npm - xtra-cli - Versions diffs - 1.0.0 - Mend

xtra-cli 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (44) hide show

package/LICENSE +21 -0
package/README.md +87 -0
package/dist/bin/xtra.js +138 -0
package/dist/commands/access.js +184 -0
package/dist/commands/admin.js +118 -0
package/dist/commands/audit.js +67 -0
package/dist/commands/branch.js +212 -0
package/dist/commands/checkout.js +73 -0
package/dist/commands/ci.js +341 -0
package/dist/commands/completion.js +227 -0
package/dist/commands/diff.js +162 -0
package/dist/commands/doctor.js +164 -0
package/dist/commands/env.js +70 -0
package/dist/commands/export.js +83 -0
package/dist/commands/generate.js +179 -0
package/dist/commands/history.js +77 -0
package/dist/commands/import.js +121 -0
package/dist/commands/init.js +205 -0
package/dist/commands/integration.js +188 -0
package/dist/commands/local.js +198 -0
package/dist/commands/login.js +198 -0
package/dist/commands/login.test.js +51 -0
package/dist/commands/logs.js +121 -0
package/dist/commands/profile.js +184 -0
package/dist/commands/project.js +165 -0
package/dist/commands/rollback.js +95 -0
package/dist/commands/rotate.js +93 -0
package/dist/commands/run.js +215 -0
package/dist/commands/scan.js +127 -0
package/dist/commands/secrets.js +305 -0
package/dist/commands/simulate.js +109 -0
package/dist/commands/status.js +93 -0
package/dist/commands/template.js +276 -0
package/dist/commands/ui.js +289 -0
package/dist/commands/watch.js +123 -0
package/dist/lib/api.js +187 -0
package/dist/lib/api.test.js +89 -0
package/dist/lib/audit.js +136 -0
package/dist/lib/config.js +70 -0
package/dist/lib/config.test.js +47 -0
package/dist/lib/crypto.js +50 -0
package/dist/lib/manifest.js +52 -0
package/dist/lib/profiles.js +103 -0
package/package.json +67 -0

package/dist/commands/ui.js ADDED Viewed

@@ -0,0 +1,289 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.uiCommand = void 0;
+const commander_1 = require("commander");
+const chalk_1 = __importDefault(require("chalk"));
+const readline = __importStar(require("readline"));
+const api_1 = require("../lib/api");
+const config_1 = require("../lib/config");
+const ENVS = ["development", "staging", "production"];
+const ENV_COLORS = {
+    development: chalk_1.default.green,
+    staging: chalk_1.default.yellow,
+    production: chalk_1.default.red,
+};
+const W = process.stdout.columns || 120;
+// ─── Box Drawing Helpers ─────────────────────────────────────────────────────
+const B = {
+    tl: "╭", tr: "╮", bl: "╰", br: "╯",
+    h: "─", v: "│", x: "┼",
+    lt: "├", rt: "┤", tt: "┬", bt: "┴",
+};
+function hline(width, c = B.h) { return c.repeat(width); }
+function box(title, lines, width, active) {
+    const border = active ? chalk_1.default.cyan : chalk_1.default.hex("#2d3a4d");
+    const inner = width - 2;
+    const pad = (s) => s.padEnd(inner).slice(0, inner);
+    const label = active
+        ? chalk_1.default.bold.cyan(` ${title} `)
+        : chalk_1.default.hex("#4a5568")(` ${title} `);
+    const titleLine = border(B.tl) + label + border(hline(inner - title.length - 2)) + border(B.tr);
+    const body = lines.map(l => border(B.v) + l.slice(0, inner).padEnd(inner) + border(B.v));
+    const foot = border(B.bl) + border(hline(inner)) + border(B.br);
+    return [titleLine, ...body, foot];
+}
+function clear() { process.stdout.write("\x1B[H\x1B[2J\x1B[3J"); }
+// ─── Main TUI ────────────────────────────────────────────────────────────────
+async function runUI() {
+    let panel = "projects";
