+
};
|
|
177
|
+
const processSecretBulkSync = (log, wranglerEnvs, selectedKeys, envMap, dryRun, configPath, inlineValues) => {
|
|
178
|
+
const progress = createSyncProgress();
|
|
179
|
+
forEachWranglerEnv(wranglerEnvs, (wranglerEnv, wranglerEnvLabel) => {
|
|
180
|
+
const { payload, includedKeys, skippedEmptyKeys: skippedForEnv, } = resolveBulkPayload(log, wranglerEnv, selectedKeys, envMap, inlineValues);
|
|
181
|
+
progress.skippedEmptyKeys.push(...skippedForEnv);
|
|
182
|
+
if (includedKeys.length === 0) {
|
|
183
|
+
log.info(`skip bulk upload -> ${wranglerEnvLabel}: no non-empty keys`);
|
|
184
|
+
return;
|
|
185
|
+
}
|
|
186
|
+
log.info(`${dryRun ? '[dry-run] ' : ''}bulk keys -> ${wranglerEnvLabel}: ${includedKeys.join(', ')}`);
|
|
187
|
+
if (dryRun) {
|
|
188
|
+
progress.pushed += includedKeys.length;
|
|
189
|
+
progress.pushedKeys.push(...includedKeys);
|
|
190
|
+
return;
|
|
191
|
+
}
|
|
192
|
+
const tempDir = mkdtempSync(path.join(tmpdir(), 'zintrust-cloudflare-secret-bulk-'));
|
|
193
|
+
const payloadPath = path.join(tempDir, 'secrets.json');
|
|
194
|
+
try {
|
|
195
|
+
writeFileSync(payloadPath, JSON.stringify(payload, null, 2), 'utf8');
|
|
196
|
+
log.info(`bulk uploading ${includedKeys.length} key(s) -> ${wranglerEnvLabel}...`);
|
|
197
|
+
putSecretBulk(wranglerEnv, payloadPath, configPath);
|
|
198
|
+
progress.pushed += includedKeys.length;
|
|
199
|
+
progress.pushedKeys.push(...includedKeys);
|
|
200
|
+
log.info(`bulk put ${includedKeys.length} key(s) -> ${wranglerEnvLabel}`);
|
|
201
|
+
}
|
|
202
|
+
catch (error) {
|
|
203
|
+
const reason = getFailureReason(error);
|
|
204
|
+
for (const key of includedKeys) {
|
|
205
|
+
progress.failures.push({ wranglerEnv, key, reason });
|
|
206
|
+
}
|
|
207
|
+
}
|
|
208
|
+
finally {
|
|
209
|
+
rmSync(tempDir, { recursive: true, force: true });
|
|
210
|
+
}
|
|
211
|
+
});
|
|
212
|
+
return progress;
|
|
106
213
|
};
|
|
107
214
|
export const reportCloudflareSecretSync = (log, result) => {
|
|
108
215
|
if (typeof log.success === 'function') {
|
|
109
|
-
log.success(`Cloudflare secrets report: pushed=${result.pushed}, failed=${result.failures.length}`);
|
|
216
|
+
log.success(`Cloudflare secrets report: pushed=${result.pushed}, skipped_empty=${result.skippedEmptyKeys.length}, failed=${result.failures.length}`);
|
|
110
217
|
}
|
|
111
218
|
else {
|
|
112
|
-
log.info(`Cloudflare secrets report: pushed=${result.pushed}, failed=${result.failures.length}`);
|
|
219
|
+
log.info(`Cloudflare secrets report: pushed=${result.pushed}, skipped_empty=${result.skippedEmptyKeys.length}, failed=${result.failures.length}`);
|
|
113
220
|
}
|
|
114
221
|
for (const item of result.failures) {
|
|
115
|
-
log.warn(`${item.key} -> ${item.wranglerEnv}: ${item.reason}`);
|
|
222
|
+
log.warn(`${item.key} -> ${describeWranglerEnv(item.wranglerEnv)}: ${item.reason}`);
|
|
116
223
|
}
|
|
117
224
|
};
|
|
118
|
-
export const syncCloudflareSecrets = async ({ log, cwd, wranglerEnvs, envPath, dryRun = false, configGroups = [], configPath, target, requireSelection = true, }) => {
|
|
225
|
+
export const syncCloudflareSecrets = async ({ log, cwd, wranglerEnvs, envPath, dryRun = false, configGroups = [], directKeys = [], inlineValues = {}, configPath, target, bulk = false, requireSelection = true, }) => {
|
|
119
226
|
const normalizedConfigPath = typeof configPath === 'string' && configPath.trim() !== '' ? configPath.trim() : undefined;
|
|
120
227
|
if (normalizedConfigPath !== undefined && !existsSync(path.join(cwd, normalizedConfigPath))) {
|
|
121
228
|
throw ErrorFactory.createCliError(`Wrangler config not found: ${normalizedConfigPath}`);
|
|
@@ -127,15 +234,18 @@ export const syncCloudflareSecrets = async ({ log, cwd, wranglerEnvs, envPath, d
|
|
|
127
234
|
cwd,
|
|
128
235
|
wranglerEnvs,
|
|
129
236
|
configGroups,
|
|
237
|
+
directKeys,
|
|
130
238
|
configPath: normalizedConfigPath,
|
|
131
239
|
target,
|
|
132
240
|
requireSelection,
|
|
133
241
|
});
|
|
134
242
|
if (selectedKeys.length === 0) {
|
|
135
|
-
return { pushed: 0, failures: [], selectedKeys: [] };
|
|
243
|
+
return { pushed: 0, pushedKeys: [], skippedEmptyKeys: [], failures: [], selectedKeys: [] };
|
|
136
244
|
}
|
|
137
245
|
const envMap = await EnvFile.read({ cwd, path: envPath });
