shroud-privacy 2.2.10 → 2.2.12

package/README.md

@@ -88,9 +88,10 @@ Shroud does not guarantee compliance — regex-based detection has limitations (
 ```bash
 openclaw --version    # ensure 2026.3.22+
 openclaw plugins install shroud-privacy
+openclaw gateway restart
 ```
 
-Configure in `~/.openclaw/openclaw.json` under `plugins.entries."shroud-privacy".config`. No OpenClaw file modifications needed — Shroud uses runtime interception only.
+That's it — Shroud is automatically enabled on install. All 100+ detectors are active with safe defaults, no configuration required. To customise, see [Configure](#configure).
 
 ### Any agent (via APP)
 
@@ -166,13 +167,13 @@ openclaw gateway restart
 
 ## Configure
 
-Edit `~/.openclaw/openclaw.json` under `plugins.entries."shroud-privacy".config`:
+Shroud works out of the box with zero configuration. `openclaw plugins install` sets `enabled: true` automatically. To customise, edit `~/.openclaw/openclaw.json` under `plugins.entries."shroud-privacy".config`:
 
 ```jsonc
 "shroud-privacy": {
-  "enabled": true,
+  "enabled": true,                       // set automatically by plugins install
   "config": {
-    "auditEnabled": true           // audit log on — see what Shroud is doing
+    "auditEnabled": true                 // audit log on — see what Shroud is doing
     // "minConfidence": 0.0              // catch everything (default)
     // "secretKey": ""                   // auto-generated if empty
     // "persistentSalt": ""              // set for cross-session consistency
@@ -288,7 +289,7 @@ Shroud includes a `ContextDetector` that wraps the regex engine with post-detect
 
 - **Context-aware boosting**: Text blocks containing config keywords (`interface`, `router ospf`, `hostname`) get +10% confidence for detected entities.
 - **Proximity clustering**: When a name, email, and phone appear within 200 characters, each gets a confidence boost.
-- **Hostname propagation**: `hostname FCNETR1` in one place → bare `FCNETR1` detected everywhere in the text.
+- **Hostname propagation**: `hostname CORE-RTR-01` in one place → bare `CORE-RTR-01` detected everywhere in the text.
 - **Learned entities**: Hostnames and infra identifiers seen in previous messages are remembered and detected in future messages without requiring config-line context.
 - **Documentation filtering**: RFC 3849 IPv6 doc prefix (`2001:db8::/32`), IPv6 loopback (`::1`), `example.com` emails, and well-known placeholders are automatically skipped.
 - **DNS-based URL classification**: External URLs pass through to the LLM; internal URLs are obfuscated. See [URL handling](#url-handling).

package/dist/detectors/regex.js

@@ -559,9 +559,9 @@ export const BUILTIN_PATTERNS = [
         confidence: 0.90,
     },
     {
-        // Short device codes: FCNETR1, WCNETR2, LCNETR3 — uppercase letter(s) + "CNET" or role + digit(s)
+        // Short device codes: LABRTR01, DCRTR02 — uppercase prefix + role abbreviation + digit(s)
         name: "device_name_short",
-        pattern: /\b([A-Z]{1,4}(?:CNET|ONET|MNET|ANET)[A-Z]?\d{1,2})\b/g,
+        pattern: /\b([A-Z]{2,6}(?:RTR|SWT|FWL|APX|DST|AGG|CPE|WLC)[A-Z]?\d{1,2})\b/g,
         category: Category.HOSTNAME,
         confidence: 0.85,
     },

package/openclaw.plugin.json

@@ -1,7 +1,7 @@
 {
   "id": "shroud-privacy",
   "name": "Shroud",
-  "version": "2.2.10",
+  "version": "2.2.12",
   "description": "Privacy obfuscation with deterministic fake values and deobfuscation — PII never reaches the LLM, tool calls still work",
   "configSchema": {
     "type": "object",

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "shroud-privacy",
-  "version": "2.2.10",
+  "version": "2.2.12",
   "description": "Privacy and infrastructure protection for AI agents — detects sensitive data (PII, network topology, credentials, OT/SCADA) and replaces with deterministic fakes before anything reaches the LLM.",
   "type": "module",
   "main": "dist/index.js",

package/dist/compliance.d.ts

@@ -1,44 +0,0 @@
-/**
- * Compliance reporter — generates category coverage and detection gap reports.
