norn-cli 1.8.0 → 1.10.0

package/dist/cli.js

@@ -109375,6 +109375,9 @@ init_quotedString();
 var fs8 = __toESM(require("fs"));
 var path6 = __toESM(require("path"));
 
+// src/sqlBuiltInAdapters.ts
+var import_child_process2 = require("child_process");
+
 // node_modules/pg/esm/index.mjs
 var import_lib = __toESM(require_lib2(), 1);
 var Client = import_lib.default.Client;
@@ -109395,16 +109398,23 @@ var BUILT_IN_SQL_ADAPTERS = [
   {
     id: "postgres",
     label: "PostgreSQL",
-    description: "Built-in PostgreSQL adapter using either a connection string or split connection values.",
-    connectionSetupSummary: "connectionString OR host/server + database + user + password",
-    optionalConnectionKeys: ["port", "ssl", "rejectUnauthorized", "schema", "applicationName"]
+    description: "Built-in PostgreSQL adapter using a connection string.",
+    connectionSetupSummary: "connectionString",
+    optionalConnectionKeys: []
   },
   {
     id: "sqlserver",
     label: "SQL Server",
-    description: "Built-in SQL Server adapter using either a connection string or split connection values.",
-    connectionSetupSummary: "connectionString OR host/server + database + user + password",
-    optionalConnectionKeys: ["port", "encrypt", "trustServerCertificate", "instanceName", "connectionTimeout", "requestTimeout", "appName", "domain"]
+    description: "Built-in SQL Server adapter using a connection string.",
+    connectionSetupSummary: "connectionString",
+    optionalConnectionKeys: []
+  },
+  {
+    id: "sqlserver-integrated",
+    label: "SQL Server (Integrated Auth)",
+    description: "Built-in SQL Server adapter using PowerShell for Windows/Trusted authentication.",
+    connectionSetupSummary: "connectionString",
+    optionalConnectionKeys: []
   }
 ];
 var BUILT_IN_SQL_ADAPTER_MAP = new Map(
@@ -109426,31 +109436,222 @@ function getConnectionValue(values, ...keys) {
 function getConnectionString(values) {
   return getConnectionValue(values, "connectionString");
 }
-function parseBoolean(value, defaultValue) {
-  if (value === void 0 || value === null || value === "") {
-    return defaultValue;
+function buildMissingConnectionError(adapterLabel, profile) {
+  return `Missing required ${adapterLabel} connection string. Expected 'connectionString ${profile} = ...' in .nornenv.`;
+}
+var pwshAvailable2 = null;
+function isPwshAvailable2() {
+  if (pwshAvailable2 !== null) {
+    return pwshAvailable2;
   }
-  const normalized = value.trim().toLowerCase();
-  if (["true", "1", "yes", "on"].includes(normalized)) {
-    return true;
+  try {
+    const result = (0, import_child_process2.spawnSync)("pwsh", ["--version"], {
+      timeout: 5e3,
+      stdio: "pipe"
+    });
+    pwshAvailable2 = result.status === 0;
+  } catch (error) {
+    pwshAvailable2 = false;
   }
-  if (["false", "0", "no", "off"].includes(normalized)) {
+  return pwshAvailable2;
+}
+function getPowerShellCommand() {
+  return isPwshAvailable2() ? "pwsh" : "powershell";
+}
+function encodePowerShellCommand(script) {
+  return Buffer.from(script, "utf16le").toString("base64");
+}
+async function runSqlServerIntegratedViaPowerShell(request) {
+  const script = `
+$ErrorActionPreference = 'Stop'
+[Console]::InputEncoding = [System.Text.Encoding]::UTF8
+[Console]::OutputEncoding = [System.Text.Encoding]::UTF8
+
+$raw = [Console]::In.ReadToEnd()
+if ([string]::IsNullOrWhiteSpace($raw)) {
+    throw 'Missing SQL adapter payload.'
