npm - keyenv - Versions diffs - 0.1.0 → 1.1.0 - Mend

keyenv 0.1.0 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/README.md CHANGED Viewed

@@ -103,6 +103,19 @@ for (const env of project.environments) {
 }
 ```
+### Service Token Info
+```typescript
+// Get current user or service token info
+const user = await client.getCurrentUser();
+if (user.auth_type === 'service_token') {
+  // Service tokens can access multiple projects
+  console.log('Projects:', user.project_ids);
+  console.log('Scopes:', user.scopes);
+}
+```
 ## Error Handling
 ```typescript
@@ -156,6 +169,12 @@ Create a new KeyEnv client.
 | `bulkImport(projectId, env, secrets)` | Bulk import secrets |
 | `loadEnv(projectId, env)` | Load secrets into process.env |
 | `generateEnvFile(projectId, env)` | Generate .env file content |
+| `listPermissions(projectId, env)` | List permissions for an environment |
+| `setPermission(projectId, env, userId, role)` | Set user's permission |
+| `deletePermission(projectId, env, userId)` | Delete user's permission |
+| `getMyPermissions(projectId)` | Get current user's permissions |
+| `getProjectDefaults(projectId)` | Get default permissions |
+| `setProjectDefaults(projectId, defaults)` | Set default permissions |
 ## License

package/dist/index.d.mts CHANGED Viewed

@@ -4,6 +4,8 @@ interface KeyEnvOptions {
     token: string;
     /** Request timeout in milliseconds (default: 30000) */
     timeout?: number;
+    /** Cache TTL in seconds for exportSecrets/loadEnv (default: 0 = disabled). Also configurable via KEYENV_CACHE_TTL env var. */
+    cacheTtl?: number;
 }
 /** User or service token info */
 interface User {
@@ -16,8 +18,8 @@ interface User {
     auth_type?: 'service_token' | 'user';
     /** Team ID (for service tokens) */
     team_id?: string;
-    /** Project ID (for project-scoped service tokens) */
-    project_id?: string;
+    /** Project IDs (for project-scoped service tokens) */
+    project_ids?: string[];
     /** Token scopes (for service tokens) */
     scopes?: string[];
     created_at: string;
@@ -87,6 +89,42 @@ declare class KeyEnvError extends Error {
     readonly details?: Record<string, unknown>;
     constructor(message: string, status: number, code?: string, details?: Record<string, unknown>);
 }
+/** Environment permission role */
+type EnvironmentRole = 'none' | 'read' | 'write' | 'admin';
+/** Environment permission for a user */
+interface EnvironmentPermission {
+    id: string;
+    environment_id: string;
+    user_id: string;
+    role: EnvironmentRole;
+    user_email?: string;
+    user_name?: string;
+    granted_by?: string;
+    created_at: string;
+    updated_at: string;
+}
+/** User's permission for an environment */
+interface MyPermission {
+    environment_id: string;
+    environment_name: string;
+    role: EnvironmentRole;
+    can_read: boolean;
+    can_write: boolean;
+    can_admin: boolean;
+}
+/** Response for getting user's permissions */
+interface MyPermissionsResponse {
+    permissions: MyPermission[];
+    is_team_admin: boolean;
+}
+/** Project default permission for an environment */
+interface ProjectDefault {
+    id: string;
+    project_id: string;
+    environment_name: string;
+    default_role: EnvironmentRole;
+    created_at: string;
+}
 /**
  * KeyEnv API client for managing secrets
@@ -104,6 +142,7 @@ declare class KeyEnvError extends Error {
 declare class KeyEnv {
     private readonly token;
     private readonly timeout;
+    private readonly cacheTtl;
     constructor(options: KeyEnvOptions);
     private request;
     /** Get the current user or service token info */
@@ -127,7 +166,8 @@ declare class KeyEnv {
     /** List secrets in an environment (keys and metadata only) */
     listSecrets(projectId: string, environment: string): Promise<Secret[]>;
     /**
-     * Export all secrets with their decrypted values
+     * Export all secrets with their decrypted values.
+     * Results are cached when cacheTtl > 0.
      * @example
      * ```ts
      * const secrets = await client.exportSecrets('project-id', 'production');
@@ -182,6 +222,112 @@ declare class KeyEnv {
     loadEnv(projectId: string, environment: string): Promise<number>;
     /** Generate .env file content from secrets */
     generateEnvFile(projectId: string, environment: string): Promise<string>;
+    /**
+     * Clear the secrets cache.
+     * @param projectId - Clear cache for specific project (optional)
+     * @param environment - Clear cache for specific environment (requires projectId)
+     */
+    clearCache(projectId?: string, environment?: string): void;
+    /**
+     * List all permissions for an environment.
+     * @param projectId - The project ID
+     * @param environment - The environment name
+     * @returns Array of environment permissions
+     * @example
+     * ```ts
+     * const permissions = await client.listPermissions('project-id', 'production');
+     * for (const perm of permissions) {
+     *   console.log(`${perm.user_email}: ${perm.role}`);
+     * }
+     * ```
+     */
+    listPermissions(projectId: string, environment: string): Promise<EnvironmentPermission[]>;
+    /**
+     * Set a user's permission for an environment.
+     * @param projectId - The project ID
+     * @param environment - The environment name
+     * @param userId - The user ID to set permission for
+     * @param role - The permission role ('none', 'read', 'write', or 'admin')
+     * @returns The created or updated permission
+     * @example
+     * ```ts
+     * const permission = await client.setPermission('project-id', 'production', 'user-id', 'write');
+     * console.log(`Set ${permission.user_email} to ${permission.role}`);
+     * ```
+     */
+    setPermission(projectId: string, environment: string, userId: string, role: EnvironmentRole): Promise<EnvironmentPermission>;
+    /**
+     * Delete a user's permission for an environment.
+     * @param projectId - The project ID
+     * @param environment - The environment name
+     * @param userId - The user ID to delete permission for
+     * @example
+     * ```ts
+     * await client.deletePermission('project-id', 'production', 'user-id');
+     * ```
+     */
+    deletePermission(projectId: string, environment: string, userId: string): Promise<void>;
+    /**
+     * Bulk set permissions for multiple users in an environment.
+     * @param projectId - The project ID
+     * @param environment - The environment name
+     * @param permissions - Array of user permissions to set
+     * @returns Array of created or updated permissions
+     * @example
+     * ```ts
+     * const permissions = await client.bulkSetPermissions('project-id', 'production', [
+     *   { userId: 'user-1', role: 'write' },
+     *   { userId: 'user-2', role: 'read' },
+     * ]);
+     * ```
+     */
+    bulkSetPermissions(projectId: string, environment: string, permissions: Array<{
+        userId: string;
+        role: EnvironmentRole;
+    }>): Promise<EnvironmentPermission[]>;
+    /**
+     * Get the current user's permissions for all environments in a project.
+     * @param projectId - The project ID
+     * @returns The user's permissions and team admin status
+     * @example
+     * ```ts
+     * const { permissions, is_team_admin } = await client.getMyPermissions('project-id');
+     * for (const perm of permissions) {
+     *   console.log(`${perm.environment_name}: ${perm.role} (can_write: ${perm.can_write})`);
+     * }
+     * ```
+     */
+    getMyPermissions(projectId: string): Promise<MyPermissionsResponse>;
+    /**
+     * Get default permission settings for a project's environments.
+     * @param projectId - The project ID
+     * @returns Array of project default permissions
+     * @example
+     * ```ts
+     * const defaults = await client.getProjectDefaults('project-id');
+     * for (const def of defaults) {
+     *   console.log(`${def.environment_name}: ${def.default_role}`);
+     * }
+     * ```
+     */
+    getProjectDefaults(projectId: string): Promise<ProjectDefault[]>;
+    /**
+     * Set default permission settings for a project's environments.
+     * @param projectId - The project ID
+     * @param defaults - Array of default permissions to set
+     * @returns Array of updated project default permissions
+     * @example
+     * ```ts
+     * const defaults = await client.setProjectDefaults('project-id', [
+     *   { environmentName: 'development', defaultRole: 'write' },
+     *   { environmentName: 'production', defaultRole: 'read' },
+     * ]);
+     * ```
+     */
+    setProjectDefaults(projectId: string, defaults: Array<{
+        environmentName: string;
+        defaultRole: EnvironmentRole;
+    }>): Promise<ProjectDefault[]>;
 }
-export { type BulkImportResult, type BulkSecretItem, type Environment, KeyEnv, KeyEnvError, type KeyEnvOptions, type Project, type ProjectWithEnvironments, type Secret, type SecretHistory, type SecretWithValue, type User };
+export { type BulkImportResult, type BulkSecretItem, type Environment, type EnvironmentPermission, type EnvironmentRole, KeyEnv, KeyEnvError, type KeyEnvOptions, type MyPermission, type MyPermissionsResponse, type Project, type ProjectDefault, type ProjectWithEnvironments, type Secret, type SecretHistory, type SecretWithValue, type User };

package/dist/index.d.ts CHANGED Viewed

@@ -4,6 +4,8 @@ interface KeyEnvOptions {
     token: string;
     /** Request timeout in milliseconds (default: 30000) */
     timeout?: number;
+    /** Cache TTL in seconds for exportSecrets/loadEnv (default: 0 = disabled). Also configurable via KEYENV_CACHE_TTL env var. */
+    cacheTtl?: number;
 }
 /** User or service token info */
 interface User {
@@ -16,8 +18,8 @@ interface User {
     auth_type?: 'service_token' | 'user';
     /** Team ID (for service tokens) */
     team_id?: string;
-    /** Project ID (for project-scoped service tokens) */
-    project_id?: string;
+    /** Project IDs (for project-scoped service tokens) */
+    project_ids?: string[];
     /** Token scopes (for service tokens) */
     scopes?: string[];
     created_at: string;
@@ -87,6 +89,42 @@ declare class KeyEnvError extends Error {
     readonly details?: Record<string, unknown>;
     constructor(message: string, status: number, code?: string, details?: Record<string, unknown>);
 }
+/** Environment permission role */
+type EnvironmentRole = 'none' | 'read' | 'write' | 'admin';
+/** Environment permission for a user */
+interface EnvironmentPermission {
+    id: string;
+    environment_id: string;
+    user_id: string;
+    role: EnvironmentRole;
+    user_email?: string;
+    user_name?: string;
+    granted_by?: string;
+    created_at: string;
+    updated_at: string;
+}
+/** User's permission for an environment */
+interface MyPermission {
+    environment_id: string;
+    environment_name: string;
+    role: EnvironmentRole;
+    can_read: boolean;
+    can_write: boolean;
+    can_admin: boolean;
+}
+/** Response for getting user's permissions */
+interface MyPermissionsResponse {
+    permissions: MyPermission[];
+    is_team_admin: boolean;
+}
+/** Project default permission for an environment */
+interface ProjectDefault {
+    id: string;
+    project_id: string;
+    environment_name: string;
+    default_role: EnvironmentRole;
+    created_at: string;
+}
 /**
  * KeyEnv API client for managing secrets
@@ -104,6 +142,7 @@ declare class KeyEnvError extends Error {
 declare class KeyEnv {
     private readonly token;
     private readonly timeout;
+    private readonly cacheTtl;
     constructor(options: KeyEnvOptions);
     private request;
     /** Get the current user or service token info */
@@ -127,7 +166,8 @@ declare class KeyEnv {
     /** List secrets in an environment (keys and metadata only) */
     listSecrets(projectId: string, environment: string): Promise<Secret[]>;
     /**
-     * Export all secrets with their decrypted values
+     * Export all secrets with their decrypted values.
+     * Results are cached when cacheTtl > 0.
      * @example
      * ```ts
      * const secrets = await client.exportSecrets('project-id', 'production');
@@ -182,6 +222,112 @@ declare class KeyEnv {
     loadEnv(projectId: string, environment: string): Promise<number>;
     /** Generate .env file content from secrets */
     generateEnvFile(projectId: string, environment: string): Promise<string>;
+    /**
+     * Clear the secrets cache.
+     * @param projectId - Clear cache for specific project (optional)
+     * @param environment - Clear cache for specific environment (requires projectId)
+     */
+    clearCache(projectId?: string, environment?: string): void;
+    /**
+     * List all permissions for an environment.
+     * @param projectId - The project ID
+     * @param environment - The environment name
+     * @returns Array of environment permissions
+     * @example
+     * ```ts
+     * const permissions = await client.listPermissions('project-id', 'production');
+     * for (const perm of permissions) {
+     *   console.log(`${perm.user_email}: ${perm.role}`);
+     * }
+     * ```
+     */
+    listPermissions(projectId: string, environment: string): Promise<EnvironmentPermission[]>;
+    /**
+     * Set a user's permission for an environment.
+     * @param projectId - The project ID
+     * @param environment - The environment name
+     * @param userId - The user ID to set permission for
+     * @param role - The permission role ('none', 'read', 'write', or 'admin')
+     * @returns The created or updated permission
+     * @example
+     * ```ts
+     * const permission = await client.setPermission('project-id', 'production', 'user-id', 'write');
+     * console.log(`Set ${permission.user_email} to ${permission.role}`);
+     * ```
+     */
+    setPermission(projectId: string, environment: string, userId: string, role: EnvironmentRole): Promise<EnvironmentPermission>;
+    /**
+     * Delete a user's permission for an environment.
+     * @param projectId - The project ID
+     * @param environment - The environment name
+     * @param userId - The user ID to delete permission for
+     * @example
+     * ```ts
+     * await client.deletePermission('project-id', 'production', 'user-id');
+     * ```
+     */
+    deletePermission(projectId: string, environment: string, userId: string): Promise<void>;
+    /**
+     * Bulk set permissions for multiple users in an environment.
+     * @param projectId - The project ID
+     * @param environment - The environment name
+     * @param permissions - Array of user permissions to set
+     * @returns Array of created or updated permissions
+     * @example
+     * ```ts
+     * const permissions = await client.bulkSetPermissions('project-id', 'production', [
+     *   { userId: 'user-1', role: 'write' },
+     *   { userId: 'user-2', role: 'read' },
+     * ]);
+     * ```
+     */
+    bulkSetPermissions(projectId: string, environment: string, permissions: Array<{
+        userId: string;
+        role: EnvironmentRole;
+    }>): Promise<EnvironmentPermission[]>;
+    /**
+     * Get the current user's permissions for all environments in a project.
+     * @param projectId - The project ID
+     * @returns The user's permissions and team admin status
+     * @example
+     * ```ts
+     * const { permissions, is_team_admin } = await client.getMyPermissions('project-id');
+     * for (const perm of permissions) {
+     *   console.log(`${perm.environment_name}: ${perm.role} (can_write: ${perm.can_write})`);
+     * }
+     * ```
+     */
+    getMyPermissions(projectId: string): Promise<MyPermissionsResponse>;
+    /**
+     * Get default permission settings for a project's environments.
+     * @param projectId - The project ID
+     * @returns Array of project default permissions
+     * @example
+     * ```ts
+     * const defaults = await client.getProjectDefaults('project-id');
+     * for (const def of defaults) {
+     *   console.log(`${def.environment_name}: ${def.default_role}`);
+     * }
+     * ```
+     */
+    getProjectDefaults(projectId: string): Promise<ProjectDefault[]>;
+    /**
+     * Set default permission settings for a project's environments.
+     * @param projectId - The project ID
+     * @param defaults - Array of default permissions to set
+     * @returns Array of updated project default permissions
+     * @example
+     * ```ts
+     * const defaults = await client.setProjectDefaults('project-id', [
+     *   { environmentName: 'development', defaultRole: 'write' },
+     *   { environmentName: 'production', defaultRole: 'read' },
+     * ]);
+     * ```
+     */
+    setProjectDefaults(projectId: string, defaults: Array<{
+        environmentName: string;
+        defaultRole: EnvironmentRole;
+    }>): Promise<ProjectDefault[]>;
 }
-export { type BulkImportResult, type BulkSecretItem, type Environment, KeyEnv, KeyEnvError, type KeyEnvOptions, type Project, type ProjectWithEnvironments, type Secret, type SecretHistory, type SecretWithValue, type User };
+export { type BulkImportResult, type BulkSecretItem, type Environment, type EnvironmentPermission, type EnvironmentRole, KeyEnv, KeyEnvError, type KeyEnvOptions, type MyPermission, type MyPermissionsResponse, type Project, type ProjectDefault, type ProjectWithEnvironments, type Secret, type SecretHistory, type SecretWithValue, type User };

package/dist/index.js CHANGED Viewed

@@ -42,15 +42,21 @@ var KeyEnvError = class extends Error {
 // src/client.ts
 var BASE_URL = "https://api.keyenv.dev";
 var DEFAULT_TIMEOUT = 3e4;
+var secretsCache = /* @__PURE__ */ new Map();
+function getCacheKey(projectId, environment) {
+  return `${projectId}:${environment}`;
+}
 var KeyEnv = class {
   token;
   timeout;
+  cacheTtl;
   constructor(options) {
     if (!options.token) {
       throw new Error("KeyEnv token is required");
     }
     this.token = options.token;
     this.timeout = options.timeout || DEFAULT_TIMEOUT;
+    this.cacheTtl = options.cacheTtl ?? (process.env.KEYENV_CACHE_TTL ? parseInt(process.env.KEYENV_CACHE_TTL, 10) : 0);
   }
   async request(method, path, body) {
     const url = `${BASE_URL}${path}`;
@@ -144,7 +150,8 @@ var KeyEnv = class {
     return response.secrets;
   }
   /**
-   * Export all secrets with their decrypted values
+   * Export all secrets with their decrypted values.
+   * Results are cached when cacheTtl > 0.