- */
-export interface ComplianceConfig {
-    /** Path to write report. Empty = disabled. */
-    reportPath: string;
-    /** Report interval: "hourly" | "daily". */
-    reportInterval: "hourly" | "daily";
-    /** Required categories that MUST have detections. */
-    requiredCategories: string[];
-}
-export interface ComplianceReport {
-    generatedAt: string;
-    periodStart: string;
-    periodEnd: string;
-    /** Categories that had detections. */
-    activeCategoryCoverage: Record<string, number>;
-    /** Required categories with zero detections (gaps). */
-    detectionGaps: string[];
-    /** Total entities detected in period. */
-    totalEntities: number;
-    /** Store utilization. */
-    storeMappings: number;
-    /** Allowlist usage (how many entities were skipped). */
-    allowlistSkips: number;
-    /** Compliance score: % of required categories with detections. */
-    complianceScore: number;
-}
-export declare class ComplianceReporter {
-    private _config;
-    private _periodStart;
-    private _categoryCounts;
-    private _totalEntities;
-    private _allowlistSkips;
-    constructor(config?: Partial<ComplianceConfig>);
-    get enabled(): boolean;
-    /** Record detection event. */
-    recordDetections(categoryCounts: Record<string, number>, allowlistSkips?: number): void;
-    /** Generate and optionally write a compliance report. */
-    generateReport(storeMappings?: number): ComplianceReport;
-    /** Reset for new period. */
-    resetPeriod(): void;
-    getStats(): object;
-}

package/dist/compliance.js

@@ -1,76 +0,0 @@
-/**
- * Compliance reporter — generates category coverage and detection gap reports.
- */
-import { writeFileSync } from "node:fs";
-export class ComplianceReporter {
-    _config;
-    _periodStart;
-    _categoryCounts = {};
-    _totalEntities = 0;
-    _allowlistSkips = 0;
-    constructor(config = {}) {
-        this._config = {
-            reportPath: config.reportPath ?? "",
-            reportInterval: config.reportInterval ?? "daily",
-            requiredCategories: config.requiredCategories ?? [],
-        };
-        this._periodStart = new Date().toISOString();
-    }
-    get enabled() {
-        return !!this._config.reportPath;
-    }
-    /** Record detection event. */
-    recordDetections(categoryCounts, allowlistSkips = 0) {
-        for (const [cat, count] of Object.entries(categoryCounts)) {
-            this._categoryCounts[cat] = (this._categoryCounts[cat] ?? 0) + count;
-        }
-        this._totalEntities += Object.values(categoryCounts).reduce((a, b) => a + b, 0);
-        this._allowlistSkips += allowlistSkips;
-    }
-    /** Generate and optionally write a compliance report. */
-    generateReport(storeMappings = 0) {
-        const now = new Date().toISOString();
-        const gaps = this._config.requiredCategories.filter((cat) => (this._categoryCounts[cat] ?? 0) === 0);
-        const coveredRequired = this._config.requiredCategories.filter((cat) => (this._categoryCounts[cat] ?? 0) > 0);
-        const score = this._config.requiredCategories.length > 0
-            ? Math.round((coveredRequired.length / this._config.requiredCategories.length) *
-                100)
-            : 100;
-        const report = {
-            generatedAt: now,
-            periodStart: this._periodStart,
-            periodEnd: now,
-            activeCategoryCoverage: { ...this._categoryCounts },
-            detectionGaps: gaps,
-            totalEntities: this._totalEntities,
-            storeMappings,
-            allowlistSkips: this._allowlistSkips,
-            complianceScore: score,
-        };
-        if (this._config.reportPath) {
-            try {
-                writeFileSync(this._config.reportPath, JSON.stringify(report, null, 2) + "\n");
-            }
-            catch {
-                // best-effort
-            }
-        }
-        return report;
-    }
-    /** Reset for new period. */
-    resetPeriod() {
-        this._categoryCounts = {};
-        this._totalEntities = 0;
-        this._allowlistSkips = 0;
-        this._periodStart = new Date().toISOString();
-    }
-    getStats() {
-        return {
-            enabled: this.enabled,
-            periodStart: this._periodStart,
-            totalEntities: this._totalEntities,
-            categoryCoverage: Object.keys(this._categoryCounts).length,
-            requiredCategories: this._config.requiredCategories.length,
-        };
-    }
-}

package/dist/exposure.d.ts

@@ -1,29 +0,0 @@
-/**
- * Rate-of-exposure tracker — monitors entity detection velocity.