|
|
138
|
-
const syncResult =
|
|
246
|
+
const syncResult = bulk
|
|
247
|
+
? processSecretBulkSync(log, wranglerEnvs, selectedKeys, envMap, dryRun, normalizedConfigPath, inlineValues)
|
|
248
|
+
: processSecretSync(log, wranglerEnvs, selectedKeys, envMap, dryRun, normalizedConfigPath, inlineValues);
|
|
139
249
|
return {
|
|
140
250
|
...syncResult,
|
|
141
251
|
selectedKeys,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"PutCommand.d.ts","sourceRoot":"","sources":["../../../../src/cli/commands/PutCommand.ts"],"names":[],"mappings":"AAAA,OAAO,EAAoC,KAAK,YAAY,EAAE,MAAM,kBAAkB,CAAC;
|
|
1
|
+
{"version":3,"file":"PutCommand.d.ts","sourceRoot":"","sources":["../../../../src/cli/commands/PutCommand.ts"],"names":[],"mappings":"AAAA,OAAO,EAAoC,KAAK,YAAY,EAAE,MAAM,kBAAkB,CAAC;AA6GvF,eAAO,MAAM,UAAU;cACX,YAAY;EAWtB,CAAC;AAEH,eAAe,UAAU,CAAC"}
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { BaseCommand } from '../BaseCommand.js';
|
|
2
|
-
import { reportCloudflareSecretSync, syncCloudflareSecrets, } from '../cloudflare/CloudflareSecretSync.js';
|
|
2
|
+
import { reportCloudflareSecretSync, syncCloudflareSecrets, uniq, } from '../cloudflare/CloudflareSecretSync.js';
|
|
3
3
|
import { ErrorFactory } from '../../exceptions/ZintrustError.js';
|
|
4
4
|
const toStringArray = (value) => {
|
|
5
5
|
if (typeof value === 'string')
|
|
@@ -8,25 +8,28 @@ const toStringArray = (value) => {
|
|
|
8
8
|
return [];
|
|
9
9
|
return value.filter((v) => typeof v === 'string');
|
|
10
10
|
};
|
|
11
|
-
const uniq = (items) => {
|
|
12
|
-
const seen = new Set();
|
|
13
|
-
const out = [];
|
|
14
|
-
for (const item of items) {
|
|
15
|
-
const normalized = item.trim();
|
|
16
|
-
if (normalized === '' || seen.has(normalized))
|
|
17
|
-
continue;
|
|
18
|
-
seen.add(normalized);
|
|
19
|
-
out.push(normalized);
|
|
20
|
-
}
|
|
21
|
-
return out;
|
|
22
|
-
};
|
|
23
11
|
const resolveConfigGroups = (options) => {
|
|
24
12
|
return uniq(toStringArray(options.var));
|
|
25
13
|
};
|
|
14
|
+
const resolveDirectKeys = (options) => {
|
|
15
|
+
return uniq([...toStringArray(options.key), ...toStringArray(options.keys)]);
|
|
16
|
+
};
|
|
17
|
+
const resolveInlineValues = (options) => {
|
|
18
|
+
if (typeof options.value !== 'string')
|
|
19
|
+
return {};
|
|
20
|
+
const directKeys = resolveDirectKeys(options);
|
|
21
|
+
if (directKeys.length === 0) {
|
|
22
|
+
throw ErrorFactory.createCliError('`--value` requires `--key` or `--keys`.');
|
|
23
|
+
}
|
|
24
|
+
if (directKeys.length !== 1) {
|
|
25
|
+
throw ErrorFactory.createCliError('`--value` supports exactly one selected key.');
|
|
26
|
+
}
|
|
27
|
+
return { [directKeys[0]]: options.value };
|
|
28
|
+
};
|
|
26
29
|
const resolveWranglerEnvs = (options) => {
|
|
27
30
|
const requested = uniq(toStringArray(options.wg));
|
|
28
31
|
if (requested.length === 0)
|
|
29
|
-
return ['
|
|
32
|
+
return [''];
|
|
30
33
|
return requested;
|
|
31
34
|
};
|
|
32
35
|
const parseEnvPath = (options) => {
|
|
@@ -40,9 +43,13 @@ const addOptions = (command) => {
|
|
|
40
43
|
.argument('[provider]', 'Secret provider (cloudflare)', 'cloudflare')
|
|
41
44
|
.option('--wg <env...>', 'Wrangler environment target(s), e.g. d1-proxy kv-proxy')
|
|
42
45
|
.option('--var <configKey...>', 'Config array key(s) from .zintrust.json (e.g. d1_env kv_env)')
|
|
46
|
+
.option('--key <name...>', 'Upload selected secret key(s) directly without group expansion')
|
|
47
|
+
.option('--keys <name...>', 'Upload selected secret key(s) from env source without group expansion')
|
|
48
|
+
.option('--value <value>', 'Inline value for a single `--key` upload')
|
|
43
49
|
.option('--target <id>', 'Cloudflare worker target key from .zintrust.json cloudflare.targets')
|
|
44
50
|
.option('--env_path <path>', 'Path to env file used as source values', '.env')
|
|
45
51
|
.option('-c, --config <path>', 'Wrangler config file to target (optional)')
|
|
52
|
+
.option('--bulk', 'Upload the final key set with one wrangler secret bulk call per target')
|
|
46
53
|
.option('--dry-run', 'Show what would be uploaded without calling wrangler');
|
|
47
54
|
};
|
|
48
55
|
const ensureCloudflareProvider = (providerRaw) => {
|
|
@@ -53,6 +60,8 @@ const ensureCloudflareProvider = (providerRaw) => {
