Important
If you are looking to implement this package into your application please use the official protect package.
This project provides the JS bindings for the CipherStash Client Rust SDK and is bootstrapped by create-neon.
Building requires a supported version of Node and Rust.
To run the build, run:
$ npm run buildThis command uses the @neon-rs/cli utility to assemble the binary Node addon from the output of cargo.
You can use the stash CLI tool to set up your local environment.
You will be prompted to sign in or create an account and follow steps to create a keyset and client key.
brew install cipherstash/tap/stash
stash setupAfter building protect-ffi, you can explore its exports at the Node console.
CS_CLIENT_ID and CS_CLIENT_KEY must be set in your environment for the call to newClient() to succeed.
$ npm i
$ npm run build
$ node
> const addon = require(".");
> const client = await addon.newClient();
> const ciphertext = await addon.encrypt(client, "plaintext", "column_name");
> const plaintext = await addon.decrypt(client, ciphertext);
> console.log({ciphertext, plaintext});In the project directory, you can run:
Builds the Node addon (index.node) from source, generating a release build with cargo --release.
Additional cargo build arguments may be passed to npm run build and similar commands. For example, to enable a cargo feature:
npm run build -- --feature=beetle
Similar to npm run build but generates a debug build with cargo.
Similar to npm run build but uses cross-rs to cross-compile for another platform. Use the CARGO_BUILD_TARGET environment variable to select the build target.
Initiate a full build and publication of a new patch release of this library via GitHub Actions.
Initiate a dry run of a patch release of this library via GitHub Actions. This performs a full build but does not publish the final result.
Runs the unit tests by calling cargo test. You can learn more about adding tests to your Rust code from the Rust book.
The directory structure of this project is:
protect-ffi/
├── Cargo.toml
├── README.md
├── lib/
├── src/
| ├── index.mts
| └── index.cts
├── crates/
| └── protect-ffi/
| └── src/
| └── lib.rs
├── platforms/
├── package.json
└── target/
| Entry | Purpose |
|---|---|
Cargo.toml |
The Cargo manifest file, which informs the cargo command. |
README.md |
This file. |
lib/ |
The directory containing the generated output from tsc. |
src/ |
The directory containing the TypeScript source files. |
index.mts |
Entry point for when this library is loaded via ESM import syntax. |
index.cts |
Entry point for when this library is loaded via CJS require. |
crates/ |
The directory tree containing the Rust source code for the project. |
lib.rs |
Entry point for the Rust source code. |
platforms/ |
The directory containing distributions of the binary addon backend for each platform supported by this library. |
package.json |
The npm manifest file, which informs the npm command. |
target/ |
Binary artifacts generated by the Rust build. |
Releases are handled by GitHub Actions using a workflow_dispatch event trigger.
The release workflow was generated by Neon.
The release workflow is responsible for:
- Building and publishing the main
@cipherstash/protect-ffipackage as well as the native packages for each platform (e.g.@cipherstash/protect-ffi-darwin-arm64). - Creating the GitHub release.
- Creating a Git tag for the version.
To perform a release:
- Navigate to the "Release" workflow page in GitHub.
- Click on "Run workflow".
- Select the branch to release from. Use the default of "main" unless you want to do a pre-release version or dry run from a branch.
- Select whether or not to do a dry run. Dry runs are useful for verifying that the build will succeed for all platforms before doing a full run with a publish.
- Choose a version to publish.
The options are similar to
npm version. Select "custom" in the dropdown and fill in the "Custom version" text box if you want to use a semver string instead of the shorthand (patch, minor, major, etc.). - Click "Run workflow".
Note that we currently don't have any automation around release notes or a changelog. However, you can add release notes after running the workflow by editing the release on GitHub.
Learn more about: