envhub-cli 0.1.1

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":""}

package/dist/index.js

@@ -0,0 +1,14 @@
+#!/usr/bin/env node
+import { createProgram } from "./cli.js";
+import { logger } from "./utils/logger.js";
+const program = createProgram();
+program.parseAsync(process.argv).catch((error) => {
+    if (error instanceof Error) {
+        logger.error(error.message);
+    }
+    else {
+        logger.error("An unexpected error occurred.");
+    }
+    process.exit(1);
+});
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACzC,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAE3C,MAAM,OAAO,GAAG,aAAa,EAAE,CAAC;AAEhC,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC,KAAc,EAAE,EAAE;IACxD,IAAI,KAAK,YAAY,KAAK,EAAE,CAAC;QAC3B,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAC9B,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,KAAK,CAAC,+BAA+B,CAAC,CAAC;IAChD,CAAC;IACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}

package/dist/providers/aws/aws-secrets.provider.d.ts

@@ -0,0 +1,44 @@
+import type { AWSConfig } from "../../config/config.schema.js";
+import type { SecretProvider, PushOptions, PushResult, PullResult, SecretListItem, DeleteOptions } from "../provider.interface.js";
+/**
+ * AWS Secrets Manager implementation of the SecretProvider interface.
+ *
+ * Stores .env file contents as JSON payloads in AWS Secrets Manager,
+ * prefixed with a configurable namespace (default: "envhub-").
+ */
+export declare class AWSSecretsProvider implements SecretProvider {
+    readonly name = "aws";
+    private client;
+    private iamClient;
+    private prefix;
+    constructor(config: AWSConfig, prefix?: string);
+    /**
+     * Get the full secret name with prefix.
+     */
+    private fullName;
+    /**
+     * Strip the prefix from a full secret name.
+     */
+    private stripPrefix;
+    /**
+     * Check if a secret exists.
+     */
+    private secretExists;
+    /**
+     * Read the current payload from a secret.
+     */
+    private getPayload;
+    push(secretName: string, content: string, options?: PushOptions): Promise<PushResult>;
+    pull(secretName: string): Promise<PullResult>;
+    cat(secretName: string): Promise<string>;
+    list(): Promise<SecretListItem[]>;
+    delete(secretName: string, options?: DeleteOptions): Promise<void>;
+    grant(secretName: string, userIdentifier: string): Promise<void>;
+    revoke(secretName: string, userIdentifier: string): Promise<void>;
+    getVersion(secretName: string): Promise<number>;
+    /**
+     * Resolve a user identifier (username or ARN) to a full ARN.
+     */
+    private resolveUserArn;
+}
+//# sourceMappingURL=aws-secrets.provider.d.ts.map

package/dist/providers/aws/aws-secrets.provider.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"aws-secrets.provider.d.ts","sourceRoot":"","sources":["../../../src/providers/aws/aws-secrets.provider.ts"],"names":[],"mappings":"AAkBA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,+BAA+B,CAAC;AAC/D,OAAO,KAAK,EACV,cAAc,EACd,WAAW,EACX,UAAU,EACV,UAAU,EACV,cAAc,EACd,aAAa,EACd,MAAM,0BAA0B,CAAC;AAqBlC;;;;;GAKG;AACH,qBAAa,kBAAmB,YAAW,cAAc;IACvD,QAAQ,CAAC,IAAI,SAAS;IACtB,OAAO,CAAC,MAAM,CAAuB;IACrC,OAAO,CAAC,SAAS,CAAY;IAC7B,OAAO,CAAC,MAAM,CAAS;gBAEX,MAAM,EAAE,SAAS,EAAE,MAAM,GAAE,MAAkB;IAgBzD;;OAEG;IACH,OAAO,CAAC,QAAQ;IAIhB;;OAEG;IACH,OAAO,CAAC,WAAW;IAOnB;;OAEG;YACW,YAAY;IAc1B;;OAEG;YACW,UAAU;IAclB,IAAI,CACR,UAAU,EAAE,MAAM,EAClB,OAAO,EAAE,MAAM,EACf,OAAO,CAAC,EAAE,WAAW,GACpB,OAAO,CAAC,UAAU,CAAC;IAmDhB,IAAI,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC;IAU7C,GAAG,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAKxC,IAAI,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC;IAmDjC,MAAM,CAAC,UAAU,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC;IAWlE,KAAK,CAAC,UAAU,EAAE,MAAM,EAAE,cAAc,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IA2DhE,MAAM,CAAC,UAAU,EAAE,MAAM,EAAE,cAAc,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAgEjE,UAAU,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAcrD;;OAEG;YACW,cAAc;CAwB7B"}