    * @example
    * ```ts
    * const secrets = await client.exportSecrets('project-id', 'production');
@@ -154,10 +161,23 @@ var KeyEnv = class {
    * ```
    */
   async exportSecrets(projectId, environment) {
+    const cacheKey = getCacheKey(projectId, environment);
+    if (this.cacheTtl > 0) {
+      const cached = secretsCache.get(cacheKey);
+      if (cached && Date.now() < cached.expiresAt) {
+        return cached.secrets;
+      }
+    }
     const response = await this.request(
       "GET",
       `/api/v1/projects/${projectId}/environments/${environment}/secrets/export`
     );
+    if (this.cacheTtl > 0) {
+      secretsCache.set(cacheKey, {
+        secrets: response.secrets,
+        expiresAt: Date.now() + this.cacheTtl * 1e3
+      });
+    }
     return response.secrets;
   }
   /**
@@ -187,6 +207,7 @@ var KeyEnv = class {
       `/api/v1/projects/${projectId}/environments/${environment}/secrets`,
       { key, value, description }
     );
+    this.clearCache(projectId, environment);
     return response.secret;
   }
   /** Update a secret's value */
@@ -196,6 +217,7 @@ var KeyEnv = class {
       `/api/v1/projects/${projectId}/environments/${environment}/secrets/${key}`,
       { value, description }
     );
+    this.clearCache(projectId, environment);
     return response.secret;
   }
   /** Set a secret (create or update) */
@@ -215,6 +237,7 @@ var KeyEnv = class {
       "DELETE",
       `/api/v1/projects/${projectId}/environments/${environment}/secrets/${key}`
     );
+    this.clearCache(projectId, environment);
   }
   /** Get secret version history */
   async getSecretHistory(projectId, environment, key) {
@@ -235,11 +258,13 @@ var KeyEnv = class {
    * ```
    */
   async bulkImport(projectId, environment, secrets, options = {}) {
-    return this.request(
+    const result = await this.request(
       "POST",
       `/api/v1/projects/${projectId}/environments/${environment}/secrets/bulk`,
       { secrets, overwrite: options.overwrite ?? false }
     );
+    this.clearCache(projectId, environment);
+    return result;
   }
   /**
    * Load secrets into process.env
@@ -276,6 +301,161 @@ var KeyEnv = class {
     }
     return lines.join("\n") + "\n";
   }
+  /**
+   * Clear the secrets cache.
+   * @param projectId - Clear cache for specific project (optional)
+   * @param environment - Clear cache for specific environment (requires projectId)
+   */
+  clearCache(projectId, environment) {
+    if (projectId && environment) {
+      secretsCache.delete(getCacheKey(projectId, environment));
+    } else if (projectId) {
+      for (const key of secretsCache.keys()) {
+        if (key.startsWith(`${projectId}:`)) {
+          secretsCache.delete(key);
+        }
+      }
+    } else {
+      secretsCache.clear();
+    }
+  }
+  // ============================================================================
+  // Environment Permission Management
+  // ============================================================================
+  /**
+   * List all permissions for an environment.
+   * @param projectId - The project ID
+   * @param environment - The environment name
+   * @returns Array of environment permissions
+   * @example
+   * ```ts
+   * const permissions = await client.listPermissions('project-id', 'production');
+   * for (const perm of permissions) {
+   *   console.log(`${perm.user_email}: ${perm.role}`);
+   * }
+   * ```
+   */
+  async listPermissions(projectId, environment) {
+    const response = await this.request(
+      "GET",
+      `/api/v1/projects/${projectId}/environments/${environment}/permissions`
+    );
+    return response.permissions;
+  }
+  /**
+   * Set a user's permission for an environment.
+   * @param projectId - The project ID
+   * @param environment - The environment name
+   * @param userId - The user ID to set permission for
+   * @param role - The permission role ('none', 'read', 'write', or 'admin')
+   * @returns The created or updated permission
+   * @example
+   * ```ts
+   * const permission = await client.setPermission('project-id', 'production', 'user-id', 'write');
+   * console.log(`Set ${permission.user_email} to ${permission.role}`);
+   * ```
+   */
+  async setPermission(projectId, environment, userId, role) {
+    const response = await this.request(
+      "PUT",
+      `/api/v1/projects/${projectId}/environments/${environment}/permissions/${userId}`,
+      { role }
+    );
+    return response.permission;
+  }
+  /**
+   * Delete a user's permission for an environment.
+   * @param projectId - The project ID
+   * @param environment - The environment name
+   * @param userId - The user ID to delete permission for
+   * @example
+   * ```ts
+   * await client.deletePermission('project-id', 'production', 'user-id');
+   * ```
+   */
+  async deletePermission(projectId, environment, userId) {
+    await this.request(
+      "DELETE",
+      `/api/v1/projects/${projectId}/environments/${environment}/permissions/${userId}`
+    );
+  }
+  /**
+   * Bulk set permissions for multiple users in an environment.
+   * @param projectId - The project ID
+   * @param environment - The environment name
+   * @param permissions - Array of user permissions to set
+   * @returns Array of created or updated permissions
+   * @example
+   * ```ts
+   * const permissions = await client.bulkSetPermissions('project-id', 'production', [
+   *   { userId: 'user-1', role: 'write' },
+   *   { userId: 'user-2', role: 'read' },
+   * ]);
+   * ```
+   */
+  async bulkSetPermissions(projectId, environment, permissions) {
+    const response = await this.request(
+      "PUT",
+      `/api/v1/projects/${projectId}/environments/${environment}/permissions`,
+      { permissions: permissions.map((p) => ({ user_id: p.userId, role: p.role })) }
+    );
+    return response.permissions;
+  }
+  /**
+   * Get the current user's permissions for all environments in a project.
+   * @param projectId - The project ID
+   * @returns The user's permissions and team admin status
+   * @example
+   * ```ts
+   * const { permissions, is_team_admin } = await client.getMyPermissions('project-id');
+   * for (const perm of permissions) {
+   *   console.log(`${perm.environment_name}: ${perm.role} (can_write: ${perm.can_write})`);
+   * }
+   * ```
+   */
+  async getMyPermissions(projectId) {
+    return this.request("GET", `/api/v1/projects/${projectId}/my-permissions`);
+  }
+  /**
+   * Get default permission settings for a project's environments.
+   * @param projectId - The project ID
+   * @returns Array of project default permissions
+   * @example
+   * ```ts
+   * const defaults = await client.getProjectDefaults('project-id');
+   * for (const def of defaults) {
+   *   console.log(`${def.environment_name}: ${def.default_role}`);
+   * }
+   * ```
+   */
+  async getProjectDefaults(projectId) {
+    const response = await this.request(
+      "GET",
+      `/api/v1/projects/${projectId}/permissions/defaults`
+    );
+    return response.defaults;
+  }
+  /**
+   * Set default permission settings for a project's environments.
+   * @param projectId - The project ID
+   * @param defaults - Array of default permissions to set
+   * @returns Array of updated project default permissions
+   * @example
+   * ```ts
+   * const defaults = await client.setProjectDefaults('project-id', [
+   *   { environmentName: 'development', defaultRole: 'write' },
+   *   { environmentName: 'production', defaultRole: 'read' },
+   * ]);
+   * ```
+   */
+  async setProjectDefaults(projectId, defaults) {
+    const response = await this.request(
+      "PUT",
+      `/api/v1/projects/${projectId}/permissions/defaults`,
+      { defaults: defaults.map((d) => ({ environment_name: d.environmentName, default_role: d.defaultRole })) }
+    );
+    return response.defaults;
+  }
 };
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {

package/dist/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../src/index.ts","../src/types.ts","../src/client.ts"],"sourcesContent":["export { KeyEnv } from './client.js';\nexport { KeyEnvError } from './types.js';\nexport type {\n KeyEnvOptions,\n User,\n Project,\n ProjectWithEnvironments,\n Environment,\n Secret,\n SecretWithValue,\n SecretHistory,\n BulkSecretItem,\n BulkImportResult,\n} from './types.js';\n","/** KeyEnv client configuration options /\nexport interface KeyEnvOptions {\n /* Service token for authentication /\n token: string;\n /* Request timeout in milliseconds (default: 30000) /\n timeout?: number;\n}\n\n/* User or service token info /\nexport interface User {\n id: string;\n email?: string;\n name?: string;\n clerk_id?: string;\n avatar_url?: string;\n /* Present for service tokens /\n auth_type?: 'service_token' \| 'user';\n /* Team ID (for service tokens) /\n team_id?: string;\n /* Project ID (for project-scoped service tokens) /\n project_id?: string;\n /* Token scopes (for service tokens) /\n scopes?: string[];\n created_at: string;\n}\n\n/* Project /\nexport interface Project {\n id: string;\n team_id: string;\n name: string;\n slug: string;\n description?: string;\n created_at: string;\n}\n\n/* Environment /\nexport interface Environment {\n id: string;\n project_id: string;\n name: string;\n inherits_from?: string;\n created_at: string;\n}\n\n/* Project with environments /\nexport interface ProjectWithEnvironments extends Project {\n environments: Environment[];\n}\n\n/* Secret (without value) /\nexport interface Secret {\n id: string;\n environment_id: string;\n key: string;\n type: string;\n description?: string;\n version: number;\n created_at: string;\n updated_at: string;\n}\n\n/* Secret with decrypted value /\nexport interface SecretWithValue extends Secret {\n value: string;\n inherited_from?: string;\n}\n\n/* Secret history entry /\nexport interface SecretHistory {\n id: string;\n secret_id: string;\n value: string;\n version: number;\n changed_by?: string;\n changed_at: string;\n}\n\n/* Bulk import request item /\nexport interface BulkSecretItem {\n key: string;\n value: string;\n description?: string;\n}\n\n/* Bulk import result /\nexport interface BulkImportResult {\n created: number;\n updated: number;\n skipped: number;\n}\n\n/* API error response /\nexport interface ApiError {\n error: string;\n code?: string;\n details?: Record<string, unknown>;\n}\n\n/* KeyEnv API error /\nexport class KeyEnvError extends Error {\n public readonly status: number;\n public readonly code?: string;\n public readonly details?: Record<string, unknown>;\n\n constructor(message: string, status: number, code?: string, details?: Record<string, unknown>) {\n super(message);\n this.name = 'KeyEnvError';\n this.status = status;\n this.code = code;\n this.details = details;\n }\n}\n","import type {\n KeyEnvOptions,\n User,\n Project,\n ProjectWithEnvironments,\n Environment,\n Secret,\n SecretWithValue,\n SecretHistory,\n BulkSecretItem,\n BulkImportResult,\n ApiError,\n} from './types.js';\nimport { KeyEnvError } from './types.js';\n\nconst BASE_URL = 'https://api.keyenv.dev';\nconst DEFAULT_TIMEOUT = 30000;\n\n/\n KeyEnv API client for managing secrets\n \n @example\n * ```ts\n * import { KeyEnv } from 'keyenv';\n \n const client = new KeyEnv({ token: process.env.KEYENV_TOKEN });\n \n // Export all secrets for an environment\n * const secrets = await client.exportSecrets('project-id', 'production');\n * ```\n /\nexport class KeyEnv {\n private readonly token: string;\n private readonly timeout: number;\n\n constructor(options: KeyEnvOptions) {\n if (!options.token) {\n throw new Error('KeyEnv token is required');\n }\n this.token = options.token;\n this.timeout = options.timeout \|\| DEFAULT_TIMEOUT;\n }\n\n private async request<T>(method: string, path: string, body?: unknown): Promise<T> {\n const url = `${BASE_URL}${path}`;\n const controller = new AbortController();\n const timeoutId = setTimeout(() => controller.abort(), this.timeout);\n\n try {\n const response = await fetch(url, {\n method,\n headers: {\n 'Authorization': `Bearer ${this.token}`,\n 'Content-Type': 'application/json',\n 'User-Agent': 'keyenv-node/1.0.0',\n },\n body: body ? JSON.stringify(body) : undefined,\n signal: controller.signal,\n });\n\n clearTimeout(timeoutId);\n\n if (!response.ok) {\n let errorData: ApiError = { error: 'Unknown error' };\n try {\n errorData = await response.json() as ApiError;\n } catch {\n errorData = { error: response.statusText };\n }\n throw new KeyEnvError(errorData.error, response.status, errorData.code, errorData.details);\n }\n\n if (response.status === 204) {\n return undefined as T;\n }\n\n return response.json() as Promise<T>;\n } catch (error) {\n clearTimeout(timeoutId);\n if (error instanceof KeyEnvError) throw error;\n if (error instanceof Error && error.name === 'AbortError') {\n throw new KeyEnvError('Request timeout', 408);\n }\n throw new KeyEnvError(error instanceof Error ? error.message : 'Network error', 0);\n }\n }\n\n /* Get the current user or service token info /\n async getCurrentUser(): Promise<User> {\n return this.request<User>('GET', '/api/v1/users/me');\n }\n\n /* Validate the token and return user info /\n async validateToken(): Promise<User> {\n return this.getCurrentUser();\n }\n\n /* List all accessible projects /\n async listProjects(): Promise<Project[]> {\n const response = await this.request<{ projects: Project[] }>('GET', '/api/v1/projects');\n return response.projects;\n }\n\n /* Get a project by ID /\n async getProject(projectId: string): Promise<ProjectWithEnvironments> {\n return this.request<ProjectWithEnvironments>('GET', `/api/v1/projects/${projectId}`);\n }\n\n /* Create a new project /\n async createProject(teamId: string, name: string): Promise<Project> {\n return this.request<Project>('POST', '/api/v1/projects', { team_id: teamId, name });\n }\n\n /* Delete a project /\n async deleteProject(projectId: string): Promise<void> {\n await this.request<void>('DELETE', `/api/v1/projects/${projectId}`);\n }\n\n /* List environments in a project /\n async listEnvironments(projectId: string): Promise<Environment[]> {\n const response = await this.request<{ environments: Environment[] }>(\n 'GET', `/api/v1/projects/${projectId}/environments`\n );\n return response.environments;\n }\n\n /* Create a new environment /\n async createEnvironment(projectId: string, name: string, inheritsFrom?: string): Promise<Environment> {\n return this.request<Environment>(\n 'POST', `/api/v1/projects/${projectId}/environments`,\n { name, inherits_from: inheritsFrom }\n );\n }\n\n /* Delete an environment /\n async deleteEnvironment(projectId: string, environment: string): Promise<void> {\n await this.request<void>('DELETE', `/api/v1/projects/${projectId}/environments/${environment}`);\n }\n\n /* List secrets in an environment (keys and metadata only) /\n async listSecrets(projectId: string, environment: string): Promise<Secret[]> {\n const response = await this.request<{ secrets: Secret[] }>(\n 'GET', `/api/v1/projects/${projectId}/environments/${environment}/secrets`\n );\n return response.secrets;\n }\n\n /\n Export all secrets with their decrypted values\n * @example\n * ```ts\n * const secrets = await client.exportSecrets('project-id', 'production');\n * for (const secret of secrets) {\n * process.env[secret.key] = secret.value;\n * }\n * ```\n /\n async exportSecrets(projectId: string, environment: string): Promise<SecretWithValue[]> {\n const response = await this.request<{ secrets: SecretWithValue[] }>(\n 'GET', `/api/v1/projects/${projectId}/environments/${environment}/secrets/export`\n );\n return response.secrets;\n }\n\n /\n Export secrets as a key-value object\n * @example\n * ```ts\n * const env = await client.exportSecretsAsObject('project-id', 'production');\n * // { DATABASE_URL: '...', API_KEY: '...' }\n * ```\n /\n async exportSecretsAsObject(projectId: string, environment: string): Promise<Record<string, string>> {\n const secrets = await this.exportSecrets(projectId, environment);\n return Object.fromEntries(secrets.map((s) => [s.key, s.value]));\n }\n\n /* Get a single secret with its value /\n async getSecret(projectId: string, environment: string, key: string): Promise<SecretWithValue> {\n const response = await this.request<{ secret: SecretWithValue }>(\n 'GET', `/api/v1/projects/${projectId}/environments/${environment}/secrets/${key}`\n );\n return response.secret;\n }\n\n /* Create a new secret /\n async createSecret(\n projectId: string, environment: string, key: string, value: string, description?: string\n ): Promise<Secret> {\n const response = await this.request<{ secret: Secret }>(\n 'POST', `/api/v1/projects/${projectId}/environments/${environment}/secrets`,\n { key, value, description }\n );\n return response.secret;\n }\n\n /* Update a secret's value /\n async updateSecret(\n projectId: string, environment: string, key: string, value: string, description?: string\n ): Promise<Secret> {\n const response = await this.request<{ secret: Secret }>(\n 'PUT', `/api/v1/projects/${projectId}/environments/${environment}/secrets/${key}`,\n { value, description }\n );\n return response.secret;\n }\n\n /* Set a secret (create or update) /\n async setSecret(\n projectId: string, environment: string, key: string, value: string, description?: string\n ): Promise<Secret> {\n try {\n return await this.updateSecret(projectId, environment, key, value, description);\n } catch (error) {\n if (error instanceof KeyEnvError && error.status === 404) {\n return this.createSecret(projectId, environment, key, value, description);\n }\n throw error;\n }\n }\n\n /* Delete a secret /\n async deleteSecret(projectId: string, environment: string, key: string): Promise<void> {\n await this.request<void>(\n 'DELETE', `/api/v1/projects/${projectId}/environments/${environment}/secrets/${key}`\n );\n }\n\n /* Get secret version history /\n async getSecretHistory(projectId: string, environment: string, key: string): Promise<SecretHistory[]> {\n const response = await this.request<{ history: SecretHistory[] }>(\n 'GET', `/api/v1/projects/${projectId}/environments/${environment}/secrets/${key}/history`\n );\n return response.history;\n }\n\n /\n Bulk import secrets\n * @example\n * ```ts\n * await client.bulkImport('project-id', 'development', [\n * { key: 'DATABASE_URL', value: 'postgres://...' },\n * { key: 'API_KEY', value: 'sk_...' },\n * ], { overwrite: true });\n * ```\n /\n async bulkImport(\n projectId: string, environment: string, secrets: BulkSecretItem[], options: { overwrite?: boolean } = {}\n ): Promise<BulkImportResult> {\n return this.request<BulkImportResult>(\n 'POST', `/api/v1/projects/${projectId}/environments/${environment}/secrets/bulk`,\n { secrets, overwrite: options.overwrite ?? false }\n );\n }\n\n /\n Load secrets into process.env\n * @example\n * ```ts\n * await client.loadEnv('project-id', 'production');\n * console.log(process.env.DATABASE_URL);\n * ```\n /\n async loadEnv(projectId: string, environment: string): Promise<number> {\n const secrets = await this.exportSecrets(projectId, environment);\n for (const secret of secrets) {\n process.env[secret.key] = secret.value;\n }\n return secrets.length;\n }\n\n /* Generate .env file content from secrets */\n async generateEnvFile(projectId: string, environment: string): Promise<string> {\n const secrets = await this.exportSecrets(projectId, environment);\n const lines = [\n '# Generated by KeyEnv',\n `# Environment: ${environment}`,\n `# Generated at: ${new Date().toISOString()}`,\n '',\n ];\n\n for (const secret of secrets) {\n const value = secret.value;\n if (value.includes('\\n') \|\| value.includes('\"') \|\| value.includes(\"'\") \|\| value.includes(' ')) {\n const escaped = value.replace(/\\\\/g, '\\\\\\\\').replace(/\"/g, '\\\\\"');\n lines.push(`${secret.key}=\"${escaped}\"`);\n } else {\n lines.push(`${secret.key}=${value}`);\n }\n }\n\n return lines.join('\\n') + '\\n';\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACoGO,IAAM,cAAN,cAA0B,MAAM;AAAA,EACrB;AAAA,EACA;AAAA,EACA;AAAA,EAEhB,YAAY,SAAiB,QAAgB,MAAe,SAAmC;AAC7F,UAAM,OAAO;AACb,SAAK,OAAO;AACZ,SAAK,SAAS;AACd,SAAK,OAAO;AACZ,SAAK,UAAU;AAAA,EACjB;AACF;;;ACjGA,IAAM,WAAW;AACjB,IAAM,kBAAkB;AAejB,IAAM,SAAN,MAAa;AAAA,EACD;AAAA,EACA;AAAA,EAEjB,YAAY,SAAwB;AAClC,QAAI,CAAC,QAAQ,OAAO;AAClB,YAAM,IAAI,MAAM,0BAA0B;AAAA,IAC5C;AACA,SAAK,QAAQ,QAAQ;AACrB,SAAK,UAAU,QAAQ,WAAW;AAAA,EACpC;AAAA,EAEA,MAAc,QAAW,QAAgB,MAAc,MAA4B;AACjF,UAAM,MAAM,GAAG,QAAQ,GAAG,IAAI;AAC9B,UAAM,aAAa,IAAI,gBAAgB;AACvC,UAAM,YAAY,WAAW,MAAM,WAAW,MAAM,GAAG,KAAK,OAAO;AAEnE,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,KAAK;AAAA,QAChC;AAAA,QACA,SAAS;AAAA,UACP,iBAAiB,UAAU,KAAK,KAAK;AAAA,UACrC,gBAAgB;AAAA,UAChB,cAAc;AAAA,QAChB;AAAA,QACA,MAAM,OAAO,KAAK,UAAU,IAAI,IAAI;AAAA,QACpC,QAAQ,WAAW;AAAA,MACrB,CAAC;AAED,mBAAa,SAAS;AAEtB,UAAI,CAAC,SAAS,IAAI;AAChB,YAAI,YAAsB,EAAE,OAAO,gBAAgB;AACnD,YAAI;AACF,sBAAY,MAAM,SAAS,KAAK;AAAA,QAClC,QAAQ;AACN,sBAAY,EAAE,OAAO,SAAS,WAAW;AAAA,QAC3C;AACA,cAAM,IAAI,YAAY,UAAU,OAAO,SAAS,QAAQ,UAAU,MAAM,UAAU,OAAO;AAAA,MAC3F;AAEA,UAAI,SAAS,WAAW,KAAK;AAC3B,eAAO;AAAA,MACT;AAEA,aAAO,SAAS,KAAK;AAAA,IACvB,SAAS,OAAO;AACd,mBAAa,SAAS;AACtB,UAAI,iBAAiB,YAAa,OAAM;AACxC,UAAI,iBAAiB,SAAS,MAAM,SAAS,cAAc;AACzD,cAAM,IAAI,YAAY,mBAAmB,GAAG;AAAA,MAC9C;AACA,YAAM,IAAI,YAAY,iBAAiB,QAAQ,MAAM,UAAU,iBAAiB,CAAC;AAAA,IACnF;AAAA,EACF;AAAA;AAAA,EAGA,MAAM,iBAAgC;AACpC,WAAO,KAAK,QAAc,OAAO,kBAAkB;AAAA,EACrD;AAAA;AAAA,EAGA,MAAM,gBAA+B;AACnC,WAAO,KAAK,eAAe;AAAA,EAC7B;AAAA;AAAA,EAGA,MAAM,eAAmC;AACvC,UAAM,WAAW,MAAM,KAAK,QAAiC,OAAO,kBAAkB;AACtF,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA,EAGA,MAAM,WAAW,WAAqD;AACpE,WAAO,KAAK,QAAiC,OAAO,oBAAoB,SAAS,EAAE;AAAA,EACrF;AAAA;AAAA,EAGA,MAAM,cAAc,QAAgB,MAAgC;AAClE,WAAO,KAAK,QAAiB,QAAQ,oBAAoB,EAAE,SAAS,QAAQ,KAAK,CAAC;AAAA,EACpF;AAAA;AAAA,EAGA,MAAM,cAAc,WAAkC;AACpD,UAAM,KAAK,QAAc,UAAU,oBAAoB,SAAS,EAAE;AAAA,EACpE;AAAA;AAAA,EAGA,MAAM,iBAAiB,WAA2C;AAChE,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MAAO,oBAAoB,SAAS;AAAA,IACtC;AACA,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA,EAGA,MAAM,kBAAkB,WAAmB,MAAc,cAA6C;AACpG,WAAO,KAAK;AAAA,MACV;AAAA,MAAQ,oBAAoB,SAAS;AAAA,MACrC,EAAE,MAAM,eAAe,aAAa;AAAA,IACtC;AAAA,EACF;AAAA;AAAA,EAGA,MAAM,kBAAkB,WAAmB,aAAoC;AAC7E,UAAM,KAAK,QAAc,UAAU,oBAAoB,SAAS,iBAAiB,WAAW,EAAE;AAAA,EAChG;AAAA;AAAA,EAGA,MAAM,YAAY,WAAmB,aAAwC;AAC3E,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MAAO,oBAAoB,SAAS,iBAAiB,WAAW;AAAA,IAClE;AACA,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAYA,MAAM,cAAc,WAAmB,aAAiD;AACtF,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MAAO,oBAAoB,SAAS,iBAAiB,WAAW;AAAA,IAClE;AACA,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,MAAM,sBAAsB,WAAmB,aAAsD;AACnG,UAAM,UAAU,MAAM,KAAK,cAAc,WAAW,WAAW;AAC/D,WAAO,OAAO,YAAY,QAAQ,IAAI,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC;AAAA,EAChE;AAAA;AAAA,EAGA,MAAM,UAAU,WAAmB,aAAqB,KAAuC;AAC7F,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MAAO,oBAAoB,SAAS,iBAAiB,WAAW,YAAY,GAAG;AAAA,IACjF;AACA,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA,EAGA,MAAM,aACJ,WAAmB,aAAqB,KAAa,OAAe,aACnD;AACjB,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MAAQ,oBAAoB,SAAS,iBAAiB,WAAW;AAAA,MACjE,EAAE,KAAK,OAAO,YAAY;AAAA,IAC5B;AACA,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA,EAGA,MAAM,aACJ,WAAmB,aAAqB,KAAa,OAAe,aACnD;AACjB,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MAAO,oBAAoB,SAAS,iBAAiB,WAAW,YAAY,GAAG;AAAA,MAC/E,EAAE,OAAO,YAAY;AAAA,IACvB;AACA,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA,EAGA,MAAM,UACJ,WAAmB,aAAqB,KAAa,OAAe,aACnD;AACjB,QAAI;AACF,aAAO,MAAM,KAAK,aAAa,WAAW,aAAa,KAAK,OAAO,WAAW;AAAA,IAChF,SAAS,OAAO;AACd,UAAI,iBAAiB,eAAe,MAAM,WAAW,KAAK;AACxD,eAAO,KAAK,aAAa,WAAW,aAAa,KAAK,OAAO,WAAW;AAAA,MAC1E;AACA,YAAM;AAAA,IACR;AAAA,EACF;AAAA;AAAA,EAGA,MAAM,aAAa,WAAmB,aAAqB,KAA4B;AACrF,UAAM,KAAK;AAAA,MACT;AAAA,MAAU,oBAAoB,SAAS,iBAAiB,WAAW,YAAY,GAAG;AAAA,IACpF;AAAA,EACF;AAAA;AAAA,EAGA,MAAM,iBAAiB,WAAmB,aAAqB,KAAuC;AACpG,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MAAO,oBAAoB,SAAS,iBAAiB,WAAW,YAAY,GAAG;AAAA,IACjF;AACA,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAYA,MAAM,WACJ,WAAmB,aAAqB,SAA2B,UAAmC,CAAC,GAC5E;AAC3B,WAAO,KAAK;AAAA,MACV;AAAA,MAAQ,oBAAoB,SAAS,iBAAiB,WAAW;AAAA,MACjE,EAAE,SAAS,WAAW,QAAQ,aAAa,MAAM;AAAA,IACnD;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,MAAM,QAAQ,WAAmB,aAAsC;AACrE,UAAM,UAAU,MAAM,KAAK,cAAc,WAAW,WAAW;AAC/D,eAAW,UAAU,SAAS;AAC5B,cAAQ,IAAI,OAAO,GAAG,IAAI,OAAO;AAAA,IACnC;AACA,WAAO,QAAQ;AAAA,EACjB;AAAA;AAAA,EAGA,MAAM,gBAAgB,WAAmB,aAAsC;AAC7E,UAAM,UAAU,MAAM,KAAK,cAAc,WAAW,WAAW;AAC/D,UAAM,QAAQ;AAAA,MACZ;AAAA,MACA,kBAAkB,WAAW;AAAA,MAC7B,oBAAmB,oBAAI,KAAK,GAAE,YAAY,CAAC;AAAA,MAC3C;AAAA,IACF;AAEA,eAAW,UAAU,SAAS;AAC5B,YAAM,QAAQ,OAAO;AACrB,UAAI,MAAM,SAAS,IAAI,KAAK,MAAM,SAAS,GAAG,KAAK,MAAM,SAAS,GAAG,KAAK,MAAM,SAAS,GAAG,GAAG;AAC7F,cAAM,UAAU,MAAM,QAAQ,OAAO,MAAM,EAAE,QAAQ,MAAM,KAAK;AAChE,cAAM,KAAK,GAAG,OAAO,GAAG,KAAK,OAAO,GAAG;AAAA,MACzC,OAAO;AACL,cAAM,KAAK,GAAG,OAAO,GAAG,IAAI,KAAK,EAAE;AAAA,MACrC;AAAA,IACF;AAEA,WAAO,MAAM,KAAK,IAAI,IAAI;AAAA,EAC5B;AACF;","names":[]}
1	+ {"version":3,"sources":["../src/index.ts","../src/types.ts","../src/client.ts"],"sourcesContent":["export { KeyEnv } from './client.js';\nexport { KeyEnvError } from './types.js';\nexport type {\n KeyEnvOptions,\n User,\n Project,\n ProjectWithEnvironments,\n Environment,\n Secret,\n SecretWithValue,\n SecretHistory,\n BulkSecretItem,\n BulkImportResult,\n EnvironmentRole,\n EnvironmentPermission,\n MyPermission,\n MyPermissionsResponse,\n ProjectDefault,\n} from './types.js';\n","/** KeyEnv client configuration options /\nexport interface KeyEnvOptions {\n /* Service token for authentication /\n token: string;\n /* Request timeout in milliseconds (default: 30000) /\n timeout?: number;\n /* Cache TTL in seconds for exportSecrets/loadEnv (default: 0 = disabled). Also configurable via KEYENV_CACHE_TTL env var. /\n cacheTtl?: number;\n}\n\n/* User or service token info /\nexport interface User {\n id: string;\n email?: string;\n name?: string;\n clerk_id?: string;\n avatar_url?: string;\n /* Present for service tokens /\n auth_type?: 'service_token' \| 'user';\n /* Team ID (for service tokens) /\n team_id?: string;\n /* Project IDs (for project-scoped service tokens) /\n project_ids?: string[];\n /* Token scopes (for service tokens) /\n scopes?: string[];\n created_at: string;\n}\n\n/* Project /\nexport interface Project {\n id: string;\n team_id: string;\n name: string;\n slug: string;\n description?: string;\n created_at: string;\n}\n\n/* Environment /\nexport interface Environment {\n id: string;\n project_id: string;\n name: string;\n inherits_from?: string;\n created_at: string;\n}\n\n/* Project with environments /\nexport interface ProjectWithEnvironments extends Project {\n environments: Environment[];\n}\n\n/* Secret (without value) /\nexport interface Secret {\n id: string;\n environment_id: string;\n key: string;\n type: string;\n description?: string;\n version: number;\n created_at: string;\n updated_at: string;\n}\n\n/* Secret with decrypted value /\nexport interface SecretWithValue extends Secret {\n value: string;\n inherited_from?: string;\n}\n\n/* Secret history entry /\nexport interface SecretHistory {\n id: string;\n secret_id: string;\n value: string;\n version: number;\n changed_by?: string;\n changed_at: string;\n}\n\n/* Bulk import request item /\nexport interface BulkSecretItem {\n key: string;\n value: string;\n description?: string;\n}\n\n/* Bulk import result /\nexport interface BulkImportResult {\n created: number;\n updated: number;\n skipped: number;\n}\n\n/* API error response /\nexport interface ApiError {\n error: string;\n code?: string;\n details?: Record<string, unknown>;\n}\n\n/* KeyEnv API error /\nexport class KeyEnvError extends Error {\n public readonly status: number;\n public readonly code?: string;\n public readonly details?: Record<string, unknown>;\n\n constructor(message: string, status: number, code?: string, details?: Record<string, unknown>) {\n super(message);\n this.name = 'KeyEnvError';\n this.status = status;\n this.code = code;\n this.details = details;\n }\n}\n\n/* Environment permission role /\nexport type EnvironmentRole = 'none' \| 'read' \| 'write' \| 'admin';\n\n/* Environment permission for a user /\nexport interface EnvironmentPermission {\n id: string;\n environment_id: string;\n user_id: string;\n role: EnvironmentRole;\n user_email?: string;\n user_name?: string;\n granted_by?: string;\n created_at: string;\n updated_at: string;\n}\n\n/* User's permission for an environment /\nexport interface MyPermission {\n environment_id: string;\n environment_name: string;\n role: EnvironmentRole;\n can_read: boolean;\n can_write: boolean;\n can_admin: boolean;\n}\n\n/* Response for getting user's permissions /\nexport interface MyPermissionsResponse {\n permissions: MyPermission[];\n is_team_admin: boolean;\n}\n\n/* Project default permission for an environment /\nexport interface ProjectDefault {\n id: string;\n project_id: string;\n environment_name: string;\n default_role: EnvironmentRole;\n created_at: string;\n}\n","import type {\n KeyEnvOptions,\n User,\n Project,\n ProjectWithEnvironments,\n Environment,\n Secret,\n SecretWithValue,\n SecretHistory,\n BulkSecretItem,\n BulkImportResult,\n ApiError,\n EnvironmentRole,\n EnvironmentPermission,\n MyPermissionsResponse,\n ProjectDefault,\n} from './types.js';\nimport { KeyEnvError } from './types.js';\n\nconst BASE_URL = 'https://api.keyenv.dev';\nconst DEFAULT_TIMEOUT = 30000;\n\n/* Module-level cache for secrets (survives across warm serverless invocations) /\nconst secretsCache = new Map<string, { secrets: SecretWithValue[]; expiresAt: number }>();\n\nfunction getCacheKey(projectId: string, environment: string): string {\n return `${projectId}:${environment}`;\n}\n\n/\n KeyEnv API client for managing secrets\n \n @example\n * ```ts\n * import { KeyEnv } from 'keyenv';\n \n const client = new KeyEnv({ token: process.env.KEYENV_TOKEN });\n \n // Export all secrets for an environment\n * const secrets = await client.exportSecrets('project-id', 'production');\n * ```\n /\nexport class KeyEnv {\n private readonly token: string;\n private readonly timeout: number;\n private readonly cacheTtl: number;\n\n constructor(options: KeyEnvOptions) {\n if (!options.token) {\n throw new Error('KeyEnv token is required');\n }\n this.token = options.token;\n this.timeout = options.timeout \|\| DEFAULT_TIMEOUT;\n // Cache TTL: constructor option → env var → 0 (disabled)\n this.cacheTtl = options.cacheTtl ??