- * Alerts when entities/minute exceeds threshold, indicating potential
- * bulk data exfiltration or unusual activity.
- */
-export interface ExposureConfig {
-    /** Entities per minute threshold. 0 = disabled. */
-    rateThreshold: number;
-    /** Window size in seconds for rate calculation. Default: 60. */
-    windowSeconds: number;
-    /** Callback when threshold exceeded. */
-    onAlert?: (rate: number, threshold: number, window: number) => void;
-}
-export declare class ExposureTracker {
-    private _config;
-    private _timestamps;
-    private _alertCount;
-    private _lastAlertTime;
-    /** Minimum interval between alerts (ms) to prevent alert storms. */
-    private _alertCooldownMs;
-    constructor(config?: Partial<ExposureConfig>);
-    get enabled(): boolean;
-    /** Record entity detections. */
-    record(entityCount: number): void;
-    /** Current rate (entities/minute). */
-    currentRate(): number;
-    getStats(): object;
-    reset(): void;
-}

package/dist/exposure.js

@@ -1,72 +0,0 @@
-/**
- * Rate-of-exposure tracker — monitors entity detection velocity.
- * Alerts when entities/minute exceeds threshold, indicating potential
- * bulk data exfiltration or unusual activity.
- */
-export class ExposureTracker {
-    _config;
-    _timestamps = [];
-    _alertCount = 0;
-    _lastAlertTime = 0;
-    /** Minimum interval between alerts (ms) to prevent alert storms. */
-    _alertCooldownMs = 60000;
-    constructor(config = {}) {
-        this._config = {
-            rateThreshold: config.rateThreshold ?? 0,
-            windowSeconds: config.windowSeconds ?? 60,
-            onAlert: config.onAlert,
-        };
-    }
-    get enabled() {
-        return this._config.rateThreshold > 0;
-    }
-    /** Record entity detections. */
-    record(entityCount) {
-        if (!this.enabled || entityCount === 0)
-            return;
-        const now = Date.now();
-        for (let i = 0; i < entityCount; i++) {
-            this._timestamps.push(now);
-        }
-        // Trim old timestamps outside the window
-        const cutoff = now - this._config.windowSeconds * 1000;
-        while (this._timestamps.length > 0 && this._timestamps[0] < cutoff) {
-            this._timestamps.shift();
-        }
-        // Check rate
-        const windowMinutes = this._config.windowSeconds / 60;
-        const rate = this._timestamps.length / windowMinutes;
-        if (rate > this._config.rateThreshold) {
-            if (now - this._lastAlertTime > this._alertCooldownMs) {
-                this._alertCount++;
-                this._lastAlertTime = now;
-                this._config.onAlert?.(Math.round(rate), this._config.rateThreshold, this._config.windowSeconds);
-            }
-        }
-    }
-    /** Current rate (entities/minute). */
-    currentRate() {
-        const now = Date.now();
-        const cutoff = now - this._config.windowSeconds * 1000;
-        while (this._timestamps.length > 0 && this._timestamps[0] < cutoff) {
-            this._timestamps.shift();
-        }
-        const windowMinutes = this._config.windowSeconds / 60;
-        return Math.round(this._timestamps.length / windowMinutes);
-    }
-    getStats() {
-        return {
-            enabled: this.enabled,
-            currentRate: this.currentRate(),
-            threshold: this._config.rateThreshold,
-            windowSeconds: this._config.windowSeconds,
-            alertCount: this._alertCount,
-            entitiesInWindow: this._timestamps.length,
-        };
-    }
-    reset() {
-        this._timestamps = [];
-        this._alertCount = 0;
-        this._lastAlertTime = 0;
-    }
-}

package/dist/policy.d.ts

@@ -1,49 +0,0 @@
-/**
- * Policy-as-code enforcement — validate Shroud config against policy constraints.
- * Policy files define required categories, minimum confidence levels, and mandatory denylist entries.
