npm - updating-secrets - Versions diffs - 1.1.0 → 1.2.0 - Mend

updating-secrets 1.1.0 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/adapters/secrets-json-file.adapter.d.ts +6 -4
package/dist/adapters/secrets-json-file.adapter.js +28 -3
package/dist/secret-load.error.js +3 -1
package/dist/updating-secrets.js +10 -3
package/package.json +11 -11

package/dist/adapters/secrets-json-file.adapter.d.ts CHANGED Viewed

@@ -1,5 +1,5 @@
 import { type MaybePromise, type PartialWithUndefined } from '@augment-vir/common';
-import { type SecretDefinitions, type SecretValues } from '../secrets-definition/define-secrets.js';
+import { type ProcessedSecretDefinitions, type SecretDefinitions, type SecretValues } from '../secrets-definition/define-secrets.js';
 import { BaseSecretsAdapter } from './base.adapter.js';
 /**
  * Options for {@link SecretsJsonFileAdapter}.
@@ -28,8 +28,10 @@ export type SecretsJsonFileAdapterOptions<Secrets extends SecretDefinitions = an
         existsSync: (filePath: string) => boolean;
     };
     /**
-     * Optional function that will automatically generate and save new secrets if the JSON file is
-     * missing. This is particularly useful for dev or testing environments.
+     * Optional function that will automatically generate and save secrets if the JSON file is
+     * missing or if any secrets are missing. Only missing secrets will be added from the generated
+     * values; existing secrets are preserved. This is particularly useful for dev or testing
+     * environments where new secrets may be added over time.
      */
     generateValues: (() => MaybePromise<SecretValues<Secrets>>) | undefined;
 };
@@ -51,7 +53,7 @@ export declare class SecretsJsonFileAdapter<const Secrets extends SecretDefiniti
     /** Path to the JSON */
     jsonFilePath: string, options?: PartialWithUndefined<SecretsJsonFileAdapterOptions<Secrets>>);
     /** Loads secrets from the given JSON file path. */
-    loadSecrets(): Promise<any>;
+    loadSecrets(secrets: Readonly<ProcessedSecretDefinitions>): Promise<any>;
     /** Load an individual secret from the JSON file. */
     loadSingleSecret(secretKey: string): Promise<any>;
 }

package/dist/adapters/secrets-json-file.adapter.js CHANGED Viewed

@@ -1,7 +1,9 @@
+import { check } from '@augment-vir/assert';
 import { mergeDefinedProperties, parseWithJson5, } from '@augment-vir/common';
 import { existsSync as existsSyncImport } from 'node:fs';
 import { mkdir as mkDirImport, readFile as readFileImport, writeFile as writeFileImport, } from 'node:fs/promises';
 import { dirname } from 'node:path';
+import { checkValidShape } from 'object-shape-tester';
 import { BaseSecretsAdapter } from './base.adapter.js';
 const defaultSecretsJsonFileAdapterOptions = {
     fsOverride: {
@@ -35,21 +37,44 @@ export class SecretsJsonFileAdapter extends BaseSecretsAdapter {
         this.options = mergeDefinedProperties(defaultSecretsJsonFileAdapterOptions, options);
     }
     /** Loads secrets from the given JSON file path. */
-    async loadSecrets() {
-        if (!this.options.fsOverride.existsSync(this.jsonFilePath)) {
+    async loadSecrets(secrets) {
+        const fileExists = this.options.fsOverride.existsSync(this.jsonFilePath);
+        if (!fileExists) {
             if (this.options.generateValues) {
                 const newSecrets = await this.options.generateValues();
                 await this.options.fsOverride.promises.mkdir(dirname(this.jsonFilePath), {
                     recursive: true,
                 });
                 await this.options.fsOverride.promises.writeFile(this.jsonFilePath, JSON.stringify(newSecrets));
+                return newSecrets;
             }
             else {
                 throw new Error(`Missing secrets JSON file at '${this.jsonFilePath}'`);
             }
         }
         const fileContents = String(await this.options.fsOverride.promises.readFile(this.jsonFilePath));
-        return parseWithJson5(fileContents);
+        const existingSecrets = parseWithJson5(fileContents);
+        if (this.options.generateValues) {
+            const invalidSecretKeys = Object.keys(secrets).filter((key) => {
+                if (!(key in existingSecrets)) {
+                    /** Secret is missing. */
+                    return true;
+                }
+                const secretValue = existingSecrets[key];
+                const shapeDefinition = secrets[key]?.shapeDefinition;
+                return shapeDefinition
+                    ? !checkValidShape(secretValue, shapeDefinition)
+                    : !check.isString(secretValue);
+            });
+            if (invalidSecretKeys.length > 0) {
+                const generatedSecrets = await this.options.generateValues();
+                invalidSecretKeys.forEach((invalidSecretKey) => {
+                    existingSecrets[invalidSecretKey] = generatedSecrets[invalidSecretKey];
+                });
+                await this.options.fsOverride.promises.writeFile(this.jsonFilePath, JSON.stringify(existingSecrets));
+            }
+        }
+        return existingSecrets;
     }
     /** Load an individual secret from the JSON file. */
     async loadSingleSecret(secretKey) {