+    let projects = [];
+    let projIdx = 0;
+    let envIdx = 0;
+    let secrets = [];
+    let secIdx = 0;
+    let status = "Loading…";
+    let loading = false;
+    let showValues = false;
+    // ── Loaders ────────────────────────────────────────────────────────────────
+    async function loadProjects() {
+        status = "Loading projects…";
+        draw();
+        try {
+            const raw = await api_1.api.getProjects();
+            projects = Array.isArray(raw) ? raw : raw.projects ?? [];
+            status = projects.length > 0
+                ? `${projects.length} project(s) found  ·  ↑↓ navigate  ·  Enter to load secrets`
+                : "No projects found. Run `xtra login` first.";
+        }
+        catch (e) {
+            status = chalk_1.default.red(`✗ ${e.message}`);
+        }
+        draw();
+    }
+    async function loadSecrets() {
+        if (!projects[projIdx])
+            return;
+        loading = true;
+        status = `Fetching secrets for ${chalk_1.default.cyan(projects[projIdx].name)} / ${ENV_COLORS[ENVS[envIdx]](ENVS[envIdx])}…`;
+        draw();
+        try {
+            const rc = (0, config_1.getRcConfig)();
+            const branch = rc.branch || "main";
+            const raw = await api_1.api.getSecrets(projects[projIdx].id, ENVS[envIdx], branch);
+            if (raw && typeof raw === "object" && !Array.isArray(raw)) {
+                secrets = Object.entries(raw).map(([key, value]) => ({
+                    id: key, key, value: String(value), updatedAt: new Date().toISOString(),
+                }));
+            }
+            else if (Array.isArray(raw)) {
+                secrets = raw;
+            }
+            else {
+                secrets = [];
+            }
+            secIdx = 0;
+            status = secrets.length > 0
+                ? `${secrets.length} secret(s) ·  V toggle values  ·  Tab switch panel  ·  Q quit`
+                : "No secrets in this environment.";
+        }
+        catch (e) {
+            secrets = [];
+            status = chalk_1.default.red(`✗ ${e.message}`);
+        }
+        loading = false;
+        draw();
+    }
+    // ── Render ─────────────────────────────────────────────────────────────────
+    function draw() {
+        clear();
+        // ── Header ──────────────────────────────────────────────────────────────
+        const appTitle = chalk_1.default.bold.cyan("  🔒 XtraSecurity") + chalk_1.default.hex("#4a5a6b")(" — Interactive Secrets Shell");
+        const env = ENV_COLORS[ENVS[envIdx]] ? ENV_COLORS[ENVS[envIdx]](ENVS[envIdx]) : chalk_1.default.white(ENVS[envIdx]);
+        const crumb = projects[projIdx]
+            ? chalk_1.default.hex("#4a5568")(`  ${projects[projIdx].name} `) + chalk_1.default.hex("#4a5568")("/") + chalk_1.default.hex("#4a5568")(` ${ENVS[envIdx]}`)
+            : chalk_1.default.hex("#4a5568")("  No project selected");
+        console.log();
+        console.log(appTitle + chalk_1.default.hex("#2d3a4d")("  │") + crumb);
+        console.log(chalk_1.default.hex("#1e293b")(hline(W)));
+        console.log();
+        // ── Left column: Projects (22 chr) + Env (22 chr) ─────────────────────
+        const LEFT_W = 26;
+        const RIGHT_W = W - LEFT_W - 3;
+        // Projects panel
+        const projLines = (projects.length > 0 ? projects : [{ id: "", name: "(loading…)" }]).map((p, i) => {
+            const active = i === projIdx;
+            const icon = active ? chalk_1.default.cyan("▶ ") : "  ";