+}
+
+$payload = $raw | ConvertFrom-Json -Depth 100
+$connectionString = [string]$payload.connection.values.connectionString
+if ([string]::IsNullOrWhiteSpace($connectionString)) {
+    throw 'Missing SQL Server Integrated Auth connection string.'
+}
+
+$sqlText = [string]$payload.operation.sql
+$mode = [string]$payload.mode
+$paramsObject = $payload.params
+
+$connection = $null
+try {
+    $connection = New-Object System.Data.SqlClient.SqlConnection $connectionString
+    $command = $connection.CreateCommand()
+    $command.CommandText = $sqlText
+
+    if ($null -ne $paramsObject) {
+        foreach ($property in $paramsObject.PSObject.Properties) {
+            $value = $property.Value
+            if ($null -eq $value) {
+                $value = [DBNull]::Value
+            } elseif ($value -is [datetime]) {
+                $value = $value.ToUniversalTime()
+            } elseif ($value -is [System.Collections.IEnumerable] -and -not ($value -is [string]) -and -not ($value -is [byte[]])) {
+                $value = ($value | ConvertTo-Json -Depth 100 -Compress)
+            } elseif ($value -is [pscustomobject]) {
+                $value = ($value | ConvertTo-Json -Depth 100 -Compress)
+            }
+            [void]$command.Parameters.AddWithValue("@$($property.Name)", $value)
+        }
+    }
+
+    $connection.Open()
+
+    if ($mode -eq 'query') {
+        $reader = $command.ExecuteReader()
+        $rows = @()
+
+        try {
+            while ($reader.Read()) {
+                $row = [ordered]@{}
+                for ($i = 0; $i -lt $reader.FieldCount; $i++) {
+                    $value = $reader.GetValue($i)
+                    if ($value -is [DBNull]) {
+                        $value = $null
+                    } elseif ($value -is [datetime]) {
+                        $value = $value.ToString('o')
+                    } elseif ($value -is [byte[]]) {
+                        $value = [Convert]::ToBase64String($value)
+                    }
+                    $row[$reader.GetName($i)] = $value
+                }
+                $rows += [pscustomobject]$row
+            }
+        } finally {
+            $reader.Close()
+        }
+
+        $response = [pscustomobject]@{
+            success = $true
+            result = [pscustomobject]@{
+                kind = 'rows'
+                rowCount = @($rows).Count
+                rows = @($rows)
+            }
+        }
+    } else {
+        $affectedRows = $command.ExecuteNonQuery()
+        if ($affectedRows -lt 0) {
+            $affectedRows = 0
+        }
+        $response = [pscustomobject]@{
+            success = $true
+            result = [pscustomobject]@{
+                kind = 'exec'
+                affectedRows = $affectedRows
+            }
+        }
+    }
+
+    $response | ConvertTo-Json -Depth 100 -Compress
+}
+catch {
+    $details = @()
+    if ($_.Exception -and $_.Exception.GetType()) {
+        $details += "type: $($_.Exception.GetType().FullName)"
+    }
+    if ($_.InvocationInfo -and $_.InvocationInfo.ScriptLineNumber) {
+        $details += "line: $($_.InvocationInfo.ScriptLineNumber)"
+    }
+    if ($_.FullyQualifiedErrorId) {
+        $details += "id: $($_.FullyQualifiedErrorId)"
+    }
+    $suffix = if ($details.Count -gt 0) { " ($($details -join ', '))" } else { '' }
+    [Console]::Error.WriteLine("$($_.Exception.Message)$suffix")
+    exit 1
+}
+finally {
+    if ($null -ne $connection) {
+        $connection.Dispose()
+    }
+}
+`.trim();
+  const payload = JSON.stringify(request);
+  const command = getPowerShellCommand();
+  const commandArgs = ["-NoProfile", "-NonInteractive", "-ExecutionPolicy", "Bypass", "-OutputFormat", "Text", "-EncodedCommand", encodePowerShellCommand(script)];
+  return new Promise((resolve11, reject) => {
+    const child = (0, import_child_process2.spawn)(command, commandArgs, {
+      cwd: request.context?.workingDir || process.cwd(),
+      shell: false,
+      env: {
+        ...process.env
+      }
+    });
+    let stdout = "";
+    let stderr = "";
+    child.stdout.on("data", (data) => {
+      stdout += data.toString();
+    });
+    child.stderr.on("data", (data) => {
+      stderr += data.toString();
+    });
+    child.on("error", (error) => {
+      reject(new Error(`Failed to start PowerShell for SQL Server Integrated Auth: ${error.message}`));
+    });
+    child.on("close", (code) => {
+      if (code !== 0) {
+        reject(new Error((stderr || stdout || `PowerShell exited with code ${code}`).trim()));
+        return;
+      }
+      try {
+        const parsed = JSON.parse(stdout.trim());
+        resolve11(parsed);
+      } catch (error) {
+        reject(new Error(`Invalid PowerShell SQL adapter response: ${error instanceof Error ? error.message : String(error)}`));
+      }
+    });
+    child.stdin.write(payload);
+    child.stdin.end();
+  });
+}
+function shouldPassThroughError(error) {
+  if (!(error instanceof Error)) {
     return false;
   }
-  return defaultValue;
+  return /^(Missing required|Missing SQL parameter|Invalid )/.test(error.message);
 }
-function parseOptionalNumber(value, label) {
-  if (value === void 0 || value === null || value.trim() === "") {
-    return void 0;
-  }
-  const parsed = Number(value);
-  if (!Number.isFinite(parsed)) {
-    fail(`Invalid ${label} '${value}'`);
+function formatBuiltInDriverError(adapterLabel, error) {
+  if (shouldPassThroughError(error)) {
+    return error;
   }
-  return parsed;
-}
-function buildMissingConnectionError(adapterLabel) {
-  return `Missing required ${adapterLabel} connection values. Expected connectionString or host/server, database, user, and password.`;
+  const candidate = error;
+  const baseMessage = error instanceof Error ? error.message : typeof error === "string" ? error : "Unknown database error";
+  const details = [];
+  const append2 = (label, value) => {
+    if (value === void 0 || value === null || `${value}`.trim() === "") {
+      return;
+    }
+    details.push(`${label}: ${value}`);
+  };
+  append2("code", candidate?.code);
+  append2("number", candidate?.number);
+  append2("state", candidate?.state);
+  append2("severity", candidate?.severity ?? candidate?.class);
+  append2("detail", candidate?.detail);
+  append2("hint", candidate?.hint);
+  append2("schema", candidate?.schema);
+  append2("table", candidate?.table);
+  append2("column", candidate?.column);
+  append2("constraint", candidate?.constraint);
+  append2("routine", candidate?.routine);
+  append2("line", candidate?.lineNumber);
+  append2("procedure", candidate?.procName);
+  append2("server", candidate?.serverName);
+  const precedingErrors = Array.isArray(candidate?.precedingErrors) ? (candidate?.precedingErrors).map((item) => item?.message).filter((message) => message !== void 0 && message !== null && `${message}`.trim() !== "") : [];
+  if (precedingErrors.length > 0) {
+    details.push(`precedingErrors: ${precedingErrors.join(" | ")}`);
+  }
+  const suffix = details.length > 0 ? ` (${details.join(", ")})` : "";
+  return new Error(`${adapterLabel} driver error: ${baseMessage}${suffix}`);
 }
 function compilePostgresSql(sql, params) {
   const values = [];
@@ -109485,31 +109686,12 @@ function compileSqlServerSql(sql, params) {
 async function runBuiltInPostgresAdapter(request) {
   const values = request.connection.values;
   const connectionString = getConnectionString(values);
-  const host = getConnectionValue(values, "host", "server");
-  const database = getConnectionValue(values, "database");
-  const user = getConnectionValue(values, "user");
-  const password = getConnectionValue(values, "password");
-  const client = connectionString ? new Client(connectionString) : (() => {
-    if (!host || !database || !user || !password) {
-      fail(buildMissingConnectionError("Postgres"));
-    }
-    const port = parseOptionalNumber(values.port, "Postgres port") ?? 5432;
-    return new Client({
-      host,
-      port,
-      database,
-      user,
-      password,
-      ssl: parseBoolean(values.ssl, false) ? { rejectUnauthorized: parseBoolean(values.rejectUnauthorized, false) } : false,
-      application_name: values.applicationName || "norn-sql"
-    });
-  })();
+  if (!connectionString) {
+    fail(buildMissingConnectionError("Postgres", request.connection.profile));
+  }
+  const client = new Client(connectionString);
   try {
     await client.connect();
-    if (values.schema) {
-      const safeSchema = values.schema.replace(/"/g, '""');
-      await client.query(`set search_path to "${safeSchema}"`);
-    }
     const compiled = compilePostgresSql(request.operation.sql, request.params || {});
     const result = await client.query(compiled.text, compiled.values);
     if (request.mode === "query") {
@@ -109529,6 +109711,8 @@ async function runBuiltInPostgresAdapter(request) {
         affectedRows: result.rowCount ?? 0
       }
     };
+  } catch (error) {
+    throw formatBuiltInDriverError("Postgres", error);
   } finally {
     await client.end().catch(() => void 0);
   }
@@ -109536,53 +109720,10 @@ async function runBuiltInPostgresAdapter(request) {
 async function runBuiltInSqlServerAdapter(request) {
   const values = request.connection.values;
   const connectionString = getConnectionString(values);
-  const pool = connectionString ? new mssql.ConnectionPool(connectionString) : (() => {
-    const server = getConnectionValue(values, "server", "host");
-    const database = getConnectionValue(values, "database");
-    const user = getConnectionValue(values, "user");
-    const password = getConnectionValue(values, "password");
-    if (!server || !database || !user || !password) {
-      fail(buildMissingConnectionError("SQL Server"));
-    }
-    const port = parseOptionalNumber(values.port, "SQL Server port");
-    const connectionTimeout = parseOptionalNumber(values.connectionTimeout, "SQL Server connectionTimeout");
-    const requestTimeout = parseOptionalNumber(values.requestTimeout, "SQL Server requestTimeout");
-    const config = {
-      server,
-      database,
-      user,
-      password,
-      options: {
-        encrypt: parseBoolean(values.encrypt, false),
-        trustServerCertificate: parseBoolean(values.trustServerCertificate, false)
-      }
-    };
-    if (port !== void 0) {
-      config.port = port;
-    }
-    if (values.instanceName) {
-      config.options = {
-        ...config.options,
-        instanceName: values.instanceName
-      };
-    }
-    if (values.appName) {
-      config.options = {
-        ...config.options,
-        appName: values.appName
-      };
-    }
-    if (values.domain) {
-      config.domain = values.domain;
-    }
-    if (connectionTimeout !== void 0) {
-      config.connectionTimeout = connectionTimeout;
-    }
-    if (requestTimeout !== void 0) {
-      config.requestTimeout = requestTimeout;
-    }
-    return new mssql.ConnectionPool(config);
-  })();
