Version Packages (rc)#678
Open
github-actions[bot] wants to merge 1 commit into
Open
Conversation
github-actions
Bot
force-pushed
the
changeset-release/main
branch
12 times, most recently
from
July 19, 2026 05:44
f4d1320 to
aa581b9
Compare
github-actions
Bot
force-pushed
the
changeset-release/main
branch
from
July 19, 2026 06:08
aa581b9 to
58e0241
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR was opened by the Changesets release GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated.
mainis currently in pre mode so this branch has prereleases rather than normal releases. If you want to exit prereleases, runchangeset pre exitonmain.Releases
stash@1.0.0-rc.3
Minor Changes
0811330: Add
stash eql migration— generate an EQL v3 install migration for your ORMinstead of running the SQL directly against the database (
stash eql install).Migration-first is the preferred path: the install lands in your migration history
and ships to every environment through the ORM's own migrate step.
The migration carries the CLI's bundled v3 install SQL (one source of truth) plus
the
cs_migrationstracking schema, so a singledrizzle-kit migratecoverseverything
stash encrypt …needs.--supabaseappends theeql_v3+eql_v3_internalrole grants for PostgREST/RLS access.--prismais registered but not available yet — the Prisma Next migrationemitter is a follow-up (tracked in stash eql migration: migration-first, ORM-agnostic EQL v3 install (fixes prisma-next superuser-on-Supabase) #690) that will let
prisma-next drop its baked install baseline. It fails with a pointer for now.
d20e48a:
stash initis honest non-interactively — it no longer reports success for asetup that didn't fully complete.
already-installed
@cipherstash/*package that's older than this CLIexpects (it won't mutate an install without consent), so instead of warning
and proceeding — scaffolding against mismatched packages and then claiming
success — it now refuses with a non-zero exit and the exact align command.
Interactive runs still offer to align. A newer install stays a warn (the
install is likely fine; update the CLI instead).
end — and the integration isn't one that installs it out-of-band — the
summary reads "Setup incomplete" and init exits non-zero, pointing at
stash eql install. Integrations that install EQL via a migration arereported honestly rather than as failures: Prisma Next (installs it via
migration apply) and the Drizzle flow, which generates an EQL migrationand now says "EQL migration generated — apply it with
drizzle-kit migrate"instead of claiming the extension is already installed.
verified" (init resolves a URL but doesn't open a connection) — it now says
"Database URL resolved" — and only shows "Encryption client scaffolded" when
a client was actually written (skipped for Prisma Next).
skills directory when skills were actually copied (a stripped build installs
none), instead of telling the agent to read files that aren't there.
3a86939: EQL v3 support for the encryption rollout lifecycle (Make @cipherstash/migrate (and
stash encrypt *) compatible with EQL v3 #648). Thestash encrypt *commands (and@cipherstash/migrateunderneath) now resolve acolumn's EQL version and its encrypted counterpart from the Postgres domain
types — the EQL v3 types are self-describing, so the
<col>_encryptednaming is a convention only, never enforced or relied upon — and follow the
right lifecycle, no new flags:
encrypt backfillworks on v3 columns unchanged (the engine was alwaysversion-agnostic; pass an
EncryptionV3client and real v3 envelopes landin the concrete
eql_v3_*domain column — verified live against a realdatabase, including the domain CHECK and a decrypt round-trip). The
manifest records the detected version, the encrypted column's name, and the
v3 target phase, and the command prints v3-appropriate next steps.
encrypt cutoveron a backfilled v3 column reports "not applicable"(exit 0) with guidance: v3 has no rename cut-over — the application
switches to the encrypted column by name. Before backfill completes it
exits 1 and says to finish the backfill instead of instructing the switch.
On a database with no
eql_v2_configurationtable (a v3-only install) thev2 path now explains that instead of surfacing a raw Postgres error.
encrypt dropis version-aware: v3 runs from thebackfilledphase,verifies live coverage (refuses to generate the migration while any row
still has the plaintext set and the encrypted column NULL — the
countUnencryptedcheck), and drops the ORIGINAL plaintext column (thereis no
<col>_plaintextunder v3); v2 behaviour is unchanged. The generatedv3 migration re-verifies coverage at apply time — it locks the table,
re-counts, and aborts without dropping if plaintext-only rows appeared
after generation. And because dropping is the one irreversible step, it
requires a positively asserted plaintext↔ciphertext pairing (the
manifest's recorded
encryptedColumnor the naming convention): a matchfound only by being the table's sole EQL column is refused with
instructions, and an ambiguous table (several EQL columns, none
identifiable) fails closed listing the candidates — as does
cutover.encrypt statusclassifies each column from the observed domain type(manifest as fallback), shows
v3in the EQL column, and no longer raisesthe v2-only
not-registered/plaintext-col-missingdrift flags for v3columns.
stash status's quest ladder and thestash initagent handoffprompt teach the version-appropriate next step (no more "run cutover" on
v3 columns).
