npm - latchkey - Versions diffs - 0.1.0 - Mend

latchkey 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (176) hide show

package/.nvmrc +1 -0
package/.pre-commit-config.yaml +22 -0
package/.prettierignore +4 -0
package/.prettierrc +7 -0
package/CLAUDE.md +13 -0
package/LICENSE +7 -0
package/README.md +167 -0
package/dist/scripts/cryptFile.d.ts +21 -0
package/dist/scripts/cryptFile.d.ts.map +1 -0
package/dist/scripts/cryptFile.js +106 -0
package/dist/scripts/cryptFile.js.map +1 -0
package/dist/scripts/encryptFile.d.ts +21 -0
package/dist/scripts/encryptFile.d.ts.map +1 -0
package/dist/scripts/encryptFile.js +101 -0
package/dist/scripts/encryptFile.js.map +1 -0
package/dist/scripts/recordBrowserSession.d.ts +18 -0
package/dist/scripts/recordBrowserSession.d.ts.map +1 -0
package/dist/scripts/recordBrowserSession.js +213 -0
package/dist/scripts/recordBrowserSession.js.map +1 -0
package/dist/src/apiCredentialStore.d.ts +19 -0
package/dist/src/apiCredentialStore.d.ts.map +1 -0
package/dist/src/apiCredentialStore.js +65 -0
package/dist/src/apiCredentialStore.js.map +1 -0
package/dist/src/apiCredentials.d.ts +134 -0
package/dist/src/apiCredentials.d.ts.map +1 -0
package/dist/src/apiCredentials.js +139 -0
package/dist/src/apiCredentials.js.map +1 -0
package/dist/src/browserConfig.d.ts +90 -0
package/dist/src/browserConfig.d.ts.map +1 -0
package/dist/src/browserConfig.js +259 -0
package/dist/src/browserConfig.js.map +1 -0
package/dist/src/browserState.d.ts +8 -0
package/dist/src/browserState.d.ts.map +1 -0
package/dist/src/browserState.js +21 -0
package/dist/src/browserState.js.map +1 -0
package/dist/src/cli.d.ts +6 -0
package/dist/src/cli.d.ts.map +1 -0
package/dist/src/cli.js +25 -0
package/dist/src/cli.js.map +1 -0
package/dist/src/cliCommands.d.ts +29 -0
package/dist/src/cliCommands.d.ts.map +1 -0
package/dist/src/cliCommands.js +264 -0
package/dist/src/cliCommands.js.map +1 -0
package/dist/src/config.d.ts +35 -0
package/dist/src/config.d.ts.map +1 -0
package/dist/src/config.js +96 -0
package/dist/src/config.js.map +1 -0
package/dist/src/curl.d.ts +29 -0
package/dist/src/curl.d.ts.map +1 -0
package/dist/src/curl.js +53 -0
package/dist/src/curl.js.map +1 -0
package/dist/src/encryptedStorage.d.ts +39 -0
package/dist/src/encryptedStorage.d.ts.map +1 -0
package/dist/src/encryptedStorage.js +128 -0
package/dist/src/encryptedStorage.js.map +1 -0
package/dist/src/encryption.d.ts +28 -0
package/dist/src/encryption.d.ts.map +1 -0
package/dist/src/encryption.js +86 -0
package/dist/src/encryption.js.map +1 -0
package/dist/src/index.d.ts +14 -0
package/dist/src/index.d.ts.map +1 -0
package/dist/src/index.js +17 -0
package/dist/src/index.js.map +1 -0
package/dist/src/keychain.d.ts +33 -0
package/dist/src/keychain.d.ts.map +1 -0
package/dist/src/keychain.js +94 -0
package/dist/src/keychain.js.map +1 -0
package/dist/src/playwrightUtils.d.ts +27 -0
package/dist/src/playwrightUtils.d.ts.map +1 -0
package/dist/src/playwrightUtils.js +122 -0
package/dist/src/playwrightUtils.js.map +1 -0
package/dist/src/registry.d.ts +12 -0
package/dist/src/registry.d.ts.map +1 -0
package/dist/src/registry.js +30 -0
package/dist/src/registry.js.map +1 -0
package/dist/src/services/base.d.ts +98 -0
package/dist/src/services/base.d.ts.map +1 -0
package/dist/src/services/base.js +137 -0
package/dist/src/services/base.js.map +1 -0
package/dist/src/services/discord.d.ts +20 -0
package/dist/src/services/discord.d.ts.map +1 -0
package/dist/src/services/discord.js +55 -0
package/dist/src/services/discord.js.map +1 -0
package/dist/src/services/dropbox.d.ts +23 -0
package/dist/src/services/dropbox.d.ts.map +1 -0
package/dist/src/services/dropbox.js +136 -0
package/dist/src/services/dropbox.js.map +1 -0
package/dist/src/services/github.d.ts +23 -0
package/dist/src/services/github.d.ts.map +1 -0
package/dist/src/services/github.js +110 -0
package/dist/src/services/github.js.map +1 -0
package/dist/src/services/index.d.ts +12 -0
package/dist/src/services/index.d.ts.map +1 -0
package/dist/src/services/index.js +11 -0
package/dist/src/services/index.js.map +1 -0
package/dist/src/services/linear.d.ts +23 -0
package/dist/src/services/linear.d.ts.map +1 -0
package/dist/src/services/linear.js +110 -0
package/dist/src/services/linear.js.map +1 -0
package/dist/src/services/slack.d.ts +21 -0
package/dist/src/services/slack.d.ts.map +1 -0
package/dist/src/services/slack.js +67 -0
package/dist/src/services/slack.js.map +1 -0
package/dist/tests/apiCredentialStore.test.d.ts +2 -0
package/dist/tests/apiCredentialStore.test.d.ts.map +1 -0
package/dist/tests/apiCredentialStore.test.js +130 -0
package/dist/tests/apiCredentialStore.test.js.map +1 -0
package/dist/tests/apiCredentials.test.d.ts +2 -0
package/dist/tests/apiCredentials.test.d.ts.map +1 -0
package/dist/tests/apiCredentials.test.js +169 -0
package/dist/tests/apiCredentials.test.js.map +1 -0
package/dist/tests/cli.test.d.ts +2 -0
package/dist/tests/cli.test.d.ts.map +1 -0
package/dist/tests/cli.test.js +584 -0
package/dist/tests/cli.test.js.map +1 -0
package/dist/tests/encryptedStorage.test.d.ts +2 -0
package/dist/tests/encryptedStorage.test.d.ts.map +1 -0
package/dist/tests/encryptedStorage.test.js +126 -0
package/dist/tests/encryptedStorage.test.js.map +1 -0
package/dist/tests/encryption.test.d.ts +2 -0
package/dist/tests/encryption.test.d.ts.map +1 -0
package/dist/tests/encryption.test.js +121 -0
package/dist/tests/encryption.test.js.map +1 -0
package/dist/tests/lint.test.d.ts +2 -0
package/dist/tests/lint.test.d.ts.map +1 -0
package/dist/tests/lint.test.js +18 -0
package/dist/tests/lint.test.js.map +1 -0
package/dist/tests/registry.test.d.ts +2 -0
package/dist/tests/registry.test.d.ts.map +1 -0
package/dist/tests/registry.test.js +85 -0
package/dist/tests/registry.test.js.map +1 -0
package/dist/tests/servicesAgainstRecordings.test.d.ts +20 -0
package/dist/tests/servicesAgainstRecordings.test.d.ts.map +1 -0
package/dist/tests/servicesAgainstRecordings.test.js +157 -0
package/dist/tests/servicesAgainstRecordings.test.js.map +1 -0
package/dist/tests/typecheck.test.d.ts +2 -0
package/dist/tests/typecheck.test.d.ts.map +1 -0
package/dist/tests/typecheck.test.js +18 -0
package/dist/tests/typecheck.test.js.map +1 -0
package/docs/development.md +94 -0
package/eslint.config.js +30 -0
package/integrations/SKILL.md +62 -0
package/package.json +68 -0
package/scripts/cryptFile.ts +123 -0
package/scripts/recordBrowserSession.ts +280 -0
package/scripts/tsconfig.json +10 -0
package/src/apiCredentialStore.ts +87 -0
package/src/apiCredentials.ts +180 -0
package/src/cli.ts +32 -0
package/src/cliCommands.ts +321 -0
package/src/config.ts +115 -0
package/src/curl.ts +78 -0
package/src/encryptedStorage.ts +161 -0
package/src/encryption.ts +106 -0
package/src/index.ts +65 -0
package/src/keychain.ts +105 -0
package/src/playwrightUtils.ts +143 -0
package/src/registry.ts +35 -0
package/src/services/base.ts +234 -0
package/src/services/discord.ts +73 -0
package/src/services/dropbox.ts +173 -0
package/src/services/github.ts +139 -0
package/src/services/index.ts +13 -0
package/src/services/linear.ts +134 -0
package/src/services/slack.ts +85 -0
package/tests/apiCredentialStore.test.ts +162 -0
package/tests/apiCredentials.test.ts +195 -0
package/tests/cli.test.ts +798 -0
package/tests/encryptedStorage.test.ts +173 -0
package/tests/encryption.test.ts +169 -0
package/tests/lint.test.ts +19 -0
package/tests/registry.test.ts +103 -0
package/tests/servicesAgainstRecordings.test.ts +230 -0
package/tests/typecheck.test.ts +19 -0
package/tsconfig.json +24 -0
package/vitest.config.ts +13 -0

package/dist/src/encryptedStorage.js ADDED Viewed

@@ -0,0 +1,128 @@
+/**
+ * Encrypted file storage with automatic key management.
+ * Encryption keys are retrieved from:
+ * 1. Provided encryptionKeyOverride option
+ * 2. System keychain
+ * 3. Generated and stored in keychain (first run)
+ *
+ * Falls back to unencrypted storage with chmod 600 if keychain is unavailable.
+ */
+import { existsSync, mkdirSync, readFileSync, statSync, writeFileSync } from 'node:fs';
+import { dirname } from 'node:path';
+import { DEFAULT_KEYRING_SERVICE_NAME, DEFAULT_KEYRING_ACCOUNT_NAME } from './config.js';
+import { encrypt, decrypt, generateKey, DecryptionError } from './encryption.js';
+import { isKeychainAvailable, retrieveFromKeychain, storeInKeychain, KeychainNotAvailableError, } from './keychain.js';
+const ENCRYPTED_FILE_PREFIX = 'LATCHKEY_ENCRYPTED:';
+export class EncryptedStorageError extends Error {
+    constructor(message) {
+        super(message);
+        this.name = 'EncryptedStorageError';
+    }
+}
+export class PathIsDirectoryError extends Error {
+    constructor(filePath) {
+        super(`Path is a directory, not a file: ${filePath}`);
+        this.name = 'PathIsDirectoryError';
+    }
+}
+/**
+ * Manages encrypted file storage with automatic key handling.
+ */
+export class EncryptedStorage {
+    key;
+    constructor(options = {}) {
+        this.key = EncryptedStorage.initializeKey(options);
+    }
+    static initializeKey(options) {
+        // If key was provided via override, use it
+        if (options.encryptionKeyOverride !== undefined && options.encryptionKeyOverride !== null) {
+            return options.encryptionKeyOverride;
+        }
+        const serviceName = options.serviceName ?? DEFAULT_KEYRING_SERVICE_NAME;
+        const accountName = options.accountName ?? DEFAULT_KEYRING_ACCOUNT_NAME;
+        // Check if keychain is available
+        if (!isKeychainAvailable(serviceName, accountName)) {
+            return null;
+        }
+        // Try to retrieve from keychain
+        try {
+            const keychainKey = retrieveFromKeychain(serviceName, accountName);
+            if (keychainKey) {
+                return keychainKey;
+            }
+            // Generate new key and store in keychain
+            const newKey = generateKey();
+            storeInKeychain(serviceName, accountName, newKey);
+            return newKey;
+        }
+        catch (error) {
+            if (error instanceof KeychainNotAvailableError) {
+                // Fall back to unencrypted storage
+                return null;
+            }
+            throw error;
+        }
+    }
+    isEncryptionEnabled() {
+        return this.key !== null;
+    }
+    /**
+     * Read and decrypt a file.
+     */
+    readFile(filePath) {
+        if (!existsSync(filePath)) {
+            return null;
+        }
+        const stats = statSync(filePath);
+        if (stats.isDirectory()) {
+            throw new PathIsDirectoryError(filePath);
+        }
+        const content = readFileSync(filePath, 'utf-8');
+        // Check if the file is encrypted
+        if (content.startsWith(ENCRYPTED_FILE_PREFIX)) {
+            if (this.key === null) {
+                throw new EncryptedStorageError('File is encrypted but a key is not available. ' +
+                    'Set LATCHKEY_ENCRYPTION_KEY or ensure system keychain is accessible.');
+            }
+            const encryptedData = content.slice(ENCRYPTED_FILE_PREFIX.length);
+            try {
+                return decrypt(encryptedData, this.key);
+            }
+            catch (error) {
+                if (error instanceof DecryptionError) {
+                    throw new EncryptedStorageError(`Failed to decrypt file: ${error.message}. ` + 'The encryption key may have changed.');
+                }
+                throw error;
+            }
+        }
+        // File is not encrypted (fallback mode when keychain unavailable)
+        return content;
+    }
+    /**
+     * Encrypt and write data to a file.
+     * Creates parent directories. New files are created with chmod 600.
+     */
+    writeFile(filePath, content) {
+        const dir = dirname(filePath);
+        if (!existsSync(dir)) {
+            mkdirSync(dir, { recursive: true, mode: 0o700 });
+        }
+        if (existsSync(filePath)) {
+            const stats = statSync(filePath);
+            if (stats.isDirectory()) {
+                throw new PathIsDirectoryError(filePath);
+            }
+        }
+        let dataToWrite;
+        if (this.key !== null) {
+            const encryptedData = encrypt(content, this.key);
+            dataToWrite = ENCRYPTED_FILE_PREFIX + encryptedData;
+        }
+        else {
+            // Fallback to unencrypted storage
+            dataToWrite = content;
+        }
+        writeFileSync(filePath, dataToWrite, { encoding: 'utf-8', mode: 0o600 });
+    }
+}
+//# sourceMappingURL=encryptedStorage.js.map

package/dist/src/encryptedStorage.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"encryptedStorage.js","sourceRoot":"","sources":["../../src/encryptedStorage.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,YAAY,EAAE,QAAQ,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AACvF,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,4BAA4B,EAAE,4BAA4B,EAAE,MAAM,aAAa,CAAC;AACzF,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AACjF,OAAO,EACL,mBAAmB,EACnB,oBAAoB,EACpB,eAAe,EACf,yBAAyB,GAC1B,MAAM,eAAe,CAAC;AAEvB,MAAM,qBAAqB,GAAG,qBAAqB,CAAC;AAEpD,MAAM,OAAO,qBAAsB,SAAQ,KAAK;IAC9C,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,uBAAuB,CAAC;IACtC,CAAC;CACF;AAED,MAAM,OAAO,oBAAqB,SAAQ,KAAK;IAC7C,YAAY,QAAgB;QAC1B,KAAK,CAAC,oCAAoC,QAAQ,EAAE,CAAC,CAAC;QACtD,IAAI,CAAC,IAAI,GAAG,sBAAsB,CAAC;IACrC,CAAC;CACF;AAQD;;GAEG;AACH,MAAM,OAAO,gBAAgB;IACV,GAAG,CAAgB;IAEpC,YAAY,UAAmC,EAAE;QAC/C,IAAI,CAAC,GAAG,GAAG,gBAAgB,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;IACrD,CAAC;IAEO,MAAM,CAAC,aAAa,CAAC,OAAgC;QAC3D,2CAA2C;QAC3C,IAAI,OAAO,CAAC,qBAAqB,KAAK,SAAS,IAAI,OAAO,CAAC,qBAAqB,KAAK,IAAI,EAAE,CAAC;YAC1F,OAAO,OAAO,CAAC,qBAAqB,CAAC;QACvC,CAAC;QAED,MAAM,WAAW,GAAG,OAAO,CAAC,WAAW,IAAI,4BAA4B,CAAC;QACxE,MAAM,WAAW,GAAG,OAAO,CAAC,WAAW,IAAI,4BAA4B,CAAC;QAExE,iCAAiC;QACjC,IAAI,CAAC,mBAAmB,CAAC,WAAW,EAAE,WAAW,CAAC,EAAE,CAAC;YACnD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,gCAAgC;QAChC,IAAI,CAAC;YACH,MAAM,WAAW,GAAG,oBAAoB,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC;YACnE,IAAI,WAAW,EAAE,CAAC;gBAChB,OAAO,WAAW,CAAC;YACrB,CAAC;YAED,yCAAyC;YACzC,MAAM,MAAM,GAAG,WAAW,EAAE,CAAC;YAC7B,eAAe,CAAC,WAAW,EAAE,WAAW,EAAE,MAAM,CAAC,CAAC;YAClD,OAAO,MAAM,CAAC;QAChB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,yBAAyB,EAAE,CAAC;gBAC/C,mCAAmC;gBACnC,OAAO,IAAI,CAAC;YACd,CAAC;YACD,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAEO,mBAAmB;QACzB,OAAO,IAAI,CAAC,GAAG,KAAK,IAAI,CAAC;IAC3B,CAAC;IAED;;OAEG;IACH,QAAQ,CAAC,QAAgB;QACvB,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC1B,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,KAAK,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC;QACjC,IAAI,KAAK,CAAC,WAAW,EAAE,EAAE,CAAC;YACxB,MAAM,IAAI,oBAAoB,CAAC,QAAQ,CAAC,CAAC;QAC3C,CAAC;QAED,MAAM,OAAO,GAAG,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAEhD,iCAAiC;QACjC,IAAI,OAAO,CAAC,UAAU,CAAC,qBAAqB,CAAC,EAAE,CAAC;YAC9C,IAAI,IAAI,CAAC,GAAG,KAAK,IAAI,EAAE,CAAC;gBACtB,MAAM,IAAI,qBAAqB,CAC7B,gDAAgD;oBAC9C,sEAAsE,CACzE,CAAC;YACJ,CAAC;YAED,MAAM,aAAa,GAAG,OAAO,CAAC,KAAK,CAAC,qBAAqB,CAAC,MAAM,CAAC,CAAC;YAClE,IAAI,CAAC;gBACH,OAAO,OAAO,CAAC,aAAa,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;YAC1C,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,IAAI,KAAK,YAAY,eAAe,EAAE,CAAC;oBACrC,MAAM,IAAI,qBAAqB,CAC7B,2BAA2B,KAAK,CAAC,OAAO,IAAI,GAAG,sCAAsC,CACtF,CAAC;gBACJ,CAAC;gBACD,MAAM,KAAK,CAAC;YACd,CAAC;QACH,CAAC;QAED,kEAAkE;QAClE,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;;OAGG;IACH,SAAS,CAAC,QAAgB,EAAE,OAAe;QACzC,MAAM,GAAG,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;QAC9B,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YACrB,SAAS,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QACnD,CAAC;QAED,IAAI,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YACzB,MAAM,KAAK,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC;YACjC,IAAI,KAAK,CAAC,WAAW,EAAE,EAAE,CAAC;gBACxB,MAAM,IAAI,oBAAoB,CAAC,QAAQ,CAAC,CAAC;YAC3C,CAAC;QACH,CAAC;QAED,IAAI,WAAmB,CAAC;QACxB,IAAI,IAAI,CAAC,GAAG,KAAK,IAAI,EAAE,CAAC;YACtB,MAAM,aAAa,GAAG,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;YACjD,WAAW,GAAG,qBAAqB,GAAG,aAAa,CAAC;QACtD,CAAC;aAAM,CAAC;YACN,kCAAkC;YAClC,WAAW,GAAG,OAAO,CAAC;QACxB,CAAC;QAED,aAAa,CAAC,QAAQ,EAAE,WAAW,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IAC3E,CAAC;CACF"}

package/dist/src/encryption.d.ts ADDED Viewed

@@ -0,0 +1,28 @@
+/**
+ * Encryption utilities for secure credential storage.
+ * Uses AES-256-GCM for authenticated encryption.
+ */
+export declare class EncryptionError extends Error {
+    constructor(message: string);
+}
+export declare class DecryptionError extends Error {
+    constructor(message: string);
+}
+/**
+ * Encrypt data using AES-256-GCM.
+ * The key should be a base64-encoded 256-bit key.
+ * Returns a base64-encoded string containing: iv + authTag + ciphertext
+ */
+export declare function encrypt(plaintext: string, keyBase64: string): string;
+/**
+ * Decrypt data that was encrypted with the encrypt function.
+ * The key should be a base64-encoded 256-bit key.
+ * Input should be a base64-encoded string containing: iv + authTag + ciphertext
+ */
+export declare function decrypt(encryptedData: string, keyBase64: string): string;
+/**
+ * Generate a cryptographically secure random 256-bit key.
+ * Returns the key as a base64-encoded string.
+ */
+export declare function generateKey(): string;
+//# sourceMappingURL=encryption.d.ts.map

package/dist/src/encryption.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"encryption.d.ts","sourceRoot":"","sources":["../../src/encryption.ts"],"names":[],"mappings":"AAAA;;;GAGG;AASH,qBAAa,eAAgB,SAAQ,KAAK;gBAC5B,OAAO,EAAE,MAAM;CAI5B;AAED,qBAAa,eAAgB,SAAQ,KAAK;gBAC5B,OAAO,EAAE,MAAM;CAI5B;AAED;;;;GAIG;AACH,wBAAgB,OAAO,CAAC,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,MAAM,CA0BpE;AAED;;;;GAIG;AACH,wBAAgB,OAAO,CAAC,aAAa,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,MAAM,CAiCxE;AAED;;;GAGG;AACH,wBAAgB,WAAW,IAAI,MAAM,CAEpC"}

package/dist/src/encryption.js ADDED Viewed

@@ -0,0 +1,86 @@
+/**
+ * Encryption utilities for secure credential storage.
+ * Uses AES-256-GCM for authenticated encryption.
+ */
+import { createCipheriv, createDecipheriv, randomBytes } from 'node:crypto';
+const ALGORITHM = 'aes-256-gcm';
+const KEY_LENGTH = 32; // 256 bits
+const IV_LENGTH = 12; // 96 bits for GCM
+const AUTH_TAG_LENGTH = 16; // 128 bits
+export class EncryptionError extends Error {
+    constructor(message) {
+        super(message);
+        this.name = 'EncryptionError';
+    }
+}
+export class DecryptionError extends Error {
+    constructor(message) {
+        super(message);
+        this.name = 'DecryptionError';
+    }
+}
+/**
+ * Encrypt data using AES-256-GCM.
+ * The key should be a base64-encoded 256-bit key.
+ * Returns a base64-encoded string containing: iv + authTag + ciphertext
+ */
+export function encrypt(plaintext, keyBase64) {
+    try {
+        const key = Buffer.from(keyBase64, 'base64');
+        if (key.length !== KEY_LENGTH) {
+            throw new EncryptionError(`Invalid key length: expected ${String(KEY_LENGTH)} bytes, got ${String(key.length)}`);
+        }
+        const iv = randomBytes(IV_LENGTH);
+        const cipher = createCipheriv(ALGORITHM, key, iv, { authTagLength: AUTH_TAG_LENGTH });
+        const ciphertext = Buffer.concat([cipher.update(plaintext, 'utf8'), cipher.final()]);
+        const authTag = cipher.getAuthTag();
+        // Combine: iv (12) + authTag (16) + ciphertext
+        const combined = Buffer.concat([iv, authTag, ciphertext]);
+        return combined.toString('base64');
+    }
+    catch (error) {
+        if (error instanceof EncryptionError) {
+            throw error;
+        }
+        throw new EncryptionError(`Failed to encrypt data: ${error instanceof Error ? error.message : String(error)}`);
+    }
+}
+/**
+ * Decrypt data that was encrypted with the encrypt function.
+ * The key should be a base64-encoded 256-bit key.
+ * Input should be a base64-encoded string containing: iv + authTag + ciphertext
+ */
+export function decrypt(encryptedData, keyBase64) {
+    try {
+        const key = Buffer.from(keyBase64, 'base64');
+        if (key.length !== KEY_LENGTH) {
+            throw new DecryptionError(`Invalid key length: expected ${String(KEY_LENGTH)} bytes, got ${String(key.length)}`);
+        }
+        const combined = Buffer.from(encryptedData, 'base64');
+        // Minimum length is iv + authTag (ciphertext can be empty for empty string)
+        if (combined.length < IV_LENGTH + AUTH_TAG_LENGTH) {
+            throw new DecryptionError('Invalid encrypted data: too short');
+        }
+        const iv = combined.subarray(0, IV_LENGTH);
+        const authTag = combined.subarray(IV_LENGTH, IV_LENGTH + AUTH_TAG_LENGTH);
+        const ciphertext = combined.subarray(IV_LENGTH + AUTH_TAG_LENGTH);
+        const decipher = createDecipheriv(ALGORITHM, key, iv, { authTagLength: AUTH_TAG_LENGTH });
+        decipher.setAuthTag(authTag);
+        const decrypted = Buffer.concat([decipher.update(ciphertext), decipher.final()]);
+        return decrypted.toString('utf8');
+    }
+    catch (error) {
+        if (error instanceof DecryptionError) {
+            throw error;
+        }
+        throw new DecryptionError(`Failed to decrypt data: ${error instanceof Error ? error.message : String(error)}`);
+    }
+}
+/**
+ * Generate a cryptographically secure random 256-bit key.
+ * Returns the key as a base64-encoded string.
+ */
+export function generateKey() {
+    return randomBytes(KEY_LENGTH).toString('base64');
+}
+//# sourceMappingURL=encryption.js.map

package/dist/src/encryption.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"encryption.js","sourceRoot":"","sources":["../../src/encryption.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,cAAc,EAAE,gBAAgB,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAE5E,MAAM,SAAS,GAAG,aAAa,CAAC;AAChC,MAAM,UAAU,GAAG,EAAE,CAAC,CAAC,WAAW;AAClC,MAAM,SAAS,GAAG,EAAE,CAAC,CAAC,kBAAkB;AACxC,MAAM,eAAe,GAAG,EAAE,CAAC,CAAC,WAAW;AAEvC,MAAM,OAAO,eAAgB,SAAQ,KAAK;IACxC,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,iBAAiB,CAAC;IAChC,CAAC;CACF;AAED,MAAM,OAAO,eAAgB,SAAQ,KAAK;IACxC,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,iBAAiB,CAAC;IAChC,CAAC;CACF;AAED;;;;GAIG;AACH,MAAM,UAAU,OAAO,CAAC,SAAiB,EAAE,SAAiB;IAC1D,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;QAC7C,IAAI,GAAG,CAAC,MAAM,KAAK,UAAU,EAAE,CAAC;YAC9B,MAAM,IAAI,eAAe,CACvB,gCAAgC,MAAM,CAAC,UAAU,CAAC,eAAe,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CACtF,CAAC;QACJ,CAAC;QAED,MAAM,EAAE,GAAG,WAAW,CAAC,SAAS,CAAC,CAAC;QAElC,MAAM,MAAM,GAAG,cAAc,CAAC,SAAS,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,aAAa,EAAE,eAAe,EAAE,CAAC,CAAC;QACtF,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,EAAE,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QACrF,MAAM,OAAO,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;QAEpC,+CAA+C;QAC/C,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE,EAAE,OAAO,EAAE,UAAU,CAAC,CAAC,CAAC;QAC1D,OAAO,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IACrC,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,KAAK,YAAY,eAAe,EAAE,CAAC;YACrC,MAAM,KAAK,CAAC;QACd,CAAC;QACD,MAAM,IAAI,eAAe,CACvB,2BAA2B,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CACpF,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,OAAO,CAAC,aAAqB,EAAE,SAAiB;IAC9D,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;QAC7C,IAAI,GAAG,CAAC,MAAM,KAAK,UAAU,EAAE,CAAC;YAC9B,MAAM,IAAI,eAAe,CACvB,gCAAgC,MAAM,CAAC,UAAU,CAAC,eAAe,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CACtF,CAAC;QACJ,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAC;QAEtD,4EAA4E;QAC5E,IAAI,QAAQ,CAAC,MAAM,GAAG,SAAS,GAAG,eAAe,EAAE,CAAC;YAClD,MAAM,IAAI,eAAe,CAAC,mCAAmC,CAAC,CAAC;QACjE,CAAC;QAED,MAAM,EAAE,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC;QAC3C,MAAM,OAAO,GAAG,QAAQ,CAAC,QAAQ,CAAC,SAAS,EAAE,SAAS,GAAG,eAAe,CAAC,CAAC;QAC1E,MAAM,UAAU,GAAG,QAAQ,CAAC,QAAQ,CAAC,SAAS,GAAG,eAAe,CAAC,CAAC;QAElE,MAAM,QAAQ,GAAG,gBAAgB,CAAC,SAAS,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,aAAa,EAAE,eAAe,EAAE,CAAC,CAAC;QAC1F,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;QAE7B,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,UAAU,CAAC,EAAE,QAAQ,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QACjF,OAAO,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IACpC,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,KAAK,YAAY,eAAe,EAAE,CAAC;YACrC,MAAM,KAAK,CAAC;QACd,CAAC;QACD,MAAM,IAAI,eAAe,CACvB,2BAA2B,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CACpF,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,WAAW;IACzB,OAAO,WAAW,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;AACpD,CAAC"}

