guardrail-security 1.0.0

package/dist/secrets/pre-commit.js

@@ -0,0 +1,127 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.preCommitHook = exports.PreCommitHook = void 0;
+const guardian_1 = require("./guardian");
+const child_process_1 = require("child_process");
+const fs_1 = require("fs");
+const path_1 = require("path");
+/**
+ * Pre-Commit Hook for Secrets Detection
+ */
+class PreCommitHook {
+    /**
+     * Generate pre-commit hook script
+     */
+    generateHookScript() {
+        return `#!/bin/bash
+# Guardrail Secrets Detection Pre-Commit Hook
+
+echo "🔍 Scanning for secrets..."
+
+# Run secrets scan via API or CLI
+npx Guardrail secrets scan-staged
+
+if [ $? -ne 0 ]; then
+  echo "❌ Secrets detected! Commit blocked."
+  echo "Please remove secrets or add to .gitignore"
+  exit 1
+fi
+
+echo "✅ No secrets detected"
+exit 0
+`;
+    }
+    /**
+     * Scan staged files
+     */
+    async scanStagedFiles(gitRoot) {
+        try {
+            // Get staged files
+            const stagedFiles = this.getStagedFiles(gitRoot);
+            if (stagedFiles.length === 0) {
+                return {
+                    passed: true,
+                    detections: 0,
+                    files: [],
+                    message: 'No files to scan',
+                };
+            }
+            // Scan each staged file
+            const allDetections = [];
+            for (const file of stagedFiles) {
+                const detections = await guardian_1.secretsGuardian.scanContent(file.content, file.path, {
+                    excludeTests: true,
+                    minConfidence: 0.7,
+                });
+                if (detections.length > 0) {
+                    allDetections.push(file.path);
+                }
+            }
+            const passed = allDetections.length === 0;
+            return {
+                passed,
+                detections: allDetections.length,
+                files: allDetections,
+                message: passed
+                    ? 'No secrets detected in staged files'
+                    : `Secrets detected in ${allDetections.length} file(s)`,
+            };
+        }
+        catch (error) {
+            throw new Error(`Pre-commit scan failed: ${error instanceof Error ? error.message : 'Unknown error'}`);
+        }
+    }
+    /**
+     * Get staged files from git
+     */
+    getStagedFiles(gitRoot) {
+        try {
+            // Get list of staged files
+            const output = (0, child_process_1.execSync)('git diff --cached --name-only --diff-filter=ACM', {
+                cwd: gitRoot,
+                encoding: 'utf-8',
+            });
+            const filePaths = output.trim().split('\n').filter((f) => f);
+            // Read content of each staged file
+            const stagedFiles = [];
+            for (const filePath of filePaths) {
+                try {
+                    // Get staged content (not working directory)
+                    const content = (0, child_process_1.execSync)(`git show :${filePath}`, {
+                        cwd: gitRoot,
+                        encoding: 'utf-8',
+                    });
+                    stagedFiles.push({
+                        path: filePath,
+                        content,
+                    });
+                }
+                catch (error) {
+                    // File might be deleted or binary, skip
+                    continue;
+                }
+            }
+            return stagedFiles;
+        }
+        catch (error) {
+            throw new Error(`Failed to get staged files: ${error instanceof Error ? error.message : 'Unknown error'}`);
+        }
+    }
+    /**
+     * Install pre-commit hook
+     */
+    installHook(gitRoot) {
+        const hookPath = (0, path_1.join)(gitRoot, '.git', 'hooks', 'pre-commit');
+        const hookScript = this.generateHookScript();
+        try {
+            (0, fs_1.writeFileSync)(hookPath, hookScript, { mode: 0o755 });
+            console.log('✅ Pre-commit hook installed successfully');
+        }
+        catch (error) {
+            throw new Error(`Failed to install hook: ${error instanceof Error ? error.message : 'Unknown error'}`);
+        }
+    }
+}
+exports.PreCommitHook = PreCommitHook;
+// Export singleton
+exports.preCommitHook = new PreCommitHook();

package/dist/secrets/vault-integration.d.ts

@@ -0,0 +1,83 @@
+import { SecretDetection } from './guardian';
+/**
+ * Vault configuration
+ */
+export interface VaultConfig {
+    type: 'aws_secrets_manager' | 'hashicorp_vault' | 'azure_keyvault' | 'gcp_secret_manager';
+    endpoint?: string;
+    region?: string;
+    credentials?: {
+        accessKeyId?: string;
+        secretAccessKey?: string;
+        token?: string;
+    };
+}
+/**
+ * Migration result
+ */
+export interface VaultMigrationResult {
+    secretId: string;
+    vaultId: string;
+    envVarName: string;
+    migrated: boolean;
+    error?: string;
+}
+/**
+ * Vault Integration for Secrets
+ *
+ * Helps migrate hardcoded secrets to secure vaults.
