@cipherstash/cli@0.10.0

Minor Changes

• 79f4a0b: Fix loadStashConfig to correctly unwrap the default export from stash.config.ts. Previously, any database-touching command (db install, db push, db validate, db status, db test-connection, schema build) would fail validation against a perfectly valid config with:

  Error: Invalid stash.config.ts
  
    - databaseUrl: Invalid input: expected nonoptional, received undefined
  

  The issue: in jiti 2.x, the interopDefault: true option passed to createJiti(...) only applies to the deprecated synchronous jiti(id) callable form. The async jiti.import() ignores it and always returns the full module namespace. With export default defineConfig({...}) that meant Zod was validating { default: { databaseUrl, client } } and reporting databaseUrl as undefined even when the user's config plainly set it.

  Switched to jiti's per-call { default: true } option, which does work on jiti.import(). Added an integration test that exercises real jiti against a real temp stash.config.ts so future regressions get caught — the previous mocked test was passing the bug straight through.

  This bug surfaced after db install started loading stash.config.ts (during the onboarding overhaul), but affected every other command that reads the config.

@cipherstash/cli@0.8.0

Minor Changes

• 34432e9: Added --migration and --direct options to Supabase EQL install steps

@cipherstash/stack@0.15.2

Patch Changes

• 510c485: Bundle evlog into the CJS output. evlog is pure ESM (no require condition in its exports map), so CJS consumers of @cipherstash/stack (e.g. webpack bundles) were failing with ERR_PACKAGE_PATH_NOT_EXPORTED when the stack's index.cjs tried to require("evlog"). evlog is now inlined at build time and no longer resolved at runtime.

@cipherstash/cli@0.7.1

Patch Changes

• a0760f6: Detect the package manager from npm_config_user_agent when running stash init. Running bunx @cipherstash/cli init, pnpm dlx @cipherstash/cli init, or yarn dlx @cipherstash/cli init now uses the invoking tool for dependency installation (bun add, pnpm add, yarn add) instead of falling back to npm install. Lockfile detection is still preferred when present, so projects with an existing convention are unaffected. Fixes EUNSUPPORTEDPROTOCOL failures on workspace:* deps in Bun-managed projects.

@cipherstash/stack@0.15.1

Patch Changes

• 8513705: Fix mangled eql_v2_encrypted type in drizzle-kit migrations.

  • @cipherstash/stack/drizzle's encryptedType now returns the bare eql_v2_encrypted identifier from its Drizzle customType.dataType() callback. Returning the schema-qualified "public"."eql_v2_encrypted" (0.15.0) triggered a drizzle-kit quirk that wraps the return value in double-quotes and prepends "{typeSchema}". in ALTER COLUMN output — producing "undefined".""public"."eql_v2_encrypted"", which Postgres cannot parse.
  • stash db install / stash wizard's migration rewriter now matches all four forms drizzle-kit may emit (eql_v2_encrypted, "public"."eql_v2_encrypted", "undefined"."eql_v2_encrypted", "undefined".""public"."eql_v2_encrypted"") and rewrites each into the safe ADD COLUMN … DROP COLUMN … RENAME COLUMN sequence.

  Users on 0.15.0 who hit this in generated migrations should upgrade and re-run npx drizzle-kit generate + stash db install (or re-run the wizard).

@cipherstash/cli@0.7.0

Minor Changes

• 7f5a05a: Fixed issue where the wizard was checking CipherStash auth based on path and now leverages the auth npm package.

@cipherstash/cli@0.6.1

Patch Changes

• 8513705: Fix mangled eql_v2_encrypted type in drizzle-kit migrations.

  • @cipherstash/stack/drizzle's encryptedType now returns the bare eql_v2_encrypted identifier from its Drizzle customType.dataType() callback. Returning the schema-qualified "public"."eql_v2_encrypted" (0.15.0) triggered a drizzle-kit quirk that wraps the return value in double-quotes and prepends "{typeSchema}". in ALTER COLUMN output — producing "undefined".""public"."eql_v2_encrypted"", which Postgres cannot parse.
  • stash db install / stash wizard's migration rewriter now matches all four forms drizzle-kit may emit (eql_v2_encrypted, "public"."eql_v2_encrypted", "undefined"."eql_v2_encrypted", "undefined".""public"."eql_v2_encrypted"") and rewrites each into the safe ADD COLUMN … DROP COLUMN … RENAME COLUMN sequence.

  Users on 0.15.0 who hit this in generated migrations should upgrade and re-run npx drizzle-kit generate + stash db install (or re-run the wizard).

@cipherstash/stack@0.15.0

Minor Changes

• 1929c8f: Mark secrets as a coming soon feature and remove existing SDK integration.

@cipherstash/cli@0.6.0

Minor Changes

• 9944a25: Update cipherstash auth to 0.36.0

@cipherstash/cli@0.5.0

Minor Changes

• 1929c8f: Mark secrets as a coming soon feature and remove existing SDK integration.