+            const name = active && panel === "projects"
+                ? chalk_1.default.bold.bgCyan.black(` ${p.name} `.padEnd(LEFT_W - 4))
+                : active
+                    ? chalk_1.default.bold.cyan(p.name)
+                    : chalk_1.default.hex("#6b7c93")(p.name);
+            return ` ${icon}${name}`;
+        });
+        const projBox = box("PROJECTS", projLines, LEFT_W, panel === "projects");
+        // Env panel
+        const envLines = ENVS.map((e, i) => {
+            const active = i === envIdx;
+            const icon = active ? chalk_1.default.cyan("▶ ") : "  ";
+            const col = ENV_COLORS[e] ?? chalk_1.default.white;
+            const name = active && panel === "env"
+                ? chalk_1.default.bold.bgCyan.black(` ${e} `.padEnd(LEFT_W - 4))
+                : active
+                    ? col.bold(e)
+                    : chalk_1.default.hex("#6b7c93")(e);
+            return ` ${icon}${name}`;
+        });
+        const envBox = box("ENVIRONMENT", envLines, LEFT_W, panel === "env");
+        // Secrets panel
+        const KW = Math.floor((RIGHT_W - 3) * 0.45);
+        const VW = Math.floor((RIGHT_W - 3) * 0.35);
+        const DW = RIGHT_W - KW - VW - 4;
+        const secHeader = chalk_1.default.bold.hex("#64748b")("KEY".padEnd(KW)) + "  " + chalk_1.default.bold.hex("#64748b")("VALUE".padEnd(VW)) + "  " + chalk_1.default.bold.hex("#64748b")("UPDATED".padEnd(DW));
+        const divider = chalk_1.default.hex("#1e293b")(hline(KW) + "  " + hline(VW) + "  " + hline(DW));
+        let secLines;
+        if (loading) {
+            secLines = [` ${chalk_1.default.cyan("⠋")} Loading…`];
+        }
+        else if (secrets.length === 0) {
+            secLines = [` ${chalk_1.default.hex("#4a5568")("No secrets in this environment.")}`];
+        }
+        else {
+            secLines = [" " + secHeader, " " + divider, ...secrets.map((s, i) => {
+                    const sel = i === secIdx && panel === "secrets";
+                    const key = s.key.padEnd(KW).slice(0, KW);
+                    const val = showValues ? s.value.padEnd(VW).slice(0, VW) : "●".repeat(Math.min(8, VW)).padEnd(VW).slice(0, VW);
+                    const dt = new Date(s.updatedAt).toLocaleDateString("en-GB", { day: "2-digit", month: "short" }).padEnd(DW);
+                    if (sel) {
+                        return chalk_1.default.bold.bgHex("#0e243e")(" ▶ " + chalk_1.default.cyan(key) + "  " + chalk_1.default.greenBright(val) + "  " + chalk_1.default.hex("#4a9eff")(dt) + " ");
+                    }
+                    return "   " + chalk_1.default.white(key) + "  " + chalk_1.default.hex("#4a5568")(val) + "  " + chalk_1.default.hex("#374151")(dt);
+                })];
+        }
+        const secBox = box(`SECRETS (${secrets.length})`, secLines, RIGHT_W, panel === "secrets");
+        // ── Print side-by-side ────────────────────────────────────────────────
+        const leftPanel = [...projBox, ...["", ""], ...envBox];
+        const maxRows = Math.max(leftPanel.length, secBox.length);
+        const gap = chalk_1.default.hex("#1e293b")("  │  ");
+        for (let r = 0; r < maxRows; r++) {
+            const l = leftPanel[r] ?? " ".repeat(LEFT_W);
+            const rr = secBox[r] ?? " ".repeat(RIGHT_W);
+            console.log(l + gap + rr);
+        }
+        // ── Footer ───────────────────────────────────────────────────────────
+        console.log();
+        console.log(chalk_1.default.hex("#1e293b")(hline(W)));