+  if (!connectionString) {
+    fail(buildMissingConnectionError("SQL Server", request.connection.profile));
+  }
+  const pool = new mssql.ConnectionPool(connectionString);
   try {
     await pool.connect();
     const compiled = compileSqlServerSql(request.operation.sql, request.params || {});
@@ -109610,10 +109751,33 @@ async function runBuiltInSqlServerAdapter(request) {
         affectedRows
       }
     };
+  } catch (error) {
+    throw formatBuiltInDriverError("SQL Server", error);
   } finally {
     await pool.close().catch(() => void 0);
   }
 }
+async function runBuiltInSqlServerIntegratedAdapter(request) {
+  const values = request.connection.values;
+  const connectionString = getConnectionString(values);
+  if (!connectionString) {
+    fail(buildMissingConnectionError("SQL Server Integrated Auth", request.connection.profile));
+  }
+  const compiled = compileSqlServerSql(request.operation.sql, request.params || {});
+  const compiledRequest = {
+    ...request,
+    operation: {
+      ...request.operation,
+      sql: compiled.text
+    },
+    params: Object.fromEntries(compiled.names.map((name) => [name, request.params?.[name] ?? null]))
+  };
+  try {
+    return await runSqlServerIntegratedViaPowerShell(compiledRequest);
+  } catch (error) {
+    throw formatBuiltInDriverError("SQL Server Integrated Auth", error);
+  }
+}
 function isBuiltInSqlAdapter(adapterId) {
   return BUILT_IN_SQL_ADAPTER_MAP.has(adapterId.toLowerCase());
 }
@@ -109623,6 +109787,8 @@ async function runBuiltInSqlAdapter(adapterId, request) {
       return runBuiltInPostgresAdapter(request);
     case "sqlserver":
       return runBuiltInSqlServerAdapter(request);
+    case "sqlserver-integrated":
+      return runBuiltInSqlServerIntegratedAdapter(request);
     default:
       fail(`Built-in SQL adapter '${adapterId}' is not supported`);
   }
@@ -109800,7 +109966,7 @@ function resolveSqlAdapterTarget(startPath, adapterId) {
 }
 
 // src/sqlAdapterRunner.ts
-var import_child_process2 = require("child_process");
+var import_child_process3 = require("child_process");
 function isRowsResult(value) {
   if (!value || typeof value !== "object" || Array.isArray(value)) {
     return false;
@@ -109840,7 +110006,7 @@ async function runExternalSqlAdapter(command, request, workingDir) {
     throw new Error("SQL adapter command is empty");
   }
   return new Promise((resolve11, reject) => {
-    const child = (0, import_child_process2.spawn)(command[0], command.slice(1), {
+    const child = (0, import_child_process3.spawn)(command[0], command.slice(1), {
       cwd: workingDir,
       env: process.env,
       shell: false
@@ -110161,23 +110327,35 @@ function splitNamedArgumentList(argsStr) {
   }
   return parts;
 }
-function parseNamedSqlArguments(argsStr) {
+function parseSqlArguments(argsStr) {
   if (!argsStr.trim()) {
     return { args: [] };
   }
   const parts = splitNamedArgumentList(argsStr);
   const args = [];
+  let sawNamedArgument = false;
   for (const part of parts) {
-    const match = part.match(/^([a-zA-Z_][a-zA-Z0-9_]*)\s*:\s*(.+)$/);
-    if (!match) {
+    const trimmed = part.trim();
+    if (!trimmed) {
+      continue;
+    }
+    const match = trimmed.match(/^([a-zA-Z_][a-zA-Z0-9_]*)\s*:\s*(.+)$/);
+    if (match) {
+      sawNamedArgument = true;
+      args.push({
+        name: match[1],
+        valueExpression: match[2].trim()
+      });
+      continue;
+    }
+    if (sawNamedArgument) {
       return {
         args: [],
-        error: "SQL arguments must use named syntax: run sql Name(param: value)"
+        error: "Positional SQL arguments cannot follow named arguments."