\n (process.env.KEYENV_CACHE_TTL ? parseInt(process.env.KEYENV_CACHE_TTL, 10) : 0);\n }\n\n private async request<T>(method: string, path: string, body?: unknown): Promise<T> {\n const url = `${BASE_URL}${path}`;\n const controller = new AbortController();\n const timeoutId = setTimeout(() => controller.abort(), this.timeout);\n\n try {\n const response = await fetch(url, {\n method,\n headers: {\n 'Authorization': `Bearer ${this.token}`,\n 'Content-Type': 'application/json',\n 'User-Agent': 'keyenv-node/1.0.0',\n },\n body: body ? JSON.stringify(body) : undefined,\n signal: controller.signal,\n });\n\n clearTimeout(timeoutId);\n\n if (!response.ok) {\n let errorData: ApiError = { error: 'Unknown error' };\n try {\n errorData = await response.json() as ApiError;\n } catch {\n errorData = { error: response.statusText };\n }\n throw new KeyEnvError(errorData.error, response.status, errorData.code, errorData.details);\n }\n\n if (response.status === 204) {\n return undefined as T;\n }\n\n return response.json() as Promise<T>;\n } catch (error) {\n clearTimeout(timeoutId);\n if (error instanceof KeyEnvError) throw error;\n if (error instanceof Error && error.name === 'AbortError') {\n throw new KeyEnvError('Request timeout', 408);\n }\n throw new KeyEnvError(error instanceof Error ? error.message : 'Network error', 0);\n }\n }\n\n /* Get the current user or service token info /\n async getCurrentUser(): Promise<User> {\n return this.request<User>('GET', '/api/v1/users/me');\n }\n\n /* Validate the token and return user info /\n async validateToken(): Promise<User> {\n return this.getCurrentUser();\n }\n\n /* List all accessible projects /\n async listProjects(): Promise<Project[]> {\n const response = await this.request<{ projects: Project[] }>('GET', '/api/v1/projects');\n return response.projects;\n }\n\n /* Get a project by ID /\n async getProject(projectId: string): Promise<ProjectWithEnvironments> {\n return this.request<ProjectWithEnvironments>('GET', `/api/v1/projects/${projectId}`);\n }\n\n /* Create a new project /\n async createProject(teamId: string, name: string): Promise<Project> {\n return this.request<Project>('POST', '/api/v1/projects', { team_id: teamId, name });\n }\n\n /* Delete a project /\n async deleteProject(projectId: string): Promise<void> {\n await this.request<void>('DELETE', `/api/v1/projects/${projectId}`);\n }\n\n /* List environments in a project /\n async listEnvironments(projectId: string): Promise<Environment[]> {\n const response = await this.request<{ environments: Environment[] }>(\n 'GET', `/api/v1/projects/${projectId}/environments`\n );\n return response.environments;\n }\n\n /* Create a new environment /\n async createEnvironment(projectId: string, name: string, inheritsFrom?: string): Promise<Environment> {\n return this.request<Environment>(\n 'POST', `/api/v1/projects/${projectId}/environments`,\n { name, inherits_from: inheritsFrom }\n );\n }\n\n /* Delete an environment /\n async deleteEnvironment(projectId: string, environment: string): Promise<void> {\n await this.request<void>('DELETE', `/api/v1/projects/${projectId}/environments/${environment}`);\n }\n\n /* List secrets in an environment (keys and metadata only) /\n async listSecrets(projectId: string, environment: string): Promise<Secret[]> {\n const response = await this.request<{ secrets: Secret[] }>(\n 'GET', `/api/v1/projects/${projectId}/environments/${environment}/secrets`\n );\n return response.secrets;\n }\n\n /\n Export all secrets with their decrypted values.\n * Results are cached when cacheTtl > 0.\n * @example\n * ```ts\n * const secrets = await client.exportSecrets('project-id', 'production');\n * for (const secret of secrets) {\n * process.env[secret.key] = secret.value;\n * }\n * ```\n /\n async exportSecrets(projectId: string, environment: string): Promise<SecretWithValue[]> {\n const cacheKey = getCacheKey(projectId, environment);\n\n // Check cache if TTL > 0\n if (this.cacheTtl > 0) {\n const cached = secretsCache.get(cacheKey);\n if (cached && Date.now() < cached.expiresAt) {\n return cached.secrets;\n }\n }\n\n const response = await this.request<{ secrets: SecretWithValue[] }>(\n 'GET', `/api/v1/projects/${projectId}/environments/${environment}/secrets/export`\n );\n\n // Store in cache if TTL > 0\n if (this.cacheTtl > 0) {\n secretsCache.set(cacheKey, {\n secrets: response.secrets,\n expiresAt: Date.now() + (this.cacheTtl 1000),\n });\n }\n\n return response.secrets;\n }\n\n /*\n Export secrets as a key-value object\n * @example\n * ```ts\n * const env = await client.exportSecretsAsObject('project-id', 'production');\n * // { DATABASE_URL: '...', API_KEY: '...' }\n * ```\n /\n async exportSecretsAsObject(projectId: string, environment: string): Promise<Record<string, string>> {\n const secrets = await this.exportSecrets(projectId, environment);\n return Object.fromEntries(secrets.map((s) => [s.key, s.value]));\n }\n\n /* Get a single secret with its value /\n async getSecret(projectId: string, environment: string, key: string): Promise<SecretWithValue> {\n const response = await this.request<{ secret: SecretWithValue }>(\n 'GET', `/api/v1/projects/${projectId}/environments/${environment}/secrets/${key}`\n );\n return response.secret;\n }\n\n /* Create a new secret /\n async createSecret(\n projectId: string, environment: string, key: string, value: string, description?: string\n ): Promise<Secret> {\n const response = await this.request<{ secret: Secret }>(\n 'POST', `/api/v1/projects/${projectId}/environments/${environment}/secrets`,\n { key, value, description }\n );\n this.clearCache(projectId, environment);\n return response.secret;\n }\n\n /* Update a secret's value /\n async updateSecret(\n projectId: string, environment: string, key: string, value: string, description?: string\n ): Promise<Secret> {\n const response = await this.request<{ secret: Secret }>(\n 'PUT', `/api/v1/projects/${projectId}/environments/${environment}/secrets/${key}`,\n { value, description }\n );\n this.clearCache(projectId, environment);\n return response.secret;\n }\n\n /* Set a secret (create or update) /\n async setSecret(\n projectId: string, environment: string, key: string, value: string, description?: string\n ): Promise<Secret> {\n try {\n return await this.updateSecret(projectId, environment, key, value, description);\n } catch (error) {\n if (error instanceof KeyEnvError && error.status === 404) {\n return this.createSecret(projectId, environment, key, value, description);\n }\n throw error;\n }\n }\n\n /* Delete a secret /\n async deleteSecret(projectId: string, environment: string, key: string): Promise<void> {\n await this.request<void>(\n 'DELETE', `/api/v1/projects/${projectId}/environments/${environment}/secrets/${key}`\n );\n this.clearCache(projectId, environment);\n }\n\n /* Get secret version history /\n async getSecretHistory(projectId: string, environment: string, key: string): Promise<SecretHistory[]> {\n const response = await this.request<{ history: SecretHistory[] }>(\n 'GET', `/api/v1/projects/${projectId}/environments/${environment}/secrets/${key}/history`\n );\n return response.history;\n }\n\n /\n Bulk import secrets\n * @example\n * ```ts\n * await client.bulkImport('project-id', 'development', [\n * { key: 'DATABASE_URL', value: 'postgres://...' },\n * { key: 'API_KEY', value: 'sk_...' },\n * ], { overwrite: true });\n * ```\n /\n async bulkImport(\n projectId: string, environment: string, secrets: BulkSecretItem[], options: { overwrite?: boolean } = {}\n ): Promise<BulkImportResult> {\n const result = await this.request<BulkImportResult>(\n 'POST', `/api/v1/projects/${projectId}/environments/${environment}/secrets/bulk`,\n { secrets, overwrite: options.overwrite ?? false }\n );\n this.clearCache(projectId, environment);\n return result;\n }\n\n /\n Load secrets into process.env\n * @example\n * ```ts\n * await client.loadEnv('project-id', 'production');\n * console.log(process.env.DATABASE_URL);\n * ```\n /\n async loadEnv(projectId: string, environment: string): Promise<number> {\n const secrets = await this.exportSecrets(projectId, environment);\n for (const secret of secrets) {\n process.env[secret.key] = secret.value;\n }\n return secrets.length;\n }\n\n /* Generate .env file content from secrets /\n async generateEnvFile(projectId: string, environment: string): Promise<string> {\n const secrets = await this.exportSecrets(projectId, environment);\n const lines = [\n '# Generated by KeyEnv',\n `# Environment: ${environment}`,\n `# Generated at: ${new Date().toISOString()}`,\n '',\n ];\n\n for (const secret of secrets) {\n const value = secret.value;\n if (value.includes('\\n') \|\| value.includes('\"') \|\| value.includes(\"'\") \|\| value.includes(' ')) {\n const escaped = value.replace(/\\\\/g, '\\\\\\\\').replace(/\"/g, '\\\\\"');\n lines.push(`${secret.key}=\"${escaped}\"`);\n } else {\n lines.push(`${secret.key}=${value}`);\n }\n }\n\n return lines.join('\\n') + '\\n';\n }\n\n /\n Clear the secrets cache.\n * @param projectId - Clear cache for specific project (optional)\n * @param environment - Clear cache for specific environment (requires projectId)\n /\n clearCache(projectId?: string, environment?: string): void {\n if (projectId && environment) {\n secretsCache.delete(getCacheKey(projectId, environment));\n } else if (projectId) {\n // Clear all environments for this project\n for (const key of secretsCache.keys()) {\n if (key.startsWith(`${projectId}:`)) {\n secretsCache.delete(key);\n }\n }\n } else {\n secretsCache.clear();\n }\n }\n\n // ============================================================================\n // Environment Permission Management\n // ============================================================================\n\n /\n List all permissions for an environment.\n * @param projectId - The project ID\n * @param environment - The environment name\n * @returns Array of environment permissions\n * @example\n * ```ts\n * const permissions = await client.listPermissions('project-id', 'production');\n * for (const perm of permissions) {\n * console.log(`${perm.user_email}: ${perm.role}`);\n * }\n * ```\n /\n async listPermissions(projectId: string, environment: string): Promise<EnvironmentPermission[]> {\n const response = await this.request<{ permissions: EnvironmentPermission[] }>(\n 'GET', `/api/v1/projects/${projectId}/environments/${environment}/permissions`\n );\n return response.permissions;\n }\n\n /\n Set a user's permission for an environment.\n * @param projectId - The project ID\n * @param environment - The environment name\n * @param userId - The user ID to set permission for\n * @param role - The permission role ('none', 'read', 'write', or 'admin')\n * @returns The created or updated permission\n * @example\n * ```ts\n * const permission = await client.setPermission('project-id', 'production', 'user-id', 'write');\n * console.log(`Set ${permission.user_email} to ${permission.role}`);\n * ```\n /\n async setPermission(\n projectId: string, environment: string, userId: string, role: EnvironmentRole\n ): Promise<EnvironmentPermission> {\n const response = await this.request<{ permission: EnvironmentPermission }>(\n 'PUT', `/api/v1/projects/${projectId}/environments/${environment}/permissions/${userId}`,\n { role }\n );\n return response.permission;\n }\n\n /\n Delete a user's permission for an environment.\n * @param projectId - The project ID\n * @param environment - The environment name\n * @param userId - The user ID to delete permission for\n * @example\n * ```ts\n * await client.deletePermission('project-id', 'production', 'user-id');\n * ```\n /\n async deletePermission(projectId: string, environment: string, userId: string): Promise<void> {\n await this.request<void>(\n 'DELETE', `/api/v1/projects/${projectId}/environments/${environment}/permissions/${userId}`\n );\n }\n\n /\n Bulk set permissions for multiple users in an environment.\n * @param projectId - The project ID\n * @param environment - The environment name\n * @param permissions - Array of user permissions to set\n * @returns Array of created or updated permissions\n * @example\n * ```ts\n * const permissions = await client.bulkSetPermissions('project-id', 'production', [\n * { userId: 'user-1', role: 'write' },\n * { userId: 'user-2', role: 'read' },\n * ]);\n * ```\n /\n async bulkSetPermissions(\n projectId: string, environment: string, permissions: Array<{ userId: string; role: EnvironmentRole }>\n ): Promise<EnvironmentPermission[]> {\n const response = await this.request<{ permissions: EnvironmentPermission[] }>(\n 'PUT', `/api/v1/projects/${projectId}/environments/${environment}/permissions`,\n { permissions: permissions.map(p => ({ user_id: p.userId, role: p.role })) }\n );\n return response.permissions;\n }\n\n /\n Get the current user's permissions for all environments in a project.\n * @param projectId - The project ID\n * @returns The user's permissions and team admin status\n * @example\n * ```ts\n * const { permissions, is_team_admin } = await client.getMyPermissions('project-id');\n * for (const perm of permissions) {\n * console.log(`${perm.environment_name}: ${perm.role} (can_write: ${perm.can_write})`);\n * }\n * ```\n /\n async getMyPermissions(projectId: string): Promise<MyPermissionsResponse> {\n return this.request<MyPermissionsResponse>('GET', `/api/v1/projects/${projectId}/my-permissions`);\n }\n\n /\n Get default permission settings for a project's environments.\n * @param projectId - The project ID\n * @returns Array of project default permissions\n * @example\n * ```ts\n * const defaults = await client.getProjectDefaults('project-id');\n * for (const def of defaults) {\n * console.log(`${def.environment_name}: ${def.default_role}`);\n * }\n * ```\n /\n async getProjectDefaults(projectId: string): Promise<ProjectDefault[]> {\n const response = await this.request<{ defaults: ProjectDefault[] }>(\n 'GET', `/api/v1/projects/${projectId}/permissions/defaults`\n );\n return response.defaults;\n }\n\n /\n Set default permission settings for a project's environments.