Skip to content

An ES (JavaScript & TypeScript) module to provide an easier and simplified method for encrypt GitHub secrets.

License

Notifications You must be signed in to change notification settings

hugoalh/github-sodium-es

Repository files navigation

GitHub Sodium (ES)

⚖️ MIT

GitHub: hugoalh/github-sodium-es JSR: @hugoalh/github-sodium NPM: @hugoalh/github-sodium

An ES (JavaScript & TypeScript) module to provide an easier and simplified method for encrypt GitHub secrets, based on the NPM package libsodium.js.

🔰 Begin

🎯 Targets

Remote JSR NPM
Bun >= v1.1.0 ✔️
Cloudflare Workers ✔️
Deno >= v1.42.0 ✔️ ✔️ ✔️
NodeJS >= v16.13.0 ✔️

Note

  • It is possible to use this module in other methods/ways which not listed in here, however those methods/ways are not officially supported, and should beware maybe cause security issues.

#️⃣ Resources Identifier

  • Remote - GitHub Raw:
    https://raw.githubusercontent.com/hugoalh/github-sodium-es/{Tag}/mod.ts
    
  • JSR:
    [jsr:]@hugoalh/github-sodium[@{Tag}]
    
  • NPM:
    [npm:]@hugoalh/github-sodium[@{Tag}]
    

Note

  • For usage of remote resources, it is recommended to import the entire module with the main path mod.ts, however it is also able to import part of the module with sub path if available, but do not import if:

    • it's path has an underscore prefix (e.g.: _foo.ts, _util/bar.ts), or
    • it is a benchmark or test file (e.g.: foo.bench.ts, foo.test.ts), or
    • it's symbol has an underscore prefix (e.g.: _bar, _foo).

    These elements are not considered part of the public API, thus no stability is guaranteed for them.

  • For usage of JSR or NPM resources, it is recommended to import the entire module with the main entrypoint, however it is also able to import part of the module with sub entrypoint if available, please visit the file jsr.jsonc property exports for available sub entrypoints.

  • It is recommended to use this module with tag for immutability.

🛡️ Require Runtime Permissions

This module does not require any runtime permission.

🧩 APIs (Excerpt)

  • class GitHubSodiumSealer {
      constructor(publicKey: string, keyID?: string);
      encrypt(value: string): string;
      encryptToRequestBody(value: string): GitHubRESTSetPublicKeyRequestBody;
      getKeyID(): string | undefined;
      get keyID(): string | undefined;
      static createFromJSON(input: JSONObject): GitHubSodiumSealer;
      static async createFromResponse(input: Response): Promise<GitHubSodiumSealer>;
    }
  • interface GitHubRESTSetPublicKeyRequestBody {
      encrypted_value: string;
      key_id: string;
    }

Note

✍️ Examples

  • new GitHubSodiumSealer("2Sg8iYjAxxmI2LvUXpJjkYrMxURPc8r+dB7TJyvv1234").encrypt("plain-text-secret");

About

An ES (JavaScript & TypeScript) module to provide an easier and simplified method for encrypt GitHub secrets.

Topics

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Packages

No packages published