{"id":18582114,"url":"https://github.com/lorefnon/typage-config","last_synced_at":"2025-05-16T04:09:57.072Z","repository":{"id":213288362,"uuid":"733555769","full_name":"lorefnon/typage-config","owner":"lorefnon","description":"Utility to manage partially encrypted config files for nodejs","archived":false,"fork":false,"pushed_at":"2024-03-28T17:11:44.000Z","size":29,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-02-12T09:11:21.568Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/lorefnon.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2023-12-19T15:37:27.000Z","updated_at":"2023-12-19T16:06:08.000Z","dependencies_parsed_at":"2024-02-03T04:45:25.638Z","dependency_job_id":null,"html_url":"https://github.com/lorefnon/typage-config","commit_stats":null,"previous_names":["lorefnon/typage-config"],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lorefnon%2Ftypage-config","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lorefnon%2Ftypage-config/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lorefnon%2Ftypage-config/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lorefnon%2Ftypage-config/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/lorefnon","download_url":"https://codeload.github.com/lorefnon/typage-config/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":239321400,"owners_count":19619697,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-07T00:09:16.272Z","updated_at":"2025-02-17T16:20:58.161Z","avatar_url":"https://github.com/lorefnon.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# typage-config\n\nA simple utility to partially encrypt configuration files (json/yaml).\n\nGiven a config file like: \n\n```yaml\n# config.prod.yaml\ndb:\n    host: \"somehost\"\n    username: \"test\"\n    password: \"secret-password\"\nauth:\n    secret: \"some-other-secret\"\n```\n\ntypage-config can convert it to:\n\n```yaml\n# config.prod.yaml\ndb:\n    host: \"{age:61672d656e6372797074696...e710ebb8e51cd1caabfdcb7f2b5545f35eed3}\"\n    username: \"{age:d656e63784302394083221e710ebb8e51cd1caabfdc...b7f2b5545f3e49be65eed3}\"\n    password: \"{age:652d656e6372797074696...021e710ebb8e51cd1abfdcb7f2b5545f49be6ed3}\"\nauth:\n    secret: \"{age:67652d6e6372797074696...0e710ebb8e51ccaafdcb7f2b55f3e49beed3}\"\n```\n\nWhere the structure of original config is retained, but the values are encrytped.\n\nThis makes it easy to inspect if any keys are missing or some nesting is invalid etc. but at the same time hides the values making \nit safe to transmit the config through an untrusted medium or commit the config file within repo.\n\nActual encryption is performed through [FiloSottile/typage](https://github.com/FiloSottile/typage) - \ntypescript implementation of [age file encryption format](age-encryption.org) which uses libsodium.js under the hood.\n\n## API\n\nFirst, generate an identity: \n\n```ts\nimport age from \"age-encryption\"\n\nconst { generateIdentity } = await age()\n\nconst identity: string = generateIdentity()\n//^ Save this in a secure location\n```\n\n### File level operations\n\n```ts\nimport { useIdentity, encryptConfigFile, decryptConfigFile } from \"typage-config\";\n\nuseIdentity(identity);\n\nawait encryptConfigFile({\n    filePath: \"config/config.prod.yaml\",\n    overwrite: true\n});\n\n// File has been updated with encrypted values now\n\n// Inside application: \n\nconst config = await decryptConfigFile({\n    filePath: \"config/config.prod.yaml\",\n});\n\n// We didn't pass overwrite so file on disc was not modified\n\n// When config file needs to be edited again\n\nawait decryptConfigFile({\n    filePath: \"config/config.prod.yaml\",\n    overwrite: true\n});\n\n// File has been updated with decrypted values now\n// cann encryptConfigFile after editing\n```\n\n### Config level operations\n\nLower level API exists to transform a configuration object already loaded in memory\n\n```ts\nconst original = { /* ... some config object ... */ };\n// ^ Must be plain js object - no support for functions, classes etc.\n\nconst encrypted = await encryptConfig(original)\n\n// Later\n\nconst decrypted = await decryptConfig(encrypted);\n// decrypted is equivalent to original\n```\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Florefnon%2Ftypage-config","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Florefnon%2Ftypage-config","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Florefnon%2Ftypage-config/lists"}