package/dist/providers/aws/aws-secrets.provider.js

@@ -0,0 +1,306 @@
+import { SecretsManagerClient, CreateSecretCommand, GetSecretValueCommand, UpdateSecretCommand, ListSecretsCommand, DeleteSecretCommand, DescribeSecretCommand, GetResourcePolicyCommand, PutResourcePolicyCommand, DeleteResourcePolicyCommand, ResourceNotFoundException, } from "@aws-sdk/client-secrets-manager";
+import { IAMClient, GetUserCommand, } from "@aws-sdk/client-iam";
+import { fromIni } from "@aws-sdk/credential-providers";
+import { parseEnvContent } from "../../utils/env-parser.js";
+/**
+ * AWS Secrets Manager implementation of the SecretProvider interface.
+ *
+ * Stores .env file contents as JSON payloads in AWS Secrets Manager,
+ * prefixed with a configurable namespace (default: "envhub-").
+ */
+export class AWSSecretsProvider {
+    name = "aws";
+    client;
+    iamClient;
+    prefix;
+    constructor(config, prefix = "envhub-") {
+        const credentials = fromIni({ profile: config.profile });
+        this.client = new SecretsManagerClient({
+            region: config.region,
+            credentials,
+        });
+        this.iamClient = new IAMClient({
+            region: config.region,
+            credentials,
+        });
+        this.prefix = prefix;
+    }
+    /**
+     * Get the full secret name with prefix.
+     */
+    fullName(secretName) {
+        return `${this.prefix}${secretName}`;
+    }
+    /**
+     * Strip the prefix from a full secret name.
+     */
+    stripPrefix(fullName) {
+        if (fullName.startsWith(this.prefix)) {
+            return fullName.substring(this.prefix.length);
+        }
+        return fullName;
+    }
+    /**
+     * Check if a secret exists.
+     */
+    async secretExists(secretName) {
+        try {
+            await this.client.send(new DescribeSecretCommand({ SecretId: this.fullName(secretName) }));
+            return true;
+        }
+        catch (error) {
+            if (error instanceof ResourceNotFoundException) {
+                return false;
+            }
+            throw error;
+        }
+    }
+    /**
+     * Read the current payload from a secret.
+     */
+    async getPayload(secretName) {
+        const result = await this.client.send(new GetSecretValueCommand({ SecretId: this.fullName(secretName) }));
+        if (!result.SecretString) {
+            throw new Error(`Secret '${secretName}' has no string content.`);
+        }
+        return JSON.parse(result.SecretString);
+    }
+    // ── Core Operations ──────────────────────────────────────────────
+    async push(secretName, content, options) {
+        const exists = await this.secretExists(secretName);
+        let newVersion;
+        if (exists) {
+            // Get current version
+            const currentPayload = await this.getPayload(secretName);
+            newVersion = currentPayload.metadata.version + 1;
+            const payload = {
+                content,
+                metadata: {
+                    version: newVersion,
+                    message: options?.message,
+                    updatedAt: new Date().toISOString(),
+                    managedBy: "envhub-cli",
+                },
+            };
+            await this.client.send(new UpdateSecretCommand({
+                SecretId: this.fullName(secretName),
+                SecretString: JSON.stringify(payload),
+            }));
+        }
+        else {
+            // Create new secret
+            newVersion = 1;
+            const payload = {
+                content,
+                metadata: {
+                    version: newVersion,
+                    message: options?.message,
+                    updatedAt: new Date().toISOString(),
+                    managedBy: "envhub-cli",
+                },
+            };
+            await this.client.send(new CreateSecretCommand({
+                Name: this.fullName(secretName),
+                SecretString: JSON.stringify(payload),
+                Description: `Managed by envhub-cli`,
+            }));
+        }
+        return { version: newVersion, name: secretName };
+    }
+    async pull(secretName) {
+        const payload = await this.getPayload(secretName);
+        return {
+            content: payload.content,
+            version: payload.metadata.version,
+            name: secretName,
+        };
+    }
+    async cat(secretName) {
+        const payload = await this.getPayload(secretName);
+        return payload.content;
+    }
+    async list() {
+        const items = [];
+        let nextToken;
+        do {
+            const result = await this.client.send(new ListSecretsCommand({
+                NextToken: nextToken,
+                Filters: [
+                    {
+                        Key: "name",
+                        Values: [this.prefix],
+                    },
+                ],
+            }));
+            if (result.SecretList) {
+                for (const secret of result.SecretList) {
+                    if (!secret.Name?.startsWith(this.prefix)) {
+                        continue;
+                    }
+                    // Try to get the secret content for additional info
+                    let secretsCount = 0;
+                    let lastMessage = null;
+                    try {
+                        const payload = await this.getPayload(this.stripPrefix(secret.Name));
+                        const entries = parseEnvContent(payload.content);
+                        secretsCount = entries.size;
+                        lastMessage = payload.metadata.message ?? null;
+                    }
+                    catch {
+                        // If we can't read the secret, just show basic info
+                    }
+                    items.push({
+                        name: this.stripPrefix(secret.Name),
+                        secretsCount,
+                        updatedAt: secret.LastChangedDate ?? null,
+                        lastMessage,
+                    });
+                }