+        const keys = [
+            [chalk_1.default.hex("#64748b")("↑↓"), "Navigate"],
+            [chalk_1.default.hex("#64748b")("Enter"), "Select"],
+            [chalk_1.default.hex("#64748b")("Tab"), "Switch Panel"],
+            [chalk_1.default.hex("#64748b")("V"), showValues ? chalk_1.default.green("Hide values") : chalk_1.default.yellow("Show values")],
+            [chalk_1.default.hex("#64748b")("Q"), "Quit"],
+        ].map(([k, a]) => `${k} ${chalk_1.default.hex("#374151")(a)}`).join(chalk_1.default.hex("#1e293b")("  ·  "));
+        console.log("  " + keys);
+        console.log();
+        console.log("  " + (status || ""));
+    }
+    // ── Keyboard ──────────────────────────────────────────────────────────────
+    readline.emitKeypressEvents(process.stdin);
+    if (process.stdin.isTTY)
+        process.stdin.setRawMode(true);
+    process.stdin.on("keypress", async (_str, key) => {
+        if (!key)
+            return;
+        // Quit
+        if (key.name === "q" || (key.ctrl && key.name === "c")) {
+            if (process.stdin.isTTY)
+                process.stdin.setRawMode(false);
+            clear();
+            console.log(chalk_1.default.cyan("  Goodbye! 👋\n"));
+            process.exit(0);
+        }
+        // Toggle secret values with V
+        if (key.name === "v") {
+            showValues = !showValues;
+            draw();
+            return;
+        }
+        // Tab cycle panels
+        if (key.name === "tab") {
+            panel = panel === "projects" ? "env" : panel === "env" ? "secrets" : "projects";
+            draw();
+            return;
+        }
+        if (panel === "projects") {
+            if (key.name === "up")
+                projIdx = Math.max(0, projIdx - 1);
+            if (key.name === "down")
+                projIdx = Math.min(projects.length - 1, projIdx + 1);
+            if (key.name === "return") {
+                panel = "env";
+                draw();
+                return;
+            }
+        }
+        if (panel === "env") {
+            if (key.name === "up")
+                envIdx = Math.max(0, envIdx - 1);
+            if (key.name === "down")
+                envIdx = Math.min(ENVS.length - 1, envIdx + 1);
+            if (key.name === "return") {
+                panel = "secrets";
+                await loadSecrets();
+                return;
+            }
+        }
+        if (panel === "secrets") {
+            if (key.name === "up")
+                secIdx = Math.max(0, secIdx - 1);
+            if (key.name === "down")
+                secIdx = Math.min(secrets.length - 1, secIdx + 1);
+        }
+        draw();
+    });
+    // ── Boot ──────────────────────────────────────────────────────────────────
+    await loadProjects();
+    if (projects.length > 0)
+        await loadSecrets();
+    else
+        draw();
+}
+// ─── Commander ───────────────────────────────────────────────────────────────
+exports.uiCommand = new commander_1.Command("ui")
+    .description("Launch interactive TUI secrets dashboard (arrow keys, Tab, Q to quit)")
+    .action(async () => { await runUI(); });

package/dist/commands/watch.js ADDED Viewed

@@ -0,0 +1,123 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.watchCommand = void 0;
+/**
+ * watch.ts — Live reload secrets in dev mode
+ *
+ * Polls XtraSecurity Cloud for secret changes at a configurable interval.
+ * When a change is detected, restarts the child process with fresh secrets.