package/dist/src/index.d.ts ADDED Viewed

@@ -0,0 +1,14 @@
+/**
+ * Latchkey - A CLI tool that injects API credentials into curl requests.
+ */
+export { ApiCredentials, ApiCredentialStatus, AuthorizationBearer, AuthorizationBare, SlackApiCredentials, deserializeCredentials, serializeCredentials, } from './apiCredentials.js';
+export { ApiCredentialStore, ApiCredentialStoreError } from './apiCredentialStore.js';
+export { Config, CONFIG, InsecureFilePermissionsError } from './config.js';
+export { encrypt, decrypt, generateKey, EncryptionError, DecryptionError } from './encryption.js';
+export { EncryptedStorage, EncryptedStorageError } from './encryptedStorage.js';
+export { storeInKeychain, retrieveFromKeychain, deleteFromKeychain, isKeychainAvailable, KeychainError, KeychainNotAvailableError, } from './keychain.js';
+export { run as runCurl, runCaptured as runCurlCaptured, setSubprocessRunner, resetSubprocessRunner, setCapturingSubprocessRunner, resetCapturingSubprocessRunner, } from './curl.js';
+export { typeLikeHuman } from './playwrightUtils.js';
+export { Service, ServiceSession, SimpleServiceSession, BrowserFollowupServiceSession, LoginCancelledError, LoginFailedError, Slack, SLACK, Discord, DISCORD, Github, GITHUB, Dropbox, DROPBOX, Linear, LINEAR, } from './services/index.js';
+export { Registry, REGISTRY } from './registry.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/src/index.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAGH,OAAO,EACL,cAAc,EACd,mBAAmB,EACnB,mBAAmB,EACnB,iBAAiB,EACjB,mBAAmB,EACnB,sBAAsB,EACtB,oBAAoB,GACrB,MAAM,qBAAqB,CAAC;AAE7B,OAAO,EAAE,kBAAkB,EAAE,uBAAuB,EAAE,MAAM,yBAAyB,CAAC;AAEtF,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,4BAA4B,EAAE,MAAM,aAAa,CAAC;AAE3E,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,eAAe,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAElG,OAAO,EAAE,gBAAgB,EAAE,qBAAqB,EAAE,MAAM,uBAAuB,CAAC;AAEhF,OAAO,EACL,eAAe,EACf,oBAAoB,EACpB,kBAAkB,EAClB,mBAAmB,EACnB,aAAa,EACb,yBAAyB,GAC1B,MAAM,eAAe,CAAC;AAEvB,OAAO,EACL,GAAG,IAAI,OAAO,EACd,WAAW,IAAI,eAAe,EAC9B,mBAAmB,EACnB,qBAAqB,EACrB,4BAA4B,EAC5B,8BAA8B,GAC/B,MAAM,WAAW,CAAC;AAEnB,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAGrD,OAAO,EACL,OAAO,EACP,cAAc,EACd,oBAAoB,EACpB,6BAA6B,EAC7B,mBAAmB,EACnB,gBAAgB,EAChB,KAAK,EACL,KAAK,EACL,OAAO,EACP,OAAO,EACP,MAAM,EACN,MAAM,EACN,OAAO,EACP,OAAO,EACP,MAAM,EACN,MAAM,GACP,MAAM,qBAAqB,CAAC;AAG7B,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC"}

package/dist/src/index.js ADDED Viewed

@@ -0,0 +1,17 @@
+/**
+ * Latchkey - A CLI tool that injects API credentials into curl requests.
+ */
+// Core types and utilities
+export { ApiCredentialStatus, AuthorizationBearer, AuthorizationBare, SlackApiCredentials, deserializeCredentials, serializeCredentials, } from './apiCredentials.js';
+export { ApiCredentialStore, ApiCredentialStoreError } from './apiCredentialStore.js';
+export { Config, CONFIG, InsecureFilePermissionsError } from './config.js';
+export { encrypt, decrypt, generateKey, EncryptionError, DecryptionError } from './encryption.js';
+export { EncryptedStorage, EncryptedStorageError } from './encryptedStorage.js';
+export { storeInKeychain, retrieveFromKeychain, deleteFromKeychain, isKeychainAvailable, KeychainError, KeychainNotAvailableError, } from './keychain.js';
+export { run as runCurl, runCaptured as runCurlCaptured, setSubprocessRunner, resetSubprocessRunner, setCapturingSubprocessRunner, resetCapturingSubprocessRunner, } from './curl.js';
+export { typeLikeHuman } from './playwrightUtils.js';
+// Services
+export { ServiceSession, SimpleServiceSession, BrowserFollowupServiceSession, LoginCancelledError, LoginFailedError, Slack, SLACK, Discord, DISCORD, Github, GITHUB, Dropbox, DROPBOX, Linear, LINEAR, } from './services/index.js';
+// Registry
+export { Registry, REGISTRY } from './registry.js';
+//# sourceMappingURL=index.js.map

package/dist/src/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,2BAA2B;AAC3B,OAAO,EAEL,mBAAmB,EACnB,mBAAmB,EACnB,iBAAiB,EACjB,mBAAmB,EACnB,sBAAsB,EACtB,oBAAoB,GACrB,MAAM,qBAAqB,CAAC;AAE7B,OAAO,EAAE,kBAAkB,EAAE,uBAAuB,EAAE,MAAM,yBAAyB,CAAC;AAEtF,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,4BAA4B,EAAE,MAAM,aAAa,CAAC;AAE3E,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,eAAe,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAElG,OAAO,EAAE,gBAAgB,EAAE,qBAAqB,EAAE,MAAM,uBAAuB,CAAC;AAEhF,OAAO,EACL,eAAe,EACf,oBAAoB,EACpB,kBAAkB,EAClB,mBAAmB,EACnB,aAAa,EACb,yBAAyB,GAC1B,MAAM,eAAe,CAAC;AAEvB,OAAO,EACL,GAAG,IAAI,OAAO,EACd,WAAW,IAAI,eAAe,EAC9B,mBAAmB,EACnB,qBAAqB,EACrB,4BAA4B,EAC5B,8BAA8B,GAC/B,MAAM,WAAW,CAAC;AAEnB,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAErD,WAAW;AACX,OAAO,EAEL,cAAc,EACd,oBAAoB,EACpB,6BAA6B,EAC7B,mBAAmB,EACnB,gBAAgB,EAChB,KAAK,EACL,KAAK,EACL,OAAO,EACP,OAAO,EACP,MAAM,EACN,MAAM,EACN,OAAO,EACP,OAAO,EACP,MAAM,EACN,MAAM,GACP,MAAM,qBAAqB,CAAC;AAE7B,WAAW;AACX,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC"}