+ * Supports AWS Secrets Manager, HashiCorp Vault, Azure Key Vault, and GCP Secret Manager.
+ */
+export declare class VaultIntegration {
+    private providerCache;
+    /**
+     * Get or create a vault provider
+     */
+    private getProvider;
+    /**
+     * Test vault connection
+     */
+    testConnection(vaultConfig: VaultConfig): Promise<{
+        connected: boolean;
+        error?: string;
+    }>;
+    /**
+     * Migrate secrets to vault
+     * Now uses real vault providers instead of simulation
+     */
+    migrateToVault(detections: SecretDetection[], vaultConfig: VaultConfig): Promise<VaultMigrationResult[]>;
+    /**
+     * Retrieve a secret from vault
+     */
+    getSecret(vaultConfig: VaultConfig, secretName: string): Promise<string | null>;
+    /**
+     * List all secrets in vault
+     */
+    listSecrets(vaultConfig: VaultConfig): Promise<string[]>;
+    /**
+     * Delete a secret from vault
+     */
+    deleteSecret(vaultConfig: VaultConfig, secretName: string): Promise<boolean>;
+    /**
+     * Generate environment variable name
+     */
+    generateEnvVarName(detection: SecretDetection): string;
+    /**
+     * Generate code snippet for accessing secret from vault
+     */
+    generateCodeSnippet(vaultConfig: VaultConfig, envVarName: string): string;
+    /**
+     * Generate migration guide
+     */
+    generateMigrationGuide(results: VaultMigrationResult[]): string;
+    /**
+     * Verify a secret exists in vault
+     */
+    verifySecret(vaultConfig: VaultConfig, secretName: string): Promise<boolean>;
+    /**
+     * Batch migrate with progress callback
+     */
+    migrateWithProgress(detections: SecretDetection[], vaultConfig: VaultConfig, onProgress?: (completed: number, total: number, current: string) => void): Promise<VaultMigrationResult[]>;
+}
+export declare const vaultIntegration: VaultIntegration;
+//# sourceMappingURL=vault-integration.d.ts.map

package/dist/secrets/vault-integration.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"vault-integration.d.ts","sourceRoot":"","sources":["../../src/secrets/vault-integration.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAI7C;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE,qBAAqB,GAAG,iBAAiB,GAAG,gBAAgB,GAAG,oBAAoB,CAAC;IAC1F,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE;QACZ,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,eAAe,CAAC,EAAE,MAAM,CAAC;QACzB,KAAK,CAAC,EAAE,MAAM,CAAC;KAChB,CAAC;CACH;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,OAAO,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;;;;GAKG;AACH,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,aAAa,CAAyC;IAE9D;;OAEG;IACH,OAAO,CAAC,WAAW;IAuBnB;;OAEG;IACG,cAAc,CAAC,WAAW,EAAE,WAAW,GAAG,OAAO,CAAC;QAAE,SAAS,EAAE,OAAO,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IAY/F;;;OAGG;IACG,cAAc,CAClB,UAAU,EAAE,eAAe,EAAE,EAC7B,WAAW,EAAE,WAAW,GACvB,OAAO,CAAC,oBAAoB,EAAE,CAAC;IA2DlC;;OAEG;IACG,SAAS,CAAC,WAAW,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAKrF;;OAEG;IACG,WAAW,CAAC,WAAW,EAAE,WAAW,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAK9D;;OAEG;IACG,YAAY,CAAC,WAAW,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAKlF;;OAEG;IACH,kBAAkB,CAAC,SAAS,EAAE,eAAe,GAAG,MAAM;IA4BtD;;OAEG;IACH,mBAAmB,CAAC,WAAW,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,GAAG,MAAM;IAyDzE;;OAEG;IACH,sBAAsB,CAAC,OAAO,EAAE,oBAAoB,EAAE,GAAG,MAAM;IA0B/D;;OAEG;IACG,YAAY,CAAC,WAAW,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAKlF;;OAEG;IACG,mBAAmB,CACvB,UAAU,EAAE,eAAe,EAAE,EAC7B,WAAW,EAAE,WAAW,EACxB,UAAU,CAAC,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,KAAK,IAAI,GACvE,OAAO,CAAC,oBAAoB,EAAE,CAAC;CAoDnC;AAGD,eAAO,MAAM,gBAAgB,kBAAyB,CAAC"}