+ *
+ * Usage:
+ *   xtra watch -p proj123 -e dev node app.js
+ *   xtra watch -p proj123 -e dev --interval 10 npm run dev --shell
+ */
+const commander_1 = require("commander");
+const api_1 = require("../lib/api");
+const config_1 = require("../lib/config");
+const chalk_1 = __importDefault(require("chalk"));
+const child_process_1 = require("child_process");
+let child = null;
+let lastHash = "";
+function hashSecrets(secrets) {
+    return JSON.stringify(Object.keys(secrets).sort().map(k => `${k}=${secrets[k]}`));
+}
+async function startProcess(command, args, secrets, useShell) {
+    if (child) {
+        process.stdout.write(chalk_1.default.cyan("\n  [watch] ") + chalk_1.default.yellow("Secret change detected — restarting...\n"));
+        child.kill("SIGTERM");
+        // Give it 500ms to terminate gracefully
+        await new Promise(r => setTimeout(r, 500));
+    }
+    const envVars = { ...process.env, ...secrets };
+    process.stdout.write(chalk_1.default.cyan("  [watch] ") + chalk_1.default.green(`Starting: ${command} ${args.join(" ")}\n`));
+    child = (0, child_process_1.spawn)(command, args, {
+        env: envVars,
+        stdio: "inherit",
+        shell: useShell,
+    });
+    child.on("exit", (code) => {
+        if (code !== null && code !== 0) {
+            process.stdout.write(chalk_1.default.cyan("  [watch] ") + chalk_1.default.red(`Process exited with code ${code}\n`));
+        }
+        child = null;
+    });
+    child.on("error", (err) => {
+        process.stdout.write(chalk_1.default.cyan("  [watch] ") + chalk_1.default.red(`Failed to start: ${err.message}\n`));
+        child = null;
+    });
+}
+exports.watchCommand = new commander_1.Command("watch")
+    .description("Live reload — auto-restart process when secrets change in cloud")
+    .option("-p, --project <id>", "Project ID")
+    .option("-e, --env <environment>", "Environment", "development")
+    .option("-b, --branch <branch>", "Branch", "main")
+    .option("--interval <seconds>", "Poll interval in seconds", "5")
+    .option("--shell", "Use shell mode for the child process (for npm run etc.)", false)
+    .argument("<command>", "Command to run")
+    .argument("[args...]", "Command arguments")
+    .addHelpText("after", `
+Examples:
+  $ xtra watch -p proj123 -e dev node app.js
+  $ xtra watch -p proj123 -e dev --interval 10 --shell npm run dev
+  $ xtra watch -p proj123 -e dev -- node -r dotenv/config server.js
+`)
+    .action(async (command, args, options) => {
+    let { project, env, branch, interval, shell: useShell } = options;
+    const envMap = { dev: "development", stg: "staging", prod: "production" };
+    env = envMap[env] || env;
+    if (!project)
+        project = (0, config_1.getRcConfig)().project;
+    if (!project) {
+        console.error(chalk_1.default.red("Error: Project ID required. Use -p <id> or run 'xtra project set'."));
+        process.exit(1);
+    }
+    // Block production watch â€” too dangerous
+    if (env === "production") {
+        console.error(chalk_1.default.red("⚠ xtra watch is not allowed in PRODUCTION for safety reasons."));
+        console.error(chalk_1.default.gray("   Use 'xtra run' for one-shot production injection."));
+        process.exit(1);
+    }
+    const pollMs = Math.max(3, parseInt(interval)) * 1000;
+    const isWindows = process.platform === "win32";
+    const finalShell = useShell || isWindows;
+    console.log(chalk_1.default.bold.cyan("\n● xtra watch") + chalk_1.default.bold(` — watching ${env}/${branch} (every ${interval}s)\n`));
+    console.log(chalk_1.default.gray(`  Press Ctrl+C to stop.\n`));
+    // Graceful shutdown
+    process.on("SIGINT", () => {
+        if (child)
+            child.kill("SIGTERM");
+        console.log(chalk_1.default.cyan("\n  [watch] ") + chalk_1.default.gray("Stopped."));
+        process.exit(0);
+    });
+    // Initial fetch & start
+    try {
+        const secrets = await api_1.api.getSecrets(project, env, branch);
+        lastHash = hashSecrets(secrets);
+        await startProcess(command, args, secrets, finalShell);
+    }
+    catch (e) {
+        console.error(chalk_1.default.red("Failed to fetch secrets: " + (e?.response?.data?.error || e.message)));
+        process.exit(1);
+    }
+    // Poll loop