@cipherstash/migrateexports:classifyEqlDomain,resolveEncryptedColumn,pickEncryptedColumn,listEncryptedColumns(domain-type resolution — case-exact for quoted/mixed-case table names),
countEncrypted/countUnencrypted(coverage counts), and manifesteqlVersion+encryptedColumnfields.EqlVersionis numeric (2 | 3),matching the manifest and the installer. Resolved columns carry
via: 'hint' | 'convention' | 'sole'so callers can tell a positively assertedpairing from a by-elimination guess.
encrypt cutover/encrypt dropprecondition failures now actuallyexit 1 — the early-return guards previously skipped the exit-code path
entirely, so failed preconditions exited 0. (This also applies to v2
preconditions: scripted pipelines that relied on the erroneous exit 0 will
now see the documented exit 1.)
The
stash-cliandstash-encryptionskills and the@cipherstash/migrateREADME document the two lifecycles (v2: backfill → cutover → drop;
v3: backfill → switch-by-name → drop).
b0634df:
stash plan --complete-rolloutis now automatable and has an honest exit code.It skips the production-deploy gate, so it needs explicit consent — previously
that was an interactive prompt with no bypass, so a non-interactive run
auto-cancelled (default-no) and exited 0 without drafting a plan, leaving
automation to assume a plan existed.
--yesflag confirms the gate-skip without a prompt (for CI/agents).--yes, a non-interactive--complete-rolloutrun now refuseswith a non-zero exit and points at
--yes, instead of silently succeeding.f188c7a:
stash envnow works: it mints deployment credentials from your device-codesession and prints them as env vars — no dashboard copy-paste. The command
creates a fresh ZeroKMS client and a member-role CipherStash access key (named
via
--name; the role is pinned in the request and verified on the response —the CLI deliberately cannot mint admin keys), then emits
CS_WORKSPACE_CRN,CS_CLIENT_ID,CS_CLIENT_KEY, andCS_CLIENT_ACCESS_KEY.Output goes to stdout by default — and stdout is pipe-clean (progress UI is on
stderr), so
stash env --name x > prod.envand pipes into secret stores aresafe.
--write [path]writes a file instead (default.env.production.local,enforced mode 0600 even when overwriting), confirming before overwriting and
refusing non-interactively — always before anything is minted, so a refusal
never discards the shown-exactly-once access key.
--jsonemits NDJSON; with--writethe confirmation event is deliberately secret-free. API responsesare schema-validated so a service change can never print
undefinedinto acredentials file. Creating access keys requires the admin role in the
workspace.
This is also the supported credential path for WASM/edge local development
(Supabase Edge Functions, Cloudflare Workers, Deno), where the runtime cannot
read the
~/.cipherstashdevice profile: mint a key and feed it viasupabase functions serve --env-fileor the platform's secret store.The
STASH_EXPERIMENTAL_ENV_CMDgate is removed.8872d1e:
stash init,stash plan, andstash implno longer crash on a Prisma Nextproject.
SKILL_MAPwas missing aprisma-nextentry, so the skills-installand AGENTS.md-builder steps hit
SKILL_MAP[integration]→undefinedand threw"not iterable" for any repo the CLI detected as Prisma Next. The entry is added
and both consumers now resolve skills through a
skillsFor()helper thatdegrades an unmapped integration to the base skill set instead of crashing
(
tsupships without type-checking, so theRecord<Integration>type alonedidn't protect the build).
Ships a new
stash-prisma-nextagent skill documenting the EQL v3 PrismaNext surface — the domain-named encrypted column types (
EncryptedTextSearch,EncryptedDoubleOrd, …),cipherstashFromStackV3wiring, the runtime valueenvelopes, the
eql*query operators, and EQL installation viaprisma-next migration apply. It is installed for Prisma Next projects andinlined into
AGENTS.mdfor editor agents.stash eql installnow refuses to run in a Prisma Next project (pointing youat
prisma-next migration apply, which owns EQL installation) unless you pass--force— closing the manual-invocation hole thatstash init --prisma-nextalready avoided.