- */
-import { ShroudConfig } from "./types.js";
-export interface PolicyDef {
-    /** Policy version. */
-    version: string;
-    /** Human-readable policy name. */
-    name: string;
-    /** Categories that MUST be enabled (not overridden to disabled). */
-    requiredCategories?: string[];
-    /** Minimum global confidence threshold. */
-    minConfidence?: number;
-    /** Maximum global confidence threshold (prevent over-filtering). */
-    maxConfidence?: number;
-    /** Values that MUST be in the denylist. */
-    mandatoryDenylist?: string[];
-    /** Values that MUST NOT be in the allowlist. */
-    prohibitedAllowlist?: string[];
-    /** Audit must be enabled. */
-    requireAudit?: boolean;
-    /** Canary must be enabled. */
-    requireCanary?: boolean;
-    /** Redaction level must be one of these. */
-    allowedRedactionLevels?: string[];
-    /** Custom rules. */
-    customRules?: Array<{
-        name: string;
-        check: string;
-        message: string;
-    }>;
-}
-export interface PolicyViolation {
-    rule: string;
-    severity: "error" | "warning";
-    message: string;
-}
-/**
- * Load a policy from a JSON file.
- */
-export declare function loadPolicy(filePath: string): PolicyDef | null;
-/**
- * Validate a ShroudConfig against a policy.
- * Returns an array of violations (empty = compliant).
- */
-export declare function validatePolicy(config: ShroudConfig, policy: PolicyDef, detectorOverrides?: Record<string, {
-    enabled?: boolean;
-}>): PolicyViolation[];

package/dist/policy.js

@@ -1,105 +0,0 @@
-/**
- * Policy-as-code enforcement — validate Shroud config against policy constraints.
- * Policy files define required categories, minimum confidence levels, and mandatory denylist entries.
- */
-import { readFileSync, existsSync } from "node:fs";
-/**
- * Load a policy from a JSON file.
- */
-export function loadPolicy(filePath) {
-    if (!filePath || !existsSync(filePath))
-        return null;
-    try {
-        const raw = readFileSync(filePath, "utf-8");
-        return JSON.parse(raw);
-    }
-    catch (e) {
-        return null;
-    }
-}
-/**
- * Validate a ShroudConfig against a policy.
- * Returns an array of violations (empty = compliant).
- */
-export function validatePolicy(config, policy, detectorOverrides) {
-    const violations = [];
-    // Required categories
-    if (policy.requiredCategories) {
-        const overrides = detectorOverrides ?? config.detectorOverrides ?? {};
-        for (const cat of policy.requiredCategories) {
-            // Check if any rule for this category is explicitly disabled
-            const disabledRules = Object.entries(overrides)
-                .filter(([, v]) => v.enabled === false)
-                .map(([k]) => k);
-            // This is a simplified check — in practice you'd need to map rules to categories
-            if (disabledRules.length > 0) {
-                // Log a warning, not an error, since we can't easily map rule→category here
-            }
-        }
-    }
-    // Minimum confidence
-    if (policy.minConfidence !== undefined && config.minConfidence < policy.minConfidence) {
-        violations.push({
-            rule: "minConfidence",
-            severity: "error",
-            message: `Global minConfidence (${config.minConfidence}) is below policy minimum (${policy.minConfidence})`,
-        });
-    }
-    // Maximum confidence
-    if (policy.maxConfidence !== undefined && config.minConfidence > policy.maxConfidence) {
-        violations.push({
-            rule: "maxConfidence",
-            severity: "warning",
-            message: `Global minConfidence (${config.minConfidence}) exceeds policy maximum (${policy.maxConfidence}) — may over-filter`,
-        });
-    }
-    // Mandatory denylist
-    if (policy.mandatoryDenylist) {
-        for (const entry of policy.mandatoryDenylist) {
-            if (!config.denylist.includes(entry)) {
-                violations.push({
-                    rule: "mandatoryDenylist",
-                    severity: "error",
-                    message: `Required denylist entry missing: "${entry}"`,
-                });
-            }
-        }
-    }
-    // Prohibited allowlist
-    if (policy.prohibitedAllowlist) {
-        for (const entry of policy.prohibitedAllowlist) {
-            if (config.allowlist.includes(entry)) {
-                violations.push({
-                    rule: "prohibitedAllowlist",
-                    severity: "error",
-                    message: `Prohibited allowlist entry found: "${entry}"`,
-                });
-            }
-        }
-    }
-    // Audit required
-    if (policy.requireAudit && !config.auditEnabled) {
-        violations.push({
-            rule: "requireAudit",
-            severity: "error",
-            message: "Policy requires audit logging to be enabled",
-        });
-    }
-    // Canary required
-    if (policy.requireCanary && !config.canaryEnabled) {
-        violations.push({
-            rule: "requireCanary",
-            severity: "warning",
-            message: "Policy recommends canary token injection",
-        });
-    }
-    // Allowed redaction levels
-    if (policy.allowedRedactionLevels && !policy.allowedRedactionLevels.includes(config.redactionLevel)) {
-        violations.push({
-            rule: "redactionLevel",
-            severity: "error",
-            message: `Redaction level "${config.redactionLevel}" is not allowed by policy. Allowed: ${policy.allowedRedactionLevels.join(", ")}`,
-        });
-    }
-    return violations;
-}

package/dist/siem.d.ts

@@ -1,35 +0,0 @@
-/**
- * SIEM webhook forwarder — batch and async delivery of audit events.