+            }
+            nextToken = result.NextToken;
+        } while (nextToken);
+        return items;
+    }
+    async delete(secretName, options) {
+        await this.client.send(new DeleteSecretCommand({
+            SecretId: this.fullName(secretName),
+            ForceDeleteWithoutRecovery: options?.force ?? false,
+        }));
+    }
+    // ── Access Control ───────────────────────────────────────────────
+    async grant(secretName, userIdentifier) {
+        const userArn = await this.resolveUserArn(userIdentifier);
+        const fullSecretName = this.fullName(secretName);
+        // Get the secret ARN
+        const describeResult = await this.client.send(new DescribeSecretCommand({ SecretId: fullSecretName }));
+        const secretArn = describeResult.ARN;
+        if (!secretArn) {
+            throw new Error(`Could not determine ARN for secret '${secretName}'.`);
+        }
+        // Get existing policy or create a new one
+        let policy;
+        try {
+            const policyResult = await this.client.send(new GetResourcePolicyCommand({ SecretId: fullSecretName }));
+            policy = policyResult.ResourcePolicy
+                ? JSON.parse(policyResult.ResourcePolicy)
+                : createEmptyPolicy();
+        }
+        catch {
+            policy = createEmptyPolicy();
+        }
+        // Add the user to the policy
+        const existingStatement = policy.Statement.find((s) => s.Sid === "EnvhubAccess");
+        if (existingStatement) {
+            const principals = Array.isArray(existingStatement.Principal.AWS)
+                ? existingStatement.Principal.AWS
+                : [existingStatement.Principal.AWS];
+            if (!principals.includes(userArn)) {
+                principals.push(userArn);
+            }
+            existingStatement.Principal.AWS = principals;
+        }
+        else {
+            policy.Statement.push({
+                Sid: "EnvhubAccess",
+                Effect: "Allow",
+                Principal: { AWS: [userArn] },
+                Action: ["secretsmanager:GetSecretValue"],
+                Resource: secretArn,
+            });
+        }
+        await this.client.send(new PutResourcePolicyCommand({
+            SecretId: fullSecretName,
+            ResourcePolicy: JSON.stringify(policy),
+        }));
+    }
+    async revoke(secretName, userIdentifier) {
+        const userArn = await this.resolveUserArn(userIdentifier);
+        const fullSecretName = this.fullName(secretName);
+        // Get existing policy
+        let policy;
+        try {
+            const policyResult = await this.client.send(new GetResourcePolicyCommand({ SecretId: fullSecretName }));
+            if (!policyResult.ResourcePolicy) {
+                throw new Error(`No access policy found for secret '${secretName}'.`);
+            }
+            policy = JSON.parse(policyResult.ResourcePolicy);
+        }
+        catch (error) {
+            if (error instanceof Error && error.message.includes("No access policy")) {
+                throw error;
+            }
+            throw new Error(`Failed to retrieve policy for secret '${secretName}'.`);
+        }
+        // Remove the user from the policy
+        const statement = policy.Statement.find((s) => s.Sid === "EnvhubAccess");
+        if (!statement) {
+            throw new Error(`No envhub access policy found for secret '${secretName}'.`);
+        }
+        const principals = Array.isArray(statement.Principal.AWS)
+            ? statement.Principal.AWS
+            : [statement.Principal.AWS];
+        const filtered = principals.filter((arn) => arn !== userArn);
+        if (filtered.length === principals.length) {
+            throw new Error(`User '${userIdentifier}' does not have access to secret '${secretName}'.`);
+        }
+        if (filtered.length === 0) {
+            // Remove the entire statement
+            policy.Statement = policy.Statement.filter((s) => s.Sid !== "EnvhubAccess");
+        }
+        else {
+            statement.Principal.AWS = filtered;
+        }
+        if (policy.Statement.length === 0) {
+            // No statements left — delete the entire policy
+            await this.client.send(new DeleteResourcePolicyCommand({ SecretId: fullSecretName }));
+        }
+        else {
+            await this.client.send(new PutResourcePolicyCommand({
+                SecretId: fullSecretName,
+                ResourcePolicy: JSON.stringify(policy),
+            }));
+        }
+    }
+    // ── Versioning ───────────────────────────────────────────────────
+    async getVersion(secretName) {
+        try {
+            const payload = await this.getPayload(secretName);
+            return payload.metadata.version;
+        }
+        catch (error) {
+            if (error instanceof ResourceNotFoundException) {
+                return 0;
+            }
+            throw error;
+        }
+    }
+    // ── Private Helpers ──────────────────────────────────────────────
+    /**
+     * Resolve a user identifier (username or ARN) to a full ARN.
+     */
+    async resolveUserArn(userIdentifier) {
+        // If it's already an ARN, return it directly
+        if (userIdentifier.startsWith("arn:aws:")) {
+            return userIdentifier;
+        }
+        // Otherwise, look up the user by username
+        try {
+            const result = await this.iamClient.send(new GetUserCommand({ UserName: userIdentifier }));
+            if (!result.User?.Arn) {
+                throw new Error(`Could not resolve ARN for user '${userIdentifier}'.`);
+            }
+            return result.User.Arn;
+        }
+        catch {
+            throw new Error(`Failed to resolve user '${userIdentifier}'. ` +
+                `Provide either a valid IAM username or a full ARN.`);
+        }
+    }
+}
+function createEmptyPolicy() {
+    return {
+        Version: "2012-10-17",
+        Statement: [],
+    };
+}
+//# sourceMappingURL=aws-secrets.provider.js.map