package/dist/secret-load.error.js CHANGED Viewed

@@ -13,7 +13,9 @@ export class SecretLoadError extends Error {
     allErrors = [];
     constructor(originalError, { adapterName, secretName, }) {
         const message = `Failed to load secret '${secretName}' from adapter '${adapterName}': ${extractErrorMessage(originalError)}`;
-        super(message, { cause: originalError });
+        super(message, {
+            cause: originalError,
+        });
         this.allErrors.push(originalError);
     }
 }

package/dist/updating-secrets.js CHANGED Viewed

@@ -141,14 +141,14 @@ export class UpdatingSecrets {
                 try {
                     const rawSecrets = await adapter.loadSecrets(this.processedSecrets);
                     return mapObjectValues(rawSecrets, async (secretName, loadedSecretValue) => {
+                        const shapeDefinition = this.processedSecrets[secretName]?.shapeDefinition;
                         try {
                             const value = await loadedSecretValue;
                             if (value instanceof Error) {
                                 throw value;
                             }
-                            else if (this.processedSecrets[secretName]?.shapeDefinition) {
-                                assertValidShape(value, this.processedSecrets[secretName]
-                                    .shapeDefinition,
+                            else if (shapeDefinition) {
+                                assertValidShape(value, shapeDefinition,
                                 /** Allow extra keys for forwards compatibility. */
                                 {
                                     allowExtraKeys: true,
@@ -157,6 +157,10 @@ export class UpdatingSecrets {
                             return value;
                         }
                         catch (caught) {
+                            if (shapeDefinition &&
+                                checkValidShape(undefined, shapeDefinition)) {
+                                return undefined;
+                            }
                             const error = new SecretLoadError(ensureError(caught), {
                                 adapterName: adapter.adapterName,
                                 secretName,
@@ -330,6 +334,9 @@ export class UpdatingSecrets {
                 errors.push(ensureErrorAndPrependMessage(error, `Failed to load secret '${secretKey}' from adapter '${adapter.adapterName}'`));
             }
         }
+        if (checkValidShape(undefined, shapeRequirement)) {
+            return undefined;
+        }
         throw combineErrors(errors);
     }
 }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
     "name": "updating-secrets",
-    "version": "1.1.0",
+    "version": "1.2.0",
     "description": "Automatically update secrets on an interval with support for seamless secret rotation.",
     "keywords": [
         "secrets",
@@ -44,19 +44,19 @@
         "test:update": "npm run test update"
     },
     "dependencies": {
-        "@augment-vir/assert": "^31.48.0",
-        "@augment-vir/common": "^31.48.0",
-        "date-vir": "^8.0.0",
-        "object-shape-tester": "^6.9.3",
-        "type-fest": "^5.2.0"
+        "@augment-vir/assert": "^31.68.4",
+        "@augment-vir/common": "^31.68.4",
+        "date-vir": "^8.3.2",
+        "object-shape-tester": "^6.12.1",
+        "type-fest": "^5.6.0"
     },
     "devDependencies": {
-        "@augment-vir/test": "^31.48.0",
-        "@types/node": "^24.10.0",
-        "c8": "^10.1.3",
+        "@augment-vir/test": "^31.68.4",
+        "@types/node": "^25.6.0",
+        "c8": "^11.0.0",
         "istanbul-smart-text-reporter": "^1.1.5",
-        "markdown-code-example-inserter": "^3.0.3",
-        "typedoc": "^0.28.14",
+        "markdown-code-example-inserter": "^3.0.5",
+        "typedoc": "^0.28.19",
         "typescript": "^5.9.3"
     },
     "engines": {