       };
     }
     args.push({
-      name: match[1],
-      valueExpression: match[2].trim()
+      valueExpression: trimmed
     });
   }
   return { args };
@@ -110191,7 +110369,7 @@ function parseRunSqlCommand(line2) {
   if (!match) {
     return null;
   }
-  const parsedArgs = parseNamedSqlArguments(match[3] || "");
+  const parsedArgs = parseSqlArguments(match[3] || "");
   if (parsedArgs.error) {
     return {
       variableName: match[1],
@@ -110206,6 +110384,52 @@ function parseRunSqlCommand(line2) {
     args: parsedArgs.args
   };
 }
+function bindSqlArguments(parameterNames, args, runtimeVariables) {
+  const resolvedParams = {};
+  const boundParams = /* @__PURE__ */ new Set();
+  let positionalIndex = 0;
+  let sawNamedArgument = false;
+  for (const arg of args) {
+    if (arg.name) {
+      sawNamedArgument = true;
+      const declaredParam2 = parameterNames.find((param) => param.toLowerCase() === arg.name.toLowerCase());
+      if (!declaredParam2) {
+        return { error: `Unknown SQL parameter '${arg.name}'.` };
+      }
+      const declaredLower = declaredParam2.toLowerCase();
+      if (boundParams.has(declaredLower)) {
+        return { error: `Duplicate SQL parameter '${declaredParam2}' in run sql call.` };
+      }
+      const valueResult2 = evaluateSqlArgumentExpression(arg.valueExpression, runtimeVariables);
+      if (valueResult2.error) {
+        return { error: valueResult2.error };
+      }
+      resolvedParams[declaredParam2] = valueResult2.value;
+      boundParams.add(declaredLower);
+      continue;
+    }
+    if (sawNamedArgument) {
+      return { error: "Positional SQL arguments cannot follow named arguments." };
+    }
+    if (positionalIndex >= parameterNames.length) {
+      return { error: `Too many SQL arguments: expected ${parameterNames.length}.` };
+    }
+    const declaredParam = parameterNames[positionalIndex];
+    const valueResult = evaluateSqlArgumentExpression(arg.valueExpression, runtimeVariables);
+    if (valueResult.error) {
+      return { error: valueResult.error };
+    }
+    resolvedParams[declaredParam] = valueResult.value;
+    boundParams.add(declaredParam.toLowerCase());
+    positionalIndex++;
+  }
+  for (const param of parameterNames) {
+    if (!boundParams.has(param.toLowerCase())) {
+      return { error: `Missing required SQL parameter '${param}'.` };
+    }
+  }
+  return { params: resolvedParams };
+}
 function isVarRunSequenceCommand(line2) {
   const trimmed = line2.trim();
   if (!/^var\s+[a-zA-Z_][a-zA-Z0-9_]*\s*=\s*run\s+[a-zA-Z_][a-zA-Z0-9_-]*(?:\s*\([^)]*\))?(?:\s+retry\s+\d+)?(?:\s+backoff\s+\d+(?:\.\d+)?\s*(?:s|ms|seconds?|milliseconds?)?)?\s*$/i.test(trimmed)) {
@@ -111719,78 +111943,25 @@ async function runSequenceWithJar(sequenceContent, fileVariables, cookieJar, wor
               duration: Date.now() - startTime
             };
           }
-          const providedArgs = /* @__PURE__ */ new Map();
-          const declaredParams = new Set(operation.parameters.map((param) => param.toLowerCase()));
-          for (const arg of parsed.args) {
-            const lowerName = arg.name.toLowerCase();
-            if (providedArgs.has(lowerName)) {
-              errors.push(`Duplicate SQL parameter '${arg.name}' in run sql call.`);
-              return {
-                name: "",
-                success: false,
-                responses,
-                scriptResults,
-                assertionResults,
-                steps: orderedSteps,
-                errors,
-                duration: Date.now() - startTime
-              };
-            }
-            if (!declaredParams.has(lowerName)) {
-              errors.push(`Unknown SQL parameter '${arg.name}'.`);
-              return {
-                name: "",
-                success: false,
-                responses,
-                scriptResults,
-                assertionResults,
-                steps: orderedSteps,
-                errors,
-                duration: Date.now() - startTime
-              };
-            }
-            const valueResult = evaluateSqlArgumentExpression(arg.valueExpression, runtimeVariables);