package/dist/secrets/vault-integration.js

@@ -0,0 +1,295 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.vaultIntegration = exports.VaultIntegration = void 0;
+const patterns_1 = require("./patterns");
+const vault_providers_1 = require("./vault-providers");
+/**
+ * Vault Integration for Secrets
+ *
+ * Helps migrate hardcoded secrets to secure vaults.
+ * Supports AWS Secrets Manager, HashiCorp Vault, Azure Key Vault, and GCP Secret Manager.
+ */
+class VaultIntegration {
+    providerCache = new Map();
+    /**
+     * Get or create a vault provider
+     */
+    getProvider(vaultConfig) {
+        const cacheKey = `${vaultConfig.type}_${vaultConfig.endpoint || 'default'}`;
+        if (!this.providerCache.has(cacheKey)) {
+            const providerConfig = {
+                type: vaultConfig.type,
+                region: vaultConfig.region,
+                endpoint: vaultConfig.endpoint,
+                credentials: vaultConfig.credentials,
+            };
+            try {
+                const provider = (0, vault_providers_1.createVaultProvider)(providerConfig);
+                this.providerCache.set(cacheKey, provider);
+            }
+            catch (error) {
+                console.warn(`Failed to create vault provider, falling back to local: ${error}`);
+                this.providerCache.set(cacheKey, new vault_providers_1.LocalEnvProvider());
+            }
+        }
+        return this.providerCache.get(cacheKey);
+    }
+    /**
+     * Test vault connection
+     */
+    async testConnection(vaultConfig) {
+        try {
+            const provider = this.getProvider(vaultConfig);
+            const connected = await provider.testConnection();
+            return { connected };
+        }
+        catch (error) {
+            return {
+                connected: false,
+                error: error instanceof Error ? error.message : 'Unknown error'
+            };
+        }
+    }
+    /**
+     * Migrate secrets to vault
+     * Now uses real vault providers instead of simulation
+     */
+    async migrateToVault(detections, vaultConfig) {
+        const results = [];
+        const provider = this.getProvider(vaultConfig);
+        // Test connection first
+        const connectionTest = await this.testConnection(vaultConfig);
+        if (!connectionTest.connected) {
+            return detections.map(detection => ({
+                secretId: detection.id || '',
+                vaultId: '',
+                envVarName: this.generateEnvVarName(detection),
+                migrated: false,
+                error: `Vault connection failed: ${connectionTest.error}`,
+            }));
+        }
+        for (const detection of detections) {
+            try {
+                const envVarName = this.generateEnvVarName(detection);
+                // Extract the actual secret value from detection
+                // Note: For security, the actual value should be extracted during scan
+                // maskedValue contains the masked version, snippet contains context
+                const secretValue = detection.rawValue || detection.location.snippet || '';
+                if (!secretValue) {
+                    results.push({
+                        secretId: detection.id || '',
+                        vaultId: '',
+                        envVarName,
+                        migrated: false,
+                        error: 'No secret value found in detection',
+                    });
+                    continue;
+                }
+                // Upload to real vault
