UNPKG

peezy-cli

Version:

Production-ready CLI for scaffolding modern applications with curated full-stack templates, intelligent migrations, and enterprise security.

github.com/Sehnya/peezy-cli

Sehnya/peezy-cli

105 lines (104 loc) 2.92 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
/** * Template Security System with Sigstore Integration * * Implements cryptographic signing and verification of templates using Sigstore * for production-grade security with keyless signing and transparency logs. */ /** * Template signature information */ export interface TemplateSignature { /** Signer identity (email or certificate subject) */ signer: string; /** Template content hash (SHA-256) */ digest: string; /** Signature timestamp */ timestamp: string; /** Signature bundle (placeholder for Sigstore bundle) */ bundle: string; /** Whether signature was verified */ verified: boolean; /** Verification timestamp */ verifiedAt?: string; /** Certificate chain information */ certificate?: { subject: string; issuer: string; notBefore: string; notAfter: string; }; } /** * Trust policy configuration */ export interface TrustPolicy { /** Require signatures for all templates */ requireSignatures: boolean; /** Allow unsigned templates (with warning) */ allowUnsigned: boolean; /** Trusted signers (email addresses or certificate subjects) */ trustedSigners: string[]; /** Trusted certificate authorities */ trustedCAs?: string[]; /** Maximum age for signatures (in days) */ maxSignatureAge?: number; } /** * Default trust policy - secure by default */ export declare const DEFAULT_TRUST_POLICY: TrustPolicy; /** * Template signer class */ export declare class TemplateSigner { private trustPolicy; constructor(trustPolicy?: TrustPolicy); /** * Sign a template directory using Sigstore */ signTemplate(templatePath: string, outputPath?: string): Promise<TemplateSignature>; /** * Development fallback signing (for local development) */ private signTemplateDevelopment; /** * Verify a template signature using Sigstore */ verifyTemplate(templatePath: string, signaturePath?: string): Promise<TemplateSignature>; /** * Check if template meets trust policy requirements */ checkTrustPolicy(signature: TemplateSignature): Promise<void>; /** * Calculate hash of template directory */ private calculateTemplateHash; /** * Save signature to file */ private saveSignature; /** * Load signature from file */ private loadSignature; /** * Update trust policy */ updateTrustPolicy(policy: Partial<TrustPolicy>): void; /** * Get current trust policy */ getTrustPolicy(): TrustPolicy; /** * Extract certificate information from Sigstore bundle */ private extractCertificateInfo; /** * Extract subject from certificate (simplified implementation) */ private extractSubjectFromCert; } /** * Global template signer instance */ export declare const templateSigner: TemplateSigner;