-            if (valueResult.error) {
-              errors.push(`Step ${stepIdx + 1}: ${valueResult.error}`);
-              return {
-                name: "",
-                success: false,
-                responses,
-                scriptResults,
-                assertionResults,
-                steps: orderedSteps,
-                errors,
-                duration: Date.now() - startTime
-              };
-            }
-            providedArgs.set(lowerName, valueResult.value);
-          }
-          for (const param of operation.parameters) {
-            if (!providedArgs.has(param.toLowerCase())) {
-              errors.push(`Missing required SQL parameter '${param}'.`);
-              return {
-                name: "",
-                success: false,
-                responses,
-                scriptResults,
-                assertionResults,
-                steps: orderedSteps,
-                errors,
-                duration: Date.now() - startTime
-              };
-            }
+          const boundArgs = bindSqlArguments(operation.parameters, parsed.args, runtimeVariables);
+          if ("error" in boundArgs) {
+            errors.push(`Step ${stepIdx + 1}: ${boundArgs.error}`);
+            return {
+              name: "",
+              success: false,
+              responses,
+              scriptResults,
+              assertionResults,
+              steps: orderedSteps,
+              errors,
+              duration: Date.now() - startTime
+            };
           }
           const adapterWorkingDir = workingDir || process.cwd();
           try {
             const connection = resolveSqlConnection(executionContext?.filePath || adapterWorkingDir, operation.connectionName);
             const adapterTarget = resolveSqlAdapterTarget(executionContext?.filePath || adapterWorkingDir, connection.adapter);
             const connectionValues = getSqlConnectionValues(connection.profile, runtimeVariables);
-            const paramPayload = Object.fromEntries(
-              Array.from(providedArgs.entries()).map(([lowerName, value]) => {
-                const declaredName = operation.parameters.find((param) => param.toLowerCase() === lowerName) || lowerName;
-                return [declaredName, value];
-              })
-            );
             const adapterResponse = await runSqlAdapter(
               adapterTarget,
               {
@@ -111804,7 +111975,7 @@ async function runSequenceWithJar(sequenceContent, fileVariables, cookieJar, wor
                   connectionName: operation.connectionName,
                   sourcePath: operation.sourcePath
                 },
-                params: paramPayload,
+                params: boundArgs.params,
                 connection: {
                   name: connection.alias,
                   profile: connection.profile,
@@ -114326,7 +114497,9 @@ var ENV_FILENAME = ".nornenv";
 var importRegex = /^import\s+["']?(.+?)["']?\s*$/;
 var envRegex = /^\[env:([a-zA-Z_][a-zA-Z0-9_-]*)\]$/;
 var varRegex = /^var\s+([a-zA-Z_][a-zA-Z0-9_]*)\s*=\s*(.+)$/;
+var connectionStringRegex = /^connectionString\s+([a-zA-Z_][a-zA-Z0-9_]*)\s*=\s*(.+)$/;
 var secretRegex = /^secret\s+([a-zA-Z_][a-zA-Z0-9_]*)\s*=\s*(.+)$/;
+var secretConnectionStringRegex = /^secret\s+connectionString\s+([a-zA-Z_][a-zA-Z0-9_]*)\s*=\s*(.+)$/;
 function parseEnvFile(content, sourceFilePath) {
   const lines = content.split("\n");
   const config = {
@@ -114367,6 +114540,27 @@ function parseEnvFile(content, sourceFilePath) {
       config.environments.push(currentEnv);
       continue;
     }
+    const secretConnectionStringMatch = trimmed.match(secretConnectionStringRegex);
+    if (secretConnectionStringMatch) {
+      const profileName = secretConnectionStringMatch[1];
+      const varName = `${profileName}_connectionString`;
+      const varValue = secretConnectionStringMatch[2].trim();
+      config.secretDeclarations.push({
+        name: varName,
+        value: varValue,
+        envName: currentEnv?.name,
+        lineNumber: i,