+                const vaultId = await provider.createSecret(envVarName, secretValue);
+                results.push({
+                    secretId: detection.id || '',
+                    vaultId,
+                    envVarName,
+                    migrated: true,
+                });
+            }
+            catch (error) {
+                results.push({
+                    secretId: detection.id || '',
+                    vaultId: '',
+                    envVarName: this.generateEnvVarName(detection),
+                    migrated: false,
+                    error: error instanceof Error ? error.message : 'Unknown error',
+                });
+            }
+        }
+        return results;
+    }
+    /**
+     * Retrieve a secret from vault
+     */
+    async getSecret(vaultConfig, secretName) {
+        const provider = this.getProvider(vaultConfig);
+        return provider.getSecret(secretName);
+    }
+    /**
+     * List all secrets in vault
+     */
+    async listSecrets(vaultConfig) {
+        const provider = this.getProvider(vaultConfig);
+        return provider.listSecrets();
+    }
+    /**
+     * Delete a secret from vault
+     */
+    async deleteSecret(vaultConfig, secretName) {
+        const provider = this.getProvider(vaultConfig);
+        return provider.deleteSecret(secretName);
+    }
+    /**
+     * Generate environment variable name
+     */
+    generateEnvVarName(detection) {
+        const typeMap = {
+            [patterns_1.SecretType.AWS_ACCESS_KEY]: 'AWS_ACCESS_KEY_ID',
+            [patterns_1.SecretType.AWS_SECRET_KEY]: 'AWS_SECRET_ACCESS_KEY',
+            [patterns_1.SecretType.GITHUB_TOKEN]: 'GITHUB_TOKEN',
+            [patterns_1.SecretType.GOOGLE_API_KEY]: 'GOOGLE_API_KEY',
+            [patterns_1.SecretType.STRIPE_KEY]: 'STRIPE_SECRET_KEY',
+            [patterns_1.SecretType.JWT_TOKEN]: 'JWT_SECRET',
+            [patterns_1.SecretType.PRIVATE_KEY]: 'PRIVATE_KEY',
+            [patterns_1.SecretType.DATABASE_URL]: 'DATABASE_URL',
+            [patterns_1.SecretType.SLACK_TOKEN]: 'SLACK_TOKEN',
+            [patterns_1.SecretType.API_KEY_GENERIC]: 'API_KEY',
+            [patterns_1.SecretType.API_KEY]: 'API_KEY',
+            [patterns_1.SecretType.TOKEN]: 'TOKEN',
+            [patterns_1.SecretType.CERTIFICATE]: 'CERTIFICATE',
+            [patterns_1.SecretType.JWT_SECRET]: 'JWT_SECRET',
+            [patterns_1.SecretType.PASSWORD]: 'PASSWORD',
+            [patterns_1.SecretType.OTHER]: 'SECRET'
+        };
+        const baseName = typeMap[detection.secretType] || 'SECRET';
+        // Add file-based suffix if multiple of same type
+        const fileName = detection.filePath.split('/').pop()?.replace(/[^a-zA-Z0-9]/g, '_').toUpperCase();
+        return `${baseName}_${fileName}`;
+    }
+    /**
+     * Generate code snippet for accessing secret from vault
+     */
+    generateCodeSnippet(vaultConfig, envVarName) {
+        switch (vaultConfig.type) {
+            case 'aws_secrets_manager':
+                return `
+// AWS Secrets Manager
+import { SecretsManagerClient, GetSecretValueCommand } from "@aws-sdk/client-secrets-manager";
+
+const client = new SecretsManagerClient({ region: "${vaultConfig.region || 'us-east-1'}" });
+const response = await client.send(
+  new GetSecretValueCommand({ SecretId: "${envVarName}" })
+);
+const secret = response.SecretString;
+`;
+            case 'hashicorp_vault':
+                return `
+// HashiCorp Vault
+import vault from "node-vault";
+
+const vaultClient = vault({
+  endpoint: "${vaultConfig.endpoint || 'http://127.0.0.1:8200'}",
+  token: process.env.VAULT_TOKEN
