Graphorin

Appearance

Graphorin API reference v0.1.0

Graphorin API reference / @graphorin/security / secrets

secrets

Secrets foundations for @graphorin/security. Exposes the runtime-safe SecretValue wrapper, the strict SecretRef URI parser, the pluggable resolver registry, four built-in SecretsStore implementations, the per-tool ACL primitives, and the createSecretsStore({ kind: 'auto' }) factory with downgrade audit.

References

_getSecretsAuditListenerCountForTesting

Re-exports _getSecretsAuditListenerCountForTesting

_resetFileResolverWarningsForTesting

Re-exports _resetFileResolverWarningsForTesting

_resetLiteralResolverForTesting

Re-exports _resetLiteralResolverForTesting

_resetResolversForTesting

Re-exports _resetResolversForTesting

_resetSecretsAuditListenersForTesting

Re-exports _resetSecretsAuditListenersForTesting

_resetSecretsFactoryForTesting

Re-exports _resetSecretsFactoryForTesting

_resetSecretValueAuditListenersForTesting

Re-exports _resetSecretValueAuditListenersForTesting

_resetWithSecretListenersForTesting

Re-exports _resetWithSecretListenersForTesting

_setArgon2idForTesting

Re-exports _setArgon2idForTesting

_setKeyringEntryCtorForTesting

Re-exports _setKeyringEntryCtorForTesting

areBuiltinsInstalled

Re-exports areBuiltinsInstalled

assertNotNakedString

Re-exports assertNotNakedString

AUTHORITY_OPTIONAL_SCHEMES

Re-exports AUTHORITY_OPTIONAL_SCHEMES

BUILTIN_SCHEMES

Re-exports BUILTIN_SCHEMES

composeChain

Re-exports composeChain

computeEffectiveAllowlist

Re-exports computeEffectiveAllowlist

createSecretsStore

Re-exports createSecretsStore

CreateSecretsStoreOptions

Re-exports CreateSecretsStoreOptions

decryptBundle

Re-exports decryptBundle

deriveAesKey

Re-exports deriveAesKey

describeParseErrorKind

Re-exports describeParseErrorKind

detectHeadless

Re-exports detectHeadless

emitSecretsAudit

Re-exports emitSecretsAudit

ENCRYPTED_FILE_MAGIC

Re-exports ENCRYPTED_FILE_MAGIC

encryptedFileResolver

Re-exports encryptedFileResolver

EncryptedFileSecretsStore

Re-exports EncryptedFileSecretsStore

EncryptedFileSecretsStoreOptions

Re-exports EncryptedFileSecretsStoreOptions

enforceSecretAcl

Re-exports enforceSecretAcl

envResolver

Re-exports envResolver

EnvSecretsStore

Re-exports EnvSecretsStore

EnvSecretsStoreOptions

Re-exports EnvSecretsStoreOptions

fileResolver

Re-exports fileResolver

getActiveSecretsStore

Re-exports getActiveSecretsStore

getActiveToolSecretsContext

Re-exports getActiveToolSecretsContext

getQueryParam

Re-exports getQueryParam

getQueryParamAll

Re-exports getQueryParamAll

getQueryParamRequired

Re-exports getQueryParamRequired

getResolver

Re-exports getResolver

getSecretsStoreStatus

Re-exports getSecretsStoreStatus

GraphorinSecretsError

Re-exports GraphorinSecretsError

installBuiltinResolvers

Re-exports installBuiltinResolvers

isLiteralAllowed

Re-exports isLiteralAllowed

KEYRING_DEFAULT_SERVICE

Re-exports KEYRING_DEFAULT_SERVICE

keyringResolver

Re-exports keyringResolver

KeyringSecretsStore

Re-exports KeyringSecretsStore

KeyringSecretsStoreOptions

Re-exports KeyringSecretsStoreOptions

listResolverSchemes

Re-exports listResolverSchemes

literalResolver

Re-exports literalResolver

LiteralSecretsForbiddenError

Re-exports LiteralSecretsForbiddenError

MemorySecretsStore

Re-exports MemorySecretsStore

MemoryStoreInProductionError

Re-exports MemoryStoreInProductionError

MissingPeerDependencyError

Re-exports MissingPeerDependencyError

onSecretsAudit

Re-exports onSecretsAudit

onSecretValueAudit

Re-exports onSecretValueAudit

onWithSecretAudit

Re-exports onWithSecretAudit

OPAQUE_ONLY_SCHEMES

Re-exports OPAQUE_ONLY_SCHEMES

parseAuthority

Re-exports parseAuthority

ParsedSecretRef

Re-exports ParsedSecretRef

parseOrAssert

Re-exports parseOrAssert

parseSecretRef

Re-exports parseSecretRef

parseSecretsSourceEnv

Re-exports parseSecretsSourceEnv

refResolver

Re-exports refResolver

RefStoreLookup

Re-exports RefStoreLookup

registerResolver

Re-exports registerResolver

RegisterResolverOptions

Re-exports RegisterResolverOptions

resolveSecret

Re-exports resolveSecret

SecretAccessDeniedError

Re-exports SecretAccessDeniedError

SecretRefParseError

Re-exports SecretRefParseError

SecretRefParseErrorKind

Re-exports SecretRefParseErrorKind

SecretRefValidationResult

Re-exports SecretRefValidationResult

SecretRequiredError

Re-exports SecretRequiredError

SecretResolutionError

Re-exports SecretResolutionError

SecretsAuditAction

Re-exports SecretsAuditAction

SecretsAuditActor

Re-exports SecretsAuditActor

SecretsAuditDecision

Re-exports SecretsAuditDecision

SecretsAuditEvent

Re-exports SecretsAuditEvent

SecretsStoreKind

Re-exports SecretsStoreKind

SecretsStoreStatus

Re-exports SecretsStoreStatus

SecretValue

Re-exports SecretValue

SecretValueAuditEvent

Re-exports SecretValueAuditEvent

setLiteralAllowed

Re-exports setLiteralAllowed

setRefStoreLookup

Re-exports setRefStoreLookup

setVaultAdapter

Re-exports setVaultAdapter

StrictSecretsUnavailableError

Re-exports StrictSecretsUnavailableError

ToolSecretsContext

Re-exports ToolSecretsContext

UnknownSchemeError

Re-exports UnknownSchemeError

unregisterResolver

Re-exports unregisterResolver

validateSecretRefs

Re-exports validateSecretRefs

ValidateSecretRefsOptions

Re-exports ValidateSecretRefsOptions

VaultAdapter

Re-exports VaultAdapter

vaultResolver

Re-exports vaultResolver

withChildToolSecretsContext

Re-exports withChildToolSecretsContext

withSecret

Re-exports withSecret

WithSecretAuditEvent

Re-exports WithSecretAuditEvent

withToolSecretsContext

Re-exports withToolSecretsContext