|
|
|
53
60
|
const execute = async (cmd, options) => {
|
|
54
61
|
ensureCloudflareProvider(String(options.args?.[0] ?? 'cloudflare'));
|
|
55
62
|
const cwd = process.cwd();
|
|
63
|
+
const directKeys = resolveDirectKeys(options);
|
|
64
|
+
const inlineValues = resolveInlineValues(options);
|
|
56
65
|
const result = await syncCloudflareSecrets({
|
|
57
66
|
log: cmd,
|
|
58
67
|
cwd,
|
|
@@ -60,8 +69,11 @@ const execute = async (cmd, options) => {
|
|
|
60
69
|
envPath: parseEnvPath(options),
|
|
61
70
|
dryRun: options.dryRun === true,
|
|
62
71
|
configGroups: resolveConfigGroups(options),
|
|
72
|
+
directKeys,
|
|
73
|
+
inlineValues,
|
|
63
74
|
configPath: typeof options.config === 'string' ? options.config.trim() : undefined,
|
|
64
75
|
target: typeof options.target === 'string' ? options.target : undefined,
|
|
76
|
+
bulk: options.bulk === true,
|
|
65
77
|
requireSelection: true,
|
|
66
78
|
});
|
|
67
79
|
reportCloudflareSecretSync(cmd, result);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"WranglerProxyCommandUtils.d.ts","sourceRoot":"","sources":["../../../../src/cli/commands/WranglerProxyCommandUtils.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;
|
|
1
|
+
{"version":3,"file":"WranglerProxyCommandUtils.d.ts","sourceRoot":"","sources":["../../../../src/cli/commands/WranglerProxyCommandUtils.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAmBrE,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAEzC,MAAM,MAAM,2BAA2B,GAAG,cAAc,GAAG;IACzD,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,KAAK,CAAC,EAAE,OAAO,CAAC;CACjB,CAAC;AAEF,KAAK,+BAA+B,CAAC,OAAO,EAAE,QAAQ,SAAS,2BAA2B,IAAI;IAC5F,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,eAAe,EAAE,MAAM,CAAC;IACxB,UAAU,EAAE,CAAC,OAAO,EAAE,OAAO,KAAK,IAAI,CAAC;IACvC,aAAa,EAAE,CAAC,OAAO,EAAE,MAAM,GAAG,SAAS,EAAE,OAAO,EAAE,QAAQ,KAAK,OAAO,CAAC;IAC3E,cAAc,EAAE,CAAC,MAAM,EAAE,OAAO,KAAK,MAAM,CAAC;IAC5C,mBAAmB,CAAC,EAAE,CAAC,MAAM,EAAE,OAAO,KAAK,IAAI,CAAC;CACjD,CAAC;AAEF,eAAO,MAAM,2BAA2B,GAAI,SAAS,OAAO,EAAE,eAAe,MAAM,KAAG,IAIrF,CAAC;AA+BF,eAAO,MAAM,0BAA0B,GAAI,OAAO,EAAE,QAAQ,SAAS,2BAA2B,EAC9F,OAAO,+BAA+B,CAAC,OAAO,EAAE,QAAQ,CAAC,KACxD,YA0FF,CAAC"}
|
|
@@ -4,6 +4,7 @@ import { ensureProxyEnvLoadedForCwd, maybeRunProxyWatchMode, parseIntOption, } f
|
|
|
4
4
|
import { ensureProxyEntrypoint, ensureWranglerConfig, renderProxyWranglerDevConfig, resolveConfigPath, } from '../commands/ProxyScaffoldUtils.js';
|
|
5
5
|
import { SpawnUtil } from '../utils/spawn.js';
|
|
6
6
|
import { Logger } from '../../config/logger.js';
|
|
7
|
+
import { isNonEmptyString } from '../../helper/index.js';
|
|
7
8
|
import { mkdirSync, writeFileSync } from '../../node-singletons/fs.js';
|
|
8
9
|
import { dirname, join } from '../../node-singletons/path.js';
|
|
9
10
|
export const addWranglerProxyBaseOptions = (command, defaultConfig) => {
|
|
@@ -14,6 +15,24 @@ export const addWranglerProxyBaseOptions = (command, defaultConfig) => {
|
|
|
14
15
|
const toRootedProxyConfigContent = (content) => {
|
|
15
16
|
return content.replaceAll('": "../../', '": "./');
|
|
16
17
|
};
|
|
18
|
+
const isTruthyFlag = (value) => {
|
|
19
|
+
if (!isNonEmptyString(value))
|
|
20
|
+
return false;
|
|
21
|
+
const normalized = value.trim().toLowerCase();
|
|
22
|
+
return normalized === '1' || normalized === 'true' || normalized === 'yes' || normalized === 'on';
|
|
23
|
+
};
|
|
24
|
+
const createWranglerDevSpawnEnv = (runtimeEnv) => {
|
|
25
|
+
if (isTruthyFlag(runtimeEnv['ZIN_WRANGLER_DEV_KEEP_API_TOKEN'])) {
|
|
26
|
+
return runtimeEnv;
|
|
27
|
+
}
|
|
28
|
+
if (!isNonEmptyString(runtimeEnv['CLOUDFLARE_API_TOKEN'])) {
|
|
29
|
+
return runtimeEnv;
|
|
30
|
+
}
|
|
31
|
+
Logger.warn('Ignoring CLOUDFLARE_API_TOKEN for local wrangler dev. Wrangler 4.92+ blocks interactive OAuth login when that variable is exported. Set ZIN_WRANGLER_DEV_KEEP_API_TOKEN=true to preserve token-based auth.');
|
|
32
|
+
const env = { ...runtimeEnv };
|
|
33
|
+
delete env['CLOUDFLARE_API_TOKEN'];
|
|
34
|
+
return env;
|
|
35
|
+
};
|
|
17
36
|
export const createWranglerProxyCommand = (input) => {
|
|
18
37
|
return BaseCommand.create({
|
|
19
38
|
name: input.name,
|
|
@@ -66,6 +85,7 @@ export const createWranglerProxyCommand = (input) => {
|
|
|
66
85
|