\n * @param projectId - The project ID\n * @param defaults - Array of default permissions to set\n * @returns Array of updated project default permissions\n * @example\n * ```ts\n * const defaults = await client.setProjectDefaults('project-id', [\n * { environmentName: 'development', defaultRole: 'write' },\n * { environmentName: 'production', defaultRole: 'read' },\n * ]);\n * ```\n */\n async setProjectDefaults(\n projectId: string, defaults: Array<{ environmentName: string; defaultRole: EnvironmentRole }>\n ): Promise<ProjectDefault[]> {\n const response = await this.request<{ defaults: ProjectDefault[] }>(\n 'PUT', `/api/v1/projects/${projectId}/permissions/defaults`,\n { defaults: defaults.map(d => ({ environment_name: d.environmentName, default_role: d.defaultRole })) }\n );\n return response.defaults;\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACsGO,IAAM,cAAN,cAA0B,MAAM;AAAA,EACrB;AAAA,EACA;AAAA,EACA;AAAA,EAEhB,YAAY,SAAiB,QAAgB,MAAe,SAAmC;AAC7F,UAAM,OAAO;AACb,SAAK,OAAO;AACZ,SAAK,SAAS;AACd,SAAK,OAAO;AACZ,SAAK,UAAU;AAAA,EACjB;AACF;;;AC/FA,IAAM,WAAW;AACjB,IAAM,kBAAkB;AAGxB,IAAM,eAAe,oBAAI,IAA+D;AAExF,SAAS,YAAY,WAAmB,aAA6B;AACnE,SAAO,GAAG,SAAS,IAAI,WAAW;AACpC;AAeO,IAAM,SAAN,MAAa;AAAA,EACD;AAAA,EACA;AAAA,EACA;AAAA,EAEjB,YAAY,SAAwB;AAClC,QAAI,CAAC,QAAQ,OAAO;AAClB,YAAM,IAAI,MAAM,0BAA0B;AAAA,IAC5C;AACA,SAAK,QAAQ,QAAQ;AACrB,SAAK,UAAU,QAAQ,WAAW;AAElC,SAAK,WAAW,QAAQ,aACrB,QAAQ,IAAI,mBAAmB,SAAS,QAAQ,IAAI,kBAAkB,EAAE,IAAI;AAAA,EACjF;AAAA,EAEA,MAAc,QAAW,QAAgB,MAAc,MAA4B;AACjF,UAAM,MAAM,GAAG,QAAQ,GAAG,IAAI;AAC9B,UAAM,aAAa,IAAI,gBAAgB;AACvC,UAAM,YAAY,WAAW,MAAM,WAAW,MAAM,GAAG,KAAK,OAAO;AAEnE,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,KAAK;AAAA,QAChC;AAAA,QACA,SAAS;AAAA,UACP,iBAAiB,UAAU,KAAK,KAAK;AAAA,UACrC,gBAAgB;AAAA,UAChB,cAAc;AAAA,QAChB;AAAA,QACA,MAAM,OAAO,KAAK,UAAU,IAAI,IAAI;AAAA,QACpC,QAAQ,WAAW;AAAA,MACrB,CAAC;AAED,mBAAa,SAAS;AAEtB,UAAI,CAAC,SAAS,IAAI;AAChB,YAAI,YAAsB,EAAE,OAAO,gBAAgB;AACnD,YAAI;AACF,sBAAY,MAAM,SAAS,KAAK;AAAA,QAClC,QAAQ;AACN,sBAAY,EAAE,OAAO,SAAS,WAAW;AAAA,QAC3C;AACA,cAAM,IAAI,YAAY,UAAU,OAAO,SAAS,QAAQ,UAAU,MAAM,UAAU,OAAO;AAAA,MAC3F;AAEA,UAAI,SAAS,WAAW,KAAK;AAC3B,eAAO;AAAA,MACT;AAEA,aAAO,SAAS,KAAK;AAAA,IACvB,SAAS,OAAO;AACd,mBAAa,SAAS;AACtB,UAAI,iBAAiB,YAAa,OAAM;AACxC,UAAI,iBAAiB,SAAS,MAAM,SAAS,cAAc;AACzD,cAAM,IAAI,YAAY,mBAAmB,GAAG;AAAA,MAC9C;AACA,YAAM,IAAI,YAAY,iBAAiB,QAAQ,MAAM,UAAU,iBAAiB,CAAC;AAAA,IACnF;AAAA,EACF;AAAA;AAAA,EAGA,MAAM,iBAAgC;AACpC,WAAO,KAAK,QAAc,OAAO,kBAAkB;AAAA,EACrD;AAAA;AAAA,EAGA,MAAM,gBAA+B;AACnC,WAAO,KAAK,eAAe;AAAA,EAC7B;AAAA;AAAA,EAGA,MAAM,eAAmC;AACvC,UAAM,WAAW,MAAM,KAAK,QAAiC,OAAO,kBAAkB;AACtF,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA,EAGA,MAAM,WAAW,WAAqD;AACpE,WAAO,KAAK,QAAiC,OAAO,oBAAoB,SAAS,EAAE;AAAA,EACrF;AAAA;AAAA,EAGA,MAAM,cAAc,QAAgB,MAAgC;AAClE,WAAO,KAAK,QAAiB,QAAQ,oBAAoB,EAAE,SAAS,QAAQ,KAAK,CAAC;AAAA,EACpF;AAAA;AAAA,EAGA,MAAM,cAAc,WAAkC;AACpD,UAAM,KAAK,QAAc,UAAU,oBAAoB,SAAS,EAAE;AAAA,EACpE;AAAA;AAAA,EAGA,MAAM,iBAAiB,WAA2C;AAChE,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MAAO,oBAAoB,SAAS;AAAA,IACtC;AACA,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA,EAGA,MAAM,kBAAkB,WAAmB,MAAc,cAA6C;AACpG,WAAO,KAAK;AAAA,MACV;AAAA,MAAQ,oBAAoB,SAAS;AAAA,MACrC,EAAE,MAAM,eAAe,aAAa;AAAA,IACtC;AAAA,EACF;AAAA;AAAA,EAGA,MAAM,kBAAkB,WAAmB,aAAoC;AAC7E,UAAM,KAAK,QAAc,UAAU,oBAAoB,SAAS,iBAAiB,WAAW,EAAE;AAAA,EAChG;AAAA;AAAA,EAGA,MAAM,YAAY,WAAmB,aAAwC;AAC3E,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MAAO,oBAAoB,SAAS,iBAAiB,WAAW;AAAA,IAClE;AACA,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,MAAM,cAAc,WAAmB,aAAiD;AACtF,UAAM,WAAW,YAAY,WAAW,WAAW;AAGnD,QAAI,KAAK,WAAW,GAAG;AACrB,YAAM,SAAS,aAAa,IAAI,QAAQ;AACxC,UAAI,UAAU,KAAK,IAAI,IAAI,OAAO,WAAW;AAC3C,eAAO,OAAO;AAAA,MAChB;AAAA,IACF;AAEA,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MAAO,oBAAoB,SAAS,iBAAiB,WAAW;AAAA,IAClE;AAGA,QAAI,KAAK,WAAW,GAAG;AACrB,mBAAa,IAAI,UAAU;AAAA,QACzB,SAAS,SAAS;AAAA,QAClB,WAAW,KAAK,IAAI,IAAK,KAAK,WAAW;AAAA,MAC3C,CAAC;AAAA,IACH;AAEA,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,MAAM,sBAAsB,WAAmB,aAAsD;AACnG,UAAM,UAAU,MAAM,KAAK,cAAc,WAAW,WAAW;AAC/D,WAAO,OAAO,YAAY,QAAQ,IAAI,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC;AAAA,EAChE;AAAA;AAAA,EAGA,MAAM,UAAU,WAAmB,aAAqB,KAAuC;AAC7F,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MAAO,oBAAoB,SAAS,iBAAiB,WAAW,YAAY,GAAG;AAAA,IACjF;AACA,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA,EAGA,MAAM,aACJ,WAAmB,aAAqB,KAAa,OAAe,aACnD;AACjB,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MAAQ,oBAAoB,SAAS,iBAAiB,WAAW;AAAA,MACjE,EAAE,KAAK,OAAO,YAAY;AAAA,IAC5B;AACA,SAAK,WAAW,WAAW,WAAW;AACtC,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA,EAGA,MAAM,aACJ,WAAmB,aAAqB,KAAa,OAAe,aACnD;AACjB,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MAAO,oBAAoB,SAAS,iBAAiB,WAAW,YAAY,GAAG;AAAA,MAC/E,EAAE,OAAO,YAAY;AAAA,IACvB;AACA,SAAK,WAAW,WAAW,WAAW;AACtC,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA,EAGA,MAAM,UACJ,WAAmB,aAAqB,KAAa,OAAe,aACnD;AACjB,QAAI;AACF,aAAO,MAAM,KAAK,aAAa,WAAW,aAAa,KAAK,OAAO,WAAW;AAAA,IAChF,SAAS,OAAO;AACd,UAAI,iBAAiB,eAAe,MAAM,WAAW,KAAK;AACxD,eAAO,KAAK,aAAa,WAAW,aAAa,KAAK,OAAO,WAAW;AAAA,MAC1E;AACA,YAAM;AAAA,IACR;AAAA,EACF;AAAA;AAAA,EAGA,MAAM,aAAa,WAAmB,aAAqB,KAA4B;AACrF,UAAM,KAAK;AAAA,MACT;AAAA,MAAU,oBAAoB,SAAS,iBAAiB,WAAW,YAAY,GAAG;AAAA,IACpF;AACA,SAAK,WAAW,WAAW,WAAW;AAAA,EACxC;AAAA;AAAA,EAGA,MAAM,iBAAiB,WAAmB,aAAqB,KAAuC;AACpG,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MAAO,oBAAoB,SAAS,iBAAiB,WAAW,YAAY,GAAG;AAAA,IACjF;AACA,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAYA,MAAM,WACJ,WAAmB,aAAqB,SAA2B,UAAmC,CAAC,GAC5E;AAC3B,UAAM,SAAS,MAAM,KAAK;AAAA,MACxB;AAAA,MAAQ,oBAAoB,SAAS,iBAAiB,WAAW;AAAA,MACjE,EAAE,SAAS,WAAW,QAAQ,aAAa,MAAM;AAAA,IACnD;AACA,SAAK,WAAW,WAAW,WAAW;AACtC,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,MAAM,QAAQ,WAAmB,aAAsC;AACrE,UAAM,UAAU,MAAM,KAAK,cAAc,WAAW,WAAW;AAC/D,eAAW,UAAU,SAAS;AAC5B,cAAQ,IAAI,OAAO,GAAG,IAAI,OAAO;AAAA,IACnC;AACA,WAAO,QAAQ;AAAA,EACjB;AAAA;AAAA,EAGA,MAAM,gBAAgB,WAAmB,aAAsC;AAC7E,UAAM,UAAU,MAAM,KAAK,cAAc,WAAW,WAAW;AAC/D,UAAM,QAAQ;AAAA,MACZ;AAAA,MACA,kBAAkB,WAAW;AAAA,MAC7B,oBAAmB,oBAAI,KAAK,GAAE,YAAY,CAAC;AAAA,MAC3C;AAAA,IACF;AAEA,eAAW,UAAU,SAAS;AAC5B,YAAM,QAAQ,OAAO;AACrB,UAAI,MAAM,SAAS,IAAI,KAAK,MAAM,SAAS,GAAG,KAAK,MAAM,SAAS,GAAG,KAAK,MAAM,SAAS,GAAG,GAAG;AAC7F,cAAM,UAAU,MAAM,QAAQ,OAAO,MAAM,EAAE,QAAQ,MAAM,KAAK;AAChE,cAAM,KAAK,GAAG,OAAO,GAAG,KAAK,OAAO,GAAG;AAAA,MACzC,OAAO;AACL,cAAM,KAAK,GAAG,OAAO,GAAG,IAAI,KAAK,EAAE;AAAA,MACrC;AAAA,IACF;AAEA,WAAO,MAAM,KAAK,IAAI,IAAI;AAAA,EAC5B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,WAAW,WAAoB,aAA4B;AACzD,QAAI,aAAa,aAAa;AAC5B,mBAAa,OAAO,YAAY,WAAW,WAAW,CAAC;AAAA,IACzD,WAAW,WAAW;AAEpB,iBAAW,OAAO,aAAa,KAAK,GAAG;AACrC,YAAI,IAAI,WAAW,GAAG,SAAS,GAAG,GAAG;AACnC,uBAAa,OAAO,GAAG;AAAA,QACzB;AAAA,MACF;AAAA,IACF,OAAO;AACL,mBAAa,MAAM;AAAA,IACrB;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAmBA,MAAM,gBAAgB,WAAmB,aAAuD;AAC9F,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MAAO,oBAAoB,SAAS,iBAAiB,WAAW;AAAA,IAClE;AACA,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAeA,MAAM,cACJ,WAAmB,aAAqB,QAAgB,MACxB;AAChC,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MAAO,oBAAoB,SAAS,iBAAiB,WAAW,gBAAgB,MAAM;AAAA,MACtF,EAAE,KAAK;AAAA,IACT;AACA,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAYA,MAAM,iBAAiB,WAAmB,aAAqB,QAA+B;AAC5F,UAAM,KAAK;AAAA,MACT;AAAA,MAAU,oBAAoB,SAAS,iBAAiB,WAAW,gBAAgB,MAAM;AAAA,IAC3F;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAgBA,MAAM,mBACJ,WAAmB,aAAqB,aACN;AAClC,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MAAO,oBAAoB,SAAS,iBAAiB,WAAW;AAAA,MAChE,EAAE,aAAa,YAAY,IAAI,QAAM,EAAE,SAAS,EAAE,QAAQ,MAAM,EAAE,KAAK,EAAE,EAAE;AAAA,IAC7E;AACA,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAcA,MAAM,iBAAiB,WAAmD;AACxE,WAAO,KAAK,QAA+B,OAAO,oBAAoB,SAAS,iBAAiB;AAAA,EAClG;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAcA,MAAM,mBAAmB,WAA8C;AACrE,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MAAO,oBAAoB,SAAS;AAAA,IACtC;AACA,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAeA,MAAM,mBACJ,WAAmB,UACQ;AAC3B,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MAAO,oBAAoB,SAAS;AAAA,MACpC,EAAE,UAAU,SAAS,IAAI,QAAM,EAAE,kBAAkB,EAAE,iBAAiB,cAAc,EAAE,YAAY,EAAE,EAAE;AAAA,IACxG;AACA,WAAO,SAAS;AAAA,EAClB;AACF;","names":[]}

package/dist/index.mjs CHANGED Viewed

@@ -15,15 +15,21 @@ var KeyEnvError = class extends Error {
 // src/client.ts
 var BASE_URL = "https://api.keyenv.dev";
 var DEFAULT_TIMEOUT = 3e4;
+var secretsCache = /* @__PURE__ */ new Map();
+function getCacheKey(projectId, environment) {
+  return `${projectId}:${environment}`;
+}
 var KeyEnv = class {
   token;
   timeout;
+  cacheTtl;
   constructor(options) {
     if (!options.token) {
       throw new Error("KeyEnv token is required");
     }
     this.token = options.token;
     this.timeout = options.timeout || DEFAULT_TIMEOUT;
+    this.cacheTtl = options.cacheTtl ?? (process.env.KEYENV_CACHE_TTL ? parseInt(process.env.KEYENV_CACHE_TTL, 10) : 0);
   }
   async request(method, path, body) {
     const url = `${BASE_URL}${path}`;
@@ -117,7 +123,8 @@ var KeyEnv = class {
     return response.secrets;
   }
   /**
-   * Export all secrets with their decrypted values
+   * Export all secrets with their decrypted values.
+   * Results are cached when cacheTtl > 0.
    * @example
    * ```ts
    * const secrets = await client.exportSecrets('project-id', 'production');
@@ -127,10 +134,23 @@ var KeyEnv = class {
    * ```
    */
   async exportSecrets(projectId, environment) {
+    const cacheKey = getCacheKey(projectId, environment);
+    if (this.cacheTtl > 0) {
+      const cached = secretsCache.get(cacheKey);
+      if (cached && Date.now() < cached.expiresAt) {
+        return cached.secrets;
+      }
+    }
     const response = await this.request(
       "GET",
       `/api/v1/projects/${projectId}/environments/${environment}/secrets/export`
     );
+    if (this.cacheTtl > 0) {
+      secretsCache.set(cacheKey, {
+        secrets: response.secrets,
+        expiresAt: Date.now() + this.cacheTtl * 1e3
+      });
+    }
     return response.secrets;
   }
   /**
@@ -160,6 +180,7 @@ var KeyEnv = class {
       `/api/v1/projects/${projectId}/environments/${environment}/secrets`,
       { key, value, description }
     );
+    this.clearCache(projectId, environment);
     return response.secret;
   }
   /** Update a secret's value */
@@ -169,6 +190,7 @@ var KeyEnv = class {
       `/api/v1/projects/${projectId}/environments/${environment}/secrets/${key}`,
       { value, description }
     );
+    this.clearCache(projectId, environment);
     return response.secret;
   }
   /** Set a secret (create or update) */
@@ -188,6 +210,7 @@ var KeyEnv = class {
       "DELETE",
       `/api/v1/projects/${projectId}/environments/${environment}/secrets/${key}`
     );
+    this.clearCache(projectId, environment);
   }
   /** Get secret version history */
   async getSecretHistory(projectId, environment, key) {
@@ -208,11 +231,13 @@ var KeyEnv = class {
    * ```
    */
   async bulkImport(projectId, environment, secrets, options = {}) {
-    return this.request(
+    const result = await this.request(
       "POST",
       `/api/v1/projects/${projectId}/environments/${environment}/secrets/bulk`,
       { secrets, overwrite: options.overwrite ?? false }
     );
+    this.clearCache(projectId, environment);
+    return result;
   }
   /**
    * Load secrets into process.env
@@ -249,6 +274,161 @@ var KeyEnv = class {
     }
     return lines.join("\n") + "\n";
   }
+  /**
+   * Clear the secrets cache.
+   * @param projectId - Clear cache for specific project (optional)
+   * @param environment - Clear cache for specific environment (requires projectId)
+   */
+  clearCache(projectId, environment) {
+    if (projectId && environment) {
+      secretsCache.delete(getCacheKey(projectId, environment));
+    } else if (projectId) {
+      for (const key of secretsCache.keys()) {
+        if (key.startsWith(`${projectId}:`)) {
+          secretsCache.delete(key);
+        }
+      }
+    } else {
+      secretsCache.clear();
+    }
+  }
+  // ============================================================================
+  // Environment Permission Management
+  // ============================================================================
+  /**
+   * List all permissions for an environment.
+   * @param projectId - The project ID
+   * @param environment - The environment name
+   * @returns Array of environment permissions
+   * @example
+   * ```ts
+   * const permissions = await client.listPermissions('project-id', 'production');
+   * for (const perm of permissions) {
+   *   console.log(`${perm.user_email}: ${perm.role}`);
+   * }
+   * ```
+   */
+  async listPermissions(projectId, environment) {
+    const response = await this.request(
+      "GET",
+      `/api/v1/projects/${projectId}/environments/${environment}/permissions`
+    );
+    return response.permissions;
+  }
+  /**
+   * Set a user's permission for an environment.
+   * @param projectId - The project ID
+   * @param environment - The environment name
+   * @param userId - The user ID to set permission for
+   * @param role - The permission role ('none', 'read', 'write', or 'admin')
+   * @returns The created or updated permission
+   * @example
+   * ```ts
+   * const permission = await client.setPermission('project-id', 'production', 'user-id', 'write');
+   * console.log(`Set ${permission.user_email} to ${permission.role}`);
+   * ```
+   */
+  async setPermission(projectId, environment, userId, role) {
+    const response = await this.request(
+      "PUT",
+      `/api/v1/projects/${projectId}/environments/${environment}/permissions/${userId}`,
+      { role }
+    );
+    return response.permission;
+  }
+  /**
+   * Delete a user's permission for an environment.
+   * @param projectId - The project ID
+   * @param environment - The environment name
+   * @param userId - The user ID to delete permission for
+   * @example
+   * ```ts
+   * await client.deletePermission('project-id', 'production', 'user-id');
+   * ```
+   */
+  async deletePermission(projectId, environment, userId) {
+    await this.request(
+      "DELETE",
+      `/api/v1/projects/${projectId}/environments/${environment}/permissions/${userId}`
+    );
+  }
+  /**
+   * Bulk set permissions for multiple users in an environment.
+   * @param projectId - The project ID
+   * @param environment - The environment name
+   * @param permissions - Array of user permissions to set
+   * @returns Array of created or updated permissions
+   * @example
+   * ```ts
+   * const permissions = await client.bulkSetPermissions('project-id', 'production', [
+   *   { userId: 'user-1', role: 'write' },
+   *   { userId: 'user-2', role: 'read' },
+   * ]);
+   * ```
+   */
+  async bulkSetPermissions(projectId, environment, permissions) {
+    const response = await this.request(
+      "PUT",
+      `/api/v1/projects/${projectId}/environments/${environment}/permissions`,
+      { permissions: permissions.map((p) => ({ user_id: p.userId, role: p.role })) }
+    );
+    return response.permissions;
+  }
+  /**
+   * Get the current user's permissions for all environments in a project.
+   * @param projectId - The project ID
+   * @returns The user's permissions and team admin status
+   * @example
+   * ```ts
+   * const { permissions, is_team_admin } = await client.getMyPermissions('project-id');
+   * for (const perm of permissions) {
+   *   console.log(`${perm.environment_name}: ${perm.role} (can_write: ${perm.can_write})`);
+   * }
+   * ```
+   */
+  async getMyPermissions(projectId) {
+    return this.request("GET", `/api/v1/projects/${projectId}/my-permissions`);
+  }
+  /**
+   * Get default permission settings for a project's environments.
+   * @param projectId - The project ID
+   * @returns Array of project default permissions
+   * @example
+   * ```ts
+   * const defaults = await client.getProjectDefaults('project-id');
+   * for (const def of defaults) {
+   *   console.log(`${def.environment_name}: ${def.default_role}`);
+   * }
+   * ```
+   */
+  async getProjectDefaults(projectId) {
+    const response = await this.request(
+      "GET",
+      `/api/v1/projects/${projectId}/permissions/defaults`
+    );
+    return response.defaults;
+  }
+  /**
+   * Set default permission settings for a project's environments.