package/dist/providers/aws/aws-secrets.provider.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"aws-secrets.provider.js","sourceRoot":"","sources":["../../../src/providers/aws/aws-secrets.provider.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,oBAAoB,EACpB,mBAAmB,EACnB,qBAAqB,EACrB,mBAAmB,EACnB,kBAAkB,EAClB,mBAAmB,EACnB,qBAAqB,EACrB,wBAAwB,EACxB,wBAAwB,EACxB,2BAA2B,EAC3B,yBAAyB,GAC1B,MAAM,iCAAiC,CAAC;AACzC,OAAO,EACL,SAAS,EACT,cAAc,GACf,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EAAE,OAAO,EAAE,MAAM,+BAA+B,CAAC;AAUxD,OAAO,EAAE,eAAe,EAAE,MAAM,2BAA2B,CAAC;AAoB5D;;;;;GAKG;AACH,MAAM,OAAO,kBAAkB;IACpB,IAAI,GAAG,KAAK,CAAC;IACd,MAAM,CAAuB;IAC7B,SAAS,CAAY;IACrB,MAAM,CAAS;IAEvB,YAAY,MAAiB,EAAE,SAAiB,SAAS;QACvD,MAAM,WAAW,GAAG,OAAO,CAAC,EAAE,OAAO,EAAE,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;QAEzD,IAAI,CAAC,MAAM,GAAG,IAAI,oBAAoB,CAAC;YACrC,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,WAAW;SACZ,CAAC,CAAC;QAEH,IAAI,CAAC,SAAS,GAAG,IAAI,SAAS,CAAC;YAC7B,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,WAAW;SACZ,CAAC,CAAC;QAEH,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;IAED;;OAEG;IACK,QAAQ,CAAC,UAAkB;QACjC,OAAO,GAAG,IAAI,CAAC,MAAM,GAAG,UAAU,EAAE,CAAC;IACvC,CAAC;IAED;;OAEG;IACK,WAAW,CAAC,QAAgB;QAClC,IAAI,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;YACrC,OAAO,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAChD,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,YAAY,CAAC,UAAkB;QAC3C,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CACpB,IAAI,qBAAqB,CAAC,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC,CACnE,CAAC;YACF,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,yBAAyB,EAAE,CAAC;gBAC/C,OAAO,KAAK,CAAC;YACf,CAAC;YACD,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,UAAU,CAAC,UAAkB;QACzC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CACnC,IAAI,qBAAqB,CAAC,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC,CACnE,CAAC;QAEF,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CAAC,WAAW,UAAU,0BAA0B,CAAC,CAAC;QACnE,CAAC;QAED,OAAO,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,YAAY,CAAkB,CAAC;IAC1D,CAAC;IAED,oEAAoE;IAEpE,KAAK,CAAC,IAAI,CACR,UAAkB,EAClB,OAAe,EACf,OAAqB;QAErB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,UAAU,CAAC,CAAC;QACnD,IAAI,UAAkB,CAAC;QAEvB,IAAI,MAAM,EAAE,CAAC;YACX,sBAAsB;YACtB,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;YACzD,UAAU,GAAG,cAAc,CAAC,QAAQ,CAAC,OAAO,GAAG,CAAC,CAAC;YAEjD,MAAM,OAAO,GAAkB;gBAC7B,OAAO;gBACP,QAAQ,EAAE;oBACR,OAAO,EAAE,UAAU;oBACnB,OAAO,EAAE,OAAO,EAAE,OAAO;oBACzB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;oBACnC,SAAS,EAAE,YAAY;iBACxB;aACF,CAAC;YAEF,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CACpB,IAAI,mBAAmB,CAAC;gBACtB,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC;gBACnC,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;aACtC,CAAC,CACH,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,oBAAoB;YACpB,UAAU,GAAG,CAAC,CAAC;YAEf,MAAM,OAAO,GAAkB;gBAC7B,OAAO;gBACP,QAAQ,EAAE;oBACR,OAAO,EAAE,UAAU;oBACnB,OAAO,EAAE,OAAO,EAAE,OAAO;oBACzB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;oBACnC,SAAS,EAAE,YAAY;iBACxB;aACF,CAAC;YAEF,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CACpB,IAAI,mBAAmB,CAAC;gBACtB,IAAI,EAAE,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC;gBAC/B,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;gBACrC,WAAW,EAAE,uBAAuB;aACrC,CAAC,CACH,CAAC;QACJ,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC;IACnD,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,UAAkB;QAC3B,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;QAElD,OAAO;YACL,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,OAAO,EAAE,OAAO,CAAC,QAAQ,CAAC,OAAO;YACjC,IAAI,EAAE,UAAU;SACjB,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,UAAkB;QAC1B,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;QAClD,OAAO,OAAO,CAAC,OAAO,CAAC;IACzB,CAAC;IAED,KAAK,CAAC,IAAI;QACR,MAAM,KAAK,GAAqB,EAAE,CAAC;QACnC,IAAI,SAA6B,CAAC;QAElC,GAAG,CAAC;YACF,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CACnC,IAAI,kBAAkB,CAAC;gBACrB,SAAS,EAAE,SAAS;gBACpB,OAAO,EAAE;oBACP;wBACE,GAAG,EAAE,MAAM;wBACX,MAAM,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC;qBACtB;iBACF;aACF,CAAC,CACH,CAAC;YAEF,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;gBACtB,KAAK,MAAM,MAAM,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;oBACvC,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;wBAC1C,SAAS;oBACX,CAAC;oBAED,oDAAoD;oBACpD,IAAI,YAAY,GAAG,CAAC,CAAC;oBACrB,IAAI,WAAW,GAAkB,IAAI,CAAC;oBAEtC,IAAI,CAAC;wBACH,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;wBACrE,MAAM,OAAO,GAAG,eAAe,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;wBACjD,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC;wBAC5B,WAAW,GAAG,OAAO,CAAC,QAAQ,CAAC,OAAO,IAAI,IAAI,CAAC;oBACjD,CAAC;oBAAC,MAAM,CAAC;wBACP,oDAAoD;oBACtD,CAAC;oBAED,KAAK,CAAC,IAAI,CAAC;wBACT,IAAI,EAAE,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC;wBACnC,YAAY;wBACZ,SAAS,EAAE,MAAM,CAAC,eAAe,IAAI,IAAI;wBACzC,WAAW;qBACZ,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAED,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC;QAC/B,CAAC,QAAQ,SAAS,EAAE;QAEpB,OAAO,KAAK,CAAC;IACf,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,UAAkB,EAAE,OAAuB;QACtD,