+});
+
+const { data } = await vaultClient.read("secret/data/${envVarName}");
+const secret = data.data.value;
+`;
+            case 'azure_keyvault':
+                return `
+// Azure Key Vault
+import { SecretClient } from "@azure/keyvault-secrets";
+import { DefaultAzureCredential } from "@azure/identity";
+
+const credential = new DefaultAzureCredential();
+const client = new SecretClient("${vaultConfig.endpoint}", credential);
+const secret = await client.getSecret("${envVarName}");
+const value = secret.value;
+`;
+            case 'gcp_secret_manager':
+                return `
+// GCP Secret Manager
+import { SecretManagerServiceClient } from '@google-cloud/secret-manager';
+
+const client = new SecretManagerServiceClient();
+const [version] = await client.accessSecretVersion({
+  name: 'projects/PROJECT_ID/secrets/${envVarName}/versions/latest',
+});
+const secret = version.payload?.data?.toString();
+`;
+            default:
+                return `// Use environment variable: process.env.${envVarName}`;
+        }
+    }
+    /**
+     * Generate migration guide
+     */
+    generateMigrationGuide(results) {
+        let guide = '# Secrets Migration Guide\n\n';
+        guide += '## Detected Secrets\n\n';
+        for (const result of results) {
+            guide += `### ${result.envVarName}\n`;
+            guide += `- Vault ID: ${result.vaultId}\n`;
+            guide += `- Status: ${result.migrated ? '✅ Migrated' : '❌ Failed'}\n`;
+            if (result.error) {
+                guide += `- Error: ${result.error}\n`;
+            }
+            guide += '\n';
+        }
+        guide += '## Next Steps\n\n';
+        guide += '1. Update your code to fetch secrets from vault\n';
+        guide += '2. Remove hardcoded secrets from source code\n';
+        guide += '3. Update CI/CD pipelines to use vault credentials\n';
+        guide += '4. Test the integration\n';
+        guide += '5. Commit and push changes\n';
+        return guide;
+    }
+    /**
+     * Verify a secret exists in vault
+     */
+    async verifySecret(vaultConfig, secretName) {
+        const secret = await this.getSecret(vaultConfig, secretName);
+        return secret !== null;
+    }
+    /**
+     * Batch migrate with progress callback
+     */
+    async migrateWithProgress(detections, vaultConfig, onProgress) {
+        const results = [];
+        const provider = this.getProvider(vaultConfig);
+        const total = detections.length;
+        for (let i = 0; i < detections.length; i++) {
+            const detection = detections[i];
+            if (!detection)
+                continue;
+            const envVarName = this.generateEnvVarName(detection);
+            if (onProgress) {
+                onProgress(i, total, envVarName);
+            }
+            try {
+                const secretValue = detection.rawValue || detection.location.snippet || '';
+                if (!secretValue) {
+                    results.push({
+                        secretId: detection.id || '',
+                        vaultId: '',
+                        envVarName,
+                        migrated: false,
+                        error: 'No secret value found',
+                    });
+                    continue;
+                }
+                const vaultId = await provider.createSecret(envVarName, secretValue);
+                results.push({
+                    secretId: detection.id || '',
+                    vaultId,
+                    envVarName,
+                    migrated: true,
+                });
+            }
+            catch (error) {