Patch Changes
8b2551a: Fix "Failed to load native binding" on project-local installs of the CLI/SDK
(npm).
@cipherstash/authwas pinned at 0.41.0 while the six@cipherstash/auth-*platform bindings declared in stack/stash/wizard'soptionalDependencies were pinned at 0.42.0. Because auth pins its bindings as
exact-version optional peer dependencies, the skew made npm nest per-consumer
binding copies that the hoisted
authpackage could not resolve — any commandor import touching auth then died at startup. All seven packages now move in
lockstep at 0.42.0, Dependabot is barred from bumping any of them
independently, and a supply-chain CI test fails on any future skew.
b8cb599: Fix invalid DDL from
drizzle-kit generate/pushfor EQL v3 encrypted columns.A v3 column declared its SQL type as the schema-qualified domain
(
public.eql_v3_text_search), but drizzle-kit wraps a custom type's whole namein a single pair of double quotes — emitting
"public.eql_v3_text_search", whichPostgres reads as one dotted identifier and rejects with
type "public.eql_v3_text_search" does not exist. Generated migrations had to behand-repaired.
The v3 column now emits the unqualified domain (
eql_v3_text_search), whichdrizzle-kit renders as the valid
"eql_v3_text_search"and which resolves via thesearch path (the domains live in
public). This matches how the v2encryptedTypesurface already declares its type, and how drizzle-kit reads thetype back during a
pushintrospection diff, so the two sides no longer disagree.Builder recovery still yields the canonical
public.eql_v3_*identity, sooperators and schema extraction are unchanged.
The bundled
stash-drizzleskill is updated to describe the unqualified generatedtype and the search-path requirement (hence the
stashbump — the skill ships inits tarball).
175eeb7: The EQL v3 install SQL is now read from the
@cipherstash/eqlpackage atruntime instead of a copy vendored into this repo.
@cipherstash/eqlbecomes aruntime dependency of
stash, and a version bump now flows straight through — nore-vendor step, no drift between the pin and the shipped bundle.
This removes ~44k lines of generated plpgsql from the repository (which had made
GitHub classify the whole repo as plpgsql — CIP-3518) along with the
gen:eql-v3-sqlvendor script and its CI drift-check.No behaviour change: v3 installs the same one-artifact bundle (which self-adapts to
non-superuser environments like Supabase), and the v2 path is unchanged.
4923c0a: Breaking (v3 authoring surface): the EQL v3 PSL column constructors drop
the
Encryptedprefix to line up with the stack / Drizzletypes.*catalog —the
cipherstash.namespace already disambiguates. Socipherstash.EncryptedTextSearch()→cipherstash.TextSearch(),cipherstash.EncryptedDoubleOrd()→cipherstash.DoubleOrd(),cipherstash.EncryptedBoolean()→cipherstash.Boolean(), etc.The v3 one-call setup function is renamed
cipherstashFromStackV3→cipherstashFromStack(v3 is the default), and the existing v2 setup functionbecomes
cipherstashFromStackV2.The camelCase TS-authoring factory exports move in lockstep:
encryptedTextSearch→textSearch,encryptedDoubleOrd→doubleOrd, etc.(a property test enforces the PSL and TS names agree modulo first-letter case).
Unchanged: the runtime value envelopes (
EncryptedString,EncryptedNumber,EncryptedBoolean, …), thecipherstash.*V2legacy column constructors, thegenerated
contract.json/ codec ids, and theeql*query operators.The
stash-prisma-nextskill is updated to the new names (skills ship in thestashtarball).Updated dependencies [3a86939]
@cipherstash/migrate@1.0.0-rc.1
Minor Changes
3a86939: EQL v3 support for the encryption rollout lifecycle (Make @cipherstash/migrate (and
stash encrypt *) compatible with EQL v3 #648). Thestash encrypt *commands (and@cipherstash/migrateunderneath) now resolve acolumn's EQL version and its encrypted counterpart from the Postgres domain
types — the EQL v3 types are self-describing, so the
<col>_encryptednaming is a convention only, never enforced or relied upon — and follow the
right lifecycle, no new flags:
encrypt backfillworks on v3 columns unchanged (the engine was alwaysversion-agnostic; pass an
EncryptionV3client and real v3 envelopes landin the concrete
eql_v3_*domain column — verified live against a realdatabase, including the domain CHECK and a decrypt round-trip). The
manifest records the detected version, the encrypted column's name, and the
v3 target phase, and the command prints v3-appropriate next steps.
encrypt cutoveron a backfilled v3 column reports "not applicable"(exit 0) with guidance: v3 has no rename cut-over — the application
switches to the encrypted column by name. Before backfill completes it
exits 1 and says to finish the backfill instead of instructing the switch.
On a database with no
eql_v2_configurationtable (a v3-only install) thev2 path now explains that instead of surfacing a raw Postgres error.
encrypt dropis version-aware: v3 runs from thebackfilledphase,verifies live coverage (refuses to generate the migration while any row
still has the plaintext set and the encrypted column NULL — the
countUnencryptedcheck), and drops the ORIGINAL plaintext column (thereis no
<col>_plaintextunder v3); v2 behaviour is unchanged. The generatedv3 migration re-verifies coverage at apply time — it locks the table,
re-counts, and aborts without dropping if plaintext-only rows appeared
after generation. And because dropping is the one irreversible step, it
requires a positively asserted plaintext↔ciphertext pairing (the
manifest's recorded
encryptedColumnor the naming convention): a matchfound only by being the table's sole EQL column is refused with
instructions, and an ambiguous table (several EQL columns, none
identifiable) fails closed listing the candidates — as does
cutover.encrypt statusclassifies each column from the observed domain type(manifest as fallback), shows
v3in the EQL column, and no longer raisesthe v2-only
not-registered/plaintext-col-missingdrift flags for v3columns.
stash status's quest ladder and thestash initagent handoffprompt teach the version-appropriate next step (no more "run cutover" on
v3 columns).
@cipherstash/migrateexports:classifyEqlDomain,resolveEncryptedColumn,pickEncryptedColumn,listEncryptedColumns(domain-type resolution — case-exact for quoted/mixed-case table names),
countEncrypted/countUnencrypted(coverage counts), and manifesteqlVersion+encryptedColumnfields.EqlVersionis numeric (2 | 3),matching the manifest and the installer. Resolved columns carry
via: 'hint' | 'convention' | 'sole'so callers can tell a positively assertedpairing from a by-elimination guess.
encrypt cutover/encrypt dropprecondition failures now actuallyexit 1 — the early-return guards previously skipped the exit-code path
entirely, so failed preconditions exited 0. (This also applies to v2
preconditions: scripted pipelines that relied on the erroneous exit 0 will
now see the documented exit 1.)
The
stash-cliandstash-encryptionskills and the@cipherstash/migrateREADME document the two lifecycles (v2: backfill → cutover → drop;
v3: backfill → switch-by-name → drop).
@cipherstash/prisma-next@1.0.0-rc.3
Minor Changes
a75513b: Breaking: EQL v3 columns are now authored through concrete per-domain constructors — the constructor you choose is the capability set. The legacy boolean-option surface (
EncryptedString({ equality, freeTextSearch, orderAndRange })) is not carried into v3.public.eql_v3_*domain:EncryptedText(storage),EncryptedTextEq,EncryptedTextOrd(eq + order/range),EncryptedTextMatch(free-text),EncryptedTextSearch(eq + free-text + order/range).Encrypted<Fam>(storage),Encrypted<Fam>Eq,Encrypted<Fam>Ord.EncryptedBoolean— storage-only (public.eql_v3_boolean); there is no boolean equality constructor.EncryptedJson— searchable encrypted JSONB (public.eql_v3_json,ste_vec), queried witheqlJsonContains(@>containment). Selector querying (comparing the value at a JSONPath) is tracked in prisma-next: EQL v3 JSON selector querying (parity with Drizzle #651 / Supabase #650) #677.EncryptedBigInt/EncryptedBigIntEq/EncryptedBigIntOrd, JSbigintplaintext, backed bypublic.eql_v3_bigint*).*V2constructors (EncryptedStringV2,EncryptedDoubleV2,EncryptedBigIntV2,EncryptedDateV2,EncryptedBooleanV2,EncryptedJsonV2) to keep EQL v2 columns. A client is v2 or v3 — the two runtime descriptors are never co-registered.@cipherstash/prisma-next/v3entry point:cipherstashFromStackV3({ contractJson })builds the v3 runtime descriptor, bulk-encrypt middleware, and a stackEncryptionV3client from the emitted contract.eqlEq,eqlNeq,eqlIn,eqlNotIn,eqlGt,eqlGte,eqlLt,eqlLte,eqlBetween,eqlNotBetween,eqlJsonContains; ordering viaeqlAsc/eqlDesc), lowering to the same-namedeql_v3.