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CACpB,IAAI,mBAAmB,CAAC;YACtB,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC;YACnC,0BAA0B,EAAE,OAAO,EAAE,KAAK,IAAI,KAAK;SACpD,CAAC,CACH,CAAC;IACJ,CAAC;IAED,oEAAoE;IAEpE,KAAK,CAAC,KAAK,CAAC,UAAkB,EAAE,cAAsB;QACpD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,cAAc,CAAC,CAAC;QAC1D,MAAM,cAAc,GAAG,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;QAEjD,qBAAqB;QACrB,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAC3C,IAAI,qBAAqB,CAAC,EAAE,QAAQ,EAAE,cAAc,EAAE,CAAC,CACxD,CAAC;QACF,MAAM,SAAS,GAAG,cAAc,CAAC,GAAG,CAAC;QAErC,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CAAC,uCAAuC,UAAU,IAAI,CAAC,CAAC;QACzE,CAAC;QAED,0CAA0C;QAC1C,IAAI,MAAsB,CAAC;QAC3B,IAAI,CAAC;YACH,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CACzC,IAAI,wBAAwB,CAAC,EAAE,QAAQ,EAAE,cAAc,EAAE,CAAC,CAC3D,CAAC;YACF,MAAM,GAAG,YAAY,CAAC,cAAc;gBAClC,CAAC,CAAE,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,cAAc,CAAoB;gBAC7D,CAAC,CAAC,iBAAiB,EAAE,CAAC;QAC1B,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,GAAG,iBAAiB,EAAE,CAAC;QAC/B,CAAC;QAED,6BAA6B;QAC7B,MAAM,iBAAiB,GAAG,MAAM,CAAC,SAAS,CAAC,IAAI,CAC7C,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,cAAc,CAChC,CAAC;QAEF,IAAI,iBAAiB,EAAE,CAAC;YACtB,MAAM,UAAU,GAAG,KAAK,CAAC,OAAO,CAAC,iBAAiB,CAAC,SAAS,CAAC,GAAG,CAAC;gBAC/D,CAAC,CAAC,iBAAiB,CAAC,SAAS,CAAC,GAAG;gBACjC,CAAC,CAAC,CAAC,iBAAiB,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;YAEtC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;gBAClC,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAC3B,CAAC;YACD,iBAAiB,CAAC,SAAS,CAAC,GAAG,GAAG,UAAU,CAAC;QAC/C,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC;gBACpB,GAAG,EAAE,cAAc;gBACnB,MAAM,EAAE,OAAO;gBACf,SAAS,EAAE,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,EAAE;gBAC7B,MAAM,EAAE,CAAC,+BAA+B,CAAC;gBACzC,QAAQ,EAAE,SAAS;aACpB,CAAC,CAAC;QACL,CAAC;QAED,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CACpB,IAAI,wBAAwB,CAAC;YAC3B,QAAQ,EAAE,cAAc;YACxB,cAAc,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC;SACvC,CAAC,CACH,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,UAAkB,EAAE,cAAsB;QACrD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,cAAc,CAAC,CAAC;QAC1D,MAAM,cAAc,GAAG,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;QAEjD,sBAAsB;QACtB,IAAI,MAAsB,CAAC;QAC3B,IAAI,CAAC;YACH,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CACzC,IAAI,wBAAwB,CAAC,EAAE,QAAQ,EAAE,cAAc,EAAE,CAAC,CAC3D,CAAC;YACF,IAAI,CAAC,YAAY,CAAC,cAAc,EAAE,CAAC;gBACjC,MAAM,IAAI,KAAK,CAAC,sCAAsC,UAAU,IAAI,CAAC,CAAC;YACxE,CAAC;YACD,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,cAAc,CAAmB,CAAC;QACrE,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,KAAK,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,kBAAkB,CAAC,EAAE,CAAC;gBACzE,MAAM,KAAK,CAAC;YACd,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,yCAAyC,UAAU,IAAI,CAAC,CAAC;QAC3E,CAAC;QAED,kCAAkC;QAClC,MAAM,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,cAAc,CAAC,CAAC;QAEzE,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CAAC,6CAA6C,UAAU,IAAI,CAAC,CAAC;QAC/E,CAAC;QAED,MAAM,UAAU,GAAG,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,SAAS,CAAC,GAAG,CAAC;YACvD,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,GAAG;YACzB,CAAC,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QAE9B,MAAM,QAAQ,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,KAAK,OAAO,CAAC,CAAC;QAE7D,IAAI,QAAQ,CAAC,MAAM,KAAK,UAAU,CAAC,MAAM,EAAE,CAAC;YAC1C,MAAM,IAAI,KAAK,CACb,SAAS,cAAc,qCAAqC,UAAU,IAAI,CAC3E,CAAC;QACJ,CAAC;QAED,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1B,8BAA8B;YAC9B,MAAM,CAAC,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,cAAc,CAAC,CAAC;QAC9E,CAAC;aAAM,CAAC;YACN,SAAS,CAAC,SAAS,CAAC,GAAG,GAAG,QAAQ,CAAC;QACrC,CAAC;QAED,IAAI,MAAM,CAAC,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAClC,gDAAgD;YAChD,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CACpB,IAAI,2BAA2B,CAAC,EAAE,QAAQ,EAAE,cAAc,EAAE,CAAC,CAC9D,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CACpB,IAAI,wBAAwB,CAAC;gBAC3B,QAAQ,EAAE,cAAc;gBACxB,cAAc,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC;aACvC,CAAC,CACH,CAAC;QACJ,CAAC;IACH,CAAC;IAED,oEAAoE;IAEpE,KAAK,CAAC,UAAU,CAAC,UAAkB;QACjC,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;YAClD,OAAO,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC;QAClC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,yBAAyB,EAAE,CAAC;gBAC/C,OAAO,CAAC,CAAC;YACX,CAAC;YACD,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED,oEAAoE;IAEpE;;OAEG;IACK,KAAK,CAAC,cAAc,CAAC,cAAsB;QACjD,6CAA6C;QAC7C,IAAI,cAAc,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YAC1C,OAAO,cAAc,CAAC;QACxB,CAAC;QAED,0CAA0C;QAC1C,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,CACtC,IAAI,cAAc,CAAC,EAAE,QAAQ,EAAE,cAAc,EAAE,CAAC,CACjD,CAAC;YAEF,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,GAAG,EAAE,CAAC;gBACtB,MAAM,IAAI,KAAK,CAAC,mCAAmC,cAAc,IAAI,CAAC,CAAC;YACzE,CAAC;YAED,OAAO,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC;QACzB,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,IAAI,KAAK,CACb,2BAA2B,cAAc,KAAK;gBAC5C,oDAAoD,CACvD,CAAC;QACJ,CAAC;IACH,CAAC;CACF;AAiBD,SAAS,iBAAiB;IACxB,OAAO;QACL,OAAO,EAAE,YAAY;QACrB,SAAS,EAAE,EAAE;KACd,CAAC;AACJ,CAAC"}