+                results.push({
+                    secretId: detection.id || '',
+                    vaultId: '',
+                    envVarName,
+                    migrated: false,
+                    error: error instanceof Error ? error.message : 'Unknown error',
+                });
+            }
+        }
+        if (onProgress) {
+            onProgress(total, total, 'Complete');
+        }
+        return results;
+    }
+}
+exports.VaultIntegration = VaultIntegration;
+// Export singleton
+exports.vaultIntegration = new VaultIntegration();

package/dist/secrets/vault-providers.d.ts

@@ -0,0 +1,110 @@
+/**
+ * Vault Providers
+ *
+ * Real implementations for secret vault integrations:
+ * - AWS Secrets Manager
+ * - HashiCorp Vault
+ * - Azure Key Vault
+ * - GCP Secret Manager
+ */
+export interface VaultProvider {
+    name: string;
+    createSecret(name: string, value: string): Promise<string>;
+    getSecret(name: string): Promise<string | null>;
+    deleteSecret(name: string): Promise<boolean>;
+    listSecrets(): Promise<string[]>;
+    testConnection(): Promise<boolean>;
+}
+export interface VaultProviderConfig {
+    type: 'aws_secrets_manager' | 'hashicorp_vault' | 'azure_keyvault' | 'gcp_secret_manager';
+    region?: string;
+    endpoint?: string;
+    projectId?: string;
+    credentials?: {
+        accessKeyId?: string;
+        secretAccessKey?: string;
+        token?: string;
+        clientId?: string;
+        clientSecret?: string;
+        tenantId?: string;
+    };
+}
+/**
+ * AWS Secrets Manager Provider
+ */
+export declare class AWSSecretsManagerProvider implements VaultProvider {
+    name: string;
+    private client;
+    private region;
+    constructor(config: VaultProviderConfig);
+    private getClient;
+    createSecret(name: string, value: string): Promise<string>;
+    getSecret(name: string): Promise<string | null>;
+    deleteSecret(name: string): Promise<boolean>;
+    listSecrets(): Promise<string[]>;
+    testConnection(): Promise<boolean>;
+}
+/**
+ * HashiCorp Vault Provider
+ */
+export declare class HashiCorpVaultProvider implements VaultProvider {
+    name: string;
+    private client;
+    private endpoint;
+    private token;
+    private mountPath;
+    constructor(config: VaultProviderConfig);
+    private getClient;
+    createSecret(name: string, value: string): Promise<string>;
+    getSecret(name: string): Promise<string | null>;
+    deleteSecret(name: string): Promise<boolean>;
+    listSecrets(): Promise<string[]>;
+    testConnection(): Promise<boolean>;
+}
+/**
+ * Azure Key Vault Provider
+ */
+export declare class AzureKeyVaultProvider implements VaultProvider {
+    name: string;
+    private client;
+    private vaultUrl;
+    constructor(config: VaultProviderConfig);
+    private getClient;
+    createSecret(name: string, value: string): Promise<string>;
+    getSecret(name: string): Promise<string | null>;
+    deleteSecret(name: string): Promise<boolean>;
+    listSecrets(): Promise<string[]>;
+    testConnection(): Promise<boolean>;
+}
+/**
+ * GCP Secret Manager Provider
+ */
+export declare class GCPSecretManagerProvider implements VaultProvider {
+    name: string;
+    private client;
+    private projectId;
+    constructor(config: VaultProviderConfig);
+    private getClient;
+    createSecret(name: string, value: string): Promise<string>;
+    getSecret(name: string): Promise<string | null>;
+    deleteSecret(name: string): Promise<boolean>;
+    listSecrets(): Promise<string[]>;
+    testConnection(): Promise<boolean>;
+}
+/**
+ * Factory function to create vault provider
+ */