*functions with operands cast to the domain's query type ($n::eql_v3.query_<domain>); ordering useseql_v3.ord_term/eql_v3.ord_term_oreby the column's ordering flavour. The domains arepublic.eql_v3_*; the operator functions live in theeql_v3schema. (The v2 surface keeps itscipherstash*names.)eqlMatch— fuzzy bloom token matching (eql_v3.contains), deliberately NOT named after SQLILIKE: matching is case-insensitive, order/multiplicity-insensitive, and one-sided (may false-positive). Two guards run before encryption: SQL wildcards are normalised (leading/trailing%stripped; interior%or any_rejected), and needles the column's match index cannot answer (empty / below the tokenizer length) are rejected via the sharedmatchNeedleErrorguard. There is no negated match operator — negating a may-false-positive bloom test would silently drop matching rows.20260601T0100_install_eql_v3_bundle(invariantcipherstash:install-eql-v3-bundle-v1) installs thepublic.eql_v3_*domains andeql_v3.*functions from the pinned@cipherstash/eqlrelease. Regenerate contracts and run migrations after changing constructors.examples/prisma):contract.d.tstype surface covers every v3 codec id:CodecTypesgains all 40cipherstash/eql-v3/*@1entries (envelope outputs —number-castAs domains decode to the newEncryptedNumber— plus trait-accurate operator visibility), andQueryOperationTypesgains theeql*operator set, surfaced on v3 columns via type-levelcipherstash:v3-*marker traits (the v2cipherstash*methods never appear on v3 columns, and vice-versa). Storage-only domains (includingEncryptedBoolean) surface no operator methods at the type level, matching the runtime gate.cipherstash) with v3's own version, sopostgres<Contract>({ extensions })accepts contracts emitted by the cipherstash extension pack instead of failing withRUNTIME.MISSING_EXTENSION_PACK.expandNativeTypehook that strips thepublic.qualifier —prisma-next migration plannow rendersCREATE TABLEcolumns as bare domain names (eql_v3_bigint_ord), matching what introspection reports, with noadd_search_configops (v3 domains carry their own index metadata). NoonFieldEventis registered for v3.data(it is a contract-shape-neutral self-edge; the aggregate integrity checker rejects self-edges without a data-class op), unblockingprisma-next migration plan/migratein consuming apps.4923c0a: Breaking (v3 authoring surface): the EQL v3 PSL column constructors drop
the
Encryptedprefix to line up with the stack / Drizzletypes.*catalog —the
cipherstash.namespace already disambiguates. Socipherstash.EncryptedTextSearch()→cipherstash.TextSearch(),cipherstash.EncryptedDoubleOrd()→cipherstash.DoubleOrd(),cipherstash.EncryptedBoolean()→cipherstash.Boolean(), etc.The v3 one-call setup function is renamed
cipherstashFromStackV3→cipherstashFromStack(v3 is the default), and the existing v2 setup functionbecomes
cipherstashFromStackV2.The camelCase TS-authoring factory exports move in lockstep:
encryptedTextSearch→textSearch,encryptedDoubleOrd→doubleOrd, etc.(a property test enforces the PSL and TS names agree modulo first-letter case).
Unchanged: the runtime value envelopes (
EncryptedString,EncryptedNumber,EncryptedBoolean, …), thecipherstash.*V2legacy column constructors, thegenerated
contract.json/ codec ids, and theeql*query operators.The
stash-prisma-nextskill is updated to the new names (skills ship in thestashtarball).a2f80ea: Source the EQL v3 install SQL from
@cipherstash/eqlat runtime instead ofbaking it into the baseline migration.
@cipherstash/eqlis now a runtime dependency, pinned exact (3.0.0) to matchthe release
@cipherstash/stackencodes its v3 domain types against — thetwo must move together, so an EQL upgrade is a coordinated version bump, not a
float. The v3 baseline migration no longer embeds the ~1.7 MB install bundle in
its
ops.json: the committed op carries a placeholder, and the extensiondescriptor injects
readInstallSql()from the installed@cipherstash/eqlwhenit is built, and recomputes the content-addressed migration hash from the
injected operations before Prisma Next materialises the package.