+   * @param projectId - The project ID
+   * @param defaults - Array of default permissions to set
+   * @returns Array of updated project default permissions
+   * @example
+   * ```ts
+   * const defaults = await client.setProjectDefaults('project-id', [
+   *   { environmentName: 'development', defaultRole: 'write' },
+   *   { environmentName: 'production', defaultRole: 'read' },
+   * ]);
+   * ```
+   */
+  async setProjectDefaults(projectId, defaults) {
+    const response = await this.request(
+      "PUT",
+      `/api/v1/projects/${projectId}/permissions/defaults`,
+      { defaults: defaults.map((d) => ({ environment_name: d.environmentName, default_role: d.defaultRole })) }
+    );
+    return response.defaults;
+  }
 };
 export {
   KeyEnv,

package/dist/index.mjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../src/types.ts","../src/client.ts"],"sourcesContent":["/** KeyEnv client configuration options /\nexport interface KeyEnvOptions {\n /* Service token for authentication /\n token: string;\n /* Request timeout in milliseconds (default: 30000) /\n timeout?: number;\n}\n\n/* User or service token info /\nexport interface User {\n id: string;\n email?: string;\n name?: string;\n clerk_id?: string;\n avatar_url?: string;\n /* Present for service tokens /\n auth_type?: 'service_token' \| 'user';\n /* Team ID (for service tokens) /\n team_id?: string;\n /* Project ID (for project-scoped service tokens) /\n project_id?: string;\n /* Token scopes (for service tokens) /\n scopes?: string[];\n created_at: string;\n}\n\n/* Project /\nexport interface Project {\n id: string;\n team_id: string;\n name: string;\n slug: string;\n description?: string;\n created_at: string;\n}\n\n/* Environment /\nexport interface Environment {\n id: string;\n project_id: string;\n name: string;\n inherits_from?: string;\n created_at: string;\n}\n\n/* Project with environments /\nexport interface ProjectWithEnvironments extends Project {\n environments: Environment[];\n}\n\n/* Secret (without value) /\nexport interface Secret {\n id: string;\n environment_id: string;\n key: string;\n type: string;\n description?: string;\n version: number;\n created_at: string;\n updated_at: string;\n}\n\n/* Secret with decrypted value /\nexport interface SecretWithValue extends Secret {\n value: string;\n inherited_from?: string;\n}\n\n/* Secret history entry /\nexport interface SecretHistory {\n id: string;\n secret_id: string;\n value: string;\n version: number;\n changed_by?: string;\n changed_at: string;\n}\n\n/* Bulk import request item /\nexport interface BulkSecretItem {\n key: string;\n value: string;\n description?: string;\n}\n\n/* Bulk import result /\nexport interface BulkImportResult {\n created: number;\n updated: number;\n skipped: number;\n}\n\n/* API error response /\nexport interface ApiError {\n error: string;\n code?: string;\n details?: Record<string, unknown>;\n}\n\n/* KeyEnv API error /\nexport class KeyEnvError extends Error {\n public readonly status: number;\n public readonly code?: string;\n public readonly details?: Record<string, unknown>;\n\n constructor(message: string, status: number, code?: string, details?: Record<string, unknown>) {\n super(message);\n this.name = 'KeyEnvError';\n this.status = status;\n this.code = code;\n this.details = details;\n }\n}\n","import type {\n KeyEnvOptions,\n User,\n Project,\n ProjectWithEnvironments,\n Environment,\n Secret,\n SecretWithValue,\n SecretHistory,\n BulkSecretItem,\n BulkImportResult,\n ApiError,\n} from './types.js';\nimport { KeyEnvError } from './types.js';\n\nconst BASE_URL = 'https://api.keyenv.dev';\nconst DEFAULT_TIMEOUT = 30000;\n\n/\n KeyEnv API client for managing secrets\n \n @example\n * ```ts\n * import { KeyEnv } from 'keyenv';\n \n const client = new KeyEnv({ token: process.env.KEYENV_TOKEN });\n \n // Export all secrets for an environment\n * const secrets = await client.exportSecrets('project-id', 'production');\n * ```\n /\nexport class KeyEnv {\n private readonly token: string;\n private readonly timeout: number;\n\n constructor(options: KeyEnvOptions) {\n if (!options.token) {\n throw new Error('KeyEnv token is required');\n }\n this.token = options.token;\n this.timeout = options.timeout \|\| DEFAULT_TIMEOUT;\n }\n\n private async request<T>(method: string, path: string, body?: unknown): Promise<T> {\n const url = `${BASE_URL}${path}`;\n const controller = new AbortController();\n const timeoutId = setTimeout(() => controller.abort(), this.timeout);\n\n try {\n const response = await fetch(url, {\n method,\n headers: {\n 'Authorization': `Bearer ${this.token}`,\n 'Content-Type': 'application/json',\n 'User-Agent': 'keyenv-node/1.0.0',\n },\n body: body ? JSON.stringify(body) : undefined,\n signal: controller.signal,\n });\n\n clearTimeout(timeoutId);\n\n if (!response.ok) {\n let errorData: ApiError = { error: 'Unknown error' };\n try {\n errorData = await response.json() as ApiError;\n } catch {\n errorData = { error: response.statusText };\n }\n throw new KeyEnvError(errorData.error, response.status, errorData.code, errorData.details);\n }\n\n if (response.status === 204) {\n return undefined as T;\n }\n\n return response.json() as Promise<T>;\n } catch (error) {\n clearTimeout(timeoutId);\n if (error instanceof KeyEnvError) throw error;\n if (error instanceof Error && error.name === 'AbortError') {\n throw new KeyEnvError('Request timeout', 408);\n }\n throw new KeyEnvError(error instanceof Error ? error.message : 'Network error', 0);\n }\n }\n\n /* Get the current user or service token info /\n async getCurrentUser(): Promise<User> {\n return this.request<User>('GET', '/api/v1/users/me');\n }\n\n /* Validate the token and return user info /\n async validateToken(): Promise<User> {\n return this.getCurrentUser();\n }\n\n /* List all accessible projects /\n async listProjects(): Promise<Project[]> {\n const response = await this.request<{ projects: Project[] }>('GET', '/api/v1/projects');\n return response.projects;\n }\n\n /* Get a project by ID /\n async getProject(projectId: string): Promise<ProjectWithEnvironments> {\n return this.request<ProjectWithEnvironments>('GET', `/api/v1/projects/${projectId}`);\n }\n\n /* Create a new project /\n async createProject(teamId: string, name: string): Promise<Project> {\n return this.request<Project>('POST', '/api/v1/projects', { team_id: teamId, name });\n }\n\n /* Delete a project /\n async deleteProject(projectId: string): Promise<void> {\n await this.request<void>('DELETE', `/api/v1/projects/${projectId}`);\n }\n\n /* List environments in a project /\n async listEnvironments(projectId: string): Promise<Environment[]> {\n const response = await this.request<{ environments: Environment[] }>(\n 'GET', `/api/v1/projects/${projectId}/environments`\n );\n return response.environments;\n }\n\n /* Create a new environment /\n async createEnvironment(projectId: string, name: string, inheritsFrom?: string): Promise<Environment> {\n return this.request<Environment>(\n 'POST', `/api/v1/projects/${projectId}/environments`,\n { name, inherits_from: inheritsFrom }\n );\n }\n\n /* Delete an environment /\n async deleteEnvironment(projectId: string, environment: string): Promise<void> {\n await this.request<void>('DELETE', `/api/v1/projects/${projectId}/environments/${environment}`);\n }\n\n /* List secrets in an environment (keys and metadata only) /\n async listSecrets(projectId: string, environment: string): Promise<Secret[]> {\n const response = await this.request<{ secrets: Secret[] }>(\n 'GET', `/api/v1/projects/${projectId}/environments/${environment}/secrets`\n );\n return response.secrets;\n }\n\n /\n Export all secrets with their decrypted values\n * @example\n * ```ts\n * const secrets = await client.exportSecrets('project-id', 'production');\n * for (const secret of secrets) {\n * process.env[secret.key] = secret.value;\n * }\n * ```\n /\n async exportSecrets(projectId: string, environment: string): Promise<SecretWithValue[]> {\n const response = await this.request<{ secrets: SecretWithValue[] }>(\n 'GET', `/api/v1/projects/${projectId}/environments/${environment}/secrets/export`\n );\n return response.secrets;\n }\n\n /\n Export secrets as a key-value object\n * @example\n * ```ts\n * const env = await client.exportSecretsAsObject('project-id', 'production');\n * // { DATABASE_URL: '...', API_KEY: '...' }\n * ```\n /\n async exportSecretsAsObject(projectId: string, environment: string): Promise<Record<string, string>> {\n const secrets = await this.exportSecrets(projectId, environment);\n return Object.fromEntries(secrets.map((s) => [s.key, s.value]));\n }\n\n /* Get a single secret with its value /\n async getSecret(projectId: string, environment: string, key: string): Promise<SecretWithValue> {\n const response = await this.request<{ secret: SecretWithValue }>(\n 'GET', `/api/v1/projects/${projectId}/environments/${environment}/secrets/${key}`\n );\n return response.secret;\n }\n\n /* Create a new secret /\n async createSecret(\n projectId: string, environment: string, key: string, value: string, description?: string\n ): Promise<Secret> {\n const response = await this.request<{ secret: Secret }>(\n 'POST', `/api/v1/projects/${projectId}/environments/${environment}/secrets`,\n { key, value, description }\n );\n return response.secret;\n }\n\n /* Update a secret's value /\n async updateSecret(\n projectId: string, environment: string, key: string, value: string, description?: string\n ): Promise<Secret> {\n const response = await this.request<{ secret: Secret }>(\n 'PUT', `/api/v1/projects/${projectId}/environments/${environment}/secrets/${key}`,\n { value, description }\n );\n return response.secret;\n }\n\n /* Set a secret (create or update) /\n async setSecret(\n projectId: string, environment: string, key: string, value: string, description?: string\n ): Promise<Secret> {\n try {\n return await this.updateSecret(projectId, environment, key, value, description);\n } catch (error) {\n if (error instanceof KeyEnvError && error.status === 404) {\n return this.createSecret(projectId, environment, key, value, description);\n }\n throw error;\n }\n }\n\n /* Delete a secret /\n async deleteSecret(projectId: string, environment: string, key: string): Promise<void> {\n await this.request<void>(\n 'DELETE', `/api/v1/projects/${projectId}/environments/${environment}/secrets/${key}`\n );\n }\n\n /* Get secret version history /\n async getSecretHistory(projectId: string, environment: string, key: string): Promise<SecretHistory[]> {\n const response = await this.request<{ history: SecretHistory[] }>(\n 'GET', `/api/v1/projects/${projectId}/environments/${environment}/secrets/${key}/history`\n );\n return response.history;\n }\n\n /\n Bulk import secrets\n * @example\n * ```ts\n * await client.bulkImport('project-id', 'development', [\n * { key: 'DATABASE_URL', value: 'postgres://...' },\n * { key: 'API_KEY', value: 'sk_...' },\n * ], { overwrite: true });\n * ```\n /\n async bulkImport(\n projectId: string, environment: string, secrets: BulkSecretItem[], options: { overwrite?: boolean } = {}\n ): Promise<BulkImportResult> {\n return this.request<BulkImportResult>(\n 'POST', `/api/v1/projects/${projectId}/environments/${environment}/secrets/bulk`,\n { secrets, overwrite: options.overwrite ?? false }\n );\n }\n\n /\n Load secrets into process.env\n * @example\n * ```ts\n * await client.loadEnv('project-id', 'production');\n * console.log(process.env.DATABASE_URL);\n * ```\n /\n async loadEnv(projectId: string, environment: string): Promise<number> {\n const secrets = await this.exportSecrets(projectId, environment);\n for (const secret of secrets) {\n process.env[secret.key] = secret.value;\n }\n return secrets.length;\n }\n\n /* Generate .env file content from secrets */\n async generateEnvFile(projectId: string, environment: string): Promise<string> {\n const secrets = await this.exportSecrets(projectId, environment);\n const lines = [\n '# Generated by KeyEnv',\n `# Environment: ${environment}`,\n `# Generated at: ${new Date().toISOString()}`,\n '',\n ];\n\n for (const secret of secrets) {\n const value = secret.value;\n if (value.includes('\\n') \|\| value.includes('\"') \|\| value.includes(\"'\") \|\| value.includes(' ')) {\n const escaped = value.replace(/\\\\/g, '\\\\\\\\').replace(/\"/g, '\\\\\"');\n lines.push(`${secret.key}=\"${escaped}\"`);\n } else {\n lines.push(`${secret.key}=${value}`);\n }\n }\n\n return lines.join('\\n') + '\\n';\n }\n}\n"],"mappings":";AAoGO,IAAM,cAAN,cAA0B,MAAM;AAAA,EACrB;AAAA,EACA;AAAA,EACA;AAAA,EAEhB,YAAY,SAAiB,QAAgB,MAAe,SAAmC;AAC7F,UAAM,OAAO;AACb,SAAK,OAAO;AACZ,SAAK,SAAS;AACd,SAAK,OAAO;AACZ,SAAK,UAAU;AAAA,EACjB;AACF;;;ACjGA,IAAM,WAAW;AACjB,IAAM,kBAAkB;AAejB,IAAM,SAAN,MAAa;AAAA,EACD;AAAA,EACA;AAAA,EAEjB,YAAY,SAAwB;AAClC,QAAI,CAAC,QAAQ,OAAO;AAClB,YAAM,IAAI,MAAM,0BAA0B;AAAA,IAC5C;AACA,SAAK,QAAQ,QAAQ;AACrB,SAAK,UAAU,QAAQ,WAAW;AAAA,EACpC;AAAA,EAEA,MAAc,QAAW,QAAgB,MAAc,MAA4B;AACjF,UAAM,MAAM,GAAG,QAAQ,GAAG,IAAI;AAC9B,UAAM,aAAa,IAAI,gBAAgB;AACvC,UAAM,YAAY,WAAW,MAAM,WAAW,MAAM,GAAG,KAAK,OAAO;AAEnE,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,KAAK;AAAA,QAChC;AAAA,QACA,SAAS;AAAA,UACP,iBAAiB,UAAU,KAAK,KAAK;AAAA,UACrC,gBAAgB;AAAA,UAChB,cAAc;AAAA,QAChB;AAAA,QACA,MAAM,OAAO,KAAK,UAAU,IAAI,IAAI;AAAA,QACpC,QAAQ,WAAW;AAAA,MACrB,CAAC;AAED,mBAAa,SAAS;AAEtB,UAAI,CAAC,SAAS,IAAI;AAChB,YAAI,YAAsB,EAAE,OAAO,gBAAgB;AACnD,YAAI;AACF,sBAAY,MAAM,SAAS,KAAK;AAAA,QAClC,QAAQ;AACN,sBAAY,EAAE,OAAO,SAAS,WAAW;AAAA,QAC3C;AACA,cAAM,IAAI,YAAY,UAAU,OAAO,SAAS,QAAQ,UAAU,MAAM,UAAU,OAAO;AAAA,MAC3F;AAEA,UAAI,SAAS,WAAW,KAAK;AAC3B,eAAO;AAAA,MACT;AAEA,aAAO,SAAS,KAAK;AAAA,IACvB,SAAS,OAAO;AACd,mBAAa,SAAS;AACtB,UAAI,iBAAiB,YAAa,OAAM;AACxC,UAAI,iBAAiB,SAAS,MAAM,SAAS,cAAc;AACzD,cAAM,IAAI,YAAY,mBAAmB,GAAG;AAAA,MAC9C;AACA,YAAM,IAAI,YAAY,iBAAiB,QAAQ,MAAM,UAAU,iBAAiB,CAAC;AAAA,IACnF;AAAA,EACF;AAAA;AAAA,EAGA,MAAM,iBAAgC;AACpC,WAAO,KAAK,QAAc,OAAO,kBAAkB;AAAA,EACrD;AAAA;AAAA,EAGA,MAAM,gBAA+B;AACnC,WAAO,KAAK,eAAe;AAAA,EAC7B;AAAA;AAAA,EAGA,MAAM,eAAmC;AACvC,UAAM,WAAW,MAAM,KAAK,QAAiC,OAAO,kBAAkB;AACtF,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA,EAGA,MAAM,WAAW,WAAqD;AACpE,WAAO,KAAK,QAAiC,OAAO,oBAAoB,SAAS,EAAE;AAAA,EACrF;AAAA;AAAA,EAGA,MAAM,cAAc,QAAgB,MAAgC;AAClE,WAAO,KAAK,QAAiB,QAAQ,oBAAoB,EAAE,SAAS,QAAQ,KAAK,CAAC;AAAA,EACpF;AAAA;AAAA,EAGA,MAAM,cAAc,WAAkC;AACpD,UAAM,KAAK,QAAc,UAAU,oBAAoB,SAAS,EAAE;AAAA,EACpE;AAAA;AAAA,EAGA,MAAM,iBAAiB,WAA2C;AAChE,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MAAO,oBAAoB,SAAS;AAAA,IACtC;AACA,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA,EAGA,MAAM,kBAAkB,WAAmB,MAAc,cAA6C;AACpG,WAAO,KAAK;AAAA,MACV;AAAA,MAAQ,oBAAoB,SAAS;AAAA,MACrC,EAAE,MAAM,eAAe,aAAa;AAAA,IACtC;AAAA,EACF;AAAA;AAAA,EAGA,MAAM,kBAAkB,WAAmB,aAAoC;AAC7E,UAAM,KAAK,QAAc,UAAU,oBAAoB,SAAS,iBAAiB,WAAW,EAAE;AAAA,EAChG;AAAA;AAAA,EAGA,MAAM,YAAY,WAAmB,aAAwC;AAC3E,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MAAO,oBAAoB,SAAS,iBAAiB,WAAW;AAAA,IAClE;AACA,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAYA,MAAM,cAAc,WAAmB,aAAiD;AACtF,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