axvault 1.1.0 → 1.3.0

package/dist/lib/parse-access-options.d.ts

@@ -0,0 +1,37 @@
+/**
+ * Parse and validate access list options from CLI flags.
+ */
+interface ParsedAccessOptions {
+    addRead: string[];
+    addWrite: string[];
+    addGrant: string[];
+    removeRead: string[];
+    removeWrite: string[];
+    removeGrant: string[];
+}
+interface AccessOptions {
+    addRead?: string;
+    addWrite?: string;
+    addGrant?: string;
+    removeRead?: string;
+    removeWrite?: string;
+    removeGrant?: string;
+}
+/**
+ * Parse all access list options and validate them.
+ * Returns parsed entries or logs error and sets exit code.
+ */
+export declare function parseAccessOptions(options: AccessOptions): ParsedAccessOptions | undefined;
+/**
+ * Compute updated access list by adding and removing entries.
+ */
+export declare function computeUpdatedAccess(current: string[], toAdd: string[], toRemove: string[]): string[];
+/**
+ * Normalize all access lists and print warnings.
+ */
+export declare function normalizeAllAccess(readAccess: string[], writeAccess: string[], grantAccess: string[]): {
+    read: string[];
+    write: string[];
+    grant: string[];
+};
+export {};

package/dist/lib/parse-access-options.js

@@ -0,0 +1,84 @@
+/**
+ * Parse and validate access list options from CLI flags.
+ */
+import { getAccessListErrorMessage, normalizeAccessList, parseAccessList, } from "./format.js";
+/**
+ * Parse all access list options and validate them.
+ * Returns parsed entries or logs error and sets exit code.
+ */
+export function parseAccessOptions(options) {
+    const addReadResult = parseAccessList(options.addRead);
+    const addWriteResult = parseAccessList(options.addWrite);
+    const addGrantResult = parseAccessList(options.addGrant);
+    const removeReadResult = parseAccessList(options.removeRead);
+    const removeWriteResult = parseAccessList(options.removeWrite);
+    const removeGrantResult = parseAccessList(options.removeGrant);
+    if (addReadResult.error) {
+        console.error(`Error in --add-read: ${getAccessListErrorMessage(addReadResult.error)}`);
+        process.exitCode = 2;
+        return undefined;
+    }
+    if (addWriteResult.error) {
+        console.error(`Error in --add-write: ${getAccessListErrorMessage(addWriteResult.error)}`);
+        process.exitCode = 2;
+        return undefined;
+    }
+    if (addGrantResult.error) {
+        console.error(`Error in --add-grant: ${getAccessListErrorMessage(addGrantResult.error)}`);
+        process.exitCode = 2;
+        return undefined;
+    }
+    if (removeReadResult.error) {
+        console.error(`Error in --remove-read: ${getAccessListErrorMessage(removeReadResult.error)}`);
+        process.exitCode = 2;
+        return undefined;
+    }
+    if (removeWriteResult.error) {
+        console.error(`Error in --remove-write: ${getAccessListErrorMessage(removeWriteResult.error)}`);
+        process.exitCode = 2;
+        return undefined;
+    }
+    if (removeGrantResult.error) {
+        console.error(`Error in --remove-grant: ${getAccessListErrorMessage(removeGrantResult.error)}`);
+        process.exitCode = 2;
+        return undefined;
+    }
+    return {
+        addRead: addReadResult.entries,
+        addWrite: addWriteResult.entries,
+        addGrant: addGrantResult.entries,
+        removeRead: removeReadResult.entries,
+        removeWrite: removeWriteResult.entries,
+        removeGrant: removeGrantResult.entries,
+    };
+}
+/**
+ * Compute updated access list by adding and removing entries.
+ */
+export function computeUpdatedAccess(current, toAdd, toRemove) {
+    const set = new Set(current);
+    for (const entry of toAdd)
+        set.add(entry);
+    for (const entry of toRemove)
+        set.delete(entry);
+    return [...set];
+}
+/**
+ * Normalize all access lists and print warnings.
+ */
+export function normalizeAllAccess(readAccess, writeAccess, grantAccess) {
+    const readNorm = normalizeAccessList(readAccess, "read");
+    const writeNorm = normalizeAccessList(writeAccess, "write");
+    const grantNorm = normalizeAccessList(grantAccess, "grant");
+    if (readNorm.warning)
+        console.warn(`Warning: ${readNorm.warning}`);
+    if (writeNorm.warning)
+        console.warn(`Warning: ${writeNorm.warning}`);
+    if (grantNorm.warning)
+        console.warn(`Warning: ${grantNorm.warning}`);
+    return {
+        read: readNorm.normalized,
+        write: writeNorm.normalized,
+        grant: grantNorm.normalized,
+    };
+}

package/dist/refresh/check-refresh.js

@@ -50,10 +50,10 @@ function toAxauthCredentials(agent, data) {
     if (!VALID_AGENTS.has(agent)) {
         return undefined;
     }
-    // Only OAuth credentials can be refreshed
+    // Only OAuth credentials with refresh tokens can be refreshed
     return {
         agent: agent,
-        type: "oauth",
+        type: "oauth-credentials",
         data,
     };
 }

package/dist/refresh/refresh-manager.d.ts

@@ -5,7 +5,7 @@
  * with axauth's refresh functionality.
  */
 import type Database from "better-sqlite3";
-import type { CredentialType } from "../db/repositories/credentials.js";
+import type { CredentialType } from "axshared";
 /** Key for credential-specific mutex */
 type CredentialKey = `${string}/${string}`;
 /** Result type for the full refresh operation */

package/package.json

@@ -2,7 +2,7 @@
   "name": "axvault",
   "author": "Łukasz Jerciński",
   "license": "MIT",
-  "version": "1.1.0",
+  "version": "1.3.0",
   "description": "Remote credential storage server for axkit",
   "repository": {
     "type": "git",
@@ -49,9 +49,9 @@
   },
   "dependencies": {
     "@commander-js/extra-typings": "^14.0.0",
-    "axauth": "^1.7.2",
-    "axshared": "^1.8.0",
-    "better-sqlite3": "^12.5.0",
+    "axauth": "^1.9.0",
+    "axshared": "1.9.0",
+    "better-sqlite3": "^12.6.0",
     "commander": "^14.0.2",
     "express": "^5.2.1"
   },
@@ -78,13 +78,13 @@
     "@total-typescript/ts-reset": "^0.6.1",
     "@types/better-sqlite3": "^7.6.13",
     "@types/express": "^5.0.6",
-    "@types/node": "^25.0.3",
+    "@types/node": "^25.0.5",
     "@vitest/coverage-v8": "^4.0.16",
     "eslint": "^9.39.2",
     "eslint-config-axkit": "^1.0.0",
     "fta-check": "^1.5.1",
     "fta-cli": "^3.0.0",
-    "knip": "^5.80.0",
+    "knip": "^5.80.2",
     "prettier": "3.7.4",
     "semantic-release": "^25.0.2",
     "typescript": "^5.9.3",