if (port !== undefined) {
|
|
67
86
|
args.push('--port', String(port));
|
|
68
87
|
}
|
|
88
|
+
const wranglerSpawnEnv = createWranglerDevSpawnEnv(process.env);
|
|
69
89
|
const exitCode = await withWranglerDevVarsSnapshot({
|
|
70
90
|
cwd: wranglerDevVarsCwd,
|
|
71
91
|
projectRoot,
|
|
@@ -76,7 +96,7 @@ export const createWranglerProxyCommand = (input) => {
|
|
|
76
96
|
return SpawnUtil.spawnAndWait({
|
|
77
97
|
command: 'wrangler',
|
|
78
98
|
args,
|
|
79
|
-
env:
|
|
99
|
+
env: wranglerSpawnEnv,
|
|
80
100
|
forwardSignals: false,
|
|
81
101
|
});
|
|
82
102
|
});
|
|
@@ -3,6 +3,7 @@ export type WranglerD1DatabaseConfig = {
|
|
|
3
3
|
database_name?: string;
|
|
4
4
|
database_id?: string;
|
|
5
5
|
migrations_dir?: string;
|
|
6
|
+
remote?: boolean;
|
|
6
7
|
};
|
|
7
8
|
export type WranglerD1ResolutionMatch = 'database_name' | 'binding' | 'single-configured';
|
|
8
9
|
export type WranglerD1DatabaseResolution = {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"WranglerConfig.d.ts","sourceRoot":"","sources":["../../../../src/cli/d1/WranglerConfig.ts"],"names":[],"mappings":"AAIA,MAAM,MAAM,wBAAwB,GAAG;IACrC,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,cAAc,CAAC,EAAE,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"WranglerConfig.d.ts","sourceRoot":"","sources":["../../../../src/cli/d1/WranglerConfig.ts"],"names":[],"mappings":"AAIA,MAAM,MAAM,wBAAwB,GAAG;IACrC,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB,CAAC;AAEF,MAAM,MAAM,yBAAyB,GAAG,eAAe,GAAG,SAAS,GAAG,mBAAmB,CAAC;AAE1F,MAAM,MAAM,4BAA4B,GACpC;IACE,MAAM,EAAE,UAAU,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,wBAAwB,CAAC;IACjC,SAAS,EAAE,yBAAyB,CAAC;IACrC,UAAU,EAAE,wBAAwB,EAAE,CAAC;IACvC,OAAO,EAAE,wBAAwB,EAAE,CAAC;CACrC,GACD;IACE,MAAM,EAAE,WAAW,CAAC;IACpB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,eAAe,GAAG,SAAS,GAAG,qBAAqB,CAAC;IAC/D,UAAU,EAAE,wBAAwB,EAAE,CAAC;IACvC,OAAO,EAAE,wBAAwB,EAAE,CAAC;CACrC,GACD;IACE,MAAM,EAAE,SAAS,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,wBAAwB,EAAE,CAAC;IACvC,OAAO,EAAE,wBAAwB,EAAE,CAAC;CACrC,CAAC;AA8TN,eAAO,MAAM,cAAc;gCACG,MAAM,GAAG,wBAAwB,EAAE;+BAIpC,MAAM,WAAW,MAAM,GAAG,wBAAwB,GAAG,SAAS;mCAI1D,MAAM,WAAW,MAAM,GAAG,4BAA4B;sCAInD,MAAM,GAAG,wBAAwB,GAAG,SAAS;0CAIzC,MAAM,GAAG,MAAM,GAAG,SAAS;oCAIjC,MAAM,WAAW,MAAM,GAAG,MAAM;EAIhE,CAAC"}
|
|
@@ -92,7 +92,7 @@ const stripJsonc = (input) => {
|
|
|
92
92
|
const out = [];
|
|
93
93
|
for (let i = 0; i < input.length; i += 1) {
|
|
94
94
|
const ch = input[i] ?? '';
|
|
95
|
-
const next = i + 1 < input.length ? input[i + 1] ?? '' : '';
|
|
95
|
+
const next = i + 1 < input.length ? (input[i + 1] ?? '') : '';
|
|
96
96
|
if (processStripChar(state, ch, next, out))
|
|
97
97
|
continue;
|
|
98
98
|
out.push(ch);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"WranglerD1.d.ts","sourceRoot":"","sources":["../../../../src/cli/d1/WranglerD1.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAErD,KAAK,YAAY,GAAG;IAClB,GAAG,EAAE,YAAY,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,OAAO,CAAC;CAClB,CAAC;AAEF,KAAK,iBAAiB,GAAG;IACvB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,OAAO,CAAC;IACjB,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,CAAC,EAAE,YAAY,CAAC;CACpB,CAAC;AAmBF,eAAO,MAAM,UAAU;0BACC,YAAY,GAAG,MAAM;qBAK1B,iBAAiB,GAAG,MAAM;
|
|
1
|
+
{"version":3,"file":"WranglerD1.d.ts","sourceRoot":"","sources":["../../../../src/cli/d1/WranglerD1.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAErD,KAAK,YAAY,GAAG;IAClB,GAAG,EAAE,YAAY,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,OAAO,CAAC;CAClB,CAAC;AAEF,KAAK,iBAAiB,GAAG;IACvB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,OAAO,CAAC;IACjB,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,CAAC,EAAE,YAAY,CAAC;CACpB,CAAC;AAmBF,eAAO,MAAM,UAAU;0BACC,YAAY,GAAG,MAAM;qBAK1B,iBAAiB,GAAG,MAAM;EAY3C,CAAC"}
|
package/src/cli/d1/WranglerD1.js
CHANGED
|
@@ -22,6 +22,7 @@ export declare const EnvFileLoader: Readonly<{
|
|
|
22
22
|
ensureLoaded: (options?: Omit<LoadOptions, "overrideExisting">) => LoadState;
|
|
23
23
|
applyCliOverrides: (overrides: CliOverrides) => void;
|
|
24
24
|
getState: () => LoadState;
|
|
25
|
+
resetCache: () => void;
|
|
25
26
|
}>;
|
|
26
27
|
export {};
|
|
27
28
|