MAAO,oBAAoB,SAAS,iBAAiB,WAAW;AAAA,IAClE;AACA,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,MAAM,sBAAsB,WAAmB,aAAsD;AACnG,UAAM,UAAU,MAAM,KAAK,cAAc,WAAW,WAAW;AAC/D,WAAO,OAAO,YAAY,QAAQ,IAAI,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC;AAAA,EAChE;AAAA;AAAA,EAGA,MAAM,UAAU,WAAmB,aAAqB,KAAuC;AAC7F,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MAAO,oBAAoB,SAAS,iBAAiB,WAAW,YAAY,GAAG;AAAA,IACjF;AACA,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA,EAGA,MAAM,aACJ,WAAmB,aAAqB,KAAa,OAAe,aACnD;AACjB,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MAAQ,oBAAoB,SAAS,iBAAiB,WAAW;AAAA,MACjE,EAAE,KAAK,OAAO,YAAY;AAAA,IAC5B;AACA,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA,EAGA,MAAM,aACJ,WAAmB,aAAqB,KAAa,OAAe,aACnD;AACjB,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MAAO,oBAAoB,SAAS,iBAAiB,WAAW,YAAY,GAAG;AAAA,MAC/E,EAAE,OAAO,YAAY;AAAA,IACvB;AACA,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA,EAGA,MAAM,UACJ,WAAmB,aAAqB,KAAa,OAAe,aACnD;AACjB,QAAI;AACF,aAAO,MAAM,KAAK,aAAa,WAAW,aAAa,KAAK,OAAO,WAAW;AAAA,IAChF,SAAS,OAAO;AACd,UAAI,iBAAiB,eAAe,MAAM,WAAW,KAAK;AACxD,eAAO,KAAK,aAAa,WAAW,aAAa,KAAK,OAAO,WAAW;AAAA,MAC1E;AACA,YAAM;AAAA,IACR;AAAA,EACF;AAAA;AAAA,EAGA,MAAM,aAAa,WAAmB,aAAqB,KAA4B;AACrF,UAAM,KAAK;AAAA,MACT;AAAA,MAAU,oBAAoB,SAAS,iBAAiB,WAAW,YAAY,GAAG;AAAA,IACpF;AAAA,EACF;AAAA;AAAA,EAGA,MAAM,iBAAiB,WAAmB,aAAqB,KAAuC;AACpG,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MAAO,oBAAoB,SAAS,iBAAiB,WAAW,YAAY,GAAG;AAAA,IACjF;AACA,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAYA,MAAM,WACJ,WAAmB,aAAqB,SAA2B,UAAmC,CAAC,GAC5E;AAC3B,WAAO,KAAK;AAAA,MACV;AAAA,MAAQ,oBAAoB,SAAS,iBAAiB,WAAW;AAAA,MACjE,EAAE,SAAS,WAAW,QAAQ,aAAa,MAAM;AAAA,IACnD;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,MAAM,QAAQ,WAAmB,aAAsC;AACrE,UAAM,UAAU,MAAM,KAAK,cAAc,WAAW,WAAW;AAC/D,eAAW,UAAU,SAAS;AAC5B,cAAQ,IAAI,OAAO,GAAG,IAAI,OAAO;AAAA,IACnC;AACA,WAAO,QAAQ;AAAA,EACjB;AAAA;AAAA,EAGA,MAAM,gBAAgB,WAAmB,aAAsC;AAC7E,UAAM,UAAU,MAAM,KAAK,cAAc,WAAW,WAAW;AAC/D,UAAM,QAAQ;AAAA,MACZ;AAAA,MACA,kBAAkB,WAAW;AAAA,MAC7B,oBAAmB,oBAAI,KAAK,GAAE,YAAY,CAAC;AAAA,MAC3C;AAAA,IACF;AAEA,eAAW,UAAU,SAAS;AAC5B,YAAM,QAAQ,OAAO;AACrB,UAAI,MAAM,SAAS,IAAI,KAAK,MAAM,SAAS,GAAG,KAAK,MAAM,SAAS,GAAG,KAAK,MAAM,SAAS,GAAG,GAAG;AAC7F,cAAM,UAAU,MAAM,QAAQ,OAAO,MAAM,EAAE,QAAQ,MAAM,KAAK;AAChE,cAAM,KAAK,GAAG,OAAO,GAAG,KAAK,OAAO,GAAG;AAAA,MACzC,OAAO;AACL,cAAM,KAAK,GAAG,OAAO,GAAG,IAAI,KAAK,EAAE;AAAA,MACrC;AAAA,IACF;AAEA,WAAO,MAAM,KAAK,IAAI,IAAI;AAAA,EAC5B;AACF;","names":[]}
1	+ {"version":3,"sources":["../src/types.ts","../src/client.ts"],"sourcesContent":["/** KeyEnv client configuration options /\nexport interface KeyEnvOptions {\n /* Service token for authentication /\n token: string;\n /* Request timeout in milliseconds (default: 30000) /\n timeout?: number;\n /* Cache TTL in seconds for exportSecrets/loadEnv (default: 0 = disabled). Also configurable via KEYENV_CACHE_TTL env var. /\n cacheTtl?: number;\n}\n\n/* User or service token info /\nexport interface User {\n id: string;\n email?: string;\n name?: string;\n clerk_id?: string;\n avatar_url?: string;\n /* Present for service tokens /\n auth_type?: 'service_token' \| 'user';\n /* Team ID (for service tokens) /\n team_id?: string;\n /* Project IDs (for project-scoped service tokens) /\n project_ids?: string[];\n /* Token scopes (for service tokens) /\n scopes?: string[];\n created_at: string;\n}\n\n/* Project /\nexport interface Project {\n id: string;\n team_id: string;\n name: string;\n slug: string;\n description?: string;\n created_at: string;\n}\n\n/* Environment /\nexport interface Environment {\n id: string;\n project_id: string;\n name: string;\n inherits_from?: string;\n created_at: string;\n}\n\n/* Project with environments /\nexport interface ProjectWithEnvironments extends Project {\n environments: Environment[];\n}\n\n/* Secret (without value) /\nexport interface Secret {\n id: string;\n environment_id: string;\n key: string;\n type: string;\n description?: string;\n version: number;\n created_at: string;\n updated_at: string;\n}\n\n/* Secret with decrypted value /\nexport interface SecretWithValue extends Secret {\n value: string;\n inherited_from?: string;\n}\n\n/* Secret history entry /\nexport interface SecretHistory {\n id: string;\n secret_id: string;\n value: string;\n version: number;\n changed_by?: string;\n changed_at: string;\n}\n\n/* Bulk import request item /\nexport interface BulkSecretItem {\n key: string;\n value: string;\n description?: string;\n}\n\n/* Bulk import result /\nexport interface BulkImportResult {\n created: number;\n updated: number;\n skipped: number;\n}\n\n/* API error response /\nexport interface ApiError {\n error: string;\n code?: string;\n details?: Record<string, unknown>;\n}\n\n/* KeyEnv API error /\nexport class KeyEnvError extends Error {\n public readonly status: number;\n public readonly code?: string;\n public readonly details?: Record<string, unknown>;\n\n constructor(message: string, status: number, code?: string, details?: Record<string, unknown>) {\n super(message);\n this.name = 'KeyEnvError';\n this.status = status;\n this.code = code;\n this.details = details;\n }\n}\n\n/* Environment permission role /\nexport type EnvironmentRole = 'none' \| 'read' \| 'write' \| 'admin';\n\n/* Environment permission for a user /\nexport interface EnvironmentPermission {\n id: string;\n environment_id: string;\n user_id: string;\n role: EnvironmentRole;\n user_email?: string;\n user_name?: string;\n granted_by?: string;\n created_at: string;\n updated_at: string;\n}\n\n/* User's permission for an environment /\nexport interface MyPermission {\n environment_id: string;\n environment_name: string;\n role: EnvironmentRole;\n can_read: boolean;\n can_write: boolean;\n can_admin: boolean;\n}\n\n/* Response for getting user's permissions /\nexport interface MyPermissionsResponse {\n permissions: MyPermission[];\n is_team_admin: boolean;\n}\n\n/* Project default permission for an environment /\nexport interface ProjectDefault {\n id: string;\n project_id: string;\n environment_name: string;\n default_role: EnvironmentRole;\n created_at: string;\n}\n","import type {\n KeyEnvOptions,\n User,\n Project,\n ProjectWithEnvironments,\n Environment,\n Secret,\n SecretWithValue,\n SecretHistory,\n BulkSecretItem,\n BulkImportResult,\n ApiError,\n EnvironmentRole,\n EnvironmentPermission,\n MyPermissionsResponse,\n ProjectDefault,\n} from './types.js';\nimport { KeyEnvError } from './types.js';\n\nconst BASE_URL = 'https://api.keyenv.dev';\nconst DEFAULT_TIMEOUT = 30000;\n\n/* Module-level cache for secrets (survives across warm serverless invocations) /\nconst secretsCache = new Map<string, { secrets: SecretWithValue[]; expiresAt: number }>();\n\nfunction getCacheKey(projectId: string, environment: string): string {\n return `${projectId}:${environment}`;\n}\n\n/\n KeyEnv API client for managing secrets\n \n @example\n * ```ts\n * import { KeyEnv } from 'keyenv';\n \n const client = new KeyEnv({ token: process.env.KEYENV_TOKEN });\n \n // Export all secrets for an environment\n * const secrets = await client.exportSecrets('project-id', 'production');\n * ```\n /\nexport class KeyEnv {\n private readonly token: string;\n private readonly timeout: number;\n private readonly cacheTtl: number;\n\n constructor(options: KeyEnvOptions) {\n if (!options.token) {\n throw new Error('KeyEnv token is required');\n }\n this.token = options.token;\n this.timeout = options.timeout \|\| DEFAULT_TIMEOUT;\n // Cache TTL: constructor option → env var → 0 (disabled)\n this.cacheTtl = options.cacheTtl ??\n (process.env.KEYENV_CACHE_TTL ? parseInt(process.env.KEYENV_CACHE_TTL, 10) : 0);\n }\n\n private async request<T>(method: string, path: string, body?: unknown): Promise<T> {\n const url = `${BASE_URL}${path}`;\n const controller = new AbortController();\n const timeoutId = setTimeout(() => controller.abort(), this.timeout);\n\n try {\n const response = await fetch(url, {\n method,\n headers: {\n 'Authorization': `Bearer ${this.token}`,\n 'Content-Type': 'application/json',\n 'User-Agent': 'keyenv-node/1.0.0',\n },\n body: body ? JSON.stringify(body) : undefined,\n signal: controller.signal,\n });\n\n clearTimeout(timeoutId);\n\n if (!response.ok) {\n let errorData: ApiError = { error: 'Unknown error' };\n try {\n errorData = await response.json() as ApiError;\n } catch {\n errorData = { error: response.statusText };\n }\n throw new KeyEnvError(errorData.error, response.status, errorData.code, errorData.details);\n }\n\n if (response.status === 204) {\n return undefined as T;\n }\n\n return response.json() as Promise<T>;\n } catch (error) {\n clearTimeout(timeoutId);\n if (error instanceof KeyEnvError) throw error;\n if (error instanceof Error && error.name === 'AbortError') {\n throw new KeyEnvError('Request timeout', 408);\n }\n throw new KeyEnvError(error instanceof Error ? error.message : 'Network error', 0);\n }\n }\n\n /* Get the current user or service token info /\n async getCurrentUser(): Promise<User> {\n return this.request<User>('GET', '/api/v1/users/me');\n }\n\n /* Validate the token and return user info /\n async validateToken(): Promise<User> {\n return this.getCurrentUser();\n }\n\n /* List all accessible projects /\n async listProjects(): Promise<Project[]> {\n const response = await this.request<{ projects: Project[] }>('GET', '/api/v1/projects');\n return response.projects;\n }\n\n /* Get a project by ID /\n async getProject(projectId: string): Promise<ProjectWithEnvironments> {\n return this.request<ProjectWithEnvironments>('GET', `/api/v1/projects/${projectId}`);\n }\n\n /* Create a new project /\n async createProject(teamId: string, name: string): Promise<Project> {\n return this.request<Project>('POST', '/api/v1/projects', { team_id: teamId, name });\n }\n\n /* Delete a project /\n async deleteProject(projectId: string): Promise<void> {\n await this.request<void>('DELETE', `/api/v1/projects/${projectId}`);\n }\n\n /* List environments in a project /\n async listEnvironments(projectId: string): Promise<Environment[]> {\n const response = await this.request<{ environments: Environment[] }>(\n 'GET', `/api/v1/projects/${projectId}/environments`\n );\n return response.environments;\n }\n\n /* Create a new environment /\n async createEnvironment(projectId: string, name: string, inheritsFrom?: string): Promise<Environment> {\n return this.request<Environment>(\n 'POST', `/api/v1/projects/${projectId}/environments`,\n { name, inherits_from: inheritsFrom }\n );\n }\n\n /* Delete an environment /\n async deleteEnvironment(projectId: string, environment: string): Promise<void> {\n await this.request<void>('DELETE', `/api/v1/projects/${projectId}/environments/${environment}`);\n }\n\n /* List secrets in an environment (keys and metadata only) /\n async listSecrets(projectId: string, environment: string): Promise<Secret[]> {\n const response = await this.request<{ secrets: Secret[] }>(\n 'GET', `/api/v1/projects/${projectId}/environments/${environment}/secrets`\n );\n return response.secrets;\n }\n\n /\n Export all secrets with their decrypted values.\n * Results are cached when cacheTtl > 0.\n * @example\n * ```ts\n * const secrets = await client.exportSecrets('project-id', 'production');\n * for (const secret of secrets) {\n * process.env[secret.key] = secret.value;\n * }\n * ```\n /\n async exportSecrets(projectId: string, environment: string): Promise<SecretWithValue[]> {\n const cacheKey = getCacheKey(projectId, environment);\n\n // Check cache if TTL > 0\n if (this.cacheTtl > 0) {\n const cached = secretsCache.get(cacheKey);\n if (cached && Date.now() < cached.expiresAt) {\n return cached.secrets;\n }\n }\n\n const response = await this.request<{ secrets: SecretWithValue[] }>(\n 'GET', `/api/v1/projects/${projectId}/environments/${environment}/secrets/export`\n );\n\n // Store in cache if TTL > 0\n if (this.cacheTtl > 0) {\n secretsCache.set(cacheKey, {\n secrets: response.secrets,\n expiresAt: Date.now() + (this.cacheTtl 1000),\n });\n }\n\n return response.secrets;\n }\n\n /*\n Export secrets as a key-value object\n * @example\n * ```ts\n * const env = await client.exportSecretsAsObject('project-id', 'production');\n * // { DATABASE_URL: '...', API_KEY: '...' }\n * ```\n /\n async exportSecretsAsObject(projectId: string, environment: string): Promise<Record<string, string>> {\n const secrets = await this.exportSecrets(projectId, environment);\n return Object.fromEntries(secrets.map((s) => [s.key, s.value]));\n }\n\n /* Get a single secret with its value /\n async getSecret(projectId: string, environment: string, key: string): Promise<SecretWithValue> {\n const response = await this.request<{ secret: SecretWithValue }>(\n 'GET', `/api/v1/projects/${projectId}/environments/${environment}/secrets/${key}`\n );\n return response.secret;\n }\n\n /* Create a new secret /\n async createSecret(\n projectId: string, environment: string, key: string, value: string, description?: string\n ): Promise<Secret> {\n const response = await this.request<{ secret: Secret }>(\n 'POST', `/api/v1/projects/${projectId}/environments/${environment}/secrets`,\n { key, value, description }\n );\n this.clearCache(projectId, environment);\n return response.secret;\n }\n\n /* Update a secret's value /\n async updateSecret(\n projectId: string, environment: string, key: string, value: string, description?: string\n ): Promise<Secret> {\n const response = await this.request<{ secret: Secret }>(\n 'PUT', `/api/v1/projects/${projectId}/environments/${environment}/secrets/${key}`,\n { value, description }\n );\n this.clearCache(projectId, environment);\n return response.secret;\n }\n\n /* Set a secret (create or update) /\n async setSecret(\n projectId: string, environment: string, key: string, value: string, description?: string\n ): Promise<Secret> {\n try {\n return await this.updateSecret(projectId, environment, key, value, description);\n } catch (error) {\n if (error instanceof KeyEnvError && error.status === 404) {\n return this.createSecret(projectId, environment, key, value, description);\n }\n throw error;\n }\n }\n\n /* Delete a secret /\n async deleteSecret(projectId: string, environment: string, key: string): Promise<void> {\n await this.request<void>(\n 'DELETE', `/api/v1/projects/${projectId}/environments/${environment}/secrets/${key}`\n );\n this.clearCache(projectId, environment);\n }\n\n /* Get secret version history /\n async getSecretHistory(projectId: string, environment: string, key: string): Promise<SecretHistory[]> {\n const response = await this.request<{ history: SecretHistory[] }>(\n 'GET', `/api/v1/projects/${projectId}/environments/${environment}/secrets/${key}/history`\n );\n return response.history;\n }\n\n /\n Bulk import secrets\n * @example\n * ```ts\n * await client.bulkImport('project-id', 'development', [\n * { key: 'DATABASE_URL', value: 'postgres://...' },\n * { key: 'API_KEY', value: 'sk_...' },\n * ], { overwrite: true });\n * ```\n /\n async bulkImport(\n projectId: string, environment: string, secrets: BulkSecretItem[], options: { overwrite?: boolean } = {}\n ): Promise<BulkImportResult> {\n const result = await this.request<BulkImportResult>(\n 'POST', `/api/v1/projects/${projectId}/environments/${environment}/secrets/bulk`,\n { secrets, overwrite: options.overwrite ?? false }\n );\n this.clearCache(projectId, environment);\n return result;\n }\n\n /\n Load secrets into process.env\n * @example\n * ```ts\n * await client.loadEnv('project-id', 'production');\n * console.log(process.env.DATABASE_URL);\n * ```\n /\n async loadEnv(projectId: string, environment: string): Promise<number> {\n const secrets = await this.exportSecrets(projectId, environment);\n for (const secret of secrets) {\n process.env[secret.key] = secret.value;\n }\n return secrets.length;\n }\n\n /* Generate .env file content from secrets /\n async generateEnvFile(projectId: string, environment: string): Promise<string> {\n const secrets = await this.exportSecrets(projectId, environment);\n const lines = [\n '# Generated by KeyEnv',\n `# Environment: ${environment}`,\n `# Generated at: ${new Date().toISOString()}`,\n '',\n ];\n\n for (const secret of secrets) {\n const value = secret.value;\n if (value.includes('\\n') \|\| value.includes('\"') \|\| value.includes(\"'\") \|\| value.includes(' ')) {\n const escaped = value.replace(/\\\\/g, '\\\\\\\\').replace(/\"/g, '\\\\\"');\n lines.push(`${secret.key}=\"${escaped}\"`);\n } else {\n lines.push(`${secret.key}=${value}`);\n }\n }\n\n return lines.join('\\n') + '\\n';\n }\n\n /\n Clear the secrets cache.