/** * @license * Copyright 2025 Vybestack LLC * SPDX-License-Identifier: Apache-2.0 */ export type SecureStoreErrorCode = 'UNAVAILABLE' | 'LOCKED' | 'DENIED' | 'CORRUPT' | 'TIMEOUT' | 'NOT_FOUND'; export declare class SecureStoreError extends Error { readonly code: SecureStoreErrorCode; readonly remediation: string; constructor(message: string, code: SecureStoreErrorCode, remediation: string); } export interface KeyringAdapter { getPassword(service: string, account: string): Promise; setPassword(service: string, account: string, password: string): Promise; deletePassword(service: string, account: string): Promise; findCredentials?(service: string): Promise>; } export interface SecureStoreOptions { fallbackDir?: string; fallbackPolicy?: 'allow' | 'deny'; keyringLoader?: () => Promise; } /** * Creates a default KeyringAdapter by loading @napi-rs/keyring. * Exported so that other modules can reuse this without duplicating * the @napi-rs/keyring import. * * @plan PLAN-20260211-SECURESTORE.P08 */ export declare function createDefaultKeyringAdapter(): Promise; /** * Stores and retrieves secrets via the OS keychain or encrypted file fallback. * * @plan PLAN-20260211-SECURESTORE.P06 * @requirement R1.1, R1.3 */ export declare class SecureStore { private readonly serviceName; private readonly fallbackPolicy; private readonly keyringLoaderFn; private readonly fallbackDir; private readonly logger; private keyringInstance; private keyringLoadAttempted; private probeCache; private readonly PROBE_TTL_MS; private consecutiveKeyringFailures; private readonly KEYRING_FAILURE_THRESHOLD; constructor(serviceName: string, options?: SecureStoreOptions); private getKeyring; private validateKey; private getFallbackFilePath; private recordKeyringSuccess; private recordKeyringFailure; isKeychainAvailable(): Promise; set(key: string, value: string): Promise; get(key: string): Promise; delete(key: string): Promise; list(): Promise; has(key: string): Promise; private writeFallbackFile; private readFallbackFile; }