npm - agent-vault-cli - Versions diffs - 0.1.0 - Mend

agent-vault-cli 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (87) hide show

package/.cursor/skills/npm-publish/SKILL.md +58 -0
package/.github/workflows/ci.yml +67 -0
package/README.md +164 -0
package/ROADMAP.md +986 -0
package/dist/commands/config.d.ts +8 -0
package/dist/commands/config.d.ts.map +1 -0
package/dist/commands/config.js +67 -0
package/dist/commands/config.js.map +1 -0
package/dist/commands/delete.d.ts +7 -0
package/dist/commands/delete.d.ts.map +1 -0
package/dist/commands/delete.js +30 -0
package/dist/commands/delete.js.map +1 -0
package/dist/commands/login.d.ts +7 -0
package/dist/commands/login.d.ts.map +1 -0
package/dist/commands/login.js +37 -0
package/dist/commands/login.js.map +1 -0
package/dist/commands/register.d.ts +13 -0
package/dist/commands/register.d.ts.map +1 -0
package/dist/commands/register.js +160 -0
package/dist/commands/register.js.map +1 -0
package/dist/core/audit.d.ts +15 -0
package/dist/core/audit.d.ts.map +1 -0
package/dist/core/audit.js +36 -0
package/dist/core/audit.js.map +1 -0
package/dist/core/browser.d.ts +7 -0
package/dist/core/browser.d.ts.map +1 -0
package/dist/core/browser.js +104 -0
package/dist/core/browser.js.map +1 -0
package/dist/core/config.d.ts +9 -0
package/dist/core/config.d.ts.map +1 -0
package/dist/core/config.js +80 -0
package/dist/core/config.js.map +1 -0
package/dist/core/crypto.d.ts +17 -0
package/dist/core/crypto.d.ts.map +1 -0
package/dist/core/crypto.js +90 -0
package/dist/core/crypto.js.map +1 -0
package/dist/core/fields.d.ts +5 -0
package/dist/core/fields.d.ts.map +1 -0
package/dist/core/fields.js +54 -0
package/dist/core/fields.js.map +1 -0
package/dist/core/keychain.d.ts +5 -0
package/dist/core/keychain.d.ts.map +1 -0
package/dist/core/keychain.js +97 -0
package/dist/core/keychain.js.map +1 -0
package/dist/core/origin.d.ts +25 -0
package/dist/core/origin.d.ts.map +1 -0
package/dist/core/origin.js +73 -0
package/dist/core/origin.js.map +1 -0
package/dist/core/ratelimit.d.ts +10 -0
package/dist/core/ratelimit.d.ts.map +1 -0
package/dist/core/ratelimit.js +70 -0
package/dist/core/ratelimit.js.map +1 -0
package/dist/core/secure-memory.d.ts +39 -0
package/dist/core/secure-memory.d.ts.map +1 -0
package/dist/core/secure-memory.js +68 -0
package/dist/core/secure-memory.js.map +1 -0
package/dist/index.d.ts +3 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +129 -0
package/dist/index.js.map +1 -0
package/dist/types/index.d.ts +27 -0
package/dist/types/index.d.ts.map +1 -0
package/dist/types/index.js +2 -0
package/dist/types/index.js.map +1 -0
package/package.json +58 -0
package/src/commands/config.ts +84 -0
package/src/commands/delete.ts +39 -0
package/src/commands/login.ts +49 -0
package/src/commands/register.ts +188 -0
package/src/core/audit.ts +59 -0
package/src/core/browser.ts +131 -0
package/src/core/config.ts +91 -0
package/src/core/crypto.ts +106 -0
package/src/core/fields.ts +59 -0
package/src/core/keychain.ts +110 -0
package/src/core/origin.ts +90 -0
package/src/core/ratelimit.ts +89 -0
package/src/core/secure-memory.ts +78 -0
package/src/index.ts +133 -0
package/src/types/index.ts +31 -0
package/tests/browser-password-manager.test.ts +1023 -0
package/tests/crypto.test.ts +140 -0
package/tests/e2e.test.ts +565 -0
package/tests/fixtures/server.ts +59 -0
package/tests/security.test.ts +113 -0
package/tsconfig.json +20 -0
package/vitest.config.ts +17 -0

package/tests/fixtures/server.ts ADDED Viewed

@@ -0,0 +1,59 @@
+import { createServer, IncomingMessage, ServerResponse, Server } from 'http';
+const LOGIN_FORM_HTML = `
+<!DOCTYPE html>
+<html>
+<head>
+  <title>Login</title>
+  <style>
+    body { font-family: sans-serif; max-width: 400px; margin: 50px auto; padding: 20px; }
+    form { display: flex; flex-direction: column; gap: 15px; }
+    input { padding: 10px; font-size: 16px; }
+    button { padding: 10px; font-size: 16px; cursor: pointer; }
+    .success { color: green; display: none; }
+  </style>
+</head>
+<body>
+  <h1>Login</h1>
+  <form id="login-form">
+    <input type="email" id="email" name="email" placeholder="Email" autocomplete="email" />
+    <input type="password" id="password" name="password" placeholder="Password" autocomplete="current-password" />
+    <button type="submit" id="submit-btn">Sign In</button>
+  </form>
+  <p class="success" id="success">Login successful!</p>
+  <script>
+    document.getElementById('login-form').addEventListener('submit', (e) => {
+      e.preventDefault();
+      document.getElementById('success').style.display = 'block';
+    });
+  </script>
+</body>
+</html>
+`;
+export interface TestServer {
+  url: string;
+  port: number;
+  close: () => Promise<void>;
+}
+export async function startTestServer(port: number): Promise<TestServer> {
+  return new Promise((resolve, reject) => {
+    const server: Server = createServer((req: IncomingMessage, res: ServerResponse) => {
+      res.writeHead(200, { 'Content-Type': 'text/html' });
+      res.end(LOGIN_FORM_HTML);
+    });
+    server.on('error', reject);
+    server.listen(port, '127.0.0.1', () => {
+      resolve({
+        url: `http://127.0.0.1:${port}`,
+        port,
+        close: () => new Promise<void>((res, rej) => {
+          server.close((err) => (err ? rej(err) : res()));
+        }),
+      });
+    });
+  });
+}