\n * @param projectId - Clear cache for specific project (optional)\n * @param environment - Clear cache for specific environment (requires projectId)\n /\n clearCache(projectId?: string, environment?: string): void {\n if (projectId && environment) {\n secretsCache.delete(getCacheKey(projectId, environment));\n } else if (projectId) {\n // Clear all environments for this project\n for (const key of secretsCache.keys()) {\n if (key.startsWith(`${projectId}:`)) {\n secretsCache.delete(key);\n }\n }\n } else {\n secretsCache.clear();\n }\n }\n\n // ============================================================================\n // Environment Permission Management\n // ============================================================================\n\n /\n List all permissions for an environment.\n * @param projectId - The project ID\n * @param environment - The environment name\n * @returns Array of environment permissions\n * @example\n * ```ts\n * const permissions = await client.listPermissions('project-id', 'production');\n * for (const perm of permissions) {\n * console.log(`${perm.user_email}: ${perm.role}`);\n * }\n * ```\n /\n async listPermissions(projectId: string, environment: string): Promise<EnvironmentPermission[]> {\n const response = await this.request<{ permissions: EnvironmentPermission[] }>(\n 'GET', `/api/v1/projects/${projectId}/environments/${environment}/permissions`\n );\n return response.permissions;\n }\n\n /\n Set a user's permission for an environment.\n * @param projectId - The project ID\n * @param environment - The environment name\n * @param userId - The user ID to set permission for\n * @param role - The permission role ('none', 'read', 'write', or 'admin')\n * @returns The created or updated permission\n * @example\n * ```ts\n * const permission = await client.setPermission('project-id', 'production', 'user-id', 'write');\n * console.log(`Set ${permission.user_email} to ${permission.role}`);\n * ```\n /\n async setPermission(\n projectId: string, environment: string, userId: string, role: EnvironmentRole\n ): Promise<EnvironmentPermission> {\n const response = await this.request<{ permission: EnvironmentPermission }>(\n 'PUT', `/api/v1/projects/${projectId}/environments/${environment}/permissions/${userId}`,\n { role }\n );\n return response.permission;\n }\n\n /\n Delete a user's permission for an environment.\n * @param projectId - The project ID\n * @param environment - The environment name\n * @param userId - The user ID to delete permission for\n * @example\n * ```ts\n * await client.deletePermission('project-id', 'production', 'user-id');\n * ```\n /\n async deletePermission(projectId: string, environment: string, userId: string): Promise<void> {\n await this.request<void>(\n 'DELETE', `/api/v1/projects/${projectId}/environments/${environment}/permissions/${userId}`\n );\n }\n\n /\n Bulk set permissions for multiple users in an environment.\n * @param projectId - The project ID\n * @param environment - The environment name\n * @param permissions - Array of user permissions to set\n * @returns Array of created or updated permissions\n * @example\n * ```ts\n * const permissions = await client.bulkSetPermissions('project-id', 'production', [\n * { userId: 'user-1', role: 'write' },\n * { userId: 'user-2', role: 'read' },\n * ]);\n * ```\n /\n async bulkSetPermissions(\n projectId: string, environment: string, permissions: Array<{ userId: string; role: EnvironmentRole }>\n ): Promise<EnvironmentPermission[]> {\n const response = await this.request<{ permissions: EnvironmentPermission[] }>(\n 'PUT', `/api/v1/projects/${projectId}/environments/${environment}/permissions`,\n { permissions: permissions.map(p => ({ user_id: p.userId, role: p.role })) }\n );\n return response.permissions;\n }\n\n /\n Get the current user's permissions for all environments in a project.\n * @param projectId - The project ID\n * @returns The user's permissions and team admin status\n * @example\n * ```ts\n * const { permissions, is_team_admin } = await client.getMyPermissions('project-id');\n * for (const perm of permissions) {\n * console.log(`${perm.environment_name}: ${perm.role} (can_write: ${perm.can_write})`);\n * }\n * ```\n /\n async getMyPermissions(projectId: string): Promise<MyPermissionsResponse> {\n return this.request<MyPermissionsResponse>('GET', `/api/v1/projects/${projectId}/my-permissions`);\n }\n\n /\n Get default permission settings for a project's environments.\n * @param projectId - The project ID\n * @returns Array of project default permissions\n * @example\n * ```ts\n * const defaults = await client.getProjectDefaults('project-id');\n * for (const def of defaults) {\n * console.log(`${def.environment_name}: ${def.default_role}`);\n * }\n * ```\n /\n async getProjectDefaults(projectId: string): Promise<ProjectDefault[]> {\n const response = await this.request<{ defaults: ProjectDefault[] }>(\n 'GET', `/api/v1/projects/${projectId}/permissions/defaults`\n );\n return response.defaults;\n }\n\n /\n Set default permission settings for a project's environments.\n * @param projectId - The project ID\n * @param defaults - Array of default permissions to set\n * @returns Array of updated project default permissions\n * @example\n * ```ts\n * const defaults = await client.setProjectDefaults('project-id', [\n * { environmentName: 'development', defaultRole: 'write' },\n * { environmentName: 'production', defaultRole: 'read' },\n * ]);\n * ```\n */\n async setProjectDefaults(\n projectId: string, defaults: Array<{ environmentName: string; defaultRole: EnvironmentRole }>\n ): Promise<ProjectDefault[]> {\n const response = await this.request<{ defaults: ProjectDefault[] }>(\n 'PUT', `/api/v1/projects/${projectId}/permissions/defaults`,\n { defaults: defaults.map(d => ({ environment_name: d.environmentName, default_role: d.defaultRole })) }\n );\n return response.defaults;\n }\n}\n"],"mappings":";AAsGO,IAAM,cAAN,cAA0B,MAAM;AAAA,EACrB;AAAA,EACA;AAAA,EACA;AAAA,EAEhB,YAAY,SAAiB,QAAgB,MAAe,SAAmC;AAC7F,UAAM,OAAO;AACb,SAAK,OAAO;AACZ,SAAK,SAAS;AACd,SAAK,OAAO;AACZ,SAAK,UAAU;AAAA,EACjB;AACF;;;AC/FA,IAAM,WAAW;AACjB,IAAM,kBAAkB;AAGxB,IAAM,eAAe,oBAAI,IAA+D;AAExF,SAAS,YAAY,WAAmB,aAA6B;AACnE,SAAO,GAAG,SAAS,IAAI,WAAW;AACpC;AAeO,IAAM,SAAN,MAAa;AAAA,EACD;AAAA,EACA;AAAA,EACA;AAAA,EAEjB,YAAY,SAAwB;AAClC,QAAI,CAAC,QAAQ,OAAO;AAClB,YAAM,IAAI,MAAM,0BAA0B;AAAA,IAC5C;AACA,SAAK,QAAQ,QAAQ;AACrB,SAAK,UAAU,QAAQ,WAAW;AAElC,SAAK,WAAW,QAAQ,aACrB,QAAQ,IAAI,mBAAmB,SAAS,QAAQ,IAAI,kBAAkB,EAAE,IAAI;AAAA,EACjF;AAAA,EAEA,MAAc,QAAW,QAAgB,MAAc,MAA4B;AACjF,UAAM,MAAM,GAAG,QAAQ,GAAG,IAAI;AAC9B,UAAM,aAAa,IAAI,gBAAgB;AACvC,UAAM,YAAY,WAAW,MAAM,WAAW,MAAM,GAAG,KAAK,OAAO;AAEnE,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,KAAK;AAAA,QAChC;AAAA,QACA,SAAS;AAAA,UACP,iBAAiB,UAAU,KAAK,KAAK;AAAA,UACrC,gBAAgB;AAAA,UAChB,cAAc;AAAA,QAChB;AAAA,QACA,MAAM,OAAO,KAAK,UAAU,IAAI,IAAI;AAAA,QACpC,QAAQ,WAAW;AAAA,MACrB,CAAC;AAED,mBAAa,SAAS;AAEtB,UAAI,CAAC,SAAS,IAAI;AAChB,YAAI,YAAsB,EAAE,OAAO,gBAAgB;AACnD,YAAI;AACF,sBAAY,MAAM,SAAS,KAAK;AAAA,QAClC,QAAQ;AACN,sBAAY,EAAE,OAAO,SAAS,WAAW;AAAA,QAC3C;AACA,cAAM,IAAI,YAAY,UAAU,OAAO,SAAS,QAAQ,UAAU,MAAM,UAAU,OAAO;AAAA,MAC3F;AAEA,UAAI,SAAS,WAAW,KAAK;AAC3B,eAAO;AAAA,MACT;AAEA,aAAO,SAAS,KAAK;AAAA,IACvB,SAAS,OAAO;AACd,mBAAa,SAAS;AACtB,UAAI,iBAAiB,YAAa,OAAM;AACxC,UAAI,iBAAiB,SAAS,MAAM,SAAS,cAAc;AACzD,cAAM,IAAI,YAAY,mBAAmB,GAAG;AAAA,MAC9C;AACA,YAAM,IAAI,YAAY,iBAAiB,QAAQ,MAAM,UAAU,iBAAiB,CAAC;AAAA,IACnF;AAAA,EACF;AAAA;AAAA,EAGA,MAAM,iBAAgC;AACpC,WAAO,KAAK,QAAc,OAAO,kBAAkB;AAAA,EACrD;AAAA;AAAA,EAGA,MAAM,gBAA+B;AACnC,WAAO,KAAK,eAAe;AAAA,EAC7B;AAAA;AAAA,EAGA,MAAM,eAAmC;AACvC,UAAM,WAAW,MAAM,KAAK,QAAiC,OAAO,kBAAkB;AACtF,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA,EAGA,MAAM,WAAW,WAAqD;AACpE,WAAO,KAAK,QAAiC,OAAO,oBAAoB,SAAS,EAAE;AAAA,EACrF;AAAA;AAAA,EAGA,MAAM,cAAc,QAAgB,MAAgC;AAClE,WAAO,KAAK,QAAiB,QAAQ,oBAAoB,EAAE,SAAS,QAAQ,KAAK,CAAC;AAAA,EACpF;AAAA;AAAA,EAGA,MAAM,cAAc,WAAkC;AACpD,UAAM,KAAK,QAAc,UAAU,oBAAoB,SAAS,EAAE;AAAA,EACpE;AAAA;AAAA,EAGA,MAAM,iBAAiB,WAA2C;AAChE,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MAAO,oBAAoB,SAAS;AAAA,IACtC;AACA,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA,EAGA,MAAM,kBAAkB,WAAmB,MAAc,cAA6C;AACpG,WAAO,KAAK;AAAA,MACV;AAAA,MAAQ,oBAAoB,SAAS;AAAA,MACrC,EAAE,MAAM,eAAe,aAAa;AAAA,IACtC;AAAA,EACF;AAAA;AAAA,EAGA,MAAM,kBAAkB,WAAmB,aAAoC;AAC7E,UAAM,KAAK,QAAc,UAAU,oBAAoB,SAAS,iBAAiB,WAAW,EAAE;AAAA,EAChG;AAAA;AAAA,EAGA,MAAM,YAAY,WAAmB,aAAwC;AAC3E,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MAAO,oBAAoB,SAAS,iBAAiB,WAAW;AAAA,IAClE;AACA,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,MAAM,cAAc,WAAmB,aAAiD;AACtF,UAAM,WAAW,YAAY,WAAW,WAAW;AAGnD,QAAI,KAAK,WAAW,GAAG;AACrB,YAAM,SAAS,aAAa,IAAI,QAAQ;AACxC,UAAI,UAAU,KAAK,IAAI,IAAI,OAAO,WAAW;AAC3C,eAAO,OAAO;AAAA,MAChB;AAAA,IACF;AAEA,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MAAO,oBAAoB,SAAS,iBAAiB,WAAW;AAAA,IAClE;AAGA,QAAI,KAAK,WAAW,GAAG;AACrB,mBAAa,IAAI,UAAU;AAAA,QACzB,SAAS,SAAS;AAAA,QAClB,WAAW,KAAK,IAAI,IAAK,KAAK,WAAW;AAAA,MAC3C,CAAC;AAAA,IACH;AAEA,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,MAAM,sBAAsB,WAAmB,aAAsD;AACnG,UAAM,UAAU,MAAM,KAAK,cAAc,WAAW,WAAW;AAC/D,WAAO,OAAO,YAAY,QAAQ,IAAI,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC;AAAA,EAChE;AAAA;AAAA,EAGA,MAAM,UAAU,WAAmB,aAAqB,KAAuC;AAC7F,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MAAO,oBAAoB,SAAS,iBAAiB,WAAW,YAAY,GAAG;AAAA,IACjF;AACA,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA,EAGA,MAAM,aACJ,WAAmB,aAAqB,KAAa,OAAe,aACnD;AACjB,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MAAQ,oBAAoB,SAAS,iBAAiB,WAAW;AAAA,MACjE,EAAE,KAAK,OAAO,YAAY;AAAA,IAC5B;AACA,SAAK,WAAW,WAAW,WAAW;AACtC,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA,EAGA,MAAM,aACJ,WAAmB,aAAqB,KAAa,OAAe,aACnD;AACjB,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MAAO,oBAAoB,SAAS,iBAAiB,WAAW,YAAY,GAAG;AAAA,MAC/E,EAAE,OAAO,YAAY;AAAA,IACvB;AACA,SAAK,WAAW,WAAW,WAAW;AACtC,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA,EAGA,MAAM,UACJ,WAAmB,aAAqB,KAAa,OAAe,aACnD;AACjB,QAAI;AACF,aAAO,MAAM,KAAK,aAAa,WAAW,aAAa,KAAK,OAAO,WAAW;AAAA,IAChF,SAAS,OAAO;AACd,UAAI,iBAAiB,eAAe,MAAM,WAAW,KAAK;AACxD,eAAO,KAAK,aAAa,WAAW,aAAa,KAAK,OAAO,WAAW;AAAA,MAC1E;AACA,YAAM;AAAA,IACR;AAAA,EACF;AAAA;AAAA,EAGA,MAAM,aAAa,WAAmB,aAAqB,KAA4B;AACrF,UAAM,KAAK;AAAA,MACT;AAAA,MAAU,oBAAoB,SAAS,iBAAiB,WAAW,YAAY,GAAG;AAAA,IACpF;AACA,SAAK,WAAW,WAAW,WAAW;AAAA,EACxC;AAAA;AAAA,EAGA,MAAM,iBAAiB,WAAmB,aAAqB,KAAuC;AACpG,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MAAO,oBAAoB,SAAS,iBAAiB,WAAW,YAAY,GAAG;AAAA,IACjF;AACA,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAYA,MAAM,WACJ,WAAmB,aAAqB,SAA2B,UAAmC,CAAC,GAC5E;AAC3B,UAAM,SAAS,MAAM,KAAK;AAAA,MACxB;AAAA,MAAQ,oBAAoB,SAAS,iBAAiB,WAAW;AAAA,MACjE,EAAE,SAAS,WAAW,QAAQ,aAAa,MAAM;AAAA,IACnD;AACA,SAAK,WAAW,WAAW,WAAW;AACtC,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,MAAM,QAAQ,WAAmB,aAAsC;AACrE,UAAM,UAAU,MAAM,KAAK,cAAc,WAAW,WAAW;AAC/D,eAAW,UAAU,SAAS;AAC5B,cAAQ,IAAI,OAAO,GAAG,IAAI,OAAO;AAAA,IACnC;AACA,WAAO,QAAQ;AAAA,EACjB;AAAA;AAAA,EAGA,MAAM,gBAAgB,WAAmB,aAAsC;AAC7E,UAAM,UAAU,MAAM,KAAK,cAAc,WAAW,WAAW;AAC/D,UAAM,QAAQ;AAAA,MACZ;AAAA,MACA,kBAAkB,WAAW;AAAA,MAC7B,oBAAmB,oBAAI,KAAK,GAAE,YAAY,CAAC;AAAA,MAC3C;AAAA,IACF;AAEA,eAAW,UAAU,SAAS;AAC5B,YAAM,QAAQ,OAAO;AACrB,UAAI,MAAM,SAAS,IAAI,KAAK,MAAM,SAAS,GAAG,KAAK,MAAM,SAAS,GAAG,KAAK,MAAM,SAAS,GAAG,GAAG;AAC7F,cAAM,UAAU,MAAM,QAAQ,OAAO,MAAM,EAAE,QAAQ,MAAM,KAAK;AAChE,cAAM,KAAK,GAAG,OAAO,GAAG,KAAK,OAAO,GAAG;AAAA,MACzC,OAAO;AACL,cAAM,KAAK,GAAG,OAAO,GAAG,IAAI,KAAK,EAAE;AAAA,MACrC;AAAA,IACF;AAEA,WAAO,MAAM,KAAK,IAAI,IAAI;AAAA,EAC5B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,WAAW,WAAoB,aAA4B;AACzD,QAAI,aAAa,aAAa;AAC5B,mBAAa,OAAO,YAAY,WAAW,WAAW,CAAC;AAAA,IACzD,WAAW,WAAW;AAEpB,iBAAW,OAAO,aAAa,KAAK,GAAG;AACrC,YAAI,IAAI,WAAW,GAAG,SAAS,GAAG,GAAG;AACnC,uBAAa,OAAO,GAAG;AAAA,QACzB;AAAA,MACF;AAAA,IACF,OAAO;AACL,mBAAa,MAAM;AAAA,IACrB;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAmBA,MAAM,gBAAgB,WAAmB,aAAuD;AAC9F,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MAAO,oBAAoB,SAAS,iBAAiB,WAAW;AAAA,IAClE;AACA,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAeA,MAAM,cACJ,WAAmB,aAAqB,QAAgB,MACxB;AAChC,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MAAO,oBAAoB,SAAS,iBAAiB,WAAW,gBAAgB,MAAM;AAAA,MACtF,EAAE,KAAK;AAAA,IACT;AACA,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAYA,MAAM,iBAAiB,WAAmB,aAAqB,QAA+B;AAC5F,UAAM,KAAK;AAAA,MACT;AAAA,MAAU,oBAAoB,SAAS,iBAAiB,WAAW,gBAAgB,MAAM;AAAA,IAC3F;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAgBA,MAAM,mBACJ,WAAmB,aAAqB,aACN;AAClC,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MAAO,oBAAoB,SAAS,iBAAiB,WAAW;AAAA,MAChE,EAAE,aAAa,YAAY,IAAI,QAAM,EAAE,SAAS,EAAE,QAAQ,MAAM,EAAE,KAAK,EAAE,EAAE;AAAA,IAC7E;AACA,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAcA,MAAM,iBAAiB,WAAmD;AACxE,WAAO,KAAK,QAA+B,OAAO,oBAAoB,SAAS,iBAAiB;AAAA,EAClG;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAcA,MAAM,mBAAmB,WAA8C;AACrE,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MAAO,oBAAoB,SAAS;AAAA,IACtC;AACA,WAAO,SAAS;AAAA,EAClB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAeA,MAAM,mBACJ,WAAmB,UACQ;AAC3B,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MAAO,oBAAoB,SAAS;AAAA,MACpC,EAAE,UAAU,SAAS,IAAI,QAAM,EAAE,kBAAkB,EAAE,iBAAiB,cAAc,EAAE,YAAY,EAAE,EAAE;AAAA,IACxG;AACA,WAAO,SAAS;AAAA,EAClB;AACF;","names":[]}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "keyenv",
-  "version": "0.1.0",
+  "version": "1.1.0",
   "description": "Official Node.js SDK for KeyEnv - Secure secrets management",
   "main": "dist/index.js",
   "module": "dist/index.mjs",