+        filePath: sourceFilePath
+      });
+      config.secretNames.add(varName);
+      config.secretValues.set(varName, varValue);
+      if (currentEnv) {
+        currentEnv.variables[varName] = varValue;
+      } else {
+        config.common[varName] = varValue;
+      }
+      continue;
+    }
     const secretMatch = trimmed.match(secretRegex);
     if (secretMatch) {
       const varName = secretMatch[1];
@@ -114387,6 +114581,18 @@ function parseEnvFile(content, sourceFilePath) {
       }
       continue;
     }
+    const connectionStringMatch = trimmed.match(connectionStringRegex);
+    if (connectionStringMatch) {
+      const profileName = connectionStringMatch[1];
+      const varName = `${profileName}_connectionString`;
+      const varValue = connectionStringMatch[2].trim();
+      if (currentEnv) {
+        currentEnv.variables[varName] = varValue;
+      } else {
+        config.common[varName] = varValue;
+      }
+      continue;
+    }
     const varMatch = trimmed.match(varRegex);
     if (varMatch) {
       const varName = varMatch[1];
@@ -114661,6 +114867,7 @@ var import_process = require("process");
 var fs14 = __toESM(require("fs"));
 var path10 = __toESM(require("path"));
 var envRegex2 = /^\s*\[env:([a-zA-Z_][a-zA-Z0-9_-]*)\]\s*$/;
+var secretConnectionStringRegex2 = /^(\s*secret\s+connectionString\s+)([a-zA-Z_][a-zA-Z0-9_]*)(\s*=\s*)(.+)$/;
 var secretRegex2 = /^(\s*secret\s+)([a-zA-Z_][a-zA-Z0-9_]*)(\s*=\s*)(.+)$/;
 function splitContentLines(content) {
   return content.split(/\r?\n/);
@@ -114686,11 +114893,13 @@ function extractSecretLines(content, filePath) {
       currentEnv = envMatch[1];
       continue;
     }
+    const secretConnectionStringMatch = line2.match(secretConnectionStringRegex2);
     const secretMatch = line2.match(secretRegex2);
-    if (!secretMatch) {
+    if (!secretConnectionStringMatch && !secretMatch) {
       continue;
     }
-    const value = secretMatch[4].trim();
+    const secretName = secretConnectionStringMatch ? `${secretConnectionStringMatch[2]}_connectionString` : secretMatch[2];
+    const value = (secretConnectionStringMatch?.[4] ?? secretMatch[4]).trim();
     const encrypted = isEncryptedSecretValue(value);
     let kid;
     if (encrypted) {
@@ -114703,7 +114912,7 @@ function extractSecretLines(content, filePath) {
       filePath,
       lineNumber: i,
       envName: currentEnv,
-      name: secretMatch[2],
+      name: secretName,
       value,
       encrypted,
       kid
@@ -114717,11 +114926,16 @@ function updateSecretLineValue(content, lineNumber, newValue) {
     throw new Error(`Line ${lineNumber + 1} is out of range.`);
   }
   const line2 = lines[lineNumber];
+  const secretConnectionStringMatch = line2.match(secretConnectionStringRegex2);
   const secretMatch = line2.match(secretRegex2);
-  if (!secretMatch) {
+  if (!secretConnectionStringMatch && !secretMatch) {
     throw new Error(`Line ${lineNumber + 1} is not a secret declaration.`);
   }
-  lines[lineNumber] = `${secretMatch[1]}${secretMatch[2]}${secretMatch[3]}${newValue}`;
+  if (secretConnectionStringMatch) {
+    lines[lineNumber] = `${secretConnectionStringMatch[1]}${secretConnectionStringMatch[2]}${secretConnectionStringMatch[3]}${newValue}`;
+  } else {
+    lines[lineNumber] = `${secretMatch[1]}${secretMatch[2]}${secretMatch[3]}${newValue}`;
+  }
   return lines.join(detectEol(content));
 }
 function findSecretLine(content, variableName, envName) {

package/package.json

@@ -2,7 +2,7 @@
   "name": "norn-cli",
   "displayName": "Norn - REST Client",
   "description": "A powerful REST client for making HTTP requests with sequences, variables, scripts, and cookie support",
-  "version": "1.8.0",
+  "version": "1.10.0",
   "publisher": "Norn-PeterKrustanov",
   "author": {
     "name": "Peter Krastanov"
@@ -362,6 +362,12 @@
             "settings": {
               "foreground": "#85EA2C"
             }
+          },
+          {
+            "scope": "support.type.connection.nornenv",
+            "settings": {
+              "foreground": "#d7ba7d"
+            }
           }
         ]
       }