b2b-platform-utils 1.1.0 → 1.1.1

package/cryptoWrapper.js

@@ -1,7 +1,6 @@
 'use strict';
 
 // Purpose: PBKDF2-based password hashing/validation with a salt fetched from cache or config file.
-// Note: Public API preserved exactly.
 
 const crypto = require('crypto');
 const { getValue } = require('./localCache');
@@ -12,31 +11,30 @@ let keyLen = 64;
 
 module.exports = {
     /**
-     * Get salt value from in-memory cache or fallback to config file.
+     * Get salt value from in-memory cache or fallback to config file ./config/config.json (resolved from process.cwd()).
      */
     getSalt: () => {
         let salt = getValue('salt');
-        // Migrations/seeders flow when keys are not existing in runtime
         if (!salt) {
-            let config = readFile('./config/config.json');
-            config = JSON.parse(config);
-            salt = config?.salt;
+            try {
+                let config = readFile('./config/config.json'); // resolved relative to service root
+                config = JSON.parse(config);
+                salt = config?.salt;
+            } catch {
+                // Intentionally swallow ENOENT/parse errors; caller will fail deterministically if salt is missing.
+            }
         }
         return salt;
     },
 
-    /**
-     * Derive a password hash using PBKDF2-SHA512.
-     */
+    /** Derive a password hash using PBKDF2-SHA512. */
     generatePassword: (password) => {
         return crypto
             .pbkdf2Sync(password, module.exports.getSalt(), iterationsCount, keyLen, 'sha512')
             .toString('hex');
     },
 
-    /**
-     * Constant-time style comparison for provided password vs stored hash.
-     */
+    /** Constant-time style comparison for provided password vs stored hash. */
     validatePassword: (password, hash) => {
         const derived = crypto
             .pbkdf2Sync(password, module.exports.getSalt(), iterationsCount, keyLen, 'sha512')

package/fileSystem.js

@@ -1,28 +1,40 @@
 'use strict';
 
-// Purpose: Simple sync file helpers for small config/state blobs.
+// Purpose: Simple sync file helpers that resolve relative paths from the service root (process.cwd()).
 
 const fs = require('fs');
+const path = require('path');
+
+/** Resolve absolute path; if relative, resolve from process.cwd(). */
+function resolvePath(fileName) {
+    return path.isAbsolute(fileName) ? fileName : path.resolve(process.cwd(), fileName);
+}
 
 module.exports = {
     /**
      * Save data as JSON into a file (overwrites if exists).
+     * Ensures parent directory exists.
      */
     saveFile: (fileName, data) => {
-        fs.writeFileSync(fileName, JSON.stringify(data));
+        const p = resolvePath(fileName);
+        fs.mkdirSync(path.dirname(p), { recursive: true });
+        fs.writeFileSync(p, JSON.stringify(data));
     },
 
     /**
      * Read text content from a file using UTF-8.
+     * Relative paths are resolved from process.cwd().
      */
     readFile: (fileName) => {
-        return fs.readFileSync(fileName, 'utf-8');
+        const p = resolvePath(fileName);
+        return fs.readFileSync(p, 'utf-8');
     },
 
     /**
      * Remove a file from the filesystem.
      */
     removeFile: (fileName) => {
-        fs.unlinkSync(fileName);
+        const p = resolvePath(fileName);
+        fs.unlinkSync(p);
     }
 };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "b2b-platform-utils",
-  "version": "1.1.0",
+  "version": "1.1.1",
   "description": "Shared utilities for Node.js microservices: errors map, local cache, logger, numbers, dates, filesystem, media optimization, paginator, slugger, crypto wrapper, sanitize HTML, sorting.",
   "type": "commonjs",
   "license": "KingSizer",
@@ -22,4 +22,4 @@
     "moment": "^2.30.1",
     "sharp": "^0.33.0"
   }
-}
+}