package/dist/src/keychain.d.ts ADDED Viewed

@@ -0,0 +1,33 @@
+/**
+ * System keychain integration for secure password storage.
+ * Uses @napi-rs/keyring for cross-platform support (macOS Keychain, Windows Credential Manager,
+ * Linux Secret Service via keyutils/kernel keyring).
+ */
+export declare class KeychainError extends Error {
+    constructor(message: string);
+}
+export declare class KeychainNotAvailableError extends KeychainError {
+    constructor(message: string);
+}
+/**
+ * Store a password in the system keychain.
+ * Throws KeychainNotAvailableError if the keychain is not accessible.
+ */
+export declare function storeInKeychain(serviceName: string, accountName: string, password: string): void;
+/**
+ * Retrieve a password from the system keychain.
+ * Returns null if the password is not found.
+ * Throws KeychainNotAvailableError if the keychain is not accessible.
+ */
+export declare function retrieveFromKeychain(serviceName: string, accountName: string): string | null;
+/**
+ * Delete a password from the system keychain.
+ * Returns true if deleted, false if not found.
+ * Throws KeychainNotAvailableError if the keychain is not accessible.
+ */
+export declare function deleteFromKeychain(serviceName: string, accountName: string): boolean;
+/**
+ * Check if the system keychain is available.
+ */
+export declare function isKeychainAvailable(serviceName: string, accountName: string): boolean;
+//# sourceMappingURL=keychain.d.ts.map

package/dist/src/keychain.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"keychain.d.ts","sourceRoot":"","sources":["../../src/keychain.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,qBAAa,aAAc,SAAQ,KAAK;gBAC1B,OAAO,EAAE,MAAM;CAI5B;AAED,qBAAa,yBAA0B,SAAQ,aAAa;gBAC9C,OAAO,EAAE,MAAM;CAI5B;AASD;;;GAGG;AACH,wBAAgB,eAAe,CAAC,WAAW,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,IAAI,CAShG;AAED;;;;GAIG;AACH,wBAAgB,oBAAoB,CAAC,WAAW,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAmB5F;AAED;;;;GAIG;AACH,wBAAgB,kBAAkB,CAAC,WAAW,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,GAAG,OAAO,CAgBpF;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,WAAW,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,GAAG,OAAO,CAQrF"}

package/dist/src/keychain.js ADDED Viewed

@@ -0,0 +1,94 @@
+/**
+ * System keychain integration for secure password storage.
+ * Uses @napi-rs/keyring for cross-platform support (macOS Keychain, Windows Credential Manager,
+ * Linux Secret Service via keyutils/kernel keyring).
+ */
+import { Entry } from '@napi-rs/keyring';
+export class KeychainError extends Error {
+    constructor(message) {
+        super(message);
+        this.name = 'KeychainError';
+    }
+}
+export class KeychainNotAvailableError extends KeychainError {
+    constructor(message) {
+        super(message);
+        this.name = 'KeychainNotAvailableError';
+    }
+}
+/**
+ * Get a keyring entry.
+ */
+function getEntry(serviceName, accountName) {
+    return new Entry(serviceName, accountName);
+}
+/**
+ * Store a password in the system keychain.
+ * Throws KeychainNotAvailableError if the keychain is not accessible.
+ */
+export function storeInKeychain(serviceName, accountName, password) {
+    try {
+        const entry = getEntry(serviceName, accountName);
+        entry.setPassword(password);
+    }
+    catch (error) {
+        throw new KeychainNotAvailableError(`Failed to store password in keychain: ${error instanceof Error ? error.message : String(error)}`);
+    }
+}
+/**
+ * Retrieve a password from the system keychain.
+ * Returns null if the password is not found.
+ * Throws KeychainNotAvailableError if the keychain is not accessible.
+ */
+export function retrieveFromKeychain(serviceName, accountName) {
+    try {
+        const entry = getEntry(serviceName, accountName);
+        const password = entry.getPassword();
+        return password ?? null;
+    }
+    catch (error) {
+        const errorMessage = error instanceof Error ? error.message : String(error);
+        // Check if it's a "not found" error
+        if (errorMessage.includes('not found') ||
+            errorMessage.includes('No password') ||
+            errorMessage.includes('ItemNotFound')) {
+            return null;
+        }
+        throw new KeychainNotAvailableError(`Failed to retrieve password from keychain: ${errorMessage}`);
+    }
+}
+/**
+ * Delete a password from the system keychain.
+ * Returns true if deleted, false if not found.
+ * Throws KeychainNotAvailableError if the keychain is not accessible.
+ */
+export function deleteFromKeychain(serviceName, accountName) {
+    try {
+        const entry = getEntry(serviceName, accountName);
+        entry.deletePassword();
+        return true;
+    }
+    catch (error) {
+        const errorMessage = error instanceof Error ? error.message : String(error);
+        if (errorMessage.includes('not found') ||
+            errorMessage.includes('No password') ||
+            errorMessage.includes('ItemNotFound')) {
+            return false;
+        }
+        throw new KeychainNotAvailableError(`Failed to delete password from keychain: ${errorMessage}`);
+    }
+}
+/**
+ * Check if the system keychain is available.
+ */
+export function isKeychainAvailable(serviceName, accountName) {
+    try {
+        // Try to create an entry - this should work on all supported platforms
+        getEntry(serviceName, accountName);
+        return true;
+    }
+    catch {
+        return false;
+    }
+}
+//# sourceMappingURL=keychain.js.map