package/dist/providers/provider.factory.d.ts

@@ -0,0 +1,24 @@
+import { SecretProvider } from "./provider.interface.js";
+import { EnvhubConfig, ProviderType } from "../config/config.schema.js";
+/**
+ * Factory for creating provider instances based on configuration.
+ *
+ * To register a new provider:
+ * 1. Create a class implementing SecretProvider
+ * 2. Add the instantiation logic in the createProvider method
+ */
+export declare class ProviderFactory {
+    /**
+     * Create a SecretProvider instance based on the current configuration.
+     */
+    static createProvider(config: EnvhubConfig): SecretProvider;
+    /**
+     * Get a list of all available provider types.
+     */
+    static getAvailableProviders(): {
+        type: ProviderType;
+        label: string;
+        available: boolean;
+    }[];
+}
+//# sourceMappingURL=provider.factory.d.ts.map

package/dist/providers/provider.factory.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"provider.factory.d.ts","sourceRoot":"","sources":["../../src/providers/provider.factory.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AACzD,OAAO,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,4BAA4B,CAAC;AAGxE;;;;;;GAMG;AACH,qBAAa,eAAe;IAC1B;;OAEG;IACH,MAAM,CAAC,cAAc,CAAC,MAAM,EAAE,YAAY,GAAG,cAAc;IA2B3D;;OAEG;IACH,MAAM,CAAC,qBAAqB,IAAI;QAAE,IAAI,EAAE,YAAY,CAAC;QAAC,KAAK,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,OAAO,CAAA;KAAE,EAAE;CAO5F"}