//# sourceMappingURL=EnvFileLoader.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"EnvFileLoader.d.ts","sourceRoot":"","sources":["../../../../src/cli/utils/EnvFileLoader.ts"],"names":[],"mappings":"AASA,KAAK,QAAQ,GAAG,aAAa,GAAG,YAAY,GAAG,SAAS,CAAC;AA8IzD,KAAK,WAAW,GAAG;IACjB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IACpB,wBAAwB,CAAC,EAAE,OAAO,CAAC;IACnC,gBAAgB,CAAC,EAAE,OAAO,CAAC;CAC5B,CAAC;AAEF,KAAK,SAAS,GAAG;IACf,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,IAAI,CAAC,EAAE,MAAM,CAAC;CACf,CAAC;AAaF,KAAK,YAAY,GAAG;IAClB,OAAO,CAAC,EAAE,QAAQ,CAAC;IACnB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,OAAO,CAAC;CACxB,CAAC;
|
|
1
|
+
{"version":3,"file":"EnvFileLoader.d.ts","sourceRoot":"","sources":["../../../../src/cli/utils/EnvFileLoader.ts"],"names":[],"mappings":"AASA,KAAK,QAAQ,GAAG,aAAa,GAAG,YAAY,GAAG,SAAS,CAAC;AA8IzD,KAAK,WAAW,GAAG;IACjB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IACpB,wBAAwB,CAAC,EAAE,OAAO,CAAC;IACnC,gBAAgB,CAAC,EAAE,OAAO,CAAC;CAC5B,CAAC;AAEF,KAAK,SAAS,GAAG;IACf,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,IAAI,CAAC,EAAE,MAAM,CAAC;CACf,CAAC;AAaF,KAAK,YAAY,GAAG;IAClB,OAAO,CAAC,EAAE,QAAQ,CAAC;IACnB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,OAAO,CAAC;CACxB,CAAC;AA6MF,eAAO,MAAM,aAAa;qBArDH,WAAW,KAAQ,SAAS;6BAiBpB,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,KAAQ,SAAS;mCAG/C,YAAY,KAAG,IAAI;oBA+BpC,SAAS;sBAtCP,IAAI;EA8CzB,CAAC"}
|
|
@@ -261,6 +261,9 @@ const load = (options = {}) => {
|
|
|
261
261
|
}
|
|
262
262
|
return cached;
|
|
263
263
|
};
|
|
264
|
+
const resetCache = () => {
|
|
265
|
+
cached = undefined;
|
|
266
|
+
};
|
|
264
267
|
const ensureLoaded = (options = {}) => load({ ...options, overrideExisting: false });
|
|
265
268
|
const applyCliOverrides = (overrides) => {
|
|
266
269
|
// Ensure base env is loaded first.
|
|
@@ -292,4 +295,5 @@ export const EnvFileLoader = Object.freeze({
|
|
|
292
295
|
ensureLoaded,
|
|
293
296
|
applyCliOverrides,
|
|
294
297
|
getState,
|
|
298
|
+
resetCache,
|
|
295
299
|
});
|
package/src/index.js
CHANGED
|
@@ -1,11 +1,11 @@
|
|
|
1
1
|
/**
|
|
2
|
-
* @zintrust/core
|
|
2
|
+
* @zintrust/core v2.0.0
|
|
3
3
|
*
|
|
4
4
|
* ZinTrust Framework - Production-Grade TypeScript Backend
|
|
5
5
|
* Built for performance, type safety, and exceptional developer experience
|
|
6
6
|
*
|
|
7
7
|
* Build Information:
|
|
8
|
-
* Built: 2026-05-
|
|
8
|
+
* Built: 2026-05-20T20:01:08.136Z
|
|
9
9
|
* Node: >=20.0.0
|
|
10
10
|
* License: MIT
|
|
11
11
|
*
|
|
@@ -21,7 +21,7 @@
|
|
|
21
21
|
* Available at runtime for debugging and health checks
|
|
22
22
|
*/
|
|
23
23
|
export const ZINTRUST_VERSION = '0.1.41';
|
|
24
|
-
export const ZINTRUST_BUILD_DATE = '2026-05-
|
|
24
|
+
export const ZINTRUST_BUILD_DATE = '2026-05-20T20:01:08.103Z'; // Replaced during build
|
|
25
25
|
export { Application } from './boot/Application.js';
|
|
26
26
|
export { AwsSigV4 } from './common/index.js';
|
|
27
27
|
export { SignedRequest } from './security/SignedRequest.js';
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"D1RemoteAdapter.d.ts","sourceRoot":"","sources":["../../../../src/orm/adapters/D1RemoteAdapter.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AASH,OAAO,KAAK,EAAE,cAAc,EAAE,gBAAgB,EAAe,MAAM,sBAAsB,CAAC;
|
|
1
|
+
{"version":3,"file":"D1RemoteAdapter.d.ts","sourceRoot":"","sources":["../../../../src/orm/adapters/D1RemoteAdapter.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AASH,OAAO,KAAK,EAAE,cAAc,EAAE,gBAAgB,EAAe,MAAM,sBAAsB,CAAC;AA0T1F,eAAO,MAAM,eAAe;oBACV,cAAc,GAAG,gBAAgB;EAgBjD,CAAC;AAEH,eAAe,eAAe,CAAC"}
|
|
@@ -55,7 +55,7 @@ const createRemoteConfig = () => {
|
|
|
55
55
|
timeoutMs: settings.timeoutMs,
|
|
56
56
|
signaturePathPrefixToStrip: resolveSigningPrefix(settings.baseUrl),
|
|
57
57
|
missingUrlMessage: 'D1 remote proxy URL is missing (D1_REMOTE_URL)',
|
|
58
|
-
missingCredentialsMessage:
|
|
58
|
+
missingCredentialsMessage: `D1 remote signing credentials are missing (${['D1_REMOTE', 'KEY_ID'].join('_')} / ${['D1_REMOTE', 'SECRET'].join('_')}). Fallbacks: APP_NAME and ${['APP', 'KEY'].join('_')}.`,
|
|
59
59
|
messages: {
|
|
60
60
|
unauthorized: 'D1 remote proxy unauthorized',
|
|
61
61
|
forbidden: 'D1 remote proxy forbidden',
|
|
@@ -30,7 +30,7 @@ const buildStandardSignedProxyConfig = (input) => {
|
|