The win over baking: bumping the pinned
@cipherstash/eqlno longer requiresre-running the maintainer emit loop to regenerate a 1.7 MB
ops.json— it is aone-line version bump plus a rebuild. This mirrors how the
stashCLI alreadysources the v3 SQL.
No change to user-facing behaviour: EQL still installs as part of
prisma-next migration apply. Safe because the v3 baseline is aninvariant-only self-edge — the install SQL never contributes to the
contract-space hash. Injection matches the placeholder by value and fails loudly
if it is absent, so a drift between the emit source and the injector can never
silently ship an empty install.
Patch Changes
@cipherstash/stack@1.0.0-rc.3
Patch Changes
(npm).
@cipherstash/authwas pinned at 0.41.0 while the six@cipherstash/auth-*platform bindings declared in stack/stash/wizard'soptionalDependencies were pinned at 0.42.0. Because auth pins its bindings as
exact-version optional peer dependencies, the skew made npm nest per-consumer
binding copies that the hoisted
authpackage could not resolve — any commandor import touching auth then died at startup. All seven packages now move in
lockstep at 0.42.0, Dependabot is barred from bumping any of them
independently, and a supply-chain CI test fails on any future skew.
@cipherstash/stack-drizzle@1.0.0-rc.3
Patch Changes
b8cb599: Fix invalid DDL from
drizzle-kit generate/pushfor EQL v3 encrypted columns.A v3 column declared its SQL type as the schema-qualified domain
(
public.eql_v3_text_search), but drizzle-kit wraps a custom type's whole namein a single pair of double quotes — emitting
"public.eql_v3_text_search", whichPostgres reads as one dotted identifier and rejects with
type "public.eql_v3_text_search" does not exist. Generated migrations had to behand-repaired.
The v3 column now emits the unqualified domain (
eql_v3_text_search), whichdrizzle-kit renders as the valid
"eql_v3_text_search"and which resolves via thesearch path (the domains live in
public). This matches how the v2encryptedTypesurface already declares its type, and how drizzle-kit reads thetype back during a
pushintrospection diff, so the two sides no longer disagree.Builder recovery still yields the canonical
public.eql_v3_*identity, sooperators and schema extraction are unchanged.
The bundled
stash-drizzleskill is updated to describe the unqualified generatedtype and the search-path requirement (hence the
stashbump — the skill ships inits tarball).
Updated dependencies [8b2551a]
@cipherstash/stack-supabase@1.0.0-rc.3
Patch Changes
@cipherstash/wizard@1.0.0-rc.3
Patch Changes
(npm).
@cipherstash/authwas pinned at 0.41.0 while the six@cipherstash/auth-*platform bindings declared in stack/stash/wizard'soptionalDependencies were pinned at 0.42.0. Because auth pins its bindings as
exact-version optional peer dependencies, the skew made npm nest per-consumer
binding copies that the hoisted
authpackage could not resolve — any commandor import touching auth then died at startup. All seven packages now move in
lockstep at 0.42.0, Dependabot is barred from bumping any of them
independently, and a supply-chain CI test fails on any future skew.
@cipherstash/prisma-next-example@0.1.0-rc.3
Minor Changes
public.eql_v3_*domain authored with the per-domain constructors (EncryptedTextSearch,EncryptedDoubleOrd,EncryptedBigIntOrd,EncryptedDateOrd,EncryptedBoolean,EncryptedJson), wired throughcipherstashFromStackV3({ contractJson }). The e2e harness runs the full v3 surface against live Postgres + ZeroKMS with no skips: theeql*operator vocabulary (equality/range pluseqlMatchfree-text token search),eqlAsc/eqlDescorder-term sorting, encrypted JSON containment (eqlJsonContains— the v2cipherstashJsonb*helpers do not exist in v3), losslessbigintbeyondNumber.MAX_SAFE_INTEGER, and the storage-onlyeql_v3_booleanrefusal (EncryptionOperatorError) pinned as a feature. Migrations regenerate from the v3 contract: the initial app migration creates theuserstable against the v3 domains with zeroadd_search_configops, and the cipherstash space carries both bundle baselines (v2 + v3).Patch Changes
@cipherstash/e2e@0.0.3-rc.3
Patch Changes
@cipherstash/basic-example@1.2.14-rc.3
Patch Changes
@cipherstash/bench@0.0.5-rc.3
Patch Changes
@cipherstash/test-kit@0.0.1-rc.3
Patch Changes