package/dist/providers/provider.factory.js

@@ -0,0 +1,40 @@
+import { AWSSecretsProvider } from "./aws/aws-secrets.provider.js";
+/**
+ * Factory for creating provider instances based on configuration.
+ *
+ * To register a new provider:
+ * 1. Create a class implementing SecretProvider
+ * 2. Add the instantiation logic in the createProvider method
+ */
+export class ProviderFactory {
+    /**
+     * Create a SecretProvider instance based on the current configuration.
+     */
+    static createProvider(config) {
+        const providerType = config.provider;
+        switch (providerType) {
+            case "aws":
+                if (!config.aws) {
+                    throw new Error("AWS configuration is missing. Run 'envhub init' first.");
+                }
+                return new AWSSecretsProvider(config.aws, config.prefix);
+            case "azure":
+                throw new Error("Azure Key Vault provider is not yet implemented. Coming soon!");
+            case "gcp":
+                throw new Error("GCP Secret Manager provider is not yet implemented. Coming soon!");
+            default:
+                throw new Error(`Unknown provider '${providerType}'. Supported: aws, azure, gcp`);
+        }
+    }
+    /**
+     * Get a list of all available provider types.
+     */
+    static getAvailableProviders() {
+        return [
+            { type: "aws", label: "AWS Secrets Manager", available: true },
+            { type: "azure", label: "Azure Key Vault", available: false },
+            { type: "gcp", label: "GCP Secret Manager", available: false },
+        ];
+    }
+}
+//# sourceMappingURL=provider.factory.js.map

package/dist/providers/provider.factory.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"provider.factory.js","sourceRoot":"","sources":["../../src/providers/provider.factory.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;AAEnE;;;;;;GAMG;AACH,MAAM,OAAO,eAAe;IAC1B;;OAEG;IACH,MAAM,CAAC,cAAc,CAAC,MAAoB;QACxC,MAAM,YAAY,GAAG,MAAM,CAAC,QAAQ,CAAC;QAErC,QAAQ,YAAY,EAAE,CAAC;YACrB,KAAK,KAAK;gBACR,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;oBAChB,MAAM,IAAI,KAAK,CAAC,wDAAwD,CAAC,CAAC;gBAC5E,CAAC;gBACD,OAAO,IAAI,kBAAkB,CAAC,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;YAE3D,KAAK,OAAO;gBACV,MAAM,IAAI,KAAK,CACb,+DAA+D,CAChE,CAAC;YAEJ,KAAK,KAAK;gBACR,MAAM,IAAI,KAAK,CACb,kEAAkE,CACnE,CAAC;YAEJ;gBACE,MAAM,IAAI,KAAK,CACb,qBAAqB,YAA4B,+BAA+B,CACjF,CAAC;QACN,CAAC;IACH,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,qBAAqB;QAC1B,OAAO;YACL,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,qBAAqB,EAAE,SAAS,EAAE,IAAI,EAAE;YAC9D,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,iBAAiB,EAAE,SAAS,EAAE,KAAK,EAAE;YAC7D,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,oBAAoB,EAAE,SAAS,EAAE,KAAK,EAAE;SAC/D,CAAC;IACJ,CAAC;CACF"}

package/dist/providers/provider.interface.d.ts

@@ -0,0 +1,96 @@
+/**
+ * Options for push operations.
+ */
+export interface PushOptions {
+    /** Optional commit-style message describing the change */
+    message?: string;
+    /** Bypass version conflict checking */
+    force?: boolean;
+}
+/**
+ * Result of a push operation.
+ */
+export interface PushResult {
+    /** The new version number after the push */
+    version: number;
+    /** Name of the secret that was pushed */
+    name: string;
+}
+/**
+ * Result of a pull operation.
+ */
+export interface PullResult {
+    /** The raw content of the secret (the .env file content) */
+    content: string;
+    /** The version number of the pulled secret */
+    version: number;
+    /** Name of the secret that was pulled */
+    name: string;
+}
+/**
+ * Information about a secret in a list response.
+ */
+export interface SecretListItem {
+    /** The secret name (without provider prefix) */
+    name: string;
+    /** Number of key-value pairs in the secret */
+    secretsCount: number;
+    /** Last updated timestamp */
+    updatedAt: Date | null;
+    /** Last push message (if any) */
+    lastMessage: string | null;
+}
+/**
+ * Options for delete operations.
+ */
+export interface DeleteOptions {
+    /** Force immediate deletion without scheduling */
+    force?: boolean;
+}
+/**
+ * The SecretProvider interface that every backend provider must implement.
+ *
+ * To add a new provider (e.g. Azure Key Vault, GCP Secret Manager),
+ * create a class that implements this interface and register it in
+ * the ProviderFactory.
+ */
+export interface SecretProvider {
+    /** Unique identifier for this provider (e.g. "aws", "azure", "gcp") */
+    readonly name: string;
+    /**
+     * Push a .env file's content to the cloud provider.
+     * Creates the secret if it doesn't exist, updates it otherwise.
+     */
+    push(secretName: string, content: string, options?: PushOptions): Promise<PushResult>;
+    /**
+     * Pull the latest version of a secret from the cloud provider.
+     */
+    pull(secretName: string): Promise<PullResult>;
+    /**
+     * Read and return the content of a secret without writing to disk.
+     */
+    cat(secretName: string): Promise<string>;
+    /**
+     * List all secrets managed by envhub for this provider.
+     */
+    list(): Promise<SecretListItem[]>;
+    /**
+     * Delete a secret from the cloud provider.
+     */
+    delete(secretName: string, options?: DeleteOptions): Promise<void>;
+    /**
+     * Grant another user access to a secret.
+     * @param userIdentifier - Provider-specific user identifier (e.g. AWS ARN or username)
+     */
+    grant(secretName: string, userIdentifier: string): Promise<void>;
+    /**
+     * Revoke a user's access to a secret.
+     * @param userIdentifier - Provider-specific user identifier (e.g. AWS ARN or username)
+     */
+    revoke(secretName: string, userIdentifier: string): Promise<void>;
+    /**
+     * Get the current remote version number of a secret.
+     */
+    getVersion(secretName: string): Promise<number>;
+}
+//# sourceMappingURL=provider.interface.d.ts.map