- * Does not block obfuscation pipeline.
- */
-export interface SiemConfig {
-    /** Webhook URL to send audit events to. Empty = disabled. */
-    webhookUrl: string;
-    /** Custom headers (e.g., Authorization). */
-    headers: Record<string, string>;
-    /** Max events to batch before flushing. Default: 10. */
-    batchSize: number;
-    /** Max time (ms) to hold events before flushing. Default: 5000. */
-    flushIntervalMs: number;
-    /** Format: "json" (array of events) or "ndjson" (newline-delimited). */
-    format: "json" | "ndjson";
-}
-export declare const DEFAULT_SIEM_CONFIG: SiemConfig;
-export declare class SiemForwarder {
-    private _config;
-    private _buffer;
-    private _timer;
-    private _sendCount;
-    private _errorCount;
-    private _lastError;
-    constructor(config?: Partial<SiemConfig>);
-    get enabled(): boolean;
-    /** Queue an audit event for delivery. */
-    push(event: Record<string, unknown>): void;
-    /** Flush buffered events to the webhook. */
-    flush(): void;
-    /** Stop the forwarder and flush remaining events. */
-    stop(): void;
-    getStats(): object;
-    private _sendHttp;
-}

package/dist/siem.js

@@ -1,91 +0,0 @@
-/**
- * SIEM webhook forwarder — batch and async delivery of audit events.
- * Does not block obfuscation pipeline.
- */
-export const DEFAULT_SIEM_CONFIG = {
-    webhookUrl: "",
-    headers: {},
-    batchSize: 10,
-    flushIntervalMs: 5000,
-    format: "json",
-};
-export class SiemForwarder {
-    _config;
-    _buffer = [];
-    _timer = null;
-    _sendCount = 0;
-    _errorCount = 0;
-    _lastError = null;
-    constructor(config = {}) {
-        this._config = { ...DEFAULT_SIEM_CONFIG, ...config };
-        if (this._config.webhookUrl) {
-            this._timer = setInterval(() => this.flush(), this._config.flushIntervalMs);
-            if (this._timer.unref)
-                this._timer.unref();
-        }
-    }
-    get enabled() {
-        return !!this._config.webhookUrl;
-    }
-    /** Queue an audit event for delivery. */
-    push(event) {
-        if (!this.enabled)
-            return;
-        this._buffer.push({
-            ...event,
-            _ts: new Date().toISOString(),
-            _source: "shroud",
-        });
-        if (this._buffer.length >= this._config.batchSize) {
-            this.flush();
-        }
-    }
-    /** Flush buffered events to the webhook. */
-    flush() {
-        if (this._buffer.length === 0 || !this.enabled)
-            return;
-        const events = this._buffer.splice(0);
-        const body = this._config.format === "ndjson"
-            ? events.map((e) => JSON.stringify(e)).join("\n") + "\n"
-            : JSON.stringify(events);
-        this._sendHttp(body).catch((err) => {
-            this._errorCount++;
-            this._lastError = String(err);
-        });
-    }
-    /** Stop the forwarder and flush remaining events. */
-    stop() {
-        if (this._timer) {
-            clearInterval(this._timer);
-            this._timer = null;
-        }
-        this.flush();
-    }
-    getStats() {
-        return {
-            enabled: this.enabled,
-            buffered: this._buffer.length,
-            sent: this._sendCount,
-            errors: this._errorCount,
-            lastError: this._lastError,
-        };
-    }
-    async _sendHttp(body) {
-        const contentType = this._config.format === "ndjson"
-            ? "application/x-ndjson"
-            : "application/json";
-        const resp = await fetch(this._config.webhookUrl, {
-            method: "POST",
-            headers: {
-                "Content-Type": contentType,
-                "User-Agent": "shroud-siem/1.0",
-                ...this._config.headers,
-            },
-            body,
-        });
-        if (!resp.ok) {
-            throw new Error(`SIEM webhook returned ${resp.status}`);
-        }
-        this._sendCount += 1;
-    }
-}

package/dist/store-file.d.ts

@@ -1,26 +0,0 @@
-/**
- * File-backed mapping store — persists to JSON on disk.