package/dist/src/keychain.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"keychain.js","sourceRoot":"","sources":["../../src/keychain.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AAEzC,MAAM,OAAO,aAAc,SAAQ,KAAK;IACtC,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,eAAe,CAAC;IAC9B,CAAC;CACF;AAED,MAAM,OAAO,yBAA0B,SAAQ,aAAa;IAC1D,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,2BAA2B,CAAC;IAC1C,CAAC;CACF;AAED;;GAEG;AACH,SAAS,QAAQ,CAAC,WAAmB,EAAE,WAAmB;IACxD,OAAO,IAAI,KAAK,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC;AAC7C,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,eAAe,CAAC,WAAmB,EAAE,WAAmB,EAAE,QAAgB;IACxF,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,QAAQ,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC;QACjD,KAAK,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;IAC9B,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,IAAI,yBAAyB,CACjC,yCAAyC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAClG,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,oBAAoB,CAAC,WAAmB,EAAE,WAAmB;IAC3E,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,QAAQ,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC;QACjD,MAAM,QAAQ,GAAG,KAAK,CAAC,WAAW,EAAE,CAAC;QACrC,OAAO,QAAQ,IAAI,IAAI,CAAC;IAC1B,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,YAAY,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAC5E,oCAAoC;QACpC,IACE,YAAY,CAAC,QAAQ,CAAC,WAAW,CAAC;YAClC,YAAY,CAAC,QAAQ,CAAC,aAAa,CAAC;YACpC,YAAY,CAAC,QAAQ,CAAC,cAAc,CAAC,EACrC,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QACD,MAAM,IAAI,yBAAyB,CACjC,8CAA8C,YAAY,EAAE,CAC7D,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,kBAAkB,CAAC,WAAmB,EAAE,WAAmB;IACzE,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,QAAQ,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC;QACjD,KAAK,CAAC,cAAc,EAAE,CAAC;QACvB,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,YAAY,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAC5E,IACE,YAAY,CAAC,QAAQ,CAAC,WAAW,CAAC;YAClC,YAAY,CAAC,QAAQ,CAAC,aAAa,CAAC;YACpC,YAAY,CAAC,QAAQ,CAAC,cAAc,CAAC,EACrC,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC;QACD,MAAM,IAAI,yBAAyB,CAAC,4CAA4C,YAAY,EAAE,CAAC,CAAC;IAClG,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,mBAAmB,CAAC,WAAmB,EAAE,WAAmB;IAC1E,IAAI,CAAC;QACH,uEAAuE;QACvE,QAAQ,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC;QACnC,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC"}

package/dist/src/playwrightUtils.d.ts ADDED Viewed

@@ -0,0 +1,27 @@
+/**
+ * Playwright utility functions for browser automation.
+ */
+import type { Browser, BrowserContext, Page, Locator } from 'playwright';
+import { EncryptedStorage } from './encryptedStorage.js';
+export interface BrowserWithContext {
+    readonly browser: Browser;
+    readonly context: BrowserContext;
+}
+/**
+ * Run a callback with a browser context initialized from encrypted storage state.
+ * After the callback completes, persists browser state back to encrypted storage.
+ */
+export declare function withTempBrowserContext<T>(encryptedStorage: EncryptedStorage, browserStatePath: string, callback: (state: BrowserWithContext) => Promise<T>): Promise<T>;
+/**
+ * Type text character by character with random delays to simulate human typing.
+ *
+ * This triggers proper JavaScript input events that some websites require,
+ * unlike fill() which sets the value directly.
+ */
+export declare function typeLikeHuman(page: Page, locator: Locator, text: string): Promise<void>;
+/**
+ * Show a spinner overlay that hides page content from the user.
+ * The overlay persists across page navigations within the browser context.
+ */
+export declare function showSpinnerPage(context: BrowserContext, serviceName: string): Promise<void>;
+//# sourceMappingURL=playwrightUtils.d.ts.map

package/dist/src/playwrightUtils.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"playwrightUtils.d.ts","sourceRoot":"","sources":["../../src/playwrightUtils.ts"],"names":[],"mappings":"AAAA;;GAEG;AAKH,OAAO,KAAK,EAAE,OAAO,EAAE,cAAc,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,YAAY,CAAC;AACzE,OAAO,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AAEzD,MAAM,WAAW,kBAAkB;IACjC,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC;IAC1B,QAAQ,CAAC,OAAO,EAAE,cAAc,CAAC;CAClC;AAED;;;GAGG;AACH,wBAAsB,sBAAsB,CAAC,CAAC,EAC5C,gBAAgB,EAAE,gBAAgB,EAClC,gBAAgB,EAAE,MAAM,EACxB,QAAQ,EAAE,CAAC,KAAK,EAAE,kBAAkB,KAAK,OAAO,CAAC,CAAC,CAAC,GAClD,OAAO,CAAC,CAAC,CAAC,CAuCZ;AAMD;;;;;GAKG;AACH,wBAAsB,aAAa,CAAC,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAS7F;AAmDD;;;GAGG;AACH,wBAAsB,eAAe,CAAC,OAAO,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAIjG"}

package/dist/src/playwrightUtils.js ADDED Viewed

@@ -0,0 +1,122 @@
+/**
+ * Playwright utility functions for browser automation.
+ */
+import { existsSync, mkdtempSync, readFileSync, rmSync, writeFileSync } from 'node:fs';
+import { tmpdir } from 'node:os';
+import { join } from 'node:path';
+/**
+ * Run a callback with a browser context initialized from encrypted storage state.
+ * After the callback completes, persists browser state back to encrypted storage.
+ */
+export async function withTempBrowserContext(encryptedStorage, browserStatePath, callback) {
+    const tempDir = mkdtempSync(join(tmpdir(), 'latchkey-browser-state-'));
+    const tempFilePath = join(tempDir, 'browser_state.json');
+    let initialStorageState;
+    if (existsSync(browserStatePath)) {
+        const content = encryptedStorage.readFile(browserStatePath);
+        if (content !== null) {
+            writeFileSync(tempFilePath, content, { encoding: 'utf-8', mode: 0o600 });
+            initialStorageState = tempFilePath;
+        }
+    }
+    const { chromium: chromiumBrowser } = await import('playwright');
+    const browser = await chromiumBrowser.launch({ headless: false });
+    try {
+        const contextOptions = {};
+        if (initialStorageState !== undefined) {
+            contextOptions.storageState = initialStorageState;
+        }
+        const context = await browser.newContext(contextOptions);
+        const result = await callback({ browser, context });
+        // Persist browser state back to encrypted storage
+        await context.storageState({ path: tempFilePath });
+        const content = readFileSync(tempFilePath, 'utf-8');
+        encryptedStorage.writeFile(browserStatePath, content);
+        return result;
+    }
+    finally {
+        await browser.close();
+        try {
+            rmSync(tempDir, { recursive: true, force: true });
+        }
+        catch {
+            // Ignore cleanup errors
+        }
+    }
+}
+// Typing delay range in milliseconds (min, max) to simulate human-like typing
+const TYPING_DELAY_MIN_MS = 30;
+const TYPING_DELAY_MAX_MS = 100;
+/**
+ * Type text character by character with random delays to simulate human typing.
+ *
+ * This triggers proper JavaScript input events that some websites require,
+ * unlike fill() which sets the value directly.
+ */
+export async function typeLikeHuman(page, locator, text) {
+    await locator.click();
+    for (const character of text) {
+        await locator.pressSequentially(character);
+        const delay = Math.floor(Math.random() * (TYPING_DELAY_MAX_MS - TYPING_DELAY_MIN_MS + 1)) +
+            TYPING_DELAY_MIN_MS;
+        await page.waitForTimeout(delay);
+    }
+}
+// Script that creates the spinner overlay, designed to run in browser context
+function createSpinnerOverlayScript(serviceName) {
+    return `
+(() => {
+  if (document.getElementById('latchkey-spinner-overlay')) return;
+  const overlay = document.createElement('div');
+  overlay.id = 'latchkey-spinner-overlay';
+  overlay.innerHTML = \`
+    <style>
+      #latchkey-spinner-overlay {
+        position: fixed;
+        top: 0;
+        left: 0;
+        width: 100%;
+        height: 100%;
+        background: #f5f5f5;
+        display: flex;
+        flex-direction: column;
+        justify-content: center;
+        align-items: center;
+        z-index: 2147483647;
+        font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif;
+        pointer-events: none;
+      }
+      #latchkey-spinner-overlay .spinner {
+        width: 50px;
+        height: 50px;
+        border: 4px solid #e0e0e0;
+        border-top-color: #007bff;
+        border-radius: 50%;
+        animation: latchkey-spin 1s linear infinite;
+      }
+      #latchkey-spinner-overlay .message {
+        margin-top: 20px;
+        color: #555;
+        font-size: 16px;
+      }
+      @keyframes latchkey-spin {
+        to { transform: rotate(360deg); }
+      }
+    </style>
+    <div class="spinner"></div>
+    <div class="message">Finalizing ${serviceName} login...</div>
+  \`;
+  document.body.appendChild(overlay);
+})()
+`;
+}
+/**
+ * Show a spinner overlay that hides page content from the user.
+ * The overlay persists across page navigations within the browser context.
+ */
+export async function showSpinnerPage(context, serviceName) {
+    const spinnerPage = await context.newPage();
+    await spinnerPage.evaluate(createSpinnerOverlayScript(serviceName));
+    await spinnerPage.bringToFront();
+}
+//# sourceMappingURL=playwrightUtils.js.map