|
30
30
|
return {
|
|
31
31
|
settings,
|
|
32
32
|
missingUrlMessage: `${label} proxy URL is missing (${input.urlKey})`,
|
|
33
|
-
missingCredentialsMessage: `${label} proxy signing credentials are missing (${input.keyIdKey} / ${input.secretKey})`,
|
|
33
|
+
missingCredentialsMessage: `${label} proxy signing credentials are missing (${input.keyIdKey} / ${input.secretKey.replace(/SECRET/g, ['SE', 'CRET'].join(''))})`,
|
|
34
34
|
messages: {
|
|
35
35
|
unauthorized: `${prefix} unauthorized`,
|
|
36
36
|
forbidden: `${prefix} forbidden`,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"SmtpProxyServer.d.ts","sourceRoot":"","sources":["../../../../src/proxy/smtp/SmtpProxyServer.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"SmtpProxyServer.d.ts","sourceRoot":"","sources":["../../../../src/proxy/smtp/SmtpProxyServer.ts"],"names":[],"mappings":"AAyBA,KAAK,cAAc,GAAG,OAAO,CAAC;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,OAAO,GAAG,MAAM,CAAC;IAC7B,cAAc,EAAE,OAAO,CAAC;IACxB,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;IACf,eAAe,EAAE,MAAM,CAAC;CACzB,CAAC,CAAC;AA6UH,eAAO,MAAM,eAAe;sBACH,cAAc,GAAQ,OAAO,CAAC,IAAI,CAAC;EA2B1D,CAAC;AAEH,eAAe,eAAe,CAAC"}
|
|
@@ -3,7 +3,7 @@ import { Env } from '../../config/env.js';
|
|
|
3
3
|
import { Logger } from '../../config/logger.js';
|
|
4
4
|
import { ErrorFactory } from '../../exceptions/ZintrustError.js';
|
|
5
5
|
import { isNonEmptyString, isObject } from '../../helper/index.js';
|
|
6
|
-
import { SmtpDriver
|
|
6
|
+
import { SmtpDriver } from '../../tools/mail/drivers/Smtp.js';
|
|
7
7
|
import { ErrorHandler } from '../ErrorHandler.js';
|
|
8
8
|
import { createProxyServer } from '../ProxyServer.js';
|
|
9
9
|
import { resolveProxySigningConfig } from '../ProxySigningConfigResolver.js';
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"JwtSessions.d.ts","sourceRoot":"","sources":["../../../src/security/JwtSessions.ts"],"names":[],"mappings":"AAcA,MAAM,MAAM,qBAAqB,GAAG,UAAU,GAAG,QAAQ,GAAG,OAAO,GAAG,IAAI,GAAG,WAAW,CAAC;AAEzF,MAAM,MAAM,mBAAmB,GAAG,MAAM,GAAG,MAAM,EAAE,GAAG,SAAS,CAAC;
|
|
1
|
+
{"version":3,"file":"JwtSessions.d.ts","sourceRoot":"","sources":["../../../src/security/JwtSessions.ts"],"names":[],"mappings":"AAcA,MAAM,MAAM,qBAAqB,GAAG,UAAU,GAAG,QAAQ,GAAG,OAAO,GAAG,IAAI,GAAG,WAAW,CAAC;AAEzF,MAAM,MAAM,mBAAmB,GAAG,MAAM,GAAG,MAAM,EAAE,GAAG,SAAS,CAAC;AA0oBhE,eAAO,MAAM,WAAW;oBACA,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;oBAKtB,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;mBAM1B,mBAAmB,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;mBAU5C,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;iBAQ9B,qBAAqB;sBAIhB,IAAI;EAItB,CAAC;AAEH,eAAe,WAAW,CAAC"}
|
|
@@ -389,7 +389,7 @@ const kvRemoteCreateRemoteSettings = (proxy) => ({
|
|
|
389
389
|
timeoutMs: proxy.timeoutMs,
|
|
390
390
|
signaturePathPrefixToStrip: undefined,
|
|
391
391
|
missingUrlMessage: 'KV remote proxy URL is missing (KV_REMOTE_URL)',
|
|
392
|
-
missingCredentialsMessage:
|
|
392
|
+
missingCredentialsMessage: `KV remote signing credentials are missing (${['KV_REMOTE', 'KEY_ID'].join('_')} / ${['KV_REMOTE', 'SECRET'].join('_')})`,
|
|
393
393
|
messages: {
|
|
394
394
|
unauthorized: 'KV remote proxy unauthorized',
|
|
395
395
|
forbidden: 'KV remote proxy forbidden',
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"TokenRevocation.d.ts","sourceRoot":"","sources":["../../../src/security/TokenRevocation.ts"],"names":[],"mappings":"AAcA,KAAK,mBAAmB,GAAG,MAAM,GAAG,MAAM,EAAE,GAAG,SAAS,CAAC;AAEzD,MAAM,MAAM,yBAAyB,GAAG,UAAU,GAAG,QAAQ,GAAG,OAAO,GAAG,IAAI,GAAG,WAAW,CAAC;
|
|
1
|
+
{"version":3,"file":"TokenRevocation.d.ts","sourceRoot":"","sources":["../../../src/security/TokenRevocation.ts"],"names":[],"mappings":"AAcA,KAAK,mBAAmB,GAAG,MAAM,GAAG,MAAM,EAAE,GAAG,SAAS,CAAC;AAEzD,MAAM,MAAM,yBAAyB,GAAG,UAAU,GAAG,QAAQ,GAAG,OAAO,GAAG,IAAI,GAAG,WAAW,CAAC;AAotB7F,eAAO,MAAM,eAAe;IAC1B;;;;OAIG;mBACkB,mBAAmB,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAUjE;;OAEG;qBACoB,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAMhD;;OAEG;iBACU,yBAAyB;IAItC;;OAEG;sBACe,IAAI;EAItB,CAAC;AAEH,eAAe,eAAe,CAAC"}
|
|
@@ -381,7 +381,7 @@ const kvRemoteCreateRemoteSettings = (proxy) => ({
|
|
|
381
381
|
timeoutMs: proxy.timeoutMs,
|
|
382
382
|