- * Wraps MemoryStore with periodic flush and load-on-startup.
- */
-import { Category } from "./types.js";
-import { MappingStore } from "./store.js";
-export declare class FileBackedStore implements MappingStore {
-    private _inner;
-    private _filePath;
-    private _dirty;
-    private _flushTimer;
-    private _flushIntervalMs;
-    constructor(filePath: string, maxSize?: number, flushIntervalMs?: number);
-    put(real: string, fake: string, category: Category): void;
-    getFake(real: string): string | undefined;
-    getReal(fake: string): string | undefined;
-    getCategory(real: string): Category | undefined;
-    allMappings(): Map<string, string>;
-    size(): number;
-    clear(): void;
-    /** Flush dirty mappings to disk. */
-    flush(): void;
-    /** Stop the periodic flush timer. */
-    stop(): void;
-    private _loadFromDisk;
-}

package/dist/store-file.js

@@ -1,79 +0,0 @@
-/**
- * File-backed mapping store — persists to JSON on disk.
- * Wraps MemoryStore with periodic flush and load-on-startup.
- */
-import { writeFileSync, readFileSync, existsSync, mkdirSync } from "node:fs";
-import { dirname } from "node:path";
-import { MemoryStore } from "./store.js";
-export class FileBackedStore {
-    _inner;
-    _filePath;
-    _dirty = false;
-    _flushTimer = null;
-    _flushIntervalMs;
-    constructor(filePath, maxSize = 0, flushIntervalMs = 5000) {
-        this._inner = new MemoryStore(maxSize);
-        this._filePath = filePath;
-        this._flushIntervalMs = flushIntervalMs;
-        // Ensure directory exists
-        const dir = dirname(filePath);
-        if (!existsSync(dir)) {
-            mkdirSync(dir, { recursive: true });
-        }
-        // Load existing data
-        this._loadFromDisk();
-        // Periodic flush
-        this._flushTimer = setInterval(() => this.flush(), this._flushIntervalMs);
-        if (this._flushTimer.unref)
-            this._flushTimer.unref();
-    }
-    put(real, fake, category) {
-        this._inner.put(real, fake, category);
-        this._dirty = true;
-    }
-    getFake(real) { return this._inner.getFake(real); }
-    getReal(fake) { return this._inner.getReal(fake); }
-    getCategory(real) { return this._inner.getCategory(real); }
-    allMappings() { return this._inner.allMappings(); }
-    size() { return this._inner.size(); }
-    clear() {
-        this._inner.clear();
-        this._dirty = true;
-        this.flush();
-    }
-    /** Flush dirty mappings to disk. */
-    flush() {
-        if (!this._dirty)
-            return;
-        try {
-            const data = this._inner.export("", undefined);
-            writeFileSync(this._filePath, JSON.stringify(data, null, 2) + "\n");
-            this._dirty = false;
-        }
-        catch (e) {
-            // best-effort — log but don't crash
-            process.stderr.write(`[shroud-store] Flush failed: ${e.message}\n`);
-        }
-    }
-    /** Stop the periodic flush timer. */
-    stop() {
-        if (this._flushTimer) {
-            clearInterval(this._flushTimer);
-            this._flushTimer = null;
-        }
-        this.flush(); // final flush
-    }
-    _loadFromDisk() {
-        if (!existsSync(this._filePath))
-            return;
-        try {
-            const raw = readFileSync(this._filePath, "utf-8");
-            const data = JSON.parse(raw);
-            this._inner.import(data);
-            process.stderr.write(`[shroud-store] Loaded ${data.mappings.length} mappings from ${this._filePath}\n`);
-        }
-        catch (e) {
-            process.stderr.write(`[shroud-store] Load failed: ${e.message}\n`);
-        }
-    }
-}