package/tests/security.test.ts ADDED Viewed

@@ -0,0 +1,113 @@
+import { describe, it, expect, beforeEach, afterEach } from 'vitest';
+import { SecureString, withSecureStrings } from '../src/core/secure-memory.js';
+import {
+  isSecureProtocol,
+  isHttpProtocol,
+} from '../src/core/origin.js';
+describe('SecureString', () => {
+  it('stores and retrieves value', () => {
+    const secure = new SecureString('secret123');
+    expect(secure.getValue()).toBe('secret123');
+  });
+  it('reports correct length', () => {
+    const secure = new SecureString('secret123');
+    expect(secure.length).toBe(9);
+  });
+  it('can be cleared', () => {
+    const secure = new SecureString('secret123');
+    expect(secure.isCleared()).toBe(false);
+    secure.clear();
+    expect(secure.isCleared()).toBe(true);
+  });
+  it('throws when accessing cleared value', () => {
+    const secure = new SecureString('secret123');
+    secure.clear();
+    expect(() => secure.getValue()).toThrow('SecureString has been cleared');
+  });
+  it('length is 0 after clearing', () => {
+    const secure = new SecureString('secret123');
+    secure.clear();
+    expect(secure.length).toBe(0);
+  });
+  it('can be cleared multiple times safely', () => {
+    const secure = new SecureString('secret123');
+    secure.clear();
+    secure.clear();
+    expect(secure.isCleared()).toBe(true);
+  });
+});
+describe('withSecureStrings', () => {
+  it('provides secure values to callback', async () => {
+    const result = await withSecureStrings(
+      { username: 'user', password: 'pass' },
+      async (secure) => {
+        expect(secure.username.getValue()).toBe('user');
+        expect(secure.password.getValue()).toBe('pass');
+        return 'done';
+      }
+    );
+    expect(result).toBe('done');
+  });
+  it('clears values after callback completes', async () => {
+    let capturedSecure: { username: SecureString; password: SecureString } | null = null;
+    await withSecureStrings({ username: 'user', password: 'pass' }, async (secure) => {
+      capturedSecure = secure;
+      return 'done';
+    });
+    expect(capturedSecure!.username.isCleared()).toBe(true);
+    expect(capturedSecure!.password.isCleared()).toBe(true);
+  });
+  it('clears values even if callback throws', async () => {
+    let capturedSecure: { username: SecureString } | null = null;
+    await expect(
+      withSecureStrings({ username: 'user' }, async (secure) => {
+        capturedSecure = secure;
+        throw new Error('test error');
+      })
+    ).rejects.toThrow('test error');
+    expect(capturedSecure!.username.isCleared()).toBe(true);
+  });
+});
+describe('Origin Security', () => {
+  describe('isSecureProtocol', () => {
+    it('returns true for HTTPS', () => {
+      expect(isSecureProtocol('https://example.com')).toBe(true);
+    });
+    it('returns false for HTTP', () => {
+      expect(isSecureProtocol('http://example.com')).toBe(false);
+    });
+    it('returns false for invalid URLs', () => {
+      expect(isSecureProtocol('not-a-url')).toBe(false);
+    });
+  });
+  describe('isHttpProtocol', () => {
+    it('returns true for HTTP', () => {
+      expect(isHttpProtocol('http://example.com')).toBe(true);
+    });
+    it('returns false for HTTPS', () => {
+      expect(isHttpProtocol('https://example.com')).toBe(false);
+    });
+    it('returns false for invalid URLs', () => {
+      expect(isHttpProtocol('not-a-url')).toBe(false);
+    });
+  });
+});

package/tsconfig.json ADDED Viewed

@@ -0,0 +1,20 @@
+{
+  "compilerOptions": {
+    "target": "ES2022",
+    "module": "NodeNext",
+    "moduleResolution": "NodeNext",
+    "lib": ["ES2022"],
+    "outDir": "dist",
+    "rootDir": "src",
+    "strict": true,
+    "esModuleInterop": true,
+    "skipLibCheck": true,
+    "forceConsistentCasingInFileNames": true,
+    "resolveJsonModule": true,
+    "declaration": true,
+    "declarationMap": true,
+    "sourceMap": true
+  },
+  "include": ["src/**/*"],
+  "exclude": ["node_modules", "dist", "tests"]
+}

package/vitest.config.ts ADDED Viewed

@@ -0,0 +1,17 @@
+import { defineConfig } from 'vitest/config';
+export default defineConfig({
+  test: {
+    globals: true,
+    environment: 'node',
+    include: ['tests/**/*.test.ts'],
+    testTimeout: 60000,
+    hookTimeout: 60000,
+    pool: 'forks',
+    poolOptions: {
+      forks: {
+        singleFork: true,
+      },
+    },
+  },
+});