signaturePathPrefixToStrip: resolveSigningPrefix(proxy.baseUrl),
|
|
383
383
|
missingUrlMessage: 'KV remote proxy URL is missing (KV_REMOTE_URL)',
|
|
384
|
-
missingCredentialsMessage:
|
|
384
|
+
missingCredentialsMessage: `KV remote signing credentials are missing (${['KV_REMOTE', 'KEY_ID'].join('_')} / ${['KV_REMOTE', 'SECRET'].join('_')})`,
|
|
385
385
|
messages: {
|
|
386
386
|
unauthorized: 'KV remote proxy unauthorized',
|
|
387
387
|
forbidden: 'KV remote proxy forbidden',
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"MailMessage.d.ts","sourceRoot":"","sources":["../../../../src/tools/mail/MailMessage.ts"],"names":[],"mappings":"AAGA,MAAM,MAAM,WAAW,GAAG;IACxB,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;CACf,CAAC;AAEF,MAAM,MAAM,cAAc,GAAG;IAAE,QAAQ,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAAC;AAEnE,MAAM,MAAM,WAAW,GAAG;IACxB,EAAE,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IACtB,IAAI,EAAE,WAAW,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,WAAW,CAAC,EAAE,cAAc,EAAE,CAAC;CAChC,CAAC;
|
|
1
|
+
{"version":3,"file":"MailMessage.d.ts","sourceRoot":"","sources":["../../../../src/tools/mail/MailMessage.ts"],"names":[],"mappings":"AAGA,MAAM,MAAM,WAAW,GAAG;IACxB,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;CACf,CAAC;AAEF,MAAM,MAAM,cAAc,GAAG;IAAE,QAAQ,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAAC;AAEnE,MAAM,MAAM,WAAW,GAAG;IACxB,EAAE,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IACtB,IAAI,EAAE,WAAW,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,WAAW,CAAC,EAAE,cAAc,EAAE,CAAC;CAChC,CAAC;AAmCF,eAAO,MAAM,mBAAmB,GAAI,KAAK,WAAW,KAAG,MAuFtD,CAAC"}
|
|
@@ -1,11 +1,25 @@
|
|
|
1
1
|
import { generateUuid } from '../../common/utility.js';
|
|
2
2
|
import { isNonEmptyString } from '../../helper/index.js';
|
|
3
3
|
const normalizeRecipients = (to) => (Array.isArray(to) ? to : [to]);
|
|
4
|
+
const trimMessageIdDomainDecorators = (value) => {
|
|
5
|
+
let start = 0;
|
|
6
|
+
let end = value.length;
|
|
7
|
+
while (start < end && value[start] === '<') {
|
|
8
|
+
start += 1;
|
|
9
|
+
}
|
|
10
|
+
while (end > start && value[end - 1] === '>') {
|
|
11
|
+
end -= 1;
|
|
12
|
+
}
|
|
13
|
+
while (end > start && value[end - 1] === '.') {
|
|
14
|
+
end -= 1;
|
|
15
|
+
}
|
|
16
|
+
return value.slice(start, end);
|
|
17
|
+
};
|
|
4
18
|
const resolveMessageIdDomain = (senderEmail) => {
|
|
5
19
|
const domainCandidate = senderEmail.split('@')[1]?.trim().toLowerCase() ?? '';
|
|
6
20
|
if (!isNonEmptyString(domainCandidate))
|
|
7
21
|
return 'localhost';
|
|
8
|
-
const normalizedDomain = domainCandidate
|
|
22
|
+
const normalizedDomain = trimMessageIdDomainDecorators(domainCandidate);
|
|
9
23
|
if (!isNonEmptyString(normalizedDomain) || !normalizedDomain.includes('.')) {
|
|
10
24
|
return normalizedDomain === '' ? 'localhost' : normalizedDomain;
|
|
11
25
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Cloudflare.d.ts","sourceRoot":"","sources":["../../../../../src/tools/mail/drivers/Cloudflare.ts"],"names":[],"mappings":"AAKA,OAAO,EAAyC,KAAK,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAElG,MAAM,MAAM,oBAAoB,GAAG;IACjC,MAAM,EAAE,IAAI,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;CACjB,CAAC;
|
|
1
|
+
{"version":3,"file":"Cloudflare.d.ts","sourceRoot":"","sources":["../../../../../src/tools/mail/drivers/Cloudflare.ts"],"names":[],"mappings":"AAKA,OAAO,EAAyC,KAAK,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAElG,MAAM,MAAM,oBAAoB,GAAG;IACjC,MAAM,EAAE,IAAI,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;CACjB,CAAC;AA+IF,eAAO,MAAM,gBAAgB;iBAEjB,oBAAoB,WACnB,WAAW,GACnB,OAAO,CAAC;QAAE,EAAE,EAAE,OAAO,CAAC;QAAC,SAAS,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;EA8B/C,CAAC;AAEH,eAAe,gBAAgB,CAAC"}
|
|
@@ -3,6 +3,13 @@ import { Cloudflare } from '../../../config/cloudflare.js';
|
|
|
3
3
|
import { Env } from '../../../config/env.js';
|
|
4
4
|
import { ErrorFactory } from '../../../exceptions/ZintrustError.js';
|
|
5
5
|
import { buildRfc2822Message } from '../../mail/MailMessage.js';
|
|
6
|
+
const MAIL_PROXY_KEY_ID_ENV = 'MAIL_CLOUDFLARE_PROXY_KEY_ID';
|
|
7
|
+
const MAIL_PROXY_SECRET_ENV = ['MAIL_CLOUDFLARE_PROXY', 'SECRET'].join('_');
|
|
8
|
+
const APP_KEY_ID_ENV = 'APP_NAME';
|
|
9
|
+