+export declare function createVaultProvider(config: VaultProviderConfig): VaultProvider;
+/**
+ * Local environment provider (for development/testing)
+ */
+export declare class LocalEnvProvider implements VaultProvider {
+    name: string;
+    private secrets;
+    createSecret(name: string, value: string): Promise<string>;
+    getSecret(name: string): Promise<string | null>;
+    deleteSecret(name: string): Promise<boolean>;
+    listSecrets(): Promise<string[]>;
+    testConnection(): Promise<boolean>;
+}
+//# sourceMappingURL=vault-providers.d.ts.map

package/dist/secrets/vault-providers.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"vault-providers.d.ts","sourceRoot":"","sources":["../../src/secrets/vault-providers.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAGH,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAC3D,SAAS,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IAChD,YAAY,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAC7C,WAAW,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;IACjC,cAAc,IAAI,OAAO,CAAC,OAAO,CAAC,CAAC;CACpC;AAED,MAAM,WAAW,mBAAmB;IAClC,IAAI,EAAE,qBAAqB,GAAG,iBAAiB,GAAG,gBAAgB,GAAG,oBAAoB,CAAC;IAC1F,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,WAAW,CAAC,EAAE;QACZ,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,eAAe,CAAC,EAAE,MAAM,CAAC;QACzB,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,QAAQ,CAAC,EAAE,MAAM,CAAC;KACnB,CAAC;CACH;AAED;;GAEG;AACH,qBAAa,yBAA0B,YAAW,aAAa;IAC7D,IAAI,SAAyB;IAC7B,OAAO,CAAC,MAAM,CAAM;IACpB,OAAO,CAAC,MAAM,CAAS;gBAEX,MAAM,EAAE,mBAAmB;YAIzB,SAAS;IAQjB,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAwB1D,SAAS,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAe/C,YAAY,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAe5C,WAAW,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;IAQhC,cAAc,IAAI,OAAO,CAAC,OAAO,CAAC;CAQzC;AAED;;GAEG;AACH,qBAAa,sBAAuB,YAAW,aAAa;IAC1D,IAAI,SAAqB;IACzB,OAAO,CAAC,MAAM,CAAM;IACpB,OAAO,CAAC,QAAQ,CAAS;IACzB,OAAO,CAAC,KAAK,CAAS;IACtB,OAAO,CAAC,SAAS,CAAS;gBAEd,MAAM,EAAE,mBAAmB;YAMzB,SAAS;IAWjB,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAY1D,SAAS,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAe/C,YAAY,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAY5C,WAAW,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;IAYhC,cAAc,IAAI,OAAO,CAAC,OAAO,CAAC;CASzC;AAED;;GAEG;AACH,qBAAa,qBAAsB,YAAW,aAAa;IACzD,IAAI,SAAqB;IACzB,OAAO,CAAC,MAAM,CAAM;IACpB,OAAO,CAAC,QAAQ,CAAS;gBAEb,MAAM,EAAE,mBAAmB;YAOzB,SAAS;IAWjB,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAW1D,SAAS,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAe/C,YAAY,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAY5C,WAAW,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;IAWhC,cAAc,IAAI,OAAO,CAAC,OAAO,CAAC;CAQzC;AAED;;GAEG;AACH,qBAAa,wBAAyB,YAAW,aAAa;IAC5D,IAAI,SAAwB;IAC5B,OAAO,CAAC,MAAM,CAAM;IACpB,OAAO,CAAC,SAAS,CAAS;gBAEd,MAAM,EAAE,mBAAmB;YAOzB,SAAS;IAQjB,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IA6B1D,SAAS,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAgB/C,YAAY,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAa5C,WAAW,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;IAQhC,cAAc,IAAI,OAAO,CAAC,OAAO,CAAC;CAQzC;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,mBAAmB,GAAG,aAAa,CAa9E;AAED;;GAEG;AACH,qBAAa,gBAAiB,YAAW,aAAa;IACpD,IAAI,SAAuB;IAC3B,OAAO,CAAC,OAAO,CAAkC;IAE3C,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAK1D,SAAS,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAI/C,YAAY,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAI5C,WAAW,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;IAIhC,cAAc,IAAI,OAAO,CAAC,OAAO,CAAC;CAGzC"}