+    setInterval(async () => {
+        try {
+            const secrets = await api_1.api.getSecrets(project, env, branch);
+            const hash = hashSecrets(secrets);
+            if (hash !== lastHash) {
+                lastHash = hash;
+                await startProcess(command, args, secrets, finalShell);
+            }
+            else {
+                process.stdout.write(chalk_1.default.cyan("  [watch] ") + chalk_1.default.gray(`${new Date().toLocaleTimeString()} — no changes  \r`));
+            }
+        }
+        catch (e) {
+            process.stdout.write(chalk_1.default.cyan("\n  [watch] ") + chalk_1.default.yellow(`Poll failed: ${e.message}\n`));
+            // Don't exit — keep trying
+        }
+    }, pollMs);
+});

package/dist/lib/api.js ADDED Viewed

@@ -0,0 +1,187 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.api = void 0;
+const axios_1 = __importDefault(require("axios"));
+const config_1 = require("./config");
+const getClient = () => {
+    const { apiUrl } = (0, config_1.getConfig)();
+    const token = (0, config_1.getAuthToken)();
+    const client = axios_1.default.create({
+        baseURL: apiUrl,
+        headers: {
+            "Content-Type": "application/json",
+            ...(token ? { Authorization: `Bearer ${token}` } : {}),
+        },
+    });
+    return client;
+};
+exports.api = {
+    login: async (email, password, apiKey) => {
+        const response = await getClient().post("/auth/cli-login", {
+            email,
+            password,
+            apiKey,
+        });
+        return response.data;
+    },
+    // Placeholders for future methods
+    getSecrets: async (projectId, env, branch = "main") => {
+        // Fixed path to match Next.js dynamic route folder structure
+        const response = await getClient().get(`/projects/${projectId}/envs/${env}/secrets?branch=${branch}`);
+        return response.data;
+    },
+    getSecretVersions: async (projectId, env, branch = "main") => {
+        const response = await getClient().get(`/projects/${projectId}/envs/${env}/secrets?includeVersions=true&branch=${branch}`);
+        return response.data;
+    },
+    setSecrets: async (projectId, env, secrets, expectedVersions, branch = "main") => {
+        const response = await getClient().post(`/projects/${projectId}/envs/${env}/secrets`, { secrets, expectedVersions, branch });
+        return response.data;
+    },
+    getSecretDetails: async (projectId, env, key, branch = "main") => {
+        const response = await getClient().get(`/projects/${projectId}/envs/${env}/secrets/${key}?branch=${branch}`);
+        return response.data;
+    },
+    syncLogs: async (logs) => {
+        const response = await getClient().post("/audit/cli-logs", { logs });
+        return response.data;
+    },
+    linkSecret: async (projectId, env, key, sourceProjectId, sourceEnv, sourceKey) => {
+        const response = await getClient().post(`/projects/${projectId}/envs/${env}/secrets/link`, {
+            key,
+            sourceProjectId,
+            sourceEnv,
+            sourceKey
+        });
+        return response.data;
+    },
+    rotateSecret: async (projectId, env, key, strategy, parsedNewValue) => {
+        const response = await getClient().post(`/projects/${projectId}/envs/${env}/secrets/${key}/rotate`, {
+            strategy,
+            parsedNewValue
+        });
+        return response.data;
+    },
+    promoteSecret: async (projectId, env, key) => {
+        const response = await getClient().post(`/projects/${projectId}/envs/${env}/secrets/${key}/promote`, {});
+        return response.data;
+    },
+    verifyAuditLogs: async () => {
+        const response = await getClient().get("/audit/verify");
+        return response.data;
+    },
+    exportAuditLogs: async (format, start, end, projectId) => {
+        const body = { format };
+        if (start)
+            body.startDate = start;
+        if (end)
+            body.endDate = end;
+        if (projectId)
+            body.projectId = projectId;
+        const response = await getClient().post("/audit/export", body, { responseType: format === "csv" ? "text" : "json" });
+        return response.data;
+    },
+    // JIT Access
+    requestAccess: async (projectId, reason, duration, secretId) => {