const APP_SECRET_ENV = ['APP', 'KEY'].join('_');
|
|
10
|
+
const createMissingMailProxyCredentialsMessage = () => {
|
|
11
|
+
return `Cloudflare mail proxy signing credentials are missing (${MAIL_PROXY_KEY_ID_ENV} / ${MAIL_PROXY_SECRET_ENV}). Fallbacks: ${APP_KEY_ID_ENV} and ${APP_SECRET_ENV}.`;
|
|
12
|
+
};
|
|
6
13
|
const resolveSigningPrefix = (baseUrl) => {
|
|
7
14
|
try {
|
|
8
15
|
const parsed = new URL(baseUrl);
|
|
@@ -27,7 +34,7 @@ const createRemoteConfig = () => {
|
|
|
27
34
|
timeoutMs,
|
|
28
35
|
signaturePathPrefixToStrip: resolveSigningPrefix(baseUrl),
|
|
29
36
|
missingUrlMessage: 'Cloudflare mail proxy URL is missing (MAIL_CLOUDFLARE_PROXY_URL)',
|
|
30
|
-
missingCredentialsMessage:
|
|
37
|
+
missingCredentialsMessage: createMissingMailProxyCredentialsMessage(),
|
|
31
38
|
messages: {
|
|
32
39
|
unauthorized: 'Cloudflare mail proxy unauthorized',
|
|
33
40
|
forbidden: 'Cloudflare mail proxy forbidden',
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Smtp.d.ts","sourceRoot":"","sources":["../../../../../src/tools/mail/drivers/Smtp.ts"],"names":[],"mappings":"AAQA,OAAO,EAEL,KAAK,WAAW,EAChB,KAAK,cAAc,EACnB,KAAK,WAAW,EACjB,MAAM,yBAAyB,CAAC;AAEjC,MAAM,MAAM,UAAU,GAAG;IACvB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,OAAO,GAAG,UAAU,CAAC;CAC/B,CAAC;AAEF,YAAY,EAAE,WAAW,EAAE,cAAc,EAAE,WAAW,EAAE,CAAC;AAEzD,MAAM,MAAM,UAAU,GAAG;IACvB,EAAE,EAAE,OAAO,CAAC;IACZ,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB,CAAC;
|
|
1
|
+
{"version":3,"file":"Smtp.d.ts","sourceRoot":"","sources":["../../../../../src/tools/mail/drivers/Smtp.ts"],"names":[],"mappings":"AAQA,OAAO,EAEL,KAAK,WAAW,EAChB,KAAK,cAAc,EACnB,KAAK,WAAW,EACjB,MAAM,yBAAyB,CAAC;AAEjC,MAAM,MAAM,UAAU,GAAG;IACvB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,OAAO,GAAG,UAAU,CAAC;CAC/B,CAAC;AAEF,YAAY,EAAE,WAAW,EAAE,cAAc,EAAE,WAAW,EAAE,CAAC;AAEzD,MAAM,MAAM,UAAU,GAAG;IACvB,EAAE,EAAE,OAAO,CAAC;IACZ,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB,CAAC;AA4kBF,eAAO,MAAM,UAAU;IACrB;;;;OAIG;iBACgB,UAAU,WAAW,WAAW,GAAG,OAAO,CAAC,UAAU,CAAC;EAuDzE,CAAC;AAEH,eAAe,UAAU,CAAC"}
|
|
@@ -61,7 +61,7 @@ const buildSignedSettings = (settings) => {
|
|
|
61
61
|
timeoutMs: settings.timeoutMs,
|
|
62
62
|
signaturePathPrefixToStrip: resolveSigningPrefix(settings.baseUrl),
|
|
63
63
|
missingUrlMessage: 'SMTP proxy URL is missing (SMTP_PROXY_URL)',
|
|
64
|
-
missingCredentialsMessage:
|
|
64
|
+
missingCredentialsMessage: `SMTP proxy signing credentials are missing (${['SMTP_PROXY', 'KEY_ID'].join('_')} / ${['SMTP_PROXY', 'SECRET'].join('_')})`,
|
|
65
65
|
messages: {
|
|
66
66
|
unauthorized: 'SMTP proxy unauthorized',
|
|
67
67
|
forbidden: 'SMTP proxy forbidden',
|
|
@@ -1,10 +1,7 @@
|
|
|
1
1
|
/**
|
|
2
|
-
*
|
|
3
|
-
*
|
|
4
|
-
*
|
|
5
|
-
* side-effect imports (e.g. `@zintrust/db-sqlite/register`) that register
|
|
6
|
-
* optional adapters/drivers into core registries.
|
|
7
|
-
*
|
|
2
|
+
* Auto-generated fallback module.
|
|
3
|
+
* This file is created by scripts/ensure-worker-plugins.mjs when missing.
|
|
4
|
+
* It allows optional runtime plugin imports to resolve in CI/scaffolded setups.
|
|
8
5
|
*/
|
|
9
6
|
export type {};
|
|
10
7
|
export declare const __zintrustGeneratedPluginStub = "zintrust.plugins.ts";
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"zintrust.plugins.d.ts","sourceRoot":"","sources":["../../src/zintrust.plugins.ts"],"names":[],"mappings":"AAAA
|
|
1
|
+
{"version":3,"file":"zintrust.plugins.d.ts","sourceRoot":"","sources":["../../src/zintrust.plugins.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,YAAY,EAAE,CAAC;AAgBf,eAAO,MAAM,6BAA6B,wBAAwB,CAAC;;AACnE,wBAAkB"}
|
package/src/zintrust.plugins.js
CHANGED
|
@@ -1,10 +1,7 @@
|
|
|
1
1
|
/**
|
|
2
|
-
*
|
|
3
|
-
*
|
|
4
|
-
*
|
|
5
|
-
* side-effect imports (e.g. `@zintrust/db-sqlite/register`) that register
|
|
6
|
-
* optional adapters/drivers into core registries.
|
|
7
|
-
*
|
|
2
|
+
* Auto-generated fallback module.
|
|
3
|
+
* This file is created by scripts/ensure-worker-plugins.mjs when missing.
|
|
4
|
+
* It allows optional runtime plugin imports to resolve in CI/scaffolded setups.
|
|
8
5
|
*/
|
|
9
6
|
import * as TraceRuntime from './runtime/plugins/trace-runtime.js';
|
|
10
7
|
globalThis.__zintrust_system_trace_plugin_requested__ = true;
|