package/dist/src/playwrightUtils.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"playwrightUtils.js","sourceRoot":"","sources":["../../src/playwrightUtils.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AACvF,OAAO,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AACjC,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AASjC;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAC1C,gBAAkC,EAClC,gBAAwB,EACxB,QAAmD;IAEnD,MAAM,OAAO,GAAG,WAAW,CAAC,IAAI,CAAC,MAAM,EAAE,EAAE,yBAAyB,CAAC,CAAC,CAAC;IACvE,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO,EAAE,oBAAoB,CAAC,CAAC;IAEzD,IAAI,mBAAuC,CAAC;IAC5C,IAAI,UAAU,CAAC,gBAAgB,CAAC,EAAE,CAAC;QACjC,MAAM,OAAO,GAAG,gBAAgB,CAAC,QAAQ,CAAC,gBAAgB,CAAC,CAAC;QAC5D,IAAI,OAAO,KAAK,IAAI,EAAE,CAAC;YACrB,aAAa,CAAC,YAAY,EAAE,OAAO,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;YACzE,mBAAmB,GAAG,YAAY,CAAC;QACrC,CAAC;IACH,CAAC;IAED,MAAM,EAAE,QAAQ,EAAE,eAAe,EAAE,GAAG,MAAM,MAAM,CAAC,YAAY,CAAC,CAAC;IACjE,MAAM,OAAO,GAAG,MAAM,eAAe,CAAC,MAAM,CAAC,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC,CAAC;IAElE,IAAI,CAAC;QACH,MAAM,cAAc,GAA8B,EAAE,CAAC;QACrD,IAAI,mBAAmB,KAAK,SAAS,EAAE,CAAC;YACtC,cAAc,CAAC,YAAY,GAAG,mBAAmB,CAAC;QACpD,CAAC;QACD,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,UAAU,CAAC,cAAc,CAAC,CAAC;QAEzD,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC,CAAC;QAEpD,kDAAkD;QAClD,MAAM,OAAO,CAAC,YAAY,CAAC,EAAE,IAAI,EAAE,YAAY,EAAE,CAAC,CAAC;QACnD,MAAM,OAAO,GAAG,YAAY,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;QACpD,gBAAgB,CAAC,SAAS,CAAC,gBAAgB,EAAE,OAAO,CAAC,CAAC;QAEtD,OAAO,MAAM,CAAC;IAChB,CAAC;YAAS,CAAC;QACT,MAAM,OAAO,CAAC,KAAK,EAAE,CAAC;QACtB,IAAI,CAAC;YACH,MAAM,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QACpD,CAAC;QAAC,MAAM,CAAC;YACP,wBAAwB;QAC1B,CAAC;IACH,CAAC;AACH,CAAC;AAED,8EAA8E;AAC9E,MAAM,mBAAmB,GAAG,EAAE,CAAC;AAC/B,MAAM,mBAAmB,GAAG,GAAG,CAAC;AAEhC;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,IAAU,EAAE,OAAgB,EAAE,IAAY;IAC5E,MAAM,OAAO,CAAC,KAAK,EAAE,CAAC;IACtB,KAAK,MAAM,SAAS,IAAI,IAAI,EAAE,CAAC;QAC7B,MAAM,OAAO,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC;QAC3C,MAAM,KAAK,GACT,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,CAAC,mBAAmB,GAAG,mBAAmB,GAAG,CAAC,CAAC,CAAC;YAC3E,mBAAmB,CAAC;QACtB,MAAM,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;IACnC,CAAC;AACH,CAAC;AAED,8EAA8E;AAC9E,SAAS,0BAA0B,CAAC,WAAmB;IACrD,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;sCAwC6B,WAAW;;;;CAIhD,CAAC;AACF,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,OAAuB,EAAE,WAAmB;IAChF,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,OAAO,EAAE,CAAC;IAC5C,MAAM,WAAW,CAAC,QAAQ,CAAC,0BAA0B,CAAC,WAAW,CAAC,CAAC,CAAC;IACpE,MAAM,WAAW,CAAC,YAAY,EAAE,CAAC;AACnC,CAAC"}

package/dist/src/registry.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+/**
+ * Service registry for looking up services by name or URL.
+ */
+import { Service } from './services/index.js';
+export declare class Registry {
+    readonly services: readonly Service[];
+    constructor(services: readonly Service[]);
+    getByName(name: string): Service | null;
+    getByUrl(url: string): Service | null;
+}
+export declare const REGISTRY: Registry;
+//# sourceMappingURL=registry.d.ts.map

package/dist/src/registry.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"registry.d.ts","sourceRoot":"","sources":["../../src/registry.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,OAAO,EAA2C,MAAM,qBAAqB,CAAC;AAEvF,qBAAa,QAAQ;IACnB,QAAQ,CAAC,QAAQ,EAAE,SAAS,OAAO,EAAE,CAAC;gBAE1B,QAAQ,EAAE,SAAS,OAAO,EAAE;IAIxC,SAAS,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,GAAG,IAAI;IASvC,QAAQ,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,GAAG,IAAI;CAUtC;AAED,eAAO,MAAM,QAAQ,UAA0D,CAAC"}

package/dist/src/registry.js ADDED Viewed

@@ -0,0 +1,30 @@
+/**
+ * Service registry for looking up services by name or URL.
+ */
+import { SLACK, DISCORD, DROPBOX, GITHUB, LINEAR } from './services/index.js';
+export class Registry {
+    services;
+    constructor(services) {
+        this.services = services;
+    }
+    getByName(name) {
+        for (const service of this.services) {
+            if (service.name === name) {
+                return service;
+            }
+        }
+        return null;
+    }
+    getByUrl(url) {
+        for (const service of this.services) {
+            for (const baseApiUrl of service.baseApiUrls) {
+                if (url.startsWith(baseApiUrl)) {
+                    return service;
+                }
+            }
+        }
+        return null;
+    }
+}
+export const REGISTRY = new Registry([SLACK, DISCORD, DROPBOX, GITHUB, LINEAR]);
+//# sourceMappingURL=registry.js.map