package/dist/providers/provider.interface.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"provider.interface.d.ts","sourceRoot":"","sources":["../../src/providers/provider.interface.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,0DAA0D;IAC1D,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,uCAAuC;IACvC,KAAK,CAAC,EAAE,OAAO,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,4CAA4C;IAC5C,OAAO,EAAE,MAAM,CAAC;IAChB,yCAAyC;IACzC,IAAI,EAAE,MAAM,CAAC;CACd;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,4DAA4D;IAC5D,OAAO,EAAE,MAAM,CAAC;IAChB,8CAA8C;IAC9C,OAAO,EAAE,MAAM,CAAC;IAChB,yCAAyC;IACzC,IAAI,EAAE,MAAM,CAAC;CACd;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,gDAAgD;IAChD,IAAI,EAAE,MAAM,CAAC;IACb,8CAA8C;IAC9C,YAAY,EAAE,MAAM,CAAC;IACrB,6BAA6B;IAC7B,SAAS,EAAE,IAAI,GAAG,IAAI,CAAC;IACvB,iCAAiC;IACjC,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;CAC5B;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,kDAAkD;IAClD,KAAK,CAAC,EAAE,OAAO,CAAC;CACjB;AAED;;;;;;GAMG;AACH,MAAM,WAAW,cAAc;IAC7B,uEAAuE;IACvE,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IAItB;;;OAGG;IACH,IAAI,CAAC,UAAU,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;IAEtF;;OAEG;IACH,IAAI,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;IAE9C;;OAEG;IACH,GAAG,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAEzC;;OAEG;IACH,IAAI,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC,CAAC;IAElC;;OAEG;IACH,MAAM,CAAC,UAAU,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAInE;;;OAGG;IACH,KAAK,CAAC,UAAU,EAAE,MAAM,EAAE,cAAc,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAEjE;;;OAGG;IACH,MAAM,CAAC,UAAU,EAAE,MAAM,EAAE,cAAc,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAIlE;;OAEG;IACH,UAAU,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;CACjD"}

package/dist/providers/provider.interface.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=provider.interface.js.map

package/dist/providers/provider.interface.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"provider.interface.js","sourceRoot":"","sources":["../../src/providers/provider.interface.ts"],"names":[],"mappings":""}

package/dist/utils/diff.d.ts

@@ -0,0 +1,27 @@
+/**
+ * Represents a single change between two .env versions.
+ */
+export interface EnvChange {
+    key: string;
+    type: "added" | "removed" | "changed";
+    oldValue?: string;
+    newValue?: string;
+}
+/**
+ * Compare two .env contents and return the differences.
+ *
+ * @param localContent - The current local .env content
+ * @param remoteContent - The remote/new .env content
+ * @returns Array of changes detected
+ */
+export declare function diffEnvContents(localContent: string, remoteContent: string): EnvChange[];
+/**
+ * Format changes into a human-readable string for terminal display.
+ */
+export declare function formatChanges(changes: EnvChange[]): string;
+/**
+ * Format changes into a compact one-line summary.
+ * Example: "3 added, 1 removed, 12 changed"
+ */
+export declare function summarizeChanges(changes: EnvChange[]): string;
+//# sourceMappingURL=diff.d.ts.map

package/dist/utils/diff.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"diff.d.ts","sourceRoot":"","sources":["../../src/utils/diff.ts"],"names":[],"mappings":"AAGA;;GAEG;AACH,MAAM,WAAW,SAAS;IACxB,GAAG,EAAE,MAAM,CAAC;IACZ,IAAI,EAAE,OAAO,GAAG,SAAS,GAAG,SAAS,CAAC;IACtC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED;;;;;;GAMG;AACH,wBAAgB,eAAe,CAC7B,YAAY,EAAE,MAAM,EACpB,aAAa,EAAE,MAAM,GACpB,SAAS,EAAE,CAqCb;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,OAAO,EAAE,SAAS,EAAE,GAAG,MAAM,CAiC1D;AAED;;;GAGG;AACH,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,SAAS,EAAE,GAAG,MAAM,CAe7D"}