+        const response = await getClient().post("/access/request", { projectId, secretId, reason, duration });
+        return response.data;
+    },
+    approveAccess: async (requestId, decision) => {
+        const response = await getClient().post("/access/approve", { requestId, decision });
+        return response.data;
+    },
+    listAccessRequests: async (mode) => {
+        const response = await getClient().get(`/access/list?mode=${mode}`);
+        return response.data;
+    },
+    // Project Management
+    getProjects: async () => {
+        const { workspace } = (0, config_1.getConfig)();
+        const url = workspace ? `/project?workspaceId=${workspace}` : "/project";
+        const response = await getClient().get(url);
+        return response.data;
+    },
+    // Branch Management
+    getBranches: async (projectId) => {
+        const response = await getClient().get(`/branch?projectId=${projectId}`);
+        return response.data;
+    },
+    createBranch: async (projectId, name, description) => {
+        const response = await getClient().post("/branch", { projectId, name, description });
+        return response.data;
+    },
+    deleteBranch: async (branchId) => {
+        const response = await getClient().delete(`/branch/${branchId}`);
+        return response.data;
+    },
+    updateBranch: async (branchId, updates) => {
+        const response = await getClient().put("/branch", { id: branchId, ...updates });
+        return response.data;
+    },
+    // Admin - Role Management
+    getRoles: async () => {
+        const response = await getClient().get("/admin/roles");
+        return response.data;
+    },
+    getUsers: async (teamId) => {
+        const params = teamId ? `?teamId=${teamId}` : "";
+        const response = await getClient().get(`/admin/users${params}`);
+        return response.data;
+    },
+    setUserRole: async (email, role, teamId) => {
+        const response = await getClient().put("/admin/users/role", { email, role, teamId });
+        return response.data;
+    },
+    // Integrations
+    getIntegrationStatus: async (provider) => {
+        const response = await getClient().get(`/integrations/${provider}`);
+        return response.data;
+    },
+    getIntegrationRepos: async (provider) => {
+        const response = await getClient().get(`/integrations/${provider}/sync`);
+        return response.data.repos;
+    },
+    syncSecretsToGithub: async (data) => {
+        const response = await getClient().post("/api/integrations/github/sync", data);
+        return response.data;
+    },
+    exportKubernetesSecret: async (projectId, params) => {
+        const query = new URLSearchParams(params).toString();
+        const response = await getClient().get(`/projects/${projectId}/kubernetes?${query}`);
+        return response.data; // This returns the YAML string directly
+    },
+    // Advanced Features
+    getSecretHistory: async (projectId, env, key) => {
+        const response = await getClient().get(`/projects/${projectId}/envs/${env}/secrets/${key}/history`);
+        return response.data;
+    },
+    rollbackSecret: async (projectId, env, key, version) => {
+        const response = await getClient().post(`/projects/${projectId}/envs/${env}/secrets/${key}/history`, { version });
+        return response.data;
+    },
+    cloneEnvironment: async (projectId, fromEnv, toEnv, overwrite, branch) => {
+        const response = await getClient().post(`/projects/${projectId}/envs/clone`, { fromEnv, toEnv, overwrite, branch });
+        return response.data;
+    },
+    // JIT Link Management
+    generateJitLink: async (opts) => {
+        const response = await getClient().post("/jit/generate", opts);
+        return response.data;
+    },
+    claimJitLink: async (token) => {
+        const response = await getClient().post("/jit/claim", { token });
+        return response.data;
+    },
+    getJitInfo: async (token) => {
+        const response = await getClient().get(`/jit/${token}`);
+        return response.data;
+    },
+    // Generic POST method for audit logging and other uses
+    post: async (endpoint, data) => {
+        const response = await getClient().post(endpoint